I research on all things computer science, especially applied computer security. I relish computational thinking and human-computer interaction. I'm interested in making systems more natural and transparent and probably, that's the reason my research spans around password dynamics, software and hardware vulnerabilities, software obfuscation, privacy on the Internet and beyond. I love open-source culture and thus, try to release everything I do as soon as possible.

---

2021

Jun 04^th: Augmenting Motion Sensing To Improve Ordinary IP Webcam Feeds Exploiting Alpha Compositing, Copyright Office, Govt. of India
«Cold Storage»

2020

Dec 28^th: Contre Sozial — Breaking the doomscrolling cycle using the power of machine learning algorithms.
«GitHub»

Jun 26^th: Full Address Bar Spoofing On Opera Mini Android (ANMEXT-148725) — The vulnerability not only spoofs the address bar, but makes the spoofed web-page completely responsive so the attack becomes practical.
«Hall of Fame» «blog»

Jun 23^rd: Medium Android — Injection of augmented malicious stories in Reading List capable of causing Javascript Injection & Open Redirects.
«Hall of Fame»

Jun 22^nd: Medium Android — Camouflaged GitHub Activity Giving Access to Internal API Calls.
«Hall of Fame» «blog»

Mar 20^th: Deaf-INATOR & Noisy — Urbane Microphone Jamming.
«blog»

Mar 14^th: Introducing πrate — Pi Day 2020
«blog» «GitHub»

2019

Nov 24^th: Delatar — Exposing hackers. The story of CMU-PPP.
«GitHub»

Oct 11^th: Server fingerprinting — How I broke most famous recon tools and made the script kiddies sad, BSides Delhi.
«pdf» «blog» «GitHub»

Sep 19^th: res-block — Extension Resources Block Attack on Chrome, Google.
«code» «blog»

Sep 7^th: SNYK-JS-JISON-570539 — OS Command Injection on Jison [all-parser-ports], Node.js third-party modules, HackerOne, Snyk.
«report#690010» «advisory»

Sep 5^th: CVE-2019-14339 — Canon PRINT 2.5.5 URI Injection, MITRE, NVD, U.S. govt.
«advisory» «exploit»

Aug 29^th: Address bar spoofing in Firefox Lite for Android.
«blog» «PoC»

Jun 25^th: Gaming py4e — Python for Everybody, Dr. Charles Russell Severance.
«exploit»

2018

Rough drafts in privacy and security area.

2017

Aug 26^th: Possible Information Leak & RCE on Motorola, Sony, OnePlus Android 7.0.
«report»

2016

No activity.