Holiday Hunting With Aquatone
This blog is about my findings while on a workcation to Goa with my hacker friends.
Second Order XXE Exploitation
A writeup about my finding on Synack that was an XXE that allowed me to read local files stored on the web server.
NoSQL Injection in Plain Sight
A writeup about a recent NoSQL injection I found in Synack Red Team
Path Traversal Paradise
A writeup about the path traversals that I found in Synack Red Team
120 Days of High Frequency Hunting
A writeup about my journey to find 120 bugs in 120 days