Hi Hackers, Mention who inspired or helped you in your infosec / bug-bounty / PenTesting journey. #infosec #bugbounty #inspire

Thank you Yasnadon🇳🇵 for your participation, and you can expect a lot of cyber security events from PenTester Nepal🇳🇵 and OWASP Nepal in the near future.

"XSS To Account Takeover [Q2A Themes]" writeup is added in 'Pentester Nepal' Medium Publication by Nirmal Dahal - #Nittam : medium.com/pentesternepal… #infosec #PenTest #XSS #PTN

Here comes my first blog on medium about OODA loop, which is a four-step process for making effective decisions in high-stakes situations. For more info please follow the link below. CryptoGen Nepal link.medium.com/4NSiCKer2ib

"ByPassing eBay XSS Protection" writeup is added in 'Pentester Nepal' Medium Publication by Nirmal Dahal(Nirmal Dahal - #Nittam ): link.medium.com/N7u3OwvHfjb #infosec #bugbounty #Ebay #XSS #PentetserNepal #medium

"leveraging the SQL injection to execute the XSS by evading CSP (Content Security Policy)." Although it sounds silly, I am dumb enough to do this 🥶 Link: link.medium.com/hL0B5II0itb

Back in June 2022, I found a flaw in the MEGA cloud storage system that let me store more data than they permit for free accounts. I was able to store roughly 1300GB data in MEGA, despite the fact that the free account storage restriction for MEGA is 20GB. nirmaldahal.com.np/posts/2022/11/…

Simran Karki started her YT channel You can follow her channel for infosec and internet safety tips. Congrats 🎉and good wishes to her for creating useful contents! youtube.com/@hercyberworld

CryptoGen Nepal is among #Top250MSSP by MSSP Alert We are thrilled to share this with all of you and we have a continuous drive to focus on Cyber Security and be the Cyber Security Partner by Choice. Full story: cryptogennepal.com/blog/msspalert… #Made4Security #CyberSecurity #MSSP

We at CryptoGen Nepal dug deep into the #trojan app named #NepaliGirl causing fear in Nepal cyberspace & found some concerning findings. Big shoutout to niraj with whom I have always had a great collaboration experience. Full Report: cryptogennepal.com/case-studies/n…

Enjoyed recording this podcast with you, Sushant Pradhan 😄 Thanks for having me #Made4Security

Regex mastery is key for Forensics, Red/Blue Teams, Dev roles. Try ReGen - inspired by Burp Suite's Grep and Extract feature, it simplifies Regex crafting. Create the desired Regex with ease. Join to shape Regex simplicity in cybersecurity github.com/TheNittam/ReGen

🚨 CVE-2025-29927 (9.1/10) 🚨 If your app uses Next.js Middleware for authentication, attackers can bypass it. Check if your Next.js version is affected: 1️⃣ Right-click → Inspect 2️⃣ Open Console 3️⃣ Enter next.version Affected Versions & Full Details: github.com/vercel/next.js…

Used Gemini Flash (free tier) + Python + AI browser agent to run a basic vuln assessment on DVWA locally. No paid tools. No human clicks. Just AI following prompts. It worked and this is just the beginning. If we can do this now with limitations, imagine what’s future holding.

We are excited to announce that HackerOne will be our Community Partner for the 12th Anniversary Celebration Program! 🎉 Get ready for an exciting lineup of cybersecurity talks, CTF challenges, and networking sessions. Thank you for your support! #PTN #community #HackerOne

We’re excited to announce that bugcrowd will be the Supporting Partner for Pentester Nepal’s event! 🎉 Get ready for a thrilling lineup of cybersecurity talks, CTF (Capture The Flag) challenges, and networking sessions. Thank you for your support! #PTN #ItTakesACrowd

Thank you Ullens College bugcrowd Altered Security HackerOne APIsec University NCA Nepal Rovix Cloud stickermandu🙏🇳🇵 A huge appreciation to all the amazing speakers, volunteers, & participants who made this event possible! 🎉 We look forward to organizing another event together soon!

You can use the same testing approach to verify exposure to CVE-2025-55182 (CVSS 10.0 - Critical) Ref: vercel.com/changelog/cve-… Fixed in: React: 19.0.1, 19.1.2, 19.2.1 Next.js: 15.0.5, 15.1.9, 15.2.6, 15.3.6, 15.4.8, 15.5.7, 15.6.0-canary.58, 16.0.7