View profile

Ritik Sahni | Infosec Newsletter #6

Deep Space
Hey, friend!
I hope you are safe and doing good. We as a community need to stay united to fight this battle of COVID-19.
I’d request you to get yourself vaccinated as soon as possible and make the people around you aware of the process.
A few days back while I was using Twitter, I came across tweets where people expressed their feelings about their non-productive days due to the mental pressure of the COVID-19 wave. We are losing the ones who used to be with us during parties and celebrations, work, sad days. If you’re one of those people who are not feeling focused, you’re not alone. Let the feelings come and pass away. Embrace the changes and emotions.
If you need someone to talk to - feel free to message me on my Twitter @RitikSahni22 😊. Keep in mind you are loved and valued ❤️
If you can, talk to your friends and family members to check in on them. Doesn’t matter if you’ve stopped talking to them long ago, we should help the ones we can and be kind to everyone :)
Let’s dive into the newsletter and make our day better!

What's New?
Server-Side Request Forgery: The Guide | Ritik Sahni
I published a blog on SSRF vulnerability. The blog explains to you different types of SSRF cases and exploitation techniques!
Ritik Sahni || DM FOR COVID HELP
Server-Side Request Forgery: Explained

A thread 👇
My first ever Twitter thread about a web security topic. Expect more of them soon 😉
The purpose of my Twitter threads will be to simplify various cybersecurity topics to make you understand in the easiest way possible!
Blogs 📖
Airbnb – Web to App Phone Notification IDOR to view Everyone’s Airbnb Messages | Brett Buerhaus
A great write-up of an IDOR discovered by Brett Buerhaus in 2017.
Offensive Security Guide to SSH Tunnels and Proxies | by Russel Van Tuyl | Apr, 2021 | Posts By SpecterOps Team Members
A detailed guide on SSH tunnels and Proxies by Russel Van.
BugBounty Recon made easy with this tool | by Siddhesh Parab | Medium
A blog with information about various tools that you can use to start building your reconnaissance methodology. Written by Siddhesh Parab.
Top 25 CSRF Bug Bounty Reports. In this article, we will discuss CSRF… | by Cristian Cornea | Medium
Collection of great CSRF vulnerability reports. If you wanna learn CSRF then do read the reports listed in this blog written by Cristian Cornea.
Deep Dive into HTML Injection and Bug Bounty Writeup
A blog by my friend about HTML injections with a bug bounty write-up at the end explaining a real-world case. Written by RiotSecurityTeam
Favorite Tweets ✨
Ankur Warikoo
10 reasons we get scared in life

A thread...
Sahil Bloom
Intellectual curiosity is a competitive advantage.

But contrary to what you’ve been told, it has nothing to do with intelligence.

10 ways to start developing your intellectual curiosity today:
Overcoming procrastination:

1. Start small. No such thing as a small win.

2. Plan the day before

3. Repetition is boring — Change your environment each time

4. Drink water, seriously

5. Plan out the task. Clarity brings motivation
Ritik Sahni || DM FOR COVID HELP
We look at things in binary.

We expect a yes or no answer but things can be way deeper to be answered in a "yes" or "no" format.
Favorite Quote 💜
Win through your actions, never through argument. - Robert Greene
Thank you for reading this week’s newsletter, I’ll see you next week! 👋
If you wanna give feedback, suggestions, complaints then feel free to reply to this email. I read every email.
If you like my content, you can support me through Buy Me A Coffee!
- Ritik Sahni
PS: If you enjoyed this newsletter, please share it with a friend. They can subscribe here🤝
Did you enjoy this issue? Yes No
Ritik Sahni
Ritik Sahni @ritiksahni22

Weekly newsletters with references to great articles, blogs, and other cybersecurity content delivered right into your email inbox!

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Created with Revue by Twitter.