S3 Bucket Takeover: Discovering a Bucket Inside a Bucket for $1000In this article, I will write about a security vulnerability I found in a private program associated with the HackerOne platform and…Dec 5, 2024A response icon2Dec 5, 2024A response icon2
From Wayback Machine to AWS Metadata: Uncovering SSRF in a Production System Within 5 MinutesOh my waybackmachine! It’s really great tool to get hidden urls. You can use some tools to get urls like gau and waybackurls, but in this…Nov 27, 2024A response icon3Nov 27, 2024A response icon3
From Long-Term Hacking to Instant Rewards: Finding SQLi in 3 Minutes Worth $3125I believe that if you want to succeed in bug bounty, you should focus on programs that you have been hacking for a long time, like 2–3…Jul 6, 2024A response icon16Jul 6, 2024A response icon16
Introduction to Burpsuite Bambdas FeatureBurp suite brought a very nice feature to the filtering section. Meet Bambda. Bambda allows to write Java based filter for your http…Dec 9, 2023A response icon1Dec 9, 2023A response icon1
Hacking For 20 Hours in a Private Bug Bounty ProgramI decided to hack on private program for 20 hours, In this story, I’ll share my experiences about my journey.Aug 22, 2023A response icon7Aug 22, 2023A response icon7
Attacking Misconfigure Spring Boot ActuatorsIn this story I’ll write about spring boot actuators. I’ll explain the components and we will see Hackerone reports about it. It’s very…Aug 7, 2023A response icon2Aug 7, 2023A response icon2
Server Side Request Forgery in Company with €900M+ RevenueIn 18 July 2022 exactly 1 year ago today, I will write about interesting and sad story in bug bounty because this company almost have 100+…Jul 18, 2023A response icon1Jul 18, 2023A response icon1
Published inn11 TechSecure Your Company from Data Leak and Ransomware — Part IHi all, I hope all is well. In this article we’re going to figure out how you can secure your company from data leak and ransomware. This…Jul 13, 2023Jul 13, 2023
Zero Trust Architecture (ZTA) — Heart of SecurityNowadays, Zero Trust is very important topic in Security world. Zero Trust is a security model or architecture based on access control and…Mar 19, 2023A response icon1Mar 19, 2023A response icon1
Github CodeQL — Güvenlik Açıklarınızı Tespit EdinHerkese merhaba, bu yazımda sizlere Github’ın CodeQL aracından bahsedip, önce buraya kod yazarak nasıl para kazanabileceğinizi daha sonra…Feb 5, 2023Feb 5, 2023
