niraj choubeyinInfoSec Write-upsIntercepting Android Emulator SSL traffic with burp using magiskIn an android security testing intercepting SSL traffic from the apk is one of the basic requirement. Their are many ways in which it can…Feb 23, 2022Feb 23, 2022
niraj choubeyinInfoSec Write-upsCompiling Postgres library for exploiting UDF to RCEI recently took WEB-300 course and clear the OSWE exam. WEB-300 course module includes UDF reverse shell. One thing I find difficult is how…Nov 23, 20211Nov 23, 20211
niraj choubeyinInfoSec Write-upsInsecure Deserialization — Web Challenges — Part 1This writeup will be about solving expert level challenges in insecure deserialization category on port swigger web academy. I will cover…Jun 8, 20211Jun 8, 20211
niraj choubeyinInfoSec Write-upsExploiting second order blind SQL injectionRecently hackerone organized a online CTF called 12 days of hacky holiday CTF.Jan 9, 2021Jan 9, 2021
niraj choubeyMy 2 cents on SANS GPENDisclaimer: This certification was sponsored for me.Dec 6, 20201Dec 6, 20201
niraj choubeySplit second writeup nullcon/hackim ctf 2020I took part in hackim ctf 2020 organised by nullcon. This writeup will be for one specific web challenge i.e split second. (Note: I could…Mar 12, 2020Mar 12, 2020
niraj choubeyCORS(Cross Origin Resource Sharing) for dummiesIt all started with JavaScript support for browsers. JavaScript brought with it amazing new features e.g. dynamic contents, event based…Apr 14, 20192Apr 14, 20192