Projects using Acunetix in Dhaka
Projects using Acunetix in Dhaka
Sign Up
Post a job
Sign Up
Log In
Filters
2
Projects
People
Message
0
MD MESBAUL ISLAM
Account Takeover (ATO) via Token Vulnerability Identified a critical Account Takeover (ATO) vulnerability during web application and API penetration testing of a financial platform. By exploiting insecure token validation, I gained unauthorized access to user accounts without credentials. Key Findings: Weak token validation Missing session/device binding No token expiration or rotation Impact: Unauthorized account access, financial data exposure, and fraud risk. Outcome: Delivered a professional VAPT report with proof of concept (PoC), risk assessment, and remediation recommendations based on OWASP best practices.
0
21
Explore projects