Skip to content

Security Cipher

Menu
  • Home
  • Blog
  • About Us
  • Resources
    • Penetration Testing Roadmap
    • Web Application Security Checklist
    • OWASP Top 10 for LLM Applications
    • LLM AI Security Checklist
    • Security Tools
    • Penetration Testing Tricks
    • Secure Code Explain
    • Vulnerability Explain
    • AWS Cloud Security Checklist
  • My Resume
Contact Us

  • Security Resources

    • Secure Code Explain
      • SQL Injection
      • Reflected Cross-Site-Scripting (XSS)
      • Stored Cross-Site-Scripting (XSS)
      • DOM Cross-Site-Scripting (XSS)
      • XXE Injection
      • Clickjacking
      • Remote File Inclusion (RFI)
      • Remote Code Execution (RCE)
      • Insecure direct object references (IDOR)
      • Local File Inclusion
      • Secure Cookie not set
      • HttpOnly Flag not set
      • Log Injection
      • Cross-Site Request Forgery (CSRF)
      • Hardcoded Credentials
      • HSTS not Implemented
      • Missing Content-Security-Policy Header
      • Session Fixation
      • Weak Password Policy
      • Open Redirection
      • Insufficient Account Lockout Policy
      • Server-Side Request Forgery (SSRF)
      • Cross-origin resource sharing (CORS) Misconfiguration
      • Application-level Denial of Service (DoS)
      • Java Deserialization
      • Unrestricted File Upload
      • Host Header Injection
      • Server-side template injection (SSTI)
      • Insecure Password Storage
      • Insecure Password Reset - Token Exposed in Response
    • Security Resources
      • HTTP Security Headers
      • Input Sanitization Techniques for Secure Coding
      • Wordlists
      • Out-of-Band Exfiltration Tools
      • Browser Extensions
      • Search Engines for Hackers
    • Vulnerability Explain
      • Cross-Site-Scripting (XSS)
      • SQL Injection
      • Server-Side Request Forgery (SSRF)
      • Insecure Direct Object References (IDOR)
      • XML External Entity (XXE) Injection
      • Remote Code Execution (RCE) and Command Injection
      • Local File Inclusion (LFI) and Path Traversal
      • Insecure Deserialization
      • Open Redirection
      • Authentication and JWT Bypass
      • Server-Side Template Injection (SSTI)
      • Remote File Inclusion (RFI)
      • NoSQL Injection
      • LDAP and XPath Injection
      • CRLF Injection and HTTP Response Splitting
      • Host Header Injection
      • HTTP Request Smuggling
      • Broken Access Control
      • Session Fixation
      • Clickjacking
      • CORS Misconfiguration
      • Unrestricted File Upload
      • Security Misconfiguration
      • Sensitive Data Exposure and Insecure Cryptographic Storage
      • Business Logic and Race Condition Vulnerabilities
      • GraphQL Security
      • API Security and Mass Assignment
      • Subdomain Takeover
      • Prototype Pollution
      • Web Cache Poisoning
      • Vulnerable and Outdated Components
      • Application-level Denial of Service (DoS)
    • Penetration Testing Tricks
      • Captcha Bypass
      • Graphql [Inprogress]
      • 2FA Bypass
      • Subdomain Enumeration Tools
      • One-Liners for Bug Bounty
    • Security Roadmap
      • Cloud Security Roadmap
      • Bug Bounty Roadmap
    • FREE - Security Courses/Resources
      • Real Ethical Hacking in 43 Hours Certificated CSEH+CEH 2024
      • CCSP
      • FREE Bug Bounty Advanced Hunting Course
    View Details
Donate

Donate

Buy me a Coffee
Donate

Penetration Testing Services - Fiverr

Buy me a Coffee
Image Link

Penetration Testing Services

penetration Testing Services
Image Link

Web Application Security Quiz

Web Application Security Quiz
Image Link

Daily Bug Bounty Writeups - Twitter

Daily Bug Bounty Writeups
Image Link

Download our Latest Android Application

Guide for Penetration Testing
Image Link

Daily Bug Bounty Writeups - Telegram

Daily Bug Bounty Writeups

Author

Piyush
Senior Product Security Engineer

Ethical Hacker || Penetration Tester || Gamer || Blogger || Application Security Engineer

READ ARTICLE
Tweets by bountywriteups
Donate

Donate

Buy me a Coffee

Recent Posts

  • Agentjacking: How Attackers Hijack AI Coding Agents Like Cursor and Claude
    Agentjacking: How Attackers Hijack AI Coding Agents Like Cursor and Claude
    June 30, 2026/
    0 Comments
  • AutoJack: How One Web Page Can Hijack Your AI Agent and Own Your Machine
    AutoJack: How One Web Page Can Hijack Your AI Agent and Own Your Machine
    June 21, 2026/
    0 Comments
  • 🛠️ Reconnaissance and Vulnerability Scanning Script🛡️
    🛠️ Reconnaissance and Vulnerability Scanning Script🛡️
    August 14, 2024/
    1 Comment

Follow Us

  • Opens in a new tab
  • Opens in a new tab
  • Opens in a new tab
  • Opens in a new tab
  • Opens in a new tab
  • Opens in a new tab
  • Opens in a new tab
logo name

Learn penetration Testing …

Instagram Twitter Youtube Telegram Linkedin

Useful Links

Blogs
About
Contact

Recent Post

  • Agentjacking: How Attackers Hijack AI Coding Agents Like Cursor and Claude
  • AutoJack: How One Web Page Can Hijack Your AI Agent and Own Your Machine
  • 🛠️ Reconnaissance and Vulnerability Scanning Script🛡️

Subscribe Now

Don’t miss our future updates! Get Subscribed Today!

Subscription Form

By entering your email, you agree to our terms & Conditions and Privacy policy.

©2023. Security Cipher. All Rights Reserved.

Privacy Policies
Terms & Conditions