This post outlines my experience with markdown & how its integrated in my workflow. This is specially useful if you are starting with markdown and / or want to see how others use markdown. For someone who doesn’t know what’s markdown this could be a simpler path to get the right direction.
This post is about a vulnerability disclosure around DOM XSS which as forgotten somewhere during the process and i encountered it recently and then went on my way to get it fixed. This post outlines various learnings and observations i made during this effort.
This post discusses WordPress Comment XSS affecting version 4.2 or below. I have outlined the internal working of this specific XSS.
This post outlines my new tool which allows users to clone entire set of public repositories of a specific user or organization. This can also be used to create a backup of all repositories.
This post outlines my experiments when i found a .git folder was publicly exposed during one of the pentests and realized all known methods and articles were not helping.
While experimenting with WordPress i was tasked with a situation where i am suppose to present some static text content on the website. However uploading a text file was out of question and the author wanted to keep everything controlled inside WordPress.
Many a times web application pen-testers are encountered with the presence of .svn folders. For those not aware .svn folder is used by SVN version control system to perform its operations. For a blackbox pentester this folder contains huge amount of information.