Threat Intelligence Using Honeypots Final Year Project 2   Recently updated !

  Threat Intelligence Using Honeypots Final Year Project Hey, As i am not updating my blog for sometime, i’m kinda busy in exams , final year project and what not. This post is about my final year project as BS computer sciences student. Initially I wanted to develop a vulnerable web app, like WebGoat and Mutillidae, but alot […]

Threat Intelligence Using Honeypots Final Year Project

Simple Python Fully Undetectable (FUD) Reverse Shell Backdoor

Simple Python Fully Undetectable (FUD) Reverse Shell Backdoor

  During Internal penetration testing, sometimes you get an environment, where Antiviruses are up to date , which means that, you cannot use “fancy” shells to get a reverse shell as they get detected. Metasploit is obviously not an option here, as most (if not all) metasploit exploits and tools are flagged by Antiviruses as […]


Cyber Security Myths Busted for National Cyber Security Awareness Month

singleHop contacted me to write a post about  Cyber Security Myths Busted for National Cyber Security Awareness Month, as this month october is National Cyber Security Awareness Month by HomeLand Security. National Cyber Security Awareness Month is designed to engage and educate public and private sector partners through events and initiatives with the goal of raising awareness […]

Cyber Security Myths Busted for National Cyber Security Awareness Month

How to Setup HTTPS on wordpress behind Cloudflare Proxy

Setup SSL on WordPress Behind Cloudflare Reverse Proxy 3

Setup SSL on WordPress Behind Cloudflare Reverse Proxy I usually don’t write “how to” stuff , but I struggled myself to get this working, so I thought yeah, lets write about Setup SSL on WordPress Behind Cloudflare Reverse Proxy, this might help some poor fella who is googling all day to get this right:P.  So […]


Flood.io AntiCSRF Token Bypass Vulnerability Writeup

Flood.io AntiCSRF Token Bypass Vulnerability Heyy00, sup homies, hows ya doin? xD.Flood.io AntiCSRF Token Bypass Vulnerability is related to a post a wrote couple of weeks back about CSRF Token Protection Bypass Methods. One of the vulnerabilities in AntiCSRF token mechanisms that I wrote was Token redundancy. Well, I don’t know if their is a name […]


Second Order SQL Injection

Second Order SQL Injection Explained with Example

Second Order SQL Injection Explained with Example   Introduction Second Order Sql injection occurs when user submitted values contain SQL injection attacks that are stored  in the database, instead of getting executed immediately. Which means that when user data is stored in database and later used by some other functionality of the application it doesn’t […]


List of Bug Bounties

List of Bug Bounties List of Bug Bounties ,  help yourself bug hunters , enjoy the feast     Hall Of Fame Only 123contactform 99designs Abacus 37signals Acquia ActiveCampaign Activeprospect Adobe Adapcare Aerofs Aerochive Agora Androidfreeapp.net Apple Atlassian Base CRM Beanstalk Bitcasa BitWall BlackBerry BrainTree Card Chargify Clojars CloudApp Constant Contact Di Martino Entertainment DigitalOcean […]

List of Bug Bounties

CSRF Token Protection Bypass Methods Edit

CSRF Token Protection Bypass Methods

CSRF Token Protection Bypass Methods Heya, as  web and websecurity is getting intense day by day , use of CSRF tokens are becoming a part of web security. Some time ago, use of CSRF token was enough for CSRF protection.Although, CSRF token protection can be bypassed using several  techniques. So This post briefly touches the CSRF […]


Polarssl Vulnerability Bug Bounty Write up

Polarssl Vulnerability Bug Bounty Write up Polarssl Vulnerability Bug Bounty Write up, So after like 6 months, I decided to get back in Bug Bounty game. I was kind of away from Pentesting / Bug hunting, because I was loosing interest. Anyway, now I am gonna hunt ;). So I googled list of bug bounties […]

Polarssl Bug Bounty Write up

Facebook HTML Injection Vulnerability Bug Bounty

Facebook HTML Injection Vulnerability Bug Bounty

Facebook HTML Injection Vulnerability Bug Bounty Hello everyone, Last year, i started getting into Bug Bounty game, My first target was facebook. Getting Facebook Hall of Fame was my wish, So i started pentesting  and after a week, found the vulnerability as the title says “Facebook HTML Injection Vulnerability Bug Bounty”. It was an HTML […]