JSECU BLOG
Web Cache Poisoning to Account Takeover β Starting off,this is a vulnerability that I found during a bug bounty engagement.I would split this into two parts, or two separate vulnerabilities. The First part was a web cache poisoning via X Headers.This part
OpenEMR 5.0.1.3 Arbitrary File Actions β Back in 2018, a group of security researchers and I decided to try our hands at OpenEMR and find security vulnerabilities.The full report can be found here.This a very good read and I recommend reading
Pentesting Workshop: Working with OWASP JuiceShop β This is a simple introduction of OWASP Juiceshop that I presented at day 2 of my pentesting workshop. It covers 5 of the OWASP top 10 and gives examples of where you can find them
Genimi CTF WriteUp β Gemini Inc 1 is a intermediate box in my opinion due to the exploitation method being not very well documented, thus requiring a lot of enumeration online. Was a lot of fun to complete and
