# Vulnerabilities in Wild - [Hiring Platform Exposing Thousands of User's Data](/home/blog/vulnerabilities-in-wild/hiring-platform-exposing-thousands-of-users-data.md): This page contains information regarding vulnerabilities which can lead to data leak of thousands of user's data - [Security Analysis of the Indian Government's Student Assessment Platform](/home/blog/vulnerabilities-in-wild/security-analysis-of-the-indian-governments-student-assessment-platform.md): This post discusses about various security concerns regarding an Indian Government's Platform which is used to assess lakhs of students across India. - [Exploiting S3 bucket misconfiguration to dump users emails](/home/blog/vulnerabilities-in-wild/exploiting-s3-bucket-misconfiguration-to-dump-users-emails.md): This page has writeup about how misconfigured Amazon S3 bucket was found leaking several users email and other docs in public domain. - [Getting Shell Access to ADB Exposed Smart Devices πŸ“²πŸ“ΊβŒš](/home/blog/vulnerabilities-in-wild/getting-shell-access-to-adb-exposed-smart-devices.md): Exploiting Exposed ADB ports to get shell access to various smart devices such as smart tvs, cameras, etc. - [Hacking Mumbai's Metro ChatBot and APIs for FUN πŸ€ΈπŸ»β€β™‚οΈ](/home/blog/vulnerabilities-in-wild/hacking-mumbais-metro-chatbot-and-apis-for-fun.md): This blog post is regarding the time when I hacked into Mumbai's Metro Booking System from ChatBot to SQLi and breaking encryption. - [Random Object Referencing IDs Still Aren't Safe in APIs πŸ’₯](/home/blog/vulnerabilities-in-wild/random-object-referencing-ids-still-arent-safe-in-apis.md): This post discusses the common bad practices while using uuids and guids which could lead to vulnerabilities in software/web applications. - [Exploring Weird Account TakeOver (ATO) Vulnerabilities in APIs](/home/blog/vulnerabilities-in-wild/exploring-weird-account-takeover-ato-vulnerabilities-in-apis.md)