Open in app
Home
Notifications
Lists
Stories

Write
Tanmay Bhattacharjee
Tanmay Bhattacharjee

Home

Dec 5, 2021

OWASP Top 10:2021 (JAVA)

SQL INJECTION: Description: A SQL Injection is not a new or overly complicated type of attack, yet it continues to sit atop the OWASP Top Ten Application Security Risks after more than 20 years of it having been publicly utilized. This is primarily due to its inherent relative ease of…

Web Security

5 min read

OWASP Top 10:2021 (JAVA)
OWASP Top 10:2021 (JAVA)

Nov 12, 2021

HTTP Headers

Today I am discussing on different types of HTTP headers and their categories. Without wasting of time, come to the topic. HTTP headers provide an additional way to pass information between the client and the server. There are headers specific to requests and responses as well as general headers common…

Https

6 min read


Nov 12, 2021

cURL command list:

1. curl http://example.com | GET request with `cURL` 2. curl http://example.com -v | Verbose GET request with `cURL` 3. curl http://admin:password@example.com/ -vvv | `cURL` Basic Auth login 4. curl -u admin:password http://example.com/ -vvv | Alternate `cURL` Basic Auth login 5. curl -u admin:password -L http://example.com/ | `cURL` Basic Auth login…

Curl

1 min read


Nov 12, 2021

Hypertext Transfer Protocol(a.k.a. HTTP) Part 1

Hello Friends how are you ? Welcome back to another topic, HTTP. Who are regular basis working in internet or IT or Cyber Security, everyone familiar with HTTP or HTTPS. Now come in Topic: In our OSI model or TCP/IP model, HTTP is an application-level protocol used to access resources…

Web Research

4 min read

Hypertext Transfer Protocol(a.k.a. HTTP) Part 1
Hypertext Transfer Protocol(a.k.a. HTTP) Part 1

Sep 3, 2021

Textpattern 4.8.7 is affected by HTML injection in the Body parameter.

#Exploit Title: Textpattern CMS v4.8.7 “Content>Write>Body” — HTMLi # Exploit Author: Tanmay Bhattacharjee # Vendor Homepage: https://www.textpattern.co # Software Link: https://textpattern.com/start # Version: 4.8.7 # Tested on: Ubuntu Vulnerable Parameters: Body. Attack Vector: This vulnerability can results attacker to inject the HTML src & href attributes payload into the body parameter…

1 min read

Textpattern 4.8.7 is affected by HTML injection in the Body parameter.
Textpattern 4.8.7 is affected by HTML injection in the Body parameter.

Textpattern 4.8.7 is affected by HTML injection in the Body parameter.

#Exploit Title: Textpattern CMS v4.8.7 “Content>Write>Body” — HTMLi
# Exploit Author: Tanmay Bhattacharjee
# Vendor Homepage: https://www.textpattern.co
# Software Link: https://textpattern.com/start
# Version: 4.8.7
# Tested on: Ubuntu

Vulnerable Parameters: Body.

Attack Vector:
This vulnerability can results attacker to inject the HTML src & href attributes payload into the body parameter…


Sep 3, 2021

Textpattern 4.8.7 is affected by cross-site scripting (XSS) in the Body parameter.

#Exploit Title: Textpattern CMS v4.8.7 “Content>Write>Body” — Stored Cross-Site Scripting # Exploit Author: Tanmay Bhattacharjee # Vendor Homepage: https://www.textpattern.co # Software Link: https://textpattern.com/start # Version: 4.8.7 # Tested on: Ubuntu Vulnerable Parameters: Body. Attack Vector: This vulnerability can results attacker to inject the XSS payload into the body parameter. any user will…

Cve

2 min read

Textpattern 4.8.7 is affected by cross-site scripting (XSS) in the Body parameter.
Textpattern 4.8.7 is affected by cross-site scripting (XSS) in the Body parameter.

May 21, 2021

All about XSS {followed by OWASP framework }

All about XSS {followed by OWASP framework } Hi everyone how are you all? I hope you are all doing hunt and working for break a code . Today I am explaining about A7:2017 vulnerability Cross Site Scripting aka XSS. If you are not aware about OWASP then visit owasp.org…

Owasp Top 10

5 min read

All about XSS {followed by OWASP framework }
All about XSS {followed by OWASP framework }

Mar 20, 2021

Networking questions and answers

Everyone are using internet in this advance technology world.Internet helps us in many ways. Now I am here discuss some Networking based questions and answer which is helps for study and also for interviews. Q1: What is Network ? Answer: Network is defined as a set of devices connected to…

Networking

10 min read

Networking questions and answers
Networking questions and answers

Sep 17, 2020

VPN installation on kali for anonymous surfing and online Privacy.

What is VPN ? A virtual private network extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.@wiki What is DNSleaktest ? A DNS leak refers to…

Ethical Hacking

3 min read

VPN installation in kali for anonymous surfing and online Privacy.
VPN installation in kali for anonymous surfing and online Privacy.

Sep 9, 2020

How to install Golang or Go language in my Kali.

Golang or Go language actually not preinstalled in Kali linux so that’s why I am writing here my write-up that how we installed Go in our kali. It is very easy process and Go is now more popular language in ethical hacking and penetration testing and I have been seen…

Penetration Testing

2 min read

How to install Golang or Go language in my Kali.
How to install Golang or Go language in my Kali.
Tanmay Bhattacharjee

Tanmay Bhattacharjee

Penetration Tester@⠎⠓⠁⠗⠍⠊⠞⠁⠝⠍⠁⠽

Following
  • Tim Denning

    Tim Denning

  • Nikhil Vemu

    Nikhil Vemu

  • Orwa Atyat

    Orwa Atyat

  • Krishnadev P Melevila

    Krishnadev P Melevila

  • Chenny Ren

    Chenny Ren

See all (116)

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Knowable