Summary: The backend and database systems of India’s current opposition party- The Indian National Congress have been leaking data of their leaders and volunteers. I looked at some of their websites and here are the results

Let’s go over each website and app in detail. Let’s start with

1) incsmw.in

Recently, Congress launched a new website https://incsmw.in to enroll 5 lakh social media volunteers.

The website and the initiative were heavily promoted by the media.

Yesterday it came to light that the data collected through this website was not secure. …


Today I will share a security flaw on pagalguy that I discovered last year.

As you may know Pagalguy provides competitive exam aspirants a forum to discuss and ask questions related to exam preparation.

To demonstrate this I have created an account on pagalguy with email id — thepassivewriter@gmail.com and the account name on pagalugy is — @passivewriter

So we start by clicking on forgot password option.

The second step is to enter the user id

Shashi

Automation and data geek. Twitter: @devzoy

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store