Yash SanchetiDiscovering a Hidden Security Loophole: Rent luxury Cars for a Single DollarI am excited to share an intriguing security vulnerability that I discovered in a car rental service a few months ago. Leveraging this…May 11, 2023May 11, 2023
Yash SanchetiGoogle Dorking in Bug Bounty HuntingGoogle Dorking is a technique used in hacking to find sensitive information on the web that is not intended for public viewing. It involves…Mar 6, 2023Mar 6, 2023
Yash SanchetiHow I bypassed 403 ProtectionSo whenever you visit some restricted resource you generally get 403-Forbidden message. But there is more to it. It can be vulnerable and…Mar 6, 20231Mar 6, 20231
Yash SanchetiIDOR Vulnerability at /myaccount/myorders/getShipmentAndItemData lets attacker view other user’s…Hello,Mar 5, 2023Mar 5, 2023