A Same Origin Policy (SOP) bypass vulnerability has been identified in the Android browser installed by default on versions of the operating

Since, my recent android SOP bypass [CVE-2014-6041] triggered a lot of eruption among the infosec community, I was motivated to research a b

Introduction. Same Origin Policy (SOP) is one of the most important security mechanisms that are applied in modern browsers, the basic idea

WhatsApp is the choice of millions of people across the world for sending free messages, pictures, audios etc. As a reason of which it has b

During my recent security research on "Puffin Web Browser" I found several security bugs with "Puffin Web Browser" ranging from low to high

books.google.com.pk - This book introduces the steps required to complete a penetration test, or ethical hack. Requiring no prior hacking ex

During my recent research on Mobile browsers i have managed to find couple of interesting vulnerabilities such as SOP bypass, Denial of serv

We blacklisted alert, prompt, confirm, document.write functions which are most commonly used to execute javascript. We blacklisted open & cl

Introduction. This post describes a simple design flaw inside of Qmobile handsets and describes why you shouldn't rely upon built in passwor

If all you can do is ">, then our humble apologies this challenge is not for you. The WAF can be very hard, if you don't know how to properl

WordPress has become the most popular content management system; it drives more than 20% of the websites on the internet. Such popularity ha

In this advanced era where science and technology have become quite advanced, it leave not be incorrect to state that technology has become

Denial of Service and the Distributed Denial of Service Attacks have recently emerged as one of the most newsworthy, if not the greatest, we

There is a saying "To understand how something works, you must take it apart and unravel its secrets" that's exactly what reverse engineerin

.htaccess - The Point of Discussion HT(Hyper Text) access file is actually a directory level configuration file which supports handsome numb

Cross Site scripting (XSS) has been a problem for well over a decade now, XSS just like other well known security issues such as SQL, XPATH,

When it comes to Information Security, there's a great way to learn, train and keep sharp your skills. This can be done using gamification m

We have already disclosed lots of findings related to DOM Based XSS and this article talks about a pretty interesting DOM Based XSS vulnerab

ABSTRACT. Readers, there are numerous reasons ... It is well known that the Internet is an unmanaged an decentralized network, running under

Martial arts are part of an ancient culture, a people that has a very rich history. The term Kung Fu was created over 4000 years and at firs