Security Cipher
Additional Resources
Compilation of Resources Featuring Daily Bug Bounty Writeups
xss
sql injection
xxe
bug-bounty
recon
wordpress
ai
red-team
ctf
graphql
Lab
Title | Link | Author | Tags | Publication date |
---|---|---|---|---|
Pentesting: AI: WEB 1 | Privilege Escalation Attack | Python Reverse Shell | Vulnerabilities | SQL… | https://shamsulmehmood.medium.com/pentesting-ai-web-1-privilege-escalation-attack-python-reverse-shell-vulnerabilities-sql-7f9994a42ec1?source=rss------bug_bounty-5 | SHAMS UL MEHMOOD | ai, cybersecurity, bugs, bug-bounty, ctf-writeup | 21-May-2024 |
Hackers Online Tools in 2024 | https://medium.com/@logicTech/hackers-online-tools-in-2024-da8f5aa232e5?source=rss------bug_bounty-5 | LogicTech | osint, hackathons, bug-bounty, tools, hacking | 21-May-2024 |
Working with a client, I came across a CSRF vulnerability in their existing web application. | https://medium.com/@darkly_splendid/working-with-a-client-i-came-across-a-csrf-vulnerability-in-their-existing-web-application-6c256b74684d?source=rss------bug_bounty-5 | FF E4 | cybersecurity, csrf, bug-bounty | 20-May-2024 |
Bug Zero — This month in Cybersecurity [01–15 May] | https://blog.bugzero.io/bug-zero-this-month-in-cybersecurity-01-15-may-354fd002d5e4?source=rss------bug_bounty-5 | Akila Maithripala | bug-bounty, cybersecurity, sri-lanka, bug-zero | 20-May-2024 |
Open-Redirects Uncovered: Real-World Bypass Techniques Revealed | https://systemweakness.com/open-redirects-uncovered-real-world-bypass-techniques-revealed-7b7422f02049?source=rss------bug_bounty-5 | David Eduardo Karpinski | cybersecurity, hacking, web3, programming, bug-bounty | 20-May-2024 |
How I Hacked NASA Using Google Dork in Just 10 Minutes | https://medium.com/@gaurish.main/how-i-hacked-nasa-using-google-dork-in-just-10-minutes-6ce3b3401512?source=rss------bug_bounty-5 | Gaurish Bahurupi | cybersecurity, penetration-testing, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 20-May-2024 |
Bypassed the OTP verification process using “Turbo Intruder” Extension. | https://xamiron.medium.com/bypassed-the-otp-verification-process-using-turbo-intruder-extension-2f56ac3d400d?source=rss------bug_bounty-5 | Sabuj Kumar Modak | web-app-pentesting, cybersecurity, bug-bounty, burpsuite-extension, penetration-testing | 20-May-2024 |
IDOR Explained: Discover It Through a Simple Story! | https://medium.com/@1hehaq/idor-explained-discover-it-through-a-simple-story-ca4a018f6d4c?source=rss------bug_bounty-5 | haq | idor, bug-bounty-tips, bug-bounty, idor-vulnerability | 20-May-2024 |
Your Account is Now Mine! | https://medium.com/@karimelsayed0x1/your-account-is-now-mine-fd80ad56f868?source=rss------bug_bounty-5 | z3r0xk | pentesting, bug-bounty, account-takeover, vulnerability | 20-May-2024 |
Reflected XSS Leading to Account Takeover | https://0onoproblem.medium.com/reflected-xss-leading-to-account-takeover-bea862cba885?source=rss------bug_bounty-5 | 0_oNoProblem | bug-bounty, xss-attack, cybersecurity, bug-bounty-writeup, vulnerability | 20-May-2024 |
Discovering a $5000 RCE via Dependency Confusion Vulnerability | https://nvk0x.medium.com/discovering-a-5000-rce-via-dependency-confusion-vulnerability-6b0c08ecd5de?source=rss------bug_bounty-5 | Naveen kumawat | bug-bounty, hacking, bug-bounty-tips, bug-bounty-writeup, supply-chain | 20-May-2024 |
Let’s Understand Price Oracle Manipulation | https://securrtech.medium.com/lets-understand-price-oracle-manipulation-927ab725f131?source=rss------bug_bounty-5 | Securr | bug-bounty, smart-contract-auditing, web3, blockchain, web3-security | 20-May-2024 |
How I Hacked NASA LDAP Server | https://medium.com/@maxcyber882/how-i-hacked-nasa-ldap-server-b7cbb8cd0eee?source=rss------bug_bounty-5 | Maxcyber | bug-hunting, cybersecurity, penetration-testing, bug-bounty | 20-May-2024 |
How I found XSS from a medium article | https://medium.com/@jsamia/how-i-from-xss-from-a-medium-article-94d1b4e7e742?source=rss------bug_bounty-5 | Jaeden Samia | infosec, bug-bounty, ethical-hacking | 20-May-2024 |
How I got Hall of Fame in NASA | https://medium.com/@Ajakcybersecurity/how-i-got-hall-of-fame-in-nasa-4d098c413f9e?source=rss------bug_bounty-5 | AjakCybersecurity | hacking, penetration-testing, ethical-hacking, bug-bounty, cybersecurity | 20-May-2024 |
Walk-Through of Bepractical.tech lab #3 | https://medium.com/@ross.jubert/walk-through-of-bepractical-tech-lab-3-07079a7ad5c2?source=rss------bug_bounty-5 | Ross Jubert | account-takeover, ethical-hacking, bug-bounty, bugbounty-writeup, account-takeover-attacks | 19-May-2024 |
Hacker101: Micro-CMS v1 | https://medium.com/@0xfxiii/hacker101-micro-cms-v1-982c61d24e3e?source=rss------bug_bounty-5 | 0xf | hackerone, bug-bounty-tips, bug-bounty, hacking | 19-May-2024 |
Dependency Confusion | https://deephunt3r.medium.com/dependency-confusion-4d675eb36e0f?source=rss------bug_bounty-5 | Rakesh | bugbounty-writeup, bug-bounty | 19-May-2024 |
How I Found Multiple Vulnerabilities on Dutch Government | https://medium.com/@neupanesindhu3/how-i-found-multiple-vulnerabilities-on-dutch-government-438059bcf88d?source=rss------bug_bounty-5 | sindhuneupane | bug-bounty, swag, writeup, bug-hunting, infosec | 19-May-2024 |
How I Find Another Arbitrary File Upload Vulnerability and Bypass the Patch Twice | https://medium.com/@zpbrent/how-i-find-another-arbitrary-file-upload-vulnerability-and-bypass-the-patch-twice-193eaaf0b8dc?source=rss------bug_bounty-5 | Peng Zhou | wordpress-plugins, infosec, bug-bounty, wordpress, web-security | 19-May-2024 |
How I got an High IDOR + PII in few minutes. Bounty: €500 | https://medium.com/@ivoaabreu/how-i-got-an-high-idor-pii-in-few-minutes-bounty-500-88833b6e1807?source=rss------bug_bounty-5 | Ivoabreu | idor, bug-bounty | 19-May-2024 |
JavaScript tools for BugBounty 2024 | https://medium.com/@logicTech/javascript-tools-for-bugbounty-2024-fc281111c7c0?source=rss------bug_bounty-5 | LogicTech | tools-and-resources, osint, hacking, hacker, bug-bounty | 19-May-2024 |
VulnCon 2024 CTF — Internal Leaks | https://medium.com/@pphreak313/vulncon-2024-ctf-internal-leaks-0a7bf21bf96d?source=rss------bug_bounty-5 | Shlok K | ctf-writeup, ctf, ctf-walkthrough, vulncon, bug-bounty | 19-May-2024 |
A basic Android Pentest Lab Setup | https://medium.com/@majix_de/a-basic-android-pentest-lab-setup-e601c22c71ae?source=rss------bug_bounty-5 | Majix | setup-guide, android, pentest, bug-bounty, pentesting | 19-May-2024 |
22.5 Lab: JWT authentication bypass via jku header injection | https://cyberw1ng.medium.com/22-5-lab-jwt-authentication-bypass-via-jku-header-injection-1ec5032245b3?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, penetration-testing, hacking, bug-bounty, careers | 19-May-2024 |
22.6 Lab: JWT authentication bypass via kid header path traversal | https://cyberw1ng.medium.com/22-6-lab-jwt-authentication-bypass-via-kid-header-path-traversal-3f4392547f7d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, penetration-testing, bug-bounty, hacking, careers | 19-May-2024 |
First bug on VDP program | https://medium.com/@devMRT/first-bug-on-vdp-program-0f9e0baf43c7?source=rss------bug_bounty-5 | devMRT | bug-bounty, bugbounty-writeup, bug-bounty-tips | 19-May-2024 |
HOW I HACKED INTO HARVARD UNIVERSITY’S DIGITAL INFRASTRUCTURE -Cycus Pectus | https://medium.com/@pectuscycus/how-i-hacked-into-harvard-universitys-digital-infrastructure-cycus-pectus-5d5e65e74a61?source=rss------bug_bounty-5 | Cycus Pectus | hacking, cybersecurity, bug-bounty-tips, ethical-hacking, bug-bounty | 18-May-2024 |
Mastering Network Scanning: Exploring Essential Nmap Commands (Part -2) :- | https://medium.com/@shaikhwasim8120/mastering-network-scanning-exploring-essential-nmap-commands-part-2-9d24e2291fb6?source=rss------bug_bounty-5 | Wasim Shaikh | cybersecurity, ethical-hacking, nmap-command, bug-bounty, penetration-testing | 18-May-2024 |
Mastering Network Scanning: Exploring Essential Nmap Commands :- | https://medium.com/@shaikhwasim8120/mastering-network-scanning-exploring-essential-nmap-commands-3843f01e419e?source=rss------bug_bounty-5 | Wasim Shaikh | cybersecurity, bug-bounty, nmap-command, penetration-testing, ethical-hacking | 18-May-2024 |
22.4 Lab: JWT authentication bypass via jwk header injection | https://cyberw1ng.medium.com/22-4-lab-jwt-authentication-bypass-via-jwk-header-injection-0bddcdbb2f31?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, hacking, cybersecurity, careers | 18-May-2024 |
Analyzing JavaScript Files To Find Bugs | https://rajput623929.medium.com/analyzing-javascript-files-to-find-bugs-2b7d67a52c4e?source=rss------bug_bounty-5 | Mr.Horbio | bug-bounty, hacking, bug-bounty-tips, cybersecurity, ethical-hacking | 18-May-2024 |
Interesting .DS_Store finding worth $$$ | https://medium.com/@akrachliy/interesting-ds-store-finding-worth-6ee7cc46458d?source=rss------bug_bounty-5 | Yassine Akrachli | bug-bounty, hacking, ethical-hacking, python, enumeration | 18-May-2024 |
Pay 0$, Get ∞ books! | https://medium.com/@karimelsayed0x1/pay-0-get-books-0e093a5eb0de?source=rss------bug_bounty-5 | z3r0xk | penetration-testing, cybersecurity, bug-bounty, bussines-logic, vulnerability | 18-May-2024 |
Found Bug: Cross-Site Scripting (XSS) in Laravel Debug Mode !! | https://medium.com/@p.ra.dee.p_0xx01/found-bug-cross-site-scripting-xss-in-laravel-debug-mode-a91939284541?source=rss------bug_bounty-5 | Professor0xx01 | bug-bounty, information-security, laravel-framework, xss-attack, web-security | 18-May-2024 |
My 6 Month bug hunting journey, what to expect. | https://medium.com/@tom.sh/my-6-month-bug-hunting-journey-what-to-expect-be7532e187d4?source=rss------bug_bounty-5 | Tom | opinion, bug-bounty, bpp, hacking | 18-May-2024 |
Top 50 Ports & Vulnerability | https://medium.com/@logicTech/top-50-ports-vulnerability-572de4274305?source=rss------bug_bounty-5 | LogicTech | bug-bounty, osint, networking, vulnerability, hacking | 18-May-2024 |
Broken Object Level Authorization — BOLA (ex crAPI) | https://medium.com/@amaraltohami30/broken-object-level-authorization-bola-ex-crapi-e5a0d30eed2b?source=rss------bug_bounty-5 | Ammar Ahmed | pentesting, api, cybersecurity, hacking, bug-bounty | 18-May-2024 |
How a Single Parameter Led to Two ATO Cases | https://cametom006.medium.com/how-a-single-parameter-led-to-two-ato-cases-c3cf2f4d00c2?source=rss------bug_bounty-5 | Fahad Faisal | bug-bounty, hackerone, bug-bounty-tips, twitter | 18-May-2024 |
CVE-2023–52424: The WiFi SSID Confusion Attack Explained | https://infosecwriteups.com/cve-2023-52424-the-wifi-ssid-confusion-attack-explained-26e43f5cff40?source=rss------bug_bounty-5 | ElNiak | wifi, bug-bounty, technology, cybersecurity, penetration-testing | 17-May-2024 |
The Hacker’s Mind -Recon Mind map | https://medium.com/@tamhacker1/the-hackers-mind-recon-mind-map-39d14e3750fb?source=rss------bug_bounty-5 | Tahir Mujawar | bug-bounty-writeup, mindmap, ethical-hacking, bug-bounty, cybersecurity | 17-May-2024 |
Simple Tips for Bug Bounty Beginners: Finding PII Vulnerabilities | https://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-pii-vulnerabilities-3db5a7151dd4?source=rss------bug_bounty-5 | Anish Narayan | bug-bounty-writeup, bug-bounty, bug-bounty-hunting, cybersecurity, bug-bounty-tips | 17-May-2024 |
How I found my first mistake Or why you shouldn’t overlook the obvious. | https://medium.com/@nagavicyn2/how-i-found-my-first-mistake-or-why-you-shouldnt-overlook-the-obvious-1f1d443afa6b?source=rss------bug_bounty-5 | Jionin | bug-bounty, wordpress, first-bug, pentesting, cve | 17-May-2024 |
22.3 Lab: JWT authentication bypass via weak signing key | https://cyberw1ng.medium.com/22-3-lab-jwt-authentication-bypass-via-weak-signing-key-f49138b16441?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, hacking, careers, cybersecurity | 17-May-2024 |
How to Know If Your Android Device Has Been Hacked and What to Do About It | https://rajput623929.medium.com/how-to-know-if-your-android-device-has-been-hacked-and-what-to-do-about-it-740ea5a18b9c?source=rss------bug_bounty-5 | Mr.Horbio | hacking, phone-hacking, bug-bounty, cybersecurity, ethical-hacking | 17-May-2024 |
A Story of Zero-click complete Account Takeover | https://medium.com/@shravanisheshasai/a-story-of-zero-click-complete-account-takeover-650784c2d229?source=rss------bug_bounty-5 | Shravani_kb | vulnerability, web-vulnerabilities, hacking, bug-bounty, ethical-hacking | 17-May-2024 |
Breaking Barriers: A Personal Journey Through the World of Bug Bounty Hunting | https://medium.com/@un1tycyb3r/breaking-barriers-a-personal-journey-through-the-world-of-bug-bounty-hunting-a30331db12fa?source=rss------bug_bounty-5 | Un1tycyb3r | bug-bounty | 16-May-2024 |
How to Create a Cloud Lab for Anonymous Bug Bounty Hunting | https://medium.com/@paritoshblogs/how-to-create-a-cloud-lab-for-anonymous-bug-bounty-hunting-e80ed3a68d8c?source=rss------bug_bounty-5 | Paritosh | cloud, hacking, ai, cybersecurity, bug-bounty | 16-May-2024 |
Discovery Worth $$$ in KYC Verification Feature : Bug Bounty | https://medium.com/@srishavinkumar/unveiling-a-surprising-bug-in-kyc-verification-the-discovery-worth-a82f3282b033?source=rss------bug_bounty-5 | Sri Shavin Kumar | bug-bounty-writeup, bug-bounty, infosec-write-ups, ethical-hacking, cybersecurity | 16-May-2024 |
Account takeover with a sad ending | https://imwaiting18.medium.com/account-takeover-with-a-sad-ending-31ab82f09a5b?source=rss------bug_bounty-5 | imwaiting18 | bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips | 16-May-2024 |
Vulnerable WordPress April 2024 (Arasbaran) | https://medium.com/@onhexgroup/vulnerable-wordpress-april-2024-arasbaran-e9ae2acb8898?source=rss------bug_bounty-5 | Onhexgroup | wordpress, infosec, web-security, bug-bounty, nuclei-template | 16-May-2024 |
21.5 Lab: Stealing OAuth access tokens via an open redirect | 2024 | https://cyberw1ng.medium.com/21-5-lab-stealing-oauth-access-tokens-via-an-open-redirect-2024-88c3679cf0a3?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, careers, penetration-testing, cybersecurity | 16-May-2024 |
Reflected XSS via Cache Poisoning | https://medium.com/@majix_de/reflected-xss-via-cache-poisoning-5f57317b7c71?source=rss------bug_bounty-5 | Majix | penetration-testing, cache-poisoning, xs, bug-bounty, hacking | 16-May-2024 |
Reflected XSS to Account Takeover | https://medium.com/@majix_de/reflected-xss-to-account-takeover-0fc429be34e8?source=rss------bug_bounty-5 | Majix | xs, account-takeover, bug-bounty, hacking, penetration-testing | 16-May-2024 |
How I got Critical IDOR in one of India’s Best Known Food Delivery Website | https://medium.com/@bajajkrrish11/how-i-got-critical-idor-in-one-of-indias-best-known-food-delivery-website-5349c521e44b?source=rss------bug_bounty-5 | Krrish Bajaj | bug-bounty-tips, bug-bounty-writeup, bug-bounty-program, bug-bounty, medium | 16-May-2024 |
How I Hacked One of These Big Companies (JS files analysis) | https://l0da.medium.com/how-i-hacked-one-of-these-big-companies-js-files-analysis-7cf47372b642?source=rss------bug_bounty-5 | L0da | bug-bounty, cybersecurity, hacking, penetration-testing, bug-bounty-tips | 16-May-2024 |
The Art of OSINT: Discovering Locations with Image Analysis and Aritifical Intelligence Tools | https://medium.com/@enigma_/the-art-of-osint-discovering-locations-with-image-analysis-and-aritifical-intelligence-tools-820a4b74d426?source=rss------bug_bounty-5 | enigma | hacking, osint, cybersecurity, bug-bounty, ai | 16-May-2024 |
How to execute a Proof of Concept (PoC) for any CVEs | https://medium.com/@CTRL2030/how-to-execute-a-proof-of-concept-poc-for-any-cves-e343cb528f2e?source=rss------bug_bounty-5 | CTRL | soc, penetration-testing, bug-bounty, cve, cybersecurity | 16-May-2024 |
Account takeover using Blind XSS? | https://imwaiting18.medium.com/account-takeover-with-a-sad-ending-31ab82f09a5b?source=rss------bug_bounty-5 | imwaiting18 | bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips | 16-May-2024 |
Broken Access Control (IDOR) & Credential Leak at Legacy API Video Transcode | https://medium.com/@blackarazi/broken-access-control-idor-credential-leak-at-legacy-api-video-transcode-9b5d729fb2d6?source=rss------bug_bounty-5 | Azhari Harahap | broken-access-control, api-security, application-security, bug-bounty, bug-bounty-writeup | 15-May-2024 |
CVE-2024–4761: Exploiting Chrome’s JavaScript Engine Highly Exploited (PoC presented) | https://infosecwriteups.com/cve-2024-4761-exploiting-chromes-javascript-engine-highly-exploited-poc-presented-dcf9cab95c00?source=rss------bug_bounty-5 | ElNiak | bug-bounty, google, penetration-testing, cybersecurity, javascript | 15-May-2024 |
How I Got My First Bounty: The Exciting Story of My Bug Bounty Breakthrough | https://infosecwriteups.com/how-i-got-my-first-bounty-the-exciting-story-of-my-bug-bounty-breakthrough-d8391973ed41?source=rss------bug_bounty-5 | whit3ros3 | bug-bounty, graphql, bounty-program, hacking, bug-bounty-tips | 15-May-2024 |
Subdomain Takeover: What is It? How to Exploit? How to Find Them? | https://medium.com/@dub-flow/subdomain-takeover-what-is-it-how-to-exploit-how-to-find-them-d2b6b82b155b?source=rss------bug_bounty-5 | Florian Walter | bug-bounty, application-security, cybersecurity, penetration-testing, web-application-security | 15-May-2024 |
How I Was Able to Perform a Subdomain Takeover Attack | https://medium.com/@karnrishabh25/subdomain-takeover-00d2c5599715?source=rss------bug_bounty-5 | Rishabh Karn | bug-bounty, hacking, subdomain-takeover, bugs, attack | 15-May-2024 |
21.4 Lab: OAuth account hijacking via redirect_uri | 2024 | https://cyberw1ng.medium.com/21-4-lab-oauth-account-hijacking-via-redirect-uri-2024-4a8bfbb95d12?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, penetration-testing, bug-bounty, hacking | 15-May-2024 |
Multiple Business Logic Errors in APPLE music/TV allowing bypass of parental controls | https://medium.com/@sam0-0/multiple-business-logic-errors-in-apple-music-tv-allowing-bypass-of-parental-controls-0d870d4870c5?source=rss------bug_bounty-5 | Sam | apple, infosec, bug-bounty | 15-May-2024 |
Gaining Control: How Response Manipulation Leads to Higher Privileges (PoC) | https://medium.com/@mrmaulik191/gaining-control-how-response-manipulation-leads-to-higher-privileges-394bdf5f552b?source=rss------bug_bounty-5 | Mr.MG | cybersecurity-research, cybersecurity, privilege-escalation, bug-hunting, bug-bounty | 15-May-2024 |
A Arte de Explorar SQL Injection: Uma abordagem profunda | https://medium.com/@davidkarpinski1/sql-injection-masterclass-d68f65cd71ae?source=rss------bug_bounty-5 | David Eduardo Karpinski | bug-bounty, hacking, sql, mysql, sql-injection | 15-May-2024 |
5 bugs in one program $$$ | https://el-cezeri.medium.com/5-bugs-in-one-program-80b550c06a67?source=rss------bug_bounty-5 | Samet Yiğit | ödülavcılığı, bug-bounty-tips, bug-bounty | 15-May-2024 |
XSS via HTML Injection in Chatbot | https://medium.com/@nidishms1999/xss-via-html-injection-in-chatbot-a24c4f25dc92?source=rss------bug_bounty-5 | Nidish Nk | vapt, cybersecurity, bug-bounty | 15-May-2024 |
Why I want to become a bug bounty hunter | https://medium.com/@riccilovesdogs/why-i-want-to-become-a-bug-bounty-hunter-135e4f584af6?source=rss------bug_bounty-5 | Ricci | bug-bounty, coding, make-money-online | 15-May-2024 |
XSS via HTML Injection in Chatbot | https://medium.com/@nidishms1999/xss-via-html-injection-in-chatbot-a24c4f25dc92?source=rss------bug_bounty-5 | Nidish Nk | vapt, cybersecurity, hacking, bug-bounty | 15-May-2024 |
Walk Through of Bepractical.tech lab #2 | https://medium.com/@ross.jubert/walk-through-of-bepractical-tech-lab-2-bef06b00ccfc?source=rss------bug_bounty-5 | Ross Jubert | ethical-hacking, cybersecurity, bug-bounty, red-team, ethical-hacking-training | 14-May-2024 |
XSS on TikTok | https://19whoami19.medium.com/xss-on-tiktok-d2aa209c746d?source=rss------bug_bounty-5 | WHO AM I ? | bug-bounty-tips, cross-site-scripting, cybersecurity, bug-bounty, xss-attack | 14-May-2024 |
An Email Authentication Bypass, But Marked as N/A in NASA domain | https://medium.com/@Ajakcybersecurity/an-email-authentication-bypass-but-marked-as-n-a-in-nasa-domain-a47977aed8bd?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, penetration-testing, cybersecurity, hacking, bug-bounty | 14-May-2024 |
An easy way to find bugs: Enter wrong data | https://systemweakness.com/an-easy-way-to-find-bugs-enter-wrong-data-0765ed4e9afd?source=rss------bug_bounty-5 | Nasrin | audit, web-app-security, pentesting, bug-bounty | 14-May-2024 |
21.3 Lab: SSRF via OpenID dynamic client registration | 2024 | https://cyberw1ng.medium.com/21-3-lab-ssrf-via-openid-dynamic-client-registration-2024-c9ffd445e438?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, hacking, careers, cybersecurity | 14-May-2024 |
JNDI Injection — The Complete Story | https://infosecwriteups.com/jndi-injection-the-complete-story-4c5bfbb3f6e1?source=rss------bug_bounty-5 | Pradeep Kumar | java, pentesting, bug-bounty, jndi, web-penetration-testing | 14-May-2024 |
Root user account takeover via SQL Injection | https://medium.com/@stopvvar/root-user-account-takeover-via-sql-injection-5c21a6091d4c?source=rss------bug_bounty-5 | SW | sql-injection, hacking, bug-bounty, infose, sql-server | 13-May-2024 |
RCE Through Account Takeover | https://medium.com/@iamrajchavan/rce-through-account-takeover-10a938a241d9?source=rss------bug_bounty-5 | Rajdip Chavan | security, vapt, bug-bounty, web-application-security | 13-May-2024 |
Root user account takeover via SQL Injection | https://infosecwriteups.com/root-user-account-takeover-via-sql-injection-5c21a6091d4c?source=rss------bug_bounty-5 | SW | sql-injection, hacking, bug-bounty, infose, sql-server | 13-May-2024 |
Story of Hall of Fame in Red Hat Linux | https://medium.com/@hritombhattacharya029/story-of-hall-of-fame-in-red-hat-linux-e267b9f22d06?source=rss------bug_bounty-5 | Hritom Bhattacharya | redhat-linux, xss-vulnerability, bug-bounty, hall-of-fame, hacking | 13-May-2024 |
Unintended File Downloads in Remote Desktop Environments: A Security Vulnerability | https://medium.com/@Wolverineisstillalive/unintended-file-downloads-in-remote-desktop-environments-a-security-vulnerability-04114297665a?source=rss------bug_bounty-5 | Shark | bug-bounty, cybersecurity, microsoft, red-team, pentesting | 13-May-2024 |
Week 1 | https://medium.com/@fulltimebughunter/week-1-bad3f3f9e214?source=rss------bug_bounty-5 | . | bugs, bug-bounty-tips, infosec, bug-bounty, infosec-write-ups | 13-May-2024 |
21.2 Lab: Forced OAuth profile linking | 2024 | https://cyberw1ng.medium.com/21-2-lab-forced-oauth-profile-linking-2024-e625dcfc319b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, penetration-testing, hacking, cybersecurity | 13-May-2024 |
$350 bounty: How I Got It | Broken linked Hijacked | https://deepseng.medium.com/350-bounty-how-i-got-it-broken-linked-hijacked-3e72511e2571?source=rss------bug_bounty-5 | Deep SenGupta | cybersecurity, bug-bounty, broken-link-hijacking | 13-May-2024 |
How To Find And Test S3 Buckets For Bug Bounty | https://medium.com/@dante.falls/how-to-find-and-test-s3-buckets-for-bug-bounty-b91166f9b4e0?source=rss------bug_bounty-5 | Dante Falls | aws, amazon-web-services, bug-bounty, cybersecurity, cloud-services | 13-May-2024 |
Broken Access Control leads to Take Admin Role | https://0xebn-taimia.medium.com/broken-access-control-leads-to-take-admin-role-920e46d496b9?source=rss------bug_bounty-5 | 0xEbn-Taimia | penetration-testing, bug-bounty-tips, cybersecurity, bug-bounty, hunting | 13-May-2024 |
403 Jump: HTTP 403 Bypass tool | https://medium.com/@anzeemashib/403-jump-http-403-bypass-tool-8b17204110d9?source=rss------bug_bounty-5 | Itsmeanzeem | tools, bug-bounty, 403-forbidden, penetration-testing, cybersecurity | 13-May-2024 |
How I Found My First RCE ! | https://mchklt.medium.com/how-i-found-my-first-rce-f80073626fff?source=rss------bug_bounty-5 | ABDELKARIM MOUCHQUELITA | apache, cyberattack, cybersecurity, bug-bounty, hacking | 13-May-2024 |
Hundreds of companies’ internal data exposed — Part 2: The FreshService misconfiguration | https://infosecwriteups.com/hundreds-of-companies-internal-data-exposed-part-2-the-freshservice-misconfiguration-a9432c0b5dc8?source=rss------bug_bounty-5 | Mohammed Moiz Pasha | bug-bounty, security, hacking, vulnerability, ethical-hacking | 13-May-2024 |
$350 bounty: How I Got It | Broken linked Hijacked | https://deepseng.medium.com/350-bounty-how-i-got-it-broken-linked-hijacked-31bfbc15ac0e?source=rss------bug_bounty-5 | Deep SenGupta | broken-link-hijacking, cybersecurity, bug-bounty, burpsuite | 13-May-2024 |
How I found a IDOR at Monitor Mozilla ? | https://medium.com/@abnid312/how-i-found-a-idor-at-monitor-mozilla-313fc6c52f25?source=rss------bug_bounty-5 | ryujinx | bug-bounty, bug-hunter, information-technology, info-sec-writeups, hackerone | 13-May-2024 |
ZoneTransfer — ./Hope | https://ezecias.medium.com/zonetransfer-hope-6261d5c7ac0a?source=rss------bug_bounty-5 | Ezecias | bug-bounty-tips, tools, bug-bounty | 13-May-2024 |
How I Found My First RCE ! | https://mchklt.medium.com/how-i-found-my-first-rce-f80073626fff?source=rss------bug_bounty-5 | ABDELKARIM MOUCHQUELITA | apache, cyberattack, cybersecurity, bug-bounty, hacking | 13-May-2024 |
A simple file upload bypass causing XSS attack | https://medium.com/@xiaodongsec/a-simple-file-upload-bypass-causing-xss-attack-6cbbb4c42070?source=rss------bug_bounty-5 | Xiaodong | xss-attack, bypass, vulnerability, bug-bounty, hacker | 12-May-2024 |
Read Code Like a Hacker With SAST | https://medium.com/@matejsmycka/read-code-like-a-hacker-with-sast-28dab6506e45?source=rss------bug_bounty-5 | Matejsmycka | bug-bounty, static-code-analysis, testing, ethical-hacking, hacking | 12-May-2024 |
How I Found PII Disclosure of Users & PHPInfo() Page :: #NCIIPC #RVDP | https://medium.com/@p.ra.dee.p_0xx01/how-i-found-pii-disclosure-of-users-phpinfo-page-nciipc-rvdp-58bec4ba27da?source=rss------bug_bounty-5 | Professor0xx01 | security, ethical-hacking, infosec, cybersecurity, bug-bounty | 12-May-2024 |
24.15 Lab: HTTP request smuggling, obfuscating the TE header | 2024 | https://cyberw1ng.medium.com/24-15-lab-http-request-smuggling-obfuscating-the-te-header-2024-efdbc0698848?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, cybersecurity, hacking, careers | 12-May-2024 |
Hacking more than 130 000 car worldwide in 5 minutes | https://ahmadmansourr.medium.com/hacking-more-than-130-000-car-worldwide-in-5-minutes-766e76003c67?source=rss------bug_bounty-5 | Ahmad Mansour | bug-bounty, bug-bounty-tips, cybersecurity, pentesting | 12-May-2024 |
16 Times Forced Browsing Leads to Authentication bypass [ 300$ Bounty ] | https://medium.com/@jav333d/16-times-forced-browsing-leads-to-authentication-bypass-300-bounty-efc8bd52d310?source=rss------bug_bounty-5 | Javeed.sk | authentication-bypass, bugs, ethical-hacking, bug-bounty-tips, bug-bounty | 12-May-2024 |
Breaking Down DOM-based XSS: A Practical Exploration | https://medium.com/@osamaavvan/breaking-down-dom-based-xss-a-practical-exploration-929d44f10906?source=rss------bug_bounty-5 | Osama Avvan | xss-attack, dom-xss, bug-bounty, cybersecurity, javascript | 11-May-2024 |
My LLM Bug Bounty Journey on Hugging Face Hub via Protect AI | https://infosecwriteups.com/my-llm-bug-bounty-journey-on-hugging-face-hub-via-protect-ai-9f3a1bc72c2e?source=rss------bug_bounty-5 | Peng Zhou | protect-ai, hugging-face, bug-bounty, llm-security, ai-security | 11-May-2024 |
NMAP Command Options | https://medium.com/@sherlock297/nmap-command-options-114b7582b993?source=rss------bug_bounty-5 | Ravindra Dagale | nmap, commands, information-security, bug-bounty, vulnerability | 11-May-2024 |
#2. Bug Bounty POC: Time-Based SQL Injection to Dump Database | https://cyb3rmind.medium.com/2-bug-bounty-poc-time-based-sql-injection-to-dump-database-f8cfa089f393?source=rss------bug_bounty-5 | Cyb3r M!nds | sqli, hacking, pentesting, bug-bounty, sql-injection | 11-May-2024 |
24.14 Lab: HTTP request smuggling, basic TE.CL vulnerability | 2024 | https://cyberw1ng.medium.com/24-14-lab-http-request-smuggling-basic-te-cl-vulnerability-2024-f0159b2569d0?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, hacking, careers, cybersecurity, bug-bounty | 11-May-2024 |
Exploiting Acunetix Vulnweb SQL Injection | https://medium.com/@davidkarpinski1/exploiting-acunetix-vulnweb-sql-injection-5fa5c24b2466?source=rss------bug_bounty-5 | David Eduardo Karpinski | sql, hacking, mysql, bug-bounty, sql-injection | 11-May-2024 |
Unveiling an Account Takeover Vulnerability in a Leading Automobile Brand | https://medium.com/@anekantsinghai/unveiling-an-account-takeover-vulnerability-in-a-leading-automobile-brand-aa41a4e94bfb?source=rss------bug_bounty-5 | Anekant Singhai Jain | infosec, hacking, bug-bounty, cybersecurity, bug-bounty-tips | 11-May-2024 |
دي روود ماب علشان تبدا web pentest | https://medium.com/@akaramany3/%D8%AF%D9%8A-%D8%B1%D9%88%D9%88%D8%AF-%D9%85%D8%A7%D8%A8-%D8%B9%D9%84%D8%B4%D8%A7%D9%86-%D8%AA%D8%A8%D8%AF%D8%A7-web-pentest-91ea9560dbf6?source=rss------bug_bounty-5 | 09x99 | python, cybersecurity, bug-bounty, web-development, javascript | 11-May-2024 |
Mastering Subdomain Takeovers | https://tanishqshahsays.medium.com/mastering-subdomain-takeovers-c9a531fe5d3b?source=rss------bug_bounty-5 | Tanishq Sachin Shah | bug-bounty, bugs, vulnerability, subdomain, cybersecurity | 11-May-2024 |
Linux Privilege Escalation — Capstone Challenge | TryHackMe | https://medium.com/@NoOne./linux-privilege-escalation-capstone-challenge-tryhackme-e69c798204bc?source=rss------bug_bounty-5 | Asim Anwar | hacking, privilege-escalation, linux, bug-bounty, tryhackme | 11-May-2024 |
4 XSSs With A Simple & Optimized Payload | https://levelup.gitconnected.com/4-xsss-with-a-simple-optimized-payload-900753538e90?source=rss------bug_bounty-5 | Hamza Avvan | ethical-hacking, xss-uppercase-bypass, bug-bounty, xss-attack, cybersecurity | 11-May-2024 |
My Hunt: Discovering Microsoft Bugs | https://infosecwriteups.com/my-hunt-discovering-microsoft-bugs-f6a9c790bec0?source=rss------bug_bounty-5 | c0d3x27 | microsoft, hacking, bug-bounty, software-development, cybersecurity | 11-May-2024 |
Today I am going to walk through bepractical.tech | https://medium.com/@ross.jubert/today-i-am-going-to-walk-through-bepractical-tech-c15e1df8aa06?source=rss------bug_bounty-5 | Ross Jubert | cybersecurity, bug-bounty, ethical-hacking, account-takeover, account-takeover-attacks | 11-May-2024 |
Exploiting Acunetix Vulnweb SQL Injection | https://systemweakness.com/exploiting-acunetix-vulnweb-sql-injection-5fa5c24b2466?source=rss------bug_bounty-5 | David Eduardo Karpinski | sql, hacking, mysql, bug-bounty, sql-injection | 11-May-2024 |
IDOR and Missing Authorization leads to free content | https://medium.com/@enigma_/idor-and-missing-authorization-leads-to-free-content-b12037a887a0?source=rss------bug_bounty-5 | enigma | cybersecurity, hacking, idor, oscp, bug-bounty | 10-May-2024 |
How I Discovered a CVE by Scanning Open Source Repositories | https://infosecwriteups.com/how-i-discovered-a-cve-by-scanning-open-source-repositories-a5922d21b797?source=rss------bug_bounty-5 | Scott Lindh | bug-bounty, xss-attack, open-source, application-security, hacking | 10-May-2024 |
CSRF Bypass Combined with IDOR To Complete Account Takeover! | https://medium.com/@ozomarzu/csrf-bypass-combined-with-idor-to-complete-account-takeover-f4995c5946d3?source=rss------bug_bounty-5 | CyberOz | cybersecurity, idor, bug-bounty-writeup, bug-bounty-tips, bug-bounty | 10-May-2024 |
24.13 Lab: HTTP request smuggling, basic CL.TE vulnerability | 2024 | https://cyberw1ng.medium.com/24-13-lab-http-request-smuggling-basic-cl-te-vulnerability-2024-862e743cb078?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, hacking, careers, bug-bounty, cybersecurity | 10-May-2024 |
A Strange Tale of Email Verification Bypass | https://medium.com/@Arioex/a-strange-tale-of-email-verification-bypass-5eda231d14d8?source=rss------bug_bounty-5 | Huntsman | bug-bounty-writeup, cybersecurity, vulnerability, bug-bounty, hacking | 10-May-2024 |
Linux Privilege Escalation | TryHackMe — Part 2 | https://medium.com/@NoOne./linux-privilege-escalation-tryhackme-part-2-9a4cddba01ab?source=rss------bug_bounty-5 | Asim Anwar | bug-bounty, tryhackme, linux, privilege-escalation, hacking | 10-May-2024 |
From Novice to Ninja: Unraveling Bug Bounty Beginnings through Cache Poisoning | https://cametom006.medium.com/from-novice-to-ninja-unraveling-bug-bounty-beginnings-through-cache-poisoning-40de3f8fd211?source=rss------bug_bounty-5 | Fahad Faisal | hackerone, bug-bounty, security, bug-bounty-tips | 10-May-2024 |
Database Info Disclose by Client-Side DOS | https://starlox.medium.com/database-info-disclose-by-client-side-dos-7fb25a26fae8?source=rss------bug_bounty-5 | #$ubh@nk@r | dos-attack, infosec, hacking, bug-bounty | 10-May-2024 |
Inside the Life of a Full-Time Bug Hunter: Weekly Insights and Goals | https://medium.com/@fulltimebughunter/inside-the-life-of-a-full-time-bug-hunter-weekly-insights-and-goals-6da07694fb0d?source=rss------bug_bounty-5 | . | cybersecurity, bug-bounty, bug-bounty-tips, infosec, hacking | 09-May-2024 |
XSS | Here’s how I got my first bounty | https://medium.com/@sM0ky4/xss-heres-how-i-got-my-first-bounty-4f64785fe6f8?source=rss------bug_bounty-5 | sM0ky4 | bug-bounty-writeup, bug-bounty, xss-vulnerability, xss-attack, first-post | 09-May-2024 |
idor affects all users | https://medium.com/@mohamadfadelababede/how-are-you-my-friends-d60c44c29da0?source=rss------bug_bounty-5 | Mohamad Fade Lababede | bug-bounty | 09-May-2024 |
24.12 Lab: CL.0 request smuggling | 2024 | https://cyberw1ng.medium.com/24-12-lab-cl-0-request-smuggling-2024-5b480979e285?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, careers, cybersecurity, hacking | 09-May-2024 |
idor affects all users | https://medium.com/@mohamadfadelababede/idor-affects-all-users-d3f3f12a11c2?source=rss------bug_bounty-5 | Mohamad Fade Lababede | bug-bounty | 09-May-2024 |
HOW I FOUND MY FIRST BUG | https://medium.com/@irenevenunye55/how-i-found-my-first-bug-7d66915a3fbb?source=rss------bug_bounty-5 | Irene Venunye | bug-bounty, bug-bounty-hunting, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program | 09-May-2024 |
Fingerprinting♨♨: Identifying Technologies Of Our Target. | https://hacktivistattacker.medium.com/fingerprinting-identifying-technologies-of-our-target-d3b0c021da0f?source=rss------bug_bounty-5 | Hacktivist-Attacker | fingerprinting, fingerprint-system, bug-bounty, penetration-test, reconnaissance | 09-May-2024 |
Linux Privilege Escalation | TryHackMe — Part 1 | https://medium.com/@NoOne./linux-privilege-escalation-tryhackme-part-1-f0ae442e6864?source=rss------bug_bounty-5 | Asim Anwar | bug-bounty, hacking, tryhackme, privilege-escalation, linux | 09-May-2024 |
How I Found XSS In Another Govt. Site :: NCIIPC VDP !! | https://medium.com/@p.ra.dee.p_0xx01/how-i-found-xss-in-another-govt-site-nciipc-vdp-84d78c0319c2?source=rss------bug_bounty-5 | Professor0xx01 | infosec, security, information-security, bug-bounty, security-research | 09-May-2024 |
An easy bounty using fuzzing | https://medium.com/@xnum.1/an-easy-bounty-using-fuzzing-d602ad06f562?source=rss------bug_bounty-5 | Ahmed Tarek | bug-bounty, hacking, penteration-testing, fuzzing, pentesting | 09-May-2024 |
Exploiting JWT Token Leads To IDOR | https://medium.com/@Ajakcybersecurity/exploiting-jwt-token-leads-to-idor-ec48cb8888bb?source=rss------bug_bounty-5 | AjakCybersecurity | penetration-testing, hacking, cybersecurity, ethical-hacking, bug-bounty | 09-May-2024 |
Simple bug on Indian government website | Govt. bug hunting | https://medium.com/@sidharthpanda1/simple-bug-on-indian-government-website-govt-bug-hunting-0522af40a6ff?source=rss------bug_bounty-5 | SIDHARTH PANDA | bug-bounty, government, indian, hacking, bug-bounty-tips | 08-May-2024 |
ETHICAL AND LEGAL ASPECTS OF BUG HUNTING: RESPONSIBLE DISCLOSURE, SCOPE, NDA AND OTHERS | https://medium.com/@Progsky/ethical-and-legal-aspects-of-bug-hunting-responsible-disclosure-scope-nda-and-others-4832b13a1622?source=rss------bug_bounty-5 | Progsky | documentation, bug-bounty, contracts, ethical-hacking | 08-May-2024 |
NCIIPC VDP Bug : Open Redirection Vulnerability In Govt. Site !! | https://medium.com/@p.ra.dee.p_0xx01/nciipc-vdp-bug-open-redirection-vulnerability-in-govt-site-b048860f5d2d?source=rss------bug_bounty-5 | Professor0xx01 | bug-bounty, security, vulnerability, information-security, infosec | 08-May-2024 |
Revealing a Critical Vulnerability: The Price Manipulation Flaw | https://medium.com/@pawarpushpak36/revealing-a-critical-vulnerability-the-price-manipulation-flaw-cfd640cacf46?source=rss------bug_bounty-5 | Pawarpushpak | penetration-testing, info-sec-writeups, pentesting, bug-zero, bug-bounty | 08-May-2024 |
Unlocking Bug Bounties: Your Comprehensive Guide to Getting Started | https://medium.com/@sachin.hack/unlocking-bug-bounties-your-comprehensive-guide-to-getting-started-427a51d7e875?source=rss------bug_bounty-5 | Sachin Kumar | for-beginners, bug-bounty-tips, bug-bounty, cybersecurity, begineers | 08-May-2024 |
24.11 Lab: HTTP/2 request splitting via CRLF injection |2024 | https://cyberw1ng.medium.com/24-11-lab-http-2-request-splitting-via-crlf-injection-2024-ddb2adaf0cce?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, hacking, careers, penetration-testing | 08-May-2024 |
Hack Any Browser With One Link | https://medium.com/@vishalchaudharydevsec/hack-any-browser-with-one-link-8d890b804627?source=rss------bug_bounty-5 | Vishal Chaudhary | security, hacking, cybersecurity, beef, bug-bounty | 08-May-2024 |
Exposed Key In Page Source Led To Bypass Captcha | https://medium.com/@mohanad.hussam23/exposed-key-in-page-source-led-to-bypass-captcha-add64f8d133b?source=rss------bug_bounty-5 | Muhanad Israiwi | hacking, captcha, bug-bounty, bugs, penetration-testing | 08-May-2024 |
Writing your First Nuclei Template | https://medium.com/@technolifts/writing-your-first-nuclei-template-f88575635ea8?source=rss------bug_bounty-5 | TechnoLifts | nucleus, nuclei-template, cybersecurity, offensive-security, bug-bounty | 08-May-2024 |
XSS vulnerability caused by modifying the Content-Type | https://medium.com/@xiaodongsec/xss-vulnerability-caused-by-modifying-the-content-type-5118e2d02286?source=rss------bug_bounty-5 | Xiaodong | vulnerability, xss-attack, money, bug-bounty, hacker | 08-May-2024 |
Modify the request path to bypass upload restrictions, leading to an XSS vulnerability. | https://medium.com/@xiaodongsec/modify-the-request-path-to-bypass-upload-restrictions-leading-to-an-xss-vulnerability-0610a893ff1a?source=rss------bug_bounty-5 | Xiaodong | money, hacker, vulnerability, bug-bounty, xss-attack | 08-May-2024 |
An easily accomplished account takeover | https://medium.com/@xiaodongsec/an-easily-accomplished-account-takeover-cc2fd1c287ec?source=rss------bug_bounty-5 | Xiaodong | bug-bounty, hacker, china, money, vulnerability | 07-May-2024 |
Title: Understanding Vertical Privilege Escalation in Cybersecurity | https://alvinbijo.medium.com/title-understanding-vertical-privilege-escalation-in-cybersecurity-2a12c42f8d83?source=rss------bug_bounty-5 | Alvin bijo | bug-bounty | 07-May-2024 |
24.10 Lab: HTTP/2 request smuggling via CRLF injection | 2024 | https://cyberw1ng.medium.com/24-10-lab-http-2-request-smuggling-via-crlf-injection-2024-8970aa222b46?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, hacking, bug-bounty, penetration-testing, careers | 07-May-2024 |
Securitydegen.com Feature Update! | https://medium.com/@bugbountydegen/securitydegen-com-feature-update-d0bda8b236c0?source=rss------bug_bounty-5 | Bug Bounty Degen | vulnerability, web3, blockchain-security-audit, bug-bounty, smart-contracts | 07-May-2024 |
A Thrilling Dive into Cloud Penetration Testing | https://adipsharif.medium.com/a-thrilling-dive-into-cloud-penetration-testing-fc88855f7f15?source=rss------bug_bounty-5 | ADIP | bug-bounty, information-security, cloud, info-sec-writeups, penetration-testing | 07-May-2024 |
Threat Modeling for OAuth 2.0 Authorization Framework | https://medium.com/@jayeshkunwal/threat-modeling-for-oauth-2-0-authorization-framework-fcab66226fd7?source=rss------bug_bounty-5 | Jayesh kunwal | threat-modeling, bug-bounty, oauth, cybersecurity, vapt | 07-May-2024 |
How I got $250 for IDOR via Business Logic Error | https://medium.com/@aryamanav.028/how-i-got-250-for-idor-via-business-logic-error-f3ba502baa5e?source=rss------bug_bounty-5 | Manav Arya | cybersecurity, information-security, vulnerability, bug-bounty, bugcrowd | 07-May-2024 |
Athena TryHackMe Walkthrough | https://medium.com/@boogsta/athena-tryhackme-walkthrough-58eb432f0daa?source=rss------bug_bounty-5 | Boogsta | cybersecurity, bug-bounty, hacking, tryhackme, cyber | 07-May-2024 |
A Comprehensive Review of the Guided Hacking Forum | https://medium.com/@yannik603/a-comprehensive-review-of-the-guided-hacking-forum-918231ab4f68?source=rss------bug_bounty-5 | Yannik Castro | reverse-engineering, bug-bounty, games, ctf, hacking | 07-May-2024 |
IDN Bootcamp Bug Bounty : Langkah awal Menjadi Bug Hunter | https://medium.com/@cornelius.yuli.r/idn-bootcamp-bug-bounty-langkah-awal-menjadi-bug-hunter-a1fce0850681?source=rss------bug_bounty-5 | Cornelius | idn-bootcamp, bug-bounty | 06-May-2024 |
Crypto bounty program got me $500 — Rate Limit Bypass | https://mo9khu93r.medium.com/crypto-bounty-program-got-me-500-rate-limit-bypass-d573f7b7d390?source=rss------bug_bounty-5 | mo9khu93r | cryptocurrency, security, hacking, web3, bug-bounty | 06-May-2024 |
IDN Bootcamp Bug Bounty : Langkah awal Menjadi Bug Hunter | https://cornelius-y.medium.com/idn-bootcamp-bug-bounty-langkah-awal-menjadi-bug-hunter-a1fce0850681?source=rss------bug_bounty-5 | Cornelius Yuli | idn-bootcamp, bug-bounty | 06-May-2024 |
Bounty Beginnings: My First Bug Discovery | https://cyberojas.medium.com/bounty-beginnings-my-first-bug-discovery-c4fea0b0c5c3?source=rss------bug_bounty-5 | cyberOjas | bug-bounty, vulnerability, bugcrowd | 06-May-2024 |
Web3 Bug Bounty V/S Smart Contract Auditing | https://securrtech.medium.com/web3-bug-bounty-v-s-smart-contract-auditing-94207960469d?source=rss------bug_bounty-5 | Securr | blockchain, smart-contract-auditing, bug-bounty, web3, web3-security | 06-May-2024 |
alasan ingin belajar bug bounty IDN bootcamp | https://medium.com/@ilhamsabana100/alasan-ingin-belajar-bug-bounty-idn-bootcamp-abf359e6a628?source=rss------bug_bounty-5 | Ilhamsabana | bug-bounty | 06-May-2024 |
Blog mengenai saya sebagai syarat Bug Bounty IDN Bootcamp | https://medium.com/@081335097475a/blog-mengenai-saya-sebagai-syarat-bug-bounty-idn-bootcamp-ba3a6d8cdf36?source=rss------bug_bounty-5 | Mohamad Fachry Ali | cybersecurity, bug-bounty | 06-May-2024 |
Pengalaman saya dibidang CyberSecurity | https://medium.com/@ahmadfauzyhafidz/pengalaman-saya-dibidang-cybersecurity-6919e17302d8?source=rss------bug_bounty-5 | Ahmad Fauzy Hafidz | coding, cybersecurity, bug-bounty, capture-the-flag | 06-May-2024 |
My Journey to Become a Bug Hunters | Bug Bounty IDN Bootcamp | https://wahyukiddies.medium.com/my-journey-to-become-a-bug-hunters-bug-bounty-idn-bootcamp-9cc04860c874?source=rss------bug_bounty-5 | Wahyu Priambodo | technology, bug-bounty, experience, cybersecurity, bootcamp | 06-May-2024 |
Bug bounty IDN Bootcamp: Perjalanan menjadi pentester dan bug hunter | https://medium.com/@rizkiarifsaifudin/bug-bounty-idn-bootcamp-perjalanan-menjadi-pentester-dan-bug-hunter-bf4eee8b64f5?source=rss------bug_bounty-5 | Rizki Arif Saifudin | programming, bug-bounty, linux, cybersecurity | 06-May-2024 |
Pengalaman Menemukan Celah Keamanan (Bug) Pada Sebuah Website (Prelude Bug Bounty IDN Bootcamp) | https://medium.com/@nugrohoandyreza/pengalaman-menemukan-celah-keamanan-bug-pada-sebuah-website-prelude-bug-bounty-idn-bootcamp-7c4d6ad2af1f?source=rss------bug_bounty-5 | Andy R. Nugroho | bug-bounty | 06-May-2024 |
Guide To Subdomain Takeovers: DNS Resolutions:-Vertical Recon. | https://hacktivistattacker.medium.com/dns-resolutions-guide-to-subdomain-takeovers-vertical-recon-9da92433e973?source=rss------bug_bounty-5 | Hacktivist-Attacker | reconnaissance, subdomain-takeover, penetration-testing, subdomain, bug-bounty | 06-May-2024 |
Network Infrastructure Recon | https://medium.com/@davidkarpinski1/network-infrastructure-recon-3d5741eec73b?source=rss------bug_bounty-5 | David Eduardo Karpinski | dns, hacking, networking, cybersecurity, bug-bounty | 06-May-2024 |
BugBountyTraining Lab: FastFoodHackings Part 1 | https://hoppp3r.medium.com/bugbountytraining-lab-fastfoodhackings-part-1-39a7b06fdef9?source=rss------bug_bounty-5 | Hoppp3r | bug-bounty-writeup, bugbountytraining, fastfoodhackings, bug-bounty, bug-bounty-labs | 05-May-2024 |
Bug Bounty IDN Bootcamp | https://medium.com/@nurdin8/bug-bounty-idn-bootcamp-dffeeba84854?source=rss------bug_bounty-5 | Senudin Nurdin | bug-bounty | 05-May-2024 |
Hack Like a Pro: Precon’s Simple Subdomain Secrets | https://medium.com/@tamhacker1/hack-like-a-pro-precons-simple-subdomain-secrets-a87e5b741b0b?source=rss------bug_bounty-5 | Tamhacker | ethical-hacking, bug-bounty, hacker, hacking, cybersecurity | 05-May-2024 |
Exposing Information Of All Users “Email,Mobile Number ..etc” | https://medium.com/@dr4040x00/exposing-information-of-all-users-email-mobile-number-etc-697c328e0584?source=rss------bug_bounty-5 | Dr404 | information-disclosure, web-pen-testing, bug-bounty, bug-bounty-tips | 05-May-2024 |
24.9 Lab: H2.CL request smuggling | 2024 | https://cyberw1ng.medium.com/24-9-lab-h2-cl-request-smuggling-2024-792b86db2c2a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, penetration-testing, cybersecurity, hacking | 05-May-2024 |
An Impactful ‘No Rate Limiting’ Bug | https://medium.com/@duncanochieng682/an-impactful-no-rate-limiting-bug-29eb5158fd14?source=rss------bug_bounty-5 | JateloCybersec | ethical-hacking, web-app-security, bug-bounty, pentesting, bugs | 05-May-2024 |
Information gathering with OSINT | https://medium.com/@davidkarpinski1/information-gathering-with-osint-3b8af60a194d?source=rss------bug_bounty-5 | David Eduardo Karpinski | hacking, osint, bug-bounty, cybersecurity, pentesting | 05-May-2024 |
JS-Snooper: Get More Bounty With Easy Bugs | https://aravind07.medium.com/js-snooper-get-more-bounty-with-easy-bugs-9d7b410f070e?source=rss------bug_bounty-5 | Gnana Aravind K | cybersecurity, infosec, bug-bounty, bug-bounty-tips, hacking | 05-May-2024 |
Proxying Web Traffic Via SSH | https://medium.com/@mu.gl/proxying-web-traffic-via-ssh-f3cf09c35d46?source=rss------bug_bounty-5 | Mark El-Khoury | bug-bounty, ssh, pentesting, cybersecurity, infosec | 04-May-2024 |
LEARNING THE BUG BOUNTY PROGRAM | https://medium.com/@basithrazaky/learning-the-bug-bounty-program-ffdfc54b3dee?source=rss------bug_bounty-5 | Ramadhani Basith Razaky | capture-the-flag, bug-bounty, cybersecurity, linux, networking | 04-May-2024 |
24.8 Lab: Response queue poisoning via H2.TE request smuggling | 2024 | https://cyberw1ng.medium.com/24-8-lab-response-queue-poisoning-via-h2-te-request-smuggling-2024-33bdb4b56b0b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, cybersecurity, hacking, bug-bounty | 04-May-2024 |
# Certifcates | https://medium.com/@scumdestroy/certifcates-f51eace48a7e?source=rss------bug_bounty-5 | ︎ | penetration-testing, bug-bounty, recon, hacking, reconnaissance | 04-May-2024 |
Get Your First Award by Joining IDN Bootcamp Bug Bounty | https://medium.com/@oktaa_/get-your-first-award-by-joining-idn-bootcamp-bug-bounty-7dd927ebe6b3?source=rss------bug_bounty-5 | okta | bug-bounty, linux, network, penetration-testing, hacker | 04-May-2024 |
Alasan Kenapa Ingin Mengikuti “Bootcamp Bug Bounty IDN” | https://medium.com/@naurayaffakamila/alasan-kenapa-ingin-mengikuti-bootcamp-bug-bounty-idn-2d4a5889518c?source=rss------bug_bounty-5 | Naursyy_ | bug-bounty, technology, cybersecurity | 04-May-2024 |
LEARNING BUG BOUNTY IDN BOOTCAMP | https://medium.com/@basithrazaky/learning-the-bug-bounty-program-ffdfc54b3dee?source=rss------bug_bounty-5 | Ramadhani Basith Razaky | capture-the-flag, bug-bounty, cybersecurity, linux, networking | 04-May-2024 |
24.7 Lab: Exploiting HTTP request smuggling to deliver reflected XSS | 2024 | https://cyberw1ng.medium.com/24-7-lab-exploiting-http-request-smuggling-to-deliver-reflected-xss-2024-334de5c0d400?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, cybersecurity, careers, hacking | 03-May-2024 |
Empire Breakout Vulnhub: WriteUp | Walkthrough | VulnHub CTF | Privilege Escalation Attack | Python… | https://shamsulmehmood.medium.com/empire-breakout-vulnhub-writeup-walkthrough-vulnhub-ctf-privilege-escalation-attack-python-235087d3db54?source=rss------bug_bounty-5 | SHAMS UL MEHMOOD | cybersecurity, information-security, cyberattack, infosec, bug-bounty | 03-May-2024 |
Unleashing the Ethical Hacker Within: Cybersecurity Insights, Bug Bounty Tips, and the Art of… | https://kd-200.medium.com/unleashing-the-ethical-hacker-within-cybersecurity-insights-bug-bounty-tips-and-the-art-of-2ebdb65a9ff3?source=rss------bug_bounty-5 | Nitin yadav | tech, infosec, technology, bug-bounty, cybersecurity | 03-May-2024 |
3 easiest bugs that you can find right now [guarantied] | https://medium.com/@deadoverflow/3-easiest-bugs-that-you-can-find-right-now-guarantied-71ef89efd1a7?source=rss------bug_bounty-5 | Imad Husanovic | cybersecurity, hacking, bug-bounty-tips, programming, bug-bounty | 03-May-2024 |
Why and how to hide usernames on your WordPresss. | https://medium.com/@izmir.suat/why-and-how-to-hide-usernames-on-your-wordpresss-b01320642838?source=rss------bug_bounty-5 | Izmir Suat | wordpress, bug-bounty, information-security, pentest | 03-May-2024 |
XSS leads to HALL OF FAME on a French website | https://medium.com/@KaranMoudgil/xss-leads-to-hall-of-fame-on-a-french-website-95bd3a96ad24?source=rss------bug_bounty-5 | Karan Moudgil | bug-bounty | 03-May-2024 |
Alasan saya ingin megikuti Bug Bounty IDN Bootcamp | https://wildan14ar.medium.com/alasan-saya-ingin-megikuti-bug-bounty-idn-bootcamp-339aa385b45b?source=rss------bug_bounty-5 | WILDAN ABDURRASYID | bootcamp, bug-bounty, idn, cybersecurity, sytem | 03-May-2024 |
How I bypassed OTP in unexpected way | https://medium.com/@ckachhadiya007/how-i-bypassed-otp-in-unexpected-way-2d4b478db512?source=rss------bug_bounty-5 | DEep | hacking, bug-bounty, red-team, cybersecurity, vulnerability | 03-May-2024 |
Real World GitLab Account Take Over | https://medium.com/@red.whisperer/real-world-gitlab-account-take-over-b2e9896a1835?source=rss------bug_bounty-5 | Chux | hacking, cybersecurity, infosec, red-team, bug-bounty | 03-May-2024 |
IDOR lead to PII Disclosure | https://medium.com/@karimelsayed0x1/idor-lead-to-pii-disclosure-121502394277?source=rss------bug_bounty-5 | z3r0xk | idor, bug-bounty, web-security | 03-May-2024 |
How I Bypassed Rate limiting To Account Takeover | https://medium.com/@Ajakcybersecurity/how-i-bypassed-rate-limiting-to-account-takeover-1df722a527d5?source=rss------bug_bounty-5 | AjakCybersecurity | hacking, cybersecurity, penetration-testing, bug-bounty, ethical-hacking | 03-May-2024 |
DNS Resolutions: Identifying Live Targets : Vertical RECON. | https://hacktivistattacker.medium.com/dns-resolutions-identifying-live-targets-vertical-recon-2a2aed49bd6b?source=rss------bug_bounty-5 | Hacktivist-Attacker | penetration-testing, reconnaissance, bug-bounty, education, résolutions | 03-May-2024 |
what is RCE-[Remote code Execution]❓ | https://medium.com/@mmdesvand1386/what-is-rce-remote-code-execution-fee04264fe30?source=rss------bug_bounty-5 | mamad | bug-bounty, website, security, cyber-security-website, social-security-website | 03-May-2024 |
Sql İnjection Nedir &Karşılaştığım Vaka | https://medium.com/@akostak/sql-i%CC%87njection-nedir-kar%C5%9F%C4%B1la%C5%9Ft%C4%B1%C4%9F%C4%B1m-vaka-708b17f5da9d?source=rss------bug_bounty-5 | Ali | bug-bounty-tips, bug-bounty, sql-injection, vulnerability, bugs | 03-May-2024 |
Bug Bounty ID | https://medium.com/@nurdin8/bug-bounty-id-33c529b2cd1a?source=rss------bug_bounty-5 | Senudin Nurdin | free-course, linux, network, cyberse, bug-bounty | 02-May-2024 |
24.6 Lab: Exploiting HTTP request smuggling to capture other users requests | 2024 | https://cyberw1ng.medium.com/24-6-lab-exploiting-http-request-smuggling-to-capture-other-users-requests-2024-fd10d3b638bc?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, cybersecurity, penetration-testing, careers | 02-May-2024 |
Langkah Awal Menuju Bug Bounty IDN BootCamp | https://medium.com/@caomaysss/langkah-awal-menuju-bug-bounty-idn-bootcamp-42bcc61ba7ef?source=rss------bug_bounty-5 | Caomay | bug-bounty, xiaocaomay, idn, idn-network | 02-May-2024 |
Become a Bug Bounty hunter: Unveiling the Secrets to Success! | https://adipsharif.medium.com/become-a-bug-bounty-hunter-unveiling-the-secrets-to-success-90dfab4c2832?source=rss------bug_bounty-5 | ADIP | infosec, bug-bounty-tips, info-sec-writeups, penetration-testing, bug-bounty | 02-May-2024 |
Google VRP Targets by Tier | https://uprootsecurity.medium.com/google-vrp-targets-by-tier-c0679c27e545?source=rss------bug_bounty-5 | UprootSecurity | infosec, pentest, bug-bounty, cybersecurity, vapt | 02-May-2024 |
Alasan ingin belajar pada Bug Bounty IDN Bootcamp | https://medium.com/@putrantosurya38/alasan-ingin-belajar-bug-bounty-9f33d7d75161?source=rss------bug_bounty-5 | Putranto Surya | cybersecurity, bug-bounty, bug-bounty-idn-bootcamp | 02-May-2024 |
How I Gained Account Access: Exploring the Risks of Password Reset Links in Cybersecurity | https://kd-200.medium.com/how-i-gained-account-access-exploring-the-risks-of-password-reset-links-in-cybersecurity-5811e914c289?source=rss------bug_bounty-5 | Nitin yadav | cybersecurity, bug-bounty, hacking, hackerone, technology | 02-May-2024 |
Mengapa bug bounty? | https://medium.com/@rayyaramburambani11/mengapa-bug-bounty-0f77b824cc6c?source=rss------bug_bounty-5 | rayya | newbie, roboti̇k, bug-bounty-idn-bootcamp, bug-bounty | 02-May-2024 |
How i got admin panel without opening the target | https://thesafdari.medium.com/how-i-got-admin-panel-without-opening-the-target-8ca4a2c219be?source=rss------bug_bounty-5 | Milad Safdari (TheSafdari) | github, hacking, github-secret, bug-bounty, cybersecurity | 02-May-2024 |
Diving into the Depths: Unveiling Bug Bounty Adventures and Insights into Linux, Programming, and… | https://medium.com/@mansorihack/diving-into-the-depths-unveiling-bug-bounty-adventures-and-insights-into-linux-programming-and-952cc8957dc0?source=rss------bug_bounty-5 | Mansorihack | linux, bug-bounty, pentesting | 02-May-2024 |
Bug Bounty IDN Bootcamp | By Eky | https://medium.com/@muhr6128/bug-bounty-idn-bootcamp-by-eky-7a65bc3f6844?source=rss------bug_bounty-5 | person | cybersecurity, ethical-hacking, ctf, bug-bounty | 02-May-2024 |
Complex Attack Types: Sample Scenarios 3 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-3-bcd472d684cf?source=rss------bug_bounty-5 | Baris Dincer | cybersecurity, threat-intelligence, bug-bounty, penetration-testing, freedomofinternet | 02-May-2024 |
Real-World Example of Race Condition Exploits “adding Money” | https://medium.com/@dr4040x00/real-world-example-of-race-condition-exploits-adding-money-c8fe62964067?source=rss------bug_bounty-5 | Dr404 | race-condition, web-penetration-testing, vulnerability, bug-bounty | 02-May-2024 |
#01: Path traversal | https://medium.com/@karimelsayed0x1/01-path-traversal-0c52daffd26e?source=rss------bug_bounty-5 | z3r0xk | source-code-review, path-traversal, web-security, nodejs, bug-bounty | 02-May-2024 |
My Journey to the Nokia Security Hall of Fame | https://mufazmi.medium.com/my-journey-to-the-nokia-security-hall-of-fame-4e9cf4d8b5e9?source=rss------bug_bounty-5 | Umair Farooqui | hof, bug-bounty, mufazmi, nokia-hall-of-fame, umair-farooqui | 01-May-2024 |
Harnessing the Power of Crowd-Sourced Security | https://medium.com/@paritoshblogs/harnessing-the-power-of-crowd-sourced-security-1326641d81b7?source=rss------bug_bounty-5 | Paritosh | cybersecurity, information-technology, information-security, cloud-computing, bug-bounty | 01-May-2024 |
My First Verified Bug Bounty: Unmasking Flaws in University Web Apps | https://medium.com/@rafisyafrinaldi17/my-first-verified-bug-bounty-unmasking-flaws-in-university-web-apps-6c6b5fb1e8da?source=rss------bug_bounty-5 | Impeony | Rafi | vulnerability-assessment, cybersecurity, bug-bounty-writeup, bug-bounty | 01-May-2024 |
How I Bypass CSP that allow a iframe injection in a chat bot + HTML injection on emails | https://medium.com/@jeetpal2007/how-i-bypass-csp-that-allow-a-iframe-injection-in-a-chat-bot-html-injection-on-emails-9d588aeef4c3?source=rss------bug_bounty-5 | JEETPAL | bug-bounty, htmli, bug-bounty-writeup, chatbotbugs, bug-bounty-tips | 01-May-2024 |
€150 Bounty: Chaining Vulns to fully Exploit CORS Misconfiguration | https://r4v3n0r.medium.com/150-bounty-chaining-vulns-to-fully-exploit-cors-misconfiguration-521a0cd97316?source=rss------bug_bounty-5 | Fabian Cruz | information-security, bug-bounty, infrastructure-security, cybersecurity, penetration-testing | 01-May-2024 |
How can I bypass the limit on the number of team members | https://medium.com/@xiaodongsec/how-can-i-bypass-the-limit-on-the-number-of-team-members-c3dd56d265a0?source=rss------bug_bounty-5 | Xiaodong | china, vulnerability, money, bug-bounty, hacker | 01-May-2024 |
€400 Bounty: Unveiling a More Impactful CORS Misconfiguration Exploit | https://r4v3n0r.medium.com/400-bounty-unveiling-a-more-impactful-cors-misconfiguration-exploit-6db0a1b39bdc?source=rss------bug_bounty-5 | Fabian Cruz | web-security, bug-bounty, information-security, penetration-testing, cybersecurity | 01-May-2024 |
FortiClient Android App | https://medium.com/@3ed0x92/forticlient-android-app-958f942cb5b7?source=rss------bug_bounty-5 | Mohamed Eid Wahby | bug-bounty, mobile-pentest, mobile-pentesting, penetration-testing, bug-bounty-tips | 01-May-2024 |
Partnering with fewerClicks- To Provide Robust Web3 Security | https://securrtech.medium.com/partnering-with-fewerclicks-to-provide-robust-web3-security-007328375783?source=rss------bug_bounty-5 | Securr | smart-contract-auditing, bug-bounty, pentesting, web3 | 01-May-2024 |
1500$ bounty: how unprotected directory leaked sensitive info | https://medium.com/@aa.pietruczuk/1500-bounty-how-unprotected-directory-leaked-sensitive-info-929b55515232?source=rss------bug_bounty-5 | Agnieszka Pietruczuk | pentesting, bug-bounty | 01-May-2024 |
Exposed Secrets: The Peril of Broken Access Control | https://kd-200.medium.com/exposed-secrets-the-peril-of-broken-access-control-928223c62547?source=rss------bug_bounty-5 | Nitin yadav | cybersecurity, bug-bounty, technology, hacking, penetration-testing | 01-May-2024 |
BBRADAR: A WEB TOOL TO FIND THE LATEST BUG BOUNTY PROGRAMS | https://medium.com/@Progsky/bbradar-a-web-tool-to-find-the-latest-bug-bounty-programs-833ba632f7a6?source=rss------bug_bounty-5 | Progsky | web-hacking, web-security, bug-bounty | 01-May-2024 |
I sent 1,000,000 Requests to a server | https://imwaiting18.medium.com/i-sent-1-000-000-requests-to-a-server-dcb6b41d5d7f?source=rss------bug_bounty-5 | imwaiting18 (Virang Rajyaguru) | hacking, cybersecurity, bug-bounty, ethical-hacking | 01-May-2024 |
AWS S3 Bucket Misconfiguration Exposes PII and Documents of Job Seekers | https://infosecwriteups.com/aws-s3-bucket-misconfiguration-exposes-pii-and-documents-of-job-seekers-7b1332b0ecf1?source=rss------bug_bounty-5 | brutexploiter | cybersecurity, cloud, india, information-security, bug-bounty | 01-May-2024 |
Learning Offensive Cybersecurity — Day 2 | https://medium.com/@n4rkwh4l/learning-offensive-cybersecurity-day-2-73a682ba1e4d?source=rss------bug_bounty-5 | N4RKWH4L | offensive-security, cybersecurity, bug-bounty, learning, tech | 01-May-2024 |
Billions Bug Bounty Program | https://billionsquest.medium.com/billions-bug-bounty-program-c86689b4fb29?source=rss------bug_bounty-5 | Billions Quest | bug-bounty-tips, bug-bounty, bug-bounty-hunter, bugs | 01-May-2024 |
Binary Exploitation: PicoCTF clutter-overflow challenge walk through | https://medium.com/@boogsta/binary-exploitation-picoctf-clutter-overflow-challenge-walk-through-80e2f775102c?source=rss------bug_bounty-5 | Boogsta | bug-bounty, hacking, hackathons, cyber, cybersecurity | 01-May-2024 |
1,000,000 requests 2FA bypass | https://imwaiting18.medium.com/i-sent-1-000-000-requests-to-a-server-dcb6b41d5d7f?source=rss------bug_bounty-5 | imwaiting18 (Virang Rajyaguru) | hacking, cybersecurity, bug-bounty, ethical-hacking | 01-May-2024 |
Javascript code inside HTML | https://medium.com/@thewhiteside2000/javascript-code-inside-html-389a71060bf0?source=rss------bug_bounty-5 | Thewhiteside | bugs, bug-bounty-tips, bug-bounty | 01-May-2024 |
How OSINT Helped Me To Find User Credentials And Discover An OTP Bypass | https://medium.com/@mohammed0x04/how-osint-helped-me-to-find-user-credentials-and-discover-an-otp-bypass-afb6b9e23b45?source=rss------bug_bounty-5 | Mohammed Waleed | recon, osint, bug-bounty-tips, cybersecurity, bug-bounty | 30-Apr-2024 |
Bypassing SSL Pinning with Frida and Objection in Mobile Applications | https://medium.com/@ria.banerjee005/bypassing-ssl-pinning-with-frida-and-objection-in-mobile-applications-0b42a778b0f2?source=rss------bug_bounty-5 | Ria Banerjee | bug-bounty, cybersecurity, ssl-pinning, mobile-security, mobile-app-testing | 30-Apr-2024 |
Another ATO, will I get paid this time? | https://imwaiting18.medium.com/another-ato-will-i-get-paid-this-time-ba86ed272f3e?source=rss------bug_bounty-5 | imwaiting18 (Virang Rajyaguru) | hacking, ethical-hacking, security, bug-bounty, cyber-security-awareness | 30-Apr-2024 |
Useful GoogleDocks Tips — Bug Bounty Tuesday | https://medium.com/@kerstan/useful-googledocks-tips-bug-bounty-tuesday-45eddc06bf93?source=rss------bug_bounty-5 | kerstan | cybersecurity, bug-bounty, hacking | 30-Apr-2024 |
How I found three Critical Vulnerability in one site. | https://medium.com/@ckachhadiya007/how-i-found-three-critical-vulnerability-in-one-site-70fc513669d8?source=rss------bug_bounty-5 | DEep | vulnerability, hacking, cybersecurity, red-team, bug-bounty | 30-Apr-2024 |
O melhor curso de hacking etico do Brasil | https://medium.com/@rafael.code77/o-melhor-curso-de-hacking-etico-do-brasil-cec8eec850bb?source=rss------bug_bounty-5 | Rafael Henrique | tryhackme-writeup, hacking, bug-bounty, hacker, hackerone | 30-Apr-2024 |
24.4 Lab: Exploiting HTTP request smuggling to bypass front-end security controls, CL.TE | https://cyberw1ng.medium.com/24-4-lab-exploiting-http-request-smuggling-to-bypass-front-end-security-controls-cl-te-458923cda52d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, penetration-testing, bug-bounty, hacking | 30-Apr-2024 |
Learning OffensiveCybersecurity — Day 1 | https://medium.com/@n4rkwh4l/learning-offensivecybersecurity-day-1-b5c26c55522c?source=rss------bug_bounty-5 | N4RKWH4L | bug-bounty, cybersecurity, offensive-security, learning, tech | 30-Apr-2024 |
Adding Certificates to Postman & Burp Suite for API Testing | https://medium.com/r3d-buck3t/adding-certificates-to-postman-burp-suite-for-api-testing-06339a6d072a?source=rss------bug_bounty-5 | Nairuz Abulhul | security, bug-bounty, penetration-testing, hacking, infosec | 30-Apr-2024 |
Bug Bounty Challenge (final): [CONCLUSION] | https://wallotry.medium.com/bug-bounty-challenge-final-day-10-30-04-2024-75a6f93d2687?source=rss------bug_bounty-5 | Wallotry | bug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup | 30-Apr-2024 |
Finding a viper in the curved lawn | https://medium.com/@kupiasec/finding-a-viper-in-the-curved-lawn-e43401997cce?source=rss------bug_bounty-5 | KupiaSec | curve-finance, bug-bounty, audit, blockchain, security | 30-Apr-2024 |
ineligible for bounty !!! | https://medium.com/@thewhiteside2000/ineligible-for-bounty-d4b720bfb596?source=rss------bug_bounty-5 | Thewhiteside | bug-bounty | 30-Apr-2024 |
postMessage() security | https://noobstain.medium.com/postmessage-security-e6c55ef1f1bd?source=rss------bug_bounty-5 | Sumeet darekar | bug-bounty, xss-vulnerability, replit, postmessage, javascript | 30-Apr-2024 |
Learning Offensive Cybersecurity — Day 1 | https://medium.com/@n4rkwh4l/learning-offensivecybersecurity-day-1-b5c26c55522c?source=rss------bug_bounty-5 | N4RKWH4L | bug-bounty, cybersecurity, offensive-security, learning, tech | 30-Apr-2024 |
Bug Bounty Challenge (final): CONCLUSION | https://wallotry.medium.com/bug-bounty-challenge-final-day-10-30-04-2024-75a6f93d2687?source=rss------bug_bounty-5 | Wallotry | bug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup | 30-Apr-2024 |
do FUZZ well! | https://medium.com/@ugs20b126_cic.rajesh/do-fuzz-well-07cb19bb0675?source=rss------bug_bounty-5 | Rajesh Sagar | bug-bounty, fuzzing, bug-bounty-tips | 30-Apr-2024 |
E-Commerce Application Penetration Testing- My Favourite Business Logical Flaw | https://medium.com/@vaishalinagori112/e-commerce-application-penetration-testing-my-favourite-business-logical-flaw-bac0367ad60c?source=rss------bug_bounty-5 | Vaishali Nagori | application-security, ciso, bug-bounty, penetration-testing, vapt | 29-Apr-2024 |
The Silent Threat: Uncovering IDOR Vulnerabilities Before They’re Exploited (PoC) | https://medium.com/@mrmaulik191/the-silent-threat-uncovering-idor-vulnerabilities-before-theyre-exploited-poc-f98d2b8aec8d?source=rss------bug_bounty-5 | Mr.MG | idor, penetration-testing, blog, cybersecurity, bug-bounty | 29-Apr-2024 |
The Story of a Mass Account Takeover Though Stored XSS (Cross-Site Scripting). | https://medium.com/@iamrajchavan/the-story-of-a-mass-account-takeover-though-stored-xss-cross-site-scripting-bd2e484a0bd1?source=rss------bug_bounty-5 | Rajdip Chavan | vapt, cybersecurity, bug-hunting, web-app-pentesting, bug-bounty | 29-Apr-2024 |
The Fuzzy Wuzzy: Unveiling Hidden Parameters | https://medium.com/@mendurim.r/the-fuzzy-wuzzy-unveiling-hidden-parameters-24169dfc9371?source=rss------bug_bounty-5 | m3nd00 | bug-bounty, fuzzing, ffuf | 29-Apr-2024 |
Explorando Acunetix Vulneweb SQL Injection | https://medium.com/@davidkarpinski1/explorando-acunetix-vulneweb-sql-injection-23360cf2d5f3?source=rss------bug_bounty-5 | David Eduardo Karpinski | sql-injection, sql, bug-bounty, mysql, vulnerability | 29-Apr-2024 |
24.3 Lab: Exploiting HTTP request smuggling to bypass front-end security controls, CL.TE | https://cyberw1ng.medium.com/24-3-lab-exploiting-http-request-smuggling-to-bypass-front-end-security-controls-cl-te-3a5f92a939d2?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, penetration-testing, hacking, cybersecurity | 29-Apr-2024 |
Temu glitch - Temu system hacked and let me buy free items! | https://medium.com/@verylazytech/temu-glitch-temu-system-hacked-and-let-me-buy-free-items-356fad19ae4a?source=rss------bug_bounty-5 | Very Lazy Tech | temu, hacking, shopping, free, bug-bounty | 29-Apr-2024 |
The Fuzzy Wuzzy: Unveiling Hidden Parameters | https://medium.com/@mendurim.r/the-fuzzy-wuzzy-unveiling-hidden-parameters-24169dfc9371?source=rss------bug_bounty-5 | ScriptTease | bug-bounty, fuzzing, ffuf | 29-Apr-2024 |
Broken Link Hijacking: A Hidden Threat $350 Bounty | https://medium.com/@chouhanhimanshu532/broken-link-hijacking-a-hidden-threat-350-bounty-bb5978177b1d?source=rss------bug_bounty-5 | Himanshu Chouhan | bug-bounty, bugcrowd, bugs, broken-link-hijacking, bug-bounty-tips | 29-Apr-2024 |
Embracing Downtime: Why “Wasting Time” Can Be Beneficial for Bug Hunters | https://securitylit.medium.com/embracing-downtime-why-wasting-time-can-be-beneficial-for-bug-hunters-62d83da87a14?source=rss------bug_bounty-5 | Security Lit Limited | bug-bounty, cybersecurity, penetration-testing, bug-bounty-tips | 29-Apr-2024 |
Crypto Attacks Cheat-Sheet | https://medium.com/@davidkarpinski1/brute-forcing-cheat-sheet-30a9f58e024e?source=rss------bug_bounty-5 | David Eduardo Karpinski | hacking, bug-bounty, dictionary, cheating, crack | 29-Apr-2024 |
Bug Bounty Challenge (final): Day 9–29/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-final-day-9-29-04-2024-9643d90e3ccf?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 29-Apr-2024 |
The Last Dance (HackTheBox Writeup) | https://medium.com/@krishgera1/the-last-dance-hackthebox-writeup-ab0ffda6264f?source=rss------bug_bounty-5 | Krish Gera | ctf, cybersecurity, hackthebox, hackerone, bug-bounty | 29-Apr-2024 |
Find PII Info Disclosure Bugs With this Simple GUI Tool-Easy P1 | https://medium.com/@Ajakcybersecurity/find-pii-info-disclosure-bugs-with-this-simple-gui-tool-easy-p1-7507a34ae172?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, cybersecurity, bug-bounty, hacking, penetration-testing | 29-Apr-2024 |
Bug Zero at a Glance [01–15 April] | https://blog.bugzero.io/bug-zero-at-a-glance-01-15-april-1a761018d605?source=rss------bug_bounty-5 | Januka Dharmapriya | cybersecurity, sri-lanka, bug-zero, newsletter, bug-bounty | 28-Apr-2024 |
2FA bypass that made me $______ | https://imwaiting18.medium.com/2fa-bypass-that-made-me-6d32d3b762b4?source=rss------bug_bounty-5 | imwaiting18 (Virang Rajyaguru) | csrf, bug-bounty, cybersecurity, 2fa-bypass, hacking | 28-Apr-2024 |
How to choose less competitive Bug Bounty Programs ( No VDPs) | https://medium.com/@h3mantsaini/how-to-choose-less-competitive-bug-bounty-programs-no-vdps-0acc3ddfe9b8?source=rss------bug_bounty-5 | H3mant | bug-bounty-tips, bugbounty-writeup, bug-bounty, bug-bounty-writeup | 28-Apr-2024 |
Starting in Bug Bounty — First Master This Before Hunting. | https://medium.com/@shuklaneel525/starting-in-bug-bounty-first-master-this-before-hunting-74d266a874a0?source=rss------bug_bounty-5 | NEEL SHUKLA | bug-bounty, ethical-hacking, penetration-testing, bounty-program, bug-bounty-tips | 28-Apr-2024 |
Unveiling the Secrets of Internal Pentest Monitoring: A Game-Changer for Security Leaders | https://medium.com/@anirumble6776/unveiling-the-secrets-of-internal-pentest-monitoring-a-game-changer-for-security-leaders-09e57b46f9ef?source=rss------bug_bounty-5 | Aniniikethr12 | bug-bounty, pentesting, cybersecurity | 28-Apr-2024 |
Never use the GET method for Sensitive Actions in Web App: Ft. CSRF | https://secureitmania.medium.com/never-use-the-get-method-for-sensitive-actions-in-web-app-ft-csrf-f106df3c228b?source=rss------bug_bounty-5 | secureITmania | bug-bounty, penetration-testing, information-security, hacking, web-development | 28-Apr-2024 |
Ability to Deny Subaccounts feature from all users | https://medium.com/@mostafaaboelnour19/ability-to-deny-subaccounts-feature-from-all-users-e8fca424ffb9?source=rss------bug_bounty-5 | 0xAb031n0uR | bugbounty-writeup, bug-bounty, cybersecurity | 28-Apr-2024 |
IDOR leads to Account Takeover of all users (ATO). | https://medium.com/@xnum.1/idor-leads-to-account-takeover-of-all-users-ato-27af312c8481?source=rss------bug_bounty-5 | Ahmed Tarek | penteration-testing, account-takeover, bug-bounty, pentesting, hacking | 28-Apr-2024 |
Mi camino en el Bug Bounty comienza, pero antes.. | https://medium.com/@cyb3rbyt3/mi-camino-en-el-bug-bounty-comienza-pero-antes-e649661dddc0?source=rss------bug_bounty-5 | Cib3r Byt3 | bug-bounty | 28-Apr-2024 |
24.2 Lab: HTTP request smuggling, confirming a TE.CL | https://cyberw1ng.medium.com/24-2-lab-http-request-smuggling-confirming-a-te-cl-1917e523470e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, cybersecurity, bug-bounty, hacking | 28-Apr-2024 |
How I Hacked an Indian Government Website and Accessed Their Database Server | https://medium.com/@kamilrahman32/how-i-hacked-an-indian-government-website-and-accessed-their-database-server-02a81842cce8?source=rss------bug_bounty-5 | Kamil Rahuman | bug-hunting, cybersecurity, bug-bounty, hacking | 28-Apr-2024 |
Bug Bounty Challenge (final): Day 8–28/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-final-day-8-28-04-2024-67bac40e6a35?source=rss------bug_bounty-5 | Wallotry | bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, bug-bounty | 28-Apr-2024 |
How We Hacked Voice Communication Solutions Company And Found BAC + Info Disclosure + IDOR 😀 | https://medium.com/@eslam.zayedw/how-we-hacked-voice-communication-solutions-company-and-found-bac-info-disclosure-idor-d-6884037064f0?source=rss------bug_bounty-5 | D0loresH4ze | bug-bounty, bug-bounty-tips, cybersecurity, hacking, penetration-testing | 28-Apr-2024 |
Flamingo Finance Bug Bounty Program | https://medium.com/@kdmytro336/flamingo-finance-bug-bounty-program-e5736de7bfa0?source=rss------bug_bounty-5 | Dmytro Kovalenko | web-security, bug-bounty, security, web3, flamingo-finance | 28-Apr-2024 |
VAPT: The Secret Weapon for Security Superheroes | https://securitylit.medium.com/vapt-the-secret-weapon-for-security-superheroes-27fcdd79b16e?source=rss------bug_bounty-5 | Security Lit Limited | vapt, bug-bounty, cybersecurity, cyberattack | 28-Apr-2024 |
Security Testing Trends 2024 | https://innovateqa.medium.com/security-testing-trends-2024-38d9129fde4d?source=rss------bug_bounty-5 | InnovateQA | security-testing, devsecops, genai, bug-bounty, pentesting | 27-Apr-2024 |
Hidden parameters | https://medium.com/@thewhiteside2000/hidden-parameters-e818d572ea3e?source=rss------bug_bounty-5 | Thewhiteside | bug-bounty, bug-bounty-tips | 27-Apr-2024 |
Top Ten Books for Bug Bounty | https://medium.com/@verylazytech/top-ten-books-for-bug-bounty-95e8a42fb519?source=rss------bug_bounty-5 | Very Lazy Tech | pentesting, money, cybersecurity, bug-bounty, oscp | 27-Apr-2024 |
