Security Cipher

Additional Resources

Compilation of Resources Featuring Daily Bug Bounty Writeups

Telegram

Daily Get Bug Bounty Writeups and more on our Telegram Channel

X (Twitter)

Daily Get Bug Bounty Writeups and more on our Twitter Handle

Discord

Daily Get Bug Bounty Writeups and more on our Discord Server

Android App

Daily Get Bug Bounty Writueps and more  on our Android Application

xss
sql injection
xxe
bug-bounty
recon
wordpress
ai
red-team
ctf
graphql
Lab
TitleLinkAuthorTagsPublication date
Pentesting: AI: WEB 1 | Privilege Escalation Attack | Python Reverse Shell | Vulnerabilities | SQL…https://shamsulmehmood.medium.com/pentesting-ai-web-1-privilege-escalation-attack-python-reverse-shell-vulnerabilities-sql-7f9994a42ec1?source=rss------bug_bounty-5SHAMS UL MEHMOODai, cybersecurity, bugs, bug-bounty, ctf-writeup21-May-2024
Hackers Online Tools in 2024https://medium.com/@logicTech/hackers-online-tools-in-2024-da8f5aa232e5?source=rss------bug_bounty-5LogicTechosint, hackathons, bug-bounty, tools, hacking21-May-2024
Working with a client, I came across a CSRF vulnerability in their existing web application.https://medium.com/@darkly_splendid/working-with-a-client-i-came-across-a-csrf-vulnerability-in-their-existing-web-application-6c256b74684d?source=rss------bug_bounty-5FF E4cybersecurity, csrf, bug-bounty20-May-2024
Bug Zero — This month in Cybersecurity [01–15 May]https://blog.bugzero.io/bug-zero-this-month-in-cybersecurity-01-15-may-354fd002d5e4?source=rss------bug_bounty-5Akila Maithripalabug-bounty, cybersecurity, sri-lanka, bug-zero20-May-2024
Open-Redirects Uncovered: Real-World Bypass Techniques Revealedhttps://systemweakness.com/open-redirects-uncovered-real-world-bypass-techniques-revealed-7b7422f02049?source=rss------bug_bounty-5David Eduardo Karpinskicybersecurity, hacking, web3, programming, bug-bounty20-May-2024
How I Hacked NASA Using Google Dork in Just 10 Minuteshttps://medium.com/@gaurish.main/how-i-hacked-nasa-using-google-dork-in-just-10-minutes-6ce3b3401512?source=rss------bug_bounty-5Gaurish Bahurupicybersecurity, penetration-testing, bug-bounty-tips, bug-bounty, bug-bounty-writeup20-May-2024
Bypassed the OTP verification process using “Turbo Intruder” Extension.https://xamiron.medium.com/bypassed-the-otp-verification-process-using-turbo-intruder-extension-2f56ac3d400d?source=rss------bug_bounty-5Sabuj Kumar Modakweb-app-pentesting, cybersecurity, bug-bounty, burpsuite-extension, penetration-testing20-May-2024
IDOR Explained: Discover It Through a Simple Story!https://medium.com/@1hehaq/idor-explained-discover-it-through-a-simple-story-ca4a018f6d4c?source=rss------bug_bounty-5haqidor, bug-bounty-tips, bug-bounty, idor-vulnerability20-May-2024
Your Account is Now Mine!https://medium.com/@karimelsayed0x1/your-account-is-now-mine-fd80ad56f868?source=rss------bug_bounty-5z3r0xkpentesting, bug-bounty, account-takeover, vulnerability20-May-2024
Reflected XSS Leading to Account Takeoverhttps://0onoproblem.medium.com/reflected-xss-leading-to-account-takeover-bea862cba885?source=rss------bug_bounty-50_oNoProblembug-bounty, xss-attack, cybersecurity, bug-bounty-writeup, vulnerability20-May-2024
Discovering a $5000 RCE via Dependency Confusion Vulnerabilityhttps://nvk0x.medium.com/discovering-a-5000-rce-via-dependency-confusion-vulnerability-6b0c08ecd5de?source=rss------bug_bounty-5Naveen kumawatbug-bounty, hacking, bug-bounty-tips, bug-bounty-writeup, supply-chain20-May-2024
Let’s Understand Price Oracle Manipulationhttps://securrtech.medium.com/lets-understand-price-oracle-manipulation-927ab725f131?source=rss------bug_bounty-5Securrbug-bounty, smart-contract-auditing, web3, blockchain, web3-security20-May-2024
How I Hacked NASA LDAP Serverhttps://medium.com/@maxcyber882/how-i-hacked-nasa-ldap-server-b7cbb8cd0eee?source=rss------bug_bounty-5Maxcyberbug-hunting, cybersecurity, penetration-testing, bug-bounty20-May-2024
How I found XSS from a medium articlehttps://medium.com/@jsamia/how-i-from-xss-from-a-medium-article-94d1b4e7e742?source=rss------bug_bounty-5Jaeden Samiainfosec, bug-bounty, ethical-hacking20-May-2024
How I got Hall of Fame in NASAhttps://medium.com/@Ajakcybersecurity/how-i-got-hall-of-fame-in-nasa-4d098c413f9e?source=rss------bug_bounty-5AjakCybersecurityhacking, penetration-testing, ethical-hacking, bug-bounty, cybersecurity20-May-2024
Walk-Through of Bepractical.tech lab #3https://medium.com/@ross.jubert/walk-through-of-bepractical-tech-lab-3-07079a7ad5c2?source=rss------bug_bounty-5Ross Jubertaccount-takeover, ethical-hacking, bug-bounty, bugbounty-writeup, account-takeover-attacks19-May-2024
Hacker101: Micro-CMS v1https://medium.com/@0xfxiii/hacker101-micro-cms-v1-982c61d24e3e?source=rss------bug_bounty-50xfhackerone, bug-bounty-tips, bug-bounty, hacking19-May-2024
Dependency Confusionhttps://deephunt3r.medium.com/dependency-confusion-4d675eb36e0f?source=rss------bug_bounty-5Rakeshbugbounty-writeup, bug-bounty19-May-2024
How I Found Multiple Vulnerabilities on Dutch Governmenthttps://medium.com/@neupanesindhu3/how-i-found-multiple-vulnerabilities-on-dutch-government-438059bcf88d?source=rss------bug_bounty-5sindhuneupanebug-bounty, swag, writeup, bug-hunting, infosec19-May-2024
How I Find Another Arbitrary File Upload Vulnerability and Bypass the Patch Twicehttps://medium.com/@zpbrent/how-i-find-another-arbitrary-file-upload-vulnerability-and-bypass-the-patch-twice-193eaaf0b8dc?source=rss------bug_bounty-5Peng Zhouwordpress-plugins, infosec, bug-bounty, wordpress, web-security19-May-2024
How I got an High IDOR + PII in few minutes. Bounty: €500https://medium.com/@ivoaabreu/how-i-got-an-high-idor-pii-in-few-minutes-bounty-500-88833b6e1807?source=rss------bug_bounty-5Ivoabreuidor, bug-bounty19-May-2024
JavaScript tools for BugBounty 2024https://medium.com/@logicTech/javascript-tools-for-bugbounty-2024-fc281111c7c0?source=rss------bug_bounty-5LogicTechtools-and-resources, osint, hacking, hacker, bug-bounty19-May-2024
VulnCon 2024 CTF — Internal Leakshttps://medium.com/@pphreak313/vulncon-2024-ctf-internal-leaks-0a7bf21bf96d?source=rss------bug_bounty-5Shlok Kctf-writeup, ctf, ctf-walkthrough, vulncon, bug-bounty19-May-2024
A basic Android Pentest Lab Setuphttps://medium.com/@majix_de/a-basic-android-pentest-lab-setup-e601c22c71ae?source=rss------bug_bounty-5Majixsetup-guide, android, pentest, bug-bounty, pentesting19-May-2024
22.5 Lab: JWT authentication bypass via jku header injectionhttps://cyberw1ng.medium.com/22-5-lab-jwt-authentication-bypass-via-jku-header-injection-1ec5032245b3?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, hacking, bug-bounty, careers19-May-2024
22.6 Lab: JWT authentication bypass via kid header path traversalhttps://cyberw1ng.medium.com/22-6-lab-jwt-authentication-bypass-via-kid-header-path-traversal-3f4392547f7d?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, hacking, careers19-May-2024
First bug on VDP programhttps://medium.com/@devMRT/first-bug-on-vdp-program-0f9e0baf43c7?source=rss------bug_bounty-5devMRTbug-bounty, bugbounty-writeup, bug-bounty-tips19-May-2024
HOW I HACKED INTO HARVARD UNIVERSITY’S DIGITAL INFRASTRUCTURE -Cycus Pectushttps://medium.com/@pectuscycus/how-i-hacked-into-harvard-universitys-digital-infrastructure-cycus-pectus-5d5e65e74a61?source=rss------bug_bounty-5Cycus Pectushacking, cybersecurity, bug-bounty-tips, ethical-hacking, bug-bounty18-May-2024
Mastering Network Scanning: Exploring Essential Nmap Commands (Part -2) :-https://medium.com/@shaikhwasim8120/mastering-network-scanning-exploring-essential-nmap-commands-part-2-9d24e2291fb6?source=rss------bug_bounty-5Wasim Shaikhcybersecurity, ethical-hacking, nmap-command, bug-bounty, penetration-testing18-May-2024
Mastering Network Scanning: Exploring Essential Nmap Commands :-https://medium.com/@shaikhwasim8120/mastering-network-scanning-exploring-essential-nmap-commands-3843f01e419e?source=rss------bug_bounty-5Wasim Shaikhcybersecurity, bug-bounty, nmap-command, penetration-testing, ethical-hacking18-May-2024
22.4 Lab: JWT authentication bypass via jwk header injectionhttps://cyberw1ng.medium.com/22-4-lab-jwt-authentication-bypass-via-jwk-header-injection-0bddcdbb2f31?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, hacking, cybersecurity, careers18-May-2024
Analyzing JavaScript Files To Find Bugshttps://rajput623929.medium.com/analyzing-javascript-files-to-find-bugs-2b7d67a52c4e?source=rss------bug_bounty-5Mr.Horbiobug-bounty, hacking, bug-bounty-tips, cybersecurity, ethical-hacking18-May-2024
Interesting .DS_Store finding worth $$$https://medium.com/@akrachliy/interesting-ds-store-finding-worth-6ee7cc46458d?source=rss------bug_bounty-5Yassine Akrachlibug-bounty, hacking, ethical-hacking, python, enumeration18-May-2024
Pay 0$, Get ∞ books!https://medium.com/@karimelsayed0x1/pay-0-get-books-0e093a5eb0de?source=rss------bug_bounty-5z3r0xkpenetration-testing, cybersecurity, bug-bounty, bussines-logic, vulnerability18-May-2024
Found Bug: Cross-Site Scripting (XSS) in Laravel Debug Mode !!https://medium.com/@p.ra.dee.p_0xx01/found-bug-cross-site-scripting-xss-in-laravel-debug-mode-a91939284541?source=rss------bug_bounty-5Professor0xx01bug-bounty, information-security, laravel-framework, xss-attack, web-security18-May-2024
My 6 Month bug hunting journey, what to expect.https://medium.com/@tom.sh/my-6-month-bug-hunting-journey-what-to-expect-be7532e187d4?source=rss------bug_bounty-5Tomopinion, bug-bounty, bpp, hacking18-May-2024
Top 50 Ports & Vulnerabilityhttps://medium.com/@logicTech/top-50-ports-vulnerability-572de4274305?source=rss------bug_bounty-5LogicTechbug-bounty, osint, networking, vulnerability, hacking18-May-2024
Broken Object Level Authorization — BOLA (ex crAPI)https://medium.com/@amaraltohami30/broken-object-level-authorization-bola-ex-crapi-e5a0d30eed2b?source=rss------bug_bounty-5Ammar Ahmedpentesting, api, cybersecurity, hacking, bug-bounty18-May-2024
How a Single Parameter Led to Two ATO Caseshttps://cametom006.medium.com/how-a-single-parameter-led-to-two-ato-cases-c3cf2f4d00c2?source=rss------bug_bounty-5Fahad Faisalbug-bounty, hackerone, bug-bounty-tips, twitter18-May-2024
CVE-2023–52424: The WiFi SSID Confusion Attack Explainedhttps://infosecwriteups.com/cve-2023-52424-the-wifi-ssid-confusion-attack-explained-26e43f5cff40?source=rss------bug_bounty-5ElNiakwifi, bug-bounty, technology, cybersecurity, penetration-testing17-May-2024
The Hacker’s Mind -Recon Mind maphttps://medium.com/@tamhacker1/the-hackers-mind-recon-mind-map-39d14e3750fb?source=rss------bug_bounty-5Tahir Mujawarbug-bounty-writeup, mindmap, ethical-hacking, bug-bounty, cybersecurity17-May-2024
Simple Tips for Bug Bounty Beginners: Finding PII Vulnerabilitieshttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-pii-vulnerabilities-3db5a7151dd4?source=rss------bug_bounty-5Anish Narayanbug-bounty-writeup, bug-bounty, bug-bounty-hunting, cybersecurity, bug-bounty-tips17-May-2024
How I found my first mistake Or why you shouldn’t overlook the obvious.https://medium.com/@nagavicyn2/how-i-found-my-first-mistake-or-why-you-shouldnt-overlook-the-obvious-1f1d443afa6b?source=rss------bug_bounty-5Jioninbug-bounty, wordpress, first-bug, pentesting, cve17-May-2024
22.3 Lab: JWT authentication bypass via weak signing keyhttps://cyberw1ng.medium.com/22-3-lab-jwt-authentication-bypass-via-weak-signing-key-f49138b16441?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity17-May-2024
How to Know If Your Android Device Has Been Hacked and What to Do About Ithttps://rajput623929.medium.com/how-to-know-if-your-android-device-has-been-hacked-and-what-to-do-about-it-740ea5a18b9c?source=rss------bug_bounty-5Mr.Horbiohacking, phone-hacking, bug-bounty, cybersecurity, ethical-hacking17-May-2024
A Story of Zero-click complete Account Takeoverhttps://medium.com/@shravanisheshasai/a-story-of-zero-click-complete-account-takeover-650784c2d229?source=rss------bug_bounty-5Shravani_kbvulnerability, web-vulnerabilities, hacking, bug-bounty, ethical-hacking17-May-2024
Breaking Barriers: A Personal Journey Through the World of Bug Bounty Huntinghttps://medium.com/@un1tycyb3r/breaking-barriers-a-personal-journey-through-the-world-of-bug-bounty-hunting-a30331db12fa?source=rss------bug_bounty-5Un1tycyb3rbug-bounty16-May-2024
How to Create a Cloud Lab for Anonymous Bug Bounty Huntinghttps://medium.com/@paritoshblogs/how-to-create-a-cloud-lab-for-anonymous-bug-bounty-hunting-e80ed3a68d8c?source=rss------bug_bounty-5Paritoshcloud, hacking, ai, cybersecurity, bug-bounty16-May-2024
Discovery Worth $$$ in KYC Verification Feature : Bug Bountyhttps://medium.com/@srishavinkumar/unveiling-a-surprising-bug-in-kyc-verification-the-discovery-worth-a82f3282b033?source=rss------bug_bounty-5Sri Shavin Kumarbug-bounty-writeup, bug-bounty, infosec-write-ups, ethical-hacking, cybersecurity16-May-2024
Account takeover with a sad endinghttps://imwaiting18.medium.com/account-takeover-with-a-sad-ending-31ab82f09a5b?source=rss------bug_bounty-5imwaiting18bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips16-May-2024
Vulnerable WordPress April 2024 (Arasbaran)https://medium.com/@onhexgroup/vulnerable-wordpress-april-2024-arasbaran-e9ae2acb8898?source=rss------bug_bounty-5Onhexgroupwordpress, infosec, web-security, bug-bounty, nuclei-template16-May-2024
21.5 Lab: Stealing OAuth access tokens via an open redirect | 2024https://cyberw1ng.medium.com/21-5-lab-stealing-oauth-access-tokens-via-an-open-redirect-2024-88c3679cf0a3?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, penetration-testing, cybersecurity16-May-2024
Reflected XSS via Cache Poisoninghttps://medium.com/@majix_de/reflected-xss-via-cache-poisoning-5f57317b7c71?source=rss------bug_bounty-5Majixpenetration-testing, cache-poisoning, xs, bug-bounty, hacking16-May-2024
Reflected XSS to Account Takeoverhttps://medium.com/@majix_de/reflected-xss-to-account-takeover-0fc429be34e8?source=rss------bug_bounty-5Majixxs, account-takeover, bug-bounty, hacking, penetration-testing16-May-2024
How I got Critical IDOR in one of India’s Best Known Food Delivery Websitehttps://medium.com/@bajajkrrish11/how-i-got-critical-idor-in-one-of-indias-best-known-food-delivery-website-5349c521e44b?source=rss------bug_bounty-5Krrish Bajajbug-bounty-tips, bug-bounty-writeup, bug-bounty-program, bug-bounty, medium16-May-2024
How I Hacked One of These Big Companies (JS files analysis)https://l0da.medium.com/how-i-hacked-one-of-these-big-companies-js-files-analysis-7cf47372b642?source=rss------bug_bounty-5L0dabug-bounty, cybersecurity, hacking, penetration-testing, bug-bounty-tips16-May-2024
The Art of OSINT: Discovering Locations with Image Analysis and Aritifical Intelligence Toolshttps://medium.com/@enigma_/the-art-of-osint-discovering-locations-with-image-analysis-and-aritifical-intelligence-tools-820a4b74d426?source=rss------bug_bounty-5enigmahacking, osint, cybersecurity, bug-bounty, ai16-May-2024
How to execute a Proof of Concept (PoC) for any CVEshttps://medium.com/@CTRL2030/how-to-execute-a-proof-of-concept-poc-for-any-cves-e343cb528f2e?source=rss------bug_bounty-5CTRLsoc, penetration-testing, bug-bounty, cve, cybersecurity16-May-2024
Account takeover using Blind XSS?https://imwaiting18.medium.com/account-takeover-with-a-sad-ending-31ab82f09a5b?source=rss------bug_bounty-5imwaiting18bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips16-May-2024
Broken Access Control (IDOR) & Credential Leak at Legacy API Video Transcodehttps://medium.com/@blackarazi/broken-access-control-idor-credential-leak-at-legacy-api-video-transcode-9b5d729fb2d6?source=rss------bug_bounty-5Azhari Harahapbroken-access-control, api-security, application-security, bug-bounty, bug-bounty-writeup15-May-2024
CVE-2024–4761: Exploiting Chrome’s JavaScript Engine Highly Exploited (PoC presented)https://infosecwriteups.com/cve-2024-4761-exploiting-chromes-javascript-engine-highly-exploited-poc-presented-dcf9cab95c00?source=rss------bug_bounty-5ElNiakbug-bounty, google, penetration-testing, cybersecurity, javascript15-May-2024
How I Got My First Bounty: The Exciting Story of My Bug Bounty Breakthroughhttps://infosecwriteups.com/how-i-got-my-first-bounty-the-exciting-story-of-my-bug-bounty-breakthrough-d8391973ed41?source=rss------bug_bounty-5whit3ros3bug-bounty, graphql, bounty-program, hacking, bug-bounty-tips15-May-2024
Subdomain Takeover: What is It? How to Exploit? How to Find Them?https://medium.com/@dub-flow/subdomain-takeover-what-is-it-how-to-exploit-how-to-find-them-d2b6b82b155b?source=rss------bug_bounty-5Florian Walterbug-bounty, application-security, cybersecurity, penetration-testing, web-application-security15-May-2024
How I Was Able to Perform a Subdomain Takeover Attackhttps://medium.com/@karnrishabh25/subdomain-takeover-00d2c5599715?source=rss------bug_bounty-5Rishabh Karnbug-bounty, hacking, subdomain-takeover, bugs, attack15-May-2024
21.4 Lab: OAuth account hijacking via redirect_uri | 2024https://cyberw1ng.medium.com/21-4-lab-oauth-account-hijacking-via-redirect-uri-2024-4a8bfbb95d12?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, bug-bounty, hacking15-May-2024
Multiple Business Logic Errors in APPLE music/TV allowing bypass of parental controlshttps://medium.com/@sam0-0/multiple-business-logic-errors-in-apple-music-tv-allowing-bypass-of-parental-controls-0d870d4870c5?source=rss------bug_bounty-5Samapple, infosec, bug-bounty15-May-2024
Gaining Control: How Response Manipulation Leads to Higher Privileges (PoC)https://medium.com/@mrmaulik191/gaining-control-how-response-manipulation-leads-to-higher-privileges-394bdf5f552b?source=rss------bug_bounty-5Mr.MGcybersecurity-research, cybersecurity, privilege-escalation, bug-hunting, bug-bounty15-May-2024
A Arte de Explorar SQL Injection: Uma abordagem profundahttps://medium.com/@davidkarpinski1/sql-injection-masterclass-d68f65cd71ae?source=rss------bug_bounty-5David Eduardo Karpinskibug-bounty, hacking, sql, mysql, sql-injection15-May-2024
5 bugs in one program $$$https://el-cezeri.medium.com/5-bugs-in-one-program-80b550c06a67?source=rss------bug_bounty-5Samet Yiğitödülavcılığı, bug-bounty-tips, bug-bounty15-May-2024
XSS via HTML Injection in Chatbothttps://medium.com/@nidishms1999/xss-via-html-injection-in-chatbot-a24c4f25dc92?source=rss------bug_bounty-5Nidish Nkvapt, cybersecurity, bug-bounty15-May-2024
Why I want to become a bug bounty hunterhttps://medium.com/@riccilovesdogs/why-i-want-to-become-a-bug-bounty-hunter-135e4f584af6?source=rss------bug_bounty-5Riccibug-bounty, coding, make-money-online15-May-2024
XSS via HTML Injection in Chatbothttps://medium.com/@nidishms1999/xss-via-html-injection-in-chatbot-a24c4f25dc92?source=rss------bug_bounty-5Nidish Nkvapt, cybersecurity, hacking, bug-bounty15-May-2024
Walk Through of Bepractical.tech lab #2https://medium.com/@ross.jubert/walk-through-of-bepractical-tech-lab-2-bef06b00ccfc?source=rss------bug_bounty-5Ross Jubertethical-hacking, cybersecurity, bug-bounty, red-team, ethical-hacking-training14-May-2024
XSS on TikTokhttps://19whoami19.medium.com/xss-on-tiktok-d2aa209c746d?source=rss------bug_bounty-5WHO AM I ?bug-bounty-tips, cross-site-scripting, cybersecurity, bug-bounty, xss-attack14-May-2024
An Email Authentication Bypass, But Marked as N/A in NASA domainhttps://medium.com/@Ajakcybersecurity/an-email-authentication-bypass-but-marked-as-n-a-in-nasa-domain-a47977aed8bd?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, penetration-testing, cybersecurity, hacking, bug-bounty14-May-2024
An easy way to find bugs: Enter wrong datahttps://systemweakness.com/an-easy-way-to-find-bugs-enter-wrong-data-0765ed4e9afd?source=rss------bug_bounty-5Nasrinaudit, web-app-security, pentesting, bug-bounty14-May-2024
21.3 Lab: SSRF via OpenID dynamic client registration | 2024https://cyberw1ng.medium.com/21-3-lab-ssrf-via-openid-dynamic-client-registration-2024-c9ffd445e438?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity14-May-2024
JNDI Injection — The Complete Storyhttps://infosecwriteups.com/jndi-injection-the-complete-story-4c5bfbb3f6e1?source=rss------bug_bounty-5Pradeep Kumarjava, pentesting, bug-bounty, jndi, web-penetration-testing14-May-2024
Root user account takeover via SQL Injectionhttps://medium.com/@stopvvar/root-user-account-takeover-via-sql-injection-5c21a6091d4c?source=rss------bug_bounty-5SWsql-injection, hacking, bug-bounty, infose, sql-server13-May-2024
RCE Through Account Takeoverhttps://medium.com/@iamrajchavan/rce-through-account-takeover-10a938a241d9?source=rss------bug_bounty-5Rajdip Chavansecurity, vapt, bug-bounty, web-application-security13-May-2024
Root user account takeover via SQL Injectionhttps://infosecwriteups.com/root-user-account-takeover-via-sql-injection-5c21a6091d4c?source=rss------bug_bounty-5SWsql-injection, hacking, bug-bounty, infose, sql-server13-May-2024
Story of Hall of Fame in Red Hat Linuxhttps://medium.com/@hritombhattacharya029/story-of-hall-of-fame-in-red-hat-linux-e267b9f22d06?source=rss------bug_bounty-5Hritom Bhattacharyaredhat-linux, xss-vulnerability, bug-bounty, hall-of-fame, hacking13-May-2024
Unintended File Downloads in Remote Desktop Environments: A Security Vulnerabilityhttps://medium.com/@Wolverineisstillalive/unintended-file-downloads-in-remote-desktop-environments-a-security-vulnerability-04114297665a?source=rss------bug_bounty-5Sharkbug-bounty, cybersecurity, microsoft, red-team, pentesting13-May-2024
Week 1https://medium.com/@fulltimebughunter/week-1-bad3f3f9e214?source=rss------bug_bounty-5.bugs, bug-bounty-tips, infosec, bug-bounty, infosec-write-ups13-May-2024
21.2 Lab: Forced OAuth profile linking | 2024https://cyberw1ng.medium.com/21-2-lab-forced-oauth-profile-linking-2024-e625dcfc319b?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, hacking, cybersecurity13-May-2024
$350 bounty: How I Got It | Broken linked Hijackedhttps://deepseng.medium.com/350-bounty-how-i-got-it-broken-linked-hijacked-3e72511e2571?source=rss------bug_bounty-5Deep SenGuptacybersecurity, bug-bounty, broken-link-hijacking13-May-2024
How To Find And Test S3 Buckets For Bug Bountyhttps://medium.com/@dante.falls/how-to-find-and-test-s3-buckets-for-bug-bounty-b91166f9b4e0?source=rss------bug_bounty-5Dante Fallsaws, amazon-web-services, bug-bounty, cybersecurity, cloud-services13-May-2024
Broken Access Control leads to Take Admin Rolehttps://0xebn-taimia.medium.com/broken-access-control-leads-to-take-admin-role-920e46d496b9?source=rss------bug_bounty-50xEbn-Taimiapenetration-testing, bug-bounty-tips, cybersecurity, bug-bounty, hunting13-May-2024
403 Jump: HTTP 403 Bypass toolhttps://medium.com/@anzeemashib/403-jump-http-403-bypass-tool-8b17204110d9?source=rss------bug_bounty-5Itsmeanzeemtools, bug-bounty, 403-forbidden, penetration-testing, cybersecurity13-May-2024
How I Found My First RCE !https://mchklt.medium.com/how-i-found-my-first-rce-f80073626fff?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAapache, cyberattack, cybersecurity, bug-bounty, hacking13-May-2024
Hundreds of companies’ internal data exposed — Part 2: The FreshService misconfigurationhttps://infosecwriteups.com/hundreds-of-companies-internal-data-exposed-part-2-the-freshservice-misconfiguration-a9432c0b5dc8?source=rss------bug_bounty-5Mohammed Moiz Pashabug-bounty, security, hacking, vulnerability, ethical-hacking13-May-2024
$350 bounty: How I Got It | Broken linked Hijackedhttps://deepseng.medium.com/350-bounty-how-i-got-it-broken-linked-hijacked-31bfbc15ac0e?source=rss------bug_bounty-5Deep SenGuptabroken-link-hijacking, cybersecurity, bug-bounty, burpsuite13-May-2024
How I found a IDOR at Monitor Mozilla ?https://medium.com/@abnid312/how-i-found-a-idor-at-monitor-mozilla-313fc6c52f25?source=rss------bug_bounty-5ryujinxbug-bounty, bug-hunter, information-technology, info-sec-writeups, hackerone13-May-2024
ZoneTransfer — ./Hopehttps://ezecias.medium.com/zonetransfer-hope-6261d5c7ac0a?source=rss------bug_bounty-5Ezeciasbug-bounty-tips, tools, bug-bounty13-May-2024
How I Found My First RCE !https://mchklt.medium.com/how-i-found-my-first-rce-f80073626fff?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAapache, cyberattack, cybersecurity, bug-bounty, hacking13-May-2024
A simple file upload bypass causing XSS attackhttps://medium.com/@xiaodongsec/a-simple-file-upload-bypass-causing-xss-attack-6cbbb4c42070?source=rss------bug_bounty-5Xiaodongxss-attack, bypass, vulnerability, bug-bounty, hacker12-May-2024
Read Code Like a Hacker With SASThttps://medium.com/@matejsmycka/read-code-like-a-hacker-with-sast-28dab6506e45?source=rss------bug_bounty-5Matejsmyckabug-bounty, static-code-analysis, testing, ethical-hacking, hacking12-May-2024
How I Found PII Disclosure of Users & PHPInfo() Page :: #NCIIPC #RVDPhttps://medium.com/@p.ra.dee.p_0xx01/how-i-found-pii-disclosure-of-users-phpinfo-page-nciipc-rvdp-58bec4ba27da?source=rss------bug_bounty-5Professor0xx01security, ethical-hacking, infosec, cybersecurity, bug-bounty12-May-2024
24.15 Lab: HTTP request smuggling, obfuscating the TE header | 2024https://cyberw1ng.medium.com/24-15-lab-http-request-smuggling-obfuscating-the-te-header-2024-efdbc0698848?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, cybersecurity, hacking, careers12-May-2024
Hacking more than 130 000 car worldwide in 5 minuteshttps://ahmadmansourr.medium.com/hacking-more-than-130-000-car-worldwide-in-5-minutes-766e76003c67?source=rss------bug_bounty-5Ahmad Mansourbug-bounty, bug-bounty-tips, cybersecurity, pentesting12-May-2024
16 Times Forced Browsing Leads to Authentication bypass [ 300$ Bounty ]https://medium.com/@jav333d/16-times-forced-browsing-leads-to-authentication-bypass-300-bounty-efc8bd52d310?source=rss------bug_bounty-5Javeed.skauthentication-bypass, bugs, ethical-hacking, bug-bounty-tips, bug-bounty12-May-2024
Breaking Down DOM-based XSS: A Practical Explorationhttps://medium.com/@osamaavvan/breaking-down-dom-based-xss-a-practical-exploration-929d44f10906?source=rss------bug_bounty-5Osama Avvanxss-attack, dom-xss, bug-bounty, cybersecurity, javascript11-May-2024
My LLM Bug Bounty Journey on Hugging Face Hub via Protect AIhttps://infosecwriteups.com/my-llm-bug-bounty-journey-on-hugging-face-hub-via-protect-ai-9f3a1bc72c2e?source=rss------bug_bounty-5Peng Zhouprotect-ai, hugging-face, bug-bounty, llm-security, ai-security11-May-2024
NMAP Command Optionshttps://medium.com/@sherlock297/nmap-command-options-114b7582b993?source=rss------bug_bounty-5Ravindra Dagalenmap, commands, information-security, bug-bounty, vulnerability11-May-2024
#2. Bug Bounty POC: Time-Based SQL Injection to Dump Databasehttps://cyb3rmind.medium.com/2-bug-bounty-poc-time-based-sql-injection-to-dump-database-f8cfa089f393?source=rss------bug_bounty-5Cyb3r M!ndssqli, hacking, pentesting, bug-bounty, sql-injection11-May-2024
24.14 Lab: HTTP request smuggling, basic TE.CL vulnerability | 2024https://cyberw1ng.medium.com/24-14-lab-http-request-smuggling-basic-te-cl-vulnerability-2024-f0159b2569d0?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, cybersecurity, bug-bounty11-May-2024
Exploiting Acunetix Vulnweb SQL Injectionhttps://medium.com/@davidkarpinski1/exploiting-acunetix-vulnweb-sql-injection-5fa5c24b2466?source=rss------bug_bounty-5David Eduardo Karpinskisql, hacking, mysql, bug-bounty, sql-injection11-May-2024
Unveiling an Account Takeover Vulnerability in a Leading Automobile Brandhttps://medium.com/@anekantsinghai/unveiling-an-account-takeover-vulnerability-in-a-leading-automobile-brand-aa41a4e94bfb?source=rss------bug_bounty-5Anekant Singhai Jaininfosec, hacking, bug-bounty, cybersecurity, bug-bounty-tips11-May-2024
دي روود ماب علشان تبدا web pentesthttps://medium.com/@akaramany3/%D8%AF%D9%8A-%D8%B1%D9%88%D9%88%D8%AF-%D9%85%D8%A7%D8%A8-%D8%B9%D9%84%D8%B4%D8%A7%D9%86-%D8%AA%D8%A8%D8%AF%D8%A7-web-pentest-91ea9560dbf6?source=rss------bug_bounty-509x99python, cybersecurity, bug-bounty, web-development, javascript11-May-2024
Mastering Subdomain Takeovershttps://tanishqshahsays.medium.com/mastering-subdomain-takeovers-c9a531fe5d3b?source=rss------bug_bounty-5Tanishq Sachin Shahbug-bounty, bugs, vulnerability, subdomain, cybersecurity11-May-2024
Linux Privilege Escalation — Capstone Challenge | TryHackMehttps://medium.com/@NoOne./linux-privilege-escalation-capstone-challenge-tryhackme-e69c798204bc?source=rss------bug_bounty-5Asim Anwarhacking, privilege-escalation, linux, bug-bounty, tryhackme11-May-2024
4 XSSs With A Simple & Optimized Payloadhttps://levelup.gitconnected.com/4-xsss-with-a-simple-optimized-payload-900753538e90?source=rss------bug_bounty-5Hamza Avvanethical-hacking, xss-uppercase-bypass, bug-bounty, xss-attack, cybersecurity11-May-2024
My Hunt: Discovering Microsoft Bugshttps://infosecwriteups.com/my-hunt-discovering-microsoft-bugs-f6a9c790bec0?source=rss------bug_bounty-5c0d3x27microsoft, hacking, bug-bounty, software-development, cybersecurity11-May-2024
Today I am going to walk through bepractical.techhttps://medium.com/@ross.jubert/today-i-am-going-to-walk-through-bepractical-tech-c15e1df8aa06?source=rss------bug_bounty-5Ross Jubertcybersecurity, bug-bounty, ethical-hacking, account-takeover, account-takeover-attacks11-May-2024
Exploiting Acunetix Vulnweb SQL Injectionhttps://systemweakness.com/exploiting-acunetix-vulnweb-sql-injection-5fa5c24b2466?source=rss------bug_bounty-5David Eduardo Karpinskisql, hacking, mysql, bug-bounty, sql-injection11-May-2024
IDOR and Missing Authorization leads to free contenthttps://medium.com/@enigma_/idor-and-missing-authorization-leads-to-free-content-b12037a887a0?source=rss------bug_bounty-5enigmacybersecurity, hacking, idor, oscp, bug-bounty10-May-2024
How I Discovered a CVE by Scanning Open Source Repositorieshttps://infosecwriteups.com/how-i-discovered-a-cve-by-scanning-open-source-repositories-a5922d21b797?source=rss------bug_bounty-5Scott Lindhbug-bounty, xss-attack, open-source, application-security, hacking10-May-2024
CSRF Bypass Combined with IDOR To Complete Account Takeover!https://medium.com/@ozomarzu/csrf-bypass-combined-with-idor-to-complete-account-takeover-f4995c5946d3?source=rss------bug_bounty-5CyberOzcybersecurity, idor, bug-bounty-writeup, bug-bounty-tips, bug-bounty10-May-2024
24.13 Lab: HTTP request smuggling, basic CL.TE vulnerability | 2024https://cyberw1ng.medium.com/24-13-lab-http-request-smuggling-basic-cl-te-vulnerability-2024-862e743cb078?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, bug-bounty, cybersecurity10-May-2024
A Strange Tale of Email Verification Bypasshttps://medium.com/@Arioex/a-strange-tale-of-email-verification-bypass-5eda231d14d8?source=rss------bug_bounty-5Huntsmanbug-bounty-writeup, cybersecurity, vulnerability, bug-bounty, hacking10-May-2024
Linux Privilege Escalation | TryHackMe — Part 2https://medium.com/@NoOne./linux-privilege-escalation-tryhackme-part-2-9a4cddba01ab?source=rss------bug_bounty-5Asim Anwarbug-bounty, tryhackme, linux, privilege-escalation, hacking10-May-2024
From Novice to Ninja: Unraveling Bug Bounty Beginnings through Cache Poisoninghttps://cametom006.medium.com/from-novice-to-ninja-unraveling-bug-bounty-beginnings-through-cache-poisoning-40de3f8fd211?source=rss------bug_bounty-5Fahad Faisalhackerone, bug-bounty, security, bug-bounty-tips10-May-2024
Database Info Disclose by Client-Side DOShttps://starlox.medium.com/database-info-disclose-by-client-side-dos-7fb25a26fae8?source=rss------bug_bounty-5#$ubh@nk@rdos-attack, infosec, hacking, bug-bounty10-May-2024
Inside the Life of a Full-Time Bug Hunter: Weekly Insights and Goalshttps://medium.com/@fulltimebughunter/inside-the-life-of-a-full-time-bug-hunter-weekly-insights-and-goals-6da07694fb0d?source=rss------bug_bounty-5.cybersecurity, bug-bounty, bug-bounty-tips, infosec, hacking09-May-2024
XSS | Here’s how I got my first bountyhttps://medium.com/@sM0ky4/xss-heres-how-i-got-my-first-bounty-4f64785fe6f8?source=rss------bug_bounty-5sM0ky4bug-bounty-writeup, bug-bounty, xss-vulnerability, xss-attack, first-post09-May-2024
idor affects all usershttps://medium.com/@mohamadfadelababede/how-are-you-my-friends-d60c44c29da0?source=rss------bug_bounty-5Mohamad Fade Lababedebug-bounty09-May-2024
24.12 Lab: CL.0 request smuggling | 2024https://cyberw1ng.medium.com/24-12-lab-cl-0-request-smuggling-2024-5b480979e285?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking09-May-2024
idor affects all usershttps://medium.com/@mohamadfadelababede/idor-affects-all-users-d3f3f12a11c2?source=rss------bug_bounty-5Mohamad Fade Lababedebug-bounty09-May-2024
HOW I FOUND MY FIRST BUGhttps://medium.com/@irenevenunye55/how-i-found-my-first-bug-7d66915a3fbb?source=rss------bug_bounty-5Irene Venunyebug-bounty, bug-bounty-hunting, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program09-May-2024
Fingerprinting♨♨: Identifying Technologies Of Our Target.https://hacktivistattacker.medium.com/fingerprinting-identifying-technologies-of-our-target-d3b0c021da0f?source=rss------bug_bounty-5Hacktivist-Attackerfingerprinting, fingerprint-system, bug-bounty, penetration-test, reconnaissance09-May-2024
Linux Privilege Escalation | TryHackMe — Part 1https://medium.com/@NoOne./linux-privilege-escalation-tryhackme-part-1-f0ae442e6864?source=rss------bug_bounty-5Asim Anwarbug-bounty, hacking, tryhackme, privilege-escalation, linux09-May-2024
How I Found XSS In Another Govt. Site :: NCIIPC VDP !!https://medium.com/@p.ra.dee.p_0xx01/how-i-found-xss-in-another-govt-site-nciipc-vdp-84d78c0319c2?source=rss------bug_bounty-5Professor0xx01infosec, security, information-security, bug-bounty, security-research09-May-2024
An easy bounty using fuzzinghttps://medium.com/@xnum.1/an-easy-bounty-using-fuzzing-d602ad06f562?source=rss------bug_bounty-5Ahmed Tarekbug-bounty, hacking, penteration-testing, fuzzing, pentesting09-May-2024
Exploiting JWT Token Leads To IDORhttps://medium.com/@Ajakcybersecurity/exploiting-jwt-token-leads-to-idor-ec48cb8888bb?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, hacking, cybersecurity, ethical-hacking, bug-bounty09-May-2024
Simple bug on Indian government website | Govt. bug huntinghttps://medium.com/@sidharthpanda1/simple-bug-on-indian-government-website-govt-bug-hunting-0522af40a6ff?source=rss------bug_bounty-5SIDHARTH PANDAbug-bounty, government, indian, hacking, bug-bounty-tips08-May-2024
ETHICAL AND LEGAL ASPECTS OF BUG HUNTING: RESPONSIBLE DISCLOSURE, SCOPE, NDA AND OTHERShttps://medium.com/@Progsky/ethical-and-legal-aspects-of-bug-hunting-responsible-disclosure-scope-nda-and-others-4832b13a1622?source=rss------bug_bounty-5Progskydocumentation, bug-bounty, contracts, ethical-hacking08-May-2024
NCIIPC VDP Bug : Open Redirection Vulnerability In Govt. Site !!https://medium.com/@p.ra.dee.p_0xx01/nciipc-vdp-bug-open-redirection-vulnerability-in-govt-site-b048860f5d2d?source=rss------bug_bounty-5Professor0xx01bug-bounty, security, vulnerability, information-security, infosec08-May-2024
Revealing a Critical Vulnerability: The Price Manipulation Flawhttps://medium.com/@pawarpushpak36/revealing-a-critical-vulnerability-the-price-manipulation-flaw-cfd640cacf46?source=rss------bug_bounty-5Pawarpushpakpenetration-testing, info-sec-writeups, pentesting, bug-zero, bug-bounty08-May-2024
Unlocking Bug Bounties: Your Comprehensive Guide to Getting Startedhttps://medium.com/@sachin.hack/unlocking-bug-bounties-your-comprehensive-guide-to-getting-started-427a51d7e875?source=rss------bug_bounty-5Sachin Kumarfor-beginners, bug-bounty-tips, bug-bounty, cybersecurity, begineers08-May-2024
24.11 Lab: HTTP/2 request splitting via CRLF injection |2024https://cyberw1ng.medium.com/24-11-lab-http-2-request-splitting-via-crlf-injection-2024-ddb2adaf0cce?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, careers, penetration-testing08-May-2024
Hack Any Browser With One Linkhttps://medium.com/@vishalchaudharydevsec/hack-any-browser-with-one-link-8d890b804627?source=rss------bug_bounty-5Vishal Chaudharysecurity, hacking, cybersecurity, beef, bug-bounty08-May-2024
Exposed Key In Page Source Led To Bypass Captchahttps://medium.com/@mohanad.hussam23/exposed-key-in-page-source-led-to-bypass-captcha-add64f8d133b?source=rss------bug_bounty-5Muhanad Israiwihacking, captcha, bug-bounty, bugs, penetration-testing08-May-2024
Writing your First Nuclei Templatehttps://medium.com/@technolifts/writing-your-first-nuclei-template-f88575635ea8?source=rss------bug_bounty-5TechnoLiftsnucleus, nuclei-template, cybersecurity, offensive-security, bug-bounty08-May-2024
XSS vulnerability caused by modifying the Content-Typehttps://medium.com/@xiaodongsec/xss-vulnerability-caused-by-modifying-the-content-type-5118e2d02286?source=rss------bug_bounty-5Xiaodongvulnerability, xss-attack, money, bug-bounty, hacker08-May-2024
Modify the request path to bypass upload restrictions, leading to an XSS vulnerability.https://medium.com/@xiaodongsec/modify-the-request-path-to-bypass-upload-restrictions-leading-to-an-xss-vulnerability-0610a893ff1a?source=rss------bug_bounty-5Xiaodongmoney, hacker, vulnerability, bug-bounty, xss-attack08-May-2024
An easily accomplished account takeoverhttps://medium.com/@xiaodongsec/an-easily-accomplished-account-takeover-cc2fd1c287ec?source=rss------bug_bounty-5Xiaodongbug-bounty, hacker, china, money, vulnerability07-May-2024
Title: Understanding Vertical Privilege Escalation in Cybersecurityhttps://alvinbijo.medium.com/title-understanding-vertical-privilege-escalation-in-cybersecurity-2a12c42f8d83?source=rss------bug_bounty-5Alvin bijobug-bounty07-May-2024
24.10 Lab: HTTP/2 request smuggling via CRLF injection | 2024https://cyberw1ng.medium.com/24-10-lab-http-2-request-smuggling-via-crlf-injection-2024-8970aa222b46?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, bug-bounty, penetration-testing, careers07-May-2024
Securitydegen.com Feature Update!https://medium.com/@bugbountydegen/securitydegen-com-feature-update-d0bda8b236c0?source=rss------bug_bounty-5Bug Bounty Degenvulnerability, web3, blockchain-security-audit, bug-bounty, smart-contracts07-May-2024
A Thrilling Dive into Cloud Penetration Testinghttps://adipsharif.medium.com/a-thrilling-dive-into-cloud-penetration-testing-fc88855f7f15?source=rss------bug_bounty-5ADIPbug-bounty, information-security, cloud, info-sec-writeups, penetration-testing07-May-2024
Threat Modeling for OAuth 2.0 Authorization Frameworkhttps://medium.com/@jayeshkunwal/threat-modeling-for-oauth-2-0-authorization-framework-fcab66226fd7?source=rss------bug_bounty-5Jayesh kunwalthreat-modeling, bug-bounty, oauth, cybersecurity, vapt07-May-2024
How I got $250 for IDOR via Business Logic Errorhttps://medium.com/@aryamanav.028/how-i-got-250-for-idor-via-business-logic-error-f3ba502baa5e?source=rss------bug_bounty-5Manav Aryacybersecurity, information-security, vulnerability, bug-bounty, bugcrowd07-May-2024
Athena TryHackMe Walkthroughhttps://medium.com/@boogsta/athena-tryhackme-walkthrough-58eb432f0daa?source=rss------bug_bounty-5Boogstacybersecurity, bug-bounty, hacking, tryhackme, cyber07-May-2024
A Comprehensive Review of the Guided Hacking Forumhttps://medium.com/@yannik603/a-comprehensive-review-of-the-guided-hacking-forum-918231ab4f68?source=rss------bug_bounty-5Yannik Castroreverse-engineering, bug-bounty, games, ctf, hacking07-May-2024
IDN Bootcamp Bug Bounty : Langkah awal Menjadi Bug Hunterhttps://medium.com/@cornelius.yuli.r/idn-bootcamp-bug-bounty-langkah-awal-menjadi-bug-hunter-a1fce0850681?source=rss------bug_bounty-5Corneliusidn-bootcamp, bug-bounty06-May-2024
Crypto bounty program got me $500 — Rate Limit Bypasshttps://mo9khu93r.medium.com/crypto-bounty-program-got-me-500-rate-limit-bypass-d573f7b7d390?source=rss------bug_bounty-5mo9khu93rcryptocurrency, security, hacking, web3, bug-bounty06-May-2024
IDN Bootcamp Bug Bounty : Langkah awal Menjadi Bug Hunterhttps://cornelius-y.medium.com/idn-bootcamp-bug-bounty-langkah-awal-menjadi-bug-hunter-a1fce0850681?source=rss------bug_bounty-5Cornelius Yuliidn-bootcamp, bug-bounty06-May-2024
Bounty Beginnings: My First Bug Discoveryhttps://cyberojas.medium.com/bounty-beginnings-my-first-bug-discovery-c4fea0b0c5c3?source=rss------bug_bounty-5cyberOjasbug-bounty, vulnerability, bugcrowd06-May-2024
Web3 Bug Bounty V/S Smart Contract Auditinghttps://securrtech.medium.com/web3-bug-bounty-v-s-smart-contract-auditing-94207960469d?source=rss------bug_bounty-5Securrblockchain, smart-contract-auditing, bug-bounty, web3, web3-security06-May-2024
alasan ingin belajar bug bounty IDN bootcamphttps://medium.com/@ilhamsabana100/alasan-ingin-belajar-bug-bounty-idn-bootcamp-abf359e6a628?source=rss------bug_bounty-5Ilhamsabanabug-bounty06-May-2024
Blog mengenai saya sebagai syarat Bug Bounty IDN Bootcamphttps://medium.com/@081335097475a/blog-mengenai-saya-sebagai-syarat-bug-bounty-idn-bootcamp-ba3a6d8cdf36?source=rss------bug_bounty-5Mohamad Fachry Alicybersecurity, bug-bounty06-May-2024
Pengalaman saya dibidang CyberSecurityhttps://medium.com/@ahmadfauzyhafidz/pengalaman-saya-dibidang-cybersecurity-6919e17302d8?source=rss------bug_bounty-5Ahmad Fauzy Hafidzcoding, cybersecurity, bug-bounty, capture-the-flag06-May-2024
My Journey to Become a Bug Hunters | Bug Bounty IDN Bootcamphttps://wahyukiddies.medium.com/my-journey-to-become-a-bug-hunters-bug-bounty-idn-bootcamp-9cc04860c874?source=rss------bug_bounty-5Wahyu Priambodotechnology, bug-bounty, experience, cybersecurity, bootcamp06-May-2024
Bug bounty IDN Bootcamp: Perjalanan menjadi pentester dan bug hunterhttps://medium.com/@rizkiarifsaifudin/bug-bounty-idn-bootcamp-perjalanan-menjadi-pentester-dan-bug-hunter-bf4eee8b64f5?source=rss------bug_bounty-5Rizki Arif Saifudinprogramming, bug-bounty, linux, cybersecurity06-May-2024
Pengalaman Menemukan Celah Keamanan (Bug) Pada Sebuah Website (Prelude Bug Bounty IDN Bootcamp)https://medium.com/@nugrohoandyreza/pengalaman-menemukan-celah-keamanan-bug-pada-sebuah-website-prelude-bug-bounty-idn-bootcamp-7c4d6ad2af1f?source=rss------bug_bounty-5Andy R. Nugrohobug-bounty06-May-2024
Guide To Subdomain Takeovers: DNS Resolutions:-Vertical Recon.https://hacktivistattacker.medium.com/dns-resolutions-guide-to-subdomain-takeovers-vertical-recon-9da92433e973?source=rss------bug_bounty-5Hacktivist-Attackerreconnaissance, subdomain-takeover, penetration-testing, subdomain, bug-bounty06-May-2024
Network Infrastructure Reconhttps://medium.com/@davidkarpinski1/network-infrastructure-recon-3d5741eec73b?source=rss------bug_bounty-5David Eduardo Karpinskidns, hacking, networking, cybersecurity, bug-bounty06-May-2024
BugBountyTraining Lab: FastFoodHackings Part 1https://hoppp3r.medium.com/bugbountytraining-lab-fastfoodhackings-part-1-39a7b06fdef9?source=rss------bug_bounty-5Hoppp3rbug-bounty-writeup, bugbountytraining, fastfoodhackings, bug-bounty, bug-bounty-labs05-May-2024
Bug Bounty IDN Bootcamphttps://medium.com/@nurdin8/bug-bounty-idn-bootcamp-dffeeba84854?source=rss------bug_bounty-5Senudin Nurdinbug-bounty05-May-2024
‍ Hack Like a Pro: Precon’s Simple Subdomain Secretshttps://medium.com/@tamhacker1/hack-like-a-pro-precons-simple-subdomain-secrets-a87e5b741b0b?source=rss------bug_bounty-5Tamhackerethical-hacking, bug-bounty, hacker, hacking, cybersecurity05-May-2024
Exposing Information Of All Users “Email,Mobile Number ..etc”https://medium.com/@dr4040x00/exposing-information-of-all-users-email-mobile-number-etc-697c328e0584?source=rss------bug_bounty-5Dr404information-disclosure, web-pen-testing, bug-bounty, bug-bounty-tips05-May-2024
24.9 Lab: H2.CL request smuggling | 2024https://cyberw1ng.medium.com/24-9-lab-h2-cl-request-smuggling-2024-792b86db2c2a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, cybersecurity, hacking05-May-2024
An Impactful ‘No Rate Limiting’ Bughttps://medium.com/@duncanochieng682/an-impactful-no-rate-limiting-bug-29eb5158fd14?source=rss------bug_bounty-5JateloCybersecethical-hacking, web-app-security, bug-bounty, pentesting, bugs05-May-2024
Information gathering with OSINThttps://medium.com/@davidkarpinski1/information-gathering-with-osint-3b8af60a194d?source=rss------bug_bounty-5David Eduardo Karpinskihacking, osint, bug-bounty, cybersecurity, pentesting05-May-2024
JS-Snooper: Get More Bounty With Easy Bugshttps://aravind07.medium.com/js-snooper-get-more-bounty-with-easy-bugs-9d7b410f070e?source=rss------bug_bounty-5Gnana Aravind Kcybersecurity, infosec, bug-bounty, bug-bounty-tips, hacking05-May-2024
Proxying Web Traffic Via SSHhttps://medium.com/@mu.gl/proxying-web-traffic-via-ssh-f3cf09c35d46?source=rss------bug_bounty-5Mark El-Khourybug-bounty, ssh, pentesting, cybersecurity, infosec04-May-2024
LEARNING THE BUG BOUNTY PROGRAMhttps://medium.com/@basithrazaky/learning-the-bug-bounty-program-ffdfc54b3dee?source=rss------bug_bounty-5Ramadhani Basith Razakycapture-the-flag, bug-bounty, cybersecurity, linux, networking04-May-2024
24.8 Lab: Response queue poisoning via H2.TE request smuggling | 2024https://cyberw1ng.medium.com/24-8-lab-response-queue-poisoning-via-h2-te-request-smuggling-2024-33bdb4b56b0b?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, hacking, bug-bounty04-May-2024
# Certifcateshttps://medium.com/@scumdestroy/certifcates-f51eace48a7e?source=rss------bug_bounty-5penetration-testing, bug-bounty, recon, hacking, reconnaissance04-May-2024
Get Your First Award by Joining IDN Bootcamp Bug Bountyhttps://medium.com/@oktaa_/get-your-first-award-by-joining-idn-bootcamp-bug-bounty-7dd927ebe6b3?source=rss------bug_bounty-5oktabug-bounty, linux, network, penetration-testing, hacker04-May-2024
Alasan Kenapa Ingin Mengikuti “Bootcamp Bug Bounty IDN”https://medium.com/@naurayaffakamila/alasan-kenapa-ingin-mengikuti-bootcamp-bug-bounty-idn-2d4a5889518c?source=rss------bug_bounty-5Naursyy_bug-bounty, technology, cybersecurity04-May-2024
LEARNING BUG BOUNTY IDN BOOTCAMPhttps://medium.com/@basithrazaky/learning-the-bug-bounty-program-ffdfc54b3dee?source=rss------bug_bounty-5Ramadhani Basith Razakycapture-the-flag, bug-bounty, cybersecurity, linux, networking04-May-2024
24.7 Lab: Exploiting HTTP request smuggling to deliver reflected XSS | 2024https://cyberw1ng.medium.com/24-7-lab-exploiting-http-request-smuggling-to-deliver-reflected-xss-2024-334de5c0d400?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, cybersecurity, careers, hacking03-May-2024
Empire Breakout Vulnhub: WriteUp | Walkthrough | VulnHub CTF | Privilege Escalation Attack | Python…https://shamsulmehmood.medium.com/empire-breakout-vulnhub-writeup-walkthrough-vulnhub-ctf-privilege-escalation-attack-python-235087d3db54?source=rss------bug_bounty-5SHAMS UL MEHMOODcybersecurity, information-security, cyberattack, infosec, bug-bounty03-May-2024
Unleashing the Ethical Hacker Within: Cybersecurity Insights, Bug Bounty Tips, and the Art of…https://kd-200.medium.com/unleashing-the-ethical-hacker-within-cybersecurity-insights-bug-bounty-tips-and-the-art-of-2ebdb65a9ff3?source=rss------bug_bounty-5Nitin yadavtech, infosec, technology, bug-bounty, cybersecurity03-May-2024
3 easiest bugs that you can find right now [guarantied]https://medium.com/@deadoverflow/3-easiest-bugs-that-you-can-find-right-now-guarantied-71ef89efd1a7?source=rss------bug_bounty-5Imad Husanoviccybersecurity, hacking, bug-bounty-tips, programming, bug-bounty03-May-2024
Why and how to hide usernames on your WordPresss.https://medium.com/@izmir.suat/why-and-how-to-hide-usernames-on-your-wordpresss-b01320642838?source=rss------bug_bounty-5Izmir Suatwordpress, bug-bounty, information-security, pentest03-May-2024
XSS leads to HALL OF FAME on a French websitehttps://medium.com/@KaranMoudgil/xss-leads-to-hall-of-fame-on-a-french-website-95bd3a96ad24?source=rss------bug_bounty-5Karan Moudgilbug-bounty03-May-2024
Alasan saya ingin megikuti Bug Bounty IDN Bootcamphttps://wildan14ar.medium.com/alasan-saya-ingin-megikuti-bug-bounty-idn-bootcamp-339aa385b45b?source=rss------bug_bounty-5WILDAN ABDURRASYIDbootcamp, bug-bounty, idn, cybersecurity, sytem03-May-2024
How I bypassed OTP in unexpected wayhttps://medium.com/@ckachhadiya007/how-i-bypassed-otp-in-unexpected-way-2d4b478db512?source=rss------bug_bounty-5DEephacking, bug-bounty, red-team, cybersecurity, vulnerability03-May-2024
Real World GitLab Account Take Overhttps://medium.com/@red.whisperer/real-world-gitlab-account-take-over-b2e9896a1835?source=rss------bug_bounty-5Chuxhacking, cybersecurity, infosec, red-team, bug-bounty03-May-2024
IDOR lead to PII Disclosurehttps://medium.com/@karimelsayed0x1/idor-lead-to-pii-disclosure-121502394277?source=rss------bug_bounty-5z3r0xkidor, bug-bounty, web-security03-May-2024
How I Bypassed Rate limiting To Account Takeoverhttps://medium.com/@Ajakcybersecurity/how-i-bypassed-rate-limiting-to-account-takeover-1df722a527d5?source=rss------bug_bounty-5AjakCybersecurityhacking, cybersecurity, penetration-testing, bug-bounty, ethical-hacking03-May-2024
DNS Resolutions: Identifying Live Targets : Vertical RECON.https://hacktivistattacker.medium.com/dns-resolutions-identifying-live-targets-vertical-recon-2a2aed49bd6b?source=rss------bug_bounty-5Hacktivist-Attackerpenetration-testing, reconnaissance, bug-bounty, education, résolutions03-May-2024
what is RCE-[Remote code Execution]❓https://medium.com/@mmdesvand1386/what-is-rce-remote-code-execution-fee04264fe30?source=rss------bug_bounty-5mamadbug-bounty, website, security, cyber-security-website, social-security-website03-May-2024
Sql İnjection Nedir &Karşılaştığım Vakahttps://medium.com/@akostak/sql-i%CC%87njection-nedir-kar%C5%9F%C4%B1la%C5%9Ft%C4%B1%C4%9F%C4%B1m-vaka-708b17f5da9d?source=rss------bug_bounty-5Alibug-bounty-tips, bug-bounty, sql-injection, vulnerability, bugs03-May-2024
Bug Bounty IDhttps://medium.com/@nurdin8/bug-bounty-id-33c529b2cd1a?source=rss------bug_bounty-5Senudin Nurdinfree-course, linux, network, cyberse, bug-bounty02-May-2024
24.6 Lab: Exploiting HTTP request smuggling to capture other users requests | 2024https://cyberw1ng.medium.com/24-6-lab-exploiting-http-request-smuggling-to-capture-other-users-requests-2024-fd10d3b638bc?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, penetration-testing, careers02-May-2024
Langkah Awal Menuju Bug Bounty IDN BootCamphttps://medium.com/@caomaysss/langkah-awal-menuju-bug-bounty-idn-bootcamp-42bcc61ba7ef?source=rss------bug_bounty-5Caomaybug-bounty, xiaocaomay, idn, idn-network02-May-2024
Become a Bug Bounty hunter: Unveiling the Secrets to Success!https://adipsharif.medium.com/become-a-bug-bounty-hunter-unveiling-the-secrets-to-success-90dfab4c2832?source=rss------bug_bounty-5ADIPinfosec, bug-bounty-tips, info-sec-writeups, penetration-testing, bug-bounty02-May-2024
Google VRP Targets by Tierhttps://uprootsecurity.medium.com/google-vrp-targets-by-tier-c0679c27e545?source=rss------bug_bounty-5UprootSecurityinfosec, pentest, bug-bounty, cybersecurity, vapt02-May-2024
Alasan ingin belajar pada Bug Bounty IDN Bootcamphttps://medium.com/@putrantosurya38/alasan-ingin-belajar-bug-bounty-9f33d7d75161?source=rss------bug_bounty-5Putranto Suryacybersecurity, bug-bounty, bug-bounty-idn-bootcamp02-May-2024
How I Gained Account Access: Exploring the Risks of Password Reset Links in Cybersecurityhttps://kd-200.medium.com/how-i-gained-account-access-exploring-the-risks-of-password-reset-links-in-cybersecurity-5811e914c289?source=rss------bug_bounty-5Nitin yadavcybersecurity, bug-bounty, hacking, hackerone, technology02-May-2024
Mengapa bug bounty?https://medium.com/@rayyaramburambani11/mengapa-bug-bounty-0f77b824cc6c?source=rss------bug_bounty-5rayyanewbie, roboti̇k, bug-bounty-idn-bootcamp, bug-bounty02-May-2024
How i got admin panel without opening the targethttps://thesafdari.medium.com/how-i-got-admin-panel-without-opening-the-target-8ca4a2c219be?source=rss------bug_bounty-5Milad Safdari (TheSafdari)github, hacking, github-secret, bug-bounty, cybersecurity02-May-2024
Diving into the Depths: Unveiling Bug Bounty Adventures and Insights into Linux, Programming, and…https://medium.com/@mansorihack/diving-into-the-depths-unveiling-bug-bounty-adventures-and-insights-into-linux-programming-and-952cc8957dc0?source=rss------bug_bounty-5Mansorihacklinux, bug-bounty, pentesting02-May-2024
Bug Bounty IDN Bootcamp | By Ekyhttps://medium.com/@muhr6128/bug-bounty-idn-bootcamp-by-eky-7a65bc3f6844?source=rss------bug_bounty-5personcybersecurity, ethical-hacking, ctf, bug-bounty02-May-2024
Complex Attack Types: Sample Scenarios 3https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-3-bcd472d684cf?source=rss------bug_bounty-5Baris Dincercybersecurity, threat-intelligence, bug-bounty, penetration-testing, freedomofinternet02-May-2024
Real-World Example of Race Condition Exploits “adding Money”https://medium.com/@dr4040x00/real-world-example-of-race-condition-exploits-adding-money-c8fe62964067?source=rss------bug_bounty-5Dr404race-condition, web-penetration-testing, vulnerability, bug-bounty02-May-2024
#01: Path traversalhttps://medium.com/@karimelsayed0x1/01-path-traversal-0c52daffd26e?source=rss------bug_bounty-5z3r0xksource-code-review, path-traversal, web-security, nodejs, bug-bounty02-May-2024
My Journey to the Nokia Security Hall of Famehttps://mufazmi.medium.com/my-journey-to-the-nokia-security-hall-of-fame-4e9cf4d8b5e9?source=rss------bug_bounty-5Umair Farooquihof, bug-bounty, mufazmi, nokia-hall-of-fame, umair-farooqui01-May-2024
Harnessing the Power of Crowd-Sourced Securityhttps://medium.com/@paritoshblogs/harnessing-the-power-of-crowd-sourced-security-1326641d81b7?source=rss------bug_bounty-5Paritoshcybersecurity, information-technology, information-security, cloud-computing, bug-bounty01-May-2024
My First Verified Bug Bounty: Unmasking Flaws in University Web Appshttps://medium.com/@rafisyafrinaldi17/my-first-verified-bug-bounty-unmasking-flaws-in-university-web-apps-6c6b5fb1e8da?source=rss------bug_bounty-5Impeony | Rafivulnerability-assessment, cybersecurity, bug-bounty-writeup, bug-bounty01-May-2024
How I Bypass CSP that allow a iframe injection in a chat bot + HTML injection on emailshttps://medium.com/@jeetpal2007/how-i-bypass-csp-that-allow-a-iframe-injection-in-a-chat-bot-html-injection-on-emails-9d588aeef4c3?source=rss------bug_bounty-5JEETPALbug-bounty, htmli, bug-bounty-writeup, chatbotbugs, bug-bounty-tips01-May-2024
€150 Bounty: Chaining Vulns to fully Exploit CORS Misconfigurationhttps://r4v3n0r.medium.com/150-bounty-chaining-vulns-to-fully-exploit-cors-misconfiguration-521a0cd97316?source=rss------bug_bounty-5Fabian Cruzinformation-security, bug-bounty, infrastructure-security, cybersecurity, penetration-testing01-May-2024
How can I bypass the limit on the number of team membershttps://medium.com/@xiaodongsec/how-can-i-bypass-the-limit-on-the-number-of-team-members-c3dd56d265a0?source=rss------bug_bounty-5Xiaodongchina, vulnerability, money, bug-bounty, hacker01-May-2024
€400 Bounty: Unveiling a More Impactful CORS Misconfiguration Exploithttps://r4v3n0r.medium.com/400-bounty-unveiling-a-more-impactful-cors-misconfiguration-exploit-6db0a1b39bdc?source=rss------bug_bounty-5Fabian Cruzweb-security, bug-bounty, information-security, penetration-testing, cybersecurity01-May-2024
FortiClient Android Apphttps://medium.com/@3ed0x92/forticlient-android-app-958f942cb5b7?source=rss------bug_bounty-5Mohamed Eid Wahbybug-bounty, mobile-pentest, mobile-pentesting, penetration-testing, bug-bounty-tips01-May-2024
Partnering with fewerClicks- To Provide Robust Web3 Securityhttps://securrtech.medium.com/partnering-with-fewerclicks-to-provide-robust-web3-security-007328375783?source=rss------bug_bounty-5Securrsmart-contract-auditing, bug-bounty, pentesting, web301-May-2024
1500$ bounty: how unprotected directory leaked sensitive infohttps://medium.com/@aa.pietruczuk/1500-bounty-how-unprotected-directory-leaked-sensitive-info-929b55515232?source=rss------bug_bounty-5Agnieszka Pietruczukpentesting, bug-bounty01-May-2024
Exposed Secrets: The Peril of Broken Access Controlhttps://kd-200.medium.com/exposed-secrets-the-peril-of-broken-access-control-928223c62547?source=rss------bug_bounty-5Nitin yadavcybersecurity, bug-bounty, technology, hacking, penetration-testing01-May-2024
BBRADAR: A WEB TOOL TO FIND THE LATEST BUG BOUNTY PROGRAMShttps://medium.com/@Progsky/bbradar-a-web-tool-to-find-the-latest-bug-bounty-programs-833ba632f7a6?source=rss------bug_bounty-5Progskyweb-hacking, web-security, bug-bounty01-May-2024
I sent 1,000,000 Requests to a serverhttps://imwaiting18.medium.com/i-sent-1-000-000-requests-to-a-server-dcb6b41d5d7f?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)hacking, cybersecurity, bug-bounty, ethical-hacking01-May-2024
AWS S3 Bucket Misconfiguration Exposes PII and Documents of Job Seekershttps://infosecwriteups.com/aws-s3-bucket-misconfiguration-exposes-pii-and-documents-of-job-seekers-7b1332b0ecf1?source=rss------bug_bounty-5brutexploitercybersecurity, cloud, india, information-security, bug-bounty01-May-2024
Learning Offensive Cybersecurity — Day 2https://medium.com/@n4rkwh4l/learning-offensive-cybersecurity-day-2-73a682ba1e4d?source=rss------bug_bounty-5N4RKWH4Loffensive-security, cybersecurity, bug-bounty, learning, tech01-May-2024
Billions Bug Bounty Programhttps://billionsquest.medium.com/billions-bug-bounty-program-c86689b4fb29?source=rss------bug_bounty-5Billions Questbug-bounty-tips, bug-bounty, bug-bounty-hunter, bugs01-May-2024
Binary Exploitation: PicoCTF clutter-overflow challenge walk throughhttps://medium.com/@boogsta/binary-exploitation-picoctf-clutter-overflow-challenge-walk-through-80e2f775102c?source=rss------bug_bounty-5Boogstabug-bounty, hacking, hackathons, cyber, cybersecurity01-May-2024
1,000,000 requests 2FA bypasshttps://imwaiting18.medium.com/i-sent-1-000-000-requests-to-a-server-dcb6b41d5d7f?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)hacking, cybersecurity, bug-bounty, ethical-hacking01-May-2024
Javascript code inside HTMLhttps://medium.com/@thewhiteside2000/javascript-code-inside-html-389a71060bf0?source=rss------bug_bounty-5Thewhitesidebugs, bug-bounty-tips, bug-bounty01-May-2024
How OSINT Helped Me To Find User Credentials And Discover An OTP Bypasshttps://medium.com/@mohammed0x04/how-osint-helped-me-to-find-user-credentials-and-discover-an-otp-bypass-afb6b9e23b45?source=rss------bug_bounty-5Mohammed Waleedrecon, osint, bug-bounty-tips, cybersecurity, bug-bounty30-Apr-2024
Bypassing SSL Pinning with Frida and Objection in Mobile Applicationshttps://medium.com/@ria.banerjee005/bypassing-ssl-pinning-with-frida-and-objection-in-mobile-applications-0b42a778b0f2?source=rss------bug_bounty-5Ria Banerjeebug-bounty, cybersecurity, ssl-pinning, mobile-security, mobile-app-testing30-Apr-2024
Another ATO, will I get paid this time?https://imwaiting18.medium.com/another-ato-will-i-get-paid-this-time-ba86ed272f3e?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)hacking, ethical-hacking, security, bug-bounty, cyber-security-awareness30-Apr-2024
Useful GoogleDocks Tips — Bug Bounty Tuesdayhttps://medium.com/@kerstan/useful-googledocks-tips-bug-bounty-tuesday-45eddc06bf93?source=rss------bug_bounty-5kerstancybersecurity, bug-bounty, hacking30-Apr-2024
How I found three Critical Vulnerability in one site.https://medium.com/@ckachhadiya007/how-i-found-three-critical-vulnerability-in-one-site-70fc513669d8?source=rss------bug_bounty-5DEepvulnerability, hacking, cybersecurity, red-team, bug-bounty30-Apr-2024
O melhor curso de hacking etico do Brasilhttps://medium.com/@rafael.code77/o-melhor-curso-de-hacking-etico-do-brasil-cec8eec850bb?source=rss------bug_bounty-5Rafael Henriquetryhackme-writeup, hacking, bug-bounty, hacker, hackerone30-Apr-2024
24.4 Lab: Exploiting HTTP request smuggling to bypass front-end security controls, CL.TEhttps://cyberw1ng.medium.com/24-4-lab-exploiting-http-request-smuggling-to-bypass-front-end-security-controls-cl-te-458923cda52d?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, bug-bounty, hacking30-Apr-2024
Learning OffensiveCybersecurity — Day 1https://medium.com/@n4rkwh4l/learning-offensivecybersecurity-day-1-b5c26c55522c?source=rss------bug_bounty-5N4RKWH4Lbug-bounty, cybersecurity, offensive-security, learning, tech30-Apr-2024
Adding Certificates to Postman & Burp Suite for API Testinghttps://medium.com/r3d-buck3t/adding-certificates-to-postman-burp-suite-for-api-testing-06339a6d072a?source=rss------bug_bounty-5Nairuz Abulhulsecurity, bug-bounty, penetration-testing, hacking, infosec30-Apr-2024
Bug Bounty Challenge (final): [CONCLUSION]https://wallotry.medium.com/bug-bounty-challenge-final-day-10-30-04-2024-75a6f93d2687?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup30-Apr-2024
Finding a viper in the curved lawnhttps://medium.com/@kupiasec/finding-a-viper-in-the-curved-lawn-e43401997cce?source=rss------bug_bounty-5KupiaSeccurve-finance, bug-bounty, audit, blockchain, security30-Apr-2024
ineligible for bounty !!!https://medium.com/@thewhiteside2000/ineligible-for-bounty-d4b720bfb596?source=rss------bug_bounty-5Thewhitesidebug-bounty30-Apr-2024
postMessage() securityhttps://noobstain.medium.com/postmessage-security-e6c55ef1f1bd?source=rss------bug_bounty-5Sumeet darekarbug-bounty, xss-vulnerability, replit, postmessage, javascript30-Apr-2024
Learning Offensive Cybersecurity — Day 1https://medium.com/@n4rkwh4l/learning-offensivecybersecurity-day-1-b5c26c55522c?source=rss------bug_bounty-5N4RKWH4Lbug-bounty, cybersecurity, offensive-security, learning, tech30-Apr-2024
Bug Bounty Challenge (final): CONCLUSIONhttps://wallotry.medium.com/bug-bounty-challenge-final-day-10-30-04-2024-75a6f93d2687?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup30-Apr-2024
do FUZZ well!https://medium.com/@ugs20b126_cic.rajesh/do-fuzz-well-07cb19bb0675?source=rss------bug_bounty-5Rajesh Sagarbug-bounty, fuzzing, bug-bounty-tips30-Apr-2024
E-Commerce Application Penetration Testing- My Favourite Business Logical Flawhttps://medium.com/@vaishalinagori112/e-commerce-application-penetration-testing-my-favourite-business-logical-flaw-bac0367ad60c?source=rss------bug_bounty-5Vaishali Nagoriapplication-security, ciso, bug-bounty, penetration-testing, vapt29-Apr-2024
The Silent Threat: Uncovering IDOR Vulnerabilities Before They’re Exploited (PoC)https://medium.com/@mrmaulik191/the-silent-threat-uncovering-idor-vulnerabilities-before-theyre-exploited-poc-f98d2b8aec8d?source=rss------bug_bounty-5Mr.MGidor, penetration-testing, blog, cybersecurity, bug-bounty29-Apr-2024
The Story of a Mass Account Takeover Though Stored XSS (Cross-Site Scripting).https://medium.com/@iamrajchavan/the-story-of-a-mass-account-takeover-though-stored-xss-cross-site-scripting-bd2e484a0bd1?source=rss------bug_bounty-5Rajdip Chavanvapt, cybersecurity, bug-hunting, web-app-pentesting, bug-bounty29-Apr-2024
The Fuzzy Wuzzy: Unveiling Hidden Parametershttps://medium.com/@mendurim.r/the-fuzzy-wuzzy-unveiling-hidden-parameters-24169dfc9371?source=rss------bug_bounty-5m3nd00bug-bounty, fuzzing, ffuf29-Apr-2024
Explorando Acunetix Vulneweb SQL Injectionhttps://medium.com/@davidkarpinski1/explorando-acunetix-vulneweb-sql-injection-23360cf2d5f3?source=rss------bug_bounty-5David Eduardo Karpinskisql-injection, sql, bug-bounty, mysql, vulnerability29-Apr-2024
24.3 Lab: Exploiting HTTP request smuggling to bypass front-end security controls, CL.TEhttps://cyberw1ng.medium.com/24-3-lab-exploiting-http-request-smuggling-to-bypass-front-end-security-controls-cl-te-3a5f92a939d2?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, hacking, cybersecurity29-Apr-2024
Temu glitch - Temu system hacked and let me buy free items!https://medium.com/@verylazytech/temu-glitch-temu-system-hacked-and-let-me-buy-free-items-356fad19ae4a?source=rss------bug_bounty-5Very Lazy Techtemu, hacking, shopping, free, bug-bounty29-Apr-2024
The Fuzzy Wuzzy: Unveiling Hidden Parametershttps://medium.com/@mendurim.r/the-fuzzy-wuzzy-unveiling-hidden-parameters-24169dfc9371?source=rss------bug_bounty-5ScriptTeasebug-bounty, fuzzing, ffuf29-Apr-2024
Broken Link Hijacking: A Hidden Threat $350 Bountyhttps://medium.com/@chouhanhimanshu532/broken-link-hijacking-a-hidden-threat-350-bounty-bb5978177b1d?source=rss------bug_bounty-5Himanshu Chouhanbug-bounty, bugcrowd, bugs, broken-link-hijacking, bug-bounty-tips29-Apr-2024
Embracing Downtime: Why “Wasting Time” Can Be Beneficial for Bug Huntershttps://securitylit.medium.com/embracing-downtime-why-wasting-time-can-be-beneficial-for-bug-hunters-62d83da87a14?source=rss------bug_bounty-5Security Lit Limitedbug-bounty, cybersecurity, penetration-testing, bug-bounty-tips29-Apr-2024
Crypto Attacks Cheat-Sheethttps://medium.com/@davidkarpinski1/brute-forcing-cheat-sheet-30a9f58e024e?source=rss------bug_bounty-5David Eduardo Karpinskihacking, bug-bounty, dictionary, cheating, crack29-Apr-2024
Bug Bounty Challenge (final): Day 9–29/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-9-29-04-2024-9643d90e3ccf?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty29-Apr-2024
The Last Dance (HackTheBox Writeup)https://medium.com/@krishgera1/the-last-dance-hackthebox-writeup-ab0ffda6264f?source=rss------bug_bounty-5Krish Geractf, cybersecurity, hackthebox, hackerone, bug-bounty29-Apr-2024
Find PII Info Disclosure Bugs With this Simple GUI Tool-Easy P1https://medium.com/@Ajakcybersecurity/find-pii-info-disclosure-bugs-with-this-simple-gui-tool-easy-p1-7507a34ae172?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, cybersecurity, bug-bounty, hacking, penetration-testing29-Apr-2024
Bug Zero at a Glance [01–15 April]https://blog.bugzero.io/bug-zero-at-a-glance-01-15-april-1a761018d605?source=rss------bug_bounty-5Januka Dharmapriyacybersecurity, sri-lanka, bug-zero, newsletter, bug-bounty28-Apr-2024
2FA bypass that made me $______https://imwaiting18.medium.com/2fa-bypass-that-made-me-6d32d3b762b4?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)csrf, bug-bounty, cybersecurity, 2fa-bypass, hacking28-Apr-2024
How to choose less competitive Bug Bounty Programs ( No VDPs)https://medium.com/@h3mantsaini/how-to-choose-less-competitive-bug-bounty-programs-no-vdps-0acc3ddfe9b8?source=rss------bug_bounty-5H3mantbug-bounty-tips, bugbounty-writeup, bug-bounty, bug-bounty-writeup28-Apr-2024
Starting in Bug Bounty — First Master This Before Hunting.https://medium.com/@shuklaneel525/starting-in-bug-bounty-first-master-this-before-hunting-74d266a874a0?source=rss------bug_bounty-5NEEL SHUKLAbug-bounty, ethical-hacking, penetration-testing, bounty-program, bug-bounty-tips28-Apr-2024
Unveiling the Secrets of Internal Pentest Monitoring: A Game-Changer for Security Leadershttps://medium.com/@anirumble6776/unveiling-the-secrets-of-internal-pentest-monitoring-a-game-changer-for-security-leaders-09e57b46f9ef?source=rss------bug_bounty-5Aniniikethr12bug-bounty, pentesting, cybersecurity28-Apr-2024
Never use the GET method for Sensitive Actions in Web App: Ft. CSRFhttps://secureitmania.medium.com/never-use-the-get-method-for-sensitive-actions-in-web-app-ft-csrf-f106df3c228b?source=rss------bug_bounty-5secureITmaniabug-bounty, penetration-testing, information-security, hacking, web-development28-Apr-2024
Ability to Deny Subaccounts feature from all usershttps://medium.com/@mostafaaboelnour19/ability-to-deny-subaccounts-feature-from-all-users-e8fca424ffb9?source=rss------bug_bounty-50xAb031n0uRbugbounty-writeup, bug-bounty, cybersecurity28-Apr-2024
IDOR leads to Account Takeover of all users (ATO).https://medium.com/@xnum.1/idor-leads-to-account-takeover-of-all-users-ato-27af312c8481?source=rss------bug_bounty-5Ahmed Tarekpenteration-testing, account-takeover, bug-bounty, pentesting, hacking28-Apr-2024
Mi camino en el Bug Bounty comienza, pero antes..https://medium.com/@cyb3rbyt3/mi-camino-en-el-bug-bounty-comienza-pero-antes-e649661dddc0?source=rss------bug_bounty-5Cib3r Byt3bug-bounty28-Apr-2024
24.2 Lab: HTTP request smuggling, confirming a TE.CLhttps://cyberw1ng.medium.com/24-2-lab-http-request-smuggling-confirming-a-te-cl-1917e523470e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, bug-bounty, hacking28-Apr-2024
How I Hacked an Indian Government Website and Accessed Their Database Serverhttps://medium.com/@kamilrahman32/how-i-hacked-an-indian-government-website-and-accessed-their-database-server-02a81842cce8?source=rss------bug_bounty-5Kamil Rahumanbug-hunting, cybersecurity, bug-bounty, hacking28-Apr-2024
Bug Bounty Challenge (final): Day 8–28/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-8-28-04-2024-67bac40e6a35?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, bug-bounty28-Apr-2024
How We Hacked Voice Communication Solutions Company And Found BAC + Info Disclosure + IDOR 😀https://medium.com/@eslam.zayedw/how-we-hacked-voice-communication-solutions-company-and-found-bac-info-disclosure-idor-d-6884037064f0?source=rss------bug_bounty-5D0loresH4zebug-bounty, bug-bounty-tips, cybersecurity, hacking, penetration-testing28-Apr-2024
Flamingo Finance Bug Bounty Programhttps://medium.com/@kdmytro336/flamingo-finance-bug-bounty-program-e5736de7bfa0?source=rss------bug_bounty-5Dmytro Kovalenkoweb-security, bug-bounty, security, web3, flamingo-finance28-Apr-2024
VAPT: The Secret Weapon for Security Superheroeshttps://securitylit.medium.com/vapt-the-secret-weapon-for-security-superheroes-27fcdd79b16e?source=rss------bug_bounty-5Security Lit Limitedvapt, bug-bounty, cybersecurity, cyberattack28-Apr-2024
Security Testing Trends 2024https://innovateqa.medium.com/security-testing-trends-2024-38d9129fde4d?source=rss------bug_bounty-5InnovateQAsecurity-testing, devsecops, genai, bug-bounty, pentesting27-Apr-2024
Hidden parametershttps://medium.com/@thewhiteside2000/hidden-parameters-e818d572ea3e?source=rss------bug_bounty-5Thewhitesidebug-bounty, bug-bounty-tips27-Apr-2024
Top Ten Books for Bug Bountyhttps://medium.com/@verylazytech/top-ten-books-for-bug-bounty-95e8a42fb519?source=rss------bug_bounty-5Very Lazy Techpentesting, money, cybersecurity, bug-bounty, oscp27-Apr-2024
