A bug worth 1.75Lacs — AWS SSRF to RCEHow I escalated well known AWS SSRF to perform Remote Code Execution (RCE) in one of the India’s growing startups.Oct 27, 20224Oct 27, 20224
A misconfigured Apache Airflow to AWS Account CompromiseThis is about how I was able to exploit a security misconfig of Apache Airflow and escalated it to access sensitive pages & credentials!Feb 2, 2022Feb 2, 2022
Shift Left with AWS Codepipleine — Scanning every single code changeIn the agile world, where continuous iteration of development and testing happens throughout the SDLC (software development lifecycle)…May 18, 2021May 18, 2021
OTP Bypass Account Takeover to Admin Panel — Ft. Header InjectionIt looks like this year has great promises at least the starting is good. Already 3 bug bounty in the pipeline(just showing off:P) and…Jan 27, 20211Jan 27, 20211
Tale of 3 vulnerabilities to account takeoverThe whole writeup in 1 liner, I bypassed the rate limiting by bypassing cloudflare by reaching to orgin sever IP via SSRF xmlrpc.php…Nov 17, 20201Nov 17, 20201
Securing Container using Threat Modelling— STRIDEThe increased adoption of containers has given rise to a wide range of potential threats to microservices apps that run in containers. If…Oct 7, 2020Oct 7, 2020
Published inLambda by BlinkitHow Continuous Github Code Hacking Keeps Grofers SecureSecurity shouldn’t be treated as an after-thought.Jul 29, 2020Jul 29, 2020
Phone Number Privacy? We don’t do that here: Google Hangout CallGoogle Hangout Calls and Exposing Phone NumbersMay 28, 20201May 28, 20201
Docker Registries and their secretsNever leave your docker registry publicly exposed! Recently, I have been exploring dockers a lot in search of misconfigurations that…Apr 9, 2020Apr 9, 2020
Hacking ‘Docker’, the Shodan way!Never leave your docker host publicly exposed!Jan 10, 20201Jan 10, 20201
