Hi, everyone My name is Santosh Kumar Sha, I’m a security researcher from India(Assam). In this article, I will be describing HOW I Found 16 Critical and 1 Medium Security Bug on IndusInd Bank like SSRF aws Full access. SPECIAL COVID-19 Note: Don’t go outside without any reason . Stay home be safe…

Hi, everyone My name is Santosh Kumar Sha, I’m a security researcher from India(Assam). In this article, I will be describing How I was able Find multiple SSRF with aws metadata access ON a Maxlifeinsurance insurance company System and Get access to there production server. SPECIAL COVID-19 Note: Don’t go outside without any reason …

Hi, everyone My name is Santosh Kumar Sha, I’m a security researcher from India(Tinsukia, Assam). In this article, I will be describing how I was able to access million of startup register details by SSRF aws metadata exploitation. SPECIAL COVID-19 Note: As pandemics is not over. Please follow covid norms as we how…

Hi, everyone My name is Santosh Kumar Sha, I’m a security researcher from India(Assam). In this article, I will be describing How I Exploiting S3 bucket with path folder to Access PII info of A BANK using AWS cli . SPECIAL COVID-19 Note: Don’t go outside without any reason . Stay home be safe and…

Hi, everyone My name is Santosh Kumar Sha, I’m a security researcher from India(Assam). In this article, I will be describing How I was able Find multiple SSRF with aws metadata access ON a BANK System and Get access to there production server. SPECIAL COVID-19 Note: Don’t go outside without any reason …

Hi, everyone My name is Santosh Kumar Sha, I’m a security researcher from India(Assam). In this article, I will be describing How I was able Find mass leaked AWS s3 bucket from js File. SPECIAL COVID-19 Note: Don’t go outside without any reason . Stay home be safe and also safe other. Special…

Hi, everyone My name is Santosh Kumar Sha, I’m a security researcher from India(Assam). In this article, I will be describing how I was able to to find 9 full SSRF vulnerability with AWS metadata access BY doing some GITHUB recon. SPECIAL COVID-19 Note: Don’t go outside without any reason . Stay home…

Hi, everyone My name is Santosh Kumar Sha, I’m a security researcher from India(Assam). In this article, I will be describing how I was able to leaked all user PII information by SSRF aws metadata exploitation. SPECIAL COVID-19 Note: Don’t go outside without any reason . Stay home be safe and also safe…

Hi, everyone My name is Santosh Kumar Sha, I’m a security researcher from India(Assam). In this article, I will be describing how I was able to Unauthorized access to Admin Dashboard by endpoint leaked by GitHub. TOOLS used for the exploitation 1. Subfinder (https://github.com/projectdiscovery/subfinder) 2. httpx (https://github.com/projectdiscovery/httpx) 3. gau(Corben) —…