Internet security: The cyber risk we can't afford to ignore
Why businesses and governments need a collective intelligence approach to security — Throughout the centuries, human history has been shaped by an endless cycle of conflicts and wars. But in today's world, we are not only fighting with swords and shields, we are also fighting…
Continue reading
Facebook bug: A Journey from Code Execution to S3 Data Leak
A Tale of Two Threats: OS Command Injection and Data Leak in Meta’s (formerly Facebook) Careers Platform — Hello, World! ❤️ It was a beautiful weekend evening in April last year, I was exploring the Facebook Careers Platform and came across an interesting security issue…
Continue reading
Remote Command Execution in a Bank Server
A detailed article on how I exploited Remote Command Execution (RCE) with the help of the Vulnerability Chain. Hello, World! ❤️ Welcome to my blog post. In this blog post, I will explain in depth how I exploited RCE in a highly reputed non-Indian banking website with the help of…
Continue reading
Simple story of some complicated XSS on Facebook
How did I found multiple reflected cross-site scripting (rXSS) vulnerabilities on Facebook — Hello, World! ❤️ Welcome to my another blog post. I hope you all are doing well and safe. This post is about the reflected cross-site scripting (rXSS) vulnerabilities I found on Facebook…
Continue reading
SSRF vulnerability in Facebook production server - Exploit Details
Detailed story on how did we discovered Server-Side Request Forgery in a Facebook production server and leaked some internal data — Hello World ❤️, Facebook is the largest social networking site in the world and one of the most widely used. I have always been interested in testing…
Continue reading