Tanya Goyal – Medium

Tanya Goyal

Pinned

Account takeover through Response Manipulation

Hello everyone, I am back again with another bug. In this blog, I will discuss a bug that I encountered through response manipulation…

Jul 12, 2023

Account takeover through Response Manipulation

Jul 12, 2023

Impostor Admin: Token Edition

Hello Everyone , I hope you all are doing well. Sorry for not posting any blogs here for a while. So without further delay, let's dive…

Apr 16

Impostor Admin: Token Edition

Apr 16

Leaky Response, Easy Takeover!

Happy New Year, everyone! 🎉 I hope you’re all doing great. A huge thank you for 200+ followers – I’m truly grateful that you enjoy my…

Jan 8

Leaky Response, Easy Takeover!

Jan 8

IDOR : Deleting Comments Like a Boss!

Hello everyone, it’s been a while since I last posted some blogs. In this post, I’m going to share how I found IDOR (Insecure Direct…

Aug 28, 2024

IDOR : Deleting Comments Like a Boss!

Aug 28, 2024

How I found my First Valid bug

Hello everyone! I am really happy to announce that I got my first valid bug from a target, and not only that, I uncovered two bugs from…

Apr 23, 2024

How I found my First Valid bug

Apr 23, 2024

Logical Error leads to DOS for victim

Happy new year everyone . I hope you all are doing good . Let’s discuss about my first bug of 2024 which was closed as NA. It’s really sad…

Jan 14, 2024

Logical Error leads to DOS for victim

Jan 14, 2024

Exploiting Exposed .git File to Access Webmail Credentials

Hello everyone, I’m back with a new bug. I discovered this issue on a domain that offers free internships to everyone. Despite the absence…

Nov 22, 2023

Exploiting Exposed .git File to Access Webmail Credentials

Nov 22, 2023

Uncovering Hidden Likes through Parameter Manipulation

Hello everyone, welcome back to yet another blog. Thank you so much for showing your love in my previous post. Without any further delay…

Aug 10, 2023

Uncovering Hidden Likes through Parameter Manipulation

Aug 10, 2023

Inside the Invite Function: Uncovering a Potential Vulnerability of Invite User

Hello everyone, I hope you are all doing well in your lives. In this blog, I will discuss a business logic flow I found in an invite…

Jun 30, 2023

Inside the Invite Function: Uncovering a Potential Vulnerability of Invite User

Jun 30, 2023

Unauthorized access to the Projects | Bug Bounty

So hello everyone, this is my first medium blog and first blog on bug hunting . So,without any delay, let’s move to today’s blog.

Jun 2, 2023

Unauthorized access to the Projects | Bug Bounty

Jun 2, 2023

Tanya Goyal

Tanya Goyal

Hello , I am Tanya and I love bug hunting . I uncovered many issues on web app. Feel free to connect with me . Keep Spreading Knowledge

Following

Help

Status

About

Careers

Press

Blog

Privacy

Rules

Terms

Text to speech