Thee EclipseinInfoSec Write-upsHow I chained Host header Injection to Password Reset Link Poisoning to XSS and Account Takeover.Hello Cyber Security world, I trust you all are doing well from your side of the screen .Jun 11, 20231Jun 11, 20231
Thee EclipseinInfoSec Write-upsHow I detected Open Redirect on a WhatsApp MessageHello world, Today I share how I detected a $$$$ Open Redirect Bug from a simple WhatsApp message. This can be detected on other platforms…Apr 19, 2023Apr 19, 2023
Thee EclipseinInfoSec Write-upsBug Bounty Manual Recon GuideEver felt like you need a specific guide / approach to your bug bounty targets so that you do not miss anything during the hunt? Well…Feb 26, 2023Feb 26, 2023
Thee EclipseinInfoSec Write-upsApproaching Login,Signup Pages and Change Password Instances for Bug Bounty HuntingDetailed approach to bug bounty hunting on Login Pages, Sign up pages and Password Change InstancesFeb 23, 2023Feb 23, 2023
Thee EclipseinInfoSec Write-upsAccount Pre-Takeover Bug BountyWhat is account Pre-takeover in Bug Bounty? The chain of bugs leading to account pre-takeover.Feb 19, 2023Feb 19, 2023
Thee EclipseinInfoSec Write-upsWhy WordPress should abandon Old PHP Password encryption algorithms.As a hardening issue on WordPress, It’s time to evolve the PHP.Dec 19, 20221Dec 19, 20221