PinnedCrisdeo Nuel SiahaaninInfoSec Write-upsBounty of an Insecure WebView (Part 1): XSS, but with SteroidsWe all love our mobile apps, right? They make life easier, more fun, and keep us connected. But, did you know there’s a secret weapon…7 min read·Sep 28, 2023--1--1
PinnedCrisdeo Nuel SiahaaninInfoSec Write-upsHow I Leak Other’s Access Token by Exploiting Evil Deeplink FlawWe’ll discuss the topic of Deeplink x WebView vulnerability I recently found and how it can lead to an access token stealing.8 min read·Mar 13, 2023--2--2
PinnedCrisdeo Nuel SiahaaninInfoSec Write-upsHow I Was Able to Takeover User Accounts via CSRF on an E-Commerce WebsiteWe’ll discuss the topic of cross-site request forgery (CSRF) vulnerabilities and how it can lead to a one-click account take5 min read·Feb 5, 2023--2--2
PinnedCrisdeo Nuel SiahaanBinary Patching with IDA Pro (part 1)Hey Folks! I made this article as a tutorial on how to do a simple patching of a program using the Ida Pro disassembler software. This…6 min read·Oct 7, 2022----