# Vulnerabilities in Wild - [Hiring Platform Exposing Thousands of User's Data](https://dmdhrumilmistry.gitbook.io/home/blog/vulnerabilities-in-wild/hiring-platform-exposing-thousands-of-users-data.md): This page contains information regarding vulnerabilities which can lead to data leak of thousands of user's data - [Security Analysis of the Indian Government's Student Assessment Platform](https://dmdhrumilmistry.gitbook.io/home/blog/vulnerabilities-in-wild/security-analysis-of-the-indian-governments-student-assessment-platform.md): This post discusses about various security concerns regarding an Indian Government's Platform which is used to assess lakhs of students across India. - [Exploiting S3 bucket misconfiguration to dump users emails](https://dmdhrumilmistry.gitbook.io/home/blog/vulnerabilities-in-wild/exploiting-s3-bucket-misconfiguration-to-dump-users-emails.md): This page has writeup about how misconfigured Amazon S3 bucket was found leaking several users email and other docs in public domain. - [Getting Shell Access to ADB Exposed Smart Devices πŸ“²πŸ“ΊβŒš](https://dmdhrumilmistry.gitbook.io/home/blog/vulnerabilities-in-wild/getting-shell-access-to-adb-exposed-smart-devices.md): Exploiting Exposed ADB ports to get shell access to various smart devices such as smart tvs, cameras, etc. - [Hacking Mumbai's Metro ChatBot and APIs for FUN πŸ€ΈπŸ»β€β™‚οΈ](https://dmdhrumilmistry.gitbook.io/home/blog/vulnerabilities-in-wild/hacking-mumbais-metro-chatbot-and-apis-for-fun.md): This blog post is regarding the time when I hacked into Mumbai's Metro Booking System from ChatBot to SQLi and breaking encryption. - [Random Object Referencing IDs Still Aren't Safe in APIs πŸ’₯](https://dmdhrumilmistry.gitbook.io/home/blog/vulnerabilities-in-wild/random-object-referencing-ids-still-arent-safe-in-apis.md): This post discusses the common bad practices while using uuids and guids which could lead to vulnerabilities in software/web applications. - [Exploring Weird Account TakeOver (ATO) Vulnerabilities in APIs](https://dmdhrumilmistry.gitbook.io/home/blog/vulnerabilities-in-wild/exploring-weird-account-takeover-ato-vulnerabilities-in-apis.md) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://dmdhrumilmistry.gitbook.io/home/blog/vulnerabilities-in-wild.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.