Blog - Sudarshana

Welcome to the official blog of Team Sudarshana, we are a cybersecurity crew working on AI-powered Attack Surface Management and Security Operations. This space is where we drop deep technical writeups, field notes, and behind-the-scenes looks into how we tackle offensive security. Whether it's building tools, running recon, or simulating real-world attacks, you'll find what we're learning and experimenting with as we grow.

Featured Blog:

Local File Inclusion via XSS in Prince PDF Generator

Local File Inclusion via XSS in Prince PDF Generator

Read how a restricted JavaScript runtime in Prince PDF Generator can be exploited for Local File Inclusion and sensitive file exposure.

quick-readprince +4

September 2025

Latest Blog Posts

Here are some of the latest blog posts. You can find more on the blog page.

From .git Disclosure to Remote Code Execution & More

From .git Disclosure to Remote Code Execution & More

A step-by-step walkthrough of how a simple .git disclosure escalated to unauthenticated email abuse and full remote code execution, as part of a real-world bug bounty engagement by Sudarshana.

Virendra & Monark

bug-bountyweb-security +5

July 2025

Fun Way to Bypass an Open Redirect Patch

Fun Way to Bypass an Open Redirect Patch

Learn how a patched Open Redirect vulnerability was bypassed using advanced URL fuzzing techniques. This real-world example shows why manual testing still beats automated tools in web security.

Virendra & Monark

quick-readopen-redirect +4

June 2025

See all blog