How to setup in 30 min your Web3 lab in Windows | https://coinsbench.com/how-to-setup-in-30-min-your-web3-lab-in-windows-e0026185b64?source=rss------bug_bounty-5 | Bug Bounty Degen | web3, hacking-tools, ethereum, bug-bounty, blockchain | 27-Apr-2024 |
2:00 AM IDOR leads to some Adrenaline rush | https://imwaiting18.medium.com/2-00-am-idor-leads-to-some-adrenaline-rush-996f710bd55a?source=rss------bug_bounty-5 | imwaiting18 (Virang Rajyaguru) | bug-bounty | 27-Apr-2024 |
Logic Loopholes: The Fun Flaws | https://medium.com/@khode4li/logic-loopholes-the-fun-flaws-5a8e14b09dc7?source=rss------bug_bounty-5 | Khod4li | business-logic, web-penetration, bug-bounty, pentest, xss-attack | 27-Apr-2024 |
How I Exploited an Auth0 Misconfiguration to Bypass Login Restrictions | https://amjadali110.medium.com/how-i-exploited-an-auth0-misconfiguration-to-bypass-login-restrictions-c5d8c20d5505?source=rss------bug_bounty-5 | Amjad Ali | penetration-testing, infosec, bug-bounty-tips, bug-bounty, cybersecurity | 27-Apr-2024 |
How A Blackbox Target Turned To Whitebox With Recon | https://medium.com/@red.whisperer/how-a-blackbox-target-turned-to-whitebox-with-recon-e46536672702?source=rss------bug_bounty-5 | Chux | infosec, cybersecurity, red-team, hacking, bug-bounty | 27-Apr-2024 |
Spotting Sensitive Data in iOS Applications A Penetration Tester’s Guide | https://adipsharif.medium.com/spotting-sensitive-data-in-ios-applications-a-penetration-testers-guide-06f84af9cb0a?source=rss------bug_bounty-5 | ADIP | pentesting, penetration-testing, infosec, information-security, bug-bounty | 27-Apr-2024 |
24.1 Lab: HTTP request smuggling, confirming a CL.TE | https://cyberw1ng.medium.com/24-1-lab-http-request-smuggling-confirming-a-cl-te-c53051cf5875?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, careers, penetration-testing, cybersecurity | 27-Apr-2024 |
privilege escalation allow the app admin to add the user as organization admin (on Microsoft own… | https://medium.com/@amitkhandebharad5/privilege-escalation-allow-the-app-admin-to-add-the-user-as-organization-admin-on-microsoft-own-e24352219a24?source=rss------bug_bounty-5 | Amitkhandebharad | security, bug-bounty, bugcrowd, privilege-escalation, bug-hunter | 27-Apr-2024 |
Exploring the Filliquid Testnet Launch Bug Bounty Program! | https://medium.com/@dekachi17/exploring-the-filliquid-testnet-launch-bug-bounty-program-e67c76557cc5?source=rss------bug_bounty-5 | I. Tobias Darlington | filecoin, bug-bounty, testnet, defi, filliquid | 27-Apr-2024 |
How I Hacked NASA Website and find a Criticial Source Code leak BUG on their website | https://medium.com/@phantom9863/how-i-hacked-nasa-website-and-find-a-criticial-source-code-leak-bug-on-their-website-9be0c38299fd?source=rss------bug_bounty-5 | Phantom | bugs, bug-bounty-tips, bug-fixes, bug-bounty, bug-zero | 27-Apr-2024 |
Unveiling Strategies to Identify Potentially Sensitive Data Stored by iOS Applications | https://adipsharif.medium.com/spotting-sensitive-data-in-ios-applications-a-penetration-testers-guide-06f84af9cb0a?source=rss------bug_bounty-5 | ADIP | pentesting, penetration-testing, infosec, information-security, bug-bounty | 27-Apr-2024 |
What is HTTP request smuggling? | https://cyberw1ng.medium.com/what-is-http-request-smuggling-7ab91748c6db?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, penetration-testing, careers, cybersecurity, bug-bounty | 26-Apr-2024 |
I found a simple but rare misconfiguration and got $200 on a hackerone program | https://harish45.medium.com/i-found-a-simple-but-rare-misconfiguration-and-got-200-on-a-hackerone-program-5863b6c51538?source=rss------bug_bounty-5 | Harish | hackerone, bug-bounty-writeup, bug-bounty, bug-bounty-tips | 26-Apr-2024 |
Private Interact.sh server setup with a web dashboard | https://infosecwriteups.com/private-interact-sh-server-setup-with-a-web-dashboard-6b0320645536?source=rss------bug_bounty-5 | Serj Novoselov | tutorial, hacking, tools, cybersecurity, bug-bounty | 26-Apr-2024 |
Found Multiple Bugs :: XSS, MITM, Sec-MisConf :: In an Educational Site | https://medium.com/@p.ra.dee.p_0xx01/found-multiple-bugs-xss-mitm-sec-misconf-in-an-educational-site-5a3804085da0?source=rss------bug_bounty-5 | Professor0xx01 | security, bugs, bug-bounty, information-security, xss-attack | 26-Apr-2024 |
The Ultimate Guide to CISSP’s Eight Security Territories | https://systemweakness.com/the-ultimate-guide-to-cissps-eight-security-territories-836ec7bec836?source=rss------bug_bounty-5 | Gagan Yalamuri | startup, information-security, information-technology, cybersecurity, bug-bounty | 26-Apr-2024 |
Unraveling the Nuances of 403 Bypass: Strengthening Web Application Security | https://medium.com/@dasmanish6176/unraveling-the-nuances-of-403-bypass-strengthening-web-application-security-ac2e8e885c3f?source=rss------bug_bounty-5 | Dasmanish | 403-forbidden, ethical-hacking, bug-bounty | 26-Apr-2024 |
How to baypass scaping filter(\) | https://medium.com/@thewhiteside2000/how-to-baypass-scaping-filter-14393a23af4f?source=rss------bug_bounty-5 | Thewhiteside | bug-bounty-tips, bug-bounty | 26-Apr-2024 |
How We Prevented a Mass Breach On One OF The Biggest CryptoCurrency Gateways On A Web3 Platform. | https://medium.com/@eslam.zayedw/how-we-prevented-a-mass-breach-on-one-of-the-biggest-cryptocurrency-gateways-on-a-web3-platform-2d8393070b10?source=rss------bug_bounty-5 | D0loresH4ze | cybersecurity, bugbounty-writeup, bug-bounty, bug-bounty-tips, penetration-testing | 26-Apr-2024 |
Found Multiple Bugs :: XSS, MITM, Sec-MisConf :: In a GOVT Educational Site | https://medium.com/@p.ra.dee.p_0xx01/found-multiple-bugs-xss-mitm-sec-misconf-in-an-educational-site-5a3804085da0?source=rss------bug_bounty-5 | Professor0xx01 | security, bugs, bug-bounty, information-security, xss-attack | 26-Apr-2024 |
Bug Bounty Tools | https://medium.com/@malishakali2002/bug-bounty-tools-bedcf7b94f8d?source=rss------bug_bounty-5 | Malisha_kali | ctf, bug-bounty-writeup, reconnaissance, bug-bounty, bug-bounty-tool | 25-Apr-2024 |
this is how I Bypassed the 2FA page in a big site… | https://medium.com/@hannorayousef/this-is-how-i-bypassed-the-2fa-page-in-a-big-site-77c6a3b7596d?source=rss------bug_bounty-5 | Bar_0_0_n | bug-bounty, 2fa, pentesting, bug-bounty-tips, cybersecurity | 25-Apr-2024 |
Android Pentesting Lab Setup step to step . Part -1 | https://medium.com/@adityasingh4180/android-pentesting-lab-setup-step-to-step-part-1-c50d210d118d?source=rss------bug_bounty-5 | Security Empire | bug-bounty-tips, cybersecurity, android-pentesting, bug-bounty, cyber-sec | 25-Apr-2024 |
Bug Bounty Champions: Real Stories of Cybersecurity Triumphs | https://medium.com/@paritoshblogs/bug-bounty-champions-real-stories-of-cybersecurity-triumphs-35c0c976469a?source=rss------bug_bounty-5 | Paritosh | cybersecurity, bug-bounty, ai, hacking, information-security | 25-Apr-2024 |
Understanding 403 Bypass: A Critical Vulnerability in Web Application Security | https://infosecwriteups.com/understanding-403-bypass-a-critical-vulnerability-in-web-application-security-2b9f0318f3a4?source=rss------bug_bounty-5 | Abhishek Bhujang | bug-bounty, 403-bypass, cybersecurity, vulnerability, web-app-security | 25-Apr-2024 |
Hacking one of the largest Legal tech in MENA | https://ahmadmansourr.medium.com/hacking-one-of-the-largest-legal-tech-in-mena-92365c276654?source=rss------bug_bounty-5 | Ahmad Mansour | pentest, hacking, securing, bug-bounty | 25-Apr-2024 |
Cyber Detectives Unite: Advanced Tools for Web Security | https://medium.com/@gaganak.yalamuri/cyber-detectives-unite-advanced-tools-for-web-security-bb675f46b46e?source=rss------bug_bounty-5 | Gagan Yalamuri | ethical-hacking, information-security, cybersecurity, bug-bounty, computer-science | 25-Apr-2024 |
How a ‘.git’ file Leads to Zendesk Panel Takeover | https://sl4x0.medium.com/how-a-git-file-leads-to-zendesk-panel-takeover-11e8d2812076?source=rss------bug_bounty-5 | Abdelrhman Allam (sl4x0) | bug-bounty-tips, admin-panel, pentesting, bug-bounty, hacking | 25-Apr-2024 |
Privilege Escalation to Admin through an Import Feature | https://cristivlad.medium.com/privilege-escalation-to-admin-through-an-import-feature-ac8ac6b6abad?source=rss------bug_bounty-5 | Cristi Vlad | bug-bounty, cybersecurity, penetration-testing, pentesting, infosec | 25-Apr-2024 |
Unexpected gain, arbitrary forgery of user tokens. | https://medium.com/@xiaodongsec/unexpected-gain-arbitrary-forgery-of-user-tokens-cb0dc1c4bd9f?source=rss------bug_bounty-5 | Xiaodong | china, hacker, vulnerability, bug-bounty, money | 25-Apr-2024 |
How to monitor your internal pentesters? | https://medium.com/@levente.b.molnar/how-to-monitor-your-internal-pentesters-6fe0e18f9fd0?source=rss------bug_bounty-5 | Hackrate | bug-bounty, cybersecurity, it-security, penetration-testing-tools, penetration-testing | 25-Apr-2024 |
Find This Easy CSRF in Every Website- A Sweet P4 | https://medium.com/@Ajakcybersecurity/find-this-easy-csrf-in-every-website-a-sweet-p4-372a3198bf47?source=rss------bug_bounty-5 | AjakCybersecurity | penetration-testing, technology, bug-bounty, hacking, cybersecurity | 25-Apr-2024 |
Bug Bounty Challenge (final): Day 5–25/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-final-day-5-25-04-2024-a8d33630fe73?source=rss------bug_bounty-5 | Wallotry | bug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips | 25-Apr-2024 |
Cyber Detectives Unite: Advanced Tools for Web Security | https://systemweakness.com/cyber-detectives-unite-advanced-tools-for-web-security-bb675f46b46e?source=rss------bug_bounty-5 | Gagan Yalamuri | ethical-hacking, information-security, cybersecurity, bug-bounty, computer-science | 25-Apr-2024 |
20.6 Lab: Host validation bypass via connection state attack | 2024 | https://cyberw1ng.medium.com/20-6-lab-host-validation-bypass-via-connection-state-attack-2024-ba5ddd95edc4?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, hacking, cybersecurity, penetration-testing | 25-Apr-2024 |
Privilege escalation mediante Race Condition. | https://medium.com/@duality084/privilege-escalation-mediante-race-condition-0254df6ffbd8?source=rss------bug_bounty-5 | Matias Ramirez | bug-bounty, bug-bounty-tips, bugbounty-writeup, hacking | 25-Apr-2024 |
A very useful asset collection tool: Asset Reconnaissance Lighthouse. | https://medium.com/@xiaodongsec/a-very-useful-asset-collection-tool-asset-reconnaissance-lighthouse-94204f093c92?source=rss------bug_bounty-5 | Xiaodong | hacks, hunting, tools, bug-bounty, china | 24-Apr-2024 |
Hack Stories: Hacking Hackers EP:3 | https://infosecwriteups.com/hack-stories-hacking-hackers-ep-3-11b1f0e002e8?source=rss------bug_bounty-5 | c0d3x27 | software, programming, cybersecurity, hacking, bug-bounty | 24-Apr-2024 |
#1. Bug Bounty POC: IDOR leads to Account Takeover | https://cyb3rmind.medium.com/1-bug-bounty-poc-idor-leads-to-account-takeover-e500701a8004?source=rss------bug_bounty-5 | Cyb3r M!nds | idor, account-takeover, web-penetration-testing, bug-bounty, pentesting | 24-Apr-2024 |
BALMER PEAK AND BUG HUNTING | https://medium.com/@Progsky/balmer-peak-and-bug-hunting-8ea030eaa4a4?source=rss------bug_bounty-5 | Progsky | humor, bug-bounty | 24-Apr-2024 |
20.5 Lab: SSRF via flawed request parsing | 2024 | https://cyberw1ng.medium.com/20-5-lab-ssrf-via-flawed-request-parsing-2024-77a91ca47898?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, careers, cybersecurity, hacking | 24-Apr-2024 |
Unveiling the Hidden: A Guide to Passive Subdomain Enumeration | https://medium.com/@gaganak.yalamuri/unveiling-the-hidden-a-guide-to-passive-subdomain-enumeration-6f1db9a8bb50?source=rss------bug_bounty-5 | Gagan Yalamuri | web-security, technology, security, bug-bounty, hacking | 24-Apr-2024 |
Bug Bounty Challenge (final): Day 4–24/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-final-day-4-24-04-2024-ad138e4d1357?source=rss------bug_bounty-5 | Wallotry | bug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter | 24-Apr-2024 |
Embarking on My Bug Bounty Hunting Journey | https://medium.com/@nikhil-/embarking-on-my-bug-bounty-hunting-journey-d4064cd28905?source=rss------bug_bounty-5 | Nikhil | my-journey-in-tech, cybersecurity, bug-bounty | 24-Apr-2024 |
Unveiling the Hidden: A Guide to Passive Subdomain Enumeration | https://systemweakness.com/unveiling-the-hidden-a-guide-to-passive-subdomain-enumeration-6f1db9a8bb50?source=rss------bug_bounty-5 | Gagan Yalamuri | web-security, technology, security, bug-bounty, hacking | 24-Apr-2024 |
How easy I made $$$$ | https://anasbetis023.medium.com/how-easy-i-made-24edb0fd1364?source=rss------bug_bounty-5 | Anas H Hmaidy | penetration-testing, bug-bounty-tips, cybersecurity, bug-bounty | 23-Apr-2024 |
Bug :: CORS Misconfiguration ~ could lead to disclosure of sensitive info..!!! | https://medium.com/@p.ra.dee.p_0xx01/bug-cors-misconfiguration-could-lead-to-disclosure-of-sensitive-info-ad95e35162fd?source=rss------bug_bounty-5 | Professor0xx01 | cors, bug-bounty, threat-hunting, information-security, vulnerability | 23-Apr-2024 |
What are Some Ethical Considerations for Bug Bounty Hunters When Negotiating Rewards or Disclosing… | https://medium.com/mynextdeveloper/what-are-some-ethical-considerations-for-bug-bounty-hunters-when-negotiating-rewards-or-disclosing-3008e87a6173?source=rss------bug_bounty-5 | MyNextDeveloper | bug-bounty, ethics, data-breach, ethical-hacking, cybersecurity | 23-Apr-2024 |
IOS Penetration Testing: Guide to Static Analysis | https://medium.com/@adityasawant00/ios-penetration-testing-guide-to-static-analysis-4a9dea5d672d?source=rss------bug_bounty-5 | Aditya Sawant | cybersecurity, static-analysis, bug-bounty, i̇os, penetration-testing | 23-Apr-2024 |
How I found my First Valid bug | https://medium.com/@tanyago/how-i-found-my-first-valid-bug-2a9c87ce7a91?source=rss------bug_bounty-5 | Tanya Goyal | bug-bounty, bug-hunting, bug-bounty-writeup, bug-bounty-tips | 23-Apr-2024 |
Bypassing CloudFlare Error 1015: You Are Being Rate Limited | https://medium.com/@mdnafeed3/bypassing-cloudflare-error-1015-you-are-being-rate-limited-f25f4e8f7bb2?source=rss------bug_bounty-5 | H4cker-Nafeed | bug-bounty, vulnerability, cybersecurity, hacking | 23-Apr-2024 |
QUICK ROADMAP TO BUG BOUNTY(things you need to know) | https://medium.com/@joybhavanadam/quick-roadmap-to-bug-bounty-things-you-need-to-know-0aa1b64b9cdf?source=rss------bug_bounty-5 | Adam Paulo Antony | tips, bug-bounty-tips, roadmaps, bug-bounty | 23-Apr-2024 |
VERTICAL RECON : SUBDOMAINS ENUMERATION. THE ART OF RECONISM: | https://hacktivistattacker.medium.com/vertical-recon-subdomains-enumeration-the-art-of-reconism-66d3be42d5d0?source=rss------bug_bounty-5 | Hacktivist-Attacker | subdomain-enumeration, information-gathering, subdomains-enumeration, bug-bounty, reconnaissance | 23-Apr-2024 |
20.4 Lab: Routing-based SSRF Vulnerability | 2024 | https://cyberw1ng.medium.com/20-4-lab-routing-based-ssrf-vulnerability-2024-c34402e8b6dd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, penetration-testing, cybersecurity, bug-bounty, careers | 23-Apr-2024 |
Browser Extension Security Testing: Part 1 | https://codewithvamp.medium.com/browser-extension-security-testing-part-1-0178766d2252?source=rss------bug_bounty-5 | Vaibhav Kumar Srivastava | bug-bounty, hacking, browser-extension, bug-bounty-tips, testing | 23-Apr-2024 |
Email Verification Bypass via Remember Me | https://infosecwriteups.com/email-verification-bypass-via-remember-me-c6d34e6060e9?source=rss------bug_bounty-5 | mo9khu93r | bug-bounty, cybersecurity, pentesting, red-team, hacking | 22-Apr-2024 |
(Insecure Dangerous Component) Developer Backdoor `DebugActivity` included in the Production Game… | https://medium.com/@hazeemyasseer/insecure-dangerous-component-developer-backdoor-debugactivity-included-in-the-production-game-390dddea9363?source=rss------bug_bounty-5 | Hazeem' Yasseer | android-pentesting, android-pentest, bug-bounty-tips, bug-bounty, cybersecurity | 22-Apr-2024 |
20.3 Lab: Web cache poisoning via ambiguous requests | 2024 | https://cyberw1ng.medium.com/20-3-lab-web-cache-poisoning-via-ambiguous-requests-2024-8ab074dec0e4?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, careers, penetration-testing, bug-bounty | 22-Apr-2024 |
How many months took you to find your first bug ?! Let s see | https://medium.com/@aiz3nsk/how-many-months-took-you-to-find-your-first-bug-let-s-see-c48e4cce0c29?source=rss------bug_bounty-5 | Aiz3n Sk | bug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program, bug-bounty-writeup | 22-Apr-2024 |
Don’t overlook any parameter, because the vulnerability lies within! | https://medium.com/@xiaodongsec/dont-overlook-any-parameter-because-the-vulnerability-lies-within-d0107d0c4f3e?source=rss------bug_bounty-5 | Xiaodong | hacker, vulnerability, china, money, bug-bounty | 22-Apr-2024 |
Exploiting PostMessage for cool XSS vulnerabilities | https://manasharsh.medium.com/exploiting-postmessage-for-cool-xss-vulnerabilities-cbea132398e1?source=rss------bug_bounty-5 | Manas Harsh | hacking, xss-vulnerability, bug-bounty, application-security | 22-Apr-2024 |
Google Map API Key Exposure: A Bug Bounty Journey | https://medium.com/@iamrizwanvp/google-map-api-key-exposure-a-bug-bounty-journey-6e0bb1560961?source=rss------bug_bounty-5 | RIZWAN | pentesting, bug-bounty, cybersecurity, bugbounty-writeup | 22-Apr-2024 |
Auto Bug Bounty Script — Unleash Your Hunting Potential | https://medium.com/@psychomong/auto-bug-bounty-script-unleash-your-hunting-potential-7ecd6ad417ea?source=rss------bug_bounty-5 | psychomong | bug-bounty, vapt, hacker, bug-bounty-tips, automation | 22-Apr-2024 |
How i Find Database Credentials via Mass Recon & Recon Scoping on Gcash | https://ph-hitachi.medium.com/how-i-find-database-credentials-via-mass-recon-recon-scoping-on-gcash-f43a0dae3ec1?source=rss------bug_bounty-5 | Ph.Hitachi | pentest, reconnaissance, recon, bug-bounty, gcash | 22-Apr-2024 |
What is SSRF and how to Detect them on Web Application | https://alvinbijo.medium.com/what-is-ssrf-and-how-to-detect-them-on-web-application-687820c4d097?source=rss------bug_bounty-5 | Alvin bijo | bug-bounty-tips, bug-bounty, xs, ssrf | 22-Apr-2024 |
Bug Bounty Challenge (final): Day 3–22/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-final-day-3-22-04-2024-51adde52bf60?source=rss------bug_bounty-5 | Wallotry | bug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-tips | 22-Apr-2024 |
Cross-Site Scripting Detection | https://medium.com/@b.c114303/cross-site-scripting-detection-b35e4bd744b3?source=rss------bug_bounty-5 | Anni0p | bug-bounty, cybersecurity, xss-attack | 22-Apr-2024 |
Beware of Method Swapping: Unveiling a Potential Security Vulnerability | https://infosecwriteups.com/beware-of-method-swapping-unveiling-a-potential-security-vulnerability-cc66c867e3b2?source=rss------bug_bounty-5 | HooS | bug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips | 22-Apr-2024 |
How to avoid burnouts in bugbounty? | https://medium.com/@mr_prey3r/how-to-avoid-burnouts-in-bugbounty-4d97e14f1ff1?source=rss------bug_bounty-5 | Rubayet Hasan aka MR_Prey3r | bug-bounty-tips, bug-bounty, bug-bounty-writeup | 22-Apr-2024 |
Beware of Method Swapping: Unveiling a Potential Security Vulnerability | https://medium.com/@hoosgamer/beware-of-method-swapping-unveiling-a-potential-security-vulnerability-cc66c867e3b2?source=rss------bug_bounty-5 | HooS | bug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips | 22-Apr-2024 |
Beware of Method Swapping: Unveiling a Potential Security Vulnerability | https://medium.com/@hohky_/beware-of-method-swapping-unveiling-a-potential-security-vulnerability-cc66c867e3b2?source=rss------bug_bounty-5 | Hohky | bug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips | 22-Apr-2024 |
Project discovery`s Chaos: Subdomains Discovery for all Bug Bounty Programs | https://medium.com/@miladkeivanfar/project-discovery-s-chaos-subdomains-discovery-for-all-bug-bounty-programs-b9e39fe3589d?source=rss------bug_bounty-5 | Milad keivanfar | security, subdomains-enumeration, bug-bounty, penetration-testing | 21-Apr-2024 |
SQL Injection Vulnerability in WHERE Clause Allowing Retrieval of Hidden Data | https://medium.com/@marduk.i.am/sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-96beb7f99d0c?source=rss------bug_bounty-5 | Marduk I Am | portswigger-lab, sql-injection, information-security, bug-bounty, cybersecurity | 21-Apr-2024 |
Unraveling the Secrets of CWE and CVE in easily way | https://medium.com/@abdallahhendy15/unraveling-the-secrets-of-cwe-and-cve-in-easily-way-fc332b0294d6?source=rss------bug_bounty-5 | Abdallahhendy | penetration-testing, cwe, cybersecurity, cve, bug-bounty | 21-Apr-2024 |
Such a simple zero-payment vulnerability. | https://medium.com/@xiaodongsec/such-a-simple-zero-payment-vulnerability-8e29421cbf58?source=rss------bug_bounty-5 | Xiaodong | money, vulnerability, bug-bounty, china, hacker | 21-Apr-2024 |
Linux Mastery, Practical Exercises for Effective Command Line Skills | https://medium.com/@muhammadriva/linux-mastery-practical-exercises-for-effective-command-line-skills-e769d1010f73?source=rss------bug_bounty-5 | Muhammad Riva | cyber-security-awareness, penetration-testing, cybersecurity, bug-bounty, kali-linux | 21-Apr-2024 |
What is server-side template injection? | https://cyberw1ng.medium.com/what-is-server-side-template-injection-77b7e4d0cad2?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, cybersecurity, penetration-testing, careers | 21-Apr-2024 |
How I could have hacked one LG website with a simple recon… | https://medium.com/@rubixrub/how-i-could-have-hacked-one-lg-website-with-a-simple-recon-8306e6e4be54?source=rss------bug_bounty-5 | RubX | hacking, bug-bounty, cybersecurity, bug-bounty-tips | 21-Apr-2024 |
HACKTHEBOX CBBH REVIEW | https://medium.com/@admiralhr99/hackthebox-cbbh-review-76944984a573?source=rss------bug_bounty-5 | Admiralhr | web-application-security, bug-bounty, cybersecurity, cbbh, hackthebox | 21-Apr-2024 |
How do I get Started in Cyber Security? — My Perspective & Learning Path! | https://medium.com/@aadhaarkoul2002/how-do-i-get-started-in-cyber-security-my-perspective-learning-path-cd45846dbe63?source=rss------bug_bounty-5 | Aadhaarkoul | bug-bounty, infosec, technology, hacking, learning | 21-Apr-2024 |
Bug Bounty Challenge (final): Day 1–21/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-final-day-1-21-04-2024-f832f23f0464?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips | 21-Apr-2024 |
Bug Bounty Challenge (final): Day 2–21/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-final-day-1-21-04-2024-f832f23f0464?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips | 21-Apr-2024 |
Unsecured Content Provider leads to Account Takeover | https://medium.com/@ahmedelmorsy312/unsecure-content-provider-led-to-account-takeover-1e45d716bd7c?source=rss------bug_bounty-5 | Ahmed Elmorsi | hacker, bugbounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty | 20-Apr-2024 |
Best Bug Bounty Tips | https://bevijaygupta.medium.com/best-bug-bounty-tips-af66fd076eb4?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-tips, bug-fixes, bugs, bug-bounty, bug-zero | 20-Apr-2024 |
Unraveling the Millennium Bug: A Digital Apocalypse | https://medium.com/@ak123aryan/unraveling-the-millennium-bug-a-digital-apocalypse-39af9dbadc0b?source=rss------bug_bounty-5 | Akshay Aryan | java, bugs, software-development, bug-bounty | 20-Apr-2024 |
My methodology for hunting for open Redirect vulnerabilities | https://medium.com/@hozayfan782/my-methodology-for-hunting-for-open-redirect-vulnerabilities-fb79f2d24c22?source=rss------bug_bounty-5 | Hozayfa Nasser | tips, open-redirect, bug-bounty, tips-and-tricks | 20-Apr-2024 |
19.5 Lab: Finding a hidden GraphQL endpoint | 2024 | https://cyberw1ng.medium.com/19-5-lab-finding-a-hidden-graphql-endpoint-2024-aeb8cec440d1?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, careers, hacking, penetration-testing | 20-Apr-2024 |
Paramspider Upgraded Version | https://medium.com/@pushkrajdhuri07/paramspider-upgraded-version-b14c1e8f9810?source=rss------bug_bounty-5 | PushkaraJ | hacking, bug-bounty, cybersecurity, redteam-tool, infosec | 20-Apr-2024 |
Bug Bounty Challenge (final): Day 1–20/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-final-day-1-20-04-2024-2db4a6c86cc2?source=rss------bug_bounty-5 | Wallotry | bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup, bug-bounty | 20-Apr-2024 |
April 2024 Reading List | https://daytontp.medium.com/april-2024-reading-list-e570dd5143c9?source=rss------bug_bounty-5 | Dayton Pruet | bug-bounty, network-security, cloud-computing, google-cloud-platform, linux | 19-Apr-2024 |
Race Condition on Change Email Leads to Arbitrary Email Forgery | https://medium.com/@blackarazi/race-condition-on-change-email-leads-to-arbitrary-email-forgery-741b720ac840?source=rss------bug_bounty-5 | Azhari Harahap | bug-bounty, application-security, api-security, race-condition, bug-bounty-writeup | 19-Apr-2024 |
Blockchain Bug Bounty | https://bevijaygupta.medium.com/blockchain-bug-bounty-a84c5f5ac684?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty, bug-bounty-tips, blockchain, blockchain-technology, bugs | 19-Apr-2024 |
OTP Bypass Security Issues and Remediations | https://pratham-08.medium.com/otp-bypass-security-issues-and-remediations-f207eecebbea?source=rss------bug_bounty-5 | Pratham Mittal | secure-coding, software-development, otp-bypass, bug-bounty, security | 19-Apr-2024 |
Reconnaissance in Bug Bounty Programs | https://bevijaygupta.medium.com/reconnaissance-in-bug-bounty-programs-d46fadeb4508?source=rss------bug_bounty-5 | Vijay Gupta | bugs, bug-bounty-tips, footprinting, reconnaissance, bug-bounty | 19-Apr-2024 |
First valid critical vulnerability of mine | https://medium.com/@shalabhdevliyal/first-valid-critical-vulnerability-of-mine-1143ceaffefc?source=rss------bug_bounty-5 | Shalabhdevliyal | vulnerability, hackerone, bug-bounty, cybersecurity | 19-Apr-2024 |
OOGWAY — Vulnerability Search Tool | https://symbolexe.medium.com/oogway-vulnerability-search-tool-494587f0c00d?source=rss------bug_bounty-5 | Yasin | bug-bounty, cybersecurity, vulnerability, cve | 19-Apr-2024 |
An Interesting Case of XSS Caused by File Upload | https://medium.com/@xiaodongsec/an-interesting-case-of-xss-caused-by-file-upload-86bdfb09408f?source=rss------bug_bounty-5 | Xiaodong | china, security, bug-bounty, money, hacks | 19-Apr-2024 |
How I Disclosed Employees PII | The mistake I made..| | https://medium.com/@the.bugcrowd.testerpawan/how-i-disclosed-employees-pii-the-mistake-i-made-ca299a155440?source=rss------bug_bounty-5 | the_air_sharma | bug-bounty-hunter, bug-bounty-program, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 19-Apr-2024 |
19.4 Lab: Performing CSRF exploits over GraphQL | 2024 | https://cyberw1ng.medium.com/19-4-lab-performing-csrf-exploits-over-graphql-2024-8362148aee53?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, careers, penetration-testing, hacking | 19-Apr-2024 |
let’s Unlock Advanced Permissions | https://rofes1337.medium.com/lets-unlock-advanced-permissions-d8529e9048e4?source=rss------bug_bounty-5 | Yousef Muhammedelkhir | bug-bounty-tips, penteration-testing, bug-bounty, web-app-pentesting, privilege-escalation | 19-Apr-2024 |
Defence Methodologie | https://medium.com/@haticezkmnl/defence-methodologie-bd3aa669d90e?source=rss------bug_bounty-5 | Hatice Zehra Kamanlı | pentesting, bug-bounty, soc, prevention, cybersecurity | 19-Apr-2024 |
A CRASH COURSE ON NETWORK PROTOCOLS FOR BUG HUNTERS | https://medium.com/@binarymaster/a-crash-course-on-network-protocols-for-bug-hunters-d2648b79ab0e?source=rss------bug_bounty-5 | Binarymaster | hacking, bug-bounty, network | 19-Apr-2024 |
Rest API Pentesting Resources | https://medium.com/@m14r41/rest-api-pentesting-resources-3155985b8c4d?source=rss------bug_bounty-5 | Madhurendra Kumar | pentesting, checklist, bug-bounty, api, hacking | 19-Apr-2024 |
A CRASH COURSE ON NETWORK PROTOCOLS FOR BUG HUNTERS | https://medium.com/@Progsky/a-crash-course-on-network-protocols-for-bug-hunters-d2648b79ab0e?source=rss------bug_bounty-5 | Progsky | hacking, bug-bounty, network | 19-Apr-2024 |
Stored XSS chain on NASA VDP | https://medium.com/@ph4nt0mbyt3/stored-xss-chain-on-nasa-vdp-93814e2df863?source=rss------bug_bounty-5 | ph4nt0mbyt3 | bug-bounty, vulnerability, nasa | 18-Apr-2024 |
Introducing SHIFU: Your Comprehensive CVE Finder Toolkit | https://symbolexe.medium.com/introducing-shifu-your-comprehensive-cve-finder-toolkit-4b036cce55c6?source=rss------bug_bounty-5 | Yasin | cybersecurity, cve, bug-bounty | 18-Apr-2024 |
How Shodan Helps me to Find SMTP misconfiguration | https://thesafdari.medium.com/how-shodan-helps-me-to-find-smtp-misconfiguration-56f63f1116a5?source=rss------bug_bounty-5 | Milad Safdari | bug-bounty, finding-smtp-misconfig, finding-vulnerabilities | 18-Apr-2024 |
Jamtangan Bug Bounty | https://bevijaygupta.medium.com/jamtangan-bug-bounty-7c49fc09881f?source=rss------bug_bounty-5 | Vijay Gupta | bugs, bug-zero, bug-bounty-tips, bug-bounty, jam-tangan | 18-Apr-2024 |
IDOR Bug Bounty | https://bevijaygupta.medium.com/idor-bug-bounty-282d62d91691?source=rss------bug_bounty-5 | Vijay Gupta | idor, bugs, bug-zero, bug-bounty, bug-bounty-tips | 18-Apr-2024 |
Yahoo Bug Bounty | https://bevijaygupta.medium.com/yahoo-bug-bounty-a8a711e9ec3a?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty, yahoo-bug-bounty, bugs, yahoo, bug-bounty-tips | 18-Apr-2024 |
A Beginner’s Guide To Insecure Deserialization | https://medium.com/@four0four/a-beginners-guide-to-insecure-deserialization-d359adffb207?source=rss------bug_bounty-5 | four0four | programming, cybersecurity, bug-bounty | 18-Apr-2024 |
How I found HTMLi on main domain of program | https://medium.com/@jeetpal2007/how-i-found-htmli-on-main-domain-of-program-5c88a8e1af9a?source=rss------bug_bounty-5 | JEETPAL | bug-bounty-tips, html-injection, bug-bounty | 18-Apr-2024 |
IDOR Lead to Data Leak | https://melguerdawi.medium.com/idor-lead-to-data-leak-c5107094f9ca?source=rss------bug_bounty-5 | Mostafa Elguerdawi | bug-bounty, cybersecurity, bug-bounty-tips | 18-Apr-2024 |
VulnersX Tool | https://symbolexe.medium.com/vulnersx-tool-7a10b3090bbf?source=rss------bug_bounty-5 | Yasin | cybersecurity, cve, vulnerability, bug-bounty | 18-Apr-2024 |
How Shodan Helps me to Find SMTP misconfiguration | https://thesafdari.medium.com/how-shodan-helps-me-to-find-smtp-misconfiguration-56f63f1116a5?source=rss------bug_bounty-5 | Milad Safdari (TheSafdari) | bug-bounty, finding-smtp-misconfig, finding-vulnerabilities | 18-Apr-2024 |
How i Hacked Globe/Gcash services and manage to get access on multiple databases including ssh… | https://ph-hitachi.medium.com/how-i-hacked-globe-gcash-services-and-manage-to-get-access-on-multiple-databases-including-ssh-9ca781348e8f?source=rss------bug_bounty-5 | Ph.Hitachi | bug-bounty, public-disclosure, pentesting, gcash | 18-Apr-2024 |
SSL Pinning Bypass Simplified | https://medium.com/@evilprince007/ssl-pinning-bypass-simplified-48c0d5294a6c?source=rss------bug_bounty-5 | Prathamesh Khatavkar | bug-bounty, cybersecurity, android | 18-Apr-2024 |
Unveiling Access Control Flaws: Taking over an entire organization | https://medium.com/@im0thmann/unveiling-access-control-flaws-taking-over-an-entire-organization-23505eb75d89?source=rss------bug_bounty-5 | mohamed othman | cybersecurity, bug-bounty | 18-Apr-2024 |
19.3 Lab: Bypassing GraphQL brute force protections | 2024 | https://cyberw1ng.medium.com/19-3-lab-bypassing-graphql-brute-force-protections-2024-ae9df787c7c7?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, penetration-testing, careers, bug-bounty, hacking | 18-Apr-2024 |
How I Used the ‘Everything’ Service to Uncover Two High-Risk Threats and Earn Over $700 in Rewards | https://medium.com/@xiaodongsec/how-i-used-the-everything-service-to-uncover-two-high-risk-threats-and-earn-over-700-in-rewards-c42d002707ad?source=rss------bug_bounty-5 | Xiaodong | china, bug-bounty, money, hacker, vulnerability | 17-Apr-2024 |
Uber Bug Bounty Program | https://bevijaygupta.medium.com/uber-bug-bounty-program-04cfe5050cd1?source=rss------bug_bounty-5 | Vijay Gupta | uber, bug-bounty, bug-bounty-tips, bug-zero, bugs | 17-Apr-2024 |
“Mastering Bug Bounty Hunting: Unveiling Secrets to Finding Hidden Vulnerabilities” | https://medium.com/@faizalin5555/mastering-bug-bounty-hunting-unveiling-secrets-to-finding-hidden-vulnerabilities-0b5088e213d4?source=rss------bug_bounty-5 | Faizal N | bug-bounty-tips, bug-bounty, cybersecurity, penetration-testing, vulnerability | 17-Apr-2024 |
Bug Bounty POC | https://bevijaygupta.medium.com/bug-bounty-poc-e7fefda2fad0?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty, poc, bug-bounty-tips, bug-zero, bugs | 17-Apr-2024 |
Vulnerability Bounty Tool Recommendation: WIH | https://medium.com/@xiaodongsec/vulnerability-bounty-tool-recommendation-wih-1e7b559b5fbc?source=rss------bug_bounty-5 | Xiaodong | china, tools, hacker, bug-bounty, money | 17-Apr-2024 |
Leveraging XSS to Execute CSRF Attacks | https://medium.com/@dodir.sec/leveraging-xss-to-execute-csrf-attacks-421edb662b40?source=rss------bug_bounty-5 | dodir | bug-bounty, cybersecurity, penetration-testing, csrf, xss-attack | 17-Apr-2024 |
API Mis configuration: How Employee can change Manager’s review for him. (Part 2) | https://interc3pt3r.medium.com/api-mis-configuration-how-employee-can-change-managers-review-for-him-part-2-28b242216b40?source=rss------bug_bounty-5 | Aneesha D | web-development, bug-bounty, tips, cybersecurity, hacking | 17-Apr-2024 |
19.2 Lab: Accidental exposure of private GraphQL fields | 2024 | https://cyberw1ng.medium.com/19-2-lab-accidental-exposure-of-private-graphql-fields-2024-0d0836dc82ba?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, penetration-testing, hacking, bug-bounty, careers | 17-Apr-2024 |
How I approach Account takeover due to no rate limit on OTP | https://medium.com/@jeetpal2007/how-i-approach-account-takeover-due-to-no-rate-limit-on-otp-10a7fe056184?source=rss------bug_bounty-5 | JEETPAL | bug-bounty, bountytips, no-rate-limit, account-takeover | 17-Apr-2024 |
How I found a P1 bug in just 40 minutes | https://medium.com/@jeetpal2007/how-i-found-a-p1-bug-in-just-40-minutes-4f3614abe974?source=rss------bug_bounty-5 | JEETPAL | api-key, p1bugs, bug-bounty-tips, bug-bounty | 17-Apr-2024 |
OTP Bruteforce Chained with Response Manipulation Leads to Zero Click Account Takeover | https://medium.com/@cyberpro151/otp-bruteforce-chained-with-response-manipulation-leads-to-zero-click-account-takeover-7d1bee79a19f?source=rss------bug_bounty-5 | cyberpro151 | cybersecurity, account-takeover, bug-bounty, web-hacking, hacking | 17-Apr-2024 |
(Part 2) API Mis configuration: How Employee can change Manager’s review for him. | https://interc3pt3r.medium.com/api-mis-configuration-how-employee-can-change-managers-review-for-him-part-2-28b242216b40?source=rss------bug_bounty-5 | Aneesha D | web-development, bug-bounty, tips, cybersecurity, hacking | 17-Apr-2024 |
TCM Security — Practical Ethical Hacking Course — Find & Exploit Common Web Vulnerabilities — XSS… | https://shibushivansh.medium.com/tcm-security-practical-ethical-hacking-course-find-exploit-common-web-vulnerabilities-xss-00dbb33d45e2?source=rss------bug_bounty-5 | Shivansh Seth | cross-site-scripting, blog, command-injection, bug-bounty, cybersecurity | 16-Apr-2024 |
PayPal Bug Bounty | https://bevijaygupta.medium.com/paypal-bug-bounty-7838f8bc5e4b?source=rss------bug_bounty-5 | Vijay Gupta | bugs, paypal, paypal-account, bug-bounty, bug-bounty-tips | 16-Apr-2024 |
Discord Bug Bounty | https://bevijaygupta.medium.com/discord-bug-bounty-e2d0d3829c99?source=rss------bug_bounty-5 | Vijay Gupta | bugs, discord, bug-bounty-tips, bug-bounty, discord-bot | 16-Apr-2024 |
Top 5 books to learn bug hunting beginner to advance | https://medium.com/@buglearners.com/top-5-books-to-learn-bug-hunting-beginner-to-advance-9006c34ea126?source=rss------bug_bounty-5 | Buglearners.com | bug-bounty, cybersecurity, bug-hunting, advance, books | 16-Apr-2024 |
18.4 Lab: Exploiting Ruby deserialization using a documented gadget chain | 2024 | https://cyberw1ng.medium.com/18-4-lab-exploiting-ruby-deserialization-using-a-documented-gadget-chain-2024-2e02be94c6f8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, careers, bug-bounty, penetration-testing | 16-Apr-2024 |
Email Template Draft Feature Triggers SSRF, Earns ¥3000! | https://medium.com/@xiaodongsec/email-template-draft-feature-triggers-ssrf-earns-3000-d59af1ffbae6?source=rss------bug_bounty-5 | Xiaodong | hacker, vulnerability, china, money, bug-bounty | 16-Apr-2024 |
WhatWeb!? | https://thehackersmeetup.medium.com/whatweb-c132eb13927c?source=rss------bug_bounty-5 | The Hackers Meetup | tools, bug-bounty, whatweb, kali, web | 16-Apr-2024 |
XSS (Міжсайтовий скриптинг): детальний розбір | https://medium.com/@max.pavlenko.dev/xss-%D0%BC%D1%96%D0%B6%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2%D0%B8%D0%B9-%D1%81%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%B8%D0%BD%D0%B3-%D0%B4%D0%B5%D1%82%D0%B0%D0%BB%D1%8C%D0%BD%D0%B8%D0%B9-%D1%80%D0%BE%D0%B7%D0%B1%D1%96%D1%80-23c36e5a7483?source=rss------bug_bounty-5 | Max Pavlenko (Certified Vue.js Developer) | bug-bounty, security, front-end-development, xss-vulnerability | 16-Apr-2024 |
Reverse Engineering Sitecore Vulnerabilities-3 | https://medium.com/@nilayp799/reverse-engineering-sitecore-vulnerabilities-3-ba8a99563ca4?source=rss------bug_bounty-5 | Nilay Patel | bug-bounty, vulnerability, automation, hacking, sitecore | 16-Apr-2024 |
Reverse Shell Scripting Concept. | https://rahman0x01.medium.com/reverse-shell-scripting-concept-1bf1f60686a7?source=rss------bug_bounty-5 | rahman0x01 | netcat, bash-scripting, bug-bounty, reverse-shell, bash-script | 16-Apr-2024 |
I Found An IDOR Flaw where users' attached pictures and documents were leaked. | https://medium.com/@Ajakcybersecurity/i-found-an-idor-flaw-where-users-attached-pictures-and-documents-were-leaked-961d564ce72f?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, cybersecurity, money, bug-bounty, penetration-testing | 16-Apr-2024 |
Bug Bounty Automation | https://bevijaygupta.medium.com/bug-bounty-automation-f1fa68e3d903?source=rss------bug_bounty-5 | Vijay Gupta | automation-tools, automation-testing, bug-bounty-tips, automation, bug-bounty | 15-Apr-2024 |
Dell Bug Bounty | https://bevijaygupta.medium.com/dell-bug-bounty-a578dc53d7bb?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-tips, dell, dell-laptop, bugs, bug-bounty | 15-Apr-2024 |
CVE-2024–3400: A Critical Vulnerability in PAN-OS Firewalls | https://infosecwriteups.com/cve-2024-3400-a-critical-vulnerability-in-pan-os-firewalls-a7f8c66a10d2?source=rss------bug_bounty-5 | ElNiak | bug-bounty, penetration-testing, command-injection, firewall, cybersecurity | 15-Apr-2024 |
Story of a strange IDOR without ID | https://m7arm4n.medium.com/story-of-a-strange-idor-without-id-6735fd3dcd27?source=rss------bug_bounty-5 | M7arm4n | hacking, bug-bounty, bug-bounty-tips, security, hacker | 15-Apr-2024 |
CSRF (1/3) | https://medium.com/@karimelsayed0x1/csrf-1-3-22050bf9c92c?source=rss------bug_bounty-5 | z3r0xk | bug-bounty, bug-bounty-tips, bug-bounty-writeup, csrf, web-attack | 15-Apr-2024 |
Advance XSS payload List | https://medium.com/@psychomong/advance-xss-payload-list-7b5d1a4df61c?source=rss------bug_bounty-5 | psychomong | hacking, bug-bounty-tips, bugs, bug-bounty, xss-attack | 15-Apr-2024 |
18.3 Lab: Exploiting PHP deserialization with a pre-built gadget chain | 2024 | https://cyberw1ng.medium.com/18-3-lab-exploiting-php-deserialization-with-a-pre-built-gadget-chain-2024-64dcb875e23c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, hacking, penetration-testing, bug-bounty | 15-Apr-2024 |
How I got JS Execution (DOM XSS) Via CSTI | https://medium.com/@amrkadry7/how-i-got-js-execution-dom-xss-via-csti-58a4171c2963?source=rss------bug_bounty-5 | Amr | cybersecurity, bug-bounty | 15-Apr-2024 |
Acer Bug Bounty | https://bevijaygupta.medium.com/acer-bug-bounty-9ce4d49c1051?source=rss------bug_bounty-5 | Vijay Gupta | acer, bug-zero, bug-bounty, bug-bounty-tips, bugs | 14-Apr-2024 |
My Bug Bounty Journey | https://bevijaygupta.medium.com/my-bug-bounty-journey-b07f663c8ff8?source=rss------bug_bounty-5 | Vijay Gupta | bug-zero, bug-bounty-tips, my-journey, bugs, bug-bounty | 14-Apr-2024 |
Ten Tips You Have to Know for WordPress Bug Bounty | https://medium.com/@zpbrent/ten-tips-you-have-to-know-for-wordpress-bug-bounty-b2b070f07add?source=rss------bug_bounty-5 | Peng Zhou | bug-bounty, wordpress, infosec, hacker, bug-bounty-tips | 14-Apr-2024 |
How I Exploited the Account Cancellation Feature to Farm Rewards | https://medium.com/@xiaodongsec/how-i-exploited-the-account-cancellation-feature-to-farm-rewards-19f6d6c0e181?source=rss------bug_bounty-5 | Xiaodong | hacks, bug-bounty, skills, vulnerability, china | 14-Apr-2024 |
How I Hack Web Applications (Part 1) | https://infosecwriteups.com/how-i-hack-web-applications-part-1-0833c002cc9a?source=rss------bug_bounty-5 | Rafin Rahman Chy | ethical-hacking, penetration-testing, bug-bounty, infosec, application-security | 14-Apr-2024 |
A unique SSRF hunt ( Invite user functionality vulnerable to blind SSRF attack ) | https://medium.com/@abhishek8602314652/a-unique-ssrf-hunt-invite-user-functionality-vulnerable-to-blind-ssrf-attack-c6804b2b398b?source=rss------bug_bounty-5 | Abhishek singh ( a6h1) | bug-bounty, ssrf, bug-bounty-tips, bug-hunting, bug-bounty-writeup | 14-Apr-2024 |
A click can cause 1600$ | Auth0 misconfig . | https://naumankh4n.medium.com/a-click-can-cause-1600-auth0-misconfig-9234aedad55c?source=rss------bug_bounty-5 | Nauman Khan | penetration-testing, bug-bounty, hacking, cybersecurity, money | 14-Apr-2024 |
18.2 Lab: Exploiting Java deserialization with Apache Commons | 2024 | https://cyberw1ng.medium.com/18-2-lab-exploiting-java-deserialization-with-apache-commons-2024-7ba379e97b52?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, cybersecurity, careers, penetration-testing | 14-Apr-2024 |
Access to transparent security testing — Why we made HackGATE™ available to everyone | https://medium.com/@levente.b.molnar/access-to-transparent-security-testing-why-we-made-hackgate-available-to-everyone-11c3e0efe44c?source=rss------bug_bounty-5 | Hackrate | bug-bounty, penetration-testing, pentesting, security, cybersecurity | 14-Apr-2024 |
THE ART OF RECONISM: HORIZONTAL RECON FOR PENETRATION TESTING: | https://hacktivistattacker.medium.com/the-art-of-reconism-horizontal-recon-for-penetration-testing-fea5399af186?source=rss------bug_bounty-5 | Hacktivist-Attacker | reconnaissance, horizonatl-reconaissance, scope-finding, bug-bounty, information-gathering | 13-Apr-2024 |
Power of CSRF | https://medium.com/@hillrane24/power-of-csrf-43b736c74280?source=rss------bug_bounty-5 | NIKHIL RANE | otp-bypass, bug-bounty, csrf, authentication-bypass | 13-Apr-2024 |
Unauthorized Admin Account Access via Google Authentication | https://nullr3x.medium.com/unauthorized-admin-account-access-via-google-authentication-a38d42577ac9?source=rss------bug_bounty-5 | Sahil Mehra | cybersecurity, web, bug-bounty, vulnerability, penetration-testing | 13-Apr-2024 |
Bancor Bug Bounty | https://bevijaygupta.medium.com/bancor-bug-bounty-9c40e9389ab5?source=rss------bug_bounty-5 | Vijay Gupta | bug-zero, bug-bounty, bug-bounty-tips, bugs, bancor | 13-Apr-2024 |
Facebook Bug Bounty | https://bevijaygupta.medium.com/facebook-bug-bounty-e9e73ce56f11?source=rss------bug_bounty-5 | Vijay Gupta | facebook, bug-bounty-tips, bug-bounty, bugs, facebook-bug-bounty | 13-Apr-2024 |
Menggali Potensi Bug Bounty: Menghasilkan Uang atau Menemukan Keamanan? | https://medium.com/@kaizen100801/menggali-potensi-bug-bounty-menghasilkan-uang-atau-menemukan-keamanan-170c44d2904e?source=rss------bug_bounty-5 | Zen | bug-bounty, bug-bounty-tips, cybersecurity, hacking, cyber-security-awareness | 13-Apr-2024 |
Api Bug Bounty | https://bevijaygupta.medium.com/api-bug-bounty-5f2aafced9a4?source=rss------bug_bounty-5 | Vijay Gupta | bugs, api, bug-bounty, api-development, bug-bounty-tips | 13-Apr-2024 |
How I saved over 200,000 job seekers’ data on staterecruit.in from a potential data breach. | https://brutexploiter.medium.com/how-i-saved-over-200-000-job-seekers-data-on-staterecruit-in-from-a-potential-data-breach-7db5bad1c9e0?source=rss------bug_bounty-5 | brutexploiter | cybersecurity, web-development, web-security, sql-injection, bug-bounty | 13-Apr-2024 |
How do insecure deserialization vulnerabilities arise? | https://cyberw1ng.medium.com/how-do-insecure-deserialization-vulnerabilities-arise-233c336b305b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, penetration-testing, careers, hacking, bug-bounty | 13-Apr-2024 |
How Did I Easily Find Stored XSS at Apple and earn $5000 ? | https://medium.com/@xrypt0/how-did-i-easily-find-stored-xss-at-apple-and-earn-5000-3aadbae054b2?source=rss------bug_bounty-5 | Crypto | security, xss-attack, apple, bug-bounty, web-security | 13-Apr-2024 |
TryHackMe Creative Write-Up | https://blog.devgenius.io/tryhackme-creative-write-up-f29e2cdbf7ae?source=rss------bug_bounty-5 | Joseph Alan | tryhackme-walkthrough, tryhackme, cybersecurity, tryhackme-writeup, bug-bounty | 13-Apr-2024 |
Broken Access Control (IDOR) on Forgot Password Could Lead to Attacker Change Password for Every… | https://medium.com/@blackarazi/broken-access-control-idor-on-forgot-password-could-lead-to-attacker-change-password-for-every-e1b18e075b5a?source=rss------bug_bounty-5 | Azhari Harahap | bug-bounty-writeup, bug-bounty, account-takeover, application-security, broken-access-control | 12-Apr-2024 |
How I managed to bypass 2FA on image line | https://medium.com/@bishwajeetb1/how-i-managed-to-bypass-2fa-on-image-line-11f123fc32ea?source=rss------bug_bounty-5 | Bishwajeet | cybersecurity, bug-bounty, application-security, web-application-testing, web-application-security | 12-Apr-2024 |
Using E-Notation to bypass Access Control restrictions to access arbitrary user PII-discussions | https://medium.com/@keizobugbounty/using-e-notation-to-bypass-access-control-restrictions-to-access-arbitrary-user-pii-discussions-1fa014b544d4?source=rss------bug_bounty-5 | Keizo | bugbounty-writeup, cybersecurity, bug-bounty-writeup, bug-bounty, bug-bounty-tips | 12-Apr-2024 |
The Critical Role Of Bug Bounties in Ensuring Web3 Security | https://securrtech.medium.com/the-critical-role-of-bug-bounties-in-ensuring-web3-security-084cf518234b?source=rss------bug_bounty-5 | Securr | web3-security, bug-bounty, web3 | 12-Apr-2024 |
How I Find My First Internet Bug Bounty for Apache Airflow | https://medium.com/@zpbrent/how-i-find-my-first-internet-bug-bounty-for-apache-airflow-9d3c1ec29b24?source=rss------bug_bounty-5 | Peng Zhou | bug-bounty, open-source, airflow, python, infosec | 12-Apr-2024 |
Bug Zero at a Glance [16–31 March] | https://blog.bugzero.io/bug-zero-at-a-glance-16-31-march-4f4cd6823a75?source=rss------bug_bounty-5 | Januka Dharmapriya | cybersecurity, sri-lanka, bug-zero, bug-bounty, newsletter | 12-Apr-2024 |
How i Almost got 2K$ through a Race condition | https://medium.com/@0x3adly/how-i-almost-got-2k-through-a-race-condition-3b09232b3a25?source=rss------bug_bounty-5 | Anas Eladly ( 0x3adly ) | bug-bounty, bug-bounty-tips, race-condition, infosec, web-penetration-testing | 12-Apr-2024 |
A Comprehensive Guide to Static Analysis in Android Pentesting | https://medium.com/@samireddisaimanikanta939/a-comprehensive-guide-to-static-analysis-in-android-pentesting-66023053ed18?source=rss------bug_bounty-5 | Intrud3rX | penetration-testing, ethical-hacking, android-static-analysis, android-pentesting, bug-bounty | 12-Apr-2024 |
Learn Bug Bounty | https://bevijaygupta.medium.com/learn-bug-bounty-d67654f0c01f?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-tips, bugs, bug-bounty, learn, bug-zero | 12-Apr-2024 |
Microsoft Bug Bounty | https://bevijaygupta.medium.com/microsoft-bug-bounty-1295263b135e?source=rss------bug_bounty-5 | Vijay Gupta | microsoft, microservices, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 12-Apr-2024 |
How I Bypassed Offer Limits to Gain Multiple Membership Benefits | https://medium.com/@xiaodongsec/how-i-bypassed-offer-limits-to-gain-multiple-membership-benefits-affea84c0844?source=rss------bug_bounty-5 | Xiaodong | bug-bounty, hacker, china, vulnerability | 12-Apr-2024 |
Latest Bug Bounty And Web Hacking Tools Bug Bunty And Web Hacking Tools | https://medium.com/@haidertallal786/latest-bug-bounty-and-web-hacking-tools-bug-bunty-and-web-hacking-tools-feff2224b200?source=rss------bug_bounty-5 | Muhammad haider Tallal | bug-bounty, web-penetration-testing, hacking | 12-Apr-2024 |
Zoho Account Takeover: How a Single Click Can Lead to Full Control on your Zoho account | https://medium.com/@0xUsername/zoho-account-takeover-how-a-single-click-can-lead-to-full-control-on-your-zoho-account-04a5ea069382?source=rss------bug_bounty-5 | HackerWithOutHat | security, cybersecuirty, bug-bounty, infosec, information-security | 12-Apr-2024 |
Random account takeover via misconfigured OAuth | https://medium.com/@Berserker1337/random-account-takeover-via-misconfigured-oauth-5dc2cbbbe905?source=rss------bug_bounty-5 | Berserker | bug-bounty, cybersecurity, information-security, infosec, vulnerability | 12-Apr-2024 |
16.5 Lab: Multistep clickjacking in Bug Bounty | 2024 | https://cyberw1ng.medium.com/16-5-lab-multistep-clickjacking-in-bug-bounty-2024-a5eb20de6900?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, careers, cybersecurity, hacking | 12-Apr-2024 |
5 Methods I Use To Discover APIs | https://medium.com/@red.whisperer/5-methods-i-use-to-discover-apis-6d646baa3ffb?source=rss------bug_bounty-5 | Chux | api, red-team, pentesting, hacking, bug-bounty | 12-Apr-2024 |
Token-Based Authentication vulnerability | https://medium.com/@paulovitorcl/token-based-authentication-vulnerability-37d97efcca62?source=rss------bug_bounty-5 | Paulo Vitor Costa Lima | bug-bounty, cybersecurity | 12-Apr-2024 |
Hunting on Microsoft SharePoint: The art of manipulation. | https://machiavellli.medium.com/hunting-on-microsoft-sharepoint-the-art-of-manipulation-25c96ee1de3a?source=rss------bug_bounty-5 | Machiavelli | infosec, bug-bounty | 12-Apr-2024 |
How I Discovered Vulnerabilities by Modifying App Memory | https://medium.com/@xiaodongsec/how-i-discovered-vulnerabilities-by-modifying-app-memory-5a87b685ed3d?source=rss------bug_bounty-5 | Xiaodong | hacker, china, bug-bounty, vulnerability, money | 12-Apr-2024 |
How I Exposed a High-Risk SSRF Vulnerability in an AI Model | https://medium.com/@xiaodongsec/how-i-exposed-a-high-risk-ssrf-vulnerability-in-an-ai-model-e40d6f96a5e1?source=rss------bug_bounty-5 | Xiaodongsec | hacker, bug-bounty, ai | 11-Apr-2024 |
Building My Own Packet Sniffer for Game Security Testing | https://medium.com/@yannik603/building-my-own-packet-sniffer-for-game-security-testing-8baf58a94d0c?source=rss------bug_bounty-5 | Yannik Castro | gamehacking, bug-bounty, reverse-engineering, hacking, hacking-tools | 11-Apr-2024 |
Meta Bug Bounty | https://bevijaygupta.medium.com/meta-bug-bounty-cc842ca0f614?source=rss------bug_bounty-5 | Vijay Gupta | bugs, bug-zero, bug-bounty, metaverse, bug-bounty-tips | 11-Apr-2024 |
How to Fuzz Prototype Pollution by Reusing Public CVEs for Fun and Research | https://medium.com/@zpbrent/how-to-fuzz-prototype-pollution-by-reusing-public-cves-for-fun-and-research-40891013bf0b?source=rss------bug_bounty-5 | Peng Zhou | web-security, nodejs, fuzzing, infosec, bug-bounty | 11-Apr-2024 |
How I Exposed a High-Risk SSRF Vulnerability in an AI Model | https://medium.com/@xiaodongsec/how-i-exposed-a-high-risk-ssrf-vulnerability-in-an-ai-model-e40d6f96a5e1?source=rss------bug_bounty-5 | Xiaodong | hacker, bug-bounty, ai | 11-Apr-2024 |
How I Uncovered a Payment Vulnerability | https://medium.com/@xiaodongsec/how-i-uncovered-a-payment-vulnerability-6355e15d1702?source=rss------bug_bounty-5 | Xiaodong | vulnerability, china, bug-bounty, hacker | 11-Apr-2024 |
Indian software firms cheated me by failing to provide the promised bounty after I reported… | https://medium.com/@mangbho28/indian-software-firms-cheated-me-by-failing-to-provide-the-promised-bounty-after-i-reported-ffc7fcc83993?source=rss------bug_bounty-5 | MB007 | bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-program | 11-Apr-2024 |
Bypassed the Amazon CloudFront Logic and got XSS at the National Weather Agency of the U.S. | https://royzsec.medium.com/bypassed-the-amazon-cloudfront-logic-and-got-xss-at-the-national-weather-agency-of-the-u-s-100af330430a?source=rss------bug_bounty-5 | Prince Roy(RoyzSec) | web-development, hacking, bug-bounty, cybersecurity, penetration-testing | 11-Apr-2024 |
7 Essential Skills Every Bug Bounty Hunter Needs to Succeed | https://medium.com/mynextdeveloper/7-essential-skills-every-bug-bounty-hunter-needs-to-succeed-0e6ac8afa483?source=rss------bug_bounty-5 | MyNextDeveloper | penetration-testing, cybersecurity, kali-linux, darkweb, bug-bounty | 11-Apr-2024 |
GitHub Bug Bounty | https://bevijaygupta.medium.com/github-bug-bounty-afa61eb789f3?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-tips, bug-zero, bugs, github, bug-bounty | 11-Apr-2024 |
16.4 Lab: Exploiting clickjacking vulnerability to trigger DOM-based XSS | 2024 | https://cyberw1ng.medium.com/16-4-lab-exploiting-clickjacking-vulnerability-to-trigger-dom-based-xss-2024-71c5b567fb4b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, penetration-testing, cybersecurity, bug-bounty, careers | 11-Apr-2024 |
Secret BurpSuite Extension For BugBounty~ Part-2 | https://medium.com/@Ajakcybersecurity/secret-burpsuite-extension-for-bugbounty-part-2-58b644b9222c?source=rss------bug_bounty-5 | AjakCybersecurity | blog, bug-bounty, penetration-testing, ethical-hacking, hacking | 11-Apr-2024 |
How to Fuzz Prototype Pollution by Reusing Public CVEs for Fun and Research | https://medium.com/@zpbrent/how-to-fuzz-prototype-pollution-by-reusing-public-cves-for-fun-and-research-40891013bf0b?source=rss------bug_bounty-5 | Peng Zhou | javascript, web-security, nodejs, infosec, bug-bounty | 11-Apr-2024 |
Bug Bounty Challenge: Day 16–11/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-day-16-11-04-2024-effc5c820319?source=rss------bug_bounty-5 | Wallotry | bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty | 11-Apr-2024 |
CVE-2024–24576: A Critical Rust Vulnerability on Windows | https://infosecwriteups.com/cve-2024-24576-a-critical-rust-vulnerability-on-windows-4f0bb1a332e9?source=rss------bug_bounty-5 | ElNiak | cybersecurity, windows, rust, penetration-testing, bug-bounty | 10-Apr-2024 |
How I Find an Arbitrary File Upload Vulnerability with a Unique Bypass | https://medium.com/@zpbrent/how-i-find-an-arbitrary-file-upload-vulnerability-with-a-unique-bypass-8d679f45a497?source=rss------bug_bounty-5 | Peng Zhou | infosec, wordpress-plugins, web-security, bug-bounty, wordpress | 10-Apr-2024 |
Bug Bounty Certification | https://bevijaygupta.medium.com/bug-bounty-certification-27c95b8a1b80?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-tips, bugs, bug-bounty, bug-zero, bug-bounty-certification | 10-Apr-2024 |
Android Bug Bounty | https://bevijaygupta.medium.com/android-bug-bounty-9a2daf0d2270?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-tips, android-bug-bounty, android, bugs, bug-bounty | 10-Apr-2024 |
Apple Bug Bounty | https://bevijaygupta.medium.com/apple-bug-bounty-88002b2c159d?source=rss------bug_bounty-5 | Vijay Gupta | apple-bug-bounty, bug-zero, bug-bounty, bug-bounty-tips, bugs | 10-Apr-2024 |
SQL Injection: A Simple Beginner’s Guide. | https://ishengoma.medium.com/sql-injection-a-simple-beginners-guide-58d237ff18da?source=rss------bug_bounty-5 | Ishengoma | vulnerability-assessment, sql-injection, hacking, vulnerability-management, bug-bounty | 10-Apr-2024 |
Privilege Escalation by manipulating endpoint | https://medium.com/@vijayrockstar.verma5/privilege-escalation-by-manipulating-endpoint-10feb974bab5?source=rss------bug_bounty-5 | Vijay Verma | infosec, hacking, bug-bounty, cybersecurity, pentesting | 10-Apr-2024 |
Vulnerable WordPress March 2024 (Kandovan) | https://medium.com/@onhexgroup/vulnerable-wordpress-march-2024-kandovan-24103451060b?source=rss------bug_bounty-5 | Onhexgroup | wordpress, bug-bounty, wordpress-security, infosec, exploitation | 10-Apr-2024 |
Clickjacking: A Comprehensive Guide to Finding Clickjacking Vulnerabilities | https://cyberw1ng.medium.com/clickjacking-a-comprehensive-guide-to-finding-clickjacking-vulnerabilities-3f51d8e63a41?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, security, bug-bounty, careers | 10-Apr-2024 |
Bug: No rate limiting on Email verification leads to huge Mass Mailing :: P4 | https://medium.com/@deypradip87jk/bug-no-rate-limiting-on-email-verification-leads-to-huge-mass-mailing-p4-b72c666d6e56?source=rss------bug_bounty-5 | Professor0xx01 | information-security, bug-bounty-tips, cybersecurity, bug-bounty, infosec-write-ups | 09-Apr-2024 |
How I Found Bug :: Reflected XSS (Cross-Site-Scripting) On a BBP. | https://medium.com/@deypradip87jk/how-i-found-bug-reflected-xss-cross-site-scripting-on-a-bbp-9f57611eda91?source=rss------bug_bounty-5 | Professor0xx01 | bug-bounty, cyber-security-solutions, infosec-write-ups, offensive-security, bug-bounty-tips | 09-Apr-2024 |
Bug: No rate limiting on Email verification leads to huge Mass Mailing :: P4 | https://medium.com/@p.ra.dee.p_0xx01/bug-no-rate-limiting-on-email-verification-leads-to-huge-mass-mailing-p4-b72c666d6e56?source=rss------bug_bounty-5 | Professor0xx01 | information-security, bug-bounty-tips, cybersecurity, bug-bounty, infosec-write-ups | 09-Apr-2024 |
How I Found Bug :: Reflected XSS (Cross-Site-Scripting) On a BBP. | https://medium.com/@p.ra.dee.p_0xx01/how-i-found-bug-reflected-xss-cross-site-scripting-on-a-bbp-9f57611eda91?source=rss------bug_bounty-5 | Professor0xx01 | bug-bounty, cyber-security-solutions, infosec-write-ups, offensive-security, bug-bounty-tips | 09-Apr-2024 |
Bug Bounty Reports | https://bevijaygupta.medium.com/bug-bounty-reports-8a6480d06a80?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty, bug-bounty-tips, bugs, bug-bounty-reports, bug-zero | 09-Apr-2024 |
Bug Hunting Methodology for Beginners | https://bevijaygupta.medium.com/bug-hunting-methodology-for-beginners-ce7ee1b11c25?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-hunter, bug-hunting, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 09-Apr-2024 |
Information Disclosure: Story of 500€ + 400$ Bounty | https://v3d.medium.com/information-disclosure-story-of-500-400-bounty-97d3b343f9ad?source=rss------bug_bounty-5 | V3D | bug-bounty, penetration-testing, information-technology, cybersecurity, hacking | 09-Apr-2024 |
Card Payment Functionality Checklist — Bug Bounty Tuesday | https://medium.com/@kerstan/card-payment-functionality-checklist-bug-bounty-tuesday-6eab127d0126?source=rss------bug_bounty-5 | kerstan | technology, hacking, cybersecurity, bug-bounty, security | 09-Apr-2024 |
Mass automation for finding XSS vulnerabilities in large scope targets | https://medium.com/@oumzarkar/mass-automation-for-finding-xss-vulnerabilities-in-large-scope-targets-019996b0515c?source=rss------bug_bounty-5 | dextro | bug-bounty-tips, cybersecurity, walkthrough, automation, bug-bounty | 09-Apr-2024 |
How I Found My First Stored XSS || WAF & Characters Limitation Bypass | https://kariiem.medium.com/how-i-found-my-first-stored-xss-waf-characters-limitation-bypass-cc414c4fadde?source=rss------bug_bounty-5 | Kariiem Gamal | bug-bounty-tips, bug-hunting, bug-bounty, waf-bypass, bugbounty-writeup | 09-Apr-2024 |
My WordPress Bug Bounty Journey on Patchstack | https://medium.com/@zpbrent/from-first-rejection-to-monthly-top-c0dedd4bbc7f?source=rss------bug_bounty-5 | Peng Zhou | bug-bounty-program, bug-bounty-hunter, wordpress-security, ethical-hacking, bug-bounty | 09-Apr-2024 |
Simple Tips for Bug Bounty Beginners: Finding Blind XSS Vulnerabilities | https://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-blind-xss-vulnerabilities-ab67977ff756?source=rss------bug_bounty-5 | Anish Narayan | bug-bounty-tips, bug-bounty, xss-attack, cross-site-scripting, cybersecurity | 09-Apr-2024 |
15.3 Lab: CORS vulnerability with trusted insecure protocols | 2024 | https://cyberw1ng.medium.com/15-3-lab-cors-vulnerability-with-trusted-insecure-protocols-2024-2ba1967daecc?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, penetration-testing, bug-bounty, cybersecurity, hacking | 09-Apr-2024 |
Hunting Bugs and Striking Gold: Forward Calls for Elite Hunters in the Bug Bounty Campaign | https://forwardprotocol.medium.com/hunting-bugs-and-striking-gold-forward-calls-for-elite-hunters-in-the-bug-bounty-campaign-057e686c8577?source=rss------bug_bounty-5 | Forward Protocol | blockchain-technology, bug-bounty, bug-bounty-hunter, web3, blockchain-developer | 09-Apr-2024 |
Is Your Business a Sitting Duck for Credit Card Hackers? Here’s How PCI DSS Can Save You! | https://medium.com/@josuofficial327/is-your-business-a-sitting-duck-for-credit-card-hackers-heres-how-pci-dss-can-save-you-97d7b6562131?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | cybersecurity, payment-gateway, bug-bounty, hacking, bug-bounty-tips | 08-Apr-2024 |
Google Bug Hunters | https://bevijaygupta.medium.com/google-bug-hunters-673e2f5c2600?source=rss------bug_bounty-5 | Vijay Gupta | bug-hunter, bug-bounty-writeup, google, bug-bounty, bug-bounty-tips | 08-Apr-2024 |
Unleashing the Power of Bug Bounty Dorks: A Comprehensive Guide | https://bevijaygupta.medium.com/unleashing-the-power-of-bug-bounty-dorks-a-comprehensive-guide-b121fce9e5e4?source=rss------bug_bounty-5 | Vijay Gupta | google, bug-bounty, bug-bounty-tips, google-dork, bug-zero | 08-Apr-2024 |
How I Got Multiple Privilege Escalations — The Easy Trick? | https://medium.com/@Mdabdulrahman/how-i-got-multiple-privilege-escalations-the-easy-trick-e915110bc08a?source=rss------bug_bounty-5 | Md Abdul Rahman | win-privilege-escalation, bug-bounty, penetration-testing, privilege-escalation | 08-Apr-2024 |
Hacking Swisscom’s End-to-End Encrypted Cloud Storage for $4,000 | https://medium.com/@thomashouhou/hacking-swisscoms-end-to-end-encrypted-cloud-storage-for-4-000-3660722196ec?source=rss------bug_bounty-5 | Thomas Houhou | web-security, hacking, bug-bounty-tips, bug-bounty, cybersecurity | 08-Apr-2024 |
XSS on out of scope domain? CORS is your secret weapon! | https://c4rrilat0r.medium.com/xss-on-out-of-scope-domain-cors-is-your-secret-weapon-93e433278080?source=rss------bug_bounty-5 | c4rrilat0r | bug-bounty, bug-bounty-tips, hackerone, xss-attack, cors | 08-Apr-2024 |
Breaking Free: 26 Advanced Techniques to Escape Docker Containers | https://infosecwriteups.com/breaking-free-26-advanced-techniques-to-escape-docker-containers-530049816b55?source=rss------bug_bounty-5 | ElNiak | bug-bounty, cybersecurity, penetration-testing, kubernetes, docker | 08-Apr-2024 |
15.2 Lab: CORS vulnerability with trusted null origin | 2024 | https://cyberw1ng.medium.com/15-2-lab-cors-vulnerability-with-trusted-null-origin-2024-a84020e4e254?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, hacking, cybersecurity, careers, bug-bounty | 08-Apr-2024 |
Why You Should Attend Cybersecurity Conferences: Unlock Opportunities | https://medium.com/@a13h1/why-you-should-attend-cybersecurity-conferences-unlock-opportunities-2a16dfe4658e?source=rss------bug_bounty-5 | Abhi Sharma | networking, information-security, cybersecurity, conference, bug-bounty | 07-Apr-2024 |
How to Start Your Journey into Cybersecurity in 2024 (or how I did) | https://medium.com/@j0hnc0nn0r/how-to-start-your-journey-into-cybersecurity-in-2024-or-how-i-did-ebe4910acdc7?source=rss------bug_bounty-5 | John Connor | cybersecurity, penetration-testing, bug-bounty, tryhackme, hackthebox | 07-Apr-2024 |
How to Start Your Journey into Cybersecurity in 2024 (or how I did) | https://medium.com/@j0hnc0nn0r/how-to-start-your-journey-into-cybersecurity-in-2024-or-how-i-did-ebe4910acdc7?source=rss------bug_bounty-5 | J0hn C0nn0r | cybersecurity, penetration-testing, bug-bounty, tryhackme, hackthebox | 07-Apr-2024 |
How Employee can change Manager’s review for him. | https://interc3pt3r.medium.com/how-employee-can-change-managers-review-for-him-a903bd329111?source=rss------bug_bounty-5 | Aneesha D | bug-bounty, cybersecurity, hacking, security, bugs | 07-Apr-2024 |
Unofficial Guide to OWASP Top 10:2021 | https://medium.com/@rafinrahmanchy/unofficial-guide-to-owasp-top-10-2021-87eebd03b614?source=rss------bug_bounty-5 | Rafin Rahman Chy | pentesting, web-security, bug-bounty, hacking, infosec | 07-Apr-2024 |
TryHackMe CTF: Vulnversity — Walkthrough | https://medium.com/@suyogpatil1810/tryhackme-ctf-vulnversity-walkthrough-2f375c5521a6?source=rss------bug_bounty-5 | Suyog Patil | software-development, computer-science, hacking, ethical-hacking, bug-bounty | 07-Apr-2024 |
Mastering CORS: A Comprehensive Guide to Finding Cross-origin resource sharing Vulnerabilities |… | https://cyberw1ng.medium.com/mastering-cors-a-comprehensive-guide-to-finding-cross-origin-resource-sharing-vulnerabilities-c22a5659f95f?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, cybersecurity, security, penetration-testing | 07-Apr-2024 |
How We Found a 25K$ Bug in a Blockchain Project by Mistake | Bounty Hunting Journey | https://0d.dwalletlabs.com/how-we-found-a-25k-bug-in-a-blockchain-project-by-mistake-bounty-hunting-journey-21c0c20440f6?source=rss------bug_bounty-5 | Elad Ernst | blockchain, exploitation, web3, bug-bounty, icon-foundation | 07-Apr-2024 |
IDOR Leads To Account Takeover | https://medium.com/@adityasawant00/idor-leads-to-account-takeover-28fe6e300a49?source=rss------bug_bounty-5 | Aditya Sawant | idor, account-takeover, bug-bounty, penetration-testing, web-application-security | 07-Apr-2024 |
How Did I Find Reflected XSS In Domino’s ? | https://medium.com/@xrypt0/how-did-i-find-reflected-xss-in-dominos-d1d41b120598?source=rss------bug_bounty-5 | Crypto | cloudflare, bug-bounty, penetration-testing, xss-attack, web-security | 07-Apr-2024 |
File Upload Vulnerability Checklist | https://medium.com/@dasmanish6176/file-upload-vulnerability-checklist-254c4680aa74?source=rss------bug_bounty-5 | Dasmanish | web-application-security, bug-bounty, web-penetration-testing, vapt, file-upload-vulnerability | 07-Apr-2024 |
Bug Bounties in Web3: Investing in Security for Sustainable Growth | https://medium.com/@charliekaru/bug-bounties-in-web3-investing-in-security-for-sustainable-growth-5b4092474d3d?source=rss------bug_bounty-5 | Charlie Karunaratne | web3, defi-security, bug-bounty, web3-security | 07-Apr-2024 |
Teaching Spotify a Cryptography Lesson | https://medium.com/@Fanicia/teaching-spotify-a-cryptography-lesson-51f5ee0b0f5c?source=rss------bug_bounty-5 | Security Guy | openid-connect, blue-team, bug-bounty, cybersecurity, bug-bounty-tips | 07-Apr-2024 |
Finding CSRF on Graphql Application | https://medium.com/@alpernae/finding-csrf-on-graphql-application-3ffa1105a30d?source=rss------bug_bounty-5 | Alperen | bug-bounty-tips, graphql, cybersecurity, bug-bounty, csrf | 7-Apr-2024 |
The Fast and the Curious: Finding a Race Condition in Worldcoin | https://medium.com/@gonzo-hacks/the-fast-and-the-curious-finding-a-race-condition-in-worldcoin-621c89bfbd61?source=rss------bug_bounty-5 | Dane Sherrets | bug-bounty, bug-fixes, bug-bounty-tips, blockchain, hacking | 7-Apr-2024 |
“Fortify Your Cyber Space: Embark on the Dominant Cyber Boot Camp Journey” | https://medium.com/@rizvi4600779/fortify-your-cyber-space-embark-on-the-dominant-cyber-boot-camp-journey-3071bd0b1ec7?source=rss------bug_bounty-5 | Syed Muhammad Minhal Rizvi | hacking, writeup, cyber, bug-bounty, cybersecurity | 7-Apr-2024 |
Host Header Manipulation Leading to Unauthorized Access to Apple’s Internal Slack bot (Bug Bounty) | https://amineaboud.medium.com/unauthorized-access-to-an-internal-app-used-by-apple-to-protect-confidential-information-shared-on-c8835a80079b?source=rss------bug_bounty-5 | Amine Aboud | bug-bounty-writeup, bug-bounty, bug-bounty-tips | 07-Apr-2024 |
This Cryptocurrency exchange paid me $200 for reporting vulnerability in their website | https://medium.com/@abhishek8602314652/this-cryptocurrency-exchange-paid-me-200-for-reporting-vulnerability-in-their-website-6755b38702a8?source=rss------bug_bounty-5 | Abhishek singh ( a6h1) | cybersecurity, cryptocurrency, vulnerability, bug-hunting, bug-bounty | 07-Apr-2024 |
Wordfence otorga su mayor bounty hasta la fecha | https://casi-cincuenta-monos.medium.com/wordfence-otorga-su-mayor-bounty-hasta-la-fecha-f2d9aa561f05?source=rss------bug_bounty-5 | Casi Cincuenta Monos | wordpress, cybersecurity, bug-bounty | 06-Apr-2024 |
Recon automation with Telegram Notification | https://medium.com/@tamhacker1/recon-automation-with-telegram-notification-d4c6b564ed58?source=rss------bug_bounty-5 | Tamhacker | cybersecurity, hacker, bug-bounty, reconnaissance, hacking | 06-Apr-2024 |
How To Fix bWAPP Unknown Database Error Windows/Linux | https://hamzaavvan.medium.com/how-to-fix-bwapp-unknown-database-error-windows-linux-acefd1a4568b?source=rss------bug_bounty-5 | Hamza Avvan | bwapp, php, ethical-hacking, bug-fixes, bug-bounty | 06-Apr-2024 |
Easiest way to find Broken links in a website | https://medium.com/@jeetpal2007/easiest-way-to-find-broken-links-in-a-website-cccbc1f0b6d2?source=rss------bug_bounty-5 | JEETPAL | broken-link, easy-bug-to-find, bug-bounty, bug-bounty-tips, broken-link-hijacking | 06-Apr-2024 |
Advanced XSS Discovery: Streamlining Your Attack Strategy with Cutting-Edge Automation Tools | https://medium.com/@0xelkot/advanced-xss-discovery-streamlining-your-attack-strategy-with-cutting-edge-automation-tools-88cfd0f68c8e?source=rss------bug_bounty-5 | 0xElkot | hackerone, xss-attack, methodology, bug-bounty, hacking | 06-Apr-2024 |
14.6 Lab: SameSite Strict bypass via sibling domain | 2024 | https://infosecwriteups.com/14-6-lab-samesite-strict-bypass-via-sibling-domain-2024-f2ad5f0167d1?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, bug-bounty, penetration-testing, hacking | 06-Apr-2024 |
Bug Bounty: Secure Camino Network, Earn Rewards | https://medium.com/@obobo/bug-bounty-secure-camino-network-earn-rewards-329a686da0b9?source=rss------bug_bounty-5 | O Bobo | web3, hexen, travel, camino-network, bug-bounty | 06-Apr-2024 |
Step by Step Complete Beginners guide of iOS penetration testing with corellium | https://infosecwriteups.com/step-by-step-complete-beginners-guide-of-ios-penetration-testing-with-corellium-2b9e9c6382c2?source=rss------bug_bounty-5 | Sandeep Vishwakarma | mobile-pentesting, bug-bounty, corellium, ios-penetration-testing, pentesting | 05-Apr-2024 |
Unmasking an Open Redirect on the India’s Government Website | https://medium.com/@nilkhant30/unmasking-an-open-redirect-on-the-indias-government-website-3f808b10bff9?source=rss------bug_bounty-5 | I AM Raja | open-redirect, bug-bounty, hacking, bug-bounty-tips, security-research | 05-Apr-2024 |
IDOR To view other private users profile pictures in un.org | https://medium.com/@Ajakcybersecurity/idor-to-view-other-private-users-profile-pictures-in-un-org-358e464335e8?source=rss------bug_bounty-5 | AjakCybersecurity | hacking, bug-bounty, cybersecurity, ethical-hacking, penetration-testing | 05-Apr-2024 |
Apple’s Bug: From SQLi Suspicions to UI Bug Discovery | https://medium.com/@MohaseenK/apples-bug-from-sqli-suspicions-to-ui-bug-discovery-0e71e228b336?source=rss------bug_bounty-5 | Mohaseen | apple, hof, bug-bounty, hackerone, bugcrowd | 05-Apr-2024 |
Race Condition Authentication Bypass Leads to Full Account Takeover | https://medium.com/@keizobugbounty/race-condition-authentication-bypass-leads-to-full-account-takeover-6b5c9bc0a54d?source=rss------bug_bounty-5 | Keizo | cybersecurity, bugbounty-writeup, bug-bounty, bug-bounty-writeup, bug-bounty-tips | 05-Apr-2024 |
Don’t Trust the Cache: Exposing Web Cache Poisoning and Deception vulnerabilities | https://anasbetis023.medium.com/dont-trust-the-cache-exposing-web-cache-poisoning-and-deception-vulnerabilities-3a829f221f52?source=rss------bug_bounty-5 | Anas H Hmaidy | bug-bounty-tips, penetration-testing, cybersecurity, web-security, bug-bounty | 05-Apr-2024 |
FB OAuth Misconfigurations to Account Takeover | https://medium.com/@hbenja47/fb-oauth-misconfigurations-to-account-takeover-e264a06ae4a0?source=rss------bug_bounty-5 | Benja (bronxi) | hacking, bug-bounty, oauth, infosec | 05-Apr-2024 |
UUIDs Unmasked: Exploiting IDOR for User Data Access | https://medium.com/@cybersolution2172/uuids-unmasked-exploiting-idor-for-user-data-access-b199e3b08563?source=rss------bug_bounty-5 | Satyam Singh | bug-bounty-tips, owasp, bug-bounty, idor-vulnerability, bug-bounty-writeup | 05-Apr-2024 |
14.5 Lab: CSRF with broken Referer validation | 2024 | https://cyberw1ng.medium.com/14-5-lab-csrf-with-broken-referer-validation-2024-9948aa660023?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, hacking, cybersecurity, careers, bug-bounty | 05-Apr-2024 |
Beetlebug Android Walkthrough & Basics Android application security | https://medium.com/@yousefneuer13/beetlebug-android-walkthrough-basics-android-application-security-c5e0fb9b284b?source=rss------bug_bounty-5 | Yousef Elsheikh | cybersecurity, bug-bounty, android-security, ctf-writeup, ctf-walkthrough | 05-Apr-2024 |
