Security Cipher

Additional Resources

Compilation of Resources Featuring Daily Bug Bounty Writeups

Telegram

Daily Get Bug Bounty Writeups and more on our Telegram Channel

X (Twitter)

Daily Get Bug Bounty Writeups and more on our Twitter Handle

Discord

Daily Get Bug Bounty Writeups and more on our Discord Server

Android App

Daily Get Bug Bounty Writueps and more  on our Android Application

xss
sql injection
xxe
bug-bounty
recon
wordpress
ai
red-team
ctf
graphql
Lab
TitleLinkAuthorTagsPublication date
Reflected XSS bypass WAF & Page notfoundhttps://kresec.medium.com/reflected-xss-bypass-waf-page-notfound-e149db1ee6c4?source=rss------bug_bounty-5KreSecxss-attack, security, bug-bounty22-Dec-2024
Automate MAC Address Change on Arch Linux at Boothttps://theexploitlab.medium.com/automate-mac-address-change-on-arch-linux-at-boot-893f6ccdb1b4?source=rss------bug_bounty-5The Exploit Labbug-bounty, bugs, macchanger, cybersecurity22-Dec-2024
Payment Bypass Guide for Bug Bounty | 69 case studieshttps://medium.com/@illoyscizceneghposter/payment-bypass-guide-for-bug-bounty-69-case-studies-15379b4f76fa?source=rss------bug_bounty-5Illoy Scizceneghposterbug-bounty, bug-bounty-tips, cybersecurity21-Dec-2024
The Bounty Hunters: Bug Bounty Programshttps://medium.com/@investigator515/the-bounty-hunters-bug-bounty-programs-8dcd24d5bafa?source=rss------bug_bounty-5Investigator515hacking, technology, information-security, bug-bounty, cybersecurity21-Dec-2024
How I Exploited an OTP Bypass Vulnerability on a Cryptocurrency Platformhttps://medium.com/@anonymous512/how-i-exploited-an-otp-bypass-vulnerability-on-a-cryptocurrency-platform-2a817b02b3ea?source=rss------bug_bounty-5Wafa Abbasaccount-hacking, bug-bounty, authentication-bypass, otp-bypass, vulnerability21-Dec-2024
Mastering 403 Forbidden Bypass Techniques ✨https://medium.com/@kumawatabhijeet2002/mastering-403-forbidden-bypass-techniques-4ab1482afe49?source=rss------bug_bounty-5Abhijeet kumawatbounty-program, infosec, 403-forbidden, hacking, bug-bounty21-Dec-2024
Kali Linux 2024.4: 14 New Tools to Supercharge Your Penetration Testing Arsenalhttps://bitpanic.medium.com/kali-linux-2024-4-14-new-tools-to-supercharge-your-penetration-testing-arsenal-543ff8370091?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, technology, cybersecurity, programming, bug-bounty21-Dec-2024
Understanding Tycoon 2FA Phishing: A New Era of Security Threatshttps://medium.com/@paritoshblogs/understanding-tycoon-2fa-phishing-a-new-era-of-security-threats-19fb14dc83a5?source=rss------bug_bounty-5Paritoshcybersecurity, information-technology, hacking, tycoon-phshing, bug-bounty21-Dec-2024
Malicious Rspack & Vant Packages Exploited Using Stolen NPM Tokenshttps://medium.com/@wiretor/malicious-rspack-vant-packages-exploited-using-stolen-npm-tokens-0b69df1512fd?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ai, business, hacking, bug-bounty21-Dec-2024
FlowerStorm: The New Microsoft Phishing Threat Filling the Void Left by Rockstar2FAhttps://medium.com/@wiretor/flowerstorm-the-new-microsoft-phishing-threat-filling-the-void-left-by-rockstar2fa-578144a14487?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, bug-bounty, microsoft, hacking, malware21-Dec-2024
LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damageshttps://medium.com/@wiretor/lockbit-developer-rostislav-panev-charged-for-billions-in-global-ransomware-damages-bee0bfc4c9b9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, malware, bug-bounty, business, ai21-Dec-2024
Blind XXE with OOB Interaction via XML Parameter Entitieshttps://osintteam.blog/blind-xxe-with-oob-interaction-via-xml-parameter-entities-97244bf2b85e?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafécybersecurity, bug-bounty-tips, information-security, bug-bounty, pentesting20-Dec-2024
CSRF On Delete Profile: High Severity(7.1) HackerOnehttps://medium.com/@josuofficial327/csrf-on-delete-profile-high-severity-7-1-hackerone-33bdb598ef67?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty-writeup, bug-bounty, ethical-hacking, bug-bounty-program, cybersecurity20-Dec-2024
Part-2 | Deep Recon Methodology for Bug Bounty Huntershttps://medium.com/@kumawatabhijeet2002/part-2-deep-recon-methodology-for-bug-bounty-hunters-644077ee41d4?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-writeup, infosec, bugs, bug-bounty, hacking20-Dec-2024
The Most Easiest OTP Bypass Vulnerability I’ve Found: A Critical Flaw in Session Managementhttps://medium.com/@ajay.kumar.695632/the-most-easiest-otp-bypass-vulnerability-ive-found-a-critical-flaw-in-session-management-09b1555dbf9e?source=rss------bug_bounty-5Ajay Kumarbug-hunting, bug-bounty, bug-bounty-tips, bugs, bug-bounty-writeup20-Dec-2024
The Secret World of Hackers: A Beginner’s Guide to Understanding Cyber Attackshttps://medium.com/@paritoshblogs/the-secret-world-of-hackers-a-beginners-guide-to-understanding-cyber-attacks-81377a0b477e?source=rss------bug_bounty-5Paritoshai, information-technology, cybersecurity, bug-bounty, hacking20-Dec-2024
Utilizing machine learning to collect more subdomains using subwizhttps://medium.com/@demonia/utilizing-machine-learning-to-collect-more-subdomains-using-subwiz-2d65cec1ee80?source=rss------bug_bounty-5Mohammed Diefbug-bounty, recon, cybersecurity, reconnaissance, bug-bounty-tips20-Dec-2024
Information Disclosure On Password cancel Endpointhttps://medium.com/@regan_temudo/information-disclosure-on-password-cancel-endpoint-4b6f43cc5fd7?source=rss------bug_bounty-5Regan Temudocybersecurity, information-disclosure, bug-bounty, ethical-hacking, csrf20-Dec-2024
OSI Model Explanationhttps://medium.com/@hossennaim547/osi-model-explanation-09259ce7a5af?source=rss------bug_bounty-5naimHOSSENbug-bounty, hacking, osi-model, cybersecurity20-Dec-2024
Simple ATO in private program.https://medium.com/@oXnoOneXo/simple-ato-in-private-program-890cd1485675?source=rss------bug_bounty-5oXnoOneXobug-bounty-tips, bug-bounty-writeup, bug-bounty20-Dec-2024
From Comments to Command Execution: How an E-Book Platform Gave Me RCEhttps://imooaaz.medium.com/from-comments-to-command-execution-how-an-e-book-platform-gave-me-rce-f27a079ca584?source=rss------bug_bounty-5Moaaz Afifibug-bounty, penetration-testing, cybersecurity, rce-vulnerability, xss-attack20-Dec-2024
Unlocking Web Security: A Deep Dive into the OWASP Top 10https://medium.com/@rootast/unlocking-web-security-a-deep-dive-into-the-owasp-top-10-d669199277bd?source=rss------bug_bounty-5Arash shahbazicybersecurity, students, owasp-top-10, bug-bounty, university20-Dec-2024
Discover All Paths in Next.js Websiteshttps://rhashibur75.medium.com/discover-all-paths-in-next-js-websites-43e319b24be9?source=rss------bug_bounty-5Kazi Hashibur Rahmanbug-bounty, bug-bounty-tips, bug-bounty-writeup, nextjs, penetration-testing20-Dec-2024
Ascension Data Breach: 5.6M Health Records Stolen by Black Basta Ransomwarehttps://medium.com/@wiretor/ascension-data-breach-5-6m-health-records-stolen-by-black-basta-ransomware-a8d2f7ba6856?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, business, malware, ai20-Dec-2024
Android Malware on Amazon Appstore Disguised as Health Apphttps://medium.com/@wiretor/android-malware-on-amazon-appstore-disguised-as-health-app-3cda80dfc856?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, ai, hacking, malware20-Dec-2024
SQL Injection via ORDER BY Parameterhttps://medium.com/@mfthylmaz/sql-injection-via-order-by-parameter-a7cb7d04017f?source=rss------bug_bounty-5mfthylmazsql-injection, bug-bounty, web-security, hacking20-Dec-2024
Essential Stuff For Your First Hacking Trip. Hacking Gadgets #2 “Assortment For The Little Hacker”https://medium.com/h7w/essential-stuff-for-your-first-hacking-trip-hacking-gadgets-2-assortment-for-the-little-hacker-e886dba68a11?source=rss------bug_bounty-5NnFacehacking, trip, technology, bug-bounty, cybersecurity19-Dec-2024
No Rate Limit Vulnerability on a US Government Websitehttps://medium.com/@kumawatabhijeet2002/no-rate-limit-vulnerability-on-a-us-government-website-ae47402b663d?source=rss------bug_bounty-5Abhijeet kumawatinfosec, bug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty19-Dec-2024
How I Got $1000 AWS Credits and Maximized Its Potentialhttps://medium.com/@awsdevops183/how-i-got-1000-aws-credits-and-maximized-its-potential-e08650930171?source=rss------bug_bounty-5Madhukar Reddyaws, devops, python, cybersecurity, bug-bounty19-Dec-2024
The Day I Found a Cross-Site Scripting (XSS) Vulnerability in a Bug Bounty Programhttps://medium.com/@awsdevops183/the-day-i-found-a-cross-site-scripting-xss-vulnerability-in-a-bug-bounty-program-4edec6f09bed?source=rss------bug_bounty-5Madhukar Reddycybersecurity, bug-bounty, devsecops, cross-site-scripting19-Dec-2024
First Google Chrome v8 JIT bug bounty before Christmas .https://vxrl.medium.com/first-google-chrome-v8-jit-bug-bounty-before-christmas-1338fb2c8255?source=rss------bug_bounty-5VXRLgoogle, v8, chromium, psvr, bug-bounty19-Dec-2024
Exploiting a Rate Limiting Bug in the Chat Section of a Health Application (got me $200)https://medium.com/@awsdevops183/exploiting-a-rate-limiting-bug-in-the-chat-section-of-a-health-application-got-me-200-a06ca465707f?source=rss------bug_bounty-5Madhukar Reddydevsecops, cybersecurity, information-technology, bug-bounty, burpsuite19-Dec-2024
POC — CVE-2024–9935 — PDF Generator Addon for Elementor Page Builder <= 1.7.5https://medium.com/@verylazytech/poc-cve-2024-9935-pdf-generator-addon-for-elementor-page-builder-1-7-5-2c3436b95fb1?source=rss------bug_bounty-5Very Lazy Techbug-bounty, arbitrary-file-download, cybersecurity, lfi, cve-2024-993519-Dec-2024
The Day I Found a Cross-Site Scripting (XSS) Vulnerability in a Bug Bounty Program ( $411)https://medium.com/@awsdevops183/the-day-i-found-a-cross-site-scripting-xss-vulnerability-in-a-bug-bounty-program-4edec6f09bed?source=rss------bug_bounty-5Madhukar Reddycybersecurity, bug-bounty, devsecops, cross-site-scripting19-Dec-2024
How I Bypassed View-Only Mode with a Simple Trick ( duplicate bug ‍ )https://medium.com/@mahdisalhi0500/how-i-bypassed-view-only-mode-with-a-simple-trick-duplicate-bug-92e1ec91a8d7?source=rss------bug_bounty-5CaptinSHArky(Mahdi)security, information-security, bug-bounty, penetration-testing, infosec19-Dec-2024
How i Found X-Forwarded Header Injection — Server Be Like, ‘Ab Toh Trust Issues Ho Rahe Hain!’https://aiwolfie.medium.com/how-i-found-x-forwarded-header-injection-server-be-like-ab-toh-trust-issues-ho-rahe-hain-220e100332a3?source=rss------bug_bounty-5AIwolfiecybersecurity, bug-bounty, servers, ethical-hacking, host-header-injection19-Dec-2024
Subdomain Takeover guides, methodology and exploit POCshttps://aditya-narayan.medium.com/subdomain-takeover-guides-methodology-and-exploit-pocs-9f5dd632c175?source=rss------bug_bounty-5Aditya Narayanbug-bounty-writeup, subdomain-takeover, bug-bounty-tips, reconnaissance, bug-bounty19-Dec-2024
Installing Xposed Framework for Enhanced Penetration Testing (SSLunpinning)https://medium.com/@sumith.ec12/installing-xposed-framework-for-enhanced-penetration-testing-sslunpinning-d50fbb2354c6?source=rss------bug_bounty-5sumith p vbug-bounty, vapt, pentesting, security-testing, ssl-pinning-bypass19-Dec-2024
HTML Injection to Mass Phishinghttps://infosecwriteups.com/html-injection-to-mass-phishing-5701d495cdc2?source=rss------bug_bounty-5Bharat Singhphishing, bug-bounty, cybersecurity, penetration-testing, bug-bounty-writeup19-Dec-2024
Zero-Click Account Takeover Through Response Manipulationhttps://medium.com/@abdullayman04/zero-click-account-takeover-through-response-manipulation-ee786a7a06dd?source=rss------bug_bounty-5Abdullah Aymancybersecurity, bug-bounty, account-takeover, penetration-testing19-Dec-2024
How I Found an Authentication Bypass Vulnerability in the Password Change Processhttps://medium.com/@ajay.kumar.695632/how-i-found-an-authentication-bypass-vulnerability-in-the-password-change-process-160359fae1bc?source=rss------bug_bounty-5Ajay Kumarbugs, bug-bounty-writeup, bug-bounty-tips, bug-bounty, bug-hunting19-Dec-2024
HACKING NASA TO GET APPRECIATION LETTERhttps://medium.com/@click2jit/hacking-nasa-to-get-appreciation-letter-a6ff93a3bcbc?source=rss------bug_bounty-5Prasenjit Malakarcybersecurity, bug-bounty, ethical-hacking, programming, xss-attack19-Dec-2024
Interpol Replaces “Pig Butchering” with “Romance Baiting” to Protect Victimshttps://medium.com/@wiretor/interpol-replaces-pig-butchering-with-romance-baiting-to-protect-victims-4c702d62adaa?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, ai, bug-bounty, malware, hacker19-Dec-2024
LFI: Identify the vulnerable endpoint and exploit that by reading
the “/etc/passwd” file."https://medium.com/@aburayhan01734_18069/lfi-identify-the-vulnerable-endpoint-and-exploit-that-by-reading-the-etc-passwd-file-a9d0586f85c9?source=rss------bug_bounty-5Md. Abu Rayhanlfi, bug-bounty, vulnerability, cybersecurity, bug-bounty-writeup19-Dec-2024
Beginners Guide for Exploiting Race Conditionshttps://bitpanic.medium.com/beginners-guide-for-exploiting-race-conditions-ab73c843b44a?source=rss------bug_bounty-5Spectat0rguybug-bounty, programming, cybersecurity, bug-bounty-tips, technology19-Dec-2024
“Do Your Best, and Let Allah Do the Rest” led me to a Privilege Escalation Bughttps://medium.com/@mrasg/do-your-best-and-let-allah-do-the-rest-leads-me-to-privilege-escalation-bug-60a3c028c802?source=rss------bug_bounty-5Ahmed Samir Ghallabpentesting, penetration-testing, bug-bounty, bug-bounty-tips, bug-bounty-writeup19-Dec-2024
Successfully Gained Full Admin Access and Changed the Password Through Token Manipulation ⚔️https://medium.com/@momenrezkk90/successfully-gained-full-admin-access-and-changed-the-password-through-token-manipulation-%EF%B8%8F-fe91fc0d9a0f?source=rss------bug_bounty-5Momenrezkpenetration-testing, bug-bounty, cybersecurity18-Dec-2024
Easiest P1 $$$$$!https://medium.com/@mrsingh10978/easiest-p1-702990960a50?source=rss------bug_bounty-5Anonymous Traigerbug-bounty-program, bug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips18-Dec-2024
Mobile Application Bounty Practice: SQL Injection Principles, Vulnerability Discovery and…https://medium.com/@security.tecno/mobile-application-bounty-practice-sql-injection-principles-vulnerability-discovery-and-3921ad2e6998?source=rss------bug_bounty-5TECNO Securityhacking, security, sql, bug-bounty18-Dec-2024
FROM STRUGGLES TO SUCCESS: MY JOURNEY TO THE NASA HALL OF FAMEhttps://rootxabit.medium.com/from-struggles-to-success-my-journey-to-the-nasa-hall-of-fame-38700dd6303a?source=rss------bug_bounty-5sudo-xabitinfo-sec-writeups, bugcrowd, bug-bounty, hacked, nasa18-Dec-2024
Admin Panel Access via Default Credentialshttps://infosecwriteups.com/admin-panel-access-via-default-credentials-215b92b030bb?source=rss------bug_bounty-5cryptoshantbug-bounty-tips, pentesting, bug-bounty, hall-of-fame, hacking18-Dec-2024
Rate Limit Bypass Using Response Manipulation.https://aman0.medium.com/rate-limit-bypass-using-response-manipulation-dcce19aff7ef?source=rss------bug_bounty-5Aman Hweb3, bug-bounty, infosec, bug-bounty-tips, penetration-testing18-Dec-2024
$150 Easy HTML Injection Vulnerabilityhttps://medium.com/@kumawatabhijeet2002/150-easy-html-injection-vulnerability-5c176b5d07fa?source=rss------bug_bounty-5Abhijeet kumawathacking, bounty-program, infosec, bug-bounty, bug-bounty-tips18-Dec-2024
What is Passive Reconnaissance? ️‍♂️https://theexploitlab.medium.com/what-is-passive-reconnaissance-%EF%B8%8F-%EF%B8%8F-4de8a9ce5003?source=rss------bug_bounty-5The Exploit Labhacking, bugs, bug-bounty, bug-bounty-tips18-Dec-2024
How to Use Enum4linux for SMB Enumeration in Kali Linuxhttps://theexploitlab.medium.com/how-to-use-enum4linux-for-smb-enumeration-in-kali-linux-d96e27f9391d?source=rss------bug_bounty-5The Exploit Labbug-bounty, smb, bug-bounty-tips, bugs18-Dec-2024
How to Use Corsy for CORS Misconfiguration Scanninghttps://theexploitlab.medium.com/how-to-use-corsy-for-cors-misconfiguration-scanning-7ba7b22ee9d5?source=rss------bug_bounty-5The Exploit Labcors, hacking, bug-bounty, bug-bounty-tips18-Dec-2024
Useful Wordlists for Bug Bounty Huntershttps://medium.com/@iamshafayat/useful-wordlists-for-bug-bounty-hunters-09f9b3cd2344?source=rss------bug_bounty-5Shafayat Ahmed Alifbug-bounty, cybersecurity, penetration-testing, bug-bounty-tips, bug-bounty-writeup18-Dec-2024
Step-by-Step Guide to Building Secure Web Applications with OWASP Top 10https://medium.com/@dhatchu9715/step-by-step-guide-to-building-secure-web-applications-with-owasp-top-10-7c603dda58f3?source=rss------bug_bounty-5Dhatchuowasp, bug-bounty, hacking, networking, cybersecurity18-Dec-2024
Bug Bounty Findings: 10 Major Vulnerabilities Exposed in Cloverleaf’s Application - BAC in GraphQL…https://medium.com/@maakthon/bug-bounty-findings-10-major-vulnerabilities-exposed-in-cloverleafs-application-bac-in-graphql-0ae1ee0eb4d5?source=rss------bug_bounty-5Mahmoud Abd Alkarimcybersecurity, bug-bounty, broken-access-control, bug-bounty-writeup, security-research18-Dec-2024
The Dark Side of Shodanhttps://yasinspace.medium.com/the-dark-side-of-shodan-2d9b422e28a8?source=rss------bug_bounty-5Yasinred-team, hacking, bug-bounty, shodan, bug-bounty-tips18-Dec-2024
This 200$ Gadget Can Hack Anythinghttps://osintteam.blog/this-200-gadget-can-hack-anything-c482888871e3?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, cybersecurity, technology, cybercrime, hacking18-Dec-2024
Best python scripts for cybersecurity analysthttps://medium.com/@paritoshblogs/best-python-scripts-for-cybersecurity-analyst-d5ebc91b4cdb?source=rss------bug_bounty-5Paritoshinformation-technology, cybersecurity, hacking, bug-bounty, python18-Dec-2024
Turning a Known Issue into €100 Bounty: My Bug Bounty Breakthrough✨https://medium.com/@anmolv77654/turning-a-known-issue-into-a-100-bounty-my-bug-bounty-breakthrough-3bd89c281ea9?source=rss------bug_bounty-5AnmolSecSavvyweb-security, cybersecurity, bug-bounty, ethical-hacking, bug-bounty-tips18-Dec-2024
$750 Domain Hijacking Vulnerabilityhttps://1-day.medium.com/750-domain-hijacking-vulnerability-f6e4b4445711?source=rss------bug_bounty-51daybug-bounty, information-security, penetration-testing, ethical-hacking, bug-bounty-tips18-Dec-2024
Meta Hit with $264M Fine! Irish DPC Takes a Stand on Facebook Data Breachhttps://medium.com/@wiretor/meta-hit-with-264m-fine-irish-dpc-takes-a-stand-on-facebook-data-breach-60cb69abe3df?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, ai, business, malware18-Dec-2024
Beware of New Ledger Phishing Attack: Protect Your Crypto Wallet!https://medium.com/@wiretor/beware-of-new-ledger-phishing-attack-protect-your-crypto-wallet-a048705d2b58?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, ai, hacking, business18-Dec-2024
CVE-2024–54385 | WordPress Pluginhttps://medium.com/@malvinval/cve-2024-54385-wordpress-plugin-7ff0f8e5ad1d?source=rss------bug_bounty-5Malvin Valeriancve, hacking, cybersecurity, bug-bounty, wordpress17-Dec-2024
200$ DLL Hijacking Attackhttps://cybersecuritywriteups.com/200-dll-hijacking-attack-fdb4fd46fea9?source=rss------bug_bounty-5AbhirupKonwarcybersecurity, penetration-testing, bug-bounty, bug-bounty-writeup, bug-bounty-tips17-Dec-2024
OSINT AND DORKING TOOLShttps://medium.com/@reazatih/osint-and-dorking-tools-67dc970d049d?source=rss------bug_bounty-5Re@Zaosint, hacking, dorks, bug-bounty17-Dec-2024
Utilizing MITRE ATT&CK Framework: Examples and Practical Applicationshttps://medium.com/@paritoshblogs/utilizing-mitre-att-ck-framework-examples-and-practical-applications-0c4ea468ad53?source=rss------bug_bounty-5Paritoshmitre-attck, hacking, threat-intelligence, bug-bounty, cybersecurity17-Dec-2024
Open Redirect to XSS: Chaining Vulnerabilities for Maximum Impacthttps://medium.com/@iPsalmy/open-redirect-to-xss-chaining-vulnerabilities-for-maximum-impact-36ae8dd9f198?source=rss------bug_bounty-5iPsalmyweb-application-security, bug-bounty, xss-attack17-Dec-2024
API Keys Attack: How to Find and Exploit Secrets in Web Applicationshttps://medium.com/@bootstrapsecurity/api-keys-attack-how-to-find-and-exploit-secrets-in-web-applications-1896d75d716b?source=rss------bug_bounty-5BootstrapSecurityethical-hacking, bug-bounty, api, hacking, hacking-team17-Dec-2024
Top 9 Books to Master Bug Hunting and Penetration Testinghttps://osintteam.blog/top-9-books-to-master-bug-hunting-and-penetration-testing-c40039b330bb?source=rss------bug_bounty-5Bicitro Biswashacking, cybersecurity, bug-bounty, books, penetration-testing17-Dec-2024
Exposing Facebook’s Hidden Goldmine: Creators’ Private Data at Riskhttps://gtm0x01.medium.com/exposing-facebooks-hidden-goldmine-creators-private-data-at-risk-01317f3f0031?source=rss------bug_bounty-5Gtm Mänôzgraphql, hacking, facebook, infosec, bug-bounty17-Dec-2024
SubScanX: A Powerful Recon Tool for Bug Bounty and Pentestinghttps://medium.com/@rootspaghetti/subscanx-a-powerful-recon-tool-for-bug-bounty-and-pentesting-ed229128a661?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, bug-bounty17-Dec-2024
Documenting Bug Bounty Journey and Current Approachhttps://aditya-narayan.medium.com/documenting-bug-bounty-journey-and-current-approach-334db57e857e?source=rss------bug_bounty-5Aditya Narayanbug-bounty-tips, writeup, hacker, bug-bounty, cybersecurity17-Dec-2024
How I got Appreciation Letters for finding bugs.https://infosecwriteups.com/how-i-got-appreciation-letters-for-finding-bugs-e935f42e2f71?source=rss------bug_bounty-5Rivek Raj Tamang ( RivuDon )hacking, cybersecurity, ethical-hacking, bug-bounty, bug-bounty-tips17-Dec-2024
How I Broke the Speed Limit: A Bug Bounty Tale of Bypassing Rate Limitinghttps://infosecwriteups.com/how-i-broke-the-speed-limit-a-bug-bounty-tale-of-bypassing-rate-limiting-29a1ec4e8681?source=rss------bug_bounty-5Akash Ghoshbug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, technology17-Dec-2024
6 AI Tools Used by Hackers 2025https://ai.plainenglish.io/6-ai-tools-used-by-hackers-2025-dfdda79cf51f?source=rss------bug_bounty-5Tahir Ayoubchatgpt, hacking, ai, cybersecurity, bug-bounty17-Dec-2024
403 Bypass changing http method onlyhttps://rahman0x01.medium.com/403-bypass-changing-http-method-only-f0a32b43a3c8?source=rss------bug_bounty-5rahman0x01hunting, ethical-hacking, bug-bounty17-Dec-2024
Cybersecurity Alert: Texas Tech University System Data Breach Impacts 1.4 Million Patients!https://medium.com/@wiretor/cybersecurity-alert-texas-tech-university-system-data-breach-impacts-1-4-million-patients-caceb8096be9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, ai, hacking, business17-Dec-2024
FBI ALERT: HiatusRAT Malware Attacks Targeting Web Cameras & DVRs!https://medium.com/@wiretor/fbi-alert-hiatusrat-malware-attacks-targeting-web-cameras-dvrs-37f2eeb2bd01?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, business, hacking, fbi, malware17-Dec-2024
Easy 100$ in public Hackerone program under 3 minuteshttps://medium.com/@loayahmed686/easy-100-in-public-hackerone-program-under-3-minutes-69b20e185d3b?source=rss------bug_bounty-5r00tbug-bounty17-Dec-2024
Uncovering Vulnerabilities Through Swagger UI Directory Enumerationhttps://hackersatty.medium.com/uncovering-vulnerabilities-through-swagger-ui-directory-enumeration-49e6b43558cd?source=rss------bug_bounty-5hackersattycybersecurity, javascript, vulnerability, bug-bounty, swagger17-Dec-2024
Top 5 Ways to Hack APIs and find good bugshttps://medium.com/@sreedeep200/top-5-ways-to-hack-apis-and-find-good-bugs-dfd4a7bbb623?source=rss------bug_bounty-5Sreedeep cvcybersecurity, hacking, api, security, bug-bounty17-Dec-2024
Exploiting Access Control Misconfiguration: Privilege Escalation via Improper PATCH Method…https://medium.com/@momenrezkk90/exploiting-access-control-misconfiguration-privilege-escalation-via-improper-patch-method-b653bb92ada6?source=rss------bug_bounty-5Momenrezkbug-bounty, privilege-escalation, cybersecurity, penetration-testing17-Dec-2024
HTB University CTF 2024 Web challenges writeup: Armaxis[very easy]https://medium.com/@0xNayelx/htb-university-ctf-2024-web-challenges-writeup-armaxis-very-easy-404ac9f101b8?source=rss------bug_bounty-50xNayelsecurity, web-security, htb, ctf, bug-bounty16-Dec-2024
HTB University CTF 2024 Web challenges writeup: Breaking Bank[easy]https://medium.com/@0xNayelx/htb-university-ctf-2024-web-challenges-writeup-breaking-bank-easy-1c3064092abc?source=rss------bug_bounty-50xNayelwriteup, htb, bug-bounty, ctf, security16-Dec-2024
Advanced Google Dorking | Part14https://systemweakness.com/advanced-google-dorking-part14-79b21e11ae25?source=rss------bug_bounty-5AbhirupKonwarpenetration-testing, cybersecurity, ethical-hacking, bug-bounty, bug-bounty-tips16-Dec-2024
How I Got 200 euro bounty?https://doordiefordream.medium.com/how-i-got-200-euro-bounty-03bcce712a51?source=rss------bug_bounty-5Bug hunter baluhacking, vulnerability, ethical-hacking, bug-bounty, cybersecurity16-Dec-2024
Master the Art of Cyber Defense: Top Open-Source Tools for Threat Intelligence!https://medium.com/@paritoshblogs/master-the-art-of-cyber-defense-top-open-source-tools-for-threat-intelligence-7c575e69b853?source=rss------bug_bounty-5Paritoshcybersecurity, hacking, bug-bounty, information-technology, threat-intelligence16-Dec-2024
How I Discovered SSTI Vulnerability in Just 5 Minutes | $300 Bountyhttps://medium.com/@kumawatabhijeet2002/how-i-discovered-ssti-vulnerability-in-just-5-minutes-f7ac31f3f6b0?source=rss------bug_bounty-5Abhijeet kumawatinfose, hacking, bug-bounty-tips, bug-bounty, penetration-testing16-Dec-2024
Unmasking a Privacy Oversight: A Deep Dive into Persistent User Datahttps://medium.com/@najeebkm010/unmasking-a-privacy-oversight-a-deep-dive-into-persistent-user-data-5ee433397021?source=rss------bug_bounty-5Najeebkmbug-bounty, information-disclosure, cyber, security16-Dec-2024
RCE in 2 Universitieshttps://osintteam.blog/rce-in-2-universities-d2f13a2a2afb?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, cybersecurity, cyberattack, penetration-testing, bug-bounty-tips16-Dec-2024
Ethical Dilemmas in Using AI for Security Testing and Bug Bountieshttps://pointlessai.medium.com/ethical-dilemmas-in-using-ai-for-security-testing-and-bug-bounties-ad6d75e6fab7?source=rss------bug_bounty-5PointlessAI Mediumchatgpt, bug-bounty, bugbounty-writeup, ai16-Dec-2024
My Bug Hunting Methodology: Reconhttps://gentilsecurity.medium.com/my-bug-hunting-methodology-recon-cbc6821708d8?source=rss------bug_bounty-5GenTiLreconnaissance, cybersecurity, hacking, bug-hunting, bug-bounty16-Dec-2024
How to Hack JSON Web Tokens (JWT): Weak Implementations for Critical Vulnerabilitieshttps://medium.com/@bootstrapsecurity/how-to-hack-json-web-tokens-jwt-weak-implementations-for-critical-vulnerabilities-75462988cb11?source=rss------bug_bounty-5BootstrapSecurityethical-hacking, cybersecurity, jwt-token, bug-bounty, bug-bounty-tips16-Dec-2024
A Beginner's guide for Starting Web3 Bug Bountyhttps://bitpanic.medium.com/how-to-start-web3-bug-bounty-30f7f968ae11?source=rss------bug_bounty-5Spectat0rguybug-bounty, cybersecurity, web3, bug-bounty-tips, technology16-Dec-2024
My Bug Hunting Methodology: Recon | by ahmedhamdy0xhttps://gentilsecurity.medium.com/my-bug-hunting-methodology-recon-cbc6821708d8?source=rss------bug_bounty-5GenTiLreconnaissance, cybersecurity, hacking, bug-hunting, bug-bounty16-Dec-2024
2FA Testing Tips for Bug Bounty Huntershttps://bevijaygupta.medium.com/2fa-testing-tips-for-bug-bounty-hunters-d6d77322e1b4?source=rss------bug_bounty-5Vijay Guptabug-bounty, bug-bounty-tips, 2fa-authentication, bugs, 2fa16-Dec-2024
How I Discovered a High-Severity Vulnerability on Discord (and got rewarded)https://mirzebaba.medium.com/how-i-discovered-a-high-severity-vulnerability-on-discord-and-got-rewarded-bb327902fbb9?source=rss------bug_bounty-5Mirzəbabavulnerabilit, discord, ethical-hacking, cybersecurity, bug-bounty16-Dec-2024
Clop Ransomware Gang Behind Major Cleo Data Breachhttps://medium.com/@wiretor/clop-ransomware-gang-behind-major-cleo-data-breach-421b729bafde?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, ai, hacking, business16-Dec-2024
ConnectOnCall Breach Exposes 900K+ Records! Don’t Be Next — Get Wire Tor Protection Todayhttps://medium.com/@wiretor/connectoncall-breach-exposes-900k-records-dont-be-next-get-wire-tor-protection-today-d4dd7de3570d?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, malware, ai, business16-Dec-2024
Winnti Hackers Strike Again: New ‘Glutton’ Backdoor Exposed!https://medium.com/@wiretor/winnti-hackers-strike-again-new-glutton-backdoor-exposed-5cd7bbb0faf0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, business, hacking, malware, ai16-Dec-2024
[Hacking Scope] Exposure for tons of secret documentshttps://medium.com/@nagashygaballah/hacking-scope-exposure-for-tons-of-secret-documents-5ba5c3906600?source=rss------bug_bounty-5111xNagashybug-bounty, penetration-testing, hacking16-Dec-2024
Traditional Penetration Testing vs. Bug Bounty Programshttps://medium.com/@hackrate/traditional-penetration-testing-vs-bug-bounty-programs-bb792a4d0d3f?source=rss------bug_bounty-5Levente Molnarethical-hacking, penetration-testing, bug-bounty, hacking, cybersecurity16-Dec-2024
From Minor Glitches to Major Wins: How I Chained CSRF and IDOR for a Critical Exploithttps://osintteam.blog/from-minor-glitches-to-major-wins-how-i-chained-csrf-and-idor-for-a-critical-exploit-0b110170cd9c?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, programming, cybersecurity, technology, bug-bounty16-Dec-2024
Searching web security lessons?https://medium.com/@l1ttlewing/searching-web-security-lessons-8a4dbefd0d04?source=rss------bug_bounty-5littlewinginfosec, cybersecurity, bug-bounty, information-security, web-security16-Dec-2024
Wordlists Every Pentester Must Have !!https://theartificialthinker.medium.com/wordlists-every-pentester-must-have-7ad4c1e46ce5?source=rss------bug_bounty-5Abhishek pawarethical-hacking, hacker, tech, pentest, bug-bounty16-Dec-2024
JWT Auth Gone Wild: The Unexpected Twist!https://medium.com/@ProwlSec/jwt-auth-gone-wild-the-unexpected-twist-a0b2ed943225?source=rss------bug_bounty-5ProwlSecjwt, bugs, bug-bounty, hacking, pentesting15-Dec-2024
What are Low Hanging Bugs? | Easy way to find them️‍♂️https://medium.com/@kumawatabhijeet2002/what-are-low-hanging-bugs-easy-way-to-find-them-%EF%B8%8F-%EF%B8%8F-399b37b354b7?source=rss------bug_bounty-5Abhijeet kumawathacking, bug-bounty-tips, infose, bugs, bug-bounty15-Dec-2024
MSSQL (Microsoft SQL Server) — Port 1433https://medium.com/@verylazytech/mssql-microsoft-sql-server-port-1433-bc26d0bbdca9?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, mssql, oscp, bug-bounty, cybersecurity15-Dec-2024
Automotive Penetration Testing Checklisthttps://infosecwriteups.com/automotive-penetration-testing-checklist-8bbe83091c47?source=rss------bug_bounty-5Ajay Naikpenetration-testing, cybersecurity, information-technology, information-security, bug-bounty15-Dec-2024
SQL Injection Vulnerability on a Security Awareness website: From Database Dump to cPanel Accesshttps://medium.com/@anonymousshetty2003/sql-injection-vulnerability-on-a-security-awareness-website-from-database-dump-to-cpanel-access-4bb3645eef07?source=rss------bug_bounty-5Anonymousshettybug-bounty, sql-injection, cybersecurity, ethical-hacking15-Dec-2024
How i found a Email Spoofing vulnerability to perform Phishing Attackshttps://medium.com/@anonymousshetty2003/how-i-found-a-email-spoofing-vulnerability-to-perform-phishing-attacks-00ec2cc934bb?source=rss------bug_bounty-5Anonymousshettyemail-spoofing, cybersecurity, bug-bounty, ethical-hacking15-Dec-2024
ShadowJS: JavaScript File Discovery Toolhttps://medium.com/@rootspaghetti/shadowjs-javascript-file-discovery-tool-1ede2f3172b6?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, bug-bounty15-Dec-2024
Ultimate Django Vulnerability Checklisthttps://bitpanic.medium.com/ultimate-django-vulnerability-checklist-ceb7f428c45f?source=rss------bug_bounty-5Spectat0rguytechnology, cybersecurity, python, bug-bounty, bug-bounty-tips15-Dec-2024
LKQ Hacked: Cyberattack Disrupts Canadian Unit Operations and Exposes Company Datahttps://medium.com/@wiretor/lkq-hacked-cyberattack-disrupts-canadian-unit-operations-and-exposes-company-data-7db6b9763011?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, xs, bug-bounty, lkq, hacking15-Dec-2024
Russia Blocks Viber: Latest Move to Censor Communicationshttps://medium.com/@wiretor/russia-blocks-viber-latest-move-to-censor-communications-9dce4d823d67?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesrussia, malware, viber, hacking, bug-bounty15-Dec-2024
JavaScript BugBounty Methodhttps://medium.com/@cc1a2bb/javascript-bugbounty-method-5b789bfa7f44?source=rss------bug_bounty-5cc1a2bhacking, cybersecurity, javascript, bug-bounty, bug-bounty-tips15-Dec-2024
Cybersecurity Roadmap 2025https://hackerassociate.medium.com/cybersecurity-roadmap-2025-f7ad9d4ac49c?source=rss------bug_bounty-5Harshad Shahcybersecurity, infosec, bug-bounty, penetration-testing, hacking14-Dec-2024
Simplifying Reconnaissance: Building a Custom Bug Hunting Discord Bothttps://medium.com/@najeebkm010/simplifying-reconnaissance-building-a-custom-bug-hunting-discord-bot-6792ab4249bf?source=rss------bug_bounty-5Najeebkmbug-bounty-tool, bug-bounty, cybersecurity14-Dec-2024
How I Discovered a $7,000 Critical Vulnerability: IDOR to BAC to Account Takeoverhttps://medium.com/@najeebkm010/how-i-discovered-a-7-000-critical-vulnerability-idor-to-bac-to-account-takeover-0c195eae2ed2?source=rss------bug_bounty-5Najeebkmbug-bounty-writeup, bug-bounty14-Dec-2024
10 day with Me | OWASP Top 10 | Day -1: Broken Access Controlhttps://infyra.medium.com/10-day-with-me-owasp-top-10-day-1-broken-access-control-e75572ce157e?source=rss------bug_bounty-5Md. EMTIAZ AHMEDbroken-access-control, owasp, owasp-top-10, bug-bounty, cybersecurity14-Dec-2024
Exploiting API Rate Limiting: Bypassing Restrictionshttps://medium.com/@bootstrapsecurity/exploiting-api-rate-limiting-bypassing-restrictions-c89a1bd61aee?source=rss------bug_bounty-5BootstrapSecurityapi-security, development, rate-limiting, hacking, bug-bounty14-Dec-2024
How I Found a Broken Link Hijacking Vulnerability in 2 Minutes | $250 Bountyhttps://medium.com/@kumawatabhijeet2002/how-i-found-a-broken-link-hijacking-vulnerability-in-2-minutes-250-bounty-0d991eb9c61b?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, bugs, infosec, broken-link-hijacking, hacking14-Dec-2024
My First Critical Bug: Exposing 3.5 Lakh+ PII! ️https://infosecwriteups.com/my-first-critical-bug-exposing-3-5-lakh-pii-%EF%B8%8F-fbad616ddbea?source=rss------bug_bounty-5cryptoshanthacking, bug-bounty-tips, penetration-testing, cybersecurity, bug-bounty14-Dec-2024
Git Information Leak: How to Exploit an Exposed .git Repository on a Web Serverhttps://medium.com/@burhankhansodhar/git-information-leak-how-to-exploit-an-exposed-git-repository-on-a-web-server-ac190ae18928?source=rss------bug_bounty-5Itz Burhan Khanpenetration-testing, web-server, directory-listing, bug-bounty, git14-Dec-2024
Are you looking for an Intigriti alternative?https://medium.com/@hackrate/are-you-looking-for-an-intigriti-alternative-4128a25888ed?source=rss------bug_bounty-5Levente Molnarcybersecurity, bug-bounty, hacking, ethical-hacking, penetration-testing14-Dec-2024
Dubai Police Identity Used in Sophisticated UAE Mobile Scamshttps://medium.com/@wiretor/dubai-police-identity-used-in-sophisticated-uae-mobile-scams-36b9d149db17?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, malware, hacking, ai, bug-bounty14-Dec-2024
Using Platform Profiles to send Fake in Information: A Security Risk Good logic bughttps://medium.com/@mahdisalhi0500/using-platform-profiles-to-send-fake-in-information-a-security-risk-good-logic-bug-0510d73802b8?source=rss------bug_bounty-5CaptinSHArky(Mahdi)penetration-testing, cybersecurity, bug-bounty-tips, bug-bounty, security14-Dec-2024
P4 bug’s and their POC steps | Part 9https://osintteam.blog/p4-bugs-and-their-poc-steps-part-9-c1f873227917?source=rss------bug_bounty-5socalledhackerinfosec, bug-bounty, bug-bounty-tips, cybersecurity, hacking14-Dec-2024
Reflected XSS on Gaming Blog Websitehttps://medium.com/@enigma_/reflected-xss-on-gaming-blog-website-edc448d613a3?source=rss------bug_bounty-5enigma_writeup, bug-bounty-writeup, hackin, penetration-testing, bug-bounty13-Dec-2024
Introducing ShodanSpider v2: Your Ultimate Free Tool for CVE Searching and Shodan Data Analysis…https://shubhamrooter.medium.com/introducing-shodanspider-v2-your-ultimate-free-tool-for-cve-searching-and-shodan-data-analysis-ba7c7b3097b0?source=rss------bug_bounty-5Shubham Tiwaricybersecurity, shodanspider, bug-bounty, redteam-tool, pentesting13-Dec-2024
#ERROR!https://medium.com/meetcyber/hidden-ace-up-hackers-sleeve-hacking-gadgets-1-phone-on-a-simmy-8b3d3cd540cf?source=rss------bug_bounty-5NnFacecybersecurity, hacking, termux, kali-linux, bug-bounty13-Dec-2024
Deep Recon Methodology for Bug Bounty Hunters | Part-1https://medium.com/@kumawatabhijeet2002/deep-recon-methodology-for-bug-bounty-hunters-part-1-54bdac09dcf4?source=rss------bug_bounty-5Abhijeet kumawatinfosec, bug-bounty, methodology, bug-bounty-tips13-Dec-2024
Critical Unauthorized Access to Admin Pages via Vulnerable Endpointshttps://hackersatty.medium.com/critical-unauthorized-access-to-admin-pages-via-vulnerable-endpoints-e8799b3f7f69?source=rss------bug_bounty-5hackersattyadmin-panel, javascript, bug-bounty, hackerone, hackersatty13-Dec-2024
Third Party Services Takeover using Oauth Misconfigurationhttps://infosecwriteups.com/third-party-services-takeover-using-oauth-misconfiguration-8888a0c1ad86?source=rss------bug_bounty-5Ronak Patelinformation-security, cybersecurity, ethical-hacking, bug-bounty13-Dec-2024
Idor Is Easy ! You may Don’t know ! The Longest PrivEsc I’ve ever faced on Public BBPhttps://medium.com/@Ahmex000/idor-is-easy-you-may-dont-know-the-longest-privesc-i-ve-ever-faced-on-public-bbp-1bf67cd699d8?source=rss------bug_bounty-5Ahmex000bug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-hunting, bugbounty-writeup13-Dec-2024
How I Found and Fixed XSS on a Website: A Bug Hunter’s Talehttps://medium.com/@mayankmalaviya3/how-i-found-and-fixed-xss-on-a-website-a-bug-hunters-tale-bc7351043928?source=rss------bug_bounty-5Mayank Malaviya (Aiwolfie)hacking, bug-bounty, security, xss-attack, vulnerability13-Dec-2024
429 Bypasser Extension Guidehttps://medium.com/@raxomara/429-bypasser-extension-guide-1d4f86b7d630?source=rss------bug_bounty-5Raxomaracybersecurity, 429-bypasser, rate-limit-bypass, bug-bounty, bug-bounty-tips13-Dec-2024
Make Penetration Testing Sexy Againhttps://medium.com/@hackrate/make-penetration-testing-sexy-again-with-hackgate-51c556944c0b?source=rss------bug_bounty-5Levente Molnarethical-hacking, bug-bounty, cybersecurity, penetration-testing, hacking13-Dec-2024
