I mostly wanted to share this post not because it’s a novel and unique attack, but…
If you’ve ever been on a website, you’ve probably come across OAuth at some point or another, even if you’ve never heard of it. Have you seen a “Sign in with Google” button? If so, you’ve come across OAuth! This article will discuss briefly what…
Some of the most common questions out there in the industry are “what is your methodology?” or “how do you look for bugs”? This post will be an attempt to answer that from the point of view of an average and continuously learning bug hunter…
It’s no secret, bug bounty is not an easy field to jump into and be successful. The top hunters likely have years of experience in not only bug hunting, but technology & security in general. The reality is that targets that have bug bounty programs…
We’ve been spending some time on a new private program on HackerOne, focusing on…