One IP led to 4 bugs made the company delete the domain | https://kalawy.medium.com/one-ip-led-to-4-bugs-made-the-company-delete-the-domain-f28a9e898a8a?source=rss------bug_bounty-5 | Kalawy | bug-bounty-tips, bug-bounty, hackerone | 04-Apr-2024 |
How to discovery vulnerabilities in your network? | https://medium.com/@info_81845/how-to-discovery-vulnerabilities-in-your-network-a6fd140ad4d6?source=rss------bug_bounty-5 | BugFixing | penetration-testing, penetration-test-company, bug-bounty, hacking, vulnerability-assessment | 04-Apr-2024 |
Art of onscrollend | Demonstrating XSS through scroll events write-up | https://medium.com/@rAmpancist/art-of-onscrollend-demonstrating-xss-through-scroll-events-write-up-d3b33afaaf64?source=rss------bug_bounty-5 | rAmpancist | bug-bounty, bug-bounty-tips, xss-attack, cybersecurity, hacking | 04-Apr-2024 |
HTB Academy | CROSS_SITE SCRIPTING (XSS) - | https://medium.com/@mazalwebdesign/htb-academy-cross-site-scripting-xss-7dc78e69b100?source=rss------bug_bounty-5 | Sara Mazal M. | maz4l | ethical-hacking, htb, htb-academy-writeup, htb-walkthrough, bug-bounty | 04-Apr-2024 |
FB OAuth Misconfiguration Leads to Takeover any Account | https://sl4x0.medium.com/fb-oauth-misconfiguration-leads-to-takeover-any-account-061316a5b31b?source=rss------bug_bounty-5 | Abdelrhman Allam (sl4x0) | oauth2, account-takeover, bug-bounty, hacking, bug-bounty-tips | 04-Apr-2024 |
S3 Bucket Misconfiguration | https://medium.com/@scorpiankapil/s3-bucket-misconfiguration-64d459abdb71?source=rss------bug_bounty-5 | Kapil Patel | bug-bounty | 04-Apr-2024 |
14.4 Lab: CSRF where Referer validation depends on header being present | 2024 | https://cyberw1ng.medium.com/14-4-lab-csrf-where-referer-validation-depends-on-header-being-present-2024-2db1c7496091?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, cybersecurity, bug-bounty, penetration-testing | 04-Apr-2024 |
NFS | https://medium.com/@mirackucuk595/nfs-873d049131b8?source=rss------bug_bounty-5 | Miraç Küçük | footprinting, bug-bounty, information-gathering, hack-the-box-writeup, nfs-server | 04-Apr-2024 |
Escalation of Admin and Supervisor Privileges Enables Organization Takeover and Access to Any… | https://medium.com/@elcapitano7x/escalation-of-admin-and-supervisor-privileges-enables-organization-takeover-and-access-to-any-6d1eb82bbe08?source=rss------bug_bounty-5 | Elcapitano | bug-bounty, hacking, idor-vulnerability, bug-bounty-tips, account-takeover | 04-Apr-2024 |
Bug Bounty Challenge: Day 10–04/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-day-10-04-04-2024-d7d40e226af2?source=rss------bug_bounty-5 | Wallotry | bug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup | 04-Apr-2024 |
My methodology to bypass CSRF | https://medium.com/@0x7irix/my-methodology-to-bypass-csrf-957b4e552ae7?source=rss------bug_bounty-5 | 0x7irix | csrf-attack, csrf-token, csrf-bypass, csrf, bug-bounty | 04-Apr-2024 |
How I hacked medium and they didn’t pay me | https://medium.com/@super_burgundy_weasel_439/how-i-hacked-medium-and-they-didnt-pay-me-f6c89cca3af7?source=rss------bug_bounty-5 | YouGotItComing | hacking, bug-bounty, medium, neglect, bugs | 04-Apr-2024 |
ShentuChain’s OpenBounty Hackers and Projects Referral Program | https://shentuchain.medium.com/shentuchains-openbounty-hackers-and-projects-referral-program-29b4b73c20c0?source=rss------bug_bounty-5 | Shentu Chain | bug-bounty, ethical-hacker, cybersecurity, referral-program, web3 | 03-Apr-2024 |
SQLI with extract Huge Data just Got N/A | https://medium.com/@nomad8061/sqli-with-extract-huge-data-just-got-n-a-5956c3b5297b?source=rss------bug_bounty-5 | Ahmed Badry | bug-bounty, sqlite, infosec, information-technology, ctf | 03-Apr-2024 |
Cracking the Code: XSS Exploits and Their Power in Phishing Warfare | https://hackerhalt.medium.com/cracking-the-code-xss-exploits-and-their-power-in-phishing-warfare-252d04e9792e?source=rss------bug_bounty-5 | Hacker Halt Live | bugbounty-writeup, phishing, xs, bug-bounty, phishing-attacks | 03-Apr-2024 |
Hack ChatGPT, Make Money | https://medium.com/@david.azad.merian/hack-chatgpt-make-money-644bb4a7a529?source=rss------bug_bounty-5 | David Merian | bug-bounty, hacking, cybersecurity, fuzzing, ai | 03-Apr-2024 |
How I Secured 50+ Brand & Startups in Shopify Stores | XSS | Responsible Disclosure | https://prathapilango.medium.com/how-i-secured-50-brand-startups-in-shopify-stores-xss-responsible-disclosure-e38a72cf4a47?source=rss------bug_bounty-5 | Prathapilango | infosec, info-sec-writeups, cybersecurity, cross-site-scripting, bug-bounty | 03-Apr-2024 |
Bug Bounty Challenge: Day 9–03/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-day-9-03-04-2024-f7a6303bb674?source=rss------bug_bounty-5 | Wallotry | bug-bounty, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-tips | 03-Apr-2024 |
I asked ChatGPT to improve Jason Haddix V4 methodology. Here’s the answer: | https://medium.com/@uniicorniumx/i-asked-chatgpt-to-improve-jason-haddix-v4-methodology-heres-the-answer-09de258da623?source=rss------bug_bounty-5 | • CrazyUnicorn | hacking, bug-bounty, pentesting, cybersecurity, bug-bounty-tips | 03-Apr-2024 |
Smart Fuzzing — Finding bugs like no one else. By Gilson Oliveira | https://medium.com/@gilsgil/smart-fuzzing-finding-bugs-like-no-one-else-by-gilson-oliveira-d6aa0dbc285b?source=rss------bug_bounty-5 | Gilson Oliveira | bug-bounty-tips, bug-bounty, bug-bounty-writeup | 03-Apr-2024 |
Struggling RCE on Jenkins Instance | https://medium.com/@imusabkhan/struggling-rce-on-jenkins-instance-8851af98b7e6?source=rss------bug_bounty-5 | Mohammad Musab Khan | hacker, bugs, bug-bounty, bug-bounty-tips, remote-code-execution | 03-Apr-2024 |
DNS | https://medium.com/@mirackucuk595/dns-4e18aa90b7cf?source=rss------bug_bounty-5 | Miraç Küçük | footprinting, hack-the-box-writeup, dns, bug-bounty | 03-Apr-2024 |
Bir sorgu dizesinde sunucu tarafı parametre kirliliğinden yararlanma | https://medium.com/@hhuseyinuyar17/bir-sorgu-dizesinde-sunucu-taraf%C4%B1-parametre-kirlili%C4%9Finden-yararlanma-567489eefd65?source=rss------bug_bounty-5 | Hhuseyinuyar | api, hacking, burpsuite, bug-bounty, parameter | 03-Apr-2024 |
14.3 Lab: SameSite Lax bypass via cookie refresh | 2024 | https://cyberw1ng.medium.com/14-3-lab-samesite-lax-bypass-via-cookie-refresh-2024-4f10021e6ce8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, cybersecurity, hacking, careers | 03-Apr-2024 |
Issues related to privacy (Cybersecurity) | https://medium.com/@paritoshblogs/issues-related-to-privacy-cybersecurity-99368bf0bc10?source=rss------bug_bounty-5 | Paritosh | information-security, bug-bounty, cybersecurity, information-technology, hacking | 02-Apr-2024 |
Welcome pentesters to cooperate with our company! | https://medium.com/@alfabit_group/welcome-pentesters-to-cooperate-with-our-company-9cdf42f233bb?source=rss------bug_bounty-5 | AlfaBit Ecosystem | blockchain, alfabit, bug-bounty, ecosystem | 02-Apr-2024 |
Unpacking CVE-2024–3094: A Critical Vulnerability in XZ Utils | https://infosecwriteups.com/unpacking-cve-2024-3094-a-critical-vulnerability-in-xz-utils-c6a8207d7b54?source=rss------bug_bounty-5 | ElNiak | cve, linux, backdoor, cybersecurity, bug-bounty | 02-Apr-2024 |
4 Mistakes To Avoid When Doing Bug Bounty — Bug Bounty Tuesday | https://medium.com/@kerstan/4-mistakes-to-avoid-when-doing-bug-bounty-bug-bounty-tuesday-fd0df75ca05d?source=rss------bug_bounty-5 | kerstan | hacking, cybersecurity, technology, bug-bounty, security | 02-Apr-2024 |
14.2 Lab: SameSite Strict bypass via client-side redirect | 2024 | https://cyberw1ng.medium.com/14-2-lab-samesite-strict-bypass-via-client-side-redirect-2024-2a5e9b68fc1e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, penetration-testing, careers, cybersecurity | 02-Apr-2024 |
One-click Account Take Over | https://dynnyd20.medium.com/one-click-account-take-over-e500929656ea?source=rss------bug_bounty-5 | dynnyd20 | pentesting, bug-bounty, cybersecurity, information-security, security | 02-Apr-2024 |
Bug Bounty Challenge: Day 8–02/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-day-8-02-04-2024-604382e079ac?source=rss------bug_bounty-5 | Wallotry | bug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips | 02-Apr-2024 |
The Difference Between TCP and HTTP Reverse Connection: | https://medium.com/@Hackerinja/the-difference-between-tcp-and-http-reverse-connection-bf13ccd16941?source=rss------bug_bounty-5 | Hackerinja | bug-bounty, penetration-testing, cybersecurity, ethical-hacking | 02-Apr-2024 |
How I was able to send emails from anyone to anyone | https://medium.com/@zeesek/how-i-was-able-to-send-emails-from-anyone-to-anyone-a44c57fd015b?source=rss------bug_bounty-5 | Muhammad Zeeshan | penetration-testing, bugs, bug-bounty-tips, bug-bounty, pentesting | 02-Apr-2024 |
How I Found My First Bug | XSS | https://medium.com/@fariio/how-i-found-my-first-bug-xss-031df71aedbe?source=rss------bug_bounty-5 | Fariio | cybersecurity, bug-bounty-tips, penetration-testing, xss-vulnerability, bug-bounty | 01-Apr-2024 |
Bug to fix: Mastering the Life Cycle of Software Defects | https://medium.com/@hannahanulur/bug-to-fix-mastering-the-life-cycle-of-software-defects-b227292bdb16?source=rss------bug_bounty-5 | Gulhanim Anulur | bug-fixes, defect-management, defect-detection, bug-bounty, bugs | 01-Apr-2024 |
How to start Bug Bounty Hunting $$$$ in 2024?? | A short RoadMap | https://infosecwriteups.com/how-to-start-bug-bounty-hunting-in-2024-a-short-roadmap-9f9eeddd24ca?source=rss------bug_bounty-5 | 7h3h4ckv157 | money, hacking, bug-bounty, ethical-hacking, infosec | 01-Apr-2024 |
IOS Pentesting Lab Setup | https://hackerassociate.medium.com/ios-pentesting-lab-setup-516ec567b424?source=rss------bug_bounty-5 | Harshad Shah | cybersecurity, penetration-testing, infosec, hacking, bug-bounty | 01-Apr-2024 |
Certified Bug Bounty Hunter: Should you go for Broke, or take a Junior Level Certification First | https://medium.com/@codewidthme/certified-bug-bounty-hunter-should-you-go-for-broke-or-take-a-junior-level-certification-first-a905c105f9a2?source=rss------bug_bounty-5 | codewidthme | hacking, bug-bounty, penetration-testing, certification, hackthebox | 01-Apr-2024 |
I will alter and update your website | https://medium.com/@fiverrtopfreelancer/i-will-alter-and-update-your-website-438eeb9bcde8?source=rss------bug_bounty-5 | Fiverr Top Freelancer | html, website-design, bug-fixes, bug-bounty, css | 01-Apr-2024 |
Broken Application Logic Bug Doesn’t Validate Email, leading to DOS | https://medium.com/@saitle74/broken-application-logic-bug-doesnt-validate-email-leading-to-dos-d5ff73e752b4?source=rss------bug_bounty-5 | Saitleop | bug-bounty, infosec-write-ups, cybersecurity, python, infosec | 01-Apr-2024 |
“Configuring Apache Web Server on CentOS 7” | https://medium.com/@shaikhalshifa210/configuring-apache-web-server-on-centos-7-ed10245f2a4d?source=rss------bug_bounty-5 | Alshifa Shaikh | server-configuration, bug-bounty, machine-learning, penetration-testing, cybersecurity | 01-Apr-2024 |
How to set up Caido for Bug Bounty or Web Application Penetration? | https://medium.com/@bytescheck0/how-to-set-up-caido-for-bug-bounty-or-web-application-penetration-a74729d31dca?source=rss------bug_bounty-5 | Bytescheck | cybersecurity, penetration-testing, bug-bounty, technology | 01-Apr-2024 |
XSS Vulnerability in a Technical Assessment Application: Lessons Learned and Security Measures | https://interc3pt3r.medium.com/xss-vulnerability-in-a-technical-assessment-application-lessons-learned-and-security-measures-9321ee4c7639?source=rss------bug_bounty-5 | Aneesha D | bug-bounty, cybersecurity, hacker, hacking, penetration-testing | 01-Apr-2024 |
How I Was Able To Find My First VALID XSS | https://medium.com/@harshsolanki2810/how-i-was-able-to-find-my-first-valid-xss-b1b8bd727b6a?source=rss------bug_bounty-5 | Dart0xx | bug-bounty, cybersecurity, bug-bounty-writeup, bug-hunting | 01-Apr-2024 |
Mastering CSRF: A Comprehensive Guide to Finding Cross-site Request Forgery Vulnerabilities | 2024 | https://cyberw1ng.medium.com/mastering-csrf-a-comprehensive-guide-to-finding-cross-site-request-forgery-vulnerabilities-2024-8d1d13d83547?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, penetration-testing, hacking, careers | 01-Apr-2024 |
Subdomain Takeovers (Subdomain Devralma) | https://medium.com/@mirackucuk595/subdomain-takeovers-subdomain-devralma-2ffa999c123b?source=rss------bug_bounty-5 | Miraç Küçük | bug-bounty, domain-names, subdomain, hackerone | 01-Apr-2024 |
Bug Bounty Challenge: Update | https://wallotry.medium.com/bug-bounty-challenge-update-ebd1fa31426c?source=rss------bug_bounty-5 | Wallotry | bug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup | 01-Apr-2024 |
How I Was Able To Find My First VALID XSS | https://medium.com/@0xdartx/how-i-was-able-to-find-my-first-valid-xss-b1b8bd727b6a?source=rss------bug_bounty-5 | Dart0xx | bug-bounty, cybersecurity, bug-bounty-writeup, bug-hunting | 01-Apr-2024 |
Can I learn bug bounty for free? | https://bevijaygupta.medium.com/can-i-learn-bug-bounty-for-free-59d71024ee15?source=rss------bug_bounty-5 | Vijay Gupta | bugs, bug-zero, bug-bounty-tips, bug-bounty, bug-fixes | 31-Mar-2024 |
Fake Tinder Account Verified By Bypassing Face Authentication | https://medium.com/@Ajakcybersecurity/fake-tinder-account-verified-by-bypassing-face-authentication-4b7c14e35c29?source=rss------bug_bounty-5 | AjakCybersecurity | hacking, ethical-hacking, bug-bounty, blog, tinder | 31-Mar-2024 |
Swaggerdə qarşılaşdığım hücum vektorları ($$$) | https://memmedrehimzade.medium.com/swaggerd%C9%99-qar%C5%9F%C4%B1la%C5%9Fd%C4%B1%C4%9F%C4%B1m-h%C3%BCcum-vektorlar%C4%B1-f3659eeccac5?source=rss------bug_bounty-5 | memmed rehimzade | swagger, cybersecurity, kibertəhlükəsizlik, bug-bounty | 31-Mar-2024 |
Understanding and Mitigating CVE-2024–3094 | https://medium.com/@mrblackstar26/understanding-and-mitigating-cve-2024-3094-2b8572d9e921?source=rss------bug_bounty-5 | Uday Patel | infosec, hacking, bug-bounty, penetration-testing, cybersecurity | 31-Mar-2024 |
Installation DVWA In Windows 10 Using XAMPP | https://bevijaygupta.medium.com/installation-dvwa-in-windows-10-using-xampp-d6246279a10e?source=rss------bug_bounty-5 | Vijay Gupta | xampp, dvwa, hacking, install-dvwa, bug-bounty | 31-Mar-2024 |
What is the future of bug bounty? | https://bevijaygupta.medium.com/what-is-the-future-of-bug-bounty-696f0a894130?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty, bug-zero, bugs, future-technology, future | 31-Mar-2024 |
13.26 Lab: Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and… | https://cyberw1ng.medium.com/13-26-lab-stored-xss-into-onclick-event-with-angle-brackets-and-double-quotes-html-encoded-and-4bde1cc39671?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-test, hacking, cybersecurity, careers | 31-Mar-2024 |
Shield your System — XZ Utils Backdoor (Linux Distribution) | https://infosecwriteups.com/shield-your-system-xz-utils-backdoor-linux-distribution-54583b071ccc?source=rss------bug_bounty-5 | Ethical Kaps | linux, cybersecurity, vulnerability, hacking, bug-bounty | 31-Mar-2024 |
“Unveiling a Stored XSS Vulnerability: Example.com Under the Spotlight” | https://medium.com/@mdnafeed3/unveiling-a-stored-xss-vulnerability-example-com-under-the-spotlight-37d0895cebca?source=rss------bug_bounty-5 | H4cker-Nafeed | bug-bounty, cybersecurity | 31-Mar-2024 |
#ERROR! | https://medium.com/@mdnafeed3/unveiling-a-stored-xss-vulnerability-example-com-under-the-spotlight-37d0895cebca?source=rss------bug_bounty-5 | H4cker-Nafeed | bug-bounty, cybersecurity | 31-Mar-2024 |
Best bug hunting methodology for EZ money | https://medium.com/@tom.sh/best-bug-hunting-methodology-for-ez-money-58b7fe928e6f?source=rss------bug_bounty-5 | Tom | hacking, money, bpp, methodology, bug-bounty | 30-Mar-2024 |
Advertisers able to identify individual consumers who visited their ads (Microsoft bug bounty) | https://medium.com/@avig2009/advertisers-able-to-identify-individual-consumers-who-visited-their-ads-microsoft-bug-bounty-a8bcb2d727f2?source=rss------bug_bounty-5 | hatich_hacker | microsoft, privacy, bug-bounty | 30-Mar-2024 |
13.25 Lab: Reflected XSS in canonical link tag | 2024 | https://cyberw1ng.medium.com/13-25-lab-reflected-xss-in-canonical-link-tag-2024-c4478a82b466?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, penetration-testing, bug-bounty, hacking, careers | 30-Mar-2024 |
A Journey into Unusual Header Injection | https://medium.com/@imusabkhan/a-journey-into-unusual-header-injection-693cc0ddecc6?source=rss------bug_bounty-5 | Mohammad Musab Khan | hackerone, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-hunting | 30-Mar-2024 |
Chain of Rate Limit Bypass and Weak Token Expiry Leads To Account Take Over | https://medium.com/@ozomarzu/chain-of-rate-limit-bypass-and-weak-token-expiry-leads-to-account-take-over-d9cddf598c9c?source=rss------bug_bounty-5 | CyberOz | bug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, hackerone | 30-Mar-2024 |
Email verification Bypass from P4 TO P2 | https://medium.com/@akrachliy/email-verification-bypass-from-p4-to-p2-50fa3dde8e5f?source=rss------bug_bounty-5 | Yassine Akrachli | hacking, cybersecurity, bug-bounty, ethical-hacking, bugcrowd | 30-Mar-2024 |
Web Request | https://medium.com/@mirackucuk595/web-request-ea237118e259?source=rss------bug_bounty-5 | Miraç Küçük | http-request, curl, https, bug-bounty, webrequest | 30-Mar-2024 |
Kioptrix Level 1 Walkthrough | https://erdemstar.medium.com/kioptrix-level-1-walkthrough-6e985fbd0dc7?source=rss------bug_bounty-5 | Erdemstar | oscp, application-security, bug-bounty-tips, bug-bounty, penetration-testing | 30-Mar-2024 |
1200 $ Email verification Bypass from P4 TO P2 | https://medium.com/@akrachliy/email-verification-bypass-from-p4-to-p2-50fa3dde8e5f?source=rss------bug_bounty-5 | Yassine Akrachli | hacking, cybersecurity, bug-bounty, ethical-hacking, bugcrowd | 30-Mar-2024 |
How i found Multiple IDOR | https://medium.com/@hillrane24/how-i-found-multiple-idor-ab52815b375a?source=rss------bug_bounty-5 | NIKHIL RANE | idor-vulnerability, bug-bounty | 30-Mar-2024 |
YouTube Growth Hacking | https://sanparatama.medium.com/youtube-growth-hacking-a94457f04789?source=rss------bug_bounty-5 | Sanjaya paratama | web-development, bug-bounty, hacking, hacking-tools, cybersecurity | 29-Mar-2024 |
The Future of Internet Security and Artificial Intelligence and Cyber Security Jobs | https://python.plainenglish.io/the-future-of-internet-security-and-artificial-intelligence-and-cyber-security-jobs-528b4c340cf9?source=rss------bug_bounty-5 | Imran Niaz | xss-attack, hacking, programming, ai, bug-bounty | 29-Mar-2024 |
[Walkthrough] Mobile Hacking Lab — Secure Note | https://medium.com/@karimul.sh/walkthrough-mobile-hacking-lab-secure-note-eeb4af20e01b?source=rss------bug_bounty-5 | Md.Karimul Islam Shezan | walkthrough, android-app-security, bug-bounty, reverse-engineering, ctf | 29-Mar-2024 |
AutoLayer Bug Bounty Program: Full Information Release | https://autolayer.medium.com/autolayer-bug-bounty-program-full-information-release-d5de0bab972e?source=rss------bug_bounty-5 | AutoLayer | defi, bug-bounty | 29-Mar-2024 |
Web Security Short Series — CSRF. | https://medium.com/@frankyyano/web-security-short-series-csrf-4cdf6f936773?source=rss------bug_bounty-5 | Yano. | csrf, appsec, owasp, bug-bounty, oscp | 29-Mar-2024 |
How to learn Game Hacking? Recourse Compilation! | https://medium.com/@yannik603/how-to-learn-game-hacking-recourse-compilation-1c5d2807a7cb?source=rss------bug_bounty-5 | Yannik | reverse-engineering, bug-bounty, malware-analysis, gamehacking, coding | 29-Mar-2024 |
Unhiding the hidden 401 Bypass | https://medium.com/@Xt3sY/unhiding-the-hidden-401-bypass-10f48c67b50d?source=rss------bug_bounty-5 | Pushkar Bhagat | bug-bounty, hacking, bug-bounty-tips | 29-Mar-2024 |
13.24 Lab: Reflected XSS with some SVG markup allowed | 2024 | https://cyberw1ng.medium.com/13-24-lab-reflected-xss-with-some-svg-markup-allowed-2024-78279b906ec2?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, cybersecurity, penetration-testing, careers | 29-Mar-2024 |
How to learn Game Hacking? Recourse Compilation! | https://medium.com/@yannik603/how-to-learn-game-hacking-recourse-compilation-1c5d2807a7cb?source=rss------bug_bounty-5 | Yannik Castro | reverse-engineering, bug-bounty, malware-analysis, gamehacking, coding | 29-Mar-2024 |
Yara Rules ✌︎ For Something ☠︎ | https://medium.com/@haticezkmnl/yara-rules-%EF%B8%8E-for-something-%EF%B8%8E-0164b38e3ddd?source=rss------bug_bounty-5 | Hatice Zehra Kamanlı | cybersecurity, python, security, rules, bug-bounty | 29-Mar-2024 |
How to install drozer with docker | https://medium.com/@nomad8061/hello-geeks-e8d0f62b22a1?source=rss------bug_bounty-5 | Ahmed Badry | bug-bounty | 29-Mar-2024 |
✌︎ Yara Rules ✌︎ For Something ☠︎ | https://medium.com/@haticezkmnl/yara-rules-%EF%B8%8E-for-something-%EF%B8%8E-0164b38e3ddd?source=rss------bug_bounty-5 | Hatice Zehra Kamanlı | cybersecurity, python, security, rules, bug-bounty | 29-Mar-2024 |
13.23 Lab: Reflected XSS into HTML context with most tags and attributes blocked | 2024 | https://cyberw1ng.medium.com/13-23-lab-reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-2024-63d649c6cc2c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, hacking, penetration-testing, cybersecurity | 28-Mar-2024 |
Bug Bounty Recon At Its Easiest with Netlas.io | https://medium.com/@omarora1603/bug-bounty-recon-at-its-easiest-with-netlas-io-d313ae0f1c09?source=rss------bug_bounty-5 | Om Arora | infosec, cybersecurity, bug-bounty, bug-bounty-tips, hacking | 28-Mar-2024 |
Bypassing 403 Protection To Get Admin Access | https://rajput623929.medium.com/bypassing-403-protection-to-get-admin-access-d7c9d0560e5c?source=rss------bug_bounty-5 | Mr.Horbio | 403-forbidden, bug-bounty-tips, cybersecurity, ethical-hacking, bug-bounty | 28-Mar-2024 |
How to become a bug bounty hunter | https://bevijaygupta.medium.com/how-to-become-a-bug-bounty-hunter-c607bb7de595?source=rss------bug_bounty-5 | Vijay Gupta | bug-zero, bug-bounty, bugs, bug-bounty-tips, bug-fixes | 28-Mar-2024 |
OAuth Hijacking leads to account takeover | https://medium.com/@iknowhatodo/oauth-hijacking-leads-to-account-takeover-a051bdb5e9f0?source=rss------bug_bounty-5 | Hossam Ahmed | bug-bounty, oauth | 28-Mar-2024 |
How I Hacked Your Private Repository in GitHub (And Got JackShit) | https://medium.com/@reuveinas/how-i-hacked-your-private-repository-in-github-and-got-jackshit-cb7c342570b2?source=rss------bug_bounty-5 | Reuvein Vinokurov (CTO:UNIXi) - https://unixi.io/ | microsoft, bug-bounty, github, security, cybersecurity | 28-Mar-2024 |
How to write a Walkthrough | https://bevijaygupta.medium.com/how-to-write-a-walkthrough-23eee7f6777c?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-writeup, bug-bounty-tips, bug-bounty, walkthroughwednesday, walkthrough | 28-Mar-2024 |
Unveiling all techniques to find IDOR’S in web applications | https://adipsharif.medium.com/unveiling-all-techniques-to-find-idors-in-web-applications-578d2b8aa28a?source=rss------bug_bounty-5 | ADIP | bug-bounty-tips, bug-bounty, pentesting, penetration-testing, bug-bounty-writeup | 28-Mar-2024 |
IDOR’a Giriş | https://medium.com/@mirackucuk595/idora-giri%C5%9F-23c22a5ae24f?source=rss------bug_bounty-5 | Miraç Küçük | hack-the-box-writeup, burpsuite, idor-vulnerability, bug-bounty | 28-Mar-2024 |
Risks of Software Dependencies AKA Toxic Dependencies | https://bytebusterx.medium.com/risks-of-software-dependencies-aka-toxic-dependencies-0a38150cf5ce?source=rss------bug_bounty-5 | ByteBusterX | bug-bounty, hacking, infosec, vulnerability, cybersecurity | 28-Mar-2024 |
Penetration Testing Tools | https://bevijaygupta.medium.com/penetration-testing-tools-b4c8ad807114?source=rss------bug_bounty-5 | Vijay Gupta | penetration-testing-tools, pentesting, hacking, bug-bounty, penetration-testing | 28-Mar-2024 |
Stargazing Risks: Exploring the Data Breach that Exposed NASA Employees’ PII | https://interc3pt3r.medium.com/stargazing-risks-exploring-the-data-breach-that-exposed-nasa-employees-pii-68692cf7a5e9?source=rss------bug_bounty-5 | Aneesha D | bug-bounty-writeup, cybersecurity, hacking, security, bug-bounty | 28-Mar-2024 |
Finding Bug DMRC Reflected Xss and HTML Injection | https://medium.com/@abhishekaswal777/finding-bug-dmrc-reflected-xss-and-html-injection-fe4361a1db60?source=rss------bug_bounty-5 | Abhishekaswal | bugs, poc, bug-bounty, bug-bounty-tips, hackerone | 28-Mar-2024 |
Annonforce — Tryhackme Walkthrough Easy Self-made | https://medium.com/@shaswata.ssaha/annonforce-tryhackme-walkthrough-easy-self-made-f45c3a6f3e96?source=rss------bug_bounty-5 | Shaswata Saha | tryhackme, security, anonforce, bug-bounty, ctf | 28-Mar-2024 |
Polyglot Files: The Cybersecurity Chameleon Threat | https://infosecwriteups.com/polyglot-files-the-cybersecurity-chameleon-threat-29890e382b59?source=rss------bug_bounty-5 | ElNiak | polyglot, cybersecurity, obfuscation, bug-bounty, penetration-testing | 27-Mar-2024 |
Hackerone提现人民币 | https://medium.com/@dem0ns/hackerone%E6%8F%90%E7%8E%B0%E4%BA%BA%E6%B0%91%E5%B8%81-a3e907fefce1?source=rss------bug_bounty-5 | 猫猫虫 | hackerone, bug-bounty, 外汇 | 27-Mar-2024 |
Mistakes To Avoid in Your Bug Bounty Career- Part 2 | https://medium.com/@Ajakcybersecurity/mistakes-to-avoid-in-your-bug-bounty-career-part-2-9da1c77788ea?source=rss------bug_bounty-5 | AjakCybersecurity | hacking, bug-bounty, penetration-testing, blog, cybersecurity | 27-Mar-2024 |
13.22 Lab: Stored DOM XSS | 2024 | https://cyberw1ng.medium.com/13-22-lab-stored-dom-xss-2024-344ec753599a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, penetration-testing, hacking, careers | 27-Mar-2024 |
HACKING WORDPRESS | https://medium.com/@mirackucuk595/hacking-wordpress-ac9ee6447045?source=rss------bug_bounty-5 | Miraç Küçük | wpscan, wordpress-hacked, hack-the-box-writeup, hacking, bug-bounty | 27-Mar-2024 |
SSLStripping | https://bytebusterx.medium.com/sslstripping-e81dc95d6fab?source=rss------bug_bounty-5 | ByteBusterX | infosec, cybersecurity, vulnerability, hacking, bug-bounty | 27-Mar-2024 |
HTTP Verb Tampering 101 in Web Applications (Identify Exploit Prevention) | https://adipsharif.medium.com/http-verb-tampering-101-in-web-applications-identify-exploit-prevention-3389258b6b93?source=rss------bug_bounty-5 | ADIP | infosec, penetration-testing, bug-bounty, pentesting, information-security | 27-Mar-2024 |
Hacking the Giant: Got XSS on Google’s Product | https://adipsharif.medium.com/got-xss-on-googles-product-a4c79be8adbb?source=rss------bug_bounty-5 | ADIP | infosec, information-security, pentesting, bug-bounty, penetration-testing | 27-Mar-2024 |
Bug Bounty Isn’t A Scam Here’s Why | https://medium.com/@benbencsik/bug-bounty-isnt-a-scam-here-s-why-751547bd8531?source=rss------bug_bounty-5 | Ben Bencsik | bug-bounty, computers, infosec, cybersecurity, technology | 27-Mar-2024 |
Hacking the Giant: XSS on Google | https://adipsharif.medium.com/got-xss-on-googles-product-a4c79be8adbb?source=rss------bug_bounty-5 | ADIP | infosec, information-security, pentesting, bug-bounty, penetration-testing | 27-Mar-2024 |
Fristileaks 1.3 Walkthrough | https://erdemstar.medium.com/fristileaks-1-3-walkthrough-a6b962385752?source=rss------bug_bounty-5 | Erdemstar | oscp, vulnhub-walkthrough, penetration-testing, bug-bounty, oscp-preparation | 27-Mar-2024 |
Web Application Hacking Required Reading | https://hogarth45.medium.com/web-application-hacking-required-reading-0d2f046db191?source=rss------bug_bounty-5 | Jess | bug-bounty, web-development, security | 27-Mar-2024 |
Why am I starting to hate Bug Bounty? | https://systemweakness.com/why-am-i-starting-to-hate-bug-bounty-1f075fc96978?source=rss------bug_bounty-5 | Imad Husanovic | hacking, cybersecurity, programming, bug-bounty, bug-bounty-tips | 27-Mar-2024 |
Bug Bounty Isn’t A Scam Here’s Why | https://medium.com/@detroiton421094/bug-bounty-isnt-a-scam-here-s-why-751547bd8531?source=rss------bug_bounty-5 | Ben Bencsik | bug-bounty, computers, infosec, cybersecurity, technology | 27-Mar-2024 |
RXSS Vulnerability in Less Than 10 Minutes on India’s Premier Travel Site | https://medium.com/@nilkhant30/rxss-vulnerability-in-less-than-10-minutes-on-indias-premier-travel-site-5b15ebb91d17?source=rss------bug_bounty-5 | I AM Raja | bug-bounty, cybersecurity, cyber-security-awareness, hacking, xss-vulnerability | 26-Mar-2024 |
This skill is called ‘Early…’ in Software Testing | https://medium.com/software-testing-and-automation/this-skill-is-called-early-in-software-testing-75cd641bfa93?source=rss------bug_bounty-5 | Temitope | software-testing, quality-assurance, communication, bug-bounty, software-development | 26-Mar-2024 |
HackGATE: Bug Bounty Program on steroids | https://medium.com/@levente.b.molnar/hackgate-bug-bounty-program-on-steroids-cef50ae2f759?source=rss------bug_bounty-5 | Hackrate | hacking, ethical-hacking, cybersecurity, bug-bounty, penetration-testing | 26-Mar-2024 |
Exploring Cybersecurity with ZoomEye: A Review of the Premium Lifetime Membership | https://medium.com/@kenilalexandra07/exploring-cybersecurity-with-zoomeye-a-review-of-the-premium-lifetime-membership-f301a474bf88?source=rss------bug_bounty-5 | Kenilalexandra | bug-bounty, shodan, bugbounting, zoomeye, security | 26-Mar-2024 |
How To Use AI And Nuclei To Make Money While You Sleep — Bug Bounty Tuesday | https://medium.com/@kerstan/how-to-use-ai-and-nuclei-to-make-money-while-you-sleep-bug-bounty-tuesday-4d9e584e6553?source=rss------bug_bounty-5 | kerstan | hacking, security, cybersecurity, bug-bounty, technology | 26-Mar-2024 |
13.21 Lab: Reflected DOM XSS | 2024 | https://cyberw1ng.medium.com/13-21-lab-reflected-dom-xss-2024-78cacc8fa1e7?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, hacking, bug-bounty, penetration-testing, careers | 26-Mar-2024 |
Bug Bounty Programs for Beginners | https://bevijaygupta.medium.com/bug-bounty-programs-for-beginners-fccc755957d9?source=rss------bug_bounty-5 | Vijay Gupta | cybersecurity, bug-bounty-hunter, bug-bounty, bugbounty-writeup, bug-bounty-tips | 26-Mar-2024 |
Account takeover through password reset functionality | https://rewscel.medium.com/account-takeover-through-password-reset-functionality-af07636db302?source=rss------bug_bounty-5 | rewscel | bug-bounty | 26-Mar-2024 |
FFUF İLE WEB UYGULAMALARINA SALDIRMAK | https://medium.com/@mirackucuk595/ffuf-i%CC%87le-web-uygulamalarina-saldirmak-89805e47e145?source=rss------bug_bounty-5 | Miraç Küçük | subdomain, bug-bounty, ffuf, brute-force, hack-the-box-writeup | 26-Mar-2024 |
What is Cross-Site Scripting (XSS)? | https://medium.com/@bbhuntersa/cross-site-scripting-xss-b5d374fa6e43?source=rss------bug_bounty-5 | BBHUNTER | xss-vulnerability, cross-site-scripting, bug-bounty, xss-attack | 26-Mar-2024 |
Exploiting Post Reflected XSS via CSRF : Real world bug | https://medium.com/@Rahulkrishnan_R_Panicker/exploiting-post-reflected-xss-via-csrf-real-world-bug-f374afeb081e?source=rss------bug_bounty-5 | Rahulkrishnan R Panicker | xss-attack, hacking, bug-bounty, csrf, web-development | 25-Mar-2024 |
Zero Interaction Mass Account Password Reset Vulnerability | https://medium.com/@manan_sanghvi/zero-interaction-mass-account-password-reset-vulnerability-86b87098e3ae?source=rss------bug_bounty-5 | Manan Sanghvi | penetration-testing, ethical-hacking, bug-bounty, vulnerability, cybersecurity | 25-Mar-2024 |
XSS module HTB academy CBBH path | https://medium.com/@mohammed01550038865/xss-module-htb-academy-cbbh-path-dc3ac4810087?source=rss------bug_bounty-5 | Muhammed Mubarak | bug-bounty, htb-academy-writeup, xss-vulnerability | 25-Mar-2024 |
Reverse Engineering Sitecore Vulnerabilities-2 | https://medium.com/@nilayp799/reverse-engineering-sitecore-vulnerabilities-2-dcf45a501894?source=rss------bug_bounty-5 | Nilay Patel | sitecore, vulnerability, bug-bounty, automation, hacking | 25-Mar-2024 |
13.20 Lab: DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded |… | https://cyberw1ng.medium.com/13-20-lab-dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-7966911c58f4?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, hacking, bug-bounty, penetration-testing | 25-Mar-2024 |
Burp Suite — ¿Confiar o no en Project Files? | https://medium.com/@ArtsSEC/burp-suite-confiar-o-no-en-project-files-de5fa145f4a5?source=rss------bug_bounty-5 | ArtsSEC | hacking, burpsuite, infosec, pentesting, bug-bounty | 25-Mar-2024 |
COMMAND INJECTIONS | https://medium.com/@mirackucuk595/command-injections-9ef2aef0fa97?source=rss------bug_bounty-5 | Miraç Küçük | command-injection, bug-bounty, hackthebox, burpsuite, injection | 25-Mar-2024 |
Unveiling Homoglyph: Silent Culprit of User-Level DOS Attacks | https://medium.com/@imusabkhan/unveiling-homoglyph-silent-culprit-of-user-level-dos-attacks-86a0576bca3a?source=rss------bug_bounty-5 | Mohammad Musab Khan | bug-hunting, hackerone, bug-bounty, bugcrowd, bug-bounty-tips | 25-Mar-2024 |
[Account Take Over] through reset password token leaked in response, 2500 € Reward | https://infosecwriteups.com/account-take-over-through-reset-password-token-leaked-in-response-2500-reward-b643f97a7c67?source=rss------bug_bounty-5 | jedus0r | bug-bounty-hunter, security-research, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 25-Mar-2024 |
How I found Account Takeover by changing email address | https://medium.com/@mohddanish9536/how-i-found-account-takeover-by-changing-email-address-b0dc213e2df3?source=rss------bug_bounty-5 | Mohd Danish | bug-bounty, cybersecurity, bugs | 24-Mar-2024 |
13.19 Lab: DOM XSS in document.write | https://cyberw1ng.medium.com/13-19-lab-dom-xss-in-document-write-dddced06def8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, penetration-testing, bug-bounty, careers, hacking | 24-Mar-2024 |
HTTP Verb Tampering | https://medium.com/@mirackucuk595/http-verb-tampering-4505d6491c95?source=rss------bug_bounty-5 | Miraç Küçük | web-attack, http-request, command-injection, bug-bounty, burpsuite | 24-Mar-2024 |
How to get started in Bug Bounty in 2024! | https://medium.com/@FoxxCB/how-to-get-started-in-bug-bounty-in-2024-708754094de9?source=rss------bug_bounty-5 | Foxx C-B | hacking, infosec, bug-bounty, cybersecurity, ethical-hacking | 24-Mar-2024 |
Cloudflare WAF Hunting | https://medium.com/@Device1306/cloudflare-waf-hunting-e878588488c8?source=rss------bug_bounty-5 | Device1306 | research, bug-bounty-tips, hacking, burpsuite, bug-bounty | 24-Mar-2024 |
Cookie Theft Deep Dive | https://cyberbull.medium.com/cookie-theft-deep-dive-3fe6d6be2d60?source=rss------bug_bounty-5 | Aditya Pandey | bug-bounty, information-technology, ethical-hacking, security, cybersecurity | 23-Mar-2024 |
A list of Bug Bounty/Crowdsourced Security Platforms: | https://medium.com/@mashunter/a-list-of-bug-bounty-crowdsourced-security-platforms-15ecd2ab6d4a?source=rss------bug_bounty-5 | MAS Hunter | bug-bounty-program, bug-bounty, hacker, pentest | 23-Mar-2024 |
Hacking the Giant: How I Discovered Google’s Vulnerability and Hall of Fame Recognition | https://medium.com/@hncaga/hacking-the-giant-how-i-discovered-googles-vulnerability-and-hall-of-fame-recognition-694a9c18684a?source=rss------bug_bounty-5 | Henry N. Caga (hncaga) | bug-bounty, vulnerability, google, xs, hacking | 23-Mar-2024 |
hello | https://medium.com/@r.paulopereira123/hello-80ea07cbc757?source=rss------bug_bounty-5 | bretsadlea | hacking, ethical-hacking, bug-hunter, bug-bounty | 23-Mar-2024 |
Edge-Side Includes (ESI) Injection In Web Applications | https://adipsharif.medium.com/edge-side-includes-esi-injection-in-web-applications-2630139b6c19?source=rss------bug_bounty-5 | ADIP | pentesting, bug-bounty-tips, infosec, information-security, bug-bounty | 23-Mar-2024 |
SSI Injection In web applications with a (exploitation example) | https://adipsharif.medium.com/techniques-of-finding-ssi-injection-in-web-applications-with-a-exploitation-example-cad960f3d791?source=rss------bug_bounty-5 | ADIP | bug-bounty-tips, penetration-testing, information-security, bug-bounty, infosec | 23-Mar-2024 |
Beyond RAM and ROM: IDOR Leads to Unauthenticated File Upload Vulnerability in Indian Government… | https://systemweakness.com/beyond-ram-and-rom-idor-leads-to-unauthenticated-file-upload-vulnerability-in-indian-government-51efb80bcf50?source=rss------bug_bounty-5 | Vedavyasan S (@ved4vyasan) | bug-bounty, bug-bounty-tips, hacking, cybersecurity, bugs | 23-Mar-2024 |
1500$: CR/LF Injection | https://medium.com/@a13h1/1500-cr-lf-injection-0d2a75f02ef3?source=rss------bug_bounty-5 | Abhi Sharma | programming, hacking, cybersecurity, bug-bounty, crlf-injection | 23-Mar-2024 |
Web Security Short Series — XXE | https://medium.com/@frankyyano/web-security-short-series-xxe-64492ed1d893?source=rss------bug_bounty-5 | Yano. | xxe, bug-bounty, xml, oscp, appsec | 23-Mar-2024 |
TEXAS BUG SWEEPS 65,000 BUGS DETECTED | https://medium.com/@siddiquiasad2299/texas-bug-sweeps-65-000-bugs-detected-a00ae73014b6?source=rss------bug_bounty-5 | Asad Siddiqui | texas-bug-sweeps, bug-sweep, bug-bounty, bug-detection | 23-Mar-2024 |
How i get my bounty $$$ in YesWehack within 5mins? | https://medium.com/@hacdoc/how-i-get-my-bounty-in-yeswehack-within-5mins-16706bb827e0?source=rss------bug_bounty-5 | ஜெய் | hacking, cybersecurity, s3, bug-bounty, amazon | 23-Mar-2024 |
How we can check the Security Provider in Android applications during Pentesting (The Offensive… | https://adipsharif.medium.com/how-we-can-check-the-security-provider-in-android-applications-during-pentesting-the-offensive-87c411c5d7ac?source=rss------bug_bounty-5 | ADIP | pentesting, android-app-development, androiddev, android, bug-bounty | 23-Mar-2024 |
13.18 Lab: DOM XSS in jQuery selector sink using a hashchange event | 2024 | https://cyberw1ng.medium.com/13-18-lab-dom-xss-in-jquery-selector-sink-using-a-hashchange-event-2024-e990fc2ae28f?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, cybersecurity, penetration-testing, bug-bounty | 23-Mar-2024 |
How To Test Data Encryption on the Network During Android Pentesting | https://adipsharif.medium.com/how-to-test-data-encryption-on-the-network-during-android-pentesting-0b9d3407068f?source=rss------bug_bounty-5 | ADIP | infosec-write-ups, info-sec-writeups, pentesting, information-security, bug-bounty | 23-Mar-2024 |
Attacking XSLT in Web Applications | https://adipsharif.medium.com/attacking-xslt-in-web-applications-ea538a8fb9d0?source=rss------bug_bounty-5 | ADIP | pentesting, information-security, bug-bounty-writeup, bug-bounty, infosec | 23-Mar-2024 |
SSTI Exploitation Part III In Web Applications (with exploitation example) | https://adipsharif.medium.com/ssti-exploitation-part-iii-in-web-applications-with-exploitation-example-6856b89b0efb?source=rss------bug_bounty-5 | ADIP | penetration-testing, infosec, bug-bounty-tips, information-security, bug-bounty | 23-Mar-2024 |
FILE UPLOAD ATTACKS | https://medium.com/@mirackucuk595/file-upload-attacks-e5175a653d32?source=rss------bug_bounty-5 | Miraç Küçük | web-attack, file-upload, bug-bounty, https, burpsuite | 23-Mar-2024 |
SSTI Exploitation Part II In Web Applications (with exploitation example) | https://adipsharif.medium.com/ssti-exploitation-part-ii-in-web-applications-with-exploitation-example-490192e7e966?source=rss------bug_bounty-5 | ADIP | information-security, pentesting, penetration-testing, bug-bounty, infosec | 23-Mar-2024 |
Bruteforce Website Login Form Using Hydra And Crunch | https://medium.com/@OthmaneAitBouftass/bruteforce-attack-using-hydra-and-crunch-8b48ea9e36ce?source=rss------bug_bounty-5 | Othmane Ait Bouftass | cybersecurity, bug-bounty, penetration-testing, hacking, ethical-hacking | 23-Mar-2024 |
Making money only using AI [Free Course] | https://medium.com/@deadoverflow/making-money-only-using-ai-free-course-e7c51d33fee1?source=rss------bug_bounty-5 | Imad Husanovic | web-development, hacking, ai, bug-bounty, programming | 22-Mar-2024 |
Unveiling Admin Panels: A Bug Bounty Hunter’s Guide | https://medium.com/@dasmanish6176/unveiling-admin-panels-a-bug-bounty-hunters-guide-6e713ae18b2c?source=rss------bug_bounty-5 | Dasmanish | bug-bounty, infosec, ethical-hacking, cybersecurity | 22-Mar-2024 |
13.17 Lab: Stored XSS into anchor href attribute with double quotes HTML-encoded | 2024 | https://cyberw1ng.medium.com/13-17-lab-stored-xss-into-anchor-href-attribute-with-double-quotes-html-encoded-2024-ebbe53b33015?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, hacking, penetration-testing, cybersecurity | 22-Mar-2024 |
AutoLayer is Starting a Bug Bounty Program | https://autolayer.medium.com/autolayer-is-starting-a-bug-bounty-program-dfb59584a0ee?source=rss------bug_bounty-5 | AutoLayer | crypto, defi, bug-bounty | 22-Mar-2024 |
Unveiling The Techniques Of Finding Blind & Time based SSRF In Web Applications (with a… | https://adipsharif.medium.com/unveiling-the-techniques-of-finding-blind-ssrf-in-web-applications-with-a-exploitation-example-9e36a78ccca6?source=rss------bug_bounty-5 | ADIP | bug-bounty-tips, bug-bounty, information-security, pentesting, penetration-testing | 22-Mar-2024 |
5 Advanced Ways I Test For File Upload Vulnerabilities | https://medium.com/@red.whisperer/5-advanced-ways-i-test-for-file-upload-vulnerabilities-5b01358f87d1?source=rss------bug_bounty-5 | RedPanda | bug-bounty, infosec, red-team, hacking | 22-Mar-2024 |
Understanding Subdomain Squatting | https://bytebusterx.medium.com/understanding-subdomain-squatting-9d61f8c432fc?source=rss------bug_bounty-5 | ByteBusterX | hacking, infosec, cybersecurity, bug-bounty, cyberattack | 22-Mar-2024 |
How i found my first 318.39$ bugs! | https://cyberbh.medium.com/how-i-found-my-first-318-39-bugs-10ccd2379320?source=rss------bug_bounty-5 | Msecurity BH | bug-bounty, information-exposure, penetration-testing, security-misconfiguration, api | 22-Mar-2024 |
Unveiling The Techniques Of Testing Endpoint Identify Verification In Android Applications | https://adipsharif.medium.com/unveiling-the-techniques-of-testing-endpoint-identify-verification-in-android-applications-2a8186091296?source=rss------bug_bounty-5 | ADIP | information-security, bug-bounty, android-app-development, penetration-testing, pentesting | 22-Mar-2024 |
ABUSING HTTP MISCONFIGURATIONS (HTTP YANLIŞ YAPILANDIRMALARININ KÖTÜYE KULLANILMASI) | https://medium.com/@mirackucuk595/abusing-http-misconfigurations-http-yanli%C5%9F-yapilandirmalarinin-k%C3%B6t%C3%BCye-kullanilmasi-2ebbf38b2622?source=rss------bug_bounty-5 | Miraç Küçük | https, burpsuite, bug-bounty, web-attack, http-request | 22-Mar-2024 |
Javascript deobfuscation the easy way | https://medium.com/@jad2121/javascript-deobfuscation-the-easy-way-637d7e9b2952?source=rss------bug_bounty-5 | JD | bug-bounty, bug-bounty-tips, javascript-obfuscate | 22-Mar-2024 |
Unveiling the One-Click Account Takeover: It Started with an Innocent Open Redirect | https://medium.com/@hmuhamm3d/unveiling-the-one-click-account-takeover-it-started-with-an-innocent-open-redirect-9f4942ddf03f?source=rss------bug_bounty-5 | Hassaan Mohamed | bug-bounty, bug-bounty-hunter, account-takeover, bugbounty-writeup, bug-bounty-tips | 22-Mar-2024 |
Critical Vulnerability in PostgreSQL JDBC Driver — Understanding CVE-2024–1597 | https://shubhamrooter.medium.com/critical-vulnerability-in-postgresql-jdbc-driver-understanding-cve-2024-1597-81ac202c295e?source=rss------bug_bounty-5 | Shubham Tiwari | bug-bounty, cybersecurity, jdbc-driver, postgresql, cve-2024-1597 | 21-Mar-2024 |
Digital Goldmine: Innovative Ways to Make Money Online in 2024 | https://medium.com/@thewriterdude/digital-goldmine-innovative-ways-to-make-money-online-in-2024-c7d33d655535?source=rss------bug_bounty-5 | Thewriterdude | business, bug-bounty, artificial-intelligence, 100-followers, blockchain | 21-Mar-2024 |
User information disclosure via message reactions | https://melguerdawi.medium.com/user-information-disclosure-via-message-reactions-1576a6b0f236?source=rss------bug_bounty-5 | Mostafa Elguerdawi | bug-bounty, bug-bounty-tips | 21-Mar-2024 |
Major Update for Attack Surface Discovery tool | https://netlas.medium.com/major-update-for-attack-surface-discovery-tool-4ed4f1bc80fb?source=rss------bug_bounty-5 | Netlas.io | bug-bounty, penetration-testing, cybersecurity, reconnaissance, osint | 21-Mar-2024 |
Vulnerability Disclosure vs Bug Bounty: What’s the difference and why it matters | https://medium.com/@levente.b.molnar/vulnerability-disclosure-vs-bug-bounty-whats-the-difference-and-why-it-matters-ce99be906b1c?source=rss------bug_bounty-5 | Hackrate | bug-bounty, security, vulnerability-disclosure, cybersecurity, penetration-testing | 21-Mar-2024 |
Best Practices for Web3 Bug Bounty Programs | https://medium.com/@auditone.io/best-practices-for-web3-bug-bounty-programs-e333992aee9f?source=rss------bug_bounty-5 | AuditOne | auditing-services, web3, bug-bounty-tips, bug-bounty, audit | 21-Mar-2024 |
Unveiling The Techniques Of Finding Server-Side Request Forgery (SSRF) In Web Applications (with a… | https://adipsharif.medium.com/unveiling-the-techniques-of-finding-server-side-request-forgery-ssrf-in-web-applications-with-a-2ac1dd20ef87?source=rss------bug_bounty-5 | ADIP | pentesting, bug-bounty, information-security, bug-bounty-tips, cybersecurity | 21-Mar-2024 |
urit13.16 Lab: DOM XSS in jQuery anchor href attribute sink using location.search source | 2024 | https://cyberw1ng.medium.com/urit13-16-lab-dom-xss-in-jquery-anchor-href-attribute-sink-using-location-search-source-2024-8f8df8703aef?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, cybersecurity, hacking, penetration-testing | 21-Mar-2024 |
Buy Any Movie Tickets for Just Rs 10 (IDOR Vulnerability) | https://medium.com/@sahilkushwaha275/buy-any-movie-tickets-for-just-rs-10-idor-vulnerability-670d03a45def?source=rss------bug_bounty-5 | S33NU | bugs, idor-vulnerability, bug-bounty, technology, cybersecurity | 21-Mar-2024 |
How I found my first DOM based XSS | https://medium.com/@jsamia/how-i-found-my-first-dom-based-xss-a79f342d50d6?source=rss------bug_bounty-5 | Jaeden Samia | bug-bounty, ethical-hacking, security, vulnerability | 21-Mar-2024 |
Automate XSS With These 3 Simple Tools | https://medium.com/@Ajakcybersecurity/automate-xss-with-these-3-simple-tools-e0dcc89c06d0?source=rss------bug_bounty-5 | AjakCybersecurity | penetration-testing, cybersecurity, hacking, bug-bounty, xss-attack | 21-Mar-2024 |
Frida Use Cases and Examples | https://medium.com/@prinsharma1999/frida-use-cases-and-examples-984f9a2ddc69?source=rss------bug_bounty-5 | Prinsharma | bug-bounty, bug-bounty-tips, hacking, pentest, infosec | 21-Mar-2024 |
403 Forbidden Bypass Exposing API Key | https://medium.com/@georgeppmc/403-forbidden-bypass-exposing-api-key-b5c9df9daeb3?source=rss------bug_bounty-5 | George Torres | cybersecurity, bug-bounty | 21-Mar-2024 |
A Tester's Journey Through Test Automation and Practical Scenarios. | https://medium.com/@tomiwaodufote/a-testers-journey-through-test-automation-and-practical-scenarios-dfb9f7074062?source=rss------bug_bounty-5 | Tomiwa | remote-work, test-automation, bug-bounty, testing, software-engineering | 20-Mar-2024 |
Reflected XSS To Account Takeover Without Stealing Session Cookie | https://medium.com/@rifqihz/reflected-xss-to-account-takeover-without-stealing-session-cookie-89c6ed62a3e4?source=rss------bug_bounty-5 | Rifqi Hilmy Zhafrant | xs, hackerone, bug-bounty | 20-Mar-2024 |
ABUSING HTTP MISCONFIGURATIONS (HTTP YANLIŞ YAPILANDIRMALARININ KÖTÜYE KULLANILMASI) | https://medium.com/@mirackucuk595/abusing-http-misconfigurations-http-yanli%C5%9F-yapilandirmalarinin-k%C3%B6t%C3%BCye-kullanilmasi-428333a3ddc6?source=rss------bug_bounty-5 | Miraç Küçük | burpsuite, web-attack, https, bug-bounty, web-cache | 20-Mar-2024 |
The Art of Debugging: Tips and Tricks for Finding the Root Cause of Bugs | https://medium.com/@securelearn/the-art-of-debugging-tips-and-tricks-for-finding-the-root-cause-of-bugs-c1d9e4b9e04a?source=rss------bug_bounty-5 | Rohan Giri | debugging, bug-finding, bug-bounty-tips, bug-bounty | 20-Mar-2024 |
H@ppy H@cking Psychomong | https://medium.com/@psychomong/h-ppy-h-cking-psychomong-335f9049aca9?source=rss------bug_bounty-5 | psychomong | cyber, cybersecurity, bug-bounty-tips, bug-bounty, bugs | 20-Mar-2024 |
Recon With AI | https://medium.com/@patidarbhuwan44/recon-with-ai-c211623604e8?source=rss------bug_bounty-5 | Bhuwan Patidar | bug-bounty, recon, reconnaissance, bug-bounty-tips | 20-Mar-2024 |
Reflected XSS with some SVG markup allowed | https://medium.com/@ebrahimelsayed4457/reflected-xss-with-some-svg-markup-allowed-74851ff591d5?source=rss------bug_bounty-5 | Ebrahim El-Sayed | cybersecurity, bug-bounty, portswigger, xss-attack, penetration-testing | 20-Mar-2024 |
$200 Business Logic Blunder In Sole Source Project | https://medium.com/@_0jatin0_/200-business-logic-blunder-in-sole-source-project-99a7bbe0d2f0?source=rss------bug_bounty-5 | Jatin_Chudasama | bug-bounty-writeup, logic-flaw, bug-bounty | 20-Mar-2024 |
The Art Of Probing Memory for Sensitive Data In Android Applications (The Offensive Security Way) | https://medium.com/@adipsharif/the-art-of-probing-memory-for-sensitive-data-in-android-applications-the-offensive-security-way-6aca19ce522f?source=rss------bug_bounty-5 | ADIP | bug-bounty, penetration-testing, information-security, cybersecurity, infosec | 20-Mar-2024 |
Why Bug Bounty is Trending? | https://medium.com/@shivyanshi.shukla/why-bug-bounty-is-trending-c981e7c28423?source=rss------bug_bounty-5 | Shivyanshi shukla | bug-bounty, cybersecurity | 20-Mar-2024 |
IDOR to make comment in user’s private posts | https://medium.com/@youssifm.raghib/idor-to-make-comment-in-users-private-posts-47d13b843c32?source=rss------bug_bounty-5 | Youssif M Raghib | bug-bounty-tips, bug-bounty, bug-hunter, bug-hunting | 20-Mar-2024 |
No rate limit in comments with IDOR | https://medium.com/@youssifm.raghib/no-rate-limit-in-comments-with-idor-d8904f3db588?source=rss------bug_bounty-5 | Youssif M Raghib | bug-bounty, bugs, bug-hunting | 20-Mar-2024 |
Electrum-Dime Beta Launch: A New Era for Dimecoin | https://dimecoinnetwork.medium.com/electrum-dime-beta-launch-a-new-era-for-dimecoin-72b5740598d4?source=rss------bug_bounty-5 | Dimecoin Network | development, dimecoin, blockchain, bug-bounty, cryptocurrency | 20-Mar-2024 |
Behind the Bug Report: From Overlooked to Overhauled | https://interc3pt3r.medium.com/behind-the-bug-report-from-overlooked-to-overhauled-94a9e5595a8a?source=rss------bug_bounty-5 | Aneesha D | cybersecurity, security, web-applications, bug-bounty, hacking | 20-Mar-2024 |
Mantente al tanto de las actualizaciones. ¿Qué representan el punto azul y rojo en Burp Suite? | https://medium.com/@ArtsSEC/mantente-al-tanto-de-las-actualizaciones-qu%C3%A9-representan-el-punto-azul-y-rojo-en-burp-suite-1da1a5c74f16?source=rss------bug_bounty-5 | ArtsSEC | burpsuite, bug-bounty, vulnerability, pentesting, hacking | 20-Mar-2024 |
13.15 Lab: Reflected XSS into HTML context with all tags blocked except custom ones | 2024 | https://cyberw1ng.medium.com/13-15-lab-reflected-xss-into-html-context-with-all-tags-blocked-except-custom-ones-2024-ca34eec89d88?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, hacking, penetration-testing, cybersecurity | 20-Mar-2024 |
The Art Of Testing Symmetric Cryptography During Pentesting Android Applications | https://medium.com/@adipsharif/the-art-of-testing-symmetric-cryptography-during-pentesting-android-applications-154dbab795d7?source=rss------bug_bounty-5 | ADIP | bug-bounty, cybersecurity, android, bug-bounty-tips, penetration-testing | 20-Mar-2024 |
Checking Backups For Sensitive Data in Android Applications (The Offensive Security Way) | https://medium.com/@adipsharif/checking-backups-for-sensitive-data-in-android-applications-the-offensive-security-way-95bd8820b84e?source=rss------bug_bounty-5 | ADIP | penetration-testing, bug-bounty, android, cybersecurity, android-app-development | 20-Mar-2024 |
Why Regular Security Sweeps Are Crucial for Business Success | https://medium.com/@siddiquiasad2299/why-regular-security-sweeps-are-crucial-for-business-success-7de57c663ca7?source=rss------bug_bounty-5 | Asad Siddiqui | tscm-services-bug-sweeps, bug-bounty, bug-detection | 20-Mar-2024 |
Passlord: Your Ultimate Weapon for Creating Tailored Wordlists | https://navnee1h.medium.com/passlord-your-ultimate-weapon-for-creating-tailored-wordlists-924a491e9a0f?source=rss------bug_bounty-5 | Navaneeth M S | hacking, bug-bounty, passwords, cybersecurity, wordlist | 20-Mar-2024 |
Bypassing an IDOR A couple of times — $$$$ | https://medium.com/@bxrowski0x/bypassing-an-idor-a-couple-of-times-4d67555a1545?source=rss------bug_bounty-5 | Omar ElSayed | bug-bounty-tips, idor, cybersecurity, bug-bounty-writeup, bug-bounty | 20-Mar-2024 |
Biometric Authentication Bypass In Android Applications (The Offensive Security Way) | https://medium.com/@adipsharif/biometric-authentication-bypass-in-android-applications-the-offensive-security-way-c37d89b06db2?source=rss------bug_bounty-5 | ADIP | android-app-development, bug-bounty, penetration-testing, android, androiddev | 20-Mar-2024 |
How We Can Check Configuration of Cryptographic Standard Algorithms & Random Number Generation… | https://medium.com/@adipsharif/how-we-can-check-configuration-of-cryptographic-standard-algorithms-random-number-generation-000cf9bfdb64?source=rss------bug_bounty-5 | ADIP | hacking, cybersecurity, bug-bounty, pentesting, bug-bounty-tips | 20-Mar-2024 |
Detecting Cyber Threats with Resemble.js: Safeguarding Digital Assets through Image Analysis | https://medium.com/@corymack34/detecting-cyber-threats-with-resemble-js-safeguarding-digital-assets-through-image-analysis-9e2f3427f8ed?source=rss------bug_bounty-5 | Cory Mack | steganalysis, threat-detection, bug-bounty, cybersecurity, image-analysis | 20-Mar-2024 |
Biometric Authentication Bypass In Android Applications (The Offensive Security Way) | https://adipsharif.medium.com/biometric-authentication-bypass-in-android-applications-the-offensive-security-way-c37d89b06db2?source=rss------bug_bounty-5 | ADIP | android-app-development, bug-bounty, penetration-testing, android, androiddev | 20-Mar-2024 |
Evaluate, apply, and sustain security governance principles ! | https://infosecwriteups.com/evaluate-apply-and-sustain-security-governance-principles-1e038a02423a?source=rss------bug_bounty-5 | Paritosh | security-governance, information-technology, cissp, bug-bounty, cybersecurity | 19-Mar-2024 |
The Ultimate Guide to Red Teaming: Inside “A-poc/RedTeam-Tools” | https://infosecwriteups.com/the-ultimate-guide-to-red-teaming-inside-a-poc-redteam-tools-69645572cf0f?source=rss------bug_bounty-5 | ElNiak | red-team, bug-bounty, github, penetration-testing, cybersecurity | 19-Mar-2024 |
3 Step Find Critical Bug In Bug Bounty — Bug Bounty Tuesday | https://medium.com/@kerstan/3-step-find-critical-bug-in-bug-bounty-bug-bounty-tuesday-99011ec2cf27?source=rss------bug_bounty-5 | kerstan | security, technology, cybersecurity, hacking, bug-bounty | 19-Mar-2024 |
Hunting JavaScript File for Bug Hunters | https://vivek-ghinaiya.medium.com/hunting-javascript-file-for-bug-hunters-e8b278a1306a?source=rss------bug_bounty-5 | Vivek Ghinaiya | bug-hunting, bug-bounty, bug-bounty-writeup, javascript, bug-bounty-tips | 19-Mar-2024 |
Finding the hidden function led to a $300 IDOR | https://infosecwriteups.com/finding-the-hidden-function-led-to-a-300-idor-d37219c66d03?source=rss------bug_bounty-5 | M7arm4n | bug-bounty-tips, bug-bounty, hacking, hacker, security | 19-Mar-2024 |
CVE-2024–28436 Cross-Site Scripting Vulnerability in D-Link DAP Products | https://djallalakira.medium.com/cve-2024-28436-cross-site-scripting-vulnerability-in-d-link-dap-products-3596976cc99f?source=rss------bug_bounty-5 | Djallalakira | bug-bounty, cybersecurity, bug-bounty-writeup | 19-Mar-2024 |
IDOR to read all user’s private route comments | https://medium.com/@youssifm.raghib/idor-to-read-all-users-private-route-comments-e97120d43262?source=rss------bug_bounty-5 | Youssif M Raghib | cybersecurity, bug-bounty, bug-bounty-tips | 19-Mar-2024 |
Get allmost all subdomains | https://medium.com/@petrukhin.s.a/get-allmost-all-subdomains-5694dcc3cb60?source=rss------bug_bounty-5 | Sergei Petrukhin | subdomain, bug-bounty, subdomains-enumeration, bug-bounty-tips | 19-Mar-2024 |
13.14 Lab: Reflected XSS into HTML context with most tags and attributes blocked | 2024 | https://cyberw1ng.medium.com/13-14-lab-reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-2024-7e2106ef89b2?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, penetration-testing, cybersecurity, hacking | 19-Mar-2024 |
The Art Of Unveiling Logs for Sensitive Data In Android Applications (The Offensive Security Way) | https://medium.com/@adipsharif/the-art-of-unveiling-logs-for-sensitive-data-in-android-applications-the-offensive-security-way-9c823532d004?source=rss------bug_bounty-5 | ADIP | cybersecurity, bug-bounty, application-security, penetration-testing, bug-bounty-tips | 19-Mar-2024 |
HackTheBox — Information Gathering: Active Enumeration | https://medium.com/@harry.hphu/hackthebox-information-gathering-active-enumeration-e43481ef85f9?source=rss------bug_bounty-5 | Huy Phu | subdomains-enumeration, hackthebox, enumeration, bug-bounty, information-gathering | 19-Mar-2024 |
Unleashing Chaos: The Tale of the 0-Click Account Takeover | https://medium.com/@hmuhamm3d/unleashing-chaos-the-tale-of-the-0-click-account-takeover-21c2cedabc4b?source=rss------bug_bounty-5 | Hassaan Mohamed | penetration-testing, bug-bounty, account-takeover, bugswagger, infosec-write-ups | 19-Mar-2024 |
The Art Of Determining Whether Sensitive Data Is Shared with Third Parties via Embedded Services … | https://medium.com/@adipsharif/the-art-of-determining-whether-sensitive-data-is-shared-with-third-parties-via-embedded-services-beba2856ef96?source=rss------bug_bounty-5 | ADIP | bug-bounty-tips, cybersecurity, penetration-testing, bug-bounty, hacking | 19-Mar-2024 |
Medium Member Friend Links bug | https://karol-mazurek.medium.com/medium-member-friend-links-bug-b1d0020fbe39?source=rss------bug_bounty-5 | Karol Mazurek | medium, information-technology, penetration-testing, cybersecurity, bug-bounty | 18-Mar-2024 |
[Bug Bounty]xlsx 上传导致 XXE 漏洞 | https://medium.com/@_thorns/bug-bounty-xlsx-%E4%B8%8A%E4%BC%A0%E5%AF%BC%E8%87%B4-xxe-%E6%BC%8F%E6%B4%9E-e0615bee6af6?source=rss------bug_bounty-5 | _thorns | bug-bounty | 18-Mar-2024 |
Burpsuite Beginners Guide | https://medium.com/@OthmaneAitBouftass/burpsuite-beginners-guide-6bc7a08ca8f7?source=rss------bug_bounty-5 | Othmane Ait Bouftass | web-security, penetration-testing, bug-bounty, cybersecurity, ethical-hacking | 18-Mar-2024 |
LAMPSecurity CTF5 Walkthrough | https://erdemstar.medium.com/lampsecurity-ctf5-walkthrough-d24f67a5fd63?source=rss------bug_bounty-5 | Erdemstar | oscp-preparation, penetration-testing, bug-bounty, vulnhub-walkthrough, vulnhub | 18-Mar-2024 |
Subdomain Fuzzing worth 35k bounty! | https://medium.com/@HX007/subdomain-fuzzing-worth-35k-bounty-daebcb56d9bc?source=rss------bug_bounty-5 | HX007 | cybersecurity, bug-bounty | 18-Mar-2024 |
Happy H@cking Psychomong | https://medium.com/@psychomong/trhappy-h-cking-psychomong-bfa566350a01?source=rss------bug_bounty-5 | Psychomong | hacking-tools, hacking, research, bug-bounty, bounty-program | 18-Mar-2024 |
13.13 Lab: Stored DOM XSS Cross Site Scripting | 2024 | https://cyberw1ng.medium.com/13-13-lab-stored-dom-xss-cross-site-scripting-2024-f4c9a21ea262?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, penetration-testing, hacking, cybersecurity | 18-Mar-2024 |
Security.txt Nedir ? | https://medium.com/@ozanbozkurt1974/security-txt-nedir-d7d38a069cd8?source=rss------bug_bounty-5 | ozan bozkurt | security, bug-bounty, cybersecurity, red-team | 18-Mar-2024 |
Orderly Network: Unleashing Creativity in the DeFi Ecosystem through the Scaling Web3 Hackathon | https://medium.com/@orderlynetwork/orderly-network-unleashing-creativity-in-the-defi-ecosystem-through-the-scaling-web3-hackathon-5cd75096ecba?source=rss------bug_bounty-5 | Orderly Network (,) | encode-club, orderly-network, bug-bounty, defi, blockchain-development | 18-Mar-2024 |
Web Security Short Series — SQLi. | https://medium.com/@frankyyano/web-security-short-series-sqli-f222f04431a6?source=rss------bug_bounty-5 | Yano. | oscp, appsec, bug-bounty, sqli, sql | 18-Mar-2024 |
XML External Entity (XXE) attack | https://bytebusterx.medium.com/xml-external-entity-xxe-attack-69f7b268be01?source=rss------bug_bounty-5 | ByteBusterX | vulnerability, bug-bounty, infosec, web-security | 18-Mar-2024 |
Happy H@cking Psychomong | https://medium.com/@psychomong123/trhappy-h-cking-psychomong-bfa566350a01?source=rss------bug_bounty-5 | Psychomong123 | hacking-tools, hacking, research, bug-bounty, bounty-program | 18-Mar-2024 |
Understanding Injection Attacks: A Deep Dive into OWASP’s Top Vulnerability | https://osintteam.blog/understanding-injection-attacks-a-deep-dive-into-owasps-top-vulnerability-7d59e3535187?source=rss------bug_bounty-5 | Paritosh | bug-bounty, cybersecurity, hacking, owasp, injection-attacks | 17-Mar-2024 |
Bug Zero at a Glance [01–15 March] | https://blog.bugzero.io/bug-zero-at-a-glance-01-15-march-ba1ba88870ee?source=rss------bug_bounty-5 | Januka Dharmapriya | sri-lanka, newsletter, cybersecurity, bug-zero, bug-bounty | 17-Mar-2024 |
Bug Bounty Platforms are a Scam [Mostly] | https://medium.com/@hacktheplanet/bug-bounty-platforms-are-a-scam-mostly-ea53fe54c53d?source=rss------bug_bounty-5 | HackthePlanet - A Hacker's Blog. | cybersecurity, scams-to-avoid, bug-bounty, hacking, bug-hunting | 17-Mar-2024 |
My Journey into Bug Bounty: Revealing My First Successful Discovery | https://medium.com/@kajol_singh/my-journey-into-bug-bounty-revealing-my-first-successful-discovery-81b5d2efcbde?source=rss------bug_bounty-5 | Kajol Kumari | bug-bounty-tips, bounty-program, bug-bounty, developer, cybersecurity | 17-Mar-2024 |
Skipping the email verification is Good (or) Bad? | https://medium.com/@Alex_crypto/skipping-the-email-verification-is-good-or-bad-ef045dc8d3ed?source=rss------bug_bounty-5 | Alex_Crypto | bug-bounty, security-analytics, hacking | 17-Mar-2024 |
Mastering XSS: A Comprehensive Guide to Finding Cross-Site Scripting Vulnerabilities | https://cyberw1ng.medium.com/mastering-xss-a-comprehensive-guide-to-finding-cross-site-scripting-vulnerabilities-3891ab930274?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, careers, hacking, penetration-testing | 17-Mar-2024 |
How I found my first ever bug. | https://osintteam.blog/how-i-found-my-first-ever-bug-89fedb5a9b3c?source=rss------bug_bounty-5 | an0nbil | cybersecurity, technology, programming, javascript, bug-bounty | 17-Mar-2024 |
Application Level DoS - Smoking with ‘null’ Again | https://shahjerry33.medium.com/application-level-dos-smoking-with-null-again-364ce16dad74?source=rss------bug_bounty-5 | Jerry Shah (Jerry) | pentesting, cybersecurity, bug-bounty, vulnerability, infosec | 17-Mar-2024 |
Redirecting a webpage from HTTP to HTTPS is safe and how to identify whether the webpage is safe or… | https://medium.com/@Alex_crypto/if-the-forgot-password-link-is-copied-and-pasted-into-the-new-tab-it-opens-in-http-and-directs-to-8e8f80c4a9f6?source=rss------bug_bounty-5 | Alex_Crypto | bug-bounty, security | 17-Mar-2024 |
Bug Bounty Learning Path | https://bevijaygupta.medium.com/bug-bounty-learning-path-0c0015d6a71d?source=rss------bug_bounty-5 | Vijay Gupta | bugs, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-zero | 17-Mar-2024 |
Bug Bounty Platforms | https://bevijaygupta.medium.com/bug-bounty-platforms-499275d1d9b4?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-platforms, bugs, bug-bounty, bug-bounty-tips | 17-Mar-2024 |
Bug Bounty Tutorial : Login Bypass Technique | https://rajput623929.medium.com/bug-bounty-tutorial-login-bypass-technique-d7508856b2a1?source=rss------bug_bounty-5 | Mr.Horbio | poc, bug-bounty, cybersecurity, ethical-hacking, pentesting | 17-Mar-2024 |
I earned $1000 with IDOR’s vulnerability to PII leaks outside the platform. | https://aryasec.medium.com/i-earned-1000-with-idors-vulnerability-to-pii-leaks-outside-the-platform-65b1cbcfa26e?source=rss------bug_bounty-5 | Tengku Arya Saputra | idor, bugbounty-writeup, bug-bounty, idor-vulnerability | 17-Mar-2024 |
How to make a living as a Hacker! | https://medium.com/@rafael.code77/how-to-make-a-living-as-a-hacker-ff8fafa98b0b?source=rss------bug_bounty-5 | Rafael Henrique | science, money, programming, bug-bounty, hacking | 16-Mar-2024 |
https://medium.com/@morganbinbash/-25027f11f71e?source=rss------bug_bounty-5 | Morgan Bin Bash | pentesting, cybersecurity, bug-bounty, cyber-threat-intelligence | 16-Mar-2024 | |
Types of Cyber Attacks on Each OSI Layer | https://medium.com/@kumarsachin1642001/types-of-cyber-attacks-on-each-osi-layer-56e746dfa3b8?source=rss------bug_bounty-5 | sachin kumar | cybersecurity, hackerone, hacker, cyberattack, bug-bounty | 16-Mar-2024 |
Tips to get your first bug/bounty | https://medium.com/@mr_prey3r/tips-to-get-your-first-bug-bounty-c5a862ad8567?source=rss------bug_bounty-5 | Rubayet Hasan aka MR_Prey3r | first-bug, bug-bounty, bug-bounty-tips, first-bounty, find-your-first-bug | 16-Mar-2024 |
Bug Bounty Challenge: Day 7–16/03/2024 | https://wallotry.medium.com/bug-bounty-challenge-day-7-16-03-2024-5c48ff96f9d0?source=rss------bug_bounty-5 | Wallotry | bug-bounty-writeup, bug-bounty, bug-bounty-tips, bug-bounty-hunter | 16-Mar-2024 |
IDOR + Content Injection Penetration Testing Lesson 5 | https://medium.com/@or0to/idor-content-injection-penetration-testing-lesson-5-fe3bdce12f8f?source=rss------bug_bounty-5 | Ali Essam | security, penetration-testing, bug-bounty, cybersecurity, ali | 16-Mar-2024 |
13.12 Lab: Reflected DOM XSS — Cross Site Scripting | 2024 | https://infosecwriteups.com/13-12-lab-reflected-dom-xss-cross-site-scripting-2024-0dc98e91ae42?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, bug-bounty, careers, penetration-testing | 16-Mar-2024 |
How Secure is Java’s SecureProcessing? | https://medium.com/@dub-flow/how-secure-is-javas-secureprocessing-ec49544a59ad?source=rss------bug_bounty-5 | Florian Walter | cybersecurity, application-security, java, code-review, bug-bounty | 16-Mar-2024 |
How I was able to disclose the Users’ chats with AI chat Bot? | https://medium.com/@who1am1i999/how-i-was-able-to-disclose-the-users-chats-with-ai-chat-bot-c7d8b13ca713?source=rss------bug_bounty-5 | WHO AM I ? | information-security, fuzzing, bug-bounty, cybersecurity, information-disclosure | 15-Mar-2024 |
Understanding Path Traversal Vulnerabilities: Risks and Mitigation | https://medium.com/@paritoshblogs/understanding-path-traversal-vulnerabilities-risks-and-mitigation-6149a506a65b?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-technology, hacking, cybersecurity, path-traversal | 15-Mar-2024 |
Account takeover via Password reset | https://medium.com/@Rahulkrishnan_R_Panicker/account-takeover-via-password-reset-c2658e1f58eb?source=rss------bug_bounty-5 | Rahulkrishnan R Panicker | bug-bounty, cybersecurity, bugbounty-writeup, programming, bug-bounty-writeup | 15-Mar-2024 |
I discovered a new way to bypass CSRF protection to achieve Account Takeover | https://medium.com/@vflexo/i-discovered-a-new-way-to-bypass-csrf-protection-to-achieve-account-takeover-73d1dff3c67a?source=rss------bug_bounty-5 | vFlexo | information-technology, bug-bounty, penetration-testing, vapt, ethical-hacking | 15-Mar-2024 |
BugRap Ecosystem Panorama: Empowering Web3 Security Development | https://medium.com/@BugRap_Team/bugrap-ecosystem-panorama-empowering-web3-security-development-6cbe2f7adb24?source=rss------bug_bounty-5 | BugRap Team | web-development, bug-bounty, security, btc | 15-Mar-2024 |
Exploring Bug Bounty Hunting as a Promising Career Choice for Cybersecurity Professionals | https://medium.com/mynextdeveloper/exploring-bug-bounty-hunting-as-a-promising-career-choice-for-cybersecurity-professionals-2015563daac8?source=rss------bug_bounty-5 | MyNextDeveloper | hacking, bug-bounty, cybersecurity, client-security, cyber | 15-Mar-2024 |
13.11 Lab: DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded |… | https://cyberw1ng.medium.com/13-11-lab-dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-d7188a250ad8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, hacking, careers, penetration-testing | 15-Mar-2024 |
Reconnaissance: How GitDorks can power up your recon! | https://medium.com/@kieran.w/reconnaissance-how-gitdorks-can-power-up-your-recon-da3c5e412925?source=rss------bug_bounty-5 | Kieran W | gitdorking, reconnaissance, penetration-testing, bug-bounty, security-testing | 15-Mar-2024 |
Bug Bounty Challenge: Day 6–15/03/2024 | https://wallotry.medium.com/bug-bounty-challenge-day-6-15-03-2024-a5c6c1a67647?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 15-Mar-2024 |
BChecks en Burp Suite Professional | https://medium.com/@ArtsSEC/bchecks-en-burp-suite-professional-5d8c4754349e?source=rss------bug_bounty-5 | ArtsSEC | burpsuite, development, penetration-testing, web-development, bug-bounty | 15-Mar-2024 |
13.10 Lab: DOM XSS in document.write | https://cyberw1ng.medium.com/13-10-lab-dom-xss-in-document-write-c702cd0bd743?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, careers, penetration-testing, hacking | 14-Mar-2024 |
MRS #2: Bypassing premium features by checking “premium validation” parameters (€€€) | https://infosecwriteups.com/mrs-2-bypassing-premium-features-by-checking-premium-validation-parameters-f2e211fad160?source=rss------bug_bounty-5 | can1337 | infosec, business-logic, bug-bounty-tips, bug-bounty, cybersecurity | 14-Mar-2024 |
Unleash the Power of the Crypto Drainer: Your Ultimate Weapon in Crypto Wallet Draining! | https://medium.com/@colbe.judge/unleash-the-power-of-the-crypto-drainer-your-ultimate-weapon-in-crypto-wallet-draining-bd4ece99cc24?source=rss------bug_bounty-5 | CryptoDrainX | bug-bounty, hacking, bug-bounty-tips, hacking-tools, money | 14-Mar-2024 |
Unleash the Ultimate Multichain Wallet Drainer — Crypto Drainer: Drain ’Em all with Just One Click! | https://medium.com/@colbe.judge/unleash-the-ultimate-multichain-wallet-drainer-crypto-drainer-drain-em-all-with-just-one-click-0afa35f9b736?source=rss------bug_bounty-5 | CryptoDrainX | bug-bounty, cryptocurrency, bug-bounty-tips, nft, bitcoin | 14-Mar-2024 |
Insane Crypto-Drainer Exposed: The Ultimate Wallet Drainer You Can’t Ignore! | https://medium.com/@colbe.judge/insane-crypto-drainer-exposed-the-ultimate-wallet-drainer-you-cant-ignore-7545f4c9c86d?source=rss------bug_bounty-5 | CryptoDrainX | bug-bounty, crypto, nft, defi, money | 14-Mar-2024 |
How To Get $100k in 2024 With Crypto [Unrevealed] | https://medium.com/@colbe.judge/how-to-get-100k-in-2024-with-crypto-unrevealed-b40081b8fb41?source=rss------bug_bounty-5 | CryptoDrainX | blockchain, cryptocurrency, hacking-tools, hacking, bug-bounty | 14-Mar-2024 |
5 Websites to Learn Bug Hunting: A Beginner’s Guide | https://medium.com/@aayushdhakal005/5-websites-to-learn-bug-hunting-a-beginners-guide-4399c2f94917?source=rss------bug_bounty-5 | Creepyshit | website, bug-bounty, cybersecurity, resources | 14-Mar-2024 |
Bug Bounty Challenge: Day 5–14/03/2024 | https://wallotry.medium.com/bug-bounty-challenge-day-5-14-03-2024-b8fe8dae8cb5?source=rss------bug_bounty-5 | Wallotry | bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter | 14-Mar-2024 |
GRWM for WebApp PenTest | Command Injection | https://redsock1337.medium.com/grwm-for-webapp-pentest-command-injection-e205906573e2?source=rss------bug_bounty-5 | Jbr | os, command-line, bug-bounty-tips, cybersecurity, bug-bounty | 14-Mar-2024 |
Uncovering Host Header Injection Vulnerabilities in 5 Apex Domain Hosts Part Two how to chain | https://javroot.medium.com/uncovering-host-header-injection-vulnerabilities-in-5-apex-domain-hosts-part-two-how-to-chain-0abe308a4807?source=rss------bug_bounty-5 | Javroot | web, hacking, penetration-testing, bug-bounty-tips, bug-bounty | 14-Mar-2024 |
API Security: Essential Tools for Endpoint Analysis | https://iaraoz.medium.com/api-security-essential-tools-for-endpoint-analysis-efb1c72675c0?source=rss------bug_bounty-5 | Israel Aráoz Severiche | bug-bounty, owasp, appsec, cybersecurity, api-security | 14-Mar-2024 |
Exploiting Cross-Site Scripting XSS vulnerabilities for Bug Bounty — Portswigger | 2024 | https://cyberw1ng.medium.com/exploiting-cross-site-scripting-xss-vulnerabilities-for-bug-bounty-portswigger-2024-88d6e1df4658?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, penetration-testing, cybersecurity, bug-bounty | 13-Mar-2024 |
How To Do Malware Analysis | https://medium.com/@paritoshblogs/how-to-do-malware-analysis-62bd1f8052bb?source=rss------bug_bounty-5 | Paritosh | cybersecurity, bug-bounty, information-technology, security, malware-analysis | 13-Mar-2024 |
Easiest way to find hidden api from js files | https://medium.com/@jeetpal2007/easiest-way-to-find-hidden-api-from-js-files-ce115a4ad1af?source=rss------bug_bounty-5 | JEETPAL | cybersecurity, bounties, api-key, easiest-way, bug-bounty | 13-Mar-2024 |
Enhancing Your Bug Hunting Skills: 5 Must-Read Books | https://medium.com/@aayushdhakal005/enhancing-your-bug-hunting-skills-5-must-read-books-edb6029c19a6?source=rss------bug_bounty-5 | Creepyshit | bug-bounty, cybersecurity, books, web | 13-Mar-2024 |
