Hello there! how you doin? , Bilal Rizwan here & I hope everyone is safe in this time of crisis and making complete use of your quarantined time to learn new things and expand your skill.

What is this post about ?
Many of you might have now seen GraphQL being used in a lot of web applications, some of you might have recognized right away that its graphql and probably tried searching for what you can do with it some might not have realized that the request is something called GraphQL request. …


Hello there! , Hope you are doing great and learning loads of stuff from the community like I am.

What is this post about ?

Capture the Flag or more commonly known as CTF is a sort of firing range for hackers where they can test their skills and pick up a few new tricks , I personally believe that its a great way to keep you sharp and intrigued to learn new stuff.This post is a writeup ( soution ) to a CTF hosted by Intigriti.


Hello there! , whats up ? ,Bilal Rizwan here hope your doing great & having fun learning from the community like I am.

What is this Post about ?
You might have seen a /xmlrpc.php file in many wordpress sites you visit , you might have even tried to search the error(XML-RPC server accepts POST requests only) that appears when you visit http://site.com/wp/xmlrpc.php.In this post I’ll try to highlight the common vulnerabilities associated with the xmlrpc.php file.

What is XML-RPC ?

XML-RPC on WordPress is actually an API or “application program interface“. It gives developers who make mobile apps, desktop apps and other services…

+Bilal Rizwan

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store