OWASP Kathmandu Secret Badge CTF
On September 3rd, 2022, We organized the very first meetup of OWASP Kathmandu local chapter. Our(I and Corrupted_brain) minds were bursting with hundreds of ideas to make the event interesting…
Taking over the Medium subdomain using Medium
Medium is a blog hosting platform where a user can write their ideas and share them with a mass number of people. The great thing about medium is “Simplicity” everything…
Passing AWS Cloud Security Specialty.
I have always wondered what it takes to secure the AWS cloud from the next day of passing the Azure Security Engineer Associate exam. The purpose behind both exams is…
The Organization, Vendor & Application Security
During the Vulnerability Assessment Penetration Testing(VAPT) assessment of an organization’s assets, I encountered an interesting issue that led to flaws observed in all the projects accomplished by the Vendor/Development agency….
Cybersecurity in healthcare
Healthcare is one of the most sensitive and essential industries around the globe. As a result, information systems in healthcare are often targeted by cybercriminals. It is a large industry…
Flywheel Subdomain Takeover
Flywheel is managed WordPress hosting built for designers and creative agencies to build, scale, and manage hundreds of WordPress sites with ease. One can set up a WordPress site in less…
Check Path Traversal over again.
Path traversal attack is one of the OWASP top ten issues widely found in web applications which occurs due to improper handling of user input. Learn more about path traversal…
POST based Open Redirect to R-XSS
Hope you guys are fine in this hard time, I am glad to share something which I have recently discovered and it’s about escalating Informational issue to Medium severity. i.e…
Subdomain takeover via dangling Ngrok DNS record.
Hope you guys are doing well since it’s been a long I haven’t shared anything because of some personal issues and stuff, even though it ain’t much of research, just…
CEH Practical Walkthrough
CEH Practical is a 6 hours lab-based practical exam that includes a set of challenges with Web, Host, Forensic, and Network. The exam took place in iLabs, where we are…