Building an Operating System from scratch by Carlos Fenollosa: github.com/cfenollosa/os-…

From Compiler Optimization to Code Execution. VirtualBox VM Escape (CVE-2018-2844) by renorobert voidsecurity.in/2018/08/from-c…

Our first official presentation "Getting your hands dirty - A practical approach towards teaching #security through interactive problem solving" would be happening OFFZONE in the main track at 4PM. Do come & say hello if you are around :) Cc: Anirudh Anand mohan

A new version of kurukshetra would be released for HITBSecConf Dubai next week with advanced features including: - New language support: Python, NodeJs, Ruby - One click challenge hosting - Improved Admin dashboard: Real time container management #securecoding #DevSecOps

Kurukshetra v2.0 has released with great new features (as promised) during our HITBSecConf Dubai presentation today. Catch up with us again tomorrow from 10 - 1 PM on booth 2. git.io/fpgqc cc: Anirudh Anand HITBArmory #securecoding #HITB2018DXB #HITBArmory #security

Analysis and Exploitation of Prototype Pollution attacks on #NodeJs - @Nullcon #HackIM CTF web 500 writeup - bit.ly/2SCzaSU #security #javascript #ctf cc: Anirudh Anand Sudheer Varma @harshafriend4al

From 4 sources to 3 sinks in DOM #XSS - DomGoat level 1-10 (all levels) writeup bit.ly/2NIidjW #domxss #js #infosec #Security cc: Anirudh Anand Lavakumar Kuppan Ironwasp Security

Dive deep into #Android Application Security - OWASP MSTG Uncrackable level 1 writeup - bit.ly/2nGtybl cc: Anirudh Anand @OWASP_MSTG #security #appsec

Analysing CVE-2023-51467 - #Apache OFBiz Authentication bypass to Remote Code Execution: blog.0daylabs.com/2024/02/26/apa… Anirudh Anand

Exploiting flawed implementation of Payment Request API in Chrome for #XSS - Google VRP (Google Bug Hunters) awarded $16,000 ! Amazing research by slonser 😎 blog.slonser.info/posts/cve-2023…… #Security #bugbounty

Dragon Ball Z have taught me more life lessons than 12 years of schooling could ever teach. Thank you so much Akira Toriyama for making my childhood awesome ♥️ You will be deeply missed 🥹 #RipAkiraToriyama #DBZ

Facebook Account Takeovers worth $125000🤯 insane bugs from Youssef Sammouda (sam0) 🔥 ATO using Canvas on Comet due to failure in Cross-Window-Message Origin validation: ysamm.com/?p=783 DOMXSS in Instant Games due to improper verification of supplied URLs: ysamm.com/?p=779

Diving deep into Jetbrains #TeamCity Part 1 - Analysing CVE-2024-23917 leading to Authentication Bypass: blog.0daylabs.com/2024/05/27/jet…

Diving deep into Jetbrains #TeamCity Part 2 - Analysing CVE-2024-24942 leading to unauthenticated Path Traversal: blog.0daylabs.com/2024/12/11/jet…

When @google, Microsoft Security and Facebook security team comes together and gives you a PoC Bug for being top 5 in #CTF. #nullcon

Red Team Arsenal (RTA) - An intelligent #scanner to detect #security vulnerabilities in company's layer 7 assets Author: Anirudh Anand github.com/flipkart-incub…

Open Sourcing #Kurukshetra - A framework for teaching secure coding by means of interactive problem solving ! github.com/a0xnirudh/kuru… #security #SecureCoding #appsec Demo: kurukshetra.io Full Documentation: docs.kurukshetra.io

One of the most interesting projects I have ever worked on is finally #OpenSource Do check it out and give the feedback: github.com/a0xnirudh/kuru… Special thanks to all the contributors: Ankur Bhargava PrajalKulkarni mohan sagar popat darkh00t Harsh Pardeep Battu x.com/KurukshetraHQ/…