About Me
YoKo has spent more than 9 years (from total of more than 12 years) in information security field, focused in risk from security testing point of...
July 25, 2014
Tagged: About Me
Search
Recent Posts
- Optimizing Hunting Results in VDP for use in Bug Bounty Programs - From Sensitive Information Disclosure to Accessing Hidden APIs which can be used to Retrieve Customer Data
- From Recon to Bypassing MFA Implementation in OWA by Using EWS Misconfiguration
- From 3,99 to 1,650 USD (Part I) – Simple Vertical Privilege Escalation by Changing HTTP Response
- From Recon to Optimizing RCE Results – Simple Story with One of the Biggest ICT Company in the World
- If Allah willed it, will be back soon!
- 5,000 USD XSS Issue at Avast Desktop AntiVirus for Windows (Yes, Desktop!)
- CVE-2019–18624 – Illegal Rendered at Download Feature in Several Apps (including Opera Mini) that Lead to Extension Manipulation (with RTLO)
Categories
- About Me (3)
- Achievements (2)
- Bug Report (27)
- Desktop Apps (4)
- Mobile Apps (5)
- Random Things (8)
- Terms of Use (1)
- Web Apps (18)
- Write-Up (17)
- Write-Up in Bahasa (4)
Latest Tweets
AutoRecon v2 is officially released. The README has been updated. I am working on documentation for the plugin system, but most people won't need that.
Huge thank you to everyone who helped beta test it.
https://github.com/Tib3rius/AutoRecon
For those asking, this blog post explains how to do what I did in pretty good detail https://link.medium.com/H1Nohceeyjb @riyazwalikar
Nice blog on the CVE-2021-40444
https://www.securify.nl/blog/click-me-if-you-can-office-social-engineering-with-embedded-objects
Unauthenticated Remote Code Execution in Motorola Baby Monitors [FIXED] https://randywestergren.com/unauthenticated-remote-code-execution-in-motorola-baby-monitors/