Introduction: Hello Reviewers, and fellow hackers. Greetings ! I know, you are here to read the write-ups for the Hackerone CTF (h1-702) which is an online jeopardy CTF conducted by the amazing team of Hackerone. If you are a ethical hacker and have not used Hackerone platform for Bug Bounty yet, do check them out. Many… Read More H1-702 CTF Writeups
Hello, I came across “Billy Madison 1.1” which is a Boot2Pwn Vulnerable system . Billy Madison name looks bit familiar as it is actually a name of the Comedy Movie which was released in 1995, I assumed that the plot of the Vulnerable system might be on it. This was a indeed super cool Challenge… Read More Billy Madison: 1.1 Walkthrough
Hello Friends, Welcome back, This time i would be talking about a Bug which i found in Apple’s acquisition Beats by Dr dre. It was 2015 and i was trying to fiddle with Apple related Web applications and found Beats by Dr. Dre website. In this article, i would like to emphasis on the CSRF… Read More How i Hacked your Beats account ? Apple Bug Bounty
Hello, It’s Aaditya Purani, today i will talk you about one of my Creation The Peace Bot (@MrPeaceBot) Motivation: Hatred is everywhere from Real Life to Social Media. There is Communalism and Racism in this World. Moreover. This developed an Idea into me, an Idea which turned into The Peace Bot Who Is The… Read More Mr PeaceBot : The Bot created by Aaditya Purani #ThePeaceBot
Hey there, 29th January 2016, was a Special Day to Me. My First Ever Article got Published in World’s Top IT Security Magazine “Hakin9” in their Volume 11 and No. 02 Edition . The Theme of this Month Magazine was about “Web Application Security” which is one of my Strong Area of Research. Hakin9 is… Read More My Article in Hakin9 Magazine
Hello, I am Aaditya Purani, and before a month i found out a Persistant XSS issue on Intel, but Intel has some different Responsible policy, they don’t allow Researchers to do pen-testing without their permission else they might take actions. So i contacted them and ask for permission which they agreed and in few days… Read More Acknowledged by Intel (Certificate)
Hello, I am Aaditya Purani, i reported 2 Critical Bugs to Hosting24 One after the other. I didn’t got any bounty nor swag as they were not running any Responsible Disclosure program but their CEO publically Thanked me and responded me. I wasn’t much satisfied with the team because all three bugs were dangerous, so… Read More Acknowledged By Hosting24
Hello, I am writing a post after a long time, because a company who stands within Alexa Rank 100 asked me how to patch site from Click- Jacking Vulnerability. I am really enthusiast in Server Side flaws which results to affect Users. I almost never look for Click-Jacking in my Bug-Hunt (1% of my total… Read More Protecting your Site From Click Jacking
Hello, Just Got Listed in Email laundry Hall of fame for reporting valid security issues and helping them to patch in time. A place in their prestigious security hall of fame was given as a token of Appreciation. Hall of Fame: http://www.theemaillaundry.com/responsible-disclosure/
One of the most amazing security encounter i faced in my throughout career was of the Hall of Fame by Get Pocket. A quite unexpected Hall Of Fame. I usually wrote less about bug story and more about vulnerabilities in my previous posts. But today, i am going to explain a case about how i… Read More Acknowledged by Pocket ( Hall Of Fame)
