Yamini Yadav作为安全工程师和漏洞猎手,介绍她的系列文章《敏感数据泄露的故事》,探讨敏感信息泄露、攻击者利用及修复方法。今天聚焦数据泄漏问题,强调其严重性并举例说明。 2025-9-7 13:34:2 Author: infosecwriteups.com(查看原文) 阅读量:3 收藏
Press enter or click to view image in full size
Hello everyone. I am Yamini Yadav, a security engineer, an OSCP-certified professional, and a passionate bug bounty hunter.
Welcome to my new series, “Stories of Sensitive Data Exposure: What I Found as a Pentester and How You Can Prevent It.”
This series is about exploring how sensitive information slips out of systems, how attackers exploit it, and how developers and security teams can fix it. I will share real-world stories from my penetration testing and bug hunting journey. Each post will focus on one category of sensitive data exposure:
Insecure Direct Object References (IDOR)
Data Leakage
Unencrypted Data Storage
Missing Security Headers
Insecure File Handling
Every blog will begin with a story, then move into real examples, tool usage, root cause explanations, and finish with actionable lessons.
Today’s topic is data leakage, one of the most underestimated yet powerful exposures.
Imagine walking into an office pantry where a drawer full of confidential files is left wide open. The documents contain employee salaries…
如有侵权请联系:admin#unsafe.sh