Product Affected: https://cse.google.com Vulnerability: XSS (Stored with user interaction) Every bug that ever reported have some realized or unrealized inspirations. It can be a person, bounty, write-up or anything. In my case the inspiration was Google Vulnerability Research Grant that was rewarded to me prior to BountyCon 2019. I started looking for subdomain and landed... Continue Reading →
Journey through Google referer leakage bugs.
Hi there, This write-up is a walk-through to the misconfiguration which leaks sensitive URL through referer header.This affected various Google products and has been fixed now. Generally, Google have a feature to share documents through "shareable links". Which means you can generate an unique link for your project or document and share it. The person... Continue Reading →
Red Team Village CTF- Decfon dc0471x002 (write up)
We had a great day at Defcon Trivandrum (dc0471x002) event.This writeup is about the awesome CTF conducted by Red Team Village. You can visit them here: https://www.redteamvillage.org . The event started by 11 am (if Iam not wrong) and was set to complete by 4 PM. We made a team together and joined the event.... Continue Reading →
Facebook’s New Feature To Create Fake Account.
Hello hardcore infosec blog readers, Iam here with yet another failure bug report to Facebook. So what about it??.. This bug allows hackers/spammers to create fake accounts officailly through Facebook. We can do this using Facebooks feature for bug hunters called test account. Wait I can hear you thinking "it can't communicate with real... Continue Reading →
Warning:- Dumb Bugs here!!! When you see this title you may think “Sreeram is a LEET hacker and there bug must be something serious bug” Obviously you’re wrong, neither I’m not leet nor its a tough finding. If you’re expecting some awesome findings here or looking to learn something new from this page, you can... Continue Reading →
What the hell this blog is about???
Cyber attack has become the major threat to the world.As per the recent survey, each day about one million cyber attack are taken place and corporates are paying billions of dollars to protect their data. White hat hackers/bug hunters are the cyber security experts or simply super heroes who strives hard to protect the world... Continue Reading →