Improper Access Control means web application or software functions does not restrict or incorrectly restricts access and usage to any hidden resource or private functionality from an unauthorized actor. …

Broken Link Hijacking (BLH) or Link Takeover, whatever you called it, the concept is very simple. If you get any broken links of any website and it’s easy to be taken by someone , then it’s a broken link hijacking or takeover bug. It’s a similar kind of bug like…

Information Disclosure is a kind of bug that is not so hard to find but could make huge impact on target. Some time you can get very sensitive information with less effort. That’s how i got my first report resolved on hackerone. Now let’s discuss how i get my first…

CrazyHD is one of the famous torrent websites in Bangladesh and India. People get pirated movies, paid courses, software, and more in this torrent. Story Behind Pentesting CrazyHD One day I logged into my account on that CrazyHD torrent and I don’t know why I search my name “Mehedi Shakeel” in the search box…

Last night before going to sleep i make a quick search on google a dork to find vulnerable websites and found some interesting result and from one of those website i found the SQL injection vulnerability & successfully able to exploit and retrieve sensitive information from the MySQL db. Here…

Hey there, everyone! 👋 I’m Mehedi Shakeel, an IT security professional hailing from Bangladesh. With a solid background in ethical hacking, cyber security, and web penetration testing, I’m all about safeguarding the digital realm. 💻🛡️ As a verified YouTuber and instructor, I’m passionate about sharing my knowledge through engaging videos…