Gaurav Nayak

Shared my experience of code review and common Security mistakes of developers. payatu.com/blog/gaurav/10… Cc: @payatulabs

Congratulations to @4auvar for clearing our Certified Red Team Professional exam! #ADLab #CRTP #AlteredSecurity cc @nikhil_mitt alteredsecurity.com/adlab

🧵Can you work out how to bypass this vulnerable CSRF protection? Read all about this gotcha in my latest blog post

I'm going to explain how I found two OS command injection vulnerabilities a few days ago. The vulnerabilities were quite easy to exploit once the injection points were identified.

@suchetadalal @MoneylifeF @Moneylifers @MoneylifeIndia I am facing the same issue from @StarHealthIns Really disappointed with their services.

Folks -- the comment section of this article indicates that there are serious issues here. If you have similar experiences with Star Health & Allied Insurance, do help us collate information by sending us details at foundation@moneylife.in @MoneylifeF @Moneylifers @MoneylifeIndia @yogtoday

Pathetic service @StarHealthIns Their doctors are not even validating the documents provided and just keep on repeating the same blunder. Even after submitting all the required documents they denied reimbursement.

😡Absolutely frustrated with StarHealth insurance provider! It's been nearly 2 months since I submitted my reimbursement claim, and I still haven't seen a dime. Sent many emails as well but no satisfactory response. Is this what we pay premiums for? @StarHealthIns @irdaindia

Bypassing Two-Factor Authentication for Facebook Accounts ($25,300) #bugbounty #bugbountytips #cybersecurity #hackerone #ethicalhacking #vulnerability #facebook #meta #instagram #networksecurity #programming #cybersec #infosec @bazzounbassem/bypass-two-factor-authentication-of-facebook-accounts-25-300-7ae152d7836a" target="_blank" rel="nofollow noopener">medium.com/@bazzounbassem…

🎧Wear your headsets 🌋Volume up for this one! The flagship HackIM CTF 15th Edition is now open for you to register ➡️bit.ly/3PKOrgx ⭐Sponsored by @ChaleitG | 🧠Challenges designed by @ENOFLAG #NullconGoa2023 #Infosec #Conference

Good read 👌, super work @win3zz 💪

Were you able to spot the vulnerability in yesterday's code snippet? 🕵️‍♂️ ✅ Yes? That’s impressive! ❌ No? Don't worry. This is your chance to learn, so let's take a look at the writeup 👇 🧵 Be sure to keep reading this thread for more resources and the winner of our swag!

👨‍💻Learning new #infosec techniques alongside your peers with Hands-On lab sessions will give you the headstart you need for 2023! 👉Register here for the #onlinetrainings ➡️bit.ly/3LRuQHL #Nullcon #Cybersecurity #securecoding #cloudsec #OWASPTop10 #reverseengineering

I wonder why some sys-admins configure the server with sudo privileges! 🤔 Tip: Always test for Expression Language Injection like OGNL when you see *.do and *.action file extensions. #security #bugbountytip #hacking

@win3zz Nice find Bipin 🔥

Check out my latest blog on how I compromised a banking server by exploiting some vulnerabilities. The journey from AFR to RCE. I hope you'll like it. 🥂 #security #infosec #hacking link.medium.com/rwy23Wko3ub

Very well written. Must read blog.

9 Google Dorks you NEED to know about! 🧵 Google knows everything about your target. Google Dorking is using the search engine to find juicy stuff! Here are some quick examples to show you the POWER of dorks 👇

The KING is back 👑 Take a bow, Virat Kohli 🙌 #T20WorldCup | #INDvPAK

💡How often do you revisit the past patched vulnerability?👾There could be a malicious code still hiding in plain sight! 🧠End this year on a progressive note by💻upskilling at Nullcon #OnlineTrainings 🎟️Early Bird offer is activated👉bit.ly/3LRuQHL #Nullcon #Infosec

[2/100] #100DaysOfCloud Today I researched on AWS logging and monitoring best practices. Below are the points: 👇🧵

👨‍💻Learn #securecoding 💡Gaurav @4auvar & Mihir @m1h1rd with this training will provide a guide to make the code secure, understand the common mistakes at the code level & guard against #security #vulnerabilities 🖥️Checkout & register here➡️bit.ly/3EaArae #Nullcon

Proud to have @ChaleitG as Workshops Sponsor for #BSidesDelhi @SecurityBSides #securitybsides #bsidesdelhi2022 #infosec