Filtering WebSocket Noise in BurpSuite Using Bambda

Introduction One of the issues I faced while testing a WebSocket-heavy application is that there aren’t many filtering options available for WebSocket traffic — unlike HTTP messages in Burp Suite....

May 14, 2025 burp, websocket

Post-Dual Boot Cleanup – Reclaiming Lost Partition Space After Removing Ubuntu

Post-Dual Boot Cleanup – Reclaiming Lost Partition Space After Removing Ubuntu Introduction This isn’t my usual post about vulnerabilities, bug bounty, or web security. This time, it’s something ...

Apr 20, 2025 system, fix

BSides-Bangalore CTF - Cookie Tracker Blind XSS Challenge

Introduction This was a blind XSS challenge where the goal was to read the admin’s cookie. The given website was called “Cookie Tracker” and had three functionalities: Store your cookie. See...

Jun 28, 2024 ctf, writeup

Unauthenticated Email Enumeration via API Fuzzing

Introduction This blog post explores a recent finding I discovered in a bug bounty target. I stumbled upon a user enumeration issue that exposes email addresses without proper security measures. T...

Feb 21, 2024 bugbounty, writeup

Remote Code Execution through Dependency Confusion using Burpsuite Extension

Introduction Dependency Confusion is a security vulnerability that affects software dependencies in the software development process. It occurs when a public package manager installs an internal o...

Aug 19, 2023 bugbounty, writeup

Stealing Login Credentials using HTTP Request Smuggling

I recently discovered a significant security vulnerability in a target. The vulnerability, HTTP request smuggling, allowed me to manipulate the application’s behavior, potentially compromising user...

Aug 15, 2023 bugbounty, writeup