Hello Guys, this blog post is to share my experience about my recent talk on “CVE in 5mins” at Null Bhopal. In this talk, I have tried to break the myth associated with CVE. I used to wonder how to get a CVE? There is always a “WoW” factory associated with it. In this blog, I am going to explain how easy it is to get CVE and get it registered under your name. This blog is based on my personal experience. One day while surfing Twitter, I saw a post on someone posting about a CVE they received. I started looking for a product where I could try hunting Read More
Hello Guys, here is my first blog. This blog will be a part of series where if any interesting vulnerabilities have been found, will be added to this list. In this blog poat I have shared my views on one of my recent findings – Server Side Template Injection. This was something different than other blog posts on the internet. In this methodology I’ve specified a way to exploit SSTI where traditional methods of exploitation failed. Please make sure you read till the end to understand the working of this methodology and make sure to subscribe to my blog.