BigTree CMS - XSS Vulnerability in Version 4.4.7
Adcause.io - 2020
New Year, New Updates 🎆🎉
Adcause.io - End of Year Zero
The beginning of something great.
[CVE-2019-19466] SCEditor - XSS Vulnerability in Version 2.1.3
Adcause.io - Third month
We have raised enough stationaries for a class! 📝
Adcause.io - Second month
We raised enough funds to buy a school bag! 🎒
Adcause.io - First Month
We raised enough funds to buy a pen! 🖊️
Adcause.io - Making The World Better With Technology
"Leave the world better than you found it"
List Comprehension(Python) Addiction
return ["addiction" for i in 10]
Keeping Your Web Application Alive
Ah, ha, ha, ha, stayin' alive, stayin' alive
SQLmap Commands: A Tutorial on SQLmap With Examples (Updated 2019)
Select * from table where read_post = '' or 1=1--'
Unorthodox SQLi Prevention
Discovered an interesting way of preventing SQL injection during a source code review.
Persistent XSS Leading To Financial Lost (Hypothetical Scenario)
A completely hypothetical scenario I came up with when learning about digital marketing.
Tmux Tutorial: An Easy Guide with Screenshots and Examples (2018 Update)
There were many times I wished I could run a script on a VPS without staying connected to the instance via SSH. You could use Tmux to achieve this.
[CVE-2018-12030] Chevereto Free - XSS Vulnerability in Version 1.0.12
HIBP's Pwned Passwords API Usage
Data breaches happen all the time. Let's check for compromised credentials in style!
NUS Orbital Journey
Solving a problem that affects writers and publishers by creating a marketplace to bridge the connection.
[CVE-2017-17902] Kliqqi CMS - SQL Injection Vulnerability in Version 3.5.2
[CVE-2017-17889] Kliqqi CMS - XSS Vulnerability in Version 3.5.2
Domain Privacy: Exposing Personal Information Unknowingly
T-Mobile Austria - A Case Study on Bad Password Management
tldr; Don't store you password in plain-text and educate your non-tech employees on approaches to addressing sensitive topics.
Cross-Site Scripting (XSS)
I get pleasure from alert/confirm/prompt boxes. So take my pleasure away by ensuring proper sanitization.
Static Web Page: Using Hugo, Gitlab, CloudFlare and Forestry.io
In this post, I will discuss the different considerations made before converting this blog to a static blog while maintaining the speed and security aspect.
Cloudflare Review: A Comprehensive Guide
I love free stuff, free is good. Cloudflare's freemium model is beneficial to all parties. Read on to find out what benefits you can get for free!
When To Report a Security Bug
I submitted 2 security reports for application meant for a single user 🤦 fml.
What Should a Lay Person Know About Cybersecurity?
The first step to being a l33t [email protected] Just kidding.
[CVE-2016-9891] Dotclear – XSS Vulnerability in Version 2.10.4
[CVE-2016-9681] Serendipity CMS – XSS Vulnerability in Version 2.0.4
prismjs CDN: Implementation of Syntax Highlighting in Ghost CMS
Website Considerations: Guide on Setting up a Website
Bypass IP address filter using SSH forwarding
Web Worker Tutorial: A Guide in Using HTML5 Web Workers
How to Test for CSRF Vulnerability
I was asked "what is CSRF?" during my first internship interview. I couldn't answer so I hope you could.
[CVE-2015-2289] Serendipity CMS – XSS Vulnerability in Version 2.0
[CVE-2015-2082] UNIT4 Prosoft HRMS XSS Vulnerability
BEdita CMS – XSS and CSRF Vulnerability in Version 3.5.0
[CVE-2015-1583] ATutor LCMS – CSRF Vulnerability in Version 2.2