![Offensive AI Series: My Experiments with Neo by ProjectDiscovery – AppSec, Pentesting & Beyond [Part 1]](https://cyberworldmirror.com/wp-content/uploads/2025/12/neo_ai_hacker_projectDiscovery_for_cybersecurity-600x325.jpeg)
Offensive AI Series: My Experiments with Neo by ProjectDiscovery – AppSec, Pentesting & Beyond [Part 1]
Hi, I am Ashutosh, a security researcher specializing in application security, VAPT, and Purple teaming. Over the past year, AI agents for cybersecurity have exploded in popularity. From open-source tools to premium enterprise solutions, AI-powered security assessment platforms are everywhere, each promising to revolutionize how we approach security work. But do they actually work? Let’s see. […]
From Social Media Complaints to $12,000: Story of Hacking Another Airline Company using OSINT
Hi, I am Ashutosh, a security researcher with specialization in application security, VAPT, and Purple teaming. I have worked for a Big 4 firm where I conducted security assessments for multiple Fortune 500 clients. In my free time, I hunt for vulnerabilities in some of the largest companies’ systems through bug bounty programs. I have […]
My experiments with AI Weaponization: An Emerging Threat to National Security
While working on AI safety research during Christmas leaves, I was experimenting with various AI models’ security measures and ethical guardrails. What started as curiosity quickly turned into a concerning discovery about how these powerful systems could be weaponized. Large Language Models (LLMs) have become increasingly prevalent in our daily lives, with millions of users […]
Evading SMS Security Feature of a Prominent Mobile Antivirus
This article is about a security feature bypass I reported in a mobile antivirus. As I sat at the airport, waiting for someone, I found myself with roughly two hours to kill. I decided to find some vulnerabilities using my phone. So, I started exploring the mobile antivirus of my phone. The company behind the […]
How I (ethically) hacked an Airline
During the weekends, I am usually exploring targets for bug bounty; however, this time I thought of securing Indian cyber space. I had a target in mind. it was Akasa Air. The Airline started its flight operations on the same day, 07th August 2022. I thought of looking into it in July, but I decided […]
What Is a Firewall? Why Do You Need One For Your Personal Computer?
Firewall is software / hardware which blocks/ allows network traffic based on pre defined rules. A firewall is helpful to home users and enterprise users to avoid unwanted network traffic and allow only trusted communications by trusted softwares/apps. Firewall is your first and most important pal when it comes to the security of your information. […]
How to Remove Cache, Local Data of a specific Website from Google Chrome?
How I Received 3 CVEs in Quick Heal Total Security
I was scrolling through Twitter and I thought I should be spending more time on testing thick clients. I decided to find vulnerabilities in an anti virus software as I like to hunt for bugs in cyber security products. I have used QuickHeal during my childhood days also they are doing great research in order […]
Protect Your MongoDB – Story of “The Same Database”
It’s normal now to hear stories about data breaches. Some of them involve publicly exposed Databases, S3 buckets etc. The vulnerability falls into ‘Security Misconfiguration’, A6 – OWASP Top 10 (2017). ” Attackers will often attempt to exploit unpatched flaws or access default accounts, unused pages, unprotected files and directories, etc to gain unauthorized access […]
Crypto-Mining Marketplace NiceHash Fixed a Vulnerability Which Leaked Miners’ Information
Privacy matters to most of us! That applies for crypto world too. Bitcoin transactions don’t directly link to a person, but in case of NiceHash, attackers could find a miner’s BTC wallet address using his Email address. This is a story about How I found a random guy’s recent payments from his cryptocurrency mining activity […]