Milad Keivanfar

Web Application Security Specialist

Tag: Bug bounty

  • XSS and Open Redirect on a banking website

    XSS and Open Redirect on a banking website

    Hello, my name is Milad. This is my first writeup in this blog, and today I want to write about two vulnerabilities: XSS and Open Redirect, that I found on one of the banking systems. Due to confidentiality and security issues, I will redact the name of the bank. The beginning of the stage of…

  • Quick Guide: API Penetration Testing

    Quick Guide: API Penetration Testing

    Hello to all penetration tester. this guide is designed to help penetration testers understand the process of API penetration testing, identify common vulnerabilities, and apply effective testing techniques. Table of Contents 3. Common API Vulnerabilities 1. Understanding API Penetration Testing API penetration testing is the process of evaluating the security of APIs by simulating attacks…