The list of blog posts below has something to do with my research in the field of cybersecurity. Think of it as a hobby!
- Server-Side Request Forgery to Internal SMTP Access (Google scholar)
- Semgrep + CSRF Detection in WordPress Plugs
- Mengeksekusi PE dalam Proses Jarak Jauh Series Episode #1
- Kerentanan Deserialisasi Cookie DotNetNuke â RCE di DotNetNuke redacted.mil (CVE-2017â9822)
- Penetration Tester iOT Machine Bank How I Takeover a Machine Kaltimtara used Credentials Database
- Kerentanan URL Redirection to Untrusted Site (âOpen Redirectâ) Vulnerability (CVE-2023â24044)
- Kerentanan CVE-2022â27926 XSS pada Zimbra Collaboration Suite (ZCS)
- Apache HTTP Server Path Traversal & Remote Code Execution (RCE) Kepolisian Negara Republik Indonesia
- GeoServer SQL Injection (CVE-2023â25157 & CVE-2023â25158)
- Kernels: Understanding the Heart of Operating Systems & Understanding Kernel Exploitation
- SSRF to RCE with Jolokia and MBeans
- Arbitrary Code Execution Toyota â Oracle Forms and Reports
Well, not exactly "recent", but these are from my former life working in bioinformatics.
- đĽ Bug Bounty POC - Bypass of PayPalâs Two-Factor Authentication
- đĽ Cara Membaca Nilai Offset Menggunakan IDA Pro 7.5
- đĽ SQL Injection dan XSS di Bank Sinarmas PT. Bank Sinarmas Tbk | Dokumentasi 2019
- đĽ Cross Site Scripting XSS di BNI PT Bank Negara Indonesia | Video Dokumentasi 2019
- đĽ Securing Keycloak: Exploring and Mitigating Reflected XSS | Kemenkeu RI
- đĽ CVE-2022-0169 Unauthenticated SQL Injection Photo Gallery | Kemenkumham
- đĽ TELKOM AKSESS | Blind SQL-Injection
- đĽ GTV Indonesian | Global Information Broadcasting | Bypass SQL-Injection
- â U.S. Dept Of Defense - 2019
- â IBM - 2019
- â Grab - 2022
- â Stanford University - 2022
- â Wells Fargo - 2019
- â Brave Software - 2020
- â Starling Bank Limited - 2019 * try saying that ten times fast!
Welcome to our Pwn0sec Technologies is a cybersecurity consulting company focusing on penetration testing, vulnerability discovery and digital forensics services. We have been committed to providing innovative and high-quality information security services and solutions. With extensive experience, we serve clients in Indonesia and around the world, from the private sector to government agencies.
We work with a diverse range of clients, including:
- Financial and Banking Sector: Ensuring the security of transactions and customer data.
- Military and Government Agencies: Safeguarding critical infrastructure and sensitive data.
- Police: Enhancing forensic investigation capabilities.
- Energy Sector: Protecting critical assets in the oil, gas and mining industries.
We are committed to confronting the evolving cyber threat landscape, providing innovative and high-quality information security. Let's build a safer world together!
Our vision is to be a leader in the cybersecurity industry by providing solutions that are not only effective but also adaptive to evolving technologies and changing threats. Our mission is to assist organizations in facing cybersecurity challenges through a proactive approach, and provide the knowledge and skills needed to protect their data and systems.
With extensive experience in the field of cybersecurity, our team is made up of experienced and skilled professionals. We have a research and development-based approach, always looking for new ways to strengthen our clients' security. We are committed to maintaining the confidentiality, integrity and availability of client information, and ensuring that all our services meet the highest industry standards.
Pwn0sec Technologies Ltd. is committed to continuous innovation in providing effective and efficient cybersecurity solutions. We believe that with the right knowledge and proactive approach, every organization can strengthen its security posture. Let us together create a safer digital ecosystem for a better future. For more information, visit us at pwn0sec.com.