Hi! I am a Tech Enthusiastic full-stack web developer, programmer and web/network penetration tester from Nepal.
Subscribe to my newsletter and never miss my upcoming articles
Exploiting the postMessage() method to achieve XSS in a challenge! · At the April 2021 Monthly Meet of null Ahmedabad, I had delivered a session on...
The "surf-test.xwf.internet.org" subdomain was pointing to a AWS EC2 hostname that the Internet.org team had removed, making it susceptible to...
It was possible to claim the api.techprep.fb.com subdomain by registering the techprep-backend service on AWS Elastic Beanstalk. Some of the text...
Find out how I was able to solve the NepHack Healthcare CTF 2020 and become the fourth solver during this special edition of NepHack Online CTF! · How's...
This IDOR vulnerability in the Facebook Events platform allowed an attacker profile to add anyone as co-host in his/her personal event including...
This vulnerability could have let a malicious Facebook user to add a comment on any live stream even if it has a friends only privacy. The comment...
