Nirav Patel

CVE-2022-36804: Bitbucket Server was vulnerable with Remote Code Execution (RCE) Docker Lab and Proof of Concept (PoC) python script can be found at github.com/walnutsecurity… Blog: walnutsecurity.com/cve-2022-36804…

Finally...!! It's always a great feeling to accomplished a long term goal. Super excited to posting this as I have successfully delivered my first Blackhat training in Blackhat USA 2022. "Attacking Injection Flaws Masterclass - Virtual" x2 batches bit.ly/3JO40iP

We are continuing our efforts in virtual environment! OWASP Pune Meet - 02 July,22 Topic: How to keep your dependencies secure & up-to-date Speaker: Pramod Rana (@IAmVarchashva) Time: 11 AM - 11:50 AM meetup.com/owasp-pune-cha… Google Meet: lnkd.in/d2RSqDzN cc:@JenyRaval

Docker-OSX - Run Mac in a Docker container hakin9.org/docker-osx-run… #infosec #cybersecurity #redteam #pentest #pentesting #hacking #hackers #coding #opensource #Linux #windows #DFIR #docker #iOS #macOS Hakin9

@theXSSrat Can you help me with the same? It is not working.

EVEN MORE FREE CODES :o This rat has not sufficiently secured his stuff! udemy.com/course/secure-… Cat out, peace

We are continuing our efforts in new normal! It’s virtual again! OWASP Pune Meetup: 8-Jan-22 Topic: The criticality of managing an application security program
 Speaker: Ankit Giri (@aankitgiri) Time: 11-11:50 AM meet.google.com/sve-yuqs-ipo @IAmVarchashva @JenyRaval @nirav4peace

Identifying and Exploiting Path Traversal or Remote Code Execution in Apache 2.4.49 and 2.4.50. For manual and automated approaches for exploitation, kindly visit below link walnutsecurity.com/path-traversal… @nirav4peace

We have created a vulnerable docker lab for CVE-2021-41773 and a PoC python script to test Path Traversal and Remote Code Execution vulnerability in Apache 2.4.49. github.com/orgs/walnutsec… I hope this is helpful. Do share your suggestions. @nirav4peace

👨‍💻Lack of #securecoding may lead to #security vulnerabilities making organizations & customers at risk 💡Learn the best methods to #secure your #code with Gaurav @4auvar & Mihir @m1h1rd at Nullcon Sep Online Training 2021 ✅Book your spot ➡️ bit.ly/3hz1cZc #SQL #Java

Hello everyone, we are starting our owasp meet at 11am. Please join the meeting from below link: meet.google.com/apt-cxui-zyc cc: @nirav4peace @IAmVarchashva @JenyRaval @owasp

We are continuing our efforts in new normal environment! It’s virtual again! OWASP Pune Meetup - 19th June, 2021 Topic: Attacking GraphQL APIs Speaker: Ali Jujara (@alijujara7) Time: 11 AM - 11:50 AM (Virtual) Location: meet.google.com/apt-cxui-zyc Meetup: meetup.com/OWASP-Pune-Cha…

We had a wonderful session by @sw4pn1lp on "Use of Linux commands for security testing". Thanks everyone for joining and we will be uploading the presentation in official @OWASP_PUNE website soon. #OWASPPune #Meetup #OWASP #VirtualSession cc: @nirav4peace @JenyRaval

We are back again with meet-up, new normal this time! Its virtual! @OWASP_PUNE Meetup - 20 Feb, 2021 "Use of Linux commands and utilities in security testing" by @sw4pn1lp Join meet.google.com/wcv-onwm-arb & Fill docs.google.com/forms/d/e/1FAI… @JenyRaval @nirav4peace

Detailed writeup about padding oracle @sanjay.gondaliya/workings-of-padding-oracle-7dd627828555?source=social.tw" target="_blank" rel="nofollow noopener">medium.com/@sanjay.gondal…

@realsanjay Awesome writeup!🍻🍻

Want to virtualize ARM-based firmware? Here is one of the custom way to achieve it. Part-1: payatu.com/blog/mihir/vir… Part-2: payatu.com/blog/mihir/vir… cc: @payatulabs #IoTSecurity #Firmware #Virtualizing

When the application has custom protections @realsanjay gets to build a custom extension in burp. nice writeup @notsosecure on managing application with per request HMAC protection

If you are stuck in a pentest and unable to run an automated/burp scans because of an integrity check at client side. Checkout this awesome blog by @realsanjay . New #notsosecure blog. notsosecure.com/automating-pen…