Ultralearning Project - Horse Riding

Badshah published on 2021-11-20

I have started an ultralearning project for this month - to ride a horse without the help of a trainer/groom. The timeline for this will be a bit more than one month (20th Nov - 21st Dec 2021), excluding Mondays and rainy days.

Most of the applications I see these days heavily depend on APIs. Pentesting them is a bit different than that of web applications. In this writeup I will show you how I discovered the vulnerabilities in the “Vulnerable API” project.

Vulnerable API writeup

Badshah published on 2020-07-10

Most of the applications I see these days heavily depend on APIs. Pentesting them is a bit different than that of web applications. In this writeup I will show you how I discovered the vulnerabilities in the “Vulnerable API” project.

There are so many resources around domain and subdomain takeovers but none around how to remove this bug class. In this blog post, I will walk you through the (sub)domain takeover bug class, the different types of takeovers, and finally the mitigations.

How to remove DNS record takeover bug class ?

Badshah published on 2020-06-06

Dangling DNS records are not something new. They are just out-of-date DNS records which may have served its purpose in the past. This DNS record trash has been there for ages and was not considered a security issue. They are pointing to some resource (IP or DNS record) that was owned/trusted in the past. What makes the dangling DNS record deadly is the fact that others can seize the resources that the record is pointing to.

Adding Gitleaks to Gitlab CI Pipeline

Badshah published on 2020-03-22 included in category Experiments

Gitleaks has become quite popular. Its features gives a tough competition to its predecessor trufflehog. Some of its uber cool features are: Comparatively fast when scanning large repos (as it is a compiled Golang binary) It can run on all platforms that Golang supports. User can add custom regex to detect more secrets Allows whitelisting of detected secrets / false positives Allows audit of GitLab and GitHub repos, groups and orgs.

/experiment/cloud-function-to-pub-sub/featured-image.png

Creating a Cloud Function to publish messages to Pub/Sub

Badshah published on 2020-02-23 included in category Experiments

Every time I want a cloud managed message queue, I would look at AWS SQS service. It’s simple. Create a SQS queue, get the HTTP endpoint for the queue, start posting the messages using any HTTP client like curl. This time I made up my mind to give GCP’s counterpart a try. The GCP’s counterpart is Pub/Sub. On a high level, the queue is known as topic in the Pub/Sub terms.

Fast Reverse DNS Lookups using FDNS and MongoDB

Badshah published on 2020-02-17 included in category Experiments

As part of my research, I wanted a way to find all the DNS records which points to a particular IP address. Not only should it be fast, it should be cheap as well. If you are a DNS researcher you would know about the Rapid7’s free FDNS dataset. I was not able to find any online post that showed me how to get subdomains using IP address in the FDNS dataset.

Chandrapal Badshah