No, It’s Not Everyone’s Favorite “Kali Wifi Hacking Tutorial” — Impersonating Anyone In College

Learning to hack stuff takes learning. Yeah, I know, weird right? There is no “get rich quick” way to become 1337 hacker. It’s part learning and part mindset. And no, there is no YouTube video for “WiFi hacking”. If you didn’t switched the tab and searched the…

By Piyush Raj

How A Bad Implementation Can Allow Anyone To Hijack Every My Campus Days Account

I’m writing this almost 1 year after reporting them about their weird implementation. So, Responsible disclosure … CHECK And also because one of my friends noticed it recently and insisted me on writing this article. So, how I got the idea in the first place? ……

By Piyush Raj

Cracking IIT Bombay’s FOSSEE Fellowship the bad way, or maybe the intelligent way?

So let’s revert back some months … I just came to know about a fellowship program by IIT Bombay, named FOSSEE. It’s just 26 hours before hitting the deadline, let’s get into it! After seeing and reading the documentation, mainly, it included two steps : It seemed to be a…

By Piyush Raj

OS Command Injection on Node.JS Jison module

Finding OS Command Injection vulnerability which allows arbitrary shell command execution through a crafted command-line argument on Jison in parser ports began when I started receiving lots of invites over Hackerone. An injection vulnerability manifests when application code sends untrusted user input to an interpreter as…

By Piyush Raj

The generic "Hello, world" — 0x48piraj

Today, I'm happy to announce the launch of this blog, all shiny and brand spanking new! It’s been two to three weeks in the decision making and coding and I'm really happy that the community can finally see it. There are still many major changes that have to be implemented in the website, but for now, it is…

By Piyush Raj