Raspberrypi as poor man’s hardware hacking tool
Introduction I have been wanting to write this blog for quite some time, either I was busy or lazy. I have been asked by so many people on the list of…
“Find – Bluetooth Tracker” Responsible Vulnerability Disclosure – Blog
Introduction: With the advent of IoT, everything is getting connected to the internet. Bluetooth is one such protocol which is used to connect devices to the internet as the most mobile…
Another case of a Vulnerable Smart Lock
I am back with a another blog after a long time. I have been buying lot of random things from aliexpress/banggood and smart locks are one of them. With the…
IoT Security – Part 4 (Bluetooth Low Energy – 101)

Bluetooth Low Energy 101 If you haven’t read through Part 1 to Part 3 of our IoT Security Blog series I would urge you to go through them first unless you…
Tiredful-API: Vulnerable REST API App
What is Tiredful API? Tiredful API is intentionally designed broken app. The aim of this web app is to teach developers, QA or security professionals about flaws present in webservice (REST…
Quick Heal Anti-Virus Security Assessment
Introduction Payatu Research Team performed vulnerability research on QuickHeal Anti-virus and we were able to find few vulnerabilities in the AV which could be exploited to compromise the victim machine. Vendor www.quickheal.co.in Product Quick Heal Anti-Virus Description Around…
Uninitialized Stack Variable – Windows Kernel Exploitation
Introduction We are going to discuss about use of Uninitialized Stack Variable vulnerability. This post will brief you about what is an uninitialized variable, what could be the adverse effect of…
From Crash to Exploit: CVE-2015-6086 – Out of Bound Read/ASLR Bypass
Introduction This is a story of an Out of Bound Read bug in Internet Explorer 9-11. This is almost 5 years old bug which got discovered in April 2015. It is…
DIVA
What is DIVA? DIVA (Damn insecure and vulnerable App) is an App intentionally designed to be insecure. We are releasing the Android version of Diva. We thought it would be a…
HackSys Extreme Vulnerable Driver
Introduction HackSys Extreme Vulnerable Driver is intentionally vulnerable Windows driver developed for security enthusiasts to learn and polish their exploitation skills at Kernel level. HackSys Extreme Vulnerable Driver caters wide range of vulnerabilities ranging from simple Buffer Overflows to complex Use After Frees and Pool…