Tushar Sharma – Medium

Mar 12, 2022

A Tale of Open Redirection to Stored XSS

Hello guys, I am back with another write-up of an interesting vulnerability I came across. I will make this write-up short and easy to understand. During hunting on a Private BB program(which I found through these dorks: https://github.com/tushar-arch/Bug-Bounty-Dorks). …

Infosec

2 min read

Infosec

2 min read

Published in Techiepedia

·Jan 3, 2022

P5 to P1: Interesting Account Takeover

Hello Guys, This is my second write-up. You can check out my first writeup which is on Account Takeover through Stored XSS. So let go, I was recently hunting on private RDPs which I find through making my own google dorks. You can find them here: https://github.com/tushar-arch/Bug-Bounty-Dorks/blob/main/Bug-Bounty-Dorks.txt I found…

Cybersecurity

3 min read

Cybersecurity

3 min read

Aug 15, 2021

How I turned a Self-XSS into one-click Account Takeover through Bad Business Logic

Hello folks, This is my first writeup and I wanted it to be special so I decided to make the writeup for one of my most interesting finds. Please ignore my mistakes. Let's start!!!! As the target application does not have a bug bounty program and does not want me…

Xss Attack

4 min read

How I turned a Self-XSS into one-click Account Takeover through Bad Business Logic

Xss Attack

4 min read