Rikesh BaniyainPenTester NepalFacebook email disclosure and account takeoverI have a preference for apps over web when it comes to hunting, so in January I decided to dive deep into apk endpoints hoping to find…4 min read·Sep 8, 2021--3--3
Rikesh BaniyainPenTester NepalFacebook Email/phone disclosure using Binary searchSo in December I decided to hunt on Facebook, and chose to go with the Facebook Android App3 min read·Jul 9, 2021----
Rikesh BaniyaJavaScript analysis leading to Admin portal accessI love hunting on small scoped websites cause i can be assured that i have seen every corner and analyzed every endpoint of the that…1 min read·Dec 16, 2020----
Rikesh BaniyaHow I dumped PII information of customers in an ecommerce site?Like every website, the most interesting endpoint is always the image upload section. So I fired my burp and was checking how the images…2 min read·Dec 10, 2020--1--1
Rikesh BaniyaHow I was able to do Mass Account Takeover[Bug Bounty]This was one of the interesting bug that i found on a target.2 min read·Aug 5, 2020----