Feb 1, 2022H1-CTF Hacky Holidays WriteupHey everyone i hope you all are fine and doing good, In December Hackerone made a 12 day 12 level CTF called Hacky-Holidays which had 12 flags. I was able to complete the CTF and get all the 12 flags and here i’m adding the writeup for the same.Apologies for…Bug Bounty11 min readBug Bounty11 min read
Nov 10, 2020BugPoC XSS CTF CHALLENGE!Hey everyone I recently solved the BugPoc XSS challenge and it was an awesome learning opportunity through a series of challenges, through the writeup I would divide the challenge into 3 parts and I will try to explain each part as easy as possible so let's begin: Bypassing the Iframe…Xss6 min readXss6 min read
Aug 31, 2020[UPDATED]Vuldroid App WalkthroughHi everyone I hope that you all are well and good, recently I have been learning about security bugs that arise in Android apps from the static code level while learning the concepts I created a Vuldroid which is a vulnerable app that consists of the following Vulnerabilities: Steal Password…Bug Bounty7 min readBug Bounty7 min read
Jul 28, 2020Pre-Access to Victim’s Account via Facebook SignupHey, everyone, I hope you are doing fine. Around a few months back I have found this issue. This is a case of pre account takeover in case a user has no account on the website and the attacker creates an account before the victim so in my case when…Bug Bounty4 min readBug Bounty4 min read
Aug 23, 2019Command Injection In Online CompilerHi everyone i hope you all are doing great , I wanted to share about a vulnerability in IDE’s which leads to command injection. Now most IDE’s run on the virtual environment therefore even these kinds of vulnerabilities are not directly affecting them unless you can execute root commands…Terminal2 min readTerminal2 min read
