All posts

One of the main issues people face in web application based organizations is the channel of communication between the security team and developers. This often involves lengthy steps for reproduction of vulnerabilities. Often times these are tedious to follow let alone repeat multiple times for the pentesters. So, I was …


Teaching XSS to a machine [Hacks]

Even before we start anything, just have a glance at few interesting vectors that were dreamt by a machine learning agent which has structural knowledge of HTML. Few vectors require user interaction also. I tried to add comments about what I think is special about few of those.

<body onblur …

Every time I try a bug bounty program on HackerOne, I first check for flash files on the domains which are in scope. Flash files are always a good target as far as I am concerned. Approximately three months back, I came across VK.com bug bounty. So, when I …


RPi 2 as my music server [Linux]

Almost everyone is familiar with what Raspberry Pi is, if you are not aware of it better stop reading! When Pi2 was released with some great upgrades I got one to just tinker with it. Couldn't do much with it until recently. I joined my first full time role at …


Stegosploit is simple fun!! [Python]

If you are not familiar with the word STEGOSPLOIT then you must definitely look at the following links

  • The actual talk
  • Followed by huge popularity. Just google the word!
  • Then criticism
  • Then, I stopped following the topic at this stage.

Slides of the talk are available here

My Thoughts

  • Would …

« Page 2 / 7 »

Categories
Tags
Author