How to setup in 30 min your Web3 lab in Windowshttps://coinsbench.com/how-to-setup-in-30-min-your-web3-lab-in-windows-e0026185b64?source=rss------bug_bounty-5Bug Bounty Degenweb3, hacking-tools, ethereum, bug-bounty, blockchain27-Apr-2024
2:00 AM IDOR leads to some Adrenaline rushhttps://imwaiting18.medium.com/2-00-am-idor-leads-to-some-adrenaline-rush-996f710bd55a?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)bug-bounty27-Apr-2024
Logic Loopholes: The Fun Flawshttps://medium.com/@khode4li/logic-loopholes-the-fun-flaws-5a8e14b09dc7?source=rss------bug_bounty-5Khod4libusiness-logic, web-penetration, bug-bounty, pentest, xss-attack27-Apr-2024
How I Exploited an Auth0 Misconfiguration to Bypass Login Restrictionshttps://amjadali110.medium.com/how-i-exploited-an-auth0-misconfiguration-to-bypass-login-restrictions-c5d8c20d5505?source=rss------bug_bounty-5Amjad Alipenetration-testing, infosec, bug-bounty-tips, bug-bounty, cybersecurity27-Apr-2024
How A Blackbox Target Turned To Whitebox With Reconhttps://medium.com/@red.whisperer/how-a-blackbox-target-turned-to-whitebox-with-recon-e46536672702?source=rss------bug_bounty-5Chuxinfosec, cybersecurity, red-team, hacking, bug-bounty27-Apr-2024
Spotting Sensitive Data in iOS Applications A Penetration Tester’s Guidehttps://adipsharif.medium.com/spotting-sensitive-data-in-ios-applications-a-penetration-testers-guide-06f84af9cb0a?source=rss------bug_bounty-5ADIPpentesting, penetration-testing, infosec, information-security, bug-bounty27-Apr-2024
24.1 Lab: HTTP request smuggling, confirming a CL.TEhttps://cyberw1ng.medium.com/24-1-lab-http-request-smuggling-confirming-a-cl-te-c53051cf5875?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, penetration-testing, cybersecurity27-Apr-2024
privilege escalation allow the app admin to add the user as organization admin (on Microsoft own…https://medium.com/@amitkhandebharad5/privilege-escalation-allow-the-app-admin-to-add-the-user-as-organization-admin-on-microsoft-own-e24352219a24?source=rss------bug_bounty-5Amitkhandebharadsecurity, bug-bounty, bugcrowd, privilege-escalation, bug-hunter27-Apr-2024
Exploring the Filliquid Testnet Launch Bug Bounty Program!https://medium.com/@dekachi17/exploring-the-filliquid-testnet-launch-bug-bounty-program-e67c76557cc5?source=rss------bug_bounty-5I. Tobias Darlingtonfilecoin, bug-bounty, testnet, defi, filliquid27-Apr-2024
How I Hacked NASA Website and find a Criticial Source Code leak BUG on their websitehttps://medium.com/@phantom9863/how-i-hacked-nasa-website-and-find-a-criticial-source-code-leak-bug-on-their-website-9be0c38299fd?source=rss------bug_bounty-5Phantombugs, bug-bounty-tips, bug-fixes, bug-bounty, bug-zero27-Apr-2024
Unveiling Strategies to Identify Potentially Sensitive Data Stored by iOS Applicationshttps://adipsharif.medium.com/spotting-sensitive-data-in-ios-applications-a-penetration-testers-guide-06f84af9cb0a?source=rss------bug_bounty-5ADIPpentesting, penetration-testing, infosec, information-security, bug-bounty27-Apr-2024
What is HTTP request smuggling?https://cyberw1ng.medium.com/what-is-http-request-smuggling-7ab91748c6db?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, careers, cybersecurity, bug-bounty26-Apr-2024
I found a simple but rare misconfiguration and got $200 on a hackerone programhttps://harish45.medium.com/i-found-a-simple-but-rare-misconfiguration-and-got-200-on-a-hackerone-program-5863b6c51538?source=rss------bug_bounty-5Harishhackerone, bug-bounty-writeup, bug-bounty, bug-bounty-tips26-Apr-2024
Private Interact.sh server setup with a web dashboardhttps://infosecwriteups.com/private-interact-sh-server-setup-with-a-web-dashboard-6b0320645536?source=rss------bug_bounty-5Serj Novoselovtutorial, hacking, tools, cybersecurity, bug-bounty26-Apr-2024
Found Multiple Bugs :: XSS, MITM, Sec-MisConf :: In an Educational Sitehttps://medium.com/@p.ra.dee.p_0xx01/found-multiple-bugs-xss-mitm-sec-misconf-in-an-educational-site-5a3804085da0?source=rss------bug_bounty-5Professor0xx01security, bugs, bug-bounty, information-security, xss-attack26-Apr-2024
The Ultimate Guide to CISSP’s Eight Security Territorieshttps://systemweakness.com/the-ultimate-guide-to-cissps-eight-security-territories-836ec7bec836?source=rss------bug_bounty-5Gagan Yalamuristartup, information-security, information-technology, cybersecurity, bug-bounty26-Apr-2024
Unraveling the Nuances of 403 Bypass: Strengthening Web Application Securityhttps://medium.com/@dasmanish6176/unraveling-the-nuances-of-403-bypass-strengthening-web-application-security-ac2e8e885c3f?source=rss------bug_bounty-5Dasmanish403-forbidden, ethical-hacking, bug-bounty26-Apr-2024
How to baypass scaping filter(\)https://medium.com/@thewhiteside2000/how-to-baypass-scaping-filter-14393a23af4f?source=rss------bug_bounty-5Thewhitesidebug-bounty-tips, bug-bounty26-Apr-2024
How We Prevented a Mass Breach On One OF The Biggest CryptoCurrency Gateways On A Web3 Platform.https://medium.com/@eslam.zayedw/how-we-prevented-a-mass-breach-on-one-of-the-biggest-cryptocurrency-gateways-on-a-web3-platform-2d8393070b10?source=rss------bug_bounty-5D0loresH4zecybersecurity, bugbounty-writeup, bug-bounty, bug-bounty-tips, penetration-testing26-Apr-2024
Found Multiple Bugs :: XSS, MITM, Sec-MisConf :: In a GOVT Educational Sitehttps://medium.com/@p.ra.dee.p_0xx01/found-multiple-bugs-xss-mitm-sec-misconf-in-an-educational-site-5a3804085da0?source=rss------bug_bounty-5Professor0xx01security, bugs, bug-bounty, information-security, xss-attack26-Apr-2024
Bug Bounty Toolshttps://medium.com/@malishakali2002/bug-bounty-tools-bedcf7b94f8d?source=rss------bug_bounty-5Malisha_kalictf, bug-bounty-writeup, reconnaissance, bug-bounty, bug-bounty-tool25-Apr-2024
this is how I Bypassed the 2FA page in a big site…https://medium.com/@hannorayousef/this-is-how-i-bypassed-the-2fa-page-in-a-big-site-77c6a3b7596d?source=rss------bug_bounty-5Bar_0_0_nbug-bounty, 2fa, pentesting, bug-bounty-tips, cybersecurity25-Apr-2024
Android Pentesting Lab Setup step to step . Part -1https://medium.com/@adityasingh4180/android-pentesting-lab-setup-step-to-step-part-1-c50d210d118d?source=rss------bug_bounty-5Security Empirebug-bounty-tips, cybersecurity, android-pentesting, bug-bounty, cyber-sec25-Apr-2024
Bug Bounty Champions: Real Stories of Cybersecurity Triumphshttps://medium.com/@paritoshblogs/bug-bounty-champions-real-stories-of-cybersecurity-triumphs-35c0c976469a?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, ai, hacking, information-security25-Apr-2024
Understanding 403 Bypass: A Critical Vulnerability in Web Application Securityhttps://infosecwriteups.com/understanding-403-bypass-a-critical-vulnerability-in-web-application-security-2b9f0318f3a4?source=rss------bug_bounty-5Abhishek Bhujangbug-bounty, 403-bypass, cybersecurity, vulnerability, web-app-security25-Apr-2024
Hacking one of the largest Legal tech in MENAhttps://ahmadmansourr.medium.com/hacking-one-of-the-largest-legal-tech-in-mena-92365c276654?source=rss------bug_bounty-5Ahmad Mansourpentest, hacking, securing, bug-bounty25-Apr-2024
Cyber Detectives Unite: Advanced Tools for Web Securityhttps://medium.com/@gaganak.yalamuri/cyber-detectives-unite-advanced-tools-for-web-security-bb675f46b46e?source=rss------bug_bounty-5Gagan Yalamuriethical-hacking, information-security, cybersecurity, bug-bounty, computer-science25-Apr-2024
How a ‘.git’ file Leads to Zendesk Panel Takeoverhttps://sl4x0.medium.com/how-a-git-file-leads-to-zendesk-panel-takeover-11e8d2812076?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)bug-bounty-tips, admin-panel, pentesting, bug-bounty, hacking25-Apr-2024
Privilege Escalation to Admin through an Import Featurehttps://cristivlad.medium.com/privilege-escalation-to-admin-through-an-import-feature-ac8ac6b6abad?source=rss------bug_bounty-5Cristi Vladbug-bounty, cybersecurity, penetration-testing, pentesting, infosec25-Apr-2024
Unexpected gain, arbitrary forgery of user tokens.https://medium.com/@xiaodongsec/unexpected-gain-arbitrary-forgery-of-user-tokens-cb0dc1c4bd9f?source=rss------bug_bounty-5Xiaodongchina, hacker, vulnerability, bug-bounty, money25-Apr-2024
How to monitor your internal pentesters?https://medium.com/@levente.b.molnar/how-to-monitor-your-internal-pentesters-6fe0e18f9fd0?source=rss------bug_bounty-5Hackratebug-bounty, cybersecurity, it-security, penetration-testing-tools, penetration-testing25-Apr-2024
Find This Easy CSRF in Every Website- A Sweet P4https://medium.com/@Ajakcybersecurity/find-this-easy-csrf-in-every-website-a-sweet-p4-372a3198bf47?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, technology, bug-bounty, hacking, cybersecurity25-Apr-2024
Bug Bounty Challenge (final): Day 5–25/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-5-25-04-2024-a8d33630fe73?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips25-Apr-2024
Cyber Detectives Unite: Advanced Tools for Web Securityhttps://systemweakness.com/cyber-detectives-unite-advanced-tools-for-web-security-bb675f46b46e?source=rss------bug_bounty-5Gagan Yalamuriethical-hacking, information-security, cybersecurity, bug-bounty, computer-science25-Apr-2024
20.6 Lab: Host validation bypass via connection state attack | 2024https://cyberw1ng.medium.com/20-6-lab-host-validation-bypass-via-connection-state-attack-2024-ba5ddd95edc4?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, cybersecurity, penetration-testing25-Apr-2024
Privilege escalation mediante Race Condition.https://medium.com/@duality084/privilege-escalation-mediante-race-condition-0254df6ffbd8?source=rss------bug_bounty-5Matias Ramirezbug-bounty, bug-bounty-tips, bugbounty-writeup, hacking25-Apr-2024
A very useful asset collection tool: Asset Reconnaissance Lighthouse.https://medium.com/@xiaodongsec/a-very-useful-asset-collection-tool-asset-reconnaissance-lighthouse-94204f093c92?source=rss------bug_bounty-5Xiaodonghacks, hunting, tools, bug-bounty, china24-Apr-2024
Hack Stories: Hacking Hackers EP:3https://infosecwriteups.com/hack-stories-hacking-hackers-ep-3-11b1f0e002e8?source=rss------bug_bounty-5c0d3x27software, programming, cybersecurity, hacking, bug-bounty24-Apr-2024
#1. Bug Bounty POC: IDOR leads to Account Takeoverhttps://cyb3rmind.medium.com/1-bug-bounty-poc-idor-leads-to-account-takeover-e500701a8004?source=rss------bug_bounty-5Cyb3r M!ndsidor, account-takeover, web-penetration-testing, bug-bounty, pentesting24-Apr-2024
BALMER PEAK AND BUG HUNTINGhttps://medium.com/@Progsky/balmer-peak-and-bug-hunting-8ea030eaa4a4?source=rss------bug_bounty-5Progskyhumor, bug-bounty24-Apr-2024
20.5 Lab: SSRF via flawed request parsing | 2024https://cyberw1ng.medium.com/20-5-lab-ssrf-via-flawed-request-parsing-2024-77a91ca47898?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, careers, cybersecurity, hacking24-Apr-2024
Unveiling the Hidden: A Guide to Passive Subdomain Enumerationhttps://medium.com/@gaganak.yalamuri/unveiling-the-hidden-a-guide-to-passive-subdomain-enumeration-6f1db9a8bb50?source=rss------bug_bounty-5Gagan Yalamuriweb-security, technology, security, bug-bounty, hacking24-Apr-2024
Bug Bounty Challenge (final): Day 4–24/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-4-24-04-2024-ad138e4d1357?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter24-Apr-2024
Embarking on My Bug Bounty Hunting Journeyhttps://medium.com/@nikhil-/embarking-on-my-bug-bounty-hunting-journey-d4064cd28905?source=rss------bug_bounty-5Nikhilmy-journey-in-tech, cybersecurity, bug-bounty24-Apr-2024
Unveiling the Hidden: A Guide to Passive Subdomain Enumerationhttps://systemweakness.com/unveiling-the-hidden-a-guide-to-passive-subdomain-enumeration-6f1db9a8bb50?source=rss------bug_bounty-5Gagan Yalamuriweb-security, technology, security, bug-bounty, hacking24-Apr-2024
How easy I made $$$$https://anasbetis023.medium.com/how-easy-i-made-24edb0fd1364?source=rss------bug_bounty-5Anas H Hmaidypenetration-testing, bug-bounty-tips, cybersecurity, bug-bounty23-Apr-2024
Bug :: CORS Misconfiguration ~ could lead to disclosure of sensitive info..!!!https://medium.com/@p.ra.dee.p_0xx01/bug-cors-misconfiguration-could-lead-to-disclosure-of-sensitive-info-ad95e35162fd?source=rss------bug_bounty-5Professor0xx01cors, bug-bounty, threat-hunting, information-security, vulnerability23-Apr-2024
What are Some Ethical Considerations for Bug Bounty Hunters When Negotiating Rewards or Disclosing…https://medium.com/mynextdeveloper/what-are-some-ethical-considerations-for-bug-bounty-hunters-when-negotiating-rewards-or-disclosing-3008e87a6173?source=rss------bug_bounty-5MyNextDeveloperbug-bounty, ethics, data-breach, ethical-hacking, cybersecurity23-Apr-2024
IOS Penetration Testing: Guide to Static Analysishttps://medium.com/@adityasawant00/ios-penetration-testing-guide-to-static-analysis-4a9dea5d672d?source=rss------bug_bounty-5Aditya Sawantcybersecurity, static-analysis, bug-bounty, i̇os, penetration-testing23-Apr-2024
How I found my First Valid bughttps://medium.com/@tanyago/how-i-found-my-first-valid-bug-2a9c87ce7a91?source=rss------bug_bounty-5Tanya Goyalbug-bounty, bug-hunting, bug-bounty-writeup, bug-bounty-tips23-Apr-2024
Bypassing CloudFlare Error 1015: You Are Being Rate Limitedhttps://medium.com/@mdnafeed3/bypassing-cloudflare-error-1015-you-are-being-rate-limited-f25f4e8f7bb2?source=rss------bug_bounty-5H4cker-Nafeedbug-bounty, vulnerability, cybersecurity, hacking23-Apr-2024
QUICK ROADMAP TO BUG BOUNTY(things you need to know)https://medium.com/@joybhavanadam/quick-roadmap-to-bug-bounty-things-you-need-to-know-0aa1b64b9cdf?source=rss------bug_bounty-5Adam Paulo Antonytips, bug-bounty-tips, roadmaps, bug-bounty23-Apr-2024
VERTICAL RECON : SUBDOMAINS ENUMERATION. THE ART OF RECONISM:https://hacktivistattacker.medium.com/vertical-recon-subdomains-enumeration-the-art-of-reconism-66d3be42d5d0?source=rss------bug_bounty-5Hacktivist-Attackersubdomain-enumeration, information-gathering, subdomains-enumeration, bug-bounty, reconnaissance23-Apr-2024
20.4 Lab: Routing-based SSRF Vulnerability | 2024https://cyberw1ng.medium.com/20-4-lab-routing-based-ssrf-vulnerability-2024-c34402e8b6dd?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, cybersecurity, bug-bounty, careers23-Apr-2024
Browser Extension Security Testing: Part 1https://codewithvamp.medium.com/browser-extension-security-testing-part-1-0178766d2252?source=rss------bug_bounty-5Vaibhav Kumar Srivastavabug-bounty, hacking, browser-extension, bug-bounty-tips, testing23-Apr-2024
Email Verification Bypass via Remember Mehttps://infosecwriteups.com/email-verification-bypass-via-remember-me-c6d34e6060e9?source=rss------bug_bounty-5mo9khu93rbug-bounty, cybersecurity, pentesting, red-team, hacking22-Apr-2024
(Insecure Dangerous Component) Developer Backdoor `DebugActivity` included in the Production Game…https://medium.com/@hazeemyasseer/insecure-dangerous-component-developer-backdoor-debugactivity-included-in-the-production-game-390dddea9363?source=rss------bug_bounty-5Hazeem' Yasseerandroid-pentesting, android-pentest, bug-bounty-tips, bug-bounty, cybersecurity22-Apr-2024
20.3 Lab: Web cache poisoning via ambiguous requests | 2024https://cyberw1ng.medium.com/20-3-lab-web-cache-poisoning-via-ambiguous-requests-2024-8ab074dec0e4?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, careers, penetration-testing, bug-bounty22-Apr-2024
How many months took you to find your first bug ?! Let s seehttps://medium.com/@aiz3nsk/how-many-months-took-you-to-find-your-first-bug-let-s-see-c48e4cce0c29?source=rss------bug_bounty-5Aiz3n Skbug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program, bug-bounty-writeup22-Apr-2024
Don’t overlook any parameter, because the vulnerability lies within!https://medium.com/@xiaodongsec/dont-overlook-any-parameter-because-the-vulnerability-lies-within-d0107d0c4f3e?source=rss------bug_bounty-5Xiaodonghacker, vulnerability, china, money, bug-bounty22-Apr-2024
Exploiting PostMessage for cool XSS vulnerabilitieshttps://manasharsh.medium.com/exploiting-postmessage-for-cool-xss-vulnerabilities-cbea132398e1?source=rss------bug_bounty-5Manas Harshhacking, xss-vulnerability, bug-bounty, application-security22-Apr-2024
Google Map API Key Exposure: A Bug Bounty Journeyhttps://medium.com/@iamrizwanvp/google-map-api-key-exposure-a-bug-bounty-journey-6e0bb1560961?source=rss------bug_bounty-5RIZWANpentesting, bug-bounty, cybersecurity, bugbounty-writeup22-Apr-2024
Auto Bug Bounty Script — Unleash Your Hunting Potentialhttps://medium.com/@psychomong/auto-bug-bounty-script-unleash-your-hunting-potential-7ecd6ad417ea?source=rss------bug_bounty-5psychomongbug-bounty, vapt, hacker, bug-bounty-tips, automation22-Apr-2024
How i Find Database Credentials via Mass Recon & Recon Scoping on Gcashhttps://ph-hitachi.medium.com/how-i-find-database-credentials-via-mass-recon-recon-scoping-on-gcash-f43a0dae3ec1?source=rss------bug_bounty-5Ph.Hitachipentest, reconnaissance, recon, bug-bounty, gcash22-Apr-2024
What is SSRF and how to Detect them on Web Applicationhttps://alvinbijo.medium.com/what-is-ssrf-and-how-to-detect-them-on-web-application-687820c4d097?source=rss------bug_bounty-5Alvin bijobug-bounty-tips, bug-bounty, xs, ssrf22-Apr-2024
Bug Bounty Challenge (final): Day 3–22/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-3-22-04-2024-51adde52bf60?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-tips22-Apr-2024
Cross-Site Scripting Detectionhttps://medium.com/@b.c114303/cross-site-scripting-detection-b35e4bd744b3?source=rss------bug_bounty-5Anni0pbug-bounty, cybersecurity, xss-attack22-Apr-2024
Beware of Method Swapping: Unveiling a Potential Security Vulnerabilityhttps://infosecwriteups.com/beware-of-method-swapping-unveiling-a-potential-security-vulnerability-cc66c867e3b2?source=rss------bug_bounty-5HooSbug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips22-Apr-2024
How to avoid burnouts in bugbounty?https://medium.com/@mr_prey3r/how-to-avoid-burnouts-in-bugbounty-4d97e14f1ff1?source=rss------bug_bounty-5Rubayet Hasan aka MR_Prey3rbug-bounty-tips, bug-bounty, bug-bounty-writeup22-Apr-2024
Beware of Method Swapping: Unveiling a Potential Security Vulnerabilityhttps://medium.com/@hoosgamer/beware-of-method-swapping-unveiling-a-potential-security-vulnerability-cc66c867e3b2?source=rss------bug_bounty-5HooSbug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips22-Apr-2024
Beware of Method Swapping: Unveiling a Potential Security Vulnerabilityhttps://medium.com/@hohky_/beware-of-method-swapping-unveiling-a-potential-security-vulnerability-cc66c867e3b2?source=rss------bug_bounty-5Hohkybug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips22-Apr-2024
Project discovery`s Chaos: Subdomains Discovery for all Bug Bounty Programshttps://medium.com/@miladkeivanfar/project-discovery-s-chaos-subdomains-discovery-for-all-bug-bounty-programs-b9e39fe3589d?source=rss------bug_bounty-5Milad keivanfarsecurity, subdomains-enumeration, bug-bounty, penetration-testing21-Apr-2024
SQL Injection Vulnerability in WHERE Clause Allowing Retrieval of Hidden Datahttps://medium.com/@marduk.i.am/sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-96beb7f99d0c?source=rss------bug_bounty-5Marduk I Amportswigger-lab, sql-injection, information-security, bug-bounty, cybersecurity21-Apr-2024
Unraveling the Secrets of CWE and CVE in easily wayhttps://medium.com/@abdallahhendy15/unraveling-the-secrets-of-cwe-and-cve-in-easily-way-fc332b0294d6?source=rss------bug_bounty-5Abdallahhendypenetration-testing, cwe, cybersecurity, cve, bug-bounty21-Apr-2024
Such a simple zero-payment vulnerability.https://medium.com/@xiaodongsec/such-a-simple-zero-payment-vulnerability-8e29421cbf58?source=rss------bug_bounty-5Xiaodongmoney, vulnerability, bug-bounty, china, hacker21-Apr-2024
Linux Mastery, Practical Exercises for Effective Command Line Skillshttps://medium.com/@muhammadriva/linux-mastery-practical-exercises-for-effective-command-line-skills-e769d1010f73?source=rss------bug_bounty-5Muhammad Rivacyber-security-awareness, penetration-testing, cybersecurity, bug-bounty, kali-linux21-Apr-2024
What is server-side template injection?https://cyberw1ng.medium.com/what-is-server-side-template-injection-77b7e4d0cad2?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, penetration-testing, careers21-Apr-2024
How I could have hacked one LG website with a simple recon…https://medium.com/@rubixrub/how-i-could-have-hacked-one-lg-website-with-a-simple-recon-8306e6e4be54?source=rss------bug_bounty-5RubXhacking, bug-bounty, cybersecurity, bug-bounty-tips21-Apr-2024
HACKTHEBOX CBBH REVIEWhttps://medium.com/@admiralhr99/hackthebox-cbbh-review-76944984a573?source=rss------bug_bounty-5Admiralhrweb-application-security, bug-bounty, cybersecurity, cbbh, hackthebox21-Apr-2024
How do I get Started in Cyber Security? — My Perspective & Learning Path!https://medium.com/@aadhaarkoul2002/how-do-i-get-started-in-cyber-security-my-perspective-learning-path-cd45846dbe63?source=rss------bug_bounty-5Aadhaarkoulbug-bounty, infosec, technology, hacking, learning21-Apr-2024
Bug Bounty Challenge (final): Day 1–21/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-1-21-04-2024-f832f23f0464?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips21-Apr-2024
Bug Bounty Challenge (final): Day 2–21/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-1-21-04-2024-f832f23f0464?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips21-Apr-2024
Unsecured Content Provider leads to Account Takeoverhttps://medium.com/@ahmedelmorsy312/unsecure-content-provider-led-to-account-takeover-1e45d716bd7c?source=rss------bug_bounty-5Ahmed Elmorsihacker, bugbounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty20-Apr-2024
Best Bug Bounty Tipshttps://bevijaygupta.medium.com/best-bug-bounty-tips-af66fd076eb4?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bug-fixes, bugs, bug-bounty, bug-zero20-Apr-2024
Unraveling the Millennium Bug: A Digital Apocalypsehttps://medium.com/@ak123aryan/unraveling-the-millennium-bug-a-digital-apocalypse-39af9dbadc0b?source=rss------bug_bounty-5Akshay Aryanjava, bugs, software-development, bug-bounty20-Apr-2024
My methodology for hunting for open Redirect vulnerabilitieshttps://medium.com/@hozayfan782/my-methodology-for-hunting-for-open-redirect-vulnerabilities-fb79f2d24c22?source=rss------bug_bounty-5Hozayfa Nassertips, open-redirect, bug-bounty, tips-and-tricks20-Apr-2024
19.5 Lab: Finding a hidden GraphQL endpoint | 2024https://cyberw1ng.medium.com/19-5-lab-finding-a-hidden-graphql-endpoint-2024-aeb8cec440d1?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing20-Apr-2024
Paramspider Upgraded Versionhttps://medium.com/@pushkrajdhuri07/paramspider-upgraded-version-b14c1e8f9810?source=rss------bug_bounty-5PushkaraJhacking, bug-bounty, cybersecurity, redteam-tool, infosec20-Apr-2024
Bug Bounty Challenge (final): Day 1–20/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-1-20-04-2024-2db4a6c86cc2?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup, bug-bounty20-Apr-2024
April 2024 Reading Listhttps://daytontp.medium.com/april-2024-reading-list-e570dd5143c9?source=rss------bug_bounty-5Dayton Pruetbug-bounty, network-security, cloud-computing, google-cloud-platform, linux19-Apr-2024
Race Condition on Change Email Leads to Arbitrary Email Forgeryhttps://medium.com/@blackarazi/race-condition-on-change-email-leads-to-arbitrary-email-forgery-741b720ac840?source=rss------bug_bounty-5Azhari Harahapbug-bounty, application-security, api-security, race-condition, bug-bounty-writeup19-Apr-2024
Blockchain Bug Bountyhttps://bevijaygupta.medium.com/blockchain-bug-bounty-a84c5f5ac684?source=rss------bug_bounty-5Vijay Guptabug-bounty, bug-bounty-tips, blockchain, blockchain-technology, bugs19-Apr-2024
OTP Bypass Security Issues and Remediationshttps://pratham-08.medium.com/otp-bypass-security-issues-and-remediations-f207eecebbea?source=rss------bug_bounty-5Pratham Mittalsecure-coding, software-development, otp-bypass, bug-bounty, security19-Apr-2024
Reconnaissance in Bug Bounty Programshttps://bevijaygupta.medium.com/reconnaissance-in-bug-bounty-programs-d46fadeb4508?source=rss------bug_bounty-5Vijay Guptabugs, bug-bounty-tips, footprinting, reconnaissance, bug-bounty19-Apr-2024
First valid critical vulnerability of minehttps://medium.com/@shalabhdevliyal/first-valid-critical-vulnerability-of-mine-1143ceaffefc?source=rss------bug_bounty-5Shalabhdevliyalvulnerability, hackerone, bug-bounty, cybersecurity19-Apr-2024
OOGWAY — Vulnerability Search Toolhttps://symbolexe.medium.com/oogway-vulnerability-search-tool-494587f0c00d?source=rss------bug_bounty-5Yasinbug-bounty, cybersecurity, vulnerability, cve19-Apr-2024
An Interesting Case of XSS Caused by File Uploadhttps://medium.com/@xiaodongsec/an-interesting-case-of-xss-caused-by-file-upload-86bdfb09408f?source=rss------bug_bounty-5Xiaodongchina, security, bug-bounty, money, hacks19-Apr-2024
How I Disclosed Employees PII | The mistake I made..|https://medium.com/@the.bugcrowd.testerpawan/how-i-disclosed-employees-pii-the-mistake-i-made-ca299a155440?source=rss------bug_bounty-5the_air_sharmabug-bounty-hunter, bug-bounty-program, bug-bounty-tips, bug-bounty-writeup, bug-bounty19-Apr-2024
19.4 Lab: Performing CSRF exploits over GraphQL | 2024https://cyberw1ng.medium.com/19-4-lab-performing-csrf-exploits-over-graphql-2024-8362148aee53?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, careers, penetration-testing, hacking19-Apr-2024
let’s Unlock Advanced Permissionshttps://rofes1337.medium.com/lets-unlock-advanced-permissions-d8529e9048e4?source=rss------bug_bounty-5Yousef Muhammedelkhirbug-bounty-tips, penteration-testing, bug-bounty, web-app-pentesting, privilege-escalation19-Apr-2024
Defence Methodologiehttps://medium.com/@haticezkmnl/defence-methodologie-bd3aa669d90e?source=rss------bug_bounty-5Hatice Zehra Kamanlıpentesting, bug-bounty, soc, prevention, cybersecurity19-Apr-2024
A CRASH COURSE ON NETWORK PROTOCOLS FOR BUG HUNTERShttps://medium.com/@binarymaster/a-crash-course-on-network-protocols-for-bug-hunters-d2648b79ab0e?source=rss------bug_bounty-5Binarymasterhacking, bug-bounty, network19-Apr-2024
Rest API Pentesting Resourceshttps://medium.com/@m14r41/rest-api-pentesting-resources-3155985b8c4d?source=rss------bug_bounty-5Madhurendra Kumarpentesting, checklist, bug-bounty, api, hacking19-Apr-2024
A CRASH COURSE ON NETWORK PROTOCOLS FOR BUG HUNTERShttps://medium.com/@Progsky/a-crash-course-on-network-protocols-for-bug-hunters-d2648b79ab0e?source=rss------bug_bounty-5Progskyhacking, bug-bounty, network19-Apr-2024
Stored XSS chain on NASA VDPhttps://medium.com/@ph4nt0mbyt3/stored-xss-chain-on-nasa-vdp-93814e2df863?source=rss------bug_bounty-5ph4nt0mbyt3bug-bounty, vulnerability, nasa18-Apr-2024
Introducing SHIFU: Your Comprehensive CVE Finder Toolkithttps://symbolexe.medium.com/introducing-shifu-your-comprehensive-cve-finder-toolkit-4b036cce55c6?source=rss------bug_bounty-5Yasincybersecurity, cve, bug-bounty18-Apr-2024
How Shodan Helps me to Find SMTP misconfigurationhttps://thesafdari.medium.com/how-shodan-helps-me-to-find-smtp-misconfiguration-56f63f1116a5?source=rss------bug_bounty-5Milad Safdaribug-bounty, finding-smtp-misconfig, finding-vulnerabilities18-Apr-2024
Jamtangan Bug Bountyhttps://bevijaygupta.medium.com/jamtangan-bug-bounty-7c49fc09881f?source=rss------bug_bounty-5Vijay Guptabugs, bug-zero, bug-bounty-tips, bug-bounty, jam-tangan18-Apr-2024
IDOR Bug Bountyhttps://bevijaygupta.medium.com/idor-bug-bounty-282d62d91691?source=rss------bug_bounty-5Vijay Guptaidor, bugs, bug-zero, bug-bounty, bug-bounty-tips18-Apr-2024
Yahoo Bug Bountyhttps://bevijaygupta.medium.com/yahoo-bug-bounty-a8a711e9ec3a?source=rss------bug_bounty-5Vijay Guptabug-bounty, yahoo-bug-bounty, bugs, yahoo, bug-bounty-tips18-Apr-2024
A Beginner’s Guide To Insecure Deserializationhttps://medium.com/@four0four/a-beginners-guide-to-insecure-deserialization-d359adffb207?source=rss------bug_bounty-5four0fourprogramming, cybersecurity, bug-bounty18-Apr-2024
How I found HTMLi on main domain of programhttps://medium.com/@jeetpal2007/how-i-found-htmli-on-main-domain-of-program-5c88a8e1af9a?source=rss------bug_bounty-5JEETPALbug-bounty-tips, html-injection, bug-bounty18-Apr-2024
IDOR Lead to Data Leakhttps://melguerdawi.medium.com/idor-lead-to-data-leak-c5107094f9ca?source=rss------bug_bounty-5Mostafa Elguerdawibug-bounty, cybersecurity, bug-bounty-tips18-Apr-2024
VulnersX Toolhttps://symbolexe.medium.com/vulnersx-tool-7a10b3090bbf?source=rss------bug_bounty-5Yasincybersecurity, cve, vulnerability, bug-bounty18-Apr-2024
How Shodan Helps me to Find SMTP misconfigurationhttps://thesafdari.medium.com/how-shodan-helps-me-to-find-smtp-misconfiguration-56f63f1116a5?source=rss------bug_bounty-5Milad Safdari (TheSafdari)bug-bounty, finding-smtp-misconfig, finding-vulnerabilities18-Apr-2024
How i Hacked Globe/Gcash services and manage to get access on multiple databases including ssh…https://ph-hitachi.medium.com/how-i-hacked-globe-gcash-services-and-manage-to-get-access-on-multiple-databases-including-ssh-9ca781348e8f?source=rss------bug_bounty-5Ph.Hitachibug-bounty, public-disclosure, pentesting, gcash18-Apr-2024
SSL Pinning Bypass Simplifiedhttps://medium.com/@evilprince007/ssl-pinning-bypass-simplified-48c0d5294a6c?source=rss------bug_bounty-5Prathamesh Khatavkarbug-bounty, cybersecurity, android18-Apr-2024
Unveiling Access Control Flaws: Taking over an entire organizationhttps://medium.com/@im0thmann/unveiling-access-control-flaws-taking-over-an-entire-organization-23505eb75d89?source=rss------bug_bounty-5mohamed othmancybersecurity, bug-bounty18-Apr-2024
19.3 Lab: Bypassing GraphQL brute force protections | 2024https://cyberw1ng.medium.com/19-3-lab-bypassing-graphql-brute-force-protections-2024-ae9df787c7c7?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, careers, bug-bounty, hacking18-Apr-2024
How I Used the ‘Everything’ Service to Uncover Two High-Risk Threats and Earn Over $700 in Rewardshttps://medium.com/@xiaodongsec/how-i-used-the-everything-service-to-uncover-two-high-risk-threats-and-earn-over-700-in-rewards-c42d002707ad?source=rss------bug_bounty-5Xiaodongchina, bug-bounty, money, hacker, vulnerability17-Apr-2024
Uber Bug Bounty Programhttps://bevijaygupta.medium.com/uber-bug-bounty-program-04cfe5050cd1?source=rss------bug_bounty-5Vijay Guptauber, bug-bounty, bug-bounty-tips, bug-zero, bugs17-Apr-2024
“Mastering Bug Bounty Hunting: Unveiling Secrets to Finding Hidden Vulnerabilities”https://medium.com/@faizalin5555/mastering-bug-bounty-hunting-unveiling-secrets-to-finding-hidden-vulnerabilities-0b5088e213d4?source=rss------bug_bounty-5Faizal Nbug-bounty-tips, bug-bounty, cybersecurity, penetration-testing, vulnerability17-Apr-2024
Bug Bounty POChttps://bevijaygupta.medium.com/bug-bounty-poc-e7fefda2fad0?source=rss------bug_bounty-5Vijay Guptabug-bounty, poc, bug-bounty-tips, bug-zero, bugs17-Apr-2024
Vulnerability Bounty Tool Recommendation: WIHhttps://medium.com/@xiaodongsec/vulnerability-bounty-tool-recommendation-wih-1e7b559b5fbc?source=rss------bug_bounty-5Xiaodongchina, tools, hacker, bug-bounty, money17-Apr-2024
Leveraging XSS to Execute CSRF Attackshttps://medium.com/@dodir.sec/leveraging-xss-to-execute-csrf-attacks-421edb662b40?source=rss------bug_bounty-5dodirbug-bounty, cybersecurity, penetration-testing, csrf, xss-attack17-Apr-2024
API Mis configuration: How Employee can change Manager’s review for him. (Part 2)https://interc3pt3r.medium.com/api-mis-configuration-how-employee-can-change-managers-review-for-him-part-2-28b242216b40?source=rss------bug_bounty-5Aneesha Dweb-development, bug-bounty, tips, cybersecurity, hacking17-Apr-2024
19.2 Lab: Accidental exposure of private GraphQL fields | 2024https://cyberw1ng.medium.com/19-2-lab-accidental-exposure-of-private-graphql-fields-2024-0d0836dc82ba?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, hacking, bug-bounty, careers17-Apr-2024
How I approach Account takeover due to no rate limit on OTPhttps://medium.com/@jeetpal2007/how-i-approach-account-takeover-due-to-no-rate-limit-on-otp-10a7fe056184?source=rss------bug_bounty-5JEETPALbug-bounty, bountytips, no-rate-limit, account-takeover17-Apr-2024
How I found a P1 bug in just 40 minuteshttps://medium.com/@jeetpal2007/how-i-found-a-p1-bug-in-just-40-minutes-4f3614abe974?source=rss------bug_bounty-5JEETPALapi-key, p1bugs, bug-bounty-tips, bug-bounty17-Apr-2024
OTP Bruteforce Chained with Response Manipulation Leads to Zero Click Account Takeoverhttps://medium.com/@cyberpro151/otp-bruteforce-chained-with-response-manipulation-leads-to-zero-click-account-takeover-7d1bee79a19f?source=rss------bug_bounty-5cyberpro151cybersecurity, account-takeover, bug-bounty, web-hacking, hacking17-Apr-2024
(Part 2) API Mis configuration: How Employee can change Manager’s review for him.https://interc3pt3r.medium.com/api-mis-configuration-how-employee-can-change-managers-review-for-him-part-2-28b242216b40?source=rss------bug_bounty-5Aneesha Dweb-development, bug-bounty, tips, cybersecurity, hacking17-Apr-2024
TCM Security — Practical Ethical Hacking Course — Find & Exploit Common Web Vulnerabilities — XSS…https://shibushivansh.medium.com/tcm-security-practical-ethical-hacking-course-find-exploit-common-web-vulnerabilities-xss-00dbb33d45e2?source=rss------bug_bounty-5Shivansh Sethcross-site-scripting, blog, command-injection, bug-bounty, cybersecurity16-Apr-2024
PayPal Bug Bountyhttps://bevijaygupta.medium.com/paypal-bug-bounty-7838f8bc5e4b?source=rss------bug_bounty-5Vijay Guptabugs, paypal, paypal-account, bug-bounty, bug-bounty-tips16-Apr-2024
Discord Bug Bountyhttps://bevijaygupta.medium.com/discord-bug-bounty-e2d0d3829c99?source=rss------bug_bounty-5Vijay Guptabugs, discord, bug-bounty-tips, bug-bounty, discord-bot16-Apr-2024
Top 5 books to learn bug hunting beginner to advancehttps://medium.com/@buglearners.com/top-5-books-to-learn-bug-hunting-beginner-to-advance-9006c34ea126?source=rss------bug_bounty-5Buglearners.combug-bounty, cybersecurity, bug-hunting, advance, books16-Apr-2024
18.4 Lab: Exploiting Ruby deserialization using a documented gadget chain | 2024https://cyberw1ng.medium.com/18-4-lab-exploiting-ruby-deserialization-using-a-documented-gadget-chain-2024-2e02be94c6f8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, careers, bug-bounty, penetration-testing16-Apr-2024
Email Template Draft Feature Triggers SSRF, Earns ¥3000!https://medium.com/@xiaodongsec/email-template-draft-feature-triggers-ssrf-earns-3000-d59af1ffbae6?source=rss------bug_bounty-5Xiaodonghacker, vulnerability, china, money, bug-bounty16-Apr-2024
WhatWeb!?https://thehackersmeetup.medium.com/whatweb-c132eb13927c?source=rss------bug_bounty-5The Hackers Meetuptools, bug-bounty, whatweb, kali, web16-Apr-2024
XSS (Міжсайтовий скриптинг): детальний розбірhttps://medium.com/@max.pavlenko.dev/xss-%D0%BC%D1%96%D0%B6%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2%D0%B8%D0%B9-%D1%81%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%B8%D0%BD%D0%B3-%D0%B4%D0%B5%D1%82%D0%B0%D0%BB%D1%8C%D0%BD%D0%B8%D0%B9-%D1%80%D0%BE%D0%B7%D0%B1%D1%96%D1%80-23c36e5a7483?source=rss------bug_bounty-5Max Pavlenko (Certified Vue.js Developer)bug-bounty, security, front-end-development, xss-vulnerability16-Apr-2024
Reverse Engineering Sitecore Vulnerabilities-3https://medium.com/@nilayp799/reverse-engineering-sitecore-vulnerabilities-3-ba8a99563ca4?source=rss------bug_bounty-5Nilay Patelbug-bounty, vulnerability, automation, hacking, sitecore16-Apr-2024
Reverse Shell Scripting Concept.https://rahman0x01.medium.com/reverse-shell-scripting-concept-1bf1f60686a7?source=rss------bug_bounty-5rahman0x01netcat, bash-scripting, bug-bounty, reverse-shell, bash-script16-Apr-2024
I Found An IDOR Flaw where users' attached pictures and documents were leaked.https://medium.com/@Ajakcybersecurity/i-found-an-idor-flaw-where-users-attached-pictures-and-documents-were-leaked-961d564ce72f?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, cybersecurity, money, bug-bounty, penetration-testing16-Apr-2024
Bug Bounty Automationhttps://bevijaygupta.medium.com/bug-bounty-automation-f1fa68e3d903?source=rss------bug_bounty-5Vijay Guptaautomation-tools, automation-testing, bug-bounty-tips, automation, bug-bounty15-Apr-2024
Dell Bug Bountyhttps://bevijaygupta.medium.com/dell-bug-bounty-a578dc53d7bb?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, dell, dell-laptop, bugs, bug-bounty15-Apr-2024
CVE-2024–3400: A Critical Vulnerability in PAN-OS Firewallshttps://infosecwriteups.com/cve-2024-3400-a-critical-vulnerability-in-pan-os-firewalls-a7f8c66a10d2?source=rss------bug_bounty-5ElNiakbug-bounty, penetration-testing, command-injection, firewall, cybersecurity15-Apr-2024
Story of a strange IDOR without IDhttps://m7arm4n.medium.com/story-of-a-strange-idor-without-id-6735fd3dcd27?source=rss------bug_bounty-5M7arm4nhacking, bug-bounty, bug-bounty-tips, security, hacker15-Apr-2024
CSRF (1/3)https://medium.com/@karimelsayed0x1/csrf-1-3-22050bf9c92c?source=rss------bug_bounty-5z3r0xkbug-bounty, bug-bounty-tips, bug-bounty-writeup, csrf, web-attack15-Apr-2024
Advance XSS payload Listhttps://medium.com/@psychomong/advance-xss-payload-list-7b5d1a4df61c?source=rss------bug_bounty-5psychomonghacking, bug-bounty-tips, bugs, bug-bounty, xss-attack15-Apr-2024
18.3 Lab: Exploiting PHP deserialization with a pre-built gadget chain | 2024https://cyberw1ng.medium.com/18-3-lab-exploiting-php-deserialization-with-a-pre-built-gadget-chain-2024-64dcb875e23c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, hacking, penetration-testing, bug-bounty15-Apr-2024
How I got JS Execution (DOM XSS) Via CSTIhttps://medium.com/@amrkadry7/how-i-got-js-execution-dom-xss-via-csti-58a4171c2963?source=rss------bug_bounty-5Amrcybersecurity, bug-bounty15-Apr-2024
Acer Bug Bountyhttps://bevijaygupta.medium.com/acer-bug-bounty-9ce4d49c1051?source=rss------bug_bounty-5Vijay Guptaacer, bug-zero, bug-bounty, bug-bounty-tips, bugs14-Apr-2024
My Bug Bounty Journeyhttps://bevijaygupta.medium.com/my-bug-bounty-journey-b07f663c8ff8?source=rss------bug_bounty-5Vijay Guptabug-zero, bug-bounty-tips, my-journey, bugs, bug-bounty14-Apr-2024
Ten Tips You Have to Know for WordPress Bug Bountyhttps://medium.com/@zpbrent/ten-tips-you-have-to-know-for-wordpress-bug-bounty-b2b070f07add?source=rss------bug_bounty-5Peng Zhoubug-bounty, wordpress, infosec, hacker, bug-bounty-tips14-Apr-2024
How I Exploited the Account Cancellation Feature to Farm Rewardshttps://medium.com/@xiaodongsec/how-i-exploited-the-account-cancellation-feature-to-farm-rewards-19f6d6c0e181?source=rss------bug_bounty-5Xiaodonghacks, bug-bounty, skills, vulnerability, china14-Apr-2024
How I Hack Web Applications (Part 1)https://infosecwriteups.com/how-i-hack-web-applications-part-1-0833c002cc9a?source=rss------bug_bounty-5Rafin Rahman Chyethical-hacking, penetration-testing, bug-bounty, infosec, application-security14-Apr-2024
A unique SSRF hunt ( Invite user functionality vulnerable to blind SSRF attack )https://medium.com/@abhishek8602314652/a-unique-ssrf-hunt-invite-user-functionality-vulnerable-to-blind-ssrf-attack-c6804b2b398b?source=rss------bug_bounty-5Abhishek singh ( a6h1)bug-bounty, ssrf, bug-bounty-tips, bug-hunting, bug-bounty-writeup14-Apr-2024
A click can cause 1600$ | Auth0 misconfig .https://naumankh4n.medium.com/a-click-can-cause-1600-auth0-misconfig-9234aedad55c?source=rss------bug_bounty-5Nauman Khanpenetration-testing, bug-bounty, hacking, cybersecurity, money14-Apr-2024
18.2 Lab: Exploiting Java deserialization with Apache Commons | 2024https://cyberw1ng.medium.com/18-2-lab-exploiting-java-deserialization-with-apache-commons-2024-7ba379e97b52?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, careers, penetration-testing14-Apr-2024
Access to transparent security testing — Why we made HackGATE™ available to everyonehttps://medium.com/@levente.b.molnar/access-to-transparent-security-testing-why-we-made-hackgate-available-to-everyone-11c3e0efe44c?source=rss------bug_bounty-5Hackratebug-bounty, penetration-testing, pentesting, security, cybersecurity14-Apr-2024
THE ART OF RECONISM: HORIZONTAL RECON FOR PENETRATION TESTING:https://hacktivistattacker.medium.com/the-art-of-reconism-horizontal-recon-for-penetration-testing-fea5399af186?source=rss------bug_bounty-5Hacktivist-Attackerreconnaissance, horizonatl-reconaissance, scope-finding, bug-bounty, information-gathering13-Apr-2024
Power of CSRFhttps://medium.com/@hillrane24/power-of-csrf-43b736c74280?source=rss------bug_bounty-5NIKHIL RANEotp-bypass, bug-bounty, csrf, authentication-bypass13-Apr-2024
Unauthorized Admin Account Access via Google Authenticationhttps://nullr3x.medium.com/unauthorized-admin-account-access-via-google-authentication-a38d42577ac9?source=rss------bug_bounty-5Sahil Mehracybersecurity, web, bug-bounty, vulnerability, penetration-testing13-Apr-2024
Bancor Bug Bountyhttps://bevijaygupta.medium.com/bancor-bug-bounty-9c40e9389ab5?source=rss------bug_bounty-5Vijay Guptabug-zero, bug-bounty, bug-bounty-tips, bugs, bancor13-Apr-2024
Facebook Bug Bountyhttps://bevijaygupta.medium.com/facebook-bug-bounty-e9e73ce56f11?source=rss------bug_bounty-5Vijay Guptafacebook, bug-bounty-tips, bug-bounty, bugs, facebook-bug-bounty13-Apr-2024
Menggali Potensi Bug Bounty: Menghasilkan Uang atau Menemukan Keamanan?https://medium.com/@kaizen100801/menggali-potensi-bug-bounty-menghasilkan-uang-atau-menemukan-keamanan-170c44d2904e?source=rss------bug_bounty-5Zenbug-bounty, bug-bounty-tips, cybersecurity, hacking, cyber-security-awareness13-Apr-2024
Api Bug Bountyhttps://bevijaygupta.medium.com/api-bug-bounty-5f2aafced9a4?source=rss------bug_bounty-5Vijay Guptabugs, api, bug-bounty, api-development, bug-bounty-tips13-Apr-2024
How I saved over 200,000 job seekers’ data on staterecruit.in from a potential data breach.https://brutexploiter.medium.com/how-i-saved-over-200-000-job-seekers-data-on-staterecruit-in-from-a-potential-data-breach-7db5bad1c9e0?source=rss------bug_bounty-5brutexploitercybersecurity, web-development, web-security, sql-injection, bug-bounty13-Apr-2024
How do insecure deserialization vulnerabilities arise?https://cyberw1ng.medium.com/how-do-insecure-deserialization-vulnerabilities-arise-233c336b305b?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, careers, hacking, bug-bounty13-Apr-2024
How Did I Easily Find Stored XSS at Apple and earn $5000 ?https://medium.com/@xrypt0/how-did-i-easily-find-stored-xss-at-apple-and-earn-5000-3aadbae054b2?source=rss------bug_bounty-5Cryptosecurity, xss-attack, apple, bug-bounty, web-security13-Apr-2024
TryHackMe Creative Write-Uphttps://blog.devgenius.io/tryhackme-creative-write-up-f29e2cdbf7ae?source=rss------bug_bounty-5Joseph Alantryhackme-walkthrough, tryhackme, cybersecurity, tryhackme-writeup, bug-bounty13-Apr-2024
Broken Access Control (IDOR) on Forgot Password Could Lead to Attacker Change Password for Every…https://medium.com/@blackarazi/broken-access-control-idor-on-forgot-password-could-lead-to-attacker-change-password-for-every-e1b18e075b5a?source=rss------bug_bounty-5Azhari Harahapbug-bounty-writeup, bug-bounty, account-takeover, application-security, broken-access-control12-Apr-2024
How I managed to bypass 2FA on image linehttps://medium.com/@bishwajeetb1/how-i-managed-to-bypass-2fa-on-image-line-11f123fc32ea?source=rss------bug_bounty-5Bishwajeetcybersecurity, bug-bounty, application-security, web-application-testing, web-application-security12-Apr-2024
Using E-Notation to bypass Access Control restrictions to access arbitrary user PII-discussionshttps://medium.com/@keizobugbounty/using-e-notation-to-bypass-access-control-restrictions-to-access-arbitrary-user-pii-discussions-1fa014b544d4?source=rss------bug_bounty-5Keizobugbounty-writeup, cybersecurity, bug-bounty-writeup, bug-bounty, bug-bounty-tips12-Apr-2024
The Critical Role Of Bug Bounties in Ensuring Web3 Securityhttps://securrtech.medium.com/the-critical-role-of-bug-bounties-in-ensuring-web3-security-084cf518234b?source=rss------bug_bounty-5Securrweb3-security, bug-bounty, web312-Apr-2024
How I Find My First Internet Bug Bounty for Apache Airflowhttps://medium.com/@zpbrent/how-i-find-my-first-internet-bug-bounty-for-apache-airflow-9d3c1ec29b24?source=rss------bug_bounty-5Peng Zhoubug-bounty, open-source, airflow, python, infosec12-Apr-2024
Bug Zero at a Glance [16–31 March]https://blog.bugzero.io/bug-zero-at-a-glance-16-31-march-4f4cd6823a75?source=rss------bug_bounty-5Januka Dharmapriyacybersecurity, sri-lanka, bug-zero, bug-bounty, newsletter12-Apr-2024
How i Almost got 2K$ through a Race conditionhttps://medium.com/@0x3adly/how-i-almost-got-2k-through-a-race-condition-3b09232b3a25?source=rss------bug_bounty-5Anas Eladly ( 0x3adly )bug-bounty, bug-bounty-tips, race-condition, infosec, web-penetration-testing12-Apr-2024
A Comprehensive Guide to Static Analysis in Android Pentestinghttps://medium.com/@samireddisaimanikanta939/a-comprehensive-guide-to-static-analysis-in-android-pentesting-66023053ed18?source=rss------bug_bounty-5Intrud3rXpenetration-testing, ethical-hacking, android-static-analysis, android-pentesting, bug-bounty12-Apr-2024
Learn Bug Bountyhttps://bevijaygupta.medium.com/learn-bug-bounty-d67654f0c01f?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bugs, bug-bounty, learn, bug-zero12-Apr-2024
Microsoft Bug Bountyhttps://bevijaygupta.medium.com/microsoft-bug-bounty-1295263b135e?source=rss------bug_bounty-5Vijay Guptamicrosoft, microservices, bug-bounty-tips, bug-bounty-writeup, bug-bounty12-Apr-2024
How I Bypassed Offer Limits to Gain Multiple Membership Benefitshttps://medium.com/@xiaodongsec/how-i-bypassed-offer-limits-to-gain-multiple-membership-benefits-affea84c0844?source=rss------bug_bounty-5Xiaodongbug-bounty, hacker, china, vulnerability12-Apr-2024
Latest Bug Bounty And Web Hacking Tools Bug Bunty And Web Hacking Toolshttps://medium.com/@haidertallal786/latest-bug-bounty-and-web-hacking-tools-bug-bunty-and-web-hacking-tools-feff2224b200?source=rss------bug_bounty-5Muhammad haider Tallalbug-bounty, web-penetration-testing, hacking12-Apr-2024
Zoho Account Takeover: How a Single Click Can Lead to Full Control on your Zoho accounthttps://medium.com/@0xUsername/zoho-account-takeover-how-a-single-click-can-lead-to-full-control-on-your-zoho-account-04a5ea069382?source=rss------bug_bounty-5HackerWithOutHatsecurity, cybersecuirty, bug-bounty, infosec, information-security12-Apr-2024
Random account takeover via misconfigured OAuthhttps://medium.com/@Berserker1337/random-account-takeover-via-misconfigured-oauth-5dc2cbbbe905?source=rss------bug_bounty-5Berserkerbug-bounty, cybersecurity, information-security, infosec, vulnerability12-Apr-2024
16.5 Lab: Multistep clickjacking in Bug Bounty | 2024https://cyberw1ng.medium.com/16-5-lab-multistep-clickjacking-in-bug-bounty-2024-a5eb20de6900?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking12-Apr-2024
5 Methods I Use To Discover APIshttps://medium.com/@red.whisperer/5-methods-i-use-to-discover-apis-6d646baa3ffb?source=rss------bug_bounty-5Chuxapi, red-team, pentesting, hacking, bug-bounty12-Apr-2024
Token-Based Authentication vulnerabilityhttps://medium.com/@paulovitorcl/token-based-authentication-vulnerability-37d97efcca62?source=rss------bug_bounty-5Paulo Vitor Costa Limabug-bounty, cybersecurity12-Apr-2024
Hunting on Microsoft SharePoint: The art of manipulation.https://machiavellli.medium.com/hunting-on-microsoft-sharepoint-the-art-of-manipulation-25c96ee1de3a?source=rss------bug_bounty-5Machiavelliinfosec, bug-bounty12-Apr-2024
How I Discovered Vulnerabilities by Modifying App Memoryhttps://medium.com/@xiaodongsec/how-i-discovered-vulnerabilities-by-modifying-app-memory-5a87b685ed3d?source=rss------bug_bounty-5Xiaodonghacker, china, bug-bounty, vulnerability, money12-Apr-2024
How I Exposed a High-Risk SSRF Vulnerability in an AI Modelhttps://medium.com/@xiaodongsec/how-i-exposed-a-high-risk-ssrf-vulnerability-in-an-ai-model-e40d6f96a5e1?source=rss------bug_bounty-5Xiaodongsechacker, bug-bounty, ai11-Apr-2024
Building My Own Packet Sniffer for Game Security Testinghttps://medium.com/@yannik603/building-my-own-packet-sniffer-for-game-security-testing-8baf58a94d0c?source=rss------bug_bounty-5Yannik Castrogamehacking, bug-bounty, reverse-engineering, hacking, hacking-tools11-Apr-2024
Meta Bug Bountyhttps://bevijaygupta.medium.com/meta-bug-bounty-cc842ca0f614?source=rss------bug_bounty-5Vijay Guptabugs, bug-zero, bug-bounty, metaverse, bug-bounty-tips11-Apr-2024
How to Fuzz Prototype Pollution by Reusing Public CVEs for Fun and Researchhttps://medium.com/@zpbrent/how-to-fuzz-prototype-pollution-by-reusing-public-cves-for-fun-and-research-40891013bf0b?source=rss------bug_bounty-5Peng Zhouweb-security, nodejs, fuzzing, infosec, bug-bounty11-Apr-2024
How I Exposed a High-Risk SSRF Vulnerability in an AI Modelhttps://medium.com/@xiaodongsec/how-i-exposed-a-high-risk-ssrf-vulnerability-in-an-ai-model-e40d6f96a5e1?source=rss------bug_bounty-5Xiaodonghacker, bug-bounty, ai11-Apr-2024
How I Uncovered a Payment Vulnerabilityhttps://medium.com/@xiaodongsec/how-i-uncovered-a-payment-vulnerability-6355e15d1702?source=rss------bug_bounty-5Xiaodongvulnerability, china, bug-bounty, hacker11-Apr-2024
Indian software firms cheated me by failing to provide the promised bounty after I reported…https://medium.com/@mangbho28/indian-software-firms-cheated-me-by-failing-to-provide-the-promised-bounty-after-i-reported-ffc7fcc83993?source=rss------bug_bounty-5MB007bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-program11-Apr-2024
Bypassed the Amazon CloudFront Logic and got XSS at the National Weather Agency of the U.S.https://royzsec.medium.com/bypassed-the-amazon-cloudfront-logic-and-got-xss-at-the-national-weather-agency-of-the-u-s-100af330430a?source=rss------bug_bounty-5Prince Roy(RoyzSec)web-development, hacking, bug-bounty, cybersecurity, penetration-testing11-Apr-2024
7 Essential Skills Every Bug Bounty Hunter Needs to Succeedhttps://medium.com/mynextdeveloper/7-essential-skills-every-bug-bounty-hunter-needs-to-succeed-0e6ac8afa483?source=rss------bug_bounty-5MyNextDeveloperpenetration-testing, cybersecurity, kali-linux, darkweb, bug-bounty11-Apr-2024
GitHub Bug Bountyhttps://bevijaygupta.medium.com/github-bug-bounty-afa61eb789f3?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bug-zero, bugs, github, bug-bounty11-Apr-2024
16.4 Lab: Exploiting clickjacking vulnerability to trigger DOM-based XSS | 2024https://cyberw1ng.medium.com/16-4-lab-exploiting-clickjacking-vulnerability-to-trigger-dom-based-xss-2024-71c5b567fb4b?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, cybersecurity, bug-bounty, careers11-Apr-2024
Secret BurpSuite Extension For BugBounty~ Part-2https://medium.com/@Ajakcybersecurity/secret-burpsuite-extension-for-bugbounty-part-2-58b644b9222c?source=rss------bug_bounty-5AjakCybersecurityblog, bug-bounty, penetration-testing, ethical-hacking, hacking11-Apr-2024
How to Fuzz Prototype Pollution by Reusing Public CVEs for Fun and Researchhttps://medium.com/@zpbrent/how-to-fuzz-prototype-pollution-by-reusing-public-cves-for-fun-and-research-40891013bf0b?source=rss------bug_bounty-5Peng Zhoujavascript, web-security, nodejs, infosec, bug-bounty11-Apr-2024
Bug Bounty Challenge: Day 16–11/04/2024https://wallotry.medium.com/bug-bounty-challenge-day-16-11-04-2024-effc5c820319?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty11-Apr-2024
CVE-2024–24576: A Critical Rust Vulnerability on Windowshttps://infosecwriteups.com/cve-2024-24576-a-critical-rust-vulnerability-on-windows-4f0bb1a332e9?source=rss------bug_bounty-5ElNiakcybersecurity, windows, rust, penetration-testing, bug-bounty10-Apr-2024
How I Find an Arbitrary File Upload Vulnerability with a Unique Bypasshttps://medium.com/@zpbrent/how-i-find-an-arbitrary-file-upload-vulnerability-with-a-unique-bypass-8d679f45a497?source=rss------bug_bounty-5Peng Zhouinfosec, wordpress-plugins, web-security, bug-bounty, wordpress10-Apr-2024
Bug Bounty Certificationhttps://bevijaygupta.medium.com/bug-bounty-certification-27c95b8a1b80?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bugs, bug-bounty, bug-zero, bug-bounty-certification10-Apr-2024
Android Bug Bountyhttps://bevijaygupta.medium.com/android-bug-bounty-9a2daf0d2270?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, android-bug-bounty, android, bugs, bug-bounty10-Apr-2024
Apple Bug Bountyhttps://bevijaygupta.medium.com/apple-bug-bounty-88002b2c159d?source=rss------bug_bounty-5Vijay Guptaapple-bug-bounty, bug-zero, bug-bounty, bug-bounty-tips, bugs10-Apr-2024
SQL Injection: A Simple Beginner’s Guide.https://ishengoma.medium.com/sql-injection-a-simple-beginners-guide-58d237ff18da?source=rss------bug_bounty-5Ishengomavulnerability-assessment, sql-injection, hacking, vulnerability-management, bug-bounty10-Apr-2024
Privilege Escalation by manipulating endpointhttps://medium.com/@vijayrockstar.verma5/privilege-escalation-by-manipulating-endpoint-10feb974bab5?source=rss------bug_bounty-5Vijay Vermainfosec, hacking, bug-bounty, cybersecurity, pentesting10-Apr-2024
Vulnerable WordPress March 2024 (Kandovan)https://medium.com/@onhexgroup/vulnerable-wordpress-march-2024-kandovan-24103451060b?source=rss------bug_bounty-5Onhexgroupwordpress, bug-bounty, wordpress-security, infosec, exploitation10-Apr-2024
Clickjacking: A Comprehensive Guide to Finding Clickjacking Vulnerabilitieshttps://cyberw1ng.medium.com/clickjacking-a-comprehensive-guide-to-finding-clickjacking-vulnerabilities-3f51d8e63a41?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, security, bug-bounty, careers10-Apr-2024
Bug: No rate limiting on Email verification leads to huge Mass Mailing :: P4https://medium.com/@deypradip87jk/bug-no-rate-limiting-on-email-verification-leads-to-huge-mass-mailing-p4-b72c666d6e56?source=rss------bug_bounty-5Professor0xx01information-security, bug-bounty-tips, cybersecurity, bug-bounty, infosec-write-ups09-Apr-2024
How I Found Bug :: Reflected XSS (Cross-Site-Scripting) On a BBP.https://medium.com/@deypradip87jk/how-i-found-bug-reflected-xss-cross-site-scripting-on-a-bbp-9f57611eda91?source=rss------bug_bounty-5Professor0xx01bug-bounty, cyber-security-solutions, infosec-write-ups, offensive-security, bug-bounty-tips09-Apr-2024
Bug: No rate limiting on Email verification leads to huge Mass Mailing :: P4https://medium.com/@p.ra.dee.p_0xx01/bug-no-rate-limiting-on-email-verification-leads-to-huge-mass-mailing-p4-b72c666d6e56?source=rss------bug_bounty-5Professor0xx01information-security, bug-bounty-tips, cybersecurity, bug-bounty, infosec-write-ups09-Apr-2024
How I Found Bug :: Reflected XSS (Cross-Site-Scripting) On a BBP.https://medium.com/@p.ra.dee.p_0xx01/how-i-found-bug-reflected-xss-cross-site-scripting-on-a-bbp-9f57611eda91?source=rss------bug_bounty-5Professor0xx01bug-bounty, cyber-security-solutions, infosec-write-ups, offensive-security, bug-bounty-tips09-Apr-2024
Bug Bounty Reportshttps://bevijaygupta.medium.com/bug-bounty-reports-8a6480d06a80?source=rss------bug_bounty-5Vijay Guptabug-bounty, bug-bounty-tips, bugs, bug-bounty-reports, bug-zero09-Apr-2024
Bug Hunting Methodology for Beginnershttps://bevijaygupta.medium.com/bug-hunting-methodology-for-beginners-ce7ee1b11c25?source=rss------bug_bounty-5Vijay Guptabug-bounty-hunter, bug-hunting, bug-bounty, bug-bounty-tips, bug-bounty-writeup09-Apr-2024
Information Disclosure: Story of 500€ + 400$ Bountyhttps://v3d.medium.com/information-disclosure-story-of-500-400-bounty-97d3b343f9ad?source=rss------bug_bounty-5V3Dbug-bounty, penetration-testing, information-technology, cybersecurity, hacking09-Apr-2024
Card Payment Functionality Checklist — Bug Bounty Tuesdayhttps://medium.com/@kerstan/card-payment-functionality-checklist-bug-bounty-tuesday-6eab127d0126?source=rss------bug_bounty-5kerstantechnology, hacking, cybersecurity, bug-bounty, security09-Apr-2024
Mass automation for finding XSS vulnerabilities in large scope targetshttps://medium.com/@oumzarkar/mass-automation-for-finding-xss-vulnerabilities-in-large-scope-targets-019996b0515c?source=rss------bug_bounty-5dextrobug-bounty-tips, cybersecurity, walkthrough, automation, bug-bounty09-Apr-2024
How I Found My First Stored XSS || WAF & Characters Limitation Bypasshttps://kariiem.medium.com/how-i-found-my-first-stored-xss-waf-characters-limitation-bypass-cc414c4fadde?source=rss------bug_bounty-5Kariiem Gamalbug-bounty-tips, bug-hunting, bug-bounty, waf-bypass, bugbounty-writeup09-Apr-2024
My WordPress Bug Bounty Journey on Patchstackhttps://medium.com/@zpbrent/from-first-rejection-to-monthly-top-c0dedd4bbc7f?source=rss------bug_bounty-5Peng Zhoubug-bounty-program, bug-bounty-hunter, wordpress-security, ethical-hacking, bug-bounty09-Apr-2024
Simple Tips for Bug Bounty Beginners: Finding Blind XSS Vulnerabilitieshttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-blind-xss-vulnerabilities-ab67977ff756?source=rss------bug_bounty-5Anish Narayanbug-bounty-tips, bug-bounty, xss-attack, cross-site-scripting, cybersecurity09-Apr-2024
15.3 Lab: CORS vulnerability with trusted insecure protocols | 2024https://cyberw1ng.medium.com/15-3-lab-cors-vulnerability-with-trusted-insecure-protocols-2024-2ba1967daecc?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, penetration-testing, bug-bounty, cybersecurity, hacking09-Apr-2024
Hunting Bugs and Striking Gold: Forward Calls for Elite Hunters in the Bug Bounty Campaignhttps://forwardprotocol.medium.com/hunting-bugs-and-striking-gold-forward-calls-for-elite-hunters-in-the-bug-bounty-campaign-057e686c8577?source=rss------bug_bounty-5Forward Protocolblockchain-technology, bug-bounty, bug-bounty-hunter, web3, blockchain-developer09-Apr-2024
Is Your Business a Sitting Duck for Credit Card Hackers? Here’s How PCI DSS Can Save You!https://medium.com/@josuofficial327/is-your-business-a-sitting-duck-for-credit-card-hackers-heres-how-pci-dss-can-save-you-97d7b6562131?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binucybersecurity, payment-gateway, bug-bounty, hacking, bug-bounty-tips08-Apr-2024
Google Bug Huntershttps://bevijaygupta.medium.com/google-bug-hunters-673e2f5c2600?source=rss------bug_bounty-5Vijay Guptabug-hunter, bug-bounty-writeup, google, bug-bounty, bug-bounty-tips08-Apr-2024
Unleashing the Power of Bug Bounty Dorks: A Comprehensive Guidehttps://bevijaygupta.medium.com/unleashing-the-power-of-bug-bounty-dorks-a-comprehensive-guide-b121fce9e5e4?source=rss------bug_bounty-5Vijay Guptagoogle, bug-bounty, bug-bounty-tips, google-dork, bug-zero08-Apr-2024
How I Got Multiple Privilege Escalations — The Easy Trick?https://medium.com/@Mdabdulrahman/how-i-got-multiple-privilege-escalations-the-easy-trick-e915110bc08a?source=rss------bug_bounty-5Md Abdul Rahmanwin-privilege-escalation, bug-bounty, penetration-testing, privilege-escalation08-Apr-2024
Hacking Swisscom’s End-to-End Encrypted Cloud Storage for $4,000https://medium.com/@thomashouhou/hacking-swisscoms-end-to-end-encrypted-cloud-storage-for-4-000-3660722196ec?source=rss------bug_bounty-5Thomas Houhouweb-security, hacking, bug-bounty-tips, bug-bounty, cybersecurity08-Apr-2024
XSS on out of scope domain? CORS is your secret weapon!https://c4rrilat0r.medium.com/xss-on-out-of-scope-domain-cors-is-your-secret-weapon-93e433278080?source=rss------bug_bounty-5c4rrilat0rbug-bounty, bug-bounty-tips, hackerone, xss-attack, cors08-Apr-2024
Breaking Free: 26 Advanced Techniques to Escape Docker Containershttps://infosecwriteups.com/breaking-free-26-advanced-techniques-to-escape-docker-containers-530049816b55?source=rss------bug_bounty-5ElNiakbug-bounty, cybersecurity, penetration-testing, kubernetes, docker08-Apr-2024
15.2 Lab: CORS vulnerability with trusted null origin | 2024https://cyberw1ng.medium.com/15-2-lab-cors-vulnerability-with-trusted-null-origin-2024-a84020e4e254?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, cybersecurity, careers, bug-bounty08-Apr-2024
Why You Should Attend Cybersecurity Conferences: Unlock Opportunitieshttps://medium.com/@a13h1/why-you-should-attend-cybersecurity-conferences-unlock-opportunities-2a16dfe4658e?source=rss------bug_bounty-5Abhi Sharmanetworking, information-security, cybersecurity, conference, bug-bounty07-Apr-2024
How to Start Your Journey into Cybersecurity in 2024 (or how I did)https://medium.com/@j0hnc0nn0r/how-to-start-your-journey-into-cybersecurity-in-2024-or-how-i-did-ebe4910acdc7?source=rss------bug_bounty-5John Connorcybersecurity, penetration-testing, bug-bounty, tryhackme, hackthebox07-Apr-2024
How to Start Your Journey into Cybersecurity in 2024 (or how I did)https://medium.com/@j0hnc0nn0r/how-to-start-your-journey-into-cybersecurity-in-2024-or-how-i-did-ebe4910acdc7?source=rss------bug_bounty-5J0hn C0nn0rcybersecurity, penetration-testing, bug-bounty, tryhackme, hackthebox07-Apr-2024
How Employee can change Manager’s review for him.https://interc3pt3r.medium.com/how-employee-can-change-managers-review-for-him-a903bd329111?source=rss------bug_bounty-5Aneesha Dbug-bounty, cybersecurity, hacking, security, bugs07-Apr-2024
Unofficial Guide to OWASP Top 10:2021https://medium.com/@rafinrahmanchy/unofficial-guide-to-owasp-top-10-2021-87eebd03b614?source=rss------bug_bounty-5Rafin Rahman Chypentesting, web-security, bug-bounty, hacking, infosec07-Apr-2024
TryHackMe CTF: Vulnversity — Walkthroughhttps://medium.com/@suyogpatil1810/tryhackme-ctf-vulnversity-walkthrough-2f375c5521a6?source=rss------bug_bounty-5Suyog Patilsoftware-development, computer-science, hacking, ethical-hacking, bug-bounty07-Apr-2024
Mastering CORS: A Comprehensive Guide to Finding Cross-origin resource sharing Vulnerabilities |…https://cyberw1ng.medium.com/mastering-cors-a-comprehensive-guide-to-finding-cross-origin-resource-sharing-vulnerabilities-c22a5659f95f?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, security, penetration-testing07-Apr-2024
How We Found a 25K$ Bug in a Blockchain Project by Mistake | Bounty Hunting Journeyhttps://0d.dwalletlabs.com/how-we-found-a-25k-bug-in-a-blockchain-project-by-mistake-bounty-hunting-journey-21c0c20440f6?source=rss------bug_bounty-5Elad Ernstblockchain, exploitation, web3, bug-bounty, icon-foundation07-Apr-2024
IDOR Leads To Account Takeoverhttps://medium.com/@adityasawant00/idor-leads-to-account-takeover-28fe6e300a49?source=rss------bug_bounty-5Aditya Sawantidor, account-takeover, bug-bounty, penetration-testing, web-application-security07-Apr-2024
How Did I Find Reflected XSS In Domino’s ?https://medium.com/@xrypt0/how-did-i-find-reflected-xss-in-dominos-d1d41b120598?source=rss------bug_bounty-5Cryptocloudflare, bug-bounty, penetration-testing, xss-attack, web-security07-Apr-2024
File Upload Vulnerability Checklisthttps://medium.com/@dasmanish6176/file-upload-vulnerability-checklist-254c4680aa74?source=rss------bug_bounty-5Dasmanishweb-application-security, bug-bounty, web-penetration-testing, vapt, file-upload-vulnerability07-Apr-2024
Bug Bounties in Web3: Investing in Security for Sustainable Growthhttps://medium.com/@charliekaru/bug-bounties-in-web3-investing-in-security-for-sustainable-growth-5b4092474d3d?source=rss------bug_bounty-5Charlie Karunaratneweb3, defi-security, bug-bounty, web3-security07-Apr-2024
Teaching Spotify a Cryptography Lessonhttps://medium.com/@Fanicia/teaching-spotify-a-cryptography-lesson-51f5ee0b0f5c?source=rss------bug_bounty-5Security Guyopenid-connect, blue-team, bug-bounty, cybersecurity, bug-bounty-tips07-Apr-2024
Finding CSRF on Graphql Applicationhttps://medium.com/@alpernae/finding-csrf-on-graphql-application-3ffa1105a30d?source=rss------bug_bounty-5Alperenbug-bounty-tips, graphql, cybersecurity, bug-bounty, csrf7-Apr-2024
The Fast and the Curious: Finding a Race Condition in Worldcoinhttps://medium.com/@gonzo-hacks/the-fast-and-the-curious-finding-a-race-condition-in-worldcoin-621c89bfbd61?source=rss------bug_bounty-5Dane Sherretsbug-bounty, bug-fixes, bug-bounty-tips, blockchain, hacking7-Apr-2024
“Fortify Your Cyber Space: Embark on the Dominant Cyber Boot Camp Journey”https://medium.com/@rizvi4600779/fortify-your-cyber-space-embark-on-the-dominant-cyber-boot-camp-journey-3071bd0b1ec7?source=rss------bug_bounty-5Syed Muhammad Minhal Rizvihacking, writeup, cyber, bug-bounty, cybersecurity7-Apr-2024
Host Header Manipulation Leading to Unauthorized Access to Apple’s Internal Slack bot (Bug Bounty)https://amineaboud.medium.com/unauthorized-access-to-an-internal-app-used-by-apple-to-protect-confidential-information-shared-on-c8835a80079b?source=rss------bug_bounty-5Amine Aboudbug-bounty-writeup, bug-bounty, bug-bounty-tips07-Apr-2024
This Cryptocurrency exchange paid me $200 for reporting vulnerability in their websitehttps://medium.com/@abhishek8602314652/this-cryptocurrency-exchange-paid-me-200-for-reporting-vulnerability-in-their-website-6755b38702a8?source=rss------bug_bounty-5Abhishek singh ( a6h1)cybersecurity, cryptocurrency, vulnerability, bug-hunting, bug-bounty07-Apr-2024
Wordfence otorga su mayor bounty hasta la fechahttps://casi-cincuenta-monos.medium.com/wordfence-otorga-su-mayor-bounty-hasta-la-fecha-f2d9aa561f05?source=rss------bug_bounty-5Casi Cincuenta Monoswordpress, cybersecurity, bug-bounty06-Apr-2024
Recon automation with Telegram Notificationhttps://medium.com/@tamhacker1/recon-automation-with-telegram-notification-d4c6b564ed58?source=rss------bug_bounty-5Tamhackercybersecurity, hacker, bug-bounty, reconnaissance, hacking06-Apr-2024
How To Fix bWAPP Unknown Database Error Windows/Linuxhttps://hamzaavvan.medium.com/how-to-fix-bwapp-unknown-database-error-windows-linux-acefd1a4568b?source=rss------bug_bounty-5Hamza Avvanbwapp, php, ethical-hacking, bug-fixes, bug-bounty06-Apr-2024
Easiest way to find Broken links in a websitehttps://medium.com/@jeetpal2007/easiest-way-to-find-broken-links-in-a-website-cccbc1f0b6d2?source=rss------bug_bounty-5JEETPALbroken-link, easy-bug-to-find, bug-bounty, bug-bounty-tips, broken-link-hijacking06-Apr-2024
Advanced XSS Discovery: Streamlining Your Attack Strategy with Cutting-Edge Automation Toolshttps://medium.com/@0xelkot/advanced-xss-discovery-streamlining-your-attack-strategy-with-cutting-edge-automation-tools-88cfd0f68c8e?source=rss------bug_bounty-50xElkothackerone, xss-attack, methodology, bug-bounty, hacking06-Apr-2024
14.6 Lab: SameSite Strict bypass via sibling domain | 2024https://infosecwriteups.com/14-6-lab-samesite-strict-bypass-via-sibling-domain-2024-f2ad5f0167d1?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, penetration-testing, hacking06-Apr-2024
Bug Bounty: Secure Camino Network, Earn Rewardshttps://medium.com/@obobo/bug-bounty-secure-camino-network-earn-rewards-329a686da0b9?source=rss------bug_bounty-5O Boboweb3, hexen, travel, camino-network, bug-bounty06-Apr-2024
Step by Step Complete Beginners guide of iOS penetration testing with corelliumhttps://infosecwriteups.com/step-by-step-complete-beginners-guide-of-ios-penetration-testing-with-corellium-2b9e9c6382c2?source=rss------bug_bounty-5Sandeep Vishwakarmamobile-pentesting, bug-bounty, corellium, ios-penetration-testing, pentesting05-Apr-2024
Unmasking an Open Redirect on the India’s Government Websitehttps://medium.com/@nilkhant30/unmasking-an-open-redirect-on-the-indias-government-website-3f808b10bff9?source=rss------bug_bounty-5I AM Rajaopen-redirect, bug-bounty, hacking, bug-bounty-tips, security-research05-Apr-2024
IDOR To view other private users profile pictures in un.orghttps://medium.com/@Ajakcybersecurity/idor-to-view-other-private-users-profile-pictures-in-un-org-358e464335e8?source=rss------bug_bounty-5AjakCybersecurityhacking, bug-bounty, cybersecurity, ethical-hacking, penetration-testing05-Apr-2024
Apple’s Bug: From SQLi Suspicions to UI Bug Discoveryhttps://medium.com/@MohaseenK/apples-bug-from-sqli-suspicions-to-ui-bug-discovery-0e71e228b336?source=rss------bug_bounty-5Mohaseenapple, hof, bug-bounty, hackerone, bugcrowd05-Apr-2024
Race Condition Authentication Bypass Leads to Full Account Takeoverhttps://medium.com/@keizobugbounty/race-condition-authentication-bypass-leads-to-full-account-takeover-6b5c9bc0a54d?source=rss------bug_bounty-5Keizocybersecurity, bugbounty-writeup, bug-bounty, bug-bounty-writeup, bug-bounty-tips05-Apr-2024
Don’t Trust the Cache: Exposing Web Cache Poisoning and Deception vulnerabilitieshttps://anasbetis023.medium.com/dont-trust-the-cache-exposing-web-cache-poisoning-and-deception-vulnerabilities-3a829f221f52?source=rss------bug_bounty-5Anas H Hmaidybug-bounty-tips, penetration-testing, cybersecurity, web-security, bug-bounty05-Apr-2024
FB OAuth Misconfigurations to Account Takeoverhttps://medium.com/@hbenja47/fb-oauth-misconfigurations-to-account-takeover-e264a06ae4a0?source=rss------bug_bounty-5Benja (bronxi)hacking, bug-bounty, oauth, infosec05-Apr-2024
UUIDs Unmasked: Exploiting IDOR for User Data Accesshttps://medium.com/@cybersolution2172/uuids-unmasked-exploiting-idor-for-user-data-access-b199e3b08563?source=rss------bug_bounty-5Satyam Singhbug-bounty-tips, owasp, bug-bounty, idor-vulnerability, bug-bounty-writeup05-Apr-2024
14.5 Lab: CSRF with broken Referer validation | 2024https://cyberw1ng.medium.com/14-5-lab-csrf-with-broken-referer-validation-2024-9948aa660023?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, cybersecurity, careers, bug-bounty05-Apr-2024
Beetlebug Android Walkthrough & Basics Android application securityhttps://medium.com/@yousefneuer13/beetlebug-android-walkthrough-basics-android-application-security-c5e0fb9b284b?source=rss------bug_bounty-5Yousef Elsheikhcybersecurity, bug-bounty, android-security, ctf-writeup, ctf-walkthrough05-Apr-2024
