Must follow Security Podcasts

Podcasts are a great thing to improve your awareness of what’s happening currently in the market, here are a few podcasts from the security perspective that one should follow. Before i mention the list of Podcasts, I recommend that you… Continue Reading

Security Humors

After a stressful day at work, who does not like to be humored, everyone likes pun and these are a collected few i came across while browsing the internet , they are not made by me creds to the respective… Continue Reading

Big Fish Games Breached by Hackers

BigFish Games ranks 2,817 globally according to Alexa, it was founded in the year 2002. In recent events Big Fish Games seem to have been hacked . The hackers have stolen Sensitive information and also breached the payment and billings… Continue Reading

Using Burp suite to Brute force HTTP Basic Auth

Using Burp suite to Brute force HTTP Basic Auth The first question to obviously answer is what is HTTP Authentication? HTTP Basic authentication (BA) implementation is the simplest technique for enforcing access controls to web resources because it doesn’t require… Continue Reading

Using Your Raspberry Pi for Pentesting

Recently i gave a presentation at null meets Mumbai regarding Raspberry Pi a portable pentesting lab . Here is the Link have fun

Dlink DIR-600L Hardware Version AX Firmware Version 1.00 CSRF Vulnerability

I agree Vulnerabilities Come out just about randomly . I was out at a friends place since my internet was not working stumbled upon their Wifi router . and lol a vulnerable interface . Here is the POC :

Dlink DIR-615 Hardware vE4 Firmware v5.10 – CSRF Vulnerability

Recently my office had bought a DLink Wireless Router , I thought to myself why not try testing it 😛 So started browsing the web interface of the Router . and managed to find CSRF flaws not only for the… Continue Reading

Watson Management Console 4.11.2.G Directory Traversal Vulnerability

Browsing through exploit-db I recollect i had found a Flaw in Watson Management Console . Its a Network Monitoring Tool. I could Browse in to locate the Passwd file .

Trendchip HG520 ADSL2+ Wireless Modem CSRF Vulnerability

Finally another Whitepaper got Selected on Exploit-db talks are going on with the Trendchip people to get the flaw fixed . Here is the link to Exploit-db : Here

Walkthrough for De-ICE.net v2.0

I am glad to have completed the De-Ice challenge though i needed to take a few referenced , but hey it was a good start .