Paras AroraPrivilege Escalation from being a normal user to adminPrivilege Escalation: Privilege escalation happens when a malicious user exploits a bug, design flaw, or configuration error in an…2 min read·Jan 5, 2021----
Paras AroraEasy win with Broken Link HijackingWhat is Broken Link Hijacking?2 min read·Nov 10, 2020--1--1
Paras ArorainInfoSec Write-upsAutomating xss identification with Dalfox & ParamspiderCross Site Scripting allows an attacker to inject malicious javascript code in the web application through some parameters and can be…2 min read·Oct 27, 2020--3--3
Paras AroraHunting for CVE: 2020–3187 , 2020–3452Back with another writeup. In this I will be discussing about how easy is to hunt for CVE:2020–3187&, 2020-3452 and what are the steps…2 min read·Aug 11, 2020----
Paras AroraCSRF On Change PasswordI Found the CSRF On Password Change functionality issue on one of the private program.2 min read·Jun 5, 2020----
Paras AroraStored xss on account creationI recently started hunting on one program and from very first step of account creation I thought to hunt for xss.1 min read·May 31, 2020--1--1
Paras AroraHow I hacked into a Admin Portal of a Tech Company last night?The question is Why I initiated the things to hack this companies portal specifically ?1 min read·May 9, 2020----
Paras AroraHow I was able to verify any contact number for my account?OTP Bypass | Second Factor Authentication (2FA) Bypass1 min read·Mar 17, 2020----
Paras AroraFound Simple Reflected XSS with a simple enumerationHow a lil enumeration helped me finding simple xss on a searchbox.1 min read·Mar 1, 2020----