The Growing Threat of Identity Attacks in Cybersecurityhttps://medium.com/@paritoshblogs/the-growing-threat-of-identity-attacks-in-cybersecurity-5e847cf4ab6d?source=rss------bug_bounty-5Paritoshinformation-technology, hacking, cybersecurity, identity, bug-bounty13-Dec-2024
Bug Bounty Training Programhttps://bevijaygupta.medium.com/bug-bounty-training-program-78c927572385?source=rss------bug_bounty-5Vijay Guptabug-bounty-writeup, bug-bounty, bug-bounty-tips, bugs, bug-zero13-Dec-2024
A Beginner’s Guide to Testing for Server-Side Request Forgery (SSRF)https://medium.com/@mcooter/a-beginners-guide-to-testing-for-server-side-request-forgery-ssrf-9a4b5e16fdd2?source=rss------bug_bounty-5Michael Cooterbug-bounty, ssrf, oswa, web-application-security, hacking13-Dec-2024
Android vs iOS Security Introhttps://medium.com/@in3tinct/android-vs-ios-security-intro-4a9b5ecc65cf?source=rss------bug_bounty-5Vaibhavsecurity, android, bug-bounty, ios, mobile-app-development13-Dec-2024
Bug Bounty Findings: 10 Major Vulnerabilities Exposed in Cloverleaf’s Application — IDOR — Part 2https://medium.com/@maakthon/bug-bounty-findings-10-major-vulnerabilities-exposed-in-cloverleafs-application-idor-part-2-932746b6b445?source=rss------bug_bounty-5Mahmoud Abd Alkarimsecurity-research, web-application-security, cybersecurity, bug-bounty, bug-bounty-writeup13-Dec-2024
APIS are so easy to exploithttps://medium.com/@momen_besher/apis-are-so-easy-to-exploit-80bf65941e28?source=rss------bug_bounty-5steve55555api, vulnerability, bug-bounty-tips, cybersecurity, bug-bounty13-Dec-2024
【Award-winning Survey】About Security Vulnerability Submission Functionhttps://medium.com/@security.tecno/award-winning-survey-about-security-vulnerability-submission-function-c3113e2baec0?source=rss------bug_bounty-5TECNO Securityrewards, bugs, surveys, hacking, bug-bounty12-Dec-2024
[Bugbounty]SQLI — Data Exfiltration via DNShttps://medium.com/@kauenavarro/bugbounty-sqli-data-exfiltration-via-dns-3e68ece08205?source=rss------bug_bounty-5Kauê Navarrohacking, sqli, bug-hunter, bug-bounty, bugcrowd12-Dec-2024
How I Bypassed Email Confirmation: A Playful Journey into the World of Bug Huntinghttps://medium.com/@mrasg/how-i-bypassed-email-confirmation-a-playful-journey-into-the-world-of-bug-hunting-30f72d6c2fb6?source=rss------bug_bounty-5Ahmed Samir Ghallabpentesting, bug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty12-Dec-2024
Measuring the Success of Bug Bounty Programs: Outdated vs. Modern Approacheshttps://medium.com/@hackrate/measuring-the-success-of-bug-bounty-programs-outdated-vs-modern-approaches-9cf87655092b?source=rss------bug_bounty-5Levente Molnarethical-hacking, penetration-testing, cybersecurity, hacking, bug-bounty12-Dec-2024
How I hacked Universityhttps://medium.com/@Wantet/how-i-hacked-university-76097e703cb5?source=rss------bug_bounty-5Wantetpenetration-testing, university, bug-bounty, hacking12-Dec-2024
How to Find and Identify Race Condition Vulnerabilities as a Penetration Testerhttps://cyberw1ng.medium.com/how-to-find-and-identify-race-condition-vulnerabilities-as-a-penetration-tester-9d9ecce6ed56?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, careers, technology12-Dec-2024
Bug Bounty Findings: 10 Major Vulnerabilities Exposed in Cloverleaf’s Application - Open Redirect …https://medium.com/@maakthon/bug-bounty-findings-10-major-vulnerabilities-exposed-in-cloverleafs-web-application-part-1-95f659ff7d0a?source=rss------bug_bounty-5Mahmoud Abd Alkarimweb-application-security, cybersecurity, bug-bounty-writeup, bug-bounty, security-research12-Dec-2024
Account Takeover using SSO Loginshttps://rikeshbaniya.medium.com/account-takeover-using-sso-logins-fa35f28a358b?source=rss------bug_bounty-5Rikesh Baniyabugcrowd, bug-bounty-writeup, bug-bounty-tips, hackerone, bug-bounty12-Dec-2024
Hack The Box Academy — File Inclusion — Skills Assessmenthttps://medium.com/@d4nglz17/hack-the-box-academy-file-inclusion-skills-assessment-1ca0283a9a06?source=rss------bug_bounty-5Danglzhackthebox, penetration-testing, bug-bounty-writeup, bug-bounty, information-security12-Dec-2024
Identity & Access Alert: Microsoft MFA Bypassed via AuthQuake Attack!https://medium.com/@wiretor/identity-access-alert-microsoft-mfa-bypassed-via-authquake-attack-fc57043fe39a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, microsoft, bug-bounty, ai, business12-Dec-2024
Critical Alert: Hackers Exploit Hunk Companion WordPress Plugin!https://medium.com/@wiretor/critical-alert-hackers-exploit-hunk-companion-wordpress-plugin-50fcf5834f84?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, wordpress, hacking, bug-bounty, malware12-Dec-2024
€XXX bounty for 2FA disabled without password and OTP by response manipulationhttps://osintteam.blog/xxx-bounty-for-2fa-disabled-without-password-and-otp-by-response-manipulation-499ba5234a4f?source=rss------bug_bounty-5socalledhackerhacking, bug-bounty, infosec, cybersecurity, bug-bounty-tips12-Dec-2024
“Bypasseando controles en un POS” (Un poco de humo… del bueno)https://medium.com/@andresbe.be/bypasseando-controles-en-un-pos-un-poco-de-humo-del-bueno-b18b6ecbc775?source=rss------bug_bounty-5Andres Barrosobypass-restriction, point-of-sale-device, bug-bounty12-Dec-2024
How a Race Condition Became an Account Takeover Vulnerabilityhttps://medium.com/@mrasg/how-a-race-condition-became-an-account-takeover-vulnerability-756f14990f38?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty-writeup, bug-bounty-tips, security, pentesting, bug-bounty12-Dec-2024
“Bypasseando controles en un POS”https://medium.com/@andresbe.be/bypasseando-controles-en-un-pos-un-poco-de-humo-del-bueno-b18b6ecbc775?source=rss------bug_bounty-5Andres Barrosobypass-restriction, point-of-sale-device, bug-bounty12-Dec-2024
Exposed Git Directory P1 Bughttps://medium.com/@abhirupkonwar04/exposed-git-directory-p1-bug-5fd272a62f51?source=rss------bug_bounty-5AbhirupKonwarvulnerability-management, pentesting, bug-bounty-tips, bug-bounty, bug-bounty-writeup11-Dec-2024
We Faced a Brute Force Attack — Here’s What Saved Us!https://medium.com/@paritoshblogs/we-faced-a-brute-force-attack-heres-what-saved-us-1d33547eca61?source=rss------bug_bounty-5Paritoshinformation-technology, hacking, cybersecurity, bug-bounty, brute-force11-Dec-2024
Exposed Git Directory P1 Bughttps://systemweakness.com/exposed-git-directory-p1-bug-5fd272a62f51?source=rss------bug_bounty-5AbhirupKonwarvulnerability-management, pentesting, bug-bounty-tips, bug-bounty, bug-bounty-writeup11-Dec-2024
Email Flooding Without Knowing Victim Email Via CSRFhttps://0xshuvo.medium.com/email-flooding-without-knowing-victim-email-via-csrf-8de8bf5de3a3?source=rss------bug_bounty-5Shuvo Kumar Sahaemail-flooding, csrf, bug-bounty, bugbounty-writeup, bug-bounty-tips11-Dec-2024
How I Earned My First $100 in a Bug Bounty Program (And How You Can Too!)https://medium.com/@divyesh.jagad/how-i-earned-my-first-100-in-a-bug-bounty-program-and-how-you-can-too-57b58b37226a?source=rss------bug_bounty-5Divyesh Jagadpassive-income, data-security, bug-bounty, ethical-hacking, cybersecurity11-Dec-2024
Easy SQLI in just 30 minuteshttps://medium.com/@mohammed01550038865/easy-sqli-in-just-30-minutes-0296038bb473?source=rss------bug_bounty-5Muhammed Mubarakbug-bounty, hackerone, sql-injection, bugcrowd, writing-tips11-Dec-2024
IDOR leads to leak private user’s datahttps://medium.com/@banertheinrich/idor-leads-to-leak-private-users-data-3a2b59f58826?source=rss------bug_bounty-5Adham Heinrichidor, bug-bounty, idor-vulnerability, cybersecurity, penetration-testing11-Dec-2024
Hackrate PTaaS Powered by HackGATE: Redefining Penetration Testinghttps://medium.com/@hackrate/hackrate-ptaas-powered-by-hackgate-redefining-penetration-testing-cb91c07ecc8f?source=rss------bug_bounty-5Levente Molnarpenetration-testing, bug-bounty, ethical-hacking, cybersecurity, hacking11-Dec-2024
Data Breach: 446K Patients & Employees Affected at Center for Vein Restorationhttps://medium.com/@wiretor/data-breach-446k-patients-employees-affected-at-center-for-vein-restoration-a75cf6fc1a5e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, bug-bounty, hacking, malware, business11-Dec-2024
Urgent Warning: Ivanti CSA Flaw Exposes Admin Controls to Hackers!https://medium.com/@wiretor/urgent-warning-ivanti-csa-flaw-exposes-admin-controls-to-hackers-d6937ede4389?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, ivanti, ransomware, business11-Dec-2024
Critical WPForms Flaw Exposes 6M Sites to Unauthorized Stripe Refundshttps://medium.com/@wiretor/critical-wpforms-flaw-exposes-6m-sites-to-unauthorized-stripe-refunds-da9f48a7bfd0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, wpforms, business, malware11-Dec-2024
How I Secured The Indian Army?https://cybersecuritywriteups.com/how-i-secured-the-indian-army-9a80ba399202?source=rss------bug_bounty-5Guru Prasad Pattanaikbug-bounty-tips, cybersecurity, ethical-hacking, bug-bounty-writeup, bug-bounty11-Dec-2024
Mastering JavaScript, Can It Make You an XSS Bug Hunter?https://rendiero.medium.com/mastering-javascript-can-it-make-you-an-xss-bug-hunter-a0f0aaba0c6f?source=rss------bug_bounty-5Rendierohacking, penetration-testing, bug-bounty, xss-attack, javascript10-Dec-2024
Email and home address disclosure using unauthenticated API endpoint worth $500https://vijetareigns.medium.com/email-and-home-address-disclosure-using-unauthenticated-api-endpoint-worth-500-4a497ff0678c?source=rss------bug_bounty-5the_unlucky_guycybersecurity, bug-bounty, application-security, bug-bounty-writeup, bug-bounty-tips10-Dec-2024
Investigating a Linux Machine Security Breach Without Tools!https://medium.com/@paritoshblogs/investigating-a-linux-machine-security-breach-without-tools-464e14bdeab0?source=rss------bug_bounty-5Paritoshhacking, information-technology, linux, bug-bounty, cybersecurity10-Dec-2024
$500 Bypassing Cloudflare WAF to Achieve XSShttps://medium.com/@kumawatabhijeet2002/500-bypassing-cloudflare-waf-to-achieve-xss-f3b9c4acb702?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, xss-vulnerability, bug-bounty-writeup, bug-bounty-tips, bugs10-Dec-2024
HackerOne 香港汇丰接收赏金https://medium.com/@dem0ns/hackerone-%E9%A6%99%E6%B8%AF%E6%B1%87%E4%B8%B0%E6%8E%A5%E6%94%B6%E8%B5%8F%E9%87%91-353356389bc9?source=rss------bug_bounty-5猫猫虫hsbc, h1, bug-bounty, hackerone, 挖洞10-Dec-2024
One way hackers stole API keys, Passwords, Tokens and Secrets.https://osintteam.blog/one-way-hackers-stole-api-keys-passwords-tokens-and-secrets-4e731435bbd4?source=rss------bug_bounty-5Pwndec0c0programming, bug-bounty, cybersecurity, hacking, web-development10-Dec-2024
Zoho QEngine: Arbitrary File Readhttps://infosecwriteups.com/zoho-qengine-arbitrary-file-read-08df3d1e167e?source=rss------bug_bounty-5Jayateertha Guruprasadhacking, cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup10-Dec-2024
NASA P2 Google Dorkinghttps://medium.com/@srinathkk99/nasa-p3-google-dorking-f7bd4b56d395?source=rss------bug_bounty-5Srinath K Kcybersecurity, bug-bounty, nasa, vulnerability, appreciation10-Dec-2024
The Ultimate Guide to Starting a Bug Bounty Program: A Company’s Perspectivehttps://medium.com/@hackrate/the-ultimate-guide-to-starting-a-bug-bounty-program-a-companys-perspective-4feebb585ac4?source=rss------bug_bounty-5Levente Molnarethical-hacking, hacking, penetration-testing, cybersecurity, bug-bounty10-Dec-2024
I Found 7 Log4j (RCE) in a Single Program!https://medium.com/@rootplinix/i-found-7-log4j-rce-in-a-single-program-5afb7d02dd06?source=rss------bug_bounty-5Abu Hurayrabug-bounty-tips, cybersecurity, bug-bounty-writeup, log4shell, bug-bounty10-Dec-2024
Must-Have Hacking Extensions For Bugbounty Huntershttps://medium.com/@The_scratch/must-have-hacking-extensions-for-bugbounty-hunters-5de4c56c6963?source=rss------bug_bounty-5Scratchreconnaissance, bug-bounty, cybersecurity, hacking, bug-bounty-tips10-Dec-2024
Naabu: A Fast and Efficient Port Scanning Toolhttps://medium.com/@rootspaghetti/naabu-a-fast-and-efficient-port-scanning-tool-a5f8a4cf0641?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, hacking, bug-bounty10-Dec-2024
OAuth Account Hijacking via redirect_urihttps://osintteam.blog/oauth-account-hijacking-via-redirect-uri-ae8ca7a66930?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafébug-bounty, pentesting, bug-bounty-tips, information-security, cybersecurity10-Dec-2024
How i bypassed 403 forbidden (private method)https://medium.com/@reazatih/how-i-bypassed-403-forbidden-private-method-fc066c11f90f?source=rss------bug_bounty-5Re@Zacybersecurity, bug-bounty, penetration-testing, 403-forbidden, hacking10-Dec-2024
$50M Crypto Heist Linked to North Korean Hackers in Radiant Capital Attackhttps://medium.com/@wiretor/50m-crypto-heist-linked-to-north-korean-hackers-in-radiant-capital-attack-71be5b6515d7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, ai, crypto, bug-bounty, malware10-Dec-2024
Chinese Cyber Attack Targets European IT Firms Using Visual Studio Code for Supply-Chain…https://medium.com/@wiretor/chinese-cyber-attack-targets-european-it-firms-using-visual-studio-code-for-supply-chain-761a472b00b2?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, ai, bug-bounty, malware, hacking10-Dec-2024
Romanian Energy Supplier Electrica Hit by Ransomware Attack ⚡https://medium.com/@wiretor/romanian-energy-supplier-electrica-hit-by-ransomware-attack-8e1b3d8e453d?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, hacking, malware, romania, bug-bounty10-Dec-2024
OpenWrt Sys upgrade Flaw: Hackers Can Push Malicious Firmware Imageshttps://medium.com/@wiretor/openwrt-sys-upgrade-flaw-hackers-can-push-malicious-firmware-images-088a0d23a1b0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, openwrt, business, bug-bounty, hacking10-Dec-2024
Mastering Bug Bounty Recon: Essential Techniques for Ethical Hackershttps://medium.com/@verylazytech/mastering-bug-bounty-recon-essential-techniques-for-ethical-hackers-549c5b472975?source=rss------bug_bounty-5Very Lazy Techsubdomain-enumeration, bug-bounty, github-recon, ethical-hacking, bug-bounty-techniques10-Dec-2024
How I Bypassed OTP Like a Devil, Leading to Full Account Takeoverhttps://infosecwriteups.com/how-i-bypassed-otp-like-a-devil-leading-to-full-account-takeover-7bb7a673f7a0?source=rss------bug_bounty-5Ranjanaccount-takeover, bug-bounty, ethical-hacking, otp-bypass, hacking10-Dec-2024
How I Earned Over 100 Points on HackerOne with Email Spoofing.https://j0nasdias.medium.com/how-i-earned-over-100-points-on-hackerone-with-email-spoofing-1ae0c4bc6aba?source=rss------bug_bounty-5Jonas Dias Rebelopentest, vulnerability, email-spoofing, hackerone, bug-bounty10-Dec-2024
NASA P3 Google Dorkinghttps://cybersecuritywriteups.com/nasa-p3-google-dorking-6779970b6f03?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-writeup, cybersecurity, bug-bounty-tips, pentesting, bug-bounty09-Dec-2024
Vote Manipulation & Debug Exposure, Another Interesting Finding…https://medium.com/@josuofficial327/vote-manipulation-debug-exposure-another-interesting-finding-ec31f8cb939c?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuprogramming, bug-bounty-tips, penetration-testing, cybersecurity, bug-bounty09-Dec-2024
How I Exploited Amazon Cognito Misconfigurations to Access Confidential S3 Datahttps://1-day.medium.com/how-i-exploited-amazon-cognito-misconfigurations-to-access-confidential-s3-data-badb62cabfab?source=rss------bug_bounty-51daybug-bounty-writeup, writeup, pentesting, bug-bounty, aws09-Dec-2024
From Couch to Cloud: Bug Hunting Made Easy!https://udayshelke17-40981.medium.com/from-couch-to-cloud-bug-hunting-made-easy-993039c8208b?source=rss------bug_bounty-5sudo udayhacking, bug-bounty, cybersecurity, cloud-security, bug-bounty-tips09-Dec-2024
How I Earned $$$ | Open Redirectionhttps://medium.com/@A0X-Y0S3TRX/how-i-earned-open-redirection-c26e191dbff2?source=rss------bug_bounty-5A0X-Y0S3TRXbug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-program09-Dec-2024
The List of Top Penetration Testing as a Service (PTaaS) Platforms for 2024https://medium.com/@hackrate/the-list-of-top-penetration-testing-as-a-service-ptaas-platforms-for-2024-e04969614042?source=rss------bug_bounty-5Levente Molnarethical-hacking, cybersecurity, bug-bounty, hacking, penetration-testing09-Dec-2024
How I Exploited Amazon Cognito Misconfigurations to Access Confidential S3 Datahttps://awstip.com/how-i-exploited-amazon-cognito-misconfigurations-to-access-confidential-s3-data-badb62cabfab?source=rss------bug_bounty-51daybug-bounty-writeup, writeup, pentesting, bug-bounty, aws09-Dec-2024
VPS for Hackers: Top Picks for Bug Bounty and Cloud Pentesters Enthusiasts 2025https://hackerassociate.medium.com/vps-for-hackers-top-picks-for-bug-bounty-and-cloud-pentesters-enthusiasts-2025-195b17eea9f7?source=rss------bug_bounty-5Harshad Shahcybersecurity, bug-bounty, penetration-testing, infosec, vps09-Dec-2024
Exposed Prometheus Server Endpointhttps://osintteam.blog/exposed-prometheus-server-endpoint-cfb8e82e441b?source=rss------bug_bounty-5AbhirupKonwarpentesting, bug-bounty, bug-bounty-writeup, vulnerability-management, bug-bounty-tips09-Dec-2024
2.9 Billion Records Compromised in NPD Breach: The Largest Data Leak Ever!https://medium.com/@wiretor/2-9-billion-records-compromised-in-npd-breach-the-largest-data-leak-ever-9edaa25d362c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, ransomware, bug-bounty, breach, malware09-Dec-2024
One Phishing Hit Leads to Massive Breach: 11K Children’s Data Exposedhttps://medium.com/@wiretor/one-phishing-hit-leads-to-massive-breach-11k-childrens-data-exposed-f8bb80abc574?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesphising, business, malware, bug-bounty, hacking09-Dec-2024
Eight Suspected Phishers Arrested in Belgium, Netherlands for Multi-Million Euro Fraud Schemehttps://medium.com/@wiretor/eight-suspected-phishers-arrested-in-belgium-netherlands-for-multi-million-euro-fraud-scheme-2df2e53d1fe3?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, phishing, business, malware, scam09-Dec-2024
How to Earn Money with Bug Bounties and Other Platformshttps://medium.com/@tuteja_lovish/how-to-earn-money-with-bug-bounties-and-other-platforms-6a248db1a94d?source=rss------bug_bounty-5Lovish Kumarsecurity-token, bugs, bug-bounty, security, bounties09-Dec-2024
QR Codes Bypass Browser Isolation for Malicious C2 Communication ️https://medium.com/@wiretor/qr-codes-bypass-browser-isolation-for-malicious-c2-communication-%EF%B8%8F-6dddc201d532?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, hacking, business, bug-bounty, qr-code09-Dec-2024
Server Security Misconfiguration: Misconfigured DNS — High-Impact Subdomain Takeover (P2)https://medium.com/@mathewskuruvila32/server-security-misconfiguration-misconfigured-dns-high-impact-subdomain-takeover-p2-cb9e7ccadf2d?source=rss------bug_bounty-5Mathews kuruvilavulnerability, hacking, ethical-hacking, web-app-development, bug-bounty09-Dec-2024
The HackerOne-Wayback Machine Saga: An Unofficial Vulnerability or Just Public Oversight?https://huntrai.medium.com/the-hackerone-wayback-machine-saga-an-unofficial-vulnerability-or-just-public-oversight-22c1fb0112bb?source=rss------bug_bounty-5Aditya sunnybug-bounty, bugs, hacking09-Dec-2024
How I Discovered a Critical Vulnerability in WhatsApp’s Admin Systemhttps://huntrai.medium.com/how-i-discovered-a-critical-vulnerability-in-whatsapps-admin-system-ce0a3f2bbcb2?source=rss------bug_bounty-5Aditya sunnyinfosec, bug-bounty, hackerone, hacking, bugs09-Dec-2024
1-Click Account Takeover (ATO) via CORS Misconfigurationhttps://medium.com/@mohammed01550038865/1-click-account-takeover-ato-via-cors-misconfiguration-64dc26d24917?source=rss------bug_bounty-5Muhammed Mubarakhackerone, bugcrowd, bug-bounty-tips, ato, bug-bounty09-Dec-2024
From Dev to Disaster: My Hilarious First Attempt at Bug Bounties with Burp Suite Prohttps://medium.com/@zero_4583/from-dev-to-disaster-my-hilarious-first-attempt-at-bug-bounties-with-burp-suite-pro-20fddd3ad295?source=rss------bug_bounty-5Nathan Vincentbug-bounty, burpsuite, appsec, penetration-testing08-Dec-2024
Misconfigurations That Paid Me Big: How I Exploited Them (And How You Can Stop Me)https://systemweakness.com/misconfigurations-that-paid-me-big-how-i-exploited-them-and-how-you-can-stop-me-788a5375aa3c?source=rss------bug_bounty-5Akash Ghoshtechnology, bug-bounty, cybersecurity, bug-bounty-writeup, programming08-Dec-2024
$400 Bounty in 10 sechttps://systemweakness.com/400-bounty-in-10-sec-14d26c2976ec?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-writeup, pentesting, bug-bounty-tips, cybersecurity, bug-bounty08-Dec-2024
Critical Authentication Bypass & Account Takeover via Attacker’s MFA Codehttps://medium.com/@sharp488/critical-authentication-bypass-account-takeover-via-attackers-mfa-code-fadf36fe6e34?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty, information-technology, bug-bounty-writeup, bug-bounty-tips, information-security08-Dec-2024
WhiteLevel Error Page / Spring Boot Actuators Huntinghttps://0xshuvo.medium.com/whitelevel-error-page-spring-boot-actuators-hunting-b0290c4ccdbd?source=rss------bug_bounty-5Shuvo Kumar Sahabug-bounty-writeup, bug-bounty, infosec, bug-hunting, exploit08-Dec-2024
The Dark Side of AI: Inside PyTorch’s Unpatched Vulnerabilitieshttps://medium.com/@piyushbhor22/the-dark-side-of-ai-inside-pytorchs-unpatched-vulnerabilities-0d8ce74fc9b5?source=rss------bug_bounty-5Pi - The Kernel Panicmachine-learning, pytorch, zero-day, exploits-zero-day, bug-bounty08-Dec-2024
All About Pentesting & Securing Checkouts and Transactionshttps://infosecwriteups.com/all-about-pentesting-securing-checkouts-and-transactions-f7bb1de4fd7b?source=rss------bug_bounty-5Xcheaterbug-bounty, appsec, payment-gateway08-Dec-2024
Exploiting PHP Insecure Deserializationhttps://medium.com/@mayank_prajapati/exploiting-php-insecure-deserialization-2e301557f12f?source=rss------bug_bounty-5Mayank Kumar Prajapatibug-bounty, cybersecurity, red-team, ethical-hacking, penetration-testing08-Dec-2024
$200 Recon Bug Bountyhttps://medium.com/infosecmatrix/200-recon-bug-bounty-3538566b94dc?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, pentesting, bug-bounty-writeup, ethical-hacking, bug-bounty08-Dec-2024
The Ultimate Guide to Starting a Penetration Testing as a Service (PTaaS) Project for Your Companyhttps://medium.com/@hackrate/the-ultimate-guide-to-starting-a-penetration-testing-as-a-service-ptaas-project-for-your-company-5d7919eed353?source=rss------bug_bounty-5Levente Molnarbug-bounty, hacking, penetration-testing, ethical-hacking, cybersecurity08-Dec-2024
PoC: Bypass Input with SQL Injection to Gaining Information in SMK Maarif Terpadu Cicalengka and…https://medium.com/@baracarlo/poc-bypass-input-with-sql-injection-to-gaining-information-in-smk-maarif-terpadu-cicalengka-and-51d56cfbbd60?source=rss------bug_bounty-5Baradikasql-injection, cybersecurity, bug-hunting, bug-bounty08-Dec-2024
How I Found Info disclosure vulnerability?https://doordiefordream.medium.com/how-i-found-info-disclosure-vulnerability-32fa9e9b9a45?source=rss------bug_bounty-5Bug hunter baluethical-hacking, hacking, cybersecurity, bug-bounty, web308-Dec-2024
Russia’s ‘BlueAlpha’ APT Hides in Cloudflare Tunnelshttps://medium.com/@wiretor/russias-bluealpha-apt-hides-in-cloudflare-tunnels-7d7372615241?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, malware, business, russia08-Dec-2024
Top 5 Must-Read Books to Master Web Penetration Testing (Beginners & Beyond)https://medium.com/@verylazytech/top-5-must-read-books-to-master-web-penetration-testing-beginners-beyond-9bf99651445f?source=rss------bug_bounty-5Very Lazy Techhacking, bug-bounty, penetration-testing, web-development, web-penetration-testing08-Dec-2024
How I Found a Critical Vulnerability and Earned $4,000 in Bug Bounty Huntinghttps://medium.com/@zack0x01_/how-i-found-a-critical-vulnerability-and-earned-4-000-in-bug-bounty-hunting-2ce4a1227fdc?source=rss------bug_bounty-5zack0x01idor, cybersecurity, bug-bounty, hacking08-Dec-2024
Mastering Git Conflicts: A Developer’s Guide to Seamless Merges ️⚡https://rajuhemanth456.medium.com/mastering-git-conflicts-a-developers-guide-to-seamless-merges-%EF%B8%8F-19718b819da0?source=rss------bug_bounty-5Hemanth Rajubug-bounty, coding, software-development, interview, github08-Dec-2024
Privilege Escalation via Impersonation Features featurehttps://medium.com/@0x_xnum/privilege-escalation-via-impersonation-features-feature-c49cf3a3dc03?source=rss------bug_bounty-5Ahmed Tarekprivilege-escalation, hacking, bug-bounty-tips, bug-bounty, pentesting08-Dec-2024
Mastering Internet Scanning: How to Use ZMap and Censys for Ethical Hacking — Part 1https://systemweakness.com/mastering-internet-scanning-how-to-use-zmap-and-censys-for-ethical-hacking-part-1-2ca54401e2e0?source=rss------bug_bounty-5hacker_mightreconnaissance, recon, ip-security, zmap, bug-bounty08-Dec-2024
Unlocking Cybersecurity with Censys: A Guide to Ethical Hacking, Bug Bounties, and Pentesting —…https://systemweakness.com/unlocking-cybersecurity-with-censys-a-guide-to-ethical-hacking-bug-bounties-and-pentesting-4e1c6e4358c3?source=rss------bug_bounty-5hacker_mightfun, bug-bounty, recon, censys, osint08-Dec-2024
Mastering Subdomain Visualization: Using Aquatone for Effective Reconnaissanchttps://medium.com/@kalkumbe7745/mastering-subdomain-visualization-using-aquatone-for-effective-reconnaissanc-6409c7846c2c?source=rss------bug_bounty-5Rutvik Kalkumbeethical-hacking, cybersecurity, bug-bounty, security, aquatone08-Dec-2024
How I Test for Cross-Site Scriptinghttps://osintteam.blog/how-i-test-for-cross-site-scripting-9262de5e949d?source=rss------bug_bounty-5Cybersec with Hemmarswriting, technology, cybersecurity, bug-bounty08-Dec-2024
My First Bounty of ₹₹₹https://osintteam.blog/my-first-bounty-of-37c2d40cbdd9?source=rss------bug_bounty-5cryptoshantpassword-reset, bug-bounty, journey, cybersecurity, hacking07-Dec-2024
From Low Privileges to Owner Rights: A Wild Journey Through an ATO Vulnerabilityhttps://medium.com/@mrasg/from-low-privileges-to-owner-rights-a-wild-journey-through-an-ato-vulnerability-cb21c468634c?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty-tips, bug-bounty-writeup, cybersecurity, hacking, bug-bounty07-Dec-2024
P3 Bug in Few Minuteshttps://medium.com/meetcyber/p3-bug-in-few-minutes-006f57913f71?source=rss------bug_bounty-5AbhirupKonwarpentesting, cybersecurity, bug-bounty, infosec, bug-bounty-tips07-Dec-2024
How I Found an ATO Vulnerability in Stripe Program in an Overlooked Cornerhttps://medium.com/@mrasg/how-i-found-an-ato-vulnerability-in-stripe-program-in-an-overlooked-corner-dce7d2cdaaf9?source=rss------bug_bounty-5Ahmed Samir Ghallabsecurity, bug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty07-Dec-2024
How to Make a Clickjacking Vulnerability Scanner with Pythonhttps://infosecwriteups.com/how-to-make-a-clickjacking-vulnerability-scanner-with-python-a53f48e70b58?source=rss------bug_bounty-5Muhammad Abdullahipython, cybersecurity, bug-bounty, hacking, python-programming07-Dec-2024
Beyond signUP OR resetPassword || Send , Confirm AND Setting !https://medium.com/@0xAwali/beyond-signup-or-resetpassword-send-confirm-and-setting-d153f3ab6e17?source=rss------bug_bounty-5Mahmoud M. Awaliweb-security, bug-bounty07-Dec-2024
5 Ways I Got RCE’s In the Wildhttps://medium.com/@red.whisperer/5-ways-i-got-rces-99a78901ba33?source=rss------bug_bounty-5Chuxcybersecurity, hacking, bug-bounty, technology, programming07-Dec-2024
Code Flaws and Consequences: The Bug That Exposed PIIhttps://medium.com/@CANITEY/code-flaws-and-consequences-the-bug-that-exposed-pii-3de5251e1484?source=rss------bug_bounty-5CANITEYpenetration-testing, bugbounty-writeup, pentesting, cybersecurity, bug-bounty07-Dec-2024
When One Isn’t Enough: Multiple SQL Injections Found in 1 VDPhttps://osintteam.blog/when-one-isnt-enough-multiple-sql-injections-found-in-1-vdp-f45de0b4c674?source=rss------bug_bounty-5#$ubh@nk@rhackerone, infosec, sql-injection, bug-bounty, web-security07-Dec-2024
Ransomware Breach Exposes 310K Patient Records at Anna Jaques Hospitalhttps://medium.com/@wiretor/ransomware-breach-exposes-310k-patient-records-at-anna-jaques-hospital-8548c120ad63?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, hacking, bug-bounty, business, malware07-Dec-2024
Ultralytics AI Supply Chain Breach: Cryptominer Infects Thousands!https://medium.com/@wiretor/ultralytics-ai-supply-chain-breach-cryptominer-infects-thousands-5a0d82d1c32e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmachine-learning, hacking, bug-bounty, malware, ai07-Dec-2024
New Windows Zero-Day Alert: NTLM Credentials at Risk!https://medium.com/@wiretor/new-windows-zero-day-alert-ntlm-credentials-at-risk-ad6256807d0c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, bug-bounty-tips, windows, hacking07-Dec-2024
Police Shut Down Manson Cybercrime Market & Arrest Key Suspects!https://medium.com/@wiretor/police-shut-down-manson-cybercrime-market-arrest-key-suspects-29bdcbaae6cf?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, bus, bug-bounty, malware, manson07-Dec-2024
11 Must-Read Blogs to Understand IDORhttps://saminbinh.medium.com/11-best-blogs-to-learn-idor-7769511d5e05?source=rss------bug_bounty-5SAMIN BIN HUMAYUNinformation-technology, cybersecurity, bug-bounty, idor, idor-vulnerability07-Dec-2024
How I discovered my first CVEhttps://medium.com/@zumiyumi/how-i-discovered-my-first-cve-7b1e2987326c?source=rss------bug_bounty-5Zumi Yumibug-bounty, xss-attack, cve, code-review, cybersecurity07-Dec-2024
Hackers Aren’t Built by Tools — They Build the Toolshttps://shuvonsec.medium.com/hackers-arent-built-by-tools-they-build-the-tools-6581f38dbb34?source=rss------bug_bounty-5Shariar Shahnawaz Shuvonhacking, bug-bounty, information-security, cybersecurity, bug-bounty-tips07-Dec-2024
Why Are You Not Identifying Bugs in Website 2025https://osintteam.blog/why-are-you-not-identifying-bugs-in-website-2025-8ff218815b7d?source=rss------bug_bounty-5Tahir Ayoubhacking, cyber-security-awareness, bug-bounty-tips, bug-bounty, hackathons06-Dec-2024
How I Found 3x XSS in 6 Seconds! Without Automated Toolshttps://medium.com/@embossdotar/how-i-found-3x-xss-in-6-seconds-without-automated-tools-b0c852dea66f?source=rss------bug_bounty-5embossdotarcybersecurity-awareness, hacking, bug-bounty, cybersecurity, ethical-hacking06-Dec-2024
10 RXSS on HackerOne VDPshttps://medium.com/infosecmatrix/10-rxss-on-hackerone-vdps-5162d3ee42af?source=rss------bug_bounty-5AbhirupKonwarinfosec, cybersecurity, xss-attack, bug-bounty, pentesting06-Dec-2024
From Newbie to Pro: My Journey to a $3,000 Bug Bountyhttps://myselfakash20.medium.com/from-newbie-to-pro-my-journey-to-a-3-000-bug-bounty-61abe935e3db?source=rss------bug_bounty-5Akash Ghoshtechnology, bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips06-Dec-2024
The Art of Pwning Okta For Profit and Funhttps://whoisshuvam.medium.com/the-art-of-pwning-okta-for-profit-and-fun-075dedbc4715?source=rss------bug_bounty-5Suvam Adhikaribug-bounty-tips, cybersecurity, info-sec-writeups, bug-bounty, hackerone06-Dec-2024
“The Hidden GPS Threat: Unstripped Metadata on Redacted.com led 5K Rubel in bounties” ️‍♂️https://infosecwriteups.com/the-hidden-gps-threat-unstripped-metadata-on-redacted-com-led-5k-rubel-in-bounties-%EF%B8%8F-%EF%B8%8F-fd044d2031b6?source=rss------bug_bounty-5JEETPALbug-bounty, bug-bounty-writeup, exif-data, cybersecurity, bugbounty-tips06-Dec-2024
10 Essential Tips for Bug Bounty Beginners: A Fun, Practical, and Slightly Cheeky Guide to Kicking…https://medium.com/@mrasg/10-essential-tips-for-bug-bounty-beginners-a-fun-practical-and-slightly-cheeky-guide-to-kicking-c7da8a9b1b31?source=rss------bug_bounty-5Ahmed Samir Ghallabhacking, cybersecurity, penetration-testing, bug-bounty, bug-bounty-tips06-Dec-2024
Atrium Health Data Breach Impacts 585,000 People: Why Healthcare Cybersecurity Needs Immediate…https://medium.com/@wiretor/atrium-health-data-breach-impacts-585-000-people-why-healthcare-cybersecurity-needs-immediate-38a479e96e39?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, marketing, business, malware06-Dec-2024
️ BREAKING: U.S. Arrests Scattered Spider Suspect Behind Telecom Hacks & Phishing Scams ️https://medium.com/@wiretor/%EF%B8%8F-breaking-u-s-arrests-scattered-spider-suspect-behind-telecom-hacks-phishing-scams-%EF%B8%8F-cd44ea215b09?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, business, ransomware, malware, hacking06-Dec-2024
Now let’s set Frida For SSL Pinning Bypass.https://aman0.medium.com/now-lets-set-frida-for-ssl-pinning-bypass-9ee8ae11b7b5?source=rss------bug_bounty-5Aman Hpenetration-testing, bug-bounty, mobile-app-development, infosec, hacking06-Dec-2024
List of Top Bug Bounty Platforms for 2024https://medium.com/@hackrate/list-of-top-bug-bounty-platforms-for-2024-fc31553c2e78?source=rss------bug_bounty-5Levente Molnarpenetration-testing, cybersecurity, vulnerability, bug-bounty, ethical-hacking06-Dec-2024
Path Traversal Vulnerabilities in Web Applications: Understanding CVE-2024–9935 and How to Protect…https://chintalatarakaram.medium.com/path-traversal-vulnerabilities-in-web-applications-understanding-cve-2024-9935-and-how-to-protect-40de3cca8ac8?source=rss------bug_bounty-5Chintala Taraka Ramvulnerability, bug-bounty, python, education, web-development06-Dec-2024
How I Found 3x XSS in 6 Seconds! Without Automated Toolshttps://medium.com/meetcyber/how-i-found-3x-xss-in-6-seconds-without-automated-tools-b0c852dea66f?source=rss------bug_bounty-5embossdotarcybersecurity-awareness, hacking, bug-bounty, cybersecurity, ethical-hacking06-Dec-2024
A01: Broken Access Control and A05: Security Misconfiguration Leads to Unauthenticated Access to…https://medium.com/@enigma_/a01-broken-access-control-and-a05-security-misconfiguration-leads-to-unauthenticated-access-to-0897e3bec491?source=rss------bug_bounty-5enigmacybersecurity, bug-bounty, vulnerability, penetration-testing, ethical-hacking06-Dec-2024
How I Turned a Low-Hanging Fruit Bug Into Mass Unauthorized Deletion of Invited Membershttps://medium.com/@ahmedsamirghallab/how-i-turned-a-low-hanging-fruit-bug-into-mass-unauthorized-deletion-of-invited-members-6f195deffe11?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty, bug-bounty-tips, bug-bounty-writeup, hacking, penetration-testing05-Dec-2024
How To Find Sensitive Log Files Easily..https://medium.com/@josuofficial327/how-to-find-sensitive-log-files-easily-1dd14bb5f221?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuethical-hacking, vulnerability, bug-bounty-tips, bug-bounty-writeup, bug-bounty05-Dec-2024
Mission: Exploit – Advanced Bug Bounty Techniques Inspired by James Bondhttps://bitpanic.medium.com/mission-exploit-advanced-bug-bounty-techniques-inspired-by-james-bond-a891ee3d0ef9?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, bug-bounty, cybersecurity, programming, technology05-Dec-2024
How I Achieved a Full Account Takeover Through Information Disclosurehttps://medium.com/@ahmedsamirghallab/how-i-achieved-a-full-account-takeover-through-information-disclosure-16c6f697b76e?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty-tips, penetration-testing, bug-bounty-writeup, bug-bounty, cybersecurity05-Dec-2024
How Note-Taking and Hacktivity Analysis Led to Privilege Escalationhttps://medium.com/@ahmedsamirghallab/how-note-taking-and-hacktivity-analysis-led-to-privilege-escalation-627aaf3bbd84?source=rss------bug_bounty-5Ahmed Samir Ghallabpentesting, bug-bounty-tips, bug-bounty-writeup, security, bug-bounty05-Dec-2024
Unveiling the Unseen: A Journey from Simple Recon Using Shodan to Leaking AWS Secretshttps://medium.com/@security.tecno/unveiling-the-unseen-a-journey-from-simple-recon-using-shodan-to-leaking-aws-secrets-bc7bed1ad16f?source=rss------bug_bounty-5TECNO Securityhacking, security, writing, bug-bounty05-Dec-2024
How Note-Taking and Hacktivity Analysis Led to Privilege Escalationhttps://medium.com/@mrasg/how-note-taking-and-hacktivity-analysis-led-to-privilege-escalation-627aaf3bbd84?source=rss------bug_bounty-5Ahmed Samir Ghallabpentesting, bug-bounty-tips, bug-bounty-writeup, security, bug-bounty05-Dec-2024
How I Achieved a Full Account Takeover Through Information Disclosurehttps://medium.com/@mrasg/how-i-achieved-a-full-account-takeover-through-information-disclosure-16c6f697b76e?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty-tips, penetration-testing, bug-bounty-writeup, bug-bounty, cybersecurity05-Dec-2024
How I Turned a Low-Hanging Fruit Bug Into Mass Unauthorized Deletion of Invited Membershttps://medium.com/@mrasg/how-i-turned-a-low-hanging-fruit-bug-into-mass-unauthorized-deletion-of-invited-members-6f195deffe11?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty, bug-bounty-tips, bug-bounty-writeup, hacking, penetration-testing05-Dec-2024
How Two Hardcoded Credentials Led To Payment System Takeover, Exposed 20,000 Credit Cards & Enabled…https://medium.com/@Berserker1337/how-two-hardcoded-credentials-led-to-payment-system-takeover-exposed-20-000-credit-cards-enabled-04b0ac232786?source=rss------bug_bounty-5Berserkerbug-hunting, bug-bounty, writeup, cybersecurity, web-security05-Dec-2024
Fix “Failed to load BApp” Burp Suite Extensions!https://medium.com/@d3vilz50n/fix-failed-to-load-bapp-burp-suite-extensions-923efa10659d?source=rss------bug_bounty-5d3vilz50nhacking-tools, hacking, fix, bug-bounty, burpsuite05-Dec-2024
How I Earned My First Bug Bounty: A Beginner’s Storyhttps://medium.com/@kingstar75114/how-i-earned-my-first-bug-bounty-a-beginners-story-58e8a3023cc6?source=rss------bug_bounty-5TehanG07bugs, bug-hunting, bug-bounty-tips, bug-bounty, bug-hunter05-Dec-2024
Correct Innerstanding + Overstandinghttps://medium.com/@onelovemafia/correct-innerstanding-overstanding-8d3cfd9baa7d?source=rss------bug_bounty-5OneLoveMafiadeep-learning, mysticism, bug-bounty, game-development, zen05-Dec-2024
Earn $10,000 XSS in Android Apps Scratch to Advance.https://medium.com/@anandrishav2228/earn-10-000-xss-in-android-apps-scratch-to-advance-cb3aa6c2b98f?source=rss------bug_bounty-5Rishav anandhacking, bug-bounty, cybersecurity, xss-attack, money05-Dec-2024
AZEx Testnet Campaign is LIVEhttps://medium.com/@AZEX.io/azex-testnet-campaign-is-live-ac553c18af8a?source=rss------bug_bounty-5AZEXberachain, bug-bounty, testnet, dois, azex05-Dec-2024
How I Exploited Passkey to Gain Unauthorized Access and TakeOver Invited Accountshttps://medium.com/@mrasg/how-i-exploited-passkey-to-gain-unauthorized-access-and-takeover-invited-accounts-b8b4547ffe70?source=rss------bug_bounty-5Ahmed Samir Ghallabpenetration-testing, pentesting, bug-bounty-tips, bug-bounty-writeup, bug-bounty05-Dec-2024
How I Broke Into My Dev Friend’s Website in Less Than 24 Hourhttps://infosecwriteups.com/how-i-broke-into-my-dev-friends-website-in-less-than-24-hour-6fdb31ad65a1?source=rss------bug_bounty-5sM0ky4hacking, bug-bounty, cyberattack, cybersecurity, bug-bounty-writeup05-Dec-2024
