<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
  <title>Unnbug Insights</title>
  <link>https://blog.unnbug.com/</link>
  <atom:link href="https://blog.unnbug.com/rss.xml" rel="self" type="application/rss+xml" />
  <description>Cybersecurity research, technical guides, and threat intelligence from Unnbugify Technologies.</description>
  <language>en</language>
  <lastBuildDate>Fri, 17 Jul 2026 19:37:50 +0000</lastBuildDate>
  <item>
    <title>The Complete Guide to VAPT</title>
    <link>https://blog.unnbug.com/vapt</link>
    <guid isPermaLink="true">https://blog.unnbug.com/vapt</guid>
    <category>Penetration Testing</category>
    <pubDate>Thu, 12 Feb 2026 09:00:00 +0000</pubDate>
    <description>What VAPT actually is, the difference between vulnerability assessment and penetration testing, the seven engagement phases, methodologies, and how to read the report.</description>
  </item>
  <item>
    <title>Inside a Modern Red Team Engagement</title>
    <link>https://blog.unnbug.com/red-teaming</link>
    <guid isPermaLink="true">https://blog.unnbug.com/red-teaming</guid>
    <category>Red Teaming</category>
    <pubDate>Thu, 05 Feb 2026 09:00:00 +0000</pubDate>
    <description>Goal-based adversary emulation: how red teaming differs from a penetration test, the attack lifecycle, MITRE ATT&amp;CK, and the purple-team feedback loop that makes it worth it.</description>
  </item>
  <item>
    <title>Bug Bounty: A Practical Field Manual</title>
    <link>https://blog.unnbug.com/bug-bounty</link>
    <guid isPermaLink="true">https://blog.unnbug.com/bug-bounty</guid>
    <category>Bug Bounty</category>
    <pubDate>Wed, 28 Jan 2026 09:00:00 +0000</pubDate>
    <description>How to hunt bugs that actually pay: the attacker mindset, a repeatable recon workflow, high-signal vulnerability classes, and how to write a report that gets triaged and rewarded.</description>
  </item>
  <item>
    <title>The Web Vulnerability Encyclopedia</title>
    <link>https://blog.unnbug.com/vulnerabilities</link>
    <guid isPermaLink="true">https://blog.unnbug.com/vulnerabilities</guid>
    <category>Web Security</category>
    <pubDate>Thu, 22 Jan 2026 09:00:00 +0000</pubDate>
    <description>A practical field reference to twelve vulnerability classes that cause most real-world breaches: what each one is, its impact, and how to fix it. Mapped to the OWASP Top 10.</description>
  </item>
  <item>
    <title>SQL Injection, End to End</title>
    <link>https://blog.unnbug.com/sql-injection</link>
    <guid isPermaLink="true">https://blog.unnbug.com/sql-injection</guid>
    <category>Web Security</category>
    <pubDate>Sun, 18 Jan 2026 09:00:00 +0000</pubDate>
    <description>How a single quote becomes full database compromise: in-band, blind, and out-of-band SQL injection, a worked example, real impact, and why parameterized queries end the problem for good.</description>
  </item>
  <item>
    <title>Cross-Site Scripting (XSS), Explained</title>
    <link>https://blog.unnbug.com/xss</link>
    <guid isPermaLink="true">https://blog.unnbug.com/xss</guid>
    <category>Web Security</category>
    <pubDate>Wed, 14 Jan 2026 09:00:00 +0000</pubDate>
    <description>Reflected, stored, and DOM-based XSS with real payloads, the account-takeover impact behind the hype, and a layered defence - output encoding plus CSP - that actually holds.</description>
  </item>
  <item>
    <title>SSRF: Making the Server Attack Itself</title>
    <link>https://blog.unnbug.com/ssrf</link>
    <guid isPermaLink="true">https://blog.unnbug.com/ssrf</guid>
    <category>Web Security</category>
    <pubDate>Fri, 09 Jan 2026 09:00:00 +0000</pubDate>
    <description>Server-Side Request Forgery explained: how attackers steal cloud metadata credentials, reach internal-only services, and pivot networks - and why allowlists and IMDSv2 are the real fix.</description>
  </item>
  <item>
    <title>IDOR &amp; Broken Access Control</title>
    <link>https://blog.unnbug.com/idor-bola</link>
    <guid isPermaLink="true">https://blog.unnbug.com/idor-bola</guid>
    <category>Web Security</category>
    <pubDate>Sun, 04 Jan 2026 09:00:00 +0000</pubDate>
    <description>The #1 web risk explained: how changing a single ID exposes other users' data, why it happens, how to detect it, and the server-side authorization pattern that actually prevents it.</description>
  </item>
</channel>
</rss>
