Understanding DLL Hijacking DLL Hijacking is a method where we can inject a malicious script(DLL files) into a application. There…
How I Found RCE (Remote Code Execution) via File Upload
Introduction In this post, I’m going to explain how I found a Remote Code Execution (RCE) vulnerability by simply uploading a profile.…
Introducing Spyder: A Comprehensive Domain Scanning Tool
Introducing Spyder: A Comprehensive Domain Scanning Tool Greetings, fellow security enthusiasts! Today, I’m thrilled to share a new tool that…
CORS & XSS Vulnerability Scanner: Your First Line of Defense Against Web Security Threats
Welcome to 0xmad.me, where we continuously strive to bring you the latest and most effective tools for web security. Today,…
PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021-4034)
PWNKIT The Qualys Research Team has discovered a memory corruption vulnerability in polkit’s pkexec, a SUID-root program that is installed…
Katana: An Overview of the Powerful Web Application Security Scanner [Cheat Sheet]
Features of Katana Katana offers a range of features that make it an effective web application security scanner. Some of its…
Understanding Linux Privilege Escalation: Gaining Root Access
What is Privilege Escalation? Privilege escalation refers to the process of acquiring higher-level permissions or privileges than originally intended or…
Understanding Subdomain Takeover: Risks and Mitigation
What is Subdomain Takeover? Subdomain takeover is a security threat that arises when an organization neglects to maintain or properly…
Subdomain Enumeration 2024 —
Here are some widely used methods and tools for subdomain enumeration 1. Brute Force Techniques: 2. Search Engines and Services:…
Exploring Curl, Wget, and HTTPX Commands for Efficient Web Interactions
In the realm of command-line utilities for web interactions, tools like curl, wget, and httpx play pivotal roles, enabling users…