One IP led to 4 bugs made the company delete the domainhttps://kalawy.medium.com/one-ip-led-to-4-bugs-made-the-company-delete-the-domain-f28a9e898a8a?source=rss------bug_bounty-5Kalawybug-bounty-tips, bug-bounty, hackerone04-Apr-2024
How to discovery vulnerabilities in your network?https://medium.com/@info_81845/how-to-discovery-vulnerabilities-in-your-network-a6fd140ad4d6?source=rss------bug_bounty-5BugFixingpenetration-testing, penetration-test-company, bug-bounty, hacking, vulnerability-assessment04-Apr-2024
Art of onscrollend | Demonstrating XSS through scroll events write-uphttps://medium.com/@rAmpancist/art-of-onscrollend-demonstrating-xss-through-scroll-events-write-up-d3b33afaaf64?source=rss------bug_bounty-5rAmpancistbug-bounty, bug-bounty-tips, xss-attack, cybersecurity, hacking04-Apr-2024
HTB Academy | CROSS_SITE SCRIPTING (XSS) -https://medium.com/@mazalwebdesign/htb-academy-cross-site-scripting-xss-7dc78e69b100?source=rss------bug_bounty-5Sara Mazal M. | maz4lethical-hacking, htb, htb-academy-writeup, htb-walkthrough, bug-bounty04-Apr-2024
FB OAuth Misconfiguration Leads to Takeover any Accounthttps://sl4x0.medium.com/fb-oauth-misconfiguration-leads-to-takeover-any-account-061316a5b31b?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)oauth2, account-takeover, bug-bounty, hacking, bug-bounty-tips04-Apr-2024
S3 Bucket Misconfigurationhttps://medium.com/@scorpiankapil/s3-bucket-misconfiguration-64d459abdb71?source=rss------bug_bounty-5Kapil Patelbug-bounty04-Apr-2024
14.4 Lab: CSRF where Referer validation depends on header being present | 2024https://cyberw1ng.medium.com/14-4-lab-csrf-where-referer-validation-depends-on-header-being-present-2024-2db1c7496091?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, bug-bounty, penetration-testing04-Apr-2024
NFShttps://medium.com/@mirackucuk595/nfs-873d049131b8?source=rss------bug_bounty-5Miraç Küçükfootprinting, bug-bounty, information-gathering, hack-the-box-writeup, nfs-server04-Apr-2024
Escalation of Admin and Supervisor Privileges Enables Organization Takeover and Access to Any…https://medium.com/@elcapitano7x/escalation-of-admin-and-supervisor-privileges-enables-organization-takeover-and-access-to-any-6d1eb82bbe08?source=rss------bug_bounty-5Elcapitanobug-bounty, hacking, idor-vulnerability, bug-bounty-tips, account-takeover04-Apr-2024
Bug Bounty Challenge: Day 10–04/04/2024https://wallotry.medium.com/bug-bounty-challenge-day-10-04-04-2024-d7d40e226af2?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup04-Apr-2024
My methodology to bypass CSRFhttps://medium.com/@0x7irix/my-methodology-to-bypass-csrf-957b4e552ae7?source=rss------bug_bounty-50x7irixcsrf-attack, csrf-token, csrf-bypass, csrf, bug-bounty04-Apr-2024
How I hacked medium and they didn’t pay mehttps://medium.com/@super_burgundy_weasel_439/how-i-hacked-medium-and-they-didnt-pay-me-f6c89cca3af7?source=rss------bug_bounty-5YouGotItCominghacking, bug-bounty, medium, neglect, bugs04-Apr-2024
ShentuChain’s OpenBounty Hackers and Projects Referral Programhttps://shentuchain.medium.com/shentuchains-openbounty-hackers-and-projects-referral-program-29b4b73c20c0?source=rss------bug_bounty-5Shentu Chainbug-bounty, ethical-hacker, cybersecurity, referral-program, web303-Apr-2024
SQLI with extract Huge Data just Got N/Ahttps://medium.com/@nomad8061/sqli-with-extract-huge-data-just-got-n-a-5956c3b5297b?source=rss------bug_bounty-5Ahmed Badrybug-bounty, sqlite, infosec, information-technology, ctf03-Apr-2024
Cracking the Code: XSS Exploits and Their Power in Phishing Warfarehttps://hackerhalt.medium.com/cracking-the-code-xss-exploits-and-their-power-in-phishing-warfare-252d04e9792e?source=rss------bug_bounty-5Hacker Halt Livebugbounty-writeup, phishing, xs, bug-bounty, phishing-attacks03-Apr-2024
Hack ChatGPT, Make Moneyhttps://medium.com/@david.azad.merian/hack-chatgpt-make-money-644bb4a7a529?source=rss------bug_bounty-5David Merianbug-bounty, hacking, cybersecurity, fuzzing, ai03-Apr-2024
How I Secured 50+ Brand & Startups in Shopify Stores | XSS | Responsible Disclosurehttps://prathapilango.medium.com/how-i-secured-50-brand-startups-in-shopify-stores-xss-responsible-disclosure-e38a72cf4a47?source=rss------bug_bounty-5Prathapilangoinfosec, info-sec-writeups, cybersecurity, cross-site-scripting, bug-bounty03-Apr-2024
Bug Bounty Challenge: Day 9–03/04/2024https://wallotry.medium.com/bug-bounty-challenge-day-9-03-04-2024-f7a6303bb674?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-tips03-Apr-2024
I asked ChatGPT to improve Jason Haddix V4 methodology. Here’s the answer:https://medium.com/@uniicorniumx/i-asked-chatgpt-to-improve-jason-haddix-v4-methodology-heres-the-answer-09de258da623?source=rss------bug_bounty-5• CrazyUnicornhacking, bug-bounty, pentesting, cybersecurity, bug-bounty-tips03-Apr-2024
Smart Fuzzing — Finding bugs like no one else. By Gilson Oliveirahttps://medium.com/@gilsgil/smart-fuzzing-finding-bugs-like-no-one-else-by-gilson-oliveira-d6aa0dbc285b?source=rss------bug_bounty-5Gilson Oliveirabug-bounty-tips, bug-bounty, bug-bounty-writeup03-Apr-2024
Struggling RCE on Jenkins Instancehttps://medium.com/@imusabkhan/struggling-rce-on-jenkins-instance-8851af98b7e6?source=rss------bug_bounty-5Mohammad Musab Khanhacker, bugs, bug-bounty, bug-bounty-tips, remote-code-execution03-Apr-2024
DNShttps://medium.com/@mirackucuk595/dns-4e18aa90b7cf?source=rss------bug_bounty-5Miraç Küçükfootprinting, hack-the-box-writeup, dns, bug-bounty03-Apr-2024
Bir sorgu dizesinde sunucu tarafı parametre kirliliğinden yararlanmahttps://medium.com/@hhuseyinuyar17/bir-sorgu-dizesinde-sunucu-taraf%C4%B1-parametre-kirlili%C4%9Finden-yararlanma-567489eefd65?source=rss------bug_bounty-5Hhuseyinuyarapi, hacking, burpsuite, bug-bounty, parameter03-Apr-2024
14.3 Lab: SameSite Lax bypass via cookie refresh | 2024https://cyberw1ng.medium.com/14-3-lab-samesite-lax-bypass-via-cookie-refresh-2024-4f10021e6ce8?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, cybersecurity, hacking, careers03-Apr-2024
Issues related to privacy (Cybersecurity)https://medium.com/@paritoshblogs/issues-related-to-privacy-cybersecurity-99368bf0bc10?source=rss------bug_bounty-5Paritoshinformation-security, bug-bounty, cybersecurity, information-technology, hacking02-Apr-2024
Welcome pentesters to cooperate with our company!https://medium.com/@alfabit_group/welcome-pentesters-to-cooperate-with-our-company-9cdf42f233bb?source=rss------bug_bounty-5AlfaBit Ecosystemblockchain, alfabit, bug-bounty, ecosystem02-Apr-2024
Unpacking CVE-2024–3094: A Critical Vulnerability in XZ Utilshttps://infosecwriteups.com/unpacking-cve-2024-3094-a-critical-vulnerability-in-xz-utils-c6a8207d7b54?source=rss------bug_bounty-5ElNiakcve, linux, backdoor, cybersecurity, bug-bounty02-Apr-2024
4 Mistakes To Avoid When Doing Bug Bounty — Bug Bounty Tuesdayhttps://medium.com/@kerstan/4-mistakes-to-avoid-when-doing-bug-bounty-bug-bounty-tuesday-fd0df75ca05d?source=rss------bug_bounty-5kerstanhacking, cybersecurity, technology, bug-bounty, security02-Apr-2024
14.2 Lab: SameSite Strict bypass via client-side redirect | 2024https://cyberw1ng.medium.com/14-2-lab-samesite-strict-bypass-via-client-side-redirect-2024-2a5e9b68fc1e?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, penetration-testing, careers, cybersecurity02-Apr-2024
One-click Account Take Overhttps://dynnyd20.medium.com/one-click-account-take-over-e500929656ea?source=rss------bug_bounty-5dynnyd20pentesting, bug-bounty, cybersecurity, information-security, security02-Apr-2024
Bug Bounty Challenge: Day 8–02/04/2024https://wallotry.medium.com/bug-bounty-challenge-day-8-02-04-2024-604382e079ac?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips02-Apr-2024
The Difference Between TCP and HTTP Reverse Connection:https://medium.com/@Hackerinja/the-difference-between-tcp-and-http-reverse-connection-bf13ccd16941?source=rss------bug_bounty-5Hackerinjabug-bounty, penetration-testing, cybersecurity, ethical-hacking02-Apr-2024
How I was able to send emails from anyone to anyonehttps://medium.com/@zeesek/how-i-was-able-to-send-emails-from-anyone-to-anyone-a44c57fd015b?source=rss------bug_bounty-5Muhammad Zeeshanpenetration-testing, bugs, bug-bounty-tips, bug-bounty, pentesting02-Apr-2024
How I Found My First Bug | XSShttps://medium.com/@fariio/how-i-found-my-first-bug-xss-031df71aedbe?source=rss------bug_bounty-5Fariiocybersecurity, bug-bounty-tips, penetration-testing, xss-vulnerability, bug-bounty01-Apr-2024
Bug to fix: Mastering the Life Cycle of Software Defectshttps://medium.com/@hannahanulur/bug-to-fix-mastering-the-life-cycle-of-software-defects-b227292bdb16?source=rss------bug_bounty-5Gulhanim Anulurbug-fixes, defect-management, defect-detection, bug-bounty, bugs01-Apr-2024
How to start Bug Bounty Hunting $$$$ in 2024?? | A short RoadMaphttps://infosecwriteups.com/how-to-start-bug-bounty-hunting-in-2024-a-short-roadmap-9f9eeddd24ca?source=rss------bug_bounty-57h3h4ckv157money, hacking, bug-bounty, ethical-hacking, infosec01-Apr-2024
IOS Pentesting Lab Setuphttps://hackerassociate.medium.com/ios-pentesting-lab-setup-516ec567b424?source=rss------bug_bounty-5Harshad Shahcybersecurity, penetration-testing, infosec, hacking, bug-bounty01-Apr-2024
Certified Bug Bounty Hunter: Should you go for Broke, or take a Junior Level Certification Firsthttps://medium.com/@codewidthme/certified-bug-bounty-hunter-should-you-go-for-broke-or-take-a-junior-level-certification-first-a905c105f9a2?source=rss------bug_bounty-5codewidthmehacking, bug-bounty, penetration-testing, certification, hackthebox01-Apr-2024
I will alter and update your websitehttps://medium.com/@fiverrtopfreelancer/i-will-alter-and-update-your-website-438eeb9bcde8?source=rss------bug_bounty-5Fiverr Top Freelancerhtml, website-design, bug-fixes, bug-bounty, css01-Apr-2024
Broken Application Logic Bug Doesn’t Validate Email, leading to DOShttps://medium.com/@saitle74/broken-application-logic-bug-doesnt-validate-email-leading-to-dos-d5ff73e752b4?source=rss------bug_bounty-5Saitleopbug-bounty, infosec-write-ups, cybersecurity, python, infosec01-Apr-2024
“Configuring Apache Web Server on CentOS 7”https://medium.com/@shaikhalshifa210/configuring-apache-web-server-on-centos-7-ed10245f2a4d?source=rss------bug_bounty-5Alshifa Shaikhserver-configuration, bug-bounty, machine-learning, penetration-testing, cybersecurity01-Apr-2024
How to set up Caido for Bug Bounty or Web Application Penetration?https://medium.com/@bytescheck0/how-to-set-up-caido-for-bug-bounty-or-web-application-penetration-a74729d31dca?source=rss------bug_bounty-5Bytescheckcybersecurity, penetration-testing, bug-bounty, technology01-Apr-2024
XSS Vulnerability in a Technical Assessment Application: Lessons Learned and Security Measureshttps://interc3pt3r.medium.com/xss-vulnerability-in-a-technical-assessment-application-lessons-learned-and-security-measures-9321ee4c7639?source=rss------bug_bounty-5Aneesha Dbug-bounty, cybersecurity, hacker, hacking, penetration-testing01-Apr-2024
How I Was Able To Find My First VALID XSShttps://medium.com/@harshsolanki2810/how-i-was-able-to-find-my-first-valid-xss-b1b8bd727b6a?source=rss------bug_bounty-5Dart0xxbug-bounty, cybersecurity, bug-bounty-writeup, bug-hunting01-Apr-2024
Mastering CSRF: A Comprehensive Guide to Finding Cross-site Request Forgery Vulnerabilities | 2024https://cyberw1ng.medium.com/mastering-csrf-a-comprehensive-guide-to-finding-cross-site-request-forgery-vulnerabilities-2024-8d1d13d83547?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, penetration-testing, hacking, careers01-Apr-2024
Subdomain Takeovers (Subdomain Devralma)https://medium.com/@mirackucuk595/subdomain-takeovers-subdomain-devralma-2ffa999c123b?source=rss------bug_bounty-5Miraç Küçükbug-bounty, domain-names, subdomain, hackerone01-Apr-2024
Bug Bounty Challenge: Updatehttps://wallotry.medium.com/bug-bounty-challenge-update-ebd1fa31426c?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup01-Apr-2024
How I Was Able To Find My First VALID XSShttps://medium.com/@0xdartx/how-i-was-able-to-find-my-first-valid-xss-b1b8bd727b6a?source=rss------bug_bounty-5Dart0xxbug-bounty, cybersecurity, bug-bounty-writeup, bug-hunting01-Apr-2024
Can I learn bug bounty for free?https://bevijaygupta.medium.com/can-i-learn-bug-bounty-for-free-59d71024ee15?source=rss------bug_bounty-5Vijay Guptabugs, bug-zero, bug-bounty-tips, bug-bounty, bug-fixes31-Mar-2024
Fake Tinder Account Verified By Bypassing Face Authenticationhttps://medium.com/@Ajakcybersecurity/fake-tinder-account-verified-by-bypassing-face-authentication-4b7c14e35c29?source=rss------bug_bounty-5AjakCybersecurityhacking, ethical-hacking, bug-bounty, blog, tinder31-Mar-2024
Swaggerdə qarşılaşdığım hücum vektorları ($$$)https://memmedrehimzade.medium.com/swaggerd%C9%99-qar%C5%9F%C4%B1la%C5%9Fd%C4%B1%C4%9F%C4%B1m-h%C3%BCcum-vektorlar%C4%B1-f3659eeccac5?source=rss------bug_bounty-5memmed rehimzadeswagger, cybersecurity, kibertəhlükəsizlik, bug-bounty31-Mar-2024
Understanding and Mitigating CVE-2024–3094https://medium.com/@mrblackstar26/understanding-and-mitigating-cve-2024-3094-2b8572d9e921?source=rss------bug_bounty-5Uday Patelinfosec, hacking, bug-bounty, penetration-testing, cybersecurity31-Mar-2024
Installation DVWA In Windows 10 Using XAMPPhttps://bevijaygupta.medium.com/installation-dvwa-in-windows-10-using-xampp-d6246279a10e?source=rss------bug_bounty-5Vijay Guptaxampp, dvwa, hacking, install-dvwa, bug-bounty31-Mar-2024
What is the future of bug bounty?https://bevijaygupta.medium.com/what-is-the-future-of-bug-bounty-696f0a894130?source=rss------bug_bounty-5Vijay Guptabug-bounty, bug-zero, bugs, future-technology, future31-Mar-2024
13.26 Lab: Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and…https://cyberw1ng.medium.com/13-26-lab-stored-xss-into-onclick-event-with-angle-brackets-and-double-quotes-html-encoded-and-4bde1cc39671?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-test, hacking, cybersecurity, careers31-Mar-2024
Shield your System — XZ Utils Backdoor (Linux Distribution)https://infosecwriteups.com/shield-your-system-xz-utils-backdoor-linux-distribution-54583b071ccc?source=rss------bug_bounty-5Ethical Kapslinux, cybersecurity, vulnerability, hacking, bug-bounty31-Mar-2024
“Unveiling a Stored XSS Vulnerability: Example.com Under the Spotlight”https://medium.com/@mdnafeed3/unveiling-a-stored-xss-vulnerability-example-com-under-the-spotlight-37d0895cebca?source=rss------bug_bounty-5H4cker-Nafeedbug-bounty, cybersecurity31-Mar-2024
#ERROR!https://medium.com/@mdnafeed3/unveiling-a-stored-xss-vulnerability-example-com-under-the-spotlight-37d0895cebca?source=rss------bug_bounty-5H4cker-Nafeedbug-bounty, cybersecurity31-Mar-2024
Best bug hunting methodology for EZ moneyhttps://medium.com/@tom.sh/best-bug-hunting-methodology-for-ez-money-58b7fe928e6f?source=rss------bug_bounty-5Tomhacking, money, bpp, methodology, bug-bounty30-Mar-2024
Advertisers able to identify individual consumers who visited their ads (Microsoft bug bounty)https://medium.com/@avig2009/advertisers-able-to-identify-individual-consumers-who-visited-their-ads-microsoft-bug-bounty-a8bcb2d727f2?source=rss------bug_bounty-5hatich_hackermicrosoft, privacy, bug-bounty30-Mar-2024
13.25 Lab: Reflected XSS in canonical link tag | 2024https://cyberw1ng.medium.com/13-25-lab-reflected-xss-in-canonical-link-tag-2024-c4478a82b466?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, hacking, careers30-Mar-2024
A Journey into Unusual Header Injectionhttps://medium.com/@imusabkhan/a-journey-into-unusual-header-injection-693cc0ddecc6?source=rss------bug_bounty-5Mohammad Musab Khanhackerone, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-hunting30-Mar-2024
Chain of Rate Limit Bypass and Weak Token Expiry Leads To Account Take Overhttps://medium.com/@ozomarzu/chain-of-rate-limit-bypass-and-weak-token-expiry-leads-to-account-take-over-d9cddf598c9c?source=rss------bug_bounty-5CyberOzbug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, hackerone30-Mar-2024
Email verification Bypass from P4 TO P2https://medium.com/@akrachliy/email-verification-bypass-from-p4-to-p2-50fa3dde8e5f?source=rss------bug_bounty-5Yassine Akrachlihacking, cybersecurity, bug-bounty, ethical-hacking, bugcrowd30-Mar-2024
Web Requesthttps://medium.com/@mirackucuk595/web-request-ea237118e259?source=rss------bug_bounty-5Miraç Küçükhttp-request, curl, https, bug-bounty, webrequest30-Mar-2024
Kioptrix Level 1 Walkthroughhttps://erdemstar.medium.com/kioptrix-level-1-walkthrough-6e985fbd0dc7?source=rss------bug_bounty-5Erdemstaroscp, application-security, bug-bounty-tips, bug-bounty, penetration-testing30-Mar-2024
1200 $ Email verification Bypass from P4 TO P2https://medium.com/@akrachliy/email-verification-bypass-from-p4-to-p2-50fa3dde8e5f?source=rss------bug_bounty-5Yassine Akrachlihacking, cybersecurity, bug-bounty, ethical-hacking, bugcrowd30-Mar-2024
How i found Multiple IDORhttps://medium.com/@hillrane24/how-i-found-multiple-idor-ab52815b375a?source=rss------bug_bounty-5NIKHIL RANEidor-vulnerability, bug-bounty30-Mar-2024
YouTube Growth Hackinghttps://sanparatama.medium.com/youtube-growth-hacking-a94457f04789?source=rss------bug_bounty-5Sanjaya paratamaweb-development, bug-bounty, hacking, hacking-tools, cybersecurity29-Mar-2024
The Future of Internet Security and Artificial Intelligence and Cyber Security Jobshttps://python.plainenglish.io/the-future-of-internet-security-and-artificial-intelligence-and-cyber-security-jobs-528b4c340cf9?source=rss------bug_bounty-5Imran Niazxss-attack, hacking, programming, ai, bug-bounty29-Mar-2024
[Walkthrough] Mobile Hacking Lab — Secure Notehttps://medium.com/@karimul.sh/walkthrough-mobile-hacking-lab-secure-note-eeb4af20e01b?source=rss------bug_bounty-5Md.Karimul Islam Shezanwalkthrough, android-app-security, bug-bounty, reverse-engineering, ctf29-Mar-2024
AutoLayer Bug Bounty Program: Full Information Releasehttps://autolayer.medium.com/autolayer-bug-bounty-program-full-information-release-d5de0bab972e?source=rss------bug_bounty-5AutoLayerdefi, bug-bounty29-Mar-2024
Web Security Short Series — CSRF.https://medium.com/@frankyyano/web-security-short-series-csrf-4cdf6f936773?source=rss------bug_bounty-5Yano.csrf, appsec, owasp, bug-bounty, oscp29-Mar-2024
How to learn Game Hacking? Recourse Compilation!https://medium.com/@yannik603/how-to-learn-game-hacking-recourse-compilation-1c5d2807a7cb?source=rss------bug_bounty-5Yannikreverse-engineering, bug-bounty, malware-analysis, gamehacking, coding29-Mar-2024
Unhiding the hidden 401 Bypasshttps://medium.com/@Xt3sY/unhiding-the-hidden-401-bypass-10f48c67b50d?source=rss------bug_bounty-5Pushkar Bhagatbug-bounty, hacking, bug-bounty-tips29-Mar-2024
13.24 Lab: Reflected XSS with some SVG markup allowed | 2024https://cyberw1ng.medium.com/13-24-lab-reflected-xss-with-some-svg-markup-allowed-2024-78279b906ec2?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, penetration-testing, careers29-Mar-2024
How to learn Game Hacking? Recourse Compilation!https://medium.com/@yannik603/how-to-learn-game-hacking-recourse-compilation-1c5d2807a7cb?source=rss------bug_bounty-5Yannik Castroreverse-engineering, bug-bounty, malware-analysis, gamehacking, coding29-Mar-2024
Yara Rules ✌︎ For Something ☠︎https://medium.com/@haticezkmnl/yara-rules-%EF%B8%8E-for-something-%EF%B8%8E-0164b38e3ddd?source=rss------bug_bounty-5Hatice Zehra Kamanlıcybersecurity, python, security, rules, bug-bounty29-Mar-2024
How to install drozer with dockerhttps://medium.com/@nomad8061/hello-geeks-e8d0f62b22a1?source=rss------bug_bounty-5Ahmed Badrybug-bounty29-Mar-2024
✌︎ Yara Rules ✌︎ For Something ☠︎https://medium.com/@haticezkmnl/yara-rules-%EF%B8%8E-for-something-%EF%B8%8E-0164b38e3ddd?source=rss------bug_bounty-5Hatice Zehra Kamanlıcybersecurity, python, security, rules, bug-bounty29-Mar-2024
13.23 Lab: Reflected XSS into HTML context with most tags and attributes blocked | 2024https://cyberw1ng.medium.com/13-23-lab-reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-2024-63d649c6cc2c?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, penetration-testing, cybersecurity28-Mar-2024
Bug Bounty Recon At Its Easiest with Netlas.iohttps://medium.com/@omarora1603/bug-bounty-recon-at-its-easiest-with-netlas-io-d313ae0f1c09?source=rss------bug_bounty-5Om Arorainfosec, cybersecurity, bug-bounty, bug-bounty-tips, hacking28-Mar-2024
Bypassing 403 Protection To Get Admin Accesshttps://rajput623929.medium.com/bypassing-403-protection-to-get-admin-access-d7c9d0560e5c?source=rss------bug_bounty-5Mr.Horbio403-forbidden, bug-bounty-tips, cybersecurity, ethical-hacking, bug-bounty28-Mar-2024
How to become a bug bounty hunterhttps://bevijaygupta.medium.com/how-to-become-a-bug-bounty-hunter-c607bb7de595?source=rss------bug_bounty-5Vijay Guptabug-zero, bug-bounty, bugs, bug-bounty-tips, bug-fixes28-Mar-2024
OAuth Hijacking leads to account takeoverhttps://medium.com/@iknowhatodo/oauth-hijacking-leads-to-account-takeover-a051bdb5e9f0?source=rss------bug_bounty-5Hossam Ahmedbug-bounty, oauth28-Mar-2024
How I Hacked Your Private Repository in GitHub (And Got JackShit)https://medium.com/@reuveinas/how-i-hacked-your-private-repository-in-github-and-got-jackshit-cb7c342570b2?source=rss------bug_bounty-5Reuvein Vinokurov (CTO:UNIXi) - https://unixi.io/microsoft, bug-bounty, github, security, cybersecurity28-Mar-2024
How to write a Walkthroughhttps://bevijaygupta.medium.com/how-to-write-a-walkthrough-23eee7f6777c?source=rss------bug_bounty-5Vijay Guptabug-bounty-writeup, bug-bounty-tips, bug-bounty, walkthroughwednesday, walkthrough28-Mar-2024
Unveiling all techniques to find IDOR’S in web applicationshttps://adipsharif.medium.com/unveiling-all-techniques-to-find-idors-in-web-applications-578d2b8aa28a?source=rss------bug_bounty-5ADIPbug-bounty-tips, bug-bounty, pentesting, penetration-testing, bug-bounty-writeup28-Mar-2024
IDOR’a Girişhttps://medium.com/@mirackucuk595/idora-giri%C5%9F-23c22a5ae24f?source=rss------bug_bounty-5Miraç Küçükhack-the-box-writeup, burpsuite, idor-vulnerability, bug-bounty28-Mar-2024
Risks of Software Dependencies AKA Toxic Dependencieshttps://bytebusterx.medium.com/risks-of-software-dependencies-aka-toxic-dependencies-0a38150cf5ce?source=rss------bug_bounty-5ByteBusterXbug-bounty, hacking, infosec, vulnerability, cybersecurity28-Mar-2024
Penetration Testing Toolshttps://bevijaygupta.medium.com/penetration-testing-tools-b4c8ad807114?source=rss------bug_bounty-5Vijay Guptapenetration-testing-tools, pentesting, hacking, bug-bounty, penetration-testing28-Mar-2024
Stargazing Risks: Exploring the Data Breach that Exposed NASA Employees’ PIIhttps://interc3pt3r.medium.com/stargazing-risks-exploring-the-data-breach-that-exposed-nasa-employees-pii-68692cf7a5e9?source=rss------bug_bounty-5Aneesha Dbug-bounty-writeup, cybersecurity, hacking, security, bug-bounty28-Mar-2024
Finding Bug DMRC Reflected Xss and HTML Injectionhttps://medium.com/@abhishekaswal777/finding-bug-dmrc-reflected-xss-and-html-injection-fe4361a1db60?source=rss------bug_bounty-5Abhishekaswalbugs, poc, bug-bounty, bug-bounty-tips, hackerone28-Mar-2024
Annonforce — Tryhackme Walkthrough Easy Self-madehttps://medium.com/@shaswata.ssaha/annonforce-tryhackme-walkthrough-easy-self-made-f45c3a6f3e96?source=rss------bug_bounty-5Shaswata Sahatryhackme, security, anonforce, bug-bounty, ctf28-Mar-2024
Polyglot Files: The Cybersecurity Chameleon Threathttps://infosecwriteups.com/polyglot-files-the-cybersecurity-chameleon-threat-29890e382b59?source=rss------bug_bounty-5ElNiakpolyglot, cybersecurity, obfuscation, bug-bounty, penetration-testing27-Mar-2024
Hackerone提现人民币https://medium.com/@dem0ns/hackerone%E6%8F%90%E7%8E%B0%E4%BA%BA%E6%B0%91%E5%B8%81-a3e907fefce1?source=rss------bug_bounty-5猫猫虫hackerone, bug-bounty, 外汇27-Mar-2024
Mistakes To Avoid in Your Bug Bounty Career- Part 2https://medium.com/@Ajakcybersecurity/mistakes-to-avoid-in-your-bug-bounty-career-part-2-9da1c77788ea?source=rss------bug_bounty-5AjakCybersecurityhacking, bug-bounty, penetration-testing, blog, cybersecurity27-Mar-2024
13.22 Lab: Stored DOM XSS | 2024https://cyberw1ng.medium.com/13-22-lab-stored-dom-xss-2024-344ec753599a?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, penetration-testing, hacking, careers27-Mar-2024
HACKING WORDPRESShttps://medium.com/@mirackucuk595/hacking-wordpress-ac9ee6447045?source=rss------bug_bounty-5Miraç Küçükwpscan, wordpress-hacked, hack-the-box-writeup, hacking, bug-bounty27-Mar-2024
SSLStrippinghttps://bytebusterx.medium.com/sslstripping-e81dc95d6fab?source=rss------bug_bounty-5ByteBusterXinfosec, cybersecurity, vulnerability, hacking, bug-bounty27-Mar-2024
HTTP Verb Tampering 101 in Web Applications (Identify Exploit Prevention)https://adipsharif.medium.com/http-verb-tampering-101-in-web-applications-identify-exploit-prevention-3389258b6b93?source=rss------bug_bounty-5ADIPinfosec, penetration-testing, bug-bounty, pentesting, information-security27-Mar-2024
Hacking the Giant: Got XSS on Google’s Producthttps://adipsharif.medium.com/got-xss-on-googles-product-a4c79be8adbb?source=rss------bug_bounty-5ADIPinfosec, information-security, pentesting, bug-bounty, penetration-testing27-Mar-2024
Bug Bounty Isn’t A Scam Here’s Whyhttps://medium.com/@benbencsik/bug-bounty-isnt-a-scam-here-s-why-751547bd8531?source=rss------bug_bounty-5Ben Bencsikbug-bounty, computers, infosec, cybersecurity, technology27-Mar-2024
Hacking the Giant: XSS on Googlehttps://adipsharif.medium.com/got-xss-on-googles-product-a4c79be8adbb?source=rss------bug_bounty-5ADIPinfosec, information-security, pentesting, bug-bounty, penetration-testing27-Mar-2024
Fristileaks 1.3 Walkthroughhttps://erdemstar.medium.com/fristileaks-1-3-walkthrough-a6b962385752?source=rss------bug_bounty-5Erdemstaroscp, vulnhub-walkthrough, penetration-testing, bug-bounty, oscp-preparation27-Mar-2024
Web Application Hacking Required Readinghttps://hogarth45.medium.com/web-application-hacking-required-reading-0d2f046db191?source=rss------bug_bounty-5Jessbug-bounty, web-development, security27-Mar-2024
Why am I starting to hate Bug Bounty?https://systemweakness.com/why-am-i-starting-to-hate-bug-bounty-1f075fc96978?source=rss------bug_bounty-5Imad Husanovichacking, cybersecurity, programming, bug-bounty, bug-bounty-tips27-Mar-2024
Bug Bounty Isn’t A Scam Here’s Whyhttps://medium.com/@detroiton421094/bug-bounty-isnt-a-scam-here-s-why-751547bd8531?source=rss------bug_bounty-5Ben Bencsikbug-bounty, computers, infosec, cybersecurity, technology27-Mar-2024
RXSS Vulnerability in Less Than 10 Minutes on India’s Premier Travel Sitehttps://medium.com/@nilkhant30/rxss-vulnerability-in-less-than-10-minutes-on-indias-premier-travel-site-5b15ebb91d17?source=rss------bug_bounty-5I AM Rajabug-bounty, cybersecurity, cyber-security-awareness, hacking, xss-vulnerability26-Mar-2024
This skill is called ‘Early…’ in Software Testinghttps://medium.com/software-testing-and-automation/this-skill-is-called-early-in-software-testing-75cd641bfa93?source=rss------bug_bounty-5Temitopesoftware-testing, quality-assurance, communication, bug-bounty, software-development26-Mar-2024
HackGATE: Bug Bounty Program on steroidshttps://medium.com/@levente.b.molnar/hackgate-bug-bounty-program-on-steroids-cef50ae2f759?source=rss------bug_bounty-5Hackratehacking, ethical-hacking, cybersecurity, bug-bounty, penetration-testing26-Mar-2024
Exploring Cybersecurity with ZoomEye: A Review of the Premium Lifetime Membershiphttps://medium.com/@kenilalexandra07/exploring-cybersecurity-with-zoomeye-a-review-of-the-premium-lifetime-membership-f301a474bf88?source=rss------bug_bounty-5Kenilalexandrabug-bounty, shodan, bugbounting, zoomeye, security26-Mar-2024
How To Use AI And Nuclei To Make Money While You Sleep — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-to-use-ai-and-nuclei-to-make-money-while-you-sleep-bug-bounty-tuesday-4d9e584e6553?source=rss------bug_bounty-5kerstanhacking, security, cybersecurity, bug-bounty, technology26-Mar-2024
13.21 Lab: Reflected DOM XSS | 2024https://cyberw1ng.medium.com/13-21-lab-reflected-dom-xss-2024-78cacc8fa1e7?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, bug-bounty, penetration-testing, careers26-Mar-2024
Bug Bounty Programs for Beginnershttps://bevijaygupta.medium.com/bug-bounty-programs-for-beginners-fccc755957d9?source=rss------bug_bounty-5Vijay Guptacybersecurity, bug-bounty-hunter, bug-bounty, bugbounty-writeup, bug-bounty-tips26-Mar-2024
Account takeover through password reset functionalityhttps://rewscel.medium.com/account-takeover-through-password-reset-functionality-af07636db302?source=rss------bug_bounty-5rewscelbug-bounty26-Mar-2024
FFUF İLE WEB UYGULAMALARINA SALDIRMAKhttps://medium.com/@mirackucuk595/ffuf-i%CC%87le-web-uygulamalarina-saldirmak-89805e47e145?source=rss------bug_bounty-5Miraç Küçüksubdomain, bug-bounty, ffuf, brute-force, hack-the-box-writeup26-Mar-2024
What is Cross-Site Scripting (XSS)?https://medium.com/@bbhuntersa/cross-site-scripting-xss-b5d374fa6e43?source=rss------bug_bounty-5BBHUNTERxss-vulnerability, cross-site-scripting, bug-bounty, xss-attack26-Mar-2024
Exploiting Post Reflected XSS via CSRF : Real world bughttps://medium.com/@Rahulkrishnan_R_Panicker/exploiting-post-reflected-xss-via-csrf-real-world-bug-f374afeb081e?source=rss------bug_bounty-5Rahulkrishnan R Panickerxss-attack, hacking, bug-bounty, csrf, web-development25-Mar-2024
Zero Interaction Mass Account Password Reset Vulnerabilityhttps://medium.com/@manan_sanghvi/zero-interaction-mass-account-password-reset-vulnerability-86b87098e3ae?source=rss------bug_bounty-5Manan Sanghvipenetration-testing, ethical-hacking, bug-bounty, vulnerability, cybersecurity25-Mar-2024
XSS module HTB academy CBBH pathhttps://medium.com/@mohammed01550038865/xss-module-htb-academy-cbbh-path-dc3ac4810087?source=rss------bug_bounty-5Muhammed Mubarakbug-bounty, htb-academy-writeup, xss-vulnerability25-Mar-2024
Reverse Engineering Sitecore Vulnerabilities-2https://medium.com/@nilayp799/reverse-engineering-sitecore-vulnerabilities-2-dcf45a501894?source=rss------bug_bounty-5Nilay Patelsitecore, vulnerability, bug-bounty, automation, hacking25-Mar-2024
13.20 Lab: DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded |…https://cyberw1ng.medium.com/13-20-lab-dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-7966911c58f4?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, hacking, bug-bounty, penetration-testing25-Mar-2024
Burp Suite — ¿Confiar o no en Project Files?https://medium.com/@ArtsSEC/burp-suite-confiar-o-no-en-project-files-de5fa145f4a5?source=rss------bug_bounty-5ArtsSEChacking, burpsuite, infosec, pentesting, bug-bounty25-Mar-2024
COMMAND INJECTIONShttps://medium.com/@mirackucuk595/command-injections-9ef2aef0fa97?source=rss------bug_bounty-5Miraç Küçükcommand-injection, bug-bounty, hackthebox, burpsuite, injection25-Mar-2024
Unveiling Homoglyph: Silent Culprit of User-Level DOS Attackshttps://medium.com/@imusabkhan/unveiling-homoglyph-silent-culprit-of-user-level-dos-attacks-86a0576bca3a?source=rss------bug_bounty-5Mohammad Musab Khanbug-hunting, hackerone, bug-bounty, bugcrowd, bug-bounty-tips25-Mar-2024
[Account Take Over] through reset password token leaked in response, 2500 € Rewardhttps://infosecwriteups.com/account-take-over-through-reset-password-token-leaked-in-response-2500-reward-b643f97a7c67?source=rss------bug_bounty-5jedus0rbug-bounty-hunter, security-research, bug-bounty-tips, bug-bounty, bug-bounty-writeup25-Mar-2024
How I found Account Takeover by changing email addresshttps://medium.com/@mohddanish9536/how-i-found-account-takeover-by-changing-email-address-b0dc213e2df3?source=rss------bug_bounty-5Mohd Danishbug-bounty, cybersecurity, bugs24-Mar-2024
13.19 Lab: DOM XSS in document.writehttps://cyberw1ng.medium.com/13-19-lab-dom-xss-in-document-write-dddced06def8?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, careers, hacking24-Mar-2024
HTTP Verb Tamperinghttps://medium.com/@mirackucuk595/http-verb-tampering-4505d6491c95?source=rss------bug_bounty-5Miraç Küçükweb-attack, http-request, command-injection, bug-bounty, burpsuite24-Mar-2024
How to get started in Bug Bounty in 2024!https://medium.com/@FoxxCB/how-to-get-started-in-bug-bounty-in-2024-708754094de9?source=rss------bug_bounty-5Foxx C-Bhacking, infosec, bug-bounty, cybersecurity, ethical-hacking24-Mar-2024
Cloudflare WAF Huntinghttps://medium.com/@Device1306/cloudflare-waf-hunting-e878588488c8?source=rss------bug_bounty-5Device1306research, bug-bounty-tips, hacking, burpsuite, bug-bounty24-Mar-2024
Cookie Theft Deep Divehttps://cyberbull.medium.com/cookie-theft-deep-dive-3fe6d6be2d60?source=rss------bug_bounty-5Aditya Pandeybug-bounty, information-technology, ethical-hacking, security, cybersecurity23-Mar-2024
A list of Bug Bounty/Crowdsourced Security Platforms:https://medium.com/@mashunter/a-list-of-bug-bounty-crowdsourced-security-platforms-15ecd2ab6d4a?source=rss------bug_bounty-5MAS Hunterbug-bounty-program, bug-bounty, hacker, pentest23-Mar-2024
Hacking the Giant: How I Discovered Google’s Vulnerability and Hall of Fame Recognitionhttps://medium.com/@hncaga/hacking-the-giant-how-i-discovered-googles-vulnerability-and-hall-of-fame-recognition-694a9c18684a?source=rss------bug_bounty-5Henry N. Caga (hncaga)bug-bounty, vulnerability, google, xs, hacking23-Mar-2024
hellohttps://medium.com/@r.paulopereira123/hello-80ea07cbc757?source=rss------bug_bounty-5bretsadleahacking, ethical-hacking, bug-hunter, bug-bounty23-Mar-2024
Edge-Side Includes (ESI) Injection In Web Applicationshttps://adipsharif.medium.com/edge-side-includes-esi-injection-in-web-applications-2630139b6c19?source=rss------bug_bounty-5ADIPpentesting, bug-bounty-tips, infosec, information-security, bug-bounty23-Mar-2024
SSI Injection In web applications with a (exploitation example)https://adipsharif.medium.com/techniques-of-finding-ssi-injection-in-web-applications-with-a-exploitation-example-cad960f3d791?source=rss------bug_bounty-5ADIPbug-bounty-tips, penetration-testing, information-security, bug-bounty, infosec23-Mar-2024
Beyond RAM and ROM: IDOR Leads to Unauthenticated File Upload Vulnerability in Indian Government…https://systemweakness.com/beyond-ram-and-rom-idor-leads-to-unauthenticated-file-upload-vulnerability-in-indian-government-51efb80bcf50?source=rss------bug_bounty-5Vedavyasan S (@ved4vyasan)bug-bounty, bug-bounty-tips, hacking, cybersecurity, bugs23-Mar-2024
1500$: CR/LF Injectionhttps://medium.com/@a13h1/1500-cr-lf-injection-0d2a75f02ef3?source=rss------bug_bounty-5Abhi Sharmaprogramming, hacking, cybersecurity, bug-bounty, crlf-injection23-Mar-2024
Web Security Short Series — XXEhttps://medium.com/@frankyyano/web-security-short-series-xxe-64492ed1d893?source=rss------bug_bounty-5Yano.xxe, bug-bounty, xml, oscp, appsec23-Mar-2024
TEXAS BUG SWEEPS 65,000 BUGS DETECTEDhttps://medium.com/@siddiquiasad2299/texas-bug-sweeps-65-000-bugs-detected-a00ae73014b6?source=rss------bug_bounty-5Asad Siddiquitexas-bug-sweeps, bug-sweep, bug-bounty, bug-detection23-Mar-2024
How i get my bounty $$$ in YesWehack within 5mins?https://medium.com/@hacdoc/how-i-get-my-bounty-in-yeswehack-within-5mins-16706bb827e0?source=rss------bug_bounty-5ஜெய்hacking, cybersecurity, s3, bug-bounty, amazon23-Mar-2024
How we can check the Security Provider in Android applications during Pentesting (The Offensive…https://adipsharif.medium.com/how-we-can-check-the-security-provider-in-android-applications-during-pentesting-the-offensive-87c411c5d7ac?source=rss------bug_bounty-5ADIPpentesting, android-app-development, androiddev, android, bug-bounty23-Mar-2024
13.18 Lab: DOM XSS in jQuery selector sink using a hashchange event | 2024https://cyberw1ng.medium.com/13-18-lab-dom-xss-in-jquery-selector-sink-using-a-hashchange-event-2024-e990fc2ae28f?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, penetration-testing, bug-bounty23-Mar-2024
How To Test Data Encryption on the Network During Android Pentestinghttps://adipsharif.medium.com/how-to-test-data-encryption-on-the-network-during-android-pentesting-0b9d3407068f?source=rss------bug_bounty-5ADIPinfosec-write-ups, info-sec-writeups, pentesting, information-security, bug-bounty23-Mar-2024
Attacking XSLT in Web Applicationshttps://adipsharif.medium.com/attacking-xslt-in-web-applications-ea538a8fb9d0?source=rss------bug_bounty-5ADIPpentesting, information-security, bug-bounty-writeup, bug-bounty, infosec23-Mar-2024
SSTI Exploitation Part III In Web Applications (with exploitation example)https://adipsharif.medium.com/ssti-exploitation-part-iii-in-web-applications-with-exploitation-example-6856b89b0efb?source=rss------bug_bounty-5ADIPpenetration-testing, infosec, bug-bounty-tips, information-security, bug-bounty23-Mar-2024
FILE UPLOAD ATTACKShttps://medium.com/@mirackucuk595/file-upload-attacks-e5175a653d32?source=rss------bug_bounty-5Miraç Küçükweb-attack, file-upload, bug-bounty, https, burpsuite23-Mar-2024
SSTI Exploitation Part II In Web Applications (with exploitation example)https://adipsharif.medium.com/ssti-exploitation-part-ii-in-web-applications-with-exploitation-example-490192e7e966?source=rss------bug_bounty-5ADIPinformation-security, pentesting, penetration-testing, bug-bounty, infosec23-Mar-2024
Bruteforce Website Login Form Using Hydra And Crunchhttps://medium.com/@OthmaneAitBouftass/bruteforce-attack-using-hydra-and-crunch-8b48ea9e36ce?source=rss------bug_bounty-5Othmane Ait Bouftasscybersecurity, bug-bounty, penetration-testing, hacking, ethical-hacking23-Mar-2024
Making money only using AI [Free Course]https://medium.com/@deadoverflow/making-money-only-using-ai-free-course-e7c51d33fee1?source=rss------bug_bounty-5Imad Husanovicweb-development, hacking, ai, bug-bounty, programming22-Mar-2024
Unveiling Admin Panels: A Bug Bounty Hunter’s Guidehttps://medium.com/@dasmanish6176/unveiling-admin-panels-a-bug-bounty-hunters-guide-6e713ae18b2c?source=rss------bug_bounty-5Dasmanishbug-bounty, infosec, ethical-hacking, cybersecurity22-Mar-2024
13.17 Lab: Stored XSS into anchor href attribute with double quotes HTML-encoded | 2024https://cyberw1ng.medium.com/13-17-lab-stored-xss-into-anchor-href-attribute-with-double-quotes-html-encoded-2024-ebbe53b33015?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, penetration-testing, cybersecurity22-Mar-2024
AutoLayer is Starting a Bug Bounty Programhttps://autolayer.medium.com/autolayer-is-starting-a-bug-bounty-program-dfb59584a0ee?source=rss------bug_bounty-5AutoLayercrypto, defi, bug-bounty22-Mar-2024
Unveiling The Techniques Of Finding Blind & Time based SSRF In Web Applications (with a…https://adipsharif.medium.com/unveiling-the-techniques-of-finding-blind-ssrf-in-web-applications-with-a-exploitation-example-9e36a78ccca6?source=rss------bug_bounty-5ADIPbug-bounty-tips, bug-bounty, information-security, pentesting, penetration-testing22-Mar-2024
5 Advanced Ways I Test For File Upload Vulnerabilitieshttps://medium.com/@red.whisperer/5-advanced-ways-i-test-for-file-upload-vulnerabilities-5b01358f87d1?source=rss------bug_bounty-5RedPandabug-bounty, infosec, red-team, hacking22-Mar-2024
Understanding Subdomain Squattinghttps://bytebusterx.medium.com/understanding-subdomain-squatting-9d61f8c432fc?source=rss------bug_bounty-5ByteBusterXhacking, infosec, cybersecurity, bug-bounty, cyberattack22-Mar-2024
How i found my first 318.39$ bugs!https://cyberbh.medium.com/how-i-found-my-first-318-39-bugs-10ccd2379320?source=rss------bug_bounty-5Msecurity BHbug-bounty, information-exposure, penetration-testing, security-misconfiguration, api22-Mar-2024
Unveiling The Techniques Of Testing Endpoint Identify Verification In Android Applicationshttps://adipsharif.medium.com/unveiling-the-techniques-of-testing-endpoint-identify-verification-in-android-applications-2a8186091296?source=rss------bug_bounty-5ADIPinformation-security, bug-bounty, android-app-development, penetration-testing, pentesting22-Mar-2024
ABUSING HTTP MISCONFIGURATIONS (HTTP YANLIŞ YAPILANDIRMALARININ KÖTÜYE KULLANILMASI)https://medium.com/@mirackucuk595/abusing-http-misconfigurations-http-yanli%C5%9F-yapilandirmalarinin-k%C3%B6t%C3%BCye-kullanilmasi-2ebbf38b2622?source=rss------bug_bounty-5Miraç Küçükhttps, burpsuite, bug-bounty, web-attack, http-request22-Mar-2024
Javascript deobfuscation the easy wayhttps://medium.com/@jad2121/javascript-deobfuscation-the-easy-way-637d7e9b2952?source=rss------bug_bounty-5JDbug-bounty, bug-bounty-tips, javascript-obfuscate22-Mar-2024
Unveiling the One-Click Account Takeover: It Started with an Innocent Open Redirecthttps://medium.com/@hmuhamm3d/unveiling-the-one-click-account-takeover-it-started-with-an-innocent-open-redirect-9f4942ddf03f?source=rss------bug_bounty-5Hassaan Mohamedbug-bounty, bug-bounty-hunter, account-takeover, bugbounty-writeup, bug-bounty-tips22-Mar-2024
Critical Vulnerability in PostgreSQL JDBC Driver — Understanding CVE-2024–1597https://shubhamrooter.medium.com/critical-vulnerability-in-postgresql-jdbc-driver-understanding-cve-2024-1597-81ac202c295e?source=rss------bug_bounty-5Shubham Tiwaribug-bounty, cybersecurity, jdbc-driver, postgresql, cve-2024-159721-Mar-2024
Digital Goldmine: Innovative Ways to Make Money Online in 2024https://medium.com/@thewriterdude/digital-goldmine-innovative-ways-to-make-money-online-in-2024-c7d33d655535?source=rss------bug_bounty-5Thewriterdudebusiness, bug-bounty, artificial-intelligence, 100-followers, blockchain21-Mar-2024
User information disclosure via message reactionshttps://melguerdawi.medium.com/user-information-disclosure-via-message-reactions-1576a6b0f236?source=rss------bug_bounty-5Mostafa Elguerdawibug-bounty, bug-bounty-tips21-Mar-2024
Major Update for Attack Surface Discovery toolhttps://netlas.medium.com/major-update-for-attack-surface-discovery-tool-4ed4f1bc80fb?source=rss------bug_bounty-5Netlas.iobug-bounty, penetration-testing, cybersecurity, reconnaissance, osint21-Mar-2024
Vulnerability Disclosure vs Bug Bounty: What’s the difference and why it mattershttps://medium.com/@levente.b.molnar/vulnerability-disclosure-vs-bug-bounty-whats-the-difference-and-why-it-matters-ce99be906b1c?source=rss------bug_bounty-5Hackratebug-bounty, security, vulnerability-disclosure, cybersecurity, penetration-testing21-Mar-2024
Best Practices for Web3 Bug Bounty Programshttps://medium.com/@auditone.io/best-practices-for-web3-bug-bounty-programs-e333992aee9f?source=rss------bug_bounty-5AuditOneauditing-services, web3, bug-bounty-tips, bug-bounty, audit21-Mar-2024
Unveiling The Techniques Of Finding Server-Side Request Forgery (SSRF) In Web Applications (with a…https://adipsharif.medium.com/unveiling-the-techniques-of-finding-server-side-request-forgery-ssrf-in-web-applications-with-a-2ac1dd20ef87?source=rss------bug_bounty-5ADIPpentesting, bug-bounty, information-security, bug-bounty-tips, cybersecurity21-Mar-2024
urit13.16 Lab: DOM XSS in jQuery anchor href attribute sink using location.search source | 2024https://cyberw1ng.medium.com/urit13-16-lab-dom-xss-in-jquery-anchor-href-attribute-sink-using-location-search-source-2024-8f8df8703aef?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, cybersecurity, hacking, penetration-testing21-Mar-2024
Buy Any Movie Tickets for Just Rs 10 (IDOR Vulnerability)https://medium.com/@sahilkushwaha275/buy-any-movie-tickets-for-just-rs-10-idor-vulnerability-670d03a45def?source=rss------bug_bounty-5S33NUbugs, idor-vulnerability, bug-bounty, technology, cybersecurity21-Mar-2024
How I found my first DOM based XSShttps://medium.com/@jsamia/how-i-found-my-first-dom-based-xss-a79f342d50d6?source=rss------bug_bounty-5Jaeden Samiabug-bounty, ethical-hacking, security, vulnerability21-Mar-2024
Automate XSS With These 3 Simple Toolshttps://medium.com/@Ajakcybersecurity/automate-xss-with-these-3-simple-tools-e0dcc89c06d0?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, cybersecurity, hacking, bug-bounty, xss-attack21-Mar-2024
Frida Use Cases and Exampleshttps://medium.com/@prinsharma1999/frida-use-cases-and-examples-984f9a2ddc69?source=rss------bug_bounty-5Prinsharmabug-bounty, bug-bounty-tips, hacking, pentest, infosec21-Mar-2024
403 Forbidden Bypass Exposing API Keyhttps://medium.com/@georgeppmc/403-forbidden-bypass-exposing-api-key-b5c9df9daeb3?source=rss------bug_bounty-5George Torrescybersecurity, bug-bounty21-Mar-2024
A Tester's Journey Through Test Automation and Practical Scenarios.https://medium.com/@tomiwaodufote/a-testers-journey-through-test-automation-and-practical-scenarios-dfb9f7074062?source=rss------bug_bounty-5Tomiwaremote-work, test-automation, bug-bounty, testing, software-engineering20-Mar-2024
Reflected XSS To Account Takeover Without Stealing Session Cookiehttps://medium.com/@rifqihz/reflected-xss-to-account-takeover-without-stealing-session-cookie-89c6ed62a3e4?source=rss------bug_bounty-5Rifqi Hilmy Zhafrantxs, hackerone, bug-bounty20-Mar-2024
ABUSING HTTP MISCONFIGURATIONS (HTTP YANLIŞ YAPILANDIRMALARININ KÖTÜYE KULLANILMASI)https://medium.com/@mirackucuk595/abusing-http-misconfigurations-http-yanli%C5%9F-yapilandirmalarinin-k%C3%B6t%C3%BCye-kullanilmasi-428333a3ddc6?source=rss------bug_bounty-5Miraç Küçükburpsuite, web-attack, https, bug-bounty, web-cache20-Mar-2024
The Art of Debugging: Tips and Tricks for Finding the Root Cause of Bugshttps://medium.com/@securelearn/the-art-of-debugging-tips-and-tricks-for-finding-the-root-cause-of-bugs-c1d9e4b9e04a?source=rss------bug_bounty-5Rohan Giridebugging, bug-finding, bug-bounty-tips, bug-bounty20-Mar-2024
H@ppy H@cking Psychomonghttps://medium.com/@psychomong/h-ppy-h-cking-psychomong-335f9049aca9?source=rss------bug_bounty-5psychomongcyber, cybersecurity, bug-bounty-tips, bug-bounty, bugs20-Mar-2024
Recon With AIhttps://medium.com/@patidarbhuwan44/recon-with-ai-c211623604e8?source=rss------bug_bounty-5Bhuwan Patidarbug-bounty, recon, reconnaissance, bug-bounty-tips20-Mar-2024
Reflected XSS with some SVG markup allowedhttps://medium.com/@ebrahimelsayed4457/reflected-xss-with-some-svg-markup-allowed-74851ff591d5?source=rss------bug_bounty-5Ebrahim El-Sayedcybersecurity, bug-bounty, portswigger, xss-attack, penetration-testing20-Mar-2024
$200 Business Logic Blunder In Sole Source Projecthttps://medium.com/@_0jatin0_/200-business-logic-blunder-in-sole-source-project-99a7bbe0d2f0?source=rss------bug_bounty-5Jatin_Chudasamabug-bounty-writeup, logic-flaw, bug-bounty20-Mar-2024
The Art Of Probing Memory for Sensitive Data In Android Applications (The Offensive Security Way)https://medium.com/@adipsharif/the-art-of-probing-memory-for-sensitive-data-in-android-applications-the-offensive-security-way-6aca19ce522f?source=rss------bug_bounty-5ADIPbug-bounty, penetration-testing, information-security, cybersecurity, infosec20-Mar-2024
Why Bug Bounty is Trending?https://medium.com/@shivyanshi.shukla/why-bug-bounty-is-trending-c981e7c28423?source=rss------bug_bounty-5Shivyanshi shuklabug-bounty, cybersecurity20-Mar-2024
IDOR to make comment in user’s private postshttps://medium.com/@youssifm.raghib/idor-to-make-comment-in-users-private-posts-47d13b843c32?source=rss------bug_bounty-5Youssif M Raghibbug-bounty-tips, bug-bounty, bug-hunter, bug-hunting20-Mar-2024
No rate limit in comments with IDORhttps://medium.com/@youssifm.raghib/no-rate-limit-in-comments-with-idor-d8904f3db588?source=rss------bug_bounty-5Youssif M Raghibbug-bounty, bugs, bug-hunting20-Mar-2024
Electrum-Dime Beta Launch: A New Era for Dimecoinhttps://dimecoinnetwork.medium.com/electrum-dime-beta-launch-a-new-era-for-dimecoin-72b5740598d4?source=rss------bug_bounty-5Dimecoin Networkdevelopment, dimecoin, blockchain, bug-bounty, cryptocurrency20-Mar-2024
Behind the Bug Report: From Overlooked to Overhauledhttps://interc3pt3r.medium.com/behind-the-bug-report-from-overlooked-to-overhauled-94a9e5595a8a?source=rss------bug_bounty-5Aneesha Dcybersecurity, security, web-applications, bug-bounty, hacking20-Mar-2024
Mantente al tanto de las actualizaciones. ¿Qué representan el punto azul y rojo en Burp Suite?https://medium.com/@ArtsSEC/mantente-al-tanto-de-las-actualizaciones-qu%C3%A9-representan-el-punto-azul-y-rojo-en-burp-suite-1da1a5c74f16?source=rss------bug_bounty-5ArtsSECburpsuite, bug-bounty, vulnerability, pentesting, hacking20-Mar-2024
13.15 Lab: Reflected XSS into HTML context with all tags blocked except custom ones | 2024https://cyberw1ng.medium.com/13-15-lab-reflected-xss-into-html-context-with-all-tags-blocked-except-custom-ones-2024-ca34eec89d88?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, hacking, penetration-testing, cybersecurity20-Mar-2024
The Art Of Testing Symmetric Cryptography During Pentesting Android Applicationshttps://medium.com/@adipsharif/the-art-of-testing-symmetric-cryptography-during-pentesting-android-applications-154dbab795d7?source=rss------bug_bounty-5ADIPbug-bounty, cybersecurity, android, bug-bounty-tips, penetration-testing20-Mar-2024
Checking Backups For Sensitive Data in Android Applications (The Offensive Security Way)https://medium.com/@adipsharif/checking-backups-for-sensitive-data-in-android-applications-the-offensive-security-way-95bd8820b84e?source=rss------bug_bounty-5ADIPpenetration-testing, bug-bounty, android, cybersecurity, android-app-development20-Mar-2024
Why Regular Security Sweeps Are Crucial for Business Successhttps://medium.com/@siddiquiasad2299/why-regular-security-sweeps-are-crucial-for-business-success-7de57c663ca7?source=rss------bug_bounty-5Asad Siddiquitscm-services-bug-sweeps, bug-bounty, bug-detection20-Mar-2024
Passlord: Your Ultimate Weapon for Creating Tailored Wordlistshttps://navnee1h.medium.com/passlord-your-ultimate-weapon-for-creating-tailored-wordlists-924a491e9a0f?source=rss------bug_bounty-5Navaneeth M Shacking, bug-bounty, passwords, cybersecurity, wordlist20-Mar-2024
Bypassing an IDOR A couple of times — $$$$https://medium.com/@bxrowski0x/bypassing-an-idor-a-couple-of-times-4d67555a1545?source=rss------bug_bounty-5Omar ElSayedbug-bounty-tips, idor, cybersecurity, bug-bounty-writeup, bug-bounty20-Mar-2024
Biometric Authentication Bypass In Android Applications (The Offensive Security Way)https://medium.com/@adipsharif/biometric-authentication-bypass-in-android-applications-the-offensive-security-way-c37d89b06db2?source=rss------bug_bounty-5ADIPandroid-app-development, bug-bounty, penetration-testing, android, androiddev20-Mar-2024
How We Can Check Configuration of Cryptographic Standard Algorithms & Random Number Generation…https://medium.com/@adipsharif/how-we-can-check-configuration-of-cryptographic-standard-algorithms-random-number-generation-000cf9bfdb64?source=rss------bug_bounty-5ADIPhacking, cybersecurity, bug-bounty, pentesting, bug-bounty-tips20-Mar-2024
Detecting Cyber Threats with Resemble.js: Safeguarding Digital Assets through Image Analysishttps://medium.com/@corymack34/detecting-cyber-threats-with-resemble-js-safeguarding-digital-assets-through-image-analysis-9e2f3427f8ed?source=rss------bug_bounty-5Cory Macksteganalysis, threat-detection, bug-bounty, cybersecurity, image-analysis20-Mar-2024
Biometric Authentication Bypass In Android Applications (The Offensive Security Way)https://adipsharif.medium.com/biometric-authentication-bypass-in-android-applications-the-offensive-security-way-c37d89b06db2?source=rss------bug_bounty-5ADIPandroid-app-development, bug-bounty, penetration-testing, android, androiddev20-Mar-2024
Evaluate, apply, and sustain security governance principles !https://infosecwriteups.com/evaluate-apply-and-sustain-security-governance-principles-1e038a02423a?source=rss------bug_bounty-5Paritoshsecurity-governance, information-technology, cissp, bug-bounty, cybersecurity19-Mar-2024
The Ultimate Guide to Red Teaming: Inside “A-poc/RedTeam-Tools”https://infosecwriteups.com/the-ultimate-guide-to-red-teaming-inside-a-poc-redteam-tools-69645572cf0f?source=rss------bug_bounty-5ElNiakred-team, bug-bounty, github, penetration-testing, cybersecurity19-Mar-2024
3 Step Find Critical Bug In Bug Bounty — Bug Bounty Tuesdayhttps://medium.com/@kerstan/3-step-find-critical-bug-in-bug-bounty-bug-bounty-tuesday-99011ec2cf27?source=rss------bug_bounty-5kerstansecurity, technology, cybersecurity, hacking, bug-bounty19-Mar-2024
Hunting JavaScript File for Bug Huntershttps://vivek-ghinaiya.medium.com/hunting-javascript-file-for-bug-hunters-e8b278a1306a?source=rss------bug_bounty-5Vivek Ghinaiyabug-hunting, bug-bounty, bug-bounty-writeup, javascript, bug-bounty-tips19-Mar-2024
Finding the hidden function led to a $300 IDORhttps://infosecwriteups.com/finding-the-hidden-function-led-to-a-300-idor-d37219c66d03?source=rss------bug_bounty-5M7arm4nbug-bounty-tips, bug-bounty, hacking, hacker, security19-Mar-2024
CVE-2024–28436 Cross-Site Scripting Vulnerability in D-Link DAP Productshttps://djallalakira.medium.com/cve-2024-28436-cross-site-scripting-vulnerability-in-d-link-dap-products-3596976cc99f?source=rss------bug_bounty-5Djallalakirabug-bounty, cybersecurity, bug-bounty-writeup19-Mar-2024
IDOR to read all user’s private route commentshttps://medium.com/@youssifm.raghib/idor-to-read-all-users-private-route-comments-e97120d43262?source=rss------bug_bounty-5Youssif M Raghibcybersecurity, bug-bounty, bug-bounty-tips19-Mar-2024
Get allmost all subdomainshttps://medium.com/@petrukhin.s.a/get-allmost-all-subdomains-5694dcc3cb60?source=rss------bug_bounty-5Sergei Petrukhinsubdomain, bug-bounty, subdomains-enumeration, bug-bounty-tips19-Mar-2024
13.14 Lab: Reflected XSS into HTML context with most tags and attributes blocked | 2024https://cyberw1ng.medium.com/13-14-lab-reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-2024-7e2106ef89b2?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, cybersecurity, hacking19-Mar-2024
The Art Of Unveiling Logs for Sensitive Data In Android Applications (The Offensive Security Way)https://medium.com/@adipsharif/the-art-of-unveiling-logs-for-sensitive-data-in-android-applications-the-offensive-security-way-9c823532d004?source=rss------bug_bounty-5ADIPcybersecurity, bug-bounty, application-security, penetration-testing, bug-bounty-tips19-Mar-2024
HackTheBox — Information Gathering: Active Enumerationhttps://medium.com/@harry.hphu/hackthebox-information-gathering-active-enumeration-e43481ef85f9?source=rss------bug_bounty-5Huy Phusubdomains-enumeration, hackthebox, enumeration, bug-bounty, information-gathering19-Mar-2024
Unleashing Chaos: The Tale of the 0-Click Account Takeoverhttps://medium.com/@hmuhamm3d/unleashing-chaos-the-tale-of-the-0-click-account-takeover-21c2cedabc4b?source=rss------bug_bounty-5Hassaan Mohamedpenetration-testing, bug-bounty, account-takeover, bugswagger, infosec-write-ups19-Mar-2024
The Art Of Determining Whether Sensitive Data Is Shared with Third Parties via Embedded Services …https://medium.com/@adipsharif/the-art-of-determining-whether-sensitive-data-is-shared-with-third-parties-via-embedded-services-beba2856ef96?source=rss------bug_bounty-5ADIPbug-bounty-tips, cybersecurity, penetration-testing, bug-bounty, hacking19-Mar-2024
Medium Member Friend Links bughttps://karol-mazurek.medium.com/medium-member-friend-links-bug-b1d0020fbe39?source=rss------bug_bounty-5Karol Mazurekmedium, information-technology, penetration-testing, cybersecurity, bug-bounty18-Mar-2024
[Bug Bounty]xlsx 上传导致 XXE 漏洞https://medium.com/@_thorns/bug-bounty-xlsx-%E4%B8%8A%E4%BC%A0%E5%AF%BC%E8%87%B4-xxe-%E6%BC%8F%E6%B4%9E-e0615bee6af6?source=rss------bug_bounty-5_thornsbug-bounty18-Mar-2024
Burpsuite Beginners Guidehttps://medium.com/@OthmaneAitBouftass/burpsuite-beginners-guide-6bc7a08ca8f7?source=rss------bug_bounty-5Othmane Ait Bouftassweb-security, penetration-testing, bug-bounty, cybersecurity, ethical-hacking18-Mar-2024
LAMPSecurity CTF5 Walkthroughhttps://erdemstar.medium.com/lampsecurity-ctf5-walkthrough-d24f67a5fd63?source=rss------bug_bounty-5Erdemstaroscp-preparation, penetration-testing, bug-bounty, vulnhub-walkthrough, vulnhub18-Mar-2024
Subdomain Fuzzing worth 35k bounty!https://medium.com/@HX007/subdomain-fuzzing-worth-35k-bounty-daebcb56d9bc?source=rss------bug_bounty-5HX007cybersecurity, bug-bounty18-Mar-2024
Happy H@cking Psychomonghttps://medium.com/@psychomong/trhappy-h-cking-psychomong-bfa566350a01?source=rss------bug_bounty-5Psychomonghacking-tools, hacking, research, bug-bounty, bounty-program18-Mar-2024
13.13 Lab: Stored DOM XSS Cross Site Scripting | 2024https://cyberw1ng.medium.com/13-13-lab-stored-dom-xss-cross-site-scripting-2024-f4c9a21ea262?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, penetration-testing, hacking, cybersecurity18-Mar-2024
Security.txt Nedir ?https://medium.com/@ozanbozkurt1974/security-txt-nedir-d7d38a069cd8?source=rss------bug_bounty-5ozan bozkurtsecurity, bug-bounty, cybersecurity, red-team18-Mar-2024
Orderly Network: Unleashing Creativity in the DeFi Ecosystem through the Scaling Web3 Hackathonhttps://medium.com/@orderlynetwork/orderly-network-unleashing-creativity-in-the-defi-ecosystem-through-the-scaling-web3-hackathon-5cd75096ecba?source=rss------bug_bounty-5Orderly Network (,)encode-club, orderly-network, bug-bounty, defi, blockchain-development18-Mar-2024
Web Security Short Series — SQLi.https://medium.com/@frankyyano/web-security-short-series-sqli-f222f04431a6?source=rss------bug_bounty-5Yano.oscp, appsec, bug-bounty, sqli, sql18-Mar-2024
XML External Entity (XXE) attackhttps://bytebusterx.medium.com/xml-external-entity-xxe-attack-69f7b268be01?source=rss------bug_bounty-5ByteBusterXvulnerability, bug-bounty, infosec, web-security18-Mar-2024
Happy H@cking Psychomonghttps://medium.com/@psychomong123/trhappy-h-cking-psychomong-bfa566350a01?source=rss------bug_bounty-5Psychomong123hacking-tools, hacking, research, bug-bounty, bounty-program18-Mar-2024
Understanding Injection Attacks: A Deep Dive into OWASP’s Top Vulnerabilityhttps://osintteam.blog/understanding-injection-attacks-a-deep-dive-into-owasps-top-vulnerability-7d59e3535187?source=rss------bug_bounty-5Paritoshbug-bounty, cybersecurity, hacking, owasp, injection-attacks17-Mar-2024
Bug Zero at a Glance [01–15 March]https://blog.bugzero.io/bug-zero-at-a-glance-01-15-march-ba1ba88870ee?source=rss------bug_bounty-5Januka Dharmapriyasri-lanka, newsletter, cybersecurity, bug-zero, bug-bounty17-Mar-2024
Bug Bounty Platforms are a Scam [Mostly]https://medium.com/@hacktheplanet/bug-bounty-platforms-are-a-scam-mostly-ea53fe54c53d?source=rss------bug_bounty-5HackthePlanet - A Hacker's Blog.cybersecurity, scams-to-avoid, bug-bounty, hacking, bug-hunting17-Mar-2024
My Journey into Bug Bounty: Revealing My First Successful Discoveryhttps://medium.com/@kajol_singh/my-journey-into-bug-bounty-revealing-my-first-successful-discovery-81b5d2efcbde?source=rss------bug_bounty-5Kajol Kumaribug-bounty-tips, bounty-program, bug-bounty, developer, cybersecurity17-Mar-2024
Skipping the email verification is Good (or) Bad?https://medium.com/@Alex_crypto/skipping-the-email-verification-is-good-or-bad-ef045dc8d3ed?source=rss------bug_bounty-5Alex_Cryptobug-bounty, security-analytics, hacking17-Mar-2024
Mastering XSS: A Comprehensive Guide to Finding Cross-Site Scripting Vulnerabilitieshttps://cyberw1ng.medium.com/mastering-xss-a-comprehensive-guide-to-finding-cross-site-scripting-vulnerabilities-3891ab930274?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing17-Mar-2024
How I found my first ever bug.https://osintteam.blog/how-i-found-my-first-ever-bug-89fedb5a9b3c?source=rss------bug_bounty-5an0nbilcybersecurity, technology, programming, javascript, bug-bounty17-Mar-2024
Application Level DoS - Smoking with ‘null’ Againhttps://shahjerry33.medium.com/application-level-dos-smoking-with-null-again-364ce16dad74?source=rss------bug_bounty-5Jerry Shah (Jerry)pentesting, cybersecurity, bug-bounty, vulnerability, infosec17-Mar-2024
Redirecting a webpage from HTTP to HTTPS is safe and how to identify whether the webpage is safe or…https://medium.com/@Alex_crypto/if-the-forgot-password-link-is-copied-and-pasted-into-the-new-tab-it-opens-in-http-and-directs-to-8e8f80c4a9f6?source=rss------bug_bounty-5Alex_Cryptobug-bounty, security17-Mar-2024
Bug Bounty Learning Pathhttps://bevijaygupta.medium.com/bug-bounty-learning-path-0c0015d6a71d?source=rss------bug_bounty-5Vijay Guptabugs, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-zero17-Mar-2024
Bug Bounty Platformshttps://bevijaygupta.medium.com/bug-bounty-platforms-499275d1d9b4?source=rss------bug_bounty-5Vijay Guptabug-bounty-platforms, bugs, bug-bounty, bug-bounty-tips17-Mar-2024
Bug Bounty Tutorial : Login Bypass Techniquehttps://rajput623929.medium.com/bug-bounty-tutorial-login-bypass-technique-d7508856b2a1?source=rss------bug_bounty-5Mr.Horbiopoc, bug-bounty, cybersecurity, ethical-hacking, pentesting17-Mar-2024
I earned $1000 with IDOR’s vulnerability to PII leaks outside the platform.https://aryasec.medium.com/i-earned-1000-with-idors-vulnerability-to-pii-leaks-outside-the-platform-65b1cbcfa26e?source=rss------bug_bounty-5Tengku Arya Saputraidor, bugbounty-writeup, bug-bounty, idor-vulnerability17-Mar-2024
How to make a living as a Hacker!https://medium.com/@rafael.code77/how-to-make-a-living-as-a-hacker-ff8fafa98b0b?source=rss------bug_bounty-5Rafael Henriquescience, money, programming, bug-bounty, hacking16-Mar-2024
https://medium.com/@morganbinbash/-25027f11f71e?source=rss------bug_bounty-5Morgan Bin Bashpentesting, cybersecurity, bug-bounty, cyber-threat-intelligence16-Mar-2024
Types of Cyber Attacks on Each OSI Layerhttps://medium.com/@kumarsachin1642001/types-of-cyber-attacks-on-each-osi-layer-56e746dfa3b8?source=rss------bug_bounty-5sachin kumarcybersecurity, hackerone, hacker, cyberattack, bug-bounty16-Mar-2024
Tips to get your first bug/bountyhttps://medium.com/@mr_prey3r/tips-to-get-your-first-bug-bounty-c5a862ad8567?source=rss------bug_bounty-5Rubayet Hasan aka MR_Prey3rfirst-bug, bug-bounty, bug-bounty-tips, first-bounty, find-your-first-bug16-Mar-2024
Bug Bounty Challenge: Day 7–16/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-7-16-03-2024-5c48ff96f9d0?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty, bug-bounty-tips, bug-bounty-hunter16-Mar-2024
IDOR + Content Injection Penetration Testing Lesson 5https://medium.com/@or0to/idor-content-injection-penetration-testing-lesson-5-fe3bdce12f8f?source=rss------bug_bounty-5Ali Essamsecurity, penetration-testing, bug-bounty, cybersecurity, ali16-Mar-2024
13.12 Lab: Reflected DOM XSS — Cross Site Scripting | 2024https://infosecwriteups.com/13-12-lab-reflected-dom-xss-cross-site-scripting-2024-0dc98e91ae42?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, careers, penetration-testing16-Mar-2024
How Secure is Java’s SecureProcessing?https://medium.com/@dub-flow/how-secure-is-javas-secureprocessing-ec49544a59ad?source=rss------bug_bounty-5Florian Waltercybersecurity, application-security, java, code-review, bug-bounty16-Mar-2024
How I was able to disclose the Users’ chats with AI chat Bot?https://medium.com/@who1am1i999/how-i-was-able-to-disclose-the-users-chats-with-ai-chat-bot-c7d8b13ca713?source=rss------bug_bounty-5WHO AM I ?information-security, fuzzing, bug-bounty, cybersecurity, information-disclosure15-Mar-2024
Understanding Path Traversal Vulnerabilities: Risks and Mitigationhttps://medium.com/@paritoshblogs/understanding-path-traversal-vulnerabilities-risks-and-mitigation-6149a506a65b?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, hacking, cybersecurity, path-traversal15-Mar-2024
Account takeover via Password resethttps://medium.com/@Rahulkrishnan_R_Panicker/account-takeover-via-password-reset-c2658e1f58eb?source=rss------bug_bounty-5Rahulkrishnan R Panickerbug-bounty, cybersecurity, bugbounty-writeup, programming, bug-bounty-writeup15-Mar-2024
I discovered a new way to bypass CSRF protection to achieve Account Takeoverhttps://medium.com/@vflexo/i-discovered-a-new-way-to-bypass-csrf-protection-to-achieve-account-takeover-73d1dff3c67a?source=rss------bug_bounty-5vFlexoinformation-technology, bug-bounty, penetration-testing, vapt, ethical-hacking15-Mar-2024
BugRap Ecosystem Panorama: Empowering Web3 Security Developmenthttps://medium.com/@BugRap_Team/bugrap-ecosystem-panorama-empowering-web3-security-development-6cbe2f7adb24?source=rss------bug_bounty-5BugRap Teamweb-development, bug-bounty, security, btc15-Mar-2024
Exploring Bug Bounty Hunting as a Promising Career Choice for Cybersecurity Professionalshttps://medium.com/mynextdeveloper/exploring-bug-bounty-hunting-as-a-promising-career-choice-for-cybersecurity-professionals-2015563daac8?source=rss------bug_bounty-5MyNextDeveloperhacking, bug-bounty, cybersecurity, client-security, cyber15-Mar-2024
13.11 Lab: DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded |…https://cyberw1ng.medium.com/13-11-lab-dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-d7188a250ad8?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, hacking, careers, penetration-testing15-Mar-2024
Reconnaissance: How GitDorks can power up your recon!https://medium.com/@kieran.w/reconnaissance-how-gitdorks-can-power-up-your-recon-da3c5e412925?source=rss------bug_bounty-5Kieran Wgitdorking, reconnaissance, penetration-testing, bug-bounty, security-testing15-Mar-2024
Bug Bounty Challenge: Day 6–15/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-6-15-03-2024-a5c6c1a67647?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup15-Mar-2024
BChecks en Burp Suite Professionalhttps://medium.com/@ArtsSEC/bchecks-en-burp-suite-professional-5d8c4754349e?source=rss------bug_bounty-5ArtsSECburpsuite, development, penetration-testing, web-development, bug-bounty15-Mar-2024
13.10 Lab: DOM XSS in document.writehttps://cyberw1ng.medium.com/13-10-lab-dom-xss-in-document-write-c702cd0bd743?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, careers, penetration-testing, hacking14-Mar-2024
MRS #2: Bypassing premium features by checking “premium validation” parameters (€€€)https://infosecwriteups.com/mrs-2-bypassing-premium-features-by-checking-premium-validation-parameters-f2e211fad160?source=rss------bug_bounty-5can1337infosec, business-logic, bug-bounty-tips, bug-bounty, cybersecurity14-Mar-2024
Unleash the Power of the Crypto Drainer: Your Ultimate Weapon in Crypto Wallet Draining!https://medium.com/@colbe.judge/unleash-the-power-of-the-crypto-drainer-your-ultimate-weapon-in-crypto-wallet-draining-bd4ece99cc24?source=rss------bug_bounty-5CryptoDrainXbug-bounty, hacking, bug-bounty-tips, hacking-tools, money14-Mar-2024
Unleash the Ultimate Multichain Wallet Drainer — Crypto Drainer: Drain ’Em all with Just One Click!https://medium.com/@colbe.judge/unleash-the-ultimate-multichain-wallet-drainer-crypto-drainer-drain-em-all-with-just-one-click-0afa35f9b736?source=rss------bug_bounty-5CryptoDrainXbug-bounty, cryptocurrency, bug-bounty-tips, nft, bitcoin14-Mar-2024
Insane Crypto-Drainer Exposed: The Ultimate Wallet Drainer You Can’t Ignore!https://medium.com/@colbe.judge/insane-crypto-drainer-exposed-the-ultimate-wallet-drainer-you-cant-ignore-7545f4c9c86d?source=rss------bug_bounty-5CryptoDrainXbug-bounty, crypto, nft, defi, money14-Mar-2024
How To Get $100k in 2024 With Crypto [Unrevealed]https://medium.com/@colbe.judge/how-to-get-100k-in-2024-with-crypto-unrevealed-b40081b8fb41?source=rss------bug_bounty-5CryptoDrainXblockchain, cryptocurrency, hacking-tools, hacking, bug-bounty14-Mar-2024
5 Websites to Learn Bug Hunting: A Beginner’s Guidehttps://medium.com/@aayushdhakal005/5-websites-to-learn-bug-hunting-a-beginners-guide-4399c2f94917?source=rss------bug_bounty-5Creepyshitwebsite, bug-bounty, cybersecurity, resources14-Mar-2024
Bug Bounty Challenge: Day 5–14/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-5-14-03-2024-b8fe8dae8cb5?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter14-Mar-2024
GRWM for WebApp PenTest | Command Injectionhttps://redsock1337.medium.com/grwm-for-webapp-pentest-command-injection-e205906573e2?source=rss------bug_bounty-5Jbros, command-line, bug-bounty-tips, cybersecurity, bug-bounty14-Mar-2024
Uncovering Host Header Injection Vulnerabilities in 5 Apex Domain Hosts Part Two how to chainhttps://javroot.medium.com/uncovering-host-header-injection-vulnerabilities-in-5-apex-domain-hosts-part-two-how-to-chain-0abe308a4807?source=rss------bug_bounty-5Javrootweb, hacking, penetration-testing, bug-bounty-tips, bug-bounty14-Mar-2024
API Security: Essential Tools for Endpoint Analysishttps://iaraoz.medium.com/api-security-essential-tools-for-endpoint-analysis-efb1c72675c0?source=rss------bug_bounty-5Israel Aráoz Severichebug-bounty, owasp, appsec, cybersecurity, api-security14-Mar-2024
Exploiting Cross-Site Scripting XSS vulnerabilities for Bug Bounty — Portswigger | 2024https://cyberw1ng.medium.com/exploiting-cross-site-scripting-xss-vulnerabilities-for-bug-bounty-portswigger-2024-88d6e1df4658?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, penetration-testing, cybersecurity, bug-bounty13-Mar-2024
How To Do Malware Analysishttps://medium.com/@paritoshblogs/how-to-do-malware-analysis-62bd1f8052bb?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, information-technology, security, malware-analysis13-Mar-2024
Easiest way to find hidden api from js fileshttps://medium.com/@jeetpal2007/easiest-way-to-find-hidden-api-from-js-files-ce115a4ad1af?source=rss------bug_bounty-5JEETPALcybersecurity, bounties, api-key, easiest-way, bug-bounty13-Mar-2024
Enhancing Your Bug Hunting Skills: 5 Must-Read Bookshttps://medium.com/@aayushdhakal005/enhancing-your-bug-hunting-skills-5-must-read-books-edb6029c19a6?source=rss------bug_bounty-5Creepyshitbug-bounty, cybersecurity, books, web13-Mar-2024
Lets Talk Pentest Strategyhttps://medium.com/@hackstack/lets-talk-pentest-strategy-adea4d3b085e?source=rss------bug_bounty-5HackStackpentest, pentesting, how-to, bug-bounty13-Mar-2024
Email based IDOR makes me update Other User Profilehttps://rohmadhidayah.medium.com/email-based-idor-makes-me-update-other-user-profile-8e6e289f4391?source=rss------bug_bounty-5Rohmad Hidayahidor, info-sec-writeups, infosec-write-ups, bug-bounty, bug-bounty-tips13-Mar-2024
Bug-Bounty/How I Found My FIRST Vulnerability and How could I Access the Admin Panel using it +…https://medium.com/@rogxoorsafe/bug-bounty-how-i-found-my-first-vulnerability-and-how-could-i-access-the-admin-panel-using-it-899d75da2f37?source=rss------bug_bounty-5Alireza Rogxoorcyberattack, bug-bounty, cybersecurity, hacking, security13-Mar-2024
Fuzzing to Kubernetes to IDOR to PII leakhttps://nityanandjha18.medium.com/fuzzing-to-kubernetes-to-idor-to-pii-leak-dae0dda70090?source=rss------bug_bounty-5NITYA NAND JHAvapt, ethical-hacking, bug-bounty13-Mar-2024
Researcher Q&A: Friends Who Work Together, Hack Better Togetherhttps://blog.developer.adobe.com/researcher-q-a-friends-who-work-together-hack-better-together-c698ff0be732?source=rss------bug_bounty-5Renae Kangsecurity, bug-bounty-program, security-researchers, bug-bounty, ethical-hacker13-Mar-2024
PROXY FUZZINGhttps://karol-mazurek.medium.com/proxy-fuzzing-4dc77968cfd8?source=rss------bug_bounty-5Karol Mazurekprogramming, information-technology, bug-bounty, python, cybersecurity13-Mar-2024
Reconnaissance?https://mrrobotstxt.medium.com/reconnaissance-ca2fa7bf821d?source=rss------bug_bounty-5Mr. Robots.txthackathons, bug-bounty, hacking, penetration-testing, cybersecurity13-Mar-2024
How much money did I make from doing Bug Bounty?https://systemweakness.com/how-much-money-did-i-make-from-doing-bug-bounty-707438b71f47?source=rss------bug_bounty-5Imad Husanovicbug-bounty, programming, hacking, cybersecurity, bug-bounty-tips13-Mar-2024
Cross-site scripting contexts for Bug Bounty — Portswigger | 2024https://cyberw1ng.medium.com/cross-site-scripting-contexts-for-bug-bounty-portswigger-2024-b927cfa70de3?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, penetration-testing, bug-bounty, cybersecurity12-Mar-2024
Business Logic Errors allow me to buy Products at Low Prices on Farmaku.comhttps://rohmadhidayah.medium.com/business-logic-errors-allow-me-to-buy-products-at-low-prices-on-farmaku-com-b8c9c0bcf5cc?source=rss------bug_bounty-5Rohmad Hidayahinfo-sec-writeups, bug-bounty-tips, business-logic, bug-bounty, infosec-write-ups12-Mar-2024
ShentuChain Unveils a Constellation of High-profile Investorshttps://shentuchain.medium.com/shentuchain-unveils-a-constellation-of-high-profile-investors-54b612b8dc30?source=rss------bug_bounty-5Shentu Chainbinance, cybersecurity, investors, bug-bounty, announcements12-Mar-2024
How I Discovered My First Critical Vulnerability in My Bug Bounty Careerhttps://snip3rgg.medium.com/how-i-discovered-my-first-critical-vulnerability-in-my-bug-bounty-career-cf0e048d14cb?source=rss------bug_bounty-5Sahil Bugade (snip3rgg)infosec, bug-bounty, vulnerability, bug-bounty-tips, cybersecurity12-Mar-2024
Account Takeover Through Rate-Limit Bypass — Bug Bounty Tuesdayhttps://medium.com/@kerstan/account-takeover-through-rate-limit-bypass-bug-bounty-tuesday-01229168dd89?source=rss------bug_bounty-5kerstanbug-bounty, security, programming, cybersecurity, technology12-Mar-2024
How I found my first ever valid bug on Hackeronehttps://medium.com/@rubaethasanariyan/how-i-found-my-first-ever-valid-bug-on-hackerone-da30015aa08d?source=rss------bug_bounty-5Rubayet Hasan aka MR_Prey3rbug-bounty-tips, bugbounty-poc, first-bug, hackerone, bug-bounty12-Mar-2024
Guvenkaya Security Insights Series — Sweat Economyhttps://medium.com/@guvenkaya-sec/guvenkaya-security-insights-series-sweat-economy-dbe681a79e7a?source=rss------bug_bounty-5Guvenkayanear-protocol, bug-bounty, smart-contracts, rust, web312-Mar-2024
BYPASSING PARENTAL CONTROL ON WHOLE APPLE ECO-SYSTEMhttps://medium.com/@sam0-0/bypassing-parental-control-on-whole-apple-eco-system-1c6975c24105?source=rss------bug_bounty-5Sambug-bounty, apple, infosec, bugbounty-writeup12-Mar-2024
Bug Bounty Challenge: Day 4/15–12/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-4-15-12-03-2024-412bf44f8b83?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-hunting12-Mar-2024
Minha Experiência ao Obter a Certificação CBBHhttps://tiredandsick.medium.com/cbbh-experience-prbt-bc2b376c4124?source=rss------bug_bounty-5SickAndTiredbug-bounty, hacking, pentesting, cbbh, hackthebox-academy12-Mar-2024
Utilizing Log Poisoning: Elevating from LFI to RCEhttps://medium.com/@YNS21/utilizing-log-poisoning-elevating-from-lfi-to-rce-5dca90d0a2ac?source=rss------bug_bounty-5Youness Abbidabug-bounty, hackthebox, local-file-inclusion, hackthebox-writeup, cybersecurity12-Mar-2024
Bug Bounty — Improper Authentication using Google Authhttps://medium.com/@nourrisson.julien3/bug-bounty-improper-authentication-using-google-auth-b45fbddab9be?source=rss------bug_bounty-5Nourrisson Julienbug-bounty, cybersecurity11-Mar-2024
HTML INJECTION (Payload List)https://medium.com/@psychomong/html-injection-payload-list-735e69f522ca?source=rss------bug_bounty-5psychomongbug-bounty, bugs, html, injection, htmlinput11-Mar-2024
Race Conditions + IDOR Leads to Bypass Email Verification & Phone Verificationhttps://medium.com/@ozomarzu/race-conditions-idor-leads-to-bypass-email-verification-phone-verification-f62c7d7b97e5?source=rss------bug_bounty-5CyberOzbugs, writeup, bug-bounty, hacking, bug-bounty-tips11-Mar-2024
Exploring AI Penetration Testinghttps://medium.com/@adityasawant00/exploring-ai-penetration-testing-38891e861acd?source=rss------bug_bounty-5Aditya Sawanthacking, bug-bounty, penetration-testing, ai, large-language-models11-Mar-2024
Bug Bounty Challenge: Day 3/15–11/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-3-15-11-03-2024-38993610e657?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-writeup11-Mar-2024
HTML Injection on NASA.govhttps://medium.com/@boogsta/html-injection-on-nasa-gov-91b1d3602ea0?source=rss------bug_bounty-5Boogstahacking, cybersecurity, hacker, cyber, bug-bounty11-Mar-2024
3 Information Disclosure in Bug Bounty Programhttps://medium.com/@jm7.zx/3-information-disclosure-in-bug-bounty-program-e0c12f6e25d5?source=rss------bug_bounty-5Jm7.szbug-bounty, cybersecurity, programming, data-science11-Mar-2024
GRWM for WebApp PenTest | XPATH Injectionhttps://whyjbr.medium.com/grwm-for-webapp-pentest-xpath-injection-0906154bbe91?source=rss------bug_bounty-5Jbrxpath, bug-bounty, cybersecurity, hacking, ethical-hacking11-Mar-2024
Exfiltrating Sensitive Information via Reflected XSS Bypassing Cloudflarehttps://medium.com/@mayankchoubey507/exfiltrating-sensitive-information-via-reflected-xss-bypassing-cloudfare-d82d9ccc24d6?source=rss------bug_bounty-5Mayankchoubeycybersecurity, xss-bypass, cloudflare, bug-bounty, xss-attack11-Mar-2024
24.4 Lab: Exploiting server-side parameter pollution in a query string | 2024https://infosecwriteups.com/24-4-lab-exploiting-server-side-parameter-pollution-in-a-query-string-2024-ac0e23db9c02?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, cybersecurity, bug-bounty, careers11-Mar-2024
Top 7 BurpSuite Extensions for BugBounty- Part-1https://medium.com/@Ajakcybersecurity/top-7-burpsuite-extensions-for-bugbounty-part-1-4e9639649601?source=rss------bug_bounty-5AjakCybersecurityhacking, ethical-hacking, penetration-testing, burpsuite, bug-bounty11-Mar-2024
HackTheBox — Information Gatheringhttps://medium.com/@harry.hphu/hackthebox-information-gathering-a2d78c901dd0?source=rss------bug_bounty-5Huy Phuhackthebox, enumeration, bug-bounty, information-gathering11-Mar-2024
HackTheBox — Information Gathering: Passive Enumerationhttps://medium.com/@harry.hphu/hackthebox-information-gathering-passive-enumeration-85e45503683d?source=rss------bug_bounty-5Huy Phupassive-reconnaissance, hackthebox, information-gathering, bug-bounty11-Mar-2024
Vulnerability Vault: Breaking Down SSRF — Server Side Request Forgery (Part 2)https://psychovik.medium.com/vulnerability-vault-breaking-down-ssrf-server-side-request-forgery-part-2-a08d4a2b3d96?source=rss------bug_bounty-5Vikas Sharmahacking, cybersecurity, ssrf, bug-bounty, vulnerability10-Mar-2024
The Reset Password Attack Vectorhttps://balook.medium.com/the-reset-password-attack-vector-833e1291bb15?source=rss------bug_bounty-5baluzbug-bounty10-Mar-2024
How I get My First $$$$ Bounty?https://medium.com/@hacdoc/how-i-get-my-first-bounty-ec4d83eb5fbf?source=rss------bug_bounty-5Jaikumarbug-bounty-tips, hacking, bug-bounty10-Mar-2024
GRWM for WebApp PenTest | Insecure Deserializationhttps://whyjbr.medium.com/grwm-for-webapp-pentest-insecure-deserialization-adfa4f8cf53f?source=rss------bug_bounty-5Jbrphp, bug-bounty, inspiration, cybersecurity, hacking10-Mar-2024
How I get My First $$$$ Bounty?https://medium.com/@hacdoc/how-i-get-my-first-bounty-ec4d83eb5fbf?source=rss------bug_bounty-5ஜெய்bug-bounty-tips, hacking, bug-bounty10-Mar-2024
24.3 Lab: Exploiting a mass assignment vulnerability | 2024https://infosecwriteups.com/24-3-lab-exploiting-a-mass-assignment-vulnerability-2024-cc97a296d5fc?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, bug-bounty, hacking10-Mar-2024
Information Gathering #1https://medium.com/@mxfx1989/information-gathering-1-192f58c49f2e?source=rss------bug_bounty-5z4z4_h1red-team, cybersecurity, bug-bounty, hacking, infosec10-Mar-2024
Easiest bugs to starthttps://medium.com/@petrukhin.s.a/easiest-bugs-to-start-9f92d87f6e36?source=rss------bug_bounty-5Sergei Petrukhinopen-redirect, bug-bounty10-Mar-2024
Subdomains Enumerationhttps://d4t4s3c.medium.com/subdomains-enumeration-a23f44ba4687?source=rss------bug_bounty-5d4t4s3cbug-bounty, vhost, red-team, pentesting, subdomains-enumeration10-Mar-2024
Bug Bounty Challenge: Day 2/15–10/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-1-15-10-03-2024-b946472d71c8?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup, bug-bounty10-Mar-2024
Cross-origin resource sharing (CORS) | Web application Vulnerabilityhttps://abineshm.medium.com/cross-origin-resource-sharing-cors-web-application-vulnerability-afc0d3d35063?source=rss------bug_bounty-5Abinesh Mvulnerability, web-application-security, security, bug-bounty, bugs09-Mar-2024
Untangling Dependency Confusion: Exploring Threats and Protectionshttps://jareddouville.medium.com/untangling-dependency-confusion-exploring-threats-and-protections-7dd7f58de127?source=rss------bug_bounty-5Jared Douvillenpm, bug-bounty, hacking, hackerone09-Mar-2024
24.2 Lab: Finding and exploiting an unused API endpoint | 2024https://cyberw1ng.medium.com/24-2-lab-finding-and-exploiting-an-unused-api-endpoint-2024-81f3451df1a1?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, careers, bug-bounty, penetration-testing09-Mar-2024
Bug Bounty Challenge: Day 1/15–09/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-1-15-09-03-2024-f7b1824f2262?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup09-Mar-2024
24.1 Lab: Exploiting an API endpoint using documentation | 2024https://cyberw1ng.medium.com/24-1-lab-exploiting-an-api-endpoint-using-documentation-2024-5e7de5aaf53e?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, careers, hacking, bug-bounty08-Mar-2024
Vulnerability Vault: Breaking Down SSRF — Server Side Request Forgery (Part 1)https://psychovik.medium.com/vulnerability-vault-breaking-down-ssrf-server-side-request-forgery-part-1-b7e658589dd9?source=rss------bug_bounty-5Vikas Sharmacybersecurity, hacking, vulnerability, bug-bounty, ssrf08-Mar-2024
1K Followers Giveaway-https://medium.com/@Ajakcybersecurity/1k-followers-giveaway-892488a38a48?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, giveaway, free, bug-bounty, ethical-hacking08-Mar-2024
Sensitive Data Exposed when placing an Orderhttps://rohmadhidayah.medium.com/sensitive-data-exposed-when-placing-an-order-5549baed9186?source=rss------bug_bounty-5Rohmad Hidayahinfosec-write-ups, bug-bounty-tips, info-sec-writeups, bug-bounty08-Mar-2024
BSides Transylvania Is Not A Simple Conference, Is a Training Ground For Your Security Teamhttps://corneacristian.medium.com/bsides-transylvania-is-not-a-simple-conference-is-a-training-ground-for-your-security-team-c41cdf30778f?source=rss------bug_bounty-5Cristian Cornearomania, ethical-hacking, tech, cybersecurity, bug-bounty08-Mar-2024
Server-Side Template Injection (SSTI) ☠️ Deep Divehttps://cyberbull.medium.com/server-side-template-injection-ssti-%EF%B8%8F-deep-dive-512904b8a8ae?source=rss------bug_bounty-5Aditya Pandeyweb-security, security, cybersecurity, bug-bounty, ethical-hacking08-Mar-2024
Bug Bounty Challenge: Day 0/15https://wallotry.medium.com/bug-bounty-challenge-day-0-15-8e88c5b4cc6b?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty08-Mar-2024
0 Click Account Takeover Via reset password weird behaviorhttps://medium.com/@0xSnowmn/0-click-account-takeover-via-reset-password-weird-behavior-026846e5f850?source=rss------bug_bounty-5Snow Marsbug-bounty, bug-bounty-tips, cybersecurity08-Mar-2024
WinRAR 7.0 DLL Hijacking -> Local RCE [0-day]https://medium.com/@boogsta/winrar-7-0-dll-hijacking-local-rce-0-day-6d90765c6601?source=rss------bug_bounty-5Boogstacybersecurity, bug-bounty, hacks, hacking, cyber08-Mar-2024
Usb data recovery — Digital forensics introhttps://medium.com/@Rahulkrishnan_R_Panicker/usb-data-recovery-digital-forensics-intro-0c57337425b5?source=rss------bug_bounty-5Rahulkrishnan R Panickerdigital-forensics, tech, bug-bounty, pentesting, hacking07-Mar-2024
Increasing IMPACT of No Rate Limit on Email Endpoints.https://shubham-srt.medium.com/increasing-impact-of-no-rate-limit-on-email-endpoints-d66cf08dafaf?source=rss------bug_bounty-5Shubham SRTweb-app-security, hacking, cybersecurity, bug-bounty, vapt07-Mar-2024
API Testing for Bug Bounty — Portswigger | 2024https://cyberw1ng.medium.com/api-testing-for-bug-bounty-portswigger-2024-bd8343cc2c10?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, careers, hacking, security07-Mar-2024
Verileri Çıkarmak için NoSQL Enjeksiyonundan Yararlanmahttps://medium.com/@hhuseyinuyar17/verileri-%C3%A7%C4%B1karmak-i%C3%A7in-nosql-enjeksiyonundan-yararlanma-ace89e11bc69?source=rss------bug_bounty-5Hhuseyinuyarbug-bounty, nosql, injection, burpsuite, mongodb07-Mar-2024
Exploring Bug Bounty Programs: An overview and Varietieshttps://medium.com/@lovepatel3223/exploring-bug-bounty-programs-an-overview-and-varieties-6f8539279704?source=rss------bug_bounty-5Prem Patelbug-bounty, bug-bounty-types07-Mar-2024
API Testing for Bug Bounty — Portswigger | 2024https://infosecwriteups.com/api-testing-for-bug-bounty-portswigger-2024-bd8343cc2c10?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, careers, hacking, security07-Mar-2024
How I found Reflected XSS which leads to Account Takeover on an E-commerce websitehttps://medium.com/@npthin1804/how-i-found-reflected-xss-which-leads-to-account-takeover-on-an-e-commerce-website-47200dd631b6?source=rss------bug_bounty-5Npthinbug-bounty, infosec-write-ups, reflected-xss07-Mar-2024
Click, Intercept, Hack: Checkmate on Access Control Vulnerabilityhttps://anasbetis023.medium.com/click-intercept-hack-checkmate-on-access-control-vulnerability-20152a7149e2?source=rss------bug_bounty-5Anas H Hmaidycybersecurity, web-security, ethical-hacking, penetration-testing, bug-bounty07-Mar-2024
XSLeak de-anonymize Facebook user visiting websitehttps://mustafa0x2021.medium.com/xsleak-de-anonymize-facebook-user-visiting-website-8f6c725235e8?source=rss------bug_bounty-5Mustafabug-bounty, meta07-Mar-2024
echo “Hello, World”https://projectpolarbear.com/echo-hello-world-4233c914b944?source=rss------bug_bounty-5Mr. Robots.txtsoc, blue-team, cybersecurity, red-team, bug-bounty07-Mar-2024
Fixing Facebook: A Privacy Issue Ignored?https://medium.com/@mynkpdr/fixing-facebook-a-privacy-issue-ignored-6c048dacc824?source=rss------bug_bounty-5mynkpdrmessenger, bug-bounty-writeup, facebook, bug-bounty, facebook-bug-bounty07-Mar-2024
How to find server security misconfiguration leak data usershttps://medium.com/@sam_0x0/how-to-find-server-security-misconfiguration-leak-data-users-f7a43c008e33?source=rss------bug_bounty-5Eslam Omarbug-bounty, bug-bounty-tips, bugcrowd, bugs, web-pen-testing07-Mar-2024
How to find server security misconfiguration leak data usershttps://systemweakness.com/how-to-find-server-security-misconfiguration-leak-data-users-f7a43c008e33?source=rss------bug_bounty-5Eslam Omarbug-bounty, bug-bounty-tips, bugcrowd, bugs, web-pen-testing07-Mar-2024
How I found Reflected XSS which leads to Account Takeover on an E-commerce websitehttps://medium.com/@npthin1804/how-i-found-reflected-xss-which-leads-to-account-takeover-on-an-e-commerce-website-47200dd631b6?source=rss------bug_bounty-5p00dl3bug-bounty, infosec-write-ups, reflected-xss07-Mar-2024
Bug Bounty - Insecure Deserialization to Reverse Shellhttps://medium.com/@jobaa23/insecure-deserialization-to-reverse-shell-9f007b440d6f?source=rss------bug_bounty-50x4141bug-bounty, remote-code-execution, hacking, bug-hunting, insecure-deserialization07-Mar-2024
Host Header Poison lead to account takeoverhttps://medium.com/@masterhackor22/host-header-poison-lead-to-account-takeover-8c432fb54b29?source=rss------bug_bounty-5master hackorbounty-program, bugs, penetration-testing, cybersecurity, bug-bounty06-Mar-2024
[letsdefend.io] SOC164 — Suspicious Mshta Behaviorhttps://medium.com/@yasminramadini/letsdefend-io-soc164-suspicious-mshta-behavior-36dfa3d74843?source=rss------bug_bounty-5Yasmin Ramadinitryhackme, bug-bounty, indonesia, letsdefendio, ctf-writeup06-Mar-2024
[letsdefend.io] SOC169 — Possible IDOR Attack Detectedhttps://medium.com/@yasminramadini/letsdefend-io-soc169-possible-idor-attack-detected-dda468ceab28?source=rss------bug_bounty-5Yasmin Ramadinictf-writeup, bug-bounty, tryhackme, letsdefendio, indonesia06-Mar-2024
[letsdefend.io] SOC168 — Whoami Command Detected in Request Bodyhttps://medium.com/@yasminramadini/letsdefend-io-soc168-whoami-command-detected-in-request-body-c4813fab47e4?source=rss------bug_bounty-5Yasmin Ramadinibug-bounty, tryhackme, indonesia, letsdefendio, ctf-writeup06-Mar-2024
[Letsdefend.io] SOC170 — Passwd Found in Requested URL — Possible LFI Attackhttps://medium.com/@yasminramadini/letsdefend-io-soc170-passwd-found-in-requested-url-possible-lfi-attack-1828c436e703?source=rss------bug_bounty-5Yasmin Ramadiniletsdefendio, bug-bounty, tryhackme, ctf-writeup, indonesia06-Mar-2024
Apa Itu Kriptografi? Enkripsi, Encoding, Dan Hashinghttps://medium.com/@yasminramadini/apa-itu-kriptografi-enkripsi-encoding-dan-hashing-ddb39d69eb93?source=rss------bug_bounty-5Yasmin Ramadinipentesting, tryhackme, indonesia, cybersecurity, bug-bounty06-Mar-2024
How i bypassed input limitations to get Admin ATOhttps://medium.com/@0x3adly/how-i-bypassed-input-limit-to-get-admin-ato-f2d56f40f505?source=rss------bug_bounty-5Anas Eladly ( 0x3adly )cybersecurity, web-penetration-testing, xss-attack, bug-bounty, bug-bounty-tips06-Mar-2024
Microsoft Exchange Server Remote Code Execution Vulnerabilityhttps://medium.com/@ryuzakiryuga31/microsoft-exchange-server-remote-code-execution-vulnerability-89354c6e6586?source=rss------bug_bounty-5R09shbug-bounty, blackhat, rce-vulnerability, cybersecurity, cyberattack06-Mar-2024
At age of 18, How I got first “Future” Job Offer from Korean MNC through bug bountieshttps://medium.com/@manan_sanghvi/at-age-of-18-how-i-got-first-future-job-offer-from-korean-mnc-through-bug-bounties-2cfb7d4a9e8c?source=rss------bug_bounty-5Manan Sanghviethical-hacking, cybersecurity, bug-bounty, penetration-testing, job-offer06-Mar-2024
Vulnerable WordPress February 2024 (Jushin Castle)https://medium.com/@onhexgroup/vulnerable-wordpress-february-2024-jushin-castle-340990bdb9fb?source=rss------bug_bounty-5Onhexgroupbug-bounty, cybersecurity, security, infosec, wordpress06-Mar-2024
Data Lake introduces the second bug bounty campaign of its patients recruitment Applicationhttps://datalaketoken.medium.com/data-lake-introduces-the-second-bug-bounty-campaign-of-its-patients-recruitment-application-88be6e0399a4?source=rss------bug_bounty-5Data Lakebug-bounty, medical-data, research, data-lake, desci06-Mar-2024
How I Passed eWPTX v2 Exam Without Coursewarehttps://medium.com/@adityasawant00/how-i-passed-ewptx-v2-exam-without-courseware-1711edd7fb32?source=rss------bug_bounty-5Aditya Sawanthacking, penetration-testing, certification, bug-bounty, security06-Mar-2024
12.4 Lab: Exploiting NoSQL operator injection to extract unknown fields | 2024https://infosecwriteups.com/12-4-lab-exploiting-nosql-operator-injection-to-extract-unknown-fields-2024-866996b9fff2?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, hacking, careers, penetration-testing06-Mar-2024
Upload Backdoor in profile picture and OTP Bypasshttps://medium.com/@sahilkushwaha275/upload-backdoor-in-profile-picture-and-otp-bypass-3c2e2e18fbbb?source=rss------bug_bounty-5S33NUbug-bounty, technology, bug-hunting, bounty-program, programming06-Mar-2024
Story of Lock up users’ account by DOS attack cost $1,100https://m7arm4n.medium.com/story-of-lock-up-users-account-by-dos-attack-cost-1-100-87b47d06a7c1?source=rss------bug_bounty-5M7arm4nhacker, hacking, bug-bounty, security, bug-bounty-tips06-Mar-2024
Uncovering Host Header Injection Vulnerabilities in 5 Apex Domain Hostshttps://javroot.medium.com/uncovering-host-header-injection-vulnerabilities-in-5-apex-domain-hosts-c45f79e82862?source=rss------bug_bounty-5Javroothosting, bug-hunting, hacking, white-hat-hacker, bug-bounty05-Mar-2024
Bug-Bounty Beginning (Day-1)https://medium.com/@bv1459/bug-bounty-beginning-day-1-bc5fa649ff45?source=rss------bug_bounty-5Bala Prasanna Gopal Volisettybug-bounty, kali-linux, hacking-tools, hacking05-Mar-2024
XXEs are lurking in unexpected places and you'll find these vulnerabilities almost everywherehttps://medium.com/@securelearn/xxes-are-lurking-in-unexpected-places-and-youll-find-these-vulnerabilities-almost-everywhere-aefeef9d7cbb?source=rss------bug_bounty-5Rohan Giribug-bounty-tips, web-vulnerabilities, bug-bounty05-Mar-2024
How I Found Multiple XSS Vulnerabilities Using Unknown Techniqueshttps://infosecwriteups.com/how-i-found-multiple-xss-vulnerabilities-using-unknown-techniques-74f8e705ea0d?source=rss------bug_bounty-5Khaledyassenxss-attack, hacking, bug-bounty, bug-bounty-tips, cybersecurity05-Mar-2024
Tips Melakukan Analisa Email Phishinghttps://medium.com/@yasminramadini/tips-melakukan-analisa-email-phishing-e4d8f5b4bed6?source=rss------bug_bounty-5Yasmin Ramadinicybersecurity, indonesia, soc-analyst, tryhackme, bug-bounty05-Mar-2024
12.3 Lab: Exploiting NoSQL injection to extract data | 2024https://infosecwriteups.com/12-3-lab-exploiting-nosql-injection-to-extract-data-2024-ca9896a3c964?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, security05-Mar-2024
Apa Itu OSI Model? Protokol Dan Enkapsulasi Tiap Layernyahttps://medium.com/@yasminramadini/apa-itu-osi-model-protokol-dan-enkapsulasi-tiap-layernya-6faa7a0e8bbb?source=rss------bug_bounty-5Yasmin Ramadinisoc-analyst, tryhackme, cybersecurity, indonesia, bug-bounty05-Mar-2024
Apa Itu TCP, UDP, Dan Three-way Handshhttps://medium.com/@yasminramadini/apa-itu-tcp-udp-dan-three-way-handsh-03edaf55c42d?source=rss------bug_bounty-5Yasmin Ramadinisoc-analyst, bug-bounty, cybersecurity, indonesia, tryhackme05-Mar-2024
Road Map to Bug Bounty: A Beginner’s Guidehttps://bjamali.medium.com/road-map-to-bug-bounty-a-beginners-guide-bd14b44e174b?source=rss------bug_bounty-5Babar Ali Jamaliinformation-security, cyber, hacking, cybersecurity, bug-bounty05-Mar-2024
5 Tips GoogleDocks you should know — Bug Bounty Tuesdayhttps://medium.com/@kerstan/5-tips-googledocks-you-should-know-bug-bounty-tuesday-49007026903f?source=rss------bug_bounty-5kerstantechnology, cybersecurity, bug-bounty, programming, security5-Mar-2024
#9.TryHackMe Series writeups-LazyAdminhttps://cyb3rmind.medium.com/9-tryhackme-series-writeups-lazyadmin-7712917a2333?source=rss------bug_bounty-5Cyb3r M!ndwalkthrough, lazy-admin, tryhackme-writeup, tryhackme, bug-bounty05-Mar-2024
Unauthorized access to Facebook creator’s professional dashboardhttps://gtm0x01.medium.com/unauthorized-access-to-facebook-creators-professional-dashboard-e35d98644258?source=rss------bug_bounty-5Gtm Mänôzfacebook, medium, graphql, bug-bounty, writeup05-Mar-2024
My Recon Methodology (ep 1)https://realm3ter.medium.com/my-recon-methodology-ep-1-bc9e6fd660ad?source=rss------bug_bounty-5Muhammad Materbug-bounty, recon, osint05-Mar-2024
Knock, Knock. Who’s there? SSRF! SSRF who? Redirect SSRF!https://atemporalzen.medium.com/knock-knock-whos-there-ssrf-ssrf-who-redirect-ssrf-449f5d18c5a7?source=rss------bug_bounty-5atemporalzenbug-bounty, cybersecurity, hacking, ssrf05-Mar-2024
Payload will after youhttps://medium.com/@isuk4/payload-will-after-you-3e16eaa17517?source=rss------bug_bounty-5Isuka sanujsql-injection, second-order-attack, pentesting, web-app-exploits, bug-bounty05-Mar-2024
HTTP Request Smuggling: WWWWWH?https://medium.com/@rcxsecurity/http-request-smuggling-wwwwwh-85be9c46a38e?source=rss------bug_bounty-5RCXSecuritycybersecurity, pentesting, bug-bounty-tips, bug-bounty, application-security05-Mar-2024
The Danger of PHP Eval():https://medium.com/@pkhuyar/the-danger-of-php-eval-a23410187ca2?source=rss------bug_bounty-5Prashant Roybug-bounty, php, cybersecurity, penetration-testing, ctf05-Mar-2024
Hacking the UK government ( FULL database access )https://ahmadmansourr.medium.com/hacking-the-uk-government-full-database-access-496a94e6cc9c?source=rss------bug_bounty-5Ahmad Mansourcomputer-science, bug-bounty, hacking, pentesting, cybersecurity05-Mar-2024
BAC Leads To Full Takeover Of Any Organisationhttps://medium.com/@ismailsaid1603/bac-leads-to-full-takeover-of-any-organisation-0fc21cf4cb5e?source=rss------bug_bounty-5Esmail Saiedbug-bounty, broken-access-control, idor, bugcrowd, cybersecurity05-Mar-2024
Information Disclosure — Instructor’s Email Address leaked in Responsehttps://rohmadhidayah.medium.com/information-disclosure-instructors-email-address-leaked-in-response-1737551d5a8b?source=rss------bug_bounty-5Rohmad Hidayahinfo-sec-writeups, bug-bounty-tips, bug-bounty, information-disclosure, infosec-write-ups04-Mar-2024
OTP Bypass Via Response Manipulationhttps://medium.com/@maratherao93/otp-bypass-via-response-manipulation-e55352c5c419?source=rss------bug_bounty-5Marathe Raobug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup04-Mar-2024
the Intricacies of WiFi Hackinghttps://medium.com/@paritoshblogs/the-intricacies-of-wifi-hacking-76c404240111?source=rss------bug_bounty-5Paritoshbug-bounty, cybersecurity, hacking, wifi, programming04-Mar-2024
Apa Itu Cyber Kill Chain Dalam Cyber Securityhttps://medium.com/@yasminramadini/apa-itu-cyber-kill-chain-dalam-cyber-security-5e993233615c?source=rss------bug_bounty-5Yasmin Ramadinitryhackme, soc-analyst, indonesia, bug-bounty, cybersecurity04-Mar-2024
Apa Itu Pyramid Of Pain Dalam Cyber Securityhttps://medium.com/@yasminramadini/apa-itu-pyramid-of-pain-dalam-cyber-security-7e08932e8ed9?source=rss------bug_bounty-5Yasmin Ramadinitryhackme, indonesia, bug-bounty, cybersecurity, soc-analyst04-Mar-2024
It assignment helper https://www.fiverr.com/s/QAR93yhttps://medium.com/@drugdirectory96/it-assignment-helper-https-www-fiverr-com-s-qar93y-30e688ba78e9?source=rss------bug_bounty-5Masud Ranajavascript, money, bug-bounty, software-development, bug-bounty-tips04-Mar-2024
My Report Summaries #1: Project manager can see & download all users’ login history at redacted app…https://infosecwriteups.com/my-report-summaries-1-project-manager-can-see-download-all-users-login-history-at-redacted-app-6a41597b5d11?source=rss------bug_bounty-5can1337infosec, bug-bounty, idor, cybersecurity04-Mar-2024
Come diventare un hacker nel 2024https://medium.com/@d0lf1_/come-diventare-un-hacker-nel-2024-493c8c0ced9a?source=rss------bug_bounty-5d0lf1italiano, penetration-testing, google, bug-bounty, hacking04-Mar-2024
11.8 Lab: Exploiting XXE via image file upload | 2024https://cyberw1ng.medium.com/11-8-lab-exploiting-xxe-via-image-file-upload-2024-e2840c3b85f3?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing04-Mar-2024
Simple vulnerability in a Cyber Security conferencehttps://medium.com/@jsamia/simple-vulnerability-in-a-cyber-security-conference-c06a53c6e4b7?source=rss------bug_bounty-5Jaeden Samiasecurity, ethical-hacking, bugs, bug-bounty04-Mar-2024
The Ethics of Bug Bounties: Balancing Incentives and Securityhttps://medium.com/@securelearn/the-ethics-of-bug-bounties-balancing-incentives-and-security-7501a4aaa246?source=rss------bug_bounty-5Rohan Giribug-fixes, bug-bounty-tips, ethical-hacking, cybersecurity, bug-bounty03-Mar-2024
Recently Discovered Several Bugs in a Private Programhttps://zapstiko.medium.com/recently-discovered-several-bugs-in-a-private-program-8dc900bf6fe9?source=rss------bug_bounty-5Raihan Biswasbug-bounty, bugs, idor-vulnerability, information-disclosure, bug-bounty-tips03-Mar-2024
Google Dorking aka “Google Hacking”https://medium.com/@dasmanish6176/google-dorking-aka-google-hacking-49fb5a511345?source=rss------bug_bounty-5Dasmanishgoogle-dork, google-hacking, penetration-testing, bug-bounty03-Mar-2024
PHP Session Poisoning using LFI.https://medium.com/@YNS21/php-session-poisoning-using-lfi-36d7df012777?source=rss------bug_bounty-5Youness Abbidahackerone, bug-bounty, bugcrowd, php, vulnerability03-Mar-2024
Discovered potential SQL injection through parameter testinghttps://medium.com/@pankajnandkar/discovered-potential-sql-injection-through-parameter-testing-0be4364d9b7a?source=rss------bug_bounty-5Pankaj Nandkarbug-bounty-tips, ethical-hacking, sql-injection, bug-bounty, cybersecurity03-Mar-2024
11.7 Lab: Exploiting XInclude to retrieve files | 2024https://cyberw1ng.medium.com/11-7-lab-exploiting-xinclude-to-retrieve-files-2024-2f7751d777fa?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, hacking, cybersecurity03-Mar-2024
Sneak Peek: Mastering Blind SQL Injection with SQLMap and Manual Techniques (CVE-2023–6063)https://medium.com/@josh.beck2006/sneak-peek-mastering-blind-sql-injection-with-sqlmap-and-manual-techniques-cve-2023-6063-af904f61f822?source=rss------bug_bounty-5Josh Beckpenetration-testing, cybersecurity, bug-bounty, oscp03-Mar-2024
Magic Links as Gateways Account Takeovershttps://sl4x0.medium.com/magic-links-as-gateways-account-takeovers-e9c911ceb6f9?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)magic-link, account-takeover, bug-bounty, web-security, pentesting03-Mar-2024
HBO BUB in production. Can’t UNsubscribehttps://medium.com/@shanlogauthier/hbo-bub-in-production-cant-unsubscribe-b0b3982d2292?source=rss------bug_bounty-5Shanlogauthierbug-bounty, max, hbo-max, hbo, bugs03-Mar-2024
Exploiting Grafana To achieve Remote Command Executionhttps://medium.com/@konqi/exploiting-grafana-to-achieve-remote-command-execution-5eb0f99cb107?source=rss------bug_bounty-5Vahagn Israelianhacking, bug-bounty, vulnerability, penetration-testing, grafana02-Mar-2024
the Power of Twitter OSINThttps://medium.com/@paritoshblogs/the-power-of-twitter-osint-059cfaa3b0e2?source=rss------bug_bounty-5Paritoshtwitter, cybersecurity, bug-bounty, threat-intelligence, hacking02-Mar-2024
https://medium.com/@morganbinbash/-46d5d16114c8?source=rss------bug_bounty-5Morgan Bin Bashfrontend, cybersecurity, bug-bounty, pentesting02-Mar-2024
the Power of Twitter OSINThttps://infosecwriteups.com/the-power-of-twitter-osint-059cfaa3b0e2?source=rss------bug_bounty-5Paritoshtwitter, cybersecurity, bug-bounty, threat-intelligence, hacking02-Mar-2024
My first IDOR hunting storyhttps://medium.com/@loverslandgandhi/my-first-idor-hunting-story-42c71fbe06dc?source=rss------bug_bounty-5Loverslandgandhiethical-hacking, bug-bounty-hunter, bug-bounty-tips, cybersecurity, bug-bounty02-Mar-2024
How I Got Highly Sensetive Api Keys On A Private Hackerone Programhttps://medium.com/@mrraghavop12/how-i-got-highly-sensetive-api-keys-on-a-private-hackerone-program-b40c6de80708?source=rss------bug_bounty-5Ethical Raghavcybersecurity, data-science, bug-bounty, technology, web-development02-Mar-2024
Unveiling the Secrets: SSRF Adventures in Microsoft’s AI Playgroundhttps://medium.com/@soufianehabti/unveiling-the-secrets-ssrf-adventures-in-microsofts-ai-playground-26c7872b32fc?source=rss------bug_bounty-5Soufiane Habtibug-bounty, microsoft, security, ai, artificial-intelligence02-Mar-2024
Bypassing the Bluecoat Unified Agenthttps://medium.com/@0xSphinx/bypassing-the-bluecoat-unified-agent-36ada54fe789?source=rss------bug_bounty-50xSphinxhacking, penetration-testing, security, bug-bounty, cybersecurity02-Mar-2024
What is RedTeaming ?https://aboutjbr.medium.com/what-is-redteaming-8699650f4265?source=rss------bug_bounty-5Jbrethical-hacking, bug-bounty, red-team, cybersecurity, hacking02-Mar-2024
bersecurity11.6 Lab: Exploiting blind XXE to retrieve data via error messages | 2024https://cyberw1ng.medium.com/bersecurity11-6-lab-exploiting-blind-xxe-to-retrieve-data-via-error-messages-2024-4b7f1340195a?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, cybersecurity, careers02-Mar-2024
How to hack a LTE Router? Just text it!https://medium.com/@mateusz-msl-lach/how-to-hack-a-lte-router-just-text-it-847f526c0a7f?source=rss------bug_bounty-5Mateusz Lachxss-attack, cybersecurity, cve, bug-bounty, zte02-Mar-2024
My first IDOR hunting storyhttps://hackergandhi.medium.com/my-first-idor-hunting-story-42c71fbe06dc?source=rss------bug_bounty-5hackergandhiethical-hacking, bug-bounty-hunter, bug-bounty-tips, cybersecurity, bug-bounty02-Mar-2024
XML Injection: Deep Divehttps://cyberbull.medium.com/xml-injection-deep-dive-2e6e7132732d?source=rss------bug_bounty-5Aditya Pandeyxml, bug-fixes, injection, bug-bounty, cybersecurity01-Mar-2024
$600 Simple MFA Bypass — Graphqlhttps://securitycipher.medium.com/600-simple-mfa-bypass-graphql-b46c6a4c5b82?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)security, cybersecurity, bug-bounty, technology, hacking01-Mar-2024
XSS : A Fight With The WAFhttps://medium.com/@itsmeliodas/xss-a-fight-with-the-waf-a08a4fc6012c?source=rss------bug_bounty-5Meliodascybersecurity, xss-attack, bug-bounty01-Mar-2024
Understanding Cybersecurity: Safeguarding the Digital Realmhttps://medium.com/@thirdeye1910/understanding-cybersecurity-safeguarding-the-digital-realm-8b36c55bec61?source=rss------bug_bounty-5Rajib Hassenbug-bounty, ethereum, cyberattack, cybersecurity01-Mar-2024
11.5 Lab: Exploiting blind XXE to exfiltrate data using a malicious external DTD | 2024https://infosecwriteups.com/11-5-lab-exploiting-blind-xxe-to-exfiltrate-data-using-a-malicious-external-dtd-2024-a0cc2615cd5e?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, cybersecurity, hacking, security01-Mar-2024
Retrieving SUI Wallet Passphrase and Private Key without Passwordhttps://medium.com/@mgthuramoemyint/retrieving-sui-wallet-passphrase-and-private-key-without-password-8c7ae9d30033?source=rss------bug_bounty-5Thura Moe Myintbug-bounty, security01-Mar-2024
Medium Bug Bounty on Hacker One — Broken Linkhttps://medium.com/bugs-that-bite/medium-bug-bounty-on-hacker-one-broken-link-b121c8896843?source=rss------bug_bounty-5Teri Radichelsecurity, bug-bounty, bugs, medium, hackerone29-Feb-2024
Critical vulnerability in Flask AppBuilder — CVE-2024–25128https://systemweakness.com/critical-vulnerability-in-flask-appbuilder-cve-2024-25128-a8693fb31d86?source=rss------bug_bounty-5ElNiakvulnerability, cybersecurity, flask, bug-bounty, python29-Feb-2024
Version disclosure in headers and response : Security threathttps://medium.com/@zakeeandroid/version-disclosure-in-headers-and-response-security-threat-0b4e86272018?source=rss------bug_bounty-5Mohamed Zakeeapplication-security, bug-bounty, cybersecurity29-Feb-2024
Stored XSS on Bug Bounty Programhttps://medium.com/@bry4nzheng/stored-xss-on-bug-bounty-program-092d6c262c1b?source=rss------bug_bounty-5Bryan Zhengpenetration-testing, cybersecurity, bug-bounty29-Feb-2024
Simple Tips for Bug Bounty Beginners: Finding API Key Leakage Vulnerabilitieshttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-api-key-leakage-vulnerabilities-eddc416216ce?source=rss------bug_bounty-5Anish Narayanbug-bounty-writeup, secure-api-key, bug-bounty-tips, bug-bounty-hunting, bug-bounty29-Feb-2024
How to Excel at CTF Games with Linux Command Line Toolshttps://dpericich.medium.com/how-to-excel-at-ctf-games-with-linux-command-line-tools-a68fba09cbfa?source=rss------bug_bounty-5Daniel Pericichcybersecurity, linux, terminal, bug-bounty, software-engineering29-Feb-2024
How do I found Blind SSRF on a Hackerone Programhttps://codingninjablogs.tech/how-do-i-found-blind-ssrf-on-a-hackerone-program-3f7c315c20c9?source=rss------bug_bounty-5#!/Subhankarcve, hacking, bug-bounty, ssrf, hackerone29-Feb-2024
Horizontal Privilege Escalation Leads to Bountyhttps://medium.com/@hellother18/horizontal-privilege-escalation-leads-to-bounty-f87aebbed8ab?source=rss------bug_bounty-5Manthan_ mahalebugbounty-tips, hackerone, bounty-program, privilege-escalation, bug-bounty29-Feb-2024
11.4 Lab: Blind XXE with out-of-band interaction via XML parameter entities | 2024https://infosecwriteups.com/11-4-lab-blind-xxe-with-out-of-band-interaction-via-xml-parameter-entities-2024-14fbb40ba2f0?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, penetration-testing, cybersecurity, hacking29-Feb-2024
SQL Injection: Beyond ‘OR 1=1’. An iCSI CTFhttps://medium.com/@josh.beck2006/sql-injection-beyond-or-1-1-an-icsi-ctf-b468b1dfa851?source=rss------bug_bounty-5Josh Beckcybersecurity, oscp, bug-bounty, ctf-writeup29-Feb-2024
Authentication Bypass Using Response Manipulationhttps://medium.com/@kundanp70559361/authentication-bypass-using-response-manipulation-c95969e787a8?source=rss------bug_bounty-5kundan prasadscience, cyber-security-awareness, hacking, bug-bounty, cybersecurity29-Feb-2024
Maximizing Bug Bounty Earnings with Burp Suite: Essential Tools and Plugins.https://medium.com/@montymahapatra79/maximizing-bug-bounty-earnings-with-burp-suite-essential-tools-and-plugins-84468c5d969d?source=rss------bug_bounty-5Montymahapatraburpsuite-profissional, burpsuite, bug-bounty, burpsuite-extension, bug-bounty-tips29-Feb-2024
First Bug Bountyhttps://medium.com/@tom.sh/first-bug-bounty-ba6088fc2615?source=rss------bug_bounty-5Tomcybersecurity, bugcrowd, hackerone, bug-bounty, hacking29-Feb-2024
How to find your first XSS vulnerability!!!https://medium.com/@basti_Sec/how-to-find-your-first-xss-vulnerability-a35cb69b2f56?source=rss------bug_bounty-5Basti_Secbug-bounty-hunter, xss-vulnerability, hacking, bug-bounty, xss-attack29-Feb-2024
The Reality of Cloud Hackinghttps://medium.com/@paritoshblogs/the-reality-of-cloud-hacking-8a061059dfcc?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, cloud-computing, cloud-hacking, hacking28-Feb-2024
Email verification bypass leads to create unlimited user accounts with what ever email idhttps://medium.com/@Rahulkrishnan_R_Panicker/email-verification-bypass-leads-to-create-unlimited-user-accounts-with-what-ever-email-id-68a2069185e4?source=rss------bug_bounty-5Rahulkrishnan R Panickertechnology, cybersecurity, hacking, bug-bounty, programming28-Feb-2024
symfony profiler kritik təhlükəsizlik açığı $$$https://memmedrehimzade.medium.com/symfony-profiler-kritik-t%C9%99hl%C3%BCk%C9%99sizlik-a%C3%A7%C4%B1%C4%9F%C4%B1-622ae6495fef?source=rss------bug_bounty-5memmed rehimzadekibertəhlükəsizlik, bug-bounty, cybertime28-Feb-2024
Microsoft Azure Cloud Service’s uAMQP Library Flaw and Its Potential for RCE — CVE-2024–27099…https://medium.com/@elniak/microsoft-azure-cloud-services-uamqp-library-flaw-and-its-potential-for-rce-cve-2024-27099-3d717cdb45f3?source=rss------bug_bounty-5ElNiakvulnerability, bug-bounty, cloud, azure, cybersecurity28-Feb-2024
https://medium.com/@morganbinbash/-af057d8d6788?source=rss------bug_bounty-5Morgan Bin Bashcybersecurity, pentesting, bug-bounty28-Feb-2024
Revolutionize Your Bug Hunting: Jam.dev Turbocharges Bug Reportinghttps://medium.com/@merisstupar11/revolutionize-your-bug-hunting-jam-dev-turbocharges-bug-reporting-2df14351766f?source=rss------bug_bounty-5Meris Stuparbug-bounty, programming, testing, software-engineering, github28-Feb-2024
How do I automate my recon — Part Twohttps://medium.com/@aliraah/how-do-i-automate-my-recon-part-two-b39a66b4c23d?source=rss------bug_bounty-5Aliraahpython, bug-bounty, automation, infosec, reconnaissance28-Feb-2024
Pre-Account Takeover Leading To Broken Access Controlhttps://medium.com/@bcarikci-dev/pre-account-takeover-leading-to-broken-access-control-13916ca02483?source=rss------bug_bounty-5Berkay Çarıkçıoğlubroken-access-control, bug-bounty, cybersecurity, hacking, penetration-testing28-Feb-2024
cybers11.3 Lab: Blind XXE with out-of-band interaction | 2024https://infosecwriteups.com/cybers11-3-lab-blind-xxe-with-out-of-band-interaction-2024-9f2f5caf98ad?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, cybersecurity, penetration-testing, hacking28-Feb-2024
[TOOL GUIDE] Bypass-http a python tool to find 403 & 401 bypasshttps://medium.com/@reinhardt.pwn/tool-guide-bypass-http-a-python-tool-to-find-403-401-bypass-b46ff0bd6978?source=rss------bug_bounty-5|Reinhardt|cybersecurity-tools, cybersecurity, pentest, bug-bounty28-Feb-2024
Yerel bir DTD’yi yeniden kullanarak kör XXE’den yararlanmahttps://medium.com/@hhuseyinuyar17/yerel-bir-dtdyi-yeniden-kullanarak-k%C3%B6r-xxe-den-yararlanma-f999fbbfdd0a?source=rss------bug_bounty-5Hhuseyinuyarxml, burpsuite, injection, bug-bounty, xxe28-Feb-2024
how i make 6,000$ with jwt manipulation on web3 crypto application ?https://medium.com/@zack0x01_/how-i-make-6-000-with-jwt-manipulation-on-web3-crypto-application-1e659c927647?source=rss------bug_bounty-5zack0x01bug-bounty-program, bug-bounty, bug-bounty-tips, bug-bounty-writeup28-Feb-2024
Hack Stories: Hacking Hackers EP:2https://infosecwriteups.com/hack-stories-hacking-hackers-ep-2-b4d2e628781e?source=rss------bug_bounty-5c0d3x27cybersecurity, threat-intelligence, hacking, software-development, bug-bounty28-Feb-2024
First bug and bountyhttps://medium.com/@Rahulkrishnan_R_Panicker/first-bug-and-bounty-5612ba5d455e?source=rss------bug_bounty-5Rahulkrishnan R Panickerinfo-sec-writeups, bug-bounty, programming, technology, infosec27-Feb-2024
Jenkins Arbitrary File Reading Vulnerability (CVE-2024–23897) — Bug Bounty Tuesdayhttps://medium.com/@kerstan/jenkins-arbitrary-file-reading-vulnerability-cve-2024-23897-bug-bounty-tuesday-8e3a69443d9b?source=rss------bug_bounty-5kerstantechnology, bug-bounty, security, cybersecurity, programming27-Feb-2024
Bug Bounty should be a goto solution for your web3 security needshttps://securrtech.medium.com/bug-bounty-should-be-a-goto-solution-for-your-web3-security-needs-46b0f07b1a96?source=rss------bug_bounty-5Securrweb3-security, bug-bounty, web327-Feb-2024
Leak JWT Private Key leads to Bypass Authenticationhttps://sonnguy3n.medium.com/leak-jwt-private-key-leads-to-bypass-authentication-e0bd984f55ad?source=rss------bug_bounty-5Son Nguyensecurity, bypass, bug-bounty, jwt-token27-Feb-2024
Finding and exploiting blind XXE vulnerabilitieshttps://cyberw1ng.medium.com/finding-and-exploiting-blind-xxe-vulnerabilities-446f1f41eab9?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, penetration-testing, careers, bug-bounty27-Feb-2024
Reconnaissance: A Google-Dorking Affairhttps://medium.com/@kieran.x.willey/reconnaissance-a-google-dorking-affair-21edfb4e3b0f?source=rss------bug_bounty-5Kieran Wpenetration-testing, bug-bounty, reconnaissance, hacking, google-dorking27-Feb-2024
How do you know if someone has opened your email or not?https://medium.com/@deadoverflow/how-do-you-know-if-someone-has-opened-your-email-or-not-c5bcefda3a89?source=rss------bug_bounty-5Imad Husanovicbug-bounty, chrome-extension, hacking, programming, cybersecurity27-Feb-2024
Read This If You Still Watch Porn in Google Incognito Mode ⚫https://medium.com/@Ajakcybersecurity/read-this-if-you-still-watch-porn-in-google-incognito-mode-ab4a5faa1dcc?source=rss------bug_bounty-5AjakCybersecuritygoogle, history, ethical-hacking, bug-bounty, cybersecurity27-Feb-2024
CVE-2023–40000: How Safe Is Your Internet Box? ️https://medium.com/coded-tech-talk/cve-2023-40000-how-safe-is-your-internet-box-%EF%B8%8F-06ff1f872f7b?source=rss------bug_bounty-5Coded Conversationscyber-security-awareness, cve, vulnerability, cybersecurity, bug-bounty27-Feb-2024
The Exploitation of Massive Slack Workspaces Registration Vulnerabilityhttps://medium.com/@siratsami71/the-exploitation-of-massive-slack-workspaces-registration-vulnerability-0c0e76e5cd3e?source=rss------bug_bounty-5Sirat Sami (analyz3r)bug-bounty, cybersecurity, hackerone27-Feb-2024
Major Security Flaw in ConnectWise ScreenConnect — CVE-2024–1709https://medium.com/@elniak/major-security-flaw-in-connectwise-screenconnect-cve-2024-1709-633015ba2b9f?source=rss------bug_bounty-5ElNiakcve, cybersecurity, ransomware, bug-bounty, penetration-testing26-Feb-2024
Pwn College — Talking to Web Walkthrough by Karthikeyan Nagarajhttps://infosecwriteups.com/pwn-college-talking-to-web-walkthrough-by-karthikeyan-nagaraj-48d13b3a1216?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, hacking, security, careers26-Feb-2024
This is How I Received My Acknowledgement from Microsofthttps://medium.com/@kamilrahman32/this-is-how-i-received-my-acknowledgement-from-microsoft-2366b58cbd98?source=rss------bug_bounty-5Kamil Rahumanmicrosoft, cybersecurity, hall-of-fame, bug-bounty, bug-bounty-tips26-Feb-2024
Hunting for Hidden Parameters in Burp Suitehttps://medium.com/mii-cybersec/hunting-for-hidden-parameters-in-burp-suite-98b54616f863?source=rss------bug_bounty-5Bryan Matthewhidden-parameters, bug-bounty, burpsuite, red-team, owasp26-Feb-2024
Lakshya CTF 2k24 by pict cyber cellhttps://medium.com/@suyogpatil1810/lakshya-ctf-2k24-by-pict-cyber-cell-6ec37ec0b954?source=rss------bug_bounty-5Suyog Patilctf-writeup, bug-bounty, ctf, engineering, hacking26-Feb-2024
How I Found Xss In A Inactive Hackerone Program With My Mobilehttps://medium.com/@mrraghavop12/how-i-found-xss-in-a-inactive-hackerone-program-34464552256e?source=rss------bug_bounty-5Ethical Raghavbug-bounty-tips, technology, blockchain, bug-bounty, cybersecurity26-Feb-2024
Glider: Revolutionizing Web3 Auditing and Security Analysishttps://medium.com/coinmonks/glider-revolutionizing-web3-auditing-and-security-analysis-3a3ad6add87d?source=rss------bug_bounty-5Officer's Notesbug-bounty, solidity, smart-contracts, dapps, blockchain26-Feb-2024
Hacking Android Apps With Fridahttps://blog.prodefense.io/hacking-android-apps-with-frida-f4b9121228b6?source=rss------bug_bounty-5Matthew Keeleysecurity, pentesting, bug-bounty, android, hacking26-Feb-2024
Html-Injection [ Bug Bounty ]https://medium.com/@rhashibur75/html-injection-bug-bounty-a41f87217118?source=rss------bug_bounty-5Kazi Hashibur Rahmanbug-bounty25-Feb-2024
Create Your Own File Extensionhttps://medium.com/@paritoshblogs/create-your-own-file-extension-fa484c677590?source=rss------bug_bounty-5Paritoshcoding, file-extension, bug-bounty, programming, information-technology25-Feb-2024
Business Logic Error in the Comment Section of a Porn sitehttps://medium.com/@vflexo/business-logic-error-in-the-comment-section-of-a-porn-site-42643f66dfee?source=rss------bug_bounty-5vFlexovapt, cybersecurity, ethical-hacking, bug-bounty, penetration-testing25-Feb-2024
CRLF injectionhttps://medium.com/@R00tendo/crlf-injection-ae26521c5e4c?source=rss------bug_bounty-5R00tendoweb-application-security, bug-bounty, web-security, crlf-injection25-Feb-2024
The Story of How I Hacked a Website with a Simple Stored XSS Payload (And How Bugcrowd Turned Me…https://medium.com/@iamrizwanvp/the-story-of-how-i-hacked-a-website-with-a-simple-stored-xss-payload-and-how-bugcrowd-turned-me-63773d5906ff?source=rss------bug_bounty-5RIZWANbug-bounty-tips, cybersecurity, bug-bounty, penetration-testing, vulnerability25-Feb-2024
I took over 10 Million Accounts, Easy API Hackinghttps://infosecwriteups.com/i-took-over-10-million-accounts-easy-api-hacking-89a7092abe40?source=rss------bug_bounty-5Ravaanbug-bounty, bug-bounty-writeup, api, hacking, cybersecurity25-Feb-2024
Beyond the Wall: Bypassing OTP, WAF, and 403 for exploiting a SQL Injectionhttps://medium.com/@remmy9/beyond-the-wall-bypassing-otp-waf-and-403-for-exploiting-a-sql-injection-97f06a3527c0?source=rss------bug_bounty-5Remmyhacking, 403-bypass, bug-bounty, waf-bypass, sql-injection25-Feb-2024
10.5 Lab: Blind SSRF with out-of-band detection | 2024https://cyberw1ng.medium.com/10-5-lab-blind-ssrf-with-out-of-band-detection-2024-2497bcf7859c?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, security, careers25-Feb-2024
The Aspida Bug Bounty Programhttps://medium.com/@aspidabd/the-aspida-bug-bounty-program-84e4495955c1?source=rss------bug_bounty-5Aspidalsd, lsdfi, blockchain, staking, bug-bounty24-Feb-2024
Best Approach to active Directory: 2https://medium.com/@anekantsinghai/best-approach-to-active-directory-2-b32a8bb2be7e?source=rss------bug_bounty-5Anekant Singhai Jainpenetration-testing, windows, bug-bounty, cybersecurity, active-directory24-Feb-2024
Explaining and exploiting open redirect vulnerabilitieshttps://medium.com/@R00tendo/explaining-and-exploiting-open-redirect-vulnerabilities-67dd825e2c49?source=rss------bug_bounty-5R00tendoopen-redirect, web-security, bug-bounty, web-application-security, web-hacking24-Feb-2024
How I Got $5,000 for Out-of-Scope XSShttps://7odamoo.medium.com/how-i-got-5-000-for-out-of-scope-xss-f96938a8c561?source=rss------bug_bounty-5Mahmoud Hamed (7odamoo)bug-bounty-tips, bug-bounty, pentesting24-Feb-2024
Ethernaut Challenge Level 16: Solution (Preservation)https://shubhamnagar1.medium.com/ethernaut-challenge-level-16-solution-preservation-4403230b469c?source=rss------bug_bounty-5Shubham Nagarsolidity, blockchain, cybersecurity, bug-bounty, ethernaut24-Feb-2024
Bypass Rate Limits on authentication endpoints like a pro………!https://medium.com/@a13h1/bypass-rate-limits-on-authentication-endpoints-like-a-pro-2054460a43c0?source=rss------bug_bounty-5Abhi Sharmaprogramming, rate-limiting, api, cybersecurity, bug-bounty24-Feb-2024
10.4 Lab: SSRF with filter bypass via open redirection vulnerability | 2024https://cyberw1ng.medium.com/10-4-lab-ssrf-with-filter-bypass-via-open-redirection-vulnerability-2024-fa36d8f10968?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, security, bug-bounty, hacking24-Feb-2024
How i was able to hack over 10 million websites using BAC : broken access controle .https://medium.com/@zack0x01_/how-i-was-able-to-hack-over-10-million-websites-using-bac-broken-access-controle-ce6b704e3dcb?source=rss------bug_bounty-5zack0x01hacking-training, bug-bounty-tips, bug-bounty, bug-bounty-writeup, hacking23-Feb-2024
How Automation Detected Default Admin Credential Worth $500https://vijetareigns.medium.com/how-automation-detected-default-admin-credential-worth-500-d6c09719d307?source=rss------bug_bounty-5the_unlucky_guybug-bounty-tips, bug-bounty-writeup, bug-bounty, bugbounty-writeup, cybersecurity23-Feb-2024
Shodan - “Unauthorized access to setup panel”https://medium.com/@bug.hun3r/shodan-power-unauthorized-access-to-setup-panel-c64bd63f9b3e?source=rss------bug_bounty-5mo9kHu93rhacking, web-application-security, bug-hunting, cybersecurity, bug-bounty23-Feb-2024
10.3 Lab: SSRF with blacklist-based input filter | 2024https://cyberw1ng.medium.com/10-3-lab-ssrf-with-blacklist-based-input-filter-2024-9a7972ab7e8f?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, careers, hacking, bug-bounty23-Feb-2024
From CRLF Injection to XSS: Elevating the Stakes in Apple iTunes Securityhttps://xelkomy.medium.com/from-crlf-injection-to-xss-elevating-the-stakes-in-apple-itunes-security-597dc435fd82?source=rss------bug_bounty-5Khaled Mohamedcrlf, infosec, bug-bounty, penetration-testing, xs23-Feb-2024
Unveiling Bug Bounties: Balancing the Scale of Application Securityhttps://sushantkatare.medium.com/unveiling-bug-bounties-balancing-the-scale-of-application-security-be5645395101?source=rss------bug_bounty-5Sushant Katare, CISSPbug-bounty, vulnerability, bugs23-Feb-2024
Hacking Web Meeting/Webinar Apphttps://ronak-9889.medium.com/hacking-web-meeting-webinar-app-1cb31c648752?source=rss------bug_bounty-5Ronak Patelinformation-security, ethical-hacking, cybersecurity, bug-bounty23-Feb-2024
A Pen worth 80K (BBP#2)https://infosecwriteups.com/a-pen-worth-80k-bbp-2-dceb0db18366?source=rss------bug_bounty-5Devender Raopenetration-testing, cybersecurity, bug-bounty, application-security, linux23-Feb-2024
How I Got 1-Click ATO through self-XSShttps://medium.com/@0x3adly/how-i-was-able-to-get-1-click-ato-through-self-xss-6a6f59b3a6da?source=rss------bug_bounty-5Anas Eladly ( 0x3adly )bug-bounty, csrf, penetration-testing, cross-site-scripting, bug-bounty-tips22-Feb-2024
Disclose assigned apps of any facebook userhttps://gtm0x01.medium.com/disclose-assigned-apps-of-any-facebook-user-e78bcff1de71?source=rss------bug_bounty-5Gtm Mänôzbug-bounty, graphql, facebook-bug-bounty, bug-bounty-writeup, infosec22-Feb-2024
IDOR: The Simple Switchhttps://medium.com/@ganga_/idor-the-simple-switch-19d881358552?source=rss------bug_bounty-5Gangaethical-hacking, bug-bounty-writeup, bug-bounty, web-application-security, penetration-testing22-Feb-2024
How To Report a Vulnerability which is not a part of the VDP Program?https://medium.com/@Ajakcybersecurity/how-to-report-a-vulnerability-which-is-not-a-part-of-the-vdp-program-b7b951795c45?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, penetration-testing, bug-bounty, hacking, blog22-Feb-2024
HTTP-Only Sessions: No Problem? ATO Still Lurks via XSS!https://kokomagedd.medium.com/http-only-sessions-no-problem-ato-still-lurks-via-xss-d415dec701d0?source=rss------bug_bounty-5Kyrillos Magedbug-bounty, bug-bounty-tips, xss-attack, cybersecurity, infosec22-Feb-2024
Mastering BetterCap: A Beginner’s Guide to Network Attacks and Monitoringhttps://infosecwriteups.com/mastering-bettercap-a-beginners-guide-to-network-attacks-and-monitoring-b313c1f85489?source=rss------bug_bounty-5ElNiakbug-bounty, cybersecurity, reconnaissance, network-security, bettercap22-Feb-2024
Exploiting XSS to Perform CSRFhttps://medium.com/@marduk.i.am/exploiting-xss-to-perform-csrf-275288910459?source=rss------bug_bounty-5Marduk I Amstored-xss, cybersecurity, bug-bounty, portswigger-lab, cross-site-scripting22-Feb-2024
How I logged into user accounts with no informationhttps://medium.com/@jsamia/how-i-logged-into-user-accounts-with-no-information-629f50e8885d?source=rss------bug_bounty-5Jaeden Samiasecurity, ethical-hacking, bug-bounty22-Feb-2024
Using Wayback And DNS rebinding For SSRFhttps://medium.com/@amnotacat/using-wayback-and-dns-rebinding-for-ssrf-a5a16f611acc?source=rss------bug_bounty-5amnotacatbug-bounty22-Feb-2024
Exploit Development: Classic Buffer Overflowshttps://medium.com/@boogsta/exploit-development-classic-buffer-overflows-0416a7ed1d9a?source=rss------bug_bounty-5Boogstacyber, hacking, bug-bounty, tryhackme, cybersecurity22-Feb-2024
Hack The Box Certified Bug Bounty Hunter (CBBH) Reviewhttps://medium.com/@josselin_poupeney/hack-the-box-certified-bug-bounty-hunter-cbbh-review-f25796cb22ee?source=rss------bug_bounty-5Josselin Poupeneybug-bounty, pentesting, hackin, cbbh, hackthebox22-Feb-2024
How Bug Bounties Are Incentivising Ethical Hackinghttps://medium.com/@cybertec/how-bug-bounties-are-incentivising-ethical-hacking-1fa49410e0aa?source=rss------bug_bounty-5Jonathan Paulsonbug-bounty, hacking, cybercrime, cybersecurity, quantum-computing22-Feb-2024
Absolute Beginners Guide For Finding P4 Bugs (With Real Example!)-Part 2https://medium.com/@avbhijitdutta99/absolute-beginners-guide-for-finding-p4-bugs-with-real-example-part-2-c4a9d9c7af43?source=rss------bug_bounty-5Cyberbeatbugs, cybersecurity, cyberattack, bug-bounty, bug-bounty-tips21-Feb-2024
10 Kesalahan Coding Yang Membuat Aplikasi Kurang Amanhttps://medium.com/@yasminramadini/10-kesalahan-coding-yang-membuat-aplikasi-kurang-aman-77da9d768594?source=rss------bug_bounty-5Yasmin Ramadiniprogramming, cybersecurity, cyber-security-awareness, coding, bug-bounty21-Feb-2024
Understanding Wazuhhttps://medium.com/@paritoshblogs/understanding-wazuh-b4748d21c6ba?source=rss------bug_bounty-5Paritoshthreat-detection, siem, cybersecurity, bug-bounty, wazuh21-Feb-2024
Bug bounty writeup : 2F/OTP Bypass on Registeration via Response manipulationhttps://noorhomaid.medium.com/bug-bounty-writeup-2f-otp-bypass-on-registeration-via-response-manipulation-2e53573ffa4c?source=rss------bug_bounty-5NoorHomaidbug-bounty, ethical-hacking, bugbounty-writeup, cybersecurity21-Feb-2024
9.5 Lab: Exploiting time-sensitive vulnerabilities | 2024https://infosecwriteups.com/9-5-lab-exploiting-time-sensitive-vulnerabilities-2024-d5bf94cdcf59?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, security, hacking, cybersecurity21-Feb-2024
Critical Vulnerabilities in VMware EAP Uncovered — Unraveling CVE-2024–22245https://medium.com/@elniak/critical-vulnerabilities-in-vmware-eap-uncovered-unraveling-cve-2024-22245-08746ff09907?source=rss------bug_bounty-5ElNiakvulnerability, programming, bug-bounty, vmware, cybersecurity21-Feb-2024
This is the easiest bug you can find right now.https://medium.com/@an0nbil/this-is-the-easiest-bug-you-can-find-right-now-eb324861c238?source=rss------bug_bounty-5an0nbilethical-hacking, bug-bounty, programming, bug-bounty-tips, cybersecurity21-Feb-2024
Critical Vulnerabilities in VMware EAP Uncovered — Unraveling CVE-2024–22245https://systemweakness.com/critical-vulnerabilities-in-vmware-eap-uncovered-unraveling-cve-2024-22245-08746ff09907?source=rss------bug_bounty-5ElNiakvulnerability, programming, bug-bounty, vmware, cybersecurity21-Feb-2024
9.4 Lab: Single-endpoint race conditions | 2024https://cyberw1ng.medium.com/9-4-lab-single-endpoint-race-conditions-2024-40b12d1ae4be?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, security, careers, cybersecurity, hacking20-Feb-2024
Apa Itu Cross Site Scripting? Jenis, Dampak, Dan Pencegahannyahttps://medium.com/@yasminramadini/apa-itu-cross-site-scripting-jenis-dampak-dan-pencegahannya-e507eedb43f8?source=rss------bug_bounty-5Yasmin Ramadinicybersecurity, xss-attack, pentesting, cyber-security-awareness, bug-bounty20-Feb-2024
My Unbelievable Hack into HR Admin — A Bug Bounty Tale!!!https://medium.com/@ratnadip1998/my-unbelievable-hack-into-hr-admin-a-bug-bounty-tale-853338770d8c?source=rss------bug_bounty-5Ratnadip Gajbhiyebugcrowd, ethical-hacking, bug-bounty, bug-bounty-tips, hackerone20-Feb-2024
Hou I Discovering the Origin IP In Bug Bounty — Bug Bounty Tuesdayhttps://medium.com/@kerstan/hou-i-discovering-the-origin-ip-in-bug-bounty-bug-bounty-tuesday-47fa16c4ef34?source=rss------bug_bounty-5kerstansecurity, technology, bug-bounty, cybersecurity, programming20-Feb-2024
How I Discovering the Origin IP In Bug Bounty — Bug Bounty Tuesdayhttps://medium.com/@kerstan/hou-i-discovering-the-origin-ip-in-bug-bounty-bug-bounty-tuesday-47fa16c4ef34?source=rss------bug_bounty-5kerstansecurity, technology, bug-bounty, cybersecurity, programming20-Feb-2024
Breach the Build: Exploiting Jenkins (CVE-2024–23897)https://medium.com/@josh.beck2006/breach-the-build-exploiting-jenkins-cve-2024-23897-f2ecc415f9bf?source=rss------bug_bounty-5Josh Beckoscp, cybersecurity, ctf-writeup, bug-bounty20-Feb-2024
How easy it is to find Private Info on Googlehttps://medium.com/@lochana8723/mastering-osint-gold-mines-a-guide-to-google-dorking-for-bug-bounty-success-e1f2acbbf4f2?source=rss------bug_bounty-5Lochana Dissanayakecybersecurity, ethical-hacking, bug-bounty, osint20-Feb-2024
Response Manipulation leads to Bypassing the OTP email verificationhttps://kiraadx.medium.com/response-manipulation-leads-to-bypassing-the-otp-email-verification-3107d558e8a5?source=rss------bug_bounty-5KiRaaDxbug-bounty-tips, bug-bounty20-Feb-2024
Day 14 Bug Bounty Challenge — Found $1000 Stored XSShttps://medium.com/@avbhijitdutta99/day-14-bug-bounty-challenge-found-1000-stored-xss-c0c9813bbe5a?source=rss------bug_bounty-5Abhijit Duttabug-bounty, bugbountychallenge, bug-bounty-tips, bug-bounty-writeup19-Feb-2024
9.3 Lab: Multi-endpoint race conditions | 2024https://cyberw1ng.medium.com/9-3-lab-multi-endpoint-race-conditions-2024-5617e806a0fc?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, bug-bounty, careers, hacking19-Feb-2024
HackTheBox — Monitoredhttps://medium.com/@mxzartxbyte/hackthebox-monitored-6cd7bc16f080?source=rss------bug_bounty-5mxz4rtbug-bounty, penetration-testing, network-penetration, hackthebox-writeup, hack-the-box-writeup19-Feb-2024
The Ultimate Guide to Top Bug Bounty Platforms in 2024https://medium.com/@crawsecurity/the-ultimate-guide-to-top-bug-bounty-platforms-in-2024-6934a3db42d2?source=rss------bug_bounty-5crawsecuritybugs, bug-fixes, bug-bounty-tips, bug-zero, bug-bounty19-Feb-2024
Unlocking Creativity: TCS HackQuest S8 Unveiled — Round 2https://medium.com/@Dark_D3v1l/unlocking-creativity-tcs-hackquest-s8-unveiled-round-2-a311e68becd4?source=rss------bug_bounty-5Ravitejaweb-security, ctf-writeup, bug-bounty, reverse-engineering, tcs-hackquest19-Feb-2024
How to Find First Bug (For Beginners)https://hackerhq.medium.com/how-to-find-first-bug-for-beginners-22a9177e94a0?source=rss------bug_bounty-5HackerHQcyber-security-awareness, bug-bounty-tips, cybersecurity, hackerone, bug-bounty19-Feb-2024
Android Architecture Components: Android Pentestinghttps://bot2root.medium.com/android-architecture-components-android-pentesting-1279e35c2d32?source=rss------bug_bounty-5Raghuveer Singh Chouhanpentesting, bug-bounty, hacking, cybersecurity, android19-Feb-2024
Searching industrial infrastructure with Netlas.iohttps://netlas.medium.com/searching-industrial-infrastructure-with-netlas-io-49c08ca519a2?source=rss------bug_bounty-5Netlas.iobug-bounty, critical-infrastructure, penetration-testing, cybersecurity, information-security19-Feb-2024
Absolute Beginners Guide For Finding P4 Bugs -Part 1https://medium.com/@avbhijitdutta99/absolute-beginners-guide-for-finding-p4-bugs-part-1-5585cc94ac8b?source=rss------bug_bounty-5Cyberbeatbug-bounty-hunter, bug-bounty-tips, bug-bounty-program, bug-bounty19-Feb-2024
Dorking-Pentesting: Create Your Own Automated Pentesting Toolshttps://medium.com/@elniak/dorking-pentesting-create-your-own-automated-pentesting-tools-11134114c2b7?source=rss------bug_bounty-5ElNiaktools, bug-bounty, python, penetration-testing, google19-Feb-2024
Web Cache Poisoing leads to ATO (Account takeover)https://medium.com/@hoosgamer/web-cache-poisoing-leads-to-ato-account-takeover-2522b4583a97?source=rss------bug_bounty-5HooShacking, bug-bounty-tips, bug-bounty, bug-bounty-writeup, web-security19-Feb-2024
Apa Itu Security Operation Center (SOC)https://medium.com/@yasminramadini/apa-itu-security-operation-center-soc-345f56cd85f3?source=rss------bug_bounty-5Yasmin Ramadinipentesting, bug-bounty, cybersecurity, soc-analyst, ethical-hacking18-Feb-2024
HackTheBox — SQLMap Essentialshttps://medium.com/@harry.hphu/hackthebox-sqlmap-essentials-72eaa7a13596?source=rss------bug_bounty-5Huy Phuweb-application-security, bug-bounty, sql, hackthebox18-Feb-2024
Introduction to API Testing — API Discovery and Interactionhttps://medium.com/@harry.hphu/introduction-to-api-testing-api-discovery-and-interaction-705248fc089e?source=rss------bug_bounty-5Huy Phuapi, bug-bounty, web-application-security, api-testing18-Feb-2024
Introduction to API Testing — Reconnaissancehttps://medium.com/@harry.hphu/introduction-to-api-testing-reconnaissance-7b471f4f4e73?source=rss------bug_bounty-5Huy Phuweb-application-security, api-testing, api, bug-bounty18-Feb-2024
Easy automation of bug bounty using Ethredhttps://medium.com/@eyaalgabay/automate-bug-bounty-using-ethred-de042fb19926?source=rss------bug_bounty-5Eyaalgabaypenetration-testing, bug-bounty, web-security, bugbounty-tips, hacking18-Feb-2024
My New Tool For Information Findinghttps://medium.com/@mrraghavop12/my-new-tool-for-information-finding-92a205a6e305?source=rss------bug_bounty-5Ethical Raghavdata-science, bug-bounty-tips, programming, bug-bounty, technology18-Feb-2024
Introduction to API Testing — Server-Side Parameter Pollutionhttps://medium.com/@harry.hphu/introduction-to-api-testing-server-side-parameter-pollution-52dc5c170d19?source=rss------bug_bounty-5Huy Phuweb-application-security, api, api-testing, bug-bounty18-Feb-2024
Introduction to API Testing — Mass Assignment vulnerabilitieshttps://medium.com/@harry.hphu/introduction-to-api-testing-mass-assignment-vulnerabilities-1643f75d1d20?source=rss------bug_bounty-5Huy Phuweb-application-security, api-testing, api, bug-bounty18-Feb-2024
Exploiting Cross-Site Scripting to Capture Passwordshttps://medium.com/@marduk.i.am/exploiting-cross-site-scripting-to-capture-passwords-b2cda84698b0?source=rss------bug_bounty-5Marduk I Amcybersecurity, cross-site-scripting, portswigger-lab, bug-bounty, stored-xss18-Feb-2024
9.2 Lab: Bypassing rate limits via race conditions | 2024https://cyberw1ng.medium.com/9-2-lab-bypassing-rate-limits-via-race-conditions-2024-533185d6d94e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, secuity, hacking18-Feb-2024
PortSwigger — LAB-6 Remote code execution via polyglot web shell upload (Bug Bounty Prep)[by…https://infosecwriteups.com/portswigger-lab-6-remote-code-execution-via-polyglot-web-shell-upload-bug-bounty-prep-by-b426b0d50d39?source=rss------bug_bounty-5dollarboysushilcybersecurity, ethical-hacking, portswigger, web-app-security, bug-bounty18-Feb-2024
Open a link, and your Wi-Fi password is changed.https://medium.com/@deadoverflow/open-a-link-and-your-wi-fi-password-is-changed-7c47ccb4d095?source=rss------bug_bounty-5Imad Husanovichacking, cybersecurity, programming, bug-bounty, bug-bounty-tips18-Feb-2024
Detecting and exploiting limit overrun race conditions with Turbo Intruderhttps://cyberw1ng.medium.com/detecting-and-exploiting-limit-overrun-race-conditions-with-turbo-intruder-424bed12f2cf?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, hacking, security, bug-bounty17-Feb-2024
0Day SQLi Discovered during internal PenTestinghttps://medium.com/@SentinelXTeam/0day-sqli-discovered-during-internal-pentesting-0d00db3147c5?source=rss------bug_bounty-5SentinelX Researchbug-bounty, exploitation, cybersecurity, bug-bounty-tips, 0day17-Feb-2024
Mengintip database Website Bimbel di Indonesiahttps://uzet.medium.com/mengintip-database-website-bimbel-di-indonesia-1d3620ce438d?source=rss------bug_bounty-5Timotius Benhurpentesting, web-security, bug-bounty-tips, bug-bounty17-Feb-2024
How much longer must we dwell, with W-S-D-L?https://medium.com/illumination/how-much-longer-must-we-dwell-with-w-s-d-l-789eb659b77a?source=rss------bug_bounty-5Quintius Walkerbug-bounty, poetry, web-development, creative-writing, hacking17-Feb-2024
PortSwigger — LAB -4 Web shell upload via extension blacklist bypass (Bug Bounty Prep)[by…https://infosecwriteups.com/portswigger-lab-4-web-shell-upload-via-extension-blacklist-bypass-bug-bounty-prep-by-7c6233320f81?source=rss------bug_bounty-5dollarboysushilweb-app-security, portswigger, cybersecurity, bug-bounty, file-upload-vulnerability17-Feb-2024
weird bug using fake id via photoshop worth $***https://hamzadzworm.medium.com/weird-bug-using-fake-id-via-photoshop-worth-1fe5dbd04497?source=rss------bug_bounty-5Hamzadzwormbugbounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips, infosec17-Feb-2024
PortSwigger — LAB-5 Web shell upload via obfuscated file extension (Bug Bounty Prep)[by…https://dollarboysushil.medium.com/portswigger-lab-5-web-shell-upload-via-obfuscated-file-extension-bug-bounty-prep-by-5232dd3fb8fa?source=rss------bug_bounty-5dollarboysushilportswigger, cybersecurity, bug-bounty, ethical-hacking, web-app-security17-Feb-2024
Harnessing Microsoft Copilot as a Cybersecurity Advisorhttps://infosecwriteups.com/harnessing-microsoft-copilot-as-a-cybersecurity-advisor-518c46f697b3?source=rss------bug_bounty-5Paritoshmicrosoft, cybersecurity, bug-bounty, information-security, microsoft-copilot17-Feb-2024
Demystifying HTTP Request Smuggling: Detection to Exploitationhttps://roadtooscp.medium.com/demystifying-http-request-smuggling-detection-to-exploitation-d6bc7beed73e?source=rss------bug_bounty-5RoadToOSCPbug-bounty, owasp, bug-bounty-tips, pentesting, ethical-hacking17-Feb-2024
GitHub Recon- For Finding Sensitive Informationhttps://medium.com/@pawan_rawat/github-recon-for-finding-sensitive-information-aecdeb9c9dce?source=rss------bug_bounty-5Pawanrawatgithub-recon, bug-bounty-writeup, sensitive-data-exposure, bug-bounty-tips, bug-bounty17-Feb-2024
How do I automate my recon — Part Onehttps://medium.com/@aliraah/how-do-i-automate-my-recon-part-one-fd17dc8717c8?source=rss------bug_bounty-5Alipython, reconnaissance, automation, bash, bug-bounty17-Feb-2024
The Unseen 0-Click Threat Lurking in Your Inbox: CVE-2024–21413 Explainedhttps://systemweakness.com/the-unseen-0-click-threat-lurking-in-your-inbox-cve-2024-21413-explained-a8bd9ec0c46d?source=rss------bug_bounty-5ElNiakvulnerability, cybersecurity, microsoft-outlook, bug-bounty, rce17-Feb-2024
Hacking the Dutch Governmenthttps://medium.com/@jackson_80133/hacking-the-dutch-government-153678a191c0?source=rss------bug_bounty-5Jacksoncybersecurity, hacking, bug-bounty17-Feb-2024
MonikerLink Meltdown: Demystifying CVE-2024–21413 and Dodging Outlook’s Booby Traphttps://medium.com/@chinamayjoshi/monikerlink-meltdown-demystifying-cve-2024-21413-and-dodging-outlooks-booby-trap-43ba52c4b458?source=rss------bug_bounty-5The Cyber Tornadoinformation-security, microsoft, vapt, cybersecurity, bug-bounty17-Feb-2024
The Importance of Sharing Cybersecurity Knowledge on Reading Platformshttps://medium.com/@paritoshblogs/the-importance-of-sharing-cybersecurity-knowledge-on-reading-platforms-34a474a51522?source=rss------bug_bounty-5Paritoshinformation-security, infosec, hacking, cybersecurity, bug-bounty16-Feb-2024
