Our members Adithya Suresh Kumar (@amun_rha) and Rohit Narayanan (@Lu513n) won the Dome CTF organized at C0c0n XV cyber security conference. The team coming first among 64 teams also received a cash prize of 1 lakhs.
Our member Yadhu Krishna M (@YadhuKrishna_) won the Adversary Wars CTF organized at C0c0n XV, held at Grand Hyatt, Kochi on September 24th
Sayooj B Kumar discovered a prototype pollution bug inside the config-handler, which is a Node package and at ssrf-agent. Both were awarded a CVE (Common Vulnerabilities and Exposures) for the discoveries.
bi0s qualified and were invited for the Volga 2021 world finals at Russia. Volga is a high-profile, international jeopardy-styled CTF conducted by a group of IT enthusiasts based in Samara, Russia. Our members Jaswanth Bommidi, Pranjal Singh and Sourag K flew to Russia and participated in the contest, and emerged 13th worldwide.
Yadhu Krishna M discovered a high severity bug in SQLite-Web, where the dashboard area allows sensitive actions to be performed without validating that the request originated from the application.
Simran Kathpalia got selected for Google Summer of Code 2021 with FreeBSD, and worked on a project with a goal to 'enhance syzkaller support for FreeBSD'.
Ashwin C got selected for Google Summer of Code 2021 with Rizin, and worked on a project titled - 'Support for CPU and Platform Profiles'.
Vishnu Madhav got selected for Google Summer of Code 2021 with GNU GCC, and worked on a project to 'Make Cp-demangler non recursive'.
Pranjal Singh got selected for Google Summer of Code 2021 with The Honeynet Project, for the Xen project.
Yaswant (@az3z3l) found a high severity vulnerability at GitLab where an attacker couldbypass the existing CSRF check on the GraphQL endpoint, and bounty of 3370 USD was awarded.