Henry N. Caga

@darkshadow2bd Hi, thanks for sharing my findings. infosecwriteups.com/hacking-the-gi…

💥Google was vulnerable by XSS using just a simple payload🤯 Rrad the full POC on my telegram channel 👉🏼 t.me/ShellSec/55

@binitamshah Thank you so much!

Hacking the Giant : How I Discovered Google’s Vulnerability and Hall of Fame Recognition : @hncaga/hacking-the-giant-how-i-discovered-googles-vulnerability-and-hall-of-fame-recognition-694a9c18684a" target="_blank" rel="nofollow noopener">medium.com/@hncaga/hackin… credits @hncaga

Finally, the @GoogleVRP granted me permission to disclose the vulnerability I found within one of their sub-domains. As a result of this discovery, I advanced in Google's Hall of Fame and received a reward. @hncaga/hacking-the-giant-how-i-discovered-googles-vulnerability-and-hall-of-fame-recognition-694a9c18684a" target="_blank" rel="nofollow noopener">medium.com/@hncaga/hackin…

This video demonstrates how scammers can send SMS messages, deceiving mobile users by masquerading as legitimate banks or companies. Stay vigilant to protect yourself! Visit Cellular Assault Village at ROOTCON Hacking Conference fb.watch/ncF0NfS_CN/

ROOTCON 17 Preparation #CellularAssaultVillage

Are you into picking locks? Well, we have a village right for you! Checkout the LockPick Village #lockpick_village" target="_blank" rel="nofollow noopener">rootcon.org/html/rc17/vill…

We are days away from ROOTCON 17, and our villages are taking shape! Here is the initial line-up of village talks, more are underway. Car Hacking Village Talks Analysis of an In-vehicular network: From CAN bus to infotainment by Div0 CSQ Present-day vehicles such as the Connected vehicles (CV) include wireless and external functionalities that improve drivers' experiences. CV will continue to play a huge role in our daily lives despite mass adoptions on Electric Vehicles (EV) and testing on Autonomous Vehicles (AV). This talk will feature CSQ’s test bench 3 as we explore more features on Connected vehicles. We will talk more about Infotainment systems and the difficulties we face with setting up bench 3 and go through the vehicular architectural differences between test bench 2 and 3. Finally, we will point out some learning points and challenges. Blue Team Tricks - An overview of Automotive Defensive Engineering By Scott Sheahan Sun Tzu said, "If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” This talk is for car hackers to learn about modern defense measures being added to ECUs and Vehicle Architectures. Cellular Assault Village Talks Uncovering Cellphone Risks: Interception and Other Mobile Attacks In this talk, we'll explore the world of mobile security. We'll dive into how our everyday mobile devices and the communication system connect. We'll uncover different ways that hackers can attack mobiles, from intercepting calls to faking sender names in texts. We'll also dig into how these attacks work, like reading SMS over-the-air. We'll cover both passive and active ways that hackers intercept data. Passive ones quietly gather info transmitted between devices and cell towers. Active methods, on the other hand, pretend to be real cell towers to mess with communications. As we wrap up, you'll walk away armed with insights into the potential risks that our beloved mobile devices face and equipped with knowledge on safeguarding yourself against these digital threats. Lockpick Village Talks Safe Cracking 101: manipulating mechanical Group 2 safe locks Mechanical safe locks have been around for a very very long time, and with good reason, many have no idea how they work. With the obscurity of this safety mechanism, we achieve security. In this talk, we explore the working mechanisms of Group 2 Safe locks, debunk some Hollywood myths and learn to exploit it's inherent weaknesses. More details: rootcon.org/html/rc17

Cellular Assault Village fb.com/cellularassaul…

@bxmbn This came from new program or older program?

I was rewarded $9.600 bounties 2day and achieved what seemed to be impossible for a long time Top 100 All-Time ✅

My Google Hall of Fame ranking has climbed to 463. This achievement comes as a result of reporting a P1 (Priority 1) and S1 (Severity 1) critical vulnerability to Google's security team.

Nice Catch!!

@japzdivino Apat na ganyan sir. tatlo sa isang target, isa sa ibang target. Templated :D

@hncaga Yun na nga haha pati pala ikaw sir nadale na din.. medyo panget na now, kasi dati merong add participant para ma verify mo kung legit na dupes.. ngayon puro templated response na kahit wala naman sensitive info sa first reporter.

(1) Thank you for your report! Unfortunately, this was submitted previously by another researcher, but we appreciate your work and look forward to additional reports from you.

@jilles_com Got 8

Defacing Phishing Website: Proactive Measures to Safeguard Potential Victims link.medium.com/xOx7c3Ab3zb

Thank you @rootconorg The premier and largest hacking conference in the Philippines. It's an honor for me to be part of ROOTCON 17. See you all in September! #CellularAssautVillage #rootcon17 #cellular_assault_village" target="_blank" rel="nofollow noopener">rootcon.org/html/rc17/vill…

Current Google Leaderboard / Hall of Fame Rank!

@octacons @NuandLLC Cool!

Send image using Bladerf + sdrangel receive with RTL-SDR + Python amodem. 9.9KiB ISS jpeg successfully decoded. OS : DragonOS R.30 #Linux #bladerf @NuandLLC #Python #radiofrequency #rtlsdr #hackrf #dragonOS

@octacons Combining them all

@hncaga Ettus USRP

Finishing my own mobile debugging tool.

@cemaxecuter Another video for that please. Using X310 and B210. That will be great!

I’ll come back to this later 👍