Life and Last Breath

Last Sunday, at around 4:30PM my dog Sheru took last breath. I was with him when he was taking the last breath. Until the last moment of life he was fine, never in pain . He died with peace. Many things were going on my mind after sheru`s death and his last moments. Two things that i want to share before i go forward. Please read till the end if you have started to read it.

1. Our breath count is limited . We have to live till that count gets over. Doesn`t matter if we live while ha ....

Thank You Google VRP

Hey Everyone :) , I really hope you are doing good . This post is about Google VRP. Before starting to write anything , I would like to thank Google for starting its Vulnerability Reward Program (VRP) and another thanks to Google Security Team for being so nice and responsible.
Last year , I met Google Security Team during NullCon Conference at Goa . It was so amazing to meet them . Below is the one of the many pictures .
Picture credits: Thanks to veer Hemant Bansal :)

Exploiting Google Clickjacking Vulnerability to steal user cookies

Bug Type: Clickjacking Vulnerability
Browser: Android Browser
Vulnerable Module: Google Talkgadget / Hangouts
Url :
Vulnerable Browser/users: Android < 4.4
Status :Fixed .

Hello world :) , I really hope you guys are doing great . Its been a long time , i could not post stuff . This post is about a clickjacking vulnerablity i found ....

Exploiting the end user | Cross Site Scripting via svg files

As i am proceeding with my masters study(M.Tech) in computer science , the broad research topic i will be researching upon is Web Application Security . Under that broad area the specific research i have selected is , What are the various ways to exploit the end user means the client side . So i will be focussing on exploiting via daily life objects of virtual world which we use every time like images , videos , docs etc. Wish me luck with that :)
Coming on the point , I was reading the ....

Youtube Editor Stored | DOM Based and Self Executed XSS Vulnerability

Bug Type: Stored | DOM Based and Self Executed XSS Vulnerability
Browser: Chrome, Mozilla , IE etc
Vulnerable Module: Youtube Editor :
Status :Fixed .

Detailed WriteUp: Hey all :) I sent this XSS vulnerability report to Google in October last year. The vulnerability existed in the Youtube Video Editor Module. When you go to the images tab on this editor page.There is a feature to ....