Improper authentication (No Rate Limit on Forget Password)

SPAM…SPAM…SPAM...SPAM…SPAM…

So, in this blog I’m going to show you the demonstration of No Rate Limit Attack. I was testing on a private website unfortunately, I can’t reveal the name but you will learn or easily understand about this attack.

Rate limiting is…


Today XSS is often cited as the number-one security threat on the web

This is my first blog so, in this blog I’m gonna show you the Proper demonstration of Cross-Site Scripting attack in User-Agent header. I’m using a private website which i can’t reveal but you will learn or easily understand by this attack.

What is User-Agent ?

When your browser connects…

Syed Munib Ahmed

I’m a website penetration tester and also work with hackerOne and bugcrowd, Website Security is my life ^_^

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store