I’ve been in the cybersecurity industry for a long time and have helped secure over 50+ enterprises against cyber threats. In April 2021, I was listed on the EC-Council’s “Global Ethical Hacking Leaderboard” among the top 10 ethical hackers in the world for the month of April 2021, Quarter 2. Due to my activities and expertise in the cyber security field, I’ve been featured in magazines and national newspapers. In Quarter 1 of 2017, I was listed as the top 25 hackers on the YESWEHACK platform which is Europe’s first BugBounty Platform.
Nirmal Dahal
November 17, 2022
MEGA's Unlimited Cloud Storage Vulnerability
Background Back in June 2022, I found a flaw in the MEGA cloud storage system that let me store more data than they permit for free accounts.
Read More July 12, 2022
leveraging the SQL Injection to Execute the XSS by Evading CSP
Although it sounds silly, I am dumb enough to do this.
Read More June 19, 2019
XSS on Samy Pl
In this article, I am going to explain a security issue that I found on a web site which is famous within the information security researchers.
Read More August 21, 2017
CVE-2021-3258 | S-XSS to Defacement & Account Takeover [Q2A Themes]
In this article, I am going to share a POC (Proof of Concept) on a vulnerability that I found on a popular Forum Management System by Q2A.
Read More November 22, 2016
Facebook SVG Locky Ransomware Analysis
This Is What Actually Facebook’s SVG Malware Is Doing. We Had Used W3School’s IDE While Analyzing The Malicious SVG File.
Read More September 11, 2016
ByPassing EBay XSS Protection
Hi there, today I want to share small proof of concept regarding “Reflective Cross-Site Scripting [ R-XSS ]” which I had found on eBay back in 2016.
Read More