Shashank's Security Blog
Finding security bugs for food.
Home
(Move to ...)
Home
Need my service?
▼
Tuesday, 3 November 2020
From a 500 error to Django admin takeover
›
This bug is about a private target I was hunting. I passed all the subdomains to FFUF , a great tool written in GoLang to brute force direct...
4 comments:
Tuesday, 18 August 2020
Escalating a GitHub leak to takeover entire organization
›
I was hunting on a private program. One of the common things I do is look for leaked credentials on Github. I give special attention to dele...
Tuesday, 21 July 2020
Subdomain Takeover using readthedocs
›
Hello World! Not a fancy blog post, but I just discovered that subdomain takeover is possible for "readthedocs." What is a su...
1 comment:
Saturday, 18 May 2019
Finding leaks in Travis logs- an automated approach
›
First of all, I would like to give credits to original researchers who highlighted this issue into the public. The original blog post can ...
2 comments:
Wednesday, 13 March 2019
Taking Over Publicly Editable Github Wiki in Masses
›
Let's get familiar with a few things first! What is Github? GitHub is a web-based hosting service for version control using Git. Git...
2 comments:
›
Home
View web version