Lets Talk Pentest Strategy | https://medium.com/@hackstack/lets-talk-pentest-strategy-adea4d3b085e?source=rss------bug_bounty-5 | HackStack | pentest, pentesting, how-to, bug-bounty | 13-Mar-2024 |
Email based IDOR makes me update Other User Profile | https://rohmadhidayah.medium.com/email-based-idor-makes-me-update-other-user-profile-8e6e289f4391?source=rss------bug_bounty-5 | Rohmad Hidayah | idor, info-sec-writeups, infosec-write-ups, bug-bounty, bug-bounty-tips | 13-Mar-2024 |
Bug-Bounty/How I Found My FIRST Vulnerability and How could I Access the Admin Panel using it +… | https://medium.com/@rogxoorsafe/bug-bounty-how-i-found-my-first-vulnerability-and-how-could-i-access-the-admin-panel-using-it-899d75da2f37?source=rss------bug_bounty-5 | Alireza Rogxoor | cyberattack, bug-bounty, cybersecurity, hacking, security | 13-Mar-2024 |
Fuzzing to Kubernetes to IDOR to PII leak | https://nityanandjha18.medium.com/fuzzing-to-kubernetes-to-idor-to-pii-leak-dae0dda70090?source=rss------bug_bounty-5 | NITYA NAND JHA | vapt, ethical-hacking, bug-bounty | 13-Mar-2024 |
Researcher Q&A: Friends Who Work Together, Hack Better Together | https://blog.developer.adobe.com/researcher-q-a-friends-who-work-together-hack-better-together-c698ff0be732?source=rss------bug_bounty-5 | Renae Kang | security, bug-bounty-program, security-researchers, bug-bounty, ethical-hacker | 13-Mar-2024 |
PROXY FUZZING | https://karol-mazurek.medium.com/proxy-fuzzing-4dc77968cfd8?source=rss------bug_bounty-5 | Karol Mazurek | programming, information-technology, bug-bounty, python, cybersecurity | 13-Mar-2024 |
Reconnaissance? | https://mrrobotstxt.medium.com/reconnaissance-ca2fa7bf821d?source=rss------bug_bounty-5 | Mr. Robots.txt | hackathons, bug-bounty, hacking, penetration-testing, cybersecurity | 13-Mar-2024 |
How much money did I make from doing Bug Bounty? | https://systemweakness.com/how-much-money-did-i-make-from-doing-bug-bounty-707438b71f47?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty, programming, hacking, cybersecurity, bug-bounty-tips | 13-Mar-2024 |
Cross-site scripting contexts for Bug Bounty — Portswigger | 2024 | https://cyberw1ng.medium.com/cross-site-scripting-contexts-for-bug-bounty-portswigger-2024-b927cfa70de3?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, penetration-testing, bug-bounty, cybersecurity | 12-Mar-2024 |
Business Logic Errors allow me to buy Products at Low Prices on Farmaku.com | https://rohmadhidayah.medium.com/business-logic-errors-allow-me-to-buy-products-at-low-prices-on-farmaku-com-b8c9c0bcf5cc?source=rss------bug_bounty-5 | Rohmad Hidayah | info-sec-writeups, bug-bounty-tips, business-logic, bug-bounty, infosec-write-ups | 12-Mar-2024 |
ShentuChain Unveils a Constellation of High-profile Investors | https://shentuchain.medium.com/shentuchain-unveils-a-constellation-of-high-profile-investors-54b612b8dc30?source=rss------bug_bounty-5 | Shentu Chain | binance, cybersecurity, investors, bug-bounty, announcements | 12-Mar-2024 |
How I Discovered My First Critical Vulnerability in My Bug Bounty Career | https://snip3rgg.medium.com/how-i-discovered-my-first-critical-vulnerability-in-my-bug-bounty-career-cf0e048d14cb?source=rss------bug_bounty-5 | Sahil Bugade (snip3rgg) | infosec, bug-bounty, vulnerability, bug-bounty-tips, cybersecurity | 12-Mar-2024 |
Account Takeover Through Rate-Limit Bypass — Bug Bounty Tuesday | https://medium.com/@kerstan/account-takeover-through-rate-limit-bypass-bug-bounty-tuesday-01229168dd89?source=rss------bug_bounty-5 | kerstan | bug-bounty, security, programming, cybersecurity, technology | 12-Mar-2024 |
How I found my first ever valid bug on Hackerone | https://medium.com/@rubaethasanariyan/how-i-found-my-first-ever-valid-bug-on-hackerone-da30015aa08d?source=rss------bug_bounty-5 | Rubayet Hasan aka MR_Prey3r | bug-bounty-tips, bugbounty-poc, first-bug, hackerone, bug-bounty | 12-Mar-2024 |
Guvenkaya Security Insights Series — Sweat Economy | https://medium.com/@guvenkaya-sec/guvenkaya-security-insights-series-sweat-economy-dbe681a79e7a?source=rss------bug_bounty-5 | Guvenkaya | near-protocol, bug-bounty, smart-contracts, rust, web3 | 12-Mar-2024 |
BYPASSING PARENTAL CONTROL ON WHOLE APPLE ECO-SYSTEM | https://medium.com/@sam0-0/bypassing-parental-control-on-whole-apple-eco-system-1c6975c24105?source=rss------bug_bounty-5 | Sam | bug-bounty, apple, infosec, bugbounty-writeup | 12-Mar-2024 |
Bug Bounty Challenge: Day 4/15–12/03/2024 | https://wallotry.medium.com/bug-bounty-challenge-day-4-15-12-03-2024-412bf44f8b83?source=rss------bug_bounty-5 | Wallotry | bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-hunting | 12-Mar-2024 |
Minha Experiência ao Obter a Certificação CBBH | https://tiredandsick.medium.com/cbbh-experience-prbt-bc2b376c4124?source=rss------bug_bounty-5 | SickAndTired | bug-bounty, hacking, pentesting, cbbh, hackthebox-academy | 12-Mar-2024 |
Utilizing Log Poisoning: Elevating from LFI to RCE | https://medium.com/@YNS21/utilizing-log-poisoning-elevating-from-lfi-to-rce-5dca90d0a2ac?source=rss------bug_bounty-5 | Youness Abbida | bug-bounty, hackthebox, local-file-inclusion, hackthebox-writeup, cybersecurity | 12-Mar-2024 |
Bug Bounty — Improper Authentication using Google Auth | https://medium.com/@nourrisson.julien3/bug-bounty-improper-authentication-using-google-auth-b45fbddab9be?source=rss------bug_bounty-5 | Nourrisson Julien | bug-bounty, cybersecurity | 11-Mar-2024 |
HTML INJECTION (Payload List) | https://medium.com/@psychomong/html-injection-payload-list-735e69f522ca?source=rss------bug_bounty-5 | psychomong | bug-bounty, bugs, html, injection, htmlinput | 11-Mar-2024 |
Race Conditions + IDOR Leads to Bypass Email Verification & Phone Verification | https://medium.com/@ozomarzu/race-conditions-idor-leads-to-bypass-email-verification-phone-verification-f62c7d7b97e5?source=rss------bug_bounty-5 | CyberOz | bugs, writeup, bug-bounty, hacking, bug-bounty-tips | 11-Mar-2024 |
Exploring AI Penetration Testing | https://medium.com/@adityasawant00/exploring-ai-penetration-testing-38891e861acd?source=rss------bug_bounty-5 | Aditya Sawant | hacking, bug-bounty, penetration-testing, ai, large-language-models | 11-Mar-2024 |
Bug Bounty Challenge: Day 3/15–11/03/2024 | https://wallotry.medium.com/bug-bounty-challenge-day-3-15-11-03-2024-38993610e657?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 11-Mar-2024 |
HTML Injection on NASA.gov | https://medium.com/@boogsta/html-injection-on-nasa-gov-91b1d3602ea0?source=rss------bug_bounty-5 | Boogsta | hacking, cybersecurity, hacker, cyber, bug-bounty | 11-Mar-2024 |
3 Information Disclosure in Bug Bounty Program | https://medium.com/@jm7.zx/3-information-disclosure-in-bug-bounty-program-e0c12f6e25d5?source=rss------bug_bounty-5 | Jm7.sz | bug-bounty, cybersecurity, programming, data-science | 11-Mar-2024 |
GRWM for WebApp PenTest | XPATH Injection | https://whyjbr.medium.com/grwm-for-webapp-pentest-xpath-injection-0906154bbe91?source=rss------bug_bounty-5 | Jbr | xpath, bug-bounty, cybersecurity, hacking, ethical-hacking | 11-Mar-2024 |
Exfiltrating Sensitive Information via Reflected XSS Bypassing Cloudflare | https://medium.com/@mayankchoubey507/exfiltrating-sensitive-information-via-reflected-xss-bypassing-cloudfare-d82d9ccc24d6?source=rss------bug_bounty-5 | Mayankchoubey | cybersecurity, xss-bypass, cloudflare, bug-bounty, xss-attack | 11-Mar-2024 |
24.4 Lab: Exploiting server-side parameter pollution in a query string | 2024 | https://infosecwriteups.com/24-4-lab-exploiting-server-side-parameter-pollution-in-a-query-string-2024-ac0e23db9c02?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, penetration-testing, cybersecurity, bug-bounty, careers | 11-Mar-2024 |
Top 7 BurpSuite Extensions for BugBounty- Part-1 | https://medium.com/@Ajakcybersecurity/top-7-burpsuite-extensions-for-bugbounty-part-1-4e9639649601?source=rss------bug_bounty-5 | AjakCybersecurity | hacking, ethical-hacking, penetration-testing, burpsuite, bug-bounty | 11-Mar-2024 |
HackTheBox — Information Gathering | https://medium.com/@harry.hphu/hackthebox-information-gathering-a2d78c901dd0?source=rss------bug_bounty-5 | Huy Phu | hackthebox, enumeration, bug-bounty, information-gathering | 11-Mar-2024 |
HackTheBox — Information Gathering: Passive Enumeration | https://medium.com/@harry.hphu/hackthebox-information-gathering-passive-enumeration-85e45503683d?source=rss------bug_bounty-5 | Huy Phu | passive-reconnaissance, hackthebox, information-gathering, bug-bounty | 11-Mar-2024 |
Vulnerability Vault: Breaking Down SSRF — Server Side Request Forgery (Part 2) | https://psychovik.medium.com/vulnerability-vault-breaking-down-ssrf-server-side-request-forgery-part-2-a08d4a2b3d96?source=rss------bug_bounty-5 | Vikas Sharma | hacking, cybersecurity, ssrf, bug-bounty, vulnerability | 10-Mar-2024 |
The Reset Password Attack Vector | https://balook.medium.com/the-reset-password-attack-vector-833e1291bb15?source=rss------bug_bounty-5 | baluz | bug-bounty | 10-Mar-2024 |
How I get My First $$$$ Bounty? | https://medium.com/@hacdoc/how-i-get-my-first-bounty-ec4d83eb5fbf?source=rss------bug_bounty-5 | Jaikumar | bug-bounty-tips, hacking, bug-bounty | 10-Mar-2024 |
GRWM for WebApp PenTest | Insecure Deserialization | https://whyjbr.medium.com/grwm-for-webapp-pentest-insecure-deserialization-adfa4f8cf53f?source=rss------bug_bounty-5 | Jbr | php, bug-bounty, inspiration, cybersecurity, hacking | 10-Mar-2024 |
How I get My First $$$$ Bounty? | https://medium.com/@hacdoc/how-i-get-my-first-bounty-ec4d83eb5fbf?source=rss------bug_bounty-5 | ஜெய் | bug-bounty-tips, hacking, bug-bounty | 10-Mar-2024 |
24.3 Lab: Exploiting a mass assignment vulnerability | 2024 | https://infosecwriteups.com/24-3-lab-exploiting-a-mass-assignment-vulnerability-2024-cc97a296d5fc?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, cybersecurity, bug-bounty, hacking | 10-Mar-2024 |
Information Gathering #1 | https://medium.com/@mxfx1989/information-gathering-1-192f58c49f2e?source=rss------bug_bounty-5 | z4z4_h1 | red-team, cybersecurity, bug-bounty, hacking, infosec | 10-Mar-2024 |
Easiest bugs to start | https://medium.com/@petrukhin.s.a/easiest-bugs-to-start-9f92d87f6e36?source=rss------bug_bounty-5 | Sergei Petrukhin | open-redirect, bug-bounty | 10-Mar-2024 |
Subdomains Enumeration | https://d4t4s3c.medium.com/subdomains-enumeration-a23f44ba4687?source=rss------bug_bounty-5 | d4t4s3c | bug-bounty, vhost, red-team, pentesting, subdomains-enumeration | 10-Mar-2024 |
Bug Bounty Challenge: Day 2/15–10/03/2024 | https://wallotry.medium.com/bug-bounty-challenge-day-1-15-10-03-2024-b946472d71c8?source=rss------bug_bounty-5 | Wallotry | bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup, bug-bounty | 10-Mar-2024 |
Cross-origin resource sharing (CORS) | Web application Vulnerability | https://abineshm.medium.com/cross-origin-resource-sharing-cors-web-application-vulnerability-afc0d3d35063?source=rss------bug_bounty-5 | Abinesh M | vulnerability, web-application-security, security, bug-bounty, bugs | 09-Mar-2024 |
Untangling Dependency Confusion: Exploring Threats and Protections | https://jareddouville.medium.com/untangling-dependency-confusion-exploring-threats-and-protections-7dd7f58de127?source=rss------bug_bounty-5 | Jared Douville | npm, bug-bounty, hacking, hackerone | 09-Mar-2024 |
24.2 Lab: Finding and exploiting an unused API endpoint | 2024 | https://cyberw1ng.medium.com/24-2-lab-finding-and-exploiting-an-unused-api-endpoint-2024-81f3451df1a1?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, hacking, careers, bug-bounty, penetration-testing | 09-Mar-2024 |
Bug Bounty Challenge: Day 1/15–09/03/2024 | https://wallotry.medium.com/bug-bounty-challenge-day-1-15-09-03-2024-f7b1824f2262?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 09-Mar-2024 |
24.1 Lab: Exploiting an API endpoint using documentation | 2024 | https://cyberw1ng.medium.com/24-1-lab-exploiting-an-api-endpoint-using-documentation-2024-5e7de5aaf53e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, security, careers, hacking, bug-bounty | 08-Mar-2024 |
Vulnerability Vault: Breaking Down SSRF — Server Side Request Forgery (Part 1) | https://psychovik.medium.com/vulnerability-vault-breaking-down-ssrf-server-side-request-forgery-part-1-b7e658589dd9?source=rss------bug_bounty-5 | Vikas Sharma | cybersecurity, hacking, vulnerability, bug-bounty, ssrf | 08-Mar-2024 |
1K Followers Giveaway- | https://medium.com/@Ajakcybersecurity/1k-followers-giveaway-892488a38a48?source=rss------bug_bounty-5 | AjakCybersecurity | cybersecurity, giveaway, free, bug-bounty, ethical-hacking | 08-Mar-2024 |
Sensitive Data Exposed when placing an Order | https://rohmadhidayah.medium.com/sensitive-data-exposed-when-placing-an-order-5549baed9186?source=rss------bug_bounty-5 | Rohmad Hidayah | infosec-write-ups, bug-bounty-tips, info-sec-writeups, bug-bounty | 08-Mar-2024 |
BSides Transylvania Is Not A Simple Conference, Is a Training Ground For Your Security Team | https://corneacristian.medium.com/bsides-transylvania-is-not-a-simple-conference-is-a-training-ground-for-your-security-team-c41cdf30778f?source=rss------bug_bounty-5 | Cristian Cornea | romania, ethical-hacking, tech, cybersecurity, bug-bounty | 08-Mar-2024 |
Server-Side Template Injection (SSTI) ☠️ Deep Dive | https://cyberbull.medium.com/server-side-template-injection-ssti-%EF%B8%8F-deep-dive-512904b8a8ae?source=rss------bug_bounty-5 | Aditya Pandey | web-security, security, cybersecurity, bug-bounty, ethical-hacking | 08-Mar-2024 |
Bug Bounty Challenge: Day 0/15 | https://wallotry.medium.com/bug-bounty-challenge-day-0-15-8e88c5b4cc6b?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 08-Mar-2024 |
0 Click Account Takeover Via reset password weird behavior | https://medium.com/@0xSnowmn/0-click-account-takeover-via-reset-password-weird-behavior-026846e5f850?source=rss------bug_bounty-5 | Snow Mars | bug-bounty, bug-bounty-tips, cybersecurity | 08-Mar-2024 |
WinRAR 7.0 DLL Hijacking -> Local RCE [0-day] | https://medium.com/@boogsta/winrar-7-0-dll-hijacking-local-rce-0-day-6d90765c6601?source=rss------bug_bounty-5 | Boogsta | cybersecurity, bug-bounty, hacks, hacking, cyber | 08-Mar-2024 |
Usb data recovery — Digital forensics intro | https://medium.com/@Rahulkrishnan_R_Panicker/usb-data-recovery-digital-forensics-intro-0c57337425b5?source=rss------bug_bounty-5 | Rahulkrishnan R Panicker | digital-forensics, tech, bug-bounty, pentesting, hacking | 07-Mar-2024 |
Increasing IMPACT of No Rate Limit on Email Endpoints. | https://shubham-srt.medium.com/increasing-impact-of-no-rate-limit-on-email-endpoints-d66cf08dafaf?source=rss------bug_bounty-5 | Shubham SRT | web-app-security, hacking, cybersecurity, bug-bounty, vapt | 07-Mar-2024 |
API Testing for Bug Bounty — Portswigger | 2024 | https://cyberw1ng.medium.com/api-testing-for-bug-bounty-portswigger-2024-bd8343cc2c10?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, careers, hacking, security | 07-Mar-2024 |
Verileri Çıkarmak için NoSQL Enjeksiyonundan Yararlanma | https://medium.com/@hhuseyinuyar17/verileri-%C3%A7%C4%B1karmak-i%C3%A7in-nosql-enjeksiyonundan-yararlanma-ace89e11bc69?source=rss------bug_bounty-5 | Hhuseyinuyar | bug-bounty, nosql, injection, burpsuite, mongodb | 07-Mar-2024 |
Exploring Bug Bounty Programs: An overview and Varieties | https://medium.com/@lovepatel3223/exploring-bug-bounty-programs-an-overview-and-varieties-6f8539279704?source=rss------bug_bounty-5 | Prem Patel | bug-bounty, bug-bounty-types | 07-Mar-2024 |
API Testing for Bug Bounty — Portswigger | 2024 | https://infosecwriteups.com/api-testing-for-bug-bounty-portswigger-2024-bd8343cc2c10?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, careers, hacking, security | 07-Mar-2024 |
How I found Reflected XSS which leads to Account Takeover on an E-commerce website | https://medium.com/@npthin1804/how-i-found-reflected-xss-which-leads-to-account-takeover-on-an-e-commerce-website-47200dd631b6?source=rss------bug_bounty-5 | Npthin | bug-bounty, infosec-write-ups, reflected-xss | 07-Mar-2024 |
Click, Intercept, Hack: Checkmate on Access Control Vulnerability | https://anasbetis023.medium.com/click-intercept-hack-checkmate-on-access-control-vulnerability-20152a7149e2?source=rss------bug_bounty-5 | Anas H Hmaidy | cybersecurity, web-security, ethical-hacking, penetration-testing, bug-bounty | 07-Mar-2024 |
XSLeak de-anonymize Facebook user visiting website | https://mustafa0x2021.medium.com/xsleak-de-anonymize-facebook-user-visiting-website-8f6c725235e8?source=rss------bug_bounty-5 | Mustafa | bug-bounty, meta | 07-Mar-2024 |
echo “Hello, World” | https://projectpolarbear.com/echo-hello-world-4233c914b944?source=rss------bug_bounty-5 | Mr. Robots.txt | soc, blue-team, cybersecurity, red-team, bug-bounty | 07-Mar-2024 |
Fixing Facebook: A Privacy Issue Ignored? | https://medium.com/@mynkpdr/fixing-facebook-a-privacy-issue-ignored-6c048dacc824?source=rss------bug_bounty-5 | mynkpdr | messenger, bug-bounty-writeup, facebook, bug-bounty, facebook-bug-bounty | 07-Mar-2024 |
How to find server security misconfiguration leak data users | https://medium.com/@sam_0x0/how-to-find-server-security-misconfiguration-leak-data-users-f7a43c008e33?source=rss------bug_bounty-5 | Eslam Omar | bug-bounty, bug-bounty-tips, bugcrowd, bugs, web-pen-testing | 07-Mar-2024 |
How to find server security misconfiguration leak data users | https://systemweakness.com/how-to-find-server-security-misconfiguration-leak-data-users-f7a43c008e33?source=rss------bug_bounty-5 | Eslam Omar | bug-bounty, bug-bounty-tips, bugcrowd, bugs, web-pen-testing | 07-Mar-2024 |
How I found Reflected XSS which leads to Account Takeover on an E-commerce website | https://medium.com/@npthin1804/how-i-found-reflected-xss-which-leads-to-account-takeover-on-an-e-commerce-website-47200dd631b6?source=rss------bug_bounty-5 | p00dl3 | bug-bounty, infosec-write-ups, reflected-xss | 07-Mar-2024 |
Bug Bounty - Insecure Deserialization to Reverse Shell | https://medium.com/@jobaa23/insecure-deserialization-to-reverse-shell-9f007b440d6f?source=rss------bug_bounty-5 | 0x4141 | bug-bounty, remote-code-execution, hacking, bug-hunting, insecure-deserialization | 07-Mar-2024 |
Host Header Poison lead to account takeover | https://medium.com/@masterhackor22/host-header-poison-lead-to-account-takeover-8c432fb54b29?source=rss------bug_bounty-5 | master hackor | bounty-program, bugs, penetration-testing, cybersecurity, bug-bounty | 06-Mar-2024 |
[letsdefend.io] SOC164 — Suspicious Mshta Behavior | https://medium.com/@yasminramadini/letsdefend-io-soc164-suspicious-mshta-behavior-36dfa3d74843?source=rss------bug_bounty-5 | Yasmin Ramadini | tryhackme, bug-bounty, indonesia, letsdefendio, ctf-writeup | 06-Mar-2024 |
[letsdefend.io] SOC169 — Possible IDOR Attack Detected | https://medium.com/@yasminramadini/letsdefend-io-soc169-possible-idor-attack-detected-dda468ceab28?source=rss------bug_bounty-5 | Yasmin Ramadini | ctf-writeup, bug-bounty, tryhackme, letsdefendio, indonesia | 06-Mar-2024 |
[letsdefend.io] SOC168 — Whoami Command Detected in Request Body | https://medium.com/@yasminramadini/letsdefend-io-soc168-whoami-command-detected-in-request-body-c4813fab47e4?source=rss------bug_bounty-5 | Yasmin Ramadini | bug-bounty, tryhackme, indonesia, letsdefendio, ctf-writeup | 06-Mar-2024 |
[Letsdefend.io] SOC170 — Passwd Found in Requested URL — Possible LFI Attack | https://medium.com/@yasminramadini/letsdefend-io-soc170-passwd-found-in-requested-url-possible-lfi-attack-1828c436e703?source=rss------bug_bounty-5 | Yasmin Ramadini | letsdefendio, bug-bounty, tryhackme, ctf-writeup, indonesia | 06-Mar-2024 |
Apa Itu Kriptografi? Enkripsi, Encoding, Dan Hashing | https://medium.com/@yasminramadini/apa-itu-kriptografi-enkripsi-encoding-dan-hashing-ddb39d69eb93?source=rss------bug_bounty-5 | Yasmin Ramadini | pentesting, tryhackme, indonesia, cybersecurity, bug-bounty | 06-Mar-2024 |
How i bypassed input limitations to get Admin ATO | https://medium.com/@0x3adly/how-i-bypassed-input-limit-to-get-admin-ato-f2d56f40f505?source=rss------bug_bounty-5 | Anas Eladly ( 0x3adly ) | cybersecurity, web-penetration-testing, xss-attack, bug-bounty, bug-bounty-tips | 06-Mar-2024 |
Microsoft Exchange Server Remote Code Execution Vulnerability | https://medium.com/@ryuzakiryuga31/microsoft-exchange-server-remote-code-execution-vulnerability-89354c6e6586?source=rss------bug_bounty-5 | R09sh | bug-bounty, blackhat, rce-vulnerability, cybersecurity, cyberattack | 06-Mar-2024 |
At age of 18, How I got first “Future” Job Offer from Korean MNC through bug bounties | https://medium.com/@manan_sanghvi/at-age-of-18-how-i-got-first-future-job-offer-from-korean-mnc-through-bug-bounties-2cfb7d4a9e8c?source=rss------bug_bounty-5 | Manan Sanghvi | ethical-hacking, cybersecurity, bug-bounty, penetration-testing, job-offer | 06-Mar-2024 |
Vulnerable WordPress February 2024 (Jushin Castle) | https://medium.com/@onhexgroup/vulnerable-wordpress-february-2024-jushin-castle-340990bdb9fb?source=rss------bug_bounty-5 | Onhexgroup | bug-bounty, cybersecurity, security, infosec, wordpress | 06-Mar-2024 |
Data Lake introduces the second bug bounty campaign of its patients recruitment Application | https://datalaketoken.medium.com/data-lake-introduces-the-second-bug-bounty-campaign-of-its-patients-recruitment-application-88be6e0399a4?source=rss------bug_bounty-5 | Data Lake | bug-bounty, medical-data, research, data-lake, desci | 06-Mar-2024 |
How I Passed eWPTX v2 Exam Without Courseware | https://medium.com/@adityasawant00/how-i-passed-ewptx-v2-exam-without-courseware-1711edd7fb32?source=rss------bug_bounty-5 | Aditya Sawant | hacking, penetration-testing, certification, bug-bounty, security | 06-Mar-2024 |
12.4 Lab: Exploiting NoSQL operator injection to extract unknown fields | 2024 | https://infosecwriteups.com/12-4-lab-exploiting-nosql-operator-injection-to-extract-unknown-fields-2024-866996b9fff2?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, hacking, careers, penetration-testing | 06-Mar-2024 |
Upload Backdoor in profile picture and OTP Bypass | https://medium.com/@sahilkushwaha275/upload-backdoor-in-profile-picture-and-otp-bypass-3c2e2e18fbbb?source=rss------bug_bounty-5 | S33NU | bug-bounty, technology, bug-hunting, bounty-program, programming | 06-Mar-2024 |
Story of Lock up users’ account by DOS attack cost $1,100 | https://m7arm4n.medium.com/story-of-lock-up-users-account-by-dos-attack-cost-1-100-87b47d06a7c1?source=rss------bug_bounty-5 | M7arm4n | hacker, hacking, bug-bounty, security, bug-bounty-tips | 06-Mar-2024 |
Uncovering Host Header Injection Vulnerabilities in 5 Apex Domain Hosts | https://javroot.medium.com/uncovering-host-header-injection-vulnerabilities-in-5-apex-domain-hosts-c45f79e82862?source=rss------bug_bounty-5 | Javroot | hosting, bug-hunting, hacking, white-hat-hacker, bug-bounty | 05-Mar-2024 |
Bug-Bounty Beginning (Day-1) | https://medium.com/@bv1459/bug-bounty-beginning-day-1-bc5fa649ff45?source=rss------bug_bounty-5 | Bala Prasanna Gopal Volisetty | bug-bounty, kali-linux, hacking-tools, hacking | 05-Mar-2024 |
XXEs are lurking in unexpected places and you'll find these vulnerabilities almost everywhere | https://medium.com/@securelearn/xxes-are-lurking-in-unexpected-places-and-youll-find-these-vulnerabilities-almost-everywhere-aefeef9d7cbb?source=rss------bug_bounty-5 | Rohan Giri | bug-bounty-tips, web-vulnerabilities, bug-bounty | 05-Mar-2024 |
How I Found Multiple XSS Vulnerabilities Using Unknown Techniques | https://infosecwriteups.com/how-i-found-multiple-xss-vulnerabilities-using-unknown-techniques-74f8e705ea0d?source=rss------bug_bounty-5 | Khaledyassen | xss-attack, hacking, bug-bounty, bug-bounty-tips, cybersecurity | 05-Mar-2024 |
Tips Melakukan Analisa Email Phishing | https://medium.com/@yasminramadini/tips-melakukan-analisa-email-phishing-e4d8f5b4bed6?source=rss------bug_bounty-5 | Yasmin Ramadini | cybersecurity, indonesia, soc-analyst, tryhackme, bug-bounty | 05-Mar-2024 |
12.3 Lab: Exploiting NoSQL injection to extract data | 2024 | https://infosecwriteups.com/12-3-lab-exploiting-nosql-injection-to-extract-data-2024-ca9896a3c964?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, careers, cybersecurity, security | 05-Mar-2024 |
Apa Itu OSI Model? Protokol Dan Enkapsulasi Tiap Layernya | https://medium.com/@yasminramadini/apa-itu-osi-model-protokol-dan-enkapsulasi-tiap-layernya-6faa7a0e8bbb?source=rss------bug_bounty-5 | Yasmin Ramadini | soc-analyst, tryhackme, cybersecurity, indonesia, bug-bounty | 05-Mar-2024 |
Apa Itu TCP, UDP, Dan Three-way Handsh | https://medium.com/@yasminramadini/apa-itu-tcp-udp-dan-three-way-handsh-03edaf55c42d?source=rss------bug_bounty-5 | Yasmin Ramadini | soc-analyst, bug-bounty, cybersecurity, indonesia, tryhackme | 05-Mar-2024 |
Road Map to Bug Bounty: A Beginner’s Guide | https://bjamali.medium.com/road-map-to-bug-bounty-a-beginners-guide-bd14b44e174b?source=rss------bug_bounty-5 | Babar Ali Jamali | information-security, cyber, hacking, cybersecurity, bug-bounty | 05-Mar-2024 |
5 Tips GoogleDocks you should know — Bug Bounty Tuesday | https://medium.com/@kerstan/5-tips-googledocks-you-should-know-bug-bounty-tuesday-49007026903f?source=rss------bug_bounty-5 | kerstan | technology, cybersecurity, bug-bounty, programming, security | 5-Mar-2024 |
#9.TryHackMe Series writeups-LazyAdmin | https://cyb3rmind.medium.com/9-tryhackme-series-writeups-lazyadmin-7712917a2333?source=rss------bug_bounty-5 | Cyb3r M!nd | walkthrough, lazy-admin, tryhackme-writeup, tryhackme, bug-bounty | 05-Mar-2024 |
Unauthorized access to Facebook creator’s professional dashboard | https://gtm0x01.medium.com/unauthorized-access-to-facebook-creators-professional-dashboard-e35d98644258?source=rss------bug_bounty-5 | Gtm Mänôz | facebook, medium, graphql, bug-bounty, writeup | 05-Mar-2024 |
My Recon Methodology (ep 1) | https://realm3ter.medium.com/my-recon-methodology-ep-1-bc9e6fd660ad?source=rss------bug_bounty-5 | Muhammad Mater | bug-bounty, recon, osint | 05-Mar-2024 |
Knock, Knock. Who’s there? SSRF! SSRF who? Redirect SSRF! | https://atemporalzen.medium.com/knock-knock-whos-there-ssrf-ssrf-who-redirect-ssrf-449f5d18c5a7?source=rss------bug_bounty-5 | atemporalzen | bug-bounty, cybersecurity, hacking, ssrf | 05-Mar-2024 |
Payload will after you | https://medium.com/@isuk4/payload-will-after-you-3e16eaa17517?source=rss------bug_bounty-5 | Isuka sanuj | sql-injection, second-order-attack, pentesting, web-app-exploits, bug-bounty | 05-Mar-2024 |
HTTP Request Smuggling: WWWWWH? | https://medium.com/@rcxsecurity/http-request-smuggling-wwwwwh-85be9c46a38e?source=rss------bug_bounty-5 | RCXSecurity | cybersecurity, pentesting, bug-bounty-tips, bug-bounty, application-security | 05-Mar-2024 |
The Danger of PHP Eval(): | https://medium.com/@pkhuyar/the-danger-of-php-eval-a23410187ca2?source=rss------bug_bounty-5 | Prashant Roy | bug-bounty, php, cybersecurity, penetration-testing, ctf | 05-Mar-2024 |
Hacking the UK government ( FULL database access ) | https://ahmadmansourr.medium.com/hacking-the-uk-government-full-database-access-496a94e6cc9c?source=rss------bug_bounty-5 | Ahmad Mansour | computer-science, bug-bounty, hacking, pentesting, cybersecurity | 05-Mar-2024 |
BAC Leads To Full Takeover Of Any Organisation | https://medium.com/@ismailsaid1603/bac-leads-to-full-takeover-of-any-organisation-0fc21cf4cb5e?source=rss------bug_bounty-5 | Esmail Saied | bug-bounty, broken-access-control, idor, bugcrowd, cybersecurity | 05-Mar-2024 |
Information Disclosure — Instructor’s Email Address leaked in Response | https://rohmadhidayah.medium.com/information-disclosure-instructors-email-address-leaked-in-response-1737551d5a8b?source=rss------bug_bounty-5 | Rohmad Hidayah | info-sec-writeups, bug-bounty-tips, bug-bounty, information-disclosure, infosec-write-ups | 04-Mar-2024 |
OTP Bypass Via Response Manipulation | https://medium.com/@maratherao93/otp-bypass-via-response-manipulation-e55352c5c419?source=rss------bug_bounty-5 | Marathe Rao | bug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup | 04-Mar-2024 |
the Intricacies of WiFi Hacking | https://medium.com/@paritoshblogs/the-intricacies-of-wifi-hacking-76c404240111?source=rss------bug_bounty-5 | Paritosh | bug-bounty, cybersecurity, hacking, wifi, programming | 04-Mar-2024 |
Apa Itu Cyber Kill Chain Dalam Cyber Security | https://medium.com/@yasminramadini/apa-itu-cyber-kill-chain-dalam-cyber-security-5e993233615c?source=rss------bug_bounty-5 | Yasmin Ramadini | tryhackme, soc-analyst, indonesia, bug-bounty, cybersecurity | 04-Mar-2024 |
Apa Itu Pyramid Of Pain Dalam Cyber Security | https://medium.com/@yasminramadini/apa-itu-pyramid-of-pain-dalam-cyber-security-7e08932e8ed9?source=rss------bug_bounty-5 | Yasmin Ramadini | tryhackme, indonesia, bug-bounty, cybersecurity, soc-analyst | 04-Mar-2024 |
It assignment helper https://www.fiverr.com/s/QAR93y | https://medium.com/@drugdirectory96/it-assignment-helper-https-www-fiverr-com-s-qar93y-30e688ba78e9?source=rss------bug_bounty-5 | Masud Rana | javascript, money, bug-bounty, software-development, bug-bounty-tips | 04-Mar-2024 |
My Report Summaries #1: Project manager can see & download all users’ login history at redacted app… | https://infosecwriteups.com/my-report-summaries-1-project-manager-can-see-download-all-users-login-history-at-redacted-app-6a41597b5d11?source=rss------bug_bounty-5 | can1337 | infosec, bug-bounty, idor, cybersecurity | 04-Mar-2024 |
Come diventare un hacker nel 2024 | https://medium.com/@d0lf1_/come-diventare-un-hacker-nel-2024-493c8c0ced9a?source=rss------bug_bounty-5 | d0lf1 | italiano, penetration-testing, google, bug-bounty, hacking | 04-Mar-2024 |
11.8 Lab: Exploiting XXE via image file upload | 2024 | https://cyberw1ng.medium.com/11-8-lab-exploiting-xxe-via-image-file-upload-2024-e2840c3b85f3?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, careers, hacking, penetration-testing | 04-Mar-2024 |
Simple vulnerability in a Cyber Security conference | https://medium.com/@jsamia/simple-vulnerability-in-a-cyber-security-conference-c06a53c6e4b7?source=rss------bug_bounty-5 | Jaeden Samia | security, ethical-hacking, bugs, bug-bounty | 04-Mar-2024 |
The Ethics of Bug Bounties: Balancing Incentives and Security | https://medium.com/@securelearn/the-ethics-of-bug-bounties-balancing-incentives-and-security-7501a4aaa246?source=rss------bug_bounty-5 | Rohan Giri | bug-fixes, bug-bounty-tips, ethical-hacking, cybersecurity, bug-bounty | 03-Mar-2024 |
Recently Discovered Several Bugs in a Private Program | https://zapstiko.medium.com/recently-discovered-several-bugs-in-a-private-program-8dc900bf6fe9?source=rss------bug_bounty-5 | Raihan Biswas | bug-bounty, bugs, idor-vulnerability, information-disclosure, bug-bounty-tips | 03-Mar-2024 |
Google Dorking aka “Google Hacking” | https://medium.com/@dasmanish6176/google-dorking-aka-google-hacking-49fb5a511345?source=rss------bug_bounty-5 | Dasmanish | google-dork, google-hacking, penetration-testing, bug-bounty | 03-Mar-2024 |
PHP Session Poisoning using LFI. | https://medium.com/@YNS21/php-session-poisoning-using-lfi-36d7df012777?source=rss------bug_bounty-5 | Youness Abbida | hackerone, bug-bounty, bugcrowd, php, vulnerability | 03-Mar-2024 |
Discovered potential SQL injection through parameter testing | https://medium.com/@pankajnandkar/discovered-potential-sql-injection-through-parameter-testing-0be4364d9b7a?source=rss------bug_bounty-5 | Pankaj Nandkar | bug-bounty-tips, ethical-hacking, sql-injection, bug-bounty, cybersecurity | 03-Mar-2024 |
11.7 Lab: Exploiting XInclude to retrieve files | 2024 | https://cyberw1ng.medium.com/11-7-lab-exploiting-xinclude-to-retrieve-files-2024-2f7751d777fa?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, careers, hacking, cybersecurity | 03-Mar-2024 |
Sneak Peek: Mastering Blind SQL Injection with SQLMap and Manual Techniques (CVE-2023–6063) | https://medium.com/@josh.beck2006/sneak-peek-mastering-blind-sql-injection-with-sqlmap-and-manual-techniques-cve-2023-6063-af904f61f822?source=rss------bug_bounty-5 | Josh Beck | penetration-testing, cybersecurity, bug-bounty, oscp | 03-Mar-2024 |
Magic Links as Gateways Account Takeovers | https://sl4x0.medium.com/magic-links-as-gateways-account-takeovers-e9c911ceb6f9?source=rss------bug_bounty-5 | Abdelrhman Allam (sl4x0) | magic-link, account-takeover, bug-bounty, web-security, pentesting | 03-Mar-2024 |
HBO BUB in production. Can’t UNsubscribe | https://medium.com/@shanlogauthier/hbo-bub-in-production-cant-unsubscribe-b0b3982d2292?source=rss------bug_bounty-5 | Shanlogauthier | bug-bounty, max, hbo-max, hbo, bugs | 03-Mar-2024 |
Exploiting Grafana To achieve Remote Command Execution | https://medium.com/@konqi/exploiting-grafana-to-achieve-remote-command-execution-5eb0f99cb107?source=rss------bug_bounty-5 | Vahagn Israelian | hacking, bug-bounty, vulnerability, penetration-testing, grafana | 02-Mar-2024 |
the Power of Twitter OSINT | https://medium.com/@paritoshblogs/the-power-of-twitter-osint-059cfaa3b0e2?source=rss------bug_bounty-5 | Paritosh | twitter, cybersecurity, bug-bounty, threat-intelligence, hacking | 02-Mar-2024 |
https://medium.com/@morganbinbash/-46d5d16114c8?source=rss------bug_bounty-5 | Morgan Bin Bash | frontend, cybersecurity, bug-bounty, pentesting | 02-Mar-2024 | |
the Power of Twitter OSINT | https://infosecwriteups.com/the-power-of-twitter-osint-059cfaa3b0e2?source=rss------bug_bounty-5 | Paritosh | twitter, cybersecurity, bug-bounty, threat-intelligence, hacking | 02-Mar-2024 |
My first IDOR hunting story | https://medium.com/@loverslandgandhi/my-first-idor-hunting-story-42c71fbe06dc?source=rss------bug_bounty-5 | Loverslandgandhi | ethical-hacking, bug-bounty-hunter, bug-bounty-tips, cybersecurity, bug-bounty | 02-Mar-2024 |
How I Got Highly Sensetive Api Keys On A Private Hackerone Program | https://medium.com/@mrraghavop12/how-i-got-highly-sensetive-api-keys-on-a-private-hackerone-program-b40c6de80708?source=rss------bug_bounty-5 | Ethical Raghav | cybersecurity, data-science, bug-bounty, technology, web-development | 02-Mar-2024 |
Unveiling the Secrets: SSRF Adventures in Microsoft’s AI Playground | https://medium.com/@soufianehabti/unveiling-the-secrets-ssrf-adventures-in-microsofts-ai-playground-26c7872b32fc?source=rss------bug_bounty-5 | Soufiane Habti | bug-bounty, microsoft, security, ai, artificial-intelligence | 02-Mar-2024 |
Bypassing the Bluecoat Unified Agent | https://medium.com/@0xSphinx/bypassing-the-bluecoat-unified-agent-36ada54fe789?source=rss------bug_bounty-5 | 0xSphinx | hacking, penetration-testing, security, bug-bounty, cybersecurity | 02-Mar-2024 |
What is RedTeaming ? | https://aboutjbr.medium.com/what-is-redteaming-8699650f4265?source=rss------bug_bounty-5 | Jbr | ethical-hacking, bug-bounty, red-team, cybersecurity, hacking | 02-Mar-2024 |
bersecurity11.6 Lab: Exploiting blind XXE to retrieve data via error messages | 2024 | https://cyberw1ng.medium.com/bersecurity11-6-lab-exploiting-blind-xxe-to-retrieve-data-via-error-messages-2024-4b7f1340195a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, hacking, cybersecurity, careers | 02-Mar-2024 |
How to hack a LTE Router? Just text it! | https://medium.com/@mateusz-msl-lach/how-to-hack-a-lte-router-just-text-it-847f526c0a7f?source=rss------bug_bounty-5 | Mateusz Lach | xss-attack, cybersecurity, cve, bug-bounty, zte | 02-Mar-2024 |
My first IDOR hunting story | https://hackergandhi.medium.com/my-first-idor-hunting-story-42c71fbe06dc?source=rss------bug_bounty-5 | hackergandhi | ethical-hacking, bug-bounty-hunter, bug-bounty-tips, cybersecurity, bug-bounty | 02-Mar-2024 |
XML Injection: Deep Dive | https://cyberbull.medium.com/xml-injection-deep-dive-2e6e7132732d?source=rss------bug_bounty-5 | Aditya Pandey | xml, bug-fixes, injection, bug-bounty, cybersecurity | 01-Mar-2024 |
$600 Simple MFA Bypass — Graphql | https://securitycipher.medium.com/600-simple-mfa-bypass-graphql-b46c6a4c5b82?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | security, cybersecurity, bug-bounty, technology, hacking | 01-Mar-2024 |
XSS : A Fight With The WAF | https://medium.com/@itsmeliodas/xss-a-fight-with-the-waf-a08a4fc6012c?source=rss------bug_bounty-5 | Meliodas | cybersecurity, xss-attack, bug-bounty | 01-Mar-2024 |
Understanding Cybersecurity: Safeguarding the Digital Realm | https://medium.com/@thirdeye1910/understanding-cybersecurity-safeguarding-the-digital-realm-8b36c55bec61?source=rss------bug_bounty-5 | Rajib Hassen | bug-bounty, ethereum, cyberattack, cybersecurity | 01-Mar-2024 |
11.5 Lab: Exploiting blind XXE to exfiltrate data using a malicious external DTD | 2024 | https://infosecwriteups.com/11-5-lab-exploiting-blind-xxe-to-exfiltrate-data-using-a-malicious-external-dtd-2024-a0cc2615cd5e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, cybersecurity, hacking, security | 01-Mar-2024 |
Retrieving SUI Wallet Passphrase and Private Key without Password | https://medium.com/@mgthuramoemyint/retrieving-sui-wallet-passphrase-and-private-key-without-password-8c7ae9d30033?source=rss------bug_bounty-5 | Thura Moe Myint | bug-bounty, security | 01-Mar-2024 |
Medium Bug Bounty on Hacker One — Broken Link | https://medium.com/bugs-that-bite/medium-bug-bounty-on-hacker-one-broken-link-b121c8896843?source=rss------bug_bounty-5 | Teri Radichel | security, bug-bounty, bugs, medium, hackerone | 29-Feb-2024 |
Critical vulnerability in Flask AppBuilder — CVE-2024–25128 | https://systemweakness.com/critical-vulnerability-in-flask-appbuilder-cve-2024-25128-a8693fb31d86?source=rss------bug_bounty-5 | ElNiak | vulnerability, cybersecurity, flask, bug-bounty, python | 29-Feb-2024 |
Version disclosure in headers and response : Security threat | https://medium.com/@zakeeandroid/version-disclosure-in-headers-and-response-security-threat-0b4e86272018?source=rss------bug_bounty-5 | Mohamed Zakee | application-security, bug-bounty, cybersecurity | 29-Feb-2024 |
Stored XSS on Bug Bounty Program | https://medium.com/@bry4nzheng/stored-xss-on-bug-bounty-program-092d6c262c1b?source=rss------bug_bounty-5 | Bryan Zheng | penetration-testing, cybersecurity, bug-bounty | 29-Feb-2024 |
Simple Tips for Bug Bounty Beginners: Finding API Key Leakage Vulnerabilities | https://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-api-key-leakage-vulnerabilities-eddc416216ce?source=rss------bug_bounty-5 | Anish Narayan | bug-bounty-writeup, secure-api-key, bug-bounty-tips, bug-bounty-hunting, bug-bounty | 29-Feb-2024 |
How to Excel at CTF Games with Linux Command Line Tools | https://dpericich.medium.com/how-to-excel-at-ctf-games-with-linux-command-line-tools-a68fba09cbfa?source=rss------bug_bounty-5 | Daniel Pericich | cybersecurity, linux, terminal, bug-bounty, software-engineering | 29-Feb-2024 |
How do I found Blind SSRF on a Hackerone Program | https://codingninjablogs.tech/how-do-i-found-blind-ssrf-on-a-hackerone-program-3f7c315c20c9?source=rss------bug_bounty-5 | #!/Subhankar | cve, hacking, bug-bounty, ssrf, hackerone | 29-Feb-2024 |
Horizontal Privilege Escalation Leads to Bounty | https://medium.com/@hellother18/horizontal-privilege-escalation-leads-to-bounty-f87aebbed8ab?source=rss------bug_bounty-5 | Manthan_ mahale | bugbounty-tips, hackerone, bounty-program, privilege-escalation, bug-bounty | 29-Feb-2024 |
11.4 Lab: Blind XXE with out-of-band interaction via XML parameter entities | 2024 | https://infosecwriteups.com/11-4-lab-blind-xxe-with-out-of-band-interaction-via-xml-parameter-entities-2024-14fbb40ba2f0?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, penetration-testing, cybersecurity, hacking | 29-Feb-2024 |
SQL Injection: Beyond ‘OR 1=1’. An iCSI CTF | https://medium.com/@josh.beck2006/sql-injection-beyond-or-1-1-an-icsi-ctf-b468b1dfa851?source=rss------bug_bounty-5 | Josh Beck | cybersecurity, oscp, bug-bounty, ctf-writeup | 29-Feb-2024 |
Authentication Bypass Using Response Manipulation | https://medium.com/@kundanp70559361/authentication-bypass-using-response-manipulation-c95969e787a8?source=rss------bug_bounty-5 | kundan prasad | science, cyber-security-awareness, hacking, bug-bounty, cybersecurity | 29-Feb-2024 |
Maximizing Bug Bounty Earnings with Burp Suite: Essential Tools and Plugins. | https://medium.com/@montymahapatra79/maximizing-bug-bounty-earnings-with-burp-suite-essential-tools-and-plugins-84468c5d969d?source=rss------bug_bounty-5 | Montymahapatra | burpsuite-profissional, burpsuite, bug-bounty, burpsuite-extension, bug-bounty-tips | 29-Feb-2024 |
First Bug Bounty | https://medium.com/@tom.sh/first-bug-bounty-ba6088fc2615?source=rss------bug_bounty-5 | Tom | cybersecurity, bugcrowd, hackerone, bug-bounty, hacking | 29-Feb-2024 |
How to find your first XSS vulnerability!!! | https://medium.com/@basti_Sec/how-to-find-your-first-xss-vulnerability-a35cb69b2f56?source=rss------bug_bounty-5 | Basti_Sec | bug-bounty-hunter, xss-vulnerability, hacking, bug-bounty, xss-attack | 29-Feb-2024 |
The Reality of Cloud Hacking | https://medium.com/@paritoshblogs/the-reality-of-cloud-hacking-8a061059dfcc?source=rss------bug_bounty-5 | Paritosh | cybersecurity, bug-bounty, cloud-computing, cloud-hacking, hacking | 28-Feb-2024 |
Email verification bypass leads to create unlimited user accounts with what ever email id | https://medium.com/@Rahulkrishnan_R_Panicker/email-verification-bypass-leads-to-create-unlimited-user-accounts-with-what-ever-email-id-68a2069185e4?source=rss------bug_bounty-5 | Rahulkrishnan R Panicker | technology, cybersecurity, hacking, bug-bounty, programming | 28-Feb-2024 |
symfony profiler kritik təhlükəsizlik açığı $$$ | https://memmedrehimzade.medium.com/symfony-profiler-kritik-t%C9%99hl%C3%BCk%C9%99sizlik-a%C3%A7%C4%B1%C4%9F%C4%B1-622ae6495fef?source=rss------bug_bounty-5 | memmed rehimzade | kibertəhlükəsizlik, bug-bounty, cybertime | 28-Feb-2024 |
Microsoft Azure Cloud Service’s uAMQP Library Flaw and Its Potential for RCE — CVE-2024–27099… | https://medium.com/@elniak/microsoft-azure-cloud-services-uamqp-library-flaw-and-its-potential-for-rce-cve-2024-27099-3d717cdb45f3?source=rss------bug_bounty-5 | ElNiak | vulnerability, bug-bounty, cloud, azure, cybersecurity | 28-Feb-2024 |
https://medium.com/@morganbinbash/-af057d8d6788?source=rss------bug_bounty-5 | Morgan Bin Bash | cybersecurity, pentesting, bug-bounty | 28-Feb-2024 | |
Revolutionize Your Bug Hunting: Jam.dev Turbocharges Bug Reporting | https://medium.com/@merisstupar11/revolutionize-your-bug-hunting-jam-dev-turbocharges-bug-reporting-2df14351766f?source=rss------bug_bounty-5 | Meris Stupar | bug-bounty, programming, testing, software-engineering, github | 28-Feb-2024 |
How do I automate my recon — Part Two | https://medium.com/@aliraah/how-do-i-automate-my-recon-part-two-b39a66b4c23d?source=rss------bug_bounty-5 | Aliraah | python, bug-bounty, automation, infosec, reconnaissance | 28-Feb-2024 |
Pre-Account Takeover Leading To Broken Access Control | https://medium.com/@bcarikci-dev/pre-account-takeover-leading-to-broken-access-control-13916ca02483?source=rss------bug_bounty-5 | Berkay Çarıkçıoğlu | broken-access-control, bug-bounty, cybersecurity, hacking, penetration-testing | 28-Feb-2024 |
cybers11.3 Lab: Blind XXE with out-of-band interaction | 2024 | https://infosecwriteups.com/cybers11-3-lab-blind-xxe-with-out-of-band-interaction-2024-9f2f5caf98ad?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, cybersecurity, penetration-testing, hacking | 28-Feb-2024 |
[TOOL GUIDE] Bypass-http a python tool to find 403 & 401 bypass | https://medium.com/@reinhardt.pwn/tool-guide-bypass-http-a-python-tool-to-find-403-401-bypass-b46ff0bd6978?source=rss------bug_bounty-5 | |Reinhardt| | cybersecurity-tools, cybersecurity, pentest, bug-bounty | 28-Feb-2024 |
Yerel bir DTD’yi yeniden kullanarak kör XXE’den yararlanma | https://medium.com/@hhuseyinuyar17/yerel-bir-dtdyi-yeniden-kullanarak-k%C3%B6r-xxe-den-yararlanma-f999fbbfdd0a?source=rss------bug_bounty-5 | Hhuseyinuyar | xml, burpsuite, injection, bug-bounty, xxe | 28-Feb-2024 |
how i make 6,000$ with jwt manipulation on web3 crypto application ? | https://medium.com/@zack0x01_/how-i-make-6-000-with-jwt-manipulation-on-web3-crypto-application-1e659c927647?source=rss------bug_bounty-5 | zack0x01 | bug-bounty-program, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 28-Feb-2024 |
Hack Stories: Hacking Hackers EP:2 | https://infosecwriteups.com/hack-stories-hacking-hackers-ep-2-b4d2e628781e?source=rss------bug_bounty-5 | c0d3x27 | cybersecurity, threat-intelligence, hacking, software-development, bug-bounty | 28-Feb-2024 |
First bug and bounty | https://medium.com/@Rahulkrishnan_R_Panicker/first-bug-and-bounty-5612ba5d455e?source=rss------bug_bounty-5 | Rahulkrishnan R Panicker | info-sec-writeups, bug-bounty, programming, technology, infosec | 27-Feb-2024 |
Jenkins Arbitrary File Reading Vulnerability (CVE-2024–23897) — Bug Bounty Tuesday | https://medium.com/@kerstan/jenkins-arbitrary-file-reading-vulnerability-cve-2024-23897-bug-bounty-tuesday-8e3a69443d9b?source=rss------bug_bounty-5 | kerstan | technology, bug-bounty, security, cybersecurity, programming | 27-Feb-2024 |
Bug Bounty should be a goto solution for your web3 security needs | https://securrtech.medium.com/bug-bounty-should-be-a-goto-solution-for-your-web3-security-needs-46b0f07b1a96?source=rss------bug_bounty-5 | Securr | web3-security, bug-bounty, web3 | 27-Feb-2024 |
Leak JWT Private Key leads to Bypass Authentication | https://sonnguy3n.medium.com/leak-jwt-private-key-leads-to-bypass-authentication-e0bd984f55ad?source=rss------bug_bounty-5 | Son Nguyen | security, bypass, bug-bounty, jwt-token | 27-Feb-2024 |
Finding and exploiting blind XXE vulnerabilities | https://cyberw1ng.medium.com/finding-and-exploiting-blind-xxe-vulnerabilities-446f1f41eab9?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, penetration-testing, careers, bug-bounty | 27-Feb-2024 |
Reconnaissance: A Google-Dorking Affair | https://medium.com/@kieran.x.willey/reconnaissance-a-google-dorking-affair-21edfb4e3b0f?source=rss------bug_bounty-5 | Kieran W | penetration-testing, bug-bounty, reconnaissance, hacking, google-dorking | 27-Feb-2024 |
How do you know if someone has opened your email or not? | https://medium.com/@deadoverflow/how-do-you-know-if-someone-has-opened-your-email-or-not-c5bcefda3a89?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty, chrome-extension, hacking, programming, cybersecurity | 27-Feb-2024 |
Read This If You Still Watch Porn in Google Incognito Mode ⚫ | https://medium.com/@Ajakcybersecurity/read-this-if-you-still-watch-porn-in-google-incognito-mode-ab4a5faa1dcc?source=rss------bug_bounty-5 | AjakCybersecurity | google, history, ethical-hacking, bug-bounty, cybersecurity | 27-Feb-2024 |
CVE-2023–40000: How Safe Is Your Internet Box? ️ | https://medium.com/coded-tech-talk/cve-2023-40000-how-safe-is-your-internet-box-%EF%B8%8F-06ff1f872f7b?source=rss------bug_bounty-5 | Coded Conversations | cyber-security-awareness, cve, vulnerability, cybersecurity, bug-bounty | 27-Feb-2024 |
The Exploitation of Massive Slack Workspaces Registration Vulnerability | https://medium.com/@siratsami71/the-exploitation-of-massive-slack-workspaces-registration-vulnerability-0c0e76e5cd3e?source=rss------bug_bounty-5 | Sirat Sami (analyz3r) | bug-bounty, cybersecurity, hackerone | 27-Feb-2024 |
Major Security Flaw in ConnectWise ScreenConnect — CVE-2024–1709 | https://medium.com/@elniak/major-security-flaw-in-connectwise-screenconnect-cve-2024-1709-633015ba2b9f?source=rss------bug_bounty-5 | ElNiak | cve, cybersecurity, ransomware, bug-bounty, penetration-testing | 26-Feb-2024 |
Pwn College — Talking to Web Walkthrough by Karthikeyan Nagaraj | https://infosecwriteups.com/pwn-college-talking-to-web-walkthrough-by-karthikeyan-nagaraj-48d13b3a1216?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, hacking, security, careers | 26-Feb-2024 |
This is How I Received My Acknowledgement from Microsoft | https://medium.com/@kamilrahman32/this-is-how-i-received-my-acknowledgement-from-microsoft-2366b58cbd98?source=rss------bug_bounty-5 | Kamil Rahuman | microsoft, cybersecurity, hall-of-fame, bug-bounty, bug-bounty-tips | 26-Feb-2024 |
Hunting for Hidden Parameters in Burp Suite | https://medium.com/mii-cybersec/hunting-for-hidden-parameters-in-burp-suite-98b54616f863?source=rss------bug_bounty-5 | Bryan Matthew | hidden-parameters, bug-bounty, burpsuite, red-team, owasp | 26-Feb-2024 |
Lakshya CTF 2k24 by pict cyber cell | https://medium.com/@suyogpatil1810/lakshya-ctf-2k24-by-pict-cyber-cell-6ec37ec0b954?source=rss------bug_bounty-5 | Suyog Patil | ctf-writeup, bug-bounty, ctf, engineering, hacking | 26-Feb-2024 |
How I Found Xss In A Inactive Hackerone Program With My Mobile | https://medium.com/@mrraghavop12/how-i-found-xss-in-a-inactive-hackerone-program-34464552256e?source=rss------bug_bounty-5 | Ethical Raghav | bug-bounty-tips, technology, blockchain, bug-bounty, cybersecurity | 26-Feb-2024 |
Glider: Revolutionizing Web3 Auditing and Security Analysis | https://medium.com/coinmonks/glider-revolutionizing-web3-auditing-and-security-analysis-3a3ad6add87d?source=rss------bug_bounty-5 | Officer's Notes | bug-bounty, solidity, smart-contracts, dapps, blockchain | 26-Feb-2024 |
Hacking Android Apps With Frida | https://blog.prodefense.io/hacking-android-apps-with-frida-f4b9121228b6?source=rss------bug_bounty-5 | Matthew Keeley | security, pentesting, bug-bounty, android, hacking | 26-Feb-2024 |
Html-Injection [ Bug Bounty ] | https://medium.com/@rhashibur75/html-injection-bug-bounty-a41f87217118?source=rss------bug_bounty-5 | Kazi Hashibur Rahman | bug-bounty | 25-Feb-2024 |
Create Your Own File Extension | https://medium.com/@paritoshblogs/create-your-own-file-extension-fa484c677590?source=rss------bug_bounty-5 | Paritosh | coding, file-extension, bug-bounty, programming, information-technology | 25-Feb-2024 |
Business Logic Error in the Comment Section of a Porn site | https://medium.com/@vflexo/business-logic-error-in-the-comment-section-of-a-porn-site-42643f66dfee?source=rss------bug_bounty-5 | vFlexo | vapt, cybersecurity, ethical-hacking, bug-bounty, penetration-testing | 25-Feb-2024 |
CRLF injection | https://medium.com/@R00tendo/crlf-injection-ae26521c5e4c?source=rss------bug_bounty-5 | R00tendo | web-application-security, bug-bounty, web-security, crlf-injection | 25-Feb-2024 |
The Story of How I Hacked a Website with a Simple Stored XSS Payload (And How Bugcrowd Turned Me… | https://medium.com/@iamrizwanvp/the-story-of-how-i-hacked-a-website-with-a-simple-stored-xss-payload-and-how-bugcrowd-turned-me-63773d5906ff?source=rss------bug_bounty-5 | RIZWAN | bug-bounty-tips, cybersecurity, bug-bounty, penetration-testing, vulnerability | 25-Feb-2024 |
I took over 10 Million Accounts, Easy API Hacking | https://infosecwriteups.com/i-took-over-10-million-accounts-easy-api-hacking-89a7092abe40?source=rss------bug_bounty-5 | Ravaan | bug-bounty, bug-bounty-writeup, api, hacking, cybersecurity | 25-Feb-2024 |
Beyond the Wall: Bypassing OTP, WAF, and 403 for exploiting a SQL Injection | https://medium.com/@remmy9/beyond-the-wall-bypassing-otp-waf-and-403-for-exploiting-a-sql-injection-97f06a3527c0?source=rss------bug_bounty-5 | Remmy | hacking, 403-bypass, bug-bounty, waf-bypass, sql-injection | 25-Feb-2024 |
10.5 Lab: Blind SSRF with out-of-band detection | 2024 | https://cyberw1ng.medium.com/10-5-lab-blind-ssrf-with-out-of-band-detection-2024-2497bcf7859c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, bug-bounty, security, careers | 25-Feb-2024 |
The Aspida Bug Bounty Program | https://medium.com/@aspidabd/the-aspida-bug-bounty-program-84e4495955c1?source=rss------bug_bounty-5 | Aspida | lsd, lsdfi, blockchain, staking, bug-bounty | 24-Feb-2024 |
Best Approach to active Directory: 2 | https://medium.com/@anekantsinghai/best-approach-to-active-directory-2-b32a8bb2be7e?source=rss------bug_bounty-5 | Anekant Singhai Jain | penetration-testing, windows, bug-bounty, cybersecurity, active-directory | 24-Feb-2024 |
Explaining and exploiting open redirect vulnerabilities | https://medium.com/@R00tendo/explaining-and-exploiting-open-redirect-vulnerabilities-67dd825e2c49?source=rss------bug_bounty-5 | R00tendo | open-redirect, web-security, bug-bounty, web-application-security, web-hacking | 24-Feb-2024 |
How I Got $5,000 for Out-of-Scope XSS | https://7odamoo.medium.com/how-i-got-5-000-for-out-of-scope-xss-f96938a8c561?source=rss------bug_bounty-5 | Mahmoud Hamed (7odamoo) | bug-bounty-tips, bug-bounty, pentesting | 24-Feb-2024 |
Ethernaut Challenge Level 16: Solution (Preservation) | https://shubhamnagar1.medium.com/ethernaut-challenge-level-16-solution-preservation-4403230b469c?source=rss------bug_bounty-5 | Shubham Nagar | solidity, blockchain, cybersecurity, bug-bounty, ethernaut | 24-Feb-2024 |
Bypass Rate Limits on authentication endpoints like a pro………! | https://medium.com/@a13h1/bypass-rate-limits-on-authentication-endpoints-like-a-pro-2054460a43c0?source=rss------bug_bounty-5 | Abhi Sharma | programming, rate-limiting, api, cybersecurity, bug-bounty | 24-Feb-2024 |
10.4 Lab: SSRF with filter bypass via open redirection vulnerability | 2024 | https://cyberw1ng.medium.com/10-4-lab-ssrf-with-filter-bypass-via-open-redirection-vulnerability-2024-fa36d8f10968?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, security, bug-bounty, hacking | 24-Feb-2024 |
How i was able to hack over 10 million websites using BAC : broken access controle . | https://medium.com/@zack0x01_/how-i-was-able-to-hack-over-10-million-websites-using-bac-broken-access-controle-ce6b704e3dcb?source=rss------bug_bounty-5 | zack0x01 | hacking-training, bug-bounty-tips, bug-bounty, bug-bounty-writeup, hacking | 23-Feb-2024 |
How Automation Detected Default Admin Credential Worth $500 | https://vijetareigns.medium.com/how-automation-detected-default-admin-credential-worth-500-d6c09719d307?source=rss------bug_bounty-5 | the_unlucky_guy | bug-bounty-tips, bug-bounty-writeup, bug-bounty, bugbounty-writeup, cybersecurity | 23-Feb-2024 |
Shodan - “Unauthorized access to setup panel” | https://medium.com/@bug.hun3r/shodan-power-unauthorized-access-to-setup-panel-c64bd63f9b3e?source=rss------bug_bounty-5 | mo9kHu93r | hacking, web-application-security, bug-hunting, cybersecurity, bug-bounty | 23-Feb-2024 |
10.3 Lab: SSRF with blacklist-based input filter | 2024 | https://cyberw1ng.medium.com/10-3-lab-ssrf-with-blacklist-based-input-filter-2024-9a7972ab7e8f?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, security, careers, hacking, bug-bounty | 23-Feb-2024 |
From CRLF Injection to XSS: Elevating the Stakes in Apple iTunes Security | https://xelkomy.medium.com/from-crlf-injection-to-xss-elevating-the-stakes-in-apple-itunes-security-597dc435fd82?source=rss------bug_bounty-5 | Khaled Mohamed | crlf, infosec, bug-bounty, penetration-testing, xs | 23-Feb-2024 |
Unveiling Bug Bounties: Balancing the Scale of Application Security | https://sushantkatare.medium.com/unveiling-bug-bounties-balancing-the-scale-of-application-security-be5645395101?source=rss------bug_bounty-5 | Sushant Katare, CISSP | bug-bounty, vulnerability, bugs | 23-Feb-2024 |
Hacking Web Meeting/Webinar App | https://ronak-9889.medium.com/hacking-web-meeting-webinar-app-1cb31c648752?source=rss------bug_bounty-5 | Ronak Patel | information-security, ethical-hacking, cybersecurity, bug-bounty | 23-Feb-2024 |
A Pen worth 80K (BBP#2) | https://infosecwriteups.com/a-pen-worth-80k-bbp-2-dceb0db18366?source=rss------bug_bounty-5 | Devender Rao | penetration-testing, cybersecurity, bug-bounty, application-security, linux | 23-Feb-2024 |
How I Got 1-Click ATO through self-XSS | https://medium.com/@0x3adly/how-i-was-able-to-get-1-click-ato-through-self-xss-6a6f59b3a6da?source=rss------bug_bounty-5 | Anas Eladly ( 0x3adly ) | bug-bounty, csrf, penetration-testing, cross-site-scripting, bug-bounty-tips | 22-Feb-2024 |
Disclose assigned apps of any facebook user | https://gtm0x01.medium.com/disclose-assigned-apps-of-any-facebook-user-e78bcff1de71?source=rss------bug_bounty-5 | Gtm Mänôz | bug-bounty, graphql, facebook-bug-bounty, bug-bounty-writeup, infosec | 22-Feb-2024 |
IDOR: The Simple Switch | https://medium.com/@ganga_/idor-the-simple-switch-19d881358552?source=rss------bug_bounty-5 | Ganga | ethical-hacking, bug-bounty-writeup, bug-bounty, web-application-security, penetration-testing | 22-Feb-2024 |
How To Report a Vulnerability which is not a part of the VDP Program? | https://medium.com/@Ajakcybersecurity/how-to-report-a-vulnerability-which-is-not-a-part-of-the-vdp-program-b7b951795c45?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, penetration-testing, bug-bounty, hacking, blog | 22-Feb-2024 |
HTTP-Only Sessions: No Problem? ATO Still Lurks via XSS! | https://kokomagedd.medium.com/http-only-sessions-no-problem-ato-still-lurks-via-xss-d415dec701d0?source=rss------bug_bounty-5 | Kyrillos Maged | bug-bounty, bug-bounty-tips, xss-attack, cybersecurity, infosec | 22-Feb-2024 |
Mastering BetterCap: A Beginner’s Guide to Network Attacks and Monitoring | https://infosecwriteups.com/mastering-bettercap-a-beginners-guide-to-network-attacks-and-monitoring-b313c1f85489?source=rss------bug_bounty-5 | ElNiak | bug-bounty, cybersecurity, reconnaissance, network-security, bettercap | 22-Feb-2024 |
Exploiting XSS to Perform CSRF | https://medium.com/@marduk.i.am/exploiting-xss-to-perform-csrf-275288910459?source=rss------bug_bounty-5 | Marduk I Am | stored-xss, cybersecurity, bug-bounty, portswigger-lab, cross-site-scripting | 22-Feb-2024 |
How I logged into user accounts with no information | https://medium.com/@jsamia/how-i-logged-into-user-accounts-with-no-information-629f50e8885d?source=rss------bug_bounty-5 | Jaeden Samia | security, ethical-hacking, bug-bounty | 22-Feb-2024 |
Using Wayback And DNS rebinding For SSRF | https://medium.com/@amnotacat/using-wayback-and-dns-rebinding-for-ssrf-a5a16f611acc?source=rss------bug_bounty-5 | amnotacat | bug-bounty | 22-Feb-2024 |
Exploit Development: Classic Buffer Overflows | https://medium.com/@boogsta/exploit-development-classic-buffer-overflows-0416a7ed1d9a?source=rss------bug_bounty-5 | Boogsta | cyber, hacking, bug-bounty, tryhackme, cybersecurity | 22-Feb-2024 |
Hack The Box Certified Bug Bounty Hunter (CBBH) Review | https://medium.com/@josselin_poupeney/hack-the-box-certified-bug-bounty-hunter-cbbh-review-f25796cb22ee?source=rss------bug_bounty-5 | Josselin Poupeney | bug-bounty, pentesting, hackin, cbbh, hackthebox | 22-Feb-2024 |
How Bug Bounties Are Incentivising Ethical Hacking | https://medium.com/@cybertec/how-bug-bounties-are-incentivising-ethical-hacking-1fa49410e0aa?source=rss------bug_bounty-5 | Jonathan Paulson | bug-bounty, hacking, cybercrime, cybersecurity, quantum-computing | 22-Feb-2024 |
Absolute Beginners Guide For Finding P4 Bugs (With Real Example!)-Part 2 | https://medium.com/@avbhijitdutta99/absolute-beginners-guide-for-finding-p4-bugs-with-real-example-part-2-c4a9d9c7af43?source=rss------bug_bounty-5 | Cyberbeat | bugs, cybersecurity, cyberattack, bug-bounty, bug-bounty-tips | 21-Feb-2024 |
10 Kesalahan Coding Yang Membuat Aplikasi Kurang Aman | https://medium.com/@yasminramadini/10-kesalahan-coding-yang-membuat-aplikasi-kurang-aman-77da9d768594?source=rss------bug_bounty-5 | Yasmin Ramadini | programming, cybersecurity, cyber-security-awareness, coding, bug-bounty | 21-Feb-2024 |
Understanding Wazuh | https://medium.com/@paritoshblogs/understanding-wazuh-b4748d21c6ba?source=rss------bug_bounty-5 | Paritosh | threat-detection, siem, cybersecurity, bug-bounty, wazuh | 21-Feb-2024 |
Bug bounty writeup : 2F/OTP Bypass on Registeration via Response manipulation | https://noorhomaid.medium.com/bug-bounty-writeup-2f-otp-bypass-on-registeration-via-response-manipulation-2e53573ffa4c?source=rss------bug_bounty-5 | NoorHomaid | bug-bounty, ethical-hacking, bugbounty-writeup, cybersecurity | 21-Feb-2024 |
9.5 Lab: Exploiting time-sensitive vulnerabilities | 2024 | https://infosecwriteups.com/9-5-lab-exploiting-time-sensitive-vulnerabilities-2024-d5bf94cdcf59?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, security, hacking, cybersecurity | 21-Feb-2024 |
Critical Vulnerabilities in VMware EAP Uncovered — Unraveling CVE-2024–22245 | https://medium.com/@elniak/critical-vulnerabilities-in-vmware-eap-uncovered-unraveling-cve-2024-22245-08746ff09907?source=rss------bug_bounty-5 | ElNiak | vulnerability, programming, bug-bounty, vmware, cybersecurity | 21-Feb-2024 |
This is the easiest bug you can find right now. | https://medium.com/@an0nbil/this-is-the-easiest-bug-you-can-find-right-now-eb324861c238?source=rss------bug_bounty-5 | an0nbil | ethical-hacking, bug-bounty, programming, bug-bounty-tips, cybersecurity | 21-Feb-2024 |
Critical Vulnerabilities in VMware EAP Uncovered — Unraveling CVE-2024–22245 | https://systemweakness.com/critical-vulnerabilities-in-vmware-eap-uncovered-unraveling-cve-2024-22245-08746ff09907?source=rss------bug_bounty-5 | ElNiak | vulnerability, programming, bug-bounty, vmware, cybersecurity | 21-Feb-2024 |
9.4 Lab: Single-endpoint race conditions | 2024 | https://cyberw1ng.medium.com/9-4-lab-single-endpoint-race-conditions-2024-40b12d1ae4be?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, security, careers, cybersecurity, hacking | 20-Feb-2024 |
Apa Itu Cross Site Scripting? Jenis, Dampak, Dan Pencegahannya | https://medium.com/@yasminramadini/apa-itu-cross-site-scripting-jenis-dampak-dan-pencegahannya-e507eedb43f8?source=rss------bug_bounty-5 | Yasmin Ramadini | cybersecurity, xss-attack, pentesting, cyber-security-awareness, bug-bounty | 20-Feb-2024 |
My Unbelievable Hack into HR Admin — A Bug Bounty Tale!!! | https://medium.com/@ratnadip1998/my-unbelievable-hack-into-hr-admin-a-bug-bounty-tale-853338770d8c?source=rss------bug_bounty-5 | Ratnadip Gajbhiye | bugcrowd, ethical-hacking, bug-bounty, bug-bounty-tips, hackerone | 20-Feb-2024 |
Hou I Discovering the Origin IP In Bug Bounty — Bug Bounty Tuesday | https://medium.com/@kerstan/hou-i-discovering-the-origin-ip-in-bug-bounty-bug-bounty-tuesday-47fa16c4ef34?source=rss------bug_bounty-5 | kerstan | security, technology, bug-bounty, cybersecurity, programming | 20-Feb-2024 |
How I Discovering the Origin IP In Bug Bounty — Bug Bounty Tuesday | https://medium.com/@kerstan/hou-i-discovering-the-origin-ip-in-bug-bounty-bug-bounty-tuesday-47fa16c4ef34?source=rss------bug_bounty-5 | kerstan | security, technology, bug-bounty, cybersecurity, programming | 20-Feb-2024 |
Breach the Build: Exploiting Jenkins (CVE-2024–23897) | https://medium.com/@josh.beck2006/breach-the-build-exploiting-jenkins-cve-2024-23897-f2ecc415f9bf?source=rss------bug_bounty-5 | Josh Beck | oscp, cybersecurity, ctf-writeup, bug-bounty | 20-Feb-2024 |
How easy it is to find Private Info on Google | https://medium.com/@lochana8723/mastering-osint-gold-mines-a-guide-to-google-dorking-for-bug-bounty-success-e1f2acbbf4f2?source=rss------bug_bounty-5 | Lochana Dissanayake | cybersecurity, ethical-hacking, bug-bounty, osint | 20-Feb-2024 |
Response Manipulation leads to Bypassing the OTP email verification | https://kiraadx.medium.com/response-manipulation-leads-to-bypassing-the-otp-email-verification-3107d558e8a5?source=rss------bug_bounty-5 | KiRaaDx | bug-bounty-tips, bug-bounty | 20-Feb-2024 |
Day 14 Bug Bounty Challenge — Found $1000 Stored XSS | https://medium.com/@avbhijitdutta99/day-14-bug-bounty-challenge-found-1000-stored-xss-c0c9813bbe5a?source=rss------bug_bounty-5 | Abhijit Dutta | bug-bounty, bugbountychallenge, bug-bounty-tips, bug-bounty-writeup | 19-Feb-2024 |
9.3 Lab: Multi-endpoint race conditions | 2024 | https://cyberw1ng.medium.com/9-3-lab-multi-endpoint-race-conditions-2024-5617e806a0fc?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, security, bug-bounty, careers, hacking | 19-Feb-2024 |
HackTheBox — Monitored | https://medium.com/@mxzartxbyte/hackthebox-monitored-6cd7bc16f080?source=rss------bug_bounty-5 | mxz4rt | bug-bounty, penetration-testing, network-penetration, hackthebox-writeup, hack-the-box-writeup | 19-Feb-2024 |
The Ultimate Guide to Top Bug Bounty Platforms in 2024 | https://medium.com/@crawsecurity/the-ultimate-guide-to-top-bug-bounty-platforms-in-2024-6934a3db42d2?source=rss------bug_bounty-5 | crawsecurity | bugs, bug-fixes, bug-bounty-tips, bug-zero, bug-bounty | 19-Feb-2024 |
Unlocking Creativity: TCS HackQuest S8 Unveiled — Round 2 | https://medium.com/@Dark_D3v1l/unlocking-creativity-tcs-hackquest-s8-unveiled-round-2-a311e68becd4?source=rss------bug_bounty-5 | Raviteja | web-security, ctf-writeup, bug-bounty, reverse-engineering, tcs-hackquest | 19-Feb-2024 |
How to Find First Bug (For Beginners) | https://hackerhq.medium.com/how-to-find-first-bug-for-beginners-22a9177e94a0?source=rss------bug_bounty-5 | HackerHQ | cyber-security-awareness, bug-bounty-tips, cybersecurity, hackerone, bug-bounty | 19-Feb-2024 |
Android Architecture Components: Android Pentesting | https://bot2root.medium.com/android-architecture-components-android-pentesting-1279e35c2d32?source=rss------bug_bounty-5 | Raghuveer Singh Chouhan | pentesting, bug-bounty, hacking, cybersecurity, android | 19-Feb-2024 |
Searching industrial infrastructure with Netlas.io | https://netlas.medium.com/searching-industrial-infrastructure-with-netlas-io-49c08ca519a2?source=rss------bug_bounty-5 | Netlas.io | bug-bounty, critical-infrastructure, penetration-testing, cybersecurity, information-security | 19-Feb-2024 |
Absolute Beginners Guide For Finding P4 Bugs -Part 1 | https://medium.com/@avbhijitdutta99/absolute-beginners-guide-for-finding-p4-bugs-part-1-5585cc94ac8b?source=rss------bug_bounty-5 | Cyberbeat | bug-bounty-hunter, bug-bounty-tips, bug-bounty-program, bug-bounty | 19-Feb-2024 |
Dorking-Pentesting: Create Your Own Automated Pentesting Tools | https://medium.com/@elniak/dorking-pentesting-create-your-own-automated-pentesting-tools-11134114c2b7?source=rss------bug_bounty-5 | ElNiak | tools, bug-bounty, python, penetration-testing, google | 19-Feb-2024 |
Web Cache Poisoing leads to ATO (Account takeover) | https://medium.com/@hoosgamer/web-cache-poisoing-leads-to-ato-account-takeover-2522b4583a97?source=rss------bug_bounty-5 | HooS | hacking, bug-bounty-tips, bug-bounty, bug-bounty-writeup, web-security | 19-Feb-2024 |
Apa Itu Security Operation Center (SOC) | https://medium.com/@yasminramadini/apa-itu-security-operation-center-soc-345f56cd85f3?source=rss------bug_bounty-5 | Yasmin Ramadini | pentesting, bug-bounty, cybersecurity, soc-analyst, ethical-hacking | 18-Feb-2024 |
HackTheBox — SQLMap Essentials | https://medium.com/@harry.hphu/hackthebox-sqlmap-essentials-72eaa7a13596?source=rss------bug_bounty-5 | Huy Phu | web-application-security, bug-bounty, sql, hackthebox | 18-Feb-2024 |
Introduction to API Testing — API Discovery and Interaction | https://medium.com/@harry.hphu/introduction-to-api-testing-api-discovery-and-interaction-705248fc089e?source=rss------bug_bounty-5 | Huy Phu | api, bug-bounty, web-application-security, api-testing | 18-Feb-2024 |
Introduction to API Testing — Reconnaissance | https://medium.com/@harry.hphu/introduction-to-api-testing-reconnaissance-7b471f4f4e73?source=rss------bug_bounty-5 | Huy Phu | web-application-security, api-testing, api, bug-bounty | 18-Feb-2024 |
Easy automation of bug bounty using Ethred | https://medium.com/@eyaalgabay/automate-bug-bounty-using-ethred-de042fb19926?source=rss------bug_bounty-5 | Eyaalgabay | penetration-testing, bug-bounty, web-security, bugbounty-tips, hacking | 18-Feb-2024 |
My New Tool For Information Finding | https://medium.com/@mrraghavop12/my-new-tool-for-information-finding-92a205a6e305?source=rss------bug_bounty-5 | Ethical Raghav | data-science, bug-bounty-tips, programming, bug-bounty, technology | 18-Feb-2024 |
Introduction to API Testing — Server-Side Parameter Pollution | https://medium.com/@harry.hphu/introduction-to-api-testing-server-side-parameter-pollution-52dc5c170d19?source=rss------bug_bounty-5 | Huy Phu | web-application-security, api, api-testing, bug-bounty | 18-Feb-2024 |
Introduction to API Testing — Mass Assignment vulnerabilities | https://medium.com/@harry.hphu/introduction-to-api-testing-mass-assignment-vulnerabilities-1643f75d1d20?source=rss------bug_bounty-5 | Huy Phu | web-application-security, api-testing, api, bug-bounty | 18-Feb-2024 |
Exploiting Cross-Site Scripting to Capture Passwords | https://medium.com/@marduk.i.am/exploiting-cross-site-scripting-to-capture-passwords-b2cda84698b0?source=rss------bug_bounty-5 | Marduk I Am | cybersecurity, cross-site-scripting, portswigger-lab, bug-bounty, stored-xss | 18-Feb-2024 |
9.2 Lab: Bypassing rate limits via race conditions | 2024 | https://cyberw1ng.medium.com/9-2-lab-bypassing-rate-limits-via-race-conditions-2024-533185d6d94e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, cybersecurity, secuity, hacking | 18-Feb-2024 |
PortSwigger — LAB-6 Remote code execution via polyglot web shell upload (Bug Bounty Prep)[by… | https://infosecwriteups.com/portswigger-lab-6-remote-code-execution-via-polyglot-web-shell-upload-bug-bounty-prep-by-b426b0d50d39?source=rss------bug_bounty-5 | dollarboysushil | cybersecurity, ethical-hacking, portswigger, web-app-security, bug-bounty | 18-Feb-2024 |
Open a link, and your Wi-Fi password is changed. | https://medium.com/@deadoverflow/open-a-link-and-your-wi-fi-password-is-changed-7c47ccb4d095?source=rss------bug_bounty-5 | Imad Husanovic | hacking, cybersecurity, programming, bug-bounty, bug-bounty-tips | 18-Feb-2024 |
Detecting and exploiting limit overrun race conditions with Turbo Intruder | https://cyberw1ng.medium.com/detecting-and-exploiting-limit-overrun-race-conditions-with-turbo-intruder-424bed12f2cf?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, hacking, security, bug-bounty | 17-Feb-2024 |
0Day SQLi Discovered during internal PenTesting | https://medium.com/@SentinelXTeam/0day-sqli-discovered-during-internal-pentesting-0d00db3147c5?source=rss------bug_bounty-5 | SentinelX Research | bug-bounty, exploitation, cybersecurity, bug-bounty-tips, 0day | 17-Feb-2024 |
Mengintip database Website Bimbel di Indonesia | https://uzet.medium.com/mengintip-database-website-bimbel-di-indonesia-1d3620ce438d?source=rss------bug_bounty-5 | Timotius Benhur | pentesting, web-security, bug-bounty-tips, bug-bounty | 17-Feb-2024 |
How much longer must we dwell, with W-S-D-L? | https://medium.com/illumination/how-much-longer-must-we-dwell-with-w-s-d-l-789eb659b77a?source=rss------bug_bounty-5 | Quintius Walker | bug-bounty, poetry, web-development, creative-writing, hacking | 17-Feb-2024 |
PortSwigger — LAB -4 Web shell upload via extension blacklist bypass (Bug Bounty Prep)[by… | https://infosecwriteups.com/portswigger-lab-4-web-shell-upload-via-extension-blacklist-bypass-bug-bounty-prep-by-7c6233320f81?source=rss------bug_bounty-5 | dollarboysushil | web-app-security, portswigger, cybersecurity, bug-bounty, file-upload-vulnerability | 17-Feb-2024 |
weird bug using fake id via photoshop worth $*** | https://hamzadzworm.medium.com/weird-bug-using-fake-id-via-photoshop-worth-1fe5dbd04497?source=rss------bug_bounty-5 | Hamzadzworm | bugbounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips, infosec | 17-Feb-2024 |
PortSwigger — LAB-5 Web shell upload via obfuscated file extension (Bug Bounty Prep)[by… | https://dollarboysushil.medium.com/portswigger-lab-5-web-shell-upload-via-obfuscated-file-extension-bug-bounty-prep-by-5232dd3fb8fa?source=rss------bug_bounty-5 | dollarboysushil | portswigger, cybersecurity, bug-bounty, ethical-hacking, web-app-security | 17-Feb-2024 |
Harnessing Microsoft Copilot as a Cybersecurity Advisor | https://infosecwriteups.com/harnessing-microsoft-copilot-as-a-cybersecurity-advisor-518c46f697b3?source=rss------bug_bounty-5 | Paritosh | microsoft, cybersecurity, bug-bounty, information-security, microsoft-copilot | 17-Feb-2024 |
Demystifying HTTP Request Smuggling: Detection to Exploitation | https://roadtooscp.medium.com/demystifying-http-request-smuggling-detection-to-exploitation-d6bc7beed73e?source=rss------bug_bounty-5 | RoadToOSCP | bug-bounty, owasp, bug-bounty-tips, pentesting, ethical-hacking | 17-Feb-2024 |
GitHub Recon- For Finding Sensitive Information | https://medium.com/@pawan_rawat/github-recon-for-finding-sensitive-information-aecdeb9c9dce?source=rss------bug_bounty-5 | Pawanrawat | github-recon, bug-bounty-writeup, sensitive-data-exposure, bug-bounty-tips, bug-bounty | 17-Feb-2024 |
How do I automate my recon — Part One | https://medium.com/@aliraah/how-do-i-automate-my-recon-part-one-fd17dc8717c8?source=rss------bug_bounty-5 | Ali | python, reconnaissance, automation, bash, bug-bounty | 17-Feb-2024 |
The Unseen 0-Click Threat Lurking in Your Inbox: CVE-2024–21413 Explained | https://systemweakness.com/the-unseen-0-click-threat-lurking-in-your-inbox-cve-2024-21413-explained-a8bd9ec0c46d?source=rss------bug_bounty-5 | ElNiak | vulnerability, cybersecurity, microsoft-outlook, bug-bounty, rce | 17-Feb-2024 |
Hacking the Dutch Government | https://medium.com/@jackson_80133/hacking-the-dutch-government-153678a191c0?source=rss------bug_bounty-5 | Jackson | cybersecurity, hacking, bug-bounty | 17-Feb-2024 |
MonikerLink Meltdown: Demystifying CVE-2024–21413 and Dodging Outlook’s Booby Trap | https://medium.com/@chinamayjoshi/monikerlink-meltdown-demystifying-cve-2024-21413-and-dodging-outlooks-booby-trap-43ba52c4b458?source=rss------bug_bounty-5 | The Cyber Tornado | information-security, microsoft, vapt, cybersecurity, bug-bounty | 17-Feb-2024 |
