PinnedPublished inInfoSec Write-upsBounty of an Insecure WebView (Part 1): XSS, but with SteroidsWe all love our mobile apps, right? They make life easier, more fun, and keep us connected. But, did you know there’s a secret weapon…Sep 28, 20232Sep 28, 20232
PinnedPublished inInfoSec Write-upsHow I Leak Other’s Access Token by Exploiting Evil Deeplink FlawWe’ll discuss the topic of Deeplink x WebView vulnerability I recently found and how it can lead to an access token stealing.Mar 13, 20232Mar 13, 20232
PinnedPublished inInfoSec Write-upsHow I Was Able to Takeover User Accounts via CSRF on an E-Commerce WebsiteWe’ll discuss the topic of cross-site request forgery (CSRF) vulnerabilities and how it can lead to a one-click account takeFeb 5, 20232Feb 5, 20232
PinnedBinary Patching with IDA Pro (part 1)Hey Folks! I made this article as a tutorial on how to do a simple patching of a program using the Ida Pro disassembler software. This…Oct 7, 2022Oct 7, 2022
