Recently, I wrote about the  command execution vulnerability  i found in Paypal for which they sent me an initial payme...

Update  - The challenge is still up on hack.me -   https://hack.me/101575/bypass-blacklist-based-waf-challenge.html On 7th January 201...

In this post, i would like to share a very simple logic flaw I found earlier this year I have found a way to circumvent mobile verificat...

Introduction Sucuri Cloud Proxy  is a very well known WAF capable of preventing DOS, SQL Injection, XSS and malware detection and preve...

During my recent research on Mobile browsers i have managed to find couple of interesting vulnerabilities such as SOP bypass, Denial of...

         Cross Site scripting (XSS) has been a problem for well over a decade now, XSS just like other well known security issues such a...

When it comes to Information Security, there's a great way to learn, train and keep sharp your skills. This can be done using gamific...

Introduction  We have already disclosed lots of findings related to DOM Based XSS and this article talks about a pretty interesting ...

ABSTRACT It is known that computers and software are developed and designed by humans, human error is a reflection of a mental response...

Recently, I have been on a mission to find XSS in popular security training websites, Since these are the ones who care about their secu...

            Lately, i have been researching on DOM based XSS a bit, In my previous post i talked about the  DOM based XSS i found inside A...