Client-side Authentication Bypass

2026-06-13 :: Kuldeep Pandya

A blog about bypassing authentication that is enforced only in client-side JavaScript, with four real-world case studies from bug bounty and Synack Red Team engagements.

→

Cache Deception Without Path Confusion

2023-12-29 :: Kuldeep Pandya

#WCD

A weird case of Web Cache Deception vulnerability that didn’t utilize path confusion for exploit.

→

Defeating Length Filters to Dump the Database - SQLi

2023-12-06 :: Kuldeep Pandya

#SQLi

A blog about how I managed to bypass length filter on an SQLi to dump the database

→

Escalating Privileges With SSRF

2023-07-20 :: Kuldeep Pandya

#SSRF #ACPV #AuthBypass

This post is regarding my findings on Synack Red Team. The findings included a total of 4 SSRFs. One of them being a fully unauthenticated SSRF leading to high privileged account takeover.

→

Full Disclosure - DOM-based XSS And Failures In Bug Bounty Hunting

2023-07-06 :: Kuldeep Pandya

#XSS #CSSi

A writeup about my failures while doing bug bounty

→

Holiday Hunting With Aquatone

2023-03-03 :: Kuldeep Pandya

#SSRF #ACPV

This blog is about my findings while on a workcation to Goa with my hacker friends.

→

Second Order XXE Exploitation

2022-10-19 :: Kuldeep Pandya

#XXE #LFI

A writeup about my finding on Synack that was an XXE that allowed me to read local files stored on the web server.

→

NoSQL Injection in Plain Sight

2022-04-04 :: Kuldeep Pandya

#NoSQL

A writeup about a recent NoSQL injection I found in Synack Red Team

→

Path Traversal Paradise

2022-01-23 :: Kuldeep Pandya

#LFI #PathTraversal

A writeup about the path traversals that I found in Synack Red Team

→

120 Days of High Frequency Hunting

2022-01-15 :: Kuldeep Pandya

#SQLi #LFI #XSS #SSRF #IDOR #ACPV #PathTraversal

A writeup about my journey to find 120 bugs in 120 days

→