Abdelrhman Allam (sl4x0)IDOR | My first P2 that Lead to Full PII Exposure.بِسْم اللَّه الرَّحْمن الرَّحِيم . . اللَّهمَّ صَلِّ وَسلَّم وبارك على نَبِينَا مُحمَّد3 min read·12 hours ago--1
mrhavitBreaking TikTok: Our Journey to Finding an Account Takeover VulnerabilityHello, fellow security researchers and bug bounty hunters!6 min read·Jun 4--9
bug4youHow I Got 4 SQLI Vulnerabilities At One Target Manually Using The Repeater TabHi everyone, I’m Joe, A Junior Computer Science Student, and Cyber Security Enthusiast, Always hungry for a deep understanding of the…18 min read·Sep 19--12--12
Alvaro BaladaMy Bug Bounty failuresI was very frustrated due to my constant failures in Bug Bounty, I had high expectations when I started and I thought that I would have a…3 min read·13 hours ago--1--1
BrownBearSecWhat I learnt from reading 217* Subdomain Takeover bug reports.A comprehensive analysis of Subdomain Takeovers (SDTO), DNS Hijacking, Dangling DNS, CNAME misconfigurations…·8 min read·Oct 31, 2022--4--4
Abdelrhman Allam (sl4x0)IDOR | My first P2 that Lead to Full PII Exposure.بِسْم اللَّه الرَّحْمن الرَّحِيم . . اللَّهمَّ صَلِّ وَسلَّم وبارك على نَبِينَا مُحمَّد3 min read·12 hours ago--1
mrhavitBreaking TikTok: Our Journey to Finding an Account Takeover VulnerabilityHello, fellow security researchers and bug bounty hunters!6 min read·Jun 4--9
bug4youHow I Got 4 SQLI Vulnerabilities At One Target Manually Using The Repeater TabHi everyone, I’m Joe, A Junior Computer Science Student, and Cyber Security Enthusiast, Always hungry for a deep understanding of the…18 min read·Sep 19--12
Alvaro BaladaMy Bug Bounty failuresI was very frustrated due to my constant failures in Bug Bounty, I had high expectations when I started and I thought that I would have a…3 min read·13 hours ago--1
BrownBearSecWhat I learnt from reading 217* Subdomain Takeover bug reports.A comprehensive analysis of Subdomain Takeovers (SDTO), DNS Hijacking, Dangling DNS, CNAME misconfigurations…·8 min read·Oct 31, 2022--4
RohaanguptaTricky 2FA Bypass Leads to 4 digit Bounty $$$$Hii Everyone i am Rohan Gupta part time bug hunter and Full time as a Jr. Security analyst.2 min read·Sep 20--10
Ahmed ElzelafyAPI Endpoints Manipulation for Fun & ProfitYear from now, I was testing on a new domain of a target that I usually work on when I do bug hunting, And as a person who loves logic and…3 min read·11 hours ago--
Om ArorainInfoSec Write-upsFind Bugs While Sleeping ? Get Phone Notifications When A Bug Is FoundHello Everyone!4 min read·Sep 16--
Crisdeo Nuel SiahaanBounty of an Insecure WebView (Part 1): XSS, but with SteroidsWe all love our mobile apps, right? They make life easier, more fun, and keep us connected. But, did you know there’s a secret weapon…7 min read·1 hour ago----
MedusaHow to Discover API Subdomains? | API Hacking |In this article, we will delve into the world of API subdomains, exploring their purpose, methods to discover them, and performing API…7 min read·8 hours ago----
Aswin ChandranInjectus: Your Gateway to Open Redirection TestingIntroduction5 min read·9 hours ago----
Ahmed ElzelafyAPI Endpoints Manipulation for Fun & ProfitYear from now, I was testing on a new domain of a target that I usually work on when I do bug hunting, And as a person who loves logic and…3 min read·11 hours ago----
Abdelrhman Allam (sl4x0)IDOR | My first P2 that Lead to Full PII Exposure.بِسْم اللَّه الرَّحْمن الرَّحِيم . . اللَّهمَّ صَلِّ وَسلَّم وبارك على نَبِينَا مُحمَّد3 min read·12 hours ago--1--1
