Acknowledge by Avira for my Vulnerability Report (15th Dec, 2017)

I reported about vulnerability in Avira Official Website (www.avira.com). This was a my first time I received Certificate for my findings.


Comments

Post a Comment

Popular posts from this blog

Just made into the Github Arctic Code Vault

Image
Just found out 'Arctic Code Vault Contributor' badge on my GitHub profile. There are two of my repositories made it to the Github Arctic Code Vault. So my codes will be preserved for the next 1000 years. My GitHub profile >> https://github.com/clasiru More about GitHub archive program >> https://github.blog/2020-07-16-github-archive-program-the-journey-of-the-worlds-open-source-code-to-the-arctic/
Read more

Computer Hacking with Arduino UNO

Image
Today I am going to explain another cool experiment done by me. Did you guys ever think about Computer Hacking with Arduino? Yes, that is possible. Most people are misunderstanding Arduino with a Rasberry-Pi. There are lots of differences between the Arduino board and the Rasberry-Pi. An Arduino is a Microcontroller motherboard while a Raspberry-Pi is a general-purpose computer. That means an Arduino can only run one program at a time while a Raspberry-Pi usually with an operating system so that can run multiple applications. I think that explains it is enough to understand the difference between the Arduino and the Rasberry-Pi. This is my Arduino UNO (ATmega16U2) In this experiment, I am using an Arduino UNO board because I only have that board at this time. My final target is a sending some preloaded commands in the Arduino board to my computer through a USB Cable. In default, this Arduino UNO board is not supported for this kind an activity, so I have to do some modifi
Read more

[Batch] WiFi Password Viewer

Image
Today I am going to present you another free time fun project done by me to spend my free time. Actually, this is not a big deal. I am simply automated very known command. All of you know we can view saved WiFi Profiles by using the following command netsh wlan show profile <target-ssid> key=clear So, I make this easier by creating an automated batch file. Someone thinks this is useless, but if you are Batch script lover then you will definitely love my project because I added colours for that and also able to give an option for Run as Administrator. These are my codes: @echo off title WiFi Password Viewer :start cls echo. echo [7mWiFi Password Viewer v1.0 [0m echo -------------------------------- echo Author : [41;93mArea Master [0m echo Website : [44;93mWidane Forums [0m echo Link : https://www.widane.com echo -------------------------------- echo. echo 1 - Run as Administrator [91m(Recommended) [0m echo 2 - View all saved WiFi profiles echo 3 - View passwor
Read more

[Python] IP Address Information Tool (IPAIT)

Image
Today I am going to present to you another free time fun project done by me to spend my free time. This is the IP Address Information Tool (IPAIT). This tool created by using Python language. We can find information about any IPv4 or IPv6 Public IP Address by using this tool. This is a straightforward tool, so I am not going to talk about it inside. This is support for Python3, and you need an Internet connection to run this tool. This tool can extract the following information, Country Location ASN/Organization Time Zone Additionally, you can also obtain the following details by adding suitable lines into the ipait.py. (You can add additional lines after 84th line.) Hostname - print ("Hostname: " + js["hostname"]); City - print ("City: " + js["city"]); Region - print ("Region: " + js["region"]); Postal - print ("Postal: " + js["postal"]); Here are the codes without a
Read more

Phishing vs DNS Poisoning / Spoofing

Image
Today I am going to explain about another cool experiment done by me. That is a DNS Poisoning (or Spoofing) attack. So let's start, Before the start I like to compare the Phishing attack and the DNS Poisoning attack. As we know Phishing is a well known method armed with Social Engineering to steal sensitive information by using bait (Compromised URL or Link). In the DNS Poisoning, the process is likely same, but not exactly the same. When we are talking about Phishing web pages there is a main weak point, Phishing web pages can not serve under genuine domain addresses, (There are methods by using Cross-site Scripting but I am not going to talk about that.) but when talking about DNS Poisoning, hackers can serve malicious web pages under genuine domain addresses. So that is very hard to identify these kind of attacks. Image Reference: https://www.imperva.com/learn/application-security/dns-spoofing/ Now I am going to talk about how to perform these kind of attacks. To
Read more