The Importance of Sharing Cybersecurity Knowledge on Reading Platforms | https://medium.com/@paritoshblogs/the-importance-of-sharing-cybersecurity-knowledge-on-reading-platforms-34a474a51522?source=rss------bug_bounty-5 | Paritosh | information-security, infosec, hacking, cybersecurity, bug-bounty | 16-Feb-2024 |
Researcher’s Experience — Bug Bounty Program | https://medium.com/@_crac/researchers-experience-bug-bounty-program-7d588c363fa6?source=rss------bug_bounty-5 | CRAC Learning | bug-bounty, security, research, cybersecurity | 16-Feb-2024 |
GitHub Enterprise Server vulns | https://irsl.medium.com/github-enterprise-server-vulns-26889987919c?source=rss------bug_bounty-5 | Imre Rad | security, github, bug-bounty | 16-Feb-2024 |
Windows Defender SmartScreen Vulnerability: CVE-2024–21412 Exposes Financial Traders to… | https://systemweakness.com/windows-defender-smartscreen-vulnerability-cve-2024-21412-exposes-financial-traders-to-a03ff476a293?source=rss------bug_bounty-5 | ElNiak | windows, bug-bounty, cybersecurity, vulnerability, malware | 16-Feb-2024 |
Mastering Cross-Site Scripting (XSS): Risks, Detection, and Prevention | https://medium.com/@elniak/mastering-cross-site-scripting-xss-risks-detection-and-prevention-3cee199d2fff?source=rss------bug_bounty-5 | ElNiak | cybersecurity, xss-attack, bug-bounty, programming, xss-vulnerability | 16-Feb-2024 |
Mastering SQLMap: A Comprehensive Guide for Cybersecurity Enthusiasts | https://medium.com/@elniak/mastering-sqlmap-a-comprehensive-guide-for-cybersecurity-enthusiasts-4e224b42396a?source=rss------bug_bounty-5 | ElNiak | sqlmap, programming, cybersecurity, sql-injection, bug-bounty | 16-Feb-2024 |
Guide: ProjectDiscovery’s cvemap to nuclei template mapping. | https://medium.com/@matejsmycka/guide-projectdiscoverys-cvemap-to-nuclei-template-mapping-5535c2934811?source=rss------bug_bounty-5 | Matejsmycka | cybersecurity, bug-bounty, bash, penetration-testing | 16-Feb-2024 |
My First Account Takeover Via Password Reset Poisoning | https://medium.com/@cyberpro151/my-first-account-takeover-via-password-reset-poisoning-7c35baadfbe3?source=rss------bug_bounty-5 | cyberpro151 | web-hacking, bug-bounty, pentesting, account-takeover, offensive-security | 16-Feb-2024 |
Mastering Manual SQL Injection: A Comprehensive Guide for Cybersecurity Enthusiasts | https://systemweakness.com/mastering-manual-sql-injection-a-comprehensive-guide-for-cybersecurity-enthusiasts-4541d46b42a7?source=rss------bug_bounty-5 | ElNiak | sql-injection, cybersecurity, sql, programming, bug-bounty | 16-Feb-2024 |
The Posemesh Avalanche C-Chain Bug Bounty Program | https://medium.com/posemesh/the-posemesh-avalanche-c-chain-bug-bounty-program-b34c01da1277?source=rss------bug_bounty-5 | Auki Labs | bug-bounty, auki-labs, avalanche, posemesh, blockchain | 16-Feb-2024 |
Mastering CSRF: A Comprehensive Guide to Cross-Site Request Forgery | https://medium.com/@elniak/mastering-csrf-a-comprehensive-guide-to-cross-site-request-forgery-a380aca0eab0?source=rss------bug_bounty-5 | ElNiak | web-development, programming, csrf, cybersecurity, bug-bounty | 16-Feb-2024 |
8.6 Lab: Remote code execution via polyglot web shell upload | 2024 | https://cyberw1ng.medium.com/8-6-lab-remote-code-execution-via-polyglot-web-shell-upload-2024-5646ef951c0b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, security, careers, bug-bounty | 16-Feb-2024 |
how i made easy information disclosure bugs in graphql | https://medium.com/@eyaalgabay/how-i-made-easy-information-disclosure-bugs-in-graphql-82284b05d7b4?source=rss------bug_bounty-5 | Eyaalgabay | penetration-testing, bug-bounty, bug-bounty-tips, web-security, hacking | 16-Feb-2024 |
Bypassing Captcha | https://medium.com/@eyaalgabay/bypassing-captcha-29a77c768469?source=rss------bug_bounty-5 | Eyaalgabay | bug-bounty, web-security, penetration-testing, hacking, bug-bounty-tips | 15-Feb-2024 |
The Rise of Large Language Models and the Evolution of Programming: A Thesis on Prompt… | https://analystlevy.medium.com/the-rise-of-large-language-models-and-the-evolution-of-programming-a-thesis-on-prompt-3ab81578408a?source=rss------bug_bounty-5 | Asuquo Levy Eyo Jr | cybercrime, cryptography, bug-bounty, cyber-security-awareness, black-hat-2021 | 15-Feb-2024 |
The Game-Changing Magic of RCE [Cybersecurity] | https://medium.com/@paritoshblogs/the-game-changing-magic-of-rce-cybersecurity-6e1468425e06?source=rss------bug_bounty-5 | Paritosh | bug-bounty, hacking, cybersecurity, information-security, rce | 15-Feb-2024 |
Account Takeover [It Looked Secure at First] | https://cristivlad.medium.com/account-takeover-it-looked-secure-at-first-f14a31cb7f5c?source=rss------bug_bounty-5 | Cristi Vlad | cybersecurity, bug-bounty, penetration-testing, infosec, pentesting | 15-Feb-2024 |
Github Dorking: A Beginner’s Guide to Finding Secrets in Repositories | https://medium.com/@elniak/github-dorking-a-beginners-guide-to-finding-secrets-in-repositories-2d4d36287913?source=rss------bug_bounty-5 | ElNiak | threat-intelligence, github, cybersecurity, github-dorking, bug-bounty | 15-Feb-2024 |
8.5 Lab: Web shell upload via obfuscated file extension | 2024 | https://cyberw1ng.medium.com/8-5-lab-web-shell-upload-via-obfuscated-file-extension-2024-0cb8b3e1e537?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, security, bug-bounty, cybersecurity | 15-Feb-2024 |
Portswigger — Command Injection All Labs Walkthrough(Bug Bounty Prep)[by dollarboysushil] | https://infosecwriteups.com/portswigger-command-injection-all-labs-walkthrough-bug-bounty-prep-by-dollarboysushil-e836421212cf?source=rss------bug_bounty-5 | dollarboysushil | cybersecurity, command-injection, bug-bounty, ethical-hacking, portswigger | 15-Feb-2024 |
HTML Injection in Mail BOX | https://codingninjablogs.tech/html-injection-in-mail-box-c963a8c66d69?source=rss------bug_bounty-5 | #!/Subhankar | html-injection, hackerone, hacking, bug-bounty | 15-Feb-2024 |
Edu-Hack: How a Simple Request Compromised Entire Classrooms Users | https://uchihamrx.medium.com/edu-hack-how-a-simple-request-compromised-entire-classrooms-users-7cefc1225654?source=rss------bug_bounty-5 | Abdelrhman Amin | bug-bounty-tips, cybersecurity, web-security, bug-bounty, penetration-testing | 15-Feb-2024 |
Behind the Screen: The Forgotten Password Feature That Almost Failed Us | https://medium.com/@elcapitano7x/behind-the-screen-the-forgotten-password-feature-that-almost-failed-us-a3e67e103cc5?source=rss------bug_bounty-5 | Elcapitano | bugswagger, bugsbounty, penetration-testing, information-security, bug-bounty | 15-Feb-2024 |
The effectiveness of employing BChecks to uncover significant secrets | https://xelkomy.medium.com/the-effectiveness-of-employing-bchecks-to-uncover-significant-secrets-788e15a8a952?source=rss------bug_bounty-5 | Khaled Mohamed | secrets, bug-bounty, bugswagger, cybersecurity, penetration-testing | 15-Feb-2024 |
Magic No More: Exposing Flaws in Magic Link Authentication | https://medium.com/@elcapitano7x/magic-no-more-exposing-flaws-in-magic-link-authentication-7cede724382f?source=rss------bug_bounty-5 | Elcapitano | bug-bounty, penetration-testing, cybersecurity, bugswagger, information-security | 15-Feb-2024 |
Stored XSS with HTTP only Session Cookies | https://medium.com/techiepedia/stored-xss-with-http-only-session-cookies-32e5eb121384?source=rss------bug_bounty-5 | Jess | programming, website, security, web-development, bug-bounty | 15-Feb-2024 |
CVE-2024–24142 Exploitation & PoC | https://medium.com/@SentinelXTeam/cve-2024-24142-exploitation-poc-045021596804?source=rss------bug_bounty-5 | SentinelX Research | penetration-testing, cybersecurity, hacking, bug-bounty, bug-bounty-tips | 15-Feb-2024 |
open redirect using homographs | https://medium.com/@eyaalgabay/open-redirect-using-homographs-ab2c21513b45?source=rss------bug_bounty-5 | Eyaalgabay | bug-bounty-tips, penetration-testing, bug-bounty, open-redirect, web-hacking | 14-Feb-2024 |
Exploiting Cross-Site Scripting to Steal Cookies | https://medium.com/@marduk.i.am/exploiting-cross-site-scripting-to-steal-cookies-3d14c8b42fae?source=rss------bug_bounty-5 | Marduk I Am | cross-site-scripting, cybersecurity, portswigger-lab, xss-attack, bug-bounty | 14-Feb-2024 |
THIS IS HOW I FOUND FOUR VULNERABLILITY IN 45 MINUTES | https://medium.com/@mrraghavop12/this-is-how-i-found-four-vulnerablility-in-45-minutes-050144a58161?source=rss------bug_bounty-5 | Ethical Raghav | bug-bounty, blockchain, technology, bug-bounty-tips, cybersecurity | 14-Feb-2024 |
Portswigger — Path Traversal All Labs Walkthrough(Bug Bounty Prep)[by dollarboysushil] | https://infosecwriteups.com/portswigger-path-traversal-all-labs-walkthrough-bug-bounty-prep-by-dollarboysushil-85ab64d6106a?source=rss------bug_bounty-5 | dollarboysushil | bug-bounty, web-security, path-traversal, ethical-hacking, portswigger | 14-Feb-2024 |
How I was able to hack my college’s website with number of IDORs and CORS Misconfigurations | https://medium.com/@cyberpro151/how-i-was-able-to-hack-my-colleges-website-with-number-of-idors-and-cors-misconfigurations-0f880d308b79?source=rss------bug_bounty-5 | cyberpro151 | hacking, web-hacking, bug-bounty, idor | 14-Feb-2024 |
GMX V1 Bug Disclosure. | https://morphex.medium.com/gmx-v1-bug-disclosure-71e4ad9a918e?source=rss------bug_bounty-5 | Morphex | defi, bug-bounty, cryptocurrency | 14-Feb-2024 |
8.4 Lab: Web shell upload via extension blacklist bypass | 2024 | https://cyberw1ng.medium.com/8-4-lab-web-shell-upload-via-extension-blacklist-bypass-2024-2010bcaa283c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, security, hacking, bug-bounty, cybersecurity | 14-Feb-2024 |
A Journey through Reconnaissance to MySQL Server Access in the Gaming Realm | https://medium.com/@daniel1895/a-journey-through-reconnaissance-to-mysql-server-access-in-the-gaming-realm-ce6a6f4eb21c?source=rss------bug_bounty-5 | Daniel1895 | fuzzing, bug-bounty, reconnaissance, bug-bounty-tips, hacking | 14-Feb-2024 |
The Hidden Dangers Lurking in NTLM Authentication (Cybersecurity) | https://medium.com/@paritoshblogs/the-hidden-dangers-lurking-in-ntlm-authentication-cybersecurity-17fc4a02dbf9?source=rss------bug_bounty-5 | Paritosh | ntlm, hacking, cybersecurity, authentication, bug-bounty | 13-Feb-2024 |
Introducing M:N Hybrid Threading in Go: Unveiling the Power of Goroutines | https://medium.com/@rezauditore/introducing-m-n-hybrid-threading-in-go-unveiling-the-power-of-goroutines-8f2bd31abc84?source=rss------bug_bounty-5 | rezauditore | programming, tutorial, multithreading, bug-bounty, golang | 13-Feb-2024 |
Best tools you must have to look at for penetration testing. | https://medium.com/@coderjack0/best-tools-you-must-have-to-look-at-for-penetration-testing-5780ad9e7ddf?source=rss------bug_bounty-5 | Bugz_Bunne | pentesting, hacking, cybersecurity, cybe, bug-bounty | 13-Feb-2024 |
Memory vulnerabilities: Buffer and integer overflows, memory leak, and pointer dereferencing | https://medium.com/@forensics.000/memory-vulnerabilities-buffer-and-integer-overflows-memory-leak-and-pointer-dereferencing-b0e7cbbc0cd3?source=rss------bug_bounty-5 | forensics | buffer-overflow, bug-bounty, null-pointer-dereference, memory-improvement | 13-Feb-2024 |
Cross-site and server-side request forgeries (CSRF and SSRF) | https://medium.com/@forensics.000/cross-site-and-server-side-request-forgeries-csrf-and-ssrf-b91911e42e44?source=rss------bug_bounty-5 | forensics | penetration-testing, ssrf, csrf, bug-bounty, hackerone | 13-Feb-2024 |
Cross-site scripting | https://medium.com/@forensics.000/cross-site-scripting-706293b1ad8d?source=rss------bug_bounty-5 | forensics | web-penetration-testing, ctf-writeup, hackerone, xss-attack, bug-bounty | 13-Feb-2024 |
Program Misuse and Privilege Escalation — PWN COLLEGE | https://medium.com/illumination/program-misuse-and-privilege-escalation-pwn-college-9d5dbfd9cb3c?source=rss------bug_bounty-5 | B A T M A N | pwn, pentesting, challenge, hacking, bug-bounty | 13-Feb-2024 |
Unauthenticated Jira CVEs Check List — Bug Tuesday | https://medium.com/@kerstan/unauthenticated-jira-cves-check-list-bug-tuesday-465b16266349?source=rss------bug_bounty-5 | kerstan | security, cybersecurity, technology, information-security, bug-bounty | 13-Feb-2024 |
Email Triggering Leads to Rs1000 Amazon voucher | https://medium.com/@bug.hun3r/email-triggering-leads-to-rs1000-amazon-voucher-7b9447a0b820?source=rss------bug_bounty-5 | mo9kHu93r | bug-hunting, web-application-security, cybersecurity, bug-bounty, hacking | 13-Feb-2024 |
curity8.3 Lab: Web shell upload via path traversal | 2024 | https://cyberw1ng.medium.com/curity8-3-lab-web-shell-upload-via-path-traversal-2024-0c38695963a7?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, hacking, cybersecurity, careers, bug-bounty | 13-Feb-2024 |
Program Misuse and Privilege Escalation — PWN COLLEGE | https://batm4n.medium.com/program-misuse-and-privilege-escalation-pwn-college-9d5dbfd9cb3c?source=rss------bug_bounty-5 | B A T M A N | pwn, pentesting, challenge, hacking, bug-bounty | 13-Feb-2024 |
Comprehensive Guide to Pentesting Methodology: From Zero to Hero | https://medium.com/@elniak/comprehensive-guide-to-pentesting-methodology-from-zero-to-hero-78c94711d130?source=rss------bug_bounty-5 | ElNiak | bug-bounty, technology, cybersecurity, penetration-testing, pentesting | 13-Feb-2024 |
Mastering Nmap: A Comprehensive Guide for Network Discovery and Security Auditing | https://medium.com/@elniak/mastering-nmap-a-comprehensive-guide-for-network-discovery-and-security-auditing-29fa0c669ef7?source=rss------bug_bounty-5 | ElNiak | cybersecurity, penetration-testing, bug-bounty, networking, nmap | 13-Feb-2024 |
Program Misuse and Privilege Escalation — PWN COLLEGE | https://medium.com/illuminations-mirror/program-misuse-and-privilege-escalation-pwn-college-9d5dbfd9cb3c?source=rss------bug_bounty-5 | B A T M A N | pwn, pentesting, challenge, hacking, bug-bounty | 13-Feb-2024 |
How I Found a Reflected XSS at NASA | https://medium.com/@Jh0n_0x/how-i-found-a-reflected-xss-at-nasa-cc8b7584dee7?source=rss------bug_bounty-5 | Jh0n_0x | penetration-testing, securit, bugbounty-tips, bug-bounty, security-services | 12-Feb-2024 |
Most easiest bug in login page : Session Fixation | https://medium.com/@mrraghavop12/most-easiest-bug-in-login-page-session-fixation-3b07eb396aab?source=rss------bug_bounty-5 | Ethical Raghav | cybersecurity, blockchain, ethical-hacking, bug-bounty, technology | 12-Feb-2024 |
IDOR (Insecure direct object reference) pada Website Jual Beli Indonesia | https://uzet.medium.com/idor-insecure-direct-object-reference-pada-website-jual-beli-indonesia-350e2f58755c?source=rss------bug_bounty-5 | Timotius Benhur | writeup, bug-bounty, idor | 12-Feb-2024 |
Webpages Have these Bugs, and can be EXPLOITED!! | https://batm4n.medium.com/webpages-have-these-bugs-and-can-be-exploited-59e10dd94931?source=rss------bug_bounty-5 | B A T M A N | xss-vulnerability, hacking, penetration-testing, xss-attack, bug-bounty | 12-Feb-2024 |
Unraveling Three Critical Vulnerabilities in Atlassian Confluence: CVE-2023–22515, CVE-2023–22518… | https://systemweakness.com/unraveling-three-critical-vulnerabilities-in-atlassian-confluence-cve-2023-22515-cve-2023-22518-071f58539142?source=rss------bug_bounty-5 | ElNiak | vulnerability, exploitation, cybersecurity, atlassian, bug-bounty | 12-Feb-2024 |
Super Bowl and Cybersecurity | https://medium.com/@paritoshblogs/super-bowl-and-cybersecurity-5a8c0097f1f7?source=rss------bug_bounty-5 | Paritosh | bug-bounty, super-bowl, hacking, information-security, cybersecurity | 12-Feb-2024 |
Tow Senario To Pre Account TakeOver | https://medium.com/@Hackoura001/tow-senario-to-pre-account-takeover-e437b772b0e2?source=rss------bug_bounty-5 | Ahmed Elheny | bug-bounty-hunter, bug-bounty, hacking, bug-bounty-writeup, bugbounty-tips | 12-Feb-2024 |
7 Tingkatan IOC Dalam Investigasi Serangan Siber | https://medium.com/@yasminramadini/7-tingkatan-ioc-dalam-investigasi-serangan-siber-107826a59a37?source=rss------bug_bounty-5 | Yasmin Ramadini | bug-bounty, pyramid-of-pain, cybersecurity, cyber-security-awareness | 12-Feb-2024 |
Hack Stories: Hacking Hackers EP:1 | https://infosecwriteups.com/hack-stories-hacking-hackers-ep-1-ff4c3cfc09cc?source=rss------bug_bounty-5 | c0d3x27 | bug-bounty, hacking, cybersecurity, penetration-testing, software-development | 12-Feb-2024 |
Practical Guide to End-to-End Bug Reporting in Software Development | https://medium.com/@niarsdet/practical-guide-to-end-to-end-bug-reporting-in-software-development-9d3e3e4ae8f2?source=rss------bug_bounty-5 | Niar | bugs, issues, qa, bug-fixes, bug-bounty | 12-Feb-2024 |
How I Hacked the Dutch Government: Exploiting an Innocent Image for Remote Code Execution | https://medium.com/@mukundbhuva/how-i-hacked-the-dutch-government-exploiting-an-innocent-image-for-remote-code-execution-df1fa936e46a?source=rss------bug_bounty-5 | Mukund Bhuva | hacking, security, bug-bounty, information-security, cybersecurity | 12-Feb-2024 |
Understanding web applications | https://medium.com/@pentajbr/understanding-web-applications-ec5952eb1903?source=rss------bug_bounty-5 | Jbr AL-Otaibi | hacking, cybersecurity, bug-bounty, website, web-development | 12-Feb-2024 |
How I found a bug in Microsoft | https://nityanandjha18.medium.com/how-i-found-a-bug-in-microsoft-3b8524877a3c?source=rss------bug_bounty-5 | NITYA NAND JHA | bug-bounty, cybersecurity, vulnerability | 12-Feb-2024 |
: Unveiling the Art of Breaching SSH Servers in Bug Bounties: A Dive into Cybersecurity Exploits | https://medium.com/@bugspiderlee/unveiling-the-art-of-breaching-ssh-servers-in-bug-bounties-a-dive-into-cybersecurity-exploits-1b60c95c9075?source=rss------bug_bounty-5 | Pardon Mukoyi | bugbounty-tips, bug-bounty, bugbounty-writeup, cybersecurity | 12-Feb-2024 |
Extract & Scan SSL Certs for HeartBleed via CertGuard tool | https://medium.com/@SentinelXTeam/extract-scan-ssl-certs-for-heartbleed-via-certguard-tool-06dfd891788a?source=rss------bug_bounty-5 | SentinelX Research | web-development, bug-bounty-tips, ssl-certificate, cybersecurity, bug-bounty | 12-Feb-2024 |
Mastering Samba Exploitation: A Comprehensive Pentesting Guide | https://medium.com/@elniak/mastering-samba-exploitation-a-comprehensive-pentesting-guide-016ae61c1031?source=rss------bug_bounty-5 | ElNiak | cybersecurity, threat-intelligence, penetration-testing, samba, bug-bounty | 12-Feb-2024 |
Unveiling the World of Ethical Hacking: How Ethical Hackers Earn Money | https://medium.com/@crawsecurity/unveiling-the-world-of-ethical-hacking-how-ethical-hackers-earn-money-939b7816debb?source=rss------bug_bounty-5 | crawsecurity | ethical-hacking, ways-to-earn-money-online, freelancing, bug-bounty, ethical-hacker | 11-Feb-2024 |
Online Password Cracking with THC-Hydra and Burp Suite | https://medium.com/@0xalpraz/online-password-cracking-with-thc-hydra-and-burp-suite-31ec3019cead?source=rss------bug_bounty-5 | 0xClonaz | hacks, hacking, bug-bounty, cybersecurity | 11-Feb-2024 |
Getting Facebook Credentails Without Hacking | https://medium.com/@0xalpraz/getting-facebook-credentails-without-hacking-e9c778e9e4ca?source=rss------bug_bounty-5 | 0xClonaz | bug-bounty, hacks, cybersecurity, hacking | 11-Feb-2024 |
Open Source Intelligence(OSINT), Part 4: Google Hacking to Find Unsecured Web Cams | https://medium.com/@0xalpraz/open-source-intelligence-osint-part-4-google-hacking-to-find-unsecured-web-cams-4493b08dd08f?source=rss------bug_bounty-5 | 0xClonaz | cybersecurity, hacks, hacker, hacking, bug-bounty | 11-Feb-2024 |
Open Source Intelligence (OSINT), Part 1: Mining Intelligence from Twitter (@mattgaetz) | https://medium.com/@0xalpraz/open-source-intelligence-osint-part-1-mining-intelligence-from-twitter-mattgaetz-6bb71c3dae9b?source=rss------bug_bounty-5 | 0xClonaz | bug-bounty, cybersecurity, hacking, hacker, hacks | 11-Feb-2024 |
OSINT: Finding Email Passwords in Dumps with h8mail | https://medium.com/@0xalpraz/osint-finding-email-passwords-in-dumps-with-h8mail-4fb8b80298d8?source=rss------bug_bounty-5 | 0xClonaz | bug-bounty, hacker, hacking, hacks, cybersecurity | 11-Feb-2024 |
Password Cracking: Creating Custom Password List with cupp | https://medium.com/master-hackers/password-cracking-creating-custom-password-list-with-cupp-167b7448b6c9?source=rss------bug_bounty-5 | 0xClonaz | cybersecurity, hacking, bug-bounty, hacker, hacks | 11-Feb-2024 |
Android Hacking: The libwebp Vulnerability (zero-day/zero-click) | https://medium.com/master-hackers/android-hacking-the-libwebp-vulnerability-zero-day-zero-click-843279e0bb85?source=rss------bug_bounty-5 | 0xClonaz | hacks, hacking, hacker, cybersecurity, bug-bounty | 11-Feb-2024 |
Bug Bounty Hunting, Part 1: Getting Started | https://medium.com/master-hackers/bug-bounty-hunting-part-1-getting-started-f8c60e759738?source=rss------bug_bounty-5 | 0xClonaz | hacker, bug-bounty, hacking, cybersecurity | 11-Feb-2024 |
Preventing file execution in user-accessible directories by Portswigger | 2024 | https://cyberw1ng.medium.com/preventing-file-execution-in-user-accessible-directories-by-portswigger-2024-c30f1ef726b9?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, cybersecurity, bug-bounty, security | 11-Feb-2024 |
IDOR(Insecure Direct Object Referece) Price Manipulation Through Encoded Url Parameter | https://medium.com/@bry4nzheng/idor-insecure-direct-object-referece-price-manipulation-through-encoded-url-parameter-4232fa4758b0?source=rss------bug_bounty-5 | Bryan Zheng | bug-bounty-writeup, bug-bounty, cybersecurity, penetration-testing | 11-Feb-2024 |
Signing up with Government and Military emails | https://medium.com/@boogsta/signing-up-with-government-and-military-emails-4ebed8da5135?source=rss------bug_bounty-5 | Boogsta | bug-bounty-tips, cyber, cybersecurity, bug-bounty, hacking | 11-Feb-2024 |
IDOR(Insecure Direct Object Reference) Price Manipulation on Private Bug Bounty Program | https://medium.com/@bry4nzheng/idor-insecure-direct-object-reference-price-manipulation-on-private-bug-bounty-program-2527431ffcfd?source=rss------bug_bounty-5 | Bryan Zheng | bug-bounty-writeup, penetration-testing, bug-bounty, cybersecurity | 11-Feb-2024 |
Bug Bounty Programs: Unleashing the Force of Ethical Hackers to Strengthen Your Security Defenses | https://medium.com/@pascal.o.anene/bug-bounty-programs-unleashing-the-force-of-ethical-hackers-to-strengthen-your-security-defenses-08506824e975?source=rss------bug_bounty-5 | Pascal Onyekachukwu Anene | cybersecurity, security-engineering, bug-bounty | 11-Feb-2024 |
Almost 50% of web pages have this bug. Learn How it is exploited in the wild | https://medium.com/@sreedeep200/almost-50-of-web-pages-have-this-bug-learn-how-it-is-exploited-in-the-wild-bfc591abdf8f?source=rss------bug_bounty-5 | Sreedeep cv | js, bug-bounty, xss-attack, hacking, dom | 11-Feb-2024 |
XSS in CMS / Blog sites bypassing HTML encoding and escaping. | https://medium.com/@kannnannmk/xss-in-cms-blog-sites-bypassing-html-encoding-and-escaping-f61a720e6a02?source=rss------bug_bounty-5 | Neelamegha Kannan S | penetration-testing, cybersecurity, information-security, cyberattack, bug-bounty | 11-Feb-2024 |
From a customer to a ‘system owner’ | https://medium.com/@mmaulanaabdullah/from-a-customer-to-a-system-owner-ce4da3f6d56c?source=rss------bug_bounty-5 | M Maulana Abdullah | api-development, writeup, privilege-escalation, api, bug-bounty | 10-Feb-2024 |
Unlocking Creativity: TCS HackQuest S8 Unveiled - Round 1 | https://medium.com/@Dark_D3v1l/unlocking-creativity-tcs-hackquest-s8-unveiled-round-1-ffc02c753aaf?source=rss------bug_bounty-5 | Raviteja | reverse-engineering, ctf, bug-bounty, hacking-tools, web-security | 10-Feb-2024 |
7.8 Lab: Referer-based access control | 2024 | https://cyberw1ng.medium.com/7-8-lab-referer-based-access-control-2024-ef0fa2eefbe0?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, security, bug-bounty, cybersecurity | 10-Feb-2024 |
Google Dorking: A Beginner’s Guide to Finding Vulnerabilities | https://medium.com/@elniak/google-dorking-a-beginners-guide-to-finding-vulnerabilities-815afedcaaec?source=rss------bug_bounty-5 | ElNiak | threat-intelligence, bug-bounty, google-dorking, cybersecurity, google | 10-Feb-2024 |
Web Security 101 : Cross-Site Scripting (XSS) Attacks | https://iaraoz.medium.com/web-security-101-cross-site-scripting-xss-attacks-5b6c6e8020c7?source=rss------bug_bounty-5 | Israel Aráoz Severiche | xss-attack, bug-bounty, cybersecurity, appsec | 09-Feb-2024 |
Securing Biggest Electronic Brand Worth Me My 2nd 4 fig. $2259 Bounty! | https://medium.com/@manan_sanghvi/securing-biggest-electronic-brand-worth-me-my-2nd-4-fig-2259-bounty-a053d2053655?source=rss------bug_bounty-5 | Manan Sanghvi | bug-bounty, penetration-testing, web-application-security, ethical-hacking, idor-vulnerability | 09-Feb-2024 |
JSON CSRF in Microsoft Bing Maps Collections | https://infosecwriteups.com/json-csrf-in-microsoft-bing-maps-collections-74afc2b197d5?source=rss------bug_bounty-5 | Jayateertha Guruprasad | bug-bounty-tips, microsoft, bug-bounty, infosec, cybersecurity | 09-Feb-2024 |
CVE-2024–24830: A Critical OpenObserve Vulnerability Exposed | https://systemweakness.com/cve-2024-24830-a-critical-openobserve-vulnerability-exposed-7110ff223e49?source=rss------bug_bounty-5 | ElNiak | bug-bounty, logs, vulnerability, cybersecurity, technology | 09-Feb-2024 |
Cyber Espionage Unveiled: The Dutch Defense Under Siege by Chinese Hackers | https://medium.com/@elniak/cyber-espionage-unveiled-the-dutch-defense-under-siege-by-chinese-hackers-2a7a5ffe99b6?source=rss------bug_bounty-5 | ElNiak | malware, chinese, bug-bounty, cyberattack, cybersecurity | 09-Feb-2024 |
CVE-2024–1207: A Deep Dive into WordPress Plugin Vulnerability | https://systemweakness.com/cve-2024-1207-a-deep-dive-into-wordpress-plugin-vulnerability-3b12891813e6?source=rss------bug_bounty-5 | ElNiak | bug-bounty, vulnerability, cybersecurity, wordpress, sql-injection | 09-Feb-2024 |
Cyber Espionage Unveiled: The Dutch Defense Under Siege by Chinese Hackers | https://systemweakness.com/cyber-espionage-unveiled-the-dutch-defense-under-siege-by-chinese-hackers-2a7a5ffe99b6?source=rss------bug_bounty-5 | ElNiak | malware, chinese, bug-bounty, cyberattack, cybersecurity | 09-Feb-2024 |
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Three | https://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-three-cee1633de873?source=rss------bug_bounty-5 | Ali | python, flask, bug-bounty, mongodb, reconnaissance | 09-Feb-2024 |
E: Package ‘libgtkglext1’ has no installation candidate | anydesk : Depends: libgtkglext1 but it is… | https://medium.com/@sherlock297/e-package-libgtkglext1-has-no-installation-candidate-anydesk-depends-libgtkglext1-but-it-is-7eef2877f78d?source=rss------bug_bounty-5 | Ravindra Dagale | information-technology, bug-bounty, kali-linux, information-security, programming | 09-Feb-2024 |
7.7 Lab: Multi-step process with no access control on one step | 2024 | https://cyberw1ng.medium.com/7-7-lab-multi-step-process-with-no-access-control-on-one-step-2024-2b338dfd36ea?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, cybersecurity, bug-bounty, security | 09-Feb-2024 |
Beyond the Firewall: Finding a Stored XSS in Hacker101 CTF | https://medium.com/@crashwire1/beyond-the-firewall-finding-a-stored-xss-in-hacker101-ctf-9b90df12e42e?source=rss------bug_bounty-5 | Crashwire | xss-attack, cybersecurity, capture-the-flag, bug-bounty, hacking | 09-Feb-2024 |
Unlocking Your Potential: Elevating Your Bug Bounty Game** | https://medium.com/@mrraghavop12/unlocking-your-potential-elevating-your-bug-bounty-game-5cbf22c4de00?source=rss------bug_bounty-5 | Ethical Raghav | blockchain, bug-bounty, bug-bounty-tips, javascript, cybersecurity | 08-Feb-2024 |
Lenfi V2 to Begin Community-Driven Bug Bounty Program Now | https://medium.com/@lenfi/lenfi-v2-to-begin-community-driven-bug-bounty-program-now-c2d312203df2?source=rss------bug_bounty-5 | Lenfi | lending, cardano, defi, audit, bug-bounty | 08-Feb-2024 |
Chaining Subprober + Subfinder To Your Bug Bounty Recon. | https://medium.com/@Ajakcybersecurity/chaining-subprober-subfinder-to-your-bug-bounty-recon-017151d1ffce?source=rss------bug_bounty-5 | AjakCybersecurity | bug-bounty, ethical-hacking, penetration-testing, hacking, cybersecurity | 08-Feb-2024 |
7.6 Lab: Method-based access control can be circumvented | 2024 | https://cyberw1ng.medium.com/7-6-lab-method-based-access-control-can-be-circumvented-2024-edb5df550a66?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, portswigger, cybersecurity, careers | 08-Feb-2024 |
Easy way to get privilege escalation | https://medium.com/@Rzizah/easy-way-to-get-privilege-escalation-2c0a96862301?source=rss------bug_bounty-5 | Rzizah | bug-bounty-tips, bug-bounty, bug-bounty-writeup, privilege-escalation | 08-Feb-2024 |
How I Find Open Redirect Bug — Bug Bounty Tuesday | https://medium.com/@kerstan/how-i-find-open-redirect-bug-bug-bounty-tuesday-40cc560c9cec?source=rss------bug_bounty-5 | kerstan | cybersecurity, bug-bounty, technology, security, information-security | 07-Feb-2024 |
Web3 Security: In-Depth | https://medium.com/coinmonks/web3-security-in-depth-e102fb262a3a?source=rss------bug_bounty-5 | Officer's Notes | bug-bounty, blockchain, smart-contracts, solidity, web3 | 07-Feb-2024 |
My first bug | Html injection| | https://medium.com/@pandeyrishu621/my-first-bug-html-injection-82bbad239934?source=rss------bug_bounty-5 | Pandeyrishu | cybersecurity, bug-bounty, penetration-testing, technology, bug-bounty-tips | 07-Feb-2024 |
Revealing a Security Snag: Uncovering Sensitive Data Exposure in an Apple Application | https://medium.com/@jazdprince/revealing-a-security-snag-uncovering-sensitive-data-exposure-in-an-apple-application-c93da97cae0d?source=rss------bug_bounty-5 | JzeeRx | bug-bounty, bug-hunting, cybersecurity, apple-security, apple | 07-Feb-2024 |
7.5 Lab: URL-based access control can be circumvented | 2024 | https://cyberw1ng.medium.com/7-5-lab-url-based-access-control-can-be-circumvented-2024-f101542e9402?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, hacking, cybersecurity, careers, bug-bounty | 07-Feb-2024 |
I have hacked around 300 website in 1 Month | https://systemweakness.com/i-have-hacked-around-300-website-in-1-month-30417030560b?source=rss------bug_bounty-5 | Imran Niaz | bug-bounty, hacking, web-development, python-programming, cybersecurity | 07-Feb-2024 |
Rate Limiting: What It Is And Why It Matters in Bug Bounty | https://infosecwriteups.com/rate-limiting-what-it-is-and-why-it-matters-in-bug-bounty-b0d2ce574049?source=rss------bug_bounty-5 | Alp | bug-bounty-tips, bug-bounty, hackerone | 07-Feb-2024 |
How To Get Started With LLM Hacking? — A Beginner’s Guide | https://medium.com/@hetisdemerckx/how-to-get-started-with-llm-hacking-a-beginners-guide-273af158b4b0?source=rss------bug_bounty-5 | Yannick Merckx | bug-bounty, ai, hacking, llm-hacking, llm | 07-Feb-2024 |
My first bug | Html injection| | https://systemweakness.com/my-first-bug-html-injection-82bbad239934?source=rss------bug_bounty-5 | Pandeyrishu | cybersecurity, bug-bounty, penetration-testing, technology, bug-bounty-tips | 07-Feb-2024 |
Enhancing Network Security: Best Practices and Strategies | https://medium.com/@paritoshblogs/enhancing-network-security-best-practices-and-strategies-6fec2ef3f397?source=rss------bug_bounty-5 | Paritosh | hacking, programming, bug-bounty, information-security, cybersecurity | 06-Feb-2024 |
Tumblr Subdomain Takeover | https://infosecwriteups.com/tumblr-subdomain-takeover-55f9cb494d65?source=rss------bug_bounty-5 | Scott Lindh | white-hat-hacker, bug-bounty, hacker, subdomain-takeover, subdomains-enumeration | 06-Feb-2024 |
Harnessing Concurrency in Go: Exploring Asynchronous Execution | https://medium.com/@rezauditore/harnessing-concurrency-in-go-exploring-asynchronous-execution-4134897d66a6?source=rss------bug_bounty-5 | rezauditore | golang, programming, bug-bounty, tutorial, hunting | 06-Feb-2024 |
A Deep Dive into FastAPI’s Security Vulnerability: CVE-2024–24762 | https://systemweakness.com/a-deep-dive-into-fastapis-security-vulnerability-cve-2024-24762-4ab6bb64644c?source=rss------bug_bounty-5 | ElNiak | cybersecurity, programming, bug-bounty, fastapi, vulnerability | 06-Feb-2024 |
ALWAYS test 404 Not Found in Bug Bounties! | https://medium.com/@mares.viktor/always-test-404-not-found-in-bug-bounties-2be47801b4c0?source=rss------bug_bounty-5 | Viktor Mares | cybersecurity, web-development, bug-bounty, penetration-testing, hacking | 06-Feb-2024 |
CVE-2024-23222: Apple WebKit’s Zero-Day Vulnerability | https://medium.com/@elniak/cve-2024-23222-apple-webkits-zero-day-vulnerability-83109de9ddee?source=rss------bug_bounty-5 | ElNiak | cybersecurity, vulnerability, apple, technology, bug-bounty | 06-Feb-2024 |
Symlink Sabotage: ZIPping Through Web Security. (LFI Lab) | https://medium.com/@josh.beck2006/symlink-sabotage-zipping-through-web-security-lfi-lab-ca20e2d30c8d?source=rss------bug_bounty-5 | Josh Beck | penetration-testing, cybersecurity, ctf-writeup, bug-bounty | 06-Feb-2024 |
Unveiling CVE-2024–0953: Firefox iOS Open Redirect Vulnerability | https://lohigowda.medium.com/unveiling-cve-2024-0953-firefox-ios-open-redirect-vulnerability-57533efb4cf4?source=rss------bug_bounty-5 | Lohith Gowda M | application-security, bug-bounty, firefox, ios, infosec | 06-Feb-2024 |
Understanding Ransomware | https://medium.com/@paritoshblogs/understanding-ransomware-aa45e2c43bbb?source=rss------bug_bounty-5 | Paritosh | ransomware, bug-bounty, cybersecurity, hacking, information-security | 05-Feb-2024 |
Urgent Security Alert: Microsoft Edge Vulnerabilities Exposed — Protect Your Data Now! | https://medium.com/@elniak/urgent-security-alert-microsoft-edge-vulnerabilities-exposed-protect-your-data-now-bd7cd8b616dd?source=rss------bug_bounty-5 | ElNiak | privilege-escalation, cybersecurity, microsoft, bug-bounty, vulnerability | 05-Feb-2024 |
SSRF on a Headless Browser Becomes Critical! | https://medium.com/@Nightbloodz/ssrf-on-a-headless-browser-becomes-critical-c08daaa1017e?source=rss------bug_bounty-5 | Alvaro Balada | cybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty, cyber-security-awareness | 05-Feb-2024 |
IoT Devices Vulnerabilities Disclosed: BugStrike’s IoT Security Suite | https://blog.bugstrike.io/iot-devices-vulnerabilities-disclosed-bugstrikes-iot-security-suite-4f3b7d907829?source=rss------bug_bounty-5 | BugStrike Team | bugstrike, iot-security, bug-bounty, cybersecurity, iot | 05-Feb-2024 |
Unveiling the XSS Threats: Understanding and Defending Against Cross-Site Scripting | https://blog.bugstrike.io/unveiling-the-xss-threats-understanding-and-defending-against-cross-site-scripting-508e914367f4?source=rss------bug_bounty-5 | BugStrike Team | bugsbounty, cybersecurity, bugstrike, xss-attack, bug-bounty | 05-Feb-2024 |
Broken access control resulting from platform misconfiguration | 2024 | https://cyberw1ng.medium.com/broken-access-control-resulting-from-platform-misconfiguration-2024-bc330363278c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, bug-bounty, hacking, security | 05-Feb-2024 |
Euler Is So Back: Prizewinners and Educate Series Summary | https://www.blog.encode.club/euler-is-so-back-bounty-winners-and-educate-series-summary-6ea3de46b569?source=rss------bug_bounty-5 | Vanessa Losic | euler, euler-finance, bug-bounty, euler-educate, encode-club | 05-Feb-2024 |
How I got RCE in one of Bugcrowd's Public Programs | https://medium.com/@yousefmoh15/how-i-got-rce-in-one-of-bugcrowds-public-programs-5725c8dc46ce?source=rss------bug_bounty-5 | Yousef Mohamed Elsaid | cybersecurity, bugcrowd, bug-bounty, rce, remote-code-execution | 05-Feb-2024 |
Every Cybersecurity Beginner’s Nightmare — You need to Read this | https://medium.com/@majameeljameey/every-cybersecurity-beginners-nightmare-you-need-to-read-this-fc1b69e5dded?source=rss------bug_bounty-5 | MOHD ABDUL JAMEEL | penetration-testing, bug-bounty, roadmaps, ethical-hacking, cybersecurity | 05-Feb-2024 |
Reflected XSS into a Template Literal with Angle Brackets, Single, Double Quotes, Backslash, and… | https://medium.com/@marduk.i.am/reflected-xss-into-a-template-literal-with-angle-brackets-single-double-quotes-backslash-and-d5cf41f25b02?source=rss------bug_bounty-5 | Marduk I Am | bug-bounty, portswigger-lab, reflected-xss, cross-site-scripting, cybersecurity | 05-Feb-2024 |
Skyfall — HackTheBox Seasonal Machine Simple Writeup by Karthikeyan Nagaraj | 2024 | https://infosecwriteups.com/skyfall-hackthebox-seasonal-machine-simple-writeup-by-karthikeyan-nagaraj-2024-d76fdaaba116?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, hackthebox-writeup, hackthebox, bug-bounty | 05-Feb-2024 |
This will change the way you hunt for bugs forever. | https://medium.com/@deadoverflow/this-will-change-the-way-you-hunt-for-bugs-forever-6111f59b4e8b?source=rss------bug_bounty-5 | Imad Husanovic | hacking, cybersecurity, bug-bounty, programming, bug-bounty-tips | 04-Feb-2024 |
the Dark Art of NTLM Relay Attacks | https://medium.com/@paritoshblogs/the-dark-art-of-ntlm-relay-attacks-5a55cfb95b37?source=rss------bug_bounty-5 | Paritosh | cybersecurity, hacking, ntlm-relay, active-directory, bug-bounty | 04-Feb-2024 |
The UI Slip I Hit 750$: UI Manipulation Leading to Unauthorized Permission Changes | https://medium.com/@a13h1/the-ui-slip-i-hit-750-ui-manipulation-leading-to-unauthorized-permission-changes-d65621d8dd96?source=rss------bug_bounty-5 | Abhi Sharma | user-interface, hacking, programming, bug-bounty, cybersecurity | 04-Feb-2024 |
How I Hacked My College’s Site | https://infosecwriteups.com/how-i-hacked-my-colleges-site-26ae1ab872e4?source=rss------bug_bounty-5 | Rajneesh Kumar Arya | bug-bounty, web-application-security, ethical-hacking, hacked, cybersecurity | 04-Feb-2024 |
Running a MITM on a Google Play App | Fintech Bug Bounty — Part 3 | https://0x4kd.medium.com/running-a-mitm-on-a-google-play-app-fintech-bug-bounty-part-3-82ebdd852d07?source=rss------bug_bounty-5 | 0x4KD | bug-bounty, infosec, bounty-hunter, bug-bounty-tips, security | 04-Feb-2024 |
Certifications for bug bounty hunters | https://medium.com/@notahades/certifications-for-bug-bounty-hunters-4200c6a58c3c?source=rss------bug_bounty-5 | Desha | hacking, certification, penetration-testing, bug-bounty | 04-Feb-2024 |
Hacking tools to use in 2024 | https://medium.com/@notahades/hacking-tools-to-use-in-2024-9dd47c126ef4?source=rss------bug_bounty-5 | Desha | it-security, bug-bounty, hacking, penetration-testing, security | 04-Feb-2024 |
Tutorial: Shellcode Injection when the buffer is small | https://medium.com/@elniak/tutorial-shellcode-injection-when-the-buffer-is-small-ee3a29dcb955?source=rss------bug_bounty-5 | ElNiak | bug-bounty, tutorial, hacking, shellcode, cybersecurity | 04-Feb-2024 |
TryHackMe | Bounty Hacker Walkthrough | https://medium.com/@utsavadhikari99/tryhackme-bounty-hacker-walkthrough-eb7d9de074e3?source=rss------bug_bounty-5 | Utsavadhikari | bug-bounty, bugs, linux, cybersecurity, computer-science | 04-Feb-2024 |
Stored XSS into ‘onclick’ Event with Angle Brackets and Double Quotes HTML-Encoded and Single… | https://medium.com/@marduk.i.am/stored-xss-into-onclick-event-with-angle-brackets-and-double-quotes-html-encoded-and-single-002848f8deb1?source=rss------bug_bounty-5 | Marduk I Am | portswigger-lab, cybersecurity, stored-xss, bug-bounty, cross-site-scripting | 04-Feb-2024 |
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Two | https://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-two-468405eb3520?source=rss------bug_bounty-5 | Ali | databse, reconnaissance, bug-bounty, python, chatgpt | 04-Feb-2024 |
6.5 Lab: Information disclosure in version control history | 2024 | https://cyberw1ng.medium.com/6-5-lab-information-disclosure-in-version-control-history-2024-f886c7337cb7?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, careers, cybersecurity, bug-bounty, hacking | 04-Feb-2024 |
How to send WhatsApp Message automatically using python for impress someone | https://rajput623929.medium.com/how-to-send-whatsapp-message-automatically-using-python-for-impress-someone-9c577664faaa?source=rss------bug_bounty-5 | Mr.Horbio | hacking, automation, bug-bounty, cybersecurity, python | 03-Feb-2024 |
IDOR Pada Website Jual Beli Indonesia | https://uzet.medium.com/idor-pada-website-jual-beli-indonesia-e4842bad515a?source=rss------bug_bounty-5 | Timotius Benhur | bug-bounty, writeup, cyber-security-awareness, bugs | 03-Feb-2024 |
Zero-Day: Navigating the Storm of CVE-2024–21893 in Ivanti Products | https://systemweakness.com/zero-day-navigating-the-storm-of-cve-2024-21893-in-ivanti-products-3b27078377e2?source=rss------bug_bounty-5 | ElNiak | bug-bounty, penetration-testing, ivanti, cybersecurity, ssrf | 03-Feb-2024 |
Vulnerable WordPress January 2024 (Imadaddin Nasimi) | https://medium.com/@onhexgroup/vulnerable-wordpress-january-2024-imadaddin-nasimi-09f163d473db?source=rss------bug_bounty-5 | Onhexgroup | infosec, bug-bounty, exploit, cybersecurity, wordpress | 03-Feb-2024 |
Title: Unveiling the Trio: Idor,Account,Takeover And Account Enumeration | https://medium.com/@mrraghavop12/title-unveiling-the-trio-idor-account-takeover-and-account-enumeration-cad7f7ca671f?source=rss------bug_bounty-5 | Ethical Raghav | bug-bounty, blockchain, technology, cybersecurity, data-science | 03-Feb-2024 |
Building a Robust Security Architecture | https://medium.com/@paritoshblogs/building-a-robust-security-architecture-10d01b22380d?source=rss------bug_bounty-5 | Paritosh | architecture, bug-bounty, information-security, cybersecurity, security-architecture | 03-Feb-2024 |
A Story of an IDOR bug I found on a SaaS application | https://medium.com/@duncanochieng682/a-story-of-an-idor-bug-i-found-on-a-saas-application-28fa65907bfd?source=rss------bug_bounty-5 | JateloCybersec | access-control, web-application-security, bug-bounty-tips, idor-vulnerability, bug-bounty | 03-Feb-2024 |
Version Control History and Information Disclosure Vulnerabilities | 2024 | https://cyberw1ng.medium.com/version-control-history-and-information-disclosure-vulnerabilities-2024-3649060333bb?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, cybersecurity, careers, bug-bounty, hacking | 03-Feb-2024 |
Offensive Mobile Penetration Testing | https://hackerassociate.medium.com/offensive-mobile-penetration-testing-ce87cc06fb46?source=rss------bug_bounty-5 | Harshad Shah | bug-bounty, infosec, penetration-testing, cybersecurity, hacking | 02-Feb-2024 |
5.11 Lab: Authentication bypass via flawed state machine | 2024 | https://cyberw1ng.medium.com/5-11-lab-authentication-bypass-via-flawed-state-machine-2024-2226d33fba6d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, cybersecurity, bug-bounty, security | 2-Feb-2024 |
CVE-2021–4434: A Critical WordPress Vulnerability Exposed | https://medium.com/@elniak/cve-2021-4434-a-critical-wordpress-vulnerability-exposed-202b7d75dda5?source=rss------bug_bounty-5 | ElNiak | vulnerability, bug-bounty, threat-intelligence, wordpress, cybersecurity | 2-Feb-2024 |
Join the Pay Protocol Bug Bounty Program and Earn Rewards | https://cryptoanalyz.medium.com/join-the-pay-protocol-bug-bounty-program-and-earn-rewards-159d24608282?source=rss------bug_bounty-5 | Crypto Analyst | payments, defi, bug-bounty-program, cryptocurrency, bug-bounty | 2-Feb-2024 |
Unveiling the Elite: Cyber Matrix Tech’s USD 7 Million Bug Bounty Course | https://medium.com/@African-Technology-Research/unveiling-the-elite-cyber-matrix-techs-usd-7-million-bug-bounty-course-4e648fb003d1?source=rss------bug_bounty-5 | African Technology Research | penetration-testing, cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 2-Feb-2024 |
Mastering Fuzzing: A Comprehensive Tutorial | https://medium.com/@elniak/mastering-fuzzing-a-comprehensive-tutorial-ba9431c8ff0f?source=rss------bug_bounty-5 | ElNiak | fuzzing, bug-bounty, tutorial, cybersecurity, bugs | 02-Feb-2024 |
Unlocking Privacy: A Dive into Octopii, the Open-Source PII Scanner | https://medium.com/@elniak/unlocking-privacy-a-dive-into-octopii-the-open-source-pii-scanner-8a8bdcc0b8be?source=rss------bug_bounty-5 | ElNiak | privacy, osint, cybersecurity, bug-bounty, pii | 02-Feb-2024 |
How to start in Bug Bounty Hunting: my personal experience | https://seeu-inspace.medium.com/how-to-start-in-bug-bounty-hunting-my-personal-experience-61fb2bc6bcee?source=rss------bug_bounty-5 | Riccardo Malatesta | bug-bounty-tips, bug-bounty | 02-Feb-2024 |
How to Pass eWPTv1 exam | https://medium.com/@pentajbr/how-to-pass-ewptv1-exam-3aab3d7d9fa5?source=rss------bug_bounty-5 | Jbr AL-Otaibi | preparation, bug-bounty, bug-bounty-tips, cybersecurity, hacking | 02-Feb-2024 |
CVE-2021–4434: A Critical WordPress Vulnerability Exposed | https://systemweakness.com/cve-2021-4434-a-critical-wordpress-vulnerability-exposed-202b7d75dda5?source=rss------bug_bounty-5 | ElNiak | vulnerability, bug-bounty, threat-intelligence, wordpress, cybersecurity | 02-Feb-2024 |
How I was able to find PII of more than 15,000 People using the Directory Enumeration Tool… | https://medium.com/@neelmunot2003/how-i-was-able-to-find-pii-of-more-than-15-000-people-using-the-directory-enumeration-tool-7ac3e9a37983?source=rss------bug_bounty-5 | Neel Munot | information-disclosure, dirsearch, bug-bounty, cybersecurity, ethical-hacking | 02-Feb-2024 |
How I secured the United Nations Hall of Fame | https://medium.com/@kamilrahman32/how-i-secured-the-united-nations-hall-of-fame-67b036ff2620?source=rss------bug_bounty-5 | Kamil Rahuman | bug-bounty, bug-bounty-tips, vulnerability, hall-of-fame, united-nations | 02-Feb-2024 |
Full Account Takeover via Password Reset Link Manipulation | https://ikhaleelkhan.medium.com/full-account-takeover-via-password-reset-link-manipulation-840fb9402967?source=rss------bug_bounty-5 | Khaleel Khan | infosec, bug-bounty, cybersecurity, hacking, ethical-hacking | 01-Feb-2024 |
Docker and runC Vulnerabilities: A Deep Dive into CVE-2024–21626 and Its Counterparts | https://medium.com/@elniak/docker-and-runc-vulnerabilities-a-deep-dive-into-cve-2024-21626-and-its-counterparts-4ca24e7d7aa1?source=rss------bug_bounty-5 | ElNiak | cybersecurity, vulnerability, docker, penetration-testing, bug-bounty | 01-Feb-2024 |
5.10 Lab: Authentication bypass via encryption Oracle | 2024 | https://cyberw1ng.medium.com/5-10-lab-authentication-bypass-via-encryption-oracle-2024-b15f1879a30b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, bug-bounty, careers, hacking, cybersecurity | 01-Feb-2024 |
1.4M PII data leakage (IDOR) | https://medium.com/@tusharaj98355/1-4m-pii-data-leakage-idor-aee596aef4d9?source=rss------bug_bounty-5 | tushar_recon | bug-bounty, bug-bounty-tips | 01-Feb-2024 |
How i was able to hack a Company via watching a YouTube video | https://ahmadmansourr.medium.com/how-i-was-able-to-hack-a-company-via-watching-a-youtube-video-without-any-technical-pentesting-4941753a150a?source=rss------bug_bounty-5 | Ahmad Mansour | cyber-security-awareness, bug-bounty, penetration-testing | 01-Feb-2024 |
Reflected XSS into a JavaScript String with Angle Brackets and Double Quotes HTML-Encoded and… | https://medium.com/@marduk.i.am/reflected-xss-into-a-javascript-string-with-angle-brackets-and-double-quotes-html-encoded-and-3e43059d901b?source=rss------bug_bounty-5 | Marduk I Am | cybersecurity, portswigger-lab, reflected-xss, cross-site-scripting, bug-bounty | 01-Feb-2024 |
Bypass Arbitary File Upload With .phar | https://medium.com/@mzrismuarf/bypass-arbitary-file-upload-with-phar-6a07627f5e2e?source=rss------bug_bounty-5 | Mizar Ismu Arief | exploitation, bug-bounty, pentesting, bypass | 01-Feb-2024 |
From No to Go — Uninvited Access To Invited Projects | https://medium.com/@_0jatin0_/from-no-to-go-uninvited-access-to-invited-projects-c8a94feb7cf3?source=rss------bug_bounty-5 | Jatin_Chudasama | broken-access-control, writeup, bug-bounty, graphql, unauthorized-access | 01-Feb-2024 |
This is arguably the dumbest bug I’ve ever found. | https://medium.com/@deadoverflow/this-is-arguably-the-dumbest-bug-ive-ever-found-3e451951d727?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty-tips, bug-bounty, hacking, programming, cybersecurity | 01-Feb-2024 |
Misconfiguration lead to company identity theft via bypass email verification. | https://hamzadzworm.medium.com/misconfiguration-lead-to-company-identity-theft-via-bypass-email-verification-0dd60b61d943?source=rss------bug_bounty-5 | Hamzadzworm | bugbounty-writeup, bug-bounty-writeup, bugbounty-tips, bug-bounty, infosec | 01-Feb-2024 |
Best Recon methodology (Shubham Rooter) | https://shubhamrooter.medium.com/best-recon-methodology-shubham-rooter-dcdca8d4caa4?source=rss------bug_bounty-5 | Shubham Tiwari | hackerone, recon, bug-bounty, bug-bounty-tips, bug-hunting | 01-Feb-2024 |
How to send WhatsApp Message automatically using python for impress someone | https://rajput623929.medium.com/how-to-send-whatsapp-message-automatically-using-python-for-impress-someone-0a9f488a4b54?source=rss------bug_bounty-5 | Mr.Horbio | hacking, cybersecurity, technology, python, bug-bounty | 01-Feb-2024 |
Understanding and Mitigating Active Directory Attacks | https://medium.com/@paritoshblogs/understanding-and-mitigating-active-directory-attacks-51b7b5737ecc?source=rss------bug_bounty-5 | Paritosh | bug-bounty, azure, hacking, active-directory, cybersecurity | 31-Jan-2024 |
Uncovering a Parameter Tampering Vulnerability in Event Expo Ticketing System | https://medium.com/@sulmanfarooq531/uncovering-a-parameter-tampering-vulnerability-in-event-expo-ticketing-system-89fc52e26414?source=rss------bug_bounty-5 | Sulman Farooq S | burpsuite, tampering, http-parameter-pollution, parameter-tampering, bug-bounty | 31-Jan-2024 |
Hunt, Hack, Reward — Hacking For Good with Bounties | https://thethreatcops.medium.com/hunt-hack-reward-hacking-for-good-with-bounties-6a57d12c82a0?source=rss------bug_bounty-5 | the threat cops | thethreatcops, cybersecurity, bug-bounty, hacking, infosec | 31-Jan-2024 |
Navigating the Storm: Understanding CVE-2023–34048’s Impact on VMware vCenter Server | https://medium.com/@elniak/navigating-the-storm-understanding-cve-2023-34048s-impact-on-vmware-vcenter-server-6004e6531e5b?source=rss------bug_bounty-5 | ElNiak | threat-intelligence, cybersecurity, bug-bounty, penetration-testing, vmware | 31-Jan-2024 |
Json Tokens (JWT) Token Checks | https://akash-venky091.medium.com/json-tokens-jwt-token-checks-f23d5107e370?source=rss------bug_bounty-5 | Akash Venky | cybersecurity, ethical-hacking, bug-bounty, security, jwt | 31-Jan-2024 |
What to expect from BSides Transylvania 2024 | https://corneacristian.medium.com/what-to-expect-from-bsides-transylvania-2024-38f62ffb1ebd?source=rss------bug_bounty-5 | Cristian Cornea | cybersecurity, technology, bug-bounty, software-development, tech | 31-Jan-2024 |
Tackling IDOR on UUID based objects | https://medium.com/pentesternepal/tackling-idor-on-uuid-based-objects-71e8cb2dc265?source=rss------bug_bounty-5 | Veshraj Ghimire | idor-vulnerability, bug-bounty | 31-Jan-2024 |
5.9 Lab: Infinite money logic flaw | 2024 | https://cyberw1ng.medium.com/5-9-lab-infinite-money-logic-flaw-2024-9aec41bc9ca0?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, cybersecurity, security, bug-bounty | 31-Jan-2024 |
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part One | https://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-one-77ec3fd3b914?source=rss------bug_bounty-5 | Ali | bug-bounty, database, reconnaissance, python | 31-Jan-2024 |
How to use Virtual Box | https://medium.com/@joshdesharnais1/how-to-use-virtual-box-f3b66be0d9d7?source=rss------bug_bounty-5 | Joshua Desharnais | bug-bounty, virtual, operating-systems, oracle | 31-Jan-2024 |
Bug Bounty Hunting, Part 1: Stealthy Parameter Detection with ParamSpider | https://medium.com/master-hackers/bug-bounty-hunting-part-1-stealthy-parameter-detection-with-paramspider-28e8ae3af5d4?source=rss------bug_bounty-5 | 0xClonaz | bug-bounty, hacker, bug-bounty-tips, cybersecurity, hacking | 31-Jan-2024 |
Ransomware: Build Your Own Ransomware | https://medium.com/master-hackers/ransomware-build-your-own-ransomware-b8002b355300?source=rss------bug_bounty-5 | 0xClonaz | hacking, cybersecurity, hacker, programming, bug-bounty | 31-Jan-2024 |
Recon Methodology | https://medium.com/@alanvv03/recon-methodology-6626fea2e6ed?source=rss------bug_bounty-5 | Alanvv | cybersecurity, bug-bounty, reconnaissance | 31-Jan-2024 |
Une erreur fatale | https://mr0me.medium.com/salut-a2c0cf7cfb4c?source=rss------bug_bounty-5 | Jephte Mangenda | mistakes, wordpress-development, wordpress, bug-bounty, bugs | 31-Jan-2024 |
Web Cache Poisoning | https://k4gur4.medium.com/web-cache-poisoning-04fea694708e?source=rss------bug_bounty-5 | Kagura | cybersecurity, web-security, bug-bounty | 31-Jan-2024 |
Decoding the OWASP Top 10 | https://medium.com/@paritoshblogs/decoding-the-owasp-top-10-e193b715cb37?source=rss------bug_bounty-5 | Paritosh | bug-bounty, owasp, cybersecurity, pentesting, hacking | 30-Jan-2024 |
Critical Jenkins RCE Vulnerability (CVE-2024–23897) | https://medium.com/@elniak/critical-jenkins-rce-vulnerability-cve-2024-23897-402061a2b187?source=rss------bug_bounty-5 | ElNiak | jenkins, bug-bounty, penetration-testing, vulnerability, cybersecurity | 30-Jan-2024 |
Simplifying Issue Traceability with Links Explorer in the monday Platform | https://medium.com/optimizory-apps/simplifying-issue-traceability-with-links-explorer-in-the-monday-platform-c8cfbee37668?source=rss------bug_bounty-5 | Divyansh Vats | project-management, marketplaces, issues, bug-bounty, traceability | 30-Jan-2024 |
Title: Exploiting Path Traversal Vulnerability in User Profile URLs | https://medium.com/@kataeriidubstep/title-exploiting-path-traversal-vulnerability-in-user-profile-urls-82c0e8ba1a3e?source=rss------bug_bounty-5 | Pavan kumar.G | bug-bounty, cybersecurity, appsec | 30-Jan-2024 |
Reflected XSS into a JavaScript String with Single Quote and Backslash Escaped | https://medium.com/@marduk.i.am/reflected-xss-into-a-javascript-string-with-single-quote-and-backslash-escaped-ba435167b43f?source=rss------bug_bounty-5 | Marduk I Am | reflected-xss, cross-site-scripting, portswigger-lab, bug-bounty, cybersecurity | 30-Jan-2024 |
My SSRF Tricks — Bug Bounty Tuesday | https://medium.com/@kerstan/my-ssrf-tricks-bug-bounty-tuesday-f0d7e53c8d88?source=rss------bug_bounty-5 | kerstan | bug-bounty, security, hacking, cybersecurity, technology | 30-Jan-2024 |
Rekomendasi Platform Bug Bounty Nasional Maupun Internasional | https://medium.com/@artiacode/rekomendasi-platform-bug-bounty-nasional-maupun-internasional-7406d388de08?source=rss------bug_bounty-5 | ArtiaCode | cybersecurity, cyber-security-awareness, bug-bounty, bug-bounty-hunter, bug-bounty-program | 30-Jan-2024 |
Navigating the World of Bug Bounties in 2024: Opportunities and Platforms for Ethical Hackers | https://hacksheets.medium.com/navigating-the-world-of-bug-bounties-in-2024-opportunities-and-platforms-for-ethical-hackers-99ff20231e3e?source=rss------bug_bounty-5 | Hacksheets | Learn Cybersecurity | bug-bounty, artificial-intelligence, chatgpt, cybersecurity, penetration-testing | 30-Jan-2024 |
Pov — HackTheBox Seasonal Machine Simple Writeup by Karthikeyan Nagaraj | 2024 | https://infosecwriteups.com/pov-hackthebox-seasonal-machine-simple-writeup-by-karthikeyan-nagaraj-2024-7516c938c688?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hackthebox, hackthebox-writeup, careers, cybersecurity | 30-Jan-2024 |
Attacking Session Management | Part 06 | What To Do After Choosing a Target | https://medium.com/@omarora1603/attacking-session-management-part-06-what-to-do-after-choosing-a-target-b551ab0455c5?source=rss------bug_bounty-5 | Om Arora | infosec, information-security, hacking, bug-bounty, cybersecurity | 30-Jan-2024 |
Best Approach to RCE | https://medium.com/@anekantsinghai/best-approach-to-rce-630187d4ad03?source=rss------bug_bounty-5 | Anekant Singhai Jain | red-team, ethical-hacking, rce, penetration-testing, bug-bounty | 30-Jan-2024 |
An introductory guide to HTTP request smuggling | https://medium.com/@mayank_prajapati/an-introductory-guide-to-http-request-smuggling-0defb95e87ce?source=rss------bug_bounty-5 | Mayank Kumar Prajapati | website, web, bug-bounty, hacking, vulnerability | 30-Jan-2024 |
How to replicate Jenkins CVE-2024–23897: Arbitrary File Read Vulnerability | https://medium.com/@red_darkin/how-to-replicate-jenkins-cve-2024-23897-arbitrary-file-read-vulnerability-260c8174dd94?source=rss------bug_bounty-5 | Red Darkin | bug-bounty, cybersecurity, cve-2024-23897, jenkins, offsec | 30-Jan-2024 |
Behind the Scenes of DLLs : How Attackers Exploit Legitimate Programs for Mischief! | https://osintteam.blog/behind-the-scenes-of-dlls-how-attackers-exploit-legitimate-programs-for-mischief-395a7540af1f?source=rss------bug_bounty-5 | Paritosh | dll-hijacking, information-security, cybersecurity, hacking, bug-bounty | 29-Jan-2024 |
Fundamentals of .NET Decompilation With dnSpy | https://infosecwriteups.com/fundamentals-of-net-decompilation-with-dnspy-e7456707b1d2?source=rss------bug_bounty-5 | Joward | pentesting, hacking, bug-bounty, dotnet | 29-Jan-2024 |
How to Earn Bug Bounty as a Professional Bug hunter | https://rajput623929.medium.com/how-to-earn-bug-bounty-as-a-professional-bug-hunter-ef7de858f94b?source=rss------bug_bounty-5 | Mr.Horbio | bug-bounty, bugs, earn-money-online, ethical-hacking, cybersecurity | 29-Jan-2024 |
Port Scanning: Pengertian, Teknik, Dan Pencegahannya | https://medium.com/@talaskosec/port-scanning-pengertian-teknik-dan-pencegahannya-38dece0adf2e?source=rss------bug_bounty-5 | TalaskoSec | bug-bounty-indonesia, coding, cyber-security-indonesia, cybersecurity, bug-bounty | 29-Jan-2024 |
XML External Entity injection with error-based data exfiltration | https://infosecwriteups.com/xml-external-entity-injection-with-error-based-data-exfiltration-985b063ec820?source=rss------bug_bounty-5 | Serj Novoselov | penetration-testing, hacking, bug-bounty, xml, writeup | 29-Jan-2024 |
OWASP Top 10 API Security Risks — 2023 | https://medium.com/@aayushdhakal005/owasp-top-10-api-security-risks-2023-0e1cd92214cf?source=rss------bug_bounty-5 | Creepydoomer | bug-bounty, cybersecurity, owasp, api | 29-Jan-2024 |
Kenalan Sama Bug Bounty | https://medium.com/@artiacode/kenalan-sama-bug-bounty-a9d72927a349?source=rss------bug_bounty-5 | ArtiaCode | bug-bounty, cybersecurity, bug-bounty-tips, cyber-security-awareness, ethical-hacking | 29-Jan-2024 |
CheckList for Bug Bounty Hunting | https://medium.com/@kalidaskamaraj/checklist-for-bug-bounty-hunting-ffcaf4841242?source=rss------bug_bounty-5 | Kalidaskamaraj | bug-bounty, cybersecurity, ethical-hacking, penetration-testing, web-application-testing | 29-Jan-2024 |
Meteor Subdomain Takeover | https://medium.com/@youngvanda/meteor-subdomain-takeover-b33034a44aa7?source=rss------bug_bounty-5 | YoungVanda | cybersecurity, technology, bug-bounty, javascript, programming | 29-Jan-2024 |
CVE-2024–0519: Chrome’s Gateway to Memory Access | https://medium.com/@elniak/cve-2024-0519-chromes-gateway-to-memory-access-8cfd6cbbd168?source=rss------bug_bounty-5 | ElNiak | google, cybersecurity, penetration-testing, bug-bounty, threat-intelligence | 29-Jan-2024 |
OWASP Top 10 API Security Risks — 2023 | https://medium.com/@aayushdhakal005/owasp-top-10-api-security-risks-2023-0e1cd92214cf?source=rss------bug_bounty-5 | Creepyshit | bug-bounty, cybersecurity, owasp, api | 29-Jan-2024 |
Discord’s preview bot redirection vulnerability | https://medium.com/@lenoctambule/discords-preview-bot-redirection-vulnerability-c8b08fe3721b?source=rss------bug_bounty-5 | Le Noctambule | bug-bounty, bugs, software-development, cybersecurity | 29-Jan-2024 |
Simple Tips for Bug Bounty Beginners: Finding OTP Bypass Bug | https://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-otp-bypass-bug-22323a8ff49b?source=rss------bug_bounty-5 | Anish Narayan | bug-bounty, cybersecurity, bug-bounty-tips, technology, programming | 29-Jan-2024 |
Huge Bug Bounty Resource | https://medium.com/@joshdesharnais1/huge-bug-bounty-resource-d25ee48d81cc?source=rss------bug_bounty-5 | Joshua Desharnais | hacking, bug-bounty, bugs, bug-bounty-tips | 29-Jan-2024 |
Techniques in Exploiting Business Logic Vulnerabilities for Bug Bounty | 2024 | https://cyberw1ng.medium.com/techniques-in-exploiting-business-logic-vulnerabilities-for-bug-bounty-2024-93293353e99f?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, careers, cybersecurity, security | 29-Jan-2024 |
Automation Hacks: Unearthing a Critical RCE the Easy Way | https://asbawy.medium.com/automation-hacks-unearthing-a-critical-rce-the-easy-way-ad64f01a06a3?source=rss------bug_bounty-5 | Asbawy | bug-bounty-tips, hacking, bug-bounty, cybersecurity, automation-testing | 29-Jan-2024 |
Reflected XSS in canonical link tag | https://medium.com/@marduk.i.am/reflected-xss-in-canonical-link-tag-64c9719fc6ad?source=rss------bug_bounty-5 | Marduk I Am | reflected-xss, cybersecurity, portswigger-lab, bug-bounty, cross-site-scripting | 29-Jan-2024 |
Bug Zero at a Glance [01–15 January] | https://blog.bugzero.io/bug-zero-at-a-glance-01-15-january-70f2e0b58c59?source=rss------bug_bounty-5 | Januka Dharmapriya | sri-lanka, newsletter, bug-zero, bug-bounty, cybersecurity | 28-Jan-2024 |
How I Learned To Exploit Buffer Overflows: An Introduction to Stack-Based Buffer Overflows | https://medium.com/@shcyber/how-i-learned-to-exploit-buffer-overflows-an-introduction-to-stack-based-buffer-overflows-5b27e339a1a6?source=rss------bug_bounty-5 | SHCyber | cybersecurity, buffer-overflow-attack, bug-bounty, binary-exploitation, buffer-overflow | 28-Jan-2024 |
Explorasi Platform Bug Bounty untuk Cyber Security Enthusiasts | https://medium.com/@faisalhanafi112/explorasi-platform-bug-bounty-untuk-cyber-security-enthusiasts-5d3bde391f69?source=rss------bug_bounty-5 | Faisal Hanafi | red-team, linuxhacking, pentesting, bug-bounty, cybersecurity | 28-Jan-2024 |
Useful HTTP method every bug hunter must know | https://medium.com/@aayushdhakal005/useful-http-method-every-bug-hunter-must-know-02f57f59812a?source=rss------bug_bounty-5 | Creepydoomer | cybersecurity, web, https, bug-bounty | 28-Jan-2024 |
Thorough Review Bug Bounty Hunter Certification [CBBH] | https://medium.com/@ozomarzu/thorough-review-bug-bounty-hunter-certification-cbbh-f39765da27bc?source=rss------bug_bounty-5 | CyberOz | pentesting, hackthebox, bug-bounty-hunter, bug-bounty, web-vulnerabilities | 28-Jan-2024 |
I will be giving away my book for free! | https://medium.com/@deadoverflow/i-will-be-giving-away-my-book-for-free-924191fdea84?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty-tips, hacking, cybersecurity, bug-hunting, bug-bounty | 28-Jan-2024 |
Get IDOR In No Permission To Access Page — Bug Bounty Tuesday | https://medium.com/@kerstan/get-idor-in-no-permission-to-access-page-bug-bounty-tuesday-a04fbb7e7821?source=rss------bug_bounty-5 | kerstan | cybersecurity, technology, hacking, security, bug-bounty | 28-Jan-2024 |
Reflected XSS with some SVG markup allowed | https://medium.com/@marduk.i.am/reflected-xss-with-some-svg-markup-allowed-10d198692208?source=rss------bug_bounty-5 | Marduk I Am | reflected-xss, cross-site-scripting, portswigger-lab, cybersecurity, bug-bounty | 28-Jan-2024 |
Roadmap Belajar SOC Analyst Dan Toolsnya | https://medium.com/@yasminramadini/roadmap-belajar-soc-analyst-dan-toolsnya-5ce314f0b0ff?source=rss------bug_bounty-5 | Yeaszec | bug-bounty, ethical-hacking, programmer, blue-team, cybersecurity | 28-Jan-2024 |
CVE-2023–45866: 0-Click Bluetooth vulnerability | https://medium.com/@elniak/understanding-and-mitigating-cve-2023-45866-0-click-vulnerability-2576ec17c38f?source=rss------bug_bounty-5 | ElNiak | bluetooth, cybersecurity, bug-bounty, penetration-testing, threat-intelligence | 28-Jan-2024 |
MIME Sniffing Explained: How Browsers Can Misinterpret Content Types | https://medium.com/@ab3lsec/mime-sniffing-explained-how-browsers-can-misinterpret-content-types-68c22d300345?source=rss------bug_bounty-5 | Abel V | sniffing, web-browser, cybersecurity, web-application-security, bug-bounty | 28-Jan-2024 |
Hunting for Vulnerabilities that are ignored by most of the Bug Bounty Hunters — Part 1 | https://medium.com/@vflexo/hunting-for-vulnerabilities-that-are-ignored-by-most-of-the-bug-bounty-hunters-part-1-187b35508e56?source=rss------bug_bounty-5 | vFlexo | ethical-hacking, bug-bounty, penetration-testing, vapt, information-security | 28-Jan-2024 |
How do you actually find bugs? (Part 2) | https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-part-2-5d6930edeee7?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty-tips, bug-hunting, bug-bounty, hacking, cybersecurity | 28-Jan-2024 |
Clicker — HackTheBox Machine Simple Writeup by Karthikeyan Nagaraj | 2024 | https://infosecwriteups.com/clicker-hackthebox-machine-simple-writeup-by-karthikeyan-nagaraj-2024-313b383236bd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, bug-bounty, hackthebox-writeup, hackthebox | 28-Jan-2024 |
How do you actually find bugs? (My 2 years experience) | Part 2 | https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-part-2-5d6930edeee7?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty-tips, bug-hunting, bug-bounty, hacking, cybersecurity | 28-Jan-2024 |
This is the easiest bug you can find. | https://medium.com/@deadoverflow/this-is-the-easiest-bug-you-can-find-90573d0053e1?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty-tips, cybersecurity, programming, bug-bounty, hacking | 28-Jan-2024 |
How to Get CVEs Online (Fast) | https://fh4ntke.medium.com/how-to-get-cves-online-fast-c0d6d897c04d?source=rss------bug_bounty-5 | FHantke | bug-bounty, information-technology, web-development, cybersecurity, hacking | 28-Jan-2024 |
XSS is hard to find… or is it? (How to you find bugs) | https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-part-2-5d6930edeee7?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty-tips, bug-hunting, bug-bounty, hacking, cybersecurity | 28-Jan-2024 |
ARPA Monthly Report | December Progress Review | https://arpa.medium.com/arpa-monthly-report-december-progress-review-d49a5a44b79c?source=rss------bug_bounty-5 | ARPA Official | staking, cryptography, arpa, bug-bounty, rng | 27-Jan-2024 |
5.8 Lab: Insufficient workflow validation | 2024 | https://cyberw1ng.medium.com/5-8-lab-insufficient-workflow-validation-2024-ce57b036d908?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, cybersecurity, bug-bounty, hacking, careers | 27-Jan-2024 |
Essential Encoding Schemes for Bug Bounty Hunters | https://medium.com/@aayushdhakal005/essential-encoding-schemes-for-bug-bounty-hunters-2cccd3dcb124?source=rss------bug_bounty-5 | Creepydoomer | bug-bounty, cybersecurity, ethical-hacking, security, encoding | 27-Jan-2024 |
Your Life in the Crosshairs of Cybersecurity Threats! | https://medium.com/@paritoshblogs/your-life-in-the-crosshairs-of-cybersecurity-threats-526f4a122e14?source=rss------bug_bounty-5 | Paritosh | security, cybersecurity, programming, bug-bounty, information-security | 27-Jan-2024 |
500$: MFA bypass By Race Condition | https://medium.com/@a13h1/500-mfa-bypass-by-race-condition-176421462902?source=rss------bug_bounty-5 | Abhi Sharma | race-condition, bug-bounty, programming, 2fa, cybersecurity | 27-Jan-2024 |
Як працює програма винагороди за виправлення помилок від Aleo? | https://medium.com/@prekrasnazasmin/%D1%8F%D0%BA-%D0%BF%D1%80%D0%B0%D1%86%D1%8E%D1%94-%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%B0-%D0%B2%D0%B8%D0%BD%D0%B0%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B8-%D0%B7%D0%B0-%D0%B2%D0%B8%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%BD%D1%8F-%D0%BF%D0%BE%D0%BC%D0%B8%D0%BB%D0%BE%D0%BA-%D0%B2%D1%96%D0%B4-aleo-edafe6e7dce0?source=rss------bug_bounty-5 | Marlin_2_2_0 | aleo, bug-bounty | 27-Jan-2024 |
Schneier’s Law In Bug Bounty | https://wallotry.medium.com/schneiers-law-in-bug-bounty-df04bebfdf2f?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunting, bug-bounty-tips, bug-bounty | 27-Jan-2024 |
SIEM Home Lab: Detecting Web Attack | https://medium.com/@yasminramadini/siem-home-lab-detecting-web-attack-b08c0d575498?source=rss------bug_bounty-5 | Yeaszec | soc-analyst, pentester, cybersecurity, bug-bounty, ethical-hacking | 26-Jan-2024 |
Detecting Server-Side Technologies for Bug Hunting: | https://medium.com/@aayushdhakal005/detecting-server-side-technologies-for-bug-hunting-9f894bd87da2?source=rss------bug_bounty-5 | Creepydoomer | php, python, servers, bug-bounty, microsoft | 26-Jan-2024 |
Evolution of Critical Log Sources in SIEM: A 5-Year Retrospective | https://infosecwriteups.com/evolution-of-critical-log-sources-in-siem-a-5-year-retrospective-841bae2b6a6c?source=rss------bug_bounty-5 | Paritosh | security, cybersecurity, siem, hacking, bug-bounty | 26-Jan-2024 |
Zero Click Account Takeover | https://medium.com/@bhavin87859/zero-click-account-takeover-404bb73121c9?source=rss------bug_bounty-5 | Sunny Sharma | bug-bounty-writeup, bug-bounty | 26-Jan-2024 |
Bug Bounty For Beginners 2024 Part (3). | https://medium.com/@lukwagoasuman236/bug-bounty-for-beginners-2024-part-3-3f8a70f8652e?source=rss------bug_bounty-5 | Asuman Lukwago | bug-bounty-tips, vulnerability-assessment, bug-bounty, cybersecurity, beginners-guide | 26-Jan-2024 |
Unveiling the Odyssey: A Riveting Tale of PII Disclosure Vulnerability Discovery | https://medium.com/@mrraghavop12/unveiling-the-odyssey-a-riveting-tale-of-pii-disclosure-vulnerability-discovery-615f04432654?source=rss------bug_bounty-5 | Ethical Raghav | blockchain, data-science, cybersecurity, technology, bug-bounty | 26-Jan-2024 |
Reflected XSS into HTML context with all tags blocked except custom ones | https://medium.com/@marduk.i.am/reflected-xss-into-html-context-with-all-tags-blocked-except-custom-ones-7eec0b6b146f?source=rss------bug_bounty-5 | Marduk I Am | bug-bounty, cross-site-scripting, cybersecurity, portswigger-lab, dom-xss | 26-Jan-2024 |
Strategies for Success in Audit Contests and Bug Bounty Hunting | https://medium.com/@JohnnyTime/strategies-for-success-in-audit-contests-and-bug-bounty-hunting-082cef9b4021?source=rss------bug_bounty-5 | Johnny Time | smart-contract-auditing, audit-contest, bug-bounty, code4rena, bug-bounty-tips | 26-Jan-2024 |
Ensuro Partners with Immunefi to Launch Bug Bounty Program | https://medium.com/@zorely/ensuro-partners-with-immunefi-to-launch-bug-bounty-program-e63368cdc0b0?source=rss------bug_bounty-5 | Ensuro ZE | bug-bounty | 26-Jan-2024 |
How I Discovered a Sneaky Account Takeover Vulnerability | https://sumedhgharpande.medium.com/how-i-discovered-a-sneaky-account-takeover-vulnerability-530c3a080a20?source=rss------bug_bounty-5 | Sumedh Gharpande | bug-bounty, ethical-hacking, cyber-security-awareness, hacking, broken-access-control | 26-Jan-2024 |
General Questions Asked in Telephonic Interview (Q&A)for Cybersecurity Role-My Personal Experience… | https://medium.com/@Ajakcybersecurity/general-questions-asked-in-telephonic-interview-q-a-for-cybersecurity-role-my-personal-experience-ae6298e5b8f0?source=rss------bug_bounty-5 | AjakCybersecurity | bug-bounty, ethical-hacking, interview, cybersecurity, jobs | 26-Jan-2024 |
5.7 Lab: Weak isolation on dual-use endpoint | 2024 | https://cyberw1ng.medium.com/5-7-lab-weak-isolation-on-dual-use-endpoint-2024-cd80519184b4?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, security, bug-bounty, careers | 26-Jan-2024 |
Bug Bounty 101: Unveiling the Crucial Role in Cybersecurity for Beginners | https://systemweakness.com/bug-bounty-101-unveiling-the-crucial-role-in-cybersecurity-for-beginners-0d8611e6f315?source=rss------bug_bounty-5 | Fahri Yeşil | cyber-threat-intelligence, bug-bounty, ethical-hacking, cybersecurity, vulnerability-research | 26-Jan-2024 |
Web Cache Poisoning: WWWWWH? | https://medium.com/@rcxsecurity/web-cache-poisoning-wwwwwh-ee2b47d6bacc?source=rss------bug_bounty-5 | RCXSecurity | cybersecurity, pentesting, bug-bounty-tips, penetration-testing, bug-bounty | 26-Jan-2024 |
How to get your email from different bug bounty platform to start hacking : | https://medium.com/@aayushdhakal005/how-to-get-your-email-from-different-bug-bounty-platform-to-start-hacking-ce01dd45f7ca?source=rss------bug_bounty-5 | Creepydoomer | cybersecurity, bug-bounty, ethical-hacking, hackerone, hacker | 25-Jan-2024 |
Tool: SCRIPTKIDDI3: A Comprehensive Guide to Efficient Bug Bounty Reconnaissance | https://nixiebytes.medium.com/tool-scriptkiddi3-a-comprehensive-guide-to-efficient-bug-bounty-reconnaissance-dc91c3517a5e?source=rss------bug_bounty-5 | Nixie_Bytes Security Team | bug-bounty, hacking-tools, tools, cybersecurity, hacking | 25-Jan-2024 |
A Comprehensive Guide to Bug Bounty Hunting Mastery | https://medium.com/@mrraghavop12/a-comprehensive-guide-to-bug-bounty-hunting-mastery-706934490626?source=rss------bug_bounty-5 | Ethical Raghav | bug-bounty, cybersecurity, artificial-intelligence, blockchain, data-science | 25-Jan-2024 |
eJPT all you need to know | https://medium.com/@boogsta/ejpt-all-you-need-to-know-7c62fef04cf3?source=rss------bug_bounty-5 | Boogsta | cyber, bug-bounty, bug-bounty-tips, hacking, cybersecurity | 25-Jan-2024 |
5.6 Lab: Inconsistent handling of exceptional input | 2024 | https://cyberw1ng.medium.com/5-6-lab-inconsistent-handling-of-exceptional-input-2024-d02e2bb522f4?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, security, bug-bounty, cybersecurity | 25-Jan-2024 |
