HackTheBox Business CTF 2023 – Crypto
Payatu Bandits played the HackTheBox Business CTF 2023 and secured 1st rank in India, but overall, we secured 31st by the end of the tournament. …
Effortless Pentesting of Apache Cordova Applications
In recent times, it has become more convenient for smartphone users to use a mobile application instead of browsing a website. If any organization wants …
Analyzing Android Apps at Scale: A Study of Top 50,000 Apps on Google Play Store (Part 1)
The growth of smartphone usage worldwide is nothing less than remarkable, with Android being the most popular mobile Operating System globally. According to the latest …
Understanding the Difference Between SameSite and SameOrigin
You might have come across both “same-site” and “same-origin”, and although they look and sound similar, these terms are among the highly cited but often …
Cracking the Code: My Journey to Conquering the OSWE Exam
Background Currently, I work as a security consultant at Payatu, primarily focusing on web penetration testing and source code review. I also have approximately 2 …
Impact of IoT and 5G on Web Application Security
Due to the rapid advancement of technology, there has been a surge in popularity of the Internet of Things (IoT) and 5G networks. These advancements …
HTTP Request Smuggling Attack Vectors
Keeping up with new vulnerabilities and attack vectors is essential in the always changing world of web application security. Recent years have seen an increase …
Web Services and its Attack Types
Web services attacks are a type of cyber-attack that target web-based applications and services. These attacks are designed to exploit vulnerabilities in web services, which …
HTTP Request Smuggling Basics
The HTTP Request Smuggling vulnerability, also known as the HTTP Desync Attack, has been around for a while but was brought back to attention by …
