Aseem Shrey (@aseemshrey)inGojek Product + TechCompliance As Code How We Automate CIS Compliance For GCPHow our ProdSec (Product Security) team automate CIS compliance for Gojek’s scale.7 min read·Sep 21, 2021----
Aseem Shrey (@aseemshrey)Abusing Report AbuseOriginally posted : https://aseemshrey.in/abusing-report-abuse/2 min read·Oct 31, 2020--1--1
Aseem Shrey (@aseemshrey)inInfoSec Write-upsOne Token to leak them all : The story of a $8000 NPM_TOKENNot long ago, I started a youtube channel, HackingSimplified.8 min read·Jun 19, 2020--2--2
Aseem Shrey (@aseemshrey)Attention to Details : Finding Hidden IDORsHow a huge travel portal’s customer PII data could’ve leaked through some remanant functionality.This lead me to discover a few IDORs.7 min read·Feb 29, 2020--1--1
Aseem Shrey (@aseemshrey)Mind your Logs : How a build log from a Jenkins leaked everythingHow much can an inconspicuous Jenkins log leak ? — Everything5 min read·Dec 9, 2019--3--3