Researcher’s Experience — Bug Bounty Programhttps://medium.com/@_crac/researchers-experience-bug-bounty-program-7d588c363fa6?source=rss------bug_bounty-5CRAC Learningbug-bounty, security, research, cybersecurity16-Feb-2024
GitHub Enterprise Server vulnshttps://irsl.medium.com/github-enterprise-server-vulns-26889987919c?source=rss------bug_bounty-5Imre Radsecurity, github, bug-bounty16-Feb-2024
Windows Defender SmartScreen Vulnerability: CVE-2024–21412 Exposes Financial Traders to…https://systemweakness.com/windows-defender-smartscreen-vulnerability-cve-2024-21412-exposes-financial-traders-to-a03ff476a293?source=rss------bug_bounty-5ElNiakwindows, bug-bounty, cybersecurity, vulnerability, malware16-Feb-2024
Mastering Cross-Site Scripting (XSS): Risks, Detection, and Preventionhttps://medium.com/@elniak/mastering-cross-site-scripting-xss-risks-detection-and-prevention-3cee199d2fff?source=rss------bug_bounty-5ElNiakcybersecurity, xss-attack, bug-bounty, programming, xss-vulnerability16-Feb-2024
Mastering SQLMap: A Comprehensive Guide for Cybersecurity Enthusiastshttps://medium.com/@elniak/mastering-sqlmap-a-comprehensive-guide-for-cybersecurity-enthusiasts-4e224b42396a?source=rss------bug_bounty-5ElNiaksqlmap, programming, cybersecurity, sql-injection, bug-bounty16-Feb-2024
Guide: ProjectDiscovery’s cvemap to nuclei template mapping.https://medium.com/@matejsmycka/guide-projectdiscoverys-cvemap-to-nuclei-template-mapping-5535c2934811?source=rss------bug_bounty-5Matejsmyckacybersecurity, bug-bounty, bash, penetration-testing16-Feb-2024
My First Account Takeover Via Password Reset Poisoninghttps://medium.com/@cyberpro151/my-first-account-takeover-via-password-reset-poisoning-7c35baadfbe3?source=rss------bug_bounty-5cyberpro151web-hacking, bug-bounty, pentesting, account-takeover, offensive-security16-Feb-2024
Mastering Manual SQL Injection: A Comprehensive Guide for Cybersecurity Enthusiastshttps://systemweakness.com/mastering-manual-sql-injection-a-comprehensive-guide-for-cybersecurity-enthusiasts-4541d46b42a7?source=rss------bug_bounty-5ElNiaksql-injection, cybersecurity, sql, programming, bug-bounty16-Feb-2024
The Posemesh Avalanche C-Chain Bug Bounty Programhttps://medium.com/posemesh/the-posemesh-avalanche-c-chain-bug-bounty-program-b34c01da1277?source=rss------bug_bounty-5Auki Labsbug-bounty, auki-labs, avalanche, posemesh, blockchain16-Feb-2024
Mastering CSRF: A Comprehensive Guide to Cross-Site Request Forgeryhttps://medium.com/@elniak/mastering-csrf-a-comprehensive-guide-to-cross-site-request-forgery-a380aca0eab0?source=rss------bug_bounty-5ElNiakweb-development, programming, csrf, cybersecurity, bug-bounty16-Feb-2024
8.6 Lab: Remote code execution via polyglot web shell upload | 2024https://cyberw1ng.medium.com/8-6-lab-remote-code-execution-via-polyglot-web-shell-upload-2024-5646ef951c0b?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, security, careers, bug-bounty16-Feb-2024
how i made easy information disclosure bugs in graphqlhttps://medium.com/@eyaalgabay/how-i-made-easy-information-disclosure-bugs-in-graphql-82284b05d7b4?source=rss------bug_bounty-5Eyaalgabaypenetration-testing, bug-bounty, bug-bounty-tips, web-security, hacking16-Feb-2024
Bypassing Captchahttps://medium.com/@eyaalgabay/bypassing-captcha-29a77c768469?source=rss------bug_bounty-5Eyaalgabaybug-bounty, web-security, penetration-testing, hacking, bug-bounty-tips15-Feb-2024
The Rise of Large Language Models and the Evolution of Programming: A Thesis on Prompt…https://analystlevy.medium.com/the-rise-of-large-language-models-and-the-evolution-of-programming-a-thesis-on-prompt-3ab81578408a?source=rss------bug_bounty-5Asuquo Levy Eyo Jrcybercrime, cryptography, bug-bounty, cyber-security-awareness, black-hat-202115-Feb-2024
The Game-Changing Magic of RCE [Cybersecurity]https://medium.com/@paritoshblogs/the-game-changing-magic-of-rce-cybersecurity-6e1468425e06?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, cybersecurity, information-security, rce15-Feb-2024
Account Takeover [It Looked Secure at First]https://cristivlad.medium.com/account-takeover-it-looked-secure-at-first-f14a31cb7f5c?source=rss------bug_bounty-5Cristi Vladcybersecurity, bug-bounty, penetration-testing, infosec, pentesting15-Feb-2024
Github Dorking: A Beginner’s Guide to Finding Secrets in Repositorieshttps://medium.com/@elniak/github-dorking-a-beginners-guide-to-finding-secrets-in-repositories-2d4d36287913?source=rss------bug_bounty-5ElNiakthreat-intelligence, github, cybersecurity, github-dorking, bug-bounty15-Feb-2024
8.5 Lab: Web shell upload via obfuscated file extension | 2024https://cyberw1ng.medium.com/8-5-lab-web-shell-upload-via-obfuscated-file-extension-2024-0cb8b3e1e537?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, security, bug-bounty, cybersecurity15-Feb-2024
Portswigger — Command Injection All Labs Walkthrough(Bug Bounty Prep)[by dollarboysushil]https://infosecwriteups.com/portswigger-command-injection-all-labs-walkthrough-bug-bounty-prep-by-dollarboysushil-e836421212cf?source=rss------bug_bounty-5dollarboysushilcybersecurity, command-injection, bug-bounty, ethical-hacking, portswigger15-Feb-2024
HTML Injection in Mail BOXhttps://codingninjablogs.tech/html-injection-in-mail-box-c963a8c66d69?source=rss------bug_bounty-5#!/Subhankarhtml-injection, hackerone, hacking, bug-bounty15-Feb-2024
Edu-Hack: How a Simple Request Compromised Entire Classrooms Usershttps://uchihamrx.medium.com/edu-hack-how-a-simple-request-compromised-entire-classrooms-users-7cefc1225654?source=rss------bug_bounty-5Abdelrhman Aminbug-bounty-tips, cybersecurity, web-security, bug-bounty, penetration-testing15-Feb-2024
Behind the Screen: The Forgotten Password Feature That Almost Failed Ushttps://medium.com/@elcapitano7x/behind-the-screen-the-forgotten-password-feature-that-almost-failed-us-a3e67e103cc5?source=rss------bug_bounty-5Elcapitanobugswagger, bugsbounty, penetration-testing, information-security, bug-bounty15-Feb-2024
The effectiveness of employing BChecks to uncover significant secretshttps://xelkomy.medium.com/the-effectiveness-of-employing-bchecks-to-uncover-significant-secrets-788e15a8a952?source=rss------bug_bounty-5Khaled Mohamedsecrets, bug-bounty, bugswagger, cybersecurity, penetration-testing15-Feb-2024
Magic No More: Exposing Flaws in Magic Link Authenticationhttps://medium.com/@elcapitano7x/magic-no-more-exposing-flaws-in-magic-link-authentication-7cede724382f?source=rss------bug_bounty-5Elcapitanobug-bounty, penetration-testing, cybersecurity, bugswagger, information-security15-Feb-2024
Stored XSS with HTTP only Session Cookieshttps://medium.com/techiepedia/stored-xss-with-http-only-session-cookies-32e5eb121384?source=rss------bug_bounty-5Jessprogramming, website, security, web-development, bug-bounty15-Feb-2024
CVE-2024–24142 Exploitation & PoChttps://medium.com/@SentinelXTeam/cve-2024-24142-exploitation-poc-045021596804?source=rss------bug_bounty-5SentinelX Researchpenetration-testing, cybersecurity, hacking, bug-bounty, bug-bounty-tips15-Feb-2024
open redirect using homographshttps://medium.com/@eyaalgabay/open-redirect-using-homographs-ab2c21513b45?source=rss------bug_bounty-5Eyaalgabaybug-bounty-tips, penetration-testing, bug-bounty, open-redirect, web-hacking14-Feb-2024
Exploiting Cross-Site Scripting to Steal Cookieshttps://medium.com/@marduk.i.am/exploiting-cross-site-scripting-to-steal-cookies-3d14c8b42fae?source=rss------bug_bounty-5Marduk I Amcross-site-scripting, cybersecurity, portswigger-lab, xss-attack, bug-bounty14-Feb-2024
THIS IS HOW I FOUND FOUR VULNERABLILITY IN 45 MINUTEShttps://medium.com/@mrraghavop12/this-is-how-i-found-four-vulnerablility-in-45-minutes-050144a58161?source=rss------bug_bounty-5Ethical Raghavbug-bounty, blockchain, technology, bug-bounty-tips, cybersecurity14-Feb-2024
Portswigger — Path Traversal All Labs Walkthrough(Bug Bounty Prep)[by dollarboysushil]https://infosecwriteups.com/portswigger-path-traversal-all-labs-walkthrough-bug-bounty-prep-by-dollarboysushil-85ab64d6106a?source=rss------bug_bounty-5dollarboysushilbug-bounty, web-security, path-traversal, ethical-hacking, portswigger14-Feb-2024
How I was able to hack my college’s website with number of IDORs and CORS Misconfigurationshttps://medium.com/@cyberpro151/how-i-was-able-to-hack-my-colleges-website-with-number-of-idors-and-cors-misconfigurations-0f880d308b79?source=rss------bug_bounty-5cyberpro151hacking, web-hacking, bug-bounty, idor14-Feb-2024
GMX V1 Bug Disclosure.https://morphex.medium.com/gmx-v1-bug-disclosure-71e4ad9a918e?source=rss------bug_bounty-5Morphexdefi, bug-bounty, cryptocurrency14-Feb-2024
8.4 Lab: Web shell upload via extension blacklist bypass | 2024https://cyberw1ng.medium.com/8-4-lab-web-shell-upload-via-extension-blacklist-bypass-2024-2010bcaa283c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, security, hacking, bug-bounty, cybersecurity14-Feb-2024
A Journey through Reconnaissance to MySQL Server Access in the Gaming Realmhttps://medium.com/@daniel1895/a-journey-through-reconnaissance-to-mysql-server-access-in-the-gaming-realm-ce6a6f4eb21c?source=rss------bug_bounty-5Daniel1895fuzzing, bug-bounty, reconnaissance, bug-bounty-tips, hacking14-Feb-2024
The Hidden Dangers Lurking in NTLM Authentication (Cybersecurity)https://medium.com/@paritoshblogs/the-hidden-dangers-lurking-in-ntlm-authentication-cybersecurity-17fc4a02dbf9?source=rss------bug_bounty-5Paritoshntlm, hacking, cybersecurity, authentication, bug-bounty13-Feb-2024
Introducing M:N Hybrid Threading in Go: Unveiling the Power of Goroutineshttps://medium.com/@rezauditore/introducing-m-n-hybrid-threading-in-go-unveiling-the-power-of-goroutines-8f2bd31abc84?source=rss------bug_bounty-5rezauditoreprogramming, tutorial, multithreading, bug-bounty, golang13-Feb-2024
Best tools you must have to look at for penetration testing.https://medium.com/@coderjack0/best-tools-you-must-have-to-look-at-for-penetration-testing-5780ad9e7ddf?source=rss------bug_bounty-5Bugz_Bunnepentesting, hacking, cybersecurity, cybe, bug-bounty13-Feb-2024
Memory vulnerabilities: Buffer and integer overflows, memory leak, and pointer dereferencinghttps://medium.com/@forensics.000/memory-vulnerabilities-buffer-and-integer-overflows-memory-leak-and-pointer-dereferencing-b0e7cbbc0cd3?source=rss------bug_bounty-5forensicsbuffer-overflow, bug-bounty, null-pointer-dereference, memory-improvement13-Feb-2024
Cross-site and server-side request forgeries (CSRF and SSRF)https://medium.com/@forensics.000/cross-site-and-server-side-request-forgeries-csrf-and-ssrf-b91911e42e44?source=rss------bug_bounty-5forensicspenetration-testing, ssrf, csrf, bug-bounty, hackerone13-Feb-2024
Cross-site scriptinghttps://medium.com/@forensics.000/cross-site-scripting-706293b1ad8d?source=rss------bug_bounty-5forensicsweb-penetration-testing, ctf-writeup, hackerone, xss-attack, bug-bounty13-Feb-2024
Program Misuse and Privilege Escalation — PWN COLLEGEhttps://medium.com/illumination/program-misuse-and-privilege-escalation-pwn-college-9d5dbfd9cb3c?source=rss------bug_bounty-5B A T M A Npwn, pentesting, challenge, hacking, bug-bounty13-Feb-2024
Unauthenticated Jira CVEs Check List — Bug Tuesdayhttps://medium.com/@kerstan/unauthenticated-jira-cves-check-list-bug-tuesday-465b16266349?source=rss------bug_bounty-5kerstansecurity, cybersecurity, technology, information-security, bug-bounty13-Feb-2024
Email Triggering Leads to Rs1000 Amazon voucherhttps://medium.com/@bug.hun3r/email-triggering-leads-to-rs1000-amazon-voucher-7b9447a0b820?source=rss------bug_bounty-5mo9kHu93rbug-hunting, web-application-security, cybersecurity, bug-bounty, hacking13-Feb-2024
curity8.3 Lab: Web shell upload via path traversal | 2024https://cyberw1ng.medium.com/curity8-3-lab-web-shell-upload-via-path-traversal-2024-0c38695963a7?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, hacking, cybersecurity, careers, bug-bounty13-Feb-2024
Program Misuse and Privilege Escalation — PWN COLLEGEhttps://batm4n.medium.com/program-misuse-and-privilege-escalation-pwn-college-9d5dbfd9cb3c?source=rss------bug_bounty-5B A T M A Npwn, pentesting, challenge, hacking, bug-bounty13-Feb-2024
Comprehensive Guide to Pentesting Methodology: From Zero to Herohttps://medium.com/@elniak/comprehensive-guide-to-pentesting-methodology-from-zero-to-hero-78c94711d130?source=rss------bug_bounty-5ElNiakbug-bounty, technology, cybersecurity, penetration-testing, pentesting13-Feb-2024
Mastering Nmap: A Comprehensive Guide for Network Discovery and Security Auditinghttps://medium.com/@elniak/mastering-nmap-a-comprehensive-guide-for-network-discovery-and-security-auditing-29fa0c669ef7?source=rss------bug_bounty-5ElNiakcybersecurity, penetration-testing, bug-bounty, networking, nmap13-Feb-2024
Program Misuse and Privilege Escalation — PWN COLLEGEhttps://medium.com/illuminations-mirror/program-misuse-and-privilege-escalation-pwn-college-9d5dbfd9cb3c?source=rss------bug_bounty-5B A T M A Npwn, pentesting, challenge, hacking, bug-bounty13-Feb-2024
How I Found a Reflected XSS at NASAhttps://medium.com/@Jh0n_0x/how-i-found-a-reflected-xss-at-nasa-cc8b7584dee7?source=rss------bug_bounty-5Jh0n_0xpenetration-testing, securit, bugbounty-tips, bug-bounty, security-services12-Feb-2024
Most easiest bug in login page : Session Fixationhttps://medium.com/@mrraghavop12/most-easiest-bug-in-login-page-session-fixation-3b07eb396aab?source=rss------bug_bounty-5Ethical Raghavcybersecurity, blockchain, ethical-hacking, bug-bounty, technology12-Feb-2024
IDOR (Insecure direct object reference) pada Website Jual Beli Indonesiahttps://uzet.medium.com/idor-insecure-direct-object-reference-pada-website-jual-beli-indonesia-350e2f58755c?source=rss------bug_bounty-5Timotius Benhurwriteup, bug-bounty, idor12-Feb-2024
Webpages Have these Bugs, and can be EXPLOITED!!https://batm4n.medium.com/webpages-have-these-bugs-and-can-be-exploited-59e10dd94931?source=rss------bug_bounty-5B A T M A Nxss-vulnerability, hacking, penetration-testing, xss-attack, bug-bounty12-Feb-2024
Unraveling Three Critical Vulnerabilities in Atlassian Confluence: CVE-2023–22515, CVE-2023–22518…https://systemweakness.com/unraveling-three-critical-vulnerabilities-in-atlassian-confluence-cve-2023-22515-cve-2023-22518-071f58539142?source=rss------bug_bounty-5ElNiakvulnerability, exploitation, cybersecurity, atlassian, bug-bounty12-Feb-2024
Super Bowl and Cybersecurityhttps://medium.com/@paritoshblogs/super-bowl-and-cybersecurity-5a8c0097f1f7?source=rss------bug_bounty-5Paritoshbug-bounty, super-bowl, hacking, information-security, cybersecurity12-Feb-2024
Tow Senario To Pre Account TakeOverhttps://medium.com/@Hackoura001/tow-senario-to-pre-account-takeover-e437b772b0e2?source=rss------bug_bounty-5Ahmed Elhenybug-bounty-hunter, bug-bounty, hacking, bug-bounty-writeup, bugbounty-tips12-Feb-2024
7 Tingkatan IOC Dalam Investigasi Serangan Siberhttps://medium.com/@yasminramadini/7-tingkatan-ioc-dalam-investigasi-serangan-siber-107826a59a37?source=rss------bug_bounty-5Yasmin Ramadinibug-bounty, pyramid-of-pain, cybersecurity, cyber-security-awareness12-Feb-2024
Hack Stories: Hacking Hackers EP:1https://infosecwriteups.com/hack-stories-hacking-hackers-ep-1-ff4c3cfc09cc?source=rss------bug_bounty-5c0d3x27bug-bounty, hacking, cybersecurity, penetration-testing, software-development12-Feb-2024
Practical Guide to End-to-End Bug Reporting in Software Developmenthttps://medium.com/@niarsdet/practical-guide-to-end-to-end-bug-reporting-in-software-development-9d3e3e4ae8f2?source=rss------bug_bounty-5Niarbugs, issues, qa, bug-fixes, bug-bounty12-Feb-2024
How I Hacked the Dutch Government: Exploiting an Innocent Image for Remote Code Executionhttps://medium.com/@mukundbhuva/how-i-hacked-the-dutch-government-exploiting-an-innocent-image-for-remote-code-execution-df1fa936e46a?source=rss------bug_bounty-5Mukund Bhuvahacking, security, bug-bounty, information-security, cybersecurity12-Feb-2024
Understanding web applicationshttps://medium.com/@pentajbr/understanding-web-applications-ec5952eb1903?source=rss------bug_bounty-5Jbr AL-Otaibihacking, cybersecurity, bug-bounty, website, web-development12-Feb-2024
How I found a bug in Microsofthttps://nityanandjha18.medium.com/how-i-found-a-bug-in-microsoft-3b8524877a3c?source=rss------bug_bounty-5NITYA NAND JHAbug-bounty, cybersecurity, vulnerability12-Feb-2024
: Unveiling the Art of Breaching SSH Servers in Bug Bounties: A Dive into Cybersecurity Exploitshttps://medium.com/@bugspiderlee/unveiling-the-art-of-breaching-ssh-servers-in-bug-bounties-a-dive-into-cybersecurity-exploits-1b60c95c9075?source=rss------bug_bounty-5Pardon Mukoyibugbounty-tips, bug-bounty, bugbounty-writeup, cybersecurity12-Feb-2024
Extract & Scan SSL Certs for HeartBleed via CertGuard toolhttps://medium.com/@SentinelXTeam/extract-scan-ssl-certs-for-heartbleed-via-certguard-tool-06dfd891788a?source=rss------bug_bounty-5SentinelX Researchweb-development, bug-bounty-tips, ssl-certificate, cybersecurity, bug-bounty12-Feb-2024
Mastering Samba Exploitation: A Comprehensive Pentesting Guidehttps://medium.com/@elniak/mastering-samba-exploitation-a-comprehensive-pentesting-guide-016ae61c1031?source=rss------bug_bounty-5ElNiakcybersecurity, threat-intelligence, penetration-testing, samba, bug-bounty12-Feb-2024
Unveiling the World of Ethical Hacking: How Ethical Hackers Earn Moneyhttps://medium.com/@crawsecurity/unveiling-the-world-of-ethical-hacking-how-ethical-hackers-earn-money-939b7816debb?source=rss------bug_bounty-5crawsecurityethical-hacking, ways-to-earn-money-online, freelancing, bug-bounty, ethical-hacker11-Feb-2024
Online Password Cracking with THC-Hydra and Burp Suitehttps://medium.com/@0xalpraz/online-password-cracking-with-thc-hydra-and-burp-suite-31ec3019cead?source=rss------bug_bounty-50xClonazhacks, hacking, bug-bounty, cybersecurity11-Feb-2024
Getting Facebook Credentails Without Hackinghttps://medium.com/@0xalpraz/getting-facebook-credentails-without-hacking-e9c778e9e4ca?source=rss------bug_bounty-50xClonazbug-bounty, hacks, cybersecurity, hacking11-Feb-2024
Open Source Intelligence(OSINT), Part 4: Google Hacking to Find Unsecured Web Camshttps://medium.com/@0xalpraz/open-source-intelligence-osint-part-4-google-hacking-to-find-unsecured-web-cams-4493b08dd08f?source=rss------bug_bounty-50xClonazcybersecurity, hacks, hacker, hacking, bug-bounty11-Feb-2024
Open Source Intelligence (OSINT), Part 1: Mining Intelligence from Twitter (@mattgaetz)https://medium.com/@0xalpraz/open-source-intelligence-osint-part-1-mining-intelligence-from-twitter-mattgaetz-6bb71c3dae9b?source=rss------bug_bounty-50xClonazbug-bounty, cybersecurity, hacking, hacker, hacks11-Feb-2024
OSINT: Finding Email Passwords in Dumps with h8mailhttps://medium.com/@0xalpraz/osint-finding-email-passwords-in-dumps-with-h8mail-4fb8b80298d8?source=rss------bug_bounty-50xClonazbug-bounty, hacker, hacking, hacks, cybersecurity11-Feb-2024
Password Cracking: Creating Custom Password List with cupphttps://medium.com/master-hackers/password-cracking-creating-custom-password-list-with-cupp-167b7448b6c9?source=rss------bug_bounty-50xClonazcybersecurity, hacking, bug-bounty, hacker, hacks11-Feb-2024
Android Hacking: The libwebp Vulnerability (zero-day/zero-click)https://medium.com/master-hackers/android-hacking-the-libwebp-vulnerability-zero-day-zero-click-843279e0bb85?source=rss------bug_bounty-50xClonazhacks, hacking, hacker, cybersecurity, bug-bounty11-Feb-2024
Bug Bounty Hunting, Part 1: Getting Startedhttps://medium.com/master-hackers/bug-bounty-hunting-part-1-getting-started-f8c60e759738?source=rss------bug_bounty-50xClonazhacker, bug-bounty, hacking, cybersecurity11-Feb-2024
Preventing file execution in user-accessible directories by Portswigger | 2024https://cyberw1ng.medium.com/preventing-file-execution-in-user-accessible-directories-by-portswigger-2024-c30f1ef726b9?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, bug-bounty, security11-Feb-2024
IDOR(Insecure Direct Object Referece) Price Manipulation Through Encoded Url Parameterhttps://medium.com/@bry4nzheng/idor-insecure-direct-object-referece-price-manipulation-through-encoded-url-parameter-4232fa4758b0?source=rss------bug_bounty-5Bryan Zhengbug-bounty-writeup, bug-bounty, cybersecurity, penetration-testing11-Feb-2024
Signing up with Government and Military emailshttps://medium.com/@boogsta/signing-up-with-government-and-military-emails-4ebed8da5135?source=rss------bug_bounty-5Boogstabug-bounty-tips, cyber, cybersecurity, bug-bounty, hacking11-Feb-2024
IDOR(Insecure Direct Object Reference) Price Manipulation on Private Bug Bounty Programhttps://medium.com/@bry4nzheng/idor-insecure-direct-object-reference-price-manipulation-on-private-bug-bounty-program-2527431ffcfd?source=rss------bug_bounty-5Bryan Zhengbug-bounty-writeup, penetration-testing, bug-bounty, cybersecurity11-Feb-2024
Bug Bounty Programs: Unleashing the Force of Ethical Hackers to Strengthen Your Security Defenseshttps://medium.com/@pascal.o.anene/bug-bounty-programs-unleashing-the-force-of-ethical-hackers-to-strengthen-your-security-defenses-08506824e975?source=rss------bug_bounty-5Pascal Onyekachukwu Anenecybersecurity, security-engineering, bug-bounty11-Feb-2024
Almost 50% of web pages have this bug. Learn How it is exploited in the wildhttps://medium.com/@sreedeep200/almost-50-of-web-pages-have-this-bug-learn-how-it-is-exploited-in-the-wild-bfc591abdf8f?source=rss------bug_bounty-5Sreedeep cvjs, bug-bounty, xss-attack, hacking, dom11-Feb-2024
XSS in CMS / Blog sites bypassing HTML encoding and escaping.https://medium.com/@kannnannmk/xss-in-cms-blog-sites-bypassing-html-encoding-and-escaping-f61a720e6a02?source=rss------bug_bounty-5Neelamegha Kannan Spenetration-testing, cybersecurity, information-security, cyberattack, bug-bounty11-Feb-2024
From a customer to a ‘system owner’https://medium.com/@mmaulanaabdullah/from-a-customer-to-a-system-owner-ce4da3f6d56c?source=rss------bug_bounty-5M Maulana Abdullahapi-development, writeup, privilege-escalation, api, bug-bounty10-Feb-2024
Unlocking Creativity: TCS HackQuest S8 Unveiled - Round 1https://medium.com/@Dark_D3v1l/unlocking-creativity-tcs-hackquest-s8-unveiled-round-1-ffc02c753aaf?source=rss------bug_bounty-5Ravitejareverse-engineering, ctf, bug-bounty, hacking-tools, web-security10-Feb-2024
7.8 Lab: Referer-based access control | 2024https://cyberw1ng.medium.com/7-8-lab-referer-based-access-control-2024-ef0fa2eefbe0?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, security, bug-bounty, cybersecurity10-Feb-2024
Google Dorking: A Beginner’s Guide to Finding Vulnerabilitieshttps://medium.com/@elniak/google-dorking-a-beginners-guide-to-finding-vulnerabilities-815afedcaaec?source=rss------bug_bounty-5ElNiakthreat-intelligence, bug-bounty, google-dorking, cybersecurity, google10-Feb-2024
Web Security 101 : Cross-Site Scripting (XSS) Attackshttps://iaraoz.medium.com/web-security-101-cross-site-scripting-xss-attacks-5b6c6e8020c7?source=rss------bug_bounty-5Israel Aráoz Severichexss-attack, bug-bounty, cybersecurity, appsec09-Feb-2024
Securing Biggest Electronic Brand Worth Me My 2nd 4 fig. $2259 Bounty!https://medium.com/@manan_sanghvi/securing-biggest-electronic-brand-worth-me-my-2nd-4-fig-2259-bounty-a053d2053655?source=rss------bug_bounty-5Manan Sanghvibug-bounty, penetration-testing, web-application-security, ethical-hacking, idor-vulnerability09-Feb-2024
JSON CSRF in Microsoft Bing Maps Collectionshttps://infosecwriteups.com/json-csrf-in-microsoft-bing-maps-collections-74afc2b197d5?source=rss------bug_bounty-5Jayateertha Guruprasadbug-bounty-tips, microsoft, bug-bounty, infosec, cybersecurity09-Feb-2024
CVE-2024–24830: A Critical OpenObserve Vulnerability Exposedhttps://systemweakness.com/cve-2024-24830-a-critical-openobserve-vulnerability-exposed-7110ff223e49?source=rss------bug_bounty-5ElNiakbug-bounty, logs, vulnerability, cybersecurity, technology09-Feb-2024
Cyber Espionage Unveiled: The Dutch Defense Under Siege by Chinese Hackershttps://medium.com/@elniak/cyber-espionage-unveiled-the-dutch-defense-under-siege-by-chinese-hackers-2a7a5ffe99b6?source=rss------bug_bounty-5ElNiakmalware, chinese, bug-bounty, cyberattack, cybersecurity09-Feb-2024
CVE-2024–1207: A Deep Dive into WordPress Plugin Vulnerabilityhttps://systemweakness.com/cve-2024-1207-a-deep-dive-into-wordpress-plugin-vulnerability-3b12891813e6?source=rss------bug_bounty-5ElNiakbug-bounty, vulnerability, cybersecurity, wordpress, sql-injection09-Feb-2024
Cyber Espionage Unveiled: The Dutch Defense Under Siege by Chinese Hackershttps://systemweakness.com/cyber-espionage-unveiled-the-dutch-defense-under-siege-by-chinese-hackers-2a7a5ffe99b6?source=rss------bug_bounty-5ElNiakmalware, chinese, bug-bounty, cyberattack, cybersecurity09-Feb-2024
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Threehttps://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-three-cee1633de873?source=rss------bug_bounty-5Alipython, flask, bug-bounty, mongodb, reconnaissance09-Feb-2024
E: Package ‘libgtkglext1’ has no installation candidate | anydesk : Depends: libgtkglext1 but it is…https://medium.com/@sherlock297/e-package-libgtkglext1-has-no-installation-candidate-anydesk-depends-libgtkglext1-but-it-is-7eef2877f78d?source=rss------bug_bounty-5Ravindra Dagaleinformation-technology, bug-bounty, kali-linux, information-security, programming09-Feb-2024
7.7 Lab: Multi-step process with no access control on one step | 2024https://cyberw1ng.medium.com/7-7-lab-multi-step-process-with-no-access-control-on-one-step-2024-2b338dfd36ea?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, cybersecurity, bug-bounty, security09-Feb-2024
Beyond the Firewall: Finding a Stored XSS in Hacker101 CTFhttps://medium.com/@crashwire1/beyond-the-firewall-finding-a-stored-xss-in-hacker101-ctf-9b90df12e42e?source=rss------bug_bounty-5Crashwirexss-attack, cybersecurity, capture-the-flag, bug-bounty, hacking09-Feb-2024
Unlocking Your Potential: Elevating Your Bug Bounty Game**https://medium.com/@mrraghavop12/unlocking-your-potential-elevating-your-bug-bounty-game-5cbf22c4de00?source=rss------bug_bounty-5Ethical Raghavblockchain, bug-bounty, bug-bounty-tips, javascript, cybersecurity08-Feb-2024
Lenfi V2 to Begin Community-Driven Bug Bounty Program Nowhttps://medium.com/@lenfi/lenfi-v2-to-begin-community-driven-bug-bounty-program-now-c2d312203df2?source=rss------bug_bounty-5Lenfilending, cardano, defi, audit, bug-bounty08-Feb-2024
Chaining Subprober + Subfinder To Your Bug Bounty Recon.https://medium.com/@Ajakcybersecurity/chaining-subprober-subfinder-to-your-bug-bounty-recon-017151d1ffce?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, penetration-testing, hacking, cybersecurity08-Feb-2024
7.6 Lab: Method-based access control can be circumvented | 2024https://cyberw1ng.medium.com/7-6-lab-method-based-access-control-can-be-circumvented-2024-edb5df550a66?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, portswigger, cybersecurity, careers08-Feb-2024
Easy way to get privilege escalationhttps://medium.com/@Rzizah/easy-way-to-get-privilege-escalation-2c0a96862301?source=rss------bug_bounty-5Rzizahbug-bounty-tips, bug-bounty, bug-bounty-writeup, privilege-escalation08-Feb-2024
How I Find Open Redirect Bug — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-i-find-open-redirect-bug-bug-bounty-tuesday-40cc560c9cec?source=rss------bug_bounty-5kerstancybersecurity, bug-bounty, technology, security, information-security07-Feb-2024
Web3 Security: In-Depthhttps://medium.com/coinmonks/web3-security-in-depth-e102fb262a3a?source=rss------bug_bounty-5Officer's Notesbug-bounty, blockchain, smart-contracts, solidity, web307-Feb-2024
My first bug | Html injection|https://medium.com/@pandeyrishu621/my-first-bug-html-injection-82bbad239934?source=rss------bug_bounty-5Pandeyrishucybersecurity, bug-bounty, penetration-testing, technology, bug-bounty-tips07-Feb-2024
Revealing a Security Snag: Uncovering Sensitive Data Exposure in an Apple Applicationhttps://medium.com/@jazdprince/revealing-a-security-snag-uncovering-sensitive-data-exposure-in-an-apple-application-c93da97cae0d?source=rss------bug_bounty-5JzeeRxbug-bounty, bug-hunting, cybersecurity, apple-security, apple07-Feb-2024
7.5 Lab: URL-based access control can be circumvented | 2024https://cyberw1ng.medium.com/7-5-lab-url-based-access-control-can-be-circumvented-2024-f101542e9402?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, hacking, cybersecurity, careers, bug-bounty07-Feb-2024
I have hacked around 300 website in 1 Monthhttps://systemweakness.com/i-have-hacked-around-300-website-in-1-month-30417030560b?source=rss------bug_bounty-5Imran Niazbug-bounty, hacking, web-development, python-programming, cybersecurity07-Feb-2024
Rate Limiting: What It Is And Why It Matters in Bug Bountyhttps://infosecwriteups.com/rate-limiting-what-it-is-and-why-it-matters-in-bug-bounty-b0d2ce574049?source=rss------bug_bounty-5Alpbug-bounty-tips, bug-bounty, hackerone07-Feb-2024
How To Get Started With LLM Hacking? — A Beginner’s Guidehttps://medium.com/@hetisdemerckx/how-to-get-started-with-llm-hacking-a-beginners-guide-273af158b4b0?source=rss------bug_bounty-5Yannick Merckxbug-bounty, ai, hacking, llm-hacking, llm07-Feb-2024
My first bug | Html injection|https://systemweakness.com/my-first-bug-html-injection-82bbad239934?source=rss------bug_bounty-5Pandeyrishucybersecurity, bug-bounty, penetration-testing, technology, bug-bounty-tips07-Feb-2024
Enhancing Network Security: Best Practices and Strategieshttps://medium.com/@paritoshblogs/enhancing-network-security-best-practices-and-strategies-6fec2ef3f397?source=rss------bug_bounty-5Paritoshhacking, programming, bug-bounty, information-security, cybersecurity06-Feb-2024
Tumblr Subdomain Takeoverhttps://infosecwriteups.com/tumblr-subdomain-takeover-55f9cb494d65?source=rss------bug_bounty-5Scott Lindhwhite-hat-hacker, bug-bounty, hacker, subdomain-takeover, subdomains-enumeration06-Feb-2024
Harnessing Concurrency in Go: Exploring Asynchronous Executionhttps://medium.com/@rezauditore/harnessing-concurrency-in-go-exploring-asynchronous-execution-4134897d66a6?source=rss------bug_bounty-5rezauditoregolang, programming, bug-bounty, tutorial, hunting06-Feb-2024
A Deep Dive into FastAPI’s Security Vulnerability: CVE-2024–24762https://systemweakness.com/a-deep-dive-into-fastapis-security-vulnerability-cve-2024-24762-4ab6bb64644c?source=rss------bug_bounty-5ElNiakcybersecurity, programming, bug-bounty, fastapi, vulnerability06-Feb-2024
ALWAYS test 404 Not Found in Bug Bounties!https://medium.com/@mares.viktor/always-test-404-not-found-in-bug-bounties-2be47801b4c0?source=rss------bug_bounty-5Viktor Marescybersecurity, web-development, bug-bounty, penetration-testing, hacking06-Feb-2024
CVE-2024-23222: Apple WebKit’s Zero-Day Vulnerabilityhttps://medium.com/@elniak/cve-2024-23222-apple-webkits-zero-day-vulnerability-83109de9ddee?source=rss------bug_bounty-5ElNiakcybersecurity, vulnerability, apple, technology, bug-bounty06-Feb-2024
Symlink Sabotage: ZIPping Through Web Security. (LFI Lab)https://medium.com/@josh.beck2006/symlink-sabotage-zipping-through-web-security-lfi-lab-ca20e2d30c8d?source=rss------bug_bounty-5Josh Beckpenetration-testing, cybersecurity, ctf-writeup, bug-bounty06-Feb-2024
Unveiling CVE-2024–0953: Firefox iOS Open Redirect Vulnerabilityhttps://lohigowda.medium.com/unveiling-cve-2024-0953-firefox-ios-open-redirect-vulnerability-57533efb4cf4?source=rss------bug_bounty-5Lohith Gowda Mapplication-security, bug-bounty, firefox, ios, infosec06-Feb-2024
Understanding Ransomwarehttps://medium.com/@paritoshblogs/understanding-ransomware-aa45e2c43bbb?source=rss------bug_bounty-5Paritoshransomware, bug-bounty, cybersecurity, hacking, information-security05-Feb-2024
Urgent Security Alert: Microsoft Edge Vulnerabilities Exposed — Protect Your Data Now!https://medium.com/@elniak/urgent-security-alert-microsoft-edge-vulnerabilities-exposed-protect-your-data-now-bd7cd8b616dd?source=rss------bug_bounty-5ElNiakprivilege-escalation, cybersecurity, microsoft, bug-bounty, vulnerability05-Feb-2024
SSRF on a Headless Browser Becomes Critical!https://medium.com/@Nightbloodz/ssrf-on-a-headless-browser-becomes-critical-c08daaa1017e?source=rss------bug_bounty-5Alvaro Baladacybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty, cyber-security-awareness05-Feb-2024
IoT Devices Vulnerabilities Disclosed: BugStrike’s IoT Security Suitehttps://blog.bugstrike.io/iot-devices-vulnerabilities-disclosed-bugstrikes-iot-security-suite-4f3b7d907829?source=rss------bug_bounty-5BugStrike Teambugstrike, iot-security, bug-bounty, cybersecurity, iot05-Feb-2024
Unveiling the XSS Threats: Understanding and Defending Against Cross-Site Scriptinghttps://blog.bugstrike.io/unveiling-the-xss-threats-understanding-and-defending-against-cross-site-scripting-508e914367f4?source=rss------bug_bounty-5BugStrike Teambugsbounty, cybersecurity, bugstrike, xss-attack, bug-bounty05-Feb-2024
Broken access control resulting from platform misconfiguration | 2024https://cyberw1ng.medium.com/broken-access-control-resulting-from-platform-misconfiguration-2024-bc330363278c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, hacking, security05-Feb-2024
Euler Is So Back: Prizewinners and Educate Series Summaryhttps://www.blog.encode.club/euler-is-so-back-bounty-winners-and-educate-series-summary-6ea3de46b569?source=rss------bug_bounty-5Vanessa Losiceuler, euler-finance, bug-bounty, euler-educate, encode-club05-Feb-2024
How I got RCE in one of Bugcrowd's Public Programshttps://medium.com/@yousefmoh15/how-i-got-rce-in-one-of-bugcrowds-public-programs-5725c8dc46ce?source=rss------bug_bounty-5Yousef Mohamed Elsaidcybersecurity, bugcrowd, bug-bounty, rce, remote-code-execution05-Feb-2024
Every Cybersecurity Beginner’s Nightmare — You need to Read thishttps://medium.com/@majameeljameey/every-cybersecurity-beginners-nightmare-you-need-to-read-this-fc1b69e5dded?source=rss------bug_bounty-5MOHD ABDUL JAMEELpenetration-testing, bug-bounty, roadmaps, ethical-hacking, cybersecurity05-Feb-2024
Reflected XSS into a Template Literal with Angle Brackets, Single, Double Quotes, Backslash, and…https://medium.com/@marduk.i.am/reflected-xss-into-a-template-literal-with-angle-brackets-single-double-quotes-backslash-and-d5cf41f25b02?source=rss------bug_bounty-5Marduk I Ambug-bounty, portswigger-lab, reflected-xss, cross-site-scripting, cybersecurity05-Feb-2024
Skyfall — HackTheBox Seasonal Machine Simple Writeup by Karthikeyan Nagaraj | 2024https://infosecwriteups.com/skyfall-hackthebox-seasonal-machine-simple-writeup-by-karthikeyan-nagaraj-2024-d76fdaaba116?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, hackthebox-writeup, hackthebox, bug-bounty05-Feb-2024
This will change the way you hunt for bugs forever.https://medium.com/@deadoverflow/this-will-change-the-way-you-hunt-for-bugs-forever-6111f59b4e8b?source=rss------bug_bounty-5Imad Husanovichacking, cybersecurity, bug-bounty, programming, bug-bounty-tips04-Feb-2024
the Dark Art of NTLM Relay Attackshttps://medium.com/@paritoshblogs/the-dark-art-of-ntlm-relay-attacks-5a55cfb95b37?source=rss------bug_bounty-5Paritoshcybersecurity, hacking, ntlm-relay, active-directory, bug-bounty04-Feb-2024
The UI Slip I Hit 750$: UI Manipulation Leading to Unauthorized Permission Changeshttps://medium.com/@a13h1/the-ui-slip-i-hit-750-ui-manipulation-leading-to-unauthorized-permission-changes-d65621d8dd96?source=rss------bug_bounty-5Abhi Sharmauser-interface, hacking, programming, bug-bounty, cybersecurity04-Feb-2024
How I Hacked My College’s Sitehttps://infosecwriteups.com/how-i-hacked-my-colleges-site-26ae1ab872e4?source=rss------bug_bounty-5Rajneesh Kumar Aryabug-bounty, web-application-security, ethical-hacking, hacked, cybersecurity04-Feb-2024
Running a MITM on a Google Play App | Fintech Bug Bounty — Part 3https://0x4kd.medium.com/running-a-mitm-on-a-google-play-app-fintech-bug-bounty-part-3-82ebdd852d07?source=rss------bug_bounty-50x4KDbug-bounty, infosec, bounty-hunter, bug-bounty-tips, security04-Feb-2024
Certifications for bug bounty huntershttps://medium.com/@notahades/certifications-for-bug-bounty-hunters-4200c6a58c3c?source=rss------bug_bounty-5Deshahacking, certification, penetration-testing, bug-bounty04-Feb-2024
Hacking tools to use in 2024https://medium.com/@notahades/hacking-tools-to-use-in-2024-9dd47c126ef4?source=rss------bug_bounty-5Deshait-security, bug-bounty, hacking, penetration-testing, security04-Feb-2024
Tutorial: Shellcode Injection when the buffer is smallhttps://medium.com/@elniak/tutorial-shellcode-injection-when-the-buffer-is-small-ee3a29dcb955?source=rss------bug_bounty-5ElNiakbug-bounty, tutorial, hacking, shellcode, cybersecurity04-Feb-2024
TryHackMe | Bounty Hacker Walkthroughhttps://medium.com/@utsavadhikari99/tryhackme-bounty-hacker-walkthrough-eb7d9de074e3?source=rss------bug_bounty-5Utsavadhikaribug-bounty, bugs, linux, cybersecurity, computer-science04-Feb-2024
Stored XSS into ‘onclick’ Event with Angle Brackets and Double Quotes HTML-Encoded and Single…https://medium.com/@marduk.i.am/stored-xss-into-onclick-event-with-angle-brackets-and-double-quotes-html-encoded-and-single-002848f8deb1?source=rss------bug_bounty-5Marduk I Amportswigger-lab, cybersecurity, stored-xss, bug-bounty, cross-site-scripting04-Feb-2024
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Twohttps://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-two-468405eb3520?source=rss------bug_bounty-5Alidatabse, reconnaissance, bug-bounty, python, chatgpt04-Feb-2024
6.5 Lab: Information disclosure in version control history | 2024https://cyberw1ng.medium.com/6-5-lab-information-disclosure-in-version-control-history-2024-f886c7337cb7?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, careers, cybersecurity, bug-bounty, hacking04-Feb-2024
How to send WhatsApp Message automatically using python for impress someonehttps://rajput623929.medium.com/how-to-send-whatsapp-message-automatically-using-python-for-impress-someone-9c577664faaa?source=rss------bug_bounty-5Mr.Horbiohacking, automation, bug-bounty, cybersecurity, python03-Feb-2024
IDOR Pada Website Jual Beli Indonesiahttps://uzet.medium.com/idor-pada-website-jual-beli-indonesia-e4842bad515a?source=rss------bug_bounty-5Timotius Benhurbug-bounty, writeup, cyber-security-awareness, bugs03-Feb-2024
Zero-Day: Navigating the Storm of CVE-2024–21893 in Ivanti Productshttps://systemweakness.com/zero-day-navigating-the-storm-of-cve-2024-21893-in-ivanti-products-3b27078377e2?source=rss------bug_bounty-5ElNiakbug-bounty, penetration-testing, ivanti, cybersecurity, ssrf03-Feb-2024
Vulnerable WordPress January 2024 (Imadaddin Nasimi)https://medium.com/@onhexgroup/vulnerable-wordpress-january-2024-imadaddin-nasimi-09f163d473db?source=rss------bug_bounty-5Onhexgroupinfosec, bug-bounty, exploit, cybersecurity, wordpress03-Feb-2024
Title: Unveiling the Trio: Idor,Account,Takeover And Account Enumerationhttps://medium.com/@mrraghavop12/title-unveiling-the-trio-idor-account-takeover-and-account-enumeration-cad7f7ca671f?source=rss------bug_bounty-5Ethical Raghavbug-bounty, blockchain, technology, cybersecurity, data-science03-Feb-2024
Building a Robust Security Architecturehttps://medium.com/@paritoshblogs/building-a-robust-security-architecture-10d01b22380d?source=rss------bug_bounty-5Paritosharchitecture, bug-bounty, information-security, cybersecurity, security-architecture03-Feb-2024
A Story of an IDOR bug I found on a SaaS applicationhttps://medium.com/@duncanochieng682/a-story-of-an-idor-bug-i-found-on-a-saas-application-28fa65907bfd?source=rss------bug_bounty-5JateloCybersecaccess-control, web-application-security, bug-bounty-tips, idor-vulnerability, bug-bounty03-Feb-2024
Version Control History and Information Disclosure Vulnerabilities | 2024https://cyberw1ng.medium.com/version-control-history-and-information-disclosure-vulnerabilities-2024-3649060333bb?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, cybersecurity, careers, bug-bounty, hacking03-Feb-2024
Offensive Mobile Penetration Testinghttps://hackerassociate.medium.com/offensive-mobile-penetration-testing-ce87cc06fb46?source=rss------bug_bounty-5Harshad Shahbug-bounty, infosec, penetration-testing, cybersecurity, hacking02-Feb-2024
5.11 Lab: Authentication bypass via flawed state machine | 2024https://cyberw1ng.medium.com/5-11-lab-authentication-bypass-via-flawed-state-machine-2024-2226d33fba6d?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, cybersecurity, bug-bounty, security2-Feb-2024
CVE-2021–4434: A Critical WordPress Vulnerability Exposedhttps://medium.com/@elniak/cve-2021-4434-a-critical-wordpress-vulnerability-exposed-202b7d75dda5?source=rss------bug_bounty-5ElNiakvulnerability, bug-bounty, threat-intelligence, wordpress, cybersecurity2-Feb-2024
Join the Pay Protocol Bug Bounty Program and Earn Rewardshttps://cryptoanalyz.medium.com/join-the-pay-protocol-bug-bounty-program-and-earn-rewards-159d24608282?source=rss------bug_bounty-5Crypto Analystpayments, defi, bug-bounty-program, cryptocurrency, bug-bounty2-Feb-2024
Unveiling the Elite: Cyber Matrix Tech’s USD 7 Million Bug Bounty Coursehttps://medium.com/@African-Technology-Research/unveiling-the-elite-cyber-matrix-techs-usd-7-million-bug-bounty-course-4e648fb003d1?source=rss------bug_bounty-5African Technology Researchpenetration-testing, cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup2-Feb-2024
Mastering Fuzzing: A Comprehensive Tutorialhttps://medium.com/@elniak/mastering-fuzzing-a-comprehensive-tutorial-ba9431c8ff0f?source=rss------bug_bounty-5ElNiakfuzzing, bug-bounty, tutorial, cybersecurity, bugs02-Feb-2024
Unlocking Privacy: A Dive into Octopii, the Open-Source PII Scannerhttps://medium.com/@elniak/unlocking-privacy-a-dive-into-octopii-the-open-source-pii-scanner-8a8bdcc0b8be?source=rss------bug_bounty-5ElNiakprivacy, osint, cybersecurity, bug-bounty, pii02-Feb-2024
How to start in Bug Bounty Hunting: my personal experiencehttps://seeu-inspace.medium.com/how-to-start-in-bug-bounty-hunting-my-personal-experience-61fb2bc6bcee?source=rss------bug_bounty-5Riccardo Malatestabug-bounty-tips, bug-bounty02-Feb-2024
How to Pass eWPTv1 examhttps://medium.com/@pentajbr/how-to-pass-ewptv1-exam-3aab3d7d9fa5?source=rss------bug_bounty-5Jbr AL-Otaibipreparation, bug-bounty, bug-bounty-tips, cybersecurity, hacking02-Feb-2024
CVE-2021–4434: A Critical WordPress Vulnerability Exposedhttps://systemweakness.com/cve-2021-4434-a-critical-wordpress-vulnerability-exposed-202b7d75dda5?source=rss------bug_bounty-5ElNiakvulnerability, bug-bounty, threat-intelligence, wordpress, cybersecurity02-Feb-2024
How I was able to find PII of more than 15,000 People using the Directory Enumeration Tool…https://medium.com/@neelmunot2003/how-i-was-able-to-find-pii-of-more-than-15-000-people-using-the-directory-enumeration-tool-7ac3e9a37983?source=rss------bug_bounty-5Neel Munotinformation-disclosure, dirsearch, bug-bounty, cybersecurity, ethical-hacking02-Feb-2024
How I secured the United Nations Hall of Famehttps://medium.com/@kamilrahman32/how-i-secured-the-united-nations-hall-of-fame-67b036ff2620?source=rss------bug_bounty-5Kamil Rahumanbug-bounty, bug-bounty-tips, vulnerability, hall-of-fame, united-nations02-Feb-2024
Full Account Takeover via Password Reset Link Manipulationhttps://ikhaleelkhan.medium.com/full-account-takeover-via-password-reset-link-manipulation-840fb9402967?source=rss------bug_bounty-5Khaleel Khaninfosec, bug-bounty, cybersecurity, hacking, ethical-hacking01-Feb-2024
Docker and runC Vulnerabilities: A Deep Dive into CVE-2024–21626 and Its Counterpartshttps://medium.com/@elniak/docker-and-runc-vulnerabilities-a-deep-dive-into-cve-2024-21626-and-its-counterparts-4ca24e7d7aa1?source=rss------bug_bounty-5ElNiakcybersecurity, vulnerability, docker, penetration-testing, bug-bounty01-Feb-2024
5.10 Lab: Authentication bypass via encryption Oracle | 2024https://cyberw1ng.medium.com/5-10-lab-authentication-bypass-via-encryption-oracle-2024-b15f1879a30b?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, careers, hacking, cybersecurity01-Feb-2024
1.4M PII data leakage (IDOR)https://medium.com/@tusharaj98355/1-4m-pii-data-leakage-idor-aee596aef4d9?source=rss------bug_bounty-5tushar_reconbug-bounty, bug-bounty-tips01-Feb-2024
How i was able to hack a Company via watching a YouTube videohttps://ahmadmansourr.medium.com/how-i-was-able-to-hack-a-company-via-watching-a-youtube-video-without-any-technical-pentesting-4941753a150a?source=rss------bug_bounty-5Ahmad Mansourcyber-security-awareness, bug-bounty, penetration-testing01-Feb-2024
Reflected XSS into a JavaScript String with Angle Brackets and Double Quotes HTML-Encoded and…https://medium.com/@marduk.i.am/reflected-xss-into-a-javascript-string-with-angle-brackets-and-double-quotes-html-encoded-and-3e43059d901b?source=rss------bug_bounty-5Marduk I Amcybersecurity, portswigger-lab, reflected-xss, cross-site-scripting, bug-bounty01-Feb-2024
Bypass Arbitary File Upload With .pharhttps://medium.com/@mzrismuarf/bypass-arbitary-file-upload-with-phar-6a07627f5e2e?source=rss------bug_bounty-5Mizar Ismu Ariefexploitation, bug-bounty, pentesting, bypass01-Feb-2024
From No to Go — Uninvited Access To Invited Projectshttps://medium.com/@_0jatin0_/from-no-to-go-uninvited-access-to-invited-projects-c8a94feb7cf3?source=rss------bug_bounty-5Jatin_Chudasamabroken-access-control, writeup, bug-bounty, graphql, unauthorized-access01-Feb-2024
This is arguably the dumbest bug I’ve ever found.https://medium.com/@deadoverflow/this-is-arguably-the-dumbest-bug-ive-ever-found-3e451951d727?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, bug-bounty, hacking, programming, cybersecurity01-Feb-2024
Misconfiguration lead to company identity theft via bypass email verification.https://hamzadzworm.medium.com/misconfiguration-lead-to-company-identity-theft-via-bypass-email-verification-0dd60b61d943?source=rss------bug_bounty-5Hamzadzwormbugbounty-writeup, bug-bounty-writeup, bugbounty-tips, bug-bounty, infosec01-Feb-2024
Best Recon methodology (Shubham Rooter)https://shubhamrooter.medium.com/best-recon-methodology-shubham-rooter-dcdca8d4caa4?source=rss------bug_bounty-5Shubham Tiwarihackerone, recon, bug-bounty, bug-bounty-tips, bug-hunting01-Feb-2024
How to send WhatsApp Message automatically using python for impress someonehttps://rajput623929.medium.com/how-to-send-whatsapp-message-automatically-using-python-for-impress-someone-0a9f488a4b54?source=rss------bug_bounty-5Mr.Horbiohacking, cybersecurity, technology, python, bug-bounty01-Feb-2024
Understanding and Mitigating Active Directory Attackshttps://medium.com/@paritoshblogs/understanding-and-mitigating-active-directory-attacks-51b7b5737ecc?source=rss------bug_bounty-5Paritoshbug-bounty, azure, hacking, active-directory, cybersecurity31-Jan-2024
Uncovering a Parameter Tampering Vulnerability in Event Expo Ticketing Systemhttps://medium.com/@sulmanfarooq531/uncovering-a-parameter-tampering-vulnerability-in-event-expo-ticketing-system-89fc52e26414?source=rss------bug_bounty-5Sulman Farooq Sburpsuite, tampering, http-parameter-pollution, parameter-tampering, bug-bounty31-Jan-2024
Hunt, Hack, Reward — Hacking For Good with Bountieshttps://thethreatcops.medium.com/hunt-hack-reward-hacking-for-good-with-bounties-6a57d12c82a0?source=rss------bug_bounty-5the threat copsthethreatcops, cybersecurity, bug-bounty, hacking, infosec31-Jan-2024
Navigating the Storm: Understanding CVE-2023–34048’s Impact on VMware vCenter Serverhttps://medium.com/@elniak/navigating-the-storm-understanding-cve-2023-34048s-impact-on-vmware-vcenter-server-6004e6531e5b?source=rss------bug_bounty-5ElNiakthreat-intelligence, cybersecurity, bug-bounty, penetration-testing, vmware31-Jan-2024
Json Tokens (JWT) Token Checkshttps://akash-venky091.medium.com/json-tokens-jwt-token-checks-f23d5107e370?source=rss------bug_bounty-5Akash Venkycybersecurity, ethical-hacking, bug-bounty, security, jwt31-Jan-2024
What to expect from BSides Transylvania 2024https://corneacristian.medium.com/what-to-expect-from-bsides-transylvania-2024-38f62ffb1ebd?source=rss------bug_bounty-5Cristian Corneacybersecurity, technology, bug-bounty, software-development, tech31-Jan-2024
Tackling IDOR on UUID based objectshttps://medium.com/pentesternepal/tackling-idor-on-uuid-based-objects-71e8cb2dc265?source=rss------bug_bounty-5Veshraj Ghimireidor-vulnerability, bug-bounty31-Jan-2024
5.9 Lab: Infinite money logic flaw | 2024https://cyberw1ng.medium.com/5-9-lab-infinite-money-logic-flaw-2024-9aec41bc9ca0?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, security, bug-bounty31-Jan-2024
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Onehttps://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-one-77ec3fd3b914?source=rss------bug_bounty-5Alibug-bounty, database, reconnaissance, python31-Jan-2024
How to use Virtual Boxhttps://medium.com/@joshdesharnais1/how-to-use-virtual-box-f3b66be0d9d7?source=rss------bug_bounty-5Joshua Desharnaisbug-bounty, virtual, operating-systems, oracle31-Jan-2024
Bug Bounty Hunting, Part 1: Stealthy Parameter Detection with ParamSpiderhttps://medium.com/master-hackers/bug-bounty-hunting-part-1-stealthy-parameter-detection-with-paramspider-28e8ae3af5d4?source=rss------bug_bounty-50xClonazbug-bounty, hacker, bug-bounty-tips, cybersecurity, hacking31-Jan-2024
Ransomware: Build Your Own Ransomwarehttps://medium.com/master-hackers/ransomware-build-your-own-ransomware-b8002b355300?source=rss------bug_bounty-50xClonazhacking, cybersecurity, hacker, programming, bug-bounty31-Jan-2024
Recon Methodologyhttps://medium.com/@alanvv03/recon-methodology-6626fea2e6ed?source=rss------bug_bounty-5Alanvvcybersecurity, bug-bounty, reconnaissance31-Jan-2024
Une erreur fatalehttps://mr0me.medium.com/salut-a2c0cf7cfb4c?source=rss------bug_bounty-5Jephte Mangendamistakes, wordpress-development, wordpress, bug-bounty, bugs31-Jan-2024
Web Cache Poisoninghttps://k4gur4.medium.com/web-cache-poisoning-04fea694708e?source=rss------bug_bounty-5Kaguracybersecurity, web-security, bug-bounty31-Jan-2024
Decoding the OWASP Top 10https://medium.com/@paritoshblogs/decoding-the-owasp-top-10-e193b715cb37?source=rss------bug_bounty-5Paritoshbug-bounty, owasp, cybersecurity, pentesting, hacking30-Jan-2024
Critical Jenkins RCE Vulnerability (CVE-2024–23897)https://medium.com/@elniak/critical-jenkins-rce-vulnerability-cve-2024-23897-402061a2b187?source=rss------bug_bounty-5ElNiakjenkins, bug-bounty, penetration-testing, vulnerability, cybersecurity30-Jan-2024
Simplifying Issue Traceability with Links Explorer in the monday Platformhttps://medium.com/optimizory-apps/simplifying-issue-traceability-with-links-explorer-in-the-monday-platform-c8cfbee37668?source=rss------bug_bounty-5Divyansh Vatsproject-management, marketplaces, issues, bug-bounty, traceability30-Jan-2024
Title: Exploiting Path Traversal Vulnerability in User Profile URLshttps://medium.com/@kataeriidubstep/title-exploiting-path-traversal-vulnerability-in-user-profile-urls-82c0e8ba1a3e?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, cybersecurity, appsec30-Jan-2024
Reflected XSS into a JavaScript String with Single Quote and Backslash Escapedhttps://medium.com/@marduk.i.am/reflected-xss-into-a-javascript-string-with-single-quote-and-backslash-escaped-ba435167b43f?source=rss------bug_bounty-5Marduk I Amreflected-xss, cross-site-scripting, portswigger-lab, bug-bounty, cybersecurity30-Jan-2024
My SSRF Tricks — Bug Bounty Tuesdayhttps://medium.com/@kerstan/my-ssrf-tricks-bug-bounty-tuesday-f0d7e53c8d88?source=rss------bug_bounty-5kerstanbug-bounty, security, hacking, cybersecurity, technology30-Jan-2024
Rekomendasi Platform Bug Bounty Nasional Maupun Internasionalhttps://medium.com/@artiacode/rekomendasi-platform-bug-bounty-nasional-maupun-internasional-7406d388de08?source=rss------bug_bounty-5ArtiaCodecybersecurity, cyber-security-awareness, bug-bounty, bug-bounty-hunter, bug-bounty-program30-Jan-2024
Navigating the World of Bug Bounties in 2024: Opportunities and Platforms for Ethical Hackershttps://hacksheets.medium.com/navigating-the-world-of-bug-bounties-in-2024-opportunities-and-platforms-for-ethical-hackers-99ff20231e3e?source=rss------bug_bounty-5Hacksheets | Learn Cybersecuritybug-bounty, artificial-intelligence, chatgpt, cybersecurity, penetration-testing30-Jan-2024
Pov — HackTheBox Seasonal Machine Simple Writeup by Karthikeyan Nagaraj | 2024https://infosecwriteups.com/pov-hackthebox-seasonal-machine-simple-writeup-by-karthikeyan-nagaraj-2024-7516c938c688?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hackthebox, hackthebox-writeup, careers, cybersecurity30-Jan-2024
Attacking Session Management | Part 06 | What To Do After Choosing a Targethttps://medium.com/@omarora1603/attacking-session-management-part-06-what-to-do-after-choosing-a-target-b551ab0455c5?source=rss------bug_bounty-5Om Arorainfosec, information-security, hacking, bug-bounty, cybersecurity30-Jan-2024
Best Approach to RCEhttps://medium.com/@anekantsinghai/best-approach-to-rce-630187d4ad03?source=rss------bug_bounty-5Anekant Singhai Jainred-team, ethical-hacking, rce, penetration-testing, bug-bounty30-Jan-2024
An introductory guide to HTTP request smugglinghttps://medium.com/@mayank_prajapati/an-introductory-guide-to-http-request-smuggling-0defb95e87ce?source=rss------bug_bounty-5Mayank Kumar Prajapatiwebsite, web, bug-bounty, hacking, vulnerability30-Jan-2024
How to replicate Jenkins CVE-2024–23897: Arbitrary File Read Vulnerabilityhttps://medium.com/@red_darkin/how-to-replicate-jenkins-cve-2024-23897-arbitrary-file-read-vulnerability-260c8174dd94?source=rss------bug_bounty-5Red Darkinbug-bounty, cybersecurity, cve-2024-23897, jenkins, offsec30-Jan-2024
Behind the Scenes of DLLs : How Attackers Exploit Legitimate Programs for Mischief!https://osintteam.blog/behind-the-scenes-of-dlls-how-attackers-exploit-legitimate-programs-for-mischief-395a7540af1f?source=rss------bug_bounty-5Paritoshdll-hijacking, information-security, cybersecurity, hacking, bug-bounty29-Jan-2024
Fundamentals of .NET Decompilation With dnSpyhttps://infosecwriteups.com/fundamentals-of-net-decompilation-with-dnspy-e7456707b1d2?source=rss------bug_bounty-5Jowardpentesting, hacking, bug-bounty, dotnet29-Jan-2024
How to Earn Bug Bounty as a Professional Bug hunterhttps://rajput623929.medium.com/how-to-earn-bug-bounty-as-a-professional-bug-hunter-ef7de858f94b?source=rss------bug_bounty-5Mr.Horbiobug-bounty, bugs, earn-money-online, ethical-hacking, cybersecurity29-Jan-2024
Port Scanning: Pengertian, Teknik, Dan Pencegahannyahttps://medium.com/@talaskosec/port-scanning-pengertian-teknik-dan-pencegahannya-38dece0adf2e?source=rss------bug_bounty-5TalaskoSecbug-bounty-indonesia, coding, cyber-security-indonesia, cybersecurity, bug-bounty29-Jan-2024
XML External Entity injection with error-based data exfiltrationhttps://infosecwriteups.com/xml-external-entity-injection-with-error-based-data-exfiltration-985b063ec820?source=rss------bug_bounty-5Serj Novoselovpenetration-testing, hacking, bug-bounty, xml, writeup29-Jan-2024
OWASP Top 10 API Security Risks — 2023https://medium.com/@aayushdhakal005/owasp-top-10-api-security-risks-2023-0e1cd92214cf?source=rss------bug_bounty-5Creepydoomerbug-bounty, cybersecurity, owasp, api29-Jan-2024
Kenalan Sama Bug Bountyhttps://medium.com/@artiacode/kenalan-sama-bug-bounty-a9d72927a349?source=rss------bug_bounty-5ArtiaCodebug-bounty, cybersecurity, bug-bounty-tips, cyber-security-awareness, ethical-hacking29-Jan-2024
CheckList for Bug Bounty Huntinghttps://medium.com/@kalidaskamaraj/checklist-for-bug-bounty-hunting-ffcaf4841242?source=rss------bug_bounty-5Kalidaskamarajbug-bounty, cybersecurity, ethical-hacking, penetration-testing, web-application-testing29-Jan-2024
Meteor Subdomain Takeoverhttps://medium.com/@youngvanda/meteor-subdomain-takeover-b33034a44aa7?source=rss------bug_bounty-5YoungVandacybersecurity, technology, bug-bounty, javascript, programming29-Jan-2024
CVE-2024–0519: Chrome’s Gateway to Memory Accesshttps://medium.com/@elniak/cve-2024-0519-chromes-gateway-to-memory-access-8cfd6cbbd168?source=rss------bug_bounty-5ElNiakgoogle, cybersecurity, penetration-testing, bug-bounty, threat-intelligence29-Jan-2024
OWASP Top 10 API Security Risks — 2023https://medium.com/@aayushdhakal005/owasp-top-10-api-security-risks-2023-0e1cd92214cf?source=rss------bug_bounty-5Creepyshitbug-bounty, cybersecurity, owasp, api29-Jan-2024
Discord’s preview bot redirection vulnerabilityhttps://medium.com/@lenoctambule/discords-preview-bot-redirection-vulnerability-c8b08fe3721b?source=rss------bug_bounty-5Le Noctambulebug-bounty, bugs, software-development, cybersecurity29-Jan-2024
Simple Tips for Bug Bounty Beginners: Finding OTP Bypass Bughttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-otp-bypass-bug-22323a8ff49b?source=rss------bug_bounty-5Anish Narayanbug-bounty, cybersecurity, bug-bounty-tips, technology, programming29-Jan-2024
Huge Bug Bounty Resourcehttps://medium.com/@joshdesharnais1/huge-bug-bounty-resource-d25ee48d81cc?source=rss------bug_bounty-5Joshua Desharnaishacking, bug-bounty, bugs, bug-bounty-tips29-Jan-2024
Techniques in Exploiting Business Logic Vulnerabilities for Bug Bounty | 2024https://cyberw1ng.medium.com/techniques-in-exploiting-business-logic-vulnerabilities-for-bug-bounty-2024-93293353e99f?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, security29-Jan-2024
Automation Hacks: Unearthing a Critical RCE the Easy Wayhttps://asbawy.medium.com/automation-hacks-unearthing-a-critical-rce-the-easy-way-ad64f01a06a3?source=rss------bug_bounty-5Asbawybug-bounty-tips, hacking, bug-bounty, cybersecurity, automation-testing29-Jan-2024
Reflected XSS in canonical link taghttps://medium.com/@marduk.i.am/reflected-xss-in-canonical-link-tag-64c9719fc6ad?source=rss------bug_bounty-5Marduk I Amreflected-xss, cybersecurity, portswigger-lab, bug-bounty, cross-site-scripting29-Jan-2024
Bug Zero at a Glance [01–15 January]https://blog.bugzero.io/bug-zero-at-a-glance-01-15-january-70f2e0b58c59?source=rss------bug_bounty-5Januka Dharmapriyasri-lanka, newsletter, bug-zero, bug-bounty, cybersecurity28-Jan-2024
How I Learned To Exploit Buffer Overflows: An Introduction to Stack-Based Buffer Overflowshttps://medium.com/@shcyber/how-i-learned-to-exploit-buffer-overflows-an-introduction-to-stack-based-buffer-overflows-5b27e339a1a6?source=rss------bug_bounty-5SHCybercybersecurity, buffer-overflow-attack, bug-bounty, binary-exploitation, buffer-overflow28-Jan-2024
Explorasi Platform Bug Bounty untuk Cyber Security Enthusiastshttps://medium.com/@faisalhanafi112/explorasi-platform-bug-bounty-untuk-cyber-security-enthusiasts-5d3bde391f69?source=rss------bug_bounty-5Faisal Hanafired-team, linuxhacking, pentesting, bug-bounty, cybersecurity28-Jan-2024
Useful HTTP method every bug hunter must knowhttps://medium.com/@aayushdhakal005/useful-http-method-every-bug-hunter-must-know-02f57f59812a?source=rss------bug_bounty-5Creepydoomercybersecurity, web, https, bug-bounty28-Jan-2024
Thorough Review Bug Bounty Hunter Certification [CBBH]https://medium.com/@ozomarzu/thorough-review-bug-bounty-hunter-certification-cbbh-f39765da27bc?source=rss------bug_bounty-5CyberOzpentesting, hackthebox, bug-bounty-hunter, bug-bounty, web-vulnerabilities28-Jan-2024
I will be giving away my book for free!https://medium.com/@deadoverflow/i-will-be-giving-away-my-book-for-free-924191fdea84?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, hacking, cybersecurity, bug-hunting, bug-bounty28-Jan-2024
Get IDOR In No Permission To Access Page — Bug Bounty Tuesdayhttps://medium.com/@kerstan/get-idor-in-no-permission-to-access-page-bug-bounty-tuesday-a04fbb7e7821?source=rss------bug_bounty-5kerstancybersecurity, technology, hacking, security, bug-bounty28-Jan-2024
Reflected XSS with some SVG markup allowedhttps://medium.com/@marduk.i.am/reflected-xss-with-some-svg-markup-allowed-10d198692208?source=rss------bug_bounty-5Marduk I Amreflected-xss, cross-site-scripting, portswigger-lab, cybersecurity, bug-bounty28-Jan-2024
Roadmap Belajar SOC Analyst Dan Toolsnyahttps://medium.com/@yasminramadini/roadmap-belajar-soc-analyst-dan-toolsnya-5ce314f0b0ff?source=rss------bug_bounty-5Yeaszecbug-bounty, ethical-hacking, programmer, blue-team, cybersecurity28-Jan-2024
CVE-2023–45866: 0-Click Bluetooth vulnerabilityhttps://medium.com/@elniak/understanding-and-mitigating-cve-2023-45866-0-click-vulnerability-2576ec17c38f?source=rss------bug_bounty-5ElNiakbluetooth, cybersecurity, bug-bounty, penetration-testing, threat-intelligence28-Jan-2024
MIME Sniffing Explained: How Browsers Can Misinterpret Content Typeshttps://medium.com/@ab3lsec/mime-sniffing-explained-how-browsers-can-misinterpret-content-types-68c22d300345?source=rss------bug_bounty-5Abel Vsniffing, web-browser, cybersecurity, web-application-security, bug-bounty28-Jan-2024
Hunting for Vulnerabilities that are ignored by most of the Bug Bounty Hunters — Part 1https://medium.com/@vflexo/hunting-for-vulnerabilities-that-are-ignored-by-most-of-the-bug-bounty-hunters-part-1-187b35508e56?source=rss------bug_bounty-5vFlexoethical-hacking, bug-bounty, penetration-testing, vapt, information-security28-Jan-2024
How do you actually find bugs? (Part 2)https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-part-2-5d6930edeee7?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, bug-hunting, bug-bounty, hacking, cybersecurity28-Jan-2024
Clicker — HackTheBox Machine Simple Writeup by Karthikeyan Nagaraj | 2024https://infosecwriteups.com/clicker-hackthebox-machine-simple-writeup-by-karthikeyan-nagaraj-2024-313b383236bd?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, hackthebox-writeup, hackthebox28-Jan-2024
How do you actually find bugs? (My 2 years experience) | Part 2https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-part-2-5d6930edeee7?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, bug-hunting, bug-bounty, hacking, cybersecurity28-Jan-2024
This is the easiest bug you can find.https://medium.com/@deadoverflow/this-is-the-easiest-bug-you-can-find-90573d0053e1?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, cybersecurity, programming, bug-bounty, hacking28-Jan-2024
How to Get CVEs Online (Fast)https://fh4ntke.medium.com/how-to-get-cves-online-fast-c0d6d897c04d?source=rss------bug_bounty-5FHantkebug-bounty, information-technology, web-development, cybersecurity, hacking28-Jan-2024
XSS is hard to find… or is it? (How to you find bugs)https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-part-2-5d6930edeee7?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, bug-hunting, bug-bounty, hacking, cybersecurity28-Jan-2024
ARPA Monthly Report | December Progress Reviewhttps://arpa.medium.com/arpa-monthly-report-december-progress-review-d49a5a44b79c?source=rss------bug_bounty-5ARPA Officialstaking, cryptography, arpa, bug-bounty, rng27-Jan-2024
5.8 Lab: Insufficient workflow validation | 2024https://cyberw1ng.medium.com/5-8-lab-insufficient-workflow-validation-2024-ce57b036d908?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, cybersecurity, bug-bounty, hacking, careers27-Jan-2024
Essential Encoding Schemes for Bug Bounty Huntershttps://medium.com/@aayushdhakal005/essential-encoding-schemes-for-bug-bounty-hunters-2cccd3dcb124?source=rss------bug_bounty-5Creepydoomerbug-bounty, cybersecurity, ethical-hacking, security, encoding27-Jan-2024
Your Life in the Crosshairs of Cybersecurity Threats!https://medium.com/@paritoshblogs/your-life-in-the-crosshairs-of-cybersecurity-threats-526f4a122e14?source=rss------bug_bounty-5Paritoshsecurity, cybersecurity, programming, bug-bounty, information-security27-Jan-2024
500$: MFA bypass By Race Conditionhttps://medium.com/@a13h1/500-mfa-bypass-by-race-condition-176421462902?source=rss------bug_bounty-5Abhi Sharmarace-condition, bug-bounty, programming, 2fa, cybersecurity27-Jan-2024
Як працює програма винагороди за виправлення помилок від Aleo?https://medium.com/@prekrasnazasmin/%D1%8F%D0%BA-%D0%BF%D1%80%D0%B0%D1%86%D1%8E%D1%94-%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%B0-%D0%B2%D0%B8%D0%BD%D0%B0%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B8-%D0%B7%D0%B0-%D0%B2%D0%B8%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%BD%D1%8F-%D0%BF%D0%BE%D0%BC%D0%B8%D0%BB%D0%BE%D0%BA-%D0%B2%D1%96%D0%B4-aleo-edafe6e7dce0?source=rss------bug_bounty-5Marlin_2_2_0aleo, bug-bounty27-Jan-2024
Schneier’s Law In Bug Bountyhttps://wallotry.medium.com/schneiers-law-in-bug-bounty-df04bebfdf2f?source=rss------bug_bounty-5Wallotrybug-bounty-hunting, bug-bounty-tips, bug-bounty27-Jan-2024
SIEM Home Lab: Detecting Web Attackhttps://medium.com/@yasminramadini/siem-home-lab-detecting-web-attack-b08c0d575498?source=rss------bug_bounty-5Yeaszecsoc-analyst, pentester, cybersecurity, bug-bounty, ethical-hacking26-Jan-2024
Detecting Server-Side Technologies for Bug Hunting:https://medium.com/@aayushdhakal005/detecting-server-side-technologies-for-bug-hunting-9f894bd87da2?source=rss------bug_bounty-5Creepydoomerphp, python, servers, bug-bounty, microsoft26-Jan-2024
Evolution of Critical Log Sources in SIEM: A 5-Year Retrospectivehttps://infosecwriteups.com/evolution-of-critical-log-sources-in-siem-a-5-year-retrospective-841bae2b6a6c?source=rss------bug_bounty-5Paritoshsecurity, cybersecurity, siem, hacking, bug-bounty26-Jan-2024
Zero Click Account Takeoverhttps://medium.com/@bhavin87859/zero-click-account-takeover-404bb73121c9?source=rss------bug_bounty-5Sunny Sharmabug-bounty-writeup, bug-bounty26-Jan-2024
Bug Bounty For Beginners 2024 Part (3).https://medium.com/@lukwagoasuman236/bug-bounty-for-beginners-2024-part-3-3f8a70f8652e?source=rss------bug_bounty-5Asuman Lukwagobug-bounty-tips, vulnerability-assessment, bug-bounty, cybersecurity, beginners-guide26-Jan-2024
Unveiling the Odyssey: A Riveting Tale of PII Disclosure Vulnerability Discoveryhttps://medium.com/@mrraghavop12/unveiling-the-odyssey-a-riveting-tale-of-pii-disclosure-vulnerability-discovery-615f04432654?source=rss------bug_bounty-5Ethical Raghavblockchain, data-science, cybersecurity, technology, bug-bounty26-Jan-2024
Reflected XSS into HTML context with all tags blocked except custom oneshttps://medium.com/@marduk.i.am/reflected-xss-into-html-context-with-all-tags-blocked-except-custom-ones-7eec0b6b146f?source=rss------bug_bounty-5Marduk I Ambug-bounty, cross-site-scripting, cybersecurity, portswigger-lab, dom-xss26-Jan-2024
Strategies for Success in Audit Contests and Bug Bounty Huntinghttps://medium.com/@JohnnyTime/strategies-for-success-in-audit-contests-and-bug-bounty-hunting-082cef9b4021?source=rss------bug_bounty-5Johnny Timesmart-contract-auditing, audit-contest, bug-bounty, code4rena, bug-bounty-tips26-Jan-2024
Ensuro Partners with Immunefi to Launch Bug Bounty Programhttps://medium.com/@zorely/ensuro-partners-with-immunefi-to-launch-bug-bounty-program-e63368cdc0b0?source=rss------bug_bounty-5Ensuro ZEbug-bounty26-Jan-2024
How I Discovered a Sneaky Account Takeover Vulnerabilityhttps://sumedhgharpande.medium.com/how-i-discovered-a-sneaky-account-takeover-vulnerability-530c3a080a20?source=rss------bug_bounty-5Sumedh Gharpandebug-bounty, ethical-hacking, cyber-security-awareness, hacking, broken-access-control26-Jan-2024
General Questions Asked in Telephonic Interview (Q&A)for Cybersecurity Role-My Personal Experience…https://medium.com/@Ajakcybersecurity/general-questions-asked-in-telephonic-interview-q-a-for-cybersecurity-role-my-personal-experience-ae6298e5b8f0?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, interview, cybersecurity, jobs26-Jan-2024
5.7 Lab: Weak isolation on dual-use endpoint | 2024https://cyberw1ng.medium.com/5-7-lab-weak-isolation-on-dual-use-endpoint-2024-cd80519184b4?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, security, bug-bounty, careers26-Jan-2024
Bug Bounty 101: Unveiling the Crucial Role in Cybersecurity for Beginnershttps://systemweakness.com/bug-bounty-101-unveiling-the-crucial-role-in-cybersecurity-for-beginners-0d8611e6f315?source=rss------bug_bounty-5Fahri Yeşilcyber-threat-intelligence, bug-bounty, ethical-hacking, cybersecurity, vulnerability-research26-Jan-2024
Web Cache Poisoning: WWWWWH?https://medium.com/@rcxsecurity/web-cache-poisoning-wwwwwh-ee2b47d6bacc?source=rss------bug_bounty-5RCXSecuritycybersecurity, pentesting, bug-bounty-tips, penetration-testing, bug-bounty26-Jan-2024
How to get your email from different bug bounty platform to start hacking :https://medium.com/@aayushdhakal005/how-to-get-your-email-from-different-bug-bounty-platform-to-start-hacking-ce01dd45f7ca?source=rss------bug_bounty-5Creepydoomercybersecurity, bug-bounty, ethical-hacking, hackerone, hacker25-Jan-2024
Tool: SCRIPTKIDDI3: A Comprehensive Guide to Efficient Bug Bounty Reconnaissancehttps://nixiebytes.medium.com/tool-scriptkiddi3-a-comprehensive-guide-to-efficient-bug-bounty-reconnaissance-dc91c3517a5e?source=rss------bug_bounty-5Nixie_Bytes Security Teambug-bounty, hacking-tools, tools, cybersecurity, hacking25-Jan-2024
A Comprehensive Guide to Bug Bounty Hunting Masteryhttps://medium.com/@mrraghavop12/a-comprehensive-guide-to-bug-bounty-hunting-mastery-706934490626?source=rss------bug_bounty-5Ethical Raghavbug-bounty, cybersecurity, artificial-intelligence, blockchain, data-science25-Jan-2024
eJPT all you need to knowhttps://medium.com/@boogsta/ejpt-all-you-need-to-know-7c62fef04cf3?source=rss------bug_bounty-5Boogstacyber, bug-bounty, bug-bounty-tips, hacking, cybersecurity25-Jan-2024
