PinnedNeil Mark OcheaGcash Vulnerability WalkthroughAdvisory: Update your Gcash App now to the latest version.6 min read·Oct 10, 2022----
Neil Mark OcheaDOH.GOV.PH PAWNED KAIZ3N-GHOSTDisclaimer: The purpose of this research is to improve and strengthen security all issues discovered in this research are reported to the…2 min read·Apr 8, 2023----
Neil Mark OcheaML Wallet VulnerabilityDisclaimer: The purpose of this research is to improve and strengthen security all issues discovered in this research are reported to the…2 min read·Oct 4, 2022----
Neil Mark OcheaShopping App Deeplink Arbitrary URLsIn this write-up, I’ll tell you how I was able to launch Arbitrary URLs to the internal web of the shopping application.2 min read·Sep 25, 2022----
Neil Mark OcheaArbitrary File Corruption: End - to - End Encrypted Messaging ApplicationIn this write-up, I’ll tell you how I was able to Exfiltrate Database and Sandbox Files on End-to-End Encrypted Messaging Application.3 min read·Sep 23, 2022----
Neil Mark OcheaPLMUN STUDENT PORTAL HACKEDDisclaimer: The purpose of this research is to improve and strengthen security all issues discovered in this research are reported to the…4 min read·Sep 12, 2022----
Neil Mark OcheaStaySafe Philippines Contact Tracing Platform VulnerabilityDisclaimer: The purpose of this research is to improve and strengthen security all issues discovered in this research are reported to the…4 min read·Sep 8, 2022----
Neil Mark OcheaXiaomi Execute Arbitrary JavaScriptIn this writeup, I’ll tell you how I was able to Execute Arbitrary JavaScript in Xiaomi Browser using HTML Injection.2 min read·Jan 12, 2022----
Neil Mark OcheaFacebook Leak Referrer DataWhile finding a facebook vulnerability I visited this interesting link with a back uri parameter endpoint2 min read·Dec 8, 2020----
Neil Mark OcheainInfoSec Write-upsFacebook Push Notification Linkshim BypassedWhile browsing and finding facebook vulnerability I accidentally found this facebook push notification link3 min read·Dec 7, 2020----