I found many web application security issues in the Sony Network and I got acknowledged in the hall of fame.
https://secure.sony.net/hallofthanks
Latest Blog Posts
Acknowledged by SoundCloud
I found a self XSS and got rewarded by SoundCloud ๐
https://twitter.com/OsandaMalith/status/451157629591515136/photo/1
44 Retweets and 114 Favorites ๐
Share this:
2nd Time by LinkedIn
Apparently I found another method to bypass 3rd degree profiles and I got a nice letter ๐
Share this:
Rewarded by Sendgrid
Reported some issues related to the server side. Got a nice t-shirt and some sticker ๐
Share this:
Awarded by Reddit
Reported some issues related to SSL, regarding weak ciphers.ย http://www.reddit.com/user/Omega_Nuller/
Share this:
Acknowledged by Barracuda Labs
For the first time I hunted Barracuda, and not bad I am listed at the 78th position out of 255 ๐
Share this:
Acknowledged by Circleci
Reported a vulnerability relaters to the server side software. ย https://circleci.com/security/hall-of-fame
Share this:
BrowserFreak
This is small automated tool for dumping stored browser passwords. No need to run as Administrator to function this properly. Fully written in Windows batch and VBS.ย This tool is based on the following tools by nirsfot.
Features
- Can dump passwords of Chrome, Firefox, Opera, Safari and IE
- Works with any Windows OS as it is written in batch
- Has a self destruction option which would delete all of the downloaded files and app it self
- Can be used during pen-tests, mostly in the post exploitation phase
- Requires internet connection
- Added some voice ๐
Sometimes you AV would flag this as a malware but it is a false positive.
Download:ย http://osandamalith.github.io/BrowserFreak/
Thanks a lot for the nice review by Dimitrious Kalemis https://dkalemis.wordpress.com/2014/03/23/review-for-osanda-maliths-browser-freak-utility/
