Uranium238s – Medium

Uranium238s

Uranium238s

Getting a RCE — CTF Way

Recently I was invited to a private program of a company. As a fresh start, I decided to look around and see what I could find. This…

Dec 5, 2017

Dec 5, 2017

Uranium238s

Developer Luminate IDOR

Continuing on my work in Yahoo’s bug bounty program, another app i tested was: Luminate Developer app. In this application, I can create…

Aug 30, 2017

Aug 30, 2017

Uranium238s

Luminate Store Basics defacement and potential takeover

This vulnerability was found when testing the Stores Basic service of Luminate. In this service, we can create a store from where we can…

Aug 30, 2017

Luminate Store Basics defacement and potential takeover

Aug 30, 2017

Uranium238s

Hack more, learn more, earn more and get invited more.

This blog is not a writeup for a bug but instead is something that all hackers should know when they are reporting a bug. All platform like…

Aug 27, 2017

Aug 27, 2017

Uranium238s

The ultimate solve of the “easiest” CTF

Starting time:

Aug 13, 2017

The ultimate solve of the “easiest” CTF

Aug 13, 2017

Uranium238s

Privacy issue of FB employees

Sometimes while testing or just using an application, being aware of the environment that you are in is actually helpful. On the day of…

Jul 31, 2017

Privacy issue of FB employees

Jul 31, 2017

Uranium238s

LevelUp-online security conference

First, I want to make things clear: I do not own property to any image or content that is in this blog. This is the property of Bugcrowd…

Jul 13, 2017

LevelUp-online security conference

Jul 13, 2017

Uranium238s

Content type mishap allowing any file upload in cabana.yahoo.com

While doing a security research on Yahoo Inc. systems, I decided to analyze its iOS apps and see how they were handled. Yahoo in general…

Jul 12, 2017

Content type mishap allowing any file upload in cabana.yahoo.com

Jul 12, 2017

Uranium238s
in
WebSec CTF

WebSec Nepal Official Results

This week from June 7, 2017 to June 8, 2017 a 24 hour CTF was conducted by WebSec CTF for Nepali hackers. Our goal was to train them and…

Jul 8, 2017

WebSec Nepal Official Results

Jul 8, 2017

Uranium238s

Organizing a local CTF — my 2 cents

CTF or also known as Capture the Flag competition in my opinion help security professionals or people interested in the field to challenge…

Jul 3, 2017

Jul 3, 2017

Uranium238s

Uranium238s

Security Researcher @ Hacker0x01. I like to help the society be safe and better. https://twitter.com/uraniumhacker

Following

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams