Tab view panel using IMessageEditorTab to dump all the links from the responses: Workflow: Dump links from respones,If url is hex/url encoded then decode it,Sort all the results to put the most likeable links at the top & rest junk(html/javascript junk) in the last. Why to include junk? why not just links: Finding all possible type links is really difficult task,There are many cases where the endpoints are stored in differential structures where they are hard to extract using regex.

SSRF(Server-side-request-forgery) have been quite a popular attack surface for the uploading functionality where application fetches the assets from external resources in form of images,documents etc SVG is an XML based vector image used to display a variety of graphics on the Web and other environments, due it ’s XML structure…

Broken Link Hijacking (BLH) is lesser known attack.there is an brief introduction & exploitation about it by EdOverFlow. https://edoverflow.com/2017/broken-link-hijacking/ by Ed There is an already fully customize package for discovering BLH endpoints, https://www.npmjs.com/package/broken-link-checker but setting it up is really painful,Authentication based link validating was also an problem with it.

A Year Ago,While learning python,I had created a telegram bot to automate the cryptoworkflow of daily life for learning purpose which includes following features. Buy/Sell pairs on binance : set a Buy price & Sell price along with PAIR,Automatically BUY’S it if the pair hit’s the buying price and SELL’s if the pair hit’s the selling price. Information of pair on Binance : (OPEN PRICE,CLOSE PRICE,LOW,HIGH,VOL,STATUS,ACTIVE BUY,ACTIVE SELL)

Project at Hackster.io : https://www.hackster.io/arbazhussain/distance-calculation-with-ultrasonic-sensor-26d63e Ultrasonic distance sensors are designed to measure the distance between the source and target using ultrasonic waves. Things used in this project

One of the major role of penetration testing is recon-asset.The more you gather information,the more you win. It is possible for a organization to have one or many domains/sub-domains hosted under a certain iprange. To find out them It purely depends on hosting way they are using. Many organization use…

In this blog post i would like to share some Content Negotiation behavior while Performing CSRF Request . While Performing Penetration Testing on Application API , I Came across Content Negotiation behavior . Let’s discuss this with live example which i encountered . Following is the Request which Server made…

I Would like to share one simple trick to make clickjacking attack’s more impactful in simple Word’s. Before getting into topic , let’s understand what click-jacking Means in 101 : Clickjacking is a malicious technique of tricking a Web user into clicking on something different from what the user perceives…

This blog post will help Getting start to Machine Learning Journey to Deep Learning . I have tried to keep it short and clean . Machine learning is a method of data analysis that automates analytical model building. Using algorithms that iteratively learn from data, machine learning allows computers to…