Founder/CEO Hackrew | Security Researcher | Indian | Alumnus, IIT Guwahati

And an exciting new contest running through all of November 2020

Image for post
Image for post
Pentester Lab
  1. goswamiijaya for — Server-Side Request Forgery — SSRF: Exploitation Technique on the basis of the highest views.
  2. Kleitonx00 for Leveraging LFI to RCE in a website with +20000 userson the basis of the highest number of fans.
  3. Shad3 for Malware Analysis 101 — Emotet MalDoc behavioural approachon the basis of highest percentage read.


The story behind how I was able to view, edit & delete classified personal information of lakhs of patients all over India

Image for post
Image for post
Image Source

What is DICOM?


The shocking truth revealed by the analysis of several data breaches online

Image for post
Image for post
https://www.thequint.com/news/india/ministry-of-external-affairs-isro-barc-breached-thousands-government-mails-cybersecurity

Introduction


Image for post
Image for post


Image for post
Image for post
Nullcon CTF 2019


Image for post
Image for post
  1. Stop googling for other articles on how to install Arch Linux. …



Image for post
Image for post
Business Today News link


Image for post
Image for post
InfoSec Witeup Publiation


TLDR: Using this loophole anybody can use Aadhaar demographic authentication API by piggybacking my requests through NSDL servers and bypass the checks at place by UIDAI. Read till the end to find out how.

Image for post
Image for post
Aadhaar Logo

What is Aadhaar?

What is Aadhaar API?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store