Published inInfoSec Write-upsIntercepting Android Emulator SSL traffic with burp using magiskIn an android security testing intercepting SSL traffic from the apk is one of the basic requirement. Their are many ways in which it can…Feb 23, 2022Feb 23, 2022
Published inInfoSec Write-upsCompiling Postgres library for exploiting UDF to RCEI recently took WEB-300 course and clear the OSWE exam. WEB-300 course module includes UDF reverse shell. One thing I find difficult is how…Nov 23, 20211Nov 23, 20211
Published inInfoSec Write-upsInsecure Deserialization — Web Challenges — Part 1This writeup will be about solving expert level challenges in insecure deserialization category on port swigger web academy. I will cover…Jun 8, 20211Jun 8, 20211
Published inInfoSec Write-upsExploiting second order blind SQL injectionRecently hackerone organized a online CTF called 12 days of hacky holiday CTF.Jan 9, 2021Jan 9, 2021
Split second writeup nullcon/hackim ctf 2020I took part in hackim ctf 2020 organised by nullcon. This writeup will be for one specific web challenge i.e split second. (Note: I could…Mar 12, 2020Mar 12, 2020
CORS(Cross Origin Resource Sharing) for dummiesIt all started with JavaScript support for browsers. JavaScript brought with it amazing new features e.g. dynamic contents, event based…Apr 14, 20192Apr 14, 20192