PinnedCommon GraphQL Misconceptions: A rantLet’s talk about GraphQL, and how evil or good it is — a hot take from a developer cum pentester ;) This post will enlighten your world!Aug 9, 2021Aug 9, 2021
PinnedPeeking into the FutureToday I have been thinking more on how to proceed further with something interesting to share with my audience on a daily basis. Let’s see!Aug 7, 2021Aug 7, 2021
PinnedInjection attacks in Google Sheets!Let’s learn how to use benign looking CSVs and Spreadsheets to exfiltrate data, without even letting the user know about it ;)Jul 16, 2021Jul 16, 2021
Demystifying an XSS payload: Part 4Let’s demystify an interesting XSS payload and learn about it! This post would aim to help you give my methodology on debugging things.Aug 16, 2021Aug 16, 2021
Experience Diary: Doing infosec research the right wayLet me share my experience on how I do research on a topic. I would be happy to know your methodology as well :)Aug 15, 2021Aug 15, 2021
Intigriti’s Flask Challenge BreakdownLet’s see what the dev’s have cooked up at Intigriti today! A damn vulnerable & broken Flask application. Let’s hack it for Fun & Learning!Aug 13, 2021Aug 13, 2021
Neat XSS trick from a G.O.A.T — Gareth Heyes specialLet’s discuss about this interesting XSS challenge, that was shared yesterday by Gareth Heyes! Read on to learn a neat Javascript trick :)Aug 12, 2021Aug 12, 2021
RCE via failed regex check — One dot to rule ’em all!Let’s learn about how a failed regex check led to RCE in PiHole Admin panel. There’s ofcourse more so check the full post to learn more...Aug 11, 2021Aug 11, 2021
Smuggling Script via URL: Short HTML-based XSS payloadLet’s learn a neat trick on having the XSS payload in the URL for achieving shorter XSS payloads — straight from the greats!Aug 10, 2021Aug 10, 2021
Intigriti’s PHP challenge breakdownLet’s discuss issues with the PHP code shared by Initgriti! We will discuss on how you can shoot yourself in the foot with PHP’s…Aug 8, 2021Aug 8, 2021