Profile

Cover photo
Rafay Baloch
Works at RHA
Attended Bahria Foundation School
Lives in -Pakistan
4,929 followers|58,829,627 views
AboutPostsPhotosYouTube+1's

Stream

Rafay Baloch

Shared publicly  - 
 
Learn How To Hack With Hacking Secrets Exposed Book
There are many guides available for learning how to hack online, however they require a prior understanding of concepts in order to execute the steps, therefore building foundation is very important in order to learn how to hack, therefore one of the recomm...
Learn How To Hack from The Basics. Become an Ethical Hacker and Protect Yourself from Malicious Hack Attacks. Get cool PC Tricks, Tips, and more.
1
Prince Sajjad's profile photo
 
Rafay plz mjhe apki help chaiye plz 
Add a comment...

Rafay Baloch

Shared publicly  - 
 
Blogged about  "Secure Application Development And Modern Defenses" after ages- 

http://www.rafayhackingarticles.net/2015/12/secure-application-development-Modern-Defenses.html
When it comes to the internet, security has always been an after-thought. A great evidence to support the theory can be seen when we look at the history of the internet. The internet was created by US military back in 1969, branded as "Arpanet" at that time. In 1973, ARPANET created TCP IP ...
3
Add a comment...

Rafay Baloch

Shared publicly  - 
tl;dr This exploit is an issue present in Android browser < 4.4 and several other android browsers which allows an attacker to read sqlite cookie database file and hence exposing all cookies. Along with it we also talk about a Cross Scheme Data exposure attack in Android < 4.4.
7
Halima Velasco's profile photoJayanthi d's profile photoshabnam dew's profile photofred garbage's profile photo
11 comments
 
HACKERS........FOR.......HIRE!!!!!!!!!!!!!



Do you need expert help in gaining access/passwords to Facebook, gmail, Instagram, bbm, yahoo-mail, snap-chat, twitter,

Hotmail, badoo, zoosk, various blogs, icloud, apple accounts etc. Password retrieval, breaching of bank accounts: (for

local and international banks, block transfers, make transfers), clear debts, pay for bills at give a way rates also

provide cheap Holiday booking, breach of web host servers, firewall breaches, application cracks, change of school grades,

professional hacking into institutional servers, clearing of criminal records, mobile airtime recharge, keylogging,

smartphone,tablet portable device hacks, pc hacks on any OS and ip tracking and general tracking operations..........

contact :Garbageinaandoutpcpc@gmail.com
Add a comment...

Rafay Baloch

Shared publicly  - 
 
New version of Netsparker automatically detects DOM XSS vulnerabilities
https://www.netsparker.com/blog/releases/netsparker-3-5-features-highlight/
The new Netsparker can automatically detect DOM XSS vulnerabilities and has a new crawler allowing you to crawl a wider variety of websites and scan them.
5
Add a comment...

Rafay Baloch

Shared publicly  - 
4
Add a comment...

Rafay Baloch

Shared publicly  - 
 
Are we taking the right approach to solving existing password problems?, https://www.netsparker.com/blog/web-security/passwords-pass-phrases-ideological-divide/
This whitepaper talks about the efficiency of building complex passwords and about other alternatives to complex passwords, such as pass phrases.
3
sheilly azimi's profile photoA Salisonn's profile photo
2 comments
 
Sorry for late respond, i actually seldom check my gmail account, anyway i don't understand yuor question Sheilly please?
Add a comment...
Have him in circles
4,929 people
Imran Khan (vsongs)'s profile photo
Webo Technologies's profile photo
Salman Khan's profile photo
Michael JacksonFanFiction's profile photo
AJMAL KHAN's profile photo
mohamed salim's profile photo
Bharadwaj Machiraju (tunnelshade)'s profile photo
Arun Mishra's profile photo
Jason Chia's profile photo

Rafay Baloch

Shared publicly  - 
 
How To Become A Hacker?
Ethical Hacking and Penetration Testing Guide - Baloch, Rafay Requiring no prior hacking experience,  Ethical Hacking and Penetration Testing Guide  supplies a complete introduction to the steps required to complete a penetration test, or ethical hack, from...
Learn How To Hack from The Basics. Become an Ethical Hacker and Protect Yourself from Malicious Hack Attacks. Get cool PC Tricks, Tips, and more.
3
Dazy Diamond's profile photoFawad Abdullah's profile photo
2 comments
 
salam , u said u want a positive change in this world so please help i want my account back  in 8 ball pool@miniclip.com it has been ban since october 2015 please help
Add a comment...

