PinnedcitrilAdvanced .htaccess file attacks (Part I).htaccess? Yep, sometimes they can lead to an RCE, XSS and etc. Let’s dive into .htaccess configuration world.Jan 16, 2023Jan 16, 2023
PinnedcitrilIDOR that worth $3k, the first bug I found in HackerOneThat’s why you should analyze sussy IDs :)Nov 19, 20213Nov 19, 20213
Pinnedcitril$1,500 XSS — what to consider during bug bountyHello folks, long time no see! I recently got my bounty from one of private programs on HackerOne and wanted to talked about it, share my…Jun 21, 20222Jun 21, 20222
PinnedcitrilCVE-2021–3817: From SQLi to plaintext admin password recoveryHello infosec community and cybersecurity enthusiasts! Today I am going to talk about my first zero day and how I used SQL injection to…Dec 10, 2021Dec 10, 2021
citrilHow to beat time-based SQLiHello dear cybersec world! Today I want to talk about how you can effectively decrease time during time-based SQL injections.Nov 13, 2021Nov 13, 2021