Open in app

Sign In

Write

Sign In

Pravinrp
Pravinrp

740 Followers

Home

About

Published in OSCP Cheatsheet

·Pinned

OSCP preparation-Easy

I would like to share whatever I have learned during the OSCP course so that others also will get the benefit. Because I have gained the knowledge through many interesting blogs and I too would like to pass on the experience to others. The difference in this blog is that…

Hacking

4 min read

OSCP Cheatsheet
OSCP Cheatsheet
Hacking

4 min read


Oct 25, 2021

AppSec-Code Review & Python automation-story-2

This is the sequel of python automation which I had posted earlier. In last blog, I had explained about how to install bodge open-source application and perform source code review.Please go though my previous blog to follow this up. AppSec-Code Review & Python automation-story-1 It has been long since I have posted in medium. I have been with my masters in cyber security all these days. However…pravinponnusamy.medium.com

Python

2 min read

AppSec-Code Review & Python automation-story-2
AppSec-Code Review & Python automation-story-2
Python

2 min read


Oct 22, 2021

AppSec-Code Review & Python automation-story-1

It has been long since I have posted in medium. I have been with my masters in cyber security all these days. However, I managed to come up new series of application security skill enhancer. I would love to bring on secure code review and python security automation. As part…

Python Automation

4 min read

AppSec-Code Review & Python automation-story-1
AppSec-Code Review & Python automation-story-1
Python Automation

4 min read


Mar 10, 2021

Web application Security-Password reset test scenarios

This is going to be a series of blogs in web application security test scenarios and this is one of them. As we all know, web applications have become an integral part of our life. People use web applications for most of the services. Customers register and store their personal…

Bug Bounty

3 min read

Web application Security-series 1-Authentication bypass test scenarios
Web application Security-series 1-Authentication bypass test scenarios
Bug Bounty

3 min read


Mar 9, 2021

Find the treasure hidden inside JavaScript

This is another bug bounty automation blog explaining my thought process for crawling and enumerating JavaScript file. Modern web applications are heavily built on JavaScript. Starting from API calls to most business logics, many critical functionalities are built on client-side nowadays. It is just that if we are able to…

Bug Bounty

6 min read

Find the treasure hidden in JavaScript
Find the treasure hidden in JavaScript
Bug Bounty

6 min read


Mar 8, 2021

Bug Bounty Automation for bypassing 403 response type pages

It has been long since I have posted my blog on security. However, this time I would like to bring you a top of bug bounty. I know!! as a security researcher most of you will be doing bug bounty hunting as part time or full time. Bug hunting is…

Bug Bounty

2 min read

Bug Bounty Automation for bypassing 403 response type pages
Bug Bounty Automation for bypassing 403 response type pages
Bug Bounty

2 min read


Oct 13, 2020

Bug Hunting: API secret token leaked in JS file

In modern-day web applications, critical application development has been done on javascript files. Java script files contain some sensitive information such as API secret key and other internal domain URL values. When the attackers get hold of such information, they will be able to talk to API and make changes…

Bug Bounty

3 min read

Bug Bounty

3 min read


Oct 13, 2020

Bug Hunting: CVE-2019–19781(Remote Code Execution)

What is CVE-2019–19781? An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal. As stated above all the CITRIX ADC with versions specified above are vulnerable to this attack. …

Bug Bounty

2 min read

Bug Hunting: CVE-2019–19781(Remote Code Execution)
Bug Hunting: CVE-2019–19781(Remote Code Execution)
Bug Bounty

2 min read


Oct 12, 2020

Bug Hunting: SSRF attack

What is SSRF attack? What is SSRF (Server-side request forgery)? Tutorial & Examples | Web Security Academy In this section, we'll explain what server-side request forgery is, describe some common examples, and explain how to…portswigger.net I have always been curious about finding out SSRF vulnerability. This was the one the bugs that I have recently identified in my target application. Enumeration:

Bug Bounty

3 min read

Bug Hunting: SSRF attack
Bug Hunting: SSRF attack
Bug Bounty

3 min read


Oct 12, 2020

Bug Hunting: Sensitive information exposed in android strings.xml file

String.xml is a single location for various strings your application needs. Here every string has a unique id, this id you use in your code to use that string. It is always recommended not to store critical data. Sometimes due to insecure coding practices, some sensitive information might be stored…

Bug Bounty

2 min read

Bug Bounty

2 min read

Pravinrp

Pravinrp

740 Followers

OSCP/Security geek &researcher(Application/infrastructure/Mobile/cloud security)

Following
  • Santosh Kumar Sha (@killmongar1996)

    Santosh Kumar Sha (@killmongar1996)

  • Ozgur Alp

    Ozgur Alp

  • Jonathan Bouman

    Jonathan Bouman

  • Inon Shkedy

    Inon Shkedy

  • Avinash Jain (@logicbomb)

    Avinash Jain (@logicbomb)

See all (15)

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech