SecurityGOAT – Medium

SecurityGOAT

Pinned

Common GraphQL Misconceptions: A rant

Let’s talk about GraphQL, and how evil or good it is — a hot take from a developer cum pentester ;) This post will enlighten your world!

Aug 9, 2021

Common GraphQL Misconceptions: A rant

Aug 9, 2021

Pinned

Peeking into the Future

Today I have been thinking more on how to proceed further with something interesting to share with my audience on a daily basis. Let’s see!

Aug 7, 2021

Peeking into the Future

Aug 7, 2021

Pinned

Injection attacks in Google Sheets!

Let’s learn how to use benign looking CSVs and Spreadsheets to exfiltrate data, without even letting the user know about it ;)

Jul 16, 2021

Injection attacks in Google Sheets!

Jul 16, 2021

Demystifying an XSS payload: Part 4

Let’s demystify an interesting XSS payload and learn about it! This post would aim to help you give my methodology on debugging things.

Aug 16, 2021

Demystifying an XSS payload: Part 4

Aug 16, 2021

Experience Diary: Doing infosec research the right way

Let me share my experience on how I do research on a topic. I would be happy to know your methodology as well :)

Aug 15, 2021

Experience Diary: Doing infosec research the right way

Aug 15, 2021

Intigriti’s Flask Challenge Breakdown

Let’s see what the dev’s have cooked up at Intigriti today! A damn vulnerable & broken Flask application. Let’s hack it for Fun & Learning!

Aug 13, 2021

Intigriti’s Flask Challenge Breakdown

Aug 13, 2021

Neat XSS trick from a G.O.A.T — Gareth Heyes special

Let’s discuss about this interesting XSS challenge, that was shared yesterday by Gareth Heyes! Read on to learn a neat Javascript trick :)

Aug 12, 2021

Neat XSS trick from a G.O.A.T — Gareth Heyes special

Aug 12, 2021

RCE via failed regex check — One dot to rule ’em all!

Let’s learn about how a failed regex check led to RCE in PiHole Admin panel. There’s ofcourse more so check the full post to learn more...

Aug 11, 2021

RCE via failed regex check — One dot to rule ’em all!

Aug 11, 2021

Smuggling Script via URL: Short HTML-based XSS payload

Let’s learn a neat trick on having the XSS payload in the URL for achieving shorter XSS payloads — straight from the greats!

Aug 10, 2021

Smuggling Script via URL: Short HTML-based XSS payload

Aug 10, 2021

Intigriti’s PHP challenge breakdown

Let’s discuss issues with the PHP code shared by Initgriti! We will discuss on how you can shoot yourself in the foot with PHP’s…

Aug 8, 2021

Intigriti’s PHP challenge breakdown

Aug 8, 2021

SecurityGOAT

SecurityGOAT

Wannabe Hacker! Teaching Infosec in my own insightful ways :) Twitter: twitter.com/_SecurityGOAT | Support: buymeacoffee.com/SecurityGOAT

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams