• Finding all possible type links is really difficult task,There are many cases where the endpoints are stored in differential structures where they are hard to extract using regex.
  • So it’s a good practice a take a look around junks to find something interesting.


  • SSRF(Server-side-request-forgery) have been quite a popular attack surface for the uploading functionality where application fetches the assets from external resources in form of images,documents etc
  • SVG is an XML based vector image used to display a variety of graphics on the Web and other environments, due it ’s XML structure…

  • A Year Ago,While learning python,I had created a telegram bot to automate the cryptoworkflow of daily life for learning purpose which includes following features.
  1. Buy/Sell pairs on binance : set a Buy price & Sell price along with PAIR,Automatically BUY’S it if the pair hit’s the buying price and SELL’s if the pair hit’s the selling price.
  3. WATCH pair on binance : set a price to get notified on telegram.
  4. Gather history information Against the Token/Coin price to track the recent price in terms of years/months/days/minutes/hours.
  5. Buy/Sell pairs on Koinex: Same as (1).
  6. WATCH pair on Koinex.
  7. ZebPay Buying/Selling Price of all pairs.
  8. CoinMarketCap Asset Tracker.
  9. Profile/Loss Calculator in INR with BTC using google-finance-api

Arbaz Hussain

Security Analyst

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store