The Hacker Recipes

GitHub Twitter Exegol Tools

Introduction
Active Directory
Web services
Systems & services
Evasion
- (AV) Anti-Virus
- 🛠️(EDR) Endpoint Detection and Response
🛠️Physical
🛠️Intelligence gathering
🛠️RADIO
🛠️mobile apps
- Android
- iOS
  - Certificate pinning

Powered by GitBook

On this page

Theory
Practice
Resources

Was this helpful?

Web services

Accounts and sessions

Account deletion

PreviousAccount creation NextLogging in

Last updated 1 year ago

Was this helpful?

Theory

Removing an account is a sensitive action that should be taken into consideration.

Practice

Some protection mechanisms should be incorporated:

Protection: when deleting an account, the web application should request the user to submit its credentials (it can prevent attacks such CSRF, XSS...).

Resources

🛠️

Liberapay disclosed on HackerOne: Insecure Account DeletionHackerOne

#BugBounty — How I was able to delete anyone’s account in an Online Car Rental CompanyMedium