Rafay Baloch

Shared publicly  - 
 
It's a humble request to kindly stop asking me to hack email or bank accounts for you. My personal integrity is to bring positive change into this world. 
21
1
Iftikhar Hassan's profile photodesi girl's profile photoFarhanullah khan's profile photoAzamiora Redhat's profile photo
22 comments
 
100% ag vit u ..brat
Add a comment...

Rafay Baloch

Shared publicly  - 
 
Releasing: Android Browser Same Origin Policy Bypass #0day - http://www.rafayhackingarticles.net/2014/08/android-browser-same-origin-policy.html
Introduction. Same Origin Policy (SOP) is one of the most important security mechanisms that are applied in modern browsers, the basic idea behind the SOP is the javaScript from one origin should not be able to access the properties of a website on another origin. The origin is formed by the ...
7
1
sunny singh's profile photoPankaj Narang's profile photoGreg Snook's profile photoMoazzam Ali's profile photo
5 comments
 
Its nice 
Add a comment...

Rafay Baloch

Shared publicly  - 
 
HTML5 Modern Day Attack And Defence Vectors Paper By Rafay Baloch
Quoting the author: IT has been more than six years since the advent of HTML5 (dated back 2008), and as the time has passed by we have seen more and more websites utilizing HTML5 features and have witnessed that technologies like flash and silverlight are d...
Learn How To Hack from The Basics. Become an Ethical Hacker and Protect Yourself from Malicious Hack Attacks. Get cool PC Tricks, Tips, and more.
12
1
Add a comment...

Rafay Baloch

Shared publicly  - 
1
Jack Hester's profile photo
 
I'm looking to recover a facebook password
Add a comment...
People
Have him in circles
4,929 people
Imran Khan (vsongs)'s profile photo
Webo Technologies's profile photo
Salman Khan's profile photo
Michael JacksonFanFiction's profile photo
AJMAL KHAN's profile photo
mohamed salim's profile photo
Bharadwaj Machiraju (tunnelshade)'s profile photo
Arun Mishra's profile photo
Jason Chia's profile photo
Work
Occupation
Ethical Hacker, Penetration Tester
Employment
  • RHA
    Founder/Admin, present
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
-Pakistan
Previously
- - -
Story
Tagline
Hi everyone, I am an independent security researcher, I got interested in hacking at the age of 14 and since then I am learning and exploring new things every day. I don't claim to be the best hacker, however unlike a lot of them i share what i learn.
Introduction

Rafay Baloch

CPTE, CPTC, CSWAE, CVA, CSS, OSCP, CCNA, CCNP ROUTE, OSWP, eWAPT, eCSS
Education
  • Bahria Foundation School
Basic Information
Gender
Male
Relationship
In a relationship
Rafay Baloch's +1's are the things they like, agree with, or want to recommend.
Bypassing Browser Security Policies For Fun And Profit (Blackhat Asia 20...
www.rafayhackingarticles.net

Few hours back, i delivered a talk at Blackhat Asia 2016 on "Bypassing Browser Security Policies For Fun And Profit", the talk covered wide

Sucuri WAF XSS Filter Bypass | Learn How To Hack - Ethical Hacking and s...
www.rafayhackingarticles.net

Introduction. Sucuri Cloud Proxy is a very well known WAF capable of preventing DOS, SQL Injection, XSS and malware detection and prevention

Multiple PDF Vulnerabilities - Text and Pictures on Steroids
insert-script.blogspot.com

I had the pleasure to talk at the HackPra in Bochum on 22.10 this year. My topic was about Adobe Reader and the vulnerabilites I found in ve

