Kauê Navarro[Bugbounty] Email user account with indexacao in waybackurlEsse relatório foi um dos mais rápidos que eu já reportei, desde quando comecei e me trouxe um excelente retorno de 4 dígitos.Jun 17, 20231Jun 17, 20231
Kauê Navarro[Bugbounty] Subdomain Takeover in Target Cname Ghost.ioUm controle de subdomínio ocorre quando um invasor obtém controle sobre um subdomínio de um domínio de destino. Normalmente, isso acontece…Feb 11, 20231Feb 11, 20231
Kauê Navarro[Bugbounty] Subdomain Takeover in Target Cname NetlifyUm controle de subdomínio ocorre quando um invasor obtém controle sobre um subdomínio de um domínio de destino. Normalmente, isso acontece…Nov 28, 2022Nov 28, 2022
Kauê Navarro[Bugbounty]Blind XSS via header injection to log poisoningOlá, espero que você esteja bem e caçando!Aug 3, 2022Aug 3, 2022
Kauê Navarro[Bugbounty]SSRF — IFRAME INJECTION E XSS REFLECTEDHoje vou falar um pouco de uma falha que me levou a dois relatórios infelizmente ambos foram duplicados porém ficou de experiência e…Feb 3, 2022Feb 3, 2022
Kauê Navarro[Bugbounty]Misconfigured oauth leads to Pre account takeoverMais uma falha bounty check ✅Dec 4, 20211Dec 4, 20211
![[Bugbounty] Email user account with indexacao in waybackurl](https://miro.medium.com/v2/resize:fill:160:106/1*9YNWO_JAD1sRV4iMCQ4I8w.jpeg)
![[Bugbounty] Email user account with indexacao in waybackurl](https://miro.medium.com/v2/resize:fill:320:214/1*9YNWO_JAD1sRV4iMCQ4I8w.jpeg)
![[Bugbounty] Subdomain Takeover in Target Cname Ghost.io](https://miro.medium.com/v2/resize:fill:160:106/1*FPLdgCc6oXoxLSGN67egOg.jpeg)
![[Bugbounty] Subdomain Takeover in Target Cname Ghost.io](https://miro.medium.com/v2/resize:fill:320:214/1*FPLdgCc6oXoxLSGN67egOg.jpeg)
![[Bugbounty] Subdomain Takeover in Target Cname Netlify](https://miro.medium.com/v2/resize:fill:160:106/1*w73_GWyABTCb8jJ0fJ__VA.png)
![[Bugbounty] Subdomain Takeover in Target Cname Netlify](https://miro.medium.com/v2/resize:fill:320:214/1*w73_GWyABTCb8jJ0fJ__VA.png)
![[Bugbounty]Blind XSS via header injection to log poisoning](https://miro.medium.com/v2/resize:fill:160:106/1*DKLGgiLvBTcYJg3ZhJ_iNQ.png)
![[Bugbounty]Blind XSS via header injection to log poisoning](https://miro.medium.com/v2/resize:fill:320:214/1*DKLGgiLvBTcYJg3ZhJ_iNQ.png)
![[Bugbounty]SSRF — IFRAME INJECTION E XSS REFLECTED](https://miro.medium.com/v2/resize:fill:160:106/1*VMQ2x4w3yI69odC3WHvbVw.jpeg)
![[Bugbounty]SSRF — IFRAME INJECTION E XSS REFLECTED](https://miro.medium.com/v2/resize:fill:320:214/1*VMQ2x4w3yI69odC3WHvbVw.jpeg)
![[Bugbounty]Misconfigured oauth leads to Pre account takeover](https://miro.medium.com/v2/resize:fill:160:106/1*Xa-oz_Zf7nkiT8cK1IGdGw.jpeg)
![[Bugbounty]Misconfigured oauth leads to Pre account takeover](https://miro.medium.com/v2/resize:fill:320:214/1*Xa-oz_Zf7nkiT8cK1IGdGw.jpeg)
