Hacked & Secured: Pentest Exploits & Mitigations

Amin Malekpour
  • 0.0 (0)
  • TECHNOLOGY
  • UPDATED MONTHLY

If you know how attacks work, you’ll know exactly where to look—whether you’re breaking in as an ethical hacker or defending as a blue teamer. Hacked & Secured: Pentest Exploits & Mitigations breaks down real-world pentest findings, exposing how vulnerabilities were discovered, exploited, and mitigated. Each episode dives into practical security lessons, covering attack chains and creative exploitation techniques used by ethical hackers. Whether you're a pentester, security engineer, developer, or blue teamer, you'll gain actionable insights to apply in your work. 🎧 New episodes every month. 🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram, Website Link 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A    📧 Feedback? Email Us → podcast@quailu.com.au

  1. SEP 29

    Ep. 13 – nOAuth Account Misbinding & Assumed-Breach to Domain Admin (Season Finale)

    One misbound identity. One exposed internal path. Two routes to total compromise. In this season finale of Hacked & Secured: Pentest Exploits & Mitigations, we break down two real-world findings that show how small trust assumptions can unravel entire systems: nOAuth (SSO account misbinding) — Multi-tenant SSO auto-linked accounts by email instead of a stable subject/issuer identifier. With a crafted identity on a controlled domain, an attacker could land a valid session as another user. From wall socket to Domain Admin — No NAC on the switch enabled quiet network access, followed by username harvesting and a light password spray to a low-priv account. From there: AD enumeration, weak service credentials, and abuse of certificate services to escalate to Domain Admin.What you’ll learn: how identity claims should be bound in modern SSO, how to harden join and mapping flows, and a practical checklist to shut down common internal escalation paths (NAC, credential hygiene, service principals, AD CS, and monitoring). Chapters: 00:00 - INTRO 01:27 - FINDING #1 - nOAuth: the email you shouldn’t have trusted 07:22 - FINDING #2 - From one wall socket to Domain Admin 13:43 - OUTRO Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode! 🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → podcast@quailu.com.au 🔗 Podcast Website → Website Link

    15 min

  2. AUG 28

    Ep. 12 – Timing Attacks & Mobile OAuth Hijack: When Microseconds and Misflows Betray You

    A few microseconds. One silent browser session. That’s all it took for attackers to break into systems without tripping a single alert. In this episode of Hacked & Secured: Pentest Exploits & Mitigations, we explore two subtle but devastating flaws: 🔹 Timing Attacks for Token Leaks – By measuring microsecond delays, attackers were able to recover secrets, without seeing them in responses. 🔹 OAuth Hijack via Mobile App Flows – A crafted app abused in-app browser sessions and custom URL schemes to silently steal valid login tokens from users on iOS. These aren’t theoretical bugs—they were found in the wild and affect real apps. If you build or test auth systems, this episode is for you. Chapters: 00:00 - INTRO 01:11 - FINDING #1 - Timing Leaks That Speak Volumes 06:56 - FINDING #2 - Hijacking Mobile OAuth with One Silent Redirect 13:06 - OUTRO Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode! 🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → podcast@quailu.com.au 🔗 Podcast Website → Website Link

    14 min

  3. JUL 24

    Ep. 11 – Account Takeover, Token Misuse, and Deserialization RCE: When Trust Goes Wrong

    One flawed password reset. One shared session token. One dangerous object. In Episode 11 of Hacked & Secured: Pentest Exploits & Mitigations, we break down three real-world vulnerabilities where trust between systems and users broke down—with serious consequences. Account Takeover via Forgot Password – A predictable ID and exposed tokens let attackers reset passwords without access to email.Session Hijack in OTP Login – A logic flaw in how login tokens were handled allowed full account access with just a user ID.Remote Code Execution via Java Deserialization – A community-contributed finding where an exposed service deserialized untrusted input, leading to code execution.These aren’t complex chains. They’re common mistakes with big impact—and important lessons for developers, security teams, and testers. Chapters: 00:00 - INTRO 00:59 - FINDING #1 - Account Takeover via Forgot Password 06:26 - FINDING #2 - Shared Session Token in SMS Login Flow 10:39 - FINDING #3 - Java Deserialisation to Remote Code Execution 16:13 - OUTRO Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode! 🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → podcast@quailu.com.au 🔗 Podcast Website → Website Link

