May 2 · 12 min read · For most of the history of cybersecurity, the attacker was a human working a keyboard — clever, patient, persistent, but fundamentally limited by the speed of human thought. That era is ending. The attackers of 2025 and beyond are augmented by AI sys...
Join discussionOct 9, 2025 · 4 min read · Introduction In this POC we are going to demostrate how to perform a fileless code injection into EQNEDT32.EXE (Microsoft Word Equation Editor) . We are going to use the unamer implementation (https://github.com/unamer/CVE-2017-11882 ) (605 bytes) to...
Join discussion
Aug 29, 2025 · 10 min read · If you haven’t lived under a rock or in Point Nemo, you must have heard about MCP servers and AI browsers. Uncle Ben once(always) said “With great power, comes great responsibility”. With AI and MCP servers’ great power, I think we are a little behin...
Join discussion
Aug 25, 2025 · 3 min read · Hello Friends It’s been two months since I took a break from bug bounty hunting. During that time, I graduated from university 🎓, recharged, and now I’m officially back in the game. And guess what? Within just a few days of returning, I landed a cri...
DHDipesh and 1 more commented
Jun 8, 2025 · 5 min read · We should now have a solid understanding of how command injection vulnerabilities occur and how certain mitigations like character and command filters may be passed. This section will discuss methods we can use to prevent command injection vulnerabil...
Join discussionMay 1, 2025 · 4 min read · What is NoSQL databases? NoSQL databases store and retrieve data in a format other than traditional SQL relational tables. They are designed to handle large volumes of unstructured or semi-structured data. As such they typically have fewer relational...
Join discussion
Apr 25, 2025 · 4 min read · If you’ve built an API with Node.js, chances are you’ve thought about security – at least a little. Maybe you’ve heard about SQL injection, brute force attacks, or data leaks. But here’s the thing: it’s not just about big hacks. Even small gaps in yo...
Join discussion
Apr 8, 2025 · 3 min read · Defination : When an attacker manipulates SQL queries within an application to interfere with database. This can lead to modify the database in unauthorized way. Types of SQL Injection : 1) Error Based SQL Injection : When user provide an Input to th...
Join discussion
