Disclosure

December 1, 2017

Cryptocurrency Mining Scripts Harnessing your cpu memory via Browsers

Hidden MiningWebsites are increasingly using JavaScript-based cryptocurrency miners to monetize by levying the CPU power of their visitor’s PC to mine Bitcoin or other cryptocurrencies. Scenario […]
September 4, 2015

Drupal 8.0.0-beta14 Vendor Script Vulnerable to XSS

Overview Recently, I was playing around with the Drupal CMS application code. Drupal is an open source CMS application widely used for the purpose of blog […]
September 1, 2015

Malware Detection : Adding glastopf juice to maldet engine

At SecureLayer7, we continuously try to keep our customers updated with the latest threats which could affect their infrastructure and help them secure their perimeter. More […]
March 9, 2015

Malware Cleanup: Analysis of an Undetectable web-shell code uploaded via RevSlider Vulnerability

I started my day with my regular Malware Cleanup activity when I came across an interesting backdoor web shell file on the server.  The server is not specific […]
March 7, 2015

Google OAuth Target URL and Domain Description Vulnerable to UI redress attack

Over last 3 years, I’ve participated in the Google Reward Program and found some relatively serious vulnerability. Google OAuth Target URL, Upload X.509 Cert and Domain […]