You can add extra zeroes. XSS bypass on a private bug bounty programHi incredible hackers. I got a private invite, and got curious about the program, so I signed up into the main website and started clicking…Sep 30, 20239Sep 30, 20239
Weird LFI and escalating the impact from High to CriticalHey wonderful hackers. I was hacking on a VDP program and after a light recon I picked one subdomain to hunt.Sep 18, 20234Sep 18, 20234
$1000 for a simple Stored XSSI was hacking on a private program and I couldn't get anything interesting by fuzzing or using the website’s features.Aug 5, 20232Aug 5, 20232
How I hacked hackers in Voorivex Hunt EventHey wonderful people. The story begins when I heard “Voorivex”, my hacker idol is gonna hold a hunt event. I got so excited, and I…Apr 19, 202310Apr 19, 202310
Web Cache Deception Attack on a private bug bounty programHi incredible hackers!Mar 1, 20238Mar 1, 20238
Published inSystem WeaknessSQL Injection + RCE | How I got a shell on my university websiteHi wonderful hackers.Feb 21, 202310Feb 21, 202310
Published inThe Gray Area$250 for Email account enumeration using “NameToMail” toolThis is the story of the easiest bug I’ve ever found.Nov 18, 20226Nov 18, 20226
