Greetings, everyone! i’m back with a new article after a long absence. In this writeup, i will attempt to explain everything i know about open redirect. I recently discovered an open redirect on a private program and successfully exploited it to gain access to the account of the victim. …

Hello there! I hope everything is going well with you; today I’m back with the story of my first critical discovery on Hackerone, which is also my 1st $$$$ bounty. Initial Recon: As usual, I began with subdomain discovery and began probing it. I was more interested in this target because…

Greetings, Community! In this article, I’ll describe how I discovered Unauthenticated Stored XSS on one of WordPress’s plugins, which affected over 6K sites that used the vulnerable plugin, and how I managed to exploit it. How did it start? So, for a few days, I was trying different WordPress plugins. My research led me…

Hey there! Hope you doing good. In this article i will try to explain why you should start using password managers. This isn’t a sponsored post anyways, so i will be explaining more about why using same password everywhere is worst rather marketing about password managers. Because the human mind…

Good day, everyone! Greetings, As this is my first post on Pentester Nepal, I’d want to thank you for taking the time to read it. Allow me to begin by providing a brief introduction of myself. I’m Veshraj Ghimire, an infoSec enthusiast who is passionate about offensive security (mostly web…

Hello, amazing people! I hope you are doing well. I am back with my new write-up. In this write-up, I will explain a logical flaw that I found on one target resulting in the hijacking of the path. So let me explain it in short. While testing on redracted.com…

Hey folks, I am back with my new write-up. In this write-up, I am gonna share my experience on new pathways created by TryHackMe.It is a free room and everyone can join it. So let me quickly explain in brief. What is TryHackMe? TryHackMe is an awesome platform where it…

Hello there, I am Veshraj Ghimire all the way from Nepal. This is my second write up and in this write up, I am going to tell you one of my totally unexpected bounty story which was possible by recon only. So, without wasting your time, Let me quickly tell…

Hello there, I am Veshraj Ghimire all the way from Nepal. This is my first bounty write up. In this writeup, I will explain about my 1st critical finding on a site listed at Bugv. So, Let Me Explain my short story about it. Severity: Critical The…