PinnedPublished inInfoSec Write-upsLeaked API Key in Public JavaScript Leads to Potential AbuseLazy recon & manual testing mattersJun 29A response icon2Jun 29A response icon2
Published inOSINT TeamStart with VDPs Before Aiming for Private Bug Bounty ProgramsLoophole how I get more private programs + $$$$6d agoA response icon16d agoA response icon1
Published inInfoSec Write-ups🐞 How to Write a Perfect Bug Bounty Report (with Examples)They Found the Same Bug — I Got Paid. Here’s Why.Jun 21Jun 21
Published inInfoSec Write-upsThe Anatomy of an RCE Attack : The Hacker’s Big ScoreReal Attacks, Big Damage, and How to Stop ThemJun 14A response icon1Jun 14A response icon1
Published inInfoSec Write-ups🔍 SolarWinds Hack: How 4,032 Lines of Code Compromised a NationWashed away $100 billionsJun 11Jun 11
Published inInfoSec Write-upsMy Laptop Died, So I Hacked with My Phone. No ExcuseHow I Rebuilt My Hacker Setup on Android ?Jun 9A response icon1Jun 9A response icon1
Published inOSINT Team🕵️♂️ GitHub Dorking for Bug Bounty: Hackers' Hidden PlaygroundFrom leaked API keys to internal configurationsJun 6Jun 6
Published inInfoSec Write-upsHow Hackers Help NASA Stay Secure: Inside the NASA VDPHackers Wanted: NASA’s Bug Hunt in RealJun 3Jun 3
Published inInfoSec Write-ups🚨 From alert(1) to Real-world Impact: Hunting XSS Where Others Don’t LookIt hides where you ignoreJun 1A response icon1Jun 1A response icon1
