In this blog, I will demonstrate how easily anyone can crack online test/quiz software if it is poorly developed. Hello, World! ❤️ I hope everyone is well and safe at home. Due to the recent spike of COVID-19 in China and some other countries, many educational institutions are again planning…

A detailed article on how I exploited Remote Command Execution (RCE) with the help of the Vulnerability Chain. Hello, World! ❤️ Welcome to my blog post. In this blog post, I will explain in depth how I exploited RCE in a highly reputed non-Indian banking website with the help of…

How did I found multiple reflected cross-site scripting (rXSS) vulnerabilities on Facebook — Hello, World! ❤️ Welcome to my another blog post. I hope you all are doing well and safe. This post is about the reflected cross-site scripting (rXSS) vulnerabilities I found on Facebook. I suggest you read my previous article before reading this one, which is how I found several SSRFs…

How did I found SSRF in Facebook — the story of my first bug bounty — Hello World ❤️, Facebook is the largest social networking site in the world and one of the most widely used. I have always been interested in testing the security of Facebook. During the sub domain enumeration, I’ve got a sub domain which is “https://m-nexus.thefacebook.com/". It redirects me to “https://m-nexus.thefacebook.com/servlet/mstrWebAdmin" …