The Story of How I Hacked an International University in Indonesiahttps://infosecwriteups.com/the-story-of-how-i-hacked-an-international-university-in-indonesia-ec819a8c8fc0?source=rss------bug_bounty-5JCbug-bounty-tips, infosec, cybersecurity, bug-bounty-writeup, bug-bounty05-Dec-2024
Penetration Testing on Steroids: Revolutionizing Ethical Hacking with Hackrate and HackGATEhttps://medium.com/@hackrate/penetration-testing-on-steroids-revolutionizing-ethical-hacking-with-hackrate-and-hackgate-7edaf7244075?source=rss------bug_bounty-5Levente Molnarcybersecurity, penetration-testing, ethical-hacking, cybersecurity-news, bug-bounty05-Dec-2024
Practical Bug Bounty — TCM Academy | Report writing, Bypass, Best Programs.https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-report-writing-bypass-best-programs-710516804f53?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamipenetration-testing, cybersecurity, ethical-hacking, web-penetration-testing, bug-bounty05-Dec-2024
Chinese Hackers Salt Typhoon Breach Global Telecom Networkshttps://medium.com/@wiretor/chinese-hackers-salt-typhoon-breach-global-telecom-networks-00b40e0ce07e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicestelecom, bug-bounty, business, hacking, networking05-Dec-2024
New DroidBot Malware Targets 77 Banking & Crypto Apps!https://medium.com/@wiretor/new-droidbot-malware-targets-77-banking-crypto-apps-1b5105a66625?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbots, hacking, bug-bounty, business, malware05-Dec-2024
UK Cracks Down on Russian Money Laundering Networkshttps://medium.com/@wiretor/uk-cracks-down-on-russian-money-laundering-networks-4dfae89f9000?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, uk, business, malware, bug-bounty05-Dec-2024
⚠️ Critical Zero-Day Uncovered: Mitel MiCollab Wide Open to Attackers! ⚠️https://medium.com/@wiretor/%EF%B8%8F-critical-zero-day-uncovered-mitel-micollab-wide-open-to-attackers-%EF%B8%8F-cdc36da3552e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, zero-day, business, programming05-Dec-2024
Bug Huntinghttps://medium.com/meetcyber/bug-hunting-ff366260d8df?source=rss------bug_bounty-5Nazrul Islam Ranabug-hunting, platform, hacker, xx, bug-bounty05-Dec-2024
From Frustration to Exploitation: How a Link Shortener Helped Me Bypass WAFhttps://imooaaz.medium.com/from-frustration-to-exploitation-how-a-link-shortener-helped-me-bypass-waf-03724dca1592?source=rss------bug_bounty-5Moaaz Afifibug-bounty, bugs, bug-bounty-tips, bug-bounty-writeup, cybersecurity05-Dec-2024
How I Climbed to #1 Hackerhttps://medium.com/@CipherHawk/how-i-climbed-to-1-hacker-ffb52e2799c3?source=rss------bug_bounty-5CipherHawknetworking, bug-bounty-tips, cybersecurity, hacking, bug-bounty04-Dec-2024
Modern Security Vulnerabilities: Lessons from Recent Breacheshttps://medium.com/@SakshifromKushoAI/modern-security-vulnerabilities-lessons-from-recent-breaches-b925a6928bbf?source=rss------bug_bounty-5Sakshi from KushoAIsecure-coding, cybersecurity, bug-bounty, app-security, data-breach04-Dec-2024
Path Traversal, bypass file extension validation with null byteshttps://medium.com/@sulthanyluthfi/path-traversal-bypass-file-extension-validation-with-null-bytes-0cedc4fb53f5?source=rss------bug_bounty-5Luthfi Sulthanycybersecurity, bug-bounty, burpsuite, penetration-testing, path-traversal04-Dec-2024
Firebase URL Exploitation: Taking Over Android Databases Like a Pro!https://infosecwriteups.com/firebase-url-exploitation-taking-over-android-databases-like-a-pro-79a00844496d?source=rss------bug_bounty-5JEETPALbug-bounty, android, cybersecurirty, bug-bounty-tips, bugbountywriteup04-Dec-2024
How to Bypass Firewalls and IDS on Filtered Ports: The Ultimate Step-by-Step Guide to Advanced…https://medium.com/@shaikhminhaz1975/how-to-bypass-firewalls-and-ids-on-filtered-ports-the-ultimate-step-by-step-guide-to-advanced-9cb238d66450?source=rss------bug_bounty-5Shaikh Minhazfirewall, step-by-step-guide, cybersecurity, bug-bounty, penetration-testing04-Dec-2024
Critical RCE Vulnerability in Veeam Service Provider Console — Update Now! ️https://medium.com/@wiretor/critical-rce-vulnerability-in-veeam-service-provider-console-update-now-%EF%B8%8F-1e147e98458b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, hacking, rce, business04-Dec-2024
Critical RCE Flaw Discovered in WhatsUp Gold (CVE-2024–8785) — Update Immediately! ️https://medium.com/@wiretor/critical-rce-flaw-discovered-in-whatsup-gold-cve-2024-8785-update-immediately-%EF%B8%8F-8b6e69c183ab?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, bug-bounty, ransomware, malware, rce04-Dec-2024
Backdoor Discovered in Solana’s Web3.js npm Library: Crypto Wallets at Riskhttps://medium.com/@wiretor/backdoor-discovered-in-solanas-web3-js-npm-library-crypto-wallets-at-risk-605bcb02a292?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, solana-network, business, malware, bug-bounty04-Dec-2024
CORS Implementation & Various Headers, CORS series (Part 2)https://medium.com/@vipulparveenjain/cors-implementation-various-headers-cors-series-part-2-895a04ef481d?source=rss------bug_bounty-5Vipul Jainbug-bounty, cors-vulnerability, cross-origin-resource, web-security, hacking04-Dec-2024
Bug Bounty Methodology Checklist for Web Applications (B2B Apps)https://thexssrat.medium.com/bug-bounty-methodology-checklist-for-web-applications-b2b-apps-b876a20236d0?source=rss------bug_bounty-5Thexssratbug-bounty-tips, hacker, bug-bounty, hacks, hacking04-Dec-2024
My Experience at the 2024 FIRST & AfricaCERT Symposium: A CyberGirl’s Perspective- Part Finalhttps://medium.com/@.rai/my-experience-at-the-2024-first-africacert-symposium-a-cybergirls-perspective-part-final-b190349785b4?source=rss------bug_bounty-5Gamuchiraiforensics, osint, bug-bounty, open-source, digital-marketing04-Dec-2024
SQL injection UNION attack, finding a column containing texthttps://medium.com/@Laxious8848/sql-injection-union-attack-finding-a-column-containing-text-10a0e36cc062?source=rss------bug_bounty-5Laxioussql-injection, web-penetration-testing, union-based-sql-injection, bug-bounty, web-pen-testing04-Dec-2024
Why Penetration Testing as a Service (PTaaS) Outperforms Traditional Pentest Providershttps://medium.com/@hackrate/why-penetration-testing-as-a-service-ptaas-outperforms-traditional-pentest-providers-7b1e6b0a6d0a?source=rss------bug_bounty-5Levente Molnarcybersecurity, ethical-hacking, bug-bounty, penetration-testing03-Dec-2024
Bug Bounty Tips Series: 10 Ways To Find HTTP Host Header Injection Vulnerabilityhttps://medium.com/@alishoaib5929/bug-bounty-tips-series-10-ways-to-find-http-host-header-injection-vulnerability-1ad56c9dddd2?source=rss------bug_bounty-5Shoaib Aliweb-hacking, bug-bounty, bug-bounty-writeup, bug-bounty-tips, web-security03-Dec-2024
The Art of Blind Command Injection: Unlocking Internal Secretshttps://medium.com/@yogeshbhandage/the-art-of-blind-command-injection-unlocking-internal-secrets-917daa755463?source=rss------bug_bounty-5Yogesh Bhandagebug-bounty, bug-bounty-tips, hacking, penetration-testing, command-injection03-Dec-2024
20 Bug Bounty CrowdSourced Platformshttps://systemweakness.com/20-bug-bounty-crowdsourced-platforms-a4c486c85671?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, pentesting, infosec, ethical-hacking, bug-bounty03-Dec-2024
Practical Bug Bounty — TCM Academy | Other Common Vulnerabilitieshttps://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-other-common-vulnerabilities-433dc6b1b3bc?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamipenetration-testing, ethical-hacking, bug-bounty, cybersecurity, tcm-academy03-Dec-2024
Story Of 15 Vulnerabilities in one public BBP !https://medium.com/@Ahmex000/story-of-15-vulnerabilities-in-one-buplic-bbp-561e68213991?source=rss------bug_bounty-5Ahmex000bug-bounty-hunter, bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips03-Dec-2024
Critical Bug: Deny Sign-In & Steal Sensitive Info on Behalf of Victimshttps://infosecwriteups.com/critical-bug-deny-sign-in-steal-sensitive-info-on-behalf-of-victims-cad4ced9227d?source=rss------bug_bounty-5JEETPALcybersecurity, bugbounty-tips, auth-bypass, bug-bounty, bug-bounty-writeup03-Dec-2024
Ensuring Comprehensive Ethical Hacking with Penetration Testing as a Servicehttps://medium.com/@hackrate/ensuring-comprehensive-ethical-hacking-with-penetration-testing-as-a-service-9b67734f46cd?source=rss------bug_bounty-5Levente Molnarethical-hacking, penetration-testing, bug-bounty, cybersecurity03-Dec-2024
Tricky & Simple EXIF protection Bypasshttps://saurabhsanmane.medium.com/tricky-simple-exif-protection-bypass-5d0babd908f3?source=rss------bug_bounty-5Saurabh sanmanebug-bounty, information-disclosure, vulnerability, ethical-hacking, cybersecurity03-Dec-2024
Exploring Lightning Bounties: The Intersection of Open-Source and Bitcoinhttps://medium.com/@mabramo11/exploring-lightning-bounties-the-intersection-of-open-source-and-bitcoin-8555c6403310?source=rss------bug_bounty-5Mike Abramobug-bounty, lightning-bounties, open-source, bitcoin, lightning-network03-Dec-2024
Cisco Warns of Attacks Exploiting Decade-Old ASA Vulnerabilityhttps://medium.com/@wiretor/cisco-warns-of-attacks-exploiting-decade-old-asa-vulnerability-11462bd60f7b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesprogramming, business, hacking, bug-bounty, cisco03-Dec-2024
Energy Sector Contractor ENGlobal Targeted in Ransomware Attackhttps://medium.com/@wiretor/energy-sector-contractor-englobal-targeted-in-ransomware-attack-a56112b119d3?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, energy, business, bug-bounty, malware03-Dec-2024
Docker/Kubernetes (K8s)Penetration Testing Checklisthttps://infosecwriteups.com/docker-kubernetes-k8s-penetration-testing-checklist-4d0a13c38495?source=rss------bug_bounty-5Ajay Naikpenetration-testing, bug-bounty, docker, kubernetes, cybersecurity03-Dec-2024
How to Create an Android Payload in Just 1 Minute | Ethical Hackinghttps://bjamali.medium.com/how-to-create-an-android-payload-in-just-1-minute-ethical-hacking-bc109b368909?source=rss------bug_bounty-5Babar Ali Jamalipenetration-testing, ethical-hacking, android, bug-bounty, cybersecurity03-Dec-2024
Crack the Code: Earn Up to $500K in InceptionLRT’s Bug Bounty Programhttps://medium.com/@InceptionLRT/crack-the-code-earn-up-to-500k-in-inceptionlrts-bug-bounty-program-3b5d2feb6ed6?source=rss------bug_bounty-5InceptionLRTcrypto, restaking, bug-bounty, defi, ethereum03-Dec-2024
What is Cybersecurityhttps://twanstcodes.medium.com/what-is-cybersecurity-52e71fe7dfa2?source=rss------bug_bounty-5Twana Muhammedit, programming, cybersecurity, bug-bounty03-Dec-2024
Mastering Bug Bounty Hunting with White Rabbit Neo AIhttps://medium.com/@curiouskhanna/mastering-bug-bounty-hunting-with-white-rabbit-neo-ai-452a3bc3adce?source=rss------bug_bounty-5Shubham Khannahackerone, bug-bounty, ai, security-researchers03-Dec-2024
Python — Program Security Headershttps://medium.com/@ibnu.rusdianto55/python-program-security-headers-966786261d5f?source=rss------bug_bounty-5Ibnu Rusdiantopython, bug-bounty, security-header, indonesia, keamanan-siber03-Dec-2024
How I got access to Credentials easilyhttps://medium.com/infosecmatrix/how-i-got-access-to-credentials-easily-00ced4ba15bd?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, cybersecurity, ethical-hacking, google-dork, pentest02-Dec-2024
How to Master Advanced Threat Huntinghttps://medium.com/@paritoshblogs/how-to-master-advanced-threat-hunting-bcfb9d1e159c?source=rss------bug_bounty-5Paritoshcybersecurity, threat-hunting, hacking, ai, bug-bounty02-Dec-2024
CTFLearn Series| Challenge 96 : Forensics 101 — Walkthroughhttps://medium.com/@rishikeshkhot26/ctflearn-series-challenge-96-forensics-101-walkthrough-13100d9f45fb?source=rss------bug_bounty-5Rishikesh_Khothacking, forensics, bug-bounty, capture-the-flag, cybersecurity02-Dec-2024
Some Easiest P4 Bugshttps://icecream23.medium.com/some-easiest-p4-bugs-561cd710a7e1?source=rss------bug_bounty-5Aman Bhuiyanethical-hacking, bugbounty-tips, bug-bounty, p4-bugs, bug-hunter02-Dec-2024
All UPI IDs in India have Predictable Patterns that allow the disclosure of mail IDs!https://infosecwriteups.com/all-upi-ids-in-india-have-predictable-patterns-that-allow-the-disclosure-of-mail-ids-eede37a35758?source=rss------bug_bounty-5JEETPALupi, cybersecurity, bugbounty-tips, bug-bounty, bug-bounty-writeup02-Dec-2024
Command Injection: Mastering Exploitation Techniques with a Comprehensive Cheatsheethttps://medium.com/@verylazytech/command-injection-mastering-exploitation-techniques-with-a-comprehensive-cheatsheet-6f549fee46b8?source=rss------bug_bounty-5Very Lazy Techethical-hacking, command-injection, cybersecurity, bug-bounty, oscp02-Dec-2024
$3 Billion Crypto Exchange XT Allegedly Hackedhttps://medium.com/@wiretor/3-billion-crypto-exchange-xt-allegedly-hacked-c560c9572168?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicescrypto, xt, malware, bug-bounty, ransomeware02-Dec-2024
Hackers Steal $17 Million from Uganda’s Central Bankhttps://medium.com/@wiretor/hackers-steal-17-million-from-ugandas-central-bank-533dcbabbeff?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacked, ransomeware, bug-bounty, bank-hacked, malware02-Dec-2024
Small Bugs, Big Bounties: A Hacker’s Guide to Quick Winshttps://myselfakash20.medium.com/small-bugs-big-bounties-a-hackers-guide-to-quick-wins-46a75dbc3573?source=rss------bug_bounty-5Akash Ghoshprogramming, technology, bug-bounty, bug-bounty-tips, cybersecurity02-Dec-2024
Critical Vulnerability Discovered in Zabbix Network Monitoring Toolhttps://medium.com/@wiretor/critical-vulnerability-discovered-in-zabbix-network-monitoring-tool-df358293a1a9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomeware, malware, bug-bounty, zabbix, hacking02-Dec-2024
From File Upload To LFI: A Journey To Exploitationhttps://medium.com/@red.whisperer/from-file-upload-to-lfi-a-journey-to-exploitation-02ab5e1a7d0a?source=rss------bug_bounty-5Chuxbug-bounty, cybersecurity, hacking, ethical-hacking, infosec02-Dec-2024
Small Bugs, Big Bounties: A Hacker’s Guide to Quick Winshttps://infosecwriteups.com/small-bugs-big-bounties-a-hackers-guide-to-quick-wins-46a75dbc3573?source=rss------bug_bounty-5Akash Ghoshprogramming, hacking, technology, bug-bounty, cybersecurity02-Dec-2024
Unpacking an IDOR-Based Exploit in International Shipping (70 Million+ PII Data Breach)https://medium.com/@susapr/unpacking-an-idor-based-exploit-in-international-shipping-70-million-pii-data-breach-8c29cf33347d?source=rss------bug_bounty-5susaprbug-bounty-writeup, cybersecurity, data-breach, information-technology, bug-bounty02-Dec-2024
How I got my first Hall of Fame - Bug Bountyhttps://medium.com/@pranavrp77/how-i-got-my-first-hall-of-fame-bug-bounty-d296637e37dd?source=rss------bug_bounty-5Pranav Patilbug-bounty, hacking, bug-bounty-writeup, bug-bounty-tips, cybersecurity02-Dec-2024
Command Injection: Mastering Exploitation Techniques with a Comprehensive Cheatsheethttps://systemweakness.com/command-injection-mastering-exploitation-techniques-with-a-comprehensive-cheatsheet-6f549fee46b8?source=rss------bug_bounty-5Very Lazy Techethical-hacking, command-injection, cybersecurity, bug-bounty, oscp02-Dec-2024
Understanding the Scope: Navigating Website Pentesting and Bug Bounty Targetshttps://medium.com/@zero_4583/understanding-the-scope-navigating-website-pentesting-and-bug-bounty-targets-a6ab701df932?source=rss------bug_bounty-5Nathan Vincentappsec, bug-bounty, pentesting, scopes01-Dec-2024
Critical Account Takeover (MFA + Auth Bypass) due to Cookie Misconfigurationhttps://medium.com/@sharp488/critical-account-takeover-mfa-auth-bypass-due-to-cookie-misconfiguration-3ca7d1672f9d?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty, hackerone, information-security, bug-bounty-writeup, bug-bounty-tips01-Dec-2024
Week 4: A Drive to Recharge and Reconnecthttps://mokhansec.medium.com/week-4-a-drive-to-recharge-and-reconnect-4d0f8b7258d0?source=rss------bug_bounty-5Mohsin khanbug-bounty-writeup, bug-bounty-tips, bugs, cybersecurity, bug-bounty01-Dec-2024
From Minor Bug to Major DoS: My Journey with Web Cache Poisoninghttps://crunkcode.medium.com/from-minor-bug-to-major-dos-my-journey-with-web-cache-poisoning-4b721e5358f4?source=rss------bug_bounty-5Ayushkrweb-exploitation, web-cache-poisoning, bug-bounty, pentesting01-Dec-2024
Exploiting Facebook Ads: $2100 Bug Bounty for Role Management DoShttps://infosecwriteups.com/exploiting-facebook-ads-2100-bug-bounty-for-role-management-dos-afe09c1ecbb0?source=rss------bug_bounty-5Kiril Krivoguzfacebook, cybersecurity, hacking, information-security, bug-bounty01-Dec-2024
Smart Contract Funds Lost Due to Missing Address Validation: $80M in Danger!https://medium.com/@jeetpal2007/smart-contract-funds-lost-due-to-missing-address-validation-80m-in-danger-a4ec7d823a3f?source=rss------bug_bounty-5JEETPALsmartcontract-audit, cybsersecurity, zeroaddress, web3, bug-bounty01-Dec-2024
How I Discovered an API Security Issue: My First Bug Bounty Bloghttps://hackersatty.medium.com/how-i-discovered-an-api-security-issue-my-first-bug-bounty-blog-7deec48453ff?source=rss------bug_bounty-5hackersattybug-bounty, hackersatty, bug-bounty-writeup, swagger-ui, api-security01-Dec-2024
Hack IOT devices to earn $100–$200 in an hour.https://medium.com/@anandrishav2228/hack-iot-devices-to-earn-100-200-in-an-hour-f211a54e87f3?source=rss------bug_bounty-5Rishav anandcybersecurity, penetration-testing, money, bug-bounty, iot01-Dec-2024
Ketika Validasi MIME Type Tak Cukup: Perbaikan Aman untuk Upload Filehttps://medium.com/@ferizco/ketika-validasi-mime-type-tak-cukup-perbaikan-aman-untuk-upload-file-4df4ac6ec0ff?source=rss------bug_bounty-5Ferizcobug-bounty, security, cybersecurity, web-development, php01-Dec-2024
Firmware Penetration Testing Checklisthttps://infosecwriteups.com/firmware-penetration-testing-checklist-9d5e70388371?source=rss------bug_bounty-5Ajay Naikpenetration-testing, security, information-technology, bug-bounty, cybersecurity01-Dec-2024
Basics of SQL Injectionhttps://medium.com/@mayank_prajapati/basics-of-sql-injection-88ab0e57588b?source=rss------bug_bounty-5Mayank Kumar Prajapatipenetration-testing, vulnerability, hacking, bug-bounty-tips, bug-bounty01-Dec-2024
Why I Failed This November: A Clown’s Reflection on Failurehttps://jackhavoltrey.medium.com/why-i-failed-this-november-a-clowns-reflection-on-failure-3223fec4451e?source=rss------bug_bounty-5Jack Havoltreybug-bounty-tips, bug-bounty01-Dec-2024
Execution of a clickjacking attack on Gemini (Google’s AI-powered assistant) - which I recently…https://systemweakness.com/execution-of-a-clickjacking-attack-on-gemini-googles-ai-powered-assistant-which-i-recently-45e60a98316a?source=rss------bug_bounty-5NIKHIL KUMAR GANDLApenetration-testing, cybersecurity, bug-bounty, application-security, information-security01-Dec-2024
From Minor Bug to Major DoS: My Journey with Web Cache Poisoninghttps://ayushkr12.medium.com/from-minor-bug-to-major-dos-my-journey-with-web-cache-poisoning-4b721e5358f4?source=rss------bug_bounty-5Ayushkrweb-exploitation, web-cache-poisoning, bug-bounty, pentesting01-Dec-2024
Russia Arrests Cybercriminal Wazawaka Tied to Ransomware Gangshttps://medium.com/@wiretor/russia-arrests-cybercriminal-wazawaka-tied-to-ransomware-gangs-9354c557f1d5?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, hacking, wazawaka, malware, bug-bounty01-Dec-2024
SpyLoan Android Malware Installed Over 8 Million Times on Google Play!https://medium.com/@wiretor/spyloan-android-malware-installed-over-8-million-times-on-google-play-d0331b3c762e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, hacking, ransomeware, bug-bounty, spyloan01-Dec-2024
picoCTF Web Exploitation: Unminifyhttps://medium.com/@Kamal_S/picoctf-web-exploitation-unminify-6dd45341b7f5?source=rss------bug_bounty-5Kamal Sowasp, unminify, ctf, bug-bounty, picoctf01-Dec-2024
Exploring Alternatives to Cobalt: Why Hackrate Stands Outhttps://medium.com/@hackrate/exploring-alternatives-to-cobalt-why-hackrate-stands-out-67473c1e74e6?source=rss------bug_bounty-5Levente Molnarcybersecurity, bug-bounty, ethical-hacking, penetration-testing01-Dec-2024
Web Shell Upload via Extension Blacklist Bypass — File Upload Vulnerabilityhttps://medium.com/@rcxsecurity/web-shell-upload-via-extension-blacklist-bypass-file-upload-vulnerability-f98ee877aff1?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafécybersecurity, hacking, information-security, bug-bounty, pentesting01-Dec-2024
The Ultimate Guide to Top Pentest-as-a-Service Providers in 2024https://medium.com/@hackrate/the-ultimate-guide-to-top-pentest-as-a-service-providers-in-2024-f03b0408b0a5?source=rss------bug_bounty-5Levente Molnarethical-hacking, cybersecurity, penetration-testing, bug-bounty, hacking01-Dec-2024
SQL injection UNION attack, determining the number of columns returned by the queryhttps://medium.com/@Laxious8848/sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-4792d89ad93f?source=rss------bug_bounty-5Laxioussql-injection, web-pen-testing, web-penetration-testing, bug-bounty, union-based-sql-injection01-Dec-2024
Out of Scope, Out of Mind? Thehttps://medium.com/@talatumsolutions/out-of-scope-out-of-mind-the-0e5f558c43ba?source=rss------bug_bounty-5Talatum-solutionstalatum, hacking, cyber-security-solutions, pentesting, bug-bounty30-Nov-2024
Turn Cybersecurity Tricks Into Cash: Here’s How You Can Start Todayhttps://medium.com/@divyesh.jagad/turn-cybersecurity-tricks-into-cash-heres-how-you-can-start-today-9ccfff1ee0f4?source=rss------bug_bounty-5Divyesh Jagadtrending, bug-bounty, freelancing, infosec, remote-working30-Nov-2024
Privilege Escalation via Role Persistence Vulnerabilityhttps://medium.com/@aalgohary950/privilege-escalation-via-role-persistence-vulnerability-0c22a002d6ff?source=rss------bug_bounty-5C1pher_1hacking, penetration-testing, bug-bounty, access-control, privilege-escalation30-Nov-2024
Discovery of Xss / Html Injection by analyzing target source codehttps://medium.com/@gheeX/discovery-of-xss-html-injection-by-analyzing-target-source-code-0bc7a96c3ca4?source=rss------bug_bounty-5Ghee1337vulnerability, bug-bounty-writeup, bug-bounty-tips, xss-attack, bug-bounty30-Nov-2024
Delete Account Functionality Helped Me Earn $250https://vijetareigns.medium.com/delete-account-functionality-helped-me-earn-250-21baa23c4034?source=rss------bug_bounty-5the_unlucky_guybug-bounty-tips, bug-bounty, bug-bounty-writeup, application-security, cybersecurity30-Nov-2024
Marianas Web — The Danger Part of the Internet!https://medium.com/@TahirAyoub/marianas-web-the-danger-part-of-the-internet-be69e3118e3d?source=rss------bug_bounty-5Tahir Ayoubcybersecurity, darkweb, bug-bounty, deep-web, hacking30-Nov-2024
A massive security breach at Andrew Tate’s platform The Real World has exposed the personal…https://medium.com/@wiretor/a-massive-security-breach-at-andrew-tates-platform-the-real-world-has-exposed-the-personal-576892ffca1c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, malware, expose, andrew-tate30-Nov-2024
5 Side Hustles For Ethical Hackershttps://medium.com/@red.whisperer/5-side-hustles-for-ethical-hackers-8f3e0ca983ed?source=rss------bug_bounty-5Chuxethical-hacking, cybersecurity, hacking, bug-bounty, side-hustle30-Nov-2024
The Ultimate Guide to Top Ethical Hacking Platforms in 2024https://medium.com/@hackrate/the-ultimate-guide-to-top-ethical-hacking-platforms-in-2024-adcfc808caea?source=rss------bug_bounty-5Hackratebug-bounty, cybersecurity, ethical-hacking, penetration-testing30-Nov-2024
⚠️ Microsoft Hacking Warning 450 Million Windows Users Must Now Act! ️https://medium.com/@wiretor/%EF%B8%8F-microsoft-hacking-warning-450-million-windows-users-must-now-act-%EF%B8%8F-a7be6255a338?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, windows, ransomeware, breached, bug-bounty30-Nov-2024
Russian Script Kiddie Builds Massive DDoS Botnethttps://medium.com/@wiretor/russian-script-kiddie-builds-massive-ddos-botnet-bac1b6c57e9f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, programming, hacking, russian30-Nov-2024
P4 bug’s and their POC steps | Part 8https://osintteam.blog/p4-bugs-and-their-poc-steps-part-8-910ee6ba5710?source=rss------bug_bounty-5socalledhackercybersecurity, infosec, bug-bounty, hacking, bug-bounty-tips30-Nov-2024
X(twitter) & my first real bughttps://medium.com/@elkhawaga1900/x-twitter-my-first-real-bug-7c7d26bef48f?source=rss------bug_bounty-5sponge2003bug-bounty, duplicate30-Nov-2024
The Ultimate Guide to Top Ethical Hacking Platforms in 2024https://medium.com/@hackrate/the-ultimate-guide-to-top-ethical-hacking-platforms-in-2024-adcfc808caea?source=rss------bug_bounty-5Levente Molnarbug-bounty, cybersecurity, ethical-hacking, penetration-testing30-Nov-2024
The Ultimate Guide to Top Bug Bounty Platforms in 2024https://medium.com/@hackrate/the-ultimate-guide-to-top-bug-bounty-platforms-in-2024-08f53b117063?source=rss------bug_bounty-5Hackrateethical-hacking, cybersecurity, penetration-testing, bug-bounty29-Nov-2024
The Ultimate Guide to Top Bug Bounty Platforms in 2024: Why Hackrate Stands Outhttps://medium.com/@hackrate/the-ultimate-guide-to-top-bug-bounty-platforms-in-2024-why-hackrate-stands-out-d402c86c407b?source=rss------bug_bounty-5Hackratepenetration-testing, bug-bounty, ethical-hacking, cybersecurity29-Nov-2024
Exploring Alternatives to HackerOne: Why Hackrate Stands Outhttps://medium.com/@hackrate/exploring-alternatives-to-hackerone-why-hackrate-stands-out-894092aec0aa?source=rss------bug_bounty-5Hackrateethical-hacking, penetration-testing, cybersecurity, bug-bounty, hacking29-Nov-2024
How To Become Up-To-Date Hacker? 8 Gold Points To Stay Informed During Lifetime-Hacking Storyhttps://osintteam.blog/how-to-become-up-to-date-hacker-8-gold-points-to-stay-informed-during-lifetime-hacking-story-2e95f33c5d6f?source=rss------bug_bounty-5NnFacebug-bounty, cybersecurity, kali-linux, hacking, technology29-Nov-2024
Advanced Google Dorking | Part7https://systemweakness.com/advanced-google-dorking-part7-a8df43d00743?source=rss------bug_bounty-5AbhirupKonwarinfosec, pentesting, ethical-hacking, cybersecurity, bug-bounty29-Nov-2024
Email Verification Bypass Vulnerability: A Critical Flaw Exploitedhttps://medium.com/@muralidharan1530/email-verification-bypass-vulnerability-a-critical-flaw-exploited-1d7a316b2514?source=rss------bug_bounty-5Murali Dharanbounties, bug-bounty-writeup, bug-bounty, bugs, bug-bounty-tips29-Nov-2024
POC — CVE-2024–21534 Jsonpath-plus vulnerable to Remote Code Execution (RCE) due to improper input…https://medium.com/@verylazytech/poc-cve-2024-21534-jsonpath-plus-vulnerable-to-remote-code-execution-rce-due-to-improper-input-a466ae69aa92?source=rss------bug_bounty-5Very Lazy Techcybersecurity, cve, exploit, cve-2024-21534, bug-bounty29-Nov-2024
hackthebox-Administrator-walkthroughhttps://medium.com/@ryuzakiryuga31/hackthebox-administrator-walkthrough-217d01374d00?source=rss------bug_bounty-5R09shbug-bounty, hackthebox, network-security, network-penetration-test, system-administration29-Nov-2024
Google Dorking Made Simpler with GFUhttps://medium.com/@sheryx00/google-dorking-made-simpler-with-gfu-20c67c5c8fc4?source=rss------bug_bounty-5Sheryx00google-dork, open-source, bug-bounty, pentesting, bug-bounty-tips29-Nov-2024
Authentication Bypass Vulnerability 🙂https://aman0.medium.com/authentication-bypass-vulnerability-a7b8fff3361f?source=rss------bug_bounty-5Aman Hauthentication-bypass, vulnerability, penetration-testing, bug-bounty-tips, bug-bounty29-Nov-2024
Exploring Alternatives to Bugcrowd: Why Hackrate Stands Outhttps://medium.com/@hackrate/exploring-alternatives-to-bugcrowd-why-hackrate-stands-out-8d54235f62d1?source=rss------bug_bounty-5Hackratebug-bounty, cybersecurity, penetration-testing, ethical-hacking29-Nov-2024
The Ultimate Bug Bounty Roadmap Zero to Prohttps://medium.com/@adinesh02/the-ultimate-bug-bounty-roadmap-zero-to-pro-56440ac4cef2?source=rss------bug_bounty-5DINESH Atechnology, tech, bug-bounty, hacking, cybersecurity29-Nov-2024
Phishing-as-a-Service (PhaaS): “Rockstar 2FA” Targets Microsoft 365 with AiTM Attackshttps://medium.com/@wiretor/phishing-as-a-service-phaas-rockstar-2fa-targets-microsoft-365-with-aitm-attacks-572617422ea5?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, xs, phaa, american-dream, hacking29-Nov-2024
Critical Flaw in ProjectSend Under Active Exploitation — Protect Your Servers!https://medium.com/@wiretor/critical-flaw-in-projectsend-under-active-exploitation-protect-your-servers-c0903ab96a68?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesxs, malware, bug-bounty, hacking, pentest29-Nov-2024
Unmasking Open Redirect Vulnerabilities: A Real-World Discoveryhttps://medium.com/@360Security/unmasking-open-redirect-vulnerabilities-a-real-world-discovery-348081e5d03e?source=rss------bug_bounty-5Anand Patelpenetration-testing, vapt, bug-bounty, web-security, cybersecurity29-Nov-2024
Hacking AI — Understanding LLM Attacks and Prompt Injectionshttps://medium.com/@anmol.sh/hacking-ai-understanding-llm-attacks-and-prompt-injections-9354f26a8353?source=rss------bug_bounty-5Anmol Shahai, hacking, penetration-testing, artificial-intelligence, bug-bounty29-Nov-2024
Website’s for fake mobile numbers and sms services.https://osintteam.blog/websites-for-fake-mobile-numbers-and-sms-services-9057442ef82b?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, bug-bounty-tips, tips, hacking28-Nov-2024
30 Best Hacking Promptshttps://medium.com/@TahirAyoub/30-best-hacking-prompts-0c10ee61edf4?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, hacking, chatgpt, cybersecurity, ai28-Nov-2024
The More Confident You Are About Your Testing, The Bigger the Bug You Missedhttps://manishsaini74.medium.com/the-more-confident-you-are-about-your-testing-the-bigger-the-bug-you-missed-189fe169c005?source=rss------bug_bounty-5Manish Sainibug-bounty, test-automation, software-engineering, software-testing, quality-assurance28-Nov-2024
8 Shocking Ways to Protect Your Identity Onlinehttps://medium.com/@paritoshblogs/8-shocking-ways-to-protect-your-identity-online-fe13ad3b92e1?source=rss------bug_bounty-5Paritoshai, identity, hacking, cybersecurity, bug-bounty28-Nov-2024
Finding Low-Hanging Bugs: A Practical Guide with Commandshttps://medium.com/@ayansheikh45689/finding-low-hanging-bugs-a-practical-guide-with-commands-d6fb9159857d?source=rss------bug_bounty-5Ayanpenetration-testing, bug-finding, bug-bounty, ethical-hacking, cybersecurity28-Nov-2024
Finding more subdomains.(part 2)https://infosecwriteups.com/finding-more-subdomains-part-2-1850ead4dd92?source=rss------bug_bounty-5loyalonlytodaybug-bounty, penetration-testing, reconnaissance, cybersecurity, hacking28-Nov-2024
JWTs: A Comedy of Errors and Exploitshttps://jackhavoltrey.medium.com/jwts-a-comedy-of-errors-and-exploits-81d1fb25d24d?source=rss------bug_bounty-5Jack Havoltreybug-bounty, authentication, bug-bounty-tips, jwt, web-development28-Nov-2024
Bug Bounty Chronicles: Exploiting the PUT Method for Remote Code Execution (RCE)https://medium.com/@pawarpushpak36/bug-bounty-chronicles-exploiting-the-put-method-for-remote-code-execution-rce-c2782bea61da?source=rss------bug_bounty-5Pawarpushpakbug-zero, remote-code-execution, bug-bounty-tips, bug-bounty, infosec28-Nov-2024
The Art of Account Take Over #1: Chaining XSS and non-HttpOnly Session Cookiehttps://xdead4f.medium.com/the-art-of-account-take-over-1-chaining-xss-and-non-httponly-session-cookie-8e474bc83e5c?source=rss------bug_bounty-50xdead4fxs, penetration-testing, bug-bounty, cybersecurity28-Nov-2024
How to find Access control vulnerabilities useful Tips PART (1)☢https://medium.com/@mahmodziad40/how-to-find-access-control-vulnerabilities-useful-tips-part-1-56ca1a9c60ce?source=rss------bug_bounty-5httpzuzportswigger, penetration-testing, access-control, bug-bounty-tips, bug-bounty28-Nov-2024
UK Hospital Network Hit by Cyberattack, Procedures Postponedhttps://medium.com/@wiretor/uk-hospital-network-hit-by-cyberattack-procedures-postponed-3b9622eec715?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, malware, cyberattack, uk-hospital-attack, bug-bounty28-Nov-2024
T-Mobile Detects Network Intrusion Attempts from Wireline Providerhttps://medium.com/@wiretor/t-mobile-detects-network-intrusion-attempts-from-wireline-provider-ee7fab1a7eac?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, xs, t-mobile, hacking28-Nov-2024
Malicious npm Library @0xengine/xmlrpc Steals Data and Mines Cryptocurrencyhttps://medium.com/@wiretor/malicious-npm-library-0xengine-xmlrpc-steals-data-and-mines-cryptocurrency-50171f172ef7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, xs, bug-bounty, malware, ransomeware28-Nov-2024
Exploiting CSRF and OTP Reuse: How Weak Token Management Enables Password Reset Attacks, Leading…https://medium.com/@iPsalmy/exploiting-csrf-and-otp-reuse-how-weak-token-management-enables-password-reset-attacks-leading-to-c2f6b914f398?source=rss------bug_bounty-5iPsalmybug-bounty, infosec, web-application-security, api-security, cybersecurity28-Nov-2024
#HappyThanksgiving from Wire Tor!https://medium.com/@wiretor/happythanksgiving-from-wire-tor-5a655498f35f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, happy-thanksgiving, happy-thanksgiving-day, malware28-Nov-2024
Private IP Disclosure in Bug Bounty Programs: Understanding the Risk and Rewardhttps://medium.com/@shamzen96/private-ip-disclosure-in-bug-bounty-programs-understanding-the-risk-and-reward-6441aa866db0?source=rss------bug_bounty-5Shivam Rajbug-bounty, bug-bounty-tips27-Nov-2024
The P2 Bug You Could Miss Without Reading the Documentationhttps://mokhansec.medium.com/the-p2-bug-you-could-miss-without-reading-the-documentation-b0eacc3b7587?source=rss------bug_bounty-5Mohsin khancybersecurity, bugs, bug-bounty-tips, bug-bounty-writeup, bug-bounty27-Nov-2024
Easy Way To Root Your Virtual Device 🙂https://aman0.medium.com/easy-way-to-root-your-virtual-device-9d1a2aa99ea1?source=rss------bug_bounty-5Aman Hpenetration-testing, mobile-app-development, root-android-phone, bug-bounty, app-security-testing27-Nov-2024
Install MassDNS in Linuxhttps://medium.com/@mohamdaminporsalari/install-massdns-in-linux-4a5937829972?source=rss------bug_bounty-5MaMadbug-bounty, dns, massdns, pentesting, bug-bounty-tool27-Nov-2024
How I Turned NASA’s Search Bar into a Phishing Gatewayhttps://systemweakness.com/how-i-turned-nasas-search-bar-into-a-phishing-gateway-697de30859b0?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, cybersecurity, technology, bug-bounty, programming27-Nov-2024
0-Click ATO: How I Can Take Over Every Account on the Websitehttps://medium.com/@aesmail034/0-click-ato-how-i-can-take-over-every-account-on-the-website-9a69c9afb57c?source=rss------bug_bounty-5Ahmed Esmailhackerone, bug-bounty, cybersecurity, account-takeover27-Nov-2024
Race Condition Exploit Enables Free Plan Users to Access Premium Featureshttps://medium.com/@rawansa3ed2002/race-condition-exploit-enables-free-plan-users-to-access-premium-features-9619d0fa0a53?source=rss------bug_bounty-5Rawansaedbug-bounty, race-condition, hackerone, penetration-testing, cybersecurity27-Nov-2024
System Hacking Techniquehttps://medium.com/@TahirAyoub/system-hacking-technique-ac376bd3f0ef?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, hacking-tools, cybersecurity, hacking, computer-security27-Nov-2024
Install MassDNS in Linuxhttps://medium.com/@MaMad4Ever/install-massdns-in-linux-4a5937829972?source=rss------bug_bounty-5MaMadbug-bounty, dns, massdns, pentesting, bug-bounty-tool27-Nov-2024
Introducing JSNinja: Your Ultimate JavaScript Bug Hunting Companion ️‍♂️https://medium.com/@vikas0vks/introducing-jsninja-your-ultimate-javascript-bug-hunting-companion-%EF%B8%8F-%EF%B8%8F-bee1fcc4bd75?source=rss------bug_bounty-5Vikasinformation-security, bug-bounty-tips, bug-bounty27-Nov-2024
SMB Enumeration and Exploitation: Master Ports 139 and 445 for Penetration Testinghttps://medium.com/@verylazytech/smb-enumeration-and-exploitation-master-ports-139-and-445-for-penetration-testing-ddca90a384c5?source=rss------bug_bounty-5Very Lazy Techbug-bounty, oscp, smb, hacking, cybersecurity27-Nov-2024
Understanding Ethical Hacking: The Key to Cybersecurityhttps://medium.com/@harshkatiyar5556/understanding-ethical-hacking-the-key-to-cybersecurity-454c6671c5f9?source=rss------bug_bounty-5Harsh Katiyarweb3, mind-hacking-techniques, ethical-hacking, cybersecurity, bug-bounty27-Nov-2024
How to Find DNS Rebinding Vulnerabilities in Bug Bounty Huntinghttps://dineshpathro9.medium.com/how-to-find-dns-rebinding-vulnerabilities-in-bug-bounty-hunting-3323da71f5ee?source=rss------bug_bounty-5Hunterbugs, bug-bounty-tips, bug-bounty, bug-zero27-Nov-2024
0-Click ATO: How I Can Take Over Every Account on the Websitehttps://som3a.medium.com/0-click-ato-how-i-can-take-over-every-account-on-the-website-9a69c9afb57c?source=rss------bug_bounty-5Ahmed Esmailhackerone, bug-bounty, cybersecurity, account-takeover27-Nov-2024
IDOR Allows an Admin to Add SuperAdmin (Which is not allowed)https://medium.com/@mrro0o0tt/idor-allows-an-admin-to-add-superadmin-which-is-not-allowed-239fcc82ff69?source=rss------bug_bounty-5Whoamiidor-vulnerability, bug-bounty, broken-access-control, business-logic-bug, bug-bounty-tips27-Nov-2024
Researchers Unveil “Bootkitty” — The First UEFI Bootkit Targeting Linux Kernels!https://medium.com/@wiretor/researchers-unveil-bootkitty-the-first-uefi-bootkit-targeting-linux-kernels-30ff7b7c6819?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceszero-day, cve, bug-bounty, malware, bootkitty27-Nov-2024
Interpol Arrests 1,000+ in Massive ‘Operation Serengeti’ Anti-Cybercrime Crackdownhttps://medium.com/@wiretor/interpol-arrests-1-000-in-massive-operation-serengeti-anti-cybercrime-crackdown-45ffa24e6f4a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, xss-attack, interpol, hacking, bug-bounty27-Nov-2024
New NachoVPN Attack: Rogue VPN Servers Installing Malicious Updates ️https://medium.com/@wiretor/new-nachovpn-attack-rogue-vpn-servers-installing-malicious-updates-%EF%B8%8F-262c85645850?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, vpn, malware, bug-bounty, programming27-Nov-2024
JS Review and Abuse GraphQL Result 10xBAC + Admin Panel ATOhttps://medium.com/@0xbugatti/js-review-and-abuse-graphql-result-10xbac-admin-panel-ato-0f013fe471ea?source=rss------bug_bounty-50xbugattiowasp-top-10, bug-bounty, bugbounty-writeup, web-app-security, bugbounty-tips27-Nov-2024
How I abled to get users/admins PII Disclosurehttps://medium.com/@a7madhacck/how-i-abled-to-get-users-admins-pii-disclosure-6c02fef82c11?source=rss------bug_bounty-5Ahmad Yusseftechnology, hackerone, bug-bounty-writeup, cybersecurity, bug-bounty27-Nov-2024
Automating the Setup of a Bug Bounty Toolkithttps://dineshpathro9.medium.com/automating-the-setup-of-a-bug-bounty-toolkit-05b3e589eb84?source=rss------bug_bounty-5hunterbug-bounty, bug-bounty-tips, bugs, hacking26-Nov-2024
