Introduction Google security team themselves  state that  " We recognize that the address bar is the only reliable security ind...

For those of you who have either subscribed to my  Facebook profile   or  RHA's Facebook fan page , you might know that i have bee...

                   Recently, I wrote about the  command execution vulnerability  i found in Paypal for which they sent me an initial payme...

In this post, i would like to share a very simple logic flaw I found earlier this year I have found a way to circumvent mobile verificat...

Introduction Google security team themselves  state that  "We recognize that the address bar is the only reliable security indica...

Introduction Sucuri Cloud Proxy  is a very well known WAF capable of preventing DOS, SQL Injection, XSS and malware detection and preve...

The following is a low risk vulnerability that was found few months ago while testing the latest Android Stock browser on Android Kitk...

twi This article would briefly discuss the reason why Regular Expressions might not be suitable for filtersand how things could turn mis...

0x01: Introduction to Modems The term DSL modem is technically used to describe "a modem which connects to a single computer, t...

Since, my recent  android SOP bypass [CVE-2014-6041]  triggered a lot of eruption among the infosec community, I was motivated to resea...

Introduction Same Origin Policy (SOP) is one of the most important security mechanisms that are applied in modern browsers, the basic ...

While being impressed by  Collin Mulliner's research on smart phones, I found myself very curious trying to find vulnerabilities ins...

During my recent security research on " Puffin Web Browser " I found several security bugs with " Puffin Web Browser &quo...

During my recent research on Mobile browsers i have managed to find couple of interesting vulnerabilities such as SOP bypass, Denial of...

There have been a lot of lock screen bypasses lately in almost every mobile deice such as iPhone, Samsung galaxy, HTC etc and if you ob...

         Cross Site scripting (XSS) has been a problem for well over a decade now, XSS just like other well known security issues such a...

Introduction  We have already disclosed lots of findings related to DOM Based XSS and this article talks about a pretty interesting ...

ABSTRACT Most cyber-attacks in the world that involve websites occurs due to lack of updates and the failure to validate the user ...

Recently we released our " XSS Filter Evasion Cheat Sheet ", i was quite surprised to hear the community feedback. The total d...

ABSTRACT It is known that computers and software are developed and designed by humans, human error is a reflection of a mental response...