5.6 Lab: Inconsistent handling of exceptional input | 2024https://cyberw1ng.medium.com/5-6-lab-inconsistent-handling-of-exceptional-input-2024-d02e2bb522f4?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, security, bug-bounty, cybersecurity25-Jan-2024
OWASP TOP 10 2021:https://medium.com/@aayushdhakal005/owasp-top-10-2021-cfb610db7dd4?source=rss------bug_bounty-5Creepydoomercybersecurity, ethical-hacking, bug-bounty, sql-injection, owasp24-Jan-2024
Git Directory Exposed Leads to Credentials Disclosurehttps://medium.com/@blackarazi/git-directory-exposed-leads-to-credentials-disclosure-1d1737638279?source=rss------bug_bounty-5Azhari Harahapbug-bounty-writeup, supply-chain-security, bug-bounty, application-security, git-exposed24-Jan-2024
Avedia Player r9300 Vulnerabilitieshttps://medium.com/@x41x41x41/avedia-player-r9300-vulnerabilities-1c71b4d8efa0?source=rss------bug_bounty-5John Mweb-development, cve, bug-bounty, hacking, exploit24-Jan-2024
5.5 Low-level logic flaw in Business logic vulnerabilities | 2024https://cyberw1ng.medium.com/5-5-low-level-logic-flaw-in-business-logic-vulnerabilities-2024-cf9a90e2e762?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, security24-Jan-2024
The Immunefi bug bounty campaign is livehttps://dexenetwork.medium.com/the-immunefi-bug-bounty-campaign-is-live-5782b93f823e?source=rss------bug_bounty-5DeXe Protocoldao, dexe, defi, bug-bounty24-Jan-2024
The art of learning bug bounty.https://medium.com/@siratsami71/the-art-of-learning-bug-bounty-9c2a48aee53b?source=rss------bug_bounty-5Sirat Sami (analyz3r)bugbounty-writeup, bug-bounty24-Jan-2024
IDOR Allowing to Place Other Students in Exam Sessionshttps://medium.com/@mr_payload_injector/idor-allowing-to-place-other-students-in-exam-sessions-1bbefd14ac8d?source=rss------bug_bounty-5Mr_Payload_Injectorbug-bounty, cybersecurity, idor, bug-bounty-writeup, ethical-hacking24-Jan-2024
Response Manipulation Lead To Premium Feature By Normal User Reward of $500https://medium.com/@zikola1/response-manipulation-lead-to-premium-feature-by-normal-user-reward-of-500-43381f769ab1?source=rss------bug_bounty-5Abdulrahman badawiweb-application-security, bug-bounty-tips, penetration-testing, bug-bounty, bug-bounty-writeup24-Jan-2024
OWASP TOP 10 2017:https://medium.com/@aayushdhakal005/owasp-top-10-2017-9daabe8c44bf?source=rss------bug_bounty-5Aayushdhakalbug-bounty, ethical-hacking, sql, owasp, cybersecurity23-Jan-2024
Get IDOR In No Permission To Access Page— Bug Bounty Tuesdayhttps://medium.com/@kerstan/get-idor-in-no-permission-to-access-page-bug-bounty-tuesday-68aa82402171?source=rss------bug_bounty-5kerstanhacking, cybersecurity, technology, bug-bounty, security23-Jan-2024
Dosya yükleme ile XSShttps://enesozlekk.medium.com/dosya-y%C3%BCkleme-ile-xss-8f2dd8d093c4?source=rss------bug_bounty-5Enes Özlekbug-bounty23-Jan-2024
How to Exploit Business Logic Vulnerabilities for Bug Bounty | 2024https://cyberw1ng.medium.com/how-to-exploit-business-logic-vulnerabilities-for-bug-bounty-2024-5c9f14420d50?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, security, cybersecurity, bug-bounty23-Jan-2024
SQL Injection on PostgreSQLhttps://medium.com/@yagizkocer/sql-injection-on-postgresql-8c8f823e44aa?source=rss------bug_bounty-5Yağız Koçersql-injection, penetration-testing, bug-bounty, hacking, cybersecurity23-Jan-2024
Leaked SQL error leading to XSS, and another BSQLi...https://medium.com/@zatikyan.sevada/leaked-sql-error-leading-to-xss-and-another-bsqli-cdadde032687?source=rss------bug_bounty-5Zatikyan Sevadabug-bounty, sql-injection, sql, xss-attack, cybersecurity22-Jan-2024
Hacking behind the WAFhttps://noorhomaid.medium.com/hacking-behind-the-waf-60c6c1a48411?source=rss------bug_bounty-5NoorHomaidinfosec, bug-bounty-tips, penetration-testing, bug-bounty, cybersecurity22-Jan-2024
Better understanding of User-Directed Spidering vs Automated Spideringhttps://medium.com/@aayushdhakal005/better-understanding-of-user-directed-spidering-vs-automated-spidering-a18342c42a25?source=rss------bug_bounty-5Aayushdhakalhacking, penetration-testing, spidering, web, bug-bounty22-Jan-2024
How to find unprotected databases with Netlas.io: Chapter 2https://netlas.medium.com/how-to-find-unprotected-databases-with-netlas-io-chapter-2-ba71b07c9630?source=rss------bug_bounty-5Netlas.iocybersecurity, information-security, bug-bounty, penetration-testing, osint22-Jan-2024
This Tool Helps Me To Find The Origin IP Addresshttps://medium.com/@Ajakcybersecurity/this-tool-helps-me-to-find-the-origin-ip-address-75b1444da57e?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, bug-bounty, hacking, cybersecurity, ethical-hacking22-Jan-2024
Is It Worth Quitting 9–5 Job For a Full-Time Bug Bounty In 2024?https://medium.com/@Ajakcybersecurity/is-it-worth-quitting-9-5-job-for-a-full-time-bug-bounty-in-2024-a408389d914e?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, medium, bug-bounty, jobs, penetration-testing22-Jan-2024
4.5 Lab: Blind OS command injection with out-of-band data exfiltration | 2024https://cyberw1ng.medium.com/4-5-lab-blind-os-command-injection-with-out-of-band-data-exfiltration-2024-7bb26c2473e7?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, security, hacking, cybersecurity22-Jan-2024
Bug Bounty For Beginners 2024.https://medium.com/@lukwagoasuman236/bug-bounty-for-beginners-2024-df4a38ed3ad2?source=rss------bug_bounty-5Asuman Lukwagoplanning, finance, cybersecurity, bug-bounty, info22-Jan-2024
Reflected XSS into HTML context with most tags and attributes blockedhttps://medium.com/@marduk.i.am/reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-4266c6c473ad?source=rss------bug_bounty-5Marduk I Ambug-bounty, portswigger-lab, cybersecurity, cross-site-scripting, dom-xss22-Jan-2024
How do you actually find bugs? (My 2 year experience)https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-my-2-year-experience-2d77d78994a0?source=rss------bug_bounty-5Imad Husanovicbug-bounty, hacking, programming, cybersecurity, bug-bounty-tips22-Jan-2024
HackTheBox Saturn: Explaining SSRFhttps://medium.com/@leomsec/hackthebox-saturn-explaining-ssrf-072234ab5ce3?source=rss------bug_bounty-5Leonardobug-bounty, hacker, pentesting, ctf, hackthebox22-Jan-2024
How I Discovered a Critical Vulnerability in a Leading UK Retail Giant’s Systemhttps://medium.com/@cathreat/how-i-discovered-a-critical-vulnerability-in-a-leading-uk-retail-giants-system-bc4211c159a7?source=rss------bug_bounty-5cathreatunited-kingdom, pentesting, bug-bounty, hacking, ssrf22-Jan-2024
Unveiling the Digital Tapestry: A Penetration Tester's Odyssey into the Heart of Cyber…https://medium.com/@mrraghavop12/title-unveiling-the-digital-tapestry-a-penetration-testers-odyssey-into-the-heart-of-cyber-2ac009e54e2f?source=rss------bug_bounty-5Ethical Raghavbug-bounty, cybersecurity, web-development, technology, artificial-intelligence21-Jan-2024
Gelios Testnet Bug Bounty Program: Earn Up to $5,000https://geliosofficial.medium.com/gelios-testnet-bug-bounty-program-earn-up-to-5-000-10e2d78124f8?source=rss------bug_bounty-5Geliosbitcoin-l2, gelios, blockchain, crypto, bug-bounty21-Jan-2024
Bug bounty platforms for 2024https://medium.com/@notahades/bug-bounty-platforms-for-2024-ab289e5c74a9?source=rss------bug_bounty-5Not_A_Hadesbug-bounty, cybersecurity, hacking, security21-Jan-2024
4.4 Lab: Blind OS command injection with out-of-band interaction | 2024https://cyberw1ng.medium.com/4-4-lab-blind-os-command-injection-with-out-of-band-interaction-2024-f9d0e7a1c7ac?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, hacking, cybersecurity, careers, bug-bounty21-Jan-2024
Making My First 10K by Hacking Open Source Targetshttps://infosecwriteups.com/making-my-first-10k-by-hacking-open-source-targets-14ee1e9eeb70?source=rss------bug_bounty-5SynapticSpacebug-bounty, foss, cybersecurity, hacking21-Jan-2024
Path traversalhttps://medium.com/@codersqs/path-traversal-78cce0994e2d?source=rss------bug_bounty-5Codersqsethical-hacking, server-side-rendering, bug-bounty, ssrf-bug, directory-traversal21-Jan-2024
Exploiting SSRF in PDF HTML Injection: Basic and Blindhttps://medium.com/@jbince/exploiting-ssrf-in-pdf-html-injection-basic-and-blind-047fec5317ae?source=rss------bug_bounty-5Jowardbug-bounty, ssrf, hacking, web-app-security, pentesting21-Jan-2024
Exploiting SSRF in PDF HTML Injection: Basic and Blindhttps://infosecwriteups.com/exploiting-ssrf-in-pdf-html-injection-basic-and-blind-047fec5317ae?source=rss------bug_bounty-5Jowardbug-bounty, ssrf, hacking, web-app-security, pentesting21-Jan-2024
China Implements Stringent Cybersecurity Regulations: Makers Urged to Swiftly Report…https://jareddouville.medium.com/china-implements-stringent-cybersecurity-regulations-makers-urged-to-swiftly-report-673f99696750?source=rss------bug_bounty-5Jared Douvillechina-hackers, cyber-security-awareness, bug-bounty, zero-day, china20-Jan-2024
How I Bypassed CSRF Token — 2 Wayshttps://medium.com/mii-cybersec/how-i-bypassed-csrf-token-2-ways-b87ac04969a8?source=rss------bug_bounty-5Bryan Matthewcsrf-bypass, red-team, bug-bounty, penetration-testing, csrf20-Jan-2024
Stored DOM XSShttps://medium.com/@marduk.i.am/stored-dom-xss-c7c9c972d086?source=rss------bug_bounty-5Marduk I Amportswigger-lab, dom-xss, bug-bounty, cybersecurity, cross-site-scripting20-Jan-2024
The art of account takeoverhttps://medium.com/@iknowhatodo/the-art-of-account-takeover-ec5f9a29c436?source=rss------bug_bounty-5Hossam Ahmedaccount-takeover, information-security, bug-bounty20-Jan-2024
Securing AWS: Understanding EC2 IMDS Vulnerabilities and Learning from the Capital One Breachhttps://kishoreramk.medium.com/securing-aws-understanding-ec2-imds-vulnerabilities-and-learning-from-the-capital-one-breach-6f753e06cd66?source=rss------bug_bounty-5KISHORERAMaws-ec2, aws-s3, cybersecurity, aws, bug-bounty20-Jan-2024
Login DoS — That requires simply sending a lot of specially crafted requestshttps://infosecwriteups.com/login-dos-that-requires-simply-sending-a-lot-of-specially-crafted-requests-2ca927c628dd?source=rss------bug_bounty-5Shriyans Sudhibug-bounty, hackerone, penetration-testing, cybersecurity, web-hacking20-Jan-2024
921$ Privilege Escalation: Unauthorized User Addition to Shared APP Connectionshttps://infosecwriteups.com/921-privilege-escalation-unauthorized-user-addition-to-shared-app-connections-0780134d6cf1?source=rss------bug_bounty-5Abhi Sharmaprivilege-escalation, hacking, cybersecurity, programming, bug-bounty20-Jan-2024
4.3 Lab: Blind OS command injection with output redirection | 2024https://cyberw1ng.medium.com/4-3-lab-blind-os-command-injection-with-output-redirection-2024-d92f52f139b4?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, bug-bounty, cybersecurity, security20-Jan-2024
Boosting Your Income: My Journey with Side Hustles in Cybersecurityhttps://medium.com/@himanshu_mahajan/boosting-your-income-my-journey-with-side-hustles-in-cybersecurity-8cc088c92469?source=rss------bug_bounty-5Himanshu Mahajanside-hustle, security, technology, bug-bounty, cybersecurity20-Jan-2024
How To Hide Any Payload: Day 3/100 Of Gaining Hacking Knowledgehttps://medium.com/@ssg30devil/how-to-hide-any-payload-day-3-100-of-gaining-hacking-knowledge-002c4adb328b?source=rss------bug_bounty-5rootzsbug-bounty-tool, bug-bounty, bug-bounty-tips, hacking19-Jan-2024
Dangling CNAME/Orphaned CNAME leads P2 on Google VRPhttps://medium.com/@jerryhackgather/dangling-cname-orphaned-cname-leads-p2-on-google-vrp-fca8964d983c?source=rss------bug_bounty-5Jerry1319bug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity19-Jan-2024
Penetration Testing Techniqueshttps://anticitizenone.medium.com/penetration-testing-techniques-5eaf254fc5e6?source=rss------bug_bounty-5Rodolfo Santos Flaboreablue-team, purple-team, red-team, pentesting, bug-bounty19-Jan-2024
Best Recon Website For BugBounty in 2024, I came across! Completely Free 🙂https://medium.com/@Ajakcybersecurity/best-recon-website-for-bugbounty-in-2024-i-came-across-completely-free-303d67187400?source=rss------bug_bounty-5AjakCybersecurityblogging, cybersecurity, penetration-testing, ethical-hacking, bug-bounty19-Jan-2024
Authentication Bypass | Part 05 | What To Do After Choosing a Targethttps://medium.com/@omarora1603/authentication-bypass-part-05-what-to-do-after-choosing-a-target-31eddc38029c?source=rss------bug_bounty-5Om Arorahacking, cybersecurity, bug-bounty, technology, infosec19-Jan-2024
4.2 Lab: Lab: Blind OS command injection with time delays | 2024https://cyberw1ng.medium.com/4-2-lab-lab-blind-os-command-injection-with-time-delays-2024-042ad98c27e6?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, careers, bug-bounty, security19-Jan-2024
IDOR To Massive Government Data Leakhttps://bishal0x01.medium.com/idor-to-massive-government-data-leak-e8ad510d7e5?source=rss------bug_bounty-5Bishal Shresthabug-bounty, information-security, writeup, data-leak19-Jan-2024
Authentication Bypass | Part 05 | What To Do After Choosing a Targethttps://infosecwriteups.com/authentication-bypass-part-05-what-to-do-after-choosing-a-target-31eddc38029c?source=rss------bug_bounty-5Om Arorahacking, cybersecurity, bug-bounty, technology, infosec19-Jan-2024
IDOR Vulnerability Allowing Unauthorized Access to Colleagues’ Bachelor Theseshttps://medium.com/@mr_payload_injector/idor-vulnerability-allowing-unauthorized-access-to-colleagues-bachelor-theses-8c76c4ec4480?source=rss------bug_bounty-5Mr_Payload_Injectorcybersecurity, ethical-hacking, bug-bounty-writeup, bug-bounty, bug-bounty-tips19-Jan-2024
#ERROR!https://medium.com/@Xt3sY/500-internal-server-bypass-everything-will-be-200-okay-bcd149397736?source=rss------bug_bounty-5Pushkar Bhagathackerone, hacking, bugcrowd, exploitation, bug-bounty19-Jan-2024
How I Bypassed CSRF Token — 2Wayshttps://medium.com/@bmatth21/how-i-bypassed-csrf-token-2ways-5662b4191188?source=rss------bug_bounty-5Bryan Matthewpenetration-testing, csrf-protection, csrf, bug-bounty, csrf-token19-Jan-2024
Roadmap to Cybersecurity Mastery: A Guide for Aspiring IT Professionalshttps://ikhaleelkhan.medium.com/roadmap-to-cybersecurity-mastery-a-guide-for-aspiring-it-professionals-b2f2e6cc9641?source=rss------bug_bounty-5Khaleel Khanhacking, infosec, cybersecurity, ethical-hacking, bug-bounty18-Jan-2024
AWS/S3 Subdomain Takeoverhttps://medium.com/@scottlindh/aws-s3-subdomain-takeover-79d705cc3553?source=rss------bug_bounty-5Scott Lindhpentesting, hacking, hacking-tools, bug-bounty, bug-bounty-tips18-Jan-2024
Exploiting vulnerabilities in LLM APIs [OS injection]https://medium.com/@s_novoselov/exploiting-vulnerabilities-in-llm-apis-os-injection-b7d31c803d1d?source=rss------bug_bounty-5Serj Novoselovllm, penetration-testing, bug-bounty, ai, hacking18-Jan-2024
Brutal Bug Bounty methodologyhttps://medium.com/@pentajbr/brutal-bug-bounty-methodology-f872d0c1b8da?source=rss------bug_bounty-5Major Jbrbug-bounty-tips, bug-bounty18-Jan-2024
Secret Input Header leads to Password Reset Poisoninghttps://medium.com/@mares.viktor/secret-input-header-leads-to-password-reset-poisoning-ad3081fd8488?source=rss------bug_bounty-5Viktor Maresbug-bounty, penetration-testing, hacking, web-development, cybersecurity18-Jan-2024
Business Logic: Bypass 2FA to ATOhttps://giongfnef.medium.com/business-logic-bypass-2fa-to-ato-e0dc7131b10e?source=rss------bug_bounty-5Giongnefsecurity, bug-bounty, cybersecurity, information-security, pentesting18-Jan-2024
Finding Secret Key Inside React Native Appshttps://aminudin.medium.com/finding-secret-key-inside-react-native-apps-9eb6beac02f8?source=rss------bug_bounty-5Aminudinbug-bounty, bugs, bug-bounty-tips18-Jan-2024
Blind OS command injection vulnerabilities in Portswigger | 2024https://cyberw1ng.medium.com/blind-os-command-injection-vulnerabilities-in-portswigger-2024-cdc10f62d0be?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, careers, hacking, bug-bounty18-Jan-2024
Master Bug Bounty Hunting Coursehttps://medium.com/@teamhydrashop/master-bug-bounty-hunting-course-ea3615f1160b?source=rss------bug_bounty-5Team Hydra Shoptool-hack-xổ-số, bug-fixes, bug-bounty, penetration-testing, hacking-tools18-Jan-2024
What is Cyberkill Chain (My first Interview Question of my carrier)https://akash-venky091.medium.com/what-is-cyberkill-chain-my-first-interview-question-of-my-carrier-e1cc6351a24b?source=rss------bug_bounty-5Akash Venkysecurity, bug-bounty, cybersecurity, information-technology, pentesting18-Jan-2024
How I Automatically Generate XSS Payload & Automate Reflected XSShttps://medium.com/@Ajakcybersecurity/how-i-automatically-generate-xss-payload-automate-reflected-xss-91f4a232cd78?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, ethical-hacking, xss-attack, bug-bounty, penetration-testing18-Jan-2024
Is PNPT Certification Worth It for a Cybersecurity Job? Exploring PNPT!https://medium.com/@Ajakcybersecurity/is-pnpt-certification-worth-it-for-a-cybersecurity-job-exploring-pnpt-8fa13a194fe4?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, hacking, certification, cybersecurity18-Jan-2024
A Best $5 Spent in My Entire Cybersecurity Journeyhttps://medium.com/@Ajakcybersecurity/a-best-5-spent-in-my-entire-cybersecurity-journey-baf09ae710d0?source=rss------bug_bounty-5AjakCybersecurityhacking, tryhackme, bug-bounty, cybersecurity, ethical-hacking18-Jan-2024
CSRF vulnerabilityhttps://medium.com/@os1764934/csrf-vulnerability-ebfbbe6dd81c?source=rss------bug_bounty-5Omar Samybug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips18-Jan-2024
Hydra Tryhackme: Walkthrough/Writeuphttps://proviesec.medium.com/hydra-tryhackme-walkthrough-writeup-784db55ab9a9?source=rss------bug_bounty-5Proviesechydra, tryhackme-walkthrough, cybersecurity, bug-bounty, tryhackme18-Jan-2024
Things should do after sublister(sublist3r)https://medium.com/@canonminibeast/things-should-do-after-sublister-sublist3r-90176a020409?source=rss------bug_bounty-5Canonminibeastbug-bounty, cybersecurity, sublist3r, web-development, web-pen-testing18-Jan-2024
Exploiting LLM APIs with excessive agencyhttps://jareddouville.medium.com/exploiting-llm-apis-with-excessive-agency-979d87a9937e?source=rss------bug_bounty-5Jared Douvilleportswigger-lab, bug-bounty, cyber-security-awareness, hackerone, llm18-Jan-2024
easy bug = big bounty | easy and small bug can give you a big bounty and Reputationhttps://medium.com/@no_oneee/easy-bug-big-bounty-easy-and-small-bug-can-give-you-a-big-bounty-and-reputation-08534a90d2e6?source=rss------bug_bounty-5no|onebug-bounty, hacking, bug-bounty-tips, information-security, bugs18-Jan-2024
Accessing deleted comment for $$: A Bug Bounty Writeuphttps://vijetareigns.medium.com/accessing-deleted-comment-for-a-bug-bounty-writeup-95d56662d209?source=rss------bug_bounty-5the_unlucky_guybug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips, writeup17-Jan-2024
Understanding and Mitigating Authentication Bypass Techniques in Web Applicationshttps://ikhaleelkhan.medium.com/understanding-and-mitigating-authentication-bypass-techniques-in-web-applications-d72795f469be?source=rss------bug_bounty-5Khaleel Khanhacking, bug-bounty, infosec, infosecurity, ethical-hacking17-Jan-2024
Best Hacking OSINT Site list in 2024https://medium.com/@logicTech/best-hacking-osint-site-list-in-2024-768db84c55e3?source=rss------bug_bounty-5LogicTechhacking-tools, bug-bounty, hacking, osint-investigation, journalism17-Jan-2024
Why Web2 Vulnerabilities Need Addressing Before Embracing Web3 — Part 1https://medium.com/@resonance.security/why-web2-vulnerabilities-need-addressing-before-embracing-web3-part-1-e881424e216c?source=rss------bug_bounty-5Resonancebug-bounty, web3, blockchain17-Jan-2024
Phishing using Google Sheets for Red Team Engagementshttps://infosecwriteups.com/phishing-using-google-sheets-for-red-team-engagements-ac79298ddb90?source=rss------bug_bounty-5Supun Halangoda (Suppa)cybersecurity, phishing-attacks, phishing, information-security, bug-bounty17-Jan-2024
Privilege escalation via response manipulationhttps://seek-er.medium.com/privilege-escalation-via-response-manipulation-e2ed5076b023?source=rss------bug_bounty-5Vikybug-bounty-writeup, hacking, web-application-security, bug-bounty, security17-Jan-2024
1 Program, 4 Business Logic Bugs and Cashing in 2300$.https://infosecwriteups.com/1-program-4-business-logic-bugs-and-cashing-in-2300-299b42236993?source=rss------bug_bounty-5Manav Bankatwalabounty-hunter, information-security, bug-bounty, appreciation, cybersecurity17-Jan-2024
3.6 Lab: File path traversal, validation of file extension with null byte bypass | 2024https://cyberw1ng.medium.com/3-6-lab-file-path-traversal-validation-of-file-extension-with-null-byte-bypass-2024-ccf8005b5379?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, careers, bug-bounty, hacking, cybersecurity17-Jan-2024
Shall I Start Bug Bounty Without Cybersecurity Basics in 2024?https://medium.com/@Ajakcybersecurity/shall-i-start-bug-bounty-without-cybersecurity-basics-in-2024-f62fa3ab1991?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, ethical-hacking, cybersecurity, hacking, bug-bounty17-Jan-2024
API_Security RoadMaphttps://akash-venky091.medium.com/api-security-roadmap-edb59a420b04?source=rss------bug_bounty-5Akash Venkycybersecurity, bug-bounty, vulnerability, information-technology, ethical-hacking16-Jan-2024
Extracting iOS IPA files Without Jailbreaking…!https://medium.com/@dhanush1895/extracting-ios-ipa-files-without-jailbreaking-6e7ee8e57ad7?source=rss------bug_bounty-5Daniel1895methodology, ios, bug-bounty-tips, bug-bounty, pentesting16-Jan-2024
Unleashing the Power of AutoRepeater: Automating Blind SQL Injection Detectionhttps://medium.com/@atikqur007/unleashing-the-power-of-autorepeater-automating-blind-sql-injection-detection-1b159ee81158?source=rss------bug_bounty-5Atik Rahmansql-injection, bug-bounty, blind-sql-injection, burpsuite-extension, cybersecurity16-Jan-2024
3.5 Lab: File path traversal, validation of start of path | 2024https://cyberw1ng.medium.com/3-5-lab-file-path-traversal-validation-of-start-of-path-2024-9b2b9b4f15d7?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, cybersecurity, hacking, careers16-Jan-2024
How to Discovered IDOR from a Blank Page — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-to-discovered-idor-from-a-blank-page-bug-bounty-tuesday-5af784533d1a?source=rss------bug_bounty-5kerstantechnology, programming, bug-bounty, cybersecurity16-Jan-2024
GUI Bug Bounty Tool To Find Easy P1s in 2024https://medium.com/@Ajakcybersecurity/gui-bug-bounty-tool-to-find-easy-p1s-in-2024-24d05dceba72?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, ethical-hacking, github, penetration-testing, bug-bounty16-Jan-2024
Secret Bug bounty Extension all Hackers Forget To Add. Part-2 (Not Common!)‍https://medium.com/@Ajakcybersecurity/secret-bug-bounty-extension-all-hackers-forget-to-add-part-2-not-common-e29d857f90e0?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, extension, cybersecurity, hacking, bug-bounty16-Jan-2024
Extensions I Use For My Bug Bounty Hunting in 2024, Part-1. ‍https://medium.com/@Ajakcybersecurity/extensions-i-use-for-my-bug-bounty-hunting-in-2024-part-1-5b8ba7501408?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, blog, hacking, bug-bounty, ethical-hacking16-Jan-2024
A Digital Date with a Hacker: A Café WiFi Adventure!https://medium.com/@Ajakcybersecurity/a-digital-date-with-a-hacker-a-caf%C3%A9-wifi-adventure-db7ae98bbd90?source=rss------bug_bounty-5AjakCybersecuritydigital-forensics, cybersecurity, bug-bounty, hacking, blog16-Jan-2024
What can a Hacker do with your IP Address? Track Your Location?https://medium.com/@Ajakcybersecurity/what-can-a-hacker-do-with-your-ip-address-track-your-location-f7854cd5c32f?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, cybersecurity, blog, digital-forensics, bug-bounty16-Jan-2024
Top 5 Sites to Improve Your Hacking Skill IN 2024https://medium.com/@Ajakcybersecurity/top-5-sites-to-improve-your-hacking-skill-in-2024-b9e786eb7adb?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, blog, cybersecurity, bug-bounty, hacking16-Jan-2024
Day 2/100 Of Gaining Hacking Knowledge — Easily change IP, Mac, DNS, Log killer, and more…….https://medium.com/@ssg30devil/day-2-100-of-gaining-hacking-knowledge-easily-change-ip-mac-dns-log-killer-and-more-7d286c7b7647?source=rss------bug_bounty-5rootzsbug-bounty, ethical-hacking, 100daychallenge, cybersecurity, git-tool16-Jan-2024
Web Security Academy — Business Logic Vulnerabilities Walkthroughhttps://iaraoz.medium.com/web-security-academy-business-logic-vulnerabilities-walkthrough-536f756cda9b?source=rss------bug_bounty-5Israel Aráoz Severichecybersecurity, owasp, vulnerability, appsec, bug-bounty16-Jan-2024
Demystifying Reflected XSS: Understanding and Mitigating This Common Web Security Vulnerabilityhttps://medium.com/@j0hnw1ck/demystifying-reflected-xss-understanding-and-mitigating-this-common-web-security-vulnerability-beaa3bb058c5?source=rss------bug_bounty-5J0hn W1ckbug-bounty, cybersecurity, web-development, pentesting, hacking16-Jan-2024
Bug Zero at a Glance [16–31 December]https://blog.bugzero.io/bug-zero-at-a-glance-16-31-december-d722a2b76ed4?source=rss------bug_bounty-5Januka Dharmapriyanewsletter, bug-bounty, bug-zero, sri-lanka, cybersecurity15-Jan-2024
How Apple Scammed Me Out Of $50,000 in their Bug Bounty Program (Silent Patching & Ignoring Me)https://medium.com/@just4g3nt/how-apple-scammed-me-out-of-50-000-in-their-bug-bounty-program-silent-patching-ignoring-me-18455a47a1f6?source=rss------bug_bounty-5Random Userbug-bounty, infosec, apple, scam, cybersecurity15-Jan-2024
Unrestricted File Upload Lead to Stored XSS at Microsoft main domainhttps://medium.com/@cavdarbashas/unrestricted-file-upload-lead-to-stored-xss-at-microsoft-main-domain-baa9cadac6bd?source=rss------bug_bounty-5Sokol Çavdarbashabug-bounty, penetration-testing, technology, web-security, ethical-hacking15-Jan-2024
HackenProof bug bounty campaign is now livehttps://dexenetwork.medium.com/hackenproof-bug-bounty-campaign-is-now-live-bf9bc5ddd6d1?source=rss------bug_bounty-5DeXe Protocolsecurity, dao, bug-bounty, defi15-Jan-2024
100-day Challenge Day 1/100 Ethical Hacking Knowledgehttps://medium.com/@ssg30devil/100-day-challenge-day-1-100-ethical-hacking-knowledge-9b0625a8e835?source=rss------bug_bounty-5rootzs100daychallenge, ethical-hacking, useful-websites, bug-bounty, most-useful-websites15-Jan-2024
Reflected DOM XSShttps://medium.com/@marduk.i.am/reflected-dom-xss-fdf60de841cb?source=rss------bug_bounty-5Marduk I Amportswigger-lab, bug-bounty, cybersecurity, cross-site-scripting, dom-xss15-Jan-2024
SMTP Server (JAMES SMTP Server 2.3.2)https://medium.com/@akshadjoshi/smtp-server-james-smtp-server-2-3-2-ad934435f021?source=rss------bug_bounty-5Akshad Joshismtp, bug-bounty, pentesting, hackthebox15-Jan-2024
Streamlining Vulnerability Hunting for Bug Bounty and pentestershttps://medium.com/@k-binsaeed/streamlining-vulnerability-hunting-for-bug-bounty-and-pentesters-81e77b3ab7d9?source=rss------bug_bounty-5NumLocK15bug-bounty, vulnerability, cybersecurity, pentesting15-Jan-2024
How I Used A Simple Python Script to Exploit a Vulnerable Google API Key.https://medium.com/@gradillagustavo87/how-i-used-a-simple-python-script-to-exploit-a-vulnerable-google-api-key-475b4fcaf895?source=rss------bug_bounty-5Gustavo Gradillahacking-tools, bug-bounty-writeup, bug-bounty, google15-Jan-2024
How I Automate Finding Amazon S3 Buckets Using A Simple Python Scripthttps://medium.com/@gradillagustavo87/how-i-automate-finding-amazon-s3-buckets-using-a-simple-python-script-c1a7c11a8b52?source=rss------bug_bounty-5Gustavo Gradillacybersecurity, hacking-tools, ethical-hacking, bug-bounty, hacking15-Jan-2024
S3 Bucket takeover with simple technique lead to $$$https://medium.com/@adhaamsayed3/s3-bucket-takeover-with-simple-technique-lead-to-0fc0b89eeecb?source=rss------bug_bounty-5Adham sayed (doosec101)web-app-pentesting, bug-bounty, hacker, hackerone, mobile-app-testing15-Jan-2024
3.3 Lab: File path traversal, traversal sequences stripped non-recursively | 2024https://cyberw1ng.medium.com/3-3-lab-file-path-traversal-traversal-sequences-stripped-non-recursively-2024-5dd6b7d227e6?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, security, hacking, careers14-Jan-2024
Logical Error leads to DOS for victimhttps://medium.com/@tanyago/logical-error-leads-to-dos-for-victim-8e4f6d18ae90?source=rss------bug_bounty-5Tanya Goyalbug-bounty-tips, bug-bounty-writeup, bug-hunting, bug-bounty14-Jan-2024
How to Nail a Perfect Bug Reporthttps://medium.com/@nambiarjishnu1210/how-to-nail-a-perfect-bug-report-b619690779a7?source=rss------bug_bounty-5Jishnu Nambiarsoftware-testing, automation, bug-bounty, testing, quality-assurance14-Jan-2024
Bug Bounty: The Ultimate Guide For Beginnershttps://medium.com/@securelearn/bug-bounty-the-ultimate-guide-for-beginners-92bd470b5c02?source=rss------bug_bounty-5RGsecure-learn, bug-bounty-tips, cybersecurity, hacking, bug-bounty14-Jan-2024
Elevate your Expertise: Key Cybersec Certifications 2k24https://thethreatcops.medium.com/elevate-your-expertise-key-cybersec-certifications-2k24-7a025f5566f4?source=rss------bug_bounty-5the threat copsinformation-security, hacking, career-development, bug-bounty, cybersecurity14-Jan-2024
Exploring the Web’s Hidden Corners with DorkDive: A Google Dorking Tool for Tech Enthusiastshttps://infosecwriteups.com/exploring-the-webs-hidden-corners-with-dorkdive-a-google-dorking-tool-for-tech-enthusiasts-c66816493c76?source=rss------bug_bounty-5Incoggeekpython, cybersecurity, bug-bounty, tools, hacking14-Jan-2024
Mastering Cybersecurity: A Deep Dive into Optimal Attack Surface Management for Public Bug Bounty…https://cyberarafat.medium.com/mastering-cybersecurity-a-deep-dive-into-optimal-attack-surface-management-for-public-bug-bounty-0eb182577c4c?source=rss------bug_bounty-5Arafat Ashrafi Talhaethical-hacking, bug-bounty-tips, bug-bounty, penetration-testing, cybersecurity14-Jan-2024
Layer 5: Bug Bountieshttps://medium.com/@triweisec/layer-5-bug-bounties-f67b2cbdf413?source=rss------bug_bounty-5TriWei.iobug-bounty, web3, blockchain-security, ethical-hacking, vulnerability-assessment14-Jan-2024
ExamSys — Multiple SQL Injectionshttps://fh4ntke.medium.com/examsys-multiple-sql-injections-ef94d84e440c?source=rss------bug_bounty-5FHantkeweb-development, technology, hacking, open-source, bug-bounty14-Jan-2024
How to set up a new Kali Linux virtual machine for Studying | Practicing | Bug Bounty ?https://medium.com/@recepbalibey/how-to-set-up-a-new-kali-linux-virtual-machine-for-studying-practicing-bug-bounty-6ec16222c294?source=rss------bug_bounty-5Recep Balıbeyvirtual-machine, kali-linux, ctf, bug-bounty, cybersecurity14-Jan-2024
Vulnerable Web Applications For Training and Testing Your New Toolshttps://medium.com/@eclectic-security/vulnerable-web-applications-for-training-and-testing-your-new-tools-e2411942edb2?source=rss------bug_bounty-5Eclectic Securitybug-bounty, software-development, cybersecurity, training, penetration-testing14-Jan-2024
Mass Hunting Blind XSS — Practical Techniqueshttps://infosecwriteups.com/mass-hunting-blind-xss-practical-techniques-182c422d773e?source=rss------bug_bounty-5Ott3rlybug-bounty-writeup, xss-vulnerability, cross-site-scripting, bug-bounty, cybersecurity14-Jan-2024
What is Bug Bounty Huntinghttps://medium.com/@chaudharyrohit644/what-is-bug-bounty-hunting-d2571271d612?source=rss------bug_bounty-5Rohit Chaudharybug-bounty14-Jan-2024
PII Data Leakage via Directory Listinghttps://medium.com/@fixthis1000time/pii-data-leakage-via-directory-listing-2a5ff7554cdc?source=rss------bug_bounty-5fixthi$infosec, cybersecurity, ethical-hacking, bug-bounty, hacking14-Jan-2024
User Enumeration in the login processhttps://medium.com/@majix_de/user-enumeration-in-the-login-process-a43a248ac70d?source=rss------bug_bounty-5Majixctf, bug-bounty, pentesting, hacking, penetration-testing14-Jan-2024
HackTheBox — Server-side Request Forgery (SSRF) Overviewhttps://medium.com/@harry.hphu/hackthebox-server-side-request-forgery-ssrf-overview-e55ef94ac435?source=rss------bug_bounty-5Huy Phubug-bounty, web-security, hackthebox, owasp-top-10, ssrf13-Jan-2024
What is SQL Injection and how SQL queries work in databasehttps://mrunknown124154.medium.com/what-is-sql-injection-and-how-sql-queries-work-in-database-6971f1729aed?source=rss------bug_bounty-5Mr Abdullahhacking, cyber-security-awareness, bug-bounty, sql-injection, web-hacking13-Jan-2024
Easy way to find RCE via SSTI(server side template injection)https://medium.com/@jeetpal2007/easy-way-to-find-rce-via-ssti-server-side-template-injection-b5f664ddf427?source=rss------bug_bounty-5JEETPALrce, bug-bounty, easy, bugs, ssti13-Jan-2024
DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encodedhttps://medium.com/@marduk.i.am/dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-62bc9a167c8e?source=rss------bug_bounty-5Marduk I Amcross-site-scripting, angularjs, dom-xss, bug-bounty, portswigger-lab13-Jan-2024
mistakes bug bounty hunters fall on it | the key of bug bounty |best advice for 2024https://medium.com/@no_oneee/hello-48e0488f6fa4?source=rss------bug_bounty-5no|oneinformation-security, bugs, bug-bounty-tips, cybersecurity, bug-bounty13-Jan-2024
3.2 Lab: File path traversal, traversal sequences blocked with absolute path bypass | 2024https://cyberw1ng.medium.com/3-2-lab-file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass-2024-b1eb44cf3151?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, security, hacking, cybersecurity13-Jan-2024
Regeneration of API key by low level user: 500$ Access Control bughttps://medium.com/@a13h1/regeneration-of-api-key-by-low-level-user-500-access-control-bug-87c76b9b5842?source=rss------bug_bounty-5Abhi Sharmabug-bounty, cybersecurity, hacking, api, programming13-Jan-2024
3.2 Lab: File path traversal, traversal sequences blocked with absolute path bypass | 2024https://systemweakness.com/3-2-lab-file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass-2024-b1eb44cf3151?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, security, hacking, cybersecurity13-Jan-2024
Burp Suite — Download, Set up and Get Going!https://medium.com/@eclectic-security/burp-suite-download-set-up-and-get-going-a58ba7daf678?source=rss------bug_bounty-5Eclectic Securitybug-bounty, tools, cyber-security-training, penetration-testing, burpsuite13-Jan-2024
DOM-Based XSS: Understanding and Mitigating a Stealthy Attack Vectorhttps://medium.com/@ravensec93/dom-based-xss-understanding-and-mitigating-a-stealthy-attack-vector-71ebc56806aa?source=rss------bug_bounty-5Raven Securitybug-bounty, web-security, cybersecurity, xss-attack, hacking13-Jan-2024
Weird bug to steal users credentialshttps://medium.com/@fuadahmad062/weird-bug-to-steal-users-credentials-5e80c5d4565f?source=rss------bug_bounty-5von001bug-bounty-tips, bug-bounty, content-spoofing12-Jan-2024
Forget Blockers, Own Your Freedom: SquareXhttps://tanishqshahsays.medium.com/forget-blockers-own-your-freedom-squarex-4e4d6a845fe8?source=rss------bug_bounty-5Tanishq Sachin Shahbug-bounty, squarex, security, cybersecurity, privacy12-Jan-2024
Mass Hunting Blind XSS — Initial Setuphttps://ott3rly.medium.com/mass-hunting-blind-xss-initial-setup-7fc5c1898999?source=rss------bug_bounty-5Ott3rlyxs, info-sec-writeups, blind-xss, bug-bounty, cross-site-scripting12-Jan-2024
The DeXe Protocol’s Bug Bounty Campaignhttps://dexenetwork.medium.com/the-dexe-protocols-bug-bounty-campaign-a68e960c36cd?source=rss------bug_bounty-5DeXe Protocoldefi, bug-bounty, smart-contracts, dao, security12-Jan-2024
tRPC Security Research: Hunting for Vulnerabilities in Modern APIshttps://medium.com/@LogicalHunter/trpc-security-research-hunting-for-vulnerabilities-in-modern-apis-b0d38e06fa71?source=rss------bug_bounty-5Borna Nematzadehbug-bounty-writeup, bug-bounty, web-security, security-research, api-security12-Jan-2024
Mass Hunting Blind XSS — Initial Setuphttps://infosecwriteups.com/mass-hunting-blind-xss-initial-setup-7fc5c1898999?source=rss------bug_bounty-5Ott3rlyxs, info-sec-writeups, blind-xss, bug-bounty, cross-site-scripting12-Jan-2024
The DeXe Protocol’s Bug Bounty Campaign announcementhttps://dexenetwork.medium.com/the-dexe-protocols-bug-bounty-campaign-a68e960c36cd?source=rss------bug_bounty-5DeXe Protocoldefi, bug-bounty, smart-contracts, dao, security12-Jan-2024
Unraveling the Mysteries of Zoo Services: Feign magic uncoveredhttps://medium.com/@boltaevt/unraveling-the-mysteries-of-zoo-services-feign-magic-uncovered-3d45d211fdec?source=rss------bug_bounty-5@boltaevtbug-bounty, spring-boot, java, microservices, feign12-Jan-2024
Unveiling Vulnerabilities: Loose Permissions in Salesforce Lightning Pose Data Security Threatshttps://samshadow.medium.com/unveiling-vulnerabilities-loose-permissions-in-salesforce-lightning-pose-data-security-threats-41eaba372937?source=rss------bug_bounty-5Sam Shadowbug-bounty-writeup, infosec, salesforce-lightning, bug-bounty, bug-bounty-tips12-Jan-2024
Common obstacles to exploiting path traversal vulnerabilities | 2024https://cyberw1ng.medium.com/common-obstacles-to-exploiting-path-traversal-vulnerabilities-2024-204fd57566f5?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, security, hacking, cybersecurity, careers12-Jan-2024
Holy Ffuf Unleashing Rapid Wealth with a 15-Minute $$$ Twisthttps://medium.com/@Xt3sY/holy-ffuf-unleashing-rapid-wealth-with-a-15-minute-twist-8fada0cc72ba?source=rss------bug_bounty-5Pushkar Bhagathacker101, bug-bounty, hackerone, hacker12-Jan-2024
SQL INJECTION FUNDAMENTALS_HACK THE BOXhttps://medium.com/@romimkhan5588/sql-injection-fundamentals-hack-the-box-d22cde7a7198?source=rss------bug_bounty-5root 28hacking, bug-bounty, cybersecurity, hackthebox, sql-injection12-Jan-2024
Account Takeover via password reset without user interactions (CVE-2023–7028)https://0xweb01.medium.com/account-takeover-via-password-reset-without-user-interactions-cve-2023-7028-cbd2e675992e?source=rss------bug_bounty-50xweb01cve, zero-day, bug-bounty, security12-Jan-2024
Holy Ffuf easy Bounty in 15 minshttps://medium.com/@Xt3sY/holy-ffuf-unleashing-rapid-wealth-with-a-15-minute-twist-8fada0cc72ba?source=rss------bug_bounty-5Pushkar Bhagathacker101, bug-bounty, hackerone, hacker12-Jan-2024
Bug Bountyhttps://medium.com/@pdinukanth/bug-bounty-b1843c8676b3?source=rss------bug_bounty-5Pdinukanthbug-bounty11-Jan-2024
IDN Homograph Attack - Reborn of the Rare Casehttps://shahjerry33.medium.com/idn-homograph-attack-reborn-of-the-rare-case-99fa1e342352?source=rss------bug_bounty-5Jerry Shah (Jerry)pentesting, bug-bounty, infosec, cybersecurity, vulnerability11-Jan-2024
Art of External Network Penetration Testing – Phase First: Preparationhttps://medium.com/@pentesterman/introduction-with-the-rapidly-developing-technologies-in-the-digital-world-the-security-measures-c21d0f62c48f?source=rss------bug_bounty-5Sevban Dönmezcybersecurity, external-pentest, bug-bounty, web-application-security, pentest-preparation11-Jan-2024
2.12 Lab: Password brute-force via password change | 2024https://cyberw1ng.medium.com/2-12-lab-password-brute-force-via-password-change-2024-94a39239f98e?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, cybersecurity, hacking, careers11-Jan-2024
How I discovered a Critical Vulnerability during a Pentest : IDOR to Privilege Escalationhttps://medium.com/@ravindu.lakmina1/how-i-discovered-a-critical-vulnerability-during-a-pentest-idor-to-privilege-escalation-937230b06e62?source=rss------bug_bounty-5Ravindu Lakminaethical-hacking, hacking, bug-bounty, penetration-testing, cybersecurity11-Jan-2024
Windows Exploitation Learning Path in TryHackMehttps://mrshan.medium.com/windows-exploitation-learning-path-in-tryhackme-8fa680daa775?source=rss------bug_bounty-5MR SHANtryhackme-writeup, cybersecurity, tryhackme-walkthrough, bug-bounty, tryhackme11-Jan-2024
How I got my first bug bountyhttps://medium.com/@b1ayn/how-i-got-my-first-bug-bounty-8772d41bccba?source=rss------bug_bounty-5B1aynbugcrowd, pentesting, hackerone, bug-bounty11-Jan-2024
How I Earned My First Bug Bounty Reward of $600https://medium.com/@zikola1/how-i-earned-my-first-bug-bounty-reward-of-600-14c268f94bbd?source=rss------bug_bounty-5Abdulrahman badawipenetration-testing, bug-bounty-writeup, bug-bounty, bug-bounty-tips, web-application-security11-Jan-2024
Skills Needed For Bug Bounty Part 2https://medium.com/@joshdesharnais1/skills-needed-for-bug-bounty-part-2-2f6897aa3390?source=rss------bug_bounty-5Joshua Desharnaisexploitation, bug-bounty-tips, bug-bounty11-Jan-2024
Hacking my college intranet (Bug Bounty)https://medium.com/@boogsta/hacking-my-college-intranet-8f77f5d8fe60?source=rss------bug_bounty-5Boogstacybersecurity, bug-bounty, hacking, cyber, bug-bounty-tips10-Jan-2024
How I Helped Indonesian Startup Company to Prevent Millions of PII Data Leakshttps://medium.com/@blackarazi/how-i-helped-indonesian-startup-company-to-prevent-millions-of-pii-data-leaks-55ef3edbd35d?source=rss------bug_bounty-5Azhari Harahapbug-bounty-writeup, pii, application-security, api-security, bug-bounty10-Jan-2024
Everything About Launching and Managing Your Bug Bounty Program (From a Former Triager)https://utkusen.medium.com/everything-about-launching-and-managing-your-bug-bounty-program-from-a-former-triager-e244105a31c6?source=rss------bug_bounty-5Utku Şencybersecurity, bug-bounty-tips, hackerone, bug-bounty10-Jan-2024
Businesses That Still Are Accepting Brute Force Vulnerabilities as Low Impact Need to Reconsiderhttps://malwarexhunt.medium.com/businesses-that-still-are-accepting-brute-force-vulnerabilities-as-low-impact-need-to-reconsider-c877f8b17ad3?source=rss------bug_bounty-5MalwareHuntertechnology, cybersecurity, bug-bounty, programming, penetration-testing10-Jan-2024
Bugs & JS :A Closer Look at JavaScript for Successful Bug Huntinghttps://anasbetis023.medium.com/bugs-js-a-closer-look-at-javascript-for-successful-bug-hunting-fddb0d796498?source=rss------bug_bounty-5Anas H Hmaidycybersecurity, bug-bounty, javascript, penetration-testing10-Jan-2024
A Beginner’s Guide to Bug Hunting: Your Passport to the World of Cybersecurityhttps://medium.com/@matsecurity/a-beginners-guide-to-bug-hunting-your-passport-to-the-world-of-cybersecurity-798cc4a1e76d?source=rss------bug_bounty-5MatSecbug-bounty, bug-bounty-tips, hackerone, cybersecurity, ethical-hacking10-Jan-2024
Daily Bug Bounty Writeupshttps://securitycipher.medium.com/daily-bug-bounty-writeups-2d754b87a546?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)hacking, technology, ai, security, bug-bounty09-Jan-2024
BYPASSING PAYMENTS IN APPLE FOR FREE TRAILS FOR LIFETIMEhttps://medium.com/@sam0-0/bypassing-payments-in-apple-for-free-trails-for-lifetime-8e3019dfe57b?source=rss------bug_bounty-5Sambug-bounty-writeup, bug-bounty, apple, apple-security09-Jan-2024
Bug Bounty prompt that can help you to find IDOR vulnerabilitieshttps://blog.gopenai.com/bug-bounty-prompt-that-can-help-you-to-find-idor-vulnerabilities-5a47fa5de44f?source=rss------bug_bounty-5aimasteridor, bug-bounty, bugbountyprompts, cybersecurity, chatgpt09-Jan-2024
Understanding Sherlock’s Smart Contract Coveragehttps://medium.com/@JohnnyTime/understanding-sherlocks-smart-contract-coverage-3eca7d9033bc?source=rss------bug_bounty-5Johnny Timesherlock, web3-security, audit-contest, bug-bounty, smart-contracts09-Jan-2024
How To Get A XSSI Bug In Bug Bounty— Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-to-get-a-xssi-bug-in-bug-bounty-bug-bounty-tuesday-7440b0caf32c?source=rss------bug_bounty-5kerstanbug-bounty, security, technology, programming, cybersecurity09-Jan-2024
Developed a Bug Bounty Calculatorhttps://medium.com/@chander.romesh/developed-a-bug-bounty-calculator-b8370e04b15a?source=rss------bug_bounty-5Romesh chanderinformation-security, infosec, pentesting, hacking, bug-bounty09-Jan-2024
Recon Nedir ve Kullanılan Araçlarhttps://medium.com/@eren.klai2/recon-nedir-ve-kullan%C4%B1lan-ara%C3%A7lar-bac6b28479e4?source=rss------bug_bounty-5ErenCataksubdomain, pentesting, subdomains-enumeration, bug-bounty, recon09-Jan-2024
Subdomain Bruteforce Toolhttps://0xshaheen.medium.com/subdomain-bruteforce-tool-9dd3cd673df6?source=rss------bug_bounty-5Shaheen Sikdersubdomains-enumeration, subdomain, bug-bounty, subdomain-bruteforce09-Jan-2024
Get All your Clickjacking Vulnerability Triaged with this Exploitation!https://medium.com/@Ajakcybersecurity/get-all-your-clickjacking-vulnerability-triaged-with-this-exploitation-95de8291e285?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, bug-bounty, cybersecurity, blog, clickjacking09-Jan-2024
A Straight 5-hour Escalation! Exploiting Boolean-Based SQL Injection.https://medium.com/@Ajakcybersecurity/a-straight-5-hour-escalation-exploiting-boolean-based-sql-injection-5d828fd3dacf?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, bug-bounty, cybersecurity, red-team, sql09-Jan-2024
How to Write A Bug Bounty Report Like a Pro!https://medium.com/@Ajakcybersecurity/how-to-write-a-bug-bounty-report-like-a-pro-a703034d095f?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, ethcial-hacking, hacking, cybersecurity09-Jan-2024
How To Report Bug In Indian Government Site?https://medium.com/@Ajakcybersecurity/how-to-report-bug-in-indian-government-site-3f104eb5c40b?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, bug-bounty, blog, india, cybersecurity09-Jan-2024
How To Check Whether Your Photo is Leaked In Online or Not?https://medium.com/@Ajakcybersecurity/how-to-check-whether-your-photo-is-leaked-in-online-or-not-286a9feeadbd?source=rss------bug_bounty-5AjakCybersecurityinvestigation, digital-forensics, blog, cybersecurity, bug-bounty09-Jan-2024
2.11 Lab: Password reset poisoning via middleware | 2024https://cyberw1ng.medium.com/2-11-lab-password-reset-poisoning-via-middleware-2024-862897c7fc77?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, careers, security, bug-bounty09-Jan-2024
Tricks I Do To Get Easy HOF and Bounty!https://medium.com/@Ajakcybersecurity/tricks-i-do-to-get-easy-hof-and-bounty-99d6158eb53e?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, penetration-testing, blog, cybersecurity, bug-bounty09-Jan-2024
How Much Was My First Bounty?https://medium.com/@Ajakcybersecurity/how-much-was-my-first-bounty-9c02df4b1958?source=rss------bug_bounty-5AjakCybersecurityhacking, ethical-hacking, cybersecurity, penetration-testing, bug-bounty09-Jan-2024
The Art and Science Behind Password Managershttps://medium.com/@paritoshblogs/the-art-and-science-behind-password-managers-fbf5fb9c7f99?source=rss------bug_bounty-5Paritoshinformation-security, cybersecurity, password-manager, hacking, bug-bounty08-Jan-2024
Top 13 Vulnerable Web Applications and Websites for Ethical Hacking Practicehttps://bytebusterx.medium.com/top-13-vulnerable-web-applications-and-websites-for-ethical-hacking-practice-1850c6163e89?source=rss------bug_bounty-5ByteBusterXbug-bounty, hacking, cybersecurity08-Jan-2024
Rapid Scan (Web Vulnerability Scanner)https://medium.com/@psychomong/rapid-scan-web-vulnerability-scanner-d164cefc3c9a?source=rss------bug_bounty-5psychomonghacking, bug-bounty, scanner, hackerone, python08-Jan-2024
2.10 Lab: Offline password cracking | 2024https://cyberw1ng.medium.com/2-10-lab-offline-password-cracking-2024-e730fb915f73?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, security, cybersecurity, hacking08-Jan-2024
Blind boolean-based SQLi, by manipulating urlhttps://medium.com/@zatikyan.sevada/blind-boolean-based-sqli-by-manipulating-url-96e1e086378c?source=rss------bug_bounty-5Zatikyan Sevadacybersecurity, sqlmap, bug-bounty, owasp, sql-injection08-Jan-2024
HTTP PARAMTER POLLUTION [TR]https://medium.com/@eren.klai2/http-paramter-pollution-tr-700e254be60e?source=rss------bug_bounty-5ErenCatakpentesting, bug-bounty, turkey, http-parameter-pollution, parameter-tampering08-Jan-2024
2.9 Lab: Brute-forcing a stay-logged-in cookie | 2024https://cyberw1ng.medium.com/2-9-lab-brute-forcing-a-stay-logged-in-cookie-2024-065110f81d48?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, security, cybersecurity, hacking, careers07-Jan-2024
Digital Forensics Investigation Report PDF- A Court Manner.https://medium.com/@Ajakcybersecurity/digital-forensics-investigation-report-pdf-a-court-manner-daaa24c60458?source=rss------bug_bounty-5AjakCybersecuritywireshark, bug-bounty, networking, digital-forensics, blog07-Jan-2024
Top Programming Languages You Need to Know In 2024https://medium.com/@Ajakcybersecurity/top-programming-languages-you-need-to-know-in-2024-372db341015f?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, cybersecurity, python, medium, programming07-Jan-2024
XSS (Cross-Site Scripting) Reports on codechef.comhttps://medium.com/@mr_sopyan/xss-cross-site-scripting-reports-on-codechef-com-1a674f9ba9d8?source=rss------bug_bounty-5Mr_Sopyancybersecurity, xss-attack, bug-bounty, it-security07-Jan-2024
How to match IOCs against SIEM logs ?https://medium.com/@paritoshblogs/how-to-match-iocs-against-siem-logs-9d61079d16c6?source=rss------bug_bounty-5Paritoshsiem, hacking, bug-bounty, cybersecurity, ioc07-Jan-2024
Paid Subscriptions Resources which will be useful for Ethical Hacking/Bug Bounty (No Promotion)…https://medium.com/@Ajakcybersecurity/paid-subscriptions-resources-which-will-be-useful-for-ethical-hacking-bug-bounty-no-promotion-94b2aad97b18?source=rss------bug_bounty-5AjakCybersecuritymedium, udemy, ethical-hacking, bug-bounty, cybersecurity07-Jan-2024
Learn Cybersecurity By Doing Simple Projects at Homehttps://medium.com/@Ajakcybersecurity/learn-cybersecurity-by-doing-simple-projects-at-home-81fe4a512a65?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, bug-bounty, projects, ethical-hacking, hacking07-Jan-2024
Top 5 Best Laptops for Bug Bounty and Ethical Hackinghttps://medium.com/@Ajakcybersecurity/top-5-best-laptops-for-bug-bounty-and-ethical-hacking-c0ce6fe4917c?source=rss------bug_bounty-5AjakCybersecurityhacking, blog, laptop, programming, bug-bounty07-Jan-2024
Os Command Injectionhttps://medium.com/@eren.klai2/os-command-injection-536087488e87?source=rss------bug_bounty-5ErenCatakbug-bounty, pentesting, os-command-injection, operating-systems, bash-script07-Jan-2024
Top 5 Best Books for Bug Bounty Hunting- My Personal Favouriteshttps://medium.com/@Ajakcybersecurity/top-5-best-books-for-bug-bounty-hunting-my-personal-favourites-ec416ab4ea25?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, hacking, money, bug-bounty, blog06-Jan-2024
HackerOne or BugCrowd or VDP? How To Choose your Bug Bounty Program?https://medium.com/@Ajakcybersecurity/hackerone-or-bugcrowd-or-vdp-how-to-choose-your-bug-bounty-program-c4a4d202397c?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, hackerone, blog, penetration-testing, ethical-hacking06-Jan-2024
How I Cracked CEH Within 6 Months Only With Free Resources.https://medium.com/@Ajakcybersecurity/how-i-cracked-ceh-within-6-months-only-with-free-resources-c362d122ee01?source=rss------bug_bounty-5AjakCybersecurityhacking, bug-bounty, blog, ethical-hacking, certification06-Jan-2024
Bug Bounty Mistakes I Made in 2023, So that You Can Avoid in 2024https://medium.com/@Ajakcybersecurity/bug-bounty-mistakes-i-made-in-2023-so-that-you-can-avoid-in-2024-3737663807fc?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, hacking, ethical-hacking, cybersecurity, bug-bounty06-Jan-2024
Unveiling the Dangers of CWE-319: Clear Text Transmission of Sensitive Informationhttps://medium.com/@georgeppmc/unveiling-the-dangers-of-cwe-319-clear-text-transmission-of-sensitive-information-1ada2d1f4ca5?source=rss------bug_bounty-5George Torresbug-bounty06-Jan-2024
Gi7w0rm’s personal year review — 2023https://gi7w0rm.medium.com/gi7w0rms-personal-year-review-2023-f4726b46b604?source=rss------bug_bounty-5Gi7w0rmioc, bug-bounty, cybersecurity, infosec, 202306-Jan-2024
500$ Access Control Bug: Performed Restricted Actions in Developer Settings by low level user.https://medium.com/@a13h1/500-access-control-bug-performed-restricted-actions-in-developer-settings-by-low-level-user-b4ecaa6d1aa1?source=rss------bug_bounty-5Abhi Sharmaprogramming, bug-bounty, pentesting, access-control, cybersecurity06-Jan-2024
Best AI Tools For Cybersecurity in 2024https://medium.com/@paritoshblogs/best-ai-tools-for-cybersecurity-in-2024-9f9972919f1d?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, networking, information-security, cybersecurity06-Jan-2024
The Art of Shodanhttps://astro0x00.medium.com/the-art-of-shodan-ee83bfa96105?source=rss------bug_bounty-5Mo2men Elmadybug-bounty, shodan, penetration-testing, cve, hacking06-Jan-2024
2.8 Lab: 2FA broken logic | 2024https://cyberw1ng.medium.com/2-8-lab-2fa-broken-logic-2024-30a843da98ca?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, careers, bug-bounty, security06-Jan-2024
The History Behind My First Bughttps://dropn0w.medium.com/the-history-behind-my-first-bug-539b913b9667?source=rss------bug_bounty-5dropbug-bounty-tips, hacking, bug-bounty, cybersecurity06-Jan-2024
The Story Behind My First Bughttps://dropn0w.medium.com/the-history-behind-my-first-bug-539b913b9667?source=rss------bug_bounty-5dropbug-bounty-tips, hacking, bug-bounty, cybersecurity06-Jan-2024
Ethical Hacking RoadMap 2024. A Complete Guide.https://medium.com/@testproxy027/ethical-hacking-roadmap-2024-a-complete-guide-74a7a09668af?source=rss------bug_bounty-5Ankit Hackercybersecurity, bug-bounty, hacking, ethical-hacking, medium05-Jan-2024
I received a Bank offer in my mailbox and discovered an IDOR vulnerability - $5,000 bounty - @bxmbnhttps://bxmbn.medium.com/i-received-a-bank-offer-in-my-mailbox-and-discovered-an-idor-vulnerability-5-000-bounty-bxmbn-5209cab1fba8?source=rss------bug_bounty-5bomboncybersecurity, idor, bug-bounty05-Jan-2024
How I Prevented a Mass Data Breach - $15,000 bounty - @bxmbnhttps://bxmbn.medium.com/how-i-prevented-a-mass-data-breach-15-000-bounty-bxmbn-1096e6400e3d?source=rss------bug_bounty-5bombonbug-bounty, data-breach, idor, cybersecurity05-Jan-2024
Cybersecurity Roadmap: 2024https://hackerassociate.medium.com/cybersecurity-roadmap-2024-ea3586fea603?source=rss------bug_bounty-5Harshad Shahinfosec, cybersecurity, penetration-testing, bug-bounty, hacking05-Jan-2024
How to Earn Money as a Digital Forensics Investigatorhttps://medium.com/@moneyiseasybro/how-to-earn-money-as-a-digital-forensics-investigator-dae9723ebb10?source=rss------bug_bounty-5How to Earnethical-hacking, cybersecurity, finance, money, bug-bounty05-Jan-2024
How Celebrities Social media accounts get hacked in real time?https://medium.com/@Ajakcybersecurity/how-celebrities-social-media-accounts-get-hacked-in-real-time-4ccb37ac0763?source=rss------bug_bounty-5AjakCybersecurityphishing, ethical-hacking, cybersecurity, digital-forensics, bug-bounty05-Jan-2024
How to Become a Successful Bug Bounty Hunter in 2024?https://medium.com/@Ajakcybersecurity/how-to-become-a-successful-bug-bounty-hunter-in-2024-3171b782b585?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, blog, cybersecurity, hacking05-Jan-2024
Listed in Top 15 Researchers in NCIIPC Indiahttps://devanshchauhan4565.medium.com/listed-in-top-15-researchers-in-nciipc-india-4143da2d75e9?source=rss------bug_bounty-5Devansh chauhantop-10, bug-bounty, internet, vulnerability, india05-Jan-2024
Privilege Escalation Using SCIM Provisioninghttps://ronak-9889.medium.com/privilege-escalation-using-scim-provisioning-ca61ed9606bd?source=rss------bug_bounty-5Ronak Patelbug-bounty, information-security, privilege-escalation, access-control, cybersecurity05-Jan-2024
Website Hacking, Penetration Testing & Bug Bounty Hunting Resources full coursehttps://thehackertools9.medium.com/website-hacking-penetration-testing-bug-bounty-hunting-resources-full-course-0010c0603bd9?source=rss------bug_bounty-5TheHackerLifebug-bounty-tips, bug-bounty, website-hacking, hacking-tools, ethical-hacking-tools05-Jan-2024
2.7 Lab: Username enumeration via account lock | 2024https://cyberw1ng.medium.com/2-7-lab-username-enumeration-via-account-lock-2024-9ae1d7eef4a6?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, hacking, bug-bounty, cybersecurity, careers05-Jan-2024
My first bugs in 2024https://medium.com/@el-cezeri/my-first-bugs-in-2024-82ea4e9de718?source=rss------bug_bounty-5Samet Yiğitödülavcılığı, bug-bounty, bug-bounty-tips05-Jan-2024
Vulnerable WordPress December 2023 (Shahriar)https://medium.com/@onhexgroup/vulnerable-wordpress-december-2023-shahriar-16277c1cd3b8?source=rss------bug_bounty-5Onhexgroupwordpress-security, wordpress-plugins, infosec, bug-bounty, wordpress05-Jan-2024
Exploring “Jok3r”: A Powerful Network/Host Reconnaissance and Enumeration Tool.https://sh1vv1.medium.com/exploring-jok3r-a-powerful-network-host-reconnaissance-and-enumeration-tool-43b524c580f0?source=rss------bug_bounty-5Hesham Ahmedtips-and-tricks, tools, penetration-testing, bug-bounty, bug-hunting05-Jan-2024
Web Security Academy — API Security Testing Walkthroughhttps://iaraoz.medium.com/web-security-academy-api-security-testing-walkthrough-11019ed93eae?source=rss------bug_bounty-5Israel Aráoz Severicheapi, bug-bounty, web, hacking, portswigger-lab05-Jan-2024
9 Subtle Tricks To Make Your Cybersecurity Skills Much Betterhttps://medium.com/@paritoshblogs/9-subtle-tricks-to-make-your-cybersecurity-skills-much-better-4f7e48b3fd57?source=rss------bug_bounty-5Paritoshbug-bounty, ai, cybersecurity, programming, hacking04-Jan-2024
Exploring Application Security with SAST, DAST, SCA, and IASThttps://securitycipher.medium.com/exploring-application-security-with-sast-dast-sca-and-iast-95b27043d9fd?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)security, bug-bounty, hacking, technology, cybersecurity04-Jan-2024
How do i bypass waf for xss in input tag?https://medium.com/@lyltvip/how-do-i-bypass-waf-for-xss-in-input-tag-2adcdc1b7e25?source=rss------bug_bounty-5lanyibug-bounty-tips, hacking, xss-vulnerability, xss-attack, bug-bounty04-Jan-2024
CORS Crossfire: An iCSI CTFhttps://medium.com/@josh.beck2006/cors-crossfire-an-icsi-ctf-35a73f700207?source=rss------bug_bounty-5Josh Beckcybersecurity, penetration-testing, ctf-writeup, bug-bounty04-Jan-2024
2.6 Lab: Broken brute-force protection, IP block | 2024https://cyberw1ng.medium.com/2-6-lab-broken-brute-force-protection-ip-block-2024-8057a53b999a?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, careers, cybersecurity, hacking04-Jan-2024
Account Takeover? $4 and a click, please.https://swehtpantz.medium.com/account-takeover-4-and-a-click-please-454c035aa3b6?source=rss------bug_bounty-5Swehtpantzhacking, pentesting, ethical-hacking, bug-bounty, bug-bounty-tips04-Jan-2024
Bug Bountyhttps://medium.com/@montymahapatra79/bug-bounty-02310f6d39f9?source=rss------bug_bounty-5Montymahapatrabug-bounty-tips, bug-bounty-hunter, bug-bounty04-Jan-2024
Ethical Hacking RoadMap 2024. A Complete Guide.https://ajaksecurities.medium.com/ethical-hacking-roadmap-2024-a-complete-guide-23b23262b1b8?source=rss------bug_bounty-5Ajak Cyber Securityethical-hacking, hacking, bug-bounty, medium, cybersecurity04-Jan-2024
How to Become a Successful Bug Bounty Hunter in 2024?https://ajaksecurities.medium.com/how-to-become-a-successful-bug-bounty-hunter-in-2024-106f576b03e2?source=rss------bug_bounty-5Ajak Cyber Securityethical-hacking, hacking, bug-bounty, cybersecurity, medium04-Jan-2024
Essential Gadgets for Bug Bounty Hunters: Enhancing Your Cybersecurity Arsenalhttps://securitylit.medium.com/essential-gadgets-for-bug-bounty-hunters-enhancing-your-cybersecurity-arsenal-40173ec2945f?source=rss------bug_bounty-5Security Lit Limitedgadgets, cybersecurity, bug-bounty, vulnerability04-Jan-2024
OpenBounty, phương pháp tiếp cận mới của Shentu trong Hệ sinh thái bảo mậthttps://shentuchain.medium.com/openbounty-ph%C6%B0%C6%A1ng-ph%C3%A1p-ti%E1%BA%BFp-c%E1%BA%ADn-m%E1%BB%9Bi-c%E1%BB%A7a-shentu-trong-h%E1%BB%87-sinh-th%C3%A1i-b%E1%BA%A3o-m%E1%BA%ADt-bc52f8fd13ff?source=rss------bug_bounty-5Shentu Chainbug-bounty, bounty-program, web3, bounty-hunter, cybersecurity03-Jan-2024
GooFuzz: A Fuzzing Tool with an OSINT Approachhttps://medium.com/@cuncis/goofuzz-a-fuzzing-tool-with-an-osint-approach-306fe481824f?source=rss------bug_bounty-5Cuncisbug-bounty, penetration-test, google-dork, penetration-testing, osint03-Jan-2024
How to Correctly setup Android Penetration Testing on a MacBookhttps://infosecwriteups.com/how-to-correctly-setup-android-penetration-testing-on-a-macbook-659f244f84c8?source=rss------bug_bounty-5Supun Halangoda (Suppa)bug-bounty, penetration-testing, mobile-penetration-test, macbook-pro, android-pentesting03-Jan-2024
LoveTok | HackTheBox web challenge Writeuphttps://gxbnt.medium.com/lovetok-hackthebox-web-challenge-writeup-e3b99967c3b7?source=rss------bug_bounty-5Bishal - #GxbNthackthebox-writeup, oscp, web, offensive-security, bug-bounty03-Jan-2024
A Guide on Crafting Robust Invariants with Echidnahttps://medium.com/coinmonks/a-guide-on-crafting-robust-invariants-with-echidna-fc980d8e2c0c?source=rss------bug_bounty-5Chirag Agrawalbug-bounty, smart-contracts, cybersecurity, cryptocurrency, security03-Jan-2024
Found reflected xss on a real targethttps://medium.com/@jeetpal2007/found-reflected-xss-on-a-real-target-30b80b2f53e4?source=rss------bug_bounty-5JEETPALrxss, xs, bugs, bug-bounty03-Jan-2024
My Bug Bounty Write Ups (Part-1)https://karthikeyamade.medium.com/my-bug-bounty-write-ups-part-1-63ed3e788873?source=rss------bug_bounty-5Karthikeya Saibug-bounty-tips, bug-bounty03-Jan-2024
My First Bug Bounty: Lessons Learned and Money Earnedhttps://medium.com/@georgeppmc/my-first-bug-bounty-lessons-learned-and-money-earned-d6fc31744621?source=rss------bug_bounty-5George Torresbug-bounty-tips, bug-hunting, bug-bounty-writeup, bug-bounty, hackerone03-Jan-2024
Comparing CVE & CWE : Understanding Security Vulnerabilitieshttps://medium.com/@zouhairelgarouni/comparing-cve-cwe-understanding-security-vulnerabilities-84442ab1e0e7?source=rss------bug_bounty-5ZOUHAIR EL GAROUNIvulnerability, vulnerability-management, cyber-security-awareness, cybersecurity, bug-bounty03-Jan-2024
you need to learn linux RIGHT NOW!!https://medium.com/@paritoshblogs/you-need-to-learn-linux-right-now-7239f4dcc1c6?source=rss------bug_bounty-5Paritoshhacking, cybersecurity, linux, programming, bug-bounty02-Jan-2024
Bug Bounty Hunting | Reconnaissance | Subdomain Enumerationhttps://me-ankeet.medium.com/bug-bounty-hunting-reconnaissance-subdomain-enumeration-854d880c3406?source=rss------bug_bounty-5Ankeetbug-bounty, hacking, information-security, cybersecurity, bug-bounty-tips02-Jan-2024
How .git folder can be exploited to access sensitive datahttps://satyasai1460.medium.com/how-git-folder-can-be-exploited-to-access-sensitive-data-eb805c38fd6c?source=rss------bug_bounty-5Bala Naga Satya sai Devarapalliinformation-technology, cybersecurity, bug-bounty, bugs, bug-bounty-tips02-Jan-2024
From P5 to Payday $$$: Escalating Reflected XSS to Account Takeoverhttps://hasanka-amarasinghe.medium.com/from-p5-to-payday-escalating-reflected-xss-to-account-takeover-bc25a171a3d5?source=rss------bug_bounty-5Hasanka Amarasinghexss-attack, bug-bounty, cross-site-scripting, account-takeover, cybersecurity02-Jan-2024
Account Takeover on International Exchange — Bug Bounty Tuesdayhttps://medium.com/@kerstan/account-takeover-on-international-exchange-bug-bounty-tuesday-cf41a54bc4b7?source=rss------bug_bounty-5kerstancybersecurity, bug-bounty, technology, programming02-Jan-2024
The Lexer Markets security review storyhttps://medium.com/@mweiss.eth/the-lexer-markets-security-review-story-a812539d62db?source=rss------bug_bounty-50xWeisssecurity, audit, bug-bounty, smart-contracts02-Jan-2024
DOM XSS in document.write sink using source location.search inside a select elementhttps://medium.com/@marduk.i.am/dom-xss-in-document-write-sink-using-source-location-search-inside-a-select-element-0c47fc033bcf?source=rss------bug_bounty-5Marduk I Amportswigger-lab, dom-xss, cross-site-scripting, cybersecurity, bug-bounty02-Jan-2024
2.4 Lab: Username enumeration via subtly different responses | 2024https://cyberw1ng.medium.com/2-4-lab-username-enumeration-via-subtly-different-responses-2024-eb37130d41a8?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, cybersecurity, security02-Jan-2024
Stealing private messages using XSS on subdomainhttps://medium.com/@shcyber/stealing-private-messages-using-xss-on-subdomain-97f0304b132f?source=rss------bug_bounty-5SHCyberwebsocket, csrf, bug-bounty, xss-attack, hacking02-Jan-2024
From Disclosure to High Severity: Leveraging Dyte API Key for Maximum Impacthttps://padsalatushal.medium.com/from-disclosure-to-high-severity-leveraging-dyte-api-key-for-maximum-impact-468c444963c6?source=rss------bug_bounty-5Padsala Tushalapi-security, cybersecurity, bug-bounty-tips, infosec, bug-bounty02-Jan-2024
SQL Injection (SQLi): WWWWWH?https://medium.com/@rcxsecurity/sql-injection-sqli-wwwwwh-d847972b3e45?source=rss------bug_bounty-5RCXSecuritysql-injection, bug-bounty, information-security, penetration-testing, cybersecurity01-Jan-2024
How Do I Get Root Access on a Linux Serverhttps://systemweakness.com/how-do-i-get-root-access-on-a-linux-server-874d29015305?source=rss------bug_bounty-5RyuuKhagetsubug-bounty, infosec, web-application-security, pentesting, bug-bounty-writeup01-Jan-2024
Understanding the MITRE ATT&CK Framework: A Comprehensive Overviewhttps://medium.com/@paritoshblogs/understanding-the-mitre-att-ck-framework-a-comprehensive-overview-c1499d195da0?source=rss------bug_bounty-5Paritoshmitre-attack, ai, hacking, bug-bounty, cybersecurity01-Jan-2024
Reflected XSS into a JavaScript string with angle brackets HTML encodedhttps://medium.com/@marduk.i.am/reflected-xss-into-a-javascript-string-with-angle-brackets-html-encoded-c9e2ed86f489?source=rss------bug_bounty-5Marduk I Ambug-bounty, reflected-xss, portswigger-lab, cross-site-scripting, cybersecurity01-Jan-2024
Automating GitHub Recon for Sensitive Information Discoveryhttps://medium.com/@paxnull/automating-github-recon-for-sensitive-information-discovery-c96b677857cf?source=rss------bug_bounty-5paxnullbug-bounty, bug-bounty-writeup, automation-tools, reconnaissance, bug-bounty-tips01-Jan-2024
The power of Client-Side Path Traversal: How I found and escalated 2 bugs through “../”https://medium.com/@Nightbloodz/the-power-of-client-side-path-traversal-how-i-found-and-escalated-2-bugs-through-670338afc90f?source=rss------bug_bounty-5Alvaro Baladabug-bounty-tips, info-sec-writeups, bug-bounty-writeup, cybersecurity, bug-bounty01-Jan-2024
1.18 Lab: SQL injection attack, listing the database contents on Oracle | 2024https://cyberw1ng.medium.com/1-18-lab-sql-injection-attack-listing-the-database-contents-on-oracle-2024-cec2a796740f?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, bug-bounty, careers, hacking01-Jan-2024
Another 4 Digit Bounty Story on Hackeronehttps://medium.com/@jai.lani9001/another-4-digit-bounty-story-on-hackerone-58dba8c19818?source=rss------bug_bounty-5Jai Lanibug-bounty01-Jan-2024
CVE-2023–34635: UNIBOX 3.0/3.1 SQL Injection login bypasshttps://medium.com/@davidkarpinski1/cve-2023-34635-unibox-3-0-3-1-sql-injection-login-bypass-fc33004e70c0?source=rss------bug_bounty-5David Eduardo Karpinskibug-bounty, sql-login, unibox, sqli, login-bypass01-Jan-2024
Exploring the Depths: DNS Wildcard and Subdomain Takhttps://alvinbijo.medium.com/exploring-the-depths-dns-wildcard-and-subdomain-tak-6deed7aebcb1?source=rss------bug_bounty-5Alvin bijobug-bounty, bugbounty-writeup01-Jan-2024
Bug Zero at a Glance [01–15 December]https://blog.bugzero.io/bug-zero-at-a-glance-01-15-december-cdb358653f8e?source=rss------bug_bounty-5Januka Dharmapriyacybersecurity, sri-lanka, bug-bounty, bug-zero, newsletter31-Dec-2023
Uncovering LFI Attack ‍https://medium.com/@cyberkarthi/uncovering-ssrf-attack-12064069205f?source=rss------bug_bounty-5Karthikeyan Cethical-hacking, pentesting, bug-bounty, bugbounty-writeup31-Dec-2023
I hate Hackerone / X Website Vulnerability — Bug Bounty Hunterhttps://medium.com/@batuhanaydinn/i-hate-hackerone-x-website-vulnerability-bug-bounty-hunter-3e43a7e0bc80?source=rss------bug_bounty-5Batuhan Aydınhacking, hackerone, bug-bounty, penetration-testing, hacker31-Dec-2023
1.17 Lab: SQL injection attack, listing the database contents on non-Oracle databases | 2023https://systemweakness.com/1-17-lab-sql-injection-attack-listing-the-database-contents-on-non-oracle-databases-2023-2026162bf6ef?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, security, careers31-Dec-2023
DNS-Related Attacks and Exampleshttps://medium.com/@paritoshblogs/dns-related-attacks-and-examples-fee4da0cc2d6?source=rss------bug_bounty-5Paritoshdns, cybersecurity, bug-bounty, hacking, programming31-Dec-2023
How I hacked India’s top company database.https://medium.com/@sritharcyber/how-i-hacked-indias-top-company-database-d66b9fc49cb0?source=rss------bug_bounty-5Srithar Cybersqli, pentest, recent, hacked, bug-bounty31-Dec-2023
Simple Subdomain Takeoverhttps://infosecwriteups.com/simple-subdomain-takeover-15129e19bbb4?source=rss------bug_bounty-5hackerdevilvulnerability-assessment, bug-bounty, bug-bounty-writeup, bug-bounty-tips, web-app-security31-Dec-2023
Master Subdomain HUNTING | Art of finding Hidden Assetshttps://yashh2.medium.com/master-subdomain-hunting-art-of-finding-hidden-assets-3351b3c8467a?source=rss------bug_bounty-5ʏᴀꜱʜʜcybersecurity, infosec, bug-bounty, bug-bounty-tips, hacking30-Dec-2023
Woowow Bug Bounty Campaignhttps://medium.com/@woowow/woowow-bug-bounty-campaign-569e7b7868f3?source=rss------bug_bounty-5Woowowqitmeerecosystem, bounty-campaign, marketplaces, woowow, bug-bounty30-Dec-2023
How i Hacked My First Target using GooGle Dorkinghttps://mrunknown124154.medium.com/how-i-hacked-my-first-target-using-google-dorking-43cb999ad8db?source=rss------bug_bounty-5Mr Abdullahsql-injection, google-dorking, bug-bounty, hacking, sql-injection-attack30-Dec-2023
