Hello All, I’m Youssef A. Mohamed aka GeneralEG Information Security Analyst @Zinad & Penetration Tester @Buguard Labs Bounty Hunter @HackerOne… Read More
Writeups
Authenticated Reflected XSS at Woody Ad Snippets WordPress
Business Details: Vendor: Webcraftic Plugin: Woody Ad Snippets CMS: WordPress Active Installations: +90k Downloads: +677k Technical Details: Bug Type:… Read More
How to Get Started Into Web Security & Bug Hunting
بسم الله الرحمن الرحيم انهاردة هحاول اجاوب بالتفصيل عن اسئلة شائعة جدا: ( ازاي ابدء فال Web Security… Read More
Escalating SSRF to RCE
Hello Pentesters, I’m Youssef A. Mohamed aka GeneralEG Cyber Security Engineer @Squnity and SRT Member @Synack Today I’m going to… Read More
Hack Your Form – New vector for Blind XSS
Hello Pentesters, I’m Youssef A. Mohamed aka GeneralEG Today I’m gonna share a juicy finding with you. Talking about bypassing… Read More
UAE National Cyber Security CTF 2018 – Writeup
Hello CTFs Players, I’m GeneralEG from N3WB135_T34M Today i will explain how to solve the web challenges of CyberTalents UAE… Read More
From InfoDisc to RCE to SOP Bypass
Hello Penetration Testers, Today, I will write about my findings in 2 PBBP… From Information Disclosure to Remote Code Execution… Read More
ASC 2018 CYBER WARGAMES “QUALIFICATION PHASE” – Writeup
Hello Penetration Testers, {This is our Writeup for ASC 2018 CYBER WARGAMES “QUALIFICATION PHASE” } Task one: find out what… Read More