I'm a security researcher and bug hunter.
Computer Engineering student passionate about cyber security and its assets. Experienced in developing security tools, performing in-depth security research and report writing. Participated in public bug bounty programs and reported multiple bugs.
I show only my best works built completely with passion, simplicity, and creativity!
r3conwhale aims to develop a multifunctional recon chain for web applications, intelligently interpreting collected data, and optimizing performance and resource consumption through a concurrency-based approach.
A simple command line tool that encrypts and decrypts files using AES encryption and stores the key in a separate file.
Network hound is a network packet sniffer that captures and analyzes network packets on a given interface. The tool is implemented using scapy and Pandas. The packets can be saved to a csv file for later analysis. Network hound can filter the packets based on TCP and/or UDP protocols and source and destination IP adresses.
The first step of the payload is to set the location property which is a built-in JavaScript object that represents the URL of the current page, and setting it to a new URL is constructed using a template string that includes the following components...
View the page source and observe that your canary is between the angularJS script. Remember that you are dealing with angularJS sandbox, that means regular attack vectors are not going to work. For being able to deliver a successfull XSS attack you have to bypass the angularJS sandbox.
I am not completely against to use dual-boot as a solution but if you are just low on disk space , using dual-boot as a solution can be annoying. So if you are looking for another solution, you are at the right place.