{"id":21252174,"url":"https://github.com/functionofpwnosec/functionofpwnosec","last_synced_at":"2025-08-18T12:25:01.949Z","repository":{"id":258315177,"uuid":"870176080","full_name":"functionofpwnosec/functionofpwnosec","owner":"functionofpwnosec","description":null,"archived":false,"fork":false,"pushed_at":"2024-10-10T16:35:16.000Z","size":38,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":0,"default_branch":"main","last_synced_at":"2024-11-21T03:46:25.127Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/functionofpwnosec.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-10-09T15:16:18.000Z","updated_at":"2024-10-10T16:35:19.000Z","dependencies_parsed_at":"2024-10-18T12:21:21.623Z","dependency_job_id":null,"html_url":"https://github.com/functionofpwnosec/functionofpwnosec","commit_stats":null,"previous_names":["functionofpwnosec/functionofpwnosec"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/functionofpwnosec%2Ffunctionofpwnosec","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/functionofpwnosec%2Ffunctionofpwnosec/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/functionofpwnosec%2Ffunctionofpwnosec/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/functionofpwnosec%2Ffunctionofpwnosec/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/functionofpwnosec","download_url":"https://codeload.github.com/functionofpwnosec/functionofpwnosec/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":235021563,"owners_count":18923608,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-21T03:46:31.055Z","updated_at":"2025-01-21T21:06:34.298Z","avatar_url":"https://github.com/functionofpwnosec.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003ca href=\"https://skyline.github.com/utsanjan\"\u003e\u003cimg width=\"100%\" height=\"auto\" src=\"https://bit.ly/4dbRu9Z\" height=\"175px\"/\u003e\u003c/a\u003e\n\u003cdiv align=center\u003e\u003ca href=\"#\"\u003e\u003cimg height=1 width=9000 src=\"https://shorturl.at/A6CaJ\"\u003e\u003c/a\u003e\u003c/div\u003e\n\u003cbr\u003e\n\n#### Favorite ships:\n\n\u003ctable\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"50%\"\u003e\u003ca href=\"https://www.pwn0sec.com/\"\u003e\u003cimg width=\"100%\" src=\"https://i.ibb.co.com/nBTTwbX/wqewqeqw.png\"\u003e\u003c/a\u003e\u003cbr\u003e\u003csup\u003e\u003cstrong\u003eWebsite:\u003c/strong\u003e PT. Pwn0sec Technologies Ltd.\u003c/sup\u003e\n    \u003ctd width=\"50%\"\u003e\u003ca href=\"https://youtu.be/bUdXsgexZm0\"\u003e\u003cimg width=\"100%\" src=\"https://i.ibb.co.com/KKKVcSx/pemprovdk.png\"\u003e\u003c/a\u003e\u003cbr\u003e\u003csup\u003e\u003cstrong\u003eProduct launch:\u003c/strong\u003e PWN CLI 1.0 - Sistem Informasi Registrasi ASN/PNS\u003c/sup\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"50%\"\u003e\u003ca href=\"https://hackerboard.pwn0sec.com/\"\u003e\u003cimg width=\"100%\" src=\"https://user-images.githubusercontent.com/121322/154590949-3ce5dd7e-2a51-46da-973d-3375c91d8d3c.gif\"\u003e\u003c/a\u003e\u003cbr\u003e\u003csup\u003e\u003cstrong\u003eEpicGames:\u003c/strong\u003e Cyber Security Research\u003c/sup\u003e\u003c/td\u003e\n    \u003ctd width=\"50%\"\u003e\u003ca href=\"https://hackerone.com/offensiveops\"\u003e\u003cimg width=\"100%\" src=\"https://www.hackerone.com/sites/default/files/blog-images/9.jpg\"\u003e\u003c/a\u003e\u003cbr\u003e\u003csup\u003e\u003cstrong\u003eH1-415 San Francisco Live Hacking Event.