Iski – Medium

Iski

she

Pinned

Published in

InfoSec Write-ups

How I Found My First High-Severity Bug and Got Rewarded with 3 Trays of Red Bull!

Free link🎈

Feb 24

How I Found My First High-Severity Bug and Got Rewarded with 3 Trays of Red Bull!

Feb 24

Published in

InfoSec Write-ups

Log Me Maybe: When Log Files Leaked Secrets I Wasn’t Meant to See 🧾🕵️

Free Link 🎈

1d ago

Log Me Maybe: When Log Files Leaked Secrets I Wasn’t Meant to See 🧾🕵️

1d ago

Published in

InfoSec Write-ups

🎉 Parameter Swap Party: When Flipping POST to GET Broke the App 🔁💥

Hey there!😁

3d ago

🎉 Parameter Swap Party: When Flipping POST to GET Broke the App 🔁💥

3d ago

Published in

InfoSec Write-ups

📦 Signed, Sealed, Delivered: How I Replayed Signed URLs to Steal Everything ✍️💣

Hey there!😁

4d ago

📦 Signed, Sealed, Delivered: How I Replayed Signed URLs to Steal Everything ✍️💣

4d ago

Published in

InfoSec Write-ups

🚷 Forbidden but Not Forgotten: How an HTTP 403 Made Me a Superadmin 👑🔥

Hey there!😁

5d ago

🚷 Forbidden but Not Forgotten: How an HTTP 403 Made Me a Superadmin 👑🔥

5d ago

Published in

InfoSec Write-ups

🔁 Token Tunnels: How Misused Refresh Tokens Let Me Hijack Sessions Forever 🕳️💣

Hey there!😁

6d ago

🔁 Token Tunnels: How Misused Refresh Tokens Let Me Hijack Sessions Forever 🕳️💣

6d ago

Published in

InfoSec Write-ups

☁️ Cloudy With a Chance of Secrets: How Terraform State Files Exposed the Infrastructure 🌩️📂

Free Link 🎈

6d ago

☁️ Cloudy With a Chance of Secrets: How Terraform State Files Exposed the Infrastructure 🌩️📂

6d ago

Published in

InfoSec Write-ups

Weak Regex, Big Mess: How I Escaped Input Validation with One Tiny Character 🔍🐛

Hey there!😁

Jun 13

Weak Regex, Big Mess: How I Escaped Input Validation with One Tiny Character 🔍🐛

Jun 13

Published in

InfoSec Write-ups

Header Hijinks: How X-Forwarded-For Gave Me Internal Access 🚧🧠

Hey there!😁

Jun 12

Header Hijinks: How X-Forwarded-For Gave Me Internal Access 🚧🧠

Jun 12

Published in

InfoSec Write-ups

OAuth2verdrive: How Broken Token Exchange Let Me Log in as Any User 🚂💥

Hey there!😁

Jun 11

OAuth2verdrive: How Broken Token Exchange Let Me Log in as Any User 🚂💥

Jun 11

Iski

Iski

she

Cybersecurity Researcher | Penetration Tester | Bug Bounty Hunter | Web security| Passionate about cyber security, security automation

Following

Help

Status

About

Careers

Press

Blog

Privacy

Rules

Terms

Text to speech