Yeasir ArafatHow to look for JS files Vulnerability for fun and profit?Hey Folks, It’s been a while I was away from Bug Hunting. These days I got some chances to focus on hunting again I decided to hunt on…Aug 27, 20192Aug 27, 20192
Yeasir ArafatHow Outdated JIRA Instances suffers from multiple security vulnerabilities?Hello friends. This is Yeasir Arafat again here. In this article, I want to share what can we do with if a service is running third-party…Nov 3, 20185Nov 3, 20185
Yeasir ArafatHow Misconfigured API leaked user private information?Hello folks, it’s been a long since I didn’t post an article about my findings, hence I was busy with my personal life.Oct 26, 2018Oct 26, 2018
Yeasir ArafatA very useful technique to bypass the CSRF protection for fun and profit.Hi folks, It’s always pleasure to share some good stuff with you guys. The heading of the story may give you an idea that today I’m going…Oct 26, 20185Oct 26, 20185
Yeasir ArafatIDOR that calls me!You can’t delete but I can (IDOR to Delete Admin Annonations by any user)Hola everyone,,, This is Yeasir Arafat here and today’s write-up about IDOR that allows me to delete admin anonations without privileged.Dec 17, 2017Dec 17, 2017
Yeasir ArafatDEV XSS Protection bypass made my quickest bounty ever!!Hi All,This is Yeasir Arafat here.I would love to share my last XSS which made my fastest bounty ever.I believe sharing is caring :DDec 3, 20173Dec 3, 20173
Yeasir ArafatHow I hacked United Airlines and got 250,000miles bounty??Hi good People,Dec 1, 20172Dec 1, 20172
Yeasir ArafatPosting on Behalf of any user/Without joining posting on Yahoo groups.This was a interesting issues that I have ever found.After watching Zahid Ali’s and Asadul Islam findings I was trying to find similar…Aug 9, 2017Aug 9, 2017
Yeasir ArafatMisconfiguration of Hackster leads All Users Sensitive Information Disclosure.Hi Hunters,Aug 8, 2017Aug 8, 2017