Aditya Dixit

@adityadixit

Security Researcher

IndiaJoined February 2022

About

I'm leading the Research at Credshields, and Pentest teams at Cobalt Labs and HackerOne. I occasionally blog about my findings and adventures in pentesting.

Available for

Nothing here yet.

Aditya Dixit's blogs

All Things Securityblog.dixitaditya.com47 posts

Articles Comments2

Recently published

ADAditya Dixitblog.dixitaditya.comApr 9 · 9 min read

Hijacking iOS Deep Links in a Health App Using Custom URL Schemes

Overview During a recent pentest of an iOS health application (let's call it MedVault), I came across something interesting. The app was using custom URL schemes for deep linking but had no Universal

3

LA

ADAditya Dixitblog.dixitaditya.comJan 29, 2023 · 4 min read

Selfie - Damn Vulnerable DeFi #06

Objectives There's a pool as always, and it offers flash loans of DVT tokens. There's also a governance mechanism that controls the pool. The initial token supply is 2 million, and the pool has 1.5 million DVT. We have 0. Our goal is to drain the poo...

0

ADAditya Dixitblog.dixitaditya.comJan 29, 2023 · 4 min read

The Rewarder - Damn Vulnerable DeFi #05

Objectives There’s a pool offering rewards in tokens every 5 days for those who deposit their DVT tokens into it. There are 4 other participants who have already deposited some tokens and claimed their rewards. We need to claim the most rewards for o...

0

ADAditya Dixitblog.dixitaditya.comJan 26, 2023 · 3 min read

Side Entrance - Damn Vulnerable DeFi #04

Objectives A lending pool allows users to deposit and withdraw ETH. It also offers flash loans for free. The pool has 1000 ETH in balance and we start with 1 ETH. Our objective is to drain the pool. Smart Contract Analysis SideEntranceLenderPool.sol ...

0

ADAditya Dixitblog.dixitaditya.comJan 22, 2023 · 3 min read

Truster - Damn Vulnerable DeFi #03

Objectives There's a lending pool with a million DVT tokens. This pool offers a flash loan for free. But as it is with all flash loans, the user must pay back the loan in the same transaction. Our objective is to drain all the funds from the lending ...

0

Aditya Dixit

About

Available for

Aditya Dixit's blogs

Recently published

Hijacking iOS Deep Links in a Health App Using Custom URL Schemes

Selfie - Damn Vulnerable DeFi #06

The Rewarder - Damn Vulnerable DeFi #05

Side Entrance - Damn Vulnerable DeFi #04

Truster - Damn Vulnerable DeFi #03

Search Hashnode

Aditya Dixit

About

Available for

Aditya Dixit's blogs

Recently published

Hijacking iOS Deep Links in a Health App Using Custom URL Schemes

Selfie - Damn Vulnerable DeFi #06

The Rewarder - Damn Vulnerable DeFi #05

Side Entrance - Damn Vulnerable DeFi #04

Truster - Damn Vulnerable DeFi #03