Blog
Get to know our security research through our blog. Insights on penetration testing, the latest security issues, security best practices, reverse engineering and much more.
Inside the Router: How I Accessed Industrial Routers and Reported the Flaws
Router Vulnerability Hunt, From Google Dorks to Firmware Emulation - The Full Story - Hello, World! ❤️ Today, I have an exciting story about how I exposed admin passwords and gained access to thousands of 3G/4G/5G Industrial Cellular Routers with the help of some old-school vulnerabilities...
Continue readingInternet security: The cyber risk we can't afford to ignore
Why businesses and governments need a collective intelligence approach to security — Throughout the centuries, human history has been shaped by an endless cycle of conflicts and wars. But in today's world, we are not only fighting with swords and shields, we are also fighting…
Continue readingFacebook bug: A Journey from Code Execution to S3 Data Leak
A Tale of Two Threats: OS Command Injection and Data Leak in Meta’s (formerly Facebook) Careers Platform — Hello, World! ❤️ It was a beautiful weekend evening in April last year, I was exploring the Facebook Careers Platform and came across an interesting security issue…
Continue readingRemote Command Execution in a Bank Server
A detailed article on how I exploited Remote Command Execution (RCE) with the help of the Vulnerability Chain. Hello, World! ❤️ Welcome to my blog post. In this blog post, I will explain in depth how I exploited RCE in a highly reputed non-Indian banking website with the help of…
Continue readingSimple story of some complicated XSS on Facebook
How did I found multiple reflected cross-site scripting (rXSS) vulnerabilities on Facebook — Hello, World! ❤️ Welcome to my another blog post. I hope you all are doing well and safe. This post is about the reflected cross-site scripting (rXSS) vulnerabilities I found on Facebook…
Continue readingSSRF vulnerability in Facebook production server - Exploit Details
Detailed story on how did we discovered Server-Side Request Forgery in a Facebook production server and leaked some internal data — Hello World ❤️, Facebook is the largest social networking site in the world and one of the most widely used. I have always been interested in testing…
Continue reading