417$ Simple IDOR: Unauthorized Contact Details Modificationhttps://medium.com/@a13h1/417-simple-idor-unauthorized-contact-details-modification-92e8211439e4?source=rss------bug_bounty-5Abhi Sharmaprogramming, cybersecurity, hacking, bug-bounty, idor30-Dec-2023
Sudomain Takeover via Shopify(Easy Bounty $$$$)https://medium.com/@paxnull/sudomain-takeover-via-shopify-easy-bounty-300f839aa15d?source=rss------bug_bounty-5paxnullbug-bounty, tips, bug-bounty-tips, subdomain-takeover, bug-bounty-writeup30-Dec-2023
XSS deep dive P1 (theory)(publish early,please waiting for 2 days to read)https://medium.com/@nguhuynh.148/xss-deep-dive-p1-theory-637af86f335d?source=rss------bug_bounty-5Nguhuynhxss-vulnerability, xss-attack, xss-bypass, bug-bounty30-Dec-2023
Stored XSS into anchor href attribute with double quotes HTML-encodedhttps://medium.com/@marduk.i.am/stored-xss-into-anchor-href-attribute-with-double-quotes-html-encoded-1f88ba0b990f?source=rss------bug_bounty-5Marduk I Amstored-xss, bug-bounty, cybersecurity, cross-site-scripting, portswigger-lab30-Dec-2023
1.16 Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft |…https://cyberw1ng.medium.com/1-16-lab-sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft-5f2785ebb06f?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, cybersecurity, bug-bounty, hacking, careers30-Dec-2023
HTTPX Troubleshooting Issuehttps://infosecwriteups.com/httpx-troubleshooting-issue-38b61549126b?source=rss------bug_bounty-5Jarred Longoriabug-bounty, linux, troubleshooting, help, httpx30-Dec-2023
From Google Dorking to Unauthorized AWS Account Access and Account Takeoverhttps://medium.com/@ar_hawk/from-google-dorking-to-unauthorized-aws-account-access-and-account-takeover-89eb2b9d284f?source=rss------bug_bounty-5Aayush Vishnoissrf, bug-bounty-tips, bug-bounty30-Dec-2023
Reflected XSS into attribute with angle brackets HTML-encodedhttps://medium.com/@marduk.i.am/reflected-xss-into-attribute-with-angle-brackets-html-encoded-986d943b3fd2?source=rss------bug_bounty-5Marduk I Amportswigger-lab, cybersecurity, bug-bounty, cross-site-scripting, xss-vulnerability29-Dec-2023
Beyond Search Queries: Bug Bounty Hunting with Dorkzhttps://medium.com/@paxnull/beyond-search-queries-bug-bounty-hunting-with-dorkz-850cfa8c3ddc?source=rss------bug_bounty-5paxnulltips, dorking, recon, bug-bounty-tips, bug-bounty29-Dec-2023
Behind the Firewall: My First Valid Bug — Exposing Security Flaw in a multi-dollar Financial and…https://medium.com/@MohaseenK/behind-the-firewall-my-first-valid-bug-exposing-security-flaw-in-a-multi-dollar-financial-and-ff56e7bc4589?source=rss------bug_bounty-5Mohaseenpentesting, bug-bounty, rate-limiting, hackerone, bugcrowd29-Dec-2023
How to find unprotected databases with Netlas.io?https://netlas.medium.com/how-to-find-unprotected-databases-with-netlas-io-2bf186e9fc2d?source=rss------bug_bounty-5Netlas.ioosint, penetration-testing, bug-bounty, osint-investigation, cybersecurity29-Dec-2023
1.15 Lab: SQL injection attack, querying the database type and version on Oracle | 2023https://cyberw1ng.medium.com/1-15-lab-sql-injection-attack-querying-the-database-type-and-version-on-oracle-2023-cd4118eb604d?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, careers, hacking, cybersecurity29-Dec-2023
KisMAC is a free, open source wireless stumbling and security tool for Mac OS Xhttps://medium.com/@dineshpathro593/kismac-is-a-free-open-source-wireless-stumbling-and-security-tool-for-mac-os-x-03746fdea831?source=rss------bug_bounty-5Dineshpathrobugs, bug-bounty, bug-bounty-tips, hacking, hackin29-Dec-2023
OTP-Bot Tool CLICK HEREhttps://medium.com/@dineshpathro593/otp-bot-tool-click-here-7f3ee559ca21?source=rss------bug_bounty-5Dineshpathrobug-bounty-tips, hacking-tools, bug-bounty, hacking, bugs29-Dec-2023
Recon Tools For Web Applicationhttps://medium.com/@dineshpathro593/recon-tools-for-web-application-714af64e7d07?source=rss------bug_bounty-5Dineshpathrohacking, hacker, bug-bounty, bug-bounty-tips, hackathons29-Dec-2023
200 Materials of CyberSecurity in PDFshttps://medium.com/@dineshpathro593/200-materials-of-cybersecurity-in-pdfs-e7a942123be5?source=rss------bug_bounty-5Dineshpathrocybersecurity, hackathons, bug-bounty, hacking, bug-bounty-tips29-Dec-2023
Bug Bounty: The road to my first $1000 through hacking public websiteshttps://swehtpantz.medium.com/bug-bounty-the-road-to-my-first-1000-through-hacking-public-websites-a0e2aa1b7271?source=rss------bug_bounty-5Swehtpantzethical-hacking, bug-bounty, bug-bounty-tips, hacking, bugbounty-writeup28-Dec-2023
HackTheBox(HTB) Writeup — Nodehttps://medium.com/@harman.preet.singh3738/hackthebox-htb-writeup-node-5600a442e393?source=rss------bug_bounty-5Harmanpreet Singhpenetration-testing, bug-bounty, tryhackme, ethical-hacking, hackthebox28-Dec-2023
️ Protect Yourself: The Power of OPSEChttps://medium.com/@teckgamer07/%EF%B8%8F-protect-yourself-the-power-of-opsec-17a7ec256427?source=rss------bug_bounty-5Macmelterbugsbounty, hacking, bug-bounty, cybersecurity28-Dec-2023
Multiple RXSShttps://medium.com/@0xchoudhary/multiple-rxss-f3f796287f34?source=rss------bug_bounty-5Sushil Choudharybounty-hunter, xss-attack, bug-bounty-tips, bug-bounty, hackerone28-Dec-2023
Stored XSS via File upload(using svg file)https://medium.com/@paxnull/stored-xss-via-file-upload-using-svg-file-c1e2a33ed8a8?source=rss------bug_bounty-5paxnullbug-bounty, tips, bugbounty-tips, xss-vulnerability, hacking28-Dec-2023
Authorization problemhttps://medium.com/@nguhuynh.148/authorization-problem-2bb053c215cd?source=rss------bug_bounty-5Nguhuynhbroken-access-control, hacking, bug-bounty, hacks, bug-bounty-tips28-Dec-2023
CVE-2023–51356: ARMember <= 4.0.10 — Authenticated Privilege Escalationhttps://revan-ar.medium.com/cve-2023-51356-armember-4-0-10-authenticated-privilege-escalation-7e0c7fbe5a79?source=rss------bug_bounty-5Revan Abug-bounty, privilege-escalation, wordpress-plugins, penetration-testing28-Dec-2023
1.14 Lab: SQL injection with filter bypass via XML encoding | 2023https://cyberw1ng.medium.com/1-14-lab-sql-injection-with-filter-bypass-via-xml-encoding-2023-9794dc7bf9f4?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, bug-bounty, penetration-testing, hacking28-Dec-2023
How I made 7K on Epic Games Bug Bountyhttps://medium.com/@synapticspace/how-i-made-7k-on-epic-games-bug-bounty-8529728b9fcf?source=rss------bug_bounty-5SynapticSpacebug-bounty-writeup, hacking, bug-bounty, bug-bounty-tips28-Dec-2023
How I made 7K on Epic Games Bug Bountyhttps://infosecwriteups.com/how-i-made-7k-on-epic-games-bug-bounty-8529728b9fcf?source=rss------bug_bounty-5SynapticSpacebug-bounty-writeup, hacking, bug-bounty, bug-bounty-tips28-Dec-2023
DOM XSS in jQuery selector sink using a hashchange eventhttps://medium.com/@marduk.i.am/dom-xss-in-jquery-selector-sink-using-a-hashchange-event-bb3c355b3633?source=rss------bug_bounty-5Marduk I Amportswigger-lab, bug-bounty, dom-xss, cybersecurity, cross-site-scripting27-Dec-2023
Amass: New Config File Updatehttps://hackerassociate.medium.com/amass-new-config-file-update-e95d09b6eb70?source=rss------bug_bounty-5Harshad Shahpenetration-testing, cybersecurity, infosec, hacking, bug-bounty27-Dec-2023
DOM XSS on Hackerone Programs — Bug Bounty Tuesdayhttps://medium.com/@kerstan/dom-xss-on-hackerone-programs-bug-bounty-tuesday-8973ecf6af95?source=rss------bug_bounty-5kerstanxss-attack, security, cybersecurity, technology, bug-bounty27-Dec-2023
1.13 Lab: Blind SQL injection with out-of-band data exfiltration | 2023https://cyberw1ng.medium.com/1-13-lab-blind-sql-injection-with-out-of-band-data-exfiltration-2023-f83a1448b685?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, cybersecurity, hacking, careers27-Dec-2023
“Crucial Bug Bounty Hacks: Habits with Enduring Benefits”https://medium.com/@paxnull/secrets-of-the-hunter-pro-tips-for-effective-bug-bounty-hunting-1a261df4444d?source=rss------bug_bounty-5paxnulltips, learning, programming, bugbounty-tips, bug-bounty27-Dec-2023
Inside the Digital Vault: How I Unearthed PII Goldmine — Exposing 15K GST Users’ Information in a…https://medium.com/@MohaseenK/inside-the-digital-vault-how-i-unearthed-pii-goldmine-exposing-15k-gst-users-information-in-a-38c3105889ea?source=rss------bug_bounty-5Mohaseenbug-bounty, hackerone, bugcrowd, information-disclosure, indian-government27-Dec-2023
How Does DNS Work and What is DNS Poisoning?https://medium.com/@bcanote/how-does-dns-work-and-what-is-dns-poisoning-4c187fb3f2b0?source=rss------bug_bounty-5bcanotecybersecurity, hacking, dns, dns-poisoning, bug-bounty27-Dec-2023
URL Redirection To DOM XSS on Hackerone Programs -Bug Bounty Tuesdayhttps://medium.com/@kerstan/dom-xss-on-hackerone-programs-bug-bounty-tuesday-8973ecf6af95?source=rss------bug_bounty-5kerstanxss-attack, security, cybersecurity, technology, bug-bounty27-Dec-2023
Mastering Bug Bounty: Your Ultimate Guide to Cybersecurity Successhttps://medium.com/@umidcyber.s/mastering-bug-bounty-your-ultimate-guide-to-cybersecurity-success-82dc9b30fc02?source=rss------bug_bounty-5Umid Mammadovbug-bounty-tips, tools, bug-bounty, information-technology, bugs26-Dec-2023
Deep Dive Into XSShttps://medium.com/@kavish2002ev3/deep-dive-into-xss-8420ddccc73b?source=rss------bug_bounty-5kavish shahxss-vulnerability, web-application-security, bug-bounty26-Dec-2023
The Tale Of Insecure Deserialization: A Journey From Serialization To Exploitationhttps://medium.com/@kavish2002ev3/the-tale-of-insecure-deserialization-a-journey-from-serialization-to-exploitation-47400a4c9093?source=rss------bug_bounty-5kavish shahctf-writeup, web-application-security, insecure-deserialization, bug-bounty26-Dec-2023
Portswigger Labs — CSRFhttps://medium.com/@rynnnn617/portswigger-labs-csrf-10b496d6580c?source=rss------bug_bounty-5Ry4nnnnbug-bounty, portswigger-lab, csrf, burpsuite26-Dec-2023
1.12 Lab: Blind SQL injection with out-of-band interaction | 2023https://infosecwriteups.com/1-12-lab-blind-sql-injection-with-out-of-band-interaction-2023-db12e3b10118?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking26-Dec-2023
Navigating Tree-Sitter Queries with jsluice for JavaScript File Analysishttps://lopseg.medium.com/navigating-tree-sitter-queries-with-jsluice-for-javascript-file-analysis-061b7cb4ea9d?source=rss------bug_bounty-5Lopsegbug-bounty-tips, bug-bounty, cybersecurity, bug-bounty-writeup, javascript26-Dec-2023
Portswigger Labs — CSRFhttps://medium.com/@ry4nnnn/portswigger-labs-csrf-10b496d6580c?source=rss------bug_bounty-5Ry4nnnnbug-bounty, portswigger-lab, csrf, burpsuite26-Dec-2023
Account takeover vulnerability that resulted in $2500 bounty!https://medium.com/@deadoverflow/account-takeover-vulnerability-that-resulted-in-2500-bounty-e1618363878d?source=rss------bug_bounty-5Imad Husanovicbug-bounty, hacking, bug-bounty-tips, cybersecurity, bug-hunting25-Dec-2023
Content Spoofing & Parameter Injectionhttps://codingninjablogs.tech/content-spoofing-parameter-injection-0861bfd146d4?source=rss------bug_bounty-5#!/Subhankarinjection-attacks, web-pen-testing, bug-bounty, spoofing25-Dec-2023
Top 3 Password Cracking Toolshttps://medium.com/@UsmanAtif/top-3-password-cracking-tools-18801fbdcdae?source=rss------bug_bounty-5Muhammad Usman Atifhacking, cybersecurity, passwords, bug-bounty, penetration-testing25-Dec-2023
Hackers Target Bug Bounty Hunters with Blackmail Emailshttps://rishikadesai.medium.com/hackers-target-bug-bounty-hunters-with-blackmail-emails-421cf57fe4a7?source=rss------bug_bounty-5Rishika Desaithreat-intelligence, threat-research, bug-bounty, cyber-security-awareness, cybersecurity25-Dec-2023
What is LFI (Local File Inclusion) Vulnerability ?https://medium.com/@errorfiathck/what-is-lfi-local-file-inclusion-vulnerability-c9372e25e389?source=rss------bug_bounty-5Errorfiathckpentesting, lfi, vulnerability, bug-bounty, pentest25-Dec-2023
Legacy of EternalBluehttps://medium.com/@akshadjoshi/legacy-of-eternalblue-de4d643e8f36?source=rss------bug_bounty-5Akshad Joshieternalblue, hackthebox, pentesting, bug-bounty, hacking24-Dec-2023
Hackeando GraphQL: Introducciónhttps://medium.com/@soyelmago/hackeando-graphql-introducci%C3%B3n-1537af763d0c?source=rss------bug_bounty-5Alan Brian @soyelmagographql, bug-bounty, information-security, pentesting, hacking24-Dec-2023
Ceklis Web Pentesting Untuk Pemula — Registration Feature Testinghttps://riodrwn.medium.com/ceklis-web-pentesting-untuk-pemula-registration-feature-testing-aceb545b587c?source=rss------bug_bounty-5Rio Darmawanbug-bounty-writeup, bug-bounty, pentesting, bugbounty-writeup, web-penetration-testing23-Dec-2023
The Crucial Role of Threat Intelligence Sharing in Cybersecurityhttps://medium.com/@paritoshblogs/the-crucial-role-of-threat-intelligence-sharing-in-cybersecurity-cd4be0b53a86?source=rss------bug_bounty-5Paritoshprogramming, hacking, threat-intelligence, cybersecurity, bug-bounty23-Dec-2023
The Evolving Role of a SOC Analysthttps://medium.com/@paritoshblogs/the-evolving-role-of-a-soc-analyst-c82e3e515558?source=rss------bug_bounty-5Paritoshinformation-security, cybersecurity, hacking, bug-bounty, soc-analyst23-Dec-2023
Out-of-Scope, Not Out-of-Impact: Unveiling Significant Sensitive Information Disclosurehttps://padsalatushal.medium.com/out-of-scope-not-out-of-impact-unveiling-significant-sensitive-information-disclosure-c8e76c1806e8?source=rss------bug_bounty-5Padsala Tushalcybersecurity, bug-bounty, bug-bounty-tips, infosec, information-disclosure23-Dec-2023
Hack Story: Unveiling Security Flaws in a Government Portalhttps://medium.com/@sahadmk/hack-story-unveiling-security-flaws-in-a-government-portal-995217f877c3?source=rss------bug_bounty-5Sahad Mkbug-bounty, javascript, pentesting, vulnerability, hacking23-Dec-2023
The ART of Chaining Vulnerabilitieshttps://ahmdhalabi.medium.com/the-art-of-chaining-vulnerabilities-e65382b7c627?source=rss------bug_bounty-5Ahmad Halabiethical-hacking, hacking, intelligence, hacker, bug-bounty23-Dec-2023
Hacking Communityhttps://medium.com/@mrunknown124154/hacking-community-ab774827006d?source=rss------bug_bounty-5Mrunknownbug-bounty, ethical-hacking, hacking23-Dec-2023
DoS’ing Zsecurityhttps://medium.com/@24bkdoor/dosing-zsecurity-a4cb99396935?source=rss------bug_bounty-524BkDoorbug-bounty, ethical-hacking, hacking, web-development, cybersecurity22-Dec-2023
Securing the Future: Enhancing the Safety of Compound Protocolhttps://medium.com/@topcrypto00/securing-the-future-enhancing-the-safety-of-compound-protocol-940498c78d68?source=rss------bug_bounty-5Top Cryptobug-bounty, bug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, compound-protocol22-Dec-2023
He stored your password in Cookiehttps://medium.com/@fixthis1000time/he-stored-your-password-in-cookie-5a6d0478e570?source=rss------bug_bounty-5fixthi$hacking, bug-bounty, ethical-hacking22-Dec-2023
How I was able to buy 2500 Rs product for 18rs in E-Commerce Website?https://medium.com/@shubhamsonani/how-i-was-able-to-buy-2500-rs-product-for-18rs-in-e-commerce-website-ada4e91b5b91?source=rss------bug_bounty-5Shubham Sonanibug-bounty, hacking, bug-bounty-tips, vulnerability, cybersecurity22-Dec-2023
PJWT Certificationhttps://medium.com/@OmarAlkhowaiter/pjwt-certification-f4f7995d35f6?source=rss------bug_bounty-5Omar Alkhowaitercertification, bug-bounty, penetration-testing, cybersecurity, web-exploitation22-Dec-2023
Consentify hits Beta Test phase boosted by a Bug Bounty program!https://datalaketoken.medium.com/consentify-hits-beta-test-phase-boosted-by-a-bug-bounty-program-6b621eadd02b?source=rss------bug_bounty-5Data Lakehealthcare, desci, bug-bounty, data-lake, research22-Dec-2023
Ideas for Testing Checkouthttps://lopseg.medium.com/ideas-for-testing-checkout-eebe6148729d?source=rss------bug_bounty-5Lopsegbug-bounty-tips, infosec, hacking, bug-bounty22-Dec-2023
Beyond Simple Alerts: Techniques for Evading WAF and Achieving XSS Successhttps://lopseg.medium.com/beyond-simple-alerts-techniques-for-evading-waf-and-achieving-xss-success-4409a5bd2ee0?source=rss------bug_bounty-5Lopsegbug-bounty-tips, hacking, xss-attack, bug-bounty22-Dec-2023
He stored your password in Cookiehttps://medium.com/@fixthis1000time/he-stored-your-password-in-cookie-5a6d0478e570?source=rss------bug_bounty-5fixthi$hacking, bug-bounty, cybersecurity, infosec, ethical-hacking22-Dec-2023
5 Tips Web Fuzz You Should Knowhttps://medium.com/@kerstan/5-tips-web-fuzz-you-should-know-00ef6c59407d?source=rss------bug_bounty-5kerstanbug-bounty, hacking, bug-bounty-tips, security, cybersecurity21-Dec-2023
TryHackMe AoC 2023 Side Quest final thoughtshttps://medium.com/@boogsta/tryhackme-aoc-2023-side-quest-final-thoughts-afcb5880be33?source=rss------bug_bounty-5Boogstahacking, cyber, tryhackme, cybersecurity, bug-bounty21-Dec-2023
88MPH Vulnerability Exploit and Get Free Crypt0S $$$$$$https://medium.com/@vinaysati/88mph-vulnerability-exploit-and-get-free-crypt0s-a4d4a8328dc7?source=rss------bug_bounty-5Vinaysatibug-bounty, hacking, web3bug, bug-bounty-tips, web321-Dec-2023
The art of subdomain monitoringhttps://medium.com/@muhannadahmed042/the-art-of-subdomain-monitoring-da610a0f8031?source=rss------bug_bounty-5muhannad hazaacybersecurity, penetration-testing, bug-bounty, recon21-Dec-2023
A Business logic error in Google Dialogflow enables a developer to delete the agent directly from…https://medium.com/@krityamkarma858041/a-business-logic-error-in-google-dialogflow-enables-a-developer-to-delete-the-agent-directly-from-3a5bf2a07706?source=rss------bug_bounty-5Krityamkarmagoogle-vrp, bug-bounty, ethical-hacking, google, hacking21-Dec-2023
Privacy at Risk: EXIF Metadata Exposure in User-Uploaded Imageshttps://samshadow.medium.com/privacy-at-risk-exif-metadata-exposure-in-user-uploaded-images-c2481f876d03?source=rss------bug_bounty-5Sam Shadowbug-bounty, bug-bounty-tips, bug-bounty-writeup, infosec, vulnerability21-Dec-2023
Aspiring Bug Bounty Hunters’ New Year Goals Toolkithttps://sl4x0.medium.com/aspiring-bug-bounty-hunters-new-year-goals-toolkit-a156c96e9de7?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)bug-bounty, new-year, goals, mindset, success21-Dec-2023
How Can Artificial Intelligence Revolutionize Bug Bounty?https://medium.com/@zouhairelgarouni/how-can-artificial-intelligence-revolutionize-bug-bounty-664e7f5ed3dd?source=rss------bug_bounty-5ZOUHAIR EL GAROUNItechnology, cybersecurity, bug-bounty, artificial-intelligence, cyberattack21-Dec-2023
I made online store to pay for my orders and get me free refunds.https://medium.com/@shubhamsonani/i-made-online-store-to-pay-for-my-orders-and-get-me-free-refunds-6f4db5893c13?source=rss------bug_bounty-5Shubham Sonanibug-bounty-tips, cybersecurity, vulnerability, hacking, bug-bounty21-Dec-2023
5 Tips Web Fuzz You Should Knowhttps://medium.com/@kerstan/5-tips-web-fuzz-you-should-know-00ef6c59407d?source=rss------bug_bounty-5kerstantechnology, bug-bounty, hacking, security, cybersecurity21-Dec-2023
A list of 50 tools every hacker should knowhttps://thexssrat.medium.com/a-list-of-50-tools-every-hacker-should-know-df8d87cf4b58?source=rss------bug_bounty-5Thexssrathacking-tools, hacking, bug-bounty, ethical-hacking21-Dec-2023
Open Redirect Validation Bypass Leads To Account Take Over (ATO)https://medium.com/@ozomarzu/open-redirect-validation-bypass-leads-to-account-take-over-ato-5166b3416e3f?source=rss------bug_bounty-5CyberOzbug-hunting, bug-bounty, bug-bounty-tips, hacker, web-security21-Dec-2023
Code4rena Blue vs. Traditional Bug Bountieshttps://medium.com/code4rena/code4rena-blue-vs-traditional-bug-bounties-478f469057c9?source=rss------bug_bounty-5aramasbug-bounty, smart-contract-security, code4rena, code4rena-blue21-Dec-2023
A Very Basic Beginner Bug Bounty Methodologyhttps://thexssrat.medium.com/a-very-basic-beginner-bug-bounty-methodology-15eca16ca787?source=rss------bug_bounty-5Thexssrathacking, bug-bounty, ethical-hacking21-Dec-2023
Bug Bounty: Tips for Finding Your First Bug as a Beginnerhttps://graph33.medium.com/bug-bounty-tips-for-finding-your-first-bug-as-a-beginner-120f71c709cd?source=rss------bug_bounty-5GHS08bug-bounty, hacking, cracking, coding21-Dec-2023
How My 9-Month-Old Daughter Earned Over $1,000 in a Bug Bounty Programhttps://maxilect-company.medium.com/how-my-9-month-old-daughter-earned-over-1-000-in-a-bug-bounty-program-be9ba1d77cad?source=rss------bug_bounty-5Maxilectsamsun, bug-bounty-program, bug-bounty20-Dec-2023
This is how much I made in my first year as a Bug Bounty Hunter in 2023 — Graduation Bonus!https://medium.com/@avbhijitdutta99/this-is-how-much-i-made-in-my-first-year-as-a-bug-bounty-hunter-in-2023-graduation-bonus-b45875225c88?source=rss------bug_bounty-5Abhijit Duttabug-bounty-tips, bug-bounty-program, bug-bounty, bugbountychallenge, bug-bounty-writeup20-Dec-2023
DOM XSS in jQuery anchor href attribute sink using location.search sourcehttps://medium.com/@marduk.i.am/dom-xss-in-jquery-anchor-href-attribute-sink-using-location-search-source-b1000b4b16b3?source=rss------bug_bounty-5Marduk I Amcross-site-scripting, portswigger-lab, cybersecurity, bug-bounty, dom-xss20-Dec-2023
How I doubled the store wallet amount for free?https://medium.com/@shubhamsonani/how-i-doubled-the-store-wallet-amount-for-free-d7396c05a304?source=rss------bug_bounty-5Shubham Sonanibug-bounty-tips, hacking, bug-bounty, cybersecurity, web-application-testing20-Dec-2023
Top Burp Suite Extensions Used by Penetration Testershttps://medium.com/@bharatvarshney567/top-burp-suite-extensions-used-by-penetration-testers-fa90fe26816c?source=rss------bug_bounty-5Bharat Varshneyowasp, bug-bounty, security-testing, security-services, penetration-testing20-Dec-2023
How to earn with earn bug boutny part-2?https://medium.com/@ashutoshgiri133/how-to-earn-with-earn-bug-boutny-part-2-1dcfe1922a33?source=rss------bug_bounty-5Tech Blaze ごじょcoding, money, bug-bounty, business20-Dec-2023
“CVE-2023–43837: Two-Factor Authentication (x2FA) Bypass Vulnerability in Roundcube Webmail Plugin”https://medium.com/@ChandSingh/cve-2023-43837-two-factor-authentication-x2fa-bypass-vulnerability-in-roundcube-webmail-plugin-f2fef177187e?source=rss------bug_bounty-5Chand Singhcve, vulnerability, cybersecurity, bug-bounty, security20-Dec-2023
Web Security Diaryhttps://medium.com/@muratkabakk1/web-security-diary-4b2148326abe?source=rss------bug_bounty-5Murat Kbug-bounty, web-security20-Dec-2023
Introducing Code4rena Blue: More than just bug bountieshttps://medium.com/code4rena/introducing-code4rena-blue-more-than-just-bug-bounties-f2a9949c6b9c?source=rss------bug_bounty-5aramassmart-contract-security, code4rena, bug-bounty20-Dec-2023
Learn Command Injection Vulnerabilitieshttps://bicodev.medium.com/learn-command-injection-vulnerabilities-2a8ed26eb47a?source=rss------bug_bounty-5BICODEVlinux, python-programming, cybersecurity, bug-bounty, penetration-testing19-Dec-2023
Hack the Web like a Pirate: Identifying Vulnerabilities with Stylehttps://bicodev.medium.com/hack-the-web-like-a-pirate-identifying-vulnerabilities-with-style-171246a302a5?source=rss------bug_bounty-5BICODEVpython, bug-bounty, cybersecurity, hacker, penetration-testing19-Dec-2023
3 Steps Discovered XXE You should Knowhttps://medium.com/@kerstan/3-steps-discovered-xxe-you-should-know-d779ab5eb056?source=rss------bug_bounty-5kerstansecurity, pentesting, hacking, cybersecurity, bug-bounty19-Dec-2023
DOM XSS in innerHTML sink using source location.searchhttps://medium.com/@marduk.i.am/dom-xss-in-innerhtml-sink-using-source-location-search-a3ac4546ca5c?source=rss------bug_bounty-5Marduk I Ambug-bounty, cybersecurity, dom-xss, cross-site-scripting, portswigger-lab19-Dec-2023
Zero Trust Architecturehttps://medium.com/@khan.ghufran.0000/zero-trust-architecture-f47e9da3eaec?source=rss------bug_bounty-5Khan Ghufranarchitecture, bug-bounty, cybersecurity, cyber-security-solutions, infosec19-Dec-2023
Rekomendasi Buku Bug Bounty Untuk Pemulahttps://medium.com/@arenaldyp/rekomendasi-buku-bug-bounty-untuk-pemula-5aadd03f434f?source=rss------bug_bounty-5K1ngP1ngbug-bounty, indonesia, web-security, recommendations, hacking19-Dec-2023
Is It Worth Quitting 9–5 Job For a Full-Time Bug Bounty?https://ajaksecurity.medium.com/is-it-worth-quitting-9-5-job-for-a-full-time-bug-bounty-8274f6808aab?source=rss------bug_bounty-5Ajak Cyber securityethical-hacking, cybersecurity, blog, jobs, bug-bounty19-Dec-2023
Directory Listing Vulnerabilityhttps://medium.com/@digant_15/directory-listing-vulnerability-b2e1583d8a7e?source=rss------bug_bounty-5Digant Prajapaticybersecurity, directory-listing, bug-bounty19-Dec-2023
How One Bug Scored Me Double Rewards!https://anasbetis023.medium.com/how-one-bug-scored-me-double-rewards-355b8d02cdbf?source=rss------bug_bounty-5Anas H Hmaidycybersecurity, bug-bounty, penetration-testing, ethical-hacking, web-security19-Dec-2023
Join Any Facebook Group As Deactivated Additional Profilehttps://zerocode-ph.medium.com/join-any-facebook-group-as-deactivated-additional-profile-f63a31db7797?source=rss------bug_bounty-5Syd Ricafortfacebook, bug-bounty, facebook-bug-bounty19-Dec-2023
How I Found SQL Injection worth of $4,000 bountyhttps://roberto99.medium.com/how-i-found-sql-injection-worth-of-4-000-bounty-16ca09cbf8ec?source=rss------bug_bounty-5Roberto Nunesbug-bounty, sql-injection, bug-bounty-writeup, bug-bounty-tips, reconnaissance19-Dec-2023
#6.TryHackMe Series writeups: Brooklyn Nine Ninehttps://cyb3rmind.medium.com/6-tryhackme-series-writeups-brooklyn-nine-nine-a0f7f074cbab?source=rss------bug_bounty-5Cyb3r M!ndthm-writeup, tryhackme, ctf-writeup, brooklyn-nine-nine, bug-bounty19-Dec-2023
The Ultimate Guide to Uncovering XSS Vulnerabilities at Scalehttps://medium.com/@cyndybruce1967/the-ultimate-guide-to-uncovering-xss-vulnerabilities-at-scale-1f35ecb765b7?source=rss------bug_bounty-5Cyndybrucecybersecurity, penetration-testing, automation, bug-bounty, xs19-Dec-2023
The Ultimate Guide to Hunting for XSS Vulnerabilities at Scalehttps://medium.com/@elitumbleson1978/the-ultimate-guide-to-hunting-for-xss-vulnerabilities-at-scale-bfde4a9beae6?source=rss------bug_bounty-5Elitumblesoncybersecurity, penetration-testing, bug-bounty, xs, automation19-Dec-2023
Understanding Cross-Site Scripting (XSS) Attacks: Risks, Prevention, and Impacthttps://securitylit.medium.com/understanding-cross-site-scripting-xss-attacks-risks-prevention-and-impact-ce002e5fbb1a?source=rss------bug_bounty-5Security Lit Limitedxss-attack, technology, bug-bounty, cybersecurity, vulnerability18-Dec-2023
why you need to filter the input and the output —  stored xsshttps://medium.com/@Mr3Moe/why-you-need-to-filter-the-input-and-the-output-stored-xss-66f67c663703?source=rss------bug_bounty-5Mr3Moeweb-penetration-testing, appsec, bug-bounty18-Dec-2023
Lets Dive into the Intense World of Malware Analysis!https://medium.com/@paritoshblogs/lets-dive-into-the-intense-world-of-malware-analysis-3c9e242d8c16?source=rss------bug_bounty-5Paritoshinformation-security, malware-analysis, cybersecurity, programming, bug-bounty18-Dec-2023
Burp Suite Bambdahttps://medium.com/offensive-black-hat-hacking-security/burp-suite-bambda-b9b8f57d6b46?source=rss------bug_bounty-5Harshad Shahbug-bounty, hacking, cybersecurity, infosec, penetration-testing18-Dec-2023
Top Burp Suite Extensions Used by Penetration Testershttps://securitycipher.medium.com/top-burp-suite-extensions-used-by-penetration-testers-ee971a73256a?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)bug-bounty-tips, security, cybersecurity, bug-bounty, technology18-Dec-2023
How to write a perfect pentest reporthttps://arex-godofwar.medium.com/how-to-write-a-perfect-pentest-report-edb63cc68b36?source=rss------bug_bounty-5Ahmadreza Parsizadehpentesting, bug-bounty, reporting, offensive-security18-Dec-2023
Mastering Web Application Security: Defending Against Injections and Broken Access Controlhttps://medium.com/@moldovanzsombor/mastering-web-application-security-defending-against-injections-and-broken-access-control-34161cbefc8f?source=rss------bug_bounty-5Moldovan Zsomborhacking, cybersecurity, web-applications, bug-bounty18-Dec-2023
CyberSecurity Day 01 to 100: DAY 08 |A Comprehensive Guide for Novices and Expertshttps://medium.com/@acs_society/cybersecurity-day-01-to-100-day-08-a-comprehensive-guide-for-novices-and-experts-55d3ef86abbf?source=rss------bug_bounty-5Association For Cyber Securityacsociety, ethical-hacking, cybersecurity, bug-bounty, security-engineer18-Dec-2023
This Tool Helps Me To Find The Origin IP Addresshttps://ajaksecurity.medium.com/this-tool-helps-me-to-find-the-origin-ip-address-d9c2abceafb2?source=rss------bug_bounty-5Ajak Cyber securityhacking, ethical-hacking, blog, bug-bounty, penetration-testing18-Dec-2023
ParagonsDAO’s Bug Bounty Programhttps://medium.com/paragonsdao/paragonsdaos-bug-bounty-program-8cfb82f786c0?source=rss------bug_bounty-5ParagonsDAOweb3, immunefi, bug-bounty, paragonsdao18-Dec-2023
Go Witness Install Guide…https://medium.com/@psychomong/go-witness-install-guide-a62d96be30b0?source=rss------bug_bounty-5psychomonghacking-tools, bug-bounty, golang, hacking, osint18-Dec-2023
CyberSecurity Day 01 to 100: DAY 08 | A Comprehensive Guide for Novices and Expertshttps://medium.com/@acs_society/cybersecurity-day-01-to-100-day-08-a-comprehensive-guide-for-novices-and-experts-55d3ef86abbf?source=rss------bug_bounty-5Association For Cyber Securityacsociety, ethical-hacking, cybersecurity, bug-bounty, security-engineer18-Dec-2023
How I Could Leak Phone Numbers and Emails of Indian Voters and Applicantshttps://medium.com/@Mr.Equinox/how-i-could-leak-phone-numbers-and-emails-of-indian-voters-and-applicants-dd1fc699d81e?source=rss------bug_bounty-5Sahil Mhatrebug-bounty, mybugs, bug-hunting, api-security, vapt18-Dec-2023
Horizon Protocol V2 — Hacken Bug Bounty Program Now Live On Testnethttps://horizonprotocol.medium.com/horizon-protocol-v2-hacken-bug-bounty-program-now-live-on-testnet-4617205c7184?source=rss------bug_bounty-5Horizon Protocolbug-bounty, defi, hacken, derivatives, synthetic-asset18-Dec-2023
Getting Started with Recon Automation using ReNgine on Windows (WSL): Installation Guidehttps://mxmd.medium.com/getting-started-with-recon-automation-using-rengine-on-windows-wsl-installation-guide-50ad95b8a7a9?source=rss------bug_bounty-5Max Klosereconnaissance, bug-bounty-hunting, automation, bug-bounty, guides-and-tutorials18-Dec-2023
Bug Zero at a Glance [19–30 November]https://blog.bugzero.io/bug-zero-at-a-glance-19-30-november-8470a11d3015?source=rss------bug_bounty-5Januka Dharmapriyabug-zero, newsletter, cybersecurity, sri-lanka, bug-bounty17-Dec-2023
Mitel MiCollab AWV Directory Traversal Vulnerability (CVE-2020–11798)https://samshadow.medium.com/mitel-micollab-awv-directory-traversal-vulnerability-cve-2020-11798-ec1408cd35b9?source=rss------bug_bounty-5Sam Shadowbug-bounty, bug-bounty-writeup, bug-bounty-tips, vulnerability, directory-traversal17-Dec-2023
Unveiling a Security Flaw: The Divergence of OTP and Link Password Authentication in redacted.comhttps://medium.com/@MohaseenK/unveiling-a-security-flaw-the-divergence-of-otp-and-link-password-authentication-in-redacted-com-27e0cc2dc73c?source=rss------bug_bounty-5Mohaseenbug-hunting, password-reset, bug-bounty, hackerone17-Dec-2023
XSSRF : The Unholy Matrimony of XSS and SSRFhttps://naumankh4n.medium.com/xssrf-the-unholy-matrimony-of-xss-and-ssrf-89f7abfca5b3?source=rss------bug_bounty-5Nauman Khancybersecurity, hacking, bug-bounty, penetration-testing, money17-Dec-2023
Bug Bounty programmes give people the fear (they shouldn’t)https://medium.com/@ethanrom/bug-bounty-programmes-give-people-the-fear-they-shouldnt-755466351140?source=rss------bug_bounty-5Leo Chacking, cybersecurity, ciso, culture, bug-bounty17-Dec-2023
V3 Testnet Bug Bountyhttps://tribeone.medium.com/v3-testnet-bug-bounty-8281b8775843?source=rss------bug_bounty-5TribeOnenft, smart-contract-security, bug-bounty17-Dec-2023
DOM XSS in document.write sink using source location.searchhttps://medium.com/@marduk.i.am/dom-xss-in-document-write-sink-using-source-location-search-ae458bc5c85f?source=rss------bug_bounty-5Marduk I Amdom-xss, cross-site-scripting, cybersecurity, bug-bounty, portswigger-lab17-Dec-2023
Reflected XSS in BGMIhttps://medium.com/@patil97/reflected-xss-in-bgmi-38ed48773981?source=rss------bug_bounty-5Patil97bug-bounty, xs, bugs, security17-Dec-2023
Main Methodology 1 | Part 04 | What To Do After Choosing a Targethttps://infosecwriteups.com/main-methodology-1-part-04-what-to-do-after-choosing-a-target-f9cea586d6af?source=rss------bug_bounty-5Om Arorabug-bounty, bug-bounty-tips, hacking, infosec, methodology17-Dec-2023
When not to rely on Automated Toolshttps://medium.com/@rodriguezjorgex/when-not-to-rely-on-automated-tools-429b331e0613?source=rss------bug_bounty-5Rodriguezjorgexcybersecurity, bug-bounty, xss-attack, prototype-pollution, bug-bounty-tips16-Dec-2023
Escalating DOM XSS to Stored XSShttps://medium.com/@rodriguezjorgex/escalating-dom-xss-to-stored-xss-eb6f3a669af3?source=rss------bug_bounty-5Rodriguezjorgexcross-site-scripting, bug-bounty, hacking, cybersecurity, xss-attack16-Dec-2023
Mitigating Risks: Securing Symfony Profiler from Unwanted Exposurehttps://samshadow.medium.com/mitigating-risks-securing-symfony-profiler-from-unwanted-exposure-14e90a53dd65?source=rss------bug_bounty-5Sam Shadowbug-bounty-writeup, bug-bounty, bug-bounty-tips, vulnerability16-Dec-2023
Unveiling Vulnerabilities: PHP Debug Bar Exposes Sensitive Informationhttps://samshadow.medium.com/unveiling-vulnerabilities-php-debug-bar-exposes-sensitive-information-ca341267fe33?source=rss------bug_bounty-5Sam Shadowvulnerability, bug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter16-Dec-2023
Self-XSS to Stored XSShttps://medium.com/@rodriguezjorgex/self-xss-to-stored-xss-b4b999610c5b?source=rss------bug_bounty-5Rodriguezjorgexhacking, cybersecurity, bug-bounty, xss-attack, bug-bounty-tips16-Dec-2023
Unveiling CVE-2019-11248: A Vulnerability in Kuberneteshttps://samshadow.medium.com/unveiling-cve-2019-11248-a-vulnerability-in-kubernetes-83a831afaccd?source=rss------bug_bounty-5Sam Shadowbug-bounty, bug-bounty-hunter, bug-bounty-tips, vulnerability, bug-bounty-writeup16-Dec-2023
DOM-based vulnerabilitieshttps://ayonthakur101.medium.com/dom-based-vulnerabilities-db02d7437b26?source=rss------bug_bounty-5Ayon Thakurpenetration-testing, bug-bounty, hacker, portswigger, burp-suit16-Dec-2023
SSTI gave me T-Shirt + € 50https://medium.com/@bug.hun3r/ssti-got-me-t-shirt-50-a8672ca766c9?source=rss------bug_bounty-5mo9kHu93rinformation-security, bug-bounty, bug-hunting, info-sec-writeups, cybersecurity16-Dec-2023
Kakar Securityhttps://medium.com/@walikhankakar313/kakar-security-cf15f39baede?source=rss------bug_bounty-5Wali Khan Kakarwebsite-scanning, penetration, security, hacking-world, bug-bounty16-Dec-2023
Headline: Indian Government Issues High-Risk Warning for Samsung Galaxy S23 and Other Modelshttps://riglabscollective.medium.com/headline-indian-government-issues-high-risk-warning-for-samsung-galaxy-s23-and-other-models-2c153d5bcc62?source=rss------bug_bounty-5Riglabs Collectivesamsung-galaxy, india, s23ultra, mobile, bug-bounty15-Dec-2023
6 Quick Discover Bug Search Syntax In Code-basehttps://medium.com/@kerstan/6-quick-discover-bug-search-syntax-in-code-base-eb3d6fb6e929?source=rss------bug_bounty-5kerstanhacker, cybersecurity, bug-bounty, security, bug-bounty-tips15-Dec-2023
Easy Money from the Most Trivially Easy Broken Access Controlhttps://abd11atarek.medium.com/easy-money-from-the-most-trivially-easy-broken-access-control-4d810af327f7?source=rss------bug_bounty-5abda11atarekbugcrowd, bug-bounty-tips, bug-hunter, bug-bounty, broken-access-control15-Dec-2023
HTTP/2 Request Smugglinghttps://medium.com/@kerstan/http-2-request-smuggling-b6ef5ae351fb?source=rss------bug_bounty-5kerstanhacking, https, bug-bounty-tips, bug-bounty, cybersecurity15-Dec-2023
3 Cases of DOM XSS in Bug Bountyhttps://medium.com/@kerstan/3-cases-of-dom-xss-in-bug-bounty-0744003f0b2b?source=rss------bug_bounty-5kerstanbug-bounty, xss-attack, hacking, cybersecurity, bug-bounty-tips15-Dec-2023
How I Automatically Discovered SSRF in Hackerone Programhttps://medium.com/@kerstan/how-i-automatically-discovered-ssrf-in-hackerone-program-2ae0b7a6ef1b?source=rss------bug_bounty-5kerstanbug-bounty-tips, cybersecurity, hacking, ssrf, bug-bounty15-Dec-2023
How I Discovered SSRF on Hackerone Programhttps://medium.com/@kerstan/how-i-discovered-ssrf-on-hackerone-program-7bbe72334f74?source=rss------bug_bounty-5kerstanbug-bounty-tips, bug-bounty, ssrf, hacker, graphql15-Dec-2023
From CloudSec to Application Security, Bug Bounties to Cybersecurity tooling, and Morehttps://infosecwriteups.com/from-cloudsec-to-application-security-bug-bounties-to-cybersecurity-tooling-and-more-9f4a1819620c?source=rss------bug_bounty-5InfoSec Write-upshacking, conference, bug-bounty, security, information-security15-Dec-2023
One port can be a costly mistake | Attack The Rsync Service in a Private Programhttps://medium.com/@sword0x00/one-port-can-be-a-costly-mistake-attack-the-rsync-service-in-a-private-program-cdbf9ecc650d?source=rss------bug_bounty-5Mohanad Heshamrsync, bug-bounty, fingerprinting, port-scan, hacking15-Dec-2023
How To Explore and Exploit GraphQL [Indonesia]https://revan-ar.medium.com/how-to-explore-and-exploit-graphql-indonesia-562c560f46c6?source=rss------bug_bounty-5Revan Abug-bounty, web-security, api, penetration-testing, graphql15-Dec-2023
Subdomain Takeover in Azure Trafficmanager for Fun & Profithttps://padsalatushal.medium.com/subdomain-takeover-in-azure-trafficmanager-for-fun-profit-09c858ca3d0e?source=rss------bug_bounty-5Padsala Tushalbug-bounty, cybersecurity, infosec, subdomain-takeover, bug-bounty-tips15-Dec-2023
Cookie Quest: XSS Admin Assaulthttps://medium.com/@josh.beck2006/cookie-quest-xss-admin-assault-694769f84796?source=rss------bug_bounty-5Josh Beckcybersecurity, programming, penetration-testing, bug-bounty, ctf-writeup14-Dec-2023
How did I find open redirect on LinkedInhttps://medium.com/@neverl0gbughunt/how-did-i-find-open-redirect-on-linkedin-e35918b3b129?source=rss------bug_bounty-5neverl0gbug-bounty-tips, bug-bounty-writeup, bug-bounty14-Dec-2023
All about Ethical Hackinghttps://securitycipher.medium.com/all-about-ethical-hacking-277b9c3e4b36?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)technology, security, cybersecurity, bug-bounty, hacking14-Dec-2023
Uncovering an Account Takeover Vulnerability: Auth Bypass via Response Manipulation.https://medium.com/@kataeriidubstep/uncovering-an-account-takeover-vulnerability-auth-bypass-via-response-manipulation-ba8257f917d2?source=rss------bug_bounty-5Pavan kumar.Gcybersecurity, appsec, bug-bounty14-Dec-2023
Remote Code execution at ws1.aholdusa.com — Compromising logins of Ahold Delhaize USA employeeshttps://medium.com/@jonathanbouman/remote-code-execution-at-ws1-aholdusa-com-compromising-logins-of-ahold-delhaize-usa-employees-c7c9aca7e05d?source=rss------bug_bounty-5Jonathan Boumancybersecurity, bug-bounty, rce, hacking, security14-Dec-2023
How I Quickly Discover Bug In Codebasehttps://medium.com/@kerstan/how-i-quickly-discover-bug-in-code-6a3bfa7e6e82?source=rss------bug_bounty-5kerstanbug-bounty, programming, technology, code-review, cybersecurity14-Dec-2023
How i found a Permanent Denial of Service via Account Lockout:https://medium.com/@kataeriidubstep/how-i-found-a-permanent-denial-of-service-via-account-lockout-ac1bc33c3c0a?source=rss------bug_bounty-5Pavan kumar.Gappsec, cybersecurity, bug-bounty14-Dec-2023
How i found a Misconfigured CORS Vulnerability — Unauthorized Cross-Origin Resource Sharing :https://medium.com/@kataeriidubstep/how-i-found-a-misconfigured-cors-vulnerability-unauthorized-cross-origin-resource-sharing-16effea37e78?source=rss------bug_bounty-5Pavan kumar.Gappsec, cybersecurity, bug-bounty14-Dec-2023
How i found a Password Reset Token Leak via Referer Header:https://medium.com/@kataeriidubstep/how-i-found-a-password-reset-token-leak-via-referer-header-7d71d35b0ea8?source=rss------bug_bounty-5Pavan kumar.Gappsec, cybersecurity, bug-bounty14-Dec-2023
Adobe Recap: 2023 Ambassador World Cup Final Fourhttps://blog.developer.adobe.com/adobe-recap-2023-ambassador-world-cup-final-four-df701e1a1b12?source=rss------bug_bounty-5Chris Parkersonhacking, security, bug-bounty, hackathons, security-research14-Dec-2023
Starlink Router Gen 2 is vulnerable to XSS.https://medium.com/@hackintoanetwork/starlink-router-gen-2-is-vulnerable-to-xss-48cfcadd0b13?source=rss------bug_bounty-5hackintoanetworkbug-bounty, starlink, exploit, dishy, router14-Dec-2023
VulnLab — SQL Injection series — Bypass Login part 2(Database Collect)https://medium.com/@kurobe09/vulnlab-sql-injection-series-bypass-login-part-2-database-collect-1e6aa36a1308?source=rss------bug_bounty-5kurobe09cybersecurity, cyberattack, pentest-learnings, sql-injection, bug-bounty13-Dec-2023
Cross-Site Scripting (XSS)https://medium.com/@savanghori1203/cross-site-scripting-xss-c288793349a9?source=rss------bug_bounty-5SavanGhoribug-bounty, xss-attack, xss-vulnerability, bug-bounty-tips, vulnerability13-Dec-2023
phpinfo() — My First Resolved Bug in HackerOnehttps://medium.com/@ft.eagle.eye.1/phpinfo-my-first-resolved-bug-in-hackerone-a22fea1adb9b?source=rss------bug_bounty-5Muhammad Farhad Ansarybug-bounty, bug-bounty-tips13-Dec-2023
AppSec Tales XXIV | Deserializationhttps://karol-mazurek95.medium.com/appsec-tales-xxiv-deserialization-841d6bfaa710?source=rss------bug_bounty-5Karol Mazurekpenetration-testing, bug-bounty, information-technology, information-security, cybersecurity13-Dec-2023
Only 3 Days Left For IWCON 2023https://infosecwriteups.com/only-3-days-left-for-iwcon-2023-bab915df5ae8?source=rss------bug_bounty-5InfoSec Write-upshacking, bug-bounty, conference, information-security, programming13-Dec-2023
A misconfiguration in the password reset process can lead to an account takeover.https://medium.com/@Mr3Moe/a-misconfiguration-in-the-password-reset-process-can-lead-to-an-account-takeover-30c43e17d744?source=rss------bug_bounty-5Mr3Moeweb-application-security, web-app-pentesting, bug-bounty, web-app-security13-Dec-2023
I found out what my neighbour was looking at on the internet, This is how ?https://navnee1h.medium.com/i-found-out-what-my-neighbour-was-looking-at-on-the-internet-this-is-how-050c4dfef8b4?source=rss------bug_bounty-5Navaneeth M Sbug-bounty, monitoring, dns, hacking, wifi13-Dec-2023
Day 13 Bug Bounty — 60 days 60 bugs challenge (Found P1!!! Hope it gets accepted)https://medium.com/@avbhijitdutta99/day-13-bug-bounty-60-days-60-bugs-challenge-found-p1-hope-it-gets-accepted-670f0dcc25f3?source=rss------bug_bounty-5Abhijit Duttabug-bounty-writeup, bug-bounty, bug-bounty-program, bug-bounty-tips, bugbountychallenge13-Dec-2023
OpenBounty, Shentu’s New Approach in Security Ecosystemhttps://shentuchain.medium.com/openbounty-shentus-new-approach-in-security-ecosystem-fbae6506d956?source=rss------bug_bounty-5Shentu Chainbounty-program, bounty-hunter, bug-bounty, web3, cybersecurity12-Dec-2023
Mobile Application Security Testing: Navigating the Digital Landscape Safelyhttps://medium.com/geekculture/mobile-application-security-testing-navigating-the-digital-landscape-safely-3aead90a5455?source=rss------bug_bounty-5Security Lit Limitedmobile-security, cybersecurity, programming, vapt, bug-bounty12-Dec-2023
I will do Vulnerability Assessment and penetration testing on your websitehttps://securitycipher.medium.com/i-will-do-vulnerability-assessment-and-penetration-testing-on-your-website-5cd4fb147a33?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)services, bug-bounty, security, cybersecurity, technology12-Dec-2023
Skills Needed For Bug Bountyhttps://medium.com/@joshdesharnais1/skills-needed-for-bug-bounty-23e289ef0853?source=rss------bug_bounty-5Joshua Desharnaisxss-attack, idor, bug-bounty, account-takeover12-Dec-2023
Duplicate CSRF… Leads to $$$$https://shellbreaker.medium.com/duplicate-csrf-leads-to-26c1ddc71dc5?source=rss------bug_bounty-5Bhavesh aka Shellbreakerhacking, info-sec-writeups, bug-bounty, cybersecurity, bug-bounty-tips12-Dec-2023
Server-Side Request Forgery (SSRF)https://medium.com/@savanghori1203/server-side-request-forgery-ssrf-ca04465ac41a?source=rss------bug_bounty-5SavanGhoribug-bounty, vulnerability, bug-bounty-tips, ssrf, bugs12-Dec-2023
Remote Code Execution (RCE)https://medium.com/@savanghori1203/remote-code-execution-rce-e8628b1432de?source=rss------bug_bounty-5SavanGhoribug-bounty-tips, bugs, vulnerability, rce, bug-bounty12-Dec-2023
Join ARPA’s Bug Bounty Program with Immunefi — Up to $50,000 in Rewards!https://arpa.medium.com/join-arpas-bug-bounty-program-with-immunefi-up-to-50-000-in-rewards-18d9fbd7b193?source=rss------bug_bounty-5ARPA Officialblockchain, developer, bug-bounty, debugging12-Dec-2023
Easy Admin Access — RVDP (2)https://infosecwriteups.com/easy-admin-access-rvdp-2-bf2ec8349ebf?source=rss------bug_bounty-5hackerdevilpenetration-testing, hacking, bug-bounty-tips, bug-bounty, bug-bounty-writeup12-Dec-2023
One Scheme to Rule Them All: OAuth Account Takeoverhttps://medium.com/@ostorlab/one-scheme-to-rule-them-all-oauth-account-takeover-26ac4cb5e898?source=rss------bug_bounty-5Ostorlabmobile-security, bug-bounty, oauth, bug-bounty-tips, account-takeover12-Dec-2023
The launch of incentivized testnet for TribeOne V3https://tribeone.medium.com/the-launch-of-incentivized-testnet-for-tribeone-v3-6e12a1eb6d0f?source=rss------bug_bounty-5TribeOnebug-bounty, perpetual-contracts, testnet, nft, trading-competition12-Dec-2023
Hacking NASA and Got Hall of Famehttps://medium.com/@bug.hun3r/hacking-nasa-and-got-hall-of-fame-71f9a344d1d0?source=rss------bug_bounty-5mo9kHu93rpenetration-testing, cybersecurity, nasa, ethical-hacking, bug-bounty12-Dec-2023
Build3rs Bug Bounty Programhttps://medium.com/@Lay3rsXR/build3rs-bug-bounty-program-8b874bdfee0e?source=rss------bug_bounty-5Lay3rsbuild3rs, bug-bounty, blockchain, refis12-Dec-2023
Bug Bounty and Hacking Books You Should Read (Must Read)https://rajkaran359.medium.com/bug-bounty-and-hacking-books-you-should-read-must-read-57ca722ad51d?source=rss------bug_bounty-5Rajkaranbug-bounty, hacking-books, hacking, cybersecurity, bug-bounty-tips12-Dec-2023
How I got $300 for Default Credential Login at Bugcrowdhttps://medium.com/@avbhijitdutta99/how-i-got-300-for-default-credential-login-at-bugcrowd-30368eb698f7?source=rss------bug_bounty-5Abhijit Duttabug-bounty-tips, bug-bounty-program, bug-bounty, bug-bounty-writeup12-Dec-2023
missing session scopes lead to authentication bypasshttps://medium.com/@Mr3Moe/missing-session-scopes-lead-to-authentication-bypass-2e1cdaebda7b?source=rss------bug_bounty-5Mr3Moeweb, bug-bounty, appsec, web-penetration-testing12-Dec-2023
Exploiting Django Debug Mode for Unrestricted Access to the Internal Dashboard?https://rokkamvamsi18.medium.com/exploiting-django-debug-mode-for-unrestricted-access-to-the-internal-dashboard-b725783714ae?source=rss------bug_bounty-5Rokkam_Vamshi1_8bug-bounty-tips, django, bug-bounty, hackerone, infosec12-Dec-2023
Portswigger Labs — Api-testinghttps://medium.com/@rynnnn617/portswigger-labs-api-testing-86a8827ddfdc?source=rss------bug_bounty-5Ry4nnnnportswigger, appsec, bug-bounty, burp11-Dec-2023
How to learn Hacking From 0 to Herohttps://rajput623929.medium.com/how-to-learn-hacking-from-0-to-hero-4a5f288c003d?source=rss------bug_bounty-5Mr.Horbiobug-bounty, cryptography, ethical-hacking, cybersecurity, hacking11-Dec-2023
How i found a Host Header Injection in Password Reset Function:https://medium.com/@kataeriidubstep/how-i-found-a-host-header-injection-in-password-reset-function-5c2ba8d209e6?source=rss------bug_bounty-5Pavan kumar.Gcybersecurity, appsec, bug-bounty11-Dec-2023
How I Automatically Discovered SSRF in Hackerone Programshttps://medium.com/@kerstan/how-i-automatically-discovered-ssrf-in-hackerone-programs-39e27a1554b5?source=rss------bug_bounty-5kerstansecurity, ssrf, bug-bounty-tips, bug-bounty, hacker11-Dec-2023
Next js and Antd Desing css demora milesimos de segundos para carregar na página.https://medium.com/@yurioliveiragochi/next-js-and-antd-desing-css-demora-milesimos-de-segundos-para-carregar-na-p%C3%A1gina-77f3b203dac8?source=rss------bug_bounty-5Yuri Oliveira Gochibug-bounty, antd, next, react11-Dec-2023
Unveiling the World of Bug Bounty Programs: Enhancing Cybersecurity Through Collaborationhttps://medium.com/@bahadur4630105/unveiling-the-world-of-bug-bounty-programs-enhancing-cybersecurity-through-collaboration-bde9831b6882?source=rss------bug_bounty-5Syed Dawoodcyber-security-awareness, bug-bounty, bugbounty-writeup, bug-bounty-tips, bug-bounty-hunter11-Dec-2023
Dollars and Detectives: An Unique way to XSS Mysteries ( Not a Simp one ) for a $150 Rewardhttps://naumankh4n.medium.com/dollars-and-detectives-an-unique-way-to-xss-mysteries-not-a-simp-one-for-a-150-reward-f5d2d80d5022?source=rss------bug_bounty-5Nauman Khanmoney, ai, cybersecurity, hacking, bug-bounty11-Dec-2023
Say Goodbye to Password Hassles with These Cutting-Edge Security Trends!https://medium.com/@paritoshblogs/say-goodbye-to-password-hassles-with-these-cutting-edge-security-trends-8b8f6ad8f6d4?source=rss------bug_bounty-5Paritoshbug-bounty, information-security, cybersecurity, passwordless, passwords11-Dec-2023
HackTheBox — Session Security: Obtain Session Identifier via XSShttps://medium.com/@harry.hphu/hackthebox-session-security-obtain-session-identifier-via-xss-c151160c03b0?source=rss------bug_bounty-5Huy Phuhackthebox, web-security, session-security, bug-bounty, xss-attack11-Dec-2023
So you found Auth0 secrets, now what?https://blog.prodefense.io/so-you-found-auth0-secrets-now-what-0945642ac09b?source=rss------bug_bounty-5Nightbanepentesting, security, red-team, bug-bounty, auth011-Dec-2023
Kubernetes CR injection techniquehttps://medium.com/@esonhugh/kubernetes-cr-injection-technique-b4506500b8e9?source=rss------bug_bounty-5Esonhughhacking, custom-resource, bug-bounty, kubernetes-security10-Dec-2023
Bug bounty training from scratch(part2->lesson10):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson10-57551e079751?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, appsec, bug-bounty, networking10-Dec-2023
Bug bounty training from scratch(part2->lesson9):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson9-4802a25a2570?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, bug-bounty, appsec, networking10-Dec-2023
Bug bounty training from scratch(part2->lesson8):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson8-e8a2b87c3ac2?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, networking, appsec, computer-science10-Dec-2023
Bug bounty training from scratch(part2->lesson7):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson7-152c167dbc0f?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, appsec, computer-science, networking10-Dec-2023
Bug bounty training from scratch(part2->lesson6):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson6-43abf1f342ec?source=rss------bug_bounty-5Pavan kumar.Gnetworking, computer-science, appsec, bug-bounty10-Dec-2023
Bug bounty training from scratch(part2->lesson5):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson5-f0042df50fca?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, networking, computer-science, appsec10-Dec-2023
Bug bounty training from scratch(part2->lesson4):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson4-29d491577d8c?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, networking, computer-science, appsec10-Dec-2023
Bug bounty training from scratch(part2->lesson3):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson3-80794013cf99?source=rss------bug_bounty-5Pavan kumar.Gnetworking, bug-bounty, computer-science, appsec10-Dec-2023
Bug bounty training from scratch(part2->lesson2):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson2-177e4a21e8d3?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, appsec, networking, bug-bounty10-Dec-2023
Bug bounty training from scratch(part2->lesson1) :https://medium.com/@kataeriidubstep/understanding-ip-addressing-a-comprehensive-overview-95bf12e05cae?source=rss------bug_bounty-5Pavan kumar.Gnetwork-engineering, computer-science, appsec, bug-bounty10-Dec-2023
Bug bounty training from scratch(part2->lessonhttps://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson-7a58ad73a31d?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, appsec, networking, computer-science10-Dec-2023
How to not implement payment features - Insights from Bugbountyhttps://medium.com/@sivakrishnasamireddi/how-to-not-implement-payment-features-insights-from-bugbounty-e3d375566ad0?source=rss------bug_bounty-5Siva Krishna Samireddihacking, payments, bug-bounty, security, bugbounty-writeup10-Dec-2023
5 Tips for the Beginners Who Want to Start Bug Bountyhttps://medium.com/@bhuiyanaman71/5-tips-for-the-beginners-who-want-to-start-bug-bounty-c1a1a952e605?source=rss------bug_bounty-5Aman Bhuiyanweb-hacking, bug-bounty, bug-bounty-tips, hacking, ethical-hacking10-Dec-2023
In under age (<18), How I Hacked Multi- Billion-Dollar-Corp and got first 4 fig. $2600 Bounty!https://medium.com/@manan_sanghvi/in-under-age-18-how-i-hacked-multi-billion-dollar-corp-and-got-first-4-fig-2600-bounty-d9ce97b3652e?source=rss------bug_bounty-5Manan Sanghviidor, bug-bounty, first-bounty, web-application-security, hacking10-Dec-2023
Bug Bounty Testing: Test Ideashttps://medium.com/@lopseg/bug-bounty-testing-test-ideas-cf6e8ec5aed1?source=rss------bug_bounty-5Lopsegbug-bounty-writeup, bug-bounty, hacking-training, bug-bounty-tips, info-sec-writeups10-Dec-2023
CORS Misconfiguration -> PII Leakhttps://medium.com/@boogsta/cors-misconfiguration-pii-leak-2765ff5b7115?source=rss------bug_bounty-5Boogstacybersecurity, cyber, hacking, bug-bounty-tips, bug-bounty10-Dec-2023
Awesome Bug Bounty Tools Exploring Subdomain Enumeration and Reconnaissance Toolshttps://cyberconqueror.medium.com/awesome-bug-bounty-tools-exploring-subdomain-enumeration-and-reconnaissance-tools-7bffb25210e6?source=rss------bug_bounty-5NEWenumeration, mentoring, bug-bounty, cybersecurity, medium09-Dec-2023
Is it safe to expose your Firebase API key?https://infosecwriteups.com/is-it-safe-to-expose-your-firebase-api-key-bf2a318c0f29?source=rss------bug_bounty-5Suprajabaskarancybersecurity, keys, firebase, bug-bounty, ethical-hacking09-Dec-2023
2FA & MFA Bypass, Bug Bounty Easy Wins ! ! Ultimate Guidehttps://medium.com/@Kalki2121/2fa-mfa-bypass-bug-bounty-easy-wins-ultimate-guide-3722de0ad26c?source=rss------bug_bounty-5ʏᴀꜱʜʜinformation-security, bug-bounty-tips, bug-bounty, infosec, cybersecurity09-Dec-2023
3 Symfony (RCE): A Peek Behind the Curtainhttps://medium.com/@bxrowski0x/3-symfony-rce-a-peek-behind-the-curtain-83da5433e149?source=rss------bug_bounty-5Omar ElSayedbug-bounty-tips, cybersecurity, bug-bounty, symfony, remote-code-execution09-Dec-2023
How I passed my CRTP Examhttps://medium.com/@damaidec/how-i-passed-my-crtp-exam-c1dadd4d9ec1?source=rss------bug_bounty-5Damaidecexam, active-directory, cybersecurity, hacking, bug-bounty09-Dec-2023
Introduction to Burpsuite Bambda Featurehttps://medium.com/@gguzelkokar.mdbf15/introduction-to-burpsuite-bambda-feature-4c6b5fbc168d?source=rss------bug_bounty-5Gökhan Güzelkokarhacking, burpsuite, bug-bounty09-Dec-2023
TryHackMe | Advent of Cyber 2023 | Day 5https://axoloth.medium.com/tryhackme-advent-of-cyber-2023-day-5-60a464ac8d07?source=rss------bug_bounty-5Axolothbug-bounty, tryhackme, hacking, cybersecurity, penetration-testing09-Dec-2023
TryHackMe | Advent of Cyber 2023 | Day 4https://axoloth.medium.com/tryhackme-advent-of-cyber-2023-day-4-efa5f90ccfc1?source=rss------bug_bounty-5Axolothtryhackme, hacking, cybersecurity, bug-bounty, penetration-testing09-Dec-2023
My first Bugs: Persistence and mentality (Not a Writeup).https://medium.com/@Nightbloodz/my-first-bugs-persistence-and-mentality-not-a-writeup-1017714abc8c?source=rss------bug_bounty-5Alvaro Baladabug-bounty-hunter, bug-bounty, bug-bounty-tips, cybersecurity09-Dec-2023
Introduction to Burpsuite Bambdas Featurehttps://medium.com/@gguzelkokar.mdbf15/introduction-to-burpsuite-bambda-feature-4c6b5fbc168d?source=rss------bug_bounty-5Gökhan Güzelkokarhacking, burpsuite, bug-bounty09-Dec-2023
My first dork on GHBDhttps://noorhomaid.medium.com/my-first-dork-on-ghbd-988c21b45869?source=rss------bug_bounty-5NoorHomaidcybersecurity, bug-bounty, google-dork, ethical-hacking, penetration-testing09-Dec-2023
HTTP Noir: The Dark Art of Smuggling Byteshttps://chayandatta.medium.com/http-noir-the-dark-art-of-smuggling-bytes-a471a0f990f5?source=rss------bug_bounty-5CHAYAN DATTAsecurity, http-request-smuggling, hacking, bug-bounty, network09-Dec-2023
Broken Link Hijackinghttps://0xtomcat.medium.com/broken-link-hijacking-e0afc5986ea6?source=rss------bug_bounty-5Tomcatbug-bounty, bug-bounty-writeup, bug-bounty-tips, bugbounty-writeup08-Dec-2023
Testing vulnerabilities beyond traditional cases — around login/signup featureshttps://infosecwriteups.com/testing-vulnerabilities-beyond-traditional-cases-around-login-signup-features-9d496bd283d4?source=rss------bug_bounty-5Suprajabaskaranethical-hacking, bug-bounty-tips, penetration-testing, pentesting, bug-bounty08-Dec-2023
#4 Install Burp’s CA Certificate in Firefox — Guide for Burp Suitehttps://securitycipher.medium.com/4-install-burps-ca-certificate-in-firefox-guide-for-burp-suite-75a555ed7225?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)technology, security, bug-bounty-tips, bug-bounty, cybersecurity08-Dec-2023
Enum is the key — Automatizado + Manual = Full shell.https://aleeeeex264.medium.com/enum-is-the-key-automatizado-manual-full-shell-4eead6c37dc4?source=rss------bug_bounty-5Alejandro Olivares 0x4lexkali-linux, bug-bounty, bug-bounty-tips, hacking, pentesting08-Dec-2023
PEARfection: From LFI to RCI: An iCSI CTF Challenge.https://medium.com/@josh.beck2006/pearfection-from-lfi-to-rci-an-icsi-ctf-challenge-4ecfb77a60c4?source=rss------bug_bounty-5Josh Beckbug-bounty, penetration-testing, ctf-writeup, cybersecurity08-Dec-2023
Unraveling The Story of Multiple Admin Panel Compromiseshttps://vedanttekale20.medium.com/unraveling-the-story-of-multiple-admin-panel-compromises-baac4444285f?source=rss------bug_bounty-5Vedant Tekaleinformation-security, recon, bug-bounty, hacking, cybersecurity08-Dec-2023
Blind XSS on Registration Systemhttps://medium.com/@aurelioyudistira/blind-xss-on-registration-system-410eb0b98109?source=rss------bug_bounty-5MxShinzupentesting, bug-bounty, cybersecurity08-Dec-2023
Bug bounty training from scratch:https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-f62cc13fbe64?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch for beginners:https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-for-beginners-1f17e609fbf0?source=rss------bug_bounty-5Pavan kumar.Gcybersecurity, appsec, computer-science, bug-bounty, linux07-Dec-2023
Bug bounty training from scratch(part1->lesson12):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson12-206baedf6747?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, appsec, computer-science07-Dec-2023
Bug bounty training from scratch(part1->lesson11):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson11-6f2c71aa8135?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, appsec, bug-bounty07-Dec-2023
Bug bounty training from scratch(part1->lesson10):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson10-b2af2898a6b1?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch(part1->lesson9):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson9-44b004fe5550?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch(part1-> lesson8):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson8-98680d93e4bf?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, appsec, computer-science07-Dec-2023
Bug bounty training from scratch(part1->lesson7):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson7-d04def4b4ef3?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch (part1->lesson6):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson6-1b4b8742a1ec?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, bug-bounty, appsec07-Dec-2023
Bug bounty training from scratch(part1->lesson5):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson5-15d8c1f2cc5e?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch (part1->lesson4):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson4-653699a21284?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Using reNgine with Netlas.io modulehttps://netlas.medium.com/using-rengine-with-netlas-io-module-436e764a5495?source=rss------bug_bounty-5Netlas.iopenetration-testing, reconnaissance, information-security, cybersecurity, bug-bounty07-Dec-2023
Automation for Target Surface Information Gathering — XCOODE + AI Prompting for Bug Bounty Giantshttps://medium.com/@xcoode/automation-for-target-surface-information-gathering-xcoode-ai-prompting-for-bug-bounty-giants-a545dadc87dc?source=rss------bug_bounty-5XCOODEai, hacking, hackerone, bug-bounty, openai07-Dec-2023
Markdown XSS tipshttps://medium.com/@lopseg/markdown-xss-tips-e166905b1f5e?source=rss------bug_bounty-5Rafael Silvabug-bounty-tips, info-sec-writeups, xss-attack, bug-bounty, bug-bounty-writeup07-Dec-2023
Hacking Indian Government, Finding XSS & SQL Injectionhttps://medium.com/@Kalki2121/hacking-indian-government-finding-xss-sql-injection-9f83e5e60c6f?source=rss------bug_bounty-5Yashhbugs, bug-bounty-tips, bug-bounty, hacking, sql-injection07-Dec-2023
Unveiling Critical Vulnerability: Account Hijacking — Art of play on tokenshttps://medium.com/@xcoode/unveiling-critical-vulnerability-account-hijacking-art-of-play-on-tokens-dd270140cd25?source=rss------bug_bounty-5XCOODEfintech, bug-bounty, security, hacking, cloud07-Dec-2023
Advent of Cyber 2023 -Day 6 Walkthrough.. By Manoj Mudabagil.https://medium.com/@manojmudabagil/advent-of-cyber-2023-day-6-walkthrough-by-manoj-mudabagil-cd7062261d33?source=rss------bug_bounty-5Manoj Mudabagiltryhackme, hacking, advent-of-cyber-2023, cybersecurity, bug-bounty07-Dec-2023
Exploring New Vulnerability Vectors: A Systematic Approach to Manual Google Dorkinghttps://medium.com/@mxmd/exploring-new-vulnerability-vectors-a-systematic-approach-to-manual-google-dorking-fdfc79e9825d?source=rss------bug_bounty-5Max Klosecybersecurity, bug-bounty-tips, bug-bounty, google-dorking, osint07-Dec-2023
Markdown XSS tipshttps://medium.com/@lopseg/markdown-xss-tips-e166905b1f5e?source=rss------bug_bounty-5Lopsegbug-bounty-tips, info-sec-writeups, xss-attack, bug-bounty, bug-bounty-writeup07-Dec-2023
Hunt for GitHub leaks with LOPSEG DORK HELPERhttps://medium.com/@lopseg/hunt-for-github-leaks-with-lopseg-dork-helper-c3ce96cb4177?source=rss------bug_bounty-5Lopsegbug-bounty-writeup, hacking-tools, bug-bounty, bug-bounty-tips, bug-bounty-hunter07-Dec-2023
Enhancing Bug Bounty Hunting with Lopseg OSINThttps://medium.com/@lopseg/enhancing-bug-bounty-hunting-with-lopseg-osint-4f2fd075621a?source=rss------bug_bounty-5Lopsegbug-bounty, ctf, bug-bounty-writeup, cybersecurity, bug-bounty-tips07-Dec-2023
Enhancing Bug Bounty Hunting with Lopseg OSINThttps://medium.com/@lopseg/enhancing-bug-bounty-hunting-with-lopseg-osint-4f2fd075621a?source=rss------bug_bounty-5Lopsegbug-bounty, ctf, bug-bounty-writeup, bug-bounty-tips, hacking-tools07-Dec-2023
Markdown XSS polyglothttps://medium.com/@lopseg/markdown-xss-tips-e166905b1f5e?source=rss------bug_bounty-5Lopsegbug-bounty-tips, info-sec-writeups, xss-attack, bug-bounty, bug-bounty-writeup07-Dec-2023
20 Days Of Hacking: Bug Bounty Challenge —Conclusionhttps://wallotry.medium.com/20-days-of-hacking-bug-bounty-challenge-conclusion-0ac57a737883?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-hunting06-Dec-2023
The Secret World of Malicious Strings and Hidden Threats – Are You at Risk?https://medium.com/@paritoshblogs/the-secret-world-of-malicious-strings-and-hidden-threats-are-you-at-risk-cb25535d4718?source=rss------bug_bounty-5Paritoshinformation-security, hacking, http-headers, bug-bounty, cybersecurity06-Dec-2023
Python Program to find GCD (Greatest Common Divisor) for Cryptographyhttps://rajput623929.medium.com/python-program-to-find-gcd-greatest-common-divisor-for-cryptography-816075bba2fa?source=rss------bug_bounty-5Mr.Horbiocybersecurity, hacking, crytocurrency, cryptography, bug-bounty06-Dec-2023
API Security — Web Security Academyhttps://mrshan.medium.com/api-security-web-security-academy-3578589fc3fa?source=rss------bug_bounty-5MR SHANweb-security-academy, bug-bounty06-Dec-2023
Spool Unveils Comprehensive Bug Bounty Programme to Fortify DeFi Securityhttps://medium.com/spoolfi/spool-unveils-comprehensive-bug-bounty-programme-to-fortify-defi-security-673559c463dd?source=rss------bug_bounty-5Spoolbug-bounty, security, blockchain, defi, smart-contracts06-Dec-2023
Cheat code for file upload vulnerability by kidnapshadowhttps://medium.com/@kidnapshadow/cheat-code-for-file-upload-vulnerability-by-kidnapshadow-ebb0794581f2?source=rss------bug_bounty-5Kidnapshadowkidnapshadow, owasp, vulnerability, file-upload-vulnerability, bug-bounty06-Dec-2023
API Documentation Tipshttps://medium.com/@lopseg/api-documentation-tips-e36e63f47589?source=rss------bug_bounty-5Rafael Silvabug-bounty-tips, bug-hunting, bug-bounty06-Dec-2023
From Bug Bounty Prodigy to Leadership Luminary: Aditya Shende Ascends at XCOODEhttps://medium.com/@xcoode/from-bug-bounty-prodigy-to-leadership-luminary-aditya-shende-ascends-at-xcoode-18a6aaab1471?source=rss------bug_bounty-5XCOODEcybersecurity, bug-bounty, leadership, cyber05-Dec-2023
Empowering the Next Generation: XCOODE Unveils Hacckers Bug Bounty Platform for Cyber Enthusiastshttps://medium.com/@xcoode/empowering-the-next-generation-xcoode-unveils-hacckers-bug-bounty-platform-for-cyber-enthusiasts-bc6dc31c27b9?source=rss------bug_bounty-5XCOODEcybersecurity, hacker, cyber, bug-bounty05-Dec-2023
PDF Upload Leading to Stored XSShttps://medium.com/@katmaca2014/pdf-upload-leading-to-stored-xss-f712326705ee?source=rss------bug_bounty-5Kaan Atmacacybersecurity, penetration-testing, bug-bounty, hacking, pentesting05-Dec-2023
LFI via SMTP log poisoninghttps://medium.com/@akshadjoshi/lfi-via-smtp-log-poisoning-65e02dd21068?source=rss------bug_bounty-5Akshad Joshilog-poisoning, local-file-inclusion, smtp, bug-bounty, rce05-Dec-2023
Bypassing 2FA Authentication in TeamPass Systemhttps://medium.com/@developer_1991/bypassing-2fa-authentication-in-teampass-system-f3184fe8589d?source=rss------bug_bounty-5HamidReza Faghanibug-bounty, account-takeover, security, 0day, exploitation05-Dec-2023
Admin Panel Accesshttps://medium.com/@omdubey170/admin-panel-access-5dd2fd4938a0?source=rss------bug_bounty-5Omdubeybug-bounty, bugs, bug-bounty-tips, ethical-hacking, pentesting05-Dec-2023
LFI on Microsofthttps://medium.com/@sushilgill08/lfi-on-microsoft-2d30c9283534?source=rss------bug_bounty-5Sushil Choudharyhackerone, bug-hunting, microsoft, bug-bounty, bugbounty-writeup04-Dec-2023
How I Found A Website Vulnerability In Under 10 Minuteshttps://medium.com/@abidmafahim7/how-i-found-a-website-vulnerability-in-under-10-minutes-2b2ff934545d?source=rss------bug_bounty-5Abidmafahimgit-exposed, web-vulnerabilities, bug-bounty04-Dec-2023
Elevating Security: Whatfix Transition to a Custom Vulnerability Disclosure Program (VDP)https://medium.com/whatfix-techblog/elevating-security-whatfix-transition-to-a-custom-vulnerability-disclosure-program-vdp-e6d5a7e11c9d?source=rss------bug_bounty-5Kamlesh Tukaralvulnerability-disclosure, whatfix, vdp, bug-bounty, infosec04-Dec-2023
The Hidden Dangers Lurking in Your Active Directory Certificate Services – What You Need to Know…https://medium.com/@paritoshblogs/the-hidden-dangers-lurking-in-your-active-directory-certificate-services-what-you-need-to-know-7c735c09e0fd?source=rss------bug_bounty-5Paritoshcybersecurity, active-directory, bug-bounty, information-security, adc04-Dec-2023
Bug Hunter journal day #3 and #4https://medium.com/@joaomaia171820/bug-hunter-journal-day-3-and-4-37b4c653abd9?source=rss------bug_bounty-5Jhonny_The_Kidbug-bounty-writeup, bug-bounty-program, bug-bounty, cybersecurity04-Dec-2023
Javascript Analysis to SQL injectionhttps://melguerdawi.medium.com/javascript-analysis-to-sql-injection-ca763f9c4c4e?source=rss------bug_bounty-5Mostafa Elguerdawibug-bounty, bug-bounty-tips, hackerone, sql-injection04-Dec-2023
Web Enumeration With Gobusterhttps://medium.com/@ronak.d.sharma111/web-enumeration-with-gobuster-ca4ac46da90b?source=rss------bug_bounty-5Ronak Sharmacybersecurity, hacking, bug-bounty04-Dec-2023
20 Days Of Hacking: Bug Bounty Challenge — Day 2https://wallotry.medium.com/20-days-of-hacking-bug-bounty-challenge-day-2-51b02ca865ea?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips03-Dec-2023
How I Found My First Website Vulnerability as a Web Pentesterhttps://medium.com/@abidmafahim7/how-i-found-my-first-website-vulnerability-as-a-web-pentester-2dee809e0eea?source=rss------bug_bounty-5Abidmafahimsql-injection-attack, bug-bounty, web-vulnerabilities, xss-vulnerability03-Dec-2023
My first and simple ATO in a private programhttps://medium.com/@pabs2141/my-first-and-simple-ato-in-a-private-program-212c6b17b245?source=rss------bug_bounty-5PanSabug-bounty, bug-bounty-writeup, hacking, account-takeover03-Dec-2023
My Confusion Over Local File Inclusionhttps://medium.com/illuminations-mirror/my-confusion-over-local-file-inclusion-11f3d7c43b23?source=rss------bug_bounty-5Quintius Walkerpoetry, bug-bounty, writeup, cybersecurity, poetry-on-medium03-Dec-2023
