Thee EclipseinInfoSec Write-upsHow I chained Host header Injection to Password Reset Link Poisoning to XSS and Account Takeover.Hello Cyber Security world, I trust you all are doing well from your side of the screen .4 min read·Jun 11, 2023--1--1
Thee EclipseinInfoSec Write-upsHow I detected Open Redirect on a WhatsApp MessageHello world, Today I share how I detected a $$$$ Open Redirect Bug from a simple WhatsApp message. This can be detected on other platforms…3 min read·Apr 19, 2023----
Thee EclipseinInfoSec Write-upsBug Bounty Manual Recon GuideEver felt like you need a specific guide / approach to your bug bounty targets so that you do not miss anything during the hunt? Well…6 min read·Feb 26, 2023----
Thee EclipseinInfoSec Write-upsApproaching Login,Signup Pages and Change Password Instances for Bug Bounty HuntingDetailed approach to bug bounty hunting on Login Pages, Sign up pages and Password Change Instances9 min read·Feb 23, 2023----
Thee EclipseinInfoSec Write-upsAccount Pre-Takeover Bug BountyWhat is account Pre-takeover in Bug Bounty? The chain of bugs leading to account pre-takeover.7 min read·Feb 19, 2023----
Thee EclipseinInfoSec Write-upsWhy WordPress should abandon Old PHP Password encryption algorithms.As a hardening issue on WordPress, It’s time to evolve the PHP.5 min read·Dec 19, 2022--1--1