VOIP Penetration Testing Checklisthttps://infosecwriteups.com/voip-penetration-testing-checklist-890bb4e09bac?source=rss------bug_bounty-5Ajay Naiksecurity, information-technology, penetration-testing, cybersecurity, bug-bounty26-Nov-2024
Find Website Vulnerabilities with One Hacking Toolhttps://medium.com/@TahirAyoub/find-website-vulnerabilities-with-one-hacking-tool-0008a908c6fd?source=rss------bug_bounty-5Tahir Ayoubcybersecurity, bug-bounty-tips, bug-bounty, hacking, tools26-Nov-2024
Bugbounty Hunting: The First Step After Finding Your Targethttps://dineshpathro9.medium.com/bugbounty-hunting-the-first-step-after-finding-your-target-998267eeeb28?source=rss------bug_bounty-5Hunterbug-bounty-tips, bug-bounty, bug-zero, bugs26-Nov-2024
Challenges and Pitfalls of Automating Bug Bounty Submissions with AIhttps://pointlessai.medium.com/challenges-and-pitfalls-of-automating-bug-bounty-submissions-with-ai-adb06ab0d2c6?source=rss------bug_bounty-5PointlessAI Mediumai, bug-bounty, cybersecurity, chatgpt, vulnerability-management26-Nov-2024
IBM Fixes RCE Vulnerabilities in Data Virtualization Manager and Security SOARhttps://medium.com/@wiretor/ibm-fixes-rce-vulnerabilities-in-data-virtualization-manager-and-security-soar-dfbc178710f5?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, rce, bug-bounty, malware, ibm26-Nov-2024
Firefox and Windows Zero-Days Exploited by Russian RomCom Hackers: A Cybersecurity Wake-Up Call!https://medium.com/@wiretor/firefox-and-windows-zero-days-exploited-by-russian-romcom-hackers-a-cybersecurity-wake-up-call-a8029dacd27b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, malware, windows-hacking, bug-bounty, firefox-hacked26-Nov-2024
Critical Vulnerabilities Discovered in Popular Anti-Spam Plugin for WordPress ️https://medium.com/@wiretor/critical-vulnerabilities-discovered-in-popular-anti-spam-plugin-for-wordpress-%EF%B8%8F-353b3a727d7e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacked, malware, wordpress, ransomware, bug-bounty26-Nov-2024
Find Website Vulnerabilities with One Hacking Toolhttps://blog.cubed.run/find-website-vulnerabilities-with-one-hacking-tool-0008a908c6fd?source=rss------bug_bounty-5Tahir Ayoubcybersecurity, bug-bounty-tips, bug-bounty, hacking, tools26-Nov-2024
How I Hacked NASAhttps://vikram1337.medium.com/how-i-hacked-nasa-74f4ada6e90c?source=rss------bug_bounty-5Vikramwriteup, pentesting, bug-bounty, nasa26-Nov-2024
race condition on BBPhttps://medium.com/@mohanad9837/race-condition-on-bbp-7294e8582ade?source=rss------bug_bounty-5mohanedbug-bounty, race-condition25-Nov-2024
Why Subdomain Enumeration ?https://ahmed-rezk.medium.com/why-subdomain-enumeration-3e4570dd9aba?source=rss------bug_bounty-5Ahmed Rezkcybersecurity, red-teaming, bug-bounty-tips, pentesting, bug-bounty25-Nov-2024
Privilege Escalation in Collaborative Platforms — BugBountyhttps://medium.com/@Zero-Ray/privilege-escalation-in-collaborative-platforms-bugbounty-e1e240384b43?source=rss------bug_bounty-5Mahmoud Fawzyprivilege-escalation, bug-bounty, bug-bounty-hunter, bugcrowd, bug-bounty-writeup25-Nov-2024
HOW I FOUND MY FIRST XSS BUGhttps://medium.com/@Zeroo_sec/how-i-found-my-first-xss-bug-553225548d29?source=rss------bug_bounty-5Ranjanethical-hacking, hacking, bug-bounty, bug-bounty-tips25-Nov-2024
Google Dorks for Bug Bounty: The Ultimate Guidehttps://medium.com/@verylazytech/google-dorks-for-bug-bounty-the-ultimate-guide-e7611b533aee?source=rss------bug_bounty-5Very Lazy Techethical-hacking, google-dork, google-hacking, penetration-testing, bug-bounty25-Nov-2024
Google dorking the right way.https://osintteam.blog/google-dorking-the-right-way-27b0eeb31212?source=rss------bug_bounty-5an0nbilbug-bounty-tips, bug-bounty, programming, ethical-hacking, cybersecurity25-Nov-2024
Microlise Data Breach Confirmed: SafePay Ransomware Group Claims Responsibility ️https://medium.com/@wiretor/microlise-data-breach-confirmed-safepay-ransomware-group-claims-responsibility-%EF%B8%8F-035e36e25afc?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesusa, ransomeware, bug-bounty, malware, xs25-Nov-2024
Bangkok Busts High-Tech SMS Scam Operationhttps://medium.com/@wiretor/bangkok-busts-high-tech-sms-scam-operation-e13909a2625f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, bug-bounty, hacking, malware, xxe25-Nov-2024
Finastra Data Breach: What Financial Institutions Need to Know ️https://medium.com/@wiretor/finastra-data-breach-what-financial-institutions-need-to-know-%EF%B8%8F-df9e960c90c7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, pentest, hacking, xs25-Nov-2024
SSRF To Internal Data Access Via PDF Print Featurehttps://bishal0x01.medium.com/ssrf-to-internal-data-access-via-pdf-print-feature-b8e6a912844a?source=rss------bug_bounty-5Bishal Shresthassrf, bug-bounty, information-security25-Nov-2024
Bug Bounty Tips and Trickshttps://bevijaygupta.medium.com/bug-bounty-tips-and-tricks-7b25317c8e7e?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bug-zero, bug-bounty-writeup, bugs, bug-bounty25-Nov-2024
Google Dorks for Bug Bounty: The Ultimate Guidehttps://systemweakness.com/google-dorks-for-bug-bounty-the-ultimate-guide-e7611b533aee?source=rss------bug_bounty-5Very Lazy Techethical-hacking, google-dork, google-hacking, penetration-testing, bug-bounty25-Nov-2024
here is how I got my first bounty $$$https://medium.com/@mohanad9837/here-is-how-i-got-my-first-bounty-78c18da7feeb?source=rss------bug_bounty-5mohanedxss-vulnerability, xss-bypass, bug-bounty, xss-attack25-Nov-2024
GitTrash: Digging Deep into Git Repositories for Hidden Treasureshttps://medium.com/@sheryx00/gittrash-digging-deep-into-git-repositories-for-hidden-treasures-dfa6b3ff9251?source=rss------bug_bounty-5Sheryx00pentesting, bug-bounty, open-source, git24-Nov-2024
SSRF(Server-Side Request Forgery)https://medium.com/@mukkagopi50/ssrf-server-side-request-forgery-50329b7e39fb?source=rss------bug_bounty-5Gopi Mukkavapt, ssrf, ssrf-attack, vulnerability-assessment, bug-bounty24-Nov-2024
Mastering Web Application Pentesting Part — IIhttps://infosecwriteups.com/mastering-web-application-pentesting-part-ii-f02898bf48e3?source=rss------bug_bounty-5Mukilan Baskaranweb-security, infosec, bug-bounty, cybersecurity, computer-security24-Nov-2024
Week 3: When the Drive to Work Fadeshttps://mokhansec.medium.com/week-3-when-the-drive-to-work-fades-3e94a89559c0?source=rss------bug_bounty-5Mohsin khanbug-bounty-writeup, bugs, bug-bounty-tips, bug-bounty, cybersecurity24-Nov-2024
Hacking WordPress: Where to Begin?https://0x4a6f76616e.medium.com/hacking-wordpress-where-to-begin-60179dc403d9?source=rss------bug_bounty-5Jovanbug-bounty, hacking, pentesting, vulnerability, wordpress24-Nov-2024
7 Steps guide to CNAME Subdomain Takeoverhttps://bitpanic.medium.com/7-steps-guide-to-cname-subdomain-takeover-f10eebd7e952?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, cybersecurity, information-security, bug-bounty24-Nov-2024
Cyberattack at French Hospital Exposes Health Data of 750,000 Patientshttps://medium.com/@wiretor/cyberattack-at-french-hospital-exposes-health-data-of-750-000-patients-01b8f62893d1?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicespentest, hacking, xs, malware, bug-bounty24-Nov-2024
Microsoft Disrupts ONNX Phishing-as-a-Service Operation ️https://medium.com/@wiretor/microsoft-disrupts-onnx-phishing-as-a-service-operation-%EF%B8%8F-a1b5535f5d9a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, malware, xs, bug-bounty, pentest24-Nov-2024
Microsoft Tests Third-Party Passkey Support in Windows 11: A Passwordless Futurehttps://medium.com/@wiretor/microsoft-tests-third-party-passkey-support-in-windows-11-a-passwordless-future-92a5fe28571a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmicrosoft, pentest, bug-bounty, hacking, xs24-Nov-2024
Hackers Exploit Avast Anti-Rootkit Driver to Disable Security Defenseshttps://medium.com/@wiretor/hackers-exploit-avast-anti-rootkit-driver-to-disable-security-defenses-13df8a3c313e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, ransomware, bug-bounty, malware, xss-attack24-Nov-2024
How I got 50euro bounty?https://doordiefordream.medium.com/how-i-got-50euro-bounty-71dcf4c6e335?source=rss------bug_bounty-5Bug hunter baluhtml, cybersecurity, technology, vulnerability, bug-bounty24-Nov-2024
Recon. Useful Tips for Bug Bounty — PART 1https://medium.com/@dzchalevich/recon-useful-tips-for-bug-bounty-part-1-0defee9bc7cf?source=rss------bug_bounty-5theroo@tttweb-security, bug-bounty-tips, bug-bounty, penetration-testing, recon24-Nov-2024
Happy hunting!https://medium.com/@hacker_33169/happy-hunting-eae0a858b540?source=rss------bug_bounty-5B3ntl3ycybersecurity, bug-bounty, penetration-testing24-Nov-2024
Beginner’s Guide to Ethical Hacking: What I Learned from My First Bug Bountyhttps://medium.com/@yarmuhammadnizamani556/beginners-guide-to-ethical-hacking-what-i-learned-from-my-first-bug-bounty-724a9f97f38b?source=rss------bug_bounty-5Curious Mindethical-hacking, cybersecurity, bug-bounty24-Nov-2024
Android Pentesting can make you $500/day.https://medium.com/@anandrishav2228/android-pentesting-can-make-you-500-day-818158f9b43d?source=rss------bug_bounty-5Rishav anandcybersecurity, android, hacking, money, bug-bounty24-Nov-2024
How I do my recon and end up finding hidden assets and vulnerabilities before anyone else Pt.2https://medium.com/@demonia/how-i-do-my-recon-and-end-up-finding-hidden-assets-and-vulnerabilities-before-anyone-else-pt-2-2c8dd13d6c19?source=rss------bug_bounty-5Mohammed Diefcybersecurity, information-security, bug-bounty, hackerone, recon24-Nov-2024
IDOR is NOT only on the IDhttps://medium.com/@mshulkhan/idor-is-not-only-on-the-id-8e94b5cc193e?source=rss------bug_bounty-5M Shulkhangoogle-bug, bug-bounty, hacking, hackerkamp150, sysbraykr24-Nov-2024
My Bug Bounty Hunting Methodologyhttps://cybersechemmars.medium.com/my-bug-bounty-hunting-methodology-51ac0a891978?source=rss------bug_bounty-5Cybersec with Hemmarscybersecurity, writing, bug-bounty, bug-bounty-writeup24-Nov-2024
TryHackMe | NoSQLi Walkthroughhttps://medium.com/@k3r0/tryhackme-nosqli-walkthrough-155c6380f5b3?source=rss------bug_bounty-5Kyrillos nadypenetration-testing, bug-bounty, nosql, web-penetration-testing, hacking24-Nov-2024
Bug House Exterminator in Wilton: Your Ultimate Guide to a Pest-Free Homehttps://medium.com/@muhammadmohsinsiddique46/bug-house-exterminator-in-wilton-your-ultimate-guide-to-a-pest-free-home-47d56773c394?source=rss------bug_bounty-5Muhammadmohsinsiddiquebed-bug-extermination, bug-bounty, wilton, bugs23-Nov-2024
7 Main Sins Of A Hacker, What To Stay Away From During Hacking Story?https://medium.com/h7w/7-main-sins-of-a-hacker-what-to-stay-away-from-during-hacking-story-115d749952e2?source=rss------bug_bounty-5NnFacefaith, hacking, bug-bounty, cybersecurity, kali-linux23-Nov-2024
HTML INJECTION- My Second Major Bountyhttps://medium.com/@josuofficial327/html-injection-my-second-major-bounty-cb7c3b32ce60?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuowasp-top-10, bug-bounty-tips, cybersecurity, penetration-testing, bug-bounty23-Nov-2024
Building a Bug Bounty Journey: Exploring Web Security with a Custom CMShttps://medium.com/@zero_4583/building-a-bug-bounty-journey-exploring-web-security-with-a-custom-cms-06dffc81e969?source=rss------bug_bounty-5Nathan Vincentphp, appsec, cms-development, bug-bounty23-Nov-2024
Why Bug Bounty Is Just for You 🙂https://infosecwriteups.com/why-bug-bounty-is-just-for-you-61541deb62b8?source=rss------bug_bounty-5Satyam Pathaniabug-bounty, money, cybersecurity, infosec, technology23-Nov-2024
Disallowed but Discoverable: The Hacker’s robots.txt Playbookhttps://myselfakash20.medium.com/disallowed-but-discoverable-the-hackers-robots-txt-playbook-73dca570f23e?source=rss------bug_bounty-5Akash Ghoshbug-bounty, cybersecurity, technology, programming, bug-bounty-writeup23-Nov-2024
Vulnerable WordPress October 2024 (Zahhak Castle)https://medium.com/@onhexgroup/vulnerable-wordpress-october-2024-zahhak-castle-fb7da609b5e1?source=rss------bug_bounty-5Onhexgroupinformation-security, infosec, cybersecurity, bug-bounty, wordpress23-Nov-2024
North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedInhttps://medium.com/@wiretor/north-korean-hackers-steal-10m-with-ai-driven-scams-and-malware-on-linkedin-25daddc61809?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, malware, ai, programming23-Nov-2024
Over 2,000 Palo Alto Firewalls Hacked Using Recently Patched Bugshttps://medium.com/@wiretor/over-2-000-palo-alto-firewalls-hacked-using-recently-patched-bugs-ccc83ef8b4d6?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, hacking, hacked, xss-attack23-Nov-2024
Chinese Hackers Target Linux with WolfsBane Malwarehttps://medium.com/@wiretor/chinese-hackers-target-linux-with-wolfsbane-malware-c4a313c0e63f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceschinese, linux, hacking, malware, bug-bounty23-Nov-2024
Cyber Alert: APT28 Hackers Breach US Firm with Innovative “Nearest Neighbor Attack”https://medium.com/@wiretor/cyber-alert-apt28-hackers-breach-us-firm-with-innovative-nearest-neighbor-attack-9245d88841d8?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, apt-28, hacking, xss-attack23-Nov-2024
Ubuntu Users Alert: Decade-Old Needrestart Flaws Expose Root Privilege Riskshttps://medium.com/@wiretor/ubuntu-users-alert-decade-old-needrestart-flaws-expose-root-privilege-risks-a504f5d2b949?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesusa, ubuntu, penetration-testing, bug-bounty, malware23-Nov-2024
Step into my Professional Life(:Finding my first Bug:)https://medium.com/@anshjain722/step-into-my-professional-life-finding-my-first-bug-e8175b1d9601?source=rss------bug_bounty-5Ansh Jaincybersecurity, xss-vulnerability, vulnerability, bugs, bug-bounty23-Nov-2024
Methods to bypass 403 & 401https://infosecwriteups.com/methods-to-bypass-403-401-38df4cec069e?source=rss------bug_bounty-5Dishant Modipenetration-testing, cybersecurity, bug-bounty-tips, bug-bounty, hacking23-Nov-2024
How I Discovered an Email Change Vulnerability Leading to Pre-Account Takeover | p2https://medium.com/@dhananjay_00/how-i-discovered-an-email-change-vulnerability-leading-to-pre-account-takeover-p2-7e76e0002eef?source=rss------bug_bounty-5Dhananjay Pathakbug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty, hacking23-Nov-2024
Why I Switched from Cloud to Local Password Managementhttps://expectme.medium.com/why-i-switched-from-cloud-to-local-password-management-2b79448495dc?source=rss------bug_bounty-5Mamoud Eidbug-bounty, privacy, cybersecurity23-Nov-2024
Bug Bounty Beginner’s Roadmap-02https://medium.com/@sheikh.mohammad.adil.71/bug-bounty-beginners-roadmap-02-3236f15df715?source=rss------bug_bounty-5SHEIKH MOHAMMAD ADILroadmaps, ethical-hacking, bounty-program, bug-bounty23-Nov-2024
My OSWA Experiencehttps://medium.com/@zumyumi/my-oswa-experience-eaa4e94d1797?source=rss------bug_bounty-5Zumi Yumioswe, oscp, web, oswa, bug-bounty23-Nov-2024
️‍♂️ Bug Bounty Beginner’s Roadmap-01https://medium.com/@sheikh.mohammad.adil.71/%EF%B8%8F-%EF%B8%8F-ultimate-bug-bounty-roadmap-ee81e805ad6b?source=rss------bug_bounty-5SHEIKH MOHAMMAD ADILbug-bounty, ethical-hacking, hackerone, cybersecurity, roadmaps23-Nov-2024
File path traversal, validation of file extension with null byte bypasshttps://medium.com/@Laxious8848/file-path-traversal-validation-of-file-extension-with-null-byte-bypass-6625f4a4fbec?source=rss------bug_bounty-5Laxiousweb-penetration-testing, lfi, lfi-vulnerability, bug-bounty, web-pen-testing22-Nov-2024
File path traversal, validation of start of pathhttps://medium.com/@Laxious8848/file-path-traversal-validation-of-start-of-path-063e8995a55d?source=rss------bug_bounty-5Laxiouslfi, web-penetration-testing, web-pen-testing, lfi-vulnerability, bug-bounty22-Nov-2024
Ghost Tap Exploits NFC Payments for Fraudhttps://medium.com/@wiretor/ghost-tap-exploits-nfc-payments-for-fraud-dc2a263ff603?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ransomware, hacking, programming, bug-bounty22-Nov-2024
Oracle Agile PLM Vulnerability Exploited in the Wild: Protect Your Data!https://medium.com/@wiretor/oracle-agile-plm-vulnerability-exploited-in-the-wild-protect-your-data-129f8d9ac922?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, ransomware, malware, pentest, hacking22-Nov-2024
File path traversal, traversal sequences stripped with superfluous URL-decodehttps://medium.com/@Laxious8848/file-path-traversal-traversal-sequences-stripped-with-superfluous-url-decode-0b303cfe5b69?source=rss------bug_bounty-5Laxiousweb-penetration-testing, web-pen-testing, bug-bounty, lfi-vulnerability, lfi22-Nov-2024
Resolving the “externally-managed-environment” Error in Pythonhttps://medium.com/@prathameshbagul/resolving-the-externally-managed-environment-error-in-python-b91650d45946?source=rss------bug_bounty-5Prathbug-bounty, python, pentesting, kali-linux, cybersecurity22-Nov-2024
ShodanSpider: A Powerful Tool for Cybersecurity Researchhttps://shubhamrooter.medium.com/shodanspider-a-powerful-tool-for-cybersecurity-research-02eac3ed75e2?source=rss------bug_bounty-5Shubham Tiwaribug-bounty, security-analytics, vapt, shodan, bug-hunting22-Nov-2024
My Journey Finding Bugs on NASAhttps://cybersecuritywriteups.com/my-journey-finding-bugs-on-nasa-a2296d142b0a?source=rss------bug_bounty-5Shridhar Rajaputbug-bounty-writeup, inspiration, cybersecurity, bug-bounty, information-technology22-Nov-2024
Why Bug Bounty Could Be a Career for You 🙂https://osintteam.blog/why-bug-bounty-could-be-a-career-for-you-17b6b7b66e16?source=rss------bug_bounty-5Satyam Pathaniamoney, technology, cybersecurity, bug-bounty, infosec22-Nov-2024
Unveiling a Critical Bug in One of the World’s Largest Banks: My Barclays Storyhttps://cybersecuritywriteups.com/unveiling-a-critical-bug-in-one-of-the-worlds-largest-banks-my-barclays-story-34a9fb5f5140?source=rss------bug_bounty-5Guru Prasad Pattanaikbug-bounty-tips, bug-bounty, cybersecurity, bug-bounty-writeup, ethical-hacking22-Nov-2024
The $900 Bug: My Journey Through SSRF and LFI Exploitshttps://myselfakash20.medium.com/the-900-bug-my-journey-through-ssrf-and-lfi-exploits-222feb276deb?source=rss------bug_bounty-5Akash Ghoshprogramming, technology, cybersecurity, hacking, bug-bounty22-Nov-2024
IDOR Checklist 2025https://medium.com/@mohanad9837/idor-checklist-2025-443575a389d4?source=rss------bug_bounty-5mohanedidor, bug-bounty, idor-vulnerability22-Nov-2024
Finding and Exploiting open SMB service [bug bounty write-up].https://medium.com/@sugamdangal52/finding-and-exploiting-open-smb-service-bug-bounty-write-up-492d72cd2fa3?source=rss------bug_bounty-5Sugam Dangalethical-hacking, bug-bounty, bug-hunting, hacking, bug-bounty-writeup22-Nov-2024
Forbidden Bypass Cloudflare Zero Trust — English Versionhttps://medium.com/@j0hnZ3RA/forbidden-bypass-cloudflare-zero-trust-english-version-436efff4a548?source=rss------bug_bounty-5j0hnZ3RAbug-bounty, red-team, pentesting, security22-Nov-2024
Forbidden Bypass Cloudflare Zero Trusthttps://medium.com/@j0hnZ3RA/forbidden-bypass-cloudflare-zero-trust-6bcc7ad464ee?source=rss------bug_bounty-5j0hnZ3RAsecurity, pentesting, bypass, red-team, bug-bounty22-Nov-2024
They Ignored My Bug Report but Fixed It Silently: My Experience with Enhancvhttps://medium.com/@0xw01f/they-ignored-my-bug-report-but-fixed-it-silently-my-experience-with-enhancv-a8ffe5e3e790?source=rss------bug_bounty-5w01fcybersecurity, bug-bounty, vulnerability, responsibility, ethics22-Nov-2024
HTML encode ilə XSS və HTML İnjection hücumlarının qarşısının alınmasıhttps://medium.com/@rootelvin/html-encode-il%C9%99-xss-v%C9%99-html-i%CC%87njection-h%C3%BCcumlar%C4%B1n%C4%B1n-qar%C5%9F%C4%B1s%C4%B1n%C4%B1n-al%C4%B1nmas%C4%B1-01e21dfe11b5?source=rss------bug_bounty-5Elvin Nuruyevappsec-testing, web-pentesting, cyber-security-solutions, secure-coding, bug-bounty22-Nov-2024
captainX404https://medium.com/@captainX404/captainx404-b41a7f1e3ff3?source=rss------bug_bounty-5captainX404bug-bounty22-Nov-2024
Reconnaissance on archive URLshttps://medium.com/@mayank_prajapati/reconnaissance-on-archive-urls-4125ce7544ed?source=rss------bug_bounty-5Mayank Kumar Prajapatibug-bounty-tips, cybersecurity, bugs, bug-bounty, hacking22-Nov-2024
HTML encode ilə XSS və HTML İnjection hücumlarının qarşısının alınmasıhttps://elvinnuruyev.medium.com/html-encode-il%C9%99-xss-v%C9%99-html-i%CC%87njection-h%C3%BCcumlar%C4%B1n%C4%B1n-qar%C5%9F%C4%B1s%C4%B1n%C4%B1n-al%C4%B1nmas%C4%B1-01e21dfe11b5?source=rss------bug_bounty-5Elvin Nuruyevappsec-testing, web-pentesting, cyber-security-solutions, secure-coding, bug-bounty22-Nov-2024
Cloud Hacking : flaws.cloud level 1 walkthroughhttps://medium.com/@Kinqdathacker/cloud-hacking-flaws-cloud-level-1-walkthrough-9f966da07e82?source=rss------bug_bounty-5Kinqdathackerctf-writeup, cloud-security, bug-bounty, s3-bucket, hacking22-Nov-2024
How i finded a p4 as per bugcrowd.https://osintteam.blog/how-i-finded-a-p4-as-per-bugcrowd-c7c72718583a?source=rss------bug_bounty-5loyalonlytodayhacking, tips, bugs, bug-bounty, cybersecurity21-Nov-2024
Master My Skill Student got highest bounty of $5000 by Vikrant Sharmahttps://medium.com/@mastermyskill/master-my-skill-student-got-highest-bounty-of-5000-by-vikrant-sharma-287a9b46522e?source=rss------bug_bounty-5Master My Skillbug-bounty21-Nov-2024
Unlock the $4 Million Bounty: Join Microsoft’s Zero Day Quest!https://byteshiva.medium.com/unlock-the-4-million-bounty-join-microsofts-zero-day-quest-87c6e50c1010?source=rss------bug_bounty-5Sivainfosec, cybersecurity, microsoftzerodayquest, hacking, bug-bounty21-Nov-2024
Unique XSS Earned Me a $$$ Bountyhttps://wgetkb.medium.com/unique-xss-earned-me-a-bounty-b7156c36fd32?source=rss------bug_bounty-5Prasad KBbounty-program, xss-vulnerability, infosec, bug-bounty, security21-Nov-2024
Insecure direct object referenceshttps://medium.com/@Laxious8848/insecure-direct-object-references-2ce01fa76018?source=rss------bug_bounty-5Laxiousweb-pen-testing, idor, idor-vulnerability, webapplicationpentest, bug-bounty21-Nov-2024
HTB — Learn the basics of Penetration Testing: Meowhttps://medium.com/@febrywiji12/htb-learn-the-basics-of-penetration-testing-meow-6158f97c3c6e?source=rss------bug_bounty-5Sheperd01telnet, hackthebox, ctf, bug-bounty, tutorial21-Nov-2024
How to Find Open Redirect Vulnerabilities: A Comprehensive Guidehttps://medium.com/@rupaitanudas/how-to-find-open-redirect-vulnerabilities-a-comprehensive-guide-e2b6e8c965c6?source=rss------bug_bounty-5Rupaitanudasopen-redirect, bug-bounty, web-application-security21-Nov-2024
BugBoard: The Ultimate Dashboard for Bug Huntershttps://medium.com/@abhinavsingwal/bugboard-the-ultimate-dashboard-for-bug-hunters-1fc7177117bb?source=rss------bug_bounty-5Abhinavsingwalbug-bounty, hacking, hacker, bugboard, hacking-tools21-Nov-2024
Introduction to CORS-Cross-origin resource sharing & SOP-Same Origin Policy, CORS series (Part 1)https://medium.com/@vipulparveenjain/introduction-to-cors-cross-origin-resource-sharing-sop-same-origin-policy-cors-series-part-1-149ad6f77cf6?source=rss------bug_bounty-5Vipul Jainhacking, bug-bounty, web-security-testing, cors-vulnerability, cross-origin-resource21-Nov-2024
Antivirus Evasion for Beginners: A Step-by-Step Guide to Bypassing AV for Penetration Testershttps://medium.com/@verylazytech/antivirus-evasion-for-beginners-a-step-by-step-guide-to-bypassing-av-for-penetration-testers-e600de35be20?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, bug-bounty, antivirus-evasion, bypassing-av, hacking21-Nov-2024
How I Hacked a Website While Dancinghttps://medium.com/@shaikhminhaz1975/how-i-hacked-a-website-while-dancing-22c3e1cd3431?source=rss------bug_bounty-5Shaikh Minhazhacking, cybersecurity, how-to, ethical-hacking, bug-bounty21-Nov-2024
BugBoard: The Ultimate Dashboard for Bug Huntershttps://medium.com/@abhinavsingwal/bugboard-the-ultimate-dashboard-for-bug-hunters-1fc7177117bb?source=rss------bug_bounty-5Abhinav Singwalbug-bounty, hacking, hacker, bugboard, hacking-tools21-Nov-2024
Bypass Email Verification in Mozillahttps://0d-amr.medium.com/bypass-email-verification-in-mozilla-2ab45ac36c42?source=rss------bug_bounty-5Amrbug-bounty-tips, cybersecurity, ethical-hacking, penetration-testing, bug-bounty21-Nov-2024
Mastering Web Application Pentesting with TryhackMehttps://infosecwriteups.com/mastering-web-application-pentesting-with-tryhackme-24257ef182c5?source=rss------bug_bounty-5Mukilan Baskarantryhackme, cybersecurity, bug-bounty, tryhackme-walkthrough, infosec21-Nov-2024
PART 2: THE NEXT CHAPTER IN MY NASA BUG HUNTING JOURNEYhttps://rootxabit.medium.com/part-2-the-next-chapter-in-my-nasa-bug-hunting-journey-1d6338c5f017?source=rss------bug_bounty-5sudo-xabithacking-nasa, bug-bounty, india, tips, nasa21-Nov-2024
File path traversal, simple casehttps://medium.com/@Laxious8848/file-path-traversal-simple-case-d0dd8c493981?source=rss------bug_bounty-5Laxiouslfi, webapplicationpentest, lfi-vulnerability, bug-bounty, web-pen-testing21-Nov-2024
File path traversal, traversal sequences stripped non-recursivelyhttps://medium.com/@Laxious8848/file-path-traversal-traversal-sequences-stripped-non-recursively-647780ace38e?source=rss------bug_bounty-5Laxiousweb-penetration-testing, web-pen-testing, lfi, bug-bounty, lfi-vulnerability21-Nov-2024
File path traversal, traversal sequences blocked with absolute path bypasshttps://medium.com/@Laxious8848/file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass-b909ad161fa2?source=rss------bug_bounty-5Laxiousbug-bounty, web-pentesting, web-penetration-testing, lfi-vulnerability, lfi21-Nov-2024
HTB — Learn the basics of Penetration Testing: Meowhttps://medium.com/@febrywiji/htb-learn-the-basics-of-penetration-testing-meow-6158f97c3c6e?source=rss------bug_bounty-5Sheperd01telnet, hackthebox, ctf, bug-bounty, tutorial21-Nov-2024
Worth 10000$ Cracking the Price Barrier: Exploiting Price Tampering on an E-Commerce Websitehttps://medium.com/@kumawatabhijeet2002/worth-10000-cracking-the-price-barrier-exploiting-price-tampering-on-an-e-commerce-website-19e3f82f52aa?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, bug-bounty-writeup, bug-bounty-tips, bugs20-Nov-2024
How I was able to Take over a Subdomain and got Hall of Famehttps://rivudon.medium.com/how-i-was-able-to-take-over-a-subdomain-and-got-hall-of-fame-aca4aaca761b?source=rss------bug_bounty-5Rivek Raj Tamang ( RivuDon )subdomain-takeover, ethical-hacking, bug-bounty-tips, bug-hunting, bug-bounty20-Nov-2024
Web vulnerability bounty rules updatehttps://medium.com/@security.tecno/web-vulnerability-bounty-rules-update-20bcf6f6e3da?source=rss------bug_bounty-5TECNO Securityhacking, web, security, bug-bounty20-Nov-2024
Bypassing Password Reuse Restriction A Security Flaw.https://aman0.medium.com/bypassing-password-reuse-restriction-a-security-flaw-1bf2210d9bbd?source=rss------bug_bounty-5Aman Hbug-bounty-writeup, vulnerability, information-security, penetration-testing, bug-bounty20-Nov-2024
The $2,200 ATO Most Bug Hunters Overlooked by Closing Intruder Too Soonhttps://mokhansec.medium.com/the-2-200-ato-most-bug-hunters-overlooked-by-closing-intruder-too-soon-505f21d56732?source=rss------bug_bounty-5Mohsin khancybersecurity, bug-bounty, bug-bounty-writeup, bugs, bug-bounty-tips20-Nov-2024
Reflected Cross-Site Scripting (XSS) via POST request:https://ak-rizk.medium.com/reflected-cross-site-scripting-xss-via-post-request-f0d54ee84f99?source=rss------bug_bounty-5A-RIZKxss-attack, web-hacking, pentesting, bug-bounty20-Nov-2024
How Hidden 3xXSS got revealedhttps://medium.com/@0xbugatti/how-hidden-3xxss-got-revealed-b42f041d36f6?source=rss------bug_bounty-50xbugattibug-bounty, bug-bounty-writeup, web-app-security, web-app-pentesting, bug-bounty-tips20-Nov-2024
How I Earned $650 Using Just Recon: A Bug Hunter’s Success Storyhttps://myselfakash20.medium.com/how-i-earned-650-using-just-recon-a-bug-hunters-success-story-4d78788e46a5?source=rss------bug_bounty-5Akash Ghoshbug-bounty, programming, penetration-testing, cybersecurity, technology20-Nov-2024
Swiss Army Knife of Top Bug Huntershttps://bitpanic.medium.com/swiss-army-knife-of-top-bug-hunters-dd1bf237c513?source=rss------bug_bounty-5Spectat0rguyinformation-security, bug-bounty-tips, cybersecurity, cyber-security-awareness, bug-bounty20-Nov-2024
Honey, did you leave the APIs open again?https://medium.com/@l_s_/honey-you-left-the-apis-open-again-c382a3a2d917?source=rss------bug_bounty-5LShacking, api, bug-bounty, cybersecurity, bug-bounty-writeup20-Nov-2024
Introduction to Bug Bountyhttps://medium.com/@hakoje3813/introduction-to-bug-bounty-5461825079ad?source=rss------bug_bounty-5Hackeraidp, bug-bounty20-Nov-2024
How to Start in the Masochistic World of Bug Bounty — what nobody told you before.https://j0nasdias.medium.com/how-to-start-in-the-masochistic-world-of-bug-bounty-what-nobody-told-you-before-22b789933cdd?source=rss------bug_bounty-5Jonas Dias Rebelointigriti, hackerone, xs, pentest, bug-bounty20-Nov-2024
GhostFilter: Automating URL Filtering for Smarter Bug Huntinghttps://osintteam.blog/ghostfilter-automating-url-filtering-for-smarter-bug-hunting-d779d8fc844f?source=rss------bug_bounty-5SIDDHANT SHUKLAhacking, bug-bounty-tips, bug-bounty, ctf, cybersecurity20-Nov-2024
Importance of Shodan in Bug Hunting: Your Ultimate Guide to Finding Hidden Gemshttps://osintteam.blog/importance-of-shodan-in-bug-hunting-your-ultimate-guide-to-finding-hidden-gems-45cf87201d11?source=rss------bug_bounty-5Akash Ghoshbug-bounty, bug-bounty-writeup, bug-bounty-tips, cybersecurity, infosec19-Nov-2024
Finding subdomains those are hidden in cloud.https://osintteam.blog/finding-subdomains-those-are-hidden-in-cloud-f0c13d3d80ea?source=rss------bug_bounty-5loyalonlytodaybug-bounty, bugs, tips, cybersecurity, hacking19-Nov-2024
【Vulnerability Campaign】Earn Your Thanksgiving Bonus Rebatehttps://medium.com/@security.tecno/vulnerability-campaign-earn-your-thanksgiving-bonus-rebate-95847ac8b144?source=rss------bug_bounty-5TECNO Securityhacking, security, bonus, bug-bounty19-Nov-2024
OTP Bypass — Weak brute-force protectionhttps://medium.com/@Jitheshjithu/otp-bypass-weak-brute-force-protection-42c3f6b7899d?source=rss------bug_bounty-5Jitheshbug-bounty-tips, brute-force, bug-bounty, otp-bypass, burpsuite19-Nov-2024
How a CSRF Vulnerability Can Be Exploited to Target Email Accounts — A Practical Walkthroughhttps://medium.com/@muhammedgalal66/how-a-csrf-vulnerability-can-be-exploited-to-target-email-accounts-a-practical-walkthrough-60e6c2eac31f?source=rss------bug_bounty-5Dg0x6bug-bounty, bounty-program, bug-hunting, csrf, hunting19-Nov-2024
The Easiest $$$ I Made from a Business Logic Vulnerabilityhttps://medium.com/@0xsussy/the-easiest-i-made-from-a-business-logic-vulnerability-5c11a31ca455?source=rss------bug_bounty-5Hamza Khaledbugbounty-writeup, bugbounty-poc, bug-bounty, bugbounty-tips19-Nov-2024
Enumeração de subdomínios através da homepagehttps://medium.com/@sarkis093/enumera%C3%A7%C3%A3o-de-subdom%C3%ADnios-atrav%C3%A9s-da-homepage-971d7aa341bf?source=rss------bug_bounty-5sarkis093shell, pentesting, red-team, osint, bug-bounty19-Nov-2024
From User to Admin: The Art of Privilege Escalationhttps://bootcampsecurity.medium.com/from-user-to-admin-the-art-of-privilege-escalation-b80a4cd1e89b?source=rss------bug_bounty-5Garv Katariacybersecurity, privilege-escalation, ethical-hacking, bug-bounty-tips, bug-bounty19-Nov-2024
Common Security Risks in Browser Extensionshttps://medium.com/@Parag_Bagul/common-security-risks-in-browser-extensions-e61422499f7c?source=rss------bug_bounty-5ParagBagulbrowser-extension, web-browser-extension, cybersecurity, bug-bounty, extension-development19-Nov-2024
Exploiting Business Logic Flaws in e-commerce platformshttps://medium.com/@Pentestforge/exploiting-business-logic-flaws-in-e-commerce-platforms-c3042a240c4a?source=rss------bug_bounty-5Joel I Patrickethical-hacking, bug-bounty, cybersecurity, web-exploitation, hacking19-Nov-2024
Unlock Bug Bounty Brilliance: The Ultimate Guide to Browser Extensions That Supercharge Your…https://osintteam.blog/unlock-bug-bounty-brilliance-the-ultimate-guide-to-browser-extensions-that-supercharge-your-fbb323e29dc0?source=rss------bug_bounty-5Akash Ghoshbug-bounty, bug-bounty-tips, extension, bug-bounty-writeup, cybersecurity19-Nov-2024
Critical Remote Code Execution (RCE) Bug in VMware vCenter Server Now Exploited in Active…https://medium.com/@wiretor/critical-remote-code-execution-rce-bug-in-vmware-vcenter-server-now-exploited-in-active-a03c8fe37d02?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesprogramming, hacking, pentesting, bug-bounty, malware19-Nov-2024
Maxar Data Breach: U.S. Space Tech Giant Compromisedhttps://medium.com/@wiretor/maxar-data-breach-u-s-space-tech-giant-compromised-391640982117?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, pentest, programming, malware, bug-bounty19-Nov-2024
Chinese Hackers Exploit Fortinet VPN Zero-Day to Steal Credentialshttps://medium.com/@wiretor/chinese-hackers-exploit-fortinet-vpn-zero-day-to-steal-credentials-b10232aaabef?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, hacking, bug-bounty, progamming, malware19-Nov-2024
How I Uncovered an Unsubscribe Exploit While Checking My Internship Applicationshttps://expl0it32.medium.com/how-i-uncovered-an-unsubscribe-exploit-while-checking-my-internship-applications-9661aacad8f9?source=rss------bug_bounty-5eXpl0it_32hacking, cybersecurity, idor, bug-report, bug-bounty19-Nov-2024
HOW I FOUND A BUG IN NASAhttps://rootxabit.medium.com/how-i-found-a-bug-in-nasa-f76800eaf3b9?source=rss------bug_bounty-5sudo-xabitbug-bounty, hacking, hall-of-fame, nasa, vdp19-Nov-2024
Bug bounty hunting : Profitable Pursuit or Time Trap?https://medium.com/@Arsenelupin12/bug-bounty-hunting-profitable-pursuit-or-time-trap-a99ecb11358f?source=rss------bug_bounty-5Lupinbug-bounty, bug-bounty-tips, hackthebox, cybersecurity, hacking19-Nov-2024
SQL injection vulnerability in where clause allowing retrieval of hidden datahttps://medium.com/@Laxious8848/sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-c6ca0c949382?source=rss------bug_bounty-5Laxiouspenetration-testing, bug-bounty, webapplicationpentest, error-based-sql-injection, sql-injection19-Nov-2024
BUG BOUNTY HUNTINGhttps://medium.com/@muazutopclass/bug-bounty-hunting-0536a314d4e4?source=rss------bug_bounty-5Mu'azu S. Ahmedcybersecurity, money, bug-bounty, techie-delight, freelancing19-Nov-2024
Easy admin Access By Gaming with JSONhttps://medium.com/@0xbugatti/easy-admin-access-by-gaming-with-json-5ec5313e2236?source=rss------bug_bounty-50xbugattibug-bounty, web-security, penetration-testing, bug-bounty-tips, bug-bounty-writeup19-Nov-2024
Bug bounty hunting : Profitable Pursuit or Time Trap?https://medium.com/@Arsenelupin12/bug-bounty-hunting-profitable-pursuit-or-time-trap-a99ecb11358f?source=rss------bug_bounty-5Wasted Resourcesbug-bounty, bug-bounty-tips, hackthebox, cybersecurity, hacking19-Nov-2024
Hackers’ Cache Hotlisthttps://medium.com/h7w/hackers-cache-hotlist-5649742c35b1?source=rss------bug_bounty-5Lukasz Wierzbickibug-bounty, pentesting, hacking, articles, security18-Nov-2024
How SubDomainRadar.io Simplifies Your Recon Workflowhttps://medium.com/@alexandrevandammepro/how-subdomainradar-io-simplifies-your-recon-workflow-173e4061ceb3?source=rss------bug_bounty-5Alexandre Vandammeinfosec, cyberattack, bug-bounty, hacking, cybersecurity18-Nov-2024
File Upload - Upload. Intercept. Exploit.https://p4n7h3rx.medium.com/file-upload-upload-intercept-exploit-b5aa18cb8e9d?source=rss------bug_bounty-5p4n7h3rxbug-bounty, pentesting, pentest, bug-bounty-tips, hacking18-Nov-2024
BioCorp CTFhttps://ghostman01.medium.com/biocorp-ctf-99a072260842?source=rss------bug_bounty-5SIDDHANT SHUKLActf, web-hacking, bug-bounty, cybersecurity, hacking18-Nov-2024
M4 — Insufficient Input/Output Validationhttps://medium.com/@tamires.scruz/m4-insufficient-input-output-validation-fccc6cfc2561?source=rss------bug_bounty-5Tamy Angelcybersecurity, android, pentesting, bug-bounty, vulnerability18-Nov-2024
From Novice to Pro: My Journey to Earning Through Bug Bounty Huntinghttps://myselfakash20.medium.com/from-novice-to-pro-my-journey-to-earning-through-bug-bounty-hunting-3f123d19c39a?source=rss------bug_bounty-5Akash Ghoshbug-bounty-writeup, ethical-hacking, bug-bounty, cybersecurity, bug-bounty-tips18-Nov-2024
Automating XXE Exploitation: A Write-Up on Intigriti CTF 2024 BioCorp Challengehttps://osintteam.blog/biocorp-ctf-99a072260842?source=rss------bug_bounty-5SIDDHANT SHUKLActf, web-hacking, bug-bounty, cybersecurity, hacking18-Nov-2024
How I Hacked an Entire Company’s IT Infrastructure by Uncovering a Critical Bug Through Effective…https://medium.com/@0xbedo/how-i-hacked-an-entire-companys-it-infrastructure-by-uncovering-a-critical-bug-through-effective-8322d4d763a8?source=rss------bug_bounty-50xbedobug-bounty, aem, pentesting, cybersecurity, security18-Nov-2024
Top 9 Books on Cyber Securityhttps://medium.com/@bicitrobiswas/top-9-books-on-cyber-security-e3984ec1e48b?source=rss------bug_bounty-5Bicitro Biswascybersecurity, hacking, programming, bug-bounty, students18-Nov-2024
How I Found an IDOR Vulnerability in a Local News App and What You Can Learn From Ithttps://medium.com/@sulmanfarooq531/how-i-found-an-idor-vulnerability-in-a-local-news-app-and-what-you-can-learn-from-it-0b02a2ab91d5?source=rss------bug_bounty-5Sulman Farooq Scybersecurity, bug-bounty, idor-vulnerability, idor18-Nov-2024
How to Use Proxy for Bug Huntinghttps://medium.com/@Progsky/how-to-use-proxy-for-bug-hunting-64e08cb33cc1?source=rss------bug_bounty-5Progskybug-hunting, ethical-hacking, ethical-hacking-tools, bug-bounty, cybersecurity18-Nov-2024
AI vs. Human: Why Bug Bounty Hunting Still Needs Human Intuitionhttps://pointlessai.medium.com/ai-vs-human-why-bug-bounty-hunting-still-needs-human-intuition-40b6e023c184?source=rss------bug_bounty-5PointlessAIbug-bounty-tips, ai, bug-bounty, chatgpt, vulnerability-management18-Nov-2024
Data Breaches Demand Proactive Security: AnnieMac Hack Impacts 171,000 Individuals ️https://medium.com/@wiretor/data-breaches-demand-proactive-security-anniemac-hack-impacts-171-000-individuals-%EF%B8%8F-27a46bece7d2?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesanniemac-hacked, bug-bounty, data-breach, programming, hacked18-Nov-2024
Phishing Emails Using SVG Attachments: A Growing Threathttps://medium.com/@wiretor/phishing-emails-using-svg-attachments-a-growing-threat-c531fe9d3806?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, phising, hacking, email18-Nov-2024
How to Start a Career in Cybersecurity: A Step-by-Step Guide for Beginnershttps://medium.com/@griffin_dev.il/how-to-start-a-career-in-cybersecurity-a-step-by-step-guide-for-beginners-77a5457aa6e7?source=rss------bug_bounty-5GriFfin_Dev.iLethical-hacking, cybersecurity, cyber-security-awareness, bug-bounty, careers18-Nov-2024
B-Huntershttps://medium.com/@ebraamemil/b-hunters-a5b53aa9df42?source=rss------bug_bounty-5Ebraam Emilbug-bounty-tips, framework, bug-bounty18-Nov-2024
2FA simple bypasshttps://medium.com/@kcaaditya976/2fa-simple-bypass-1eb82080b914?source=rss------bug_bounty-5Laxiousbug-bounty, web-application-security, web-penetration-testing, mfa-bypass, web-pentesting18-Nov-2024
CTF Walkthrough: Grayboardhttps://medium.com/@nehalrajesh10/ctf-walkthrough-grayboard-c5955fff6410?source=rss------bug_bounty-5Nehal Pillaictf, bug-bounty, ctf-walkthrough18-Nov-2024
Breaking into Bug Bounties: A Guide to Hunting Business Logic and BAC Vulnerabilities in B2B…https://thexssrat.medium.com/breaking-into-bug-bounties-a-guide-to-hunting-business-logic-and-bac-vulnerabilities-in-b2b-58a8f4a89711?source=rss------bug_bounty-5Thexssratidor-vulnerability, penetration-testing, bug-bounty, hacking, hacker18-Nov-2024
2FA simple bypasshttps://medium.com/@Laxious8848/2fa-simple-bypass-1eb82080b914?source=rss------bug_bounty-5Laxiousbug-bounty, web-application-security, web-penetration-testing, mfa-bypass, web-pentesting18-Nov-2024
Vietnamese Hackers Unleash PXA Stealer: Targeting Sensitive Data Across Europe and Asiahttps://medium.com/@wiretor/vietnamese-hackers-unleash-pxa-stealer-targeting-sensitive-data-across-europe-and-asia-2d0723c11ff1?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ransomeware, xss-attack, hacking, bug-bounty17-Nov-2024
DEEPDATA Malware Exploits Fortinet Flaw to Steal VPN Credentialshttps://medium.com/@wiretor/deepdata-malware-exploits-fortinet-flaw-to-steal-vpn-credentials-2605280c2e8c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomeware, xss-attack, bug-bounty, hacking, malware17-Nov-2024
Botnet Exploits GeoVision Zero-Day to Install Mirai Malwarehttps://medium.com/@wiretor/botnet-exploits-geovision-zero-day-to-install-mirai-malware-98ce1622dc21?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, bug-bounty, usa, malware, hacking17-Nov-2024
Comprehensive Guide to Exploitation Techniques for Bug Bounty Hunters: From Beginner to Advancedhttps://myselfakash20.medium.com/comprehensive-guide-to-exploitation-techniques-for-bug-bounty-hunters-from-beginner-to-advanced-b32001326b9e?source=rss------bug_bounty-5Akash Ghoshbug-bounty-writeup, exploitation, bug-bounty-tips, cybersecurity, bug-bounty17-Nov-2024
The $300 Journey from RFI to RCE that Changed Everythinghttps://medium.com/@dhabaleshward/the-300-journey-from-rfi-to-rce-that-changed-everything-2b4c00c05da0?source=rss------bug_bounty-5Dhabaleshwar Daspenetration-testing, bug-bounty, vulnerability, ethical-hacking, cybersecurity17-Nov-2024
How I Found open-redirect vulnerability using virus total?https://doordiefordream.medium.com/how-i-found-open-redirect-using-virus-total-460d721b9596?source=rss------bug_bounty-5balu bandibug-bounty-tips, ethical-hacking, bug-bounty, cybersecurity, vulnerability17-Nov-2024
Week 2: Hard Work Transforms into a 5-Digit Paydayhttps://mokhansec.medium.com/week-2-hard-work-transforms-into-a-5-digit-payday-8087819bccd9?source=rss------bug_bounty-5Mohsin khanbug-bounty-tips, bugs, cybersecurity, bug-bounty, bug-bounty-writeup17-Nov-2024
Exposing Open Redirect Vulnerabilities: JavaScript File Analysis in HTTP History Burp Suitehttps://medium.com/@gheeX/exposing-open-redirect-vulnerabilities-javascript-file-analysis-in-http-history-burp-suite-c64bd1c93c54?source=rss------bug_bounty-5Ghee1337bug-bounty-writeup, javascript, vulnerability, bug-bounty-tips, bug-bounty17-Nov-2024
XSS in Registration Form: A Bug Bounty Successhttps://medium.com/@ziadsakr/xss-in-registration-form-a-bug-bounty-success-6fb9450b0e66?source=rss------bug_bounty-5Ziad Sakrxss-bypass, xss-vulnerability, bug-bounty, xss-attack, firewall17-Nov-2024
8 Advanced Techniques For Novice Bug Bounty Huntershttps://bitpanic.medium.com/8-advanced-techniques-for-novice-bug-bounty-hunters-ab6110185e55?source=rss------bug_bounty-5Spectat0rguycybersecurity, information-security, cyber-security-awareness, bug-bounty, bug-bounty-tips17-Nov-2024
SQL injection vulnerability allowing login bypasshttps://medium.com/@kcaaditya976/sql-injection-vulnerability-allowing-login-bypass-1e9f7bd45adf?source=rss------bug_bounty-5Laxioussql, web-penetration-testing, web-pentesting, bug-bounty, sql-injection17-Nov-2024
Bug bounty Cheatsheethttps://medium.com/@shardulsawant67/bug-bounty-cheatsheet-b87d3250bc2e?source=rss------bug_bounty-5Shardul Sawantbug-bounty, bug-bounty-cheatsheet, web-penetration-testing, hacking, website-hacking17-Nov-2024
API Hacktics: Unveiling Vulnerabilities in Modern Web APIshttps://myselfakash20.medium.com/api-hacktics-unveiling-vulnerabilities-in-modern-web-apis-e41cc09a2b9d?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, cybersecurity, bug-bounty-writeup, bugs, bug-bounty17-Nov-2024
How to Find P4 Vulnerabilities and Information Disclosure Bugs | Step-by-Step Guide to All Key…https://medium.com/@shaikhminhaz1975/how-to-find-p4-vulnerabilities-and-information-disclosure-bugs-step-by-step-guide-to-all-key-6ba8fc84c882?source=rss------bug_bounty-5Shaikh Minhazpenetration-testing, how-to-find-bug, information-disclosure, ethical-hacking, bug-bounty17-Nov-2024
Hunting for Default Credentials: A Deeper Dive into the Toolkithttps://medium.com/@defaulty.io/hunting-for-default-credentials-a-deeper-dive-into-the-toolkit-2b3edde86f01?source=rss------bug_bounty-5Defaulty.iocybersecurity, information-security, hacking, bug-bounty, penetration-testing17-Nov-2024
FB OAuth Misconfigurationhttps://xsametyigit.medium.com/fb-oauth-misconfiguration-d6c2f5d067d8?source=rss------bug_bounty-5Samet Yiğitbug-bounty-writeup, bug-bounty-tips, bug-bounty17-Nov-2024
OWASP Top 10–2021 Tryhackme Writeuphttps://infosecwriteups.com/owasp-top-10-2021-tryhackme-writeup-56f2a04c895e?source=rss------bug_bounty-5Mukilan Baskarancybersecurity, bug-bounty, infosec, information-security, web-security17-Nov-2024
DOM XSS in document.write sink using source location.searchhttps://medium.com/@kcaaditya976/dom-xss-in-document-write-sink-using-source-location-search-cc0ba7b461c2?source=rss------bug_bounty-5Laxiousxss-attack, web-pen-testing, dom-xss, bug-bounty, xss-vulnerability17-Nov-2024
Who needs credentials, when you have the phone number…?https://medium.com/@thelazypentester/who-needs-credentials-when-you-have-the-phone-number-fc0c8f51b87e?source=rss------bug_bounty-5Jobsonidor, bug-bounty, hacking, cybersecurity, sensitive-information17-Nov-2024
API Hacktics: Unveiling Vulnerabilities in Modern Web APIshttps://osintteam.blog/api-hacktics-unveiling-vulnerabilities-in-modern-web-apis-e41cc09a2b9d?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, cybersecurity, bug-bounty-writeup, bugs, bug-bounty17-Nov-2024
Lemons: A Bug Bounty Analogyhttps://medium.com/@lixipluv/lemons-a-bug-bounty-analogy-ef427f514b2a?source=rss------bug_bounty-5Lixipluvlemon, introduction, bug-bounty16-Nov-2024
Race condition — can cause a flood of forgotten password verification SMS requestshttps://medium.com/@viperblitzz/race-condition-can-cause-a-flood-of-forgotten-password-verification-sms-requests-1775a375653d?source=rss------bug_bounty-5Viperblitzzbug-bounty-tips, bug-hunting, bug-bounty16-Nov-2024
Chaining CSRF and an Open-Redirect leads to sensitive information disclosurehttps://medium.com/@rvanwart_49640/chaining-csrf-and-an-open-redirect-leads-to-sensitive-information-disclosure-5915b24bc53b?source=rss------bug_bounty-5Raymond Van Wartbug-bounty, cybersecurity, web-application-security16-Nov-2024
Heroku Subdomain Takeoverhttps://xsametyigit.medium.com/heroku-subdomain-takeover-39b9f1ce7c4c?source=rss------bug_bounty-5Samet Yiğitbug-bounty-writeup, bug-bounty, subdomain-takeover, bug-bounty-tips16-Nov-2024
Secret OSINT Tricks to Dig Up Hidden Info Online!https://medium.com/@paritoshblogs/secret-osint-tricks-to-dig-up-hidden-info-online-5401ffdd9c89?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, osint, cybersecurity, information-technology16-Nov-2024
Chaining CSRF and an Open-Redirect leads to sensitive information disclosurehttps://raymondv.medium.com/chaining-csrf-and-an-open-redirect-leads-to-sensitive-information-disclosure-5915b24bc53b?source=rss------bug_bounty-5Raymond Van Wartbug-bounty, cybersecurity, web-application-security16-Nov-2024
How I Helped Secure Millions of Users’ Medical Reports — Bug Bounty!https://kumarmohank889.medium.com/how-i-helped-secure-millions-of-users-medical-reports-bug-bounty-bccf61a8ecee?source=rss------bug_bounty-5Mohan Kumar Ncybersecurity, hacking, bug-bounty-tips, ethical-hacking, bug-bounty16-Nov-2024
Mastering Recon for Bug Hunters, Part 4: Advanced Strategies & Real-World Exampleshttps://myselfakash20.medium.com/mastering-recon-for-bug-hunters-part-4-advanced-strategies-real-world-examples-5de1a7aa7f84?source=rss------bug_bounty-5Akash Ghoshbugs, bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips16-Nov-2024
Account takover via forget passwordhttps://medium.com/@amirreza.marzban/account-takover-via-forget-password-4ec6514f29ee?source=rss------bug_bounty-5AmirReza Marzbanbug-bounty, bug-bounty-writeup, hacking, account-takeover, bug-bounty-hunter16-Nov-2024
Account takover of an online casinohttps://bug-abdelilah.medium.com/account-takover-of-an-online-casino-e13987835266?source=rss------bug_bounty-5abdelilahbug-bounty, xss-attack, penetration-testing, cybersecurity, account-takeover16-Nov-2024
How Did I Get My First Collaboration Bounty Of $1000?https://medium.com/@pguru978/how-did-i-get-my-first-collaboration-bounty-of-1000-dc64ec02a6c7?source=rss------bug_bounty-5Guru Prasad Pattanaikbug-bounty, bug-bounty-writeup, ethical-hacking, cybersecurity, bug-bounty-tips16-Nov-2024
Exploiting Android Activities with Drozer: A Step-by-Step Guidehttps://medium.com/@ayushkumar12021987/exploiting-android-activities-with-drozer-a-step-by-step-guide-ebc9b564758d?source=rss------bug_bounty-5Ayush Kumarbug-bounty, pentesting, android, bug-bounty-writeup, security16-Nov-2024
How I Turned a Low Blind SSRF Into a Critical Vulnerability With Strategic Impact Escalationhttps://medium.com/@DrakenKun/how-i-turned-a-low-blind-ssrf-into-a-critical-vulnerability-with-strategic-impact-escalation-536505cc4352?source=rss------bug_bounty-5DrakenKunweb-security, pentesting, bug-bounty, ssrf, cybersecurity16-Nov-2024
Sensitive Data Exposure in a Moodle Config Filehttps://medium.com/@mrcix/sensitive-data-exposure-in-a-moodle-config-file-648ca3d54676?source=rss------bug_bounty-5mrci0x1bug-bounty, information-security, web-security16-Nov-2024
These Two Tools Helped Me Earn $40K in Bountieshttps://medium.com/@alwalxed/these-two-tools-helped-me-earn-40k-in-bounties-8c688b9deccd?source=rss------bug_bounty-5Awaosint, cybersecurity, bug-bounty, golang, tools16-Nov-2024
Bypass of Username Policy: Breaking the Rules with a Simple Trickhttps://medium.com/@mrcix/bypass-of-username-policy-breaking-the-rules-with-a-simple-trick-fcf7ce97925c?source=rss------bug_bounty-5mrci0x1bug-bounty-tips, penetration-testing, bug-bounty-writeup, web-security, bug-bounty16-Nov-2024
How Did I Get My First Collaboration Bounty Of $1000?https://cybersecuritywriteups.com/how-did-i-get-my-first-collaboration-bounty-of-1000-dc64ec02a6c7?source=rss------bug_bounty-5Guru Prasad Pattanaikbug-bounty, bug-bounty-writeup, ethical-hacking, cybersecurity, bug-bounty-tips16-Nov-2024
$500 Bounty for Account Takeover on European Bug Bounty Platformhttps://0vulns.medium.com/500-bounty-for-account-takeover-on-european-bug-bounty-platform-cd5af3edb1ec?source=rss------bug_bounty-50vulnscybersecurity, bug-bounty15-Nov-2024
HOW I HACKED BILLION ANDROID USERS SOCIAL AND 3rd PARTY ACCOUNT | A STORY ABOUT 5000$ BUG |…https://medium.com/@karthithehacker/how-i-hacked-billion-android-users-social-and-3rd-party-account-a-story-about-5000-bug-54d8b6ce75df?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, bugbounty-writeup15-Nov-2024
NahamStore CTF Çözümü: Web Güvenlik Açıklarıyla Bug Bounty Pratiğihttps://berkkahya0.medium.com/nahamstore-ctf-%C3%A7%C3%B6z%C3%BCm%C3%BC-web-g%C3%BCvenlik-a%C3%A7%C4%B1klar%C4%B1yla-bug-bounty-prati%C4%9Fi-a1b3d7133329?source=rss------bug_bounty-5Berk Kahyabug-bounty, tryhackme, nahamstore, ctf-writeup, cybersecurity15-Nov-2024
Simple RXSS di website insight.kontan.co.idhttps://medium.com/@0xRedFox29/simple-rxss-di-website-insight-kontan-co-id-cfb39dd64a3a?source=rss------bug_bounty-5kunx90bug-bounty-tips, bug-bounty15-Nov-2024
TAKEOVERhttps://medium.com/@mukkagopi50/takeover-16aa79977e6b?source=rss------bug_bounty-5Gopi Mukkaaccount-takeover-attacks, vulnerability, bug-bounty, takeovers15-Nov-2024
Server-Side Request Forgery (SSRF)https://medium.com/@mukkagopi50/server-side-request-forgery-ssrf-80d168fd82f7?source=rss------bug_bounty-5Gopi Mukkabug-bounty, vulnerability, ssrf15-Nov-2024
How to Test for DNS Zone Transfer Attackshttps://dineshpathro9.medium.com/how-to-test-for-dns-zone-transfer-attacks-bf7c604bb28a?source=rss------bug_bounty-5hunterbug-bounty, bug-bounty-writeup, hacking, bugs, bug-bounty-tips15-Nov-2024
How I Exploited a Vulnerability to Change a User’s Backup Email Address (Easy P1 vulnerability)https://medium.com/@hasap134/how-i-exploited-a-vulnerability-to-change-a-users-backup-email-address-easy-p1-vulnerability-f854041f8e91?source=rss------bug_bounty-5Beescocybersecurity, vulnerability, bug-bounty, bug-bounty-tips, bugs15-Nov-2024
Earn $5000 After Learning How to Bypass the Rate Limiting for API Bug Hunting .https://medium.com/@anandrishav2228/earn-5000-after-learning-how-to-bypass-the-rate-limiting-for-api-bug-hunting-89dc40289120?source=rss------bug_bounty-5Rishav anandapi, money, cybersecurity, bug-bounty, hacking-tools15-Nov-2024
TALE OF A VULNERABILITY WHICH LEADS TO ACCOUNT TAKEOVER OF GOVERNMENT ANDROID APPLICATIONhttps://medium.com/@karthithehacker/tale-of-a-vulnerability-which-leads-to-account-takeover-of-government-android-application-6f47a57b8cfb?source=rss------bug_bounty-5Karthikeyan.Vvapt, bug-bounty, android15-Nov-2024
Easy $20,160 bug from hackeronehttps://medium.com/@loaymorad11/easy-20-160-bug-from-hackerone-aeac67ce3e81?source=rss------bug_bounty-5Loaymoradcybersecurity, penetration-testing, bug-bounty, hackerone, bugbounty-writeup15-Nov-2024
How did I found Account Takeover Vulnerability on takeuforward.orghttps://rajukani100.medium.com/how-did-i-found-account-takeover-vulnerability-on-takeuforward-org-735630b4167c?source=rss------bug_bounty-5Raj Ukanihacking, cyber-security-awareness, bug-bounty, bug-bounty-writeup, developer15-Nov-2024
Today How to get $500 Bounty on HackerOne — P3https://medium.com/@bugbounty_learners/today-how-to-get-500-bounty-on-hackerone-p3-345fa44f76a3?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-writeup, bugs, bug-bounty-tips, software-development, bug-bounty15-Nov-2024
My first bountyhttps://medium.com/@josuofficial327/my-first-bounty-fdddb7ef5611?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binupenetration-testing, ethical-hacking, bug-bounty-writeup, bug-bounty, bug-bounty-tips15-Nov-2024
These books will help to learn bug bounty & penetration testing and ethical hacking. Part 1 .https://osintteam.blog/these-books-will-help-to-learn-bug-bounty-penetration-testing-and-ethical-hacking-part-1-635781cd3aaa?source=rss------bug_bounty-5loyalonlytodaytips, books, hacking, bug-bounty, cybersecurity15-Nov-2024
Known Brands, Government Domains, and More Hijacked via Sitting Ducks Attacks!https://medium.com/@wiretor/known-brands-government-domains-and-more-hijacked-via-sitting-ducks-attacks-fddd61bd6105?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesusa, hacking, ransomware, malware, bug-bounty15-Nov-2024
New Glove Infostealer Malware Bypasses Chrome’s Cookie Encryption: A Growing Threathttps://medium.com/@wiretor/new-glove-infostealer-malware-bypasses-chromes-cookie-encryption-a-growing-threat-e4377ef1f2a7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, programming, hacking15-Nov-2024
Critical Plugin Flaw Exposed 4 Million WordPress Websites to Takeoverhttps://medium.com/@wiretor/critical-plugin-flaw-exposed-4-million-wordpress-websites-to-takeover-7cf7b5984ab4?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesprogramming, ransomware, malware, bug-bounty, wordpress15-Nov-2024
CSRF leads to delete accounthttps://xsametyigit.medium.com/csrf-leads-to-delete-account-711dde21af1e?source=rss------bug_bounty-5Samet Yiğitbug-bounty-tips, bugbounty-writeup, bug-bounty15-Nov-2024
How I Got Access to an Admin Portal by Response Manipulationhttps://medium.com/@anonymousshetty2003/how-i-got-access-to-an-admin-portal-by-response-manipulation-d2abeec7ce58?source=rss------bug_bounty-5Anonymousshettycybersecurity, bug-bounty, bug-bounty-writeup, bug-bounty-tips, ethical-hacking15-Nov-2024
3 reflected XSS in one programhttps://xsametyigit.medium.com/3-reflected-xss-in-one-program-c50469c6d522?source=rss------bug_bounty-5Samet Yiğitbug-bounty-writeup, bug-bounty, bug-bounty-tips15-Nov-2024
New Script — Leakix CLI by VECERThttps://medium.com/@vecert/new-script-leakix-cli-by-vecert-68abbf35d08d?source=rss------bug_bounty-5VECERTpentesting, leakix, osint, bug-bounty15-Nov-2024
2 good tools for subdomain enumration.https://osintteam.blog/2-good-tools-for-subdomain-enumration-ca3ee36fbf81?source=rss------bug_bounty-5loyalonlytodaytips, hacking, bug-bounty, subdomains-enumeration, cybersecurity14-Nov-2024
Beginner's guide for Input Data Validation Checklisthttps://bitpanic.medium.com/beginners-guide-for-input-data-validation-checklist-2f9d5ef4a341?source=rss------bug_bounty-5Spectat0rguycybersecurity, information-technology, bug-bounty, cyber-security-awareness, bug-bounty-tips14-Nov-2024
Critical File Upload Vulnerabilities: Exploits and Mitigation Strategieshttps://medium.com/@security.tecno/critical-file-upload-vulnerabilities-exploits-and-mitigation-strategies-90230e8a31bf?source=rss------bug_bounty-5TECNO Securityblog, scurity, bug-bounty, hacking14-Nov-2024
Is HackerOne Support Service Degrading?https://medium.com/@abdulparkar/is-hackerone-support-service-degrading-cbfa6adc1027?source=rss------bug_bounty-5Abdul Rehman Parkarprogramming, hackerone, cybersecurity, ethical-hacking, bug-bounty14-Nov-2024
ISRO: YouTube Broken Link Hijackhttps://infosecwriteups.com/isro-youtube-broken-link-hijack-304a92001b47?source=rss------bug_bounty-5Dishant Modibug-bounty, bug-bounty-tips, broken-link, hall-of-fame, vulnerability14-Nov-2024
Helpful Resources for Bug Huntershttps://medium.com/meetcyber/helpful-resources-for-bug-hunters-53dbe011cdd4?source=rss------bug_bounty-5AbhirupKonwarethical-hacking, bug-bounty-tips, bug-bounty, pentesting, hacking14-Nov-2024
How i hacked NASA (WARNING: Dad Jokes)https://medium.com/@rootplinix/how-i-hacked-nasa-warning-dad-jokes-7424faec5790?source=rss------bug_bounty-5Abu Hurayrahacking, cybersecurity-awareness, bug-bounty, cybersecurity, bug-bounty-tips14-Nov-2024
Finding Security Design Flaw in a FAANG to later be ghosted by Recruiter: A funny Talehttps://medium.com/bug-bounty-hunting/finding-security-design-flaw-in-a-faang-to-later-be-ghosted-by-recruiter-a-funny-tale-73e73fb0d6aa?source=rss------bug_bounty-5Ronnie Josephgoogle, netflix, bug-bounty, cybersecurity, meta14-Nov-2024
AI in Bug Bounty Hunting: A Step-by-Step Tutorial for Beginnershttps://prakash888kpk.medium.com/ai-in-bug-bounty-hunting-a-step-by-step-tutorial-for-beginners-673e24aed66c?source=rss------bug_bounty-5Lets Unlearnmachine-learning, bug-bounty, bug-bounty-tips, ai, bug-bounty-writeup14-Nov-2024
How I Uncovered an SSRF Vulnerability in a Private HackerOne Programhttps://medium.com/@josuofficial327/how-i-uncovered-an-ssrf-vulnerability-in-a-private-hackerone-program-4c3146b414ff?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuethical-hacking, bugbounty-writeup, bug-bounty-tips, bug-bounty, bug-bounty-writeup14-Nov-2024
Basics of Stored XSS and Demohttps://medium.com/@kcaaditya976/basics-of-stored-xss-and-demo-d410714a77c0?source=rss------bug_bounty-5Laxiousbug-bounty, cybersecurity, bug-bounty-hunting, xss-attack, stored-xss14-Nov-2024
Bug Report: Broken Access Control in Google Photoshttps://medium.com/@abhinavsingwal/bug-report-broken-access-control-in-google-photos-d9c10ca8c472?source=rss------bug_bounty-5Abhinavsingwalgoogle-vulnerability, bug-bounty, google-bug-report, bug-report, google-photos-bug14-Nov-2024
My Journey to Drugs Hall of Fame in just 10 minuteshttps://medium.com/@bugbounty_learners/my-journey-to-drugs-hall-of-fame-in-just-10-minutes-dcd03240e42a?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-tips, bug-bounty-writeup, bugs, web-development, bug-bounty14-Nov-2024
Mastering Reconnaissance Part 3: Unleashing Advanced Exploitation and Post-Recon Tacticshttps://myselfakash20.medium.com/mastering-reconnaissance-part-3-unleashing-advanced-exploitation-and-post-recon-tactics-b81369678040?source=rss------bug_bounty-5Akash Ghoshcybersecurity, bug-bounty-tips, bug-bounty-writeup, bugbounty-writeup, bug-bounty14-Nov-2024
CISA & FBI Confirm China Hacked Telecom Providers for Spying: What Does This Mean for Your…https://medium.com/@wiretor/cisa-fbi-confirm-china-hacked-telecom-providers-for-spying-what-does-this-mean-for-your-f523b2459c75?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, pentest, bug-bounty, malware, ransomeware14-Nov-2024
Idaho Man Sentenced to 10 Years for Hacking, Data Theft, and Extortionhttps://medium.com/@wiretor/idaho-man-sentenced-to-10-years-for-hacking-data-theft-and-extortion-003b243e419f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesprogramming, malware, bug-bounty, zero-day, hacking14-Nov-2024
Windows Zero-Day Exploited by Russia Triggered With File Drag-and-Drop, Delete Actionshttps://medium.com/@wiretor/windows-zero-day-exploited-by-russia-triggered-with-file-drag-and-drop-delete-actions-0dd82469e486?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, usa, hacking, bug-bounty, ransomware14-Nov-2024
Storm-1811’s Quick-Assist phishing could have been worsehttps://mrsheepsheep.medium.com/storm-1811s-quick-assist-phishing-could-have-been-worse-fd84e04b0daa?source=rss------bug_bounty-5Alexandre Souleaucybersecurity, xss-attack, bug-bounty, microsoft14-Nov-2024
Server-Side Request Forgery $(SSRF)$ allows internal ports scanninghttps://medium.com/h7w/server-side-request-forgery-ssrf-allows-internal-ports-scanning-ef7edf6534b7?source=rss------bug_bounty-5socalledhackerhacking, infosec, cybersecurity, bug-bounty-tips, bug-bounty14-Nov-2024
Bypass Rate-Limit via X-Forwarded-Forhttps://medium.com/@null.x.b1ty/bypass-rate-limit-via-x-forwarded-for-ea26c7a25a90?source=rss------bug_bounty-5Snoop-doghackerone, bug-bounty14-Nov-2024
How i Finded a easy dom xss.https://infosecwriteups.com/how-i-finded-a-easy-dom-xss-6499afc21b5d?source=rss------bug_bounty-5loyalonlytodaybug-bounty, tips, hacking, xss-attack, cybersecurity14-Nov-2024
SQL Injection: How I Secured Personal Information (PII) of 1.1M Job Seekershttps://infosecwriteups.com/sql-injection-how-i-secured-personal-information-pii-of-1-1m-job-seekers-7f7c55d11fbc?source=rss------bug_bounty-5brutexploitercybersecurity, software-engineering, bug-bounty, technology, programming14-Nov-2024
Exposing a Data Leak Vulnerability: My Journey to Discoveryhttps://infosecwriteups.com/exposing-a-data-leak-vulnerability-my-journey-to-discovery-d7222b48d81c?source=rss------bug_bounty-5Abhishek Bhujangsecurity, hacking, bug-hunting, ethical-hacking, bug-bounty14-Nov-2024
Discovering My First Vulnerability in a Few Minuteshttps://medium.com/@jagdishdammala/discovering-my-first-vulnerability-in-a-few-minutes-6bbc9419cbfc?source=rss------bug_bounty-5Jagdish Dammalabug-bounty14-Nov-2024
Account Takeover: How I Gained Access to Any User Account Through a Simple Registration Flawhttps://0d-amr.medium.com/account-takeover-how-i-gained-access-to-any-user-account-through-a-simple-registration-flaw-96f9f6bdc0ae?source=rss------bug_bounty-5Amrctf, pentesting, hacking, bug-bounty, security14-Nov-2024
Exploiting SSTI Vulnerability on an E-commerce Website: A Professional Walkthroughhttps://medium.com/@MianHammadx0root/exploiting-ssti-vulnerability-on-an-e-commerce-website-a-professional-walkthrough-6cc95afb2b38?source=rss------bug_bounty-5Mian Hammadbug-bounty, server-side, server-security, penetration-testing, ssti13-Nov-2024
How I Found an SQL Injection in coupon codehttps://medium.com/@gheeX/how-i-found-an-sql-injection-in-coupon-code-f31d6eb1a720?source=rss------bug_bounty-5Ghee1337bug-bounty, infosec, bug-bounty-tips, sql-injection, bug-bounty-writeup13-Nov-2024
Breaking In with Guest: My First Bug Bountyhttps://ghostman01.medium.com/guest-admin-a7c70aa10ddb?source=rss------bug_bounty-5SIDDHANT SHUKLAhacking, bug-bounty, bug-bounty-writeup, cybersecurity, bug-hunting13-Nov-2024
Introducing Loxs: The Ultimate Multi-Vulnerability Scanner for Web Applicationshttps://anishalx.medium.com/introducing-loxs-the-ultimate-multi-vulnerability-scanner-for-web-applications-907ed2b2004b?source=rss------bug_bounty-5Anish alxhacking-tools, python, pentesting, hacking, bug-bounty13-Nov-2024
1500$ Open Reduction Bug: Performed Restricted Actions in login pagehttps://medium.com/@bugbounty_learners/1500-open-reduction-bug-performed-restricted-actions-in-login-page-4194359c1fc2?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-writeup, bug-bounty-tips, web-development, bug-bounty, open-redirect13-Nov-2024
Blind XSS Bug Hunting Methodologyhttps://osintteam.blog/blind-xss-bug-hunting-methodology-b997c37a9620?source=rss------bug_bounty-5AbhirupKonwarpentesting, cybersecurity, ethical-hacking, xss-attack, bug-bounty13-Nov-2024
A Deep Dive into Nmap Scripts for Web Application Testinghttps://systemweakness.com/a-deep-dive-into-nmap-scripts-for-web-application-testing-6a9b3a06995e?source=rss------bug_bounty-5Khaleel Khanhacking, nmap, infosec, bug-bounty, cybersecurity13-Nov-2024
SQL Injection UNION Attack, Retrieving Data from Other Tableshttps://medium.com/@marduk.i.am/sql-injection-union-attack-retrieving-data-from-other-tables-38f471813c57?source=rss------bug_bounty-5Marduk I Ambug-bounty, information-security, sql-injection, portswigger-lab, sqli13-Nov-2024
Easy Bug: How I Uncovered and Re-Exploited a Resolved Vulnerability from a Disclosed Reporthttps://medium.com/@cvjvqmmsm/easy-bug-how-i-uncovered-and-re-exploited-a-resolved-vulnerability-from-a-disclosed-report-ab2211a98b7b?source=rss------bug_bounty-5Barbarossabug-bounty, bugbounty-writeup13-Nov-2024
Common Mistakes in Coding: How to Avoid Themhttps://medium.com/@kharodawalam/common-mistakes-in-coding-how-to-avoid-them-9e5c881b0473?source=rss------bug_bounty-5Mohammed Kharodawalamistakes-to-avoid, bug-bounty, data-structure-algorithm, programming, software-development13-Nov-2024
Mobile Application Penetration Testing Checklisthttps://infosecwriteups.com/mobile-application-penetration-testing-checklist-460deadf3d9f?source=rss------bug_bounty-5Ajay Naikinformation-security, penetration-testing, information-technology, cybersecurity, bug-bounty13-Nov-2024
5 Golden Tips to Land Your First Job in Offensive Securityhttps://medium.com/@eran25670/5-golden-tips-to-land-your-first-job-in-offensive-security-e960b4215dc7?source=rss------bug_bounty-5Erancybersecurity, offensive-security, penetration-testing, bug-bounty-tips, bug-bounty13-Nov-2024
clickjacking: definição, impactos, mecanismo e prevençãohttps://medium.com/@Poystick/clickjacking-defini%C3%A7%C3%A3o-impactos-mecanismo-e-preven%C3%A7%C3%A3o-46e05a89614b?source=rss------bug_bounty-5Tarcísio Luchesihacking, bug-bounty, programação12-Nov-2024
Mastering Reconnaissance Part 2: Advanced Scanning, Content Discovery, and Automation for Bug…https://myselfakash20.medium.com/mastering-reconnaissance-part-2-advanced-scanning-content-discovery-and-automation-for-bug-8903a7c190a6?source=rss------bug_bounty-5Akash Ghoshbugbounty-writeup, bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips12-Nov-2024
Your Guide to Web Reconnaissance: Mastering the Art of Information Gatheringhttps://medium.com/@secinfinitylabs/your-guide-to-web-reconnaissance-mastering-the-art-of-information-gathering-32dfee5f2deb?source=rss------bug_bounty-5Secinfinity Labsinformation-gathering, information-security, penetration-testing, bug-bounty-tips, bug-bounty12-Nov-2024
Top 10 Threat Actors of 2024https://medium.com/@alexandermr289/top-10-threat-actors-of-2024-4ac605357291?source=rss------bug_bounty-5Mr_alexanderosint, cybersecurity, bug-bounty, news, medium12-Nov-2024
Become a Writer for Cybersecurity Write-ups!https://cybersecuritywriteups.com/become-a-writer-for-cybersecurity-write-ups-3f1e780323a8?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, bugbounty-writeup12-Nov-2024
Showing Impact is Your friend (500$+500$ bounties)https://medium.com/@noureldin1042/showing-impact-is-your-friend-500-500-bounties-2ed87f3a64b7?source=rss------bug_bounty-5Noureldin(0x_5wf)programming-languages, bug-bounty, bug-bounty-tips, programming, bug-bounty-writeup12-Nov-2024
Exploring docker-compose.yaml leads to sensitive disclosurehttps://medium.com/@raituzki/exploring-docker-compose-yaml-leads-to-sensitive-disclosure-1feaa3d3317f?source=rss------bug_bounty-5Muhamad Raidinoor Pashahacking, bug-bounty-tips, docker, yaml, bug-bounty12-Nov-2024
How I hacked 100 hackershttps://corneacristian.medium.com/how-i-hacked-100-hackers-5c3c313e8a1a?source=rss------bug_bounty-5Cristian Corneabug-bounty, intelligence, hacking, cybersecurity, penetration-testing12-Nov-2024
Bug Bounty | Here’s Why Your Way To Success Doesn’t Lie In Learninghttps://medium.com/@sM0ky4/bug-bounty-heres-why-your-way-to-success-doesn-t-lie-in-learning-bc72d4000b88?source=rss------bug_bounty-5sM0ky4cybersecurity, bug-bounty-tips, bug-bounty, time-management12-Nov-2024
How Can You Be Sure That Ethical Hackers Are TRULY Ethical?https://medium.com/@hackrate/how-can-you-be-sure-that-ethical-hackers-are-truly-ethical-17ee0fcc6058?source=rss------bug_bounty-5Hackratebug-bounty, ethical-hacking, hacking, penetration-testing, cybersecurity12-Nov-2024
HTTP Desync Attack (Request Smuggling) - Mass Account Takeoverhttps://medium.com/@bugbounty_learners/http-desync-attack-request-smuggling-mass-account-takeover-0292fcc8c4a4?source=rss------bug_bounty-5bugbounty_learnersbug-bounty, web-development, bug-bounty-tips, bug-bounty-writeup, bugs12-Nov-2024
Complete Guide to Securing Web Applications on Ports 80 and 443https://medium.com/@verylazytech/complete-guide-to-securing-web-applications-on-ports-80-and-443-a123def0b82c?source=rss------bug_bounty-5Very Lazy Techowasp-top-10, web-application-security, bug-bounty, penetration-testing, web-security12-Nov-2024
Advanced Techniques for Bypassing Web Filters: A Practical Guide to Identifying and Exploiting XSS…https://thexssrat.medium.com/advanced-techniques-for-bypassing-web-filters-a-practical-guide-to-identifying-and-exploiting-xss-f6cadeedf9ca?source=rss------bug_bounty-5Thexssrathacks, bug-bounty, penetration-testing, xss-attack, hacking12-Nov-2024
M3 — Insecure Authentication/Authorizationhttps://medium.com/@tamires.scruz/m3-insecure-authentication-authorization-cedf6e94d1ce?source=rss------bug_bounty-5Tamy Angelbug-bounty, owasp, pentesting, android, cybersecurity12-Nov-2024
SHODAN Cheat Sheet — A Comprehensive Guide to Shodan: The Search Engine for Hackershttps://medium.com/@iamshafayat/shodan-cheat-sheet-a-comprehensive-guide-to-shodan-the-search-engine-for-hackers-451b403f328f?source=rss------bug_bounty-5Shafayat Ahmed Alifcheatsheet, shodan, cybersecurity, ethical-hacking, bug-bounty12-Nov-2024
Exploiting Server-Side Template Injection (SSTI) with a Custom Exploit: PortSwigger Lab Walkthroughhttps://medium.com/@0xA4zOo0/exploiting-server-side-template-injection-ssti-with-a-custom-exploit-portswigger-lab-walkthrough-a661d5c47001?source=rss------bug_bounty-5A Z Obug-bounty, ssti, hacking12-Nov-2024
Complete Guide to pentesting Web Applications on Ports 80 and 443https://medium.com/@verylazytech/complete-guide-to-securing-web-applications-on-ports-80-and-443-a123def0b82c?source=rss------bug_bounty-5Very Lazy Techowasp-top-10, web-application-security, bug-bounty, penetration-testing, web-security12-Nov-2024
How I Hijacked an Abandoned Twitter Account and Why Broken Link Hijacking Mattershttps://medium.com/@anonymousshetty2003/how-i-hijacked-an-abandoned-twitter-account-and-why-broken-link-hijacking-matters-0128e0f562c8?source=rss------bug_bounty-5Anonymousshettyethical-hacking, broken-link-hijacking, cybersecurity, bug-bounty12-Nov-2024
How AI is Making Bug Bounties More Accessible for New Hackershttps://pointlessai.medium.com/how-ai-is-making-bug-bounties-more-accessible-for-new-hackers-726f9a058eac?source=rss------bug_bounty-5PointlessAIbug-bounty-tips, ai, bug-bounty, vulnerability-management12-Nov-2024
How I Discovered a Private Key Leak on a Company’s Subdomainhttps://medium.com/@anonymousshetty2003/how-i-discovered-a-private-key-leak-on-a-companys-subdomain-929100e7a561?source=rss------bug_bounty-5Anonymousshettybug-bounty, cybersecurity, ethical-hacking12-Nov-2024
Top Cybersecurity Tools Every Professional Should Knowhttps://medium.com/@paritoshblogs/top-cybersecurity-tools-every-professional-should-know-0aff34558518?source=rss------bug_bounty-5Paritoshinformation-security, chatgpt, bug-bounty, cybersecurity, hacking12-Nov-2024
North Korean Hackers Use Flutter Apps to Evade macOS Securityhttps://medium.com/@wiretor/north-korean-hackers-use-flutter-apps-to-evade-macos-security-e22221dd9696?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicespentesting, malware, bug-bounty, ransomware, hacking12-Nov-2024
Massive Data Breach Affects Millions of Hot Topic Customershttps://medium.com/@wiretor/massive-data-breach-affects-millions-of-hot-topic-customers-b03fe562e0f7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicespentesting, malware, bug-bounty, ransomware12-Nov-2024
Form I-9 Compliance Data Breach Impacts Over 190,000 Peoplehttps://medium.com/@wiretor/form-i-9-compliance-data-breach-impacts-over-190-000-people-adee0a89694c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, malware, hacking, bug-bounty, pentesting12-Nov-2024
Finding more infromation about a email using a osint tool.https://osintteam.blog/finding-more-infromation-about-a-email-using-a-osint-tool-d557a0579414?source=rss------bug_bounty-5loyalonlytodaycybersecurity, osint, bug-bounty, hacking, osint-investigation12-Nov-2024
️‍♂️Recon For New Bug bounty Hunters — Short Storyhttps://sud-defcon.medium.com/%EF%B8%8F-%EF%B8%8Frecon-for-new-bug-bounty-hunters-short-story-2992e780fbbb?source=rss------bug_bounty-5Sudarshan Patelreconnaissance, bug-bounty-tips, bug-bounty, recon, bug-bounty-writeup12-Nov-2024
Hacking Knowledge Around The Corner. From Where To Learn Hacking Skills?https://medium.com/meetcyber/hacking-knowledge-around-the-corner-c2a48214d052?source=rss------bug_bounty-5NnFacecybersecurity, kali-linux, bug-bounty, hacking, knowledge12-Nov-2024
Volt Typhoon Botnet Rebuilds After FBI Crackdownhttps://medium.com/@wiretor/volt-typhoon-botnet-rebuilds-after-fbi-crackdown-e23a74459ff6?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, programming, malware, ransomeware, bug-bounty12-Nov-2024
Extract full photos/videos database from any locked Google Pixel phonehttps://medium.com/@rus1r105/extract-full-photos-videos-database-from-any-locked-google-pixel-phone-be6da35ad93d?source=rss------bug_bounty-5rus1r105cybersecurity, android, google-vrp, bug-bounty, writeup11-Nov-2024
How I Found an HTML Injection in Email Vulnerability on Samsung, Leading to a $$$$ Paydayhttps://cybersecuritywriteups.com/how-an-html-injection-vulnerability-in-samsung-emails-led-to-a-payday-3dcfccc12a36?source=rss------bug_bounty-5Taha Diwanbug-bounty, cybersecurity, ethical-hacking, penetration-testing, web-penetration-testing11-Nov-2024
[2024 Thanksgiving] Security Technology Research Writing Activityhttps://medium.com/@security.tecno/2024-thanksgiving-security-technology-research-writing-activity-325e4b0fd9c8?source=rss------bug_bounty-5TECNO Securitywriting, research, bug-bounty, security11-Nov-2024
Hacking Active Directory and Earn upto $30,000.https://medium.com/@anandrishav2228/hacking-active-directory-and-earn-upto-30-000-9561858a3c8f?source=rss------bug_bounty-5Rishav anandbug-bounty, active-directory, money, hacking, cybersecurity11-Nov-2024
Recon JavaScript Files with Rarely Encountered Techniqueshttps://zucki.medium.com/recon-javascript-files-with-rarely-encountered-techniques-5882a3ad1955?source=rss------bug_bounty-5Marzuckibug-bounty, automation, recon, automation-testing, javascript11-Nov-2024
#Task 20 - HTTP Request Sumgling — Basics & Types -> Only for Bignershttps://medium.com/@bugbounty_learners/task-1-http-request-sumgling-basics-types-only-for-bigners-2157461dca3e?source=rss------bug_bounty-5bugbounty_learnerscybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty, web-development11-Nov-2024
GetSimpleCMS CSRF | Parol Dəyişdirmə Funksiyasında Tapdığım CSRF boşluğuhttps://zeynalxan.medium.com/getsimplecms-csrf-parol-d%C9%99yi%C5%9Fdirm%C9%99-funksiyas%C4%B1nda-tapd%C4%B1%C4%9F%C4%B1m-csrf-bo%C5%9Flu%C4%9Fu-8786c125453e?source=rss------bug_bounty-5Zeynalxan Quliyevcsrf-attack, csrf, ato, bug-bounty, cybersecurity11-Nov-2024
PRE-ACCOUNT TAKEOVER through Oauth misconfiguration on a mailing websitehttps://infosecwriteups.com/pre-account-takeover-through-misconfigured-oauth-on-a-mailing-website-b906a5c118e9?source=rss------bug_bounty-5Harishcybersecurity, ethical-hacking, cyber-security-awareness, bug-bounty-tips, bug-bounty11-Nov-2024
Jumping into Bug Bounty Automationhttps://bitpanic.medium.com/jumping-into-bug-bounty-automation-4739abdb6d15?source=rss------bug_bounty-5Spectat0rguyinformation-security, cybersecurity, bug-bounty, information-technology, infosec11-Nov-2024
Won’t Fix Vulnerabilities in Google Colabhttps://0xjin.medium.com/wont-fix-vulnerabilities-in-google-colab-fcd3b6581746?source=rss------bug_bounty-50xJinbug-bounty, bug-bounty-writeup, google, bug-bounty-tips11-Nov-2024
Exposing the Dark Side of Google Dorks: How I Extracted Millions of Emails.https://pwndecoco.medium.com/exposing-the-dark-side-of-google-dorks-how-i-extracted-millions-of-emails-0fe0f7f6db8b?source=rss------bug_bounty-5Pwndec0c0hacking, cybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty11-Nov-2024
Server-Side Template Injection in an Unknown Language with a Documented Exploit — SSTI…https://medium.com/@rcxsecurity/server-side-template-injection-in-an-unknown-language-with-a-documented-exploit-ssti-de01a069b946?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Caféhacking, information-security, pentesting, bug-bounty, cybersecurity11-Nov-2024
P4 bug’s and their POC steps | Part 7 | $Easy Money$https://medium.com/h7w/p4-bugs-and-their-poc-steps-part-7-easy-money-d7cb9270f539?source=rss------bug_bounty-5socalledhackerinfosec, hacking, cybersecurity, bug-bounty-tips, bug-bounty11-Nov-2024
