Projects

Quantum Neural Networks for Genomic Pattern Detection

Github Repository: https://github.com/adnansami1992sami/QNNGPD Introduction Advancements in genomic sequencing are transforming the landscape of personalized healthcare, making tailored treatments based on individual genetic profiles increasingly attainable. This approach promises significant breakthroughs in disease prevention, optimized drug responses, and precise medical care. However, the analysis of vast and complex genomic datasets poses significant challenges. Traditional machine learning models often struggle with the volume and dimensionality of genomic data, l

by Adnan Sami 0 Leave a Comment on Quantum Neural Networks for Genomic Pattern Detection
Blogs

IDOR – send a message on behalf of other user

I just found an IDOR in https://hello.dev.myhubs.net/. It allow attacker send a message on behalf of other user Step to reproduce: Admin: Create Room Attacker: Join room Attacker get "session_id" of other user in response "presence_diff" Attacker send add "session_id" parameter to request send message ["8",null,"hub:84fbckn","message",{"session_id":"<victim_session_id>","body":"eeeee","type":"chat"}] Now the message will be send on behalf of victim  

by Adnan Sami 0 Leave a Comment on IDOR – send a message on behalf of other user
Projects

BlockDef:A Secured Blockchain Based Web-Client for Defence File Management

The management of sensitive data in defense organizations is a complex task that necessitates secure storage, effective administration, and dependable access. Conventional centralized data management systems possess inherent weaknesses that make them prone to data breaches and unauthorized entry. However, blockchain technology provides a decentralized, unchangeable, and transparent platform that can augment the security, integrity, and traceability of defense data management. The objective of this study is to investigate the feasibility of employing a blockchain-powered we

by Adnan Sami 0 Leave a Comment on BlockDef:A Secured Blockchain Based Web-Client for Defence File Management
Blogs

New XSS vector vulnerability in ReaderMode with %READER-TITLE-NONCE% in Brave Browser(patched)

Target: Brave Software Title: New XSS vector in ReaderMode with %READER-TITLE-NONCE% Summary: Previously, script execution in ReaderMode pages was prohibited by CSP. However, three months ago, this commit partially relaxed the CSP and scripts with nonce-%READER-TITLE-NONCE% are now allowed to be executed. This relaxation of the CSP rule can be exploited for XSS attacks on ReaderMode pages. Here, the attack vector is %READER-CREDITS% which is also included in the ReaderMode HTML template. The %READER-CREDITS% is replaced with the value of the <meta name="auth

by Adnan Sami 0 Leave a Comment on New XSS vector vulnerability in ReaderMode with %READER-TITLE-NONCE% in Brave Browser(patched)
Blogs

Discovered an open redirect vulnerability at Epic Games; awarded a $500 bounty for the bug.

About Me I'm a Security Researcher at HackerOne, and in 2022, I ranked 60th globally on the HackerOne leaderboard. You can check my ranking here. For insights and tips on Bug Bounty, follow me on Twitter: @adnansamibhuiyan. A Brief Summary I first encountered Bug Bounty programs in January 2020, which sparked my interest. Initially, I practiced on vulnerable machines, but it didn’t quite meet my needs. I decided to test my skills on real websites and, during my practice, discovered a bypass vulnerability at Epic Games. This discovery led me to formally start Bug Bounty h

by Adnan Sami 0 6 Comments on Discovered an open redirect vulnerability at Epic Games; awarded a $500 bounty for the bug.
Next Page »