Just another typical wordpress site documenting some cybersecurity vulnerabilities, topics, etc…
About Me:
I started out learning web app pentesting and gradually moving to network security to IT/Cybersecurity. I now work as a Security Engineer in the finance space. I maintain this site for fun in what little spare time I have.
Some notable vulnerabilities that I have found and reported over the years include:
Websites
XSS: Citizensbank.com
SQLi: Yahoo.com subdomain
SQLi: JinkoSolar.com
SQLi: BMC.com TrackIT Helpdesk Portal
SQLi & XSS: edoclogic.com iDocVault
SQLi & PII information disclosure: Sunwarrior.com Referral Program
SQLi: Americantopteam.com
SQLi: Baystategames.org registration portal
SQLi: Lopers.com University of Nebraska
SQLi: Hyperline.com
LFI: Bornthinker.com
Software
SentinelOne: Unquoted service path
EventSentry: Unquoted service path
FireEye: Unauthenticated Redis