Powered by RND
Radio Logo
Open app
PodcastsTechnologyHacked & Secured: Pentest Exploits & Mitigations
Listen to this podcast for free in the app:
Hacked & Secured: Pentest Exploits & Mitigations
radio.net
Sleep timer
Alarm
Save favourites
Download for free in the App Store

Hacked & Secured: Pentest Exploits & Mitigations

Amin Malekpour
TechnologyBusinessCareersEducation
Hacked & Secured: Pentest Exploits & Mitigations
Latest episode

Available Episodes

5 of 9
  • Ep. 8 – OTP Flaw & Remote Code Execution: When Small Flaws Go Critical
    A broken logout flow let attackers hijack accounts using just a user ID. A self-XSS and an IDOR exposed stored data. And a forgotten internal tool—running outdated software—ended in full Remote Code Execution.This episode is all about how small bugs, missed checks, and overlooked services can lead to serious consequences.Chapters:00:00 - INTRO01:22 - FINDING #1 - The Logout That Logged You In07:12 - FINDING #2 - From Signature Field to Shell Access14:40 - OUTROWant your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode!🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → [email protected] 🔗 Podcast Website → Website Link
    --------  
    15:45
  • Ep. 7 – IDOR & SSTI: From File Theft to Server-Side Secrets
    A predictable ID exposed private documents. A crafted name leaked backend files. In this episode, we break down two high-impact flaws—an IDOR that let attackers clone confidential attachments, and an SSTI hidden in an email template that revealed server-side files. Simple inputs, big consequences. Learn how they worked, why they were missed, and how to stop them.Chapters:00:00 - INTRO01:28 - FINDING #1 – IDOR to Steal Confidential Files with Just an Attachment ID09:05 - FINDING #2 – Server-Side Template Injection That Leaked Local Files18:41 - OUTROWant your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode!🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → [email protected] 🔗 Podcast Website → Website Link
    --------  
    19:35
  • Ep. 6 – 403 Bypass & Request Smuggling: Tiny Tricks, Total Takeover
    A single uppercase letter unlocked an admin panel. One malformed request hijacked user sessions. In this episode, we break down two real-world exploits—a 403 bypass and a request smuggling attack—that turned small oversights into full system compromise. Learn how they worked, why they were missed, and what should have been done differently.Chapters:00:00 - INTRO01:18 - FINDING #1 – The 403 Bypass That Led to Full Admin Control08:17 - FINDING #2 – Smuggling Requests, Hijacking Responses16:35 - OUTROWant your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode!🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → [email protected] 🔗 Podcast Website → Website Link
    --------  
    17:14
  • Ep. 5 – Stored XSS & SQL Injection: Small Flaws, Big Breaches
    A simple filename triggered stored XSS, hijacking accounts and stealing API keys. A SQL injection bypassed a web firewall, dumping an entire database in one request.Both attacks exploited basic security flaws—flaws that should have been caught.Learn how these exploits worked, why they were missed, and what should have been done differently.Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode!🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → [email protected] 🔗 Podcast Website → Website Link
    --------  
    16:08
  • Ep. 4 – Exposed Secrets & Silent Takeovers: How Misconfigurations Open the Door to Attackers
    Exposed secrets, overlooked permissions, and credentials hiding in plain sight—each one leading to a critical breach.In this episode, we break down three real-world pentest findings where a forgotten file, a misconfigured setting, and a leaked credential gave attackers full control. How did they happen? How can you find similar issues? And what can be done to stop them?Listen now to learn how attackers exploit these mistakes—and how you can prevent them.Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode!🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → [email protected] 🔗 Podcast Website → Website Link
    --------  
    21:15

More Technology podcasts

Trending Technology podcasts

About Hacked & Secured: Pentest Exploits & Mitigations

If you know how attacks work, you’ll know exactly where to look—whether you’re breaking in as an ethical hacker or defending as a blue teamer.Hacked & Secured: Pentest Exploits & Mitigations breaks down real-world pentest findings, exposing how vulnerabilities were discovered, exploited, and mitigated.Each episode dives into practical security lessons, covering attack chains and creative exploitation techniques used by ethical hackers. Whether you're a pentester, security engineer, developer, or blue teamer, you'll gain actionable insights to apply in your work.🔹 Red Team Perspective – How attackers find and exploit vulnerabilities.🔹 Blue Team Defenses – How to prevent real-world attacks.🔹 Real Case Studies – Bug bounty reports, pentest findings, and security incidents analyzed step by step.🎧 New episodes every two weeks.🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram, Website Link📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A   📧 Feedback? Email Us → [email protected]
Podcast website
TechnologyBusinessCareersEducation

Listen to Hacked & Secured: Pentest Exploits & Mitigations, All-In with Chamath, Jason, Sacks & Friedberg and many other podcasts from around the world with the radio.net app

Get the free radio.net app

  • Stations and podcasts to bookmark
  • Stream via Wi-Fi or Bluetooth
  • Supports Carplay & Android Auto
  • Many other app features
Open app
Company
Legal
Service
Apps
Social
Radio South Africa
v7.16.2 | © 2007-2025 radio.de GmbH
Generated: 4/26/2025 - 10:22:12 AM