Profile cover photo
Profile photo
Dhaval Chauhan
112 followers
112 followers
About
Communities and Collections
View all
Posts

Post has attachment
Nothing to See Here, Move Along
Nothing to see here, Move along Actually blog has moved to new location Here Why ? Because I liked Ghost
Add a comment...

Post has attachment
Nothing to See Here, Move Along
Nothing to see here, Move along Actually blog has moved to new location Here
Add a comment...

Post has attachment
Flash Based XSS at Barracudalabs.com
I would like to publish one of my Flash based XSS The story goes on like this : I found a Flash file that was hosted at main domain of barracudalabs and this Flash file was including some XML file but what i found interesting was there was no domain filter ...
Add a comment...

Post has attachment
Heartbleed at Slack's Status Server
Slack has a bug bounty program on Hackerone One day I found this  status.slack.com This sub-domain looked different, maybe because this server was outside the main network. Though I could not find anything suspicious,  lastly I checked the certificate and t...
Add a comment...

Post has attachment
Square's SMTP Server without authentication
Few months back when Square started the bug bounty in  Hackerone After some dorking I found this " api-test.squareup.com" Yea a test bed. Usually these test sub-domains are vulnerable because they not maintained after initial development phase. Visited the ...
Add a comment...

Post has attachment
XSS in OAuth flow of Paypal
Again, One fine night while playing with Paypal's REST API lead to XSS in their OAuth flow. I quickly made a working POC and sent to paypal. POC: Paypal REST API provides a simple payment solution. So, basically one needs to create an application in develop...
XSS in OAuth flow of Paypal
XSS in OAuth flow of Paypal
17haval.blogspot.com
Add a comment...

Post has attachment
XSS at Blogger
One fine night when I was editing my Blogger Account I found an awkward behavior This caught my eye and upon digging a bit ....BOOM POC : The vulnerable link was : https://www.blogger.com/switch-profile.g?switchProfileSource=3&continue=/home                ...
Add a comment...

Its 41 and its going on and on and on hope it ends today
Add a comment...

ZIO tommorow
Add a comment...
Wait while more posts are being loaded