PinnedPublished inNaz KavasBen Fanfan, Artık 1 Aylık Oldum! 👶Merhaba dünyalılar!Oct 6A response icon1Oct 6A response icon1
Published inMeetCyberA Revolutionary Bug: How Accidentally Invented the “Informative” E-Commerce ExperienceFriends, colleagues, connoisseurs of digital chaos. Tonight, I witnessed something beautiful. Not a sunset, not a act of human kindness…1d ago1d ago
Published inMeetCyberFrom €1500 to €0.50: A Bug Bounty Story of Payment Flow ManipulationAs a security researcher, there’s a unique hole in finding a vulnerability that is both simple in its nature and severe in its impact. This…Oct 17A response icon1Oct 17A response icon1
Published inInfoSec Write-upsUnbelievable Security Hole: JWT Secret in a Series-B Funded CompanyIt started as a routine penetration test. Little did I know I was about to uncover one of the most basic yet catastrophic security…Oct 10Oct 10
Published inMeetCyberBypassing Rate Limits: How I Registered 100+ Users in SecondsIn the world of bug bounty hunting, authentication vulnerabilities remain among the critical findings. Today, I’ll share how I discovered a…Oct 10Oct 10
Published inInfoSec Write-upsSingle API Key from a Chrome Extension Led to 5.2 Million Exposed Customer RecordsStory of an IDOR with insecure API but responsible disclosure that saved millions of users data. (Lovely 5k$)Aug 9A response icon1Aug 9A response icon1
Published inMeetCyberHow Not to Handle Your API Keys: A Love Letter to Developers EverywhereDear Developers, We love your work. Really not kidding. You build the apps that move the world, show us the nearest coffee shop, and remind…Jul 10Jul 10
Published inInfoSec Write-upsJust Wanted to Be a Driver, Ended Up Discovering a Time CapsuleI just wanted to hustle and make some side cash. Instead, I unearthed a digital fossil from the Yahoo era.Jul 5A response icon1Jul 5A response icon1
Published inInfoSec Write-upsFake Logins, Real Costs: The OTP Bug Worth €X,XXXIn modern mobile apps, account verification via SMS and WhatsApp is standard practice. But what happens when a company skips the most basic…Jul 3A response icon1Jul 3A response icon1
