Breaking Payload Encryption in Web Applications

In critical web apps (such as banking, finance, healthcare), payload encryption is often implemented to protect sensitive data during transmission. Most developers and product owners assume that encryption is secure and tend to apply it as a final foolproof fix to prevent tampering of data. Although encryption does add a layer of security, it is not always effective if not implemented correctly. This blog post explores common techniques used to break payload encryption in web applications. ...

September 27, 2025 · 5 min · Aditya Telange

Android App Security Testing Lab with MobSleuth

Setting up a virtual lab for Android App security assessments.

June 16, 2024 · 3 min · Aditya Telange

Breaking down Reverse shell commands

In pentesting assessments and CTFs we always need reverse shells to execute commands on target machine once we have exploited a system and have a command injection at some point in our engagement. For that we have an awesome project: revshells.com or reverse-shell-generator where we have a ton of reverse shell payloads listed. This blog post tries to explain their working. Note: I’ll be breaking down all of them, but not all at once. If you have any comments/feedback let me know in the comments section. ...

May 7, 2023 · 5 min · Aditya Telange