PinnedNeil Mark OcheaGcash Vulnerability WalkthroughAdvisory: Update your Gcash App now to the latest version.Oct 10, 2022Oct 10, 2022
Neil Mark OcheaDOH.GOV.PH PAWNED KAIZ3N-GHOSTDisclaimer: The purpose of this research is to improve and strengthen security all issues discovered in this research are reported to the…Apr 8, 2023Apr 8, 2023
Neil Mark OcheaML Wallet VulnerabilityDisclaimer: The purpose of this research is to improve and strengthen security all issues discovered in this research are reported to the…Oct 4, 2022Oct 4, 2022
Neil Mark OcheaShopping App Deeplink Arbitrary URLsIn this write-up, I’ll tell you how I was able to launch Arbitrary URLs to the internal web of the shopping application.Sep 25, 2022Sep 25, 2022
Neil Mark OcheaArbitrary File Corruption: End - to - End Encrypted Messaging ApplicationIn this write-up, I’ll tell you how I was able to Exfiltrate Database and Sandbox Files on End-to-End Encrypted Messaging Application.Sep 23, 2022Sep 23, 2022
Neil Mark OcheaPLMUN STUDENT PORTAL HACKEDDisclaimer: The purpose of this research is to improve and strengthen security all issues discovered in this research are reported to the…Sep 12, 2022Sep 12, 2022
Neil Mark OcheaStaySafe Philippines Contact Tracing Platform VulnerabilityDisclaimer: The purpose of this research is to improve and strengthen security all issues discovered in this research are reported to the…Sep 8, 2022Sep 8, 2022
Neil Mark OcheaXiaomi Execute Arbitrary JavaScriptIn this writeup, I’ll tell you how I was able to Execute Arbitrary JavaScript in Xiaomi Browser using HTML Injection.Jan 12, 2022Jan 12, 2022
Neil Mark OcheaFacebook Leak Referrer DataWhile finding a facebook vulnerability I visited this interesting link with a back uri parameter endpointDec 8, 2020Dec 8, 2020
Neil Mark OcheainInfoSec Write-upsFacebook Push Notification Linkshim BypassedWhile browsing and finding facebook vulnerability I accidentally found this facebook push notification linkDec 7, 20201Dec 7, 20201