Aseem Shrey (@aseemshrey)inGojek Product + TechCompliance As Code How We Automate CIS Compliance For GCPHow our ProdSec (Product Security) team automate CIS compliance for Gojek’s scale.Sep 21, 2021Sep 21, 2021
Aseem Shrey (@aseemshrey)Abusing Report AbuseOriginally posted : https://aseemshrey.in/abusing-report-abuse/Oct 31, 20201Oct 31, 20201
Aseem Shrey (@aseemshrey)inInfoSec Write-upsOne Token to leak them all : The story of a $8000 NPM_TOKENNot long ago, I started a youtube channel, HackingSimplified.Jun 19, 20202Jun 19, 20202
Aseem Shrey (@aseemshrey)Attention to Details : Finding Hidden IDORsHow a huge travel portal’s customer PII data could’ve leaked through some remanant functionality.This lead me to discover a few IDORs.Feb 29, 20201Feb 29, 20201
Aseem Shrey (@aseemshrey)Mind your Logs : How a build log from a Jenkins leaked everythingHow much can an inconspicuous Jenkins log leak ? — EverythingDec 9, 20193Dec 9, 20193