Home

The screenshots in these photos have been intentionally edited to maintain the identity of the company and keep it confidential. Backstory Few days ago, i got a call from one of my relative who got to know about my work. They were very fascinated by it and wanted to get an assessment done for their hospital. We discussed multiple types of ass...

The target company has been informed multiple times about the vulnerability through various mediums, to which they have promptly replied with nothing. The only thing that’s left is to visit the physical office, but ehh, i am too lazy for that. But let’s not ruin a good story, right? Here’s how I hacked the salon next door. The Haircut After a ...

This is an ongoing effort to shut down people, evil people. I won’t really call it a typical investigation, but a simple effort to hack someone evil. Backstory Yesterday I received a forwarded SMS from one of my friends, the SMS asked the receiver to verify their WhatsApp account in 24 hours and if the user fails to do so, their account would ...

Hello Hackers, a few months back, one of my friends called me up and offered to prepare an introductory talk on AI security, given that I had no prior experience in it, I thought it’d be fun, because the last time I studied AI was in college, so I started digging right away. During this process of learning, I came across concepts like AI, ML, DL...

Hello hackers, I’m thrilled to announce that I recently passed the Burp Suite Certified Practitioner Exam by PortSwigger Labs, and it was nothing less than amazing. It’s kinda like OSCP, but for web application pentesting. Now, before you start throwing words at me about how can i compare the two, here are a few facts on basis of which i say tha...

Evil twins have always been an interesting topic to talk about, the name itself sounds so fascinating and evil :) The best part of evil twin attacks is that they are easy to pull off, we simply exploit the nature of how a client identifies WIFI networks and how easily a luring evil twin can get the client to give handshakes and credentials up. ...

Welcome back hackers ! It’s going to be 2024 in three months, I remember i wrote my last blog in 2021 and a lot has changed since then, due to some personal issues i wasn’t able to continue with the security field entirely, but now i am back, and here’s an “old , but interesting vulnerability”. Some people also consider TabNabbing as irrelevant...

LLMNR Poisoning LLMNR stands for link local multicast name resolution, which is simply a name resolution protocol used by windows in an active directory environment, LLMNR protocol is used when the DNS server fails to resolve a name, and as a result the computer sends a broadcast message to the entire network to resolve that name. The order of p...