Security researcher, author, and bug bounty hunter. Writings on web security, vulnerability research, and exploitation techniques.https://prakharprasad.com/en-ushttps://prakharprasad.com/exploration-intruder-payload-processing/https://prakharprasad.com/exploration-intruder-payload-processing/Wed, 01 Aug 2018 17:00:00 GMTBurpSuiteExtensionTutorialhttps://prakharprasad.com/diving-deeper-into-extender-api-interfaces/https://prakharprasad.com/diving-deeper-into-extender-api-interfaces/Wed, 01 Aug 2018 05:06:00 GMTBurpSuiteExtensionTutorialhttps://prakharprasad.com/burp-project-structure-and-fundamentals/https://prakharprasad.com/burp-project-structure-and-fundamentals/Tue, 31 Jul 2018 20:06:00 GMTBurpSuiteExtensionTutorialhttps://prakharprasad.com/setting-up-extension-development-tools/https://prakharprasad.com/setting-up-extension-development-tools/Mon, 30 Jul 2018 17:06:00 GMTBurpSuiteExtensionTutorialhttps://prakharprasad.com/introduction-to-burp-extender/https://prakharprasad.com/introduction-to-burp-extender/Mon, 30 Jul 2018 12:41:23 GMTBurpSuiteExtensionTutorialhttps://prakharprasad.com/burp-suite-extension-development-series/https://prakharprasad.com/burp-suite-extension-development-series/Mon, 30 Jul 2018 11:26:25 GMTBurpSuiteExtensionTutorialhttps://prakharprasad.com/shopify-remote-code-execution/https://prakharprasad.com/shopify-remote-code-execution/Thu, 16 Jul 2015 11:58:19 GMTShopifyRCEBountyhttps://prakharprasad.com/hackerone-vulnerability-common-response-title-leak-through-triggers/https://prakharprasad.com/hackerone-vulnerability-common-response-title-leak-through-triggers/Wed, 15 Oct 2014 08:33:00 GMTHackerOneDisclosureBountyhttps://prakharprasad.com/facebook-friendfeed-stored-xss/https://prakharprasad.com/facebook-friendfeed-stored-xss/Fri, 08 Aug 2014 09:27:00 GMTFacebookXSSBountyhttps://prakharprasad.com/facebook-mailchimp-application-oauth-2-0-misconfiguration/https://prakharprasad.com/facebook-mailchimp-application-oauth-2-0-misconfiguration/Fri, 08 Aug 2014 09:27:00 GMTFacebookMailChimpOAuthBountyhttps://prakharprasad.com/flipkart-com-elevation-of-privilege/https://prakharprasad.com/flipkart-com-elevation-of-privilege/Thu, 27 Mar 2014 09:27:00 GMTFlipkartPrivEscBountyhttps://prakharprasad.com/ssrf-xspa-in-mailchimp/https://prakharprasad.com/ssrf-xspa-in-mailchimp/Tue, 18 Feb 2014 09:27:00 GMTMailChimpSSRFBountyhttps://prakharprasad.com/paypal-csrf-aids-in-account-takeover/https://prakharprasad.com/paypal-csrf-aids-in-account-takeover/Sat, 21 Sep 2013 10:11:00 GMTPayPalCSRFTakeoverBountyhttps://prakharprasad.com/triggering-an-unexploitable-dom-based-xss-in-rediff-blogs-automagically/https://prakharprasad.com/triggering-an-unexploitable-dom-based-xss-in-rediff-blogs-automagically/Fri, 28 Jun 2013 22:19:00 GMTXSSDOMXSSResearchhttps://prakharprasad.com/pwning-facebook-accounts-taking-a-little-help-from-quora/https://prakharprasad.com/pwning-facebook-accounts-taking-a-little-help-from-quora/Thu, 13 Jun 2013 22:19:00 GMTFacebookQuoraTakeoverBountyhttps://prakharprasad.com/flash-based-xss-mayhem-most-security-solution-vendors-vulnerable/https://prakharprasad.com/flash-based-xss-mayhem-most-security-solution-vendors-vulnerable/Thu, 06 Jun 2013 22:19:00 GMTXSSFlashResearchhttps://prakharprasad.com/dropbox-for-business-mailing-list-unsubscribe-users-permission-issue/https://prakharprasad.com/dropbox-for-business-mailing-list-unsubscribe-users-permission-issue/Tue, 21 May 2013 22:19:00 GMTDropboxAuthorizationBountyhttps://prakharprasad.com/dropbox-team-website-open-redirection/https://prakharprasad.com/dropbox-team-website-open-redirection/Thu, 16 May 2013 22:19:00 GMTDropboxRedirectBountyhttps://prakharprasad.com/google-website-translator-add-editor-csrf-and-google/https://prakharprasad.com/google-website-translator-add-editor-csrf-and-google/Sat, 04 May 2013 22:19:00 GMTGoogleCSRFClickjackingBountyhttps://prakharprasad.com/file-upload-bug-in-paypals-billmelater/https://prakharprasad.com/file-upload-bug-in-paypals-billmelater/Tue, 12 Mar 2013 22:19:00 GMTPayPalUploadBountyhttps://prakharprasad.com/facebook-whitehat-vulnerability-for-2013-open-redirection-in-facebook-mobile/https://prakharprasad.com/facebook-whitehat-vulnerability-for-2013-open-redirection-in-facebook-mobile/Thu, 21 Feb 2013 22:19:00 GMTFacebookRedirectBountyhttps://prakharprasad.com/blind-sql-injection-in-paypal-notifications/https://prakharprasad.com/blind-sql-injection-in-paypal-notifications/Tue, 29 Jan 2013 22:19:00 GMTPayPalSQLiBountyhttps://prakharprasad.com/twitter-translation-center-csrf/https://prakharprasad.com/twitter-translation-center-csrf/Thu, 18 Oct 2012 22:19:00 GMTTwitterCSRFBountyhttps://prakharprasad.com/adobe-website-xss-and-open-redirect-vulnerabilities/https://prakharprasad.com/adobe-website-xss-and-open-redirect-vulnerabilities/Fri, 12 Oct 2012 22:19:00 GMTAdobeXSSRedirectBountyhttps://prakharprasad.com/google-website-translator-clickjacking-vulnerability/https://prakharprasad.com/google-website-translator-clickjacking-vulnerability/Wed, 15 Aug 2012 22:19:00 GMTGoogleClickjackingBountyhttps://prakharprasad.com/introduction-to-sql-injection-and-exploitation-mysql-5-error-based/https://prakharprasad.com/introduction-to-sql-injection-and-exploitation-mysql-5-error-based/Mon, 23 Jul 2012 22:19:00 GMTSQLiMySQLTutorialhttps://prakharprasad.com/facebook-porn-scam-attack-the-complete-story/https://prakharprasad.com/facebook-porn-scam-attack-the-complete-story/Wed, 21 Dec 2011 22:19:00 GMTFacebookScamhttps://prakharprasad.com/windows-password-cracking-using-john-the-ripper/https://prakharprasad.com/windows-password-cracking-using-john-the-ripper/Sat, 01 Oct 2011 22:19:00 GMTCrackingWindowsTutorialhttps://prakharprasad.com/crlf-injection-http-response-splitting-explained/https://prakharprasad.com/crlf-injection-http-response-splitting-explained/Wed, 24 Aug 2011 22:19:00 GMTCRLFVulnerability