AAnirudhinblog.redtrib3.in·May 7 · 5 min readIndirect prompt injection In Atlassian's Rovo chatPrompt injection is not a new idea. But most of the write-ups you'll find are about chatbots being tricked directly. I have been a reading a lot about Indirect prompt injection bugs lately and started41Y
AAnirudhinblog.redtrib3.in·Mar 9 · 5 min readJWT misconfiguration leads to zero-click account takeover and PII exposure Recently I came across a relatively lesser known bug bounty platform and decided to hunt on it. While testing the program, I discovered that its JWT-based authentication could be manipulated to gain u00
AAnirudhinblog.redtrib3.in·Dec 26, 2025 · 9 min readReact2shell for dummiesIf you prefer to read this blog in a static website, I've got the same content over at redtrib3.bearblog.dev. There has been a lot off fuzz lately about this new vulnerability in React and NextJS. All of this seems to be quiet confusing at first but...00
AAnirudhinblog.redtrib3.in·Aug 26, 2025 · 10 min readCloudSEK CTF 2025 WriteupIntroduction I secured first place in the CloudSEK Hiring CTF held in August, 2025. The competition involved 5 challenges of increasing difficulty placed as levels. In this writeup, I’ll outline my methods and thought process. TL;DR Found a google ...00
AAnirudhinblog.redtrib3.in·Jul 27, 2025 · 9 min readThreat Hunting Simulator: Health Hazard - TryHackMe writeupThis writeup covers the new Threat Hunting simulator room ‘Health Hazard’ rated Easy from Tryhackme. At a high level, the challenge involved going through a splunk log to trace out the attack path, we have all the information needed to complete the c...01X
