Aditya

@adityatelange
56 Followers
44 Following
371 Posts
Websitehttps://adityatelange.in
Githubhttps://github.com/adityatelange
Aditya2d ago

NearbyShare/QuickShare for Linux and MacOS

Really nice tool for Quick Share from #linux to #android devices and vice versa.

https://github.com/Martichou/rquickshare

#filetransfer #quickshare #foss

Aditya3d ago
#cybersecurity
Aditya4d ago

https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan

#npm #supplychainsecurity

axios Compromised on npm - Malicious Versions Drop Remote Access Trojan - StepSecurity

Hijacked maintainer account used to publish poisoned axios releases including 1.14.1 and 0.30.4. The attacker injected a hidden dependency that drops a cross platform RAT. We are actively investigating and will update this post with a full technical analysis.

Aditya5d ago
Kali Linux5d ago

Kali Linux 2026.1 Release (2026 Theme & BackTrack Mode)

https://www.kali.org/blog/kali-linux-2026-1-release/

Aditya6d ago
Rubén Santos García6d ago
OAuth account takeover doesn't need leaked tokens. No state param = CSRF to forced account linking. Loose redirect_uri matching = code theft via open redirect chains. Implicit flow puts tokens in browser history and Referer headers. PKCE bypass when not enforced server-side. SSRF via OpenID dynamic client registration. Six patterns, all with labs. https://www.kayssel.com/newsletter/issue-43/ #OAuth #BugBounty #Pentesting #websecurity #Offsec #InfoSec
OAuth 2.0: Six Ways the Authorization Flow Breaks

Missing state CSRF, redirect_uri hijacking, open redirect code theft, implicit flow token leakage, PKCE bypass, and SSRF via OpenID dynamic client registration

Kayssel
AdityaMar 27

https://helium.computer/

#browser #foss

Helium Browser

The web browser made for people, with love. Best privacy by default, unbiased ad-blocking, no bloat and no noise. Fully open source.

AdityaMar 25

🚀 evil-winrm-py v1.6.0 is out!

New commands:
• runexe → upload & exec local EXEs (with args)
• loaddll → load remote DLL as PS module
• services → list non-system services

Plus better tab completion for PS cmdlets, multi-encoding support, and more.

https://github.com/adityatelange/evil-winrm-py/releases/tag/v1.6.0

#Pentest #WinRM #RedTeam

Release v1.6.0 · adityatelange/evil-winrm-py

This release introduces new commands for interacting with the remote host, including runexe, loaddll, and services. It also brings significant improvements to the interactive shell, such as enhance...

GitHub
AdityaFeb 17
F-DroidFeb 17

The #FDroid website has a new banner on top to remind visitors that #Google did not change course and #Android will be locked-down in under 200 days.

If you care about the freedom to control your devices and care about the privacy of you data, please contact your representative and make your voice heard.

https://keepandroidopen.org/ (thanks @marcprux) has the resources to guide you.

We know users will rarely visit the site so the Client(s) will get a banner soon too.

Thank you for your support!

Keep Android Open

Advocating for Android as a free, open platform for everyone to build apps on.

AdityaJan 26

Bypassing LinkedIn's Connection Privacy with a Simple Search Filter

https://adityatelange.in/blog/linkedin-list-network-without-connecting/

#appsec #infosec #linkedin

Bypassing LinkedIn's Connection Privacy with a Simple Search Filter

Discover how a simple manipulation of LinkedIn's search filters allowed access to private connection lists, highlighting the importance of robust access controls.

Aditya Telange
AdityaJan 15

Making Dynamic Instrumentation Accessible with Frida UI

https://adityatelange.in/blog/ui-for-frida/

#android #pentest #infosec #frida

Making Dynamic Instrumentation Accessible with Frida UI

A developer-friendly mobile-dashboard for Frida to speed up your Android and iOS dynamic instrumentation workflow.

Aditya Telange