How I Found a Critical 9.8 Bug — Directory Listing leads to Critical P1 Exposure of PII and morehttps://medium.com/@enigma_/how-i-found-a-critical-9-8-9c4d14d82e20?source=rss------bug_bounty-5enigmaowasp, bug-bounty, directory-listing, ethical-hacking, hacker10-Nov-2024
Addressing OWASP Top 10 Vulnerabilities: Why You Need Wire Tor’s Pentesting Serviceshttps://medium.com/@wiretor/addressing-owasp-top-10-vulnerabilities-why-you-need-wire-tors-pentesting-services-5d2f374c3f22?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbreached, hacking, usa, bug-bounty, malware10-Nov-2024
How I was able to inject my malicious link in Email Confirmation Link ( Link Injection / Open…https://infosecwriteups.com/how-i-able-to-inject-my-malicious-link-in-email-confirmation-link-link-injection-open-redirect-dbf95075f89c?source=rss------bug_bounty-5Abdul Rehman Parkarcybersecurity, bug-bounty-writeup, infosec-write-ups, ethical-hacking, bug-bounty10-Nov-2024
Mastering Reconnaissance: The Ultimate Guide for Bug Hunters (Part 1)https://myselfakash20.medium.com/mastering-reconnaissance-the-ultimate-guide-for-bug-hunters-part-1-b91a2367ee65?source=rss------bug_bounty-5Akash Ghoshbug-bounty-writeup, bug-bounty, bug-bounty-tips, recon, bugbounty-writeup10-Nov-2024
Week 1: Documenting My Journey as a Full-Time Bug Hunterhttps://mokhansec.medium.com/week-1-documenting-my-journey-as-a-full-time-bug-hunter-fbe1bbefeb79?source=rss------bug_bounty-5Mohsin khanbugs, bug-bounty-tips, bug-bounty-writeup, bug-bounty10-Nov-2024
From P5(Informational)to Medium(P3) : How I was able to achieve it it in Dept of Defense VDP?https://medium.com/@tirqwork1/from-p5-informational-to-medium-p3-how-i-was-able-to-achieve-it-it-in-dept-of-defense-vdp-76e5eda28b5a?source=rss------bug_bounty-5ARoyus-dept-of-defense, data-protection, hackerone, bug-bounty, cybersecurity10-Nov-2024
From System Administrator to Bug Bounty Hunter: A Journey into Web Securityhttps://medium.com/@zero_4583/from-system-administrator-to-bug-bounty-hunter-a-journey-into-web-security-9b37bb52dde2?source=rss------bug_bounty-5Nathan Vincentapp-security, learning-to-code-journey, bug-bounty, secure-coding10-Nov-2024
How I was able to inject malicious link in Email Confirmation Link ( Link Injection / Open…https://cybersecuritywriteups.com/how-i-able-to-inject-my-malicious-link-in-email-confirmation-link-link-injection-open-redirect-dbf95075f89c?source=rss------bug_bounty-5Abdul Rehman Parkarcybersecurity, bug-bounty-writeup, infosec-write-ups, ethical-hacking, bug-bounty10-Nov-2024
How a Unique Combination Opened the Door to an IDORhttps://infosecwriteups.com/how-a-unique-combination-opened-the-door-to-an-idor-f44a3efe51e8?source=rss------bug_bounty-5Supun Halangoda (Suppa)cybersecurity, bug-bounty-writeup, bug-bounty-tips, secure-coding, bug-bounty10-Nov-2024
POC — CVE-2024–10914 Command Injection Vulnerability in `name` parameter for D-Link NAShttps://medium.com/@verylazytech/poc-cve-2024-10914-command-injection-vulnerability-in-name-parameter-for-d-link-nas-194e70f68120?source=rss------bug_bounty-5Very Lazy Techcommand-injection, cybersecurity, cve-2024-10914, bug-bounty, remote-code-execution10-Nov-2024
CRLF Injection Zero to Masterhttps://medium.com/@bugbounty_learners/crlf-injection-zero-to-master-17a93afc33a3?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-tips, bug-bounty-writeup, bug-bounty, software-development, web-development10-Nov-2024
Possible subdomain takeovers gives me 1000 dollarshttps://medium.com/lucky-vulnerabilities/possible-subdomain-takeovers-gives-me-1000-dollars-9f3ad682ddce?source=rss------bug_bounty-5Lucky Vulnerabilitiesbug-bounty, bug-bounty-tips, bug-hunting, updates, news10-Nov-2024
HackTheBox: Information Gatheringhttps://medium.com/@rodripadisec/hackthebox-information-gathering-7af3526f13f5?source=rss------bug_bounty-5pad1ryoshireconnaissance, web3, hackthebox-academy, hackthebox, bug-bounty10-Nov-2024
Understanding Common Windows Commands and How Threat Actors Use Them:https://medium.com/@wtrentond/understanding-common-windows-commands-and-how-threat-actors-use-them-34298408e163?source=rss------bug_bounty-5Trent Wtech, cybersecurity, microsoft, bug-bounty, technology10-Nov-2024
Double Race Condition : Breaking Ruleshttps://sayedv2.medium.com/double-race-condition-breaking-rules-88850372afb8?source=rss------bug_bounty-5Mohamed Sayedcybersecurity, bugbounty-writeup, race-condition, bugbounty-tips, bug-bounty10-Nov-2024
Ethical Hacking — How It Helps Prevent Cyber Attackshttps://medium.com/@RocketMeUpCybersecurity/ethical-hacking-how-it-helps-prevent-cyber-attacks-41d3d791c7c9?source=rss------bug_bounty-5RocketMe Up Cybersecurityethical-hacking, bug-bounty, cyberattack, penetration-testing, vulnerability-assessment10-Nov-2024
Hackers Evade Detection with New ZIP File Concatenation Technique!https://medium.com/@wiretor/hackers-evade-detection-with-new-zip-file-concatenation-technique-3bd29544f96e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransom, bug-bounty, hacking, pentesting, malware10-Nov-2024
HackTheBox: Information Gatheringhttps://pad1ryoshi.medium.com/hackthebox-information-gathering-7af3526f13f5?source=rss------bug_bounty-5pad1ryoshireconnaissance, web3, hackthebox-academy, hackthebox, bug-bounty10-Nov-2024
30 Books To Learn H@ackinghttps://osintteam.blog/30-books-to-learn-h-acking-2911c57f148c?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitprogramming, bug-bounty, books, technology, hacking10-Nov-2024
Understanding Common Windows Commands and How Threat Actors Use Them:https://medium.com/@wtrentond/understanding-common-windows-commands-and-how-threat-actors-use-them-34298408e163?source=rss------bug_bounty-5Trent Wtech, artificial-intelligence, cybersecurity, bug-bounty, technology10-Nov-2024
Possible subdomain takeovers gives me 1000 dollarshttps://medium.com/lucky-vulnerabilities/possible-subdomain-takeovers-gives-me-1000-dollars-9f3ad682ddce?source=rss------bug_bounty-5Lucky Vulnerabilitiesbug-bounty, bug-bounty-tips, bug-hunting, updates, news10-Nov-2024
BugBounty — Mastering the Basics (along with Resources)[Part-3]https://medium.com/@iabhipathak/bugbounty-mastering-the-basics-along-with-resources-part-3-1619f6854e20?source=rss------bug_bounty-5Abhinav Pathaksecurity, privacy, cybersecurity, hacking, bug-bounty09-Nov-2024
Analyzing JavaScript Files for Retrieving Admin Credentialshttps://medium.com/@abdullah12987654/analyzing-javascript-files-for-retrieving-admin-credentials-0c6f25ff507a?source=rss------bug_bounty-5Abdullahweb-vulnerabilities, pentesting, cyber-security-services, hacking, bug-bounty09-Nov-2024
IDOR and Excessive Data Exposure in Mobile Application — The Tale of an IDOR # 02https://medium.com/@abdullah12987654/idor-and-excessive-data-exposure-in-mobile-application-9bab953ea2b6?source=rss------bug_bounty-5Abdullahbug-bounty, idor-vulnerability, hacking, cyber-security-services, pentesting09-Nov-2024
Username restrictions bypass on Hackerone programhttps://medium.com/@bugbounty_learners/username-restrictions-bypass-on-hackerone-program-61f4c8ff8b44?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-writeup, bug-bounty, bug-zero, bug-bounty-tips, bugs09-Nov-2024
API Security Penetration Testing Checklisthttps://infosecwriteups.com/api-security-testing-penetration-testing-checklist-bb2969906ec1?source=rss------bug_bounty-5Ajay Naikinfosec, information-security, information-technology, bug-bounty, cybersecurity09-Nov-2024
how i found 3 open redirect bugs on hackerone public program?https://doordiefordream.medium.com/how-i-found-3-open-redirect-bugs-on-hackerone-public-program-d6f75850996b?source=rss------bug_bounty-5balu bandiethical-hacking, hacking, cybersecurity, vulnerability, bug-bounty09-Nov-2024
How I Accidentally Found a ‘Cache Magic Trick’ — aka Unauthenticated PURGE on Varnish (Hold My…https://medium.com/@mayankmalaviya3/how-i-accidentally-found-a-cache-magic-trick-aka-unauthenticated-purge-on-varnish-hold-my-5e13e5056618?source=rss------bug_bounty-5Mayank Malaviya (Aiwolfie)bug-bounty, unauthenticated-purge, penetration-testing, security, unauthenticated09-Nov-2024
“Hack Smarter, Not Harder: Google Dorks for Fast Bug Hunting and Recon”https://myselfakash20.medium.com/hack-smarter-not-harder-google-dorks-for-fast-bug-hunting-and-recon-3029a4004cfd?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, bugs, bug-bounty, bug-bounty-writeup09-Nov-2024
John the Ripper in Cybersecurityhttps://infosecwriteups.com/john-the-ripper-in-cybersecurity-46c8f5c3a99f?source=rss------bug_bounty-5Ajay Naikcybersecurity-training, cybersecurity, bug-bounty, information-technology, penetration-testing09-Nov-2024
Predicting Cyber Threats: Can We Use Threat Intelligence to Forecast Attacks Like Weather?https://medium.com/@paritoshblogs/predicting-cyber-threats-can-we-use-threat-intelligence-to-forecast-attacks-like-weather-4f57175b25ec?source=rss------bug_bounty-5Paritoshinformation-technology, bug-bounty, hacking, threat-intelligence, cybersecurity09-Nov-2024
Critical Vulnerabilities in Aruba Access Points: What You Need to Know!https://medium.com/@wiretor/critical-vulnerabilities-in-aruba-access-points-what-you-need-to-know-7053d6349bf1?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicespentesting, malware, bug-bounty, ransomware, hacking09-Nov-2024
D-Link Exposes 60,000+ NAS Devices to Unpatched Critical Flawhttps://medium.com/@wiretor/d-link-exposes-60-000-nas-devices-to-unpatched-critical-flaw-c06b62cf67e9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, hacking, xss-attack, malware, bug-bounty09-Nov-2024
Critical Veeam RCE Vulnerability Exploited in New Frag Ransomware Attackshttps://medium.com/@wiretor/critical-veeam-rce-vulnerability-exploited-in-new-frag-ransomware-attacks-ae75d32f6bb0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, malware, ransomware, xss-attack09-Nov-2024
Palo Alto Networks Warns of Potential PAN-OS RCE Vulnerability! ️https://medium.com/@wiretor/palo-alto-networks-warns-of-potential-pan-os-rce-vulnerability-%EF%B8%8F-148d8b8da5a9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, xss-attack, malware, hacking, ransomware09-Nov-2024
How to Integrate Artificial Intelligence in Bug Bounty?https://bitpanic.medium.com/how-to-integrate-artificial-intelligence-in-bug-bounty-fab592ae6c80?source=rss------bug_bounty-5Spectat0rguybug-bounty, cybersecurity, ai, penetration-testing09-Nov-2024
My Obsidian Setuphttps://cybersechemmars.medium.com/my-obsidian-setup-b3e96516feaa?source=rss------bug_bounty-5Cybersec with Hemmarsnotetaking, cybersecurity, notes, bug-bounty, obsidian09-Nov-2024
Broken Authentication: Full Methodology for Identifying and Exploiting Vulnerabilitieshttps://dineshpathro9.medium.com/broken-authentication-full-methodology-for-identifying-and-exploiting-vulnerabilities-63a55c3d4399?source=rss------bug_bounty-5hunterbug-zero, bug-bounty, bugs, bug-bounty-tips, bug-bounty-writeup09-Nov-2024
Advanced Techniques for CSRF (Cross-Site Request Forgery) Attacks: A Full Methodology Guidehttps://dineshpathro9.medium.com/advanced-techniques-for-csrf-cross-site-request-forgery-attacks-a-full-methodology-guide-8db29faecc01?source=rss------bug_bounty-5hunterbug-bounty-tips, csrf, bug-zero, bugs, bug-bounty09-Nov-2024
CVE-2023–27350 : PaperCut Tryhackme Write uphttps://jawstar.medium.com/cve-2023-27350-papercut-tryhackme-write-up-2237fe48d3a7?source=rss------bug_bounty-5Jawstartechnology, bug-bounty, tryhackme, software-development, cybersecurity09-Nov-2024
Escalating RXSS with HttpOnly SameSite Session Cookieshttps://medium.com/@dhakatedeep909/escalating-rxss-with-httponly-samesite-session-cookies-a1ba3b9e50c1?source=rss------bug_bounty-5Deep Dhakate AKA intrud3rcybersecurity, hacking, bug-bounty09-Nov-2024
RCE by finding secret hidden files via Encryption and hashinghttps://medium.com/@karim.engmohamed/%D8%A7%D9%84%D8%B3%D9%84%D8%A7%D9%85-%D8%B9%D9%84%D9%8A%D9%83%D9%85-e37717c23cfd?source=rss------bug_bounty-5Karim Mohamedhacker, cybersecurity, hackerone, bug-bounty, bug-bounty-tips09-Nov-2024
Fast Setup Mobile Apps Pentest With Burpsuite And memuhttps://zucki.medium.com/fast-setup-mobile-apps-pentest-with-burpsuite-and-memu-567d661b6bb9?source=rss------bug_bounty-5Marzuckiandroid-pentesting, android, pentesting, mobile-apps, bug-bounty08-Nov-2024
Why is recon so very important? API key exposure by only reconhttps://medium.com/@karim.engmohamed/why-is-recon-so-very-important-api-key-exposure-by-only-recon-f8aff4ab1ac3?source=rss------bug_bounty-5Karim Mohamedcybersecurity, hacking, bug-bounty-tips, bug-bounty, bug-bounty-writeup08-Nov-2024
Advanced Google Dorking Techniques for Bug Bounty Hunting: Finding Responsible Disclosure Programs…https://dineshpathro9.medium.com/advanced-google-dorking-techniques-for-bug-bounty-hunting-finding-responsible-disclosure-programs-5a00a0d9d0e9?source=rss------bug_bounty-5DiNeSh_PaThRobug-bounty, bugbounty-writeup, web-app-security, dorks, bug-bounty-tips08-Nov-2024
Metasploit Guide :- Main weapon of Hackershttps://medium.com/@anandrishav2228/metasploit-guide-main-weapon-of-hackers-a791e72df686?source=rss------bug_bounty-5Rishav anandmetasploit, cybersecurity, money, hacker, bug-bounty08-Nov-2024
SQL Injection UNION Attack, Finding a Column Containing Texthttps://medium.com/@marduk.i.am/sql-injection-union-attack-finding-a-column-containing-text-ee28ff48eb30?source=rss------bug_bounty-5Marduk I Amsqli, portswigger-lab, bug-bounty, infosec, sql-injection08-Nov-2024
What to Do After Choosing a Bug Bounty Target? Part 2 | Bug Bounty Guidehttps://medium.com/@js8971105/what-to-do-after-choosing-a-bug-bounty-target-part-2-bug-bounty-guide-811affb17572?source=rss------bug_bounty-5cyberghostinfo-sec-writeups, ethical-hacking, reconnaissance-techniques, bug-bounty, cybersecurity08-Nov-2024
CyberDef Dokumentasi | Time-Based Blind SQLIhttps://hack4funacademy.medium.com/cyberdef-dokumentasi-time-based-blind-sqli-7db756ddf2ad?source=rss------bug_bounty-5Hack4Fun Academybug-bounty, hacking, cybersecurity08-Nov-2024
Finding My First Bug: The Power of Understanding Website Logic ‍♀️https://medium.com/@mahdisalhi0500/finding-my-first-bug-the-power-of-understanding-website-logic-%EF%B8%8F-4197dd08cf29?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, bug-bounty, bug-bounty-tips, ethical-hacking, information-security08-Nov-2024
How to Get Started in Web App Bug Bounty: Practical Steps to Keep You Motivated! ️‍♂️https://medium.com/@soorajv910/how-to-get-started-in-web-app-bug-bounty-practical-steps-to-keep-you-motivated-%EF%B8%8F-%EF%B8%8F-c6c1507c84fd?source=rss------bug_bounty-5sooraj vhacking, bug-bounty, bugcrowd, bug-bounty-tips, hackerone08-Nov-2024
How i earned easy$$$ by deleting user comments on any posthttps://medium.com/thedeephub/how-i-earned-easy-by-deleting-user-comments-on-any-post-c2e226f2157a?source=rss------bug_bounty-5Le_Merdienpentesting, cybersecurity, bug-bounty, penetration-testing, hacker08-Nov-2024
“XSS ve Context Örnekleri”https://medium.com/@sgzldmrc/xss-ve-context-%C3%B6rnekleri-6ba2bc976c1f?source=rss------bug_bounty-5Serdar Güzeldemircixss-attack, bug-bounty, cyber-security-awareness, xss-bypass08-Nov-2024
How to Prepare for the OSEP Roadmap — A Comprehensive Guide for Cybersecurity Professionalshttps://medium.com/@verylazytech/how-to-prepare-for-the-osep-roadmap-a-comprehensive-guide-for-cybersecurity-professionals-f3fecede5919?source=rss------bug_bounty-5Very Lazy Techhacking, ethical-hacking, bug-bounty, osep, cybersecurity08-Nov-2024
20 Open Redirect Bugs in Few Minuteshttps://systemweakness.com/20-open-redirect-bugs-in-few-minutes-c9fdabf75642?source=rss------bug_bounty-5AbhirupKonwarpentesting, bug-bounty, bug-bounty-tips, cybersecurity, vulnerability08-Nov-2024
Web App Fingerprinting in 9 Stepshttps://bitpanic.medium.com/web-app-fingerprinting-in-9-steps-5b86615b56f7?source=rss------bug_bounty-5Spectat0rguybug-bounty, cybersecurity, bugbounty-tips08-Nov-2024
Email HTML injection with a simple tiphttps://medium.com/@mohamed.yasser442200/email-html-injection-with-a-simple-tip-aeab346fbefc?source=rss------bug_bounty-5Spider4bug-bounty, hunting, bugcrowd, cybersecurity, pentesting08-Nov-2024
Unpatched Vulnerabilities in Mazda Infotainment Systems Pose Serious Security Riskshttps://medium.com/@wiretor/unpatched-vulnerabilities-in-mazda-infotainment-systems-pose-serious-security-risks-b634ae8883d8?source=rss------bug_bounty-5WIRE TORbug-bounty, malware, ransomware, hacking, pentesting08-Nov-2024
Texas Oilfield Supplier Newpark Resources Hit by Ransomware Attackhttps://medium.com/@wiretor/texas-oilfield-supplier-newpark-resources-hit-by-ransomware-attack-fc374aa6b8dc?source=rss------bug_bounty-5WIRE TORbug-bounty, ransomware, pentesting, malware, hacking08-Nov-2024
Malwarebytes Acquires AzireVPN to Enhance Privacy and Security Offeringshttps://medium.com/@wiretor/malwarebytes-acquires-azirevpn-to-enhance-privacy-and-security-offerings-194b3bf42554?source=rss------bug_bounty-5WIRE TORbug-bounty, ransomware, hacking, pentesting, malware08-Nov-2024
Hackers Leveraging Winos4.0: A Growing Threat in Post-Exploitation Attackshttps://medium.com/@wiretor/hackers-leveraging-winos4-0-a-growing-threat-in-post-exploitation-attacks-e830dac3766b?source=rss------bug_bounty-5WIRE TORmalware, hacking, ransomware, bug-bounty, xss-attack08-Nov-2024
A Comprehensive Toolkit for Web Penetration Testing and Bug Huntinghttps://dineshpathro9.medium.com/a-comprehensive-toolkit-for-web-penetration-testing-and-bug-hunting-21a7b01d722f?source=rss------bug_bounty-5DiNeSh_PaThRobug-bounty, bug-zero, hacking, bug-bounty-tips, web-app-security08-Nov-2024
Top Search Engines for Pentestershttps://osintteam.blog/top-search-engines-for-pentesters-6fa90ffb6aa0?source=rss------bug_bounty-5D.Haddadcybersecurity, bug-bounty, penetration-testing, hacking-tools, osint08-Nov-2024
Unpatched Vulnerabilities in Mazda Infotainment Systems Pose Serious Security Riskshttps://medium.com/@wiretor/unpatched-vulnerabilities-in-mazda-infotainment-systems-pose-serious-security-risks-b634ae8883d8?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, ransomware, hacking, pentesting08-Nov-2024
Texas Oilfield Supplier Newpark Resources Hit by Ransomware Attackhttps://medium.com/@wiretor/texas-oilfield-supplier-newpark-resources-hit-by-ransomware-attack-fc374aa6b8dc?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, ransomware, pentesting, malware, hacking08-Nov-2024
Malwarebytes Acquires AzireVPN to Enhance Privacy and Security Offeringshttps://medium.com/@wiretor/malwarebytes-acquires-azirevpn-to-enhance-privacy-and-security-offerings-194b3bf42554?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, ransomware, hacking, pentesting, malware08-Nov-2024
Hackers Leveraging Winos4.0: A Growing Threat in Post-Exploitation Attackshttps://medium.com/@wiretor/hackers-leveraging-winos4-0-a-growing-threat-in-post-exploitation-attacks-e830dac3766b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, hacking, ransomware, bug-bounty, xss-attack08-Nov-2024
Google Dorking in Bug Hunting: Uncovering Hidden Vulnerabilitieshttps://myselfakash20.medium.com/google-dorking-in-bug-hunting-uncovering-hidden-vulnerabilities-aebe773f73be?source=rss------bug_bounty-5Akash Ghoshbug-bounty, bug-bounty-writeup, dorking, bugs, bug-bounty-tips07-Nov-2024
My first acknowledgement from Government NCIIPC India (A unit of NTRO) of my bug Bounty journey…https://medium.com/@subhajit_taki77/my-first-acknowledgement-from-government-nciipc-india-a-unit-of-ntro-of-my-bug-bounty-journey-fda6637766f9?source=rss------bug_bounty-5Subhajit_Taki77cybersecurity, bug-bounty, acknowledgement, nciipc07-Nov-2024
Bypass Rich Text Editors lead to Stored XSS - $500 Rewardshttps://medium.com/@bugbounty_learners/bypass-rich-text-editors-lead-to-stored-xss-500-rewards-077e22eba20f?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-writeup, bug-bounty, bugs, bug-bounty-tips07-Nov-2024
Why Bug Bounty Failures Occur — Key Insights for Successhttps://r3dw4n4hm3d.medium.com/why-bug-bounty-failures-occur-key-insights-for-success-2813349c5e1a?source=rss------bug_bounty-5R3DW4N 4HM3Dbug-bounty, vulnerabilityresearch, cybersecurity, ethical-hacking07-Nov-2024
Exploring the OWASP API Security Top 10: A Guide to Securing Your APIshttps://medium.com/@ad.abhi0013/exploring-the-owasp-api-security-top-10-a-guide-to-securing-your-apis-5ee4456cb9c3?source=rss------bug_bounty-5Abhishek Adhikaribug-bounty, owasp-api-security-top-10, api07-Nov-2024
Account Takeover for Google SSO Usershttps://7odamoo.medium.com/account-takeover-for-google-sso-users-b50f99b49f0d?source=rss------bug_bounty-5Mahmoud Hamedbug-bounty, pentesting07-Nov-2024
From an Out-of-Scope Bug to Unlocking Lifetime Premium Accounts in Mozillahttps://0d-amr.medium.com/from-an-out-of-scope-bug-to-unlocking-lifetime-premium-accounts-in-mozilla-fe96371d814c?source=rss------bug_bounty-5Amrctf, bug-bounty, penetration-testing, cyber-secuity07-Nov-2024
Exposing hidden DOS techniques laying in plain sight.https://medium.com/@omarahmed_13016/exposing-hidden-dos-techniques-laying-in-plain-sight-29965ab1d53b?source=rss------bug_bounty-5Omar Ahmedhacking, vulnerability, bug-bounty-writeup, bug-bounty, bug-bounty-tips07-Nov-2024
No Rate Limiting — Bughttps://medium.com/@Jitheshjithu/no-rate-limiting-bug-7107cfc5d175?source=rss------bug_bounty-5Jitheshbug-bounty-writeup, no-rate-limit, bugs, bug-bounty, bug-bounty-tips07-Nov-2024
Canada Orders TikTok to Close Canadian Operations Amid Growing Security Concernshttps://medium.com/@wiretor/canada-orders-tiktok-to-close-canadian-operations-amid-growing-security-concerns-45b40c461986?source=rss------bug_bounty-5WIRE TORhacking, xss-attack, malware, bug-bounty, pentesting07-Nov-2024
SteelFox Malware Hits Hard: Protect Your System This Black Friday & Cyber Monday with 50% Off…https://medium.com/@wiretor/steelfox-malware-hits-hard-protect-your-system-this-black-friday-cyber-monday-with-50-off-d96831583b9e?source=rss------bug_bounty-5WIRE TORhacking, breached, bug-bounty, malware, usa07-Nov-2024
How to Find CSRF Vulnerabilities Using Kali Linux: A Full Methodologyhttps://dineshpathro9.medium.com/how-to-find-csrf-vulnerabilities-using-kali-linux-a-full-methodology-070a21aee0b5?source=rss------bug_bounty-5DiNeSh_PaThRobug-bounty-tips, bug-bounty, hacking, csrf, bugbounty-writeup07-Nov-2024
North Korean Hackers Target macOS Users with Fake Crypto PDFshttps://medium.com/@wiretor/north-korean-hackers-target-macos-users-with-fake-crypto-pdfs-d6d93c347dfe?source=rss------bug_bounty-5WIRE TORusa, pentesting, malware, hacking, bug-bounty07-Nov-2024
Uygulamalarla XSS’e Gerçekçi Bir Yaklaşımhttps://medium.com/@sgzldmrc/uygulamalarla-xsse-ger%C3%A7ek%C3%A7i-bir-yakla%C5%9F%C4%B1m-a3e82ae0be3a?source=rss------bug_bounty-5Serdar Güzeldemircixss-attack, bug-bounty, xss-vulnerability, web-app-security, cross-site-scripting07-Nov-2024
OAuth Misconfiguration Pre-Account Takeoverhttps://medium.com/h7w/oauth-misconfiguration-pre-account-takeover-535beb8d1987?source=rss------bug_bounty-5socalledhackerinfosec, hacking, bug-bounty-tips, cybersecurity, bug-bounty07-Nov-2024
China-Aligned MirrorFace Hackers Target EU Diplomats with World Expo 2025 Baithttps://medium.com/@wiretor/china-aligned-mirrorface-hackers-target-eu-diplomats-with-world-expo-2025-bait-a289ad3ec600?source=rss------bug_bounty-5WIRE TORbug-bounty, hacking, malware, usa, xss-attack07-Nov-2024
How To Automate Your Broad Scope Reconhttps://thexssrat.medium.com/how-to-automate-your-broad-scope-recon-a4ff998dea0e?source=rss------bug_bounty-5Thexssratbug-bounty-writeup, hacks, bug-bounty-tips, hacking, bug-bounty07-Nov-2024
Understanding Broken Access Control (BAC): A Comprehensive Guidehttps://thexssrat.medium.com/understanding-broken-access-control-bac-a-comprehensive-guide-c0e325c43b04?source=rss------bug_bounty-5Thexssrathacking, broken-access-control, hacker, hacks, bug-bounty07-Nov-2024
Developers Don’t Care About Securityhttps://medium.com/@krishanthan2022.4.4/developers-dont-care-about-security-e4814ecc4907?source=rss------bug_bounty-5R.Krishanthanbug-bounty, web-security, penetration-testing, vulnerability, development06-Nov-2024
Stored HTML Injection to Stored Url Redirectionhttps://medium.com/@abdullah12987654/stored-html-injection-to-stored-url-redirection-40a1c8452f12?source=rss------bug_bounty-5Abdullahhtml-injection, url-redirection, hacking, bug-bounty, pentesting06-Nov-2024
FUZZING That Leads to Internal Source Code!https://medium.com/@rootplinix/fuzzing-that-leads-to-internal-source-code-ef992143c015?source=rss------bug_bounty-5Abu Hurayrainfosec, cybersecurity, bug-bounty, hacking06-Nov-2024
OAuth Under Siege: The Dangers of Account Impersonationhttps://medium.com/@ProwlSec/oauth-under-siege-the-dangers-of-account-impersonation-df0e780f1c4f?source=rss------bug_bounty-5ProwlSechacking, tips, account-takeover, bug-bounty, bug-hunting06-Nov-2024
How I Earned $350 Exploiting Clickjacking Vulnerability to Trigger XSS Attackhttps://medium.com/@abdulparkar/how-i-earned-350-exploiting-clickjacking-vulnerability-to-trigger-xss-attack-23b3216ca640?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking, ethical-hacking06-Nov-2024
SQL Injection UNION Attack, Determining the Number of Columns Returned by the Queryhttps://medium.com/@marduk.i.am/sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-a740b76989fe?source=rss------bug_bounty-5Marduk I Amportswigger-lab, bug-bounty, sql-injection, sqli, information-security06-Nov-2024
XSS Restction bypass on Hackerone programhttps://medium.com/@bugbounty_learners/xss-restction-bypass-on-hackerone-program-a7b37636425d?source=rss------bug_bounty-5bugbounty_learnersbug-bounty, pentesting, bugs, bug-bounty-tips, cybersecurity06-Nov-2024
A Step-by-Step Guide to the Bug Hunting Process: From Reconnaissance to Reportinghttps://myselfakash20.medium.com/a-step-by-step-guide-to-the-bug-hunting-process-from-reconnaissance-to-reporting-9991b06314b8?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, bugbounty-writeup, bug-bounty-writeup, bug-hunting, bug-bounty06-Nov-2024
Mastering Bug Hunting: A Beginner’s Guide to Effective Methodologieshttps://medium.com/@secinfinitylabs/mastering-bug-hunting-a-beginners-guide-to-effective-methodologies-fc7491625645?source=rss------bug_bounty-5Secinfinity Labsbug-hunting, infosecurity, cybersecurity, bug-bounty-tips, bug-bounty06-Nov-2024
Bug Hunting Reconhttps://medium.com/@prajwalpatil453/bug-hunting-recon-840455f4d71a?source=rss------bug_bounty-5Anonstrkbug-bounty, reconnaissance, bug-bounty-tips, methodology06-Nov-2024
Manipulated All Files on Server of a HackerOne Targethttps://systemweakness.com/manipulated-all-files-on-server-of-a-hackerone-target-7b60a6dad117?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, pentesting, bug-bounty-tips, infosec, cybersecurity06-Nov-2024
My First and easiest Bug i have foundhttps://aboalezz1.medium.com/my-first-and-easiest-bug-i-have-found-3b7daee5d2f9?source=rss------bug_bounty-5Mohamed AboAlezzweb-hacking, bug-hunting, bug-bounty, bug-bounty-writeup, bug-bounty-tips06-Nov-2024
Understanding Types of Privileged Accounts and Their Security Riskshttps://bitpanic.medium.com/understanding-types-of-privileged-accounts-and-their-security-risks-935605f2232c?source=rss------bug_bounty-5Bit Paniccybersecurity, bugbounty-writeup, bug-bounty06-Nov-2024
All About JWT Vulnerabilitieshttps://medium.com/@0x_xnum/all-about-jwt-vulnerabilities-ef7314c4dd02?source=rss------bug_bounty-5Ahmed Tarekjwt-exploitation, bugbounty-writeup, bug-bounty, authentication, hacking06-Nov-2024
Most Commonly Used Tools in Bug Bountyhttps://medium.com/@halildeniz313/most-commonly-used-tools-in-bug-bounty-4603382ecee3?source=rss------bug_bounty-5Halildenizweb-security, cyber-security-awareness, bug-bounty-tips, cybersecurity, bug-bounty06-Nov-2024
An IDOR and Auth Bypass That Led to Mass Account Takeover — KSFEhttps://1-day.medium.com/an-idor-and-auth-bypass-that-led-to-mass-account-takeover-ksfe-db04cec8d730?source=rss------bug_bounty-51daybug-bounty-writeup, hacking, bug-bounty, penetration-testing, writeup06-Nov-2024
⚠️ Cyberattack Causes Statewide Outage in Washington Courtshttps://medium.com/@wiretor/%EF%B8%8F-cyberattack-causes-statewide-outage-in-washington-courts-cb9bcd6264a4?source=rss------bug_bounty-5WIRE TORxss-attack, malware, usa, hacking, bug-bounty06-Nov-2024
Nokia Breached by IntelBroker: Source Code Allegedly Stolenhttps://medium.com/@wiretor/nokia-breached-by-intelbroker-source-code-allegedly-stolen-a1fa5b62a10a?source=rss------bug_bounty-5WIRE TORmalware, hacked, bug-bounty, hacking, xss-attack06-Nov-2024
INTERPOL Disrupts Over 22,000 Malicious Servers in Global Crackdown on Cybercrimehttps://medium.com/@wiretor/interpol-disrupts-over-22-000-malicious-servers-in-global-crackdown-on-cybercrime-9f4e2840dc6e?source=rss------bug_bounty-5WIRE TORbug-bounty, pentesting, malware, xss-attack, hacking06-Nov-2024
Microchip Technology Reports $21.4 Million Loss From Ransomware Attackhttps://medium.com/@wiretor/microchip-technology-reports-21-4-million-loss-from-ransomware-attack-a123d2609b91?source=rss------bug_bounty-5WIRE TORbug-bounty, malware, trump, usa, hacking06-Nov-2024
Bypassing Promo Code Validation via Response Manipulation Enabled the Creation of a Business…https://anas0x1.medium.com/bypassing-promo-code-validation-via-response-manipulation-enabled-the-creation-of-a-business-3f926b19c0bb?source=rss------bug_bounty-5Anas Ibrahimpenetration-testing, bug-bounty-tips, bug-bounty-writeup, bug-bounty06-Nov-2024
IDOR Vulnerability Allowed the Deletion of Any User from an Administrator Account.https://anas0x1.medium.com/idor-vulnerability-allowed-the-deletion-of-any-user-from-an-administrator-account-da64e79ce1b0?source=rss------bug_bounty-5Anas Ibrahimbug-bounty, bug-bounty-tips, bug-bounty-writeup, penetration-testing, idor06-Nov-2024
Behind the Scenes: How I Hacked one of the largest Amusement Park in the Philippines.https://medium.com/hacking101/behind-the-scenes-how-i-hacked-one-of-the-largest-amusement-park-in-the-philippines-be38566ed563?source=rss------bug_bounty-5Pwndec0c0bug-bounty-tips, bug-bounty-writeup, penetration-testing, bug-bounty, hacking06-Nov-2024
Essential Bug Hunting Tools for Beginners: Start Your Journey in Cybersecurityhttps://myselfakash20.medium.com/essential-bug-hunting-tools-for-beginners-start-your-journey-in-cybersecurity-ea51e1f26068?source=rss------bug_bounty-5Akash Ghoshbugbounty-writeup, bug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty05-Nov-2024
How I Got Paid for an Out-of-Scope Vulnerabilityhttps://medium.com/@abdulparkar/how-i-got-paid-for-an-out-of-scope-vulnerability-4e51eb93db5c?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips, infosec-write-ups05-Nov-2024
Remote Code Execution (RCE): An In-Depth Guide with practicalhttps://medium.com/@anandrishav2228/remote-code-execution-rce-an-in-depth-guide-with-practical-7082a7e17e97?source=rss------bug_bounty-5Rishav anandcybersecurity, money, ai, hacker, bug-bounty05-Nov-2024
IDOR Leading To Improper Access Controlhttps://medium.com/@shadykhaled2002/idor-leading-to-improper-access-control-c3999aa28fc4?source=rss------bug_bounty-5Le_Merdiencybersecurity, bug-bounty, pentesting, penetration-testing05-Nov-2024
Alert: Reflected XSS Detectedhttps://osintteam.blog/alert-reflected-xss-detected-57850c34a61e?source=rss------bug_bounty-5Dishant Modixss-attack, penetration-testing, bug-bounty-tips, bug-bounty, cybersecurity05-Nov-2024
Lesser-Known Tools for Web Bug Bounty Huntinghttps://medium.com/@halildeniz313/lesser-known-tools-for-web-bug-bounty-hunting-e10a95fa25bd?source=rss------bug_bounty-5Halildenizweb-security, cyber-security-awareness, bug-bounty-tips, bug-bounty, cybersecurity05-Nov-2024
Vulnerabilities Weaponizing — Cross-site Scripting (XSS)https://medium.com/@aufzayed/vulnerabilities-weaponizing-cross-site-scripting-xss-608a4f45321c?source=rss------bug_bounty-5Abdelrhman Zayedexploit-development, red-teaming, penetration-testing, cybersecurity, bug-bounty05-Nov-2024
€50 bounty — Long String DOS Attack Bug and POC Stepshttps://medium.com/h7w/50-bounty-long-string-dos-attack-bug-and-poc-steps-eaa8a5777263?source=rss------bug_bounty-5socalledhackercybersecurity, infosec, bug-bounty, bug-bounty-tips, hacking05-Nov-2024
Zero-Day FOMO: The Fear of Missing Out on the Next Big Exploithttps://medium.com/@paritoshblogs/zero-day-fomo-the-fear-of-missing-out-on-the-next-big-exploit-d3b42d35323c?source=rss------bug_bounty-5Paritoshzero-day, vulnerability, cybersecurity, hacking, bug-bounty05-Nov-2024
SIP OPTIONS Abuse And Flood Vulnerability (exploit Voip)https://medium.com/@zpx15266/sip-options-abuse-and-flood-vulnerability-exploit-voip-b9bc030909ae?source=rss------bug_bounty-5ramzey elsayed mohamedbug-bounty-writeup, penetration-testing, bug-bounty, bug-bounty-tips, bugs05-Nov-2024
How I Got Paid for an Out-of-Scope Vulnerability $$$https://medium.com/@abdulparkar/how-i-got-paid-for-an-out-of-scope-vulnerability-4e51eb93db5c?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips, infosec-write-ups05-Nov-2024
Tips to Avoid Duplicates or N/A Reports in Bug Bounty Programshttps://bitpanic.medium.com/tips-to-avoid-duplicates-or-n-a-reports-in-bug-bounty-programs-a067a4e54d5e?source=rss------bug_bounty-5Bit Paniccybersecurity, bug-bounty05-Nov-2024
55 YouTube Channels to Learn HACKING!!!!!https://osintteam.blog/55-youtube-channels-to-learn-hacking-b5167d3125d9?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitbug-bounty, hacking, technology, programming, cybersecurity05-Nov-2024
How I found my first bug!https://medium.com/@karim.engmohamed/how-i-found-my-first-bug-b1f21046deb7?source=rss------bug_bounty-5Karim Mohamedpython, bug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty05-Nov-2024
Unleashing the Bug Hunter Within: A Curated Toolkit and Proven Processhttps://pwndecoco.medium.com/unleashing-the-bug-hunter-within-a-curated-toolkit-and-proven-process-fb2f89c7f1f0?source=rss------bug_bounty-5Pwndec0c0programming, cybersecurity, penetration-testing, bug-bounty, hacking05-Nov-2024
Google Fixes Dangerous Android Exploitshttps://medium.com/@wiretor/google-fixes-dangerous-android-exploits-6e6be3465e6c?source=rss------bug_bounty-5WIRE TORusa, hacking, breached, malware, bug-bounty05-Nov-2024
Easy logic bug that leaks the email for every userhttps://medium.com/@banertheinrich/easy-logic-bug-that-leaks-the-email-for-every-user-ef2d9d0cf088?source=rss------bug_bounty-5Adham Heinrichbug-bounty, cybersecurity, hackerone, bug-bounty-tips, bug-bounty-writeup04-Nov-2024
Panduan “Bug Bounty Programs pada Aplikasi Laravel” berdasarkan kerangka yang telah disusun:https://medium.com/@_azwar/panduan-bug-bounty-programs-pada-aplikasi-laravel-berdasarkan-kerangka-yang-telah-disusun-7cc3b230397c?source=rss------bug_bounty-5azwarlaravel, bug-bounty04-Nov-2024
Cloud flare bypass leads to Account Takeover via Password Reset Poisoninghttps://medium.com/@abdulparkar/cloud-flare-bypass-leads-to-account-takeover-via-password-reset-poisoning-ba349d784b97?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty, ethical-hacking, bug-bounty-writeup, cybersecurity, bug-bounty-tips04-Nov-2024
How to Find the Best Resources for Learning Bug Bounty and Cybersecurity |PRO Tiphttps://medium.com/@shaikhminhaz1975/how-to-find-the-best-resources-for-learning-bug-bounty-and-cybersecurity-pro-tip-d5e915e82539?source=rss------bug_bounty-5Shaikh Minhazpenetration-testing, best, cybersecurity, bug-bounty, ethical-hacking04-Nov-2024
Vibe Yo’Tribehttps://medium.com/@onelovemafia/vibe-yotribe-3d8a0c098ee2?source=rss------bug_bounty-5OneLoveMafiaclimate-change, machine-learning, bug-bounty, blockchain, philosophy04-Nov-2024
How to Configure Proxies in Browser for Bug-Bountyhttps://medium.com/@anandrishav2228/how-to-configure-proxies-in-browser-for-bug-bounty-c175c5513e1a?source=rss------bug_bounty-5Rishav anandvpn, proxy, cybersecurity, money, bug-bounty04-Nov-2024
Bypass the Blocked IP address while Pentesting.https://medium.com/@anandrishav2228/bypass-the-blocked-ip-address-while-pentesting-c4c02a8dc14d?source=rss------bug_bounty-5Rishav anandmoney, cybersecurity, bug-bounty, ip-address, hacking04-Nov-2024
bugbountytraining靶场(四)https://medium.com/@starkxun5215/bugbountytraining%E9%9D%B6%E5%9C%BA-%E5%9B%9B-378fa157f500?source=rss------bug_bounty-5xun starkbug-bounty04-Nov-2024
Breaking the Rules: How a Race Condition Allowed Me to Bypass the Limitshttps://medium.com/@manibharathi.b/breaking-the-rules-how-a-race-condition-allowed-me-to-bypass-the-limits-by-mani-d6840746a04e?source=rss------bug_bounty-5Mani Bharathi Bbug-bounty-tips, bug-bounty, cybersecurity, vulnerability, bug-bounty-writeup04-Nov-2024
Account takeover for $3000https://sushantdhopat.medium.com/account-takeover-for-3000-722ee6f5fbde?source=rss------bug_bounty-5sushantdhopatbug-bounty, infosec04-Nov-2024
Exploit exposed zendesk API Token for $1000https://sushantdhopat.medium.com/exploit-exposed-zendesk-api-token-for-1000-847966489070?source=rss------bug_bounty-5sushantdhopatinfosec, bug-bounty, information-security04-Nov-2024
IDOR leading to broken functionalityhttps://medium.com/@shadykhaled2002/idor-leading-to-broken-functionality-3b464213fa76?source=rss------bug_bounty-5Le_Merdienpenetration-testing, cybersecurity, pentesting, bug-bounty04-Nov-2024
The OAuth Oversight: When Configuration Errors Turn into Account Hijackshttps://medium.com/@nightcoders0/the-oauth-oversight-when-configuration-errors-turn-into-account-hijacks-5ed1f9c83d16?source=rss------bug_bounty-5Nightcoderspentesting, hacking, bug-bounty, bug-bounty-tips, bug-bounty-writeup04-Nov-2024
How I Found a €100 Bug at DCU: From “Not Applicable” to Cashing In!https://medium.com/@trffnsec/how-i-found-a-100-bug-at-dcu-from-not-applicable-to-cashing-in-2e58699a8faa?source=rss------bug_bounty-5TrffnSecbugbounty-writeup, hacking, bug-bounty-tips, ethical-hacking, bug-bounty04-Nov-2024
Essential One-Liner Commands for Bug Bounty Hunters and Pentestershttps://infosecwriteups.com/essential-one-liner-commands-for-bug-bounty-hunters-and-pentesters-7648ec305c66?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, automation, cybersecurity04-Nov-2024
How I Found HTML Injection?https://medium.com/@gitlime71/how-i-found-html-injection-bdbbf2861d95?source=rss------bug_bounty-5Raccoonbug-bounty, penetration-testing, bug-bounty-writeup04-Nov-2024
Columbus Ransomware Attack: Data of 500,000 Stolenhttps://medium.com/@wiretor/columbus-ransomware-attack-data-of-500-000-stolen-93076d58689c?source=rss------bug_bounty-5WIRE TORmalware, pentesting, usa, pentest, bug-bounty04-Nov-2024
Unveiling the “Pygmy Goat” Malware: A New Threat in Cybersecurityhttps://medium.com/@wiretor/unveiling-the-pygmy-goat-malware-a-new-threat-in-cybersecurity-aaeb360f9497?source=rss------bug_bounty-5WIRE TORbug-bounty, hacking, usa, malware, pentesting04-Nov-2024
