Rakesh Mane
Info
Web & Browser Security
Bug Bounty Hunter
Offensive Security Certified Professional (OSCP)
CVE
CVE-2020-9916
:
Safari Browser (WebKit) : URLs Unicode Hostname Parsing Bug.
CVE-2019-11744
:
Firefox Browser : XSS by breaking out of title and textarea elements using innerHTML.
CVE-2019-13607
:
Opera Mini for iOS Browser : Universal-XSS.
CVE-2019-11720
:
Firefox Browser : Incorrect whitespace parsing allowing evading of XSS filtering.
Tools
LinksCrawler
: Simple active web crawler.
jsHELL
: Provides reverse javascript shell of your mobile browsers.
LazyHunter
: Web UI to commonly used web pentesting tools via Docker Image.
LinksRecon
: Advanced passive+active web links recon framework.
XSS-Scanner
: Finds possible vulnerable endpoints for manual verification.
OpenRedirect-Scanner
: Bypasses Open Redirect filters.
Writeups
JSP ContextPath Link Manipulation - XSS
XSSing Web - 2
XSSing Web - 1
Google CTF 2017 XSS Challenge (Joe) Writeup
URLs Anchor Text Spoofing
Account Takeover via Misconfigured OAuth
How I XSSed My Crush
Operating Raspberry Pi from Mobile.