OWASP TOP 10 2021: | https://medium.com/@aayushdhakal005/owasp-top-10-2021-cfb610db7dd4?source=rss------bug_bounty-5 | Creepydoomer | cybersecurity, ethical-hacking, bug-bounty, sql-injection, owasp | 24-Jan-2024 |
Git Directory Exposed Leads to Credentials Disclosure | https://medium.com/@blackarazi/git-directory-exposed-leads-to-credentials-disclosure-1d1737638279?source=rss------bug_bounty-5 | Azhari Harahap | bug-bounty-writeup, supply-chain-security, bug-bounty, application-security, git-exposed | 24-Jan-2024 |
Avedia Player r9300 Vulnerabilities | https://medium.com/@x41x41x41/avedia-player-r9300-vulnerabilities-1c71b4d8efa0?source=rss------bug_bounty-5 | John M | web-development, cve, bug-bounty, hacking, exploit | 24-Jan-2024 |
5.5 Low-level logic flaw in Business logic vulnerabilities | 2024 | https://cyberw1ng.medium.com/5-5-low-level-logic-flaw-in-business-logic-vulnerabilities-2024-cf9a90e2e762?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, careers, hacking, security | 24-Jan-2024 |
The Immunefi bug bounty campaign is live | https://dexenetwork.medium.com/the-immunefi-bug-bounty-campaign-is-live-5782b93f823e?source=rss------bug_bounty-5 | DeXe Protocol | dao, dexe, defi, bug-bounty | 24-Jan-2024 |
The art of learning bug bounty. | https://medium.com/@siratsami71/the-art-of-learning-bug-bounty-9c2a48aee53b?source=rss------bug_bounty-5 | Sirat Sami (analyz3r) | bugbounty-writeup, bug-bounty | 24-Jan-2024 |
IDOR Allowing to Place Other Students in Exam Sessions | https://medium.com/@mr_payload_injector/idor-allowing-to-place-other-students-in-exam-sessions-1bbefd14ac8d?source=rss------bug_bounty-5 | Mr_Payload_Injector | bug-bounty, cybersecurity, idor, bug-bounty-writeup, ethical-hacking | 24-Jan-2024 |
Response Manipulation Lead To Premium Feature By Normal User Reward of $500 | https://medium.com/@zikola1/response-manipulation-lead-to-premium-feature-by-normal-user-reward-of-500-43381f769ab1?source=rss------bug_bounty-5 | Abdulrahman badawi | web-application-security, bug-bounty-tips, penetration-testing, bug-bounty, bug-bounty-writeup | 24-Jan-2024 |
OWASP TOP 10 2017: | https://medium.com/@aayushdhakal005/owasp-top-10-2017-9daabe8c44bf?source=rss------bug_bounty-5 | Aayushdhakal | bug-bounty, ethical-hacking, sql, owasp, cybersecurity | 23-Jan-2024 |
Get IDOR In No Permission To Access Page— Bug Bounty Tuesday | https://medium.com/@kerstan/get-idor-in-no-permission-to-access-page-bug-bounty-tuesday-68aa82402171?source=rss------bug_bounty-5 | kerstan | hacking, cybersecurity, technology, bug-bounty, security | 23-Jan-2024 |
Dosya yükleme ile XSS | https://enesozlekk.medium.com/dosya-y%C3%BCkleme-ile-xss-8f2dd8d093c4?source=rss------bug_bounty-5 | Enes Özlek | bug-bounty | 23-Jan-2024 |
How to Exploit Business Logic Vulnerabilities for Bug Bounty | 2024 | https://cyberw1ng.medium.com/how-to-exploit-business-logic-vulnerabilities-for-bug-bounty-2024-5c9f14420d50?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, security, cybersecurity, bug-bounty | 23-Jan-2024 |
SQL Injection on PostgreSQL | https://medium.com/@yagizkocer/sql-injection-on-postgresql-8c8f823e44aa?source=rss------bug_bounty-5 | Yağız Koçer | sql-injection, penetration-testing, bug-bounty, hacking, cybersecurity | 23-Jan-2024 |
Leaked SQL error leading to XSS, and another BSQLi... | https://medium.com/@zatikyan.sevada/leaked-sql-error-leading-to-xss-and-another-bsqli-cdadde032687?source=rss------bug_bounty-5 | Zatikyan Sevada | bug-bounty, sql-injection, sql, xss-attack, cybersecurity | 22-Jan-2024 |
Hacking behind the WAF | https://noorhomaid.medium.com/hacking-behind-the-waf-60c6c1a48411?source=rss------bug_bounty-5 | NoorHomaid | infosec, bug-bounty-tips, penetration-testing, bug-bounty, cybersecurity | 22-Jan-2024 |
Better understanding of User-Directed Spidering vs Automated Spidering | https://medium.com/@aayushdhakal005/better-understanding-of-user-directed-spidering-vs-automated-spidering-a18342c42a25?source=rss------bug_bounty-5 | Aayushdhakal | hacking, penetration-testing, spidering, web, bug-bounty | 22-Jan-2024 |
How to find unprotected databases with Netlas.io: Chapter 2 | https://netlas.medium.com/how-to-find-unprotected-databases-with-netlas-io-chapter-2-ba71b07c9630?source=rss------bug_bounty-5 | Netlas.io | cybersecurity, information-security, bug-bounty, penetration-testing, osint | 22-Jan-2024 |
This Tool Helps Me To Find The Origin IP Address | https://medium.com/@Ajakcybersecurity/this-tool-helps-me-to-find-the-origin-ip-address-75b1444da57e?source=rss------bug_bounty-5 | AjakCybersecurity | penetration-testing, bug-bounty, hacking, cybersecurity, ethical-hacking | 22-Jan-2024 |
Is It Worth Quitting 9–5 Job For a Full-Time Bug Bounty In 2024? | https://medium.com/@Ajakcybersecurity/is-it-worth-quitting-9-5-job-for-a-full-time-bug-bounty-in-2024-a408389d914e?source=rss------bug_bounty-5 | AjakCybersecurity | cybersecurity, medium, bug-bounty, jobs, penetration-testing | 22-Jan-2024 |
4.5 Lab: Blind OS command injection with out-of-band data exfiltration | 2024 | https://cyberw1ng.medium.com/4-5-lab-blind-os-command-injection-with-out-of-band-data-exfiltration-2024-7bb26c2473e7?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, security, hacking, cybersecurity | 22-Jan-2024 |
Bug Bounty For Beginners 2024. | https://medium.com/@lukwagoasuman236/bug-bounty-for-beginners-2024-df4a38ed3ad2?source=rss------bug_bounty-5 | Asuman Lukwago | planning, finance, cybersecurity, bug-bounty, info | 22-Jan-2024 |
Reflected XSS into HTML context with most tags and attributes blocked | https://medium.com/@marduk.i.am/reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-4266c6c473ad?source=rss------bug_bounty-5 | Marduk I Am | bug-bounty, portswigger-lab, cybersecurity, cross-site-scripting, dom-xss | 22-Jan-2024 |
How do you actually find bugs? (My 2 year experience) | https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-my-2-year-experience-2d77d78994a0?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty, hacking, programming, cybersecurity, bug-bounty-tips | 22-Jan-2024 |
HackTheBox Saturn: Explaining SSRF | https://medium.com/@leomsec/hackthebox-saturn-explaining-ssrf-072234ab5ce3?source=rss------bug_bounty-5 | Leonardo | bug-bounty, hacker, pentesting, ctf, hackthebox | 22-Jan-2024 |
How I Discovered a Critical Vulnerability in a Leading UK Retail Giant’s System | https://medium.com/@cathreat/how-i-discovered-a-critical-vulnerability-in-a-leading-uk-retail-giants-system-bc4211c159a7?source=rss------bug_bounty-5 | cathreat | united-kingdom, pentesting, bug-bounty, hacking, ssrf | 22-Jan-2024 |
Unveiling the Digital Tapestry: A Penetration Tester's Odyssey into the Heart of Cyber… | https://medium.com/@mrraghavop12/title-unveiling-the-digital-tapestry-a-penetration-testers-odyssey-into-the-heart-of-cyber-2ac009e54e2f?source=rss------bug_bounty-5 | Ethical Raghav | bug-bounty, cybersecurity, web-development, technology, artificial-intelligence | 21-Jan-2024 |
Gelios Testnet Bug Bounty Program: Earn Up to $5,000 | https://geliosofficial.medium.com/gelios-testnet-bug-bounty-program-earn-up-to-5-000-10e2d78124f8?source=rss------bug_bounty-5 | Gelios | bitcoin-l2, gelios, blockchain, crypto, bug-bounty | 21-Jan-2024 |
Bug bounty platforms for 2024 | https://medium.com/@notahades/bug-bounty-platforms-for-2024-ab289e5c74a9?source=rss------bug_bounty-5 | Not_A_Hades | bug-bounty, cybersecurity, hacking, security | 21-Jan-2024 |
4.4 Lab: Blind OS command injection with out-of-band interaction | 2024 | https://cyberw1ng.medium.com/4-4-lab-blind-os-command-injection-with-out-of-band-interaction-2024-f9d0e7a1c7ac?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, hacking, cybersecurity, careers, bug-bounty | 21-Jan-2024 |
Making My First 10K by Hacking Open Source Targets | https://infosecwriteups.com/making-my-first-10k-by-hacking-open-source-targets-14ee1e9eeb70?source=rss------bug_bounty-5 | SynapticSpace | bug-bounty, foss, cybersecurity, hacking | 21-Jan-2024 |
Path traversal | https://medium.com/@codersqs/path-traversal-78cce0994e2d?source=rss------bug_bounty-5 | Codersqs | ethical-hacking, server-side-rendering, bug-bounty, ssrf-bug, directory-traversal | 21-Jan-2024 |
Exploiting SSRF in PDF HTML Injection: Basic and Blind | https://medium.com/@jbince/exploiting-ssrf-in-pdf-html-injection-basic-and-blind-047fec5317ae?source=rss------bug_bounty-5 | Joward | bug-bounty, ssrf, hacking, web-app-security, pentesting | 21-Jan-2024 |
Exploiting SSRF in PDF HTML Injection: Basic and Blind | https://infosecwriteups.com/exploiting-ssrf-in-pdf-html-injection-basic-and-blind-047fec5317ae?source=rss------bug_bounty-5 | Joward | bug-bounty, ssrf, hacking, web-app-security, pentesting | 21-Jan-2024 |
China Implements Stringent Cybersecurity Regulations: Makers Urged to Swiftly Report… | https://jareddouville.medium.com/china-implements-stringent-cybersecurity-regulations-makers-urged-to-swiftly-report-673f99696750?source=rss------bug_bounty-5 | Jared Douville | china-hackers, cyber-security-awareness, bug-bounty, zero-day, china | 20-Jan-2024 |
How I Bypassed CSRF Token — 2 Ways | https://medium.com/mii-cybersec/how-i-bypassed-csrf-token-2-ways-b87ac04969a8?source=rss------bug_bounty-5 | Bryan Matthew | csrf-bypass, red-team, bug-bounty, penetration-testing, csrf | 20-Jan-2024 |
Stored DOM XSS | https://medium.com/@marduk.i.am/stored-dom-xss-c7c9c972d086?source=rss------bug_bounty-5 | Marduk I Am | portswigger-lab, dom-xss, bug-bounty, cybersecurity, cross-site-scripting | 20-Jan-2024 |
The art of account takeover | https://medium.com/@iknowhatodo/the-art-of-account-takeover-ec5f9a29c436?source=rss------bug_bounty-5 | Hossam Ahmed | account-takeover, information-security, bug-bounty | 20-Jan-2024 |
Securing AWS: Understanding EC2 IMDS Vulnerabilities and Learning from the Capital One Breach | https://kishoreramk.medium.com/securing-aws-understanding-ec2-imds-vulnerabilities-and-learning-from-the-capital-one-breach-6f753e06cd66?source=rss------bug_bounty-5 | KISHORERAM | aws-ec2, aws-s3, cybersecurity, aws, bug-bounty | 20-Jan-2024 |
Login DoS — That requires simply sending a lot of specially crafted requests | https://infosecwriteups.com/login-dos-that-requires-simply-sending-a-lot-of-specially-crafted-requests-2ca927c628dd?source=rss------bug_bounty-5 | Shriyans Sudhi | bug-bounty, hackerone, penetration-testing, cybersecurity, web-hacking | 20-Jan-2024 |
921$ Privilege Escalation: Unauthorized User Addition to Shared APP Connections | https://infosecwriteups.com/921-privilege-escalation-unauthorized-user-addition-to-shared-app-connections-0780134d6cf1?source=rss------bug_bounty-5 | Abhi Sharma | privilege-escalation, hacking, cybersecurity, programming, bug-bounty | 20-Jan-2024 |
4.3 Lab: Blind OS command injection with output redirection | 2024 | https://cyberw1ng.medium.com/4-3-lab-blind-os-command-injection-with-output-redirection-2024-d92f52f139b4?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, bug-bounty, cybersecurity, security | 20-Jan-2024 |
Boosting Your Income: My Journey with Side Hustles in Cybersecurity | https://medium.com/@himanshu_mahajan/boosting-your-income-my-journey-with-side-hustles-in-cybersecurity-8cc088c92469?source=rss------bug_bounty-5 | Himanshu Mahajan | side-hustle, security, technology, bug-bounty, cybersecurity | 20-Jan-2024 |
How To Hide Any Payload: Day 3/100 Of Gaining Hacking Knowledge | https://medium.com/@ssg30devil/how-to-hide-any-payload-day-3-100-of-gaining-hacking-knowledge-002c4adb328b?source=rss------bug_bounty-5 | rootzs | bug-bounty-tool, bug-bounty, bug-bounty-tips, hacking | 19-Jan-2024 |
Dangling CNAME/Orphaned CNAME leads P2 on Google VRP | https://medium.com/@jerryhackgather/dangling-cname-orphaned-cname-leads-p2-on-google-vrp-fca8964d983c?source=rss------bug_bounty-5 | Jerry1319 | bug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity | 19-Jan-2024 |
Penetration Testing Techniques | https://anticitizenone.medium.com/penetration-testing-techniques-5eaf254fc5e6?source=rss------bug_bounty-5 | Rodolfo Santos Flaborea | blue-team, purple-team, red-team, pentesting, bug-bounty | 19-Jan-2024 |
Best Recon Website For BugBounty in 2024, I came across! Completely Free 🙂 | https://medium.com/@Ajakcybersecurity/best-recon-website-for-bugbounty-in-2024-i-came-across-completely-free-303d67187400?source=rss------bug_bounty-5 | AjakCybersecurity | blogging, cybersecurity, penetration-testing, ethical-hacking, bug-bounty | 19-Jan-2024 |
Authentication Bypass | Part 05 | What To Do After Choosing a Target | https://medium.com/@omarora1603/authentication-bypass-part-05-what-to-do-after-choosing-a-target-31eddc38029c?source=rss------bug_bounty-5 | Om Arora | hacking, cybersecurity, bug-bounty, technology, infosec | 19-Jan-2024 |
4.2 Lab: Lab: Blind OS command injection with time delays | 2024 | https://cyberw1ng.medium.com/4-2-lab-lab-blind-os-command-injection-with-time-delays-2024-042ad98c27e6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, careers, bug-bounty, security | 19-Jan-2024 |
IDOR To Massive Government Data Leak | https://bishal0x01.medium.com/idor-to-massive-government-data-leak-e8ad510d7e5?source=rss------bug_bounty-5 | Bishal Shrestha | bug-bounty, information-security, writeup, data-leak | 19-Jan-2024 |
Authentication Bypass | Part 05 | What To Do After Choosing a Target | https://infosecwriteups.com/authentication-bypass-part-05-what-to-do-after-choosing-a-target-31eddc38029c?source=rss------bug_bounty-5 | Om Arora | hacking, cybersecurity, bug-bounty, technology, infosec | 19-Jan-2024 |
IDOR Vulnerability Allowing Unauthorized Access to Colleagues’ Bachelor Theses | https://medium.com/@mr_payload_injector/idor-vulnerability-allowing-unauthorized-access-to-colleagues-bachelor-theses-8c76c4ec4480?source=rss------bug_bounty-5 | Mr_Payload_Injector | cybersecurity, ethical-hacking, bug-bounty-writeup, bug-bounty, bug-bounty-tips | 19-Jan-2024 |
#ERROR! | https://medium.com/@Xt3sY/500-internal-server-bypass-everything-will-be-200-okay-bcd149397736?source=rss------bug_bounty-5 | Pushkar Bhagat | hackerone, hacking, bugcrowd, exploitation, bug-bounty | 19-Jan-2024 |
How I Bypassed CSRF Token — 2Ways | https://medium.com/@bmatth21/how-i-bypassed-csrf-token-2ways-5662b4191188?source=rss------bug_bounty-5 | Bryan Matthew | penetration-testing, csrf-protection, csrf, bug-bounty, csrf-token | 19-Jan-2024 |
Roadmap to Cybersecurity Mastery: A Guide for Aspiring IT Professionals | https://ikhaleelkhan.medium.com/roadmap-to-cybersecurity-mastery-a-guide-for-aspiring-it-professionals-b2f2e6cc9641?source=rss------bug_bounty-5 | Khaleel Khan | hacking, infosec, cybersecurity, ethical-hacking, bug-bounty | 18-Jan-2024 |
AWS/S3 Subdomain Takeover | https://medium.com/@scottlindh/aws-s3-subdomain-takeover-79d705cc3553?source=rss------bug_bounty-5 | Scott Lindh | pentesting, hacking, hacking-tools, bug-bounty, bug-bounty-tips | 18-Jan-2024 |
Exploiting vulnerabilities in LLM APIs [OS injection] | https://medium.com/@s_novoselov/exploiting-vulnerabilities-in-llm-apis-os-injection-b7d31c803d1d?source=rss------bug_bounty-5 | Serj Novoselov | llm, penetration-testing, bug-bounty, ai, hacking | 18-Jan-2024 |
Brutal Bug Bounty methodology | https://medium.com/@pentajbr/brutal-bug-bounty-methodology-f872d0c1b8da?source=rss------bug_bounty-5 | Major Jbr | bug-bounty-tips, bug-bounty | 18-Jan-2024 |
Secret Input Header leads to Password Reset Poisoning | https://medium.com/@mares.viktor/secret-input-header-leads-to-password-reset-poisoning-ad3081fd8488?source=rss------bug_bounty-5 | Viktor Mares | bug-bounty, penetration-testing, hacking, web-development, cybersecurity | 18-Jan-2024 |
Business Logic: Bypass 2FA to ATO | https://giongfnef.medium.com/business-logic-bypass-2fa-to-ato-e0dc7131b10e?source=rss------bug_bounty-5 | Giongnef | security, bug-bounty, cybersecurity, information-security, pentesting | 18-Jan-2024 |
Finding Secret Key Inside React Native Apps | https://aminudin.medium.com/finding-secret-key-inside-react-native-apps-9eb6beac02f8?source=rss------bug_bounty-5 | Aminudin | bug-bounty, bugs, bug-bounty-tips | 18-Jan-2024 |
Blind OS command injection vulnerabilities in Portswigger | 2024 | https://cyberw1ng.medium.com/blind-os-command-injection-vulnerabilities-in-portswigger-2024-cdc10f62d0be?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, security, careers, hacking, bug-bounty | 18-Jan-2024 |
Master Bug Bounty Hunting Course | https://medium.com/@teamhydrashop/master-bug-bounty-hunting-course-ea3615f1160b?source=rss------bug_bounty-5 | Team Hydra Shop | tool-hack-xổ-số, bug-fixes, bug-bounty, penetration-testing, hacking-tools | 18-Jan-2024 |
What is Cyberkill Chain (My first Interview Question of my carrier) | https://akash-venky091.medium.com/what-is-cyberkill-chain-my-first-interview-question-of-my-carrier-e1cc6351a24b?source=rss------bug_bounty-5 | Akash Venky | security, bug-bounty, cybersecurity, information-technology, pentesting | 18-Jan-2024 |
How I Automatically Generate XSS Payload & Automate Reflected XSS | https://medium.com/@Ajakcybersecurity/how-i-automatically-generate-xss-payload-automate-reflected-xss-91f4a232cd78?source=rss------bug_bounty-5 | AjakCybersecurity | cybersecurity, ethical-hacking, xss-attack, bug-bounty, penetration-testing | 18-Jan-2024 |
Is PNPT Certification Worth It for a Cybersecurity Job? Exploring PNPT! | https://medium.com/@Ajakcybersecurity/is-pnpt-certification-worth-it-for-a-cybersecurity-job-exploring-pnpt-8fa13a194fe4?source=rss------bug_bounty-5 | AjakCybersecurity | bug-bounty, ethical-hacking, hacking, certification, cybersecurity | 18-Jan-2024 |
A Best $5 Spent in My Entire Cybersecurity Journey | https://medium.com/@Ajakcybersecurity/a-best-5-spent-in-my-entire-cybersecurity-journey-baf09ae710d0?source=rss------bug_bounty-5 | AjakCybersecurity | hacking, tryhackme, bug-bounty, cybersecurity, ethical-hacking | 18-Jan-2024 |
CSRF vulnerability | https://medium.com/@os1764934/csrf-vulnerability-ebfbbe6dd81c?source=rss------bug_bounty-5 | Omar Samy | bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips | 18-Jan-2024 |
Hydra Tryhackme: Walkthrough/Writeup | https://proviesec.medium.com/hydra-tryhackme-walkthrough-writeup-784db55ab9a9?source=rss------bug_bounty-5 | Proviesec | hydra, tryhackme-walkthrough, cybersecurity, bug-bounty, tryhackme | 18-Jan-2024 |
Things should do after sublister(sublist3r) | https://medium.com/@canonminibeast/things-should-do-after-sublister-sublist3r-90176a020409?source=rss------bug_bounty-5 | Canonminibeast | bug-bounty, cybersecurity, sublist3r, web-development, web-pen-testing | 18-Jan-2024 |
Exploiting LLM APIs with excessive agency | https://jareddouville.medium.com/exploiting-llm-apis-with-excessive-agency-979d87a9937e?source=rss------bug_bounty-5 | Jared Douville | portswigger-lab, bug-bounty, cyber-security-awareness, hackerone, llm | 18-Jan-2024 |
easy bug = big bounty | easy and small bug can give you a big bounty and Reputation | https://medium.com/@no_oneee/easy-bug-big-bounty-easy-and-small-bug-can-give-you-a-big-bounty-and-reputation-08534a90d2e6?source=rss------bug_bounty-5 | no|one | bug-bounty, hacking, bug-bounty-tips, information-security, bugs | 18-Jan-2024 |
Accessing deleted comment for $$: A Bug Bounty Writeup | https://vijetareigns.medium.com/accessing-deleted-comment-for-a-bug-bounty-writeup-95d56662d209?source=rss------bug_bounty-5 | the_unlucky_guy | bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips, writeup | 17-Jan-2024 |
Understanding and Mitigating Authentication Bypass Techniques in Web Applications | https://ikhaleelkhan.medium.com/understanding-and-mitigating-authentication-bypass-techniques-in-web-applications-d72795f469be?source=rss------bug_bounty-5 | Khaleel Khan | hacking, bug-bounty, infosec, infosecurity, ethical-hacking | 17-Jan-2024 |
Best Hacking OSINT Site list in 2024 | https://medium.com/@logicTech/best-hacking-osint-site-list-in-2024-768db84c55e3?source=rss------bug_bounty-5 | LogicTech | hacking-tools, bug-bounty, hacking, osint-investigation, journalism | 17-Jan-2024 |
Why Web2 Vulnerabilities Need Addressing Before Embracing Web3 — Part 1 | https://medium.com/@resonance.security/why-web2-vulnerabilities-need-addressing-before-embracing-web3-part-1-e881424e216c?source=rss------bug_bounty-5 | Resonance | bug-bounty, web3, blockchain | 17-Jan-2024 |
Phishing using Google Sheets for Red Team Engagements | https://infosecwriteups.com/phishing-using-google-sheets-for-red-team-engagements-ac79298ddb90?source=rss------bug_bounty-5 | Supun Halangoda (Suppa) | cybersecurity, phishing-attacks, phishing, information-security, bug-bounty | 17-Jan-2024 |
Privilege escalation via response manipulation | https://seek-er.medium.com/privilege-escalation-via-response-manipulation-e2ed5076b023?source=rss------bug_bounty-5 | Viky | bug-bounty-writeup, hacking, web-application-security, bug-bounty, security | 17-Jan-2024 |
1 Program, 4 Business Logic Bugs and Cashing in 2300$. | https://infosecwriteups.com/1-program-4-business-logic-bugs-and-cashing-in-2300-299b42236993?source=rss------bug_bounty-5 | Manav Bankatwala | bounty-hunter, information-security, bug-bounty, appreciation, cybersecurity | 17-Jan-2024 |
3.6 Lab: File path traversal, validation of file extension with null byte bypass | 2024 | https://cyberw1ng.medium.com/3-6-lab-file-path-traversal-validation-of-file-extension-with-null-byte-bypass-2024-ccf8005b5379?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, careers, bug-bounty, hacking, cybersecurity | 17-Jan-2024 |
Shall I Start Bug Bounty Without Cybersecurity Basics in 2024? | https://medium.com/@Ajakcybersecurity/shall-i-start-bug-bounty-without-cybersecurity-basics-in-2024-f62fa3ab1991?source=rss------bug_bounty-5 | AjakCybersecurity | penetration-testing, ethical-hacking, cybersecurity, hacking, bug-bounty | 17-Jan-2024 |
API_Security RoadMap | https://akash-venky091.medium.com/api-security-roadmap-edb59a420b04?source=rss------bug_bounty-5 | Akash Venky | cybersecurity, bug-bounty, vulnerability, information-technology, ethical-hacking | 16-Jan-2024 |
Extracting iOS IPA files Without Jailbreaking…! | https://medium.com/@dhanush1895/extracting-ios-ipa-files-without-jailbreaking-6e7ee8e57ad7?source=rss------bug_bounty-5 | Daniel1895 | methodology, ios, bug-bounty-tips, bug-bounty, pentesting | 16-Jan-2024 |
Unleashing the Power of AutoRepeater: Automating Blind SQL Injection Detection | https://medium.com/@atikqur007/unleashing-the-power-of-autorepeater-automating-blind-sql-injection-detection-1b159ee81158?source=rss------bug_bounty-5 | Atik Rahman | sql-injection, bug-bounty, blind-sql-injection, burpsuite-extension, cybersecurity | 16-Jan-2024 |
3.5 Lab: File path traversal, validation of start of path | 2024 | https://cyberw1ng.medium.com/3-5-lab-file-path-traversal-validation-of-start-of-path-2024-9b2b9b4f15d7?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, bug-bounty, cybersecurity, hacking, careers | 16-Jan-2024 |
How to Discovered IDOR from a Blank Page — Bug Bounty Tuesday | https://medium.com/@kerstan/how-to-discovered-idor-from-a-blank-page-bug-bounty-tuesday-5af784533d1a?source=rss------bug_bounty-5 | kerstan | technology, programming, bug-bounty, cybersecurity | 16-Jan-2024 |
GUI Bug Bounty Tool To Find Easy P1s in 2024 | https://medium.com/@Ajakcybersecurity/gui-bug-bounty-tool-to-find-easy-p1s-in-2024-24d05dceba72?source=rss------bug_bounty-5 | AjakCybersecurity | cybersecurity, ethical-hacking, github, penetration-testing, bug-bounty | 16-Jan-2024 |
Secret Bug bounty Extension all Hackers Forget To Add. Part-2 (Not Common!) | https://medium.com/@Ajakcybersecurity/secret-bug-bounty-extension-all-hackers-forget-to-add-part-2-not-common-e29d857f90e0?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, extension, cybersecurity, hacking, bug-bounty | 16-Jan-2024 |
Extensions I Use For My Bug Bounty Hunting in 2024, Part-1. | https://medium.com/@Ajakcybersecurity/extensions-i-use-for-my-bug-bounty-hunting-in-2024-part-1-5b8ba7501408?source=rss------bug_bounty-5 | AjakCybersecurity | cybersecurity, blog, hacking, bug-bounty, ethical-hacking | 16-Jan-2024 |
A Digital Date with a Hacker: A Café WiFi Adventure! | https://medium.com/@Ajakcybersecurity/a-digital-date-with-a-hacker-a-caf%C3%A9-wifi-adventure-db7ae98bbd90?source=rss------bug_bounty-5 | AjakCybersecurity | digital-forensics, cybersecurity, bug-bounty, hacking, blog | 16-Jan-2024 |
What can a Hacker do with your IP Address? Track Your Location? | https://medium.com/@Ajakcybersecurity/what-can-a-hacker-do-with-your-ip-address-track-your-location-f7854cd5c32f?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, cybersecurity, blog, digital-forensics, bug-bounty | 16-Jan-2024 |
Top 5 Sites to Improve Your Hacking Skill IN 2024 | https://medium.com/@Ajakcybersecurity/top-5-sites-to-improve-your-hacking-skill-in-2024-b9e786eb7adb?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, blog, cybersecurity, bug-bounty, hacking | 16-Jan-2024 |
Day 2/100 Of Gaining Hacking Knowledge — Easily change IP, Mac, DNS, Log killer, and more……. | https://medium.com/@ssg30devil/day-2-100-of-gaining-hacking-knowledge-easily-change-ip-mac-dns-log-killer-and-more-7d286c7b7647?source=rss------bug_bounty-5 | rootzs | bug-bounty, ethical-hacking, 100daychallenge, cybersecurity, git-tool | 16-Jan-2024 |
Web Security Academy — Business Logic Vulnerabilities Walkthrough | https://iaraoz.medium.com/web-security-academy-business-logic-vulnerabilities-walkthrough-536f756cda9b?source=rss------bug_bounty-5 | Israel Aráoz Severiche | cybersecurity, owasp, vulnerability, appsec, bug-bounty | 16-Jan-2024 |
Demystifying Reflected XSS: Understanding and Mitigating This Common Web Security Vulnerability | https://medium.com/@j0hnw1ck/demystifying-reflected-xss-understanding-and-mitigating-this-common-web-security-vulnerability-beaa3bb058c5?source=rss------bug_bounty-5 | J0hn W1ck | bug-bounty, cybersecurity, web-development, pentesting, hacking | 16-Jan-2024 |
Bug Zero at a Glance [16–31 December] | https://blog.bugzero.io/bug-zero-at-a-glance-16-31-december-d722a2b76ed4?source=rss------bug_bounty-5 | Januka Dharmapriya | newsletter, bug-bounty, bug-zero, sri-lanka, cybersecurity | 15-Jan-2024 |
How Apple Scammed Me Out Of $50,000 in their Bug Bounty Program (Silent Patching & Ignoring Me) | https://medium.com/@just4g3nt/how-apple-scammed-me-out-of-50-000-in-their-bug-bounty-program-silent-patching-ignoring-me-18455a47a1f6?source=rss------bug_bounty-5 | Random User | bug-bounty, infosec, apple, scam, cybersecurity | 15-Jan-2024 |
Unrestricted File Upload Lead to Stored XSS at Microsoft main domain | https://medium.com/@cavdarbashas/unrestricted-file-upload-lead-to-stored-xss-at-microsoft-main-domain-baa9cadac6bd?source=rss------bug_bounty-5 | Sokol Çavdarbasha | bug-bounty, penetration-testing, technology, web-security, ethical-hacking | 15-Jan-2024 |
HackenProof bug bounty campaign is now live | https://dexenetwork.medium.com/hackenproof-bug-bounty-campaign-is-now-live-bf9bc5ddd6d1?source=rss------bug_bounty-5 | DeXe Protocol | security, dao, bug-bounty, defi | 15-Jan-2024 |
100-day Challenge Day 1/100 Ethical Hacking Knowledge | https://medium.com/@ssg30devil/100-day-challenge-day-1-100-ethical-hacking-knowledge-9b0625a8e835?source=rss------bug_bounty-5 | rootzs | 100daychallenge, ethical-hacking, useful-websites, bug-bounty, most-useful-websites | 15-Jan-2024 |
Reflected DOM XSS | https://medium.com/@marduk.i.am/reflected-dom-xss-fdf60de841cb?source=rss------bug_bounty-5 | Marduk I Am | portswigger-lab, bug-bounty, cybersecurity, cross-site-scripting, dom-xss | 15-Jan-2024 |
SMTP Server (JAMES SMTP Server 2.3.2) | https://medium.com/@akshadjoshi/smtp-server-james-smtp-server-2-3-2-ad934435f021?source=rss------bug_bounty-5 | Akshad Joshi | smtp, bug-bounty, pentesting, hackthebox | 15-Jan-2024 |
Streamlining Vulnerability Hunting for Bug Bounty and pentesters | https://medium.com/@k-binsaeed/streamlining-vulnerability-hunting-for-bug-bounty-and-pentesters-81e77b3ab7d9?source=rss------bug_bounty-5 | NumLocK15 | bug-bounty, vulnerability, cybersecurity, pentesting | 15-Jan-2024 |
How I Used A Simple Python Script to Exploit a Vulnerable Google API Key. | https://medium.com/@gradillagustavo87/how-i-used-a-simple-python-script-to-exploit-a-vulnerable-google-api-key-475b4fcaf895?source=rss------bug_bounty-5 | Gustavo Gradilla | hacking-tools, bug-bounty-writeup, bug-bounty, google | 15-Jan-2024 |
How I Automate Finding Amazon S3 Buckets Using A Simple Python Script | https://medium.com/@gradillagustavo87/how-i-automate-finding-amazon-s3-buckets-using-a-simple-python-script-c1a7c11a8b52?source=rss------bug_bounty-5 | Gustavo Gradilla | cybersecurity, hacking-tools, ethical-hacking, bug-bounty, hacking | 15-Jan-2024 |
S3 Bucket takeover with simple technique lead to $$$ | https://medium.com/@adhaamsayed3/s3-bucket-takeover-with-simple-technique-lead-to-0fc0b89eeecb?source=rss------bug_bounty-5 | Adham sayed (doosec101) | web-app-pentesting, bug-bounty, hacker, hackerone, mobile-app-testing | 15-Jan-2024 |
3.3 Lab: File path traversal, traversal sequences stripped non-recursively | 2024 | https://cyberw1ng.medium.com/3-3-lab-file-path-traversal-traversal-sequences-stripped-non-recursively-2024-5dd6b7d227e6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, security, hacking, careers | 14-Jan-2024 |
Logical Error leads to DOS for victim | https://medium.com/@tanyago/logical-error-leads-to-dos-for-victim-8e4f6d18ae90?source=rss------bug_bounty-5 | Tanya Goyal | bug-bounty-tips, bug-bounty-writeup, bug-hunting, bug-bounty | 14-Jan-2024 |
How to Nail a Perfect Bug Report | https://medium.com/@nambiarjishnu1210/how-to-nail-a-perfect-bug-report-b619690779a7?source=rss------bug_bounty-5 | Jishnu Nambiar | software-testing, automation, bug-bounty, testing, quality-assurance | 14-Jan-2024 |
Bug Bounty: The Ultimate Guide For Beginners | https://medium.com/@securelearn/bug-bounty-the-ultimate-guide-for-beginners-92bd470b5c02?source=rss------bug_bounty-5 | RG | secure-learn, bug-bounty-tips, cybersecurity, hacking, bug-bounty | 14-Jan-2024 |
Elevate your Expertise: Key Cybersec Certifications 2k24 | https://thethreatcops.medium.com/elevate-your-expertise-key-cybersec-certifications-2k24-7a025f5566f4?source=rss------bug_bounty-5 | the threat cops | information-security, hacking, career-development, bug-bounty, cybersecurity | 14-Jan-2024 |
Exploring the Web’s Hidden Corners with DorkDive: A Google Dorking Tool for Tech Enthusiasts | https://infosecwriteups.com/exploring-the-webs-hidden-corners-with-dorkdive-a-google-dorking-tool-for-tech-enthusiasts-c66816493c76?source=rss------bug_bounty-5 | Incoggeek | python, cybersecurity, bug-bounty, tools, hacking | 14-Jan-2024 |
Mastering Cybersecurity: A Deep Dive into Optimal Attack Surface Management for Public Bug Bounty… | https://cyberarafat.medium.com/mastering-cybersecurity-a-deep-dive-into-optimal-attack-surface-management-for-public-bug-bounty-0eb182577c4c?source=rss------bug_bounty-5 | Arafat Ashrafi Talha | ethical-hacking, bug-bounty-tips, bug-bounty, penetration-testing, cybersecurity | 14-Jan-2024 |
Layer 5: Bug Bounties | https://medium.com/@triweisec/layer-5-bug-bounties-f67b2cbdf413?source=rss------bug_bounty-5 | TriWei.io | bug-bounty, web3, blockchain-security, ethical-hacking, vulnerability-assessment | 14-Jan-2024 |
ExamSys — Multiple SQL Injections | https://fh4ntke.medium.com/examsys-multiple-sql-injections-ef94d84e440c?source=rss------bug_bounty-5 | FHantke | web-development, technology, hacking, open-source, bug-bounty | 14-Jan-2024 |
How to set up a new Kali Linux virtual machine for Studying | Practicing | Bug Bounty ? | https://medium.com/@recepbalibey/how-to-set-up-a-new-kali-linux-virtual-machine-for-studying-practicing-bug-bounty-6ec16222c294?source=rss------bug_bounty-5 | Recep Balıbey | virtual-machine, kali-linux, ctf, bug-bounty, cybersecurity | 14-Jan-2024 |
Vulnerable Web Applications For Training and Testing Your New Tools | https://medium.com/@eclectic-security/vulnerable-web-applications-for-training-and-testing-your-new-tools-e2411942edb2?source=rss------bug_bounty-5 | Eclectic Security | bug-bounty, software-development, cybersecurity, training, penetration-testing | 14-Jan-2024 |
Mass Hunting Blind XSS — Practical Techniques | https://infosecwriteups.com/mass-hunting-blind-xss-practical-techniques-182c422d773e?source=rss------bug_bounty-5 | Ott3rly | bug-bounty-writeup, xss-vulnerability, cross-site-scripting, bug-bounty, cybersecurity | 14-Jan-2024 |
What is Bug Bounty Hunting | https://medium.com/@chaudharyrohit644/what-is-bug-bounty-hunting-d2571271d612?source=rss------bug_bounty-5 | Rohit Chaudhary | bug-bounty | 14-Jan-2024 |
PII Data Leakage via Directory Listing | https://medium.com/@fixthis1000time/pii-data-leakage-via-directory-listing-2a5ff7554cdc?source=rss------bug_bounty-5 | fixthi$ | infosec, cybersecurity, ethical-hacking, bug-bounty, hacking | 14-Jan-2024 |
User Enumeration in the login process | https://medium.com/@majix_de/user-enumeration-in-the-login-process-a43a248ac70d?source=rss------bug_bounty-5 | Majix | ctf, bug-bounty, pentesting, hacking, penetration-testing | 14-Jan-2024 |
HackTheBox — Server-side Request Forgery (SSRF) Overview | https://medium.com/@harry.hphu/hackthebox-server-side-request-forgery-ssrf-overview-e55ef94ac435?source=rss------bug_bounty-5 | Huy Phu | bug-bounty, web-security, hackthebox, owasp-top-10, ssrf | 13-Jan-2024 |
What is SQL Injection and how SQL queries work in database | https://mrunknown124154.medium.com/what-is-sql-injection-and-how-sql-queries-work-in-database-6971f1729aed?source=rss------bug_bounty-5 | Mr Abdullah | hacking, cyber-security-awareness, bug-bounty, sql-injection, web-hacking | 13-Jan-2024 |
Easy way to find RCE via SSTI(server side template injection) | https://medium.com/@jeetpal2007/easy-way-to-find-rce-via-ssti-server-side-template-injection-b5f664ddf427?source=rss------bug_bounty-5 | JEETPAL | rce, bug-bounty, easy, bugs, ssti | 13-Jan-2024 |
DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded | https://medium.com/@marduk.i.am/dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-62bc9a167c8e?source=rss------bug_bounty-5 | Marduk I Am | cross-site-scripting, angularjs, dom-xss, bug-bounty, portswigger-lab | 13-Jan-2024 |
mistakes bug bounty hunters fall on it | the key of bug bounty |best advice for 2024 | https://medium.com/@no_oneee/hello-48e0488f6fa4?source=rss------bug_bounty-5 | no|one | information-security, bugs, bug-bounty-tips, cybersecurity, bug-bounty | 13-Jan-2024 |
3.2 Lab: File path traversal, traversal sequences blocked with absolute path bypass | 2024 | https://cyberw1ng.medium.com/3-2-lab-file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass-2024-b1eb44cf3151?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, security, hacking, cybersecurity | 13-Jan-2024 |
Regeneration of API key by low level user: 500$ Access Control bug | https://medium.com/@a13h1/regeneration-of-api-key-by-low-level-user-500-access-control-bug-87c76b9b5842?source=rss------bug_bounty-5 | Abhi Sharma | bug-bounty, cybersecurity, hacking, api, programming | 13-Jan-2024 |
3.2 Lab: File path traversal, traversal sequences blocked with absolute path bypass | 2024 | https://systemweakness.com/3-2-lab-file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass-2024-b1eb44cf3151?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, security, hacking, cybersecurity | 13-Jan-2024 |
Burp Suite — Download, Set up and Get Going! | https://medium.com/@eclectic-security/burp-suite-download-set-up-and-get-going-a58ba7daf678?source=rss------bug_bounty-5 | Eclectic Security | bug-bounty, tools, cyber-security-training, penetration-testing, burpsuite | 13-Jan-2024 |
DOM-Based XSS: Understanding and Mitigating a Stealthy Attack Vector | https://medium.com/@ravensec93/dom-based-xss-understanding-and-mitigating-a-stealthy-attack-vector-71ebc56806aa?source=rss------bug_bounty-5 | Raven Security | bug-bounty, web-security, cybersecurity, xss-attack, hacking | 13-Jan-2024 |
Weird bug to steal users credentials | https://medium.com/@fuadahmad062/weird-bug-to-steal-users-credentials-5e80c5d4565f?source=rss------bug_bounty-5 | von001 | bug-bounty-tips, bug-bounty, content-spoofing | 12-Jan-2024 |
Forget Blockers, Own Your Freedom: SquareX | https://tanishqshahsays.medium.com/forget-blockers-own-your-freedom-squarex-4e4d6a845fe8?source=rss------bug_bounty-5 | Tanishq Sachin Shah | bug-bounty, squarex, security, cybersecurity, privacy | 12-Jan-2024 |
Mass Hunting Blind XSS — Initial Setup | https://ott3rly.medium.com/mass-hunting-blind-xss-initial-setup-7fc5c1898999?source=rss------bug_bounty-5 | Ott3rly | xs, info-sec-writeups, blind-xss, bug-bounty, cross-site-scripting | 12-Jan-2024 |
The DeXe Protocol’s Bug Bounty Campaign | https://dexenetwork.medium.com/the-dexe-protocols-bug-bounty-campaign-a68e960c36cd?source=rss------bug_bounty-5 | DeXe Protocol | defi, bug-bounty, smart-contracts, dao, security | 12-Jan-2024 |
tRPC Security Research: Hunting for Vulnerabilities in Modern APIs | https://medium.com/@LogicalHunter/trpc-security-research-hunting-for-vulnerabilities-in-modern-apis-b0d38e06fa71?source=rss------bug_bounty-5 | Borna Nematzadeh | bug-bounty-writeup, bug-bounty, web-security, security-research, api-security | 12-Jan-2024 |
Mass Hunting Blind XSS — Initial Setup | https://infosecwriteups.com/mass-hunting-blind-xss-initial-setup-7fc5c1898999?source=rss------bug_bounty-5 | Ott3rly | xs, info-sec-writeups, blind-xss, bug-bounty, cross-site-scripting | 12-Jan-2024 |
The DeXe Protocol’s Bug Bounty Campaign announcement | https://dexenetwork.medium.com/the-dexe-protocols-bug-bounty-campaign-a68e960c36cd?source=rss------bug_bounty-5 | DeXe Protocol | defi, bug-bounty, smart-contracts, dao, security | 12-Jan-2024 |
Unraveling the Mysteries of Zoo Services: Feign magic uncovered | https://medium.com/@boltaevt/unraveling-the-mysteries-of-zoo-services-feign-magic-uncovered-3d45d211fdec?source=rss------bug_bounty-5 | @boltaevt | bug-bounty, spring-boot, java, microservices, feign | 12-Jan-2024 |
Unveiling Vulnerabilities: Loose Permissions in Salesforce Lightning Pose Data Security Threats | https://samshadow.medium.com/unveiling-vulnerabilities-loose-permissions-in-salesforce-lightning-pose-data-security-threats-41eaba372937?source=rss------bug_bounty-5 | Sam Shadow | bug-bounty-writeup, infosec, salesforce-lightning, bug-bounty, bug-bounty-tips | 12-Jan-2024 |
Common obstacles to exploiting path traversal vulnerabilities | 2024 | https://cyberw1ng.medium.com/common-obstacles-to-exploiting-path-traversal-vulnerabilities-2024-204fd57566f5?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, security, hacking, cybersecurity, careers | 12-Jan-2024 |
Holy Ffuf Unleashing Rapid Wealth with a 15-Minute $$$ Twist | https://medium.com/@Xt3sY/holy-ffuf-unleashing-rapid-wealth-with-a-15-minute-twist-8fada0cc72ba?source=rss------bug_bounty-5 | Pushkar Bhagat | hacker101, bug-bounty, hackerone, hacker | 12-Jan-2024 |
SQL INJECTION FUNDAMENTALS_HACK THE BOX | https://medium.com/@romimkhan5588/sql-injection-fundamentals-hack-the-box-d22cde7a7198?source=rss------bug_bounty-5 | root 28 | hacking, bug-bounty, cybersecurity, hackthebox, sql-injection | 12-Jan-2024 |
Account Takeover via password reset without user interactions (CVE-2023–7028) | https://0xweb01.medium.com/account-takeover-via-password-reset-without-user-interactions-cve-2023-7028-cbd2e675992e?source=rss------bug_bounty-5 | 0xweb01 | cve, zero-day, bug-bounty, security | 12-Jan-2024 |
Holy Ffuf easy Bounty in 15 mins | https://medium.com/@Xt3sY/holy-ffuf-unleashing-rapid-wealth-with-a-15-minute-twist-8fada0cc72ba?source=rss------bug_bounty-5 | Pushkar Bhagat | hacker101, bug-bounty, hackerone, hacker | 12-Jan-2024 |
Bug Bounty | https://medium.com/@pdinukanth/bug-bounty-b1843c8676b3?source=rss------bug_bounty-5 | Pdinukanth | bug-bounty | 11-Jan-2024 |
IDN Homograph Attack - Reborn of the Rare Case | https://shahjerry33.medium.com/idn-homograph-attack-reborn-of-the-rare-case-99fa1e342352?source=rss------bug_bounty-5 | Jerry Shah (Jerry) | pentesting, bug-bounty, infosec, cybersecurity, vulnerability | 11-Jan-2024 |
Art of External Network Penetration Testing – Phase First: Preparation | https://medium.com/@pentesterman/introduction-with-the-rapidly-developing-technologies-in-the-digital-world-the-security-measures-c21d0f62c48f?source=rss------bug_bounty-5 | Sevban Dönmez | cybersecurity, external-pentest, bug-bounty, web-application-security, pentest-preparation | 11-Jan-2024 |
2.12 Lab: Password brute-force via password change | 2024 | https://cyberw1ng.medium.com/2-12-lab-password-brute-force-via-password-change-2024-94a39239f98e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, bug-bounty, cybersecurity, hacking, careers | 11-Jan-2024 |
How I discovered a Critical Vulnerability during a Pentest : IDOR to Privilege Escalation | https://medium.com/@ravindu.lakmina1/how-i-discovered-a-critical-vulnerability-during-a-pentest-idor-to-privilege-escalation-937230b06e62?source=rss------bug_bounty-5 | Ravindu Lakmina | ethical-hacking, hacking, bug-bounty, penetration-testing, cybersecurity | 11-Jan-2024 |
Windows Exploitation Learning Path in TryHackMe | https://mrshan.medium.com/windows-exploitation-learning-path-in-tryhackme-8fa680daa775?source=rss------bug_bounty-5 | MR SHAN | tryhackme-writeup, cybersecurity, tryhackme-walkthrough, bug-bounty, tryhackme | 11-Jan-2024 |
How I got my first bug bounty | https://medium.com/@b1ayn/how-i-got-my-first-bug-bounty-8772d41bccba?source=rss------bug_bounty-5 | B1ayn | bugcrowd, pentesting, hackerone, bug-bounty | 11-Jan-2024 |
How I Earned My First Bug Bounty Reward of $600 | https://medium.com/@zikola1/how-i-earned-my-first-bug-bounty-reward-of-600-14c268f94bbd?source=rss------bug_bounty-5 | Abdulrahman badawi | penetration-testing, bug-bounty-writeup, bug-bounty, bug-bounty-tips, web-application-security | 11-Jan-2024 |
Skills Needed For Bug Bounty Part 2 | https://medium.com/@joshdesharnais1/skills-needed-for-bug-bounty-part-2-2f6897aa3390?source=rss------bug_bounty-5 | Joshua Desharnais | exploitation, bug-bounty-tips, bug-bounty | 11-Jan-2024 |
Hacking my college intranet (Bug Bounty) | https://medium.com/@boogsta/hacking-my-college-intranet-8f77f5d8fe60?source=rss------bug_bounty-5 | Boogsta | cybersecurity, bug-bounty, hacking, cyber, bug-bounty-tips | 10-Jan-2024 |
How I Helped Indonesian Startup Company to Prevent Millions of PII Data Leaks | https://medium.com/@blackarazi/how-i-helped-indonesian-startup-company-to-prevent-millions-of-pii-data-leaks-55ef3edbd35d?source=rss------bug_bounty-5 | Azhari Harahap | bug-bounty-writeup, pii, application-security, api-security, bug-bounty | 10-Jan-2024 |
Everything About Launching and Managing Your Bug Bounty Program (From a Former Triager) | https://utkusen.medium.com/everything-about-launching-and-managing-your-bug-bounty-program-from-a-former-triager-e244105a31c6?source=rss------bug_bounty-5 | Utku Şen | cybersecurity, bug-bounty-tips, hackerone, bug-bounty | 10-Jan-2024 |
Businesses That Still Are Accepting Brute Force Vulnerabilities as Low Impact Need to Reconsider | https://malwarexhunt.medium.com/businesses-that-still-are-accepting-brute-force-vulnerabilities-as-low-impact-need-to-reconsider-c877f8b17ad3?source=rss------bug_bounty-5 | MalwareHunter | technology, cybersecurity, bug-bounty, programming, penetration-testing | 10-Jan-2024 |
Bugs & JS :A Closer Look at JavaScript for Successful Bug Hunting | https://anasbetis023.medium.com/bugs-js-a-closer-look-at-javascript-for-successful-bug-hunting-fddb0d796498?source=rss------bug_bounty-5 | Anas H Hmaidy | cybersecurity, bug-bounty, javascript, penetration-testing | 10-Jan-2024 |
A Beginner’s Guide to Bug Hunting: Your Passport to the World of Cybersecurity | https://medium.com/@matsecurity/a-beginners-guide-to-bug-hunting-your-passport-to-the-world-of-cybersecurity-798cc4a1e76d?source=rss------bug_bounty-5 | MatSec | bug-bounty, bug-bounty-tips, hackerone, cybersecurity, ethical-hacking | 10-Jan-2024 |
Daily Bug Bounty Writeups | https://securitycipher.medium.com/daily-bug-bounty-writeups-2d754b87a546?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | hacking, technology, ai, security, bug-bounty | 09-Jan-2024 |
BYPASSING PAYMENTS IN APPLE FOR FREE TRAILS FOR LIFETIME | https://medium.com/@sam0-0/bypassing-payments-in-apple-for-free-trails-for-lifetime-8e3019dfe57b?source=rss------bug_bounty-5 | Sam | bug-bounty-writeup, bug-bounty, apple, apple-security | 09-Jan-2024 |
Bug Bounty prompt that can help you to find IDOR vulnerabilities | https://blog.gopenai.com/bug-bounty-prompt-that-can-help-you-to-find-idor-vulnerabilities-5a47fa5de44f?source=rss------bug_bounty-5 | aimaster | idor, bug-bounty, bugbountyprompts, cybersecurity, chatgpt | 09-Jan-2024 |
Understanding Sherlock’s Smart Contract Coverage | https://medium.com/@JohnnyTime/understanding-sherlocks-smart-contract-coverage-3eca7d9033bc?source=rss------bug_bounty-5 | Johnny Time | sherlock, web3-security, audit-contest, bug-bounty, smart-contracts | 09-Jan-2024 |
How To Get A XSSI Bug In Bug Bounty— Bug Bounty Tuesday | https://medium.com/@kerstan/how-to-get-a-xssi-bug-in-bug-bounty-bug-bounty-tuesday-7440b0caf32c?source=rss------bug_bounty-5 | kerstan | bug-bounty, security, technology, programming, cybersecurity | 09-Jan-2024 |
Developed a Bug Bounty Calculator | https://medium.com/@chander.romesh/developed-a-bug-bounty-calculator-b8370e04b15a?source=rss------bug_bounty-5 | Romesh chander | information-security, infosec, pentesting, hacking, bug-bounty | 09-Jan-2024 |
Recon Nedir ve Kullanılan Araçlar | https://medium.com/@eren.klai2/recon-nedir-ve-kullan%C4%B1lan-ara%C3%A7lar-bac6b28479e4?source=rss------bug_bounty-5 | ErenCatak | subdomain, pentesting, subdomains-enumeration, bug-bounty, recon | 09-Jan-2024 |
Subdomain Bruteforce Tool | https://0xshaheen.medium.com/subdomain-bruteforce-tool-9dd3cd673df6?source=rss------bug_bounty-5 | Shaheen Sikder | subdomains-enumeration, subdomain, bug-bounty, subdomain-bruteforce | 09-Jan-2024 |
Get All your Clickjacking Vulnerability Triaged with this Exploitation! | https://medium.com/@Ajakcybersecurity/get-all-your-clickjacking-vulnerability-triaged-with-this-exploitation-95de8291e285?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, bug-bounty, cybersecurity, blog, clickjacking | 09-Jan-2024 |
A Straight 5-hour Escalation! Exploiting Boolean-Based SQL Injection. | https://medium.com/@Ajakcybersecurity/a-straight-5-hour-escalation-exploiting-boolean-based-sql-injection-5d828fd3dacf?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, bug-bounty, cybersecurity, red-team, sql | 09-Jan-2024 |
How to Write A Bug Bounty Report Like a Pro! | https://medium.com/@Ajakcybersecurity/how-to-write-a-bug-bounty-report-like-a-pro-a703034d095f?source=rss------bug_bounty-5 | AjakCybersecurity | bug-bounty, ethical-hacking, ethcial-hacking, hacking, cybersecurity | 09-Jan-2024 |
How To Report Bug In Indian Government Site? | https://medium.com/@Ajakcybersecurity/how-to-report-bug-in-indian-government-site-3f104eb5c40b?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, bug-bounty, blog, india, cybersecurity | 09-Jan-2024 |
How To Check Whether Your Photo is Leaked In Online or Not? | https://medium.com/@Ajakcybersecurity/how-to-check-whether-your-photo-is-leaked-in-online-or-not-286a9feeadbd?source=rss------bug_bounty-5 | AjakCybersecurity | investigation, digital-forensics, blog, cybersecurity, bug-bounty | 09-Jan-2024 |
2.11 Lab: Password reset poisoning via middleware | 2024 | https://cyberw1ng.medium.com/2-11-lab-password-reset-poisoning-via-middleware-2024-862897c7fc77?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, hacking, careers, security, bug-bounty | 09-Jan-2024 |
Tricks I Do To Get Easy HOF and Bounty! | https://medium.com/@Ajakcybersecurity/tricks-i-do-to-get-easy-hof-and-bounty-99d6158eb53e?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, penetration-testing, blog, cybersecurity, bug-bounty | 09-Jan-2024 |
How Much Was My First Bounty? | https://medium.com/@Ajakcybersecurity/how-much-was-my-first-bounty-9c02df4b1958?source=rss------bug_bounty-5 | AjakCybersecurity | hacking, ethical-hacking, cybersecurity, penetration-testing, bug-bounty | 09-Jan-2024 |
The Art and Science Behind Password Managers | https://medium.com/@paritoshblogs/the-art-and-science-behind-password-managers-fbf5fb9c7f99?source=rss------bug_bounty-5 | Paritosh | information-security, cybersecurity, password-manager, hacking, bug-bounty | 08-Jan-2024 |
Top 13 Vulnerable Web Applications and Websites for Ethical Hacking Practice | https://bytebusterx.medium.com/top-13-vulnerable-web-applications-and-websites-for-ethical-hacking-practice-1850c6163e89?source=rss------bug_bounty-5 | ByteBusterX | bug-bounty, hacking, cybersecurity | 08-Jan-2024 |
Rapid Scan (Web Vulnerability Scanner) | https://medium.com/@psychomong/rapid-scan-web-vulnerability-scanner-d164cefc3c9a?source=rss------bug_bounty-5 | psychomong | hacking, bug-bounty, scanner, hackerone, python | 08-Jan-2024 |
2.10 Lab: Offline password cracking | 2024 | https://cyberw1ng.medium.com/2-10-lab-offline-password-cracking-2024-e730fb915f73?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, security, cybersecurity, hacking | 08-Jan-2024 |
Blind boolean-based SQLi, by manipulating url | https://medium.com/@zatikyan.sevada/blind-boolean-based-sqli-by-manipulating-url-96e1e086378c?source=rss------bug_bounty-5 | Zatikyan Sevada | cybersecurity, sqlmap, bug-bounty, owasp, sql-injection | 08-Jan-2024 |
HTTP PARAMTER POLLUTION [TR] | https://medium.com/@eren.klai2/http-paramter-pollution-tr-700e254be60e?source=rss------bug_bounty-5 | ErenCatak | pentesting, bug-bounty, turkey, http-parameter-pollution, parameter-tampering | 08-Jan-2024 |
2.9 Lab: Brute-forcing a stay-logged-in cookie | 2024 | https://cyberw1ng.medium.com/2-9-lab-brute-forcing-a-stay-logged-in-cookie-2024-065110f81d48?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, security, cybersecurity, hacking, careers | 07-Jan-2024 |
Digital Forensics Investigation Report PDF- A Court Manner. | https://medium.com/@Ajakcybersecurity/digital-forensics-investigation-report-pdf-a-court-manner-daaa24c60458?source=rss------bug_bounty-5 | AjakCybersecurity | wireshark, bug-bounty, networking, digital-forensics, blog | 07-Jan-2024 |
Top Programming Languages You Need to Know In 2024 | https://medium.com/@Ajakcybersecurity/top-programming-languages-you-need-to-know-in-2024-372db341015f?source=rss------bug_bounty-5 | AjakCybersecurity | bug-bounty, cybersecurity, python, medium, programming | 07-Jan-2024 |
XSS (Cross-Site Scripting) Reports on codechef.com | https://medium.com/@mr_sopyan/xss-cross-site-scripting-reports-on-codechef-com-1a674f9ba9d8?source=rss------bug_bounty-5 | Mr_Sopyan | cybersecurity, xss-attack, bug-bounty, it-security | 07-Jan-2024 |
How to match IOCs against SIEM logs ? | https://medium.com/@paritoshblogs/how-to-match-iocs-against-siem-logs-9d61079d16c6?source=rss------bug_bounty-5 | Paritosh | siem, hacking, bug-bounty, cybersecurity, ioc | 07-Jan-2024 |
Paid Subscriptions Resources which will be useful for Ethical Hacking/Bug Bounty (No Promotion)… | https://medium.com/@Ajakcybersecurity/paid-subscriptions-resources-which-will-be-useful-for-ethical-hacking-bug-bounty-no-promotion-94b2aad97b18?source=rss------bug_bounty-5 | AjakCybersecurity | medium, udemy, ethical-hacking, bug-bounty, cybersecurity | 07-Jan-2024 |
Learn Cybersecurity By Doing Simple Projects at Home | https://medium.com/@Ajakcybersecurity/learn-cybersecurity-by-doing-simple-projects-at-home-81fe4a512a65?source=rss------bug_bounty-5 | AjakCybersecurity | cybersecurity, bug-bounty, projects, ethical-hacking, hacking | 07-Jan-2024 |
Top 5 Best Laptops for Bug Bounty and Ethical Hacking | https://medium.com/@Ajakcybersecurity/top-5-best-laptops-for-bug-bounty-and-ethical-hacking-c0ce6fe4917c?source=rss------bug_bounty-5 | AjakCybersecurity | hacking, blog, laptop, programming, bug-bounty | 07-Jan-2024 |
Os Command Injection | https://medium.com/@eren.klai2/os-command-injection-536087488e87?source=rss------bug_bounty-5 | ErenCatak | bug-bounty, pentesting, os-command-injection, operating-systems, bash-script | 07-Jan-2024 |
Top 5 Best Books for Bug Bounty Hunting- My Personal Favourites | https://medium.com/@Ajakcybersecurity/top-5-best-books-for-bug-bounty-hunting-my-personal-favourites-ec416ab4ea25?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, hacking, money, bug-bounty, blog | 06-Jan-2024 |
HackerOne or BugCrowd or VDP? How To Choose your Bug Bounty Program? | https://medium.com/@Ajakcybersecurity/hackerone-or-bugcrowd-or-vdp-how-to-choose-your-bug-bounty-program-c4a4d202397c?source=rss------bug_bounty-5 | AjakCybersecurity | bug-bounty, hackerone, blog, penetration-testing, ethical-hacking | 06-Jan-2024 |
How I Cracked CEH Within 6 Months Only With Free Resources. | https://medium.com/@Ajakcybersecurity/how-i-cracked-ceh-within-6-months-only-with-free-resources-c362d122ee01?source=rss------bug_bounty-5 | AjakCybersecurity | hacking, bug-bounty, blog, ethical-hacking, certification | 06-Jan-2024 |
Bug Bounty Mistakes I Made in 2023, So that You Can Avoid in 2024 | https://medium.com/@Ajakcybersecurity/bug-bounty-mistakes-i-made-in-2023-so-that-you-can-avoid-in-2024-3737663807fc?source=rss------bug_bounty-5 | AjakCybersecurity | penetration-testing, hacking, ethical-hacking, cybersecurity, bug-bounty | 06-Jan-2024 |
Unveiling the Dangers of CWE-319: Clear Text Transmission of Sensitive Information | https://medium.com/@georgeppmc/unveiling-the-dangers-of-cwe-319-clear-text-transmission-of-sensitive-information-1ada2d1f4ca5?source=rss------bug_bounty-5 | George Torres | bug-bounty | 06-Jan-2024 |
Gi7w0rm’s personal year review — 2023 | https://gi7w0rm.medium.com/gi7w0rms-personal-year-review-2023-f4726b46b604?source=rss------bug_bounty-5 | Gi7w0rm | ioc, bug-bounty, cybersecurity, infosec, 2023 | 06-Jan-2024 |
500$ Access Control Bug: Performed Restricted Actions in Developer Settings by low level user. | https://medium.com/@a13h1/500-access-control-bug-performed-restricted-actions-in-developer-settings-by-low-level-user-b4ecaa6d1aa1?source=rss------bug_bounty-5 | Abhi Sharma | programming, bug-bounty, pentesting, access-control, cybersecurity | 06-Jan-2024 |
Best AI Tools For Cybersecurity in 2024 | https://medium.com/@paritoshblogs/best-ai-tools-for-cybersecurity-in-2024-9f9972919f1d?source=rss------bug_bounty-5 | Paritosh | bug-bounty, hacking, networking, information-security, cybersecurity | 06-Jan-2024 |
The Art of Shodan | https://astro0x00.medium.com/the-art-of-shodan-ee83bfa96105?source=rss------bug_bounty-5 | Mo2men Elmady | bug-bounty, shodan, penetration-testing, cve, hacking | 06-Jan-2024 |
2.8 Lab: 2FA broken logic | 2024 | https://cyberw1ng.medium.com/2-8-lab-2fa-broken-logic-2024-30a843da98ca?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, hacking, careers, bug-bounty, security | 06-Jan-2024 |
The History Behind My First Bug | https://dropn0w.medium.com/the-history-behind-my-first-bug-539b913b9667?source=rss------bug_bounty-5 | drop | bug-bounty-tips, hacking, bug-bounty, cybersecurity | 06-Jan-2024 |
The Story Behind My First Bug | https://dropn0w.medium.com/the-history-behind-my-first-bug-539b913b9667?source=rss------bug_bounty-5 | drop | bug-bounty-tips, hacking, bug-bounty, cybersecurity | 06-Jan-2024 |
Ethical Hacking RoadMap 2024. A Complete Guide. | https://medium.com/@testproxy027/ethical-hacking-roadmap-2024-a-complete-guide-74a7a09668af?source=rss------bug_bounty-5 | Ankit Hacker | cybersecurity, bug-bounty, hacking, ethical-hacking, medium | 05-Jan-2024 |
I received a Bank offer in my mailbox and discovered an IDOR vulnerability - $5,000 bounty - @bxmbn | https://bxmbn.medium.com/i-received-a-bank-offer-in-my-mailbox-and-discovered-an-idor-vulnerability-5-000-bounty-bxmbn-5209cab1fba8?source=rss------bug_bounty-5 | bombon | cybersecurity, idor, bug-bounty | 05-Jan-2024 |
How I Prevented a Mass Data Breach - $15,000 bounty - @bxmbn | https://bxmbn.medium.com/how-i-prevented-a-mass-data-breach-15-000-bounty-bxmbn-1096e6400e3d?source=rss------bug_bounty-5 | bombon | bug-bounty, data-breach, idor, cybersecurity | 05-Jan-2024 |
Cybersecurity Roadmap: 2024 | https://hackerassociate.medium.com/cybersecurity-roadmap-2024-ea3586fea603?source=rss------bug_bounty-5 | Harshad Shah | infosec, cybersecurity, penetration-testing, bug-bounty, hacking | 05-Jan-2024 |
How to Earn Money as a Digital Forensics Investigator | https://medium.com/@moneyiseasybro/how-to-earn-money-as-a-digital-forensics-investigator-dae9723ebb10?source=rss------bug_bounty-5 | How to Earn | ethical-hacking, cybersecurity, finance, money, bug-bounty | 05-Jan-2024 |
How Celebrities Social media accounts get hacked in real time? | https://medium.com/@Ajakcybersecurity/how-celebrities-social-media-accounts-get-hacked-in-real-time-4ccb37ac0763?source=rss------bug_bounty-5 | AjakCybersecurity | phishing, ethical-hacking, cybersecurity, digital-forensics, bug-bounty | 05-Jan-2024 |
How to Become a Successful Bug Bounty Hunter in 2024? | https://medium.com/@Ajakcybersecurity/how-to-become-a-successful-bug-bounty-hunter-in-2024-3171b782b585?source=rss------bug_bounty-5 | AjakCybersecurity | bug-bounty, ethical-hacking, blog, cybersecurity, hacking | 05-Jan-2024 |
Listed in Top 15 Researchers in NCIIPC India | https://devanshchauhan4565.medium.com/listed-in-top-15-researchers-in-nciipc-india-4143da2d75e9?source=rss------bug_bounty-5 | Devansh chauhan | top-10, bug-bounty, internet, vulnerability, india | 05-Jan-2024 |
Privilege Escalation Using SCIM Provisioning | https://ronak-9889.medium.com/privilege-escalation-using-scim-provisioning-ca61ed9606bd?source=rss------bug_bounty-5 | Ronak Patel | bug-bounty, information-security, privilege-escalation, access-control, cybersecurity | 05-Jan-2024 |
Website Hacking, Penetration Testing & Bug Bounty Hunting Resources full course | https://thehackertools9.medium.com/website-hacking-penetration-testing-bug-bounty-hunting-resources-full-course-0010c0603bd9?source=rss------bug_bounty-5 | TheHackerLife | bug-bounty-tips, bug-bounty, website-hacking, hacking-tools, ethical-hacking-tools | 05-Jan-2024 |
2.7 Lab: Username enumeration via account lock | 2024 | https://cyberw1ng.medium.com/2-7-lab-username-enumeration-via-account-lock-2024-9ae1d7eef4a6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, hacking, bug-bounty, cybersecurity, careers | 05-Jan-2024 |
My first bugs in 2024 | https://medium.com/@el-cezeri/my-first-bugs-in-2024-82ea4e9de718?source=rss------bug_bounty-5 | Samet Yiğit | ödülavcılığı, bug-bounty, bug-bounty-tips | 05-Jan-2024 |
Vulnerable WordPress December 2023 (Shahriar) | https://medium.com/@onhexgroup/vulnerable-wordpress-december-2023-shahriar-16277c1cd3b8?source=rss------bug_bounty-5 | Onhexgroup | wordpress-security, wordpress-plugins, infosec, bug-bounty, wordpress | 05-Jan-2024 |
Exploring “Jok3r”: A Powerful Network/Host Reconnaissance and Enumeration Tool. | https://sh1vv1.medium.com/exploring-jok3r-a-powerful-network-host-reconnaissance-and-enumeration-tool-43b524c580f0?source=rss------bug_bounty-5 | Hesham Ahmed | tips-and-tricks, tools, penetration-testing, bug-bounty, bug-hunting | 05-Jan-2024 |
Web Security Academy — API Security Testing Walkthrough | https://iaraoz.medium.com/web-security-academy-api-security-testing-walkthrough-11019ed93eae?source=rss------bug_bounty-5 | Israel Aráoz Severiche | api, bug-bounty, web, hacking, portswigger-lab | 05-Jan-2024 |
9 Subtle Tricks To Make Your Cybersecurity Skills Much Better | https://medium.com/@paritoshblogs/9-subtle-tricks-to-make-your-cybersecurity-skills-much-better-4f7e48b3fd57?source=rss------bug_bounty-5 | Paritosh | bug-bounty, ai, cybersecurity, programming, hacking | 04-Jan-2024 |
Exploring Application Security with SAST, DAST, SCA, and IAST | https://securitycipher.medium.com/exploring-application-security-with-sast-dast-sca-and-iast-95b27043d9fd?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | security, bug-bounty, hacking, technology, cybersecurity | 04-Jan-2024 |
How do i bypass waf for xss in input tag? | https://medium.com/@lyltvip/how-do-i-bypass-waf-for-xss-in-input-tag-2adcdc1b7e25?source=rss------bug_bounty-5 | lanyi | bug-bounty-tips, hacking, xss-vulnerability, xss-attack, bug-bounty | 04-Jan-2024 |
CORS Crossfire: An iCSI CTF | https://medium.com/@josh.beck2006/cors-crossfire-an-icsi-ctf-35a73f700207?source=rss------bug_bounty-5 | Josh Beck | cybersecurity, penetration-testing, ctf-writeup, bug-bounty | 04-Jan-2024 |
2.6 Lab: Broken brute-force protection, IP block | 2024 | https://cyberw1ng.medium.com/2-6-lab-broken-brute-force-protection-ip-block-2024-8057a53b999a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, bug-bounty, careers, cybersecurity, hacking | 04-Jan-2024 |
Account Takeover? $4 and a click, please. | https://swehtpantz.medium.com/account-takeover-4-and-a-click-please-454c035aa3b6?source=rss------bug_bounty-5 | Swehtpantz | hacking, pentesting, ethical-hacking, bug-bounty, bug-bounty-tips | 04-Jan-2024 |
Bug Bounty | https://medium.com/@montymahapatra79/bug-bounty-02310f6d39f9?source=rss------bug_bounty-5 | Montymahapatra | bug-bounty-tips, bug-bounty-hunter, bug-bounty | 04-Jan-2024 |
Ethical Hacking RoadMap 2024. A Complete Guide. | https://ajaksecurities.medium.com/ethical-hacking-roadmap-2024-a-complete-guide-23b23262b1b8?source=rss------bug_bounty-5 | Ajak Cyber Security | ethical-hacking, hacking, bug-bounty, medium, cybersecurity | 04-Jan-2024 |
How to Become a Successful Bug Bounty Hunter in 2024? | https://ajaksecurities.medium.com/how-to-become-a-successful-bug-bounty-hunter-in-2024-106f576b03e2?source=rss------bug_bounty-5 | Ajak Cyber Security | ethical-hacking, hacking, bug-bounty, cybersecurity, medium | 04-Jan-2024 |
Essential Gadgets for Bug Bounty Hunters: Enhancing Your Cybersecurity Arsenal | https://securitylit.medium.com/essential-gadgets-for-bug-bounty-hunters-enhancing-your-cybersecurity-arsenal-40173ec2945f?source=rss------bug_bounty-5 | Security Lit Limited | gadgets, cybersecurity, bug-bounty, vulnerability | 04-Jan-2024 |
OpenBounty, phương pháp tiếp cận mới của Shentu trong Hệ sinh thái bảo mật | https://shentuchain.medium.com/openbounty-ph%C6%B0%C6%A1ng-ph%C3%A1p-ti%E1%BA%BFp-c%E1%BA%ADn-m%E1%BB%9Bi-c%E1%BB%A7a-shentu-trong-h%E1%BB%87-sinh-th%C3%A1i-b%E1%BA%A3o-m%E1%BA%ADt-bc52f8fd13ff?source=rss------bug_bounty-5 | Shentu Chain | bug-bounty, bounty-program, web3, bounty-hunter, cybersecurity | 03-Jan-2024 |
GooFuzz: A Fuzzing Tool with an OSINT Approach | https://medium.com/@cuncis/goofuzz-a-fuzzing-tool-with-an-osint-approach-306fe481824f?source=rss------bug_bounty-5 | Cuncis | bug-bounty, penetration-test, google-dork, penetration-testing, osint | 03-Jan-2024 |
How to Correctly setup Android Penetration Testing on a MacBook | https://infosecwriteups.com/how-to-correctly-setup-android-penetration-testing-on-a-macbook-659f244f84c8?source=rss------bug_bounty-5 | Supun Halangoda (Suppa) | bug-bounty, penetration-testing, mobile-penetration-test, macbook-pro, android-pentesting | 03-Jan-2024 |
LoveTok | HackTheBox web challenge Writeup | https://gxbnt.medium.com/lovetok-hackthebox-web-challenge-writeup-e3b99967c3b7?source=rss------bug_bounty-5 | Bishal - #GxbNt | hackthebox-writeup, oscp, web, offensive-security, bug-bounty | 03-Jan-2024 |
A Guide on Crafting Robust Invariants with Echidna | https://medium.com/coinmonks/a-guide-on-crafting-robust-invariants-with-echidna-fc980d8e2c0c?source=rss------bug_bounty-5 | Chirag Agrawal | bug-bounty, smart-contracts, cybersecurity, cryptocurrency, security | 03-Jan-2024 |
Found reflected xss on a real target | https://medium.com/@jeetpal2007/found-reflected-xss-on-a-real-target-30b80b2f53e4?source=rss------bug_bounty-5 | JEETPAL | rxss, xs, bugs, bug-bounty | 03-Jan-2024 |
My Bug Bounty Write Ups (Part-1) | https://karthikeyamade.medium.com/my-bug-bounty-write-ups-part-1-63ed3e788873?source=rss------bug_bounty-5 | Karthikeya Sai | bug-bounty-tips, bug-bounty | 03-Jan-2024 |
My First Bug Bounty: Lessons Learned and Money Earned | https://medium.com/@georgeppmc/my-first-bug-bounty-lessons-learned-and-money-earned-d6fc31744621?source=rss------bug_bounty-5 | George Torres | bug-bounty-tips, bug-hunting, bug-bounty-writeup, bug-bounty, hackerone | 03-Jan-2024 |
Comparing CVE & CWE : Understanding Security Vulnerabilities | https://medium.com/@zouhairelgarouni/comparing-cve-cwe-understanding-security-vulnerabilities-84442ab1e0e7?source=rss------bug_bounty-5 | ZOUHAIR EL GAROUNI | vulnerability, vulnerability-management, cyber-security-awareness, cybersecurity, bug-bounty | 03-Jan-2024 |
you need to learn linux RIGHT NOW!! | https://medium.com/@paritoshblogs/you-need-to-learn-linux-right-now-7239f4dcc1c6?source=rss------bug_bounty-5 | Paritosh | hacking, cybersecurity, linux, programming, bug-bounty | 02-Jan-2024 |
Bug Bounty Hunting | Reconnaissance | Subdomain Enumeration | https://me-ankeet.medium.com/bug-bounty-hunting-reconnaissance-subdomain-enumeration-854d880c3406?source=rss------bug_bounty-5 | Ankeet | bug-bounty, hacking, information-security, cybersecurity, bug-bounty-tips | 02-Jan-2024 |
How .git folder can be exploited to access sensitive data | https://satyasai1460.medium.com/how-git-folder-can-be-exploited-to-access-sensitive-data-eb805c38fd6c?source=rss------bug_bounty-5 | Bala Naga Satya sai Devarapalli | information-technology, cybersecurity, bug-bounty, bugs, bug-bounty-tips | 02-Jan-2024 |
From P5 to Payday $$$: Escalating Reflected XSS to Account Takeover | https://hasanka-amarasinghe.medium.com/from-p5-to-payday-escalating-reflected-xss-to-account-takeover-bc25a171a3d5?source=rss------bug_bounty-5 | Hasanka Amarasinghe | xss-attack, bug-bounty, cross-site-scripting, account-takeover, cybersecurity | 02-Jan-2024 |
Account Takeover on International Exchange — Bug Bounty Tuesday | https://medium.com/@kerstan/account-takeover-on-international-exchange-bug-bounty-tuesday-cf41a54bc4b7?source=rss------bug_bounty-5 | kerstan | cybersecurity, bug-bounty, technology, programming | 02-Jan-2024 |
The Lexer Markets security review story | https://medium.com/@mweiss.eth/the-lexer-markets-security-review-story-a812539d62db?source=rss------bug_bounty-5 | 0xWeiss | security, audit, bug-bounty, smart-contracts | 02-Jan-2024 |
DOM XSS in document.write sink using source location.search inside a select element | https://medium.com/@marduk.i.am/dom-xss-in-document-write-sink-using-source-location-search-inside-a-select-element-0c47fc033bcf?source=rss------bug_bounty-5 | Marduk I Am | portswigger-lab, dom-xss, cross-site-scripting, cybersecurity, bug-bounty | 02-Jan-2024 |
2.4 Lab: Username enumeration via subtly different responses | 2024 | https://cyberw1ng.medium.com/2-4-lab-username-enumeration-via-subtly-different-responses-2024-eb37130d41a8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, hacking, cybersecurity, security | 02-Jan-2024 |
Stealing private messages using XSS on subdomain | https://medium.com/@shcyber/stealing-private-messages-using-xss-on-subdomain-97f0304b132f?source=rss------bug_bounty-5 | SHCyber | websocket, csrf, bug-bounty, xss-attack, hacking | 02-Jan-2024 |
From Disclosure to High Severity: Leveraging Dyte API Key for Maximum Impact | https://padsalatushal.medium.com/from-disclosure-to-high-severity-leveraging-dyte-api-key-for-maximum-impact-468c444963c6?source=rss------bug_bounty-5 | Padsala Tushal | api-security, cybersecurity, bug-bounty-tips, infosec, bug-bounty | 02-Jan-2024 |
SQL Injection (SQLi): WWWWWH? | https://medium.com/@rcxsecurity/sql-injection-sqli-wwwwwh-d847972b3e45?source=rss------bug_bounty-5 | RCXSecurity | sql-injection, bug-bounty, information-security, penetration-testing, cybersecurity | 01-Jan-2024 |
How Do I Get Root Access on a Linux Server | https://systemweakness.com/how-do-i-get-root-access-on-a-linux-server-874d29015305?source=rss------bug_bounty-5 | RyuuKhagetsu | bug-bounty, infosec, web-application-security, pentesting, bug-bounty-writeup | 01-Jan-2024 |
Understanding the MITRE ATT&CK Framework: A Comprehensive Overview | https://medium.com/@paritoshblogs/understanding-the-mitre-att-ck-framework-a-comprehensive-overview-c1499d195da0?source=rss------bug_bounty-5 | Paritosh | mitre-attack, ai, hacking, bug-bounty, cybersecurity | 01-Jan-2024 |
Reflected XSS into a JavaScript string with angle brackets HTML encoded | https://medium.com/@marduk.i.am/reflected-xss-into-a-javascript-string-with-angle-brackets-html-encoded-c9e2ed86f489?source=rss------bug_bounty-5 | Marduk I Am | bug-bounty, reflected-xss, portswigger-lab, cross-site-scripting, cybersecurity | 01-Jan-2024 |
Automating GitHub Recon for Sensitive Information Discovery | https://medium.com/@paxnull/automating-github-recon-for-sensitive-information-discovery-c96b677857cf?source=rss------bug_bounty-5 | paxnull | bug-bounty, bug-bounty-writeup, automation-tools, reconnaissance, bug-bounty-tips | 01-Jan-2024 |
The power of Client-Side Path Traversal: How I found and escalated 2 bugs through “../” | https://medium.com/@Nightbloodz/the-power-of-client-side-path-traversal-how-i-found-and-escalated-2-bugs-through-670338afc90f?source=rss------bug_bounty-5 | Alvaro Balada | bug-bounty-tips, info-sec-writeups, bug-bounty-writeup, cybersecurity, bug-bounty | 01-Jan-2024 |
1.18 Lab: SQL injection attack, listing the database contents on Oracle | 2024 | https://cyberw1ng.medium.com/1-18-lab-sql-injection-attack-listing-the-database-contents-on-oracle-2024-cec2a796740f?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, security, bug-bounty, careers, hacking | 01-Jan-2024 |
Another 4 Digit Bounty Story on Hackerone | https://medium.com/@jai.lani9001/another-4-digit-bounty-story-on-hackerone-58dba8c19818?source=rss------bug_bounty-5 | Jai Lani | bug-bounty | 01-Jan-2024 |
CVE-2023–34635: UNIBOX 3.0/3.1 SQL Injection login bypass | https://medium.com/@davidkarpinski1/cve-2023-34635-unibox-3-0-3-1-sql-injection-login-bypass-fc33004e70c0?source=rss------bug_bounty-5 | David Eduardo Karpinski | bug-bounty, sql-login, unibox, sqli, login-bypass | 01-Jan-2024 |
Exploring the Depths: DNS Wildcard and Subdomain Tak | https://alvinbijo.medium.com/exploring-the-depths-dns-wildcard-and-subdomain-tak-6deed7aebcb1?source=rss------bug_bounty-5 | Alvin bijo | bug-bounty, bugbounty-writeup | 01-Jan-2024 |
Bug Zero at a Glance [01–15 December] | https://blog.bugzero.io/bug-zero-at-a-glance-01-15-december-cdb358653f8e?source=rss------bug_bounty-5 | Januka Dharmapriya | cybersecurity, sri-lanka, bug-bounty, bug-zero, newsletter | 31-Dec-2023 |
Uncovering LFI Attack | https://medium.com/@cyberkarthi/uncovering-ssrf-attack-12064069205f?source=rss------bug_bounty-5 | Karthikeyan C | ethical-hacking, pentesting, bug-bounty, bugbounty-writeup | 31-Dec-2023 |
I hate Hackerone / X Website Vulnerability — Bug Bounty Hunter | https://medium.com/@batuhanaydinn/i-hate-hackerone-x-website-vulnerability-bug-bounty-hunter-3e43a7e0bc80?source=rss------bug_bounty-5 | Batuhan Aydın | hacking, hackerone, bug-bounty, penetration-testing, hacker | 31-Dec-2023 |
1.17 Lab: SQL injection attack, listing the database contents on non-Oracle databases | 2023 | https://systemweakness.com/1-17-lab-sql-injection-attack-listing-the-database-contents-on-non-oracle-databases-2023-2026162bf6ef?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, hacking, security, careers | 31-Dec-2023 |
DNS-Related Attacks and Examples | https://medium.com/@paritoshblogs/dns-related-attacks-and-examples-fee4da0cc2d6?source=rss------bug_bounty-5 | Paritosh | dns, cybersecurity, bug-bounty, hacking, programming | 31-Dec-2023 |
How I hacked India’s top company database. | https://medium.com/@sritharcyber/how-i-hacked-indias-top-company-database-d66b9fc49cb0?source=rss------bug_bounty-5 | Srithar Cyber | sqli, pentest, recent, hacked, bug-bounty | 31-Dec-2023 |
Simple Subdomain Takeover | https://infosecwriteups.com/simple-subdomain-takeover-15129e19bbb4?source=rss------bug_bounty-5 | hackerdevil | vulnerability-assessment, bug-bounty, bug-bounty-writeup, bug-bounty-tips, web-app-security | 31-Dec-2023 |
Master Subdomain HUNTING | Art of finding Hidden Assets | https://yashh2.medium.com/master-subdomain-hunting-art-of-finding-hidden-assets-3351b3c8467a?source=rss------bug_bounty-5 | ʏᴀꜱʜʜ | cybersecurity, infosec, bug-bounty, bug-bounty-tips, hacking | 30-Dec-2023 |
Woowow Bug Bounty Campaign | https://medium.com/@woowow/woowow-bug-bounty-campaign-569e7b7868f3?source=rss------bug_bounty-5 | Woowow | qitmeerecosystem, bounty-campaign, marketplaces, woowow, bug-bounty | 30-Dec-2023 |
How i Hacked My First Target using GooGle Dorking | https://mrunknown124154.medium.com/how-i-hacked-my-first-target-using-google-dorking-43cb999ad8db?source=rss------bug_bounty-5 | Mr Abdullah | sql-injection, google-dorking, bug-bounty, hacking, sql-injection-attack | 30-Dec-2023 |
417$ Simple IDOR: Unauthorized Contact Details Modification | https://medium.com/@a13h1/417-simple-idor-unauthorized-contact-details-modification-92e8211439e4?source=rss------bug_bounty-5 | Abhi Sharma | programming, cybersecurity, hacking, bug-bounty, idor | 30-Dec-2023 |
