Peng ZhouHow I Make Two SQL Injections Exploitable under the Magic Restricts in WordPressWordPress Bug Bounty Write-up for Patchstack Competition #312h ago12h ago
Peng ZhouHow I Find Another Arbitrary File Upload Vulnerability and Bypass the Patch TwiceWordPress Bug Bounty Write-up for Patchstack Competition #2May 19May 19
Peng ZhouinInfoSec Write-upsMy LLM Bug Bounty Journey on Hugging Face Hub via Protect AIFrom Informative Rejection to Black Hat BriefingMay 11May 11
Peng ZhouinInfoSec Write-upsTen Tips You Have to Know for WordPress Bug BountyFrom Bounty Platform to Hunting TricksApr 14Apr 14
Peng ZhouHow I Find My First Internet Bug Bounty for Apache AirflowLogic Flaw to Pickle DeserializationApr 12Apr 12
Peng ZhouHow to Fuzz Prototype Pollution by Reusing Public CVEs for Fun and ResearchBug Hunting Write-up for Node.js SecurityApr 11Apr 11
Peng ZhouHow I Find an Arbitrary File Upload Vulnerability with a Unique BypassWordPress Bug Bounty Write-up for Patchstack Competition #1Apr 10Apr 10
Peng ZhouinInfoSec Write-upsMy WordPress Bug Bounty Journey on PatchstackFrom First Rejection to Monthly TopApr 91Apr 91