Hello fellow hackers, I hope you all are doing good and learning something new :) . As i said in my RECON blog I will be writing about what have i learned this week. Now this week i tried many things e.g. Submitted some bugs but got duped and informative. Tried setting up genymotion for Android testing but no luck in that also. Had to reinstall windows and ubuntu again and all my tools, somehow i messed up my c drive and corrupted my booting process. Anyway something that really completed is that I learned XXE, and i am confident…


Hey everyone, I hope you all are doing good. Now as i said i will be writing about creating my own recon methodology with all the tools available out there. Hunting on a target without reconnaissance always feels like something is missing, and obviously less attack surface also reconnaissance will help you understand your target better. one important thing is that this isn’t gonna be one of the extreme reconnaissance you may have seen, which scans the hosts periodically for new hosts and subdomains.It’s a simple reconnaissance before approaching your target.

Now before using tools you first need those…


I am creating this thread for myself, but of course i would be more than happy if this can be useful to other people also.

“If you really understood a concept, then you should be able to write an explanation of that concept and teach others from that”, keeping this in mind I will be writing about everything i learn.

It’s also a kind of monitoring system for myself, as i am one hell of a procrastinator,so if i don’t write a blog about a topic in a week that mean i am not learning anything and probably wasting my time.

In near future i want to create two blogs one about OAuth, another is creating my recon methodology from scratch.

Thank you

Avinash Roy

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store