Meet “Interlock” Ransomware — A New Threat Targeting FreeBSD Servershttps://medium.com/@wiretor/meet-interlock-ransomware-a-new-threat-targeting-freebsd-servers-4be6ba312c62?source=rss------bug_bounty-5WIRE TORhacking, malware, pentesting, bug-bounty, usa04-Nov-2024
Introducing SubdomainRadar.io:https://medium.com/@alexandrevandammepro/introducing-subdomainradar-io-727d765445f2?source=rss------bug_bounty-5Alexandre Vandammebug-bounty, vulnerability, bug-bounty-tips, osint, security04-Nov-2024
Essential One-Liner Commands for Bug Bounty Hunters and Pentestershttps://systemweakness.com/essential-one-liner-commands-for-bug-bounty-hunters-and-pentesters-7648ec305c66?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, automation, cybersecurity04-Nov-2024
ExploiterX — Vulnerability Scanner Toolhttps://anishalx.medium.com/exploiterx-vulnerability-scanner-tool-bc1796e278a1?source=rss------bug_bounty-5Anishweb3, python, bug-bounty, penetration-testing, hacking03-Nov-2024
Must-Have Tools for Cybersecurity Researchers: A Complete Installation Guidehttps://myselfakash20.medium.com/must-have-tools-for-cybersecurity-researchers-a-complete-installation-guide-5738022e535f?source=rss------bug_bounty-5Akash Ghoshcybersecurity, tools, bug-bounty, recon, reconnaissance03-Nov-2024
AcquiFinder | a tool to grab acquisitions of a company by Crunchbasehttps://medium.com/@AmmarxLe0x/acquifinder-a-tool-to-grab-acquisitions-of-a-company-by-crunchbase-6315db784813?source=rss------bug_bounty-5xLe0xbug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program, bug-bounty03-Nov-2024
“Keyed In” Compromising an entire organization through their APIhttps://medium.com/@s1renhead/keyed-in-compromising-an-entire-organization-through-their-api-2ed6cb54eec5?source=rss------bug_bounty-5S1renheadbug-bounty-writeup, bug-bounty, hacking, bug-bounty-tips03-Nov-2024
[Hacking impact] Acees admin panelhttps://medium.com/@nagashygaballah/hacking-impact-acees-admin-panel-a4326a36e208?source=rss------bug_bounty-5111xNagashyhacker, hackerone, hacking, bug-bounty, security03-Nov-2024
How I Discovered RXSS Bug on Microsoft subdomain !!!https://medium.com/@sayantichy/how-i-discovered-rxss-bug-on-microsoft-subdomain-21082191ad10?source=rss------bug_bounty-5Sayanti Chowdhuryxss-vulnerability, bug-bounty, xss-attack, first-bug, reflected-xss03-Nov-2024
Getting Back on the Cybersecurity Write-Ups: Return to Mediumhttps://mukibas37.medium.com/getting-back-on-the-cybersecurity-write-ups-return-to-medium-1ac51c9edde9?source=rss------bug_bounty-5Mukilan Baskarancybersecurity, infosec, back-to-writing, ctf, bug-bounty03-Nov-2024
A Comprehensive Guide to SQL Injection: Types, Hunting Methods, and Toolshttps://medium.com/@n4itr0_07/a-comprehensive-guide-to-sql-injection-types-hunting-methods-and-tools-8d716dd34355?source=rss------bug_bounty-5N4!TR0 07sql-injection, bug-bounty, bug-bounty-tips, bugbounty-writeup, cybersecurity03-Nov-2024
IDOR Exploit: Gaining Unauthorized Control Over Users’ Shopping Basketshttps://0xmatrix.medium.com/idor-exploit-gaining-unauthorized-control-over-users-shopping-baskets-122650091cf5?source=rss------bug_bounty-5Mo2men Elmadybug-bounty, hacking, idor, penetration-testing, bugs03-Nov-2024
Dstat.cc DDoS Site Seized & Two Suspects Arrested in Germanyhttps://medium.com/@wiretor/dstat-cc-ddos-site-seized-two-suspects-arrested-in-germany-c8d44187b181?source=rss------bug_bounty-5WIRE TORbug-bounty, malware, hacking, pentesting, usa03-Nov-2024
CRA Breach Exposed: Over 62,000 Taxpayer Accounts Compromised!https://medium.com/@wiretor/cra-breach-exposed-over-62-000-taxpayer-accounts-compromised-62bc0cf3cb9a?source=rss------bug_bounty-5WIRE TORmalware, bug-bounty, hacking, pentesting, usa03-Nov-2024
FBI Arrests Suspect in SEC Account Hack: What This Means for Cybersecurityhttps://medium.com/@wiretor/fbi-arrests-suspect-in-sec-account-hack-what-this-means-for-cybersecurity-735d8dd72512?source=rss------bug_bounty-5WIRE TORhacking, usa, bug-bounty, pentesting, malware03-Nov-2024
Becoming a Web Security Specialist: Essential Insights and a Roadmaphttps://medium.com/@halildeniz313/becoming-a-web-security-specialist-essential-insights-and-a-roadmap-91032925d1aa?source=rss------bug_bounty-5Halildenizcyber-security-awareness, bug-bounty, cybersecurity, web-security, ethical-hacking03-Nov-2024
Time Based SQL Injection Bug Hunting Methodologyhttps://medium.com/@abhirupkonwar04/time-based-sql-injection-bug-hunting-methodology-be485de5ab9e?source=rss------bug_bounty-5AbhirupKonwarethical-hacking, bug-bounty, cybersecurity, sql-injection, pentesting02-Nov-2024
Time Based SQL Injection Bug Hunting Methodologyhttps://osintteam.blog/time-based-sql-injection-bug-hunting-methodology-be485de5ab9e?source=rss------bug_bounty-5AbhirupKonwarethical-hacking, bug-bounty, cybersecurity, sql-injection, pentesting02-Nov-2024
Simple Tips for Bug Bounty Beginners: Escalating to XSS (XSS Series Part — 2)https://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-escalating-to-xss-xss-series-part-2-1d6b75ecf942?source=rss------bug_bounty-5Anish Narayantechnology, programming, cybersecurity, bug-bounty-writeup, bug-bounty02-Nov-2024
Breaking Into Information Security as a Fresher: A Guide to Starting Your Journeyhttps://medium.com/@nitinbasera11/breaking-into-information-security-as-a-fresher-a-guide-to-starting-your-journey-caa253c0f5ae?source=rss------bug_bounty-5Nitinbaserabug-bounty, security, cybersecurity, web-app-security, infosec02-Nov-2024
My Journey as a Bug Bounty Hunter and Web3 Enthusiast: Tips for Beginnershttps://medium.com/@veerendravamshi/my-journey-as-a-bug-bounty-hunter-and-web3-enthusiast-tips-for-beginners-50aa0bfbfc78?source=rss------bug_bounty-5Veerendra Vamshiblockchain, bug-bounty, web3, cryptocurrency, defi02-Nov-2024
Hacking For Free. Dodging Paying For Hacking Knowledge System | Primary Hacking School #9https://medium.com/@nnface/hacking-for-free-dodging-paying-for-hacking-knowledge-system-primary-hacking-school-9-c86f6dd3752c?source=rss------bug_bounty-5NnFacehacking, cybersecurity, kali-linux, money, bug-bounty02-Nov-2024
Microsoft Acknowledges Outlook Freezing Issue and Offers Workaroundshttps://medium.com/@wiretor/microsoft-acknowledges-outlook-freezing-issue-and-offers-workarounds-52fa28e41f13?source=rss------bug_bounty-5WIRE TORhacking, ransomware, malware, pentesting, bug-bounty02-Nov-2024
Account Takeover Via Google Auth Misconfigurationhttps://medium.com/@abdulparkar/account-takeover-via-google-auth-misconfiguration-af4a59dd82e7?source=rss------bug_bounty-5Abdul Rehman Parkarethical-hacking, bug-bounty-tips, hacking, bug-bounty, bug-bounty-writeup02-Nov-2024
bugbountytraining靶场(三)https://medium.com/@starkxun5215/bugbountytraining%E9%9D%B6%E5%9C%BA-%E4%B8%89-dfe55be3123f?source=rss------bug_bounty-5xun starkbug-bounty01-Nov-2024
Hard Server-Side Request Forgery (SSRF) A bypass method to RCE and Port Scanhttps://medium.com/@sarvour/hard-server-side-request-forgery-ssrf-a-bypass-method-to-rce-and-port-scan-61adf085d62a?source=rss------bug_bounty-5sarvourpentesting, security, rce, bug-bounty, writeup01-Nov-2024
Template Engines Injection 101https://medium.com/@0xAwali/template-engines-injection-101-4f2fe59e5756?source=rss------bug_bounty-5Mahmoud M. Awalibug-bounty, hacking01-Nov-2024
Web Application Basics — Tryhackme Walkthroughhttps://medium.com/@TRedEye/web-application-basics-tryhackme-walkthrough-ee6a0cf2f1f6?source=rss------bug_bounty-5TRedEyecybersecurity, hacking, bug-bounty, website, tryhackme01-Nov-2024
Configuring Burp Suite with Firefox (Step-by-Step)https://harshbardhanx.medium.com/configuring-burp-suite-with-firefox-step-by-step-40f56a706546?source=rss------bug_bounty-5Harsh Bardhanbug-bounty, cybersecurity, bug-bounty-writeup, burpsuite, bug-bounty-tips01-Nov-2024
Hackers Target Critical Zero-Day Vulnerabilities in PTZ Camerashttps://medium.com/@wiretor/hackers-target-critical-zero-day-vulnerabilities-in-ptz-cameras-d2d5023d329d?source=rss------bug_bounty-5WIRE TORpentest, zero-day, malware, bug-bounty, ransomware01-Nov-2024
qBittorrent Security Flaw Fixed After 14 Years Upgrade Now!https://medium.com/@wiretor/qbittorrent-security-flaw-fixed-after-14-years-upgrade-now-bfa491d214bb?source=rss------bug_bounty-5WIRE TORxss-attack, bug-bounty, hacking, malware, pentesting01-Nov-2024
New LightSpy Spyware Version Targets iPhones with Advanced Surveillance Tacticshttps://medium.com/@wiretor/new-lightspy-spyware-version-targets-iphones-with-advanced-surveillance-tactics-154f8887cd42?source=rss------bug_bounty-5WIRE TORhacking, apple, xss-attack, bug-bounty, malware01-Nov-2024
The Pen-Tester’s Muse: Writing Exploits into Earnings on Mediumhttps://medium.com/illumination/the-pen-testers-muse-writing-exploits-into-earnings-on-medium-a739abaab422?source=rss------bug_bounty-5Quintius Walkerbug-bounty, cybersecurity, poetry, creativity, poetry-on-medium01-Nov-2024
Reasons for Failure in Bug Bounty Programs and the Path to Successhttps://medium.com/@halildeniz313/reasons-for-failure-in-bug-bounty-programs-and-the-path-to-success-af19917f4be9?source=rss------bug_bounty-5Halildenizbug-bounty-tips, cybersecurity, bug-bounty, pentesting, ethical-hacking01-Nov-2024
bugbountytraining靶场(二)https://medium.com/@starkxun5215/bugbountytraining%E9%9D%B6%E5%9C%BA-%E4%BA%8C-669c3ac29651?source=rss------bug_bounty-5xun starkbug-bounty31-Oct-2024
How HTML injection can help to make $1000.https://medium.com/@anandrishav2228/how-html-injection-can-help-to-make-1000-531c6f7b6672?source=rss------bug_bounty-5Rishav anandhtml, ai, bug-bounty, money, cybersecurity31-Oct-2024
HOW I FOUND CVE-2023–35813?https://doordiefordream.medium.com/how-i-found-cve-2023-35813-c239c2f03192?source=rss------bug_bounty-5balu bandicve, ethical-hacking, bug-bounty, cybersecurity, writing31-Oct-2024
OAuth Account Takeover (ATO) Vulnerability via Email Manipulationhttps://medium.com/@muhammedgalal66/oauth-account-takeover-ato-vulnerability-via-email-manipulation-94e0e942bcb8?source=rss------bug_bounty-5Dg0x6account-takeover-attacks, account-takeover, bug-bounty-tips, hackerone, bug-bounty31-Oct-2024
SSRF to Internal Port Scanning on Self-Hosted Platformhttps://infosecwriteups.com/ssrf-to-internal-port-scanning-on-self-hosted-platform-05a17a461eed?source=rss------bug_bounty-5JEETPALssrf, bugbounty-tips, bug-bounty, bug-bounty-writeup, cybersecurity31-Oct-2024
7 Real-Life Bug Bounties That Made Headlines: Lessons You Can’t Afford to Miss!https://medium.com/@qaafqasim/7-real-life-bug-bounties-that-made-headlines-lessons-you-cant-afford-to-miss-4b812b2caafa?source=rss------bug_bounty-5Qasim Mahmood Khalidcyber-security-awareness, bug-bounty-writeup, bug-bounty, ethical-hacking, cybersecurity31-Oct-2024
Responsible Discovery, Irresponsible Response: The Cost of Punishing Security Researchershttps://khalifayakub.medium.com/responsible-discovery-irresponsible-response-the-cost-of-punishing-security-researchers-8bbb15f66ab7?source=rss------bug_bounty-5Mohammed Yakub Khalifaethics, cybersecurity-awareness, cybersecurity, bug-bounty, ethical-hacking31-Oct-2024
0-Click ATO Via reset password weird scenariohttps://medium.com/@mos693570/0-click-ato-via-reset-password-weird-scenario-9afa4a88e413?source=rss------bug_bounty-5Mo Salahbug-bounty31-Oct-2024
Could a Simple IDOR Vulnerability in Facebook Affects the Outcome of US Elections?https://medium.com/@bazzounbassem/could-a-simple-idor-vulnerability-in-facebook-affects-the-outcome-of-us-elections-c17bc5e12e30?source=rss------bug_bounty-5Bassem M Bazzounethical-hacking, bug-bounty, us-election-2024, cybersecurity31-Oct-2024
How One Accidental Find Led to Full App Security Testinghttps://medium.com/@hasirhamdan77/how-one-accidental-find-led-to-full-app-security-testing-ea1c317174cb?source=rss------bug_bounty-5Hasirhamdanjwt-exploitation, application-security, bug-bounty, mobile-security, hacking31-Oct-2024
Comprehensive Bug Bounty Hunting Methodology (2024 Edition)https://xalgord.medium.com/comprehensive-bug-bounty-hunting-checklist-2024-edition-4abb3a9cbe66?source=rss------bug_bounty-5Krishna Kaushalcybersecurity, bug-bounty-tips, bug-bounty, hacking, reconnaissance31-Oct-2024
Tale of Zendesk 0 day and a potential 25K $ bountyhttps://rikeshbaniya.medium.com/tale-of-zendesk-0-day-and-a-potential-25k-bounty-61bcf9c5dc06?source=rss------bug_bounty-5Rikesh Baniyabug-bounty-writeup, bug-bounty-tips, hackerone, security-research, bug-bounty31-Oct-2024
XML Upload Challenge: Breaking Boundaries with External Entitieshttps://medium.com/@josh.beck2006/xml-upload-challenge-breaking-boundaries-with-external-entities-79677649485f?source=rss------bug_bounty-5Josh Beckcybersecurity, ctf-writeup, bug-bounty31-Oct-2024
Hunting for IDOR and BAC Vulnerabilities in B2B Applications with Burp Suite’s Authorize Extensionhttps://thexssrat.medium.com/hunting-for-idor-and-bac-vulnerabilities-in-b2b-applications-with-burp-suites-authorize-extension-597877b53d94?source=rss------bug_bounty-5Thexssratidor, broken-access-control, bug-bounty, bug-bounty-tips, burpsuite31-Oct-2024
LottieFiles Hacked: A Cautionary Tale for the Crypto Community!https://medium.com/@wiretor/lottiefiles-hacked-a-cautionary-tale-for-the-crypto-community-8cc3b6cf9148?source=rss------bug_bounty-5WIRE TORmalware, xss-attack, hacking, usa, bug-bounty31-Oct-2024
Protecting E-Commerce: Understanding the Phish n’ Ships Campaignhttps://medium.com/@wiretor/protecting-e-commerce-understanding-the-phish-n-ships-campaign-619cc4f3d150?source=rss------bug_bounty-5WIRE TORmalware, hacking, usa, bug-bounty, xss-attack31-Oct-2024
Ex-Disney Employee Charged with Hacking: A Cautionary Tale!https://medium.com/@wiretor/ex-disney-employee-charged-with-hacking-a-cautionary-tale-d9174351fd7c?source=rss------bug_bounty-5WIRE TORmalware, bug-bounty, xss-attack, usa, hacking31-Oct-2024
File Transfer Cheatsheet: Windows and Linuxhttps://medium.com/@verylazytech/file-transfer-cheatsheet-windows-and-linux-1e36ec9a22ac?source=rss------bug_bounty-5Very Lazy Techfile-transfer, bug-bounty, post-exploitation, exfiltration, cybersecurity30-Oct-2024
Hacking your first OAuth on the Web application: Account takeover using Redirect and State…https://medium.com/@security.tecno/hacking-your-first-oauth-on-the-web-application-account-takeover-using-redirect-and-state-5e857c7b1d43?source=rss------bug_bounty-5TECNO Securityresearch-reports, hacking, bug-bounty, security30-Oct-2024
Discovered a Unique Email Verification Bypasshttps://mo9khu93r.medium.com/discovered-a-unique-email-verification-bypass-47bb1e955a13?source=rss------bug_bounty-5mo9khu93rpenetration-testing, email-verification, hacking, cybersecurity, bug-bounty30-Oct-2024
Apple $1,000,000 Bounty: Zero-Click Exploit Achieves Kernel Execution and PAC Bypass on Latest iOS…https://medium.com/@vintaconnect/apple-1-000-000-bounty-zero-click-exploit-achieves-kernel-execution-and-pac-bypass-on-latest-ios-7cdf35ff8bc6?source=rss------bug_bounty-5VintaConnectapple, apple-bug-bounty, ios, kernel, bug-bounty30-Oct-2024
CVE-2024–27954 — WordPress Automatic Plugin < 3.92.1 — Arbitrary File Download and SSRFhttps://infosecwriteups.com/cve-2024-27954-wordpress-automatic-plugin-3-92-1-arbitrary-file-download-and-ssrf-34f2e938db54?source=rss------bug_bounty-5Ajay Naikbug-bounty, penetration-testing, wordpress, cybersecurity, bug-bounty-hunter30-Oct-2024
$200-$10,000 for Command Injection Bug .https://medium.com/@anandrishav2228/200-10-000-for-command-injection-bug-2279041f3478?source=rss------bug_bounty-5Rishav anandhacking, cybersecurity, bug-bounty, money, command-injection30-Oct-2024
My First Remote Code Execution (RCE)https://medium.com/@prasenjitkantipaul/my-first-remote-code-execution-rce-ea9c3e32943f?source=rss------bug_bounty-5Prasenjit Kanti Paulbug-bounty, bug-bounty-tips, bug-bounty-hunter, rce, bug-bounty-writeup30-Oct-2024
CVE-2024–4577 — PHP CGI Argument Injection Remote Code Executionhttps://infosecwriteups.com/cve-2024-4577-php-cgi-argument-injection-remote-code-execution-294ed4758e4f?source=rss------bug_bounty-5Ajay Naikmedium, penetration-testing, bug-bounty, cybersecurity, information-technology30-Oct-2024
A Guide to Burp Suite for Ethical Hackershttps://medium.com/@codingbolt.in/a-guide-to-burp-suite-for-ethical-hackers-e1b985470547?source=rss------bug_bounty-5codingboltpenetration-testing, cybersecurity, bug-bounty, burpsuite, ethical-hacking30-Oct-2024
Multi-Step Process with No Access Control on One Step — Access Control Vulnerabilityhttps://medium.com/@rcxsecurity/multi-step-process-with-no-access-control-on-one-step-access-control-vulnerability-599aee989521?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafépentesting, cybersecurity, penetration-testing, information-security, bug-bounty30-Oct-2024
Chaining Four Vulnerabilities Leading to Account Takeoverhttps://medium.com/@jke3595/chaining-four-vulnerabilities-leading-to-account-takeover-664f18508600?source=rss------bug_bounty-5Joel I Patrickbounty-program, ethical-hacking, security, bug-bounty, cybersecurity30-Oct-2024
Predictable Initial Passwords vulnerabilityhttps://medium.com/@istibaroudissou/predictable-initial-passwords-vulnerability-3292322bfdd4?source=rss------bug_bounty-5Istibarou DISSOUvulnerability, bug-bounty, pentesting30-Oct-2024
Lets Get into the Real field.https://harshbardhanx.medium.com/lets-get-into-the-real-field-b2c9278d0b63?source=rss------bug_bounty-5Harsh Bardhanbug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty-hunter30-Oct-2024
Email Spoofinghttps://medium.com/@hacragon/email-spoofing-1a81728f92b3?source=rss------bug_bounty-5Subin Kumardmarc-record, email-spoofing, bug-bounty30-Oct-2024
Exposed Git Configs Lead to 15,000 Stolen Cloud Credentials: The WireTor Solutionhttps://medium.com/@wiretor/exposed-git-configs-lead-to-15-000-stolen-cloud-credentials-the-wiretor-solution-d6de23eaca26?source=rss------bug_bounty-5WIRE TORmalware, election2024, usa, bug-bounty, pentesting30-Oct-2024
WIRE TOR — The Ethical Hacking Serviceshttps://medium.com/@wiretor/wire-tor-the-ethical-hacking-services-bac69e4fa28a?source=rss------bug_bounty-5WIRE TORbug-bounty, pentesting, malware, xss-attack, hacking30-Oct-2024
Protect Yourself from Election Scams: Insights from WireTorhttps://medium.com/@wiretor/protect-yourself-from-election-scams-insights-from-wiretor-1e118e682f76?source=rss------bug_bounty-5WIRE TORbug-bounty, pentesting, xss-attack, hacking, malware30-Oct-2024
Spooktacular Halloween Sale: 50% Off!https://medium.com/@wiretor/spooktacular-halloween-sale-50-off-f1967438dac0?source=rss------bug_bounty-5WIRE TORpentesting, bug-bounty, usa, hacking, halloween30-Oct-2024
Automating Bug Bounty Hunts with Bash: A Beginner-Friendly Guidehttps://pwndecoco.medium.com/automating-bug-bounty-hunts-with-bash-a-beginner-friendly-guide-3fc2b3d7f341?source=rss------bug_bounty-5Pwndec0c0hacking, bug-bounty-tips, penetration-testing, bug-bounty, cybersecurity30-Oct-2024
Full Account Takeover at One of the Largest E-Commerce Companieshttps://m0uka.medium.com/full-account-takeover-at-one-of-the-largest-e-commerce-companies-8cf416e9dc7e?source=rss------bug_bounty-5m0ukahackerone, hacking, bug-bounty, bugcrowd, security-research29-Oct-2024
Account Linked Domains Takeoverhttps://medium.com/@ph4nt0mbyt3/account-linked-domains-takeover-852cab92e018?source=rss------bug_bounty-5ph4nt0mbyt3pentesting, bug-bounty, pentest29-Oct-2024
How to find Information Disclouser in any WebTech or Mobile App. and Earn upto $500-$2000https://medium.com/@anandrishav2228/how-to-find-information-disclouser-in-any-webtech-or-mobile-app-and-earn-upto-500-2000-7bda67bbe754?source=rss------bug_bounty-5Rishav anandcybersecurity, money, api, bug-bounty, hacker29-Oct-2024
From Study Stress to Critical Account Takeover: How a Gym Break and a Little Curiosity Uncovered a…https://medium.com/@CipherHawk/from-study-stress-to-critical-account-takeover-how-a-gym-break-and-a-little-curiosity-uncovered-a-d15cfc2e142b?source=rss------bug_bounty-5CipherHawkbug-bounty, hackerone, hacking, yeswehack, bugbounty-tips29-Oct-2024
How I get Open Redirect Vulnerability in BBP ?https://medium.com/@keroayman77/how-i-get-open-redirect-vulnerability-in-bbp-6006e5a34602?source=rss------bug_bounty-5Kerolos Aymanbug-bounty-writeup, bug-bounty29-Oct-2024
Web cache poisoning explainedhttps://medium.com/@ad.abhi0013/web-cache-poisoning-explained-f3ddc4bfbf94?source=rss------bug_bounty-5Abhishek Adhikaricybersecurity, web-cache-poisoning, bug-bounty29-Oct-2024
Find Open Redirect in Just 2 min - $1000https://medium.com/@mdnafeed3/find-open-redirect-in-just-2-min-1000-c527bb3e65fb?source=rss------bug_bounty-5H4cker-Nafeedcybersecurity, bug-bounty, bug-bounty-tips29-Oct-2024
How can SQL injection, CSRF, and XSS attacks be prevented in Golang — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-can-sql-injection-csrf-and-xss-attacks-be-prevented-in-golang-bug-bounty-tuesday-2f857b2e4b53?source=rss------bug_bounty-5kerstangolang, coding, cybersecurity, hacking, bug-bounty29-Oct-2024
How I Started My Bug Bounty Journey…!!!https://harshbardhanx.medium.com/how-i-started-my-bug-bounty-journey-1b9683fa6252?source=rss------bug_bounty-5Harsh Bardhanbug-hunting, bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips29-Oct-2024
My step by step process on how I do Bug Bounty Hunting: From finding targets to Submission of the…https://pwndecoco.medium.com/my-step-by-step-process-on-how-i-do-bug-bounty-hunting-from-finding-targets-to-submission-of-the-c3ad5d4b07ad?source=rss------bug_bounty-5Pwndec0c0penetration-testing, bug-bounty, cybersecurity, bug-bounty-writeup, hacking29-Oct-2024
How do SSL Scanners Workhttps://medium.com/@serhatcck/how-do-ssl-scanners-work-b4977308e981?source=rss------bug_bounty-5Serhat ÇİÇEKcryptography, application-security, bug-bounty, hacking, pentesting29-Oct-2024
Data Breach Affects 800,000 Citizens in Italyhttps://medium.com/@wiretor/data-breach-affects-800-000-citizens-in-italy-1f977df0cab6?source=rss------bug_bounty-5WIRE TORbug-bounty, malware, italian, pentesting, hacking29-Oct-2024
Massive PSAUX Ransomware Attack Targets 22,000 CyberPanel Instances!https://medium.com/@wiretor/massive-psaux-ransomware-attack-targets-22-000-cyberpanel-instances-2925859c759c?source=rss------bug_bounty-5WIRE TORhacking, bug-bounty, usa, malware, cybersecurity29-Oct-2024
WIRE TOR — The Ethical Hacking Serviceshttps://medium.com/@wiretor/wire-tor-the-ethical-hacking-services-47ef9ecf7471?source=rss------bug_bounty-5WIRE TORhacking, bug-bounty, malware, usa, pentesting29-Oct-2024
Payment Bypass via API Request to Activate Premium Plan on Private Bug Bounty Programhttps://medium.com/@sharp488/payment-bypass-via-api-request-to-activate-premium-plan-on-private-bug-bounty-program-bbd7fc91ef99?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty, information-technology, bug-bounty-tips, bugs, information-security28-Oct-2024
How to find a Race-condition Bug and make $1300https://medium.com/@anandrishav2228/how-to-find-a-race-condition-bug-and-make-1300-66d7e14040e9?source=rss------bug_bounty-5Rishav anandrace-condition, hacker, bug-bounty, cybersecurity, money28-Oct-2024
$150,000 Evmos Vulnerability Through Reading Documentationhttps://medium.com/@jjordanjjordan/150-000-evmos-vulnerability-through-reading-documentation-d26328590a7a?source=rss------bug_bounty-5jayjonah.ethbug-bounty, crypto, web3, ethereum, blockchain28-Oct-2024
Blind Cross Site Scripting in License Applicationhttps://medium.com/@abdullah12987654/blind-cross-site-scripting-in-license-application-aa865c0e0496?source=rss------bug_bounty-5Abdullahpenetration-testing, cross-site-scripting, xss-vulnerability, hacking, bug-bounty28-Oct-2024
HTTP Request Smuggling: From Needs More Info to Confirmed Impact!https://medium.com/@rezauditore/http-request-smuggling-from-needs-more-info-to-confirmed-impact-9b36349355ca?source=rss------bug_bounty-5rezauditorebug-bounty, http-request, peace, lgbtq, hacking28-Oct-2024
Best AI Tool to Learn Hacking 2025https://medium.com/@TahirAyoub/best-ai-tool-to-learn-hacking-2025-e30b11c551c8?source=rss------bug_bounty-5Tahir Ayoubai, cybersecurity, artificial-intelligence, bug-bounty, hacking28-Oct-2024
Easy 400$ Bounty on Hackerone Public BBPhttps://medium.com/@kaforybory/easy-400-bounty-on-hackerone-public-bbp-b7a9aa2d6767?source=rss------bug_bounty-5Hassan Makkicybersecurity, infosec, bug-bounty-tips, penetration-testing, bug-bounty28-Oct-2024
Exposing a Data Leak Vulnerability: My Journey to Discoveryhttps://infosecwriteups.com/exposing-a-data-leak-vulnerability-my-journey-to-discovery-7be93ce2c5b0?source=rss------bug_bounty-5Abhishek Bhujangethical-hacking, security, bug-bounty, bug-hunting, hacking28-Oct-2024
Ethical Hacking and Bug Bounty Programs —  Harnessing Hackers for Goodhttps://medium.com/@RocketMeUpCybersecurity/ethical-hacking-and-bug-bounty-programs-harnessing-hackers-for-good-ac8417374af0?source=rss------bug_bounty-5RocketMe Up Cybersecuritysecurity-testing, vulnerability-assessment, white-hat-hacker, ethical-hacking, bug-bounty28-Oct-2024
My first bug bountyhttps://medium.com/@zatikyan.sevada/my-first-bug-bounty-5dc382b7cd50?source=rss------bug_bounty-5Zatikyan Sevadacybersecurity, information-disclosure, bug-bounty, hacking-tools28-Oct-2024
Portswigger Lab: Reflected XSS in a JavaScript URL with some characters blockedhttps://medium.com/@iamdeusx/portswigger-lab-reflected-xss-in-a-javascript-url-with-some-characters-blocked-fa15ae95d90e?source=rss------bug_bounty-5DeusXbug-bounty, portswigger, cybersecurity, ctf28-Oct-2024
LLM Pentest Services at Wire Tor️https://medium.com/@wiretor/llm-pentest-services-at-wire-tor-%EF%B8%8F-e2617eb98a89?source=rss------bug_bounty-5WIRE TORcybersecurity, malware, hacking, usa, bug-bounty28-Oct-2024
Breaking Down My Bug Bounty Find: Exploiting EC-Council’s iClass Platformhttps://medium.com/@salaheddine_kalada/breaking-down-my-bug-bounty-find-exploiting-ec-councils-iclass-platform-68bd9a6c8460?source=rss------bug_bounty-5Salaheddine KALADAresponsible-disclosure, ethical-hacking, bug-bounty-writeup, bug-bounty, cybersecurity28-Oct-2024
How I Leveraged HTML Injection to Create an Account Using Someone Else’s Emailhttps://infosecwriteups.com/how-i-leveraged-html-injection-to-create-an-account-using-someone-elses-email-b80f83ab9465?source=rss------bug_bounty-5Devanshcybersecurity, html-injection, bug-bounty, information-security27-Oct-2024
Use Burp Suite Community version like a professional version Save upto $449https://medium.com/@anandrishav2228/use-burp-suite-community-version-like-a-professional-version-2225e9d0404f?source=rss------bug_bounty-5Rishav anandburpsuite, hacking, bug-bounty, money, cybersecurity27-Oct-2024
My Roadmap and the Tools I plan to use to aid my journey.https://cybersechemmars.medium.com/my-roadmap-and-the-tools-i-plan-to-use-to-aid-my-journey-4f720504fce6?source=rss------bug_bounty-5Cybersec with Hemmarsbug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips27-Oct-2024
Unauthorized Privilege Escalation: Gaining Command Line Access on Unpermitted Company Devices $$$$https://sp1der0x.medium.com/unauthorized-privilege-escalation-gaining-command-line-access-on-unpermitted-company-devices-1a67e55f1b63?source=rss------bug_bounty-5Spiderhacking, business-logic, privilege-escalation, access-control, bug-bounty27-Oct-2024
Bypassing File Upload Defenses: My Journey from Simple Bypass to Near RCEhttps://medium.com/@dsmodi484/bypassing-file-upload-defenses-my-journey-from-simple-bypass-to-near-rce-ffbd23400efa?source=rss------bug_bounty-5Dishant Modibug-bounty, vulnerability, file-upload, methodology, rce27-Oct-2024
How to find bugs in Microsoft iis page.https://infosecwriteups.com/how-to-find-bugs-in-microsoft-iis-page-ef336a229abc?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, cybersecurity, hacking, tips, bug-bounty27-Oct-2024
How I Leveraged HTML Injection to Create an Account Using Someone Else’s Emailhttps://infosecwriteups.com/how-i-leveraged-html-injection-to-create-an-account-using-someone-elses-email-b80f83ab9465?source=rss------bug_bounty-5Devansh Doshicybersecurity, html-injection, bug-bounty, information-security27-Oct-2024
Fog & Akira Ransomware Exploit SonicWall VPN: Is Your Network Safe?https://medium.com/@wiretor/fog-akira-ransomware-exploit-sonicwall-vpn-is-your-network-safe-81da77b75cae?source=rss------bug_bounty-5WIRE TORpentesting, hacking, cybersecurity, usa, bug-bounty27-Oct-2024
China-Backed Cyber Attack: Donald Trump and JD Vance Targeted!https://medium.com/@wiretor/china-backed-cyber-attack-donald-trump-and-jd-vance-targeted-004518c60c89?source=rss------bug_bounty-5WIRE TORmalware, bug-bounty, usa, hacking, cybersecurity27-Oct-2024
Unauthorized Privilege Escalation: Gaining Command Line Access on Unpermitted Company Devices $$$$https://sp1der0x.medium.com/unauthorized-privilege-escalation-gaining-command-line-access-on-unpermitted-company-devices-1a67e55f1b63?source=rss------bug_bounty-5Sp1der0xhacking, business-logic, privilege-escalation, access-control, bug-bounty27-Oct-2024
Firefox&Chrome extensions for bugbounty hunters.(PART 2)https://osintteam.blog/firefox-chrome-extensions-for-bugbounty-hunters-part-2-c3febcb6e64b?source=rss------bug_bounty-5loyalonlytodaytips, hacking, penetration-testing, cybersecurity, bug-bounty26-Oct-2024
Free vps for hacking and bug bounty hunting.https://osintteam.blog/free-vps-for-hacking-and-bug-bounty-hunting-921d1dda71ce?source=rss------bug_bounty-5loyalonlytodaybug-bounty, hacking, tips-and-tricks, vps, cybersecurity26-Oct-2024
Bug Bounty with AI in Real-Time: The Future of Cybersecurityhttps://prakash888kpk.medium.com/bug-bounty-with-ai-in-real-time-the-future-of-cybersecurity-b3f783c7f0de?source=rss------bug_bounty-5Lets Unlearntips-and-tricks, ai, bug-bounty26-Oct-2024
Find CSRF and get a bounty of $900 Quicklyhttps://medium.com/@anandrishav2228/find-csrf-and-get-a-bounty-of-900-quickly-a9c3bf311dfb?source=rss------bug_bounty-5Rishav anandmoney, bug-bounty, cybersecurity, hacker, ai26-Oct-2024
One idea Uncovers Authentication Bypass & Session management flawhttps://medium.com/@CipherHawk/one-idea-uncovers-authentication-bypass-session-management-flaw-2e1536f5c52d?source=rss------bug_bounty-5CipherHawkbug-bounty, hackerone, vulnerability, bugcrowd, hacking26-Oct-2024
How to Handle Burnout as a Bug Bounty Hunter: Step-by-Step Guidehttps://bevijaygupta.medium.com/how-to-handle-burnout-as-a-bug-bounty-hunter-step-by-step-guide-173bdc11386d?source=rss------bug_bounty-5Vijay Guptaburnout, bug-bounty-writeup, bug-bounty, bugs, bug-bounty-tips26-Oct-2024
Curious Case of a Feedback Linkhttps://medium.com/@thelazypentester/curious-case-of-a-feedback-link-0b1f5b208df0?source=rss------bug_bounty-5Jobsonsensitive-information, bug-bounty, cybersecurity, hacking, burpsuite26-Oct-2024
Bug Hunting Methodologyhttps://medium.com/@prajwalpatil453/bug-hunting-methodology-0780e74958be?source=rss------bug_bounty-5Anonstrkcybersecurity, bug-bounty-tips, bug-bounty, methodology, bug-hunting26-Oct-2024
500$ Idor vulnerability.https://medium.com/@noureldin1042/500-idor-vulnerability-dfc5d6f31119?source=rss------bug_bounty-5Noureldin(0x_5wf)programming, hacking, bug-bounty, bug-bounty-writeup, bug-bounty-tips26-Oct-2024
INICON: A One-Stop Recon Tool for Bug Bounty Huntershttps://medium.com/@jwalanth/inicon-a-one-stop-recon-tool-for-bug-bounty-hunters-8e1dcfa90a6c?source=rss------bug_bounty-5Kira61(Jwalanth)cybersecurity, python, pentesting, reconnaissance, bug-bounty26-Oct-2024
How I Discovered an Easy 2FA Vulnerability on Logitechhttps://medium.com/@dhananjay_00/how-i-discovered-an-easy-2fa-vulnerability-on-logitech-ff0d07178b04?source=rss------bug_bounty-5Dhananjay Pathakbug-bounty-tips, bug-bounty, bugbounty-writeup, hackerone, hacking26-Oct-2024
Dependency Confusion Unleashed: How One Misconfiguration Can Compromise an Entire Systemhttps://medium.com/@omargamal4em/dependency-confusion-unleashed-how-one-misconfiguration-can-compromise-an-entire-system-e0df2a26c341?source=rss------bug_bounty-5omar gamalbug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-tips26-Oct-2024
AIO Web App Pentesting Checklisthttps://cristivlad.medium.com/aio-web-app-pentesting-checklist-afe277d735dd?source=rss------bug_bounty-5Cristi Vladcybersecurity, bug-bounty, infosec, penetration-testing, pentesting26-Oct-2024
Apple Paying Big Bucks for Security Flaws: Your Chance to Cash In!https://medium.com/@v55232352/apple-paying-big-bucks-for-security-flaws-your-chance-to-cash-in-edb0f4f5ad21?source=rss------bug_bounty-5Patrick Hoovercyber-security-services, bug-bounty, apple-security-update26-Oct-2024
SQL Injections and the cute $2000 bountyhttps://medium.com/@nireshpandian19/sql-injections-and-the-cute-2000-bounty-2d18441ee0e3?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty, bug-bounty-writeup, idor-vulnerability, bug-bounty-tips, sql-injection26-Oct-2024
Bind Shells: A Practical Guidehttps://medium.com/@learntheshell/bind-shells-a-practical-guide-9c00b3d7ad74?source=rss------bug_bounty-5LearnTheShellcybersecurity, bug-bounty, pentesting, bind-shell, bug-bounty-tips26-Oct-2024
Cronjobs for hackers (bugbounty article)https://medium.com/@bag0zathev2/cronjobs-for-hackers-bugbounty-article-7d51588d0fd5?source=rss------bug_bounty-5Fares Walid (SirBugs)cybersecurity, bugbounty-tips, cronjob, bug-bounty, hacking26-Oct-2024
BugBounty — Mastering the Basics (along with Resources)[Part-1]https://medium.com/@iabhipathak/bugbounty-mastering-the-basics-along-with-resources-part-1-47d30eb3d19a?source=rss------bug_bounty-5Abhinav Pathakbug-bounty, cybersecurity, security, ethical-hacking, hacking26-Oct-2024
DVWA : Brute Force Vulnerability Solution (Low & Medium Security Level)https://medium.com/@Kamal_S/dvwa-brute-force-vulnerability-solution-low-medium-security-level-9c01eadf3720?source=rss------bug_bounty-5Kamal Sdvwa, burpsuite, brute-force, owasp, bug-bounty26-Oct-2024
New Cisco ASA and FTD Features: Blocking VPN Brute-Force Password Attacks!https://medium.com/@wiretor/new-cisco-asa-and-ftd-features-blocking-vpn-brute-force-password-attacks-c9065ef3ccfd?source=rss------bug_bounty-5WIRE TORpresidential-election-usa, cybersecurity, usa, bug-bounty, hacking26-Oct-2024
New Windows Driver Signature Bypass Enables Rootkit Installs!https://medium.com/@wiretor/new-windows-driver-signature-bypass-enables-rootkit-installs-42d64a4e973a?source=rss------bug_bounty-5WIRE TORbug-bounty, cybersecurity, networking, hacking, malware26-Oct-2024
Black Basta Ransomware Targets Teams: Stay Vigilant!https://medium.com/@wiretor/black-basta-ransomware-targets-teams-stay-vigilant-a76d8550003c?source=rss------bug_bounty-5WIRE TORhacking, cybersecurity, malware, xss-attack, bug-bounty26-Oct-2024
Hunting for Open Redirect Vulnerabilities: A Beginner to Expert Guidehttps://medium.com/@360Security/hunting-for-open-redirect-vulnerabilities-a-beginner-to-expert-guide-c33dd1ac1875?source=rss------bug_bounty-5360 Securityweb-security, penetration-testing, vulnerability, cybersecurity, bug-bounty26-Oct-2024
Red Hat SSO 7.6 Host Header Injection Vulnerabilityhttps://medium.com/@mark.roy.1337/exploiting-and-securing-red-hat-sso-7-6-host-header-injection-vulnerability-654424f6889a?source=rss------bug_bounty-5Mark R.vulnerability, bug-bounty, cybersecurity25-Oct-2024
TECNO Security Year-End Reward Sprint Preview: Grand Prizes Await You!https://medium.com/@security.tecno/tecno-security-year-end-reward-sprint-preview-grand-prizes-await-you-7dec791e12ce?source=rss------bug_bounty-5TECNO Securitybug-bounty, hacking, bonus, security25-Oct-2024
How I Bypassed Rate Limit on Loginhttps://mo9khu93r.medium.com/how-i-bypassed-rate-limit-on-login-b600b15158ef?source=rss------bug_bounty-5mo9khu93rbug-bounty, hacking, cybersecurity, pentesting, rate-limit-bypass25-Oct-2024
Remote Code Execution - Rage of Race Condition on Gen AIhttps://shahjerry33.medium.com/remote-code-execution-rage-of-race-condition-on-gen-ai-6f4cbc1a0e62?source=rss------bug_bounty-5Jerry Shah (Jerry)cybersecurity, penetration-testing, infosec, vulnerability, bug-bounty25-Oct-2024
Bug punya severity & priorityhttps://ilhamday.medium.com/bug-punya-severity-priority-5552885eebd6?source=rss------bug_bounty-5Ilham Ferrytesting, bug-bounty, qa, quality-assurance, software-development25-Oct-2024
Red Hat SSO 7.6 Host Header Injection Vulnerabilityhttps://medium.com/@mark-r/exploiting-and-securing-red-hat-sso-7-6-host-header-injection-vulnerability-654424f6889a?source=rss------bug_bounty-5Mark R.vulnerability, bug-bounty, cybersecurity25-Oct-2024
Advance AI Test Cases For Penetration Testinghttps://infosecwriteups.com/advance-ai-testcases-for-penetration-testing-d61b2196311d?source=rss------bug_bounty-5Ajay Naikinformation-technology, cyberattack, cybersecurity, bug-bounty, ai25-Oct-2024
Exploiting BAC: Unlimited Likes in Comment Sectionshttps://medium.com/@RaunakGupta1922/exploiting-bac-unlimited-likes-in-comment-sections-64f173b951fe?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitbug-bounty-tips, cybersecurity, programming, bug-bounty, technology25-Oct-2024
Information Disclosure in Top 500 Company through Source Codehttps://medium.com/@anonymousshetty2003/information-disclosure-in-top-500-company-through-source-code-fe91a7806acc?source=rss------bug_bounty-5Anonymousshettybug-bounty, cybersecurity, hacking, information-disclosure, security25-Oct-2024
WordPress Penetration Testing: A Hacker’s Playbookhttps://systemweakness.com/wordpress-penetration-testing-a-hackers-playbook-bb97b8a009b1?source=rss------bug_bounty-5Ahmed Makawipenetration-testing, ethical-hacking, wordpress, bug-bounty25-Oct-2024
How to install WhatWeb & usage samples.https://pwndecoco.medium.com/how-to-install-whatweb-usage-samples-8b735fc4d645?source=rss------bug_bounty-5Pwndec0c0penetration-testing, whatweb, bug-bounty, cybersecurity, linux25-Oct-2024
My step by step process on how I do Bug Bounty Hunting: From finding targets to Submission of the…https://pwndecoco.medium.com/my-step-by-step-process-on-how-i-do-bug-bounty-program-from-finding-targets-to-submission-of-the-d25939b2a1b3?source=rss------bug_bounty-5Pwndec0c0bug-bounty-tips, bug-bounty-writeup, bug-bounty, penetration-testing, cybersecurity25-Oct-2024
Uncovering Vulnerabilities: My Discovery of Hashed Passwords on a Dutch Government Websitehttps://medium.com/@anonymousshetty2003/uncovering-vulnerabilities-my-discovery-of-hashed-passwords-on-a-dutch-government-website-f30969e6ebbc?source=rss------bug_bounty-5Anonymousshettycybersecurity, security, bug-bounty, hacking, information-disclosure25-Oct-2024
Finding Cross-Site Scripting (XSS) vulnerabilities in Bug bounty programhttps://medium.com/@curiouskhanna/finding-cross-site-scripting-xss-vulnerabilities-in-bug-bounty-program-2a40bef4c8d7?source=rss------bug_bounty-5Shubham Khannacybersecurity, earn-money-online, research, bug-bounty25-Oct-2024
