DigitalOcean VPS Review 7 months 2

In Late 2013, I decided to start blogging, for that I had to buy a VPS. VPS because, it gives complete control over the server, its more secure then shared hosting. For VPS, I was looking for Price , SSD , and Good Support. Found DigitalOcean that had all of these, So this is my […]

di

cloudflare

CloudFlare Bug Bounty 2

Got Cloudflare Bug Bounty Reward for reporting Web Application Vulnerability in cloudflare core , that effected all cloudflare based websites. I reported That vulnerability in late 2013, but at that time, Cloudlare didn’t have Bug Bounty Program. They thanked me with an email, later on, when they started bug bounty program, they contacted me for […]


Column Truncation SQL Injection Vulnerability 2

  Some time back I was in NotSoSecure CTF www.notsosecure.com/blog/2014/04/21/sqlilab-ctf-wrap-up/ competition, challenge was to use SQL injection(any kind) for obtaining 2 flags, to capture one flag, users were required to register as an admin. The application was vulnerable to column truncation sql injection vulnerability. column truncation sql injection vulnerability is a very interesting vulnerability, its actually […]

Column Truncation SQL injection

name1

Persistent Cross Site Scripting in Name.com 2

Name.com is well known Domain Registrar, Hosting company, some time back they introduced a new product Website Builder. As the name says, it allows users to build websites quickly and easily. I saw their facebook post about website builder. I instantly thought, hmm new product, must be buggy . As the product is paid but has […]


Microsoft Hall Of Fame For Reporting Vulnerabilities in Nokia 2

                              Back in august 2013, i did penetration testing of Nokia Websites, in my 1 week of penetration testing  i found various vulnerabilities(details are below), during pentest , i found that the third party tools that nokia is been using are more […]

n1