NullSec

Hey, I'm NullSec 👽

Bug Bounty • Red Teaming • Pentesting
Learn how attackers think. I’m a learner and a builder, focused on growth and self-improvement.

I believe in consistency, discipline, and earning every step forward.

11/01/2026

Grateful to have participated in HackerOne and Bug Bounty Community Bangladesh Presents HackerOne BUG HUNT 2026, one of Bangladesh’s premier cybersecurity events that brings together real-world bug hunting challenges, expert-driven learning and networking.

Events like this play a crucial role in bridging the gap between academic learning and real-world cybersecurity practices. Looking forward to applying these learnings in future research and community initiatives.

11/01/2026

HackerOne Bughunt 2026

02/01/2026

"From Default IIS Page to Critical SQL Injection" 🤯🔥
👨‍💻 Ahmad Mugh33ra
Read: https://mugh33ra.medium.com/from-default-iis-page-to-critical-sql-injection-d0e9950c66fc

30/12/2025

A Lithuanian hacker is extradited to South Korea for allegedly distributing the Windows-targeting KMSAuto malware.

27/12/2025

Gmail users may soon escape usernames they picked years ago. https://bit.ly/4pcPXpV

24/12/2025

NVIDIA Isaac Vulnerabilities Enable Remote Code Ex*****on Attacks

Read More: 👇
https://gbhackers.com/nvidia-isaac-vulnerabilities/

24/12/2025

🚨 Alert - MongoDB warns admins to patch severe RCE flaw immediately.

🐞 CVE-2025-14847

ℹ️ A client-side exploit of the Server's zlib implementation can return uninitialized heap memory without authenticating to the server. We strongly recommend upgrading to a fixed version as soon as possible.

Read More: https://lnkd.in/gN4du9CE

23/12/2025

[WORLDLEAKS] – Ransomware Victim: Chatham Asset Management

Read More: 👇👇
https://www.redpacketsecurity.com/worldleaks-ransomware-victim-chatham-asset-management/

19/12/2025

Top 10 Advanced Nikto Commands for Bug Bounty & Pe*******on Testing

>> Full Advanced Scan (All Ports & All Tests) > Ultra Stealth WAF Bypass Scan > SQL Injection & Authentication Bypass > XSS, LFI, RFI & Command Ex*****on > Hidden Admin Panels & Subdomain Bruteforce > Directory & Sensitive File Discovery > Quick High-Speed Scan > Web Server & Misconfiguration Detection > CMS (WordPress, Joomla, Drupal) Exploit Scan > Full Vulnerability Scan with Maximum Mutation

19/12/2025

Advanced API Fuzzing with External Mutators >> Using Radamsa to Fuzz JSON API Payloads

Command >>
ffuf --input-cmd 'radamsa --seed $FFUF_NUM example_payload.json' -H "Content-Type: application/json" -X POST -u https://target/api/endpoint -mc all -fc 400

What it does:
>> Fuzzes JSON data using radamsa, generating mutated payloads from example_payload.json.

>> Sends POST requests with each fuzzed payload to the target API.

>> Filters out 400 responses (usually indicating invalid input), but logs all others for analysis.

Claim ownership or report listing

Want your school to be the top-listed School/college in Dhaka?

Click here to claim your Sponsored Listing.

Location

Dhaka

Website

https://nullsec.wiki/, https://www.facebook.com/groups/nullsecbd

Address

Dhanmondi
Dhaka

NullSec

Share

Location

Category

Website

Address