Google Chrome, Firefox Address Bar Spoofing Vulnerability 9:04 AM Introduction Google security team themselves state that " We recognize that the address bar is the only reliable security ind...
Detecting Cross Site Scripting XSS Vulnerabilities With Fiddler 9:00 AM For those of you who have either subscribed to my Facebook profile or RHA's Facebook fan page , you might know that i have bee...
PayPal Pays Me A Total Bounty Of 10,000 For The Command Execution Bug 9:00 AM Recently, I wrote about the command execution vulnerability i found in Paypal for which they sent me an initial payme...
Paypal Mobile Verification And Payment Restrictions Bypass 8:53 AM In this post, i would like to share a very simple logic flaw I found earlier this year I have found a way to circumvent mobile verificat...
Android Browser All Versions - Address Bar Spoofing Vulnerability - CVE-2015-3830 8:50 AM Introduction Google security team themselves state that "We recognize that the address bar is the only reliable security indica...
Sucuri WAF XSS Filter Bypass 8:50 AM Introduction Sucuri Cloud Proxy is a very well known WAF capable of preventing DOS, SQL Injection, XSS and malware detection and preve...
Android Browser Kitkat Content Spoofing Vulnerability 8:49 AM The following is a low risk vulnerability that was found few months ago while testing the latest Android Stock browser on Android Kitk...
Bad Meets evil - PHP meets Regular Expressions 8:48 AM twi This article would briefly discuss the reason why Regular Expressions might not be suitable for filtersand how things could turn mis...
Common Attacks Against Modems 8:48 AM 0x01: Introduction to Modems The term DSL modem is technically used to describe "a modem which connects to a single computer, t...
A Tale Of Another SOP Bypass In Android Browser < 4.4 8:44 AM Since, my recent android SOP bypass [CVE-2014-6041] triggered a lot of eruption among the infosec community, I was motivated to resea...
Android Browser Same Origin Policy Bypass < 4.4 - CVE-2014-6041 8:43 AM Introduction Same Origin Policy (SOP) is one of the most important security mechanisms that are applied in modern browsers, the basic ...
Android Browser + Messaging App DOS 8:42 AM While being impressed by Collin Mulliner's research on smart phones, I found myself very curious trying to find vulnerabilities ins...
Puffin Web Browser Pop Up Recursion Vulnerability - DOS 8:42 AM During my recent security research on " Puffin Web Browser " I found several security bugs with " Puffin Web Browser ...
Puffin Web Browser Address Bar Spoofing Vulnerability 8:41 AM During my recent research on Mobile browsers i have managed to find couple of interesting vulnerabilities such as SOP bypass, Denial of...
Nokia Asha Series Lock Screen Bypass 8:41 AM There have been a lot of lock screen bypasses lately in almost every mobile deice such as iPhone, Samsung galaxy, HTC etc and if you ob...
DOM XSS Explained 8:37 AM Cross Site scripting (XSS) has been a problem for well over a decade now, XSS just like other well known security issues such a...
A Tale Of A DOM Based XSS In Paypal 8:36 AM Introduction We have already disclosed lots of findings related to DOM Based XSS and this article talks about a pretty interesting ...
Introduction To SQLmap And Firewall Bypassing 8:35 AM ABSTRACT Most cyber-attacks in the world that involve websites occurs due to lack of updates and the failure to validate the user ...
Code Igniter XSS Filter Multiple Bypasses 8:33 AM Recently we released our " XSS Filter Evasion Cheat Sheet ", i was quite surprised to hear the community feedback. The total d...
Understanding This Technique Called MySQL Injection 8:32 AM ABSTRACT It is known that computers and software are developed and designed by humans, human error is a reflection of a mental response...