Uncategorized

The informative findings: What Not to Submit on Bug Bounty Platforms

Bug bounty programs have revolutionized the world of cybersecurity, enabling organizations to tap into the collective expertise of security researchers worldwide. As security researchers diligently identify and report vulnerabilities, they eagerly await the outcomes of their submissions. While many reports receive the coveted “resolved” status or a generous bounty, some find themselves closed out as “informative.” In this blog, we will explore…

0 Comments

September 16, 2024

Uncategorized

How I got straight 15 blind time-based sqlis in WordPress plugins

Blind time-based sqli is more difficult to find and can be esaily ignored by the scanners like sqlmap. This post covers the importance of manual testing and code review.

0 Comments

September 5, 2024

Uncategorized

Bluehat India 2024 – Slide deck – The lesser known business logic flaws

I had the incredible honor of speaking at the first-ever BlueHat India event, held in Hyderabad. This landmark conference brought together a diverse group of cybersecurity professionals, researchers, and enthusiasts from around the globe. The energy and enthusiasm at the event were palpable, and it was a privilege to be a part of such a vibrant conference. My presentation focused on business…

1 Comment

May 22, 2024

Uncategorized

Setting Up Elasticsearch and Kibana on EC2: A Step-by-Step Guide

Introduction:In the world of data analytics and log management, Elasticsearch and Kibana stand out as powerful tools for indexing, searching, and visualizing large volumes of data. In this tutorial, we'll walk through the process of setting up Elasticsearch and Kibana on an EC2 instance, enabling you to harness the full potential of these tools for your projects. Prerequisites:Before we dive into the…

0 Comments

March 19, 2024