Sudomain Takeover via Shopify(Easy Bounty $$$$) | https://medium.com/@paxnull/sudomain-takeover-via-shopify-easy-bounty-300f839aa15d?source=rss------bug_bounty-5 | paxnull | bug-bounty, tips, bug-bounty-tips, subdomain-takeover, bug-bounty-writeup | 30-Dec-2023 |
XSS deep dive P1 (theory)(publish early,please waiting for 2 days to read) | https://medium.com/@nguhuynh.148/xss-deep-dive-p1-theory-637af86f335d?source=rss------bug_bounty-5 | Nguhuynh | xss-vulnerability, xss-attack, xss-bypass, bug-bounty | 30-Dec-2023 |
Stored XSS into anchor href attribute with double quotes HTML-encoded | https://medium.com/@marduk.i.am/stored-xss-into-anchor-href-attribute-with-double-quotes-html-encoded-1f88ba0b990f?source=rss------bug_bounty-5 | Marduk I Am | stored-xss, bug-bounty, cybersecurity, cross-site-scripting, portswigger-lab | 30-Dec-2023 |
1.16 Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft |… | https://cyberw1ng.medium.com/1-16-lab-sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft-5f2785ebb06f?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, cybersecurity, bug-bounty, hacking, careers | 30-Dec-2023 |
HTTPX Troubleshooting Issue | https://infosecwriteups.com/httpx-troubleshooting-issue-38b61549126b?source=rss------bug_bounty-5 | Jarred Longoria | bug-bounty, linux, troubleshooting, help, httpx | 30-Dec-2023 |
From Google Dorking to Unauthorized AWS Account Access and Account Takeover | https://medium.com/@ar_hawk/from-google-dorking-to-unauthorized-aws-account-access-and-account-takeover-89eb2b9d284f?source=rss------bug_bounty-5 | Aayush Vishnoi | ssrf, bug-bounty-tips, bug-bounty | 30-Dec-2023 |
Reflected XSS into attribute with angle brackets HTML-encoded | https://medium.com/@marduk.i.am/reflected-xss-into-attribute-with-angle-brackets-html-encoded-986d943b3fd2?source=rss------bug_bounty-5 | Marduk I Am | portswigger-lab, cybersecurity, bug-bounty, cross-site-scripting, xss-vulnerability | 29-Dec-2023 |
Beyond Search Queries: Bug Bounty Hunting with Dorkz | https://medium.com/@paxnull/beyond-search-queries-bug-bounty-hunting-with-dorkz-850cfa8c3ddc?source=rss------bug_bounty-5 | paxnull | tips, dorking, recon, bug-bounty-tips, bug-bounty | 29-Dec-2023 |
Behind the Firewall: My First Valid Bug — Exposing Security Flaw in a multi-dollar Financial and… | https://medium.com/@MohaseenK/behind-the-firewall-my-first-valid-bug-exposing-security-flaw-in-a-multi-dollar-financial-and-ff56e7bc4589?source=rss------bug_bounty-5 | Mohaseen | pentesting, bug-bounty, rate-limiting, hackerone, bugcrowd | 29-Dec-2023 |
How to find unprotected databases with Netlas.io? | https://netlas.medium.com/how-to-find-unprotected-databases-with-netlas-io-2bf186e9fc2d?source=rss------bug_bounty-5 | Netlas.io | osint, penetration-testing, bug-bounty, osint-investigation, cybersecurity | 29-Dec-2023 |
1.15 Lab: SQL injection attack, querying the database type and version on Oracle | 2023 | https://cyberw1ng.medium.com/1-15-lab-sql-injection-attack-querying-the-database-type-and-version-on-oracle-2023-cd4118eb604d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, bug-bounty, careers, hacking, cybersecurity | 29-Dec-2023 |
KisMAC is a free, open source wireless stumbling and security tool for Mac OS X | https://medium.com/@dineshpathro593/kismac-is-a-free-open-source-wireless-stumbling-and-security-tool-for-mac-os-x-03746fdea831?source=rss------bug_bounty-5 | Dineshpathro | bugs, bug-bounty, bug-bounty-tips, hacking, hackin | 29-Dec-2023 |
OTP-Bot Tool CLICK HERE | https://medium.com/@dineshpathro593/otp-bot-tool-click-here-7f3ee559ca21?source=rss------bug_bounty-5 | Dineshpathro | bug-bounty-tips, hacking-tools, bug-bounty, hacking, bugs | 29-Dec-2023 |
Recon Tools For Web Application | https://medium.com/@dineshpathro593/recon-tools-for-web-application-714af64e7d07?source=rss------bug_bounty-5 | Dineshpathro | hacking, hacker, bug-bounty, bug-bounty-tips, hackathons | 29-Dec-2023 |
200 Materials of CyberSecurity in PDFs | https://medium.com/@dineshpathro593/200-materials-of-cybersecurity-in-pdfs-e7a942123be5?source=rss------bug_bounty-5 | Dineshpathro | cybersecurity, hackathons, bug-bounty, hacking, bug-bounty-tips | 29-Dec-2023 |
Bug Bounty: The road to my first $1000 through hacking public websites | https://swehtpantz.medium.com/bug-bounty-the-road-to-my-first-1000-through-hacking-public-websites-a0e2aa1b7271?source=rss------bug_bounty-5 | Swehtpantz | ethical-hacking, bug-bounty, bug-bounty-tips, hacking, bugbounty-writeup | 28-Dec-2023 |
HackTheBox(HTB) Writeup — Node | https://medium.com/@harman.preet.singh3738/hackthebox-htb-writeup-node-5600a442e393?source=rss------bug_bounty-5 | Harmanpreet Singh | penetration-testing, bug-bounty, tryhackme, ethical-hacking, hackthebox | 28-Dec-2023 |
️ Protect Yourself: The Power of OPSEC | https://medium.com/@teckgamer07/%EF%B8%8F-protect-yourself-the-power-of-opsec-17a7ec256427?source=rss------bug_bounty-5 | Macmelter | bugsbounty, hacking, bug-bounty, cybersecurity | 28-Dec-2023 |
Multiple RXSS | https://medium.com/@0xchoudhary/multiple-rxss-f3f796287f34?source=rss------bug_bounty-5 | Sushil Choudhary | bounty-hunter, xss-attack, bug-bounty-tips, bug-bounty, hackerone | 28-Dec-2023 |
Stored XSS via File upload(using svg file) | https://medium.com/@paxnull/stored-xss-via-file-upload-using-svg-file-c1e2a33ed8a8?source=rss------bug_bounty-5 | paxnull | bug-bounty, tips, bugbounty-tips, xss-vulnerability, hacking | 28-Dec-2023 |
Authorization problem | https://medium.com/@nguhuynh.148/authorization-problem-2bb053c215cd?source=rss------bug_bounty-5 | Nguhuynh | broken-access-control, hacking, bug-bounty, hacks, bug-bounty-tips | 28-Dec-2023 |
CVE-2023–51356: ARMember <= 4.0.10 — Authenticated Privilege Escalation | https://revan-ar.medium.com/cve-2023-51356-armember-4-0-10-authenticated-privilege-escalation-7e0c7fbe5a79?source=rss------bug_bounty-5 | Revan A | bug-bounty, privilege-escalation, wordpress-plugins, penetration-testing | 28-Dec-2023 |
1.14 Lab: SQL injection with filter bypass via XML encoding | 2023 | https://cyberw1ng.medium.com/1-14-lab-sql-injection-with-filter-bypass-via-xml-encoding-2023-9794dc7bf9f4?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, bug-bounty, penetration-testing, hacking | 28-Dec-2023 |
How I made 7K on Epic Games Bug Bounty | https://medium.com/@synapticspace/how-i-made-7k-on-epic-games-bug-bounty-8529728b9fcf?source=rss------bug_bounty-5 | SynapticSpace | bug-bounty-writeup, hacking, bug-bounty, bug-bounty-tips | 28-Dec-2023 |
How I made 7K on Epic Games Bug Bounty | https://infosecwriteups.com/how-i-made-7k-on-epic-games-bug-bounty-8529728b9fcf?source=rss------bug_bounty-5 | SynapticSpace | bug-bounty-writeup, hacking, bug-bounty, bug-bounty-tips | 28-Dec-2023 |
DOM XSS in jQuery selector sink using a hashchange event | https://medium.com/@marduk.i.am/dom-xss-in-jquery-selector-sink-using-a-hashchange-event-bb3c355b3633?source=rss------bug_bounty-5 | Marduk I Am | portswigger-lab, bug-bounty, dom-xss, cybersecurity, cross-site-scripting | 27-Dec-2023 |
Amass: New Config File Update | https://hackerassociate.medium.com/amass-new-config-file-update-e95d09b6eb70?source=rss------bug_bounty-5 | Harshad Shah | penetration-testing, cybersecurity, infosec, hacking, bug-bounty | 27-Dec-2023 |
DOM XSS on Hackerone Programs — Bug Bounty Tuesday | https://medium.com/@kerstan/dom-xss-on-hackerone-programs-bug-bounty-tuesday-8973ecf6af95?source=rss------bug_bounty-5 | kerstan | xss-attack, security, cybersecurity, technology, bug-bounty | 27-Dec-2023 |
1.13 Lab: Blind SQL injection with out-of-band data exfiltration | 2023 | https://cyberw1ng.medium.com/1-13-lab-blind-sql-injection-with-out-of-band-data-exfiltration-2023-f83a1448b685?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, cybersecurity, hacking, careers | 27-Dec-2023 |
“Crucial Bug Bounty Hacks: Habits with Enduring Benefits” | https://medium.com/@paxnull/secrets-of-the-hunter-pro-tips-for-effective-bug-bounty-hunting-1a261df4444d?source=rss------bug_bounty-5 | paxnull | tips, learning, programming, bugbounty-tips, bug-bounty | 27-Dec-2023 |
Inside the Digital Vault: How I Unearthed PII Goldmine — Exposing 15K GST Users’ Information in a… | https://medium.com/@MohaseenK/inside-the-digital-vault-how-i-unearthed-pii-goldmine-exposing-15k-gst-users-information-in-a-38c3105889ea?source=rss------bug_bounty-5 | Mohaseen | bug-bounty, hackerone, bugcrowd, information-disclosure, indian-government | 27-Dec-2023 |
How Does DNS Work and What is DNS Poisoning? | https://medium.com/@bcanote/how-does-dns-work-and-what-is-dns-poisoning-4c187fb3f2b0?source=rss------bug_bounty-5 | bcanote | cybersecurity, hacking, dns, dns-poisoning, bug-bounty | 27-Dec-2023 |
URL Redirection To DOM XSS on Hackerone Programs -Bug Bounty Tuesday | https://medium.com/@kerstan/dom-xss-on-hackerone-programs-bug-bounty-tuesday-8973ecf6af95?source=rss------bug_bounty-5 | kerstan | xss-attack, security, cybersecurity, technology, bug-bounty | 27-Dec-2023 |
Mastering Bug Bounty: Your Ultimate Guide to Cybersecurity Success | https://medium.com/@umidcyber.s/mastering-bug-bounty-your-ultimate-guide-to-cybersecurity-success-82dc9b30fc02?source=rss------bug_bounty-5 | Umid Mammadov | bug-bounty-tips, tools, bug-bounty, information-technology, bugs | 26-Dec-2023 |
Deep Dive Into XSS | https://medium.com/@kavish2002ev3/deep-dive-into-xss-8420ddccc73b?source=rss------bug_bounty-5 | kavish shah | xss-vulnerability, web-application-security, bug-bounty | 26-Dec-2023 |
The Tale Of Insecure Deserialization: A Journey From Serialization To Exploitation | https://medium.com/@kavish2002ev3/the-tale-of-insecure-deserialization-a-journey-from-serialization-to-exploitation-47400a4c9093?source=rss------bug_bounty-5 | kavish shah | ctf-writeup, web-application-security, insecure-deserialization, bug-bounty | 26-Dec-2023 |
Portswigger Labs — CSRF | https://medium.com/@rynnnn617/portswigger-labs-csrf-10b496d6580c?source=rss------bug_bounty-5 | Ry4nnnn | bug-bounty, portswigger-lab, csrf, burpsuite | 26-Dec-2023 |
1.12 Lab: Blind SQL injection with out-of-band interaction | 2023 | https://infosecwriteups.com/1-12-lab-blind-sql-injection-with-out-of-band-interaction-2023-db12e3b10118?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, careers, cybersecurity, hacking | 26-Dec-2023 |
Navigating Tree-Sitter Queries with jsluice for JavaScript File Analysis | https://lopseg.medium.com/navigating-tree-sitter-queries-with-jsluice-for-javascript-file-analysis-061b7cb4ea9d?source=rss------bug_bounty-5 | Lopseg | bug-bounty-tips, bug-bounty, cybersecurity, bug-bounty-writeup, javascript | 26-Dec-2023 |
Portswigger Labs — CSRF | https://medium.com/@ry4nnnn/portswigger-labs-csrf-10b496d6580c?source=rss------bug_bounty-5 | Ry4nnnn | bug-bounty, portswigger-lab, csrf, burpsuite | 26-Dec-2023 |
Account takeover vulnerability that resulted in $2500 bounty! | https://medium.com/@deadoverflow/account-takeover-vulnerability-that-resulted-in-2500-bounty-e1618363878d?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty, hacking, bug-bounty-tips, cybersecurity, bug-hunting | 25-Dec-2023 |
Content Spoofing & Parameter Injection | https://codingninjablogs.tech/content-spoofing-parameter-injection-0861bfd146d4?source=rss------bug_bounty-5 | #!/Subhankar | injection-attacks, web-pen-testing, bug-bounty, spoofing | 25-Dec-2023 |
Top 3 Password Cracking Tools | https://medium.com/@UsmanAtif/top-3-password-cracking-tools-18801fbdcdae?source=rss------bug_bounty-5 | Muhammad Usman Atif | hacking, cybersecurity, passwords, bug-bounty, penetration-testing | 25-Dec-2023 |
Hackers Target Bug Bounty Hunters with Blackmail Emails | https://rishikadesai.medium.com/hackers-target-bug-bounty-hunters-with-blackmail-emails-421cf57fe4a7?source=rss------bug_bounty-5 | Rishika Desai | threat-intelligence, threat-research, bug-bounty, cyber-security-awareness, cybersecurity | 25-Dec-2023 |
What is LFI (Local File Inclusion) Vulnerability ? | https://medium.com/@errorfiathck/what-is-lfi-local-file-inclusion-vulnerability-c9372e25e389?source=rss------bug_bounty-5 | Errorfiathck | pentesting, lfi, vulnerability, bug-bounty, pentest | 25-Dec-2023 |
Legacy of EternalBlue | https://medium.com/@akshadjoshi/legacy-of-eternalblue-de4d643e8f36?source=rss------bug_bounty-5 | Akshad Joshi | eternalblue, hackthebox, pentesting, bug-bounty, hacking | 24-Dec-2023 |
Hackeando GraphQL: Introducción | https://medium.com/@soyelmago/hackeando-graphql-introducci%C3%B3n-1537af763d0c?source=rss------bug_bounty-5 | Alan Brian @soyelmago | graphql, bug-bounty, information-security, pentesting, hacking | 24-Dec-2023 |
Ceklis Web Pentesting Untuk Pemula — Registration Feature Testing | https://riodrwn.medium.com/ceklis-web-pentesting-untuk-pemula-registration-feature-testing-aceb545b587c?source=rss------bug_bounty-5 | Rio Darmawan | bug-bounty-writeup, bug-bounty, pentesting, bugbounty-writeup, web-penetration-testing | 23-Dec-2023 |
The Crucial Role of Threat Intelligence Sharing in Cybersecurity | https://medium.com/@paritoshblogs/the-crucial-role-of-threat-intelligence-sharing-in-cybersecurity-cd4be0b53a86?source=rss------bug_bounty-5 | Paritosh | programming, hacking, threat-intelligence, cybersecurity, bug-bounty | 23-Dec-2023 |
The Evolving Role of a SOC Analyst | https://medium.com/@paritoshblogs/the-evolving-role-of-a-soc-analyst-c82e3e515558?source=rss------bug_bounty-5 | Paritosh | information-security, cybersecurity, hacking, bug-bounty, soc-analyst | 23-Dec-2023 |
Out-of-Scope, Not Out-of-Impact: Unveiling Significant Sensitive Information Disclosure | https://padsalatushal.medium.com/out-of-scope-not-out-of-impact-unveiling-significant-sensitive-information-disclosure-c8e76c1806e8?source=rss------bug_bounty-5 | Padsala Tushal | cybersecurity, bug-bounty, bug-bounty-tips, infosec, information-disclosure | 23-Dec-2023 |
Hack Story: Unveiling Security Flaws in a Government Portal | https://medium.com/@sahadmk/hack-story-unveiling-security-flaws-in-a-government-portal-995217f877c3?source=rss------bug_bounty-5 | Sahad Mk | bug-bounty, javascript, pentesting, vulnerability, hacking | 23-Dec-2023 |
The ART of Chaining Vulnerabilities | https://ahmdhalabi.medium.com/the-art-of-chaining-vulnerabilities-e65382b7c627?source=rss------bug_bounty-5 | Ahmad Halabi | ethical-hacking, hacking, intelligence, hacker, bug-bounty | 23-Dec-2023 |
Hacking Community | https://medium.com/@mrunknown124154/hacking-community-ab774827006d?source=rss------bug_bounty-5 | Mrunknown | bug-bounty, ethical-hacking, hacking | 23-Dec-2023 |
DoS’ing Zsecurity | https://medium.com/@24bkdoor/dosing-zsecurity-a4cb99396935?source=rss------bug_bounty-5 | 24BkDoor | bug-bounty, ethical-hacking, hacking, web-development, cybersecurity | 22-Dec-2023 |
Securing the Future: Enhancing the Safety of Compound Protocol | https://medium.com/@topcrypto00/securing-the-future-enhancing-the-safety-of-compound-protocol-940498c78d68?source=rss------bug_bounty-5 | Top Crypto | bug-bounty, bug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, compound-protocol | 22-Dec-2023 |
He stored your password in Cookie | https://medium.com/@fixthis1000time/he-stored-your-password-in-cookie-5a6d0478e570?source=rss------bug_bounty-5 | fixthi$ | hacking, bug-bounty, ethical-hacking | 22-Dec-2023 |
How I was able to buy 2500 Rs product for 18rs in E-Commerce Website? | https://medium.com/@shubhamsonani/how-i-was-able-to-buy-2500-rs-product-for-18rs-in-e-commerce-website-ada4e91b5b91?source=rss------bug_bounty-5 | Shubham Sonani | bug-bounty, hacking, bug-bounty-tips, vulnerability, cybersecurity | 22-Dec-2023 |
PJWT Certification | https://medium.com/@OmarAlkhowaiter/pjwt-certification-f4f7995d35f6?source=rss------bug_bounty-5 | Omar Alkhowaiter | certification, bug-bounty, penetration-testing, cybersecurity, web-exploitation | 22-Dec-2023 |
Consentify hits Beta Test phase boosted by a Bug Bounty program! | https://datalaketoken.medium.com/consentify-hits-beta-test-phase-boosted-by-a-bug-bounty-program-6b621eadd02b?source=rss------bug_bounty-5 | Data Lake | healthcare, desci, bug-bounty, data-lake, research | 22-Dec-2023 |
Ideas for Testing Checkout | https://lopseg.medium.com/ideas-for-testing-checkout-eebe6148729d?source=rss------bug_bounty-5 | Lopseg | bug-bounty-tips, infosec, hacking, bug-bounty | 22-Dec-2023 |
Beyond Simple Alerts: Techniques for Evading WAF and Achieving XSS Success | https://lopseg.medium.com/beyond-simple-alerts-techniques-for-evading-waf-and-achieving-xss-success-4409a5bd2ee0?source=rss------bug_bounty-5 | Lopseg | bug-bounty-tips, hacking, xss-attack, bug-bounty | 22-Dec-2023 |
He stored your password in Cookie | https://medium.com/@fixthis1000time/he-stored-your-password-in-cookie-5a6d0478e570?source=rss------bug_bounty-5 | fixthi$ | hacking, bug-bounty, cybersecurity, infosec, ethical-hacking | 22-Dec-2023 |
5 Tips Web Fuzz You Should Know | https://medium.com/@kerstan/5-tips-web-fuzz-you-should-know-00ef6c59407d?source=rss------bug_bounty-5 | kerstan | bug-bounty, hacking, bug-bounty-tips, security, cybersecurity | 21-Dec-2023 |
TryHackMe AoC 2023 Side Quest final thoughts | https://medium.com/@boogsta/tryhackme-aoc-2023-side-quest-final-thoughts-afcb5880be33?source=rss------bug_bounty-5 | Boogsta | hacking, cyber, tryhackme, cybersecurity, bug-bounty | 21-Dec-2023 |
88MPH Vulnerability Exploit and Get Free Crypt0S $$$$$$ | https://medium.com/@vinaysati/88mph-vulnerability-exploit-and-get-free-crypt0s-a4d4a8328dc7?source=rss------bug_bounty-5 | Vinaysati | bug-bounty, hacking, web3bug, bug-bounty-tips, web3 | 21-Dec-2023 |
The art of subdomain monitoring | https://medium.com/@muhannadahmed042/the-art-of-subdomain-monitoring-da610a0f8031?source=rss------bug_bounty-5 | muhannad hazaa | cybersecurity, penetration-testing, bug-bounty, recon | 21-Dec-2023 |
A Business logic error in Google Dialogflow enables a developer to delete the agent directly from… | https://medium.com/@krityamkarma858041/a-business-logic-error-in-google-dialogflow-enables-a-developer-to-delete-the-agent-directly-from-3a5bf2a07706?source=rss------bug_bounty-5 | Krityamkarma | google-vrp, bug-bounty, ethical-hacking, google, hacking | 21-Dec-2023 |
Privacy at Risk: EXIF Metadata Exposure in User-Uploaded Images | https://samshadow.medium.com/privacy-at-risk-exif-metadata-exposure-in-user-uploaded-images-c2481f876d03?source=rss------bug_bounty-5 | Sam Shadow | bug-bounty, bug-bounty-tips, bug-bounty-writeup, infosec, vulnerability | 21-Dec-2023 |
Aspiring Bug Bounty Hunters’ New Year Goals Toolkit | https://sl4x0.medium.com/aspiring-bug-bounty-hunters-new-year-goals-toolkit-a156c96e9de7?source=rss------bug_bounty-5 | Abdelrhman Allam (sl4x0) | bug-bounty, new-year, goals, mindset, success | 21-Dec-2023 |
How Can Artificial Intelligence Revolutionize Bug Bounty? | https://medium.com/@zouhairelgarouni/how-can-artificial-intelligence-revolutionize-bug-bounty-664e7f5ed3dd?source=rss------bug_bounty-5 | ZOUHAIR EL GAROUNI | technology, cybersecurity, bug-bounty, artificial-intelligence, cyberattack | 21-Dec-2023 |
I made online store to pay for my orders and get me free refunds. | https://medium.com/@shubhamsonani/i-made-online-store-to-pay-for-my-orders-and-get-me-free-refunds-6f4db5893c13?source=rss------bug_bounty-5 | Shubham Sonani | bug-bounty-tips, cybersecurity, vulnerability, hacking, bug-bounty | 21-Dec-2023 |
5 Tips Web Fuzz You Should Know | https://medium.com/@kerstan/5-tips-web-fuzz-you-should-know-00ef6c59407d?source=rss------bug_bounty-5 | kerstan | technology, bug-bounty, hacking, security, cybersecurity | 21-Dec-2023 |
A list of 50 tools every hacker should know | https://thexssrat.medium.com/a-list-of-50-tools-every-hacker-should-know-df8d87cf4b58?source=rss------bug_bounty-5 | Thexssrat | hacking-tools, hacking, bug-bounty, ethical-hacking | 21-Dec-2023 |
Open Redirect Validation Bypass Leads To Account Take Over (ATO) | https://medium.com/@ozomarzu/open-redirect-validation-bypass-leads-to-account-take-over-ato-5166b3416e3f?source=rss------bug_bounty-5 | CyberOz | bug-hunting, bug-bounty, bug-bounty-tips, hacker, web-security | 21-Dec-2023 |
Code4rena Blue vs. Traditional Bug Bounties | https://medium.com/code4rena/code4rena-blue-vs-traditional-bug-bounties-478f469057c9?source=rss------bug_bounty-5 | aramas | bug-bounty, smart-contract-security, code4rena, code4rena-blue | 21-Dec-2023 |
A Very Basic Beginner Bug Bounty Methodology | https://thexssrat.medium.com/a-very-basic-beginner-bug-bounty-methodology-15eca16ca787?source=rss------bug_bounty-5 | Thexssrat | hacking, bug-bounty, ethical-hacking | 21-Dec-2023 |
Bug Bounty: Tips for Finding Your First Bug as a Beginner | https://graph33.medium.com/bug-bounty-tips-for-finding-your-first-bug-as-a-beginner-120f71c709cd?source=rss------bug_bounty-5 | GHS08 | bug-bounty, hacking, cracking, coding | 21-Dec-2023 |
How My 9-Month-Old Daughter Earned Over $1,000 in a Bug Bounty Program | https://maxilect-company.medium.com/how-my-9-month-old-daughter-earned-over-1-000-in-a-bug-bounty-program-be9ba1d77cad?source=rss------bug_bounty-5 | Maxilect | samsun, bug-bounty-program, bug-bounty | 20-Dec-2023 |
This is how much I made in my first year as a Bug Bounty Hunter in 2023 — Graduation Bonus! | https://medium.com/@avbhijitdutta99/this-is-how-much-i-made-in-my-first-year-as-a-bug-bounty-hunter-in-2023-graduation-bonus-b45875225c88?source=rss------bug_bounty-5 | Abhijit Dutta | bug-bounty-tips, bug-bounty-program, bug-bounty, bugbountychallenge, bug-bounty-writeup | 20-Dec-2023 |
DOM XSS in jQuery anchor href attribute sink using location.search source | https://medium.com/@marduk.i.am/dom-xss-in-jquery-anchor-href-attribute-sink-using-location-search-source-b1000b4b16b3?source=rss------bug_bounty-5 | Marduk I Am | cross-site-scripting, portswigger-lab, cybersecurity, bug-bounty, dom-xss | 20-Dec-2023 |
How I doubled the store wallet amount for free? | https://medium.com/@shubhamsonani/how-i-doubled-the-store-wallet-amount-for-free-d7396c05a304?source=rss------bug_bounty-5 | Shubham Sonani | bug-bounty-tips, hacking, bug-bounty, cybersecurity, web-application-testing | 20-Dec-2023 |
Top Burp Suite Extensions Used by Penetration Testers | https://medium.com/@bharatvarshney567/top-burp-suite-extensions-used-by-penetration-testers-fa90fe26816c?source=rss------bug_bounty-5 | Bharat Varshney | owasp, bug-bounty, security-testing, security-services, penetration-testing | 20-Dec-2023 |
How to earn with earn bug boutny part-2? | https://medium.com/@ashutoshgiri133/how-to-earn-with-earn-bug-boutny-part-2-1dcfe1922a33?source=rss------bug_bounty-5 | Tech Blaze ごじょ | coding, money, bug-bounty, business | 20-Dec-2023 |
“CVE-2023–43837: Two-Factor Authentication (x2FA) Bypass Vulnerability in Roundcube Webmail Plugin” | https://medium.com/@ChandSingh/cve-2023-43837-two-factor-authentication-x2fa-bypass-vulnerability-in-roundcube-webmail-plugin-f2fef177187e?source=rss------bug_bounty-5 | Chand Singh | cve, vulnerability, cybersecurity, bug-bounty, security | 20-Dec-2023 |
Web Security Diary | https://medium.com/@muratkabakk1/web-security-diary-4b2148326abe?source=rss------bug_bounty-5 | Murat K | bug-bounty, web-security | 20-Dec-2023 |
Introducing Code4rena Blue: More than just bug bounties | https://medium.com/code4rena/introducing-code4rena-blue-more-than-just-bug-bounties-f2a9949c6b9c?source=rss------bug_bounty-5 | aramas | smart-contract-security, code4rena, bug-bounty | 20-Dec-2023 |
Learn Command Injection Vulnerabilities | https://bicodev.medium.com/learn-command-injection-vulnerabilities-2a8ed26eb47a?source=rss------bug_bounty-5 | BICODEV | linux, python-programming, cybersecurity, bug-bounty, penetration-testing | 19-Dec-2023 |
Hack the Web like a Pirate: Identifying Vulnerabilities with Style | https://bicodev.medium.com/hack-the-web-like-a-pirate-identifying-vulnerabilities-with-style-171246a302a5?source=rss------bug_bounty-5 | BICODEV | python, bug-bounty, cybersecurity, hacker, penetration-testing | 19-Dec-2023 |
3 Steps Discovered XXE You should Know | https://medium.com/@kerstan/3-steps-discovered-xxe-you-should-know-d779ab5eb056?source=rss------bug_bounty-5 | kerstan | security, pentesting, hacking, cybersecurity, bug-bounty | 19-Dec-2023 |
DOM XSS in innerHTML sink using source location.search | https://medium.com/@marduk.i.am/dom-xss-in-innerhtml-sink-using-source-location-search-a3ac4546ca5c?source=rss------bug_bounty-5 | Marduk I Am | bug-bounty, cybersecurity, dom-xss, cross-site-scripting, portswigger-lab | 19-Dec-2023 |
Zero Trust Architecture | https://medium.com/@khan.ghufran.0000/zero-trust-architecture-f47e9da3eaec?source=rss------bug_bounty-5 | Khan Ghufran | architecture, bug-bounty, cybersecurity, cyber-security-solutions, infosec | 19-Dec-2023 |
Rekomendasi Buku Bug Bounty Untuk Pemula | https://medium.com/@arenaldyp/rekomendasi-buku-bug-bounty-untuk-pemula-5aadd03f434f?source=rss------bug_bounty-5 | K1ngP1ng | bug-bounty, indonesia, web-security, recommendations, hacking | 19-Dec-2023 |
Is It Worth Quitting 9–5 Job For a Full-Time Bug Bounty? | https://ajaksecurity.medium.com/is-it-worth-quitting-9-5-job-for-a-full-time-bug-bounty-8274f6808aab?source=rss------bug_bounty-5 | Ajak Cyber security | ethical-hacking, cybersecurity, blog, jobs, bug-bounty | 19-Dec-2023 |
Directory Listing Vulnerability | https://medium.com/@digant_15/directory-listing-vulnerability-b2e1583d8a7e?source=rss------bug_bounty-5 | Digant Prajapati | cybersecurity, directory-listing, bug-bounty | 19-Dec-2023 |
How One Bug Scored Me Double Rewards! | https://anasbetis023.medium.com/how-one-bug-scored-me-double-rewards-355b8d02cdbf?source=rss------bug_bounty-5 | Anas H Hmaidy | cybersecurity, bug-bounty, penetration-testing, ethical-hacking, web-security | 19-Dec-2023 |
Join Any Facebook Group As Deactivated Additional Profile | https://zerocode-ph.medium.com/join-any-facebook-group-as-deactivated-additional-profile-f63a31db7797?source=rss------bug_bounty-5 | Syd Ricafort | facebook, bug-bounty, facebook-bug-bounty | 19-Dec-2023 |
How I Found SQL Injection worth of $4,000 bounty | https://roberto99.medium.com/how-i-found-sql-injection-worth-of-4-000-bounty-16ca09cbf8ec?source=rss------bug_bounty-5 | Roberto Nunes | bug-bounty, sql-injection, bug-bounty-writeup, bug-bounty-tips, reconnaissance | 19-Dec-2023 |
#6.TryHackMe Series writeups: Brooklyn Nine Nine | https://cyb3rmind.medium.com/6-tryhackme-series-writeups-brooklyn-nine-nine-a0f7f074cbab?source=rss------bug_bounty-5 | Cyb3r M!nd | thm-writeup, tryhackme, ctf-writeup, brooklyn-nine-nine, bug-bounty | 19-Dec-2023 |
The Ultimate Guide to Uncovering XSS Vulnerabilities at Scale | https://medium.com/@cyndybruce1967/the-ultimate-guide-to-uncovering-xss-vulnerabilities-at-scale-1f35ecb765b7?source=rss------bug_bounty-5 | Cyndybruce | cybersecurity, penetration-testing, automation, bug-bounty, xs | 19-Dec-2023 |
The Ultimate Guide to Hunting for XSS Vulnerabilities at Scale | https://medium.com/@elitumbleson1978/the-ultimate-guide-to-hunting-for-xss-vulnerabilities-at-scale-bfde4a9beae6?source=rss------bug_bounty-5 | Elitumbleson | cybersecurity, penetration-testing, bug-bounty, xs, automation | 19-Dec-2023 |
Understanding Cross-Site Scripting (XSS) Attacks: Risks, Prevention, and Impact | https://securitylit.medium.com/understanding-cross-site-scripting-xss-attacks-risks-prevention-and-impact-ce002e5fbb1a?source=rss------bug_bounty-5 | Security Lit Limited | xss-attack, technology, bug-bounty, cybersecurity, vulnerability | 18-Dec-2023 |
why you need to filter the input and the output — stored xss | https://medium.com/@Mr3Moe/why-you-need-to-filter-the-input-and-the-output-stored-xss-66f67c663703?source=rss------bug_bounty-5 | Mr3Moe | web-penetration-testing, appsec, bug-bounty | 18-Dec-2023 |
Lets Dive into the Intense World of Malware Analysis! | https://medium.com/@paritoshblogs/lets-dive-into-the-intense-world-of-malware-analysis-3c9e242d8c16?source=rss------bug_bounty-5 | Paritosh | information-security, malware-analysis, cybersecurity, programming, bug-bounty | 18-Dec-2023 |
Burp Suite Bambda | https://medium.com/offensive-black-hat-hacking-security/burp-suite-bambda-b9b8f57d6b46?source=rss------bug_bounty-5 | Harshad Shah | bug-bounty, hacking, cybersecurity, infosec, penetration-testing | 18-Dec-2023 |
Top Burp Suite Extensions Used by Penetration Testers | https://securitycipher.medium.com/top-burp-suite-extensions-used-by-penetration-testers-ee971a73256a?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | bug-bounty-tips, security, cybersecurity, bug-bounty, technology | 18-Dec-2023 |
How to write a perfect pentest report | https://arex-godofwar.medium.com/how-to-write-a-perfect-pentest-report-edb63cc68b36?source=rss------bug_bounty-5 | Ahmadreza Parsizadeh | pentesting, bug-bounty, reporting, offensive-security | 18-Dec-2023 |
Mastering Web Application Security: Defending Against Injections and Broken Access Control | https://medium.com/@moldovanzsombor/mastering-web-application-security-defending-against-injections-and-broken-access-control-34161cbefc8f?source=rss------bug_bounty-5 | Moldovan Zsombor | hacking, cybersecurity, web-applications, bug-bounty | 18-Dec-2023 |
CyberSecurity Day 01 to 100: DAY 08 |A Comprehensive Guide for Novices and Experts | https://medium.com/@acs_society/cybersecurity-day-01-to-100-day-08-a-comprehensive-guide-for-novices-and-experts-55d3ef86abbf?source=rss------bug_bounty-5 | Association For Cyber Security | acsociety, ethical-hacking, cybersecurity, bug-bounty, security-engineer | 18-Dec-2023 |
This Tool Helps Me To Find The Origin IP Address | https://ajaksecurity.medium.com/this-tool-helps-me-to-find-the-origin-ip-address-d9c2abceafb2?source=rss------bug_bounty-5 | Ajak Cyber security | hacking, ethical-hacking, blog, bug-bounty, penetration-testing | 18-Dec-2023 |
ParagonsDAO’s Bug Bounty Program | https://medium.com/paragonsdao/paragonsdaos-bug-bounty-program-8cfb82f786c0?source=rss------bug_bounty-5 | ParagonsDAO | web3, immunefi, bug-bounty, paragonsdao | 18-Dec-2023 |
Go Witness Install Guide… | https://medium.com/@psychomong/go-witness-install-guide-a62d96be30b0?source=rss------bug_bounty-5 | psychomong | hacking-tools, bug-bounty, golang, hacking, osint | 18-Dec-2023 |
CyberSecurity Day 01 to 100: DAY 08 | A Comprehensive Guide for Novices and Experts | https://medium.com/@acs_society/cybersecurity-day-01-to-100-day-08-a-comprehensive-guide-for-novices-and-experts-55d3ef86abbf?source=rss------bug_bounty-5 | Association For Cyber Security | acsociety, ethical-hacking, cybersecurity, bug-bounty, security-engineer | 18-Dec-2023 |
How I Could Leak Phone Numbers and Emails of Indian Voters and Applicants | https://medium.com/@Mr.Equinox/how-i-could-leak-phone-numbers-and-emails-of-indian-voters-and-applicants-dd1fc699d81e?source=rss------bug_bounty-5 | Sahil Mhatre | bug-bounty, mybugs, bug-hunting, api-security, vapt | 18-Dec-2023 |
Horizon Protocol V2 — Hacken Bug Bounty Program Now Live On Testnet | https://horizonprotocol.medium.com/horizon-protocol-v2-hacken-bug-bounty-program-now-live-on-testnet-4617205c7184?source=rss------bug_bounty-5 | Horizon Protocol | bug-bounty, defi, hacken, derivatives, synthetic-asset | 18-Dec-2023 |
Getting Started with Recon Automation using ReNgine on Windows (WSL): Installation Guide | https://mxmd.medium.com/getting-started-with-recon-automation-using-rengine-on-windows-wsl-installation-guide-50ad95b8a7a9?source=rss------bug_bounty-5 | Max Klose | reconnaissance, bug-bounty-hunting, automation, bug-bounty, guides-and-tutorials | 18-Dec-2023 |
Bug Zero at a Glance [19–30 November] | https://blog.bugzero.io/bug-zero-at-a-glance-19-30-november-8470a11d3015?source=rss------bug_bounty-5 | Januka Dharmapriya | bug-zero, newsletter, cybersecurity, sri-lanka, bug-bounty | 17-Dec-2023 |
Mitel MiCollab AWV Directory Traversal Vulnerability (CVE-2020–11798) | https://samshadow.medium.com/mitel-micollab-awv-directory-traversal-vulnerability-cve-2020-11798-ec1408cd35b9?source=rss------bug_bounty-5 | Sam Shadow | bug-bounty, bug-bounty-writeup, bug-bounty-tips, vulnerability, directory-traversal | 17-Dec-2023 |
Unveiling a Security Flaw: The Divergence of OTP and Link Password Authentication in redacted.com | https://medium.com/@MohaseenK/unveiling-a-security-flaw-the-divergence-of-otp-and-link-password-authentication-in-redacted-com-27e0cc2dc73c?source=rss------bug_bounty-5 | Mohaseen | bug-hunting, password-reset, bug-bounty, hackerone | 17-Dec-2023 |
XSSRF : The Unholy Matrimony of XSS and SSRF | https://naumankh4n.medium.com/xssrf-the-unholy-matrimony-of-xss-and-ssrf-89f7abfca5b3?source=rss------bug_bounty-5 | Nauman Khan | cybersecurity, hacking, bug-bounty, penetration-testing, money | 17-Dec-2023 |
Bug Bounty programmes give people the fear (they shouldn’t) | https://medium.com/@ethanrom/bug-bounty-programmes-give-people-the-fear-they-shouldnt-755466351140?source=rss------bug_bounty-5 | Leo C | hacking, cybersecurity, ciso, culture, bug-bounty | 17-Dec-2023 |
V3 Testnet Bug Bounty | https://tribeone.medium.com/v3-testnet-bug-bounty-8281b8775843?source=rss------bug_bounty-5 | TribeOne | nft, smart-contract-security, bug-bounty | 17-Dec-2023 |
DOM XSS in document.write sink using source location.search | https://medium.com/@marduk.i.am/dom-xss-in-document-write-sink-using-source-location-search-ae458bc5c85f?source=rss------bug_bounty-5 | Marduk I Am | dom-xss, cross-site-scripting, cybersecurity, bug-bounty, portswigger-lab | 17-Dec-2023 |
Reflected XSS in BGMI | https://medium.com/@patil97/reflected-xss-in-bgmi-38ed48773981?source=rss------bug_bounty-5 | Patil97 | bug-bounty, xs, bugs, security | 17-Dec-2023 |
Main Methodology 1 | Part 04 | What To Do After Choosing a Target | https://infosecwriteups.com/main-methodology-1-part-04-what-to-do-after-choosing-a-target-f9cea586d6af?source=rss------bug_bounty-5 | Om Arora | bug-bounty, bug-bounty-tips, hacking, infosec, methodology | 17-Dec-2023 |
When not to rely on Automated Tools | https://medium.com/@rodriguezjorgex/when-not-to-rely-on-automated-tools-429b331e0613?source=rss------bug_bounty-5 | Rodriguezjorgex | cybersecurity, bug-bounty, xss-attack, prototype-pollution, bug-bounty-tips | 16-Dec-2023 |
Escalating DOM XSS to Stored XSS | https://medium.com/@rodriguezjorgex/escalating-dom-xss-to-stored-xss-eb6f3a669af3?source=rss------bug_bounty-5 | Rodriguezjorgex | cross-site-scripting, bug-bounty, hacking, cybersecurity, xss-attack | 16-Dec-2023 |
Mitigating Risks: Securing Symfony Profiler from Unwanted Exposure | https://samshadow.medium.com/mitigating-risks-securing-symfony-profiler-from-unwanted-exposure-14e90a53dd65?source=rss------bug_bounty-5 | Sam Shadow | bug-bounty-writeup, bug-bounty, bug-bounty-tips, vulnerability | 16-Dec-2023 |
Unveiling Vulnerabilities: PHP Debug Bar Exposes Sensitive Information | https://samshadow.medium.com/unveiling-vulnerabilities-php-debug-bar-exposes-sensitive-information-ca341267fe33?source=rss------bug_bounty-5 | Sam Shadow | vulnerability, bug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter | 16-Dec-2023 |
Self-XSS to Stored XSS | https://medium.com/@rodriguezjorgex/self-xss-to-stored-xss-b4b999610c5b?source=rss------bug_bounty-5 | Rodriguezjorgex | hacking, cybersecurity, bug-bounty, xss-attack, bug-bounty-tips | 16-Dec-2023 |
Unveiling CVE-2019-11248: A Vulnerability in Kubernetes | https://samshadow.medium.com/unveiling-cve-2019-11248-a-vulnerability-in-kubernetes-83a831afaccd?source=rss------bug_bounty-5 | Sam Shadow | bug-bounty, bug-bounty-hunter, bug-bounty-tips, vulnerability, bug-bounty-writeup | 16-Dec-2023 |
DOM-based vulnerabilities | https://ayonthakur101.medium.com/dom-based-vulnerabilities-db02d7437b26?source=rss------bug_bounty-5 | Ayon Thakur | penetration-testing, bug-bounty, hacker, portswigger, burp-suit | 16-Dec-2023 |
SSTI gave me T-Shirt + € 50 | https://medium.com/@bug.hun3r/ssti-got-me-t-shirt-50-a8672ca766c9?source=rss------bug_bounty-5 | mo9kHu93r | information-security, bug-bounty, bug-hunting, info-sec-writeups, cybersecurity | 16-Dec-2023 |
Kakar Security | https://medium.com/@walikhankakar313/kakar-security-cf15f39baede?source=rss------bug_bounty-5 | Wali Khan Kakar | website-scanning, penetration, security, hacking-world, bug-bounty | 16-Dec-2023 |
Headline: Indian Government Issues High-Risk Warning for Samsung Galaxy S23 and Other Models | https://riglabscollective.medium.com/headline-indian-government-issues-high-risk-warning-for-samsung-galaxy-s23-and-other-models-2c153d5bcc62?source=rss------bug_bounty-5 | Riglabs Collective | samsung-galaxy, india, s23ultra, mobile, bug-bounty | 15-Dec-2023 |
6 Quick Discover Bug Search Syntax In Code-base | https://medium.com/@kerstan/6-quick-discover-bug-search-syntax-in-code-base-eb3d6fb6e929?source=rss------bug_bounty-5 | kerstan | hacker, cybersecurity, bug-bounty, security, bug-bounty-tips | 15-Dec-2023 |
Easy Money from the Most Trivially Easy Broken Access Control | https://abd11atarek.medium.com/easy-money-from-the-most-trivially-easy-broken-access-control-4d810af327f7?source=rss------bug_bounty-5 | abda11atarek | bugcrowd, bug-bounty-tips, bug-hunter, bug-bounty, broken-access-control | 15-Dec-2023 |
HTTP/2 Request Smuggling | https://medium.com/@kerstan/http-2-request-smuggling-b6ef5ae351fb?source=rss------bug_bounty-5 | kerstan | hacking, https, bug-bounty-tips, bug-bounty, cybersecurity | 15-Dec-2023 |
3 Cases of DOM XSS in Bug Bounty | https://medium.com/@kerstan/3-cases-of-dom-xss-in-bug-bounty-0744003f0b2b?source=rss------bug_bounty-5 | kerstan | bug-bounty, xss-attack, hacking, cybersecurity, bug-bounty-tips | 15-Dec-2023 |
How I Automatically Discovered SSRF in Hackerone Program | https://medium.com/@kerstan/how-i-automatically-discovered-ssrf-in-hackerone-program-2ae0b7a6ef1b?source=rss------bug_bounty-5 | kerstan | bug-bounty-tips, cybersecurity, hacking, ssrf, bug-bounty | 15-Dec-2023 |
How I Discovered SSRF on Hackerone Program | https://medium.com/@kerstan/how-i-discovered-ssrf-on-hackerone-program-7bbe72334f74?source=rss------bug_bounty-5 | kerstan | bug-bounty-tips, bug-bounty, ssrf, hacker, graphql | 15-Dec-2023 |
From CloudSec to Application Security, Bug Bounties to Cybersecurity tooling, and More | https://infosecwriteups.com/from-cloudsec-to-application-security-bug-bounties-to-cybersecurity-tooling-and-more-9f4a1819620c?source=rss------bug_bounty-5 | InfoSec Write-ups | hacking, conference, bug-bounty, security, information-security | 15-Dec-2023 |
One port can be a costly mistake | Attack The Rsync Service in a Private Program | https://medium.com/@sword0x00/one-port-can-be-a-costly-mistake-attack-the-rsync-service-in-a-private-program-cdbf9ecc650d?source=rss------bug_bounty-5 | Mohanad Hesham | rsync, bug-bounty, fingerprinting, port-scan, hacking | 15-Dec-2023 |
How To Explore and Exploit GraphQL [Indonesia] | https://revan-ar.medium.com/how-to-explore-and-exploit-graphql-indonesia-562c560f46c6?source=rss------bug_bounty-5 | Revan A | bug-bounty, web-security, api, penetration-testing, graphql | 15-Dec-2023 |
Subdomain Takeover in Azure Trafficmanager for Fun & Profit | https://padsalatushal.medium.com/subdomain-takeover-in-azure-trafficmanager-for-fun-profit-09c858ca3d0e?source=rss------bug_bounty-5 | Padsala Tushal | bug-bounty, cybersecurity, infosec, subdomain-takeover, bug-bounty-tips | 15-Dec-2023 |
Cookie Quest: XSS Admin Assault | https://medium.com/@josh.beck2006/cookie-quest-xss-admin-assault-694769f84796?source=rss------bug_bounty-5 | Josh Beck | cybersecurity, programming, penetration-testing, bug-bounty, ctf-writeup | 14-Dec-2023 |
How did I find open redirect on LinkedIn | https://medium.com/@neverl0gbughunt/how-did-i-find-open-redirect-on-linkedin-e35918b3b129?source=rss------bug_bounty-5 | neverl0g | bug-bounty-tips, bug-bounty-writeup, bug-bounty | 14-Dec-2023 |
All about Ethical Hacking | https://securitycipher.medium.com/all-about-ethical-hacking-277b9c3e4b36?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | technology, security, cybersecurity, bug-bounty, hacking | 14-Dec-2023 |
Uncovering an Account Takeover Vulnerability: Auth Bypass via Response Manipulation. | https://medium.com/@kataeriidubstep/uncovering-an-account-takeover-vulnerability-auth-bypass-via-response-manipulation-ba8257f917d2?source=rss------bug_bounty-5 | Pavan kumar.G | cybersecurity, appsec, bug-bounty | 14-Dec-2023 |
Remote Code execution at ws1.aholdusa.com — Compromising logins of Ahold Delhaize USA employees | https://medium.com/@jonathanbouman/remote-code-execution-at-ws1-aholdusa-com-compromising-logins-of-ahold-delhaize-usa-employees-c7c9aca7e05d?source=rss------bug_bounty-5 | Jonathan Bouman | cybersecurity, bug-bounty, rce, hacking, security | 14-Dec-2023 |
How I Quickly Discover Bug In Codebase | https://medium.com/@kerstan/how-i-quickly-discover-bug-in-code-6a3bfa7e6e82?source=rss------bug_bounty-5 | kerstan | bug-bounty, programming, technology, code-review, cybersecurity | 14-Dec-2023 |
How i found a Permanent Denial of Service via Account Lockout: | https://medium.com/@kataeriidubstep/how-i-found-a-permanent-denial-of-service-via-account-lockout-ac1bc33c3c0a?source=rss------bug_bounty-5 | Pavan kumar.G | appsec, cybersecurity, bug-bounty | 14-Dec-2023 |
How i found a Misconfigured CORS Vulnerability — Unauthorized Cross-Origin Resource Sharing : | https://medium.com/@kataeriidubstep/how-i-found-a-misconfigured-cors-vulnerability-unauthorized-cross-origin-resource-sharing-16effea37e78?source=rss------bug_bounty-5 | Pavan kumar.G | appsec, cybersecurity, bug-bounty | 14-Dec-2023 |
How i found a Password Reset Token Leak via Referer Header: | https://medium.com/@kataeriidubstep/how-i-found-a-password-reset-token-leak-via-referer-header-7d71d35b0ea8?source=rss------bug_bounty-5 | Pavan kumar.G | appsec, cybersecurity, bug-bounty | 14-Dec-2023 |
Adobe Recap: 2023 Ambassador World Cup Final Four | https://blog.developer.adobe.com/adobe-recap-2023-ambassador-world-cup-final-four-df701e1a1b12?source=rss------bug_bounty-5 | Chris Parkerson | hacking, security, bug-bounty, hackathons, security-research | 14-Dec-2023 |
Starlink Router Gen 2 is vulnerable to XSS. | https://medium.com/@hackintoanetwork/starlink-router-gen-2-is-vulnerable-to-xss-48cfcadd0b13?source=rss------bug_bounty-5 | hackintoanetwork | bug-bounty, starlink, exploit, dishy, router | 14-Dec-2023 |
VulnLab — SQL Injection series — Bypass Login part 2(Database Collect) | https://medium.com/@kurobe09/vulnlab-sql-injection-series-bypass-login-part-2-database-collect-1e6aa36a1308?source=rss------bug_bounty-5 | kurobe09 | cybersecurity, cyberattack, pentest-learnings, sql-injection, bug-bounty | 13-Dec-2023 |
Cross-Site Scripting (XSS) | https://medium.com/@savanghori1203/cross-site-scripting-xss-c288793349a9?source=rss------bug_bounty-5 | SavanGhori | bug-bounty, xss-attack, xss-vulnerability, bug-bounty-tips, vulnerability | 13-Dec-2023 |
phpinfo() — My First Resolved Bug in HackerOne | https://medium.com/@ft.eagle.eye.1/phpinfo-my-first-resolved-bug-in-hackerone-a22fea1adb9b?source=rss------bug_bounty-5 | Muhammad Farhad Ansary | bug-bounty, bug-bounty-tips | 13-Dec-2023 |
AppSec Tales XXIV | Deserialization | https://karol-mazurek95.medium.com/appsec-tales-xxiv-deserialization-841d6bfaa710?source=rss------bug_bounty-5 | Karol Mazurek | penetration-testing, bug-bounty, information-technology, information-security, cybersecurity | 13-Dec-2023 |
Only 3 Days Left For IWCON 2023 | https://infosecwriteups.com/only-3-days-left-for-iwcon-2023-bab915df5ae8?source=rss------bug_bounty-5 | InfoSec Write-ups | hacking, bug-bounty, conference, information-security, programming | 13-Dec-2023 |
A misconfiguration in the password reset process can lead to an account takeover. | https://medium.com/@Mr3Moe/a-misconfiguration-in-the-password-reset-process-can-lead-to-an-account-takeover-30c43e17d744?source=rss------bug_bounty-5 | Mr3Moe | web-application-security, web-app-pentesting, bug-bounty, web-app-security | 13-Dec-2023 |
I found out what my neighbour was looking at on the internet, This is how ? | https://navnee1h.medium.com/i-found-out-what-my-neighbour-was-looking-at-on-the-internet-this-is-how-050c4dfef8b4?source=rss------bug_bounty-5 | Navaneeth M S | bug-bounty, monitoring, dns, hacking, wifi | 13-Dec-2023 |
Day 13 Bug Bounty — 60 days 60 bugs challenge (Found P1!!! Hope it gets accepted) | https://medium.com/@avbhijitdutta99/day-13-bug-bounty-60-days-60-bugs-challenge-found-p1-hope-it-gets-accepted-670f0dcc25f3?source=rss------bug_bounty-5 | Abhijit Dutta | bug-bounty-writeup, bug-bounty, bug-bounty-program, bug-bounty-tips, bugbountychallenge | 13-Dec-2023 |
OpenBounty, Shentu’s New Approach in Security Ecosystem | https://shentuchain.medium.com/openbounty-shentus-new-approach-in-security-ecosystem-fbae6506d956?source=rss------bug_bounty-5 | Shentu Chain | bounty-program, bounty-hunter, bug-bounty, web3, cybersecurity | 12-Dec-2023 |
Mobile Application Security Testing: Navigating the Digital Landscape Safely | https://medium.com/geekculture/mobile-application-security-testing-navigating-the-digital-landscape-safely-3aead90a5455?source=rss------bug_bounty-5 | Security Lit Limited | mobile-security, cybersecurity, programming, vapt, bug-bounty | 12-Dec-2023 |
I will do Vulnerability Assessment and penetration testing on your website | https://securitycipher.medium.com/i-will-do-vulnerability-assessment-and-penetration-testing-on-your-website-5cd4fb147a33?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | services, bug-bounty, security, cybersecurity, technology | 12-Dec-2023 |
Skills Needed For Bug Bounty | https://medium.com/@joshdesharnais1/skills-needed-for-bug-bounty-23e289ef0853?source=rss------bug_bounty-5 | Joshua Desharnais | xss-attack, idor, bug-bounty, account-takeover | 12-Dec-2023 |
Duplicate CSRF… Leads to $$$$ | https://shellbreaker.medium.com/duplicate-csrf-leads-to-26c1ddc71dc5?source=rss------bug_bounty-5 | Bhavesh aka Shellbreaker | hacking, info-sec-writeups, bug-bounty, cybersecurity, bug-bounty-tips | 12-Dec-2023 |
Server-Side Request Forgery (SSRF) | https://medium.com/@savanghori1203/server-side-request-forgery-ssrf-ca04465ac41a?source=rss------bug_bounty-5 | SavanGhori | bug-bounty, vulnerability, bug-bounty-tips, ssrf, bugs | 12-Dec-2023 |
Remote Code Execution (RCE) | https://medium.com/@savanghori1203/remote-code-execution-rce-e8628b1432de?source=rss------bug_bounty-5 | SavanGhori | bug-bounty-tips, bugs, vulnerability, rce, bug-bounty | 12-Dec-2023 |
Join ARPA’s Bug Bounty Program with Immunefi — Up to $50,000 in Rewards! | https://arpa.medium.com/join-arpas-bug-bounty-program-with-immunefi-up-to-50-000-in-rewards-18d9fbd7b193?source=rss------bug_bounty-5 | ARPA Official | blockchain, developer, bug-bounty, debugging | 12-Dec-2023 |
Easy Admin Access — RVDP (2) | https://infosecwriteups.com/easy-admin-access-rvdp-2-bf2ec8349ebf?source=rss------bug_bounty-5 | hackerdevil | penetration-testing, hacking, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 12-Dec-2023 |
One Scheme to Rule Them All: OAuth Account Takeover | https://medium.com/@ostorlab/one-scheme-to-rule-them-all-oauth-account-takeover-26ac4cb5e898?source=rss------bug_bounty-5 | Ostorlab | mobile-security, bug-bounty, oauth, bug-bounty-tips, account-takeover | 12-Dec-2023 |
The launch of incentivized testnet for TribeOne V3 | https://tribeone.medium.com/the-launch-of-incentivized-testnet-for-tribeone-v3-6e12a1eb6d0f?source=rss------bug_bounty-5 | TribeOne | bug-bounty, perpetual-contracts, testnet, nft, trading-competition | 12-Dec-2023 |
Hacking NASA and Got Hall of Fame | https://medium.com/@bug.hun3r/hacking-nasa-and-got-hall-of-fame-71f9a344d1d0?source=rss------bug_bounty-5 | mo9kHu93r | penetration-testing, cybersecurity, nasa, ethical-hacking, bug-bounty | 12-Dec-2023 |
Build3rs Bug Bounty Program | https://medium.com/@Lay3rsXR/build3rs-bug-bounty-program-8b874bdfee0e?source=rss------bug_bounty-5 | Lay3rs | build3rs, bug-bounty, blockchain, refis | 12-Dec-2023 |
Bug Bounty and Hacking Books You Should Read (Must Read) | https://rajkaran359.medium.com/bug-bounty-and-hacking-books-you-should-read-must-read-57ca722ad51d?source=rss------bug_bounty-5 | Rajkaran | bug-bounty, hacking-books, hacking, cybersecurity, bug-bounty-tips | 12-Dec-2023 |
How I got $300 for Default Credential Login at Bugcrowd | https://medium.com/@avbhijitdutta99/how-i-got-300-for-default-credential-login-at-bugcrowd-30368eb698f7?source=rss------bug_bounty-5 | Abhijit Dutta | bug-bounty-tips, bug-bounty-program, bug-bounty, bug-bounty-writeup | 12-Dec-2023 |
missing session scopes lead to authentication bypass | https://medium.com/@Mr3Moe/missing-session-scopes-lead-to-authentication-bypass-2e1cdaebda7b?source=rss------bug_bounty-5 | Mr3Moe | web, bug-bounty, appsec, web-penetration-testing | 12-Dec-2023 |
Exploiting Django Debug Mode for Unrestricted Access to the Internal Dashboard? | https://rokkamvamsi18.medium.com/exploiting-django-debug-mode-for-unrestricted-access-to-the-internal-dashboard-b725783714ae?source=rss------bug_bounty-5 | Rokkam_Vamshi1_8 | bug-bounty-tips, django, bug-bounty, hackerone, infosec | 12-Dec-2023 |
Portswigger Labs — Api-testing | https://medium.com/@rynnnn617/portswigger-labs-api-testing-86a8827ddfdc?source=rss------bug_bounty-5 | Ry4nnnn | portswigger, appsec, bug-bounty, burp | 11-Dec-2023 |
How to learn Hacking From 0 to Hero | https://rajput623929.medium.com/how-to-learn-hacking-from-0-to-hero-4a5f288c003d?source=rss------bug_bounty-5 | Mr.Horbio | bug-bounty, cryptography, ethical-hacking, cybersecurity, hacking | 11-Dec-2023 |
How i found a Host Header Injection in Password Reset Function: | https://medium.com/@kataeriidubstep/how-i-found-a-host-header-injection-in-password-reset-function-5c2ba8d209e6?source=rss------bug_bounty-5 | Pavan kumar.G | cybersecurity, appsec, bug-bounty | 11-Dec-2023 |
How I Automatically Discovered SSRF in Hackerone Programs | https://medium.com/@kerstan/how-i-automatically-discovered-ssrf-in-hackerone-programs-39e27a1554b5?source=rss------bug_bounty-5 | kerstan | security, ssrf, bug-bounty-tips, bug-bounty, hacker | 11-Dec-2023 |
Next js and Antd Desing css demora milesimos de segundos para carregar na página. | https://medium.com/@yurioliveiragochi/next-js-and-antd-desing-css-demora-milesimos-de-segundos-para-carregar-na-p%C3%A1gina-77f3b203dac8?source=rss------bug_bounty-5 | Yuri Oliveira Gochi | bug-bounty, antd, next, react | 11-Dec-2023 |
Unveiling the World of Bug Bounty Programs: Enhancing Cybersecurity Through Collaboration | https://medium.com/@bahadur4630105/unveiling-the-world-of-bug-bounty-programs-enhancing-cybersecurity-through-collaboration-bde9831b6882?source=rss------bug_bounty-5 | Syed Dawood | cyber-security-awareness, bug-bounty, bugbounty-writeup, bug-bounty-tips, bug-bounty-hunter | 11-Dec-2023 |
Dollars and Detectives: An Unique way to XSS Mysteries ( Not a Simp one ) for a $150 Reward | https://naumankh4n.medium.com/dollars-and-detectives-an-unique-way-to-xss-mysteries-not-a-simp-one-for-a-150-reward-f5d2d80d5022?source=rss------bug_bounty-5 | Nauman Khan | money, ai, cybersecurity, hacking, bug-bounty | 11-Dec-2023 |
Say Goodbye to Password Hassles with These Cutting-Edge Security Trends! | https://medium.com/@paritoshblogs/say-goodbye-to-password-hassles-with-these-cutting-edge-security-trends-8b8f6ad8f6d4?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-security, cybersecurity, passwordless, passwords | 11-Dec-2023 |
HackTheBox — Session Security: Obtain Session Identifier via XSS | https://medium.com/@harry.hphu/hackthebox-session-security-obtain-session-identifier-via-xss-c151160c03b0?source=rss------bug_bounty-5 | Huy Phu | hackthebox, web-security, session-security, bug-bounty, xss-attack | 11-Dec-2023 |
So you found Auth0 secrets, now what? | https://blog.prodefense.io/so-you-found-auth0-secrets-now-what-0945642ac09b?source=rss------bug_bounty-5 | Nightbane | pentesting, security, red-team, bug-bounty, auth0 | 11-Dec-2023 |
Kubernetes CR injection technique | https://medium.com/@esonhugh/kubernetes-cr-injection-technique-b4506500b8e9?source=rss------bug_bounty-5 | Esonhugh | hacking, custom-resource, bug-bounty, kubernetes-security | 10-Dec-2023 |
Bug bounty training from scratch(part2->lesson10): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson10-57551e079751?source=rss------bug_bounty-5 | Pavan kumar.G | computer-science, appsec, bug-bounty, networking | 10-Dec-2023 |
Bug bounty training from scratch(part2->lesson9): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson9-4802a25a2570?source=rss------bug_bounty-5 | Pavan kumar.G | computer-science, bug-bounty, appsec, networking | 10-Dec-2023 |
Bug bounty training from scratch(part2->lesson8): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson8-e8a2b87c3ac2?source=rss------bug_bounty-5 | Pavan kumar.G | bug-bounty, networking, appsec, computer-science | 10-Dec-2023 |
Bug bounty training from scratch(part2->lesson7): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson7-152c167dbc0f?source=rss------bug_bounty-5 | Pavan kumar.G | bug-bounty, appsec, computer-science, networking | 10-Dec-2023 |
Bug bounty training from scratch(part2->lesson6): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson6-43abf1f342ec?source=rss------bug_bounty-5 | Pavan kumar.G | networking, computer-science, appsec, bug-bounty | 10-Dec-2023 |
Bug bounty training from scratch(part2->lesson5): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson5-f0042df50fca?source=rss------bug_bounty-5 | Pavan kumar.G | bug-bounty, networking, computer-science, appsec | 10-Dec-2023 |
Bug bounty training from scratch(part2->lesson4): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson4-29d491577d8c?source=rss------bug_bounty-5 | Pavan kumar.G | bug-bounty, networking, computer-science, appsec | 10-Dec-2023 |
Bug bounty training from scratch(part2->lesson3): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson3-80794013cf99?source=rss------bug_bounty-5 | Pavan kumar.G | networking, bug-bounty, computer-science, appsec | 10-Dec-2023 |
Bug bounty training from scratch(part2->lesson2): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson2-177e4a21e8d3?source=rss------bug_bounty-5 | Pavan kumar.G | computer-science, appsec, networking, bug-bounty | 10-Dec-2023 |
Bug bounty training from scratch(part2->lesson1) : | https://medium.com/@kataeriidubstep/understanding-ip-addressing-a-comprehensive-overview-95bf12e05cae?source=rss------bug_bounty-5 | Pavan kumar.G | network-engineering, computer-science, appsec, bug-bounty | 10-Dec-2023 |
Bug bounty training from scratch(part2->lesson | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson-7a58ad73a31d?source=rss------bug_bounty-5 | Pavan kumar.G | bug-bounty, appsec, networking, computer-science | 10-Dec-2023 |
How to not implement payment features - Insights from Bugbounty | https://medium.com/@sivakrishnasamireddi/how-to-not-implement-payment-features-insights-from-bugbounty-e3d375566ad0?source=rss------bug_bounty-5 | Siva Krishna Samireddi | hacking, payments, bug-bounty, security, bugbounty-writeup | 10-Dec-2023 |
5 Tips for the Beginners Who Want to Start Bug Bounty | https://medium.com/@bhuiyanaman71/5-tips-for-the-beginners-who-want-to-start-bug-bounty-c1a1a952e605?source=rss------bug_bounty-5 | Aman Bhuiyan | web-hacking, bug-bounty, bug-bounty-tips, hacking, ethical-hacking | 10-Dec-2023 |
In under age (<18), How I Hacked Multi- Billion-Dollar-Corp and got first 4 fig. $2600 Bounty! | https://medium.com/@manan_sanghvi/in-under-age-18-how-i-hacked-multi-billion-dollar-corp-and-got-first-4-fig-2600-bounty-d9ce97b3652e?source=rss------bug_bounty-5 | Manan Sanghvi | idor, bug-bounty, first-bounty, web-application-security, hacking | 10-Dec-2023 |
Bug Bounty Testing: Test Ideas | https://medium.com/@lopseg/bug-bounty-testing-test-ideas-cf6e8ec5aed1?source=rss------bug_bounty-5 | Lopseg | bug-bounty-writeup, bug-bounty, hacking-training, bug-bounty-tips, info-sec-writeups | 10-Dec-2023 |
CORS Misconfiguration -> PII Leak | https://medium.com/@boogsta/cors-misconfiguration-pii-leak-2765ff5b7115?source=rss------bug_bounty-5 | Boogsta | cybersecurity, cyber, hacking, bug-bounty-tips, bug-bounty | 10-Dec-2023 |
Awesome Bug Bounty Tools Exploring Subdomain Enumeration and Reconnaissance Tools | https://cyberconqueror.medium.com/awesome-bug-bounty-tools-exploring-subdomain-enumeration-and-reconnaissance-tools-7bffb25210e6?source=rss------bug_bounty-5 | NEW | enumeration, mentoring, bug-bounty, cybersecurity, medium | 09-Dec-2023 |
Is it safe to expose your Firebase API key? | https://infosecwriteups.com/is-it-safe-to-expose-your-firebase-api-key-bf2a318c0f29?source=rss------bug_bounty-5 | Suprajabaskaran | cybersecurity, keys, firebase, bug-bounty, ethical-hacking | 09-Dec-2023 |
2FA & MFA Bypass, Bug Bounty Easy Wins ! ! Ultimate Guide | https://medium.com/@Kalki2121/2fa-mfa-bypass-bug-bounty-easy-wins-ultimate-guide-3722de0ad26c?source=rss------bug_bounty-5 | ʏᴀꜱʜʜ | information-security, bug-bounty-tips, bug-bounty, infosec, cybersecurity | 09-Dec-2023 |
3 Symfony (RCE): A Peek Behind the Curtain | https://medium.com/@bxrowski0x/3-symfony-rce-a-peek-behind-the-curtain-83da5433e149?source=rss------bug_bounty-5 | Omar ElSayed | bug-bounty-tips, cybersecurity, bug-bounty, symfony, remote-code-execution | 09-Dec-2023 |
How I passed my CRTP Exam | https://medium.com/@damaidec/how-i-passed-my-crtp-exam-c1dadd4d9ec1?source=rss------bug_bounty-5 | Damaidec | exam, active-directory, cybersecurity, hacking, bug-bounty | 09-Dec-2023 |
Introduction to Burpsuite Bambda Feature | https://medium.com/@gguzelkokar.mdbf15/introduction-to-burpsuite-bambda-feature-4c6b5fbc168d?source=rss------bug_bounty-5 | Gökhan Güzelkokar | hacking, burpsuite, bug-bounty | 09-Dec-2023 |
TryHackMe | Advent of Cyber 2023 | Day 5 | https://axoloth.medium.com/tryhackme-advent-of-cyber-2023-day-5-60a464ac8d07?source=rss------bug_bounty-5 | Axoloth | bug-bounty, tryhackme, hacking, cybersecurity, penetration-testing | 09-Dec-2023 |
TryHackMe | Advent of Cyber 2023 | Day 4 | https://axoloth.medium.com/tryhackme-advent-of-cyber-2023-day-4-efa5f90ccfc1?source=rss------bug_bounty-5 | Axoloth | tryhackme, hacking, cybersecurity, bug-bounty, penetration-testing | 09-Dec-2023 |
My first Bugs: Persistence and mentality (Not a Writeup). | https://medium.com/@Nightbloodz/my-first-bugs-persistence-and-mentality-not-a-writeup-1017714abc8c?source=rss------bug_bounty-5 | Alvaro Balada | bug-bounty-hunter, bug-bounty, bug-bounty-tips, cybersecurity | 09-Dec-2023 |
Introduction to Burpsuite Bambdas Feature | https://medium.com/@gguzelkokar.mdbf15/introduction-to-burpsuite-bambda-feature-4c6b5fbc168d?source=rss------bug_bounty-5 | Gökhan Güzelkokar | hacking, burpsuite, bug-bounty | 09-Dec-2023 |
My first dork on GHBD | https://noorhomaid.medium.com/my-first-dork-on-ghbd-988c21b45869?source=rss------bug_bounty-5 | NoorHomaid | cybersecurity, bug-bounty, google-dork, ethical-hacking, penetration-testing | 09-Dec-2023 |
HTTP Noir: The Dark Art of Smuggling Bytes | https://chayandatta.medium.com/http-noir-the-dark-art-of-smuggling-bytes-a471a0f990f5?source=rss------bug_bounty-5 | CHAYAN DATTA | security, http-request-smuggling, hacking, bug-bounty, network | 09-Dec-2023 |
Broken Link Hijacking | https://0xtomcat.medium.com/broken-link-hijacking-e0afc5986ea6?source=rss------bug_bounty-5 | Tomcat | bug-bounty, bug-bounty-writeup, bug-bounty-tips, bugbounty-writeup | 08-Dec-2023 |
Testing vulnerabilities beyond traditional cases — around login/signup features | https://infosecwriteups.com/testing-vulnerabilities-beyond-traditional-cases-around-login-signup-features-9d496bd283d4?source=rss------bug_bounty-5 | Suprajabaskaran | ethical-hacking, bug-bounty-tips, penetration-testing, pentesting, bug-bounty | 08-Dec-2023 |
#4 Install Burp’s CA Certificate in Firefox — Guide for Burp Suite | https://securitycipher.medium.com/4-install-burps-ca-certificate-in-firefox-guide-for-burp-suite-75a555ed7225?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | technology, security, bug-bounty-tips, bug-bounty, cybersecurity | 08-Dec-2023 |
Enum is the key — Automatizado + Manual = Full shell. | https://aleeeeex264.medium.com/enum-is-the-key-automatizado-manual-full-shell-4eead6c37dc4?source=rss------bug_bounty-5 | Alejandro Olivares 0x4lex | kali-linux, bug-bounty, bug-bounty-tips, hacking, pentesting | 08-Dec-2023 |
PEARfection: From LFI to RCI: An iCSI CTF Challenge. | https://medium.com/@josh.beck2006/pearfection-from-lfi-to-rci-an-icsi-ctf-challenge-4ecfb77a60c4?source=rss------bug_bounty-5 | Josh Beck | bug-bounty, penetration-testing, ctf-writeup, cybersecurity | 08-Dec-2023 |
Unraveling The Story of Multiple Admin Panel Compromises | https://vedanttekale20.medium.com/unraveling-the-story-of-multiple-admin-panel-compromises-baac4444285f?source=rss------bug_bounty-5 | Vedant Tekale | information-security, recon, bug-bounty, hacking, cybersecurity | 08-Dec-2023 |
Blind XSS on Registration System | https://medium.com/@aurelioyudistira/blind-xss-on-registration-system-410eb0b98109?source=rss------bug_bounty-5 | MxShinzu | pentesting, bug-bounty, cybersecurity | 08-Dec-2023 |
Bug bounty training from scratch: | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-f62cc13fbe64?source=rss------bug_bounty-5 | Pavan kumar.G | appsec, computer-science, bug-bounty | 07-Dec-2023 |
Bug bounty training from scratch for beginners: | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-for-beginners-1f17e609fbf0?source=rss------bug_bounty-5 | Pavan kumar.G | cybersecurity, appsec, computer-science, bug-bounty, linux | 07-Dec-2023 |
Bug bounty training from scratch(part1->lesson12): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson12-206baedf6747?source=rss------bug_bounty-5 | Pavan kumar.G | bug-bounty, appsec, computer-science | 07-Dec-2023 |
Bug bounty training from scratch(part1->lesson11): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson11-6f2c71aa8135?source=rss------bug_bounty-5 | Pavan kumar.G | computer-science, appsec, bug-bounty | 07-Dec-2023 |
Bug bounty training from scratch(part1->lesson10): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson10-b2af2898a6b1?source=rss------bug_bounty-5 | Pavan kumar.G | appsec, computer-science, bug-bounty | 07-Dec-2023 |
Bug bounty training from scratch(part1->lesson9): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson9-44b004fe5550?source=rss------bug_bounty-5 | Pavan kumar.G | appsec, computer-science, bug-bounty | 07-Dec-2023 |
Bug bounty training from scratch(part1-> lesson8): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson8-98680d93e4bf?source=rss------bug_bounty-5 | Pavan kumar.G | bug-bounty, appsec, computer-science | 07-Dec-2023 |
Bug bounty training from scratch(part1->lesson7): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson7-d04def4b4ef3?source=rss------bug_bounty-5 | Pavan kumar.G | appsec, computer-science, bug-bounty | 07-Dec-2023 |
Bug bounty training from scratch (part1->lesson6): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson6-1b4b8742a1ec?source=rss------bug_bounty-5 | Pavan kumar.G | computer-science, bug-bounty, appsec | 07-Dec-2023 |
Bug bounty training from scratch(part1->lesson5): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson5-15d8c1f2cc5e?source=rss------bug_bounty-5 | Pavan kumar.G | appsec, computer-science, bug-bounty | 07-Dec-2023 |
Bug bounty training from scratch (part1->lesson4): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson4-653699a21284?source=rss------bug_bounty-5 | Pavan kumar.G | appsec, computer-science, bug-bounty | 07-Dec-2023 |
Using reNgine with Netlas.io module | https://netlas.medium.com/using-rengine-with-netlas-io-module-436e764a5495?source=rss------bug_bounty-5 | Netlas.io | penetration-testing, reconnaissance, information-security, cybersecurity, bug-bounty | 07-Dec-2023 |
Automation for Target Surface Information Gathering — XCOODE + AI Prompting for Bug Bounty Giants | https://medium.com/@xcoode/automation-for-target-surface-information-gathering-xcoode-ai-prompting-for-bug-bounty-giants-a545dadc87dc?source=rss------bug_bounty-5 | XCOODE | ai, hacking, hackerone, bug-bounty, openai | 07-Dec-2023 |
Markdown XSS tips | https://medium.com/@lopseg/markdown-xss-tips-e166905b1f5e?source=rss------bug_bounty-5 | Rafael Silva | bug-bounty-tips, info-sec-writeups, xss-attack, bug-bounty, bug-bounty-writeup | 07-Dec-2023 |
Hacking Indian Government, Finding XSS & SQL Injection | https://medium.com/@Kalki2121/hacking-indian-government-finding-xss-sql-injection-9f83e5e60c6f?source=rss------bug_bounty-5 | Yashh | bugs, bug-bounty-tips, bug-bounty, hacking, sql-injection | 07-Dec-2023 |
Unveiling Critical Vulnerability: Account Hijacking — Art of play on tokens | https://medium.com/@xcoode/unveiling-critical-vulnerability-account-hijacking-art-of-play-on-tokens-dd270140cd25?source=rss------bug_bounty-5 | XCOODE | fintech, bug-bounty, security, hacking, cloud | 07-Dec-2023 |
Advent of Cyber 2023 -Day 6 Walkthrough.. By Manoj Mudabagil. | https://medium.com/@manojmudabagil/advent-of-cyber-2023-day-6-walkthrough-by-manoj-mudabagil-cd7062261d33?source=rss------bug_bounty-5 | Manoj Mudabagil | tryhackme, hacking, advent-of-cyber-2023, cybersecurity, bug-bounty | 07-Dec-2023 |
Exploring New Vulnerability Vectors: A Systematic Approach to Manual Google Dorking | https://medium.com/@mxmd/exploring-new-vulnerability-vectors-a-systematic-approach-to-manual-google-dorking-fdfc79e9825d?source=rss------bug_bounty-5 | Max Klose | cybersecurity, bug-bounty-tips, bug-bounty, google-dorking, osint | 07-Dec-2023 |
Markdown XSS tips | https://medium.com/@lopseg/markdown-xss-tips-e166905b1f5e?source=rss------bug_bounty-5 | Lopseg | bug-bounty-tips, info-sec-writeups, xss-attack, bug-bounty, bug-bounty-writeup | 07-Dec-2023 |
Hunt for GitHub leaks with LOPSEG DORK HELPER | https://medium.com/@lopseg/hunt-for-github-leaks-with-lopseg-dork-helper-c3ce96cb4177?source=rss------bug_bounty-5 | Lopseg | bug-bounty-writeup, hacking-tools, bug-bounty, bug-bounty-tips, bug-bounty-hunter | 07-Dec-2023 |
Enhancing Bug Bounty Hunting with Lopseg OSINT | https://medium.com/@lopseg/enhancing-bug-bounty-hunting-with-lopseg-osint-4f2fd075621a?source=rss------bug_bounty-5 | Lopseg | bug-bounty, ctf, bug-bounty-writeup, cybersecurity, bug-bounty-tips | 07-Dec-2023 |
Enhancing Bug Bounty Hunting with Lopseg OSINT | https://medium.com/@lopseg/enhancing-bug-bounty-hunting-with-lopseg-osint-4f2fd075621a?source=rss------bug_bounty-5 | Lopseg | bug-bounty, ctf, bug-bounty-writeup, bug-bounty-tips, hacking-tools | 07-Dec-2023 |
Markdown XSS polyglot | https://medium.com/@lopseg/markdown-xss-tips-e166905b1f5e?source=rss------bug_bounty-5 | Lopseg | bug-bounty-tips, info-sec-writeups, xss-attack, bug-bounty, bug-bounty-writeup | 07-Dec-2023 |
20 Days Of Hacking: Bug Bounty Challenge —Conclusion | https://wallotry.medium.com/20-days-of-hacking-bug-bounty-challenge-conclusion-0ac57a737883?source=rss------bug_bounty-5 | Wallotry | bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-hunting | 06-Dec-2023 |
The Secret World of Malicious Strings and Hidden Threats – Are You at Risk? | https://medium.com/@paritoshblogs/the-secret-world-of-malicious-strings-and-hidden-threats-are-you-at-risk-cb25535d4718?source=rss------bug_bounty-5 | Paritosh | information-security, hacking, http-headers, bug-bounty, cybersecurity | 06-Dec-2023 |
Python Program to find GCD (Greatest Common Divisor) for Cryptography | https://rajput623929.medium.com/python-program-to-find-gcd-greatest-common-divisor-for-cryptography-816075bba2fa?source=rss------bug_bounty-5 | Mr.Horbio | cybersecurity, hacking, crytocurrency, cryptography, bug-bounty | 06-Dec-2023 |
API Security — Web Security Academy | https://mrshan.medium.com/api-security-web-security-academy-3578589fc3fa?source=rss------bug_bounty-5 | MR SHAN | web-security-academy, bug-bounty | 06-Dec-2023 |
Spool Unveils Comprehensive Bug Bounty Programme to Fortify DeFi Security | https://medium.com/spoolfi/spool-unveils-comprehensive-bug-bounty-programme-to-fortify-defi-security-673559c463dd?source=rss------bug_bounty-5 | Spool | bug-bounty, security, blockchain, defi, smart-contracts | 06-Dec-2023 |
Cheat code for file upload vulnerability by kidnapshadow | https://medium.com/@kidnapshadow/cheat-code-for-file-upload-vulnerability-by-kidnapshadow-ebb0794581f2?source=rss------bug_bounty-5 | Kidnapshadow | kidnapshadow, owasp, vulnerability, file-upload-vulnerability, bug-bounty | 06-Dec-2023 |
API Documentation Tips | https://medium.com/@lopseg/api-documentation-tips-e36e63f47589?source=rss------bug_bounty-5 | Rafael Silva | bug-bounty-tips, bug-hunting, bug-bounty | 06-Dec-2023 |
From Bug Bounty Prodigy to Leadership Luminary: Aditya Shende Ascends at XCOODE | https://medium.com/@xcoode/from-bug-bounty-prodigy-to-leadership-luminary-aditya-shende-ascends-at-xcoode-18a6aaab1471?source=rss------bug_bounty-5 | XCOODE | cybersecurity, bug-bounty, leadership, cyber | 05-Dec-2023 |
Empowering the Next Generation: XCOODE Unveils Hacckers Bug Bounty Platform for Cyber Enthusiasts | https://medium.com/@xcoode/empowering-the-next-generation-xcoode-unveils-hacckers-bug-bounty-platform-for-cyber-enthusiasts-bc6dc31c27b9?source=rss------bug_bounty-5 | XCOODE | cybersecurity, hacker, cyber, bug-bounty | 05-Dec-2023 |
PDF Upload Leading to Stored XSS | https://medium.com/@katmaca2014/pdf-upload-leading-to-stored-xss-f712326705ee?source=rss------bug_bounty-5 | Kaan Atmaca | cybersecurity, penetration-testing, bug-bounty, hacking, pentesting | 05-Dec-2023 |
LFI via SMTP log poisoning | https://medium.com/@akshadjoshi/lfi-via-smtp-log-poisoning-65e02dd21068?source=rss------bug_bounty-5 | Akshad Joshi | log-poisoning, local-file-inclusion, smtp, bug-bounty, rce | 05-Dec-2023 |
Bypassing 2FA Authentication in TeamPass System | https://medium.com/@developer_1991/bypassing-2fa-authentication-in-teampass-system-f3184fe8589d?source=rss------bug_bounty-5 | HamidReza Faghani | bug-bounty, account-takeover, security, 0day, exploitation | 05-Dec-2023 |
Admin Panel Access | https://medium.com/@omdubey170/admin-panel-access-5dd2fd4938a0?source=rss------bug_bounty-5 | Omdubey | bug-bounty, bugs, bug-bounty-tips, ethical-hacking, pentesting | 05-Dec-2023 |
LFI on Microsoft | https://medium.com/@sushilgill08/lfi-on-microsoft-2d30c9283534?source=rss------bug_bounty-5 | Sushil Choudhary | hackerone, bug-hunting, microsoft, bug-bounty, bugbounty-writeup | 04-Dec-2023 |
How I Found A Website Vulnerability In Under 10 Minutes | https://medium.com/@abidmafahim7/how-i-found-a-website-vulnerability-in-under-10-minutes-2b2ff934545d?source=rss------bug_bounty-5 | Abidmafahim | git-exposed, web-vulnerabilities, bug-bounty | 04-Dec-2023 |
Elevating Security: Whatfix Transition to a Custom Vulnerability Disclosure Program (VDP) | https://medium.com/whatfix-techblog/elevating-security-whatfix-transition-to-a-custom-vulnerability-disclosure-program-vdp-e6d5a7e11c9d?source=rss------bug_bounty-5 | Kamlesh Tukaral | vulnerability-disclosure, whatfix, vdp, bug-bounty, infosec | 04-Dec-2023 |
The Hidden Dangers Lurking in Your Active Directory Certificate Services – What You Need to Know… | https://medium.com/@paritoshblogs/the-hidden-dangers-lurking-in-your-active-directory-certificate-services-what-you-need-to-know-7c735c09e0fd?source=rss------bug_bounty-5 | Paritosh | cybersecurity, active-directory, bug-bounty, information-security, adc | 04-Dec-2023 |
Bug Hunter journal day #3 and #4 | https://medium.com/@joaomaia171820/bug-hunter-journal-day-3-and-4-37b4c653abd9?source=rss------bug_bounty-5 | Jhonny_The_Kid | bug-bounty-writeup, bug-bounty-program, bug-bounty, cybersecurity | 04-Dec-2023 |
Javascript Analysis to SQL injection | https://melguerdawi.medium.com/javascript-analysis-to-sql-injection-ca763f9c4c4e?source=rss------bug_bounty-5 | Mostafa Elguerdawi | bug-bounty, bug-bounty-tips, hackerone, sql-injection | 04-Dec-2023 |
Web Enumeration With Gobuster | https://medium.com/@ronak.d.sharma111/web-enumeration-with-gobuster-ca4ac46da90b?source=rss------bug_bounty-5 | Ronak Sharma | cybersecurity, hacking, bug-bounty | 04-Dec-2023 |
20 Days Of Hacking: Bug Bounty Challenge — Day 2 | https://wallotry.medium.com/20-days-of-hacking-bug-bounty-challenge-day-2-51b02ca865ea?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips | 03-Dec-2023 |
How I Found My First Website Vulnerability as a Web Pentester | https://medium.com/@abidmafahim7/how-i-found-my-first-website-vulnerability-as-a-web-pentester-2dee809e0eea?source=rss------bug_bounty-5 | Abidmafahim | sql-injection-attack, bug-bounty, web-vulnerabilities, xss-vulnerability | 03-Dec-2023 |
My first and simple ATO in a private program | https://medium.com/@pabs2141/my-first-and-simple-ato-in-a-private-program-212c6b17b245?source=rss------bug_bounty-5 | PanSa | bug-bounty, bug-bounty-writeup, hacking, account-takeover | 03-Dec-2023 |
My Confusion Over Local File Inclusion | https://medium.com/illuminations-mirror/my-confusion-over-local-file-inclusion-11f3d7c43b23?source=rss------bug_bounty-5 | Quintius Walker | poetry, bug-bounty, writeup, cybersecurity, poetry-on-medium | 03-Dec-2023 |
The Shocking Secrets Behind Foolproof Vulnerability Response! | https://medium.com/@paritoshblogs/the-shocking-secrets-behind-foolproof-vulnerability-response-fc6fe8b91d47?source=rss------bug_bounty-5 | Paritosh | vulnerability, cybersecurity, bug-bounty, hacking, information-security | 03-Dec-2023 |
