Tags | Naveen J

#XSS

Feb 08 2021

Discovery of Reflected Cross-Site Scripting (XSS) Vulnerability in a Public Program

#Misconfiguration

#Account Takeover

#Remote Code Execution

#Jailbreaking

Mar 10 2021

Jailbreaking iPhone and Setting Up Dynamic Analysis Lab

#Dynamic Analysis

Mar 10 2021

Jailbreaking iPhone and Setting Up Dynamic Analysis Lab

#Lab Setup

Mar 10 2021

Jailbreaking iPhone and Setting Up Dynamic Analysis Lab

#Subdomain Takeover

May 08 2021

Uncovering the Extensive Subdomain Takeover Vulnerability

#SQL Injection

#PII Leak

Jul 01 2021

API Security Misconfiguration Leads to tons of PII data Leakage

#Broken Access Control

Oct 10 2022

Insecure Direct Object References (IDOR) Exploit Enables Unauthorized Access to Linked Bank Accounts

#IDOR

Oct 10 2022

Insecure Direct Object References (IDOR) Exploit Enables Unauthorized Access to Linked Bank Accounts

#Deserialization

Nov 09 2022

Insecure Deserialization

#DLL Hijacking

Dec 15 2022

Remote Code Execution via DLL Hijacking on a Prominent Business Automation Application

#Remote Code Execution (RCE)

Dec 15 2022

Remote Code Execution via DLL Hijacking on a Prominent Business Automation Application

#Product Security

Dec 15 2022

Remote Code Execution via DLL Hijacking on a Prominent Business Automation Application

#Reverse Engineering

#JavaScript Files Analysis

Mar 25 2023

Exploiting Misconfigurations and Authorization Vulnerabilities in a Multinational Company's Content Management System

#Privilege Escalation

Mar 25 2023

Exploiting Misconfigurations and Authorization Vulnerabilities in a Multinational Company's Content Management System

#Fuzzing

Mar 25 2023

Exploiting Misconfigurations and Authorization Vulnerabilities in a Multinational Company's Content Management System

#Session Storage

Mar 30 2023

Account Takeover Through Manipulation of Session Storage

#Business Logic Error

#Price Manipulation

Apr 12 2023

Exploiting Business Logic Error: Price Manipulation

#Web Application Firewall

May 30 2023

Bypassing Web Application Firewall (WAF) to Exploit SQL Injection Vulnerabilities

#Bypass Techniques

May 30 2023

Bypassing Web Application Firewall (WAF) to Exploit SQL Injection Vulnerabilities

#CTF

#Offsec labs

#OSCP

#Writeup

#Bypasss

Jul 13 2023

Unveiling the Consequences: Database Dump Exploitation through Mass Assignment Vulnerability

#Mass Assignment

Jul 13 2023

Unveiling the Consequences: Database Dump Exploitation through Mass Assignment Vulnerability

#Database Dump

Jul 13 2023

Unveiling the Consequences: Database Dump Exploitation through Mass Assignment Vulnerability

#Linux

#Pg-Play

#RFI

Jul 22 2023

Proving grounds Play: SoSimple

#Wordpress

#Windows

#Pg-Practice

#Dirtyc0w

#Linux- Pg-Play

Sep 22 2023

Proving grounds Play: Amaterasu

#Drupalgeddon

Sep 27 2023

Proving grounds Play: Lampiao

#LFI

#PG-Practice

#Grafana

Oct 03 2023

Proving grounds Practice: Fanatastic

#Codoforum

Oct 04 2023

Proving grounds Play: Codo

#SMTP

Oct 05 2023

Proving grounds Play: Bratarina

#RCE

#Grav-CMS

Oct 05 2023

Proving grounds Play: Astronaut

#Symfony

Oct 14 2023

Proving grounds Play: Fractal

#GLPI

Oct 15 2023

Proving grounds Play: GLPI

#Jetty

Oct 15 2023

Proving grounds Play: GLPI

#CVE-2022-35914

Oct 15 2023

Proving grounds Play: GLPI

#Redis

Oct 21 2023

Proving grounds Practice: Wombo

#Insecure Direct Object Reference

Oct 31 2023

Unveiling the Hotel Booking Hack: Leveraging Business Logic Flaws for Free Subscriptions and 12% Discounts

#Rsync

Dec 30 2023

Proving grounds Practice: Fail

#PostgreSQL

Jan 05 2024

Proving grounds Practice: Nibbles