Profile

Cover photo
RafayHackingArticles
1,039 followers|40,555 views
AboutPostsPhotosVideos

Stream

RafayHackingArticles

Shared publicly  - 
 
How to Spy on Text Messages
It seems that in recent years most of society, especially the younger generations, have turned to texting as their preferred mode of conversation. The infinite ability to communicate with other people around the world effortlessly has become a growing conce...
It seems that in recent years most of society, especially the younger generations, have turned to texting as their preferred mode of conversation. The infinite ability to communicate with other people around the world effortlessly has become a growing concern for parents and employers alike who ...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Sucuri WAF XSS Filter Bypass
Introduction Sucuri Cloud Proxy is a very well known WAF capable of preventing DOS, SQL Injection, XSS and malware detection and prevention. It acts as a reverse proxy which means that all the traffic sent to an application behind Sucuri WAF would be first ...
Introduction. Sucuri Cloud Proxy is a very well known WAF capable of preventing DOS, SQL Injection, XSS and malware detection and prevention. It acts as a reverse proxy which means that all the traffic sent to an application behind Sucuri WAF would be first sent to Sucuri's network which (based ...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
How To Hack A Mobile Application? - Video Series
In today’s world, new mobile innovations have changed the way we bank, shop, play, and communicate. This increased demand for mobile innovation is placing pressure on organizations and developers to get applications to market, quickly. Often times this focu...
In today's world, new mobile innovations have changed the way we bank, shop, play, and communicate. This increased demand for mobile innovation is placing pressure on organizations and developers to get applications to market, quickly. Often times this focus on feature functionality rather than ...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Android Browser Kitkat Content Spoofing Vulnerability
The following is a low risk vulnerability that was found few months ago while testing the latest Android Stock browser on Android Kitkat.  The issue that was found is commonly referred as Content spoofing Vulnerability or dialog box spoofing vulnerability w...
The following is a low risk vulnerability that was found few months ago while testing the latest Android Stock browser on Android Kitkat. The issue that was found is commonly referred as Content spoofing Vulnerability or dialog box spoofing vulnerability which could be used to fake an alert ...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Bad Meets evil - PHP meets Regular Expressions
twi This article would briefly discuss the reason why Regular Expressions might not be suitable for filtersand how things could turn miserably bad when PHP comes is used with Regular Expressions. The post would then continue with the write-up of a relevant ...
This article would briefly discuss the reason why Regular Expressions might not be suitable for filtersand how things could turn miserably bad when PHP comes is used with Regular Expressions. The post would then continue with the write-up of a relevant scenario based challenge, and finally will ...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
A Tale Of Another SOP Bypass In Android Browser < 4.4
Since, my recent android SOP bypass [CVE-2014-6041]  triggered a lot of eruption among the infosec community, I was motivated to research a bit more upon the android browser, it turns out that things are much worse than I thought, I managed to trigger quite...
Since, my recent android SOP bypass [CVE-2014-6041] triggered a lot of eruption among the infosec community, I was motivated to research a bit more upon the android browser, it turns out that things are much worse than I thought, I managed to trigger quite a few interesting vulnerabilities ...
1
Add a comment...
Have them in circles
1,039 people
deejay S's profile photo
Rafail Nuriev's profile photo
kannan gautham's profile photo
Hùng trần's profile photo
周哲賢's profile photo
shaharyar iqbal's profile photo
Anass Benlarbi's profile photo
ravinder slakesoft's profile photo
Kurt Kristensen's profile photo

RafayHackingArticles

Shared publicly  - 
 
Android Browser All Versions - Address Bar Spoofing Vulnerability
Introduction Google security team themselves state that  "We recognize that the address bar is the only reliable security indicator in modern browsers" and if the only reliable security indicator could be controlled by an attacker it could carry adverse aff...
Google security team themselves state that "We recognize that the address bar is the only reliable security indicator in modern browsers" and if the only reliable security indicator could be controlled by an attacker it could carry adverse affects, For instance potentially tricking users into ...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Securi WAF XSS Filter Bypass
Introduction Securi Cloud Proxy is a very well known WAF capable of preventing DOS, SQL Injection, XSS and malware detection and prevention. It acts as a reverse proxy which means that all the traffic sent to an application behind Securi WAF would be first ...
Introduction. Securi Cloud Proxy is a very well known WAF capable of preventing DOS, SQL Injection, XSS and malware detection and prevention. It acts as a reverse proxy which means that all the traffic sent to an application behind Securi WAF would be first sent to Securi's network which (based ...
1
1
catalin alin's profile photo
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
CSP 2015 Capture The Flag Writeup
On 11th April Giuseppe Trotta and myself organized a CTF (Capture The Flag) competition for Cyber Secure Pakistan (A conference that combines all the stakeholders). The challenge was hosted on hack.me and contained 9 different challenges, some challenges it...
On 11th April Giuseppe Trotta and myself organized a CTF (Capture The Flag) competition for Cyber Secure Pakistan (A conference that combines all the stakeholders). The challenge was hosted on hack.me and contained 9 different challenges, some challenges itself contained sub-challenges.
2
1
Muqarrab Zaidi's profile photo
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Android Browser Cross Scheme Data Exposure Attack
tl;dr This exploit is an issue present in Android browser < 4.4 and several other android browsers which allows an attacker to read sqlite cookie database file and hence exposing all cookies. Along with it we also talk about a Cross Scheme Data exposure att...
tl;dr This exploit is an issue present in Android browser < 4.4 and several other android browsers which allows an attacker to read sqlite cookie database file and hence exposing all cookies. Along with it we also talk about a Cross Scheme Data exposure attack in Android < 4.4.
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Common Attacks Against Modems
0x01: Introduction to Modems The term DSL modem is technically used to describe "a modem which connects to a single computer, through a USB port or is installed in a computer PCI slot". The more common DSL router which combines the function of a DSL modem a...
The term DSL modem is technically used to describe "a modem which connects to a single computer, through a USB port or is installed in a computer PCI slot". The more common DSL router which combines the function of a DSL modem and a home router is a standalone device which could be connected to ...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Indepth Code Execution in PHP: Part Two
This is a continued post from Code Execution in PHP; you can read the first post here , so if you haven't read that before please go ahead and read it first or else you would have problem understanding the second part. “…It’s no secret that PHP is an easy l...
This is a continued post from Code Execution in PHP; you can read the first post here, so if you haven't read that before please go ahead and read it first or else you would have problem understanding the second part. “…It's no secret that PHP is an easy language to which anyone with amateur ...
1
PREM VERMA's profile photo
2 comments
 
NMASTE BHAI,kese ho ....or apke ghr me sb kese h
Add a comment...
People
Have them in circles
1,039 people
deejay S's profile photo
Rafail Nuriev's profile photo
kannan gautham's profile photo
Hùng trần's profile photo
周哲賢's profile photo
shaharyar iqbal's profile photo
Anass Benlarbi's profile photo
ravinder slakesoft's profile photo
Kurt Kristensen's profile photo
Contact Information
Contact info
Email
Story
Tagline
Learn Ethical Hacking And Security Tips From Experts.
Introduction
RafayHackingArticles a.k.a RHA is one of the top and leading security related blog owned by Rafay baloch covering topics such as security, Hacking news, Vulnerability research and Internet Security training for free.

The aim of RHA of to promote awareness regarding internet security and hackers. 

RHA get's more than 20k daily traffic, 10k+ twitter followers, 20k+ rss subscribers etc.