Javier Dominguez’s Post

TL;DR — I gave Claude 4.5 a Kali box and an intentionally vulnerable app. In 15 minutes it produced a report with 21 real vulnerabilities (SQLi, exposed .git, misconfigured cookies), but it missed obvious XSS and some business logic issues. In the post I walk through the setup, what worked, what didn’t, and where AI actually belongs in a security workflow — useful for early dev checks and teaching, but not a replacement for manual pen testing. Read the full write-up: https://lnkd.in/gY7MzupX #AIsecurity #PenTesting #Infosec #Claude45

AI is extremely good as your partner in offsec assessments. It helps you to generate good results in a short period of time. However, it always needs validation and extra testing. It is not to just throw the task in AI and spit the results into a report, but to work together using AI as a powerful tool that can improve your testing. It’s kind of using a a chainsaw instead of an ax 🪓 … it gives you faster, cleaner and precise results but a person needs to be part of the process. #ai #offsec #pentesting

Hope this helps everyone interested in mobile security — we just published a practical write‑up on solving Flags 8 & 9 in the Hextree CTF. What we did, in short: • We found an exported Activity/Service in the AndroidManifest. • The app relied on an Intent extra named "caller" for verification — which is easily spoofable. • We built a PoC that spoofs the value and sends the Intent ( custom app) to demonstrate how the flags can be leaked. • We provided practical fixes: disable unnecessary exports, verify the calling package & signature, and use signature‑level permissions. #AndroidSecurity #ReverseEngineering #BugBounty #MobileAppSec #hackerone #hextree

🚀 Day 33 — Walking an Application (Manual Web App Recon) Aaj main ek simple but powerful approach dikhata hoon, how to *walk a web application* using only your browser developer tools (no Burp, no scanners). Manual recon builds the intuition every pentester and bug bounty hunter needs before automation. Key takeaways: • Start with view Source & comments bcz it might give us hidden links, backup hints, or framework clues.   • Inspector / Debugger to remove paywalls, pause JS, and reveal blocked content safely.   • Network tab so that we can capture XHR/API calls, endpoints, and request/response details. Scanners are great, but they give you leads. Manual walking gives you context. Observe → Understand → Validate. 🎥 Full demo & step-by-step lab (Day 33): https://lnkd.in/gZfi_-Kk Question for you, do you start manual recon or run tools first? Comment below 👇 #Encrypticle #CyberSecurity #WebAppSecurity #BugBounty #ManualRecon #Pentesting #HackerMindset

Automatically extract URLs from Android APK files In this brief technical guide, I want to show you how to automatically download APK files and extract all embedded URLs for OSINT, intelligence gathering, and security testing. This method uses lightweight open source tools (apkeep, apkurlgrep, uro) to quickly display application endpoints, APIs, and hidden network paths — useful for mobile pentesting, threat analysis, or bug bounty research. 🚀 Want more practical walkthroughs and PoCs? Put a “+” in the comments and repost

🛠️ 500+ Web App Pentesting Test Cases In ONE Checklist Just reviewed a monster PDF that every pentester, bug bounty hunter, and AppSec engineer should have pinned to their desktop. 📄 Web Application Pentesting Checklist built on OWASP methodology with clear, actionable, no-fluff test cases. 💣 Here’s a small taste of what it includes: 🔍 Information Gathering • Google Dorks, OSINT, DNS Enum, Meta Files • Framework fingerprinting with Wappalyzer & WhatWeb • Mapping execution paths with Dirsearch, Gobuster 🔓 Authentication & Authorization • Weak lockout, default creds, remember-me logic • IDOR, vertical/horizontal privilege escalation • Forced browsing, session fixation, 2FA/OTP bypass 🧪 Input Validation • Reflected/Stored XSS, SQLi, LFI/RFI • Command injection, SMTP injection, CSRF • DOM XSS, Clickjacking, CORS misconfigs 🧩 Business Logic Testing • Broken workflows, negative quantity bugs • Payment tampering, malicious file upload, race conditions 🛡️ Session & Transport Security • HSTS, cookies (secure, HttpOnly, SameSite) • SSL/TLS misconfigs (BEAST, POODLE, LOGJAM, etc.) 📦 Bonus Sections • Cloud misconfigs (AWS/GCP/Azure paths) • SSRF, SSTI, Broken Link Hijack, SPF, CORS, EXIF Geodata • And an entire section just on bypassing rate limits 😈 💬 If you’re teaching web security, doing bug bounties, or prepping for OSWE / CEH / PNPT this is an insane time-saver. 📩 Want the PDF? Comment WEBPENTEST or shoot me a DM. 🧠 Question for you: What’s the most underrated or overlooked vuln you’ve seen in prod apps? Let’s learn from each other 👇 #WebPentest #OWASP #BugBounty #AppSec #EthicalHacking #Infosec #WebSecurity #XSS #SQLInjection #CSRF #LFI #RFI #SSTI #SSRF #IDOR #SecureCoding #SecurityTesting #OSWE #BurpSuite #PenetrationTesting #SecureDev #WebAppSecurity #HackingTips

CISO: no need for a pentest for this app , it's already covered by the DAST. Me: Not so sure... A Dast will never replace an experienced pentester (at least for mid term) - Pentesters use logic, chaining, and context to exploit complex vulnerabilities. - They identify business logic flaws, authorization bypasses, privilege escalations, etc - They can adapt and pivot quickly. What do you think ?

🚨 New CVE in OneLogin (7.7 CVSS): API flaw exposed all OIDC client secrets. Any attacker with valid keys could impersonate apps + move laterally. Patched in 2025.3.0 — details here ↓ https://lnkd.in/gdKNSzfP

October is #CyberSecurityMonth. 🔐 In Performetriks’ recent blog post, they remind us that security testing isn’t just an option - it’s a necessity. By identifying vulnerabilities early, we can build software that’s not only high-performing but truly secure by design. Apps now handle everything: shopping, banking, storing personal info, so their “doors and windows” must be locked tight. Proactive testing builds trust, protects users and saves time and money. Read more: https://lnkd.in/duA_d8Kz Follow Performetriks on LinkedIn and explore their blog section on performetriks.com for deeper diving into testing, observability, performance engineering and more. #SecurityTesting #SecureSoftware #AppSecurity

🚨 Think your web app is secure? Let’s find out! 💡 Ever heard of the OWASP Top 10? It’s THE cheat sheet for what hackers target most! 🔍 Spot these risks in your stack— Broken access control: Can anyone change user roles? Cryptographic failures: Is your data encrypted & protected? Injection: Are you validating user input? Insecure design: Did you embed security from the start? Misconfiguration: Still using default settings? Outdated components: Are your libraries patched? Auth failures: Are you using 2FA, rate limits? Integrity failures: Do you verify updates and plugins? Logging blind spots: Would you know if you were breached? SSRF: Are servers fetching only what’s safe? #OWASPTop10 #AppSec #Infosec