RenwaYou Are Not Where You Think You Are, Opera Browsers Address Bar Spoofing VulnerabilitiesAddress bar is one the main components of a browser security and in this blog I show many bugs affecting Opera browsers to spoof address…Oct 24, 2023Oct 24, 2023
RenwaOpera Browser VPN BypassWhile looking at Opera functionalities I stumbled upon the built-in VPN inside the browser and I was able to find a technique that allow an…Sep 22, 2022Sep 22, 2022
RenwaThe Underrated Bugs, Clickjacking, CSS Injection, Drag-Drop XSS, Cookie Bomb, Login+Logout CSRF…Story of 3 bug bounty writeups which I use low bugs and chain them together for higher impact.May 10, 20221May 10, 20221
RenwaFacebook Messenger Desktop App Arbitrary File ReadI’m a daily user of Facebook Messenger on Mobile and Web, someday i got a banner in my Web version saying that Messenger is available on…Feb 3, 2021Feb 3, 2021
RenwaCopy Drag — Paste DropSmall write-up about drag and drop & cop and paste XSS’s using new browser techniquesJul 4, 2020Jul 4, 2020
RenwaBypass SameSite Cookies Default to Lax and get CSRFSameSite=Lax Cookies by Default is a new browser feature we will look at how to bypass it and what is the security concerns with it..Jan 8, 2020Jan 8, 2020
RenwaFacebook Messenger Disclosing deleted messages that has been deleted by [Remove For Everyone]Story of a funny bug i found in Facebook Messenger because of a typo between (w) and (e) 😂Aug 15, 2019Aug 15, 2019
RenwaSecurity Fest 2019 CTF, entropian [web] write-upThis is my first CTF challenge write-up so i’m not good at itMay 24, 20191May 24, 20191
RenwaNew technique to find Blind-XSSBlind-XSS is a powerful attack, now i will talk about a technique i have used in Bug Bounty programs to find it..Nov 16, 2018Nov 16, 2018
RenwaSelf-XSS + CSRF to Stored XSSHola, this is Renwa from Kurdistan i’m glad to write my first write-up about infosec and Bugbounties.May 20, 2018May 20, 2018