The Biggest Vulnerability Ever Found on CPU.! – Meltdown & Spectre.

There are New Vulnerabilities named Spectre and Meltdown, which exploit critical vulnerabilities in modern processors have just been discovered by Expert Cyber Security researchers. These hardware bugs allow programs to steal data being processed on the computer. You can View the Documentation about these Spectre Documentation and Meltdown Documentation.   The Meltdown Vulnerability Meltdown breaks the most fundamental … Continue reading The Biggest Vulnerability Ever Found on CPU.! – Meltdown & Spectre.

Acknowledged by Wso2

I got acknowledged by Wso2 for reporting reflected XSS vulnerability After few days, the issue has been fixed and my name got published in the Wso2 Acknowledgments section. Link – https://docs.wso2.com/display/Security/Acknowledgmentshttps://secure.sony.net/hallofthanks   The hard work paid off. Thanks WSO2 security platforms team for the appreciation certificates and all the appreciation tokens. I guess the only local … Continue reading Acknowledged by Wso2

Basics of Burp Suite for identifying vulnerabilities and verifying attack vectors for web-based applications Part-1

DISCLAIMER  This tutorial is only for Educational purposes. Please don’t use these kind of attacks for unethical purposes. Burp or Burp Suite is an integrated platform for performing security testing of web applications. Information security professionals use Burp to identify vulnerabilities and verify attack vectors for web-based applications. The framework is written in Java and developed by PortSwigger Security. … Continue reading Basics of Burp Suite for identifying vulnerabilities and verifying attack vectors for web-based applications Part-1

Secure Apache with Let’s Encrypt Free SSL Certificate

Secure Apache with Let’s Encrypt Free SSL Certificate If you are looking SSL certification for your web server to ensure privacy in communication, Let’s encrypt is the best option you have and It’s a totally free, automated, and open Certificate Authority which facilitates you in acquiring free SSL/TLS certificates needed for secure web browsing and … Continue reading Secure Apache with Let’s Encrypt Free SSL Certificate

The Security Value of the robots.txt file

DISCLAIMER This tutorial is only for Educational purposes. Please don't use these kind of attacks for unethical purposes. The "robots.txt" file is one of the primary ways of telling a search engine where it can and can't go.This is called the robots exclusion protocol. The robots.txt file is read by search engine spiders.The first thing … Continue reading The Security Value of the robots.txt file

DoubleLocker Android Ransomware.

DoubleLocker Android Ransomware Encrypts Data And Changes PIN To Permanently Lock Your Phone. ESET’s security researchers have identified a new kind of ransomware, which infects Android devices by using a technique that so far was used by Trojans. It not only encrypts your mobile phone but also modified its PIN. The ransomware has been named DoubleLocker … Continue reading DoubleLocker Android Ransomware.

How I solve MD5 Games 1 – Hack Dat Kiwi 2017

Let's  see how the challenge code looks like. <?php $md5=$_GET['md5']; if($md5==md5($md5)){ echo "The correct value is ...."; }else{ echo "Wrong"; } I didn't remember the original code but it's very similar to this. $md5==md5($md5)  How is this posible? Thats the point. If you read read this Article you can see , $md5='0ebc12423'; // start with 0e if … Continue reading How I solve MD5 Games 1 – Hack Dat Kiwi 2017