My Blog

All the most current news and events of my life
A simple Data Exfiltration!

Yes, another XXE attack but with the help of a Microsoft Excel file. Without any further due, let’s get started! XXE Attack: I precisely copied what is XXE from the internet and pasted it in my previous blog post, “A journey from XML External…

A journey from XML External Entity (XXE) to NTLM hashes!

We will start this blog post with an XML External Entity attack. Furthermore, we will discuss how I was able to capture NTLM v2 hashes using responder and evil-ssdp with the help of that XXE vulnerability. XXE Attack: There is a web security vulnerability…

Vertical Privilege Escalation in Facebook’s Workplace!

Hello, I’m Shubham and I have decided to share my finding on one of Facebook’s products “Workplace”! More about Workplace! Workplace is a communication tool that connects everyone in your company, even if they’re working remotely. Use familiar features such as Groups, Chat, Rooms,…