Posts

Offsec Web Expert ( OSWE ) Review 2025

-
Image
Hello hackers hope all of you are happy and doing well , Today I'll talk about my Review about OSWE and How I approached to it , This is my Personal and Honest Review for one of a highly demanded and reputational Certificate   What is OSWE ? The Offensive Security web Expert (OSWE) is formerly known as AWAE ( WEB-300 ) it's part of OSCE3 by OFFSEC including (OSEP + OSED + OSWE).  this certificate for Web attacks and advanced exploitation you will learn how to make source code review in White Box , How you will make your custom exploitation to exploit critical vulnerabilities , how to analyze the code and implementing chained attacks using multiple vulnerabilities together. Prerequisites Let's talk if you are a bug bounty hunter or an App Sec Pentetser that you want to sharpen your skills up In my opinion I'd like to recommend taking PortSwigger  Academy Labs first , you could solve it to understand every Vulnerability and How to exploit it as soon as you detect it , an...
Post a Comment
Read more
-
Image
Story of SQL Injections on One program on Bugcrowd: Hello This is Ahmed Ismail , Today I'm gonna share my first blog as it should be published about 10 month ago , but sorry I'm lazy :D . so I'm gonna share the story about SQL Injection on a private program on Bugcrowd so it will be fun as it was different dbms I have deal with as Informix and IBM DB2 so let's get started. Blind SQL Injection : Is a type of SQL Injection attack that asks the database true or false questions and determines the answer based on the applications response. >This attack is often used when the web application is configured to show generic error messages, but has not mitigated the code that is vulnerable to SQL injection. so let's begin with the Informix DB after enumerating subdomains of the Target , let's name it "REDACTED" , I reach an endpoint after gathering subdomains and spidering it and I got an endpoint that it may be a potential SQL Injection on it , and throw ran...
2 comments
Read more