Hacked & Secured: Pentest Exploits & Mitigations

• Ep. 6 – 403 Bypass & Request Smuggling: Tiny Tricks, Total Takeover

  A single uppercase letter unlocked an admin panel. One malformed request hijacked user sessions. In this episode, we break down two real-world exploits—a 403 bypass and a request smuggling attack—that turned small oversights into full system compromise. Learn how they worked, why they were missed, and what should have been done differently.Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode!🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → [email protected] 🔗 Podcast Website → Website Link

  --------  

  17:14
• Ep. 5 – Stored XSS & SQL Injection: Small Flaws, Big Breaches

  A simple filename triggered stored XSS, hijacking accounts and stealing API keys. A SQL injection bypassed a web firewall, dumping an entire database in one request.Both attacks exploited basic security flaws—flaws that should have been caught.Learn how these exploits worked, why they were missed, and what should have been done differently.Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode!🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → [email protected] 🔗 Podcast Website → Website Link

  --------  

  16:08
• Ep. 4 – Exposed Secrets & Silent Takeovers: How Misconfigurations Open the Door to Attackers

  Exposed secrets, overlooked permissions, and credentials hiding in plain sight—each one leading to a critical breach.In this episode, we break down three real-world pentest findings where a forgotten file, a misconfigured setting, and a leaked credential gave attackers full control. How did they happen? How can you find similar issues? And what can be done to stop them?Listen now to learn how attackers exploit these mistakes—and how you can prevent them.Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode!🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → [email protected] 🔗 Podcast Website → Website Link

  --------  

  21:15
• Ep. 3 – One Request, One URL, One Bluetooth Hack: Three Takeovers That Shouldn’t Have Happened

  How can attackers take over accounts, networks, and devices—without credentials?In this episode, we break down three real-world security flaws that prove authentication alone isn’t enough:Account Takeover – A single request bypassed email verification, locking out store owners.Internal Network Compromise – A hidden admin URL and hardcoded access key gave attackers full control.Smart Device Hijack – A community-submitted finding reveals how Bluetooth vulnerabilities allowed remote command execution—without WiFi, passwords, or internet access.These findings expose critical weaknesses in application security, network defense, and IoT device protection—problems that pentesters, developers, and security teams must identify before attackers do.Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode!🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → [email protected] 🔗 Podcast Website → Website Link

  --------  

  21:30
• Ep. 2 – Chaining IDORs, CSRF Account Takeovers & Token Manipulation for Privilege Escalation

  What if you could take over an account—not by cracking a password, but by chaining two overlooked vulnerabilities? What if a single CSRF exploit let attackers reset security questions and hijack accounts? And what if manipulating an authorization token could escalate privileges?In this episode of Hacked & Secured: Pentest Exploits & Mitigations, we break down three real-world pentest findings that prove creative exploitation turns small flaws into critical security risks:Chaining IDORs for account takeover – Exploiting weak access controls.CSRF bypass to reset security questions – Turning one click into total compromise.Privilege escalation via token manipulation – How a simple change led to admin access.Learn how these vulnerabilities were discovered, exploited, and mitigated.Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode!🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → [email protected] 🔗 Podcast Website → Website Link

  --------  

  19:16

Mais podcasts de Tecnologia

Podcasts em tendência em Tecnologia

Sobre Hacked & Secured: Pentest Exploits & Mitigations