Category: penetration-testing

Black Hat USA 2019: Top Mobile AppSec Talks
Android, Black Hat USA 2019

Black Hat USA 2019: Top Mobile AppSec Talks

Black Hat USA 2019: Top Mobile AppSec Talks The NowSecure team is gearing up for an incredible week at Black Hat USA 2019 in Las ... Read More

What do Netcat, SMTP and self XSS have in common? Stored XSS
bug-bounty, BugBountywriteup

What do Netcat, SMTP and self XSS have in common? Stored XSS

If you are reading this you are probably wondering what is this? is this some kind of a joke? The answer is No, and it ... Read More

Wrong Swipe, Tinder!
bug-bounty, BugBountywriteup

Wrong Swipe, Tinder!

Note: The following article was published on 16/07/2019 on https://FogMarks.comToday’s case-study does not involve any vulnerability at all.Yes — you heard me. No XSSes, no open redirects, ... Read More

How to get started in CyberSecurity? Part – 1
BugBountywriteup, computer-security

How to get started in CyberSecurity? Part – 1

Few days back I surpassed 1k followers on medium & I thought to address the most common question that I get from people. “How to ... Read More

1-Click Account Takeover in Virgool.io — a Nice Case Study
bug-bounty, BugBountywriteup

1-Click Account Takeover in Virgool.io — a Nice Case Study

1-Click Account Takeover in Virgool.io — a Nice Case StudyHello, Virgool is a light, Iranian version of meduim.com, recently I found 1-click account takeover vulnerability in their product.Virgool gives ... Read More

Think Twice Before Adopting Security By Obscurity in Kotlin Android Apps
Android, Kotlin

Think Twice Before Adopting Security By Obscurity in Kotlin Android Apps

Think Twice Before Adopting Security By Obscurity in Kotlin Android Apps My mission as a mobile security researcher at NowSecure and during my doctorate days ... Read More

Zoom Zero Day: 4+ Million Webcams & maybe an RCE? Just get them to visit your website!
BugBountywriteup, cybersecurity

Zoom Zero Day: 4+ Million Webcams & maybe an RCE? Just get them to visit your website!

A vulnerability in the Mac Zoom Client allows any malicious website to enable your camera without your permission. The flaw potentially exposes up to 750,000 ... Read More

How to hack any Payment Gateway?
BugBountywriteup, burpsuite

How to hack any Payment Gateway?

Buying free stuff online ain’t that the dream of today’s generation. I know that cause I am that person who buys everything online, every single ... Read More

Using Shodan Better Way!
BugBountywriteup, penetration-testing

Using Shodan Better Way!

Using Shodan Better Way! :)Hello Everyone!I hope you all are having a good time scoring huge bounties ;) and not to mention that it does motivate me ... Read More