Cracking JWT Tokens: A Path to Identifying Bugs and Earn upto $700https://medium.com/@anandrishav2228/cracking-jwt-tokens-a-path-to-identifying-bugs-and-earn-upto-700-4028bcdcbebf?source=rss------bug_bounty-5Rishav anandbug-bounty, hacking, money, token, cybersecurity24-Oct-2024
50€ Rabbit Hole — Plain as Cake Bugshttps://medium.com/@rootplinix/50-rabbit-hole-plain-as-cake-bugs-e3e0940f93ce?source=rss------bug_bounty-5Abu Hurayrabug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips, cybersecurity24-Oct-2024
IDOR+Privilege Escalation+No Rate Limit+Business Logic into a Single Vulnerabilityhttps://medium.com/@hossam_hamada/idor-privilege-escalation-no-rate-limit-business-logic-into-a-single-vulnerability-1e6acc9a3884?source=rss------bug_bounty-5Hossam Hamadahackerone, idor, bug-bounty, privilege-escalation, business-logic24-Oct-2024
Bug Bounty Burnout: Stay Motivated and Mentally Stronghttps://bevijaygupta.medium.com/bug-bounty-burnout-stay-motivated-and-mentally-strong-9408b92fa6c8?source=rss------bug_bounty-5Vijay Guptamentally-strong, bug-bounty, motivation, bug-bounty-tips, bugs24-Oct-2024
Critical Threat for WordPress Developers and Users, if You are Using a General Password to login…https://medium.com/@a5adujjaman/critical-threat-for-wordpress-developers-and-users-if-you-are-using-a-general-password-to-login-359ff16fcc45?source=rss------bug_bounty-5Asadujjaman Asifsecurity, two-factor-authentication, bug-bounty, wordpress, wordpress-security24-Oct-2024
Web3 BBP Journal: Oct.24, 2024https://medium.com/@harryfyx/web3-bbp-journal-oct-24-2024-d3c7083ac416?source=rss------bug_bounty-5hhhkbbug-bounty24-Oct-2024
Bugcrowd Triage is Terriblehttps://medium.com/@cybersecnoneed/bugcrowd-triage-is-terrible-97065059aaff?source=rss------bug_bounty-5Cybersecnoneedbug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-program24-Oct-2024
Unreleased function leads to 150$ bountyhttps://medium.com/@noureldin1042/unreleased-function-leads-to-150-bounty-c8521e3e3ba8?source=rss------bug_bounty-5Noureldin(0x_5wf)bug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-hunting, programming24-Oct-2024
How I Accessed Microsoft’s ServiceNow — Exposing ALL Microsoft Employee emails, Chat Support…https://medium.com/@moblig/how-i-accessed-microsofts-servicenow-exposing-all-microsoft-employee-emails-chat-support-5f8d535eb63b?source=rss------bug_bounty-5Mobligbug-bounty, cybersecurity, microsoft, news24-Oct-2024
Seprate Active and Dead Subdomains part 4https://osintteam.blog/seprate-active-and-dead-subdomains-part-4-18f092dc8423?source=rss------bug_bounty-5Mr Abdullahbugbounty-writeup, subdomains-enumeration, hacking, bug-bounty, web-hacking24-Oct-2024
Smart recon to PWN the panelhttps://ro0od.medium.com/smart-recon-to-pwn-the-panel-a23b0b9466bb?source=rss------bug_bounty-5roodhacking, bug-bounty, hackerone, writeup, bug-bounty-tips24-Oct-2024
Penalized for Responsible Disclosurehttps://geochen.medium.com/penalized-for-responsible-disclosure-e36b3f57dc8a?source=rss------bug_bounty-5George Chenbig-four, hacking, bug-bounty, cybersecurity, responsible-disclosure24-Oct-2024
Bug Bounty with AI: Enhancing Cybersecurity Through Artificial Intelligencehttps://prakash888kpk.medium.com/bug-bounty-with-ai-enhancing-cybersecurity-through-artificial-intelligence-fc679204b800?source=rss------bug_bounty-5Lets Unlearnai-tools, bug-bounty, ai, bugs, bounties24-Oct-2024
Cheat Sheet : Utilisation de Nuclei pour les Tests de Sécurité et bhttps://medium.com/@Itachi0xf/cheat-sheet-utilisation-de-nuclei-pour-les-tests-de-s%C3%A9curit%C3%A9-et-b-e4d9d57aff32?source=rss------bug_bounty-5Itachix0fhacking, cheatsheet, learning, bug-bounty24-Oct-2024
Das CRUD-Prinziphttps://medium.com/@rainer_zufall111/das-crud-prinzip-786530d1a302?source=rss------bug_bounty-5R4In3RZuf4LLcybersecurity, hacking, bug-bounty, api24-Oct-2024
How i found exposed db creds on .gov sitehttps://medium.com/@jenroots/how-i-found-exposed-db-creds-on-gov-site-24588d9eb9c8?source=rss------bug_bounty-5Jenrootsbug-bounty-tips, information-security, penetration-testing, bugs, bug-bounty24-Oct-2024
Second Strike: Uncovering a GraphQL IDOR That Let Me Delete Anyones Posthttps://dukrov.medium.com/second-strike-uncovering-a-graphql-idor-that-let-me-delete-anyones-post-7c6fefd71db7?source=rss------bug_bounty-5͏ ͏Dukrovbug-bounty, hackerone, cybersecurity, bugbounty-tips, hacking24-Oct-2024
How to Handle Burnout as a Bug Bounty Hunter: Step By Step guidehttps://medium.com/@shaikhminhaz1975/how-to-handle-burnout-as-a-bug-bounty-hunter-step-by-step-guide-c83b06c4fc1f?source=rss------bug_bounty-5Shaikh Minhazburnout-prevention, stress-management, cybersecurity, stress, bug-bounty23-Oct-2024
How to Find CVEs, Report Them, and Leverage Them for Career Growth and Bounties of $$$$$.https://medium.com/@anandrishav2228/how-to-find-cves-report-them-and-leverage-them-for-career-growth-and-bounties-of-3b62538c64d1?source=rss------bug_bounty-5Rishav anandai, money, cybersecurity, cve, bug-bounty23-Oct-2024
One Payload for Bugbounty(X$$)!https://pwndecoco.medium.com/one-payload-for-bugbounty-x-ace7dfd4859d?source=rss------bug_bounty-5Pwndec0c0penetration-testing, bugbounty-tips, bug-bounty, hacking, bugbounty-writeup23-Oct-2024
Hacking Tools That You Need To Learnhttps://aircorridor.medium.com/hacking-tools-that-you-need-to-learn-2d8ebb8b47aa?source=rss------bug_bounty-5Aircorridorbug-bounty, cybersecurity, linux, tools, hacking23-Oct-2024
Improper Access Control — Generic: How I Gained Full Control Over an Admin Panelhttps://medium.com/@rezauditore/improper-access-control-generic-how-i-gained-full-control-over-an-admin-panel-c82587a1a09f?source=rss------bug_bounty-5rezauditorebug-bounty, lgbtq, appsec, ethical-hacking, api23-Oct-2024
How I Discovered Sensitive App_ID and App_Key Disclosure in a JavaScript File and Earned $150https://medium.com/@dhananjay_00/how-i-discovered-sensitive-app-id-and-app-key-disclosure-in-a-javascript-file-and-earned-150-ad3fb7f942bc?source=rss------bug_bounty-5Dhananjay Pathakpenetration-testing, cybersecurity, hacking, bug-bounty, hackerone23-Oct-2024
Understanding SMTP User Enumeration via MX Record Attackshttps://hackerhalt.medium.com/smtp-user-enumeration-mx-record-4e5761d52e57?source=rss------bug_bounty-5Hacker Haltpentesting, bugcrowd, bug-bounty, hackerone23-Oct-2024
Entering The Dark Web And Explaining The Art Of Deep Anonymity | Primary Hacking School #8https://medium.com/@nnface/entering-the-dark-web-and-explaining-the-art-of-deep-anonymity-primary-hacking-school-8-20239706e4fc?source=rss------bug_bounty-5NnFacedarkweb, web, hacking, kali-linux, bug-bounty23-Oct-2024
Eyeglass Adventures: From Typos to Admin Access — A Hacker’s Talehttps://medium.com/@khode4li/eyeglass-adventures-from-typos-to-admin-access-a-hackers-tale-0a3149acd6e9?source=rss------bug_bounty-5Khod4lisecurity, mass-assignment, bug-bounty, broken-access-control, vulnerability23-Oct-2024
Stored XSS Critical or NOT?https://medium.com/@mrro0o0tt/stored-xss-critical-or-not-da9eb9b19029?source=rss------bug_bounty-5Whoamibug-bounty-hunter, bug-bounty-tips, bug-bounty, hacking, bug-bounty-writeup23-Oct-2024
Requisições Web  —  Tudo que você deve saber para começar em cybersegurançahttps://medium.com/@malwarilia/requisi%C3%A7%C3%B5es-web-tudo-que-voc%C3%AA-deve-saber-para-come%C3%A7ar-em-cyberseguran%C3%A7a-ef01a89b250c?source=rss------bug_bounty-5Marília Rochabug-bounty-tips, pentesting, cybersecurity, infosec, bug-bounty22-Oct-2024
Bug Bounty Methodology for SQL Injection with Waybash URLshttps://pwn0sec.medium.com/bug-bounty-methodology-for-sql-injection-with-waybash-urls-d1d13d0ebdaa?source=rss------bug_bounty-5Imhunterandbug-bounty-tips, waybash, sql-injection, bug-bounty-writeup, bug-bounty22-Oct-2024
Oracle SQL Injection | Database Reconhttps://systemweakness.com/oracle-sql-injection-database-recon-0c384d4a085a?source=rss------bug_bounty-5AbhirupKonwarcybersecurity, sql-injection, bug-bounty, pentesting, bug-bounty-tips22-Oct-2024
Forget password OTP flaw lead to Account Takeover.https://medium.com/@bughunt789/forget-password-otp-flaw-lead-to-account-takeover-b3f2b847952b?source=rss------bug_bounty-5BUG HUNTERbug-bounty, bug-bounty-writeup, response-manipulation, account-takeover, account-takeover-attacks22-Oct-2024
How I Hacked Over 150k PII on a Programhttps://medium.com/@rootplinix/how-i-hacked-over-150k-pii-on-a-program-f58b8b141d4a?source=rss------bug_bounty-5Abu Hurayrapii-data, infosec, hackerone, bug-bounty-tips, bug-bounty22-Oct-2024
SQL Injection Attack, Listing the Database Contents on Oraclehttps://medium.com/@marduk.i.am/sql-injection-attack-listing-the-database-contents-on-oracle-3be23e33a43d?source=rss------bug_bounty-5Marduk I Amsqli, information-security, sql-injection, portswigger-lab, bug-bounty22-Oct-2024
Discovery of Reflected XSS Vulnerability on a Global Car Website #2https://medium.com/@gg20205959/discovery-of-reflected-xss-vulnerability-on-a-global-car-website-2-ddfc7ba9f67d?source=rss------bug_bounty-5VulnSniperxss-attack, xss-vulnerability, bug-bounty, penetration-testing22-Oct-2024
LLM Penetration Testing Checklisthttps://infosecwriteups.com/llm-penetration-testing-checklist-87eda0ce2991?source=rss------bug_bounty-5Ajay Naikinformation-technology, information-security, penetration-testing, cybersecurity, bug-bounty22-Oct-2024
Security Flaw in Styra’s OPA Exposes NTLM Hashes to Remote Attackershttps://medium.com/@wiretor/security-flaw-in-styras-opa-exposes-ntlm-hashes-to-remote-attackers-f4c9ce201de8?source=rss------bug_bounty-5WIRE TORpenetration-testing, hacking, bug-bounty, cybersecurity, usa22-Oct-2024
Shodan Secrets | Hack Hidden Files Easilyhttps://osintteam.blog/shodan-secrets-hack-hidden-files-easily-94de007def73?source=rss------bug_bounty-5AbhirupKonwarcybersecurity, bug-hunting, shodan, bug-bounty, pentesting22-Oct-2024
Hunting Broken Object Level Authorizationhttps://blackhawkk.medium.com/hunting-broken-object-level-authorization-9b499fc0f327?source=rss------bug_bounty-5Tanmay Bhattacharjeebug-bounty, api-sec, owasp22-Oct-2024
Single endpoint leads to two bounties!(400$)https://medium.com/@noureldin1042/single-endpoint-leads-to-two-bounties-400-7dd96cf601c7?source=rss------bug_bounty-5Noureldin(0x_5wf)bug-bounty, bug-hunting, bug-bounty-writeup, hackerone, bug-bounty-tips22-Oct-2024
Breaking Boundaries: Discovering Session Invalidation Failures in User Roleshttps://medium.com/@hawkeye69669/breaking-boundaries-discovering-session-invalidation-failures-in-user-roles-84711777f9f2?source=rss------bug_bounty-5Hawkeyebug-bounty-tips, bug-bounty, infosec-write-ups, bug-bounty-writeup, infosec22-Oct-2024
Google Warns of Samsung Zero-Day Exploited in the Wildhttps://medium.com/@wiretor/google-warns-of-samsung-zero-day-exploited-in-the-wild-fb98c84b3e06?source=rss------bug_bounty-5WIRE TORusa, cybersecurity, hacking, bug-bounty, malware22-Oct-2024
Critical Vulnerabilities Expose mbNET.mini and Helmholz Industrial Routers to Attackshttps://medium.com/@wiretor/critical-vulnerabilities-expose-mbnet-mini-and-helmholz-industrial-routers-to-attacks-feac904b23b5?source=rss------bug_bounty-5WIRE TORusa, hacking, bug-bounty, cybersecurity, pentesting22-Oct-2024
Ransomware Alert: Cicada3301 Emerges as Successor to BlackCathttps://medium.com/@wiretor/ransomware-alert-cicada3301-emerges-as-successor-to-blackcat-e0e468472e08?source=rss------bug_bounty-5WIRE TORpentesting, bug-bounty, cybersecurity, usa, hacking22-Oct-2024
How i tricked Crypto Trading Site into sending Dangerous email to it’s Usershttps://medium.com/@Rahulkrishnan_R_Panicker/how-i-tricked-crypto-trading-site-into-sending-dangerous-email-to-its-users-a11a972c470f?source=rss------bug_bounty-5Rahulkrishnan R Panickerbug-bounty, bug-bounty-tips, bug-bounty-writeup, pentesting, security21-Oct-2024
Oops, Nykaa! How I Almost Ordered ₹1 Lakh Worth of Makeup (Without Even Logging In!)https://medium.com/@lungfu-chingchung/oops-nykaa-how-i-almost-ordered-1-lakh-worth-of-makeup-without-even-logging-in-f10679e0d8c9?source=rss------bug_bounty-5LungFulearning, firstwriteup, mastmaula, security, bug-bounty21-Oct-2024
Another Dark Reality of Bug Huntinghttps://bevijaygupta.medium.com/another-dark-reality-of-bug-hunting-0c8fa62e9867?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, dark-reality, bug-bounty, bugs, bug-zero21-Oct-2024
How to Use nslookup from Beginner to Advanced: A Comprehensive Guidehttps://medium.com/@anandrishav2228/how-to-use-nslookup-from-beginner-to-advanced-a-comprehensive-guide-846ad93955e4?source=rss------bug_bounty-5Rishav anandmoney, cybersecurity, hacker, bug-bounty, dns21-Oct-2024
How I Found and Reported a High Severity Stored XSS Vulnerability in the UK Ministry of Defence: A…https://medium.com/@sagarjondhle/how-i-found-and-reported-a-critical-stored-xss-vulnerability-in-the-uk-ministry-of-defence-a-bug-e44497befaa8?source=rss------bug_bounty-5IronPurushbug-bounty, cybersecurity, information-technology, education21-Oct-2024
Hacking LLMNR and NBT-NShttps://medium.com/@nishcyber22/hacking-llmnr-and-nbt-ns-3187458ee89d?source=rss------bug_bounty-50xn1shpenetration-testing, hacking, cybersecurity, windows-hacking, bug-bounty21-Oct-2024
HTTP para Pentesters: Tudo que você precisa saberhttps://medium.com/@malwarilia/introdu%C3%A7%C3%A3o-ao-http-para-pentesters-tudo-que-voc%C3%AA-precisa-saber-f3cce97d42e9?source=rss------bug_bounty-5Marília Rochaoffensive-security, segurança-da-informação, cybersecurity, bug-bounty, pentes21-Oct-2024
What’s Session Managementhttps://medium.com/@vishalsahu1604/whats-session-management-306c08a9afcf?source=rss------bug_bounty-5Vishal Sahoobug-bounty, cybersecurity, website-traffic, website, website-development21-Oct-2024
Unlocking Cybersecurity with Censys: A Guide to Ethical Hacking, Bug Bounties, and Pentesting —…https://medium.com/@vulnlabresearcher/unlocking-cybersecurity-with-censys-a-guide-to-ethical-hacking-bug-bounties-and-pentesting-f4c29e89ac54?source=rss------bug_bounty-5VulnResearcherpassive-network-scanning, internet-scanning-tools, censys-tutorial, bug-bounty, ethical-hacking21-Oct-2024
CSRF-ATTACK-PREVENTION-GUIDEhttps://osintteam.blog/csrf-attack-prevention-guide-3afe8791af6d?source=rss------bug_bounty-5Asad Mohsincyber-security-awareness, cybersecuirty, cyber-attack-prevention, bug-bounty, csrf21-Oct-2024
How No rate limiting got me 150$ in 5 minutes.https://medium.com/@noureldin1042/how-no-rate-limiting-got-me-150-in-5-minutes-e0abbec48f35?source=rss------bug_bounty-5Noureldin(0x_5wf)bug-bounty, bounty-hunter, penetration-testing, bounty-program, bug-hunting21-Oct-2024
How i found 22 LFI in the same program using automation trickshttps://medium.com/@zomasec/how-i-found-22-lfi-in-the-same-program-using-automation-tricks-3ea303d24f4a?source=rss------bug_bounty-5Hazem El-Sayedbug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips, web-security21-Oct-2024
My First $100 Bounty: Exploiting IDOR Vulnerability in Account Sectionhttps://medium.com/@tinu7494/my-first-100-bounty-exploiting-idor-vulnerability-in-account-section-fc81d28dbed9?source=rss------bug_bounty-5Whitehatbug-bounty, penetration-testing, bug-bounty-tips, hacking, cybersecurity21-Oct-2024
How Sensitive Information Disclosure Can Lead to Account Takeoverhttps://medium.com/@D2Cy/how-sensitive-information-disclosure-can-lead-to-account-takeover-vulnerabilities-4d18d2a3711d?source=rss------bug_bounty-5Devanshinformation-security, bug-bounty, idor, account-takeover21-Oct-2024
Mastering Arsenal (How to Use the Nuclei Tool Effectively)https://medium.com/@bitthr3at/mastering-arsenal-how-to-use-the-nuclei-tool-effectively-5ff976dfaeb0?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)nucleus, scanning, bug-bounty, pentest, tools21-Oct-2024
Microsoft Blocks Windows 11 24H2 on Select ASUS Models: A Cautionary Tale for Usershttps://medium.com/@wiretor/microsoft-blocks-windows-11-24h2-on-select-asus-models-a-cautionary-tale-for-users-5fc3314e0cfa?source=rss------bug_bounty-5WIRE TORcybersecurity, bug-bounty, pentest, usa, hacking21-Oct-2024
Cisco Takes DevHub Portal Offline Following Hacker Leak of Sensitive Datahttps://medium.com/@wiretor/cisco-takes-devhub-portal-offline-following-hacker-leak-of-sensitive-data-b6ca5cffe3c3?source=rss------bug_bounty-5WIRE TORpentesting, hacking, usa, bug-bounty, cybersecurity21-Oct-2024
Massive WordPress Breach: Over 6,000 Sites Hacked by Infostealing Malware Plugins! ️https://medium.com/@wiretor/massive-wordpress-breach-over-6-000-sites-hacked-by-infostealing-malware-plugins-%EF%B8%8F-2a4cb7e80d0c?source=rss------bug_bounty-5WIRE TORpentest, usa, pentesting, bug-bounty, cybersecurity21-Oct-2024
North Korean Hackers Exploit Microsoft Zero-Day: APT37’s “Code-on-Toast” Attack Uncoveredhttps://medium.com/@wiretor/north-korean-hackers-exploit-microsoft-zero-day-apt37s-code-on-toast-attack-uncovered-c10af50cf040?source=rss------bug_bounty-5WIRE TORcybersecurity, usa, bug-bounty, hacking, malware21-Oct-2024
My Bug Hunting Journey Beginshttps://medium.com/@ahmsyhmi/my-bug-hunting-journey-begins-c75c291ffe9c?source=rss------bug_bounty-5Ahmad Syahmibug-bounty-tips, bug-bounty, cybersecurity, bug-bounty-hunter, bug-hunting20-Oct-2024
How i got 300euro bounty?https://doordiefordream.medium.com/how-i-got-300euro-bounty-5e25f0a212de?source=rss------bug_bounty-5balu bandiethical-hacking, hacking, bug-bounty, writeup, cybersecurity20-Oct-2024
How I Found My First P1 Bug ??https://medium.com/@prajwalpatil453/how-i-found-my-first-p1-bug-705b6ba5e3e2?source=rss------bug_bounty-5Anonstrkbug-bounty-tips, cybersecurity, tips-and-tricks, vdp, bug-bounty20-Oct-2024
How Much Does Penetration Testing Cost?https://securitylit.medium.com/how-much-does-penetration-testing-cost-945fdb94e973?source=rss------bug_bounty-5Security Lit Limitedit-security, penetration-testing, pentesting, services, bug-bounty20-Oct-2024
Is CISSP Certification Still Worth It in 2025? Find Out Why You Should Consider It!https://securitylit.medium.com/is-cissp-certification-still-worth-it-in-2025-find-out-why-you-should-consider-it-dda36a443f80?source=rss------bug_bounty-5Security Lit Limitedpenetration-testing, it-security, bug-bounty, cybersecurity20-Oct-2024
Bypassing Email Uniqueness Check: A Logic Flaw Disrupting Password Recoveryhttps://medium.com/@0xoroot/bypassing-email-uniqueness-check-a-logic-flaw-disrupting-password-recovery-95464c95b664?source=rss------bug_bounty-50xorootbug-bounty-tips, broken-access-control, hacking, bug-bounty, hackerone20-Oct-2024
Mastering SQLMap Tool for Effective SQL Injection Testinghttps://medium.com/@prasanna.acharya/mastering-sqlmap-tool-for-effective-sql-injection-testing-38911178d3f6?source=rss------bug_bounty-5Prasanna Acharyasqlmap, sql-injection, bug-bounty-tips, web-penetration-testing, bug-bounty20-Oct-2024
Mastering Internet Scanning: How to Use ZMap and Censys for Ethical Hacking — Part 1https://medium.com/@vulnlabresearcher/mastering-internet-scanning-how-to-use-zmap-and-censys-for-ethical-hacking-part-1-9d05feb7a382?source=rss------bug_bounty-5VulnResearcherbug-bounty, ethical-hacking, network-scanning, cybersecurity, zmap-tutorial20-Oct-2024
Hack Application Pattern Lockhttps://medium.com/@k3r0/hack-application-pattern-lock-5ade6b8128dc?source=rss------bug_bounty-5Kyrillos nadybug-bounty, pentesting, hacking, mobi̇le, android20-Oct-2024
Bug Bounty Roadmap for Beginner’shttps://medium.com/@kumawatabhijeet2002/bug-bounty-roadmap-for-beginners-de747ab39036?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, hacking, bugbounty-writeup, bug-bounty-tips20-Oct-2024
The Deceptive Dance of Self-XSS: How to Protect Yourself from Your Own Browserhttps://medium.com/@mrutunjayasenapati0/the-deceptive-dance-of-self-xss-how-to-protect-yourself-from-your-own-browser-303ffe642073?source=rss------bug_bounty-5Mrutunjaya Senapatixss-attack, bug-bounty, vulnerability, bugs, hacking20-Oct-2024
My Adventure in Bug Bounty: Sharing My Very First Successful Discoveryhttps://medium.com/@prateek.baghela/my-adventure-in-bug-bounty-sharing-my-very-first-successful-discovery-526124148107?source=rss------bug_bounty-5Prateek Baghelacybersecurity, hacking, ethical-hacking, bug-bounty20-Oct-2024
My first SQLi vulnerabilityhttps://medium.com/@rimed.software/my-first-sqli-vulnerability-f1eaab78eadf?source=rss------bug_bounty-5muhammed demirowasp-top-10, bug-bounty, bug-bounty-writeup, sqli, cybersecurity20-Oct-2024
Halloween Special Offer: 25% Off All Cybersecurity Services!https://medium.com/@wiretor/halloween-special-offer-25-off-all-cybersecurity-services-01ff60356d66?source=rss------bug_bounty-5WIRE TORhacking, bug-bounty, halloween, cybersecurity, usa20-Oct-2024
Finally I got My First Bounty | From Self Hosted Programhttps://medium.com/@the.air.cyborg/finally-i-got-my-first-bounty-from-self-hosted-program-71ffe09473c4?source=rss------bug_bounty-5the_air_cyborgclickjacking, bugbounty-writeup, bug-bounty, bugbounty-tips, clickbait20-Oct-2024
Mastering Nmap Firewall Evasion Techniques: A Detailed Guidehttps://medium.com/@anandrishav2228/mastering-nmap-firewall-evasion-techniques-a-detailed-guide-f5d5b9f00587?source=rss------bug_bounty-5Rishav anandfirewall, bug-bounty, nmap, cybersecurity, money20-Oct-2024
How to Start Hacking: A Comprehensive Guide to Ethical Hacking and Penetration Testing for…https://medium.com/@verylazytech/how-to-start-hacking-a-comprehensive-guide-to-ethical-hacking-and-penetration-testing-for-db6e3fcd63ea?source=rss------bug_bounty-5Very Lazy Techbug-bounty, books, how-to-start-hacking, penetration-testing, cybersecurity20-Oct-2024
Superior Tool Untuk Melakukan Google Dorking Dalam Mencari Kerentanan Websitehttps://medium.com/@bimosp56/superior-tool-untuk-melakukan-google-dorking-dalam-mencari-kerentanan-website-ec7719b05a5b?source=rss------bug_bounty-5Bimo Salasa Putrabug-bounty, bigbountyrecon, vulnerability-assessment, google-dorking, vulnerability20-Oct-2024
FINDING A DOS BUG(STEP BY STEP).https://osintteam.blog/finding-a-dos-bug-step-by-step-5f13d361dc90?source=rss------bug_bounty-5loyalonlytodayhacking, penetration-testing, bug-bounty-tips, cybersecurity, bug-bounty20-Oct-2024
$$$ Bounty for PII disclosure through APIhttps://osintteam.blog/bounty-for-pii-disclosure-through-api-71b660bc984b?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitcybersecurity, hacking, bug-bounty, ethical-hacking, technology20-Oct-2024
Security Misconfigurations in Docker Containers: My $500 Win!https://osintteam.blog/security-misconfigurations-in-docker-containers-my-500-win-241af85882b2?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitethical-hacking, hacking, bug-bounty, cybersecurity, technology20-Oct-2024
Exploiting Auth0 Misconfigurations: A Case Study on Account Linking Vulnerabilitieshttps://medium.com/@iknowhatodo/exploiting-auth0-misconfigurations-a-case-study-on-account-linking-vulnerabilities-76fb6b9703f8?source=rss------bug_bounty-5Hossam Ahmedsecurity, penetration-testing, bug-bounty, information-security20-Oct-2024
What are Cookies? and How Attackers Take Privilege of Cookieshttps://medium.com/@vishalsahu1604/what-are-cookies-and-how-attackers-take-privilege-of-cookies-a016145c5fff?source=rss------bug_bounty-5Vishal Sahoowebsite-development, bug-bounty, technology, cybersecurity, website20-Oct-2024
How I could steal Telegram OTPs using SMS relayshttps://medium.com/@cyberletmewin/how-i-could-steal-telegram-otps-using-sms-relays-4672769c98e3?source=rss------bug_bounty-5Abdelkhalek Beraoud (letmewin)telegram, information-security, mobile-network, cybersecurity, bug-bounty20-Oct-2024
VDP vs CVD vs Bug Bountyhttps://medium.com/@ali.abdollahi/vdp-vs-cvd-vs-bug-bounty-bc2402038e4f?source=rss------bug_bounty-5Ali Abdollahicybersecurity, security, information-security, vulnerability, bug-bounty20-Oct-2024
Hackers Exploit Roundcube Webmail Vulnerability to Steal Login Credentialshttps://medium.com/@wiretor/hackers-exploit-roundcube-webmail-vulnerability-to-steal-login-credentials-6b2761a7dd81?source=rss------bug_bounty-5WIRE TORhacking, pentest, usa, cybersecurity, bug-bounty20-Oct-2024
Hackers Exploit Redbox Kiosks: A Wake-Up Call for Digital Securityhttps://medium.com/@wiretor/hackers-exploit-redbox-kiosks-a-wake-up-call-for-digital-security-1d19e18f3a80?source=rss------bug_bounty-5WIRE TORhacking, usa, cybersecurity, malware, bug-bounty20-Oct-2024
How to Find XSS in Real-Life Bug Bounty Targetshttps://medium.com/@rupaitanudas/how-to-find-xss-in-real-life-bug-bounty-targets-319177706ad8?source=rss------bug_bounty-5Rupaitanudasxss-attack, bug-bounty, tips-and-tricks20-Oct-2024
Internet Archive Breached Again: Urgent Call for Enhanced Cybersecurityhttps://medium.com/@wiretor/internet-archive-breached-again-urgent-call-for-enhanced-cybersecurity-4cb161fc5408?source=rss------bug_bounty-5WIRE TORcybersecurity, bug-bounty, usa, malware, hacking20-Oct-2024
how did I lose $5000?https://medium.com/@mr.matrex00.7/how-did-i-lose-5000-6bf4a5c7cbf7?source=rss------bug_bounty-5Mr Matrexhackthebox, tryhackme, bug-bounty, bug-bounty-tips, bug-bounty-writeup20-Oct-2024
Unveiling Hidden Vulnerabilities: A Journey into E-Commerce Securityhttps://medium.com/@CipherHawk/unveiling-hidden-vulnerabilities-a-journey-into-e-commerce-security-db7993b788cc?source=rss------bug_bounty-5CipherHawkbug-bounty-tips, bug-bounty, bugcrowd, cybersecurity, hackerone20-Oct-2024
VDP vs CVD vs Bug Bountyhttps://systemweakness.com/vdp-vs-cvd-vs-bug-bounty-bc2402038e4f?source=rss------bug_bounty-5Ali Abdollahicybersecurity, security, information-security, vulnerability, bug-bounty20-Oct-2024
How I Found My First Easy P3 Vulnerability in HackerOne Bug Bounty‍https://medium.com/@aryan9868/how-i-found-my-first-easy-p3-vulnerability-in-hackerone-bug-bounty-f9227942c6c0?source=rss------bug_bounty-5h4ck3rrawatbugs, bug-bounty-tips, bugbounty-writeup, hackerone, bug-bounty19-Oct-2024
Google Dorking Queries to find vulnurable targetshttps://medium.com/@kanishk.k1410/google-dorkingqueries-to-find-vulnurable-targets-89ee672b6996?source=rss------bug_bounty-5Kanishk Kumargoogle-dorking, hacking, technology, bug-bounty, offensive-security19-Oct-2024
How a NoSQL Injection Attack Helped Me Earn $500: A Step-by-Step Guidehttps://medium.com/@anandrishav2228/how-a-nosql-injection-attack-helped-me-earn-500-a-step-by-step-guide-51370a95bb93?source=rss------bug_bounty-5Rishav anandbug-bounty, ai, money, nosql, cybersecurity19-Oct-2024
A Comprehensive Guide to API Fuzzing: Strengthen Your API Securityhttps://medium.com/@Code_With_Ssn/a-comprehensive-guide-to-api-fuzzing-strengthen-your-api-security-5c00aac974b0?source=rss------bug_bounty-5N4!TR0 07api-fuzzing, api, bug-bounty, bug-bounty-writeup, reconnaissance19-Oct-2024
From JavaScript Analysis To UUID Pattern Exploration Revealed a Critical IDOR!https://medium.com/@ozomarzu/from-javascript-analysis-to-uuid-pattern-exploration-revealed-a-critical-idor-5c526451e7ec?source=rss------bug_bounty-5CyberOzbug-bounty-tips, js, idor, bug-bounty-writeup, bug-bounty19-Oct-2024
Password Brute-Forcing: The Cybersecurity Game Show You Didn’t Sign Up Forhttps://medium.com/@mrutunjayasenapati0/password-brute-forcing-the-cybersecurity-game-show-you-didnt-sign-up-for-c03052aedeeb?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, vulnerability, bug-bounty, passwords, bugs19-Oct-2024
How I Uncovered a Hidden XSS Vulnerability in a Global Car Websitehttps://medium.com/@gg20205959/how-i-uncovered-a-hidden-xss-vulnerability-in-a-global-car-website-1e0b86a86a7a?source=rss------bug_bounty-5VulnSniperxss-attack, xss-vulnerability, hacking, alerts, bug-bounty19-Oct-2024
How I Uncovered a High-Severity Vulnerability Using a Single HTTP Headerhttps://medium.com/@ahmeedhisham2019/how-i-uncovered-a-high-severity-vulnerability-using-a-single-http-header-bf678a2775dc?source=rss------bug_bounty-5CipherHawkcybersecurity, ethical-hacking, hackerone, bug-bounty-tips, bug-bounty19-Oct-2024
SubdomainRadar.io — The best Subdomain Finder And Port Scannerhttps://medium.com/@alexandrevandammepro/subdomainradar-io-the-best-subdomain-finder-and-port-scanner-a5390b5fee67?source=rss------bug_bounty-5Alexandre Vandammesubdomains-enumeration, osint, bug-bounty, infose, cybersecurity19-Oct-2024
How I am starting my Bug Bounty Hunting Journeyhttps://cybersechemmars.medium.com/how-i-am-starting-my-bug-bounty-hunting-journey-6d807a367d80?source=rss------bug_bounty-5Cybersec with Hemmarsbug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, cybersecurity19-Oct-2024
Get easy $50,000 bugbounty hunting from hackerone programhttps://medium.com/@loaymorad11/get-easy-50-000-bugbounty-hunting-from-hackerone-program-e5a119d2af0c?source=rss------bug_bounty-5Loaymoradhackerone, writeup, information-disclosure, cybersecurity, bug-bounty19-Oct-2024
Attack on Zendeskhttps://medium.com/@skirkanna/attack-on-zendesk-6f4f3adf3458?source=rss------bug_bounty-5Anna Skirko (unknown_feature)bug-bounty, apple, zendesk, supply-chain, slack19-Oct-2024
How I Uncovered a High-Severity Vulnerability Using a Single HTTP Headerhttps://medium.com/@CipherHawk/how-i-uncovered-a-high-severity-vulnerability-using-a-single-http-header-bf678a2775dc?source=rss------bug_bounty-5CipherHawkcybersecurity, ethical-hacking, hackerone, bug-bounty-tips, bug-bounty19-Oct-2024
How I Found a Subdomain Takeover Bug and Earned a $500 Bountyhttps://medium.com/@D2Cy/how-i-found-a-subdomain-takeover-bug-and-earned-a-500-bounty-0edc139fe994?source=rss------bug_bounty-5D2Cyinformation-security, bug-bounty, bug-bounty-writeup, cybersecurity, subdomain-takeover19-Oct-2024
XSShttps://medium.com/@cyberviperx/xss-f5daee1b9e95?source=rss------bug_bounty-5Majd abuleilxss-vulnerability, bug-bounty, cybersecurity, hacking, xss-attack19-Oct-2024
6 BEST Hacking Books for Learning Cybersecurityhttps://medium.com/illumination/6-best-hacking-books-for-learning-cybersecurity-bbe0e9bdf0ae?source=rss------bug_bounty-5Tahir Ayoubpenetration-testing, bug-bounty, hacking, cybersecurity, ethical-hacking19-Oct-2024
Alabama Man Arrested for SEC Social Media Hack That Caused Bitcoin Price Spikehttps://medium.com/@wiretor/alabama-man-arrested-for-sec-social-media-hack-that-caused-bitcoin-price-spike-eebee5fe0a88?source=rss------bug_bounty-5WIRE TORinformation-technology, cybersecurity, malware, xss-attack, bug-bounty19-Oct-2024
Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Varianthttps://medium.com/@wiretor/russian-romcom-attacks-target-ukrainian-government-with-new-singlecamper-rat-variant-89d740937358?source=rss------bug_bounty-5WIRE TORcybersecurity, xss-attack, hacking, bug-bounty, usa19-Oct-2024
Attention WordPress Users! Critical Jetpack Vulnerability Fixed!https://medium.com/@wiretor/attention-wordpress-users-critical-jetpack-vulnerability-fixed-f52d455499fe?source=rss------bug_bounty-5WIRE TORbug-bounty, usa, sqli, malware, hacking19-Oct-2024
How I Found a Subdomain Takeover Bug and Earned a $500 Bountyhttps://medium.com/@D2Cy/how-i-found-a-subdomain-takeover-bug-and-earned-a-500-bounty-0edc139fe994?source=rss------bug_bounty-5Devanshinformation-security, bug-bounty, bug-bounty-writeup, cybersecurity, subdomain-takeover19-Oct-2024
2FA Bypass via OAuth Linkinghttps://medium.com/@sharp488/2fa-bypass-via-oauth-linking-c8a640519ae8?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty-tips, bug-bounty, hacking, information-security, information-technology18-Oct-2024
Stored XSS & Privilege Escalation in Profile Field -Private Programhttps://cyb3rc4t.medium.com/stored-xss-privilege-escalation-in-profile-field-private-program-2bdde55e34b2?source=rss------bug_bounty-5CYB3RC4Tinfosec, bugbounty-writeup, bug-bounty, security, privilege-escalation18-Oct-2024
Managing and Modifying URLs in SubScope for Bug Bounty Programs: A Comprehensive Guidehttps://medium.com/@hunthubspace/managing-and-modifying-urls-in-subscope-for-bug-bounty-programs-a-comprehensive-guide-667df5ed07ab?source=rss------bug_bounty-5hunThubautomation, bug-bounty, penetration-testing, cybersecurity, bug-bounty-tips18-Oct-2024
I found this Bug in just 5 min. Only and Earn $300.https://medium.com/@anandrishav2228/i-found-this-bug-in-just-5-min-only-and-earn-300-6b57528a7291?source=rss------bug_bounty-5Rishav anandcors, bug-bounty, cybersecurity, money, vulnerability18-Oct-2024
Exploiting Session Fixation via Stored XSS and Cookie Jar Overflow Attackhttps://akashc99.medium.com/exploiting-session-fixation-via-stored-xss-and-cookie-jar-overflow-attack-7cf8d60e1f9e?source=rss------bug_bounty-5Akash ccybersecurity, web-app-security, bug-bounty, bug-hunter, hacking18-Oct-2024
A Security Researcher’s Journey: Uncovering an Account Takeover Vulnerabilityhttps://medium.com/@cybershree/a-security-researchers-journey-uncovering-an-account-takeover-vulnerability-624763bd4ecd?source=rss------bug_bounty-5Shridhar Rajaputcybersecurity, security, bug-bounty-tips, vulnerability, bug-bounty18-Oct-2024
The Harsh Reality of Bug Bounty Hunting Bugcrowdhttps://medium.com/@cybershree/the-harsh-reality-of-bug-bounty-hunting-on-bugcrowd-aac3b29e9f43?source=rss------bug_bounty-5Shridhar Rajaputbugcrowd, cybersecurity, bugbounty-writeup, bugs, bug-bounty18-Oct-2024
Exploring Session Hijacking: How Attackers Compromise Web Sessionshttps://medium.com/@mrutunjayasenapati0/exploring-session-hijacking-how-attackers-compromise-web-sessions-6a1c78e6c718?source=rss------bug_bounty-5Mrutunjaya Senapativulnerability, bug-bounty, sessions, bug-bounty-tips, hacking18-Oct-2024
IDOR: User Information Disclosurehttps://systemweakness.com/idor-user-information-disclosure-7c6951a55a7a?source=rss------bug_bounty-5Aswin Thambi Panikulangaracybersecurity, bug-bounty, hacking, bug-bounty-tips, bugbounty-writeup18-Oct-2024
How Do Hackers Crack ANY Softwarehttps://medium.com/@TahirAyoub/how-do-hackers-crack-any-software-8e8e201bb169?source=rss------bug_bounty-5Tahir Ayoubhacking, bug-bounty, cybersecurity, medium, pentesting18-Oct-2024
Business logic vulnerability : Permanent Comments lockhttps://sayedv2.medium.com/business-logic-vulnerability-permanent-comments-lock-f118087967ba?source=rss------bug_bounty-5Mohamed Sayedsecurity, bug-bounty, cybersecurity, business-logic, infosec18-Oct-2024
How I Earned $150 for Reporting a Simple Parameter Bughttps://medium.com/@janmaciejewski07/how-i-earned-150-for-reporting-a-simple-parameter-bug-90734441dcd5?source=rss------bug_bounty-5Jan Maciejewskiprogramming, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-program18-Oct-2024
Easy P3 Bug: A Spoofing Vulnerabilityhttps://medium.com/@cybershree/easy-p3-bug-a-spoofing-vulnerability-ca73a62b6f48?source=rss------bug_bounty-5Shridhar Rajaputcybersecurity, penetration-testing, bug-bounty, linkedin, information-technology18-Oct-2024
Easy P4 Bug #2: Account Deletion Lacks Password Verificationhttps://medium.com/@cybershree/p4-bug-2-account-deletion-lacks-password-verification-a8633a00c9fc?source=rss------bug_bounty-5Shridhar Rajaputcybersecurity, bugs, security-research, bug-bounty, information-technology18-Oct-2024
Easy P4 Bug : Failure to Invalidate Sessions Post Password Changehttps://medium.com/@cybershree/easy-p4-bug-failure-to-invalidate-sessions-post-password-change-56a3aee9e8cc?source=rss------bug_bounty-5Shridhar Rajaputcybersecurity, bug-bounty, information-technology, hackerone, ethical-hacking18-Oct-2024
The Harsh Reality of Bug Bounty Hunting on Bugcrowdhttps://medium.com/@cybershree/the-harsh-reality-of-bug-bounty-hunting-on-bugcrowd-aac3b29e9f43?source=rss------bug_bounty-5Shridhar Rajaputbugcrowd, cybersecurity, bugbounty-writeup, bugs, bug-bounty18-Oct-2024
Microsoft Unveils macOS Vulnerability: A Deep Dive into the HM Surf Flaw ️https://medium.com/@wiretor/microsoft-unveils-macos-vulnerability-a-deep-dive-into-the-hm-surf-flaw-%EF%B8%8F-1bb8b77b2a63?source=rss------bug_bounty-5WIRE TORcybersecurity, cve, bug-bounty, hacking, zero-day18-Oct-2024
Hong Kong Crime Ring Swindles Victims Out of $46M Using Deepfakeshttps://medium.com/@wiretor/hong-kong-crime-ring-swindles-victims-out-of-46m-using-deepfakes-9dc8cb713248?source=rss------bug_bounty-5WIRE TORhacking, usa, shell, sql, bug-bounty18-Oct-2024
Omni Family Health Impacts 470,000 Individualshttps://medium.com/@wiretor/omni-family-health-impacts-470-000-individuals-d20a82cd0ac8?source=rss------bug_bounty-5WIRE TORusa, sql, rce, bug-bounty, hacking18-Oct-2024
Another Dark Reality of Bug Huntinghttps://medium.com/@akashmotkar001/another-dark-reality-of-bug-hunting-6539c60dac31?source=rss------bug_bounty-5Akashmotkarethical-hacking, hacking, bug-bounty, bugs, cybersecurity18-Oct-2024
How Do Hackers Crack ANY Softwarehttps://medium.com/h7w/how-do-hackers-crack-any-software-8e8e201bb169?source=rss------bug_bounty-5Tahir Ayoubhacking, bug-bounty, cybersecurity, medium, pentesting18-Oct-2024
Bug Bounty Tools that make you Rich and Independent and Help earn upto $100–$50,000https://medium.com/@anandrishav2228/bug-bounty-tools-that-make-you-rich-and-independent-and-help-earn-upto-100-50-000-eddc92485bae?source=rss------bug_bounty-5Rishav anandhacking, tools, bug-bounty, money, cybersecurity17-Oct-2024
Bug Bounty Millionaires: Are You Missing Out on Easy Money?https://medium.com/@paritoshblogs/bug-bounty-millionaires-are-you-missing-out-on-easy-money-e5b10a9e2cc1?source=rss------bug_bounty-5Paritoshinformation-technology, cybersecurity, money, bug-bounty, hacking17-Oct-2024
Electron JS Application Penetration Testinghttps://medium.com/@ajaynaikhack/electron-js-application-penetration-testing-b0809af324f6?source=rss------bug_bounty-5Ajay Naikcybersecurity, bug-bounty, information-security, electronjs, penetration-testing17-Oct-2024
How to Find XSS in Bug Bounty Programs: A Step-by-Step Guide with Source Code Exampleshttps://medium.com/@shaikhminhaz1975/how-to-find-xss-in-bug-bounty-programs-a-step-by-step-guide-with-source-code-examples-804e4b8a225d?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, step-by-step-guide, penetration-testing, xss-attack, bug-bounty17-Oct-2024
Your approach to finding XSS would change after you read thishttps://medium.com/@nireshpandian19/your-approach-to-finding-xss-would-change-after-you-read-this-8292fcafefc1?source=rss------bug_bounty-5JAI NIRESH Jidor-vulnerability, bug-bounty, cybersecurity, bug-bounty-writeup, idor17-Oct-2024
Electron JS Application Penetration Testinghttps://infosecwriteups.com/electron-js-application-penetration-testing-b0809af324f6?source=rss------bug_bounty-5Ajay Naikcybersecurity, bug-bounty, information-security, electronjs, penetration-testing17-Oct-2024
E-commerce website vulnerability bounty practice sharing(II)https://medium.com/@security.tecno/e-commerce-website-vulnerability-bounty-practice-sharing-ii-739d47705908?source=rss------bug_bounty-5TECNO Securitysecurity, hacking, bonus, bug-bounty17-Oct-2024
IDOR lead to Restriction Bypass!!https://kumarmohank889.medium.com/idor-lead-to-restriction-bypass-7f42d593ffd4?source=rss------bug_bounty-5Mohan Kumar Nbug-bounