sunny‏‏‎

Hello everyone, i have written a blog for the first time, i hope you all will like it😄. hulkvision.github.io/blog/post1/ #bugbounty

Send a GIF, crash a phone. The fix for CVE-2025-48631 missed a code path and the bug is still there. New blog post on how I found it hulkvision.github.io/blog/android-n…

x.com/ThisIsDK999/st… Here's the thread on how to achieve RCE via GroovyConsole in AEM even with a heavy dispatcher configuration!

Exploiting Android Client WebViews with Help from HSTS seanpesce.blogspot.com/2024/09/exploi…

Exploiting JavaScript Interface for Unauthorized Access in a 'global' cryptocurrency exchange android app hulkvision.github.io/blog/javascrip… #infosec #androidapp

Conducted IoMT PT on one of the large manufacturers of different medical devices, critical flaw leads to access their azure! Here is how: TL;DR Frontend application was running on kiosk mode, backend was win with restrictions such as application control, where you cant, [1/n]

@HackerOn2Wheels also i have been reading about smart contract hacks for quite some time now.

@HackerOn2Wheels @CyfrinUpdraft @aiarena_ @code4rena no i did not have past smart contract development experience, I just had some source code review experience from my office job.

Started my smart contract auditing journey after completing the @CyfrinUpdraft course with @aiarena_ @code4rena contest. Reported 3 high severity bugs, waiting for the contest results to see how i performed.

Road to fuzzing android applications Creating JVM instances: @valsamaras/creating-and-using-jvm-instances-in-android-c-c-applications-c289415b9dbd" target="_blank" rel="nofollow noopener">medium.com/@valsamaras/cr…

#0day #research #bugbounty #informationsecurity blog.malicious.group/from-akamai-to… How I *AM* able to abuse Akamai to abuse F5, to abuse all of their customers. This is a bug chain that doesn't require a bug on the target domain to exploit them. But what do I know, I am a freelance nobody.

Thank you @GoogleVRP for the awesome gifts🤩 #BugBounty

Today I am finally releasing a new 3-part browser exploitation series on Chrome! This was written to help beginners break into the browser exploitation field. Part 1 covers V8 internals such as objects, properties, and memory optimizations. Enjoy! jhalon.github.io/chrome-browser…

I have published my Blog on "How I approached Dependency Confusion!" Hope you people will like it :) #bugbounty #infosec link.medium.com/Nnh2RqGRgnb

New blog post: Zooming in on Zero-click exploits googleprojectzero.blogspot.com//2022/01/zoomi…

@LukasStefanko @artem_i_baranov yeah there is typo in the blog, or should i say learnt it saying 'transversal' instead of 'traversal' 😅. Thanks @artem_i_baranov for pointing out my mistake.

@artem_i_baranov @hulkvision Sorry man, I haven't even realize there is a typo either in the blog or in your comment 🤦‍♂️ I automatically saw traversal 😀

RCE in Adobe Acrobat Reader for Android (CVE-2021-40724) $10,000 bounty received from GPSRP Excellent exploitation and write-up by @hulkvision Report: hulkvision.github.io/blog/post1/ Quick summary how it was achieved👇

@enovella_ before v21.9.0.19548

@hulkvision which versions were affected?

Hello everyone, i have written a blog for the first time, i hope you all will like it😄. hulkvision.github.io/blog/post1/ #bugbounty