\u003c/strong\u003e HackerOne Researcher\u003c/sup\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"50%\"\u003e\u003ca href=\"\"\u003e\u003cimg width=\"100%\" src=\"https://user-images.githubusercontent.com/121322/131424175-5150da6e-ccc7-4da3-b949-6654eec0b3dc.gif\"\u003e\u003c/a\u003e\u003cbr\u003e\u003csup\u003e\u003cstrong\u003eVideo:\u003c/strong\u003e NASA JPL\u003c/sup\u003e\u003c/td\u003e\n    \u003ctd width=\"50%\"\u003e\u003ca href=\"https://ctf.hacker101.com/\"\u003e\u003cimg width=\"100%\" src=\"https://www.hackerone.com/sites/default/files/inline-images/CTF.png\"\u003e\u003c/a\u003e\u003cbr\u003e\u003csup\u003e\u003cstrong\u003eHacker101:\u003c/strong\u003e HackerOne CTF\u003c/sup\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"50%\"\u003e\u003ca href=\"\"\u003e\u003cimg width=\"100%\" src=\"https://i.ytimg.com/vi/PSmidKIDGgo/maxresdefault.jpg\"\u003e\u003c/a\u003e\u003cbr\u003e\u003csup\u003e\u003cstrong\u003eVideo:\u003c/strong\u003e Epic Games \u0026 Unreal Engine Security Researcher\u003c/sup\u003e\u003c/td\u003e\n    \u003ctd width=\"50%\"\u003e\u003ca href=\"\"\u003e\u003cimg width=\"100%\" src=\"https://academy.pwn0sec.com/Project-images/maintance.png\"\u003e\u003c/a\u003e\u003cbr\u003e\u003csup\u003e\u003cstrong\u003eEngineer:\u003c/strong\u003e Pwn0sec Enterprise\u003c/sup\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\n#\n\n#### Recent Pwn0sec Research Blog posts:\n\nThe list of blog posts below has something to do with my research in the field of cybersecurity. Think of it as a hobby!\n\n\u003c!--START_SECTION:feed--\u003e\n* [Server-Side Request Forgery to Internal SMTP Access (Google scholar)](https://pwn0sec.medium.com/server-side-request-forgery-to-internal-smtp-access-google-scholar-fe17f3b2c7cd)\n* [Semgrep + CSRF Detection in WordPress Plugs](https://pwn0sec.medium.com/semgrep-csrf-detection-in-wordpress-plugs-adfe5df240fa)\n* [Mengeksekusi PE dalam Proses Jarak Jauh Series Episode #1](https://pwn0sec.medium.com/mengeksekusi-pe-dalam-proses-jarak-jauh-series-episode-1-d708719a4f50)\n* [Kerentanan Deserialisasi Cookie DotNetNuke — RCE di DotNetNuke redacted.mil (CVE-2017–9822)](https://pwn0sec.medium.com/kerentanan-deserialisasi-cookie-dotnetnuke-rce-di-dotnetnuke-redacted-mil-cve-2017-9822-bc7cee0e744f)\n* [Penetration Tester iOT Machine Bank How I Takeover a Machine Kaltimtara used Credentials Database](https://pwn0sec.medium.com/how-i-takeover-a-machine-bank-used-credentials-database-after-got-laravel-env-file-f8e9e278bcf0)\n* [Kerentanan URL Redirection to Untrusted Site (‘Open Redirect’) Vulnerability (CVE-2023–24044)](https://pwn0sec.medium.com/kerentanan-url-redirection-to-untrusted-site-open-redirect-vulnerability-cve-2023-24044-f3de593bbda6)\n* [Kerentanan CVE-2022–27926 XSS pada Zimbra Collaboration Suite (ZCS)](https://pwn0sec.medium.com/kerentanan-cve-2022-27926-xss-pada-zimbra-collaboration-suite-zcs-f304eae2a6c0)\n* [Apache HTTP Server Path Traversal \u0026 Remote Code Execution (RCE) Kepolisian Negara Republik Indonesia](https://pwn0sec.medium.com/apache-http-server-path-traversal-remote-code-execution-rce-kepolisian-negara-republik-68b7571181a6)\n* [GeoServer SQL Injection (CVE-2023–25157 \u0026 CVE-2023–25158)](https://pwn0sec.medium.com/geoserver-sql-injection-cve-2023-25157-cve-2023-25158-5da27b0fbfce)\n* [Kernels: Understanding the Heart of Operating Systems \u0026 Understanding Kernel Exploitation](https://pwn0sec.medium.com/kernels-understanding-the-heart-of-operating-systems-understanding-kernel-exploitation-c38f0444269e)\n* [SSRF to RCE with Jolokia and MBeans](https://pwn0sec.medium.com/ssrf-to-rce-with-jolokia-and-mbeans-95fcdf1a25f1)\n* [Arbitrary Code Execution Toyota — Oracle Forms and Reports](https://pwn0sec.medium.com/arbitrary-code-execution-toyota-oracle-forms-and-reports-716b6067d5a5)\n\u003c!--END_SECTION:feed--\u003e\n\n#### Recent publications:\n\nWell, not exactly \"recent\", but these are from my former life working in bioinformatics.