Android Browser Cross Scheme Data Exposure Attack | Learn How To Hack - ...
www.rafayhackingarticles.net

tl;dr This exploit is an issue present in Android browser &lt; 4.4 and several other android browsers which allows an attacker to read sqlite c

Bad Meets evil - PHP meets Regular Expressions | Learn How To Hack - Eth...
www.rafayhackingarticles.net

This article would briefly discuss the reason why Regular Expressions might not be suitable for filtersand how things could turn miserably b

Google Patches Second "Same Origin Policy" Bypass Flaw in Android Browse...
www.securityweek.com

A Same Origin Policy (SOP) bypass vulnerability has been identified in the Android browser installed by default on versions of the operating

A Tale Of Another SOP Bypass In Android Browser &lt; 4.4 | Learn How To ...
www.rafayhackingarticles.net

Since, my recent android SOP bypass [CVE-2014-6041] triggered a lot of eruption among the infosec community, I was motivated to research a b

Android Browser Same Origin Policy Bypass | Learn How To Hack - Ethical ...
www.rafayhackingarticles.net

Introduction. Same Origin Policy (SOP) is one of the most important security mechanisms that are applied in modern browsers, the basic idea

A Simple Design Flaw In WhatsApp Leading To DOS | Learn How To Hack - Et...
www.rafayhackingarticles.net

WhatsApp is the choice of millions of people across the world for sending free messages, pictures, audios etc. As a reason of which it has b

Puffin Web Browser Pop Up Recursion Vulnerability - DOS | Learn How To H...
www.rafayhackingarticles.net

During my recent security research on "Puffin Web Browser" I found several security bugs with "Puffin Web Browser" ranging from low to high

Ethical Hacking and Penetration Testing Guide - Rafay Baloch - Google Books
books.google.com.pk

books.google.com.pk - This book introduces the steps required to complete a penetration test, or ethical hack. Requiring no prior hacking ex

Puffin Web Browser Address Bar Spoofing Vulnerability | Learn How To Hac...
www.rafayhackingarticles.net

During my recent research on Mobile browsers i have managed to find couple of interesting vulnerabilities such as SOP bypass, Denial of serv

Rhainfosec XSS Challenge 2 - Writeup | Learn How To Hack - Ethical Hacki...
www.rafayhackingarticles.net

We blacklisted alert, prompt, confirm, document.write functions which are most commonly used to execute javascript. We blacklisted open &amp; cl

A Simple Design Flaw In Qmobile's Messaging System | Learn How To Hack -...
www.rafayhackingarticles.net

Introduction. This post describes a simple design flaw inside of Qmobile handsets and describes why you shouldn't rely upon built in passwor

RHAinfoSec XSS Challenge - 2 | Learn How To Hack - Ethical Hacking and s...
www.rafayhackingarticles.net

If all you can do is &quot;&gt;, then our humble apologies this challenge is not for you. The WAF can be very hard, if you don&#39;t know how to properl

Hardening Wordpress Security By Monitoring Malicious User Activities | L...
www.rafayhackingarticles.net

WordPress has become the most popular content management system; it drives more than 20% of the websites on the internet. Such popularity ha

Indispensible Need of National CERT in Pakistan | Learn How To Hack - Et...
www.rafayhackingarticles.net

In this advanced era where science and technology have become quite advanced, it leave not be incorrect to state that technology has become

DDOS: The Modern Website's Kryptonite | Learn How To Hack - Ethical Hack...
www.rafayhackingarticles.net

Denial of Service and the Distributed Denial of Service Attacks have recently emerged as one of the most newsworthy, if not the greatest, we

elearnsecurity Advanced Reverse Engineering Of Software - Review | Learn...
www.rafayhackingarticles.net

There is a saying "To understand how something works, you must take it apart and unravel its secrets" that's exactly what reverse engineerin

What is the .htaccess file and what do I use it for? | Learn How To Hack...
www.rafayhackingarticles.net

.htaccess - The Point of Discussion HT(Hyper Text) access file is actually a directory level configuration file which supports handsome numb