    17 min

  4. JUN 26

    Ep. 10 – Cookie XSS & Image Upload RCE: One Cookie, One File, Full Control

    One cookie set on a subdomain triggered XSS and stole session tokens. One fake image upload gave the attacker a reverse shell. This episode breaks down two powerful exploits—a cookie-based XSS that bypassed frontend protections, and an RCE through Ghostscript triggered by a disguised PostScript file. Learn how subtle misconfigurations turned everyday features into full account and server compromise. Chapters: 00:00 - INTRO 01:08 - FINDING #1 - Cookie-Controlled XSS 12:19 - FINDING #2 - Image Upload to RCE via Ghostscript 19:03 - OUTRO Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode! 🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → podcast@quailu.com.au 🔗 Podcast Website → Website Link

    20 min

  5. MAY 29

    Ep. 9 – Directory Traversal & LFI: From File Leaks to Full Server Crash

    One markdown link copied server files. One poisoned log triggered remote code execution. One LFI crashed the entire server. In this episode, we unpack three real-world exploits—directory traversal and local file inclusion flaws that went far beyond file reads. From silent data leaks to full server compromise, these attacks all started with a single trusted path. Chapters: 00:00 - INTRO 01:07 - FINDING #1 - Server File Theft with Directory Traversal 09:23 - FINDING #2 - From File Inclusion to RCE via Log Poisoning 16:20 - FINDING #3 - LFI to Server Crash 24:09 - OUTRO Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode! 🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → podcast@quailu.com.au 🔗 Podcast Website → Website Link

    25 min

  6. APR 24

    Ep. 8 – OTP Flaw & Remote Code Execution: When Small Flaws Go Critical

    A broken logout flow let attackers hijack accounts using just a user ID. A self-XSS and an IDOR exposed stored data. And a forgotten internal tool—running outdated software—ended in full Remote Code Execution. This episode is all about how small bugs, missed checks, and overlooked services can lead to serious consequences. Chapters: 00:00 - INTRO 01:22 - FINDING #1 - The Logout That Logged You In 07:12 - FINDING #2 - From Signature Field to Shell Access 14:40 - OUTRO Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode! 🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → podcast@quailu.com.au 🔗 Podcast Website → Website Link

    16 min

  7. APR 10

    Ep. 7 – IDOR & SSTI: From File Theft to Server-Side Secrets

    A predictable ID exposed private documents. A crafted name leaked backend files. In this episode, we break down two high-impact flaws—an IDOR that let attackers clone confidential attachments, and an SSTI hidden in an email template that revealed server-side files. Simple inputs, big consequences. Learn how they worked, why they were missed, and how to stop them. Chapters: 00:00 - INTRO 01:28 - FINDING #1 – IDOR to Steal Confidential Files with Just an Attachment ID 09:05 - FINDING #2 – Server-Side Template Injection That Leaked Local Files 18:41 - OUTRO Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode! 🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → podcast@quailu.com.au 🔗 Podcast Website → Website Link

    20 min

  8. MAR 27

    Ep. 6 – 403 Bypass & Request Smuggling: Tiny Tricks, Total Takeover

    A single uppercase letter unlocked an admin panel. One malformed request hijacked user sessions. In this episode, we break down two real-world exploits—a 403 bypass and a request smuggling attack—that turned small oversights into full system compromise. Learn how they worked, why they were missed, and what should have been done differently. Chapters: 00:00 - INTRO 01:18 - FINDING #1 – The 403 Bypass That Led to Full Admin Control 08:17 - FINDING #2 – Smuggling Requests, Hijacking Responses 16:35 - OUTRO Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode! 🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → podcast@quailu.com.au 🔗 Podcast Website → Website Link

    17 min
See All (14)

Trailer

About

If you know how attacks work, you’ll know exactly where to look—whether you’re breaking in as an ethical hacker or defending as a blue teamer. Hacked & Secured: Pentest Exploits & Mitigations breaks down real-world pentest findings, exposing how vulnerabilities were discovered, exploited, and mitigated. Each episode dives into practical security lessons, covering attack chains and creative exploitation techniques used by ethical hackers. Whether you're a pentester, security engineer, developer, or blue teamer, you'll gain actionable insights to apply in your work. 🎧 New episodes every month. 🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram, Website Link 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A    📧 Feedback? Email Us → podcast@quailu.com.au

Information