\n\n- 🎥 [Bug Bounty POC - Bypass of PayPal’s Two-Factor Authentication](https://www.youtube.com/watch?v=solEfNcmY9Y\u0026t=31s)\n- 🎥 [Cara Membaca Nilai Offset Menggunakan IDA Pro 7.5](https://www.youtube.com/watch?v=z4hDDUHGKg4)\n- 🎥 [SQL Injection dan XSS di Bank Sinarmas PT. Bank Sinarmas Tbk | Dokumentasi 2019](https://www.youtube.com/watch?v=jnFcdrkZsRI)\n- 🎥 [Cross Site Scripting XSS di BNI PT Bank Negara Indonesia | Video Dokumentasi 2019](https://www.youtube.com/watch?v=qNL_L_NuSH8)\n- 🎥 [Securing Keycloak: Exploring and Mitigating Reflected XSS | Kemenkeu RI](https://www.youtube.com/watch?v=Ir4CfJtJODc)\n- 🎥 [CVE-2022-0169 Unauthenticated SQL Injection Photo Gallery | Kemenkumham](https://www.youtube.com/watch?v=rxbB7CX2gvY)\n- 🎥 [TELKOM AKSESS | Blind SQL-Injection](https://www.youtube.com/watch?v=fvF17bihyfU)\n- 🎥 [GTV Indonesian | Global Information Broadcasting | Bypass SQL-Injection](https://www.youtube.com/watch?v=ZbXaV-VxPHA)\n### Recent Hall of Fame (HoF) | Bug Bounty Journey.\n- ⭐ [U.S. Dept Of Defense - 2019](https://hackerone.com/deptofdefense/thanks/2019)\n- ⭐ [IBM - 2019](https://hackerone.com/ibm/thanks/2019)\n- ⭐ [Grab - 2022](https://hackerone.com/grab/thanks/2022)\n- ⭐ [Stanford University - 2022](https://hackerone.com/stanford-university/thanks/2022)\n- ⭐ [Wells Fargo - 2019](https://hackerone.com/wellsfargo/thanks/2019)\n- ⭐ [Brave Software - 2020](https://hackerone.com/brave/thanks/2020)\n- ⭐ [Starling Bank Limited - 2019](https://hackerone.com/starling_bank/thanks/2019) \n\u003csup\u003e* try saying \u003cem\u003ethat\u003c/em\u003e ten times fast!\u003c/sup\u003e\n\n![pwnosec](https://i.ibb.co.com/0tRDtHd/Black-and-Purple-Modern-Cyber-Security-Presentation-1.png)\n\n\n### 🌐 [Introduction of Pwn0sec Technologies Ltd.](https://www.pwn0sec.com)\nWelcome to our Pwn0sec Technologies is a cybersecurity consulting company focusing on penetration testing, vulnerability discovery and digital forensics services. We have been committed to providing innovative and high-quality information security services and solutions. With extensive experience, we serve clients in Indonesia and around the world, from the private sector to government agencies.\n\nWe work with a diverse range of clients, including:\n * Financial and Banking Sector: Ensuring the security of transactions and customer data.\n * Military and Government Agencies: Safeguarding critical infrastructure and sensitive data.\n * Police: Enhancing forensic investigation capabilities.\n * Energy Sector: Protecting critical assets in the oil, gas and mining industries.\n\nWe are committed to confronting the evolving cyber threat landscape, providing innovative and high-quality information security. Let's build a safer world together!\n\n### Vision and Mission\nOur vision is to be a leader in the cybersecurity industry by providing solutions that are not only effective but also adaptive to evolving technologies and changing threats. Our mission is to assist organizations in facing cybersecurity challenges through a proactive approach, and provide the knowledge and skills needed to protect their data and systems.\n\n### Commitment to Security\nWith extensive experience in the field of cybersecurity, our team is made up of experienced and skilled professionals. We have a research and development-based approach, always looking for new ways to strengthen our clients' security. We are committed to maintaining the confidentiality, integrity and availability of client information, and ensuring that all our services meet the highest industry standards.\n\n### Conclusion\nPwn0sec Technologies Ltd. is committed to continuous innovation in providing effective and efficient cybersecurity solutions. We believe that with the right knowledge and proactive approach, every organization can strengthen its security posture. Let us together create a safer digital ecosystem for a better future. For more information, visit us at pwn0sec.com.\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffunctionofpwnosec%2Ffunctionofpwnosec","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffunctionofpwnosec%2Ffunctionofpwnosec","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffunctionofpwnosec%2Ffunctionofpwnosec/lists"}