Hacked & Secured: Pentest Exploits & Mitigations
Amin Malekpour
Publishing Details
Contact & Outreach
About This Podcast
If you know how attacks work, you’ll know exactly where to look—whether you’re breaking in as an ethical hacker or defending as a blue teamer.
Hacked & Secured: Pentest Exploits & Mitigations breaks down real-world pentest findings, exposing how vulnerabilities were discovered, exploited, and mitigated.
Each episode dives into practical security lessons, covering attack chains and creative exploitation techniques used by ethical hackers. Whether you're a pentester, security engineer, developer, or blue teamer, you'll gain actionable insights to apply in your work.
🎧 New episodes every month.
🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram, Website Link
📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A
📧 Feedback? Email Us → [email protected]
Podcasting 2.0 Features
Social Media
Explore Statistics
Recent Episodes
S1E13 Ep. 13 – nOAuth Account Misbinding & Assumed-Breach to Domain Admin (Season Finale)
One misbound identity. One exposed internal path. Two routes to total compromise.In this season finale of Hacked & Secured: Pentest Exploits & Mitigations, we break down two real-world…
S1E12 Ep. 12 – Timing Attacks & Mobile OAuth Hijack: When Microseconds and Misflows Betray You
A few microseconds. One silent browser session. That’s all it took for attackers to break into systems without tripping a single alert.In this episode of Hacked & Secured: Pentest Exploits &…
S1E11 Ep. 11 – Account Takeover, Token Misuse, and Deserialization RCE: When Trust Goes Wrong
One flawed password reset. One shared session token. One dangerous object.In Episode 11 of Hacked & Secured: Pentest Exploits & Mitigations, we break down three real-world vulnerabilities…
S1E10 Ep. 10 – Cookie XSS & Image Upload RCE: One Cookie, One File, Full Control
One cookie set on a subdomain triggered XSS and stole session tokens. One fake image upload gave the attacker a reverse shell.This episode breaks down two powerful exploits—a cookie-based XSS that…
S1E9 Ep. 9 – Directory Traversal & LFI: From File Leaks to Full Server Crash
One markdown link copied server files. One poisoned log triggered remote code execution. One LFI crashed the entire server. In this episode, we unpack three real-world exploits—directory traversal…
S1E8 Ep. 8 – OTP Flaw & Remote Code Execution: When Small Flaws Go Critical
A broken logout flow let attackers hijack accounts using just a user ID. A self-XSS and an IDOR exposed stored data. And a forgotten internal tool—running outdated software—ended in full Remote Code…
S1E7 Ep. 7 – IDOR & SSTI: From File Theft to Server-Side Secrets
A predictable ID exposed private documents. A crafted name leaked backend files. In this episode, we break down two high-impact flaws—an IDOR that let attackers clone confidential attachments, and an…
S1E6 Ep. 6 – 403 Bypass & Request Smuggling: Tiny Tricks, Total Takeover
A single uppercase letter unlocked an admin panel. One malformed request hijacked user sessions. In this episode, we break down two real-world exploits—a 403 bypass and a request smuggling…
S1E5 Ep. 5 – Stored XSS & SQL Injection: Small Flaws, Big Breaches
A simple filename triggered stored XSS, hijacking accounts and stealing API keys. A SQL injection bypassed a web firewall, dumping an entire database in one request.Both attacks exploited basic…
S1E4 Ep. 4 – Exposed Secrets & Silent Takeovers: How Misconfigurations Open the Door to Attackers
Exposed secrets, overlooked permissions, and credentials hiding in plain sight—each one leading to a critical breach.In this episode, we break down three real-world pentest findings where a forgotten…
S1E3 Ep. 3 – One Request, One URL, One Bluetooth Hack: Three Takeovers That Shouldn’t Have Happened
How can attackers take over accounts, networks, and devices—without credentials?In this episode, we break down three real-world security flaws that prove authentication alone isn’t enough:Account…
S1E2 Ep. 2 – Chaining IDORs, CSRF Account Takeovers & Token Manipulation for Privilege Escalation
What if you could take over an account—not by cracking a password, but by chaining two overlooked vulnerabilities? What if a single CSRF exploit let attackers reset security questions and hijack…
S1E1 Ep. 1 – Breaking OTP Security, Exploiting Static Domains & Privilege Escalation via Role Misconfigurations
What if your OTP security wasn’t secure at all? What if a static domain—something most people ignore—could lead to full account takeover? And what if flawed role management allowed admins to escalate…
S1 Intro to Hacked & Secured: Pentest Exploits & Mitigations – What to Expect!
If you know how attacks work, you’ll know exactly where to look—whether you’re breaking in as an ethical hacker or defending as a blue teamer.Welcome to Hacked & Secured: Pentest Exploits &…
Frequently Asked Questions
Hacked & Secured: Pentest Exploits & Mitigations has published 14 episodes since January 2025, covering topics in Business, Careers.
Hacked & Secured: Pentest Exploits & Mitigations is currently sporadic with new episodes monthly. Average episode length is 18m.
Sign up on Grep.FM to access contact details for Hacked & Secured: Pentest Exploits & Mitigations, including email and social media links.
Similar Podcasts
Earn Your Leisure
iHeartPodcasts
1,482 episodes
Front Row Seat with Ken Coleman
Ramsey Network
180 episodes
Happier in Hollywood
The Onward Project
483 episodes
A Bit of Optimism
Simon Sinek
226 episodes
Your Virtual Upline Podcast
Bob Heilig
495 episodes
How to Be Awesome at Your Job
How to be Awesome at Your Job
1,182 episodes