Profile

Cover photo
RafayHackingArticles
1,149 followers|46,913 views
AboutPostsPhotosVideos

Stream

RafayHackingArticles

Shared publicly  - 
 
Google Chrome, Firefox Address Bar Spoofing Vulnerability
Introduction Google security team themselves state that " We recognize that the address bar is the only reliable security indicator in modern browsers " and if the only reliable security indicator could be controlled by an attacker it could carry adverse af...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Acunetix Website Hack And Lessons Learnt
Last night, Website of Acunetix (A Wellknown Automated Web Application Scanner) was hacked by Croatian hackers. From that point of this onward the website has been taken offline and acunetix team are reviewing the root cause for the hack. Currently the home...
Last night, Website of Acunetix(A Wellknown Automated Web Application Scanner) was hacked by Croatian hackers. From that point of this onward the website has been taken offline and acunetix team are reviewing the root cause f...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Bypassing Modern WAF's Exemplified At XSS (Webcast)
Past Saturday, I conducted a " Webcast " on " Garage4hackers " on one of my favorite subjects in the field of Information Security i.e. " WAF Bypass ". Initially, i had decided to present something on the topic of " Mobile Browser Security " due to the fact...
Past Saturday, I conducted a "Webcast" on "Garage4hackers" on one of my favorite subjects in the field of Information Security i.e. "WAF Bypass". Initially, i had decided to present something on the topic of "Mobile Browser S...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
How Much Do Hackers Know About You?
The threat of black hat hackers has never been greater than now, considering the increasing organization of their efforts to make a dollar off of your digital assets and information. The common portrayal of the hacker is someone who knows enough about progr...
The threat of black hat hackers has never been greater than now, considering the increasing organization of their efforts to make a dollar off of your digital assets and information. The common portrayal of the hacker is some...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Facebook Account Hacked! What To Do Know?
Every single day i get emails in my inbox and on my facebook page  from users querying about how to recover hacked facebook account and a common problem i see in all of them is that they are proactive. Everyone searches for Facebook account recovery softwar...
Every single day i get emails in my inbox and on my facebook page from users querying about how to recover hacked facebook account and a common problem i see in all of them is that they are proactive. Everyone searches for Facebook account recovery softwares, Facebook hacking softwares and ...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Paypal Mobile Verification Bypass
In this post, i would like to share a very simple logic flaw I found earlier this year I have found a way to circumvent mobile verification by utilizing a different portal for logging into a paypal account. The flaw lies in the fact that paypal does not per...
In this post, i would like to share a very simple logic flaw I found earlier this year I have found a way to circumvent mobile verification by utilizing a different portal for logging into a paypal account. The flaw lies in the fact that paypal does not perform two step ...
1
1
Add a comment...
Have them in circles
1,149 people
Decks Needle's profile photo
VALASU DURAI's profile photo
sakthivel v's profile photo
Mahesh Prince's profile photo
Robert Rodriguez's profile photo
Aseem Shrey's profile photo
Mohmad Sharif Jamali's profile photo
Admin Admin's profile photo
Thiago Lucas's profile photo

RafayHackingArticles

Shared publicly  - 
 
Wordpress Mobile Detector Incorrect Fix Leads To Stored XSS
Recently, Wordpress Mobile Detector plugin was in news for the " Remote Code Execution " vulnerability that was found inside the resize.php file. The vulnerability allowed an external attacker to upload arbitrary files to the server as there was no validati...
Recently, Wordpress Mobile Detector plugin was in news for the "Remote Code Execution" vulnerability that was found inside the resize.php file. The vulnerability allowed an external attacker to upload arbitrary files to the s...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Bypassing Modern WAF's Exemplified At XSS (Webcast)
Past Saturday, I conducted a " Webcast " on " Garage4hackers " on one of my favorite subjects in the field of Information Security i.e. " WAF Bypass ". Initially, i had decided to present something on the topic of " Mobile Browser Security " due to the fact...
Past Saturday, I conducted a "Webcast" on "Garage4hackers" on one of my favorite subjects in the field of Information Security i.e. "WAF Bypass". Initially, i had decided to present something on the topic of "Mobile Browser S...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Bypassing Browser Security Policies for Fun and Profit (Full Presentation Video)
Blackhat has just recently released the full video for my talk on the subject of " Browser Security ", If you wish to read the Whitepaper/Slides and SOP Test Suite, you can refer to my previous post on " Bypassing Browser Security Policies For Fun And Profi...
Blackhat has just recently released the full video for my talk on the subject of "Browser Security", If you wish to read the Whitepaper/Slides and SOP Test Suite, you can refer to my previous post on "Bypassing Browser Securi...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Bypassing Browser Security Policies For Fun And Profit (Blackhat Asia 2016)
Few hours back, i delivered a talk at Blackhat Asia 2016  on "Bypassing Browser Security Policies For Fun And Profit ", the talk covered wide variety of topics starting from SOP bypasses, CSP bypass so on and so forth. Due to limited time i was only able to...
Few hours back, i delivered a talk at Blackhat Asia 2016 on "Bypassing Browser Security Policies For Fun And Profit", the talk covered wide variety of topics starting from SOP bypasses, CSP bypass so on and so forth. Due to limited time i was only able to cover few topics, however, ...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
Secure Application Development And Modern Defenses
Abstract When it comes to the internet, security has always been an after-thought. A great evidence to support the theory can be seen when we look at the history of the internet. The internet was created by US military back in 1969, branded as "Arpanet" at ...
When it comes to the internet, security has always been an after-thought. A great evidence to support the theory can be seen when we look at the history of the internet. The internet was created by US military back in 1969, branded as "Arpanet" at that time. In 1973, ARPANET created TCP IP ...
1
Add a comment...

RafayHackingArticles

Shared publicly  - 
 
How to Spy on Text Messages
It seems that in recent years most of society, especially the younger generations, have turned to texting as their preferred mode of conversation. The infinite ability to communicate with other people around the world effortlessly has become a growing conce...
It seems that in recent years most of society, especially the younger generations, have turned to texting as their preferred mode of conversation. The infinite ability to communicate with other people around the world effortlessly has become a growing concern for parents and employers alike who ...
1
Add a comment...
People
Have them in circles
1,149 people
Decks Needle's profile photo
VALASU DURAI's profile photo
sakthivel v's profile photo
Mahesh Prince's profile photo
Robert Rodriguez's profile photo
Aseem Shrey's profile photo
Mohmad Sharif Jamali's profile photo
Admin Admin's profile photo
Thiago Lucas's profile photo
Contact Information
Contact info
Email
Story
Tagline
Learn Ethical Hacking And Security Tips From Experts.
Introduction
RafayHackingArticles a.k.a RHA is one of the top and leading security related blog owned by Rafay baloch covering topics such as security, Hacking news, Vulnerability research and Internet Security training for free.

The aim of RHA of to promote awareness regarding internet security and hackers. 

RHA get's more than 20k daily traffic, 10k+ twitter followers, 20k+ rss subscribers etc.