Blind time-based sqli is more difficult to find and can be esaily ignored by the scanners like sqlmap. This post covers the importance of manual testing and code review.
I had the incredible honor of speaking at the first-ever BlueHat India event, held in Hyderabad. This landmark conference brought together a diverse group of cybersecurity professionals, researchers, and enthusiasts from around the globe. The energy and enthusiasm at the event were palpable, and it was a privilege to be a part of such a vibrant conference. My presentation focused on business…
Introduction:In the world of data analytics and log management, Elasticsearch and Kibana stand out as powerful tools for indexing, searching, and visualizing large volumes of data. In this tutorial, we'll walk through the process of setting up Elasticsearch and Kibana on an EC2 instance, enabling you to harness the full potential of these tools for your projects. Prerequisites:Before we dive into the…
Hello, Everyone! I trust you had a fantastic time at Winja CTF 2023 - Goa Edition. I hope you found the challenges intriguing. In this blog post, I will be sharing the solutions to the challenges I built. Faulty Portal This was a web challenge that's based on collibra. Collibra is a software company that specializes in data governance and cataloging solutions.…
Read about an interesting scenario of IDOR that allowed to me view private user information and also delete publicly available list.
Hey everyone! This blog post covers writeups of the challenges that were created by me as part of WinjaCTF 2021. WinjaCTF is an initiative by Nullcon and it organises CTF annually. Read about my experience at first nullcon here The challenges created by me were : pieceofpie, junk, art gallery, find me, binarybits, Redeem me. I will be giving a detailed writeup…