Exploiting Session Fixation via Stored XSS and Cookie Jar Overflow AttackAs a Pentester, I know that sometimes finding a vulnerability isn’t enough you also need to demonstrate the real impact to get it taken…Oct 181Oct 181
Bypass SSL Pinning on Flutter iOS App Using Frida and OpenVPNFlutter is an open-source mobile app development framework created by Google, that enables developers to create natively compiled…Mar 2, 2023Mar 2, 2023
Blind XSS To SSRFDuring bug hunting in a private bug bounty program, I came across a feature within the application that allowed for the generation of PDF…Jan 29, 20231Jan 29, 20231
Bypassing account lockout through password reset functionalityDuring a recent penetration testing engagement, I discovered a vulnerability in the login page of a web application. Specifically, I found…Jan 28, 2023Jan 28, 2023
Reflected Cross-site scripting in Triconsole Datepicker Calendar (CVE-2021–27330)Risk: MediumApr 10, 2021Apr 10, 2021
2 Factor Authentication Bypass on AppceleratorWeakness:Web Parameter TamperingOct 13, 2017Oct 13, 2017