Cracking eWPTX!! – My Review

Hi all, It’s been two months without any update in the blog. Uff!! Job, personal projects, eWPTX, all ate up my time. Because of many requests from my friends, well-wishers I am writing this post to share my journey in

Read More

Cross Site Scripting (XSS) beyond ‘alert()’ – Part 1

Cross Site Scripting (XSS) is one of the most found vulnerabilities in websites. Attackers use such vulnerable websites to inject scripts into user’s browser context to perform malicious activities such as cookie grabbing, phishing etc. This post is an attempt

Read More

NodeJS eval() Security Issues

All programming languages have certain dangerous functions to which when a client-side input is directly passed without proper sanitization present a very serious security threat. For example: open() in Perl, subprocess.call() in Python. One such dangerous function is eval() in

Read More

Vulnhub CTF USV – 2017 Writeup

 

This is a walkthrough of Vulnhub machine ‘USV:2017 released on Dec 17th, 2017 by Suceava University. I imported the virtual machine in Virtual Box in Bridged mode. The machine has five flags  with reference to country names that

Read More

Vulnhub Cyberry – 1 Writeup

This is a walkthrough of Vulnhub machine ‘Cyberry-1 released on Dec 9th, 2017. Credits to Cyberry for releasing this challenging and nightmare VM. I imported the virtual machine in VMware Player in Bridged mode itself. It is Boot2Root Machine,

Read More

Cracking OSCP!!

Hello reader,
Thanks for visiting here and it feels good to share my journey towards being OSCP certified.

I will write my OSCP adventure based on the questions  I have received when I shared my OSCP result mail with others.

Read More