The ONE Vulnerability Every Website Owner Fears — Learn How YOU Can Expose It! | https://medium.com/@paritoshblogs/the-one-vulnerability-every-website-owner-fears-learn-how-you-can-expose-it-71fef31b0ece?source=rss------bug_bounty-5 | Paritosh | programming, bug-bounty, hacking, information-security, cybersecurity | 03-Dec-2023 |
My First Valid Bug!!! | https://medium.com/@sushilgill08/my-first-valid-bug-444f26e1f8be?source=rss------bug_bounty-5 | Sushil Choudhary | cybersecurity, bug-bounty-writeup, bugbounty-tips, bug-hunting, bug-bounty | 03-Dec-2023 |
Everything I know on Recon | https://medium.com/@joshdesharnais1/everything-i-know-on-recon-689f6a535757?source=rss------bug_bounty-5 | Joshua Desharnais | recon, tools-and-resources, tools, bug-bounty, bug-bounty-tips | 03-Dec-2023 |
Streamable Finance Bug Bounty Campaign is live! | https://streamablefinance.medium.com/streamable-finance-bug-bounty-campaign-is-live-2ced6e4c68d5?source=rss------bug_bounty-5 | Streamable Finance | bug-bounty, product-launch | 03-Dec-2023 |
Business Logic Vulnerability: Payment bypass | https://vrushabhd.medium.com/business-logic-vulnerability-payment-bypass-9335bdbdbdf6?source=rss------bug_bounty-5 | Mr. Vrushabh | pentesting, bug-bounty, vulnerability, bug-bounty-tips, hackerone | 03-Dec-2023 |
How I Created an Advanced Web Code Analyzer Using ChatGPT | https://infosecwriteups.com/how-i-created-an-advanced-web-code-analyzer-using-chatgpt-6b32a7d42f88?source=rss------bug_bounty-5 | Jarred Longoria | cybersecurity, chatgpt, infosec, bug-bounty | 03-Dec-2023 |
Azure Log Analysis: Real-Life Incidents and Practical Tips to Safeguard | https://medium.com/@paritoshblogs/azure-log-analysis-real-life-incidents-and-practical-tips-to-safeguard-077faf28919b?source=rss------bug_bounty-5 | Paritosh | cybersecurity, incident-response, azure, bug-bounty, information-security | 03-Dec-2023 |
How to debug android native libraries using JEB decompiler? | https://medium.com/@shubhamsonani/how-to-debug-android-native-libraries-using-jeb-decompiler-eec681a22cf3?source=rss------bug_bounty-5 | Shubham Sonani | bug-bounty, hacking, android, cybersecurity, penetration-testing | 03-Dec-2023 |
How to bypass debugger detection in Android/iOS native libraries using IDA Pro? | https://medium.com/@shubhamsonani/how-to-bypass-debugger-detection-in-android-ios-native-libraries-using-ida-pro-3e289c2127d6?source=rss------bug_bounty-5 | Shubham Sonani | bug-bounty, cybersecurity, android, hacking, penetration-testing | 03-Dec-2023 |
How to debug Android/iOS native library using GDB debugger? | https://medium.com/@shubhamsonani/how-to-debug-android-ios-native-library-using-gdb-debugger-d02c0e0341eb?source=rss------bug_bounty-5 | Shubham Sonani | hacking, penetration-testing, cybersecurity, technology, bug-bounty | 03-Dec-2023 |
20 Days Of Hacking: Bug Bounty Challenge — Day 1 | https://wallotry.medium.com/20-days-of-hacking-bug-bounty-challenge-day-1-38a1735644ab?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 02-Dec-2023 |
Vulnerability Discovery in SRC — Concurrency | https://medium.com/@rynnnn617/vulnerability-discovery-in-src-concurrency-baa9ffdfa9d9?source=rss------bug_bounty-5 | Ry4nnnn | concurrency, bug-bounty-tips, bug-bounty | 02-Dec-2023 |
Lateral Movement Techniques Through File Share Exploitation | https://medium.com/@paritoshblogs/lateral-movement-techniques-through-file-share-exploitation-a50d1ffdb8e7?source=rss------bug_bounty-5 | Paritosh | lateral-movement, hacking, information-security, cybersecurity, bug-bounty | 02-Dec-2023 |
The Rising Threat of Cookie Theft and RMM Takeover | https://medium.com/@paritoshblogs/the-rising-threat-of-cookie-theft-and-rmm-takeover-bafe0013ffc0?source=rss------bug_bounty-5 | Paritosh | realtime-monitoring, cookies, cybersecurity, hacking, bug-bounty | 02-Dec-2023 |
Bug Hunter journal day(week) #1 | https://medium.com/@joaomaia171820/bug-hunter-journal-day-week-1-699926bf1a70?source=rss------bug_bounty-5 | Jhonny_The_Kid | bug-bounty-writeup, bug-bounty-program, bug-bounty, pentest | 02-Dec-2023 |
Mastering Bug Bounty: A Comprehensive Guide to Earning Money Ethically and Safely in Cybersecurity. | https://medium.com/@thecyberxcompany/mastering-bug-bounty-a-comprehensive-guide-to-earning-money-ethically-and-safely-in-cybersecurity-46c1b44f52fd?source=rss------bug_bounty-5 | The CyberX Company | ethical-hacking, hacking, cybersecurity, bug-bounty, earn-money-online | 02-Dec-2023 |
Mastering Bug Bounty Hunting: A Comprehensive Guide to Launch Your Cybersecurity Career. | https://medium.com/@thecyberxcompany/mastering-bug-bounty-hunting-a-comprehensive-guide-to-launch-your-cybersecurity-career-5553ddcced30?source=rss------bug_bounty-5 | The CyberX Company | bug-bounty-tips, bugs, ethical-hacking, cybersecurity, bug-bounty | 02-Dec-2023 |
How MAC Spoofing works and How attackers do that!! | https://medium.com/@hackerdom_devil/how-mac-spoofing-works-and-how-attackers-do-that-57797179430f?source=rss------bug_bounty-5 | Gokuleswaran B | ethical-hacking, mac-spoofing, penetration-testing, bug-bounty, bug-bounty-tips | 02-Dec-2023 |
Top 25 Advanced Google Dorks for OSINT and Bug Bounty Hunting | https://osintteam.blog/top-25-advanced-google-dorks-for-osint-and-bug-bounty-hunting-f2d9dceed068?source=rss------bug_bounty-5 | as-squirrel | bug-bounty, osint, cybersecurity, google-dorks-list, hacking | 02-Dec-2023 |
Day 12 Bug Bounty — 60 days 60 bugs challenge (Didn’t found anything, but could be something… | https://medium.com/@avbhijitdutta99/day-12-bug-bounty-60-days-60-bugs-challenge-didnt-found-anything-but-could-be-something-ba0324d96ce7?source=rss------bug_bounty-5 | Abhijit Dutta | bug-bounty, bug-bounty-hunter, bugbountychallenge, bug-bounty-writeup | 01-Dec-2023 |
Writing High-Quality Bug Reports: Best Practices for Effective Bug Bounty Hunting | https://medium.com/@prathameshbagul/writing-high-quality-bug-reports-best-practices-for-effective-bug-bounty-hunting-74542dff9793?source=rss------bug_bounty-5 | Prath | cybersecurity, pentesting, report, bug-bounty-tips, bug-bounty | 01-Dec-2023 |
What is this httpx thing? Using it in your adventure with Bugbounty? | https://systemweakness.com/what-is-this-httpx-thing-using-it-in-your-adventure-with-bugbounty-f91f1ef31d49?source=rss------bug_bounty-5 | Vicky Aryan | recon, bug-bounty, cybersecurity, hacking, httpx | 01-Dec-2023 |
Verification Bypass via “Mass Assignment” | https://larebsec.medium.com/verification-bypass-via-mass-assignment-25707e210a42?source=rss------bug_bounty-5 | Lareb | bug-bounty, cybersecurity, bugbounty-writeup, hacking, vulnerability | 01-Dec-2023 |
How attackers use ARP Spoofing / Poisoning to takeover a complete Network!! | https://medium.com/@hackerdom_devil/how-attackers-use-arp-spoofing-poisoning-to-takeover-a-complete-network-8477cea362c4?source=rss------bug_bounty-5 | Gokuleswaran B | penetration-testing, bug-bounty, ethical-hacking, network-security, arp-spoofing | 01-Dec-2023 |
Building Kubernetes Detections: Strengthening Security with Real-world Examples | https://medium.com/@paritoshblogs/building-kubernetes-detections-strengthening-security-with-real-world-examples-8268cddd852f?source=rss------bug_bounty-5 | Paritosh | bug-bounty, cybersecurity, programming, information-security, hacking | 01-Dec-2023 |
Part 03 | What To Do After Choosing a Target? | Post Recon |Bug Bounty | https://infosecwriteups.com/part-03-what-to-do-after-choosing-a-target-post-recon-bug-bounty-1a7f431b4d79?source=rss------bug_bounty-5 | Om Arora | bug-bounty, hacking, bug-bounty-tips, methodology, infosec | 01-Dec-2023 |
Navigating the Bug Bounty Arena: Earn $605,000 Reward, Learn More | https://medium.com/coded-tech-talk/navigating-the-bug-bounty-arena-earn-605-000-reward-learn-more-e754e077a81c?source=rss------bug_bounty-5 | Coded Conversations | bug-bounty-tips, cybersecurity, security, hacking, bug-bounty | 01-Dec-2023 |
Project 2510: Bug Bounty Challenge — The End? | https://wallotry.medium.com/project-2510-bug-bounty-challenge-the-end-afb67ea2abd1?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunting, bug-bounty | 30-Nov-2023 |
Exploring the Logic of XSS Attacks and Bypassing Techniques through Browser Decoding | https://medium.com/@test_90648/considering-xss-attacks-and-bypass-logic-from-the-perspective-of-browser-decoding-logic-can-provide-b4579d3c458b?source=rss------bug_bounty-5 | JessicaSecurity | xs, bug-bounty, web, security, browsers | 30-Nov-2023 |
What is SQL injection | https://medium.com/@savanghori1203/what-is-sql-injection-a3907c6967a5?source=rss------bug_bounty-5 | Savanghori | vulnerability, bug-bounty-tips, bug-bounty, sql-injection, sql | 30-Nov-2023 |
Cross-Site Scripting (XSS) | https://medium.com/@savanghori1203/cross-site-scripting-xss-b6139b38fa2b?source=rss------bug_bounty-5 | Savanghori | bug-bounty, xss-vulnerability, bug-bounty-tips, bugs, xss-attack | 30-Nov-2023 |
The Shocking Truth Behind Indicators of Compromise (IOCs) — You Won’t Believe What We Found! | https://medium.com/@paritoshblogs/the-shocking-truth-behind-indicators-of-compromise-iocs-you-wont-believe-what-we-found-5255d54b98d9?source=rss------bug_bounty-5 | Paritosh | bug-bounty, malware-analysis, cybersecurity, ioc, information-security | 30-Nov-2023 |
Subdomain Enumeration Techniques | https://medium.com/@savanghori1203/subdomain-enumeration-00f487d6b829?source=rss------bug_bounty-5 | Savanghori | bug-bounty-tips, bug-bounty, recon, subdomains-enumeration, subdomain | 30-Nov-2023 |
Day 11 Bug Bounty — 60 days 60 bugs challenge | https://medium.com/@avbhijitdutta99/day-11-bug-bounty-60-days-60-bugs-challenge-530119a74c90?source=rss------bug_bounty-5 | Abhijit Dutta | bugbountychallenge, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 30-Nov-2023 |
Network Managed Detection and Response (NMDR): Strengthening Cybersecurity Defenses | https://medium.com/@paritoshblogs/network-managed-detection-and-response-nmdr-strengthening-cybersecurity-defenses-a8a5e989b310?source=rss------bug_bounty-5 | Paritosh | information-security, managed-detection, bug-bounty, nmdr, cybersecurity | 30-Nov-2023 |
Server-Side Request Forgery (SSRF) | https://medium.com/@savanghori1203/server-side-request-forgery-ssrf-1e9755b38c59?source=rss------bug_bounty-5 | SavanGhori | ssrf, vulnerability, bug-bounty, ssrf-bug, bug-bounty-tips | 30-Nov-2023 |
Ödeme sayfasında Business Logic | https://medium.com/@el-cezeri/%C3%B6deme-sayfas%C4%B1nda-business-logic-cba493d9f6b8?source=rss------bug_bounty-5 | Samet Yiğit | bugbounty-writeup, ödülavcılığı, bug-bounty | 30-Nov-2023 |
Remote Code Execution (RCE) | https://medium.com/@savanghori1203/remote-code-execution-rce-9f078b98316a?source=rss------bug_bounty-5 | SavanGhori | bugs, bug-bounty-tips, bug-bounty, rce, vulnerability | 30-Nov-2023 |
Insecure Direct Object Reference(IDOR) | https://medium.com/@savanghori1203/idor-insecure-direct-object-reference-88576225e265?source=rss------bug_bounty-5 | SavanGhori | vulnerability, idor, bugs, bug-bounty, bug-bounty-tips | 30-Nov-2023 |
Simple Recon Di Android Menggunakan Tools TheTimeMachine dan Dirsearch | https://alpinnnnnn13.medium.com/simple-recon-di-android-menggunakan-tools-thetimemachine-dan-dirsearch-3384aad17c15?source=rss------bug_bounty-5 | Mohammad Alfin Hidayatullah | bug-bounty, bug-bounty-tips, recon, scanning | 30-Nov-2023 |
Race Condition - A cURL Chaos | https://shahjerry33.medium.com/race-condition-a-curl-chaos-820cb289cbf1?source=rss------bug_bounty-5 | Jerry Shah (Jerry) | cybersecurity, infosec, bug-bounty, vulnerability, pentesting | 30-Nov-2023 |
Easy Bug Hunting: HTML Injection Explained Step by Step” | https://medium.com/@faizankhaliq26/easy-bug-hunting-html-injection-explained-step-by-step-011901f183d9?source=rss------bug_bounty-5 | MUHAMMAD FAIZAN KHAN | bwapp, bug-bounty, web-application-security, penetration-testing, html-injection | 30-Nov-2023 |
Top Free Resources for Ethical Hacking and Bug Bounty Beginners & Experts | https://infosecwriteups.com/top-free-resources-for-ethical-hacking-and-bug-bounty-beginners-experts-9556ef045db4?source=rss------bug_bounty-5 | Jarred Longoria | cybersecurity, ethical-hacking, bug-bounty, free-resources | 30-Nov-2023 |
1.11 Lab: Blind SQL injection with time delays and information retrieval | 2023 | https://cyberw1ng.medium.com/1-11-lab-blind-sql-injection-with-time-delays-and-information-retrieval-2023-e8123405e87d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, penetration-testing, hacking, bug-bounty | 30-Nov-2023 |
Easy Bug Hunting: HTML Injection Explained Step by Step | https://medium.com/@faizankhaliq26/easy-bug-hunting-html-injection-explained-step-by-step-011901f183d9?source=rss------bug_bounty-5 | MUHAMMAD FAIZAN KHAN | bwapp, bug-bounty, web-application-security, penetration-testing, html-injection | 30-Nov-2023 |
Rise of Broken Access Control | https://medium.com/@rafinrahmanchy/rise-of-broken-access-control-51356916235f?source=rss------bug_bounty-5 | Rafin Rahman Chy | bug-bounty, appsec, application-security, infosec, web-security | 30-Nov-2023 |
Easy Bug Hunting: HTML Injection Explained Step by Step | https://medium.com/@faizankhaliq26/easy-bug-hunting-html-injection-explained-step-by-step-011901f183d9?source=rss------bug_bounty-5 | bwapp, bug-bounty, web-application-security, penetration-testing, html-injection | 30-Nov-2023 | |
Day 10 Bug Bounty — 60 days 60bugs challenge — New Start! | https://medium.com/@avbhijitdutta99/day-10-bug-bounty-60-days-60bugs-challenge-new-start-832988aeb569?source=rss------bug_bounty-5 | Abhijit Dutta | bug-bounty, bug-bounty-tips, bugbountychallenge, bug-bounty-writeup | 29-Nov-2023 |
Windows Login Bypass | https://infosecwriteups.com/windows-login-bypass-eab148bc9dd5?source=rss------bug_bounty-5 | c0d3x27 | software-development, bug-bounty, cybersecurity, windows, hacking | 29-Nov-2023 |
Cybersecurity Risk of Opening Up to the Internet | https://medium.com/@paritoshblogs/cybersecurity-risk-of-opening-up-to-the-internet-c624c9a018ba?source=rss------bug_bounty-5 | Paritosh | cybersecurity, bug-bounty, programming, hacking, internet-of-things | 29-Nov-2023 |
OSINT: How to find information on anyone | https://medium.com/@sakthi172000/osint-how-to-find-information-on-anyone-14514216cec1?source=rss------bug_bounty-5 | SAKTHIVEL P | bug-bounty, infosec, cybersecurity, osint, osint-tool | 29-Nov-2023 |
Mastering API Penetration Testing: A Comprehensive Guide for Security Pentesters | https://infosecwriteups.com/mastering-api-penetration-testing-a-comprehensive-guide-for-security-pentesters-bf62f65b5b21?source=rss------bug_bounty-5 | Suprajabaskaran | ethical-hacking, bug-bounty, pentesting, cybersecurity, api | 29-Nov-2023 |
Useful tools for bug hunter | https://medium.com/@cyberhansu/useful-tools-for-bug-hunter-f493866fa1bc?source=rss------bug_bounty-5 | cyberhansu | hunter-s-thompson, bug-hunting, bug-bounty, hacker, bug-hunter | 29-Nov-2023 |
How to make money legally as a Hacker | https://medium.com/@cyberhansu/how-to-make-money-legally-as-a-hacker-c27037b143a9?source=rss------bug_bounty-5 | cyberhansu | bug-bounty, make-money, web-application-security, mobileapplicationsecurity | 29-Nov-2023 |
PII Disclosure Worth $750 | https://vijetareigns.medium.com/pii-disclosure-worth-750-758b72e7e8ca?source=rss------bug_bounty-5 | the_unlucky_guy | bug-bounty-tips, bugbounty-writeup, bug-bounty, bug-bounty-writeup, cybersecurity | 29-Nov-2023 |
R.xyz: Web3 Bug Bounty Platform | https://medium.com/coinmonks/r-xyz-web3-bug-bounty-platform-95d48c911989?source=rss------bug_bounty-5 | Officer's Notes | smart-contract-security, bug-bounty-tips, bug-bounty, hacking, web3 | 29-Nov-2023 |
CRLF to XSS | https://medium.com/@a7med.ctf/crlf-to-xss-8059ceefd349?source=rss------bug_bounty-5 | Ahmed Mahmoued | snapchat, bug-bounty-tips, hacker, bug-bounty | 29-Nov-2023 |
Aztec Multiple-Spend Error Bugfix Review | https://medium.com/immunefi/aztec-multiple-spend-error-bugfix-review-20074581d224?source=rss------bug_bounty-5 | Immunefi Editor | cryptocurrency, security, bug-bounty, web3, multiple-spend-error | 29-Nov-2023 |
1.10 Lab: Blind SQL injection with time delays | 2023 | https://cyberw1ng.medium.com/1-10-lab-blind-sql-injection-with-time-delays-2023-a95a3b8557ec?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, hacking, cybersecurity, careers | 29-Nov-2023 |
IWCON 2023 CTF Registrations Now Open | https://infosecwriteups.com/iwcon-2023-ctf-registrations-now-open-46c2611714f0?source=rss------bug_bounty-5 | InfoSec Write-ups | ctf, conference, infosec, hacking, bug-bounty | 29-Nov-2023 |
Top 25 Advanced Google Dorks for Uncovering Sensitive Documents | https://osintteam.blog/top-25-advanced-google-dorks-for-uncovering-sensitive-documents-a9705e05353d?source=rss------bug_bounty-5 | as-squirrel | osint, cybersecurity, hacking, google-dork, bug-bounty | 29-Nov-2023 |
Fat GET Authorization Bypass | https://medium.com/techiepedia/fat-get-authorization-bypass-521a1ca37b6e?source=rss------bug_bounty-5 | Jess | programming, hackerone, security, bug-bounty, bug-bounty-tips | 29-Nov-2023 |
HackTheBox — Web Attacks: Error Based XXE to exfiltrate data | https://medium.com/@harry.hphu/hackthebox-web-attacks-error-based-xxe-to-exfiltrate-data-3f577eef18c7?source=rss------bug_bounty-5 | Huy Phu | owasp-top-10, web-security, hackthebox, xxe-attack, bug-bounty | 28-Nov-2023 |
HackTheBox — Web Attacks: XXE with Blind Exfiltration Data | https://medium.com/@harry.hphu/hackthebox-web-attacks-xxe-with-blind-exfiltration-data-123d4be1245e?source=rss------bug_bounty-5 | Huy Phu | bug-bounty, owasp-top-10, web-security, xxe-attack, hackthebox | 28-Nov-2023 |
Catching C2s with Regex Signatures, TLS Certificates, and OSINT | https://medium.com/@paritoshblogs/catching-c2s-with-regex-signatures-tls-certificates-and-osint-8871d9a46602?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-security, cybersecurity, command-and-control, hacking | 28-Nov-2023 |
Apple security research. | https://medium.com/@abhay2432455/apple-security-research-8780372757be?source=rss------bug_bounty-5 | Abhay Kailasia | google, apple, cybersecurity, bug-bounty, bug-bounty-writeup | 28-Nov-2023 |
XSS - Weaponization ATO | https://p4n7h3rx.medium.com/xss-weaponization-ato-1de0ee30526b?source=rss------bug_bounty-5 | p4n7h3rx | penetration-testing, cybersecurity, infosec, bug-bounty-tips, bug-bounty | 28-Nov-2023 |
1.9 Lab: Visible error-based SQL injection | 2023 | https://cyberw1ng.medium.com/1-9-lab-visible-error-based-sql-injection-2023-771157e90ad8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, bug-bounty, careers, penetration-testing | 28-Nov-2023 |
VulnLab — SQLi Injection series — Bypass Login | https://medium.com/@deandradarra05/vulnlab-sqli-injection-series-bypass-login-0d6af43a395d?source=rss------bug_bounty-5 | Deandradarra | penetration-testing, cybersecurity, bug-bounty, sqli | 28-Nov-2023 |
The Bug Hunter’s Methodology Live Course Review | https://medium.com/@cybersekler/the-bug-hunters-methodology-live-course-review-4261a7a9121e?source=rss------bug_bounty-5 | Cyber Sekler | hacking, red-team, reconnaissance, bug-bounty, application-security | 28-Nov-2023 |
Hall of Fame at NASA | https://medium.com/@bijoy.redteamacademy/hall-of-fame-at-nasa-91539af7826c?source=rss------bug_bounty-5 | BIJOY B | google-ads, hacker-news, google, nasa, bug-bounty | 28-Nov-2023 |
Understanding and Mitigating Insecure Direct Object References (IDOR) Vulnerabilities | https://medium.com/@harry.hphu/understanding-and-mitigating-insecure-direct-object-references-idor-vulnerabilities-b27047015e15?source=rss------bug_bounty-5 | Huy Phu | idor-vulnerability, bug-bounty, web-security, owasp-top-10, hackthebox | 27-Nov-2023 |
Burpsuite Custom Scan Profiles | https://mrrootsec.medium.com/burpsuite-custom-scan-profiles-12a9df9e36bd?source=rss------bug_bounty-5 | mrrootsec | owasp-top-10, bug-bounty, application-security-test | 27-Nov-2023 |
Understanding XML External Entity (XXE) Vulnerabilities | https://medium.com/@harry.hphu/understanding-xml-external-entity-xxe-vulnerabilities-e8b64c2c2b3c?source=rss------bug_bounty-5 | Huy Phu | bug-bounty, owasp-top-10, xml-injection, hackthebox, web-security | 27-Nov-2023 |
Confounding Adversaries Through the Art of Illusion | https://medium.com/@paritoshblogs/confounding-adversaries-through-the-art-of-illusion-5cc56090d93a?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-technology, information-security, cybersecurity, hacking | 27-Nov-2023 |
Unveiling Critical Bug Using Directory Search — Bug Bounty Tip! | https://medium.com/@learningstuff110/unveiling-critical-bug-using-directory-search-bug-bounty-tip-330d4d9900ee?source=rss------bug_bounty-5 | Fahad Hasan | web-app-development, vulnerability, bug-bounty, cybersecurity, penetration-testing | 27-Nov-2023 |
Confounding Adversaries Through the Art of Illusion | https://osintteam.blog/confounding-adversaries-through-the-art-of-illusion-5cc56090d93a?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-technology, information-security, cybersecurity, hacking | 27-Nov-2023 |
Ruby One — Bug Bounty Program & Claim Your $RUBY | https://rubyprotocol.medium.com/ruby-one-bug-bounty-program-claim-your-ruby-848c81c4b164?source=rss------bug_bounty-5 | Ruby Protocol | blockchain, cryptocurrency, bug-bounty, crypto, ethereum | 27-Nov-2023 |
HTTP/2 Request Smuggling | https://medium.com/@kerstanhgnhzhw/http-2-request-smuggling-eb56cfd84a37?source=rss------bug_bounty-5 | kerstan | web-security, bug-bounty, security, request-smuggling, pentesting | 27-Nov-2023 |
Kaynak kodu ile XSS’i nasıl buldum ? | https://medium.com/@el-cezeri/kaynak-kodu-ile-xssi-nas%C4%B1l-buldum-9cf2632f4717?source=rss------bug_bounty-5 | Samet Yiğit | xss-attack, bug-bounty-tips, ödülavcılığı, bug-bounty | 27-Nov-2023 |
Website Scanner… | https://medium.com/@psychomong/website-scanner-4856d77bc600?source=rss------bug_bounty-5 | psychomong | hacking, gui, scanner, bug-bounty, web | 27-Nov-2023 |
@pdiscoveryio’s Katana for Bug Bounty. | https://medium.com/@BrownBearSec/pdiscoveryios-katana-for-bug-bounty-1aee11cfae14?source=rss------bug_bounty-5 | BrownBearSec | bug-bounty, cybersecurity, bug-bounty-tips, red-team, infosec | 27-Nov-2023 |
1.8 Lab: Blind SQL injection with conditional errors | 2023 | https://cyberw1ng.medium.com/1-8-lab-blind-sql-injection-with-conditional-errors-2023-da84a7836bcd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, hacking, careers, cybersecurity, bug-bounty | 27-Nov-2023 |
My bug bounty journey: #1 Linux | https://medium.com/@VDMoscar/my-bug-bounty-journey-1-linux-176d3b4f4065?source=rss------bug_bounty-5 | Oscar Vandermeulen | bug-bounty, hacking | 27-Nov-2023 |
Code4rena Audit | https://medium.com/@panoptic_xyz/code4rena-audit-96902468eece?source=rss------bug_bounty-5 | Panoptic | panoptic, audit, bug-bounty, perpetual-options | 27-Nov-2023 |
“Navigating Risks: Vulnerability Stemming from a Third-Party Integration” | https://shubhdeepp.medium.com/navigating-risks-vulnerability-stemming-from-a-third-party-integration-c877d15977d8?source=rss------bug_bounty-5 | shubhdeep | vulnerability-assessment, vulnerability, cybersecurity, bug-bounty, supply-chain-management | 27-Nov-2023 |
HackTheBox — Web Attacks: From XXE Injection to Advanced Local File Disclosure | https://medium.com/@harry.hphu/hackthebox-web-attacks-from-xxe-injection-to-advanced-local-file-disclosure-64d1bf5acdca?source=rss------bug_bounty-5 | Huy Phu | web-security, owasp-top-10, bug-bounty, xxe-attack, hackthebox | 27-Nov-2023 |
HackTheBox — Web Attacks: Mass IDOR enumeration | https://medium.com/@harry.hphu/hackthebox-web-attacks-mass-idor-enumeration-dc12da1f6333?source=rss------bug_bounty-5 | Huy Phu | hackthebox, owasp-top-10, bug-bounty, web-attack, mass-idor-enumeration | 26-Nov-2023 |
Bug Zero at a Glance [01–18 November] | https://blog.bugzero.io/bug-zero-at-a-glance-01-18-november-1cfce20b881c?source=rss------bug_bounty-5 | Januka Dharmapriya | bug-zero, cybersecurity, bug-bounty, sri-lanka, newsletter | 26-Nov-2023 |
HackTheBox — Web Attacks — IDOR: Bypassing Encoded References | https://medium.com/@harry.hphu/hackthebox-web-attacks-idor-bypassing-encoded-references-4e28008120fc?source=rss------bug_bounty-5 | Huy Phu | idor-vulnerability, web-security, bug-bounty, hackthebox-writeup, owasp-top-10 | 26-Nov-2023 |
Waybackurls leads to pwned Admin Panel | https://medium.com/@cybersolution2172/waybackurls-leads-to-pwned-admin-panel-ac3f728b87ac?source=rss------bug_bounty-5 | Satyam Singh | infosec, bug-bounty, bug-bounty-tips, hacking, vulnerability | 26-Nov-2023 |
A Thrilling Expedition into AWS Security | https://medium.com/@paritoshblogs/a-thrilling-expedition-into-aws-security-bbce85cd1eed?source=rss------bug_bounty-5 | Paritosh | aws-security, aws, bug-bounty, information-security, cybersecurity | 26-Nov-2023 |
Story of Http password reset link for $$$ | https://devanshchauhan4565.medium.com/story-of-http-password-reset-link-for-15b583519e03?source=rss------bug_bounty-5 | Devansh chauhan | writing-tips, bug-bounty, bug-bounty-tips | 26-Nov-2023 |
HackTheBox — Web Attacks: IDOR in Insecure APIs Write up | https://medium.com/@harry.hphu/hackthebox-web-attacks-idor-in-insecure-apis-write-up-7adcf4e68968?source=rss------bug_bounty-5 | Huy Phu | hackthebox, owasp-top-10, idor-vulnerability, bug-bounty, api-security | 26-Nov-2023 |
CSRF Bug Hunting Methodology: Intermediate | https://medium.com/@drthkol478/csrf-bug-hunting-methodology-intermediate-4d0df3b63b59?source=rss------bug_bounty-5 | Mikołaj Prus ( nullorx ) | network, web-app-security, bug-bounty, csrf, application-security | 26-Nov-2023 |
Explorando redes com ESP32 WIFI. | https://higordiego.medium.com/explorando-redes-com-esp32-wifi-5b15d48d0880?source=rss------bug_bounty-5 | Higor Diego | bug-bounty, pentesting, wifi, tutorial, iot | 26-Nov-2023 |
1.7 Lab: Blind SQL injection with conditional responses | 2023 | https://cyberw1ng.medium.com/1-7-lab-blind-sql-injection-with-conditional-responses-2023-db2102f1ce44?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, careers, bug-bounty, hacking, cybersecurity | 26-Nov-2023 |
Exploring Networks with ESP32 WIFI. | https://higordiego.medium.com/exploring-networks-with-esp32-wifi-778a8d42b7f1?source=rss------bug_bounty-5 | Higor Diego | network-security, pentesting, iot-security, osint, bug-bounty | 26-Nov-2023 |
Mastering the Art of Bug Bounty Reconnaissance | https://medium.com/@faizankhaliq26/mastering-the-art-of-bug-bounty-reconnaissance-5e1ec42fc405?source=rss------bug_bounty-5 | MUHAMMAD FAIZAN KHAN | web-application-testing, recon, information-gathering, web-application-security, bug-bounty | 26-Nov-2023 |
Writeup Bugcrowd — Private program — QR codes | https://medium.com/@embossdotar/writeup-bugcrowd-private-program-qr-codes-fa338161175a?source=rss------bug_bounty-5 | embossdotar | bugcrowd, writeup, bug-bounty, it-security, cybersecurity | 26-Nov-2023 |
How I Made $$$ Using Open-Redirect | https://medium.com/@rahulnakum/how-i-made-using-open-redirect-799f9ab14bda?source=rss------bug_bounty-5 | Rahul Nakum | bug-bounty | 25-Nov-2023 |
What Happens When Hackers Gain Local Account Access !! | https://medium.com/@paritoshblogs/what-happens-when-hackers-gain-local-account-access-64fc39ed25f5?source=rss------bug_bounty-5 | Paritosh | pentesting, bug-bounty, programming, cybersecurity, hacking | 25-Nov-2023 |
First massive bug: Noise’s AWS Bucket Misconfiguration | https://anshjain-napster.medium.com/first-massive-bug-noises-aws-bucket-misconfiguration-802821ed98b6?source=rss------bug_bounty-5 | Napster_Ansh | vulnerability, bug-bounty, aws-s3, cybersecurity, security | 25-Nov-2023 |
how to install waybackurls on parrot OS in 3 simple steps | https://medium.com/@diy_tech_genuis/how-to-install-waybackurls-on-parrot-os-in-3-simple-steps-fb4746302647?source=rss------bug_bounty-5 | diy_tech_genuis | hacking, diytechgenius, waybackurls, bug-bounty, parrotos | 25-Nov-2023 |
1.6 Lab: SQL injection UNION attack, retrieving multiple values in a single column | 2023 | https://cyberw1ng.medium.com/1-6-lab-sql-injection-union-attack-retrieving-multiple-values-in-a-single-column-2023-6fb957198939?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, cybersecurity, bug-bounty, hacking | 25-Nov-2023 |
Detecting and Confirming Exfiltration Activity Through Endpoint Detection and Response (EDR) | https://medium.com/@paritoshblogs/detecting-and-confirming-exfiltration-activity-through-endpoint-detection-and-response-edr-6ff4c89e9847?source=rss------bug_bounty-5 | Paritosh | hacking, cybersecurity, bug-bounty, information-security, edr | 25-Nov-2023 |
5 thing most new bug bounty hunters do wrong | https://medium.com/@diy_tech_genuis/5-thing-most-new-bug-bounty-hunters-do-wrong-321cb152363c?source=rss------bug_bounty-5 | diy_tech_genuis | diytechgenius, hacking, help, tips, bug-bounty | 25-Nov-2023 |
$20,000 Paid For A Bug That No One Has Ever Expected | https://siddardajagabathina.medium.com/20-000-paid-for-a-bug-that-no-one-has-ever-expected-5a4778620999?source=rss------bug_bounty-5 | SIDDARDA GOWTHAM JAGABATHINA | hackerone, bug-bounty, bugs, cybersecurity, cybersecurity-awareness | 25-Nov-2023 |
Critical misconfiguration in Firebase-Bug bounty | https://medium.com/@facu.tha/critical-misconfiguration-in-firebase-e682ec4239d6?source=rss------bug_bounty-5 | Facundo Fernandez | hacking, bug-bounty, penetration-testing, cybersecurity, bug-bounty-tips | 25-Nov-2023 |
Introduction to Cybersecurity for Beginners: Understanding the Digital Security World | https://medium.com/@fiqrifirdaus/introduction-to-cybersecurity-for-beginners-understanding-the-digital-security-world-f136896cda85?source=rss------bug_bounty-5 | Aditya Fiqri Firdaus | bug-bounty, cyber, cybersecurity, malware | 25-Nov-2023 |
How i get my first Logic Bug and how to find them | https://medium.com/@zomasec/how-i-get-my-first-logic-bug-and-how-to-find-them-dd5fdf6478ee?source=rss------bug_bounty-5 | Hazem El-Sayed | cybersecurity, web-security, bug-bounty-tips, bug-bounty, bugs | 25-Nov-2023 |
How to Find First Bug (For Beginners) | https://medium.com/@rajput623929/how-to-find-first-bug-for-beginners-f594230f9e36?source=rss------bug_bounty-5 | Mr.Horbio | cybersecurity, penetration-testing, bug-bounty, hacking, tricks | 24-Nov-2023 |
Bash Scripting Logic Section Part 01 | https://medium.com/@Rat_Attack72/bash-scripting-logic-section-part-01-a7424f4dd6c2?source=rss------bug_bounty-5 | Rat_Attack72 | cybersecurity, bash, shell-script, bug-bounty, automation | 24-Nov-2023 |
1.5 Lab: SQL injection UNION attack, retrieving data from other tables | 2023 | https://cyberw1ng.medium.com/1-5-lab-sql-injection-union-attack-retrieving-data-from-other-tables-2023-3e13076915fa?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, hacking, careers, cybersecurity | 24-Nov-2023 |
Breaking the HTTPS Barrier: A Hacker’s Guide to Sneaky Link Exploits! | https://medium.com/@mohammedthoufeeq_25137/breaking-the-https-barrier-a-hackers-guide-to-sneaky-link-exploits-622b07710a1c?source=rss------bug_bounty-5 | Mohamed Thoufeeq | cybersecurity, hackthebox, bug-bounty, hacking, programming | 24-Nov-2023 |
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 5 | https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-5-c1343b0f0ef9?source=rss------bug_bounty-5 | Hacker's Dump | hacking, bug-bounty, android, pentesting, penetration-testing | 24-Nov-2023 |
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 4 | https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-4-9bba2880b8cb?source=rss------bug_bounty-5 | Hacker's Dump | bug-bounty, android, hacking, penetration-testing, hacker | 24-Nov-2023 |
Bug Hunter GPT: A Game-Changer in Cybersecurity | https://medium.com/@multiplatform.ai/bug-hunter-gpt-a-game-changer-in-cybersecurity-b25ccbab2f93?source=rss------bug_bounty-5 | Multiplatform.AI | bug-bounty, ai, bughuntergpt, ai-assistant, artificial-intelligence | 24-Nov-2023 |
Cybersecurity Challenges with TryHackMe: A Hands-On Approach | https://medium.com/@paritoshblogs/cybersecurity-challenges-with-tryhackme-a-hands-on-approach-e62f76a50446?source=rss------bug_bounty-5 | Paritosh | tryhackme, programming, hacking, bug-bounty, cybersecurity | 23-Nov-2023 |
Project 2510: Bug Bounty Challenge — Day 17/25 | https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-17-25-f1337a6f4e66?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-hunting | 23-Nov-2023 |
Yet Another Rate Limit. | https://allenlopes23.medium.com/yet-another-rate-limit-71257e7b33a2?source=rss------bug_bounty-5 | Allen Lopes | vulnerability, rate-limiting, bug-bounty | 23-Nov-2023 |
1.4 Lab: SQL injection UNION attack, finding a column containing text | 2023 | https://cyberw1ng.medium.com/1-4-lab-sql-injection-union-attack-finding-a-column-containing-text-2023-94f3ee243db8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, hacking, cybersecurity, careers | 23-Nov-2023 |
bWAPP iFrame Injection | https://medium.com/@yusufbaris/bwapp-iframe-injection-22bee548c30a?source=rss------bug_bounty-5 | Yusuf Barış | cybersecurity, penetration-testing, bug-bounty, web-security, hacking | 23-Nov-2023 |
Project 2510: Bug Bounty Challenge — Day 18/25 | https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-18-25-924740430094?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunting, bug-bounty-hunter, bug-bounty-tips, bug-bounty | 23-Nov-2023 |
Powershell/JS Payloads: A Closer Look at Malicious Code Delivery | https://medium.com/@paritoshblogs/powershell-js-payloads-a-closer-look-at-malicious-code-delivery-818b0ee743a3?source=rss------bug_bounty-5 | Paritosh | programming, hacking, bug-bounty, information-security, cybersecurity | 22-Nov-2023 |
7 Sneaky Hacks Cybercriminals Use to Outsmart Your Antivirus! | https://medium.com/@paritoshblogs/7-sneaky-hacks-cybercriminals-use-to-outsmart-your-antivirus-66953a606a53?source=rss------bug_bounty-5 | Paritosh | antivirus, cybersecurity, hacking, bug-bounty, darkweb | 22-Nov-2023 |
Apple webserver vulnerable for HTTP request Sumggling attack | https://medium.com/@abdulriyaz1200/apple-webserver-vulnerable-for-http-request-sumggling-attack-cabe1d53dab1?source=rss------bug_bounty-5 | Abdulriyaz | bug-bounty-tips, bug-bounty, bug-bounty-writeup, apple, hall-of-fame | 22-Nov-2023 |
200$ bounty for CRLF injection Attack | https://medium.com/@abdulriyaz1200/200-bounty-for-crlf-injection-attack-39c482bad796?source=rss------bug_bounty-5 | Abdulriyaz | bug-bounty, bug-bounty-tips, hall-of-fame, bugbounty-writeup | 22-Nov-2023 |
Mass Hunting XSS vulnerabilities | https://ott3rly.medium.com/mass-hunting-xss-vulnerabilities-5b53363dd3db?source=rss------bug_bounty-5 | Ott3rly | bug-bounty-tips, bug-bounty, cross-site-scripting, bug-bounty-hunter, xss-vulnerability | 22-Nov-2023 |
Google dorking is one of the best method | Hall of fame from XXX.gov | https://medium.com/@abdulriyaz1200/google-dorking-is-one-of-the-best-method-hall-of-fame-from-xxx-gov-8db6aa3c69f3?source=rss------bug_bounty-5 | Abdulriyaz | bug-bounty, government, bug-bounty-tips | 22-Nov-2023 |
1.3 Lab: SQL injection UNION attack, determining the number of columns returned by the query | 2023 | https://cyberw1ng.medium.com/1-3-lab-sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-2023-441930bf38b7?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, hacking, careers, cybersecurity | 22-Nov-2023 |
Exploiting Exposed .git File to Access Webmail Credentials | https://medium.com/@tanyago/exploiting-exposed-git-file-to-access-webmail-credentials-4b47a3afff38?source=rss------bug_bounty-5 | Tanya Goyal | bug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-hunting | 22-Nov-2023 |
Mass Hunting XSS vulnerabilities | https://infosecwriteups.com/mass-hunting-xss-vulnerabilities-5b53363dd3db?source=rss------bug_bounty-5 | Ott3rly | bug-bounty-tips, bug-bounty, cross-site-scripting, bug-bounty-hunter, xss-vulnerability | 22-Nov-2023 |
Hoping for a Bug Bounty This Year at AWS re:Invent :^) | https://medium.com/cloud-security/hoping-for-a-bug-bounty-this-year-at-aws-re-invent-5c8a76d09514?source=rss------bug_bounty-5 | Teri Radichel | awswishlist, cloud, aws, bug-bounty, security | 22-Nov-2023 |
Bug Hunter jornal Day #0 | https://medium.com/@joaomaia171820/bug-hunter-jornal-day-0-7a451f0292aa?source=rss------bug_bounty-5 | Jhonny_The_Kid | cybersecurity, bug-bounty-writeup, bug-bounty-program, bug-bounty, hacking | 22-Nov-2023 |
SAML authentication bypass leads to account takeover | https://medium.com/@Xt3sY/saml-authentication-bypass-leads-to-account-takeover-f9aaa37a34fe?source=rss------bug_bounty-5 | Pushkar Bhagat | bugs, bug-bounty, hacking, hackerone | 22-Nov-2023 |
How to earn $DCT on DecentraCredit Testnet V1 on Arbitrum | https://decentracredit.medium.com/how-to-earn-dct-on-decentracredit-testnet-v1-on-arbitrum-915d9995c2e4?source=rss------bug_bounty-5 | Decentra Credit | arbitrum, testnet-airdrop, bug-bounty, ethereum, airdrop | 22-Nov-2023 |
Semi-Automating IDORs: A Practical Approach to Working Smarter, Not Harder | https://mux0xx.medium.com/semi-automating-idors-a-practical-approach-to-working-smarter-not-harder-5b7f1f47b55a?source=rss------bug_bounty-5 | Muhammed K. Sayed | bug-bounty, cybersecurity, hacker, idor, hacking | 22-Nov-2023 |
Embracing the Future: Bug Bounty Hunting as a Lucrative Full-Time Career | https://infosecwriteups.com/embracing-the-future-bug-bounty-hunting-as-a-lucrative-full-time-career-3e4b147923f7?source=rss------bug_bounty-5 | Security Lit Limited | penetration-testing, vulnerability, bug-bounty-tips, bug-bounty, cybersecurity | 22-Nov-2023 |
How i hacked a router (embedded system) | https://medium.com/@Threat_Intelligence/how-i-hacked-a-router-embedded-system-9a5b8139e83e?source=rss------bug_bounty-5 | 127.0.0.1 is safe.⚠️ | cybersecurity, tecnologia, hacking, bug-bounty, red-team | 22-Nov-2023 |
My First IDOR - Hiding in the Header Request | https://medium.com/@hbenja47/my-first-idor-hiding-in-the-header-request-8a03dddc23b5?source=rss------bug_bounty-5 | Benja (bronxi) | hacker, bug-bounty, idor, hacking | 21-Nov-2023 |
Chaining CORS by Reflected XSS to Steal Sensitive Data | https://infosecwriteups.com/chaining-cors-by-reflected-xss-to-steal-sensitive-data-c456e133c10d?source=rss------bug_bounty-5 | Mohammad reza Omrani | cybersecurity, infosec, steal-sensitive-data, cors-misconfiguration, bug-bounty | 21-Nov-2023 |
What is Next-Generation Antivirus (NGAV) ? | https://medium.com/@paritoshblogs/what-is-next-generation-antivirus-ngav-f05267dd2613?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-security, cybersecurity, hacking, antivirus | 21-Nov-2023 |
Top Recon Tools for Bug Bounty Hunters | https://securitycipher.medium.com/top-recon-tools-for-bug-bounty-hunters-fa655b8caf2e?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | bug-bounty, bug-bounty-tips, programming, cybersecurity, technology | 21-Nov-2023 |
Epic Bug Hunting Failures-2 | https://infosecwriteups.com/epic-bug-hunting-failures-2-fafb2af9b844?source=rss------bug_bounty-5 | Varshini Ramesh | development, hackerone, bug-bounty, cybersecurity, info-sec-writeups | 21-Nov-2023 |
The Crossroads of Code Crafting: A Personal Journey Between Rewriting and Quick Fixes | https://blursdaywtf.medium.com/the-crossroads-of-code-crafting-a-personal-journey-between-rewriting-and-quick-fixes-8ab18e5a9a60?source=rss------bug_bounty-5 | Blursday | coding, tech, bug-bounty, founders, apps | 21-Nov-2023 |
How I Gain $2,000-$3,000 a Month From Bug Bounties With No Code Experience | https://medium.com/@13032765d/how-i-gain-2-000-3-000-a-month-from-bug-bounties-with-no-code-experience-df2e89348fbb?source=rss------bug_bounty-5 | DataPsyLife | money, hacking, side-hustle, bug-bounty, freelancing | 21-Nov-2023 |
Cybersecurity Tools | https://bineshmadharapu.medium.com/cybersecurity-tools-02e85cb3c4ed?source=rss------bug_bounty-5 | Binesh Madharapu | cybersecurity, bug-bounty, network-security, nmap, ethical-hacking | 21-Nov-2023 |
CVE-2023–47837: ARMember ≤= 4.0.10 — Bypass Membership Plan | https://revan-ar.medium.com/cve-2023-47837-armember-4-0-10-bypass-membership-plan-4bc1e63f044c?source=rss------bug_bounty-5 | Revan A | bug-bounty, wordpress, cve, bypass, privilege-escalation | 21-Nov-2023 |
SQL Injection UNION Attacks in Web App Pentesting | 2023 | https://cyberw1ng.medium.com/sql-injection-union-attacks-in-web-app-pentesting-2023-fbd072299b77?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, hacking, careers, bug-bounty, cybersecurity | 21-Nov-2023 |
How to find sensitive information in an organization | (Como encontrar información sensible en una… | https://medium.com/@l0calh0st/how-to-find-sensitive-information-in-an-organization-como-encontrar-informaci%C3%B3n-sensible-en-una-cb08c5128ab5?source=rss------bug_bounty-5 | 127.0.0.1 is safe.⚠️ | tech, hacking, red-team, bug-bounty, cybersecurity | 21-Nov-2023 |
How I hacked Google’s bug tracking system itself for $15,600 in bounties | https://jamilahmad-dev.medium.com/how-i-hacked-googles-bug-tracking-system-itself-for-15-600-in-bounties-0e9e36b772b9?source=rss------bug_bounty-5 | Jamil Ur Rehman | startup, bug-bounty, security, google, technology | 21-Nov-2023 |
CRITICAL BUG Alert: How I HACKED into a company’s DATABASE | https://jamilahmad-dev.medium.com/critical-bug-alert-how-i-hacked-into-a-companys-database-fc61179f5d5d?source=rss------bug_bounty-5 | Jamil Ur Rehman | hacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty, ethical-hacking | 21-Nov-2023 |
Project 2510: Bug Bounty Challenge — Day 16/25 | https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-16-25-f881c177b749?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunting, bug-bounty-tips, bug-bounty, bug-bounty-hunter | 21-Nov-2023 |
Detecting and Understanding Cookies in Web Development | https://medium.com/@nirvana.elahi/detecting-and-understanding-cookies-in-web-development-a520b279988b?source=rss------bug_bounty-5 | Nirvana El | owasp-top-10, cybersecurity, bug-bounty, penetration-testing | 21-Nov-2023 |
How to find sensitive information in an organization . | https://medium.com/@Threat_Intelligence/how-to-find-sensitive-information-in-an-organization-como-encontrar-informaci%C3%B3n-sensible-en-una-cb08c5128ab5?source=rss------bug_bounty-5 | 127.0.0.1 is safe.⚠️ | tech, hacking, red-team, bug-bounty, cybersecurity | 21-Nov-2023 |
Step-by-Step guide to writing a Metasploit Script | https://higordiego.medium.com/step-by-step-guide-to-writing-a-metasploit-script-6bacb96363e5?source=rss------bug_bounty-5 | Higor Diego | vulnerability, exploit, bug-bounty, security, osint | 21-Nov-2023 |
Legal and Ethical Dimensions in Malware Analysis (Cybersecurity) | https://medium.com/@paritoshblogs/legal-and-ethical-dimensions-in-malware-analysis-cybersecurity-86accca12049?source=rss------bug_bounty-5 | Paritosh | cybersecurity, bug-bounty, legal, programming, hacking | 20-Nov-2023 |
Improper Input Sanitization Error in Web3 | https://medium.com/@vinaysati/improper-input-sanitization-error-in-web3-f4bd0f6d88cc?source=rss------bug_bounty-5 | Vinaysati | hacking, cryptocurrency, bug-bounty, web3, web3bug | 20-Nov-2023 |
#3 Set-up FoxyProxy in Firefox — Guide for Burp Suite | https://securitycipher.medium.com/3-set-up-foxyproxy-in-firefox-guide-for-burp-suite-ee9627b6f513?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | security, bug-bounty-tips, bug-bounty, penetration-testing, technology | 20-Nov-2023 |
Event Driven Bug Bounty on AWS | https://medium.com/@husein.ayoub/event-driven-bug-bounty-on-aws-d39f75d962a3?source=rss------bug_bounty-5 | Hussein Ayoub | aws, bug-bounty, security | 20-Nov-2023 |
The Story of How I Hacked one of the online payment system website twice | https://christmex.medium.com/the-story-of-how-i-hacked-one-of-the-online-payment-system-website-twice-b0ba48ed13db?source=rss------bug_bounty-5 | Jonathan Christian | bug-bounty-writeup, programming, technology, cybersecurity, bug-bounty | 20-Nov-2023 |
ESSENTIAL HTML FOR HACKERS | https://medium.com/@agapehearts/essential-html-for-hackers-12d329927c9b?source=rss------bug_bounty-5 | Agape HearTs | xss-attack, bug-bounty, html, hacker, pentesting | 20-Nov-2023 |
Writeups of All Apprentice Labs in Portswigger — All Lab’s Solution| Karthikeyan Nagaraj | https://cyberw1ng.medium.com/writeups-of-all-apprentice-labs-in-portswigger-all-labs-solution-karthikeyan-nagaraj-a5f23fd0c87b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, careers, penetration-testing, hacking | 20-Nov-2023 |
Go Beyond with Gretire | https://systemweakness.com/go-beyond-with-gretire-313b7fbe3f47?source=rss------bug_bounty-5 | Whalebone | cybersecurity, bug-bounty, open-source, information-security, hacking | 20-Nov-2023 |
Email address: The Online ID | https://medium.com/@duncanochieng682/email-address-the-online-id-dd0061bf7828?source=rss------bug_bounty-5 | JateloCybersec | infosec, hacking, bug-bounty, ethical-hacking, blackhat | 20-Nov-2023 |
Understanding CVE-2023–46604: A Threat to Apache ActiveMQ | https://infosecwriteups.com/understanding-cve-2023-46604-a-threat-to-apache-activemq-d771eb408eba?source=rss------bug_bounty-5 | Security Lit Limited | bug-bounty, vulnerability, cybersecurity, programming, penetration-testing | 20-Nov-2023 |
Project 2510: Bug Bounty Challenge — Day 15/25 | https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-15-25-27d085f4bf95?source=rss------bug_bounty-5 | Wallotry | bug-bounty-tips, bug-bounty-hunting, bug-bounty-hunter, bug-bounty | 20-Nov-2023 |
Understanding CVE-2023–46604: A Threat to Apache ActiveMQ | https://securitylit.medium.com/understanding-cve-2023-46604-a-threat-to-apache-activemq-d771eb408eba?source=rss------bug_bounty-5 | Security Lit Limited | bug-bounty, vulnerability, cybersecurity, programming, penetration-testing | 20-Nov-2023 |
The Story of How I Hacked one of the online payment system website | https://christmex.medium.com/the-story-of-how-i-hacked-one-of-the-online-payment-system-website-twice-b0ba48ed13db?source=rss------bug_bounty-5 | Jonathan Christian | bug-bounty-writeup, programming, technology, cybersecurity, bug-bounty | 20-Nov-2023 |
GraphQL Misconfiguration Leads to Unlimited Money Transfer (Intigriti CTF — Bug Bank) | https://medium.com/@thewolfsec/graphql-misconfiguration-leads-to-unlimited-money-transfer-intigriti-ctf-bug-bank-48cdeb9c9aec?source=rss------bug_bounty-5 | TheWolf Sec | graphql, intigriti, bug-bounty, ctf | 19-Nov-2023 |
#2 Different Burp Suite Tools — Guide for Burp Suite | https://securitycipher.medium.com/2-different-burp-suite-tools-guide-for-burp-suite-7c5aa2ad05ed?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | penetration-testing, bug-bounty, security, cybersecurity, news | 19-Nov-2023 |
Find Vulnerabilities before other Hackers Exploiting | https://medium.com/@salmanul060/find-vulnerabilities-before-other-hackers-exploiting-a86fe4c3d5eb?source=rss------bug_bounty-5 | Salmanul Faris | web-applications, cybersecurity, bug-bounty, penetrationtestingcompany, penetration-testing | 19-Nov-2023 |
SSTI bypass using CRLF (1337 UP CTF — Smarty Pants) | https://medium.com/@thewolfsec/ssti-bypass-using-crlf-1337-up-ctf-smarty-pants-4ee8e1a72f98?source=rss------bug_bounty-5 | TheWolf Sec | intigriti, ssti, bug-bounty, ctf, php-developers | 19-Nov-2023 |
Privilege Escalation: Unauthorized Low-Privilege Users Creating Feature Bundles | https://medium.com/@a13h1/privilege-escalation-unauthorized-low-privilege-users-creating-feature-bundles-75f6125eec78?source=rss------bug_bounty-5 | Abhi Sharma | bug-bounty, programming, cybersecurity, hacking, api | 19-Nov-2023 |
#2 Different Burp Suite Tools — Guide for Burp Suite | https://infosecwriteups.com/2-different-burp-suite-tools-guide-for-burp-suite-7c5aa2ad05ed?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | penetration-testing, bug-bounty, security, cybersecurity, news | 19-Nov-2023 |
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 3 | https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-3-99e86d021190?source=rss------bug_bounty-5 | Hacker's Dump | android, android-pentesting, penetration-testing, hacking, bug-bounty | 19-Nov-2023 |
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 4 | https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-4-c942fbd9cae5?source=rss------bug_bounty-5 | Hacker's Dump | bug-bounty, hacking, android, penetration-test, penetration-testing | 19-Nov-2023 |
23.6 Lab: Insecure direct object references | 2023 | https://cyberw1ng.medium.com/23-6-lab-insecure-direct-object-references-2023-dfd4a9f3eeb3?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, cybersecurity, penetration-testing, hacking | 19-Nov-2023 |
A Guide to Indicators of Compromise (IoC) Analysis | https://medium.com/@paritoshblogs/a-guide-to-indicators-of-compromise-ioc-analysis-925708cbf8aa?source=rss------bug_bounty-5 | Paritosh | programming, bug-bounty, ioc, hacking, cybersecurity | 19-Nov-2023 |
ByteGuard: Mastering the Art of Data Security | https://medium.com/@paritoshblogs/byteguard-mastering-the-art-of-data-security-5719be0d1c7c?source=rss------bug_bounty-5 | Paritosh | information-security, data-security, cybersecurity, data, bug-bounty | 18-Nov-2023 |
Securing the Backbone: Supply Chain Security | https://medium.com/@paritoshblogs/securing-the-backbone-supply-chain-security-34282b6b505f?source=rss------bug_bounty-5 | Paritosh | supply-chain, information-security, cybersecurity, supply-chain-attack, bug-bounty | 18-Nov-2023 |
eWPTX Prepare Resources | https://medium.com/@0UN390/ewptx-prepare-resources-a741220cf145?source=rss------bug_bounty-5 | 0UN390 | bug-bounty, cybersecurity, web-security, penetration-testing | 18-Nov-2023 |
AppSec Tales XXIII | XPathI | https://karol-mazurek95.medium.com/appsec-tales-xxiii-xpathi-ca6171826d2a?source=rss------bug_bounty-5 | Karol Mazurek | information-technology, cybersecurity, application-security, bug-bounty, penetration-testing | 18-Nov-2023 |
#Day6 Bug Bounty Recon Part 2: ( Subdomains and S3 buckets ) | https://medium.com/codingninjablogs/day6-bug-bounty-recon-part-2-subdomains-and-s3-buckets-1a01780e6908?source=rss------bug_bounty-5 | OBSIDIAN | programming, technology, bug-bounty, ethical-hacking, cybersecurity | 18-Nov-2023 |
23.5 Lab: User ID controlled by request parameter with password disclosure | 2023 | https://cyberw1ng.medium.com/23-5-lab-user-id-controlled-by-request-parameter-with-password-disclosure-2023-ad748d1daa9e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, cybersecurity, hacking, penetration-testing | 18-Nov-2023 |
Hacking Microsoft IIS : Enumerating IIS for V | https://medium.com/@mudasserhussain1111/hacking-microsoft-iis-enumerating-iis-for-v-39de5a27f101?source=rss------bug_bounty-5 | Mudasser Hussain | infosec-write-ups, cybersecurity, hacking, microsoft, bug-bounty | 18-Nov-2023 |
OAuth Misconfiguration Leads To Pre-Account Takeover(snapchat) | https://medium.com/@a7med.ctf/oauth-misconfiguration-leads-to-pre-account-takeover-snapchat-129b118661f6?source=rss------bug_bounty-5 | Ahmed Mahmoued | hacking, bug-bounty-tips, bug-bounty | 18-Nov-2023 |
CVE-2023–36025: An In-Depth Analysis of Circumventing Windows SmartScreen Security | https://infosecwriteups.com/cve-2023-36025-an-in-depth-analysis-of-circumventing-windows-smartscreen-security-6ff05c8b69d0?source=rss------bug_bounty-5 | Security Lit Limited | penetration-testing, threat-intelligence, cybersecurity, microsoft, bug-bounty | 18-Nov-2023 |
Default Credentials, P1 with $$$$ Reward in a Bug Bounty Program | https://medium.com/@jedus0r/default-credentials-p1-with-reward-in-a-bug-bounty-program-1aad9c008619?source=rss------bug_bounty-5 | jedus0r | security-research, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter | 18-Nov-2023 |
CVE-2023–35078 Unveiled: Ethical Vulnerability Discovery and Reporting By Me and My Hunting Buddy… | https://medium.com/@jaini.rutvik/cve-2023-35078-unveiled-ethical-vulnerability-discovery-and-reporting-by-me-and-my-hunting-buddy-507582baf5c3?source=rss------bug_bounty-5 | Rj07 | responsible-disclosure, information-technology, zero-day, bug-bounty, information-security | 18-Nov-2023 |
Project 2510: Bug Bounty Challenge — Day 13/25 | https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-13-25-f6e21379749b?source=rss------bug_bounty-5 | Wallotry | bug-bounty, bug-bounty-hunter, bug-bounty-hunting, bug-bounty-tips | 18-Nov-2023 |
Default Credentials, P1 with $$$$ Reward in a Bug Bounty Program | https://systemweakness.com/default-credentials-p1-with-reward-in-a-bug-bounty-program-1aad9c008619?source=rss------bug_bounty-5 | jedus0r | security-research, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter | 18-Nov-2023 |
The Future of Cybersecurity: The Power of AI-Powered SIEM | https://medium.com/@paritoshblogs/the-future-of-cybersecurity-the-power-of-ai-powered-siem-ae43921e9bce?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-security, siem, hacking, cybersecurity | 17-Nov-2023 |
3 Command Line Games Which You Must Try | https://medium.com/@rushi.padhiyar098/3-command-line-games-which-you-must-try-fa77c2ff7127?source=rss------bug_bounty-5 | Cyph3r Ryx | games, cybersecurity, hacking, command-line, bug-bounty | 17-Nov-2023 |
Dastardly — Web Application Security Scanner — CI/CD | https://securitycipher.medium.com/dastardly-web-application-security-scanner-ci-cd-3a4eea08719a?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | technology, security, bug-bounty, cybersecurity, penetration-testing | 17-Nov-2023 |
How I Automatically Generate XSS Payload & Automate Reflected XSS | https://ajaksecurity.medium.com/how-i-automatically-generate-xss-payload-automate-reflected-xss-be7c993f90d4?source=rss------bug_bounty-5 | Ajak Cyber security | hacking, cybersecurity, bug-bounty, ethical-hacking, penetration-testing | 17-Nov-2023 |
23.4 Lab: User ID controlled by request parameter with data leakage in redirect | 2023 | https://cyberw1ng.medium.com/23-4-lab-user-id-controlled-by-request-parameter-with-data-leakage-in-redirect-2023-5fa1b18bced1?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, careers, bug-bounty, cybersecurity, security | 17-Nov-2023 |
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 2 | https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-2-9c33c319a696?source=rss------bug_bounty-5 | Hacker's Dump | android-pentesting, android, penetration-testing, hacking, bug-bounty | 17-Nov-2023 |
How to find vulnerabilities in a web page in 10 minutes | https://medium.com/@l0calh0st/how-to-find-vulnerabilities-in-a-web-page-in-10-minutes-66cd052b4fbc?source=rss------bug_bounty-5 | 127.0.0.1 is safe.⚠️ | red-team, bug-bounty, error-message, cybersecurity, hacking | 17-Nov-2023 |
Access control vulnerabilities | https://medium.com/@abdullahwarsama28/access-control-vulnerabilities-02fe3ea2e17f?source=rss------bug_bounty-5 | Abdullah Warsama | bug-bounty, web-security | 17-Nov-2023 |
JWT Intrigue: Hidden Keys within Web Applications | https://medium.com/@josh.beck2006/jwt-intrigue-hidden-keys-within-web-applications-4b042c80f427?source=rss------bug_bounty-5 | Josh Beck | penetration-testing, bug-bounty, cybersecurity, ctf-writeup, ctf | 16-Nov-2023 |
AuditOne Roundtable with Alexey from Aurora and Guido Vranken | https://medium.com/@auditone.io/auditone-roundtable-with-alexey-from-aurora-and-guido-vranken-3d7c709289c0?source=rss------bug_bounty-5 | AuditOne | bug-bounty, defi, web3, aurora, fuzzing | 16-Nov-2023 |
#1 Introduction to Burp Suite — Guide for Burp Suite | https://securitycipher.medium.com/1-introduction-to-burp-suite-guide-for-burp-suite-4054b64f10a0?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | penetration-testing, bug-bounty, cybersecurity, technology, security | 16-Nov-2023 |
Easy Admin Access — RVDP | https://infosecwriteups.com/easy-admin-access-rvdp-d1eb2c97cb3e?source=rss------bug_bounty-5 | hackerdevil | bug-bounty-tips, web-app-security, bug-bounty, bug-bounty-writeup, vulnerability-assessment | 16-Nov-2023 |
Bug Bounty Programs: Unleashing the Power of Ethical Hacking | https://medium.com/@crawsecurity/bug-bounty-programs-unleashing-the-power-of-ethical-hacking-5da98f820ebb?source=rss------bug_bounty-5 | crawsecurity | bug-bounty-program, bug-bounty, bug-bounty-tips, bugs, bug-bounty-writeup | 16-Nov-2023 |
Exploiting Blind XXE: Going Out of Band | https://medium.com/@mohamedtaha_42562/exploiting-blind-xxe-going-out-of-band-f04e3c1ea7ef?source=rss------bug_bounty-5 | Mohamed Taha | security, penetration-testing, bug-bounty | 16-Nov-2023 |
Introducing Bug Bounty Boosts: Supercharging Security With Timebound Events | https://medium.com/immunefi/introducing-bug-bounty-boosts-supercharging-security-with-timebound-events-51e3a1f208c3?source=rss------bug_bounty-5 | Immunefi Editor | bug-bounty, web3, immunefi, cybersecurity, degate | 16-Nov-2023 |
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 1 | https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-1-392cf9abf93f?source=rss------bug_bounty-5 | Hacker's Dump | android-pentesting, hacking, android, penetration-testing, bug-bounty | 16-Nov-2023 |
Malware Analysis: Understanding and Combatting Cyber Threats | https://medium.com/@paritoshblogs/malware-analysis-understanding-and-combatting-cyber-threats-d0db1d56760c?source=rss------bug_bounty-5 | Paritosh | malware-analysis, hacking, bug-bounty, cybersecurity, information-security | 16-Nov-2023 |
How I got a $500 reward for finding an unacclaimed bucket on GitHub | https://medium.com/@andre.pontes7/how-i-got-a-500-reward-for-finding-an-unacclaimed-bucket-on-github-57623c386515?source=rss------bug_bounty-5 | André Pontes | aws-s3, hackerone, bug-bounty, aws | 16-Nov-2023 |
23.3 Lab: User ID controlled by request parameter, with unpredictable user IDs | 2023 | https://cyberw1ng.medium.com/23-3-lab-user-id-controlled-by-request-parameter-with-unpredictable-user-ids-2023-5827f93eca1d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, careers, cybersecurity, hacking | 16-Nov-2023 |
$1000 Bounty: How I scaled a Self-Redirect to an XSS in a web 3.0 system at Hackenproof | https://erickfernandox.medium.com/1000-bounty-how-i-scaled-a-self-redirect-to-an-xss-in-a-web-3-0-system-at-hackenproof-37380f701892?source=rss------bug_bounty-5 | Erick Fernando | bug-bounty, hackenproof, open-redirect, xss-bypass | 16-Nov-2023 |
DNS C2 — When Malware Goes Incognito! | https://medium.com/@paritoshblogs/dns-c2-when-malware-goes-incognito-03fdc2e82057?source=rss------bug_bounty-5 | Paritosh | cybersecurity, bug-bounty, information-security, dns, hacking | 15-Nov-2023 |
HackerOne Surpasses $300 Million in Rewards for Ethical Hackers | https://medium.com/@zerosecurity/hackerone-surpasses-300-million-in-rewards-for-ethical-hackers-eba7be4f106c?source=rss------bug_bounty-5 | ZeroSecurity | bug-bounty | 15-Nov-2023 |
LandRocker Bug Bounty Program | https://landrocker.medium.com/landrocker-bug-bounty-program-aa2f55f47297?source=rss------bug_bounty-5 | LandRocker | bug-bounty, bitcoin, cryptocurrency-investment, token-sale, web3 | 15-Nov-2023 |
23.2 Lab: User ID controlled by request parameter | 2023 | https://cyberw1ng.medium.com/23-2-lab-user-id-controlled-by-request-parameter-2023-74764905c72c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, careers, hacking, cybersecurity | 15-Nov-2023 |
Understanding Post-Exploitation: Cybersecurity | https://medium.com/@paritoshblogs/understanding-post-exploitation-cybersecurity-5c8d11b75812?source=rss------bug_bounty-5 | Paritosh | cybersecurity, programming, information-security, bug-bounty, post-exploitation | 15-Nov-2023 |
Idor That allowed me to get access to sensitive users files and share them -.- | https://hamzadzworm.medium.com/idor-that-allowed-me-to-get-access-to-sensitive-users-files-and-share-them-f7da741e9f63?source=rss------bug_bounty-5 | Hamzadzworm | bugbounty-writeup, bug-bounty-tips, hackerone, bug-bounty, cybersecurity | 15-Nov-2023 |
Unveiling Sensitive Information Exposure: IIS Tilde Enumeration Vulnerability | https://medium.com/@mohammed0anas/unveiling-sensitive-information-exposure-iis-tilde-enumeration-vulnerability-ffe034073288?source=rss------bug_bounty-5 | Nas | bug-bounty, hacking, cybersecurity, bug-bounty-writeup | 15-Nov-2023 |
How I hacked Google’s bug tracking system itself for $15,600 in bounties | https://homosapienimo.medium.com/how-i-hacked-googles-bug-tracking-system-itself-for-15-600-in-bounties-65c5aacaacdf?source=rss------bug_bounty-5 | Homo Sapiens | bug-bounty, startup, google, technology, security | 15-Nov-2023 |
Project 2510: Bug Bounty Challenge — Day 10/25 | https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-10-25-7b9651fb1b26?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty-hunting, bug-bounty, bug-bounty-tips | 15-Nov-2023 |
Exploiting Parallels Plesk Panels With Shodan | https://blog.meese.enterprises/exploiting-parallels-plesk-panels-with-shodan-282248855af2?source=rss------bug_bounty-5 | Aaron Meese | cybersecurity, shodan, osint-investigation, osint, bug-bounty | 15-Nov-2023 |
Detection Engineering: Strengthening Cybersecurity Defense | https://medium.com/@paritoshblogs/detection-engineering-strengthening-cybersecurity-defense-8d31ab7a2d46?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-security, detection-engineering, hacking, cybersecurity | 14-Nov-2023 |
Hackathon : KPU.GO.ID | https://medium.com/@angryovalegg/hackathon-kpu-go-id-8fb6f3ce0d61?source=rss------bug_bounty-5 | Angry Oval Egg | hackathons, indo-hacker, bug-bounty, kpu, pemilu | 14-Nov-2023 |
How to find probably vulnerable objects in your own surface with Netlas.io? | https://systemweakness.com/how-to-find-probably-vulnerable-objects-in-your-own-surface-with-netlas-io-7f3448363892?source=rss------bug_bounty-5 | Netlas.io | script, automation, bug-bounty, attack-surface, reconnaissance | 14-Nov-2023 |
#4 Session Fixation — Secure Code Explain | https://securitycipher.medium.com/4-session-fixation-secure-code-explain-7d9567f25f38?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | cybersecurity, technology, bug-bounty, vulnerability, coding | 14-Nov-2023 |
Escalating Blind SSRF to a Remote Code Execution | https://mukibas37.medium.com/escalating-blind-ssrf-to-a-remote-code-execution-be65ed9a7d0f?source=rss------bug_bounty-5 | Mukilan Baskaran | infosec, ssrf, cybersecurity, bug-bounty, hacking | 14-Nov-2023 |
23.1 Lab: CORS vulnerability with trusted null origin | 2023 | https://cyberw1ng.medium.com/23-1-lab-cors-vulnerability-with-trusted-null-origin-2023-53d2de3b8e28?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, careers, cybersecurity, penetration-testing | 14-Nov-2023 |
Har Har Hijack: The Okta Plunder | https://medium.com/@josh.beck2006/har-har-hijack-the-okta-plunder-8fb36f5c9d45?source=rss------bug_bounty-5 | Josh Beck | penetration-testing, cybersecurity, bug-bounty | 14-Nov-2023 |
bWAPP PHP Code Injection | https://medium.com/@yusufbaris/bwapp-php-code-injection-2b326b831924?source=rss------bug_bounty-5 | Yusuf Barış | cybersecurity, web-security, hacking, bug-bounty, penetration-testing | 14-Nov-2023 |
Project 2510: Bug Bounty Challenge — Day 9/25 | https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-9-25-14cbedbecee2?source=rss------bug_bounty-5 | Wallotry | bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-hunting | 14-Nov-2023 |
Introduction to AI in Cybersecurity | https://imran-niaz.medium.com/introduction-to-ai-in-cybersecurity-6d80460d9e37?source=rss------bug_bounty-5 | Imran Niaz | programming, cybersecurity, learning, penetration-testing, bug-bounty | 13-Nov-2023 |
Let's together dive deep into information disclosure | https://medium.com/@parthnarulatech/lets-together-dive-deep-into-information-disclosure-8bdb0b5db728?source=rss------bug_bounty-5 | scriptjacker | bug-bounty-tips, penetration-testing, bug-bounty, cybersecurity, owasp | 13-Nov-2023 |
SSL Search — A tool to identify infrastructure and discover attack surfaces. | https://medium.com/@harsh8v/ssl-search-a-tool-to-identify-infrastructure-and-discover-attack-surfaces-449c83269574?source=rss------bug_bounty-5 | Harsh Varagiya | bug-bounty, gcp, ssl-certificate, aws, internet | 13-Nov-2023 |
Google VRP -[IDOR] Deleted Victim Data & Leaked | https://medium.com/@ggilang1135/google-vrp-idor-deleted-victim-data-leaked-0b3cba8e3f7a?source=rss------bug_bounty-5 | Gilang Romadon | bug-bounty, idor-vulnerability, bug-bounty-tips, ggilangromadon, google-vrp | 13-Nov-2023 |
Announcing IWCON 2023 Speakers Second Batch | https://infosecwriteups.com/announcing-iwcon-2023-speakers-second-batch-26762dc93491?source=rss------bug_bounty-5 | InfoSec Write-ups | infosec, security, bug-bounty, conference, hacking | 13-Nov-2023 |
Cracking the Code, Cobalt Strike — More Than Just a Fancy Pen Test Tool (And Why Cyber Baddies… | https://medium.com/@paritoshblogs/cracking-the-code-cobalt-strike-more-than-just-a-fancy-pen-test-tool-and-why-cyber-baddies-8b5c56ece92c?source=rss------bug_bounty-5 | Paritosh | bug-bounty, pentesting, cybersecurity, hacking, cobalt-strike | 13-Nov-2023 |
22.2 Lab: JWT authentication bypass via flawed signature verification | 2023 | https://cyberw1ng.medium.com/22-2-lab-jwt-authentication-bypass-via-flawed-signature-verification-2023-2a1d63d18ab2?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, bug-bounty, cybersecurity, penetration-testing | 13-Nov-2023 |
Weirdest API that has been ever found | https://medium.com/@mmaulanaabdullah/weirdest-api-that-has-been-ever-found-9270720d6f02?source=rss------bug_bounty-5 | M Maulana Abdullah | writeup, api, bug-bounty, api-development | 13-Nov-2023 |
Authentication Vulnerabilities- Lab #9 Brute-forcing a stay-logged-in cookie | https://dollarboysushil.medium.com/authentication-vulnerabilities-lab-9-brute-forcing-a-stay-logged-in-cookie-dda91125f5f2?source=rss------bug_bounty-5 | dollarboysushil | cookie-hacking, web-security, cybersecurity, portswigger, bug-bounty | 13-Nov-2023 |
Project 2510: Bug Bounty Challenge — Day 8/25 | https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-8-25-ea9bc1addd63?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunting, bug-bounty, bug-bounty-hunter, bug-bounty-tips | 13-Nov-2023 |
I created posts on the newsletter page dedicated to the program administrator | https://medium.com/@hossam_hamada/i-created-posts-on-the-newsletter-page-dedicated-to-the-program-administrator-aa271980aa53?source=rss------bug_bounty-5 | Hossam Hamada | bug-bounty, penetration-testing, idor, idor-vulnerability, bug-hunting | 12-Nov-2023 |
1200$ IDOR Flaw: Allow Attacker To Approve Project Time Tracking | https://medium.com/@a13h1/1200-idor-flaw-allow-attacker-to-approve-project-time-tracking-a9f64c06732a?source=rss------bug_bounty-5 | Abhi Sharma | bug-bounty, programming, hacking, information-security, cybersecurity | 12-Nov-2023 |
Crafting XSS (Cross-Site Scripting) payloads | https://infosecwriteups.com/crafting-xss-cross-site-scripting-payloads-919f62171bd0?source=rss------bug_bounty-5 | Security Lit Limited | xss-vulnerability, bug-bounty, xss-attack, technology, cybersecurity | 12-Nov-2023 |
Authentication Vulnerabilities- Lab #8 2FA (Two Factor Authentication) broken logic | https://dollarboysushil.medium.com/authentication-vulnerabilities-lab-8-2fa-two-factor-authentication-broken-logic-b3c6cd8923b9?source=rss------bug_bounty-5 | dollarboysushil | portswigger, cybersecurity, 2fa-hacking, web-security, bug-bounty | 12-Nov-2023 |
22.1 Lab: JWT authentication bypass via unverified signature | 2023 | https://cyberw1ng.medium.com/22-1-lab-jwt-authentication-bypass-via-unverified-signature-2023-4401628467d9?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, bug-bounty, penetration-testing, careers | 12-Nov-2023 |
Finding Sneaky Hackers, The Ultimate Way of Stalking Cyber Intruders (Without a Trench Coat) | https://medium.com/@paritoshblogs/finding-sneaky-hackers-the-ultimate-way-of-stalking-cyber-intruders-without-a-trench-coat-8db574697fe7?source=rss------bug_bounty-5 | Paritosh | programming, cybersecurity, lateral-movement, bug-bounty, hacking | 12-Nov-2023 |
Project 2510: Bug Bounty Challenge — Day 7/25 | https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-7-25-a9367edc5864?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-hunting | 12-Nov-2023 |
Introduction to API Hacking: A Free Course to Level Up Your Skills | https://medium.com/@maisamnoyan/introduction-to-api-hacking-a-free-course-to-level-up-your-skills-537bfc70180d?source=rss------bug_bounty-5 | Maisam Noyan | hacking, bug-bounty, free-course, api, course | 11-Nov-2023 |
Authentication Vulnerabilities- Lab #4 Username enumeration via subtly different responses | https://dollarboysushil.medium.com/authentication-vulnerabilities-lab-4-username-enumeration-via-subtly-different-responses-5eb512d899fa?source=rss------bug_bounty-5 | dollarboysushil | web-security, portswigger, bug-bounty, cybersecurity | 11-Nov-2023 |
Attention Cyber Enthusiasts! Exciting News Ahead! ️ | https://cyberconqueror.medium.com/attention-cyber-enthusiasts-exciting-news-ahead-%EF%B8%8F-26399c20b71a?source=rss------bug_bounty-5 | Cyber Conqueror | free-course, information-security, cybersecurity, bug-bounty, free | 11-Nov-2023 |
Authentication Vulnerabilities- Lab #5 Username enumeration via response timing | https://dollarboysushil.medium.com/authentication-vulnerabilities-lab-5-username-enumeration-via-response-timing-16b07552275a?source=rss------bug_bounty-5 | dollarboysushil | portswigger, bug-bounty, cybersecurity, hacking-passwords | 11-Nov-2023 |
AppSec Tales XXII | LDAPI | https://karol-mazurek95.medium.com/appsec-tales-xxii-ldapi-fcef1f40e9b2?source=rss------bug_bounty-5 | Karol Mazurek | information-technology, bug-bounty, cybersecurity, information-security, penetration-testing | 11-Nov-2023 |
JWT attack vulnerabilities in Web App Penetration Testing | 2023 | https://cyberw1ng.medium.com/jwt-attack-vulnerabilities-in-web-app-penetration-testing-2023-4eb8916133dc?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, penetration-testing, bug-bounty, cybersecurity | 11-Nov-2023 |
Downloading files using POST request (unorthodox method) | https://medium.com/@paritoshblogs/downloading-files-using-post-request-unorthodox-method-d042bb06c1ce?source=rss------bug_bounty-5 | Paritosh | cybersecurity, programming, bug-bounty, hacking, html | 11-Nov-2023 |
Authentication Vulnerabilities- Lab #6 Broken brute-force protection, IP block | https://dollarboysushil.medium.com/authentication-vulnerabilities-lab-6-broken-brute-force-protection-ip-block-b3afca0a2ea7?source=rss------bug_bounty-5 | dollarboysushil | brute-force, web-security, cybersecurity, bug-bounty, portswigger | 11-Nov-2023 |
Reconnaissance Is The Key — Bug Bounty Tip! | https://medium.com/@learningstuff110/reconnaissance-is-the-key-bug-bounty-tip-527f24e56cc5?source=rss------bug_bounty-5 | Fahad Hasan | directory-enumeration, penetration-testing, bug-bounty, waybackurls, reconnaissance | 11-Nov-2023 |
Pentesting: I wanna be a hackerrr… | https://areen-agrawal.medium.com/pentesting-i-wanna-be-a-hackerrr-4dcf9379a6fc?source=rss------bug_bounty-5 | Me, Just a Techie. | bug-bounty, computer-security, red-teaming, technology, pentesting | 11-Nov-2023 |
Project 2510: Bug Bounty Challenge — Day 6/25 | https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-6-25-fe340a54386c?source=rss------bug_bounty-5 | Wallotry | bug-bounty, bug-bounty-hunter, bug-bounty-tips, bug-bounty-hunting | 11-Nov-2023 |
Project 2510: Bug Bounty Challenge — Day 5/25 | https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-5-25-205300a2a65c?source=rss------bug_bounty-5 | Wallotry | bug-bounty, bug-bounty-hunting, bug-bounty-hunter, bug-bounty-tips | 10-Nov-2023 |
Unlocking Cash: Easy P1 Bug in Grafana Dashboard with Default Credentials = €€€€ | https://infosecwriteups.com/unlocking-cash-easy-p1-bug-in-grafana-dashboard-with-default-credentials-fa36ddf271da?source=rss------bug_bounty-5 | Pratik Dabhi | hackerone, bug-bounty, bugcrowd | 10-Nov-2023 |
Authentication Vulnerabilities- Lab #3 Password reset broken logic | https://dollarboysushil.medium.com/authentication-vulnerabilities-lab-3-password-reset-broken-logic-95bc62a7b92a?source=rss------bug_bounty-5 | dollarboysushil | bug-bounty, cybersecurity, portswigger, web-security, password-reset | 10-Nov-2023 |
21.1 Lab: Authentication bypass via OAuth implicit flow | 2023 | https://cyberw1ng.medium.com/21-1-lab-authentication-bypass-via-oauth-implicit-flow-2023-15f819305f73?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, careers, cybersecurity, hacking | 10-Nov-2023 |
Authentication Vulnerabilities- Lab #2 2FA simple bypass | https://dollarboysushil.medium.com/authentication-vulnerabilities-lab-2-2fa-simple-bypass-6bd390cf92bc?source=rss------bug_bounty-5 | dollarboysushil | web-security, cybersecurity, bug-bounty, portswigger, two-factor-authentication | 10-Nov-2023 |
Revealing True Industry Potential Through the Ultimate Web3 Security Ecosystem: R.xyz | https://medium.com/coinmonks/revealing-true-industry-potential-through-the-ultimate-web3-security-ecosystem-r-xyz-007acfd25b62?source=rss------bug_bounty-5 | Officer's Notes | blockchain-security, bug-bounty, web3, smart-contract-security, hacking | 10-Nov-2023 |
How I stopped a Wallet Hack and Got Almost Nothing. | https://medium.com/@mahitman1/how-i-stopped-a-wallet-hack-and-got-almost-nothing-68babd824854?source=rss------bug_bounty-5 | Muhammad Abdullah | web3, blockchain, bug-bounty, security | 10-Nov-2023 |