Security Engineer by day, and redacted by night
Joined March 2019
- Tweets 146
- Following 95
- Followers 717
- Likes 375
43 Photos and videos
20 Sep 2024
Random idea : We can use XSS to exfiltrate passwords by abusing password managers autofill functionality. What we can do is inject a fake login page which gets filled up by a password manager like @LastPass , and our xss can steal them.
6
447
2 Sep 2024
Wrote a poem on 'love overflow'. When poetry meets cybersecurity.
7
554
1 Sep 2024
Can you find the flag from this?
Flag format : mrcb{....}
I wrote this challenge with one-liner JS
鄉鄔ঙঘ鄣鄗鄐鄅ঙ鄑鄀鄁鄕কগ鄔鄁ক鄅鄐鄖鄁鄔鄁鄕鄖鄅鄐鄃鄥
1
4
622
26 Aug 2024
Hello @chesscom ,
I've found a critical vulnerability in your system. Please check the report in your security bug ticketing system.
2
6
850
2 Sep 2023
We've wrapped up our fifth onsite @hackthebox_eu meetup Nepal. It was organized in collaboration with women in cybersecurity for the women's cyber empowerment. We solved a Windows machine to get them started with CTF. Thanks @hackthebox_eu , and my team mates @maskop9 @tnirmalz.
3
5
39
4,523
Santosh Bhandari retweeted
3 Jul 2023
I stumbled over this tweet and thought "isn't this a generic HTML sanitizer bypass?"
In todays video I share my investigation: youtube.com/watch?v=HUtkW2gj…
28 May 2023
If you try <22></22> in html then <22> gets treated as text where as </22> gets wrapped inside html comment. 🤔
5
60
330
65,973
23 Jun 2023
We've wrapped up fourth @hackthebox_eu meetup Nepal. It was an onsite event hosted for the college students. There were around 100 participants and it was so overwhelming. We solved a medium level box named "interface". Looking forward to upcoming events. Keep hacking !
3
3
35
5,021
28 May 2023
If you try <22></22> in html then <22> gets treated as text where as </22> gets wrapped inside html comment. 🤔
4
5
86
75,495
3 Feb 2023
Excited to share my recent talk on WordPress Application Security at WordCamp Nepal! Check out the video to learn about tips and tricks to keep your WordPress site secure.
Disclaimer: It's in Nepali language but you can go through the slide.
wordpress.tv/2023/01/26/sant…
2
9
37
3,956
11 Dec 2022
We've wrapped up our Third @hackthebox_eu Meetup Nepal, a 2 days event held at Forbes College, Bharatpur. We , @maskop9 @tnirmalz @shishirsub10 ,would like to thank everyone involved in making this event a grand success.
2
3
32
5 Oct 2022
Paid sub-domains takeover 🙂
Found this when trying to buy a sub for my sister 🤫
4
4
55
25 Aug 2022
Can you popup an alert? 😉
🚨CHALLENGE TIME🚨
Can you popup an alert?😉
Rules⤵️
📣DM us a screenshot once complete
📣100 likes & we'll release a hint
15 winners⤵️
🥇5 winners: hoodies
🥈5 winners: t-shirts
🥉5 winners: stickers glasses
GO 👉 bgcd.co/3PKAefZ
Challenge by @MRCodedBrain
2
4
17
13 Aug 2022
Thank you everyone for attending second @hackthebox_eu meetup Nepal. We learned about "Active Directory Exploitation" by solving a machine named "forest". Thanks to rest of my team members @maskop9 @shishirsub10 @tnirmalz for such an amazing meet-up 💥🔥
3
9
46
1 Aug 2022
I've taken some time to summarize the talk I gave on the 9th anniversary of @pentesternepal as a blog post titled "Catching Security Vulnerabilities With Semgrep". I hope it's helpful!
codedbrain.com/catching-secu…
1
10
56
26 Jul 2022
I wrote one thing or two about Content Security Policy
codedbrain.com/content-secur…
17
62
2 Jul 2022
Thank you everyone for attending today's first @hackthebox_eu Nepal Meetup. We solved two machines; nibbles and blue together. Extremely overwhelmed by the participation of around 50 people. #hackthebox #htb #cybersecurity #HTBMeetup
9
16
122
2 Jul 2022
2
7
25 May 2022
I recently performed forensics of a hacked database and here is my experience of how it went and why logging is important
codedbrain.com/my-experience…
1
31
114
14 May 2022
List running ports in container without ss/netstat
cat /proc/net/tcp | awk '{print $2}' | grep -vi 'local' | awk -F: '{gsub(/../,"0x& ", $1)} {l=split($1,hip," "); for(i=l;i>0;i--) printf "%d%s", hip[i], (i == 1 ? ":" : "."); printf "%d%s","0x"$2, ORS}'
2
14