Profile

Cover photo
RafayHackingArticles
1,152 followers|46,324 views
AboutPostsPhotosVideos

Stream

RafayHackingArticles

Shared publicly  - 
 
Bypassing Modern WAF's Exemplified At XSS (Webcast)
Past Saturday, I conducted a " Webcast " on " Garage4hackers " on one of my favorite subjects in the field of Information Security i.e. " WAF Bypass ". Initially, i had decided to present something on the topic of " Mobile Browser Security " due to the fact...
Past Saturday, I conducted a "Webcast" on "Garage4hackers" on one of my favorite subjects in the field of Information Security i.e. "WAF Bypass". Initially, i had decided to present something on the topic of "Mobile Browser S...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Bypassing Browser Security Policies for Fun and Profit (Full Presentation Video)
Blackhat has just recently released the full video for my talk on the subject of " Browser Security ", If you wish to read the Whitepaper/Slides and SOP Test Suite, you can refer to my previous post on " Bypassing Browser Security Policies For Fun And Profi...
Blackhat has just recently released the full video for my talk on the subject of "Browser Security", If you wish to read the Whitepaper/Slides and SOP Test Suite, you can refer to my previous post on "Bypassing Browser Securi...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Bypassing Browser Security Policies For Fun And Profit (Blackhat Asia 2016)
Few hours back, i delivered a talk at Blackhat Asia 2016  on "Bypassing Browser Security Policies For Fun And Profit ", the talk covered wide variety of topics starting from SOP bypasses, CSP bypass so on and so forth. Due to limited time i was only able to...
Few hours back, i delivered a talk at Blackhat Asia 2016 on "Bypassing Browser Security Policies For Fun And Profit", the talk covered wide variety of topics starting from SOP bypasses, CSP bypass so on and so forth. Due to limited time i was only able to cover few topics, however, ...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Secure Application Development And Modern Defenses
Abstract When it comes to the internet, security has always been an after-thought. A great evidence to support the theory can be seen when we look at the history of the internet. The internet was created by US military back in 1969, branded as "Arpanet" at ...
When it comes to the internet, security has always been an after-thought. A great evidence to support the theory can be seen when we look at the history of the internet. The internet was created by US military back in 1969, branded as "Arpanet" at that time. In 1973, ARPANET created TCP IP ...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
How to Spy on Text Messages
It seems that in recent years most of society, especially the younger generations, have turned to texting as their preferred mode of conversation. The infinite ability to communicate with other people around the world effortlessly has become a growing conce...
It seems that in recent years most of society, especially the younger generations, have turned to texting as their preferred mode of conversation. The infinite ability to communicate with other people around the world effortlessly has become a growing concern for parents and employers alike who ...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Sucuri WAF XSS Filter Bypass
Introduction Sucuri Cloud Proxy is a very well known WAF capable of preventing DOS, SQL Injection, XSS and malware detection and prevention. It acts as a reverse proxy which means that all the traffic sent to an application behind Sucuri WAF would be first ...
Introduction. Sucuri Cloud Proxy is a very well known WAF capable of preventing DOS, SQL Injection, XSS and malware detection and prevention. It acts as a reverse proxy which means that all the traffic sent to an application behind Sucuri WAF would be first sent to Sucuri's network which (based ...
1
Add a comment...
Have them in circles
1,152 people
Martin Grabarz's profile photo
Samuel Pedrini's profile photo
nirav oza's profile photo
Aseem Shrey's profile photo
Siddharth Kumar Pathak's profile photo
Tum Dev's profile photo
Kurt Kristensen's profile photo
Neha Saeed's profile photo
Muhammad Usman Ghani (ItsGhani)'s profile photo

RafayHackingArticles

Shared publicly  - 
 
Bypassing Modern WAF's Exemplified At XSS (Webcast)
Past Saturday, I conducted a " Webcast " on " Garage4hackers " on one of my favorite subjects in the field of Information Security i.e. " WAF Bypass ". Initially, i had decided to present something on the topic of " Mobile Browser Security " due to the fact...
Past Saturday, I conducted a "Webcast" on "Garage4hackers" on one of my favorite subjects in the field of Information Security i.e. "WAF Bypass". Initially, i had decided to present something on the topic of "Mobile Browser S...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
How Much Do Hackers Know About You?
The threat of black hat hackers has never been greater than now, considering the increasing organization of their efforts to make a dollar off of your digital assets and information. The common portrayal of the hacker is someone who knows enough about progr...
The threat of black hat hackers has never been greater than now, considering the increasing organization of their efforts to make a dollar off of your digital assets and information. The common portrayal of the hacker is some...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Facebook Account Hacked! What To Do Know?
Every single day i get emails in my inbox and on my facebook page  from users querying about how to recover hacked facebook account and a common problem i see in all of them is that they are proactive. Everyone searches for Facebook account recovery softwar...
Every single day i get emails in my inbox and on my facebook page from users querying about how to recover hacked facebook account and a common problem i see in all of them is that they are proactive. Everyone searches for Facebook account recovery softwares, Facebook hacking softwares and ...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Paypal Mobile Verification Bypass
In this post, i would like to share a very simple logic flaw I found earlier this year I have found a way to circumvent mobile verification by utilizing a different portal for logging into a paypal account. The flaw lies in the fact that paypal does not per...
In this post, i would like to share a very simple logic flaw I found earlier this year I have found a way to circumvent mobile verification by utilizing a different portal for logging into a paypal account. The flaw lies in the fact that paypal does not perform two step ...
1
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Android Browser All Versions - Address Bar Spoofing Vulnerability
Introduction Google security team themselves state that  "We recognize that the address bar is the only reliable security indicator in modern browsers" and if the only reliable security indicator could be controlled by an attacker it could carry adverse aff...
Google security team themselves state that "We recognize that the address bar is the only reliable security indicator in modern browsers" and if the only reliable security indicator could be controlled by an attacker it could carry adverse affects, For instance potentially tricking users into ...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Securi WAF XSS Filter Bypass
Introduction Securi Cloud Proxy is a very well known WAF capable of preventing DOS, SQL Injection, XSS and malware detection and prevention. It acts as a reverse proxy which means that all the traffic sent to an application behind Securi WAF would be first ...
Introduction. Securi Cloud Proxy is a very well known WAF capable of preventing DOS, SQL Injection, XSS and malware detection and prevention. It acts as a reverse proxy which means that all the traffic sent to an application behind Securi WAF would be first sent to Securi's network which (based ...
1
1
Add a comment...
People
Have them in circles
1,152 people
Martin Grabarz's profile photo
Samuel Pedrini's profile photo
nirav oza's profile photo
Aseem Shrey's profile photo
Siddharth Kumar Pathak's profile photo
Tum Dev's profile photo
Kurt Kristensen's profile photo
Neha Saeed's profile photo
Muhammad Usman Ghani (ItsGhani)'s profile photo
Contact Information
Contact info
Email
Story
Tagline
Learn Ethical Hacking And Security Tips From Experts.
Introduction
RafayHackingArticles a.k.a RHA is one of the top and leading security related blog owned by Rafay baloch covering topics such as security, Hacking news, Vulnerability research and Internet Security training for free.

The aim of RHA of to promote awareness regarding internet security and hackers. 

RHA get's more than 20k daily traffic, 10k+ twitter followers, 20k+ rss subscribers etc.