Write Ups

In this article, we’ll explore the pervasive presence and potential risks associated with QR codes in daily life. We’ll discuss the ease with which malicious QR codes can be created, either manually or through specialized tools, allowing attackers to embed harmful payloads. A tutorial its included, emphasizing its role in creating various types of malicious QR codes for security testing purposes.

In this article, we’ll demonstrate red team tactics for uncovering hidden secrets on websites. Despite security layers that companies deploy, such as Cloudflare WAF and next-generation firewalls, attackers can exploit sensitive information embedded in code, such as API keys and tokens.

Enumeration is key when it comes to hacking; enumerating subdomains leads to discovering many untouched surfaces with vulnerabilities. By understanding how to uncover more hidden subdomains a target has, you can significantly increase coverage, especially when performing Bug Bounty Hunting or Pentesting.