Tiredful-API: Vulnerable REST API App
What is Tiredful API? Tiredful API is intentionally designed broken app. The aim of this web app is to teach developers, QA or security professionals about flaws present in webservice (REST…
Quick Heal Anti-Virus Security Assessment
Introduction Payatu Research Team performed vulnerability research on QuickHeal Anti-virus and we were able to find few vulnerabilities in the AV which could be exploited to compromise the victim machine. Vendor www.quickheal.co.in Product Quick Heal Anti-Virus Description Around…
Uninitialized Stack Variable – Windows Kernel Exploitation
Introduction We are going to discuss about use of Uninitialized Stack Variable vulnerability. This post will brief you about what is an uninitialized variable, what could be the adverse effect of…
From Crash to Exploit: CVE-2015-6086 – Out of Bound Read/ASLR Bypass
Introduction This is a story of an Out of Bound Read bug in Internet Explorer 9-11. This is almost 5 years old bug which got discovered in April 2015. It is…
DIVA
What is DIVA? DIVA (Damn insecure and vulnerable App) is an App intentionally designed to be insecure. We are releasing the Android version of Diva. We thought it would be a…