PinnedBinamra PandeyinInfoSec Write-upsHow I got my first bounty. (Open Redirect)On September 16, I was searching for a bug in a certain website let’s call it “buggyweb.com”. I was clicking and visiting every link…1 min read·Oct 12, 2020--3--3
Binamra PandeyLinux Privilege Escalation Part 1After we gain an initial foothold on the machine, the next step is to escalate the privilege of that machine. So in this writeup, we will…2 min read·Oct 16, 2022----
Binamra PandeyStabilizing Netcat ShellThe Basic Netcat shell has some limitations like we cannot use “Up arrow/Down arrow” to scroll through previous commands, cannot use the…2 min read·Aug 22, 2022----
Binamra Pandey2FA Misconfiguration leads to adding any number as 2FA verificationI was testing 2FA on a website. At first, I tried to bypass 2FA but I was not successful, then I thought of something else. What if I can…2 min read·Feb 22, 2022----
Binamra PandeyinInfoSec Write-ups[Metasploit]Upgrade Normal Shell To Meterpreter ShellAfter we got access to the machine, sometimes we get Meterpreter Shell immediately after exploitation. Meterpreter Shell offers the easiest…3 min read·Sep 16, 2021--1--1
Binamra PandeyTryHackMe: Bolt walkthroughHello People, In this write up I have covered a walkthrough for the Tryhackme box called “Bolt”. So let’s get started. Link…3 min read·Jul 29, 2021----
Binamra PandeyHow the simple flaw leads to leakage of all questions on the school examination website.After the Covid blew up, everything has moved online. School started to teach online to its student and even decided to take exams online…2 min read·Jul 15, 2021----
Binamra PandeyTryhackme- ‘Lazy Admin’ walkthroughHello People, In this write up I have covered a walkthrough for the Tryhackme box called Lazy Admin. So let’s get started.5 min read·Jun 24, 2021----
Binamra PandeyFile Upload Leads to Stored XSSA while ago I have written a post on “Unrestricted File Upload” by exploiting that bug I was able to upload any extension file, even…1 min read·Apr 5, 2021----
Binamra PandeyUnrestricted File UploadI was testing on a website let’s call it “buggyweb.xyz”. After sometime i found that there was discussion forum which URL was something…1 min read·Jan 12, 2021--2--2