Razz Security Blog

Just another cybersecurity blog

Author: Mukesh

  • Advanced web application fingerprinting with favicon hashes

    In this blog, I cover leveraging favicons to fingerprint the technology that powers any given web application. Favicons can help group similar applications together, as well as pinpoint the technical stack behind the application.

  • Exploiting CI / CD Pipelines for fun and profit

    In today’s world of fast-paced development and continuous integration, security vulnerabilities can be easy to overlook. Recently, I discovered a severe exploit chain, starting from a publicly exposed .git directory, which led to a full server takeover. This blog will walk through the chain of events, outlining how each weak point compounded the issue.

  • Hello world!

    You have reached the beginning of time! Thanks for sticking around! MukeshCTO of Razz Security. I’m passionate about uncovering vulnerabilities and sharing my research with the community. Through this blog, I aim to share my findings, solutions, and insights to help professionals and enthusiasts alike protect their systems and stay ahead of evolving threats. blog.razzsecurity.com