The Shocking Secrets Behind Foolproof Vulnerability Response!https://medium.com/@paritoshblogs/the-shocking-secrets-behind-foolproof-vulnerability-response-fc6fe8b91d47?source=rss------bug_bounty-5Paritoshvulnerability, cybersecurity, bug-bounty, hacking, information-security03-Dec-2023
The ONE Vulnerability Every Website Owner Fears — Learn How YOU Can Expose It!https://medium.com/@paritoshblogs/the-one-vulnerability-every-website-owner-fears-learn-how-you-can-expose-it-71fef31b0ece?source=rss------bug_bounty-5Paritoshprogramming, bug-bounty, hacking, information-security, cybersecurity03-Dec-2023
My First Valid Bug!!!https://medium.com/@sushilgill08/my-first-valid-bug-444f26e1f8be?source=rss------bug_bounty-5Sushil Choudharycybersecurity, bug-bounty-writeup, bugbounty-tips, bug-hunting, bug-bounty03-Dec-2023
Everything I know on Reconhttps://medium.com/@joshdesharnais1/everything-i-know-on-recon-689f6a535757?source=rss------bug_bounty-5Joshua Desharnaisrecon, tools-and-resources, tools, bug-bounty, bug-bounty-tips03-Dec-2023
Streamable Finance Bug Bounty Campaign is live!https://streamablefinance.medium.com/streamable-finance-bug-bounty-campaign-is-live-2ced6e4c68d5?source=rss------bug_bounty-5Streamable Financebug-bounty, product-launch03-Dec-2023
Business Logic Vulnerability: Payment bypasshttps://vrushabhd.medium.com/business-logic-vulnerability-payment-bypass-9335bdbdbdf6?source=rss------bug_bounty-5Mr. Vrushabhpentesting, bug-bounty, vulnerability, bug-bounty-tips, hackerone03-Dec-2023
How I Created an Advanced Web Code Analyzer Using ChatGPThttps://infosecwriteups.com/how-i-created-an-advanced-web-code-analyzer-using-chatgpt-6b32a7d42f88?source=rss------bug_bounty-5Jarred Longoriacybersecurity, chatgpt, infosec, bug-bounty03-Dec-2023
Azure Log Analysis: Real-Life Incidents and Practical Tips to Safeguardhttps://medium.com/@paritoshblogs/azure-log-analysis-real-life-incidents-and-practical-tips-to-safeguard-077faf28919b?source=rss------bug_bounty-5Paritoshcybersecurity, incident-response, azure, bug-bounty, information-security03-Dec-2023
How to debug android native libraries using JEB decompiler?https://medium.com/@shubhamsonani/how-to-debug-android-native-libraries-using-jeb-decompiler-eec681a22cf3?source=rss------bug_bounty-5Shubham Sonanibug-bounty, hacking, android, cybersecurity, penetration-testing03-Dec-2023
How to bypass debugger detection in Android/iOS native libraries using IDA Pro?https://medium.com/@shubhamsonani/how-to-bypass-debugger-detection-in-android-ios-native-libraries-using-ida-pro-3e289c2127d6?source=rss------bug_bounty-5Shubham Sonanibug-bounty, cybersecurity, android, hacking, penetration-testing03-Dec-2023
How to debug Android/iOS native library using GDB debugger?https://medium.com/@shubhamsonani/how-to-debug-android-ios-native-library-using-gdb-debugger-d02c0e0341eb?source=rss------bug_bounty-5Shubham Sonanihacking, penetration-testing, cybersecurity, technology, bug-bounty03-Dec-2023
20 Days Of Hacking: Bug Bounty Challenge — Day 1https://wallotry.medium.com/20-days-of-hacking-bug-bounty-challenge-day-1-38a1735644ab?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty02-Dec-2023
Vulnerability Discovery in SRC — Concurrencyhttps://medium.com/@rynnnn617/vulnerability-discovery-in-src-concurrency-baa9ffdfa9d9?source=rss------bug_bounty-5Ry4nnnnconcurrency, bug-bounty-tips, bug-bounty02-Dec-2023
Lateral Movement Techniques Through File Share Exploitationhttps://medium.com/@paritoshblogs/lateral-movement-techniques-through-file-share-exploitation-a50d1ffdb8e7?source=rss------bug_bounty-5Paritoshlateral-movement, hacking, information-security, cybersecurity, bug-bounty02-Dec-2023
The Rising Threat of Cookie Theft and RMM Takeoverhttps://medium.com/@paritoshblogs/the-rising-threat-of-cookie-theft-and-rmm-takeover-bafe0013ffc0?source=rss------bug_bounty-5Paritoshrealtime-monitoring, cookies, cybersecurity, hacking, bug-bounty02-Dec-2023
Bug Hunter journal day(week) #1https://medium.com/@joaomaia171820/bug-hunter-journal-day-week-1-699926bf1a70?source=rss------bug_bounty-5Jhonny_The_Kidbug-bounty-writeup, bug-bounty-program, bug-bounty, pentest02-Dec-2023
Mastering Bug Bounty: A Comprehensive Guide to Earning Money Ethically and Safely in Cybersecurity.https://medium.com/@thecyberxcompany/mastering-bug-bounty-a-comprehensive-guide-to-earning-money-ethically-and-safely-in-cybersecurity-46c1b44f52fd?source=rss------bug_bounty-5The CyberX Companyethical-hacking, hacking, cybersecurity, bug-bounty, earn-money-online02-Dec-2023
Mastering Bug Bounty Hunting: A Comprehensive Guide to Launch Your Cybersecurity Career.https://medium.com/@thecyberxcompany/mastering-bug-bounty-hunting-a-comprehensive-guide-to-launch-your-cybersecurity-career-5553ddcced30?source=rss------bug_bounty-5The CyberX Companybug-bounty-tips, bugs, ethical-hacking, cybersecurity, bug-bounty02-Dec-2023
How MAC Spoofing works and How attackers do that!!https://medium.com/@hackerdom_devil/how-mac-spoofing-works-and-how-attackers-do-that-57797179430f?source=rss------bug_bounty-5Gokuleswaran Bethical-hacking, mac-spoofing, penetration-testing, bug-bounty, bug-bounty-tips02-Dec-2023
Top 25 Advanced Google Dorks for OSINT and Bug Bounty Huntinghttps://osintteam.blog/top-25-advanced-google-dorks-for-osint-and-bug-bounty-hunting-f2d9dceed068?source=rss------bug_bounty-5as-squirrelbug-bounty, osint, cybersecurity, google-dorks-list, hacking02-Dec-2023
Day 12 Bug Bounty — 60 days 60 bugs challenge (Didn’t found anything, but could be something…https://medium.com/@avbhijitdutta99/day-12-bug-bounty-60-days-60-bugs-challenge-didnt-found-anything-but-could-be-something-ba0324d96ce7?source=rss------bug_bounty-5Abhijit Duttabug-bounty, bug-bounty-hunter, bugbountychallenge, bug-bounty-writeup01-Dec-2023
Writing High-Quality Bug Reports: Best Practices for Effective Bug Bounty Huntinghttps://medium.com/@prathameshbagul/writing-high-quality-bug-reports-best-practices-for-effective-bug-bounty-hunting-74542dff9793?source=rss------bug_bounty-5Prathcybersecurity, pentesting, report, bug-bounty-tips, bug-bounty01-Dec-2023
What is this httpx thing? Using it in your adventure with Bugbounty?https://systemweakness.com/what-is-this-httpx-thing-using-it-in-your-adventure-with-bugbounty-f91f1ef31d49?source=rss------bug_bounty-5Vicky Aryanrecon, bug-bounty, cybersecurity, hacking, httpx01-Dec-2023
Verification Bypass via “Mass Assignment”https://larebsec.medium.com/verification-bypass-via-mass-assignment-25707e210a42?source=rss------bug_bounty-5Larebbug-bounty, cybersecurity, bugbounty-writeup, hacking, vulnerability01-Dec-2023
How attackers use ARP Spoofing / Poisoning to takeover a complete Network!!https://medium.com/@hackerdom_devil/how-attackers-use-arp-spoofing-poisoning-to-takeover-a-complete-network-8477cea362c4?source=rss------bug_bounty-5Gokuleswaran Bpenetration-testing, bug-bounty, ethical-hacking, network-security, arp-spoofing01-Dec-2023
Building Kubernetes Detections: Strengthening Security with Real-world Exampleshttps://medium.com/@paritoshblogs/building-kubernetes-detections-strengthening-security-with-real-world-examples-8268cddd852f?source=rss------bug_bounty-5Paritoshbug-bounty, cybersecurity, programming, information-security, hacking01-Dec-2023
Part 03 | What To Do After Choosing a Target? | Post Recon |Bug Bountyhttps://infosecwriteups.com/part-03-what-to-do-after-choosing-a-target-post-recon-bug-bounty-1a7f431b4d79?source=rss------bug_bounty-5Om Arorabug-bounty, hacking, bug-bounty-tips, methodology, infosec01-Dec-2023
Navigating the Bug Bounty Arena: Earn $605,000 Reward, Learn Morehttps://medium.com/coded-tech-talk/navigating-the-bug-bounty-arena-earn-605-000-reward-learn-more-e754e077a81c?source=rss------bug_bounty-5Coded Conversationsbug-bounty-tips, cybersecurity, security, hacking, bug-bounty01-Dec-2023
Project 2510: Bug Bounty Challenge — The End?https://wallotry.medium.com/project-2510-bug-bounty-challenge-the-end-afb67ea2abd1?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunting, bug-bounty30-Nov-2023
Exploring the Logic of XSS Attacks and Bypassing Techniques through Browser Decodinghttps://medium.com/@test_90648/considering-xss-attacks-and-bypass-logic-from-the-perspective-of-browser-decoding-logic-can-provide-b4579d3c458b?source=rss------bug_bounty-5JessicaSecurityxs, bug-bounty, web, security, browsers30-Nov-2023
What is SQL injectionhttps://medium.com/@savanghori1203/what-is-sql-injection-a3907c6967a5?source=rss------bug_bounty-5Savanghorivulnerability, bug-bounty-tips, bug-bounty, sql-injection, sql30-Nov-2023
Cross-Site Scripting (XSS)https://medium.com/@savanghori1203/cross-site-scripting-xss-b6139b38fa2b?source=rss------bug_bounty-5Savanghoribug-bounty, xss-vulnerability, bug-bounty-tips, bugs, xss-attack30-Nov-2023
The Shocking Truth Behind Indicators of Compromise (IOCs) — You Won’t Believe What We Found!https://medium.com/@paritoshblogs/the-shocking-truth-behind-indicators-of-compromise-iocs-you-wont-believe-what-we-found-5255d54b98d9?source=rss------bug_bounty-5Paritoshbug-bounty, malware-analysis, cybersecurity, ioc, information-security30-Nov-2023
Subdomain Enumeration Techniqueshttps://medium.com/@savanghori1203/subdomain-enumeration-00f487d6b829?source=rss------bug_bounty-5Savanghoribug-bounty-tips, bug-bounty, recon, subdomains-enumeration, subdomain30-Nov-2023
Day 11 Bug Bounty — 60 days 60 bugs challengehttps://medium.com/@avbhijitdutta99/day-11-bug-bounty-60-days-60-bugs-challenge-530119a74c90?source=rss------bug_bounty-5Abhijit Duttabugbountychallenge, bug-bounty-tips, bug-bounty, bug-bounty-writeup30-Nov-2023
Network Managed Detection and Response (NMDR): Strengthening Cybersecurity Defenseshttps://medium.com/@paritoshblogs/network-managed-detection-and-response-nmdr-strengthening-cybersecurity-defenses-a8a5e989b310?source=rss------bug_bounty-5Paritoshinformation-security, managed-detection, bug-bounty, nmdr, cybersecurity30-Nov-2023
Server-Side Request Forgery (SSRF)https://medium.com/@savanghori1203/server-side-request-forgery-ssrf-1e9755b38c59?source=rss------bug_bounty-5SavanGhorissrf, vulnerability, bug-bounty, ssrf-bug, bug-bounty-tips30-Nov-2023
Ödeme sayfasında Business Logichttps://medium.com/@el-cezeri/%C3%B6deme-sayfas%C4%B1nda-business-logic-cba493d9f6b8?source=rss------bug_bounty-5Samet Yiğitbugbounty-writeup, ödülavcılığı, bug-bounty30-Nov-2023
Remote Code Execution (RCE)https://medium.com/@savanghori1203/remote-code-execution-rce-9f078b98316a?source=rss------bug_bounty-5SavanGhoribugs, bug-bounty-tips, bug-bounty, rce, vulnerability30-Nov-2023
Insecure Direct Object Reference(IDOR)https://medium.com/@savanghori1203/idor-insecure-direct-object-reference-88576225e265?source=rss------bug_bounty-5SavanGhorivulnerability, idor, bugs, bug-bounty, bug-bounty-tips30-Nov-2023
Simple Recon Di Android Menggunakan Tools TheTimeMachine dan Dirsearchhttps://alpinnnnnn13.medium.com/simple-recon-di-android-menggunakan-tools-thetimemachine-dan-dirsearch-3384aad17c15?source=rss------bug_bounty-5Mohammad Alfin Hidayatullahbug-bounty, bug-bounty-tips, recon, scanning30-Nov-2023
Race Condition - A cURL Chaoshttps://shahjerry33.medium.com/race-condition-a-curl-chaos-820cb289cbf1?source=rss------bug_bounty-5Jerry Shah (Jerry)cybersecurity, infosec, bug-bounty, vulnerability, pentesting30-Nov-2023
Easy Bug Hunting: HTML Injection Explained Step by Step”https://medium.com/@faizankhaliq26/easy-bug-hunting-html-injection-explained-step-by-step-011901f183d9?source=rss------bug_bounty-5MUHAMMAD FAIZAN KHANbwapp, bug-bounty, web-application-security, penetration-testing, html-injection30-Nov-2023
Top Free Resources for Ethical Hacking and Bug Bounty Beginners & Expertshttps://infosecwriteups.com/top-free-resources-for-ethical-hacking-and-bug-bounty-beginners-experts-9556ef045db4?source=rss------bug_bounty-5Jarred Longoriacybersecurity, ethical-hacking, bug-bounty, free-resources30-Nov-2023
1.11 Lab: Blind SQL injection with time delays and information retrieval | 2023https://cyberw1ng.medium.com/1-11-lab-blind-sql-injection-with-time-delays-and-information-retrieval-2023-e8123405e87d?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, penetration-testing, hacking, bug-bounty30-Nov-2023
Easy Bug Hunting: HTML Injection Explained Step by Stephttps://medium.com/@faizankhaliq26/easy-bug-hunting-html-injection-explained-step-by-step-011901f183d9?source=rss------bug_bounty-5MUHAMMAD FAIZAN KHANbwapp, bug-bounty, web-application-security, penetration-testing, html-injection30-Nov-2023
Rise of Broken Access Controlhttps://medium.com/@rafinrahmanchy/rise-of-broken-access-control-51356916235f?source=rss------bug_bounty-5Rafin Rahman Chybug-bounty, appsec, application-security, infosec, web-security30-Nov-2023
Easy Bug Hunting: HTML Injection Explained Step by Stephttps://medium.com/@faizankhaliq26/easy-bug-hunting-html-injection-explained-step-by-step-011901f183d9?source=rss------bug_bounty-5bwapp, bug-bounty, web-application-security, penetration-testing, html-injection30-Nov-2023
Day 10 Bug Bounty — 60 days 60bugs challenge — New Start!https://medium.com/@avbhijitdutta99/day-10-bug-bounty-60-days-60bugs-challenge-new-start-832988aeb569?source=rss------bug_bounty-5Abhijit Duttabug-bounty, bug-bounty-tips, bugbountychallenge, bug-bounty-writeup29-Nov-2023
Windows Login Bypasshttps://infosecwriteups.com/windows-login-bypass-eab148bc9dd5?source=rss------bug_bounty-5c0d3x27software-development, bug-bounty, cybersecurity, windows, hacking29-Nov-2023
Cybersecurity Risk of Opening Up to the Internethttps://medium.com/@paritoshblogs/cybersecurity-risk-of-opening-up-to-the-internet-c624c9a018ba?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, programming, hacking, internet-of-things29-Nov-2023
OSINT: How to find information on anyonehttps://medium.com/@sakthi172000/osint-how-to-find-information-on-anyone-14514216cec1?source=rss------bug_bounty-5SAKTHIVEL Pbug-bounty, infosec, cybersecurity, osint, osint-tool29-Nov-2023
Mastering API Penetration Testing: A Comprehensive Guide for Security Pentestershttps://infosecwriteups.com/mastering-api-penetration-testing-a-comprehensive-guide-for-security-pentesters-bf62f65b5b21?source=rss------bug_bounty-5Suprajabaskaranethical-hacking, bug-bounty, pentesting, cybersecurity, api29-Nov-2023
Useful tools for bug hunterhttps://medium.com/@cyberhansu/useful-tools-for-bug-hunter-f493866fa1bc?source=rss------bug_bounty-5cyberhansuhunter-s-thompson, bug-hunting, bug-bounty, hacker, bug-hunter29-Nov-2023
How to make money legally as a Hackerhttps://medium.com/@cyberhansu/how-to-make-money-legally-as-a-hacker-c27037b143a9?source=rss------bug_bounty-5cyberhansubug-bounty, make-money, web-application-security, mobileapplicationsecurity29-Nov-2023
PII Disclosure Worth $750https://vijetareigns.medium.com/pii-disclosure-worth-750-758b72e7e8ca?source=rss------bug_bounty-5the_unlucky_guybug-bounty-tips, bugbounty-writeup, bug-bounty, bug-bounty-writeup, cybersecurity29-Nov-2023
R.xyz: Web3 Bug Bounty Platformhttps://medium.com/coinmonks/r-xyz-web3-bug-bounty-platform-95d48c911989?source=rss------bug_bounty-5Officer's Notessmart-contract-security, bug-bounty-tips, bug-bounty, hacking, web329-Nov-2023
CRLF to XSShttps://medium.com/@a7med.ctf/crlf-to-xss-8059ceefd349?source=rss------bug_bounty-5Ahmed Mahmouedsnapchat, bug-bounty-tips, hacker, bug-bounty29-Nov-2023
Aztec Multiple-Spend Error Bugfix Reviewhttps://medium.com/immunefi/aztec-multiple-spend-error-bugfix-review-20074581d224?source=rss------bug_bounty-5Immunefi Editorcryptocurrency, security, bug-bounty, web3, multiple-spend-error29-Nov-2023
1.10 Lab: Blind SQL injection with time delays | 2023https://cyberw1ng.medium.com/1-10-lab-blind-sql-injection-with-time-delays-2023-a95a3b8557ec?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, hacking, cybersecurity, careers29-Nov-2023
IWCON 2023 CTF Registrations Now Openhttps://infosecwriteups.com/iwcon-2023-ctf-registrations-now-open-46c2611714f0?source=rss------bug_bounty-5InfoSec Write-upsctf, conference, infosec, hacking, bug-bounty29-Nov-2023
Top 25 Advanced Google Dorks for Uncovering Sensitive Documentshttps://osintteam.blog/top-25-advanced-google-dorks-for-uncovering-sensitive-documents-a9705e05353d?source=rss------bug_bounty-5as-squirrelosint, cybersecurity, hacking, google-dork, bug-bounty29-Nov-2023
Fat GET Authorization Bypasshttps://medium.com/techiepedia/fat-get-authorization-bypass-521a1ca37b6e?source=rss------bug_bounty-5Jessprogramming, hackerone, security, bug-bounty, bug-bounty-tips29-Nov-2023
HackTheBox — Web Attacks: Error Based XXE to exfiltrate datahttps://medium.com/@harry.hphu/hackthebox-web-attacks-error-based-xxe-to-exfiltrate-data-3f577eef18c7?source=rss------bug_bounty-5Huy Phuowasp-top-10, web-security, hackthebox, xxe-attack, bug-bounty28-Nov-2023
HackTheBox — Web Attacks: XXE with Blind Exfiltration Datahttps://medium.com/@harry.hphu/hackthebox-web-attacks-xxe-with-blind-exfiltration-data-123d4be1245e?source=rss------bug_bounty-5Huy Phubug-bounty, owasp-top-10, web-security, xxe-attack, hackthebox28-Nov-2023
Catching C2s with Regex Signatures, TLS Certificates, and OSINThttps://medium.com/@paritoshblogs/catching-c2s-with-regex-signatures-tls-certificates-and-osint-8871d9a46602?source=rss------bug_bounty-5Paritoshbug-bounty, information-security, cybersecurity, command-and-control, hacking28-Nov-2023
Apple security research.https://medium.com/@abhay2432455/apple-security-research-8780372757be?source=rss------bug_bounty-5Abhay Kailasiagoogle, apple, cybersecurity, bug-bounty, bug-bounty-writeup28-Nov-2023
XSS - Weaponization ATOhttps://p4n7h3rx.medium.com/xss-weaponization-ato-1de0ee30526b?source=rss------bug_bounty-5p4n7h3rxpenetration-testing, cybersecurity, infosec, bug-bounty-tips, bug-bounty28-Nov-2023
1.9 Lab: Visible error-based SQL injection | 2023https://cyberw1ng.medium.com/1-9-lab-visible-error-based-sql-injection-2023-771157e90ad8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, careers, penetration-testing28-Nov-2023
VulnLab — SQLi Injection series — Bypass Loginhttps://medium.com/@deandradarra05/vulnlab-sqli-injection-series-bypass-login-0d6af43a395d?source=rss------bug_bounty-5Deandradarrapenetration-testing, cybersecurity, bug-bounty, sqli28-Nov-2023
The Bug Hunter’s Methodology Live Course Reviewhttps://medium.com/@cybersekler/the-bug-hunters-methodology-live-course-review-4261a7a9121e?source=rss------bug_bounty-5Cyber Seklerhacking, red-team, reconnaissance, bug-bounty, application-security28-Nov-2023
Hall of Fame at NASAhttps://medium.com/@bijoy.redteamacademy/hall-of-fame-at-nasa-91539af7826c?source=rss------bug_bounty-5BIJOY Bgoogle-ads, hacker-news, google, nasa, bug-bounty28-Nov-2023
Understanding and Mitigating Insecure Direct Object References (IDOR) Vulnerabilitieshttps://medium.com/@harry.hphu/understanding-and-mitigating-insecure-direct-object-references-idor-vulnerabilities-b27047015e15?source=rss------bug_bounty-5Huy Phuidor-vulnerability, bug-bounty, web-security, owasp-top-10, hackthebox27-Nov-2023
Burpsuite Custom Scan Profileshttps://mrrootsec.medium.com/burpsuite-custom-scan-profiles-12a9df9e36bd?source=rss------bug_bounty-5mrrootsecowasp-top-10, bug-bounty, application-security-test27-Nov-2023
Understanding XML External Entity (XXE) Vulnerabilitieshttps://medium.com/@harry.hphu/understanding-xml-external-entity-xxe-vulnerabilities-e8b64c2c2b3c?source=rss------bug_bounty-5Huy Phubug-bounty, owasp-top-10, xml-injection, hackthebox, web-security27-Nov-2023
Confounding Adversaries Through the Art of Illusionhttps://medium.com/@paritoshblogs/confounding-adversaries-through-the-art-of-illusion-5cc56090d93a?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, information-security, cybersecurity, hacking27-Nov-2023
Unveiling Critical Bug Using Directory Search — Bug Bounty Tip!https://medium.com/@learningstuff110/unveiling-critical-bug-using-directory-search-bug-bounty-tip-330d4d9900ee?source=rss------bug_bounty-5Fahad Hasanweb-app-development, vulnerability, bug-bounty, cybersecurity, penetration-testing27-Nov-2023
Confounding Adversaries Through the Art of Illusionhttps://osintteam.blog/confounding-adversaries-through-the-art-of-illusion-5cc56090d93a?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, information-security, cybersecurity, hacking27-Nov-2023
Ruby One — Bug Bounty Program & Claim Your $RUBYhttps://rubyprotocol.medium.com/ruby-one-bug-bounty-program-claim-your-ruby-848c81c4b164?source=rss------bug_bounty-5Ruby Protocolblockchain, cryptocurrency, bug-bounty, crypto, ethereum27-Nov-2023
HTTP/2 Request Smugglinghttps://medium.com/@kerstanhgnhzhw/http-2-request-smuggling-eb56cfd84a37?source=rss------bug_bounty-5kerstanweb-security, bug-bounty, security, request-smuggling, pentesting27-Nov-2023
Kaynak kodu ile XSS’i nasıl buldum ?https://medium.com/@el-cezeri/kaynak-kodu-ile-xssi-nas%C4%B1l-buldum-9cf2632f4717?source=rss------bug_bounty-5Samet Yiğitxss-attack, bug-bounty-tips, ödülavcılığı, bug-bounty27-Nov-2023
Website Scanner…https://medium.com/@psychomong/website-scanner-4856d77bc600?source=rss------bug_bounty-5psychomonghacking, gui, scanner, bug-bounty, web27-Nov-2023
@pdiscoveryio’s Katana for Bug Bounty.https://medium.com/@BrownBearSec/pdiscoveryios-katana-for-bug-bounty-1aee11cfae14?source=rss------bug_bounty-5BrownBearSecbug-bounty, cybersecurity, bug-bounty-tips, red-team, infosec27-Nov-2023
1.8 Lab: Blind SQL injection with conditional errors | 2023https://cyberw1ng.medium.com/1-8-lab-blind-sql-injection-with-conditional-errors-2023-da84a7836bcd?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, cybersecurity, bug-bounty27-Nov-2023
My bug bounty journey: #1 Linuxhttps://medium.com/@VDMoscar/my-bug-bounty-journey-1-linux-176d3b4f4065?source=rss------bug_bounty-5Oscar Vandermeulenbug-bounty, hacking27-Nov-2023
Code4rena Audithttps://medium.com/@panoptic_xyz/code4rena-audit-96902468eece?source=rss------bug_bounty-5Panopticpanoptic, audit, bug-bounty, perpetual-options27-Nov-2023
“Navigating Risks: Vulnerability Stemming from a Third-Party Integration”https://shubhdeepp.medium.com/navigating-risks-vulnerability-stemming-from-a-third-party-integration-c877d15977d8?source=rss------bug_bounty-5shubhdeepvulnerability-assessment, vulnerability, cybersecurity, bug-bounty, supply-chain-management27-Nov-2023
HackTheBox — Web Attacks: From XXE Injection to Advanced Local File Disclosurehttps://medium.com/@harry.hphu/hackthebox-web-attacks-from-xxe-injection-to-advanced-local-file-disclosure-64d1bf5acdca?source=rss------bug_bounty-5Huy Phuweb-security, owasp-top-10, bug-bounty, xxe-attack, hackthebox27-Nov-2023
HackTheBox — Web Attacks: Mass IDOR enumerationhttps://medium.com/@harry.hphu/hackthebox-web-attacks-mass-idor-enumeration-dc12da1f6333?source=rss------bug_bounty-5Huy Phuhackthebox, owasp-top-10, bug-bounty, web-attack, mass-idor-enumeration26-Nov-2023
Bug Zero at a Glance [01–18 November]https://blog.bugzero.io/bug-zero-at-a-glance-01-18-november-1cfce20b881c?source=rss------bug_bounty-5Januka Dharmapriyabug-zero, cybersecurity, bug-bounty, sri-lanka, newsletter26-Nov-2023
HackTheBox — Web Attacks — IDOR: Bypassing Encoded Referenceshttps://medium.com/@harry.hphu/hackthebox-web-attacks-idor-bypassing-encoded-references-4e28008120fc?source=rss------bug_bounty-5Huy Phuidor-vulnerability, web-security, bug-bounty, hackthebox-writeup, owasp-top-1026-Nov-2023
Waybackurls leads to pwned Admin Panelhttps://medium.com/@cybersolution2172/waybackurls-leads-to-pwned-admin-panel-ac3f728b87ac?source=rss------bug_bounty-5Satyam Singhinfosec, bug-bounty, bug-bounty-tips, hacking, vulnerability26-Nov-2023
A Thrilling Expedition into AWS Securityhttps://medium.com/@paritoshblogs/a-thrilling-expedition-into-aws-security-bbce85cd1eed?source=rss------bug_bounty-5Paritoshaws-security, aws, bug-bounty, information-security, cybersecurity26-Nov-2023
Story of Http password reset link for $$$https://devanshchauhan4565.medium.com/story-of-http-password-reset-link-for-15b583519e03?source=rss------bug_bounty-5Devansh chauhanwriting-tips, bug-bounty, bug-bounty-tips26-Nov-2023
HackTheBox — Web Attacks: IDOR in Insecure APIs Write uphttps://medium.com/@harry.hphu/hackthebox-web-attacks-idor-in-insecure-apis-write-up-7adcf4e68968?source=rss------bug_bounty-5Huy Phuhackthebox, owasp-top-10, idor-vulnerability, bug-bounty, api-security26-Nov-2023
CSRF Bug Hunting Methodology: Intermediatehttps://medium.com/@drthkol478/csrf-bug-hunting-methodology-intermediate-4d0df3b63b59?source=rss------bug_bounty-5Mikołaj Prus ( nullorx )network, web-app-security, bug-bounty, csrf, application-security26-Nov-2023
Explorando redes com ESP32 WIFI.https://higordiego.medium.com/explorando-redes-com-esp32-wifi-5b15d48d0880?source=rss------bug_bounty-5Higor Diegobug-bounty, pentesting, wifi, tutorial, iot26-Nov-2023
1.7 Lab: Blind SQL injection with conditional responses | 2023https://cyberw1ng.medium.com/1-7-lab-blind-sql-injection-with-conditional-responses-2023-db2102f1ce44?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, bug-bounty, hacking, cybersecurity26-Nov-2023
Exploring Networks with ESP32 WIFI.https://higordiego.medium.com/exploring-networks-with-esp32-wifi-778a8d42b7f1?source=rss------bug_bounty-5Higor Diegonetwork-security, pentesting, iot-security, osint, bug-bounty26-Nov-2023
Mastering the Art of Bug Bounty Reconnaissancehttps://medium.com/@faizankhaliq26/mastering-the-art-of-bug-bounty-reconnaissance-5e1ec42fc405?source=rss------bug_bounty-5MUHAMMAD FAIZAN KHANweb-application-testing, recon, information-gathering, web-application-security, bug-bounty26-Nov-2023
Writeup Bugcrowd — Private program — QR codeshttps://medium.com/@embossdotar/writeup-bugcrowd-private-program-qr-codes-fa338161175a?source=rss------bug_bounty-5embossdotarbugcrowd, writeup, bug-bounty, it-security, cybersecurity26-Nov-2023
How I Made $$$ Using Open-Redirecthttps://medium.com/@rahulnakum/how-i-made-using-open-redirect-799f9ab14bda?source=rss------bug_bounty-5Rahul Nakumbug-bounty25-Nov-2023
What Happens When Hackers Gain Local Account Access !!https://medium.com/@paritoshblogs/what-happens-when-hackers-gain-local-account-access-64fc39ed25f5?source=rss------bug_bounty-5Paritoshpentesting, bug-bounty, programming, cybersecurity, hacking25-Nov-2023
First massive bug: Noise’s AWS Bucket Misconfigurationhttps://anshjain-napster.medium.com/first-massive-bug-noises-aws-bucket-misconfiguration-802821ed98b6?source=rss------bug_bounty-5Napster_Anshvulnerability, bug-bounty, aws-s3, cybersecurity, security25-Nov-2023
how to install waybackurls on parrot OS in 3 simple stepshttps://medium.com/@diy_tech_genuis/how-to-install-waybackurls-on-parrot-os-in-3-simple-steps-fb4746302647?source=rss------bug_bounty-5diy_tech_genuishacking, diytechgenius, waybackurls, bug-bounty, parrotos25-Nov-2023
1.6 Lab: SQL injection UNION attack, retrieving multiple values in a single column | 2023https://cyberw1ng.medium.com/1-6-lab-sql-injection-union-attack-retrieving-multiple-values-in-a-single-column-2023-6fb957198939?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, bug-bounty, hacking25-Nov-2023
Detecting and Confirming Exfiltration Activity Through Endpoint Detection and Response (EDR)https://medium.com/@paritoshblogs/detecting-and-confirming-exfiltration-activity-through-endpoint-detection-and-response-edr-6ff4c89e9847?source=rss------bug_bounty-5Paritoshhacking, cybersecurity, bug-bounty, information-security, edr25-Nov-2023
5 thing most new bug bounty hunters do wronghttps://medium.com/@diy_tech_genuis/5-thing-most-new-bug-bounty-hunters-do-wrong-321cb152363c?source=rss------bug_bounty-5diy_tech_genuisdiytechgenius, hacking, help, tips, bug-bounty25-Nov-2023
$20,000 Paid For A Bug That No One Has Ever Expectedhttps://siddardajagabathina.medium.com/20-000-paid-for-a-bug-that-no-one-has-ever-expected-5a4778620999?source=rss------bug_bounty-5SIDDARDA GOWTHAM JAGABATHINAhackerone, bug-bounty, bugs, cybersecurity, cybersecurity-awareness25-Nov-2023
Critical misconfiguration in Firebase-Bug bountyhttps://medium.com/@facu.tha/critical-misconfiguration-in-firebase-e682ec4239d6?source=rss------bug_bounty-5Facundo Fernandezhacking, bug-bounty, penetration-testing, cybersecurity, bug-bounty-tips25-Nov-2023
Introduction to Cybersecurity for Beginners: Understanding the Digital Security Worldhttps://medium.com/@fiqrifirdaus/introduction-to-cybersecurity-for-beginners-understanding-the-digital-security-world-f136896cda85?source=rss------bug_bounty-5Aditya Fiqri Firdausbug-bounty, cyber, cybersecurity, malware25-Nov-2023
How i get my first Logic Bug and how to find themhttps://medium.com/@zomasec/how-i-get-my-first-logic-bug-and-how-to-find-them-dd5fdf6478ee?source=rss------bug_bounty-5Hazem El-Sayedcybersecurity, web-security, bug-bounty-tips, bug-bounty, bugs25-Nov-2023
How to Find First Bug (For Beginners)https://medium.com/@rajput623929/how-to-find-first-bug-for-beginners-f594230f9e36?source=rss------bug_bounty-5Mr.Horbiocybersecurity, penetration-testing, bug-bounty, hacking, tricks24-Nov-2023
Bash Scripting Logic Section Part 01https://medium.com/@Rat_Attack72/bash-scripting-logic-section-part-01-a7424f4dd6c2?source=rss------bug_bounty-5Rat_Attack72cybersecurity, bash, shell-script, bug-bounty, automation24-Nov-2023
1.5 Lab: SQL injection UNION attack, retrieving data from other tables | 2023https://cyberw1ng.medium.com/1-5-lab-sql-injection-union-attack-retrieving-data-from-other-tables-2023-3e13076915fa?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity24-Nov-2023
Breaking the HTTPS Barrier: A Hacker’s Guide to Sneaky Link Exploits!https://medium.com/@mohammedthoufeeq_25137/breaking-the-https-barrier-a-hackers-guide-to-sneaky-link-exploits-622b07710a1c?source=rss------bug_bounty-5Mohamed Thoufeeqcybersecurity, hackthebox, bug-bounty, hacking, programming24-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 5https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-5-c1343b0f0ef9?source=rss------bug_bounty-5Hacker's Dumphacking, bug-bounty, android, pentesting, penetration-testing24-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 4https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-4-9bba2880b8cb?source=rss------bug_bounty-5Hacker's Dumpbug-bounty, android, hacking, penetration-testing, hacker24-Nov-2023
Bug Hunter GPT: A Game-Changer in Cybersecurityhttps://medium.com/@multiplatform.ai/bug-hunter-gpt-a-game-changer-in-cybersecurity-b25ccbab2f93?source=rss------bug_bounty-5Multiplatform.AIbug-bounty, ai, bughuntergpt, ai-assistant, artificial-intelligence24-Nov-2023
Cybersecurity Challenges with TryHackMe: A Hands-On Approachhttps://medium.com/@paritoshblogs/cybersecurity-challenges-with-tryhackme-a-hands-on-approach-e62f76a50446?source=rss------bug_bounty-5Paritoshtryhackme, programming, hacking, bug-bounty, cybersecurity23-Nov-2023
Project 2510: Bug Bounty Challenge — Day 17/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-17-25-f1337a6f4e66?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-hunting23-Nov-2023
Yet Another Rate Limit.https://allenlopes23.medium.com/yet-another-rate-limit-71257e7b33a2?source=rss------bug_bounty-5Allen Lopesvulnerability, rate-limiting, bug-bounty23-Nov-2023
1.4 Lab: SQL injection UNION attack, finding a column containing text | 2023https://cyberw1ng.medium.com/1-4-lab-sql-injection-union-attack-finding-a-column-containing-text-2023-94f3ee243db8?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, hacking, cybersecurity, careers23-Nov-2023
bWAPP iFrame Injectionhttps://medium.com/@yusufbaris/bwapp-iframe-injection-22bee548c30a?source=rss------bug_bounty-5Yusuf Barışcybersecurity, penetration-testing, bug-bounty, web-security, hacking23-Nov-2023
Project 2510: Bug Bounty Challenge — Day 18/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-18-25-924740430094?source=rss------bug_bounty-5Wallotrybug-bounty-hunting, bug-bounty-hunter, bug-bounty-tips, bug-bounty23-Nov-2023
Powershell/JS Payloads: A Closer Look at Malicious Code Deliveryhttps://medium.com/@paritoshblogs/powershell-js-payloads-a-closer-look-at-malicious-code-delivery-818b0ee743a3?source=rss------bug_bounty-5Paritoshprogramming, hacking, bug-bounty, information-security, cybersecurity22-Nov-2023
7 Sneaky Hacks Cybercriminals Use to Outsmart Your Antivirus!https://medium.com/@paritoshblogs/7-sneaky-hacks-cybercriminals-use-to-outsmart-your-antivirus-66953a606a53?source=rss------bug_bounty-5Paritoshantivirus, cybersecurity, hacking, bug-bounty, darkweb22-Nov-2023
Apple webserver vulnerable for HTTP request Sumggling attackhttps://medium.com/@abdulriyaz1200/apple-webserver-vulnerable-for-http-request-sumggling-attack-cabe1d53dab1?source=rss------bug_bounty-5Abdulriyazbug-bounty-tips, bug-bounty, bug-bounty-writeup, apple, hall-of-fame22-Nov-2023
200$ bounty for CRLF injection Attackhttps://medium.com/@abdulriyaz1200/200-bounty-for-crlf-injection-attack-39c482bad796?source=rss------bug_bounty-5Abdulriyazbug-bounty, bug-bounty-tips, hall-of-fame, bugbounty-writeup22-Nov-2023
Mass Hunting XSS vulnerabilitieshttps://ott3rly.medium.com/mass-hunting-xss-vulnerabilities-5b53363dd3db?source=rss------bug_bounty-5Ott3rlybug-bounty-tips, bug-bounty, cross-site-scripting, bug-bounty-hunter, xss-vulnerability22-Nov-2023
Google dorking is one of the best method | Hall of fame from XXX.govhttps://medium.com/@abdulriyaz1200/google-dorking-is-one-of-the-best-method-hall-of-fame-from-xxx-gov-8db6aa3c69f3?source=rss------bug_bounty-5Abdulriyazbug-bounty, government, bug-bounty-tips22-Nov-2023
1.3 Lab: SQL injection UNION attack, determining the number of columns returned by the query | 2023https://cyberw1ng.medium.com/1-3-lab-sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-2023-441930bf38b7?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity22-Nov-2023
Exploiting Exposed .git File to Access Webmail Credentialshttps://medium.com/@tanyago/exploiting-exposed-git-file-to-access-webmail-credentials-4b47a3afff38?source=rss------bug_bounty-5Tanya Goyalbug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-hunting22-Nov-2023
Mass Hunting XSS vulnerabilitieshttps://infosecwriteups.com/mass-hunting-xss-vulnerabilities-5b53363dd3db?source=rss------bug_bounty-5Ott3rlybug-bounty-tips, bug-bounty, cross-site-scripting, bug-bounty-hunter, xss-vulnerability22-Nov-2023
Hoping for a Bug Bounty This Year at AWS re:Invent :^)https://medium.com/cloud-security/hoping-for-a-bug-bounty-this-year-at-aws-re-invent-5c8a76d09514?source=rss------bug_bounty-5Teri Radichelawswishlist, cloud, aws, bug-bounty, security22-Nov-2023
Bug Hunter jornal Day #0https://medium.com/@joaomaia171820/bug-hunter-jornal-day-0-7a451f0292aa?source=rss------bug_bounty-5Jhonny_The_Kidcybersecurity, bug-bounty-writeup, bug-bounty-program, bug-bounty, hacking22-Nov-2023
SAML authentication bypass leads to account takeoverhttps://medium.com/@Xt3sY/saml-authentication-bypass-leads-to-account-takeover-f9aaa37a34fe?source=rss------bug_bounty-5Pushkar Bhagatbugs, bug-bounty, hacking, hackerone22-Nov-2023
How to earn $DCT on DecentraCredit Testnet V1 on Arbitrumhttps://decentracredit.medium.com/how-to-earn-dct-on-decentracredit-testnet-v1-on-arbitrum-915d9995c2e4?source=rss------bug_bounty-5Decentra Creditarbitrum, testnet-airdrop, bug-bounty, ethereum, airdrop22-Nov-2023
Semi-Automating IDORs: A Practical Approach to Working Smarter, Not Harderhttps://mux0xx.medium.com/semi-automating-idors-a-practical-approach-to-working-smarter-not-harder-5b7f1f47b55a?source=rss------bug_bounty-5Muhammed K. Sayedbug-bounty, cybersecurity, hacker, idor, hacking22-Nov-2023
Embracing the Future: Bug Bounty Hunting as a Lucrative Full-Time Careerhttps://infosecwriteups.com/embracing-the-future-bug-bounty-hunting-as-a-lucrative-full-time-career-3e4b147923f7?source=rss------bug_bounty-5Security Lit Limitedpenetration-testing, vulnerability, bug-bounty-tips, bug-bounty, cybersecurity22-Nov-2023
How i hacked a router (embedded system)https://medium.com/@Threat_Intelligence/how-i-hacked-a-router-embedded-system-9a5b8139e83e?source=rss------bug_bounty-5127.0.0.1 is safe.⚠️cybersecurity, tecnologia, hacking, bug-bounty, red-team22-Nov-2023
My First IDOR - Hiding in the Header Requesthttps://medium.com/@hbenja47/my-first-idor-hiding-in-the-header-request-8a03dddc23b5?source=rss------bug_bounty-5Benja (bronxi)hacker, bug-bounty, idor, hacking21-Nov-2023
Chaining CORS by Reflected XSS to Steal Sensitive Datahttps://infosecwriteups.com/chaining-cors-by-reflected-xss-to-steal-sensitive-data-c456e133c10d?source=rss------bug_bounty-5Mohammad reza Omranicybersecurity, infosec, steal-sensitive-data, cors-misconfiguration, bug-bounty21-Nov-2023
What is Next-Generation Antivirus (NGAV) ?https://medium.com/@paritoshblogs/what-is-next-generation-antivirus-ngav-f05267dd2613?source=rss------bug_bounty-5Paritoshbug-bounty, information-security, cybersecurity, hacking, antivirus21-Nov-2023
Top Recon Tools for Bug Bounty Huntershttps://securitycipher.medium.com/top-recon-tools-for-bug-bounty-hunters-fa655b8caf2e?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)bug-bounty, bug-bounty-tips, programming, cybersecurity, technology21-Nov-2023
Epic Bug Hunting Failures-2https://infosecwriteups.com/epic-bug-hunting-failures-2-fafb2af9b844?source=rss------bug_bounty-5Varshini Rameshdevelopment, hackerone, bug-bounty, cybersecurity, info-sec-writeups21-Nov-2023
The Crossroads of Code Crafting: A Personal Journey Between Rewriting and Quick Fixeshttps://blursdaywtf.medium.com/the-crossroads-of-code-crafting-a-personal-journey-between-rewriting-and-quick-fixes-8ab18e5a9a60?source=rss------bug_bounty-5Blursdaycoding, tech, bug-bounty, founders, apps21-Nov-2023
How I Gain $2,000-$3,000 a Month From Bug Bounties With No Code Experiencehttps://medium.com/@13032765d/how-i-gain-2-000-3-000-a-month-from-bug-bounties-with-no-code-experience-df2e89348fbb?source=rss------bug_bounty-5DataPsyLifemoney, hacking, side-hustle, bug-bounty, freelancing21-Nov-2023
Cybersecurity Toolshttps://bineshmadharapu.medium.com/cybersecurity-tools-02e85cb3c4ed?source=rss------bug_bounty-5Binesh Madharapucybersecurity, bug-bounty, network-security, nmap, ethical-hacking21-Nov-2023
CVE-2023–47837: ARMember ≤= 4.0.10 — Bypass Membership Planhttps://revan-ar.medium.com/cve-2023-47837-armember-4-0-10-bypass-membership-plan-4bc1e63f044c?source=rss------bug_bounty-5Revan Abug-bounty, wordpress, cve, bypass, privilege-escalation21-Nov-2023
SQL Injection UNION Attacks in Web App Pentesting | 2023https://cyberw1ng.medium.com/sql-injection-union-attacks-in-web-app-pentesting-2023-fbd072299b77?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, bug-bounty, cybersecurity21-Nov-2023
How to find sensitive information in an organization | (Como encontrar información sensible en una…https://medium.com/@l0calh0st/how-to-find-sensitive-information-in-an-organization-como-encontrar-informaci%C3%B3n-sensible-en-una-cb08c5128ab5?source=rss------bug_bounty-5127.0.0.1 is safe.⚠️tech, hacking, red-team, bug-bounty, cybersecurity21-Nov-2023
How I hacked Google’s bug tracking system itself for $15,600 in bountieshttps://jamilahmad-dev.medium.com/how-i-hacked-googles-bug-tracking-system-itself-for-15-600-in-bounties-0e9e36b772b9?source=rss------bug_bounty-5Jamil Ur Rehmanstartup, bug-bounty, security, google, technology21-Nov-2023
CRITICAL BUG Alert: How I HACKED into a company’s DATABASEhttps://jamilahmad-dev.medium.com/critical-bug-alert-how-i-hacked-into-a-companys-database-fc61179f5d5d?source=rss------bug_bounty-5Jamil Ur Rehmanhacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty, ethical-hacking21-Nov-2023
Project 2510: Bug Bounty Challenge — Day 16/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-16-25-f881c177b749?source=rss------bug_bounty-5Wallotrybug-bounty-hunting, bug-bounty-tips, bug-bounty, bug-bounty-hunter21-Nov-2023
Detecting and Understanding Cookies in Web Developmenthttps://medium.com/@nirvana.elahi/detecting-and-understanding-cookies-in-web-development-a520b279988b?source=rss------bug_bounty-5Nirvana Elowasp-top-10, cybersecurity, bug-bounty, penetration-testing21-Nov-2023
How to find sensitive information in an organization .https://medium.com/@Threat_Intelligence/how-to-find-sensitive-information-in-an-organization-como-encontrar-informaci%C3%B3n-sensible-en-una-cb08c5128ab5?source=rss------bug_bounty-5127.0.0.1 is safe.⚠️tech, hacking, red-team, bug-bounty, cybersecurity21-Nov-2023
Step-by-Step guide to writing a Metasploit Scripthttps://higordiego.medium.com/step-by-step-guide-to-writing-a-metasploit-script-6bacb96363e5?source=rss------bug_bounty-5Higor Diegovulnerability, exploit, bug-bounty, security, osint21-Nov-2023
Legal and Ethical Dimensions in Malware Analysis (Cybersecurity)https://medium.com/@paritoshblogs/legal-and-ethical-dimensions-in-malware-analysis-cybersecurity-86accca12049?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, legal, programming, hacking20-Nov-2023
Improper Input Sanitization Error in Web3https://medium.com/@vinaysati/improper-input-sanitization-error-in-web3-f4bd0f6d88cc?source=rss------bug_bounty-5Vinaysatihacking, cryptocurrency, bug-bounty, web3, web3bug20-Nov-2023
#3 Set-up FoxyProxy in Firefox — Guide for Burp Suitehttps://securitycipher.medium.com/3-set-up-foxyproxy-in-firefox-guide-for-burp-suite-ee9627b6f513?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)security, bug-bounty-tips, bug-bounty, penetration-testing, technology20-Nov-2023
Event Driven Bug Bounty on AWShttps://medium.com/@husein.ayoub/event-driven-bug-bounty-on-aws-d39f75d962a3?source=rss------bug_bounty-5Hussein Ayoubaws, bug-bounty, security20-Nov-2023
The Story of How I Hacked one of the online payment system website twicehttps://christmex.medium.com/the-story-of-how-i-hacked-one-of-the-online-payment-system-website-twice-b0ba48ed13db?source=rss------bug_bounty-5Jonathan Christianbug-bounty-writeup, programming, technology, cybersecurity, bug-bounty20-Nov-2023
ESSENTIAL HTML FOR HACKERShttps://medium.com/@agapehearts/essential-html-for-hackers-12d329927c9b?source=rss------bug_bounty-5Agape HearTsxss-attack, bug-bounty, html, hacker, pentesting20-Nov-2023
Writeups of All Apprentice Labs in Portswigger — All Lab’s Solution| Karthikeyan Nagarajhttps://cyberw1ng.medium.com/writeups-of-all-apprentice-labs-in-portswigger-all-labs-solution-karthikeyan-nagaraj-a5f23fd0c87b?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, penetration-testing, hacking20-Nov-2023
Go Beyond with Gretirehttps://systemweakness.com/go-beyond-with-gretire-313b7fbe3f47?source=rss------bug_bounty-5Whalebonecybersecurity, bug-bounty, open-source, information-security, hacking20-Nov-2023
Email address: The Online IDhttps://medium.com/@duncanochieng682/email-address-the-online-id-dd0061bf7828?source=rss------bug_bounty-5JateloCybersecinfosec, hacking, bug-bounty, ethical-hacking, blackhat20-Nov-2023
Understanding CVE-2023–46604: A Threat to Apache ActiveMQhttps://infosecwriteups.com/understanding-cve-2023-46604-a-threat-to-apache-activemq-d771eb408eba?source=rss------bug_bounty-5Security Lit Limitedbug-bounty, vulnerability, cybersecurity, programming, penetration-testing20-Nov-2023
Project 2510: Bug Bounty Challenge — Day 15/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-15-25-27d085f4bf95?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunting, bug-bounty-hunter, bug-bounty20-Nov-2023
Understanding CVE-2023–46604: A Threat to Apache ActiveMQhttps://securitylit.medium.com/understanding-cve-2023-46604-a-threat-to-apache-activemq-d771eb408eba?source=rss------bug_bounty-5Security Lit Limitedbug-bounty, vulnerability, cybersecurity, programming, penetration-testing20-Nov-2023
The Story of How I Hacked one of the online payment system websitehttps://christmex.medium.com/the-story-of-how-i-hacked-one-of-the-online-payment-system-website-twice-b0ba48ed13db?source=rss------bug_bounty-5Jonathan Christianbug-bounty-writeup, programming, technology, cybersecurity, bug-bounty20-Nov-2023
GraphQL Misconfiguration Leads to Unlimited Money Transfer (Intigriti CTF — Bug Bank)https://medium.com/@thewolfsec/graphql-misconfiguration-leads-to-unlimited-money-transfer-intigriti-ctf-bug-bank-48cdeb9c9aec?source=rss------bug_bounty-5TheWolf Secgraphql, intigriti, bug-bounty, ctf19-Nov-2023
#2 Different Burp Suite Tools — Guide for Burp Suitehttps://securitycipher.medium.com/2-different-burp-suite-tools-guide-for-burp-suite-7c5aa2ad05ed?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)penetration-testing, bug-bounty, security, cybersecurity, news19-Nov-2023
Find Vulnerabilities before other Hackers Exploitinghttps://medium.com/@salmanul060/find-vulnerabilities-before-other-hackers-exploiting-a86fe4c3d5eb?source=rss------bug_bounty-5Salmanul Farisweb-applications, cybersecurity, bug-bounty, penetrationtestingcompany, penetration-testing19-Nov-2023
SSTI bypass using CRLF (1337 UP CTF — Smarty Pants)https://medium.com/@thewolfsec/ssti-bypass-using-crlf-1337-up-ctf-smarty-pants-4ee8e1a72f98?source=rss------bug_bounty-5TheWolf Secintigriti, ssti, bug-bounty, ctf, php-developers19-Nov-2023
Privilege Escalation: Unauthorized Low-Privilege Users Creating Feature Bundleshttps://medium.com/@a13h1/privilege-escalation-unauthorized-low-privilege-users-creating-feature-bundles-75f6125eec78?source=rss------bug_bounty-5Abhi Sharmabug-bounty, programming, cybersecurity, hacking, api19-Nov-2023
#2 Different Burp Suite Tools — Guide for Burp Suitehttps://infosecwriteups.com/2-different-burp-suite-tools-guide-for-burp-suite-7c5aa2ad05ed?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)penetration-testing, bug-bounty, security, cybersecurity, news19-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 3https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-3-99e86d021190?source=rss------bug_bounty-5Hacker's Dumpandroid, android-pentesting, penetration-testing, hacking, bug-bounty19-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 4https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-4-c942fbd9cae5?source=rss------bug_bounty-5Hacker's Dumpbug-bounty, hacking, android, penetration-test, penetration-testing19-Nov-2023
23.6 Lab: Insecure direct object references | 2023https://cyberw1ng.medium.com/23-6-lab-insecure-direct-object-references-2023-dfd4a9f3eeb3?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, penetration-testing, hacking19-Nov-2023
A Guide to Indicators of Compromise (IoC) Analysishttps://medium.com/@paritoshblogs/a-guide-to-indicators-of-compromise-ioc-analysis-925708cbf8aa?source=rss------bug_bounty-5Paritoshprogramming, bug-bounty, ioc, hacking, cybersecurity19-Nov-2023
ByteGuard: Mastering the Art of Data Securityhttps://medium.com/@paritoshblogs/byteguard-mastering-the-art-of-data-security-5719be0d1c7c?source=rss------bug_bounty-5Paritoshinformation-security, data-security, cybersecurity, data, bug-bounty18-Nov-2023
Securing the Backbone: Supply Chain Securityhttps://medium.com/@paritoshblogs/securing-the-backbone-supply-chain-security-34282b6b505f?source=rss------bug_bounty-5Paritoshsupply-chain, information-security, cybersecurity, supply-chain-attack, bug-bounty18-Nov-2023
eWPTX Prepare Resourceshttps://medium.com/@0UN390/ewptx-prepare-resources-a741220cf145?source=rss------bug_bounty-50UN390bug-bounty, cybersecurity, web-security, penetration-testing18-Nov-2023
AppSec Tales XXIII | XPathIhttps://karol-mazurek95.medium.com/appsec-tales-xxiii-xpathi-ca6171826d2a?source=rss------bug_bounty-5Karol Mazurekinformation-technology, cybersecurity, application-security, bug-bounty, penetration-testing18-Nov-2023
#Day6 Bug Bounty Recon Part 2: ( Subdomains and S3 buckets )https://medium.com/codingninjablogs/day6-bug-bounty-recon-part-2-subdomains-and-s3-buckets-1a01780e6908?source=rss------bug_bounty-5OBSIDIANprogramming, technology, bug-bounty, ethical-hacking, cybersecurity18-Nov-2023
23.5 Lab: User ID controlled by request parameter with password disclosure | 2023https://cyberw1ng.medium.com/23-5-lab-user-id-controlled-by-request-parameter-with-password-disclosure-2023-ad748d1daa9e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing18-Nov-2023
Hacking Microsoft IIS : Enumerating IIS for Vhttps://medium.com/@mudasserhussain1111/hacking-microsoft-iis-enumerating-iis-for-v-39de5a27f101?source=rss------bug_bounty-5Mudasser Hussaininfosec-write-ups, cybersecurity, hacking, microsoft, bug-bounty18-Nov-2023
OAuth Misconfiguration Leads To Pre-Account Takeover(snapchat)https://medium.com/@a7med.ctf/oauth-misconfiguration-leads-to-pre-account-takeover-snapchat-129b118661f6?source=rss------bug_bounty-5Ahmed Mahmouedhacking, bug-bounty-tips, bug-bounty18-Nov-2023
CVE-2023–36025: An In-Depth Analysis of Circumventing Windows SmartScreen Securityhttps://infosecwriteups.com/cve-2023-36025-an-in-depth-analysis-of-circumventing-windows-smartscreen-security-6ff05c8b69d0?source=rss------bug_bounty-5Security Lit Limitedpenetration-testing, threat-intelligence, cybersecurity, microsoft, bug-bounty18-Nov-2023
Default Credentials, P1 with $$$$ Reward in a Bug Bounty Programhttps://medium.com/@jedus0r/default-credentials-p1-with-reward-in-a-bug-bounty-program-1aad9c008619?source=rss------bug_bounty-5jedus0rsecurity-research, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter18-Nov-2023
CVE-2023–35078 Unveiled: Ethical Vulnerability Discovery and Reporting By Me and My Hunting Buddy…https://medium.com/@jaini.rutvik/cve-2023-35078-unveiled-ethical-vulnerability-discovery-and-reporting-by-me-and-my-hunting-buddy-507582baf5c3?source=rss------bug_bounty-5Rj07responsible-disclosure, information-technology, zero-day, bug-bounty, information-security18-Nov-2023
Project 2510: Bug Bounty Challenge — Day 13/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-13-25-f6e21379749b?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-hunter, bug-bounty-hunting, bug-bounty-tips18-Nov-2023
Default Credentials, P1 with $$$$ Reward in a Bug Bounty Programhttps://systemweakness.com/default-credentials-p1-with-reward-in-a-bug-bounty-program-1aad9c008619?source=rss------bug_bounty-5jedus0rsecurity-research, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter18-Nov-2023
The Future of Cybersecurity: The Power of AI-Powered SIEMhttps://medium.com/@paritoshblogs/the-future-of-cybersecurity-the-power-of-ai-powered-siem-ae43921e9bce?source=rss------bug_bounty-5Paritoshbug-bounty, information-security, siem, hacking, cybersecurity17-Nov-2023
3 Command Line Games Which You Must Tryhttps://medium.com/@rushi.padhiyar098/3-command-line-games-which-you-must-try-fa77c2ff7127?source=rss------bug_bounty-5Cyph3r Ryxgames, cybersecurity, hacking, command-line, bug-bounty17-Nov-2023
Dastardly — Web Application Security Scanner — CI/CDhttps://securitycipher.medium.com/dastardly-web-application-security-scanner-ci-cd-3a4eea08719a?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)technology, security, bug-bounty, cybersecurity, penetration-testing17-Nov-2023
How I Automatically Generate XSS Payload & Automate Reflected XSShttps://ajaksecurity.medium.com/how-i-automatically-generate-xss-payload-automate-reflected-xss-be7c993f90d4?source=rss------bug_bounty-5Ajak Cyber securityhacking, cybersecurity, bug-bounty, ethical-hacking, penetration-testing17-Nov-2023
23.4 Lab: User ID controlled by request parameter with data leakage in redirect | 2023https://cyberw1ng.medium.com/23-4-lab-user-id-controlled-by-request-parameter-with-data-leakage-in-redirect-2023-5fa1b18bced1?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, bug-bounty, cybersecurity, security17-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 2https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-2-9c33c319a696?source=rss------bug_bounty-5Hacker's Dumpandroid-pentesting, android, penetration-testing, hacking, bug-bounty17-Nov-2023
How to find vulnerabilities in a web page in 10 minuteshttps://medium.com/@l0calh0st/how-to-find-vulnerabilities-in-a-web-page-in-10-minutes-66cd052b4fbc?source=rss------bug_bounty-5127.0.0.1 is safe.⚠️red-team, bug-bounty, error-message, cybersecurity, hacking17-Nov-2023
Access control vulnerabilitieshttps://medium.com/@abdullahwarsama28/access-control-vulnerabilities-02fe3ea2e17f?source=rss------bug_bounty-5Abdullah Warsamabug-bounty, web-security17-Nov-2023
JWT Intrigue: Hidden Keys within Web Applicationshttps://medium.com/@josh.beck2006/jwt-intrigue-hidden-keys-within-web-applications-4b042c80f427?source=rss------bug_bounty-5Josh Beckpenetration-testing, bug-bounty, cybersecurity, ctf-writeup, ctf16-Nov-2023
AuditOne Roundtable with Alexey from Aurora and Guido Vrankenhttps://medium.com/@auditone.io/auditone-roundtable-with-alexey-from-aurora-and-guido-vranken-3d7c709289c0?source=rss------bug_bounty-5AuditOnebug-bounty, defi, web3, aurora, fuzzing16-Nov-2023
#1 Introduction to Burp Suite — Guide for Burp Suitehttps://securitycipher.medium.com/1-introduction-to-burp-suite-guide-for-burp-suite-4054b64f10a0?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)penetration-testing, bug-bounty, cybersecurity, technology, security16-Nov-2023
Easy Admin Access — RVDPhttps://infosecwriteups.com/easy-admin-access-rvdp-d1eb2c97cb3e?source=rss------bug_bounty-5hackerdevilbug-bounty-tips, web-app-security, bug-bounty, bug-bounty-writeup, vulnerability-assessment16-Nov-2023
Bug Bounty Programs: Unleashing the Power of Ethical Hackinghttps://medium.com/@crawsecurity/bug-bounty-programs-unleashing-the-power-of-ethical-hacking-5da98f820ebb?source=rss------bug_bounty-5crawsecuritybug-bounty-program, bug-bounty, bug-bounty-tips, bugs, bug-bounty-writeup16-Nov-2023
Exploiting Blind XXE: Going Out of Bandhttps://medium.com/@mohamedtaha_42562/exploiting-blind-xxe-going-out-of-band-f04e3c1ea7ef?source=rss------bug_bounty-5Mohamed Tahasecurity, penetration-testing, bug-bounty16-Nov-2023
Introducing Bug Bounty Boosts: Supercharging Security With Timebound Eventshttps://medium.com/immunefi/introducing-bug-bounty-boosts-supercharging-security-with-timebound-events-51e3a1f208c3?source=rss------bug_bounty-5Immunefi Editorbug-bounty, web3, immunefi, cybersecurity, degate16-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 1https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-1-392cf9abf93f?source=rss------bug_bounty-5Hacker's Dumpandroid-pentesting, hacking, android, penetration-testing, bug-bounty16-Nov-2023
Malware Analysis: Understanding and Combatting Cyber Threatshttps://medium.com/@paritoshblogs/malware-analysis-understanding-and-combatting-cyber-threats-d0db1d56760c?source=rss------bug_bounty-5Paritoshmalware-analysis, hacking, bug-bounty, cybersecurity, information-security16-Nov-2023
How I got a $500 reward for finding an unacclaimed bucket on GitHubhttps://medium.com/@andre.pontes7/how-i-got-a-500-reward-for-finding-an-unacclaimed-bucket-on-github-57623c386515?source=rss------bug_bounty-5André Pontesaws-s3, hackerone, bug-bounty, aws16-Nov-2023
23.3 Lab: User ID controlled by request parameter, with unpredictable user IDs | 2023https://cyberw1ng.medium.com/23-3-lab-user-id-controlled-by-request-parameter-with-unpredictable-user-ids-2023-5827f93eca1d?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking16-Nov-2023
$1000 Bounty: How I scaled a Self-Redirect to an XSS in a web 3.0 system at Hackenproofhttps://erickfernandox.medium.com/1000-bounty-how-i-scaled-a-self-redirect-to-an-xss-in-a-web-3-0-system-at-hackenproof-37380f701892?source=rss------bug_bounty-5Erick Fernandobug-bounty, hackenproof, open-redirect, xss-bypass16-Nov-2023
DNS C2 — When Malware Goes Incognito!https://medium.com/@paritoshblogs/dns-c2-when-malware-goes-incognito-03fdc2e82057?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, information-security, dns, hacking15-Nov-2023
HackerOne Surpasses $300 Million in Rewards for Ethical Hackershttps://medium.com/@zerosecurity/hackerone-surpasses-300-million-in-rewards-for-ethical-hackers-eba7be4f106c?source=rss------bug_bounty-5ZeroSecuritybug-bounty15-Nov-2023
LandRocker Bug Bounty Programhttps://landrocker.medium.com/landrocker-bug-bounty-program-aa2f55f47297?source=rss------bug_bounty-5LandRockerbug-bounty, bitcoin, cryptocurrency-investment, token-sale, web315-Nov-2023
23.2 Lab: User ID controlled by request parameter | 2023https://cyberw1ng.medium.com/23-2-lab-user-id-controlled-by-request-parameter-2023-74764905c72c?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, hacking, cybersecurity15-Nov-2023
Understanding Post-Exploitation: Cybersecurityhttps://medium.com/@paritoshblogs/understanding-post-exploitation-cybersecurity-5c8d11b75812?source=rss------bug_bounty-5Paritoshcybersecurity, programming, information-security, bug-bounty, post-exploitation15-Nov-2023
Idor That allowed me to get access to sensitive users files and share them -.-https://hamzadzworm.medium.com/idor-that-allowed-me-to-get-access-to-sensitive-users-files-and-share-them-f7da741e9f63?source=rss------bug_bounty-5Hamzadzwormbugbounty-writeup, bug-bounty-tips, hackerone, bug-bounty, cybersecurity15-Nov-2023
Unveiling Sensitive Information Exposure: IIS Tilde Enumeration Vulnerabilityhttps://medium.com/@mohammed0anas/unveiling-sensitive-information-exposure-iis-tilde-enumeration-vulnerability-ffe034073288?source=rss------bug_bounty-5Nasbug-bounty, hacking, cybersecurity, bug-bounty-writeup15-Nov-2023
How I hacked Google’s bug tracking system itself for $15,600 in bountieshttps://homosapienimo.medium.com/how-i-hacked-googles-bug-tracking-system-itself-for-15-600-in-bounties-65c5aacaacdf?source=rss------bug_bounty-5Homo Sapiensbug-bounty, startup, google, technology, security15-Nov-2023
Project 2510: Bug Bounty Challenge — Day 10/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-10-25-7b9651fb1b26?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-hunting, bug-bounty, bug-bounty-tips15-Nov-2023
Exploiting Parallels Plesk Panels With Shodanhttps://blog.meese.enterprises/exploiting-parallels-plesk-panels-with-shodan-282248855af2?source=rss------bug_bounty-5Aaron Meesecybersecurity, shodan, osint-investigation, osint, bug-bounty15-Nov-2023
Detection Engineering: Strengthening Cybersecurity Defensehttps://medium.com/@paritoshblogs/detection-engineering-strengthening-cybersecurity-defense-8d31ab7a2d46?source=rss------bug_bounty-5Paritoshbug-bounty, information-security, detection-engineering, hacking, cybersecurity14-Nov-2023
Hackathon : KPU.GO.IDhttps://medium.com/@angryovalegg/hackathon-kpu-go-id-8fb6f3ce0d61?source=rss------bug_bounty-5Angry Oval Egghackathons, indo-hacker, bug-bounty, kpu, pemilu14-Nov-2023
How to find probably vulnerable objects in your own surface with Netlas.io?https://systemweakness.com/how-to-find-probably-vulnerable-objects-in-your-own-surface-with-netlas-io-7f3448363892?source=rss------bug_bounty-5Netlas.ioscript, automation, bug-bounty, attack-surface, reconnaissance14-Nov-2023
#4 Session Fixation — Secure Code Explainhttps://securitycipher.medium.com/4-session-fixation-secure-code-explain-7d9567f25f38?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)cybersecurity, technology, bug-bounty, vulnerability, coding14-Nov-2023
Escalating Blind SSRF to a Remote Code Executionhttps://mukibas37.medium.com/escalating-blind-ssrf-to-a-remote-code-execution-be65ed9a7d0f?source=rss------bug_bounty-5Mukilan Baskaraninfosec, ssrf, cybersecurity, bug-bounty, hacking14-Nov-2023
23.1 Lab: CORS vulnerability with trusted null origin | 2023https://cyberw1ng.medium.com/23-1-lab-cors-vulnerability-with-trusted-null-origin-2023-53d2de3b8e28?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, penetration-testing14-Nov-2023
Har Har Hijack: The Okta Plunderhttps://medium.com/@josh.beck2006/har-har-hijack-the-okta-plunder-8fb36f5c9d45?source=rss------bug_bounty-5Josh Beckpenetration-testing, cybersecurity, bug-bounty14-Nov-2023
bWAPP PHP Code Injectionhttps://medium.com/@yusufbaris/bwapp-php-code-injection-2b326b831924?source=rss------bug_bounty-5Yusuf Barışcybersecurity, web-security, hacking, bug-bounty, penetration-testing14-Nov-2023
Project 2510: Bug Bounty Challenge — Day 9/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-9-25-14cbedbecee2?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-hunting14-Nov-2023
Introduction to AI in Cybersecurityhttps://imran-niaz.medium.com/introduction-to-ai-in-cybersecurity-6d80460d9e37?source=rss------bug_bounty-5Imran Niazprogramming, cybersecurity, learning, penetration-testing, bug-bounty13-Nov-2023
Let's together dive deep into information disclosurehttps://medium.com/@parthnarulatech/lets-together-dive-deep-into-information-disclosure-8bdb0b5db728?source=rss------bug_bounty-5scriptjackerbug-bounty-tips, penetration-testing, bug-bounty, cybersecurity, owasp13-Nov-2023
SSL Search — A tool to identify infrastructure and discover attack surfaces.https://medium.com/@harsh8v/ssl-search-a-tool-to-identify-infrastructure-and-discover-attack-surfaces-449c83269574?source=rss------bug_bounty-5Harsh Varagiyabug-bounty, gcp, ssl-certificate, aws, internet13-Nov-2023
Google VRP -[IDOR] Deleted Victim Data & Leakedhttps://medium.com/@ggilang1135/google-vrp-idor-deleted-victim-data-leaked-0b3cba8e3f7a?source=rss------bug_bounty-5Gilang Romadonbug-bounty, idor-vulnerability, bug-bounty-tips, ggilangromadon, google-vrp13-Nov-2023
Announcing IWCON 2023 Speakers Second Batchhttps://infosecwriteups.com/announcing-iwcon-2023-speakers-second-batch-26762dc93491?source=rss------bug_bounty-5InfoSec Write-upsinfosec, security, bug-bounty, conference, hacking13-Nov-2023
Cracking the Code, Cobalt Strike — More Than Just a Fancy Pen Test Tool (And Why Cyber Baddies…https://medium.com/@paritoshblogs/cracking-the-code-cobalt-strike-more-than-just-a-fancy-pen-test-tool-and-why-cyber-baddies-8b5c56ece92c?source=rss------bug_bounty-5Paritoshbug-bounty, pentesting, cybersecurity, hacking, cobalt-strike13-Nov-2023
22.2 Lab: JWT authentication bypass via flawed signature verification | 2023https://cyberw1ng.medium.com/22-2-lab-jwt-authentication-bypass-via-flawed-signature-verification-2023-2a1d63d18ab2?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, bug-bounty, cybersecurity, penetration-testing13-Nov-2023
Weirdest API that has been ever foundhttps://medium.com/@mmaulanaabdullah/weirdest-api-that-has-been-ever-found-9270720d6f02?source=rss------bug_bounty-5M Maulana Abdullahwriteup, api, bug-bounty, api-development13-Nov-2023
Authentication Vulnerabilities- Lab #9 Brute-forcing a stay-logged-in cookiehttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-9-brute-forcing-a-stay-logged-in-cookie-dda91125f5f2?source=rss------bug_bounty-5dollarboysushilcookie-hacking, web-security, cybersecurity, portswigger, bug-bounty13-Nov-2023
Project 2510: Bug Bounty Challenge — Day 8/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-8-25-ea9bc1addd63?source=rss------bug_bounty-5Wallotrybug-bounty-hunting, bug-bounty, bug-bounty-hunter, bug-bounty-tips13-Nov-2023
I created posts on the newsletter page dedicated to the program administratorhttps://medium.com/@hossam_hamada/i-created-posts-on-the-newsletter-page-dedicated-to-the-program-administrator-aa271980aa53?source=rss------bug_bounty-5Hossam Hamadabug-bounty, penetration-testing, idor, idor-vulnerability, bug-hunting12-Nov-2023
1200$ IDOR Flaw: Allow Attacker To Approve Project Time Trackinghttps://medium.com/@a13h1/1200-idor-flaw-allow-attacker-to-approve-project-time-tracking-a9f64c06732a?source=rss------bug_bounty-5Abhi Sharmabug-bounty, programming, hacking, information-security, cybersecurity12-Nov-2023
Crafting XSS (Cross-Site Scripting) payloadshttps://infosecwriteups.com/crafting-xss-cross-site-scripting-payloads-919f62171bd0?source=rss------bug_bounty-5Security Lit Limitedxss-vulnerability, bug-bounty, xss-attack, technology, cybersecurity12-Nov-2023
Authentication Vulnerabilities- Lab #8 2FA (Two Factor Authentication) broken logichttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-8-2fa-two-factor-authentication-broken-logic-b3c6cd8923b9?source=rss------bug_bounty-5dollarboysushilportswigger, cybersecurity, 2fa-hacking, web-security, bug-bounty12-Nov-2023
22.1 Lab: JWT authentication bypass via unverified signature | 2023https://cyberw1ng.medium.com/22-1-lab-jwt-authentication-bypass-via-unverified-signature-2023-4401628467d9?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, penetration-testing, careers12-Nov-2023
Finding Sneaky Hackers, The Ultimate Way of Stalking Cyber Intruders (Without a Trench Coat)https://medium.com/@paritoshblogs/finding-sneaky-hackers-the-ultimate-way-of-stalking-cyber-intruders-without-a-trench-coat-8db574697fe7?source=rss------bug_bounty-5Paritoshprogramming, cybersecurity, lateral-movement, bug-bounty, hacking12-Nov-2023
Project 2510: Bug Bounty Challenge — Day 7/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-7-25-a9367edc5864?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-hunting12-Nov-2023
Introduction to API Hacking: A Free Course to Level Up Your Skillshttps://medium.com/@maisamnoyan/introduction-to-api-hacking-a-free-course-to-level-up-your-skills-537bfc70180d?source=rss------bug_bounty-5 Maisam Noyanhacking, bug-bounty, free-course, api, course11-Nov-2023
Authentication Vulnerabilities- Lab #4 Username enumeration via subtly different responseshttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-4-username-enumeration-via-subtly-different-responses-5eb512d899fa?source=rss------bug_bounty-5dollarboysushilweb-security, portswigger, bug-bounty, cybersecurity11-Nov-2023
Attention Cyber Enthusiasts! Exciting News Ahead! ️https://cyberconqueror.medium.com/attention-cyber-enthusiasts-exciting-news-ahead-%EF%B8%8F-26399c20b71a?source=rss------bug_bounty-5Cyber Conquerorfree-course, information-security, cybersecurity, bug-bounty, free11-Nov-2023
Authentication Vulnerabilities- Lab #5 Username enumeration via response timinghttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-5-username-enumeration-via-response-timing-16b07552275a?source=rss------bug_bounty-5dollarboysushilportswigger, bug-bounty, cybersecurity, hacking-passwords11-Nov-2023
AppSec Tales XXII | LDAPIhttps://karol-mazurek95.medium.com/appsec-tales-xxii-ldapi-fcef1f40e9b2?source=rss------bug_bounty-5Karol Mazurekinformation-technology, bug-bounty, cybersecurity, information-security, penetration-testing11-Nov-2023
JWT attack vulnerabilities in Web App Penetration Testing | 2023https://cyberw1ng.medium.com/jwt-attack-vulnerabilities-in-web-app-penetration-testing-2023-4eb8916133dc?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, penetration-testing, bug-bounty, cybersecurity11-Nov-2023
Downloading files using POST request (unorthodox method)https://medium.com/@paritoshblogs/downloading-files-using-post-request-unorthodox-method-d042bb06c1ce?source=rss------bug_bounty-5Paritoshcybersecurity, programming, bug-bounty, hacking, html11-Nov-2023
Authentication Vulnerabilities- Lab #6 Broken brute-force protection, IP blockhttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-6-broken-brute-force-protection-ip-block-b3afca0a2ea7?source=rss------bug_bounty-5dollarboysushilbrute-force, web-security, cybersecurity, bug-bounty, portswigger11-Nov-2023
Reconnaissance Is The Key — Bug Bounty Tip!https://medium.com/@learningstuff110/reconnaissance-is-the-key-bug-bounty-tip-527f24e56cc5?source=rss------bug_bounty-5Fahad Hasandirectory-enumeration, penetration-testing, bug-bounty, waybackurls, reconnaissance11-Nov-2023
Pentesting: I wanna be a hackerrr…https://areen-agrawal.medium.com/pentesting-i-wanna-be-a-hackerrr-4dcf9379a6fc?source=rss------bug_bounty-5Me, Just a Techie.bug-bounty, computer-security, red-teaming, technology, pentesting11-Nov-2023
Project 2510: Bug Bounty Challenge — Day 6/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-6-25-fe340a54386c?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-hunter, bug-bounty-tips, bug-bounty-hunting11-Nov-2023
Project 2510: Bug Bounty Challenge — Day 5/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-5-25-205300a2a65c?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-hunting, bug-bounty-hunter, bug-bounty-tips10-Nov-2023
Unlocking Cash: Easy P1 Bug in Grafana Dashboard with Default Credentials = €€€€https://infosecwriteups.com/unlocking-cash-easy-p1-bug-in-grafana-dashboard-with-default-credentials-fa36ddf271da?source=rss------bug_bounty-5Pratik Dabhihackerone, bug-bounty, bugcrowd10-Nov-2023
Authentication Vulnerabilities- Lab #3 Password reset broken logichttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-3-password-reset-broken-logic-95bc62a7b92a?source=rss------bug_bounty-5dollarboysushilbug-bounty, cybersecurity, portswigger, web-security, password-reset10-Nov-2023
21.1 Lab: Authentication bypass via OAuth implicit flow | 2023https://cyberw1ng.medium.com/21-1-lab-authentication-bypass-via-oauth-implicit-flow-2023-15f819305f73?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking10-Nov-2023
Authentication Vulnerabilities- Lab #2 2FA simple bypasshttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-2-2fa-simple-bypass-6bd390cf92bc?source=rss------bug_bounty-5dollarboysushilweb-security, cybersecurity, bug-bounty, portswigger, two-factor-authentication10-Nov-2023
Revealing True Industry Potential Through the Ultimate Web3 Security Ecosystem: R.xyzhttps://medium.com/coinmonks/revealing-true-industry-potential-through-the-ultimate-web3-security-ecosystem-r-xyz-007acfd25b62?source=rss------bug_bounty-5Officer's Notesblockchain-security, bug-bounty, web3, smart-contract-security, hacking10-Nov-2023
How I stopped a Wallet Hack and Got Almost Nothing.https://medium.com/@mahitman1/how-i-stopped-a-wallet-hack-and-got-almost-nothing-68babd824854?source=rss------bug_bounty-5Muhammad Abdullahweb3, blockchain, bug-bounty, security10-Nov-2023