Abstract: Privileges Escalation and Sensitive data exposure vulnerability has always been hidden from the web and requires understanding the entire application to find out vulnerability.
By testing this vulnerability for the application, we will learn about the types of Privileges Escalation, Automating the approach, and Jwt manipulating Example & how to find sensitive data exposure under the admin and user roles.
Author Bio: Arjun Singh has 4 years of experience in the Cyber Security domain. He is Synack Red Teamer and an associate security consultant at Payatu Security, specialising in web application and API'. He is a keen learner in thick client, code review as well.