Security Humors
After a stressful day at work, who does not like to be humored, everyone likes pun and these are a collected few i came across while browsing the internet , they are not made by me creds to the respective… Continue Reading
Big Fish Games Breached by Hackers
BigFish Games ranks 2,817 globally according to Alexa, it was founded in the year 2002. In recent events Big Fish Games seem to have been hacked . The hackers have stolen Sensitive information and also breached the payment and billings… Continue Reading
Using Burp suite to Brute force HTTP Basic Auth
Using Burp suite to Brute force HTTP Basic Auth The first question to obviously answer is what is HTTP Authentication? HTTP Basic authentication (BA) implementation is the simplest technique for enforcing access controls to web resources because it doesn’t require… Continue Reading
Using Your Raspberry Pi for Pentesting
Recently i gave a presentation at null meets Mumbai regarding Raspberry Pi a portable pentesting lab . Here is the Link have fun
Dlink DIR-600L Hardware Version AX Firmware Version 1.00 CSRF Vulnerability
I agree Vulnerabilities Come out just about randomly . I was out at a friends place since my internet was not working stumbled upon their Wifi router . and lol a vulnerable interface . Here is the POC :
Dlink DIR-615 Hardware vE4 Firmware v5.10 – CSRF Vulnerability
Recently my office had bought a DLink Wireless Router , I thought to myself why not try testing it 😛 So started browsing the web interface of the Router . and managed to find CSRF flaws not only for the… Continue Reading
Watson Management Console 4.11.2.G Directory Traversal Vulnerability
Browsing through exploit-db I recollect i had found a Flaw in Watson Management Console . Its a Network Monitoring Tool. I could Browse in to locate the Passwd file .
Trendchip HG520 ADSL2+ Wireless Modem CSRF Vulnerability
Finally another Whitepaper got Selected on Exploit-db talks are going on with the Trendchip people to get the flaw fixed . Here is the link to Exploit-db : Here
Walkthrough for De-ICE.net v2.0
I am glad to have completed the De-Ice challenge though i needed to take a few referenced , but hey it was a good start .
SQL injection Basics
I was browsing a few videos from the securitytube.net when i came across these nice and neat videos that describe how sql injection really work . i would recommend you all to definitely have a look at it . These… Continue Reading