Hacked & Secured: Pentest Exploits & Mitigations
If you know how attacks work, you’ll know exactly where to look—whether you’re breaking in as an ethical hacker or defending as a blue teamer.
Hacked & Secured: Pentest Exploits & Mitigations breaks down real-world pentest findings, exposing how vulnerabilities were discovered, exploited, and mitigated.
Each episode dives into practical security lessons, covering attack chains and creative exploitation techniques used by ethical hackers. Whether you're a pentester, security engineer, developer, or blue teamer, you'll gain actionable insights to apply in your work.
🎧 New episodes every month.
🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram, Website Link
📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A
📧 Feedback? Email Us → podcast@quailu.com.au
Hacked & Secured: Pentest Exploits & Mitigations
Latest Episodes
Ep. 13 – nOAuth Account Misbinding & Assumed-Breach to Domain Admin (Season Finale)
One misbound identity. One exposed internal path. Two routes to total compromise.In this season finale of Hacked & Secured: Pentest Exploits & Mitigations, we break down two real-world findings that show ho...
Ep. 12 – Timing Attacks & Mobile OAuth Hijack: When Microseconds and Misflows Betray You
A few microseconds. One silent browser session. That’s all it took for attackers to break into systems without tripping a single alert.In this episode of Hacked & Secured: Pentest Exploits & Mitigations, we explore two sub...
Ep. 11 – Account Takeover, Token Misuse, and Deserialization RCE: When Trust Goes Wrong
One flawed password reset. One shared session token. One dangerous object.In Episode 11 of Hacked & Secured: Pentest Exploits & Mitigations, we break down three real-world vulnerabilities where trust between systems and ...
Ep. 10 – Cookie XSS & Image Upload RCE: One Cookie, One File, Full Control
One cookie set on a subdomain triggered XSS and stole session tokens. One fake image upload gave the attacker a reverse shell.This episode breaks down two powerful exploits—a cookie-based XSS that bypassed frontend protections, an...
Ep. 9 – Directory Traversal & LFI: From File Leaks to Full Server Crash
One markdown link copied server files. One poisoned log triggered remote code execution. One LFI crashed the entire server. In this episode, we unpack three real-world exploits—directory traversal and local file inclusion flaws that ...
