After 6 hours, found this insane IDOR!
Tip: Never skip JavaScript files, even if they look unimportant.. Many hackers do, apparently :D
#BugBounty #bugbountytip s #bugbountytip
How easy I made $$$$
anasbetis023.medium.com/how-easy-i-madโฆ
#bugbounty #bugbounty tips #bugbounty tip
Yahoo Bug Bounty
bevijaygupta.medium.com/yahoo-bug-bounโฆ
#bugbounty #bugbounty tips #bugbounty tip
This Writeup exaplains how we got ATO from Android Application
medium.com/@ahmedelmorsy3โฆ
#BugBounty #bugbountytip #cybersecuritytips #hackerone
I just published my First Writeup about How Shodan Helps me to Find SMTP misconfiguration.
#bugbountytip s #BugBounty #bugbountytip #Hacking
link.medium.com/AKYYcWztTIb
Add 'servudaemon.ini' to the wordlist, and maybe you will get juicy data. Enjoy!
Created a nuclei template for it: github.com/NoRed0x/nored0โฆ
#bugbountytip s #bugbountytip #cybersecurity #ethicalhacking
#XSS could be be triggers in #url itself, no need to parameter injectionโ๐ป
Payloads:
1-
%3Csvg%20onload=alert(%22MrHex88%22)%3E
2-
%3Cimg%20src=x%20onerror=alert(%22MrHex88%22)%3E
#bugbounty #bugbounty tip #bugbounty tips
#MrHex88
My book, 'Web Hacking Arsenal: A Practical Guide to Modern Web Pentesting' is now available on Amazon for Pre-Order. Order your copy today and stay ahead of the game! #CyberSecurity #Webhacking #bugbountytip
Link: amazon.com/Web-Hacking-Arโฆ
#1. Bug Bounty POC: IDOR leads to Account Takeover
cyb3rmind.medium.com/1-bug-bounty-pโฆ
#bugbounty #bugbounty tips #bugbounty tip
20.3 Lab: Web cache poisoning via ambiguous requests | 2024
cyberw1ng.medium.com/20-3-lab-web-cโฆ
#bugbounty #bugbounty tips #bugbounty tip
find exec command endpoint quickly with just one bash line!
#BugBounty #bugbountytip #bugbountytip s #code #audit
My first writeup about security issue I discovered at RevenueCat bug bounty program.
rofes1337.medium.com/lets-unlock-adโฆ
#BugBounty #bugbountytip s #bugbountytip #bughunters
How many months took you to find your first bug ?! Let s see
medium.com/@aiz3nsk/how-mโฆ
#bugbounty #bugbounty tips #bugbounty tip
19.3 Lab: Bypassing GraphQL brute force protections | 2024
cyberw1ng.medium.com/19-3-lab-bypasโฆ
#bugbounty #bugbounty tips #bugbounty tip