PinnedPublished inInfoSec Write-upsTorrent Trails: Unmasking Your Torrent Downloads with IP AddressPublic IP address is mostly assigned static to each unique person by an ISP in most of the cases.Oct 26, 20235Oct 26, 20235
PinnedPublished inInfoSec Write-upsXS-Leak: Deanonymize Microsoft Skype Users by any 3rd-party websiteXS-Leaks — These are class of vulnerabilities derived from side channel attack. Although browsers have security features like SOP, which…Apr 21, 2023Apr 21, 2023
PinnedPublished inInfoSec Write-upsHow Browser’s Save As Feature might lead to Code Execution (CVE-2022–45415)Few days ago, while I was exploring browser based bugs, I read a article over internet explaining about a path traversal vulnerability in…Jan 14, 20232Jan 14, 20232
PinnedPublished inInfoSec Write-upsBlind SSRF in Skype (Microsoft)Server Side Request Forgery is a vulnerability that allows attacker to make server request to attacker controlled network location/path.Oct 28, 20221Oct 28, 20221
PinnedPublished inInfoSec Write-upsGrafana Admin Panel bypass in Google Acquisition(VirusTotal)I started with usual subdomain recon of a google acquisition(VirusTotal).This time I used a online subdomain finder service…Feb 20, 20212Feb 20, 20212
Published inInfoSec Write-upsExposing cybercrime.gov.in Phishing: The Browser-In-The-Browser ScamLong story short, We have a private WhatsApp/Telegram group which includes renowned infosec people & law enforcement officials from Tamil…Jul 29Jul 29
Published inInfoSec Write-upsIntro to Debugging Java Web Servers Without Source Code For Security ResearchersDebugging Java web servers in an on-premise environment is crucial for pentesting and source code reviews. It’s possible to easily…Jul 16Jul 16
Published inInfoSec Write-upsOpManager: CSRF & XS-Leak Chained for Information DisclosureManageEngine OpManager is a powerful network monitoring software that provides deep visibility into the performance of your routers…Apr 181Apr 181
Published inInfoSec Write-upsJSON CSRF in Microsoft Bing Maps CollectionsBing Maps allows users to create a collection and add places to those collections as shown below.Feb 9Feb 9
Published inInfoSec Write-upsIntro to Fuzzing IoT Protocols using BooFuzzIn this article let’s learn about how to fuzz IoT protocols such as modbus using boofuzz, a open source fuzzing framework which can fuzz…Jan 17Jan 17