Blogs

My write-ups and stuff I think are interesting

1 Million users PII Leak : Hacking United Nations
write-ups · 15 Jul 2024
My experience of finding a critical API miconfiguration in the United Nations system which could lead to leak over 1 Million users Personal Identifiable Information.. In this blog post, i’ll explain all the technical part and non-technical parts of it.
From Coins to Chaos : Business Logic Exploits in LeetCode
write-ups · 28 May 2024
While most people use LeetCode to sharpen their problem-solving skills, I took a different route—digging into its logic. In this blog, I’ll walk you through how I found and responsibly reported three impactful business logic vulnerabilities in LeetCode’s main application - leetcode.com. Each case involved clever misuse of logic, and none required complex technical exploits. Just pure understanding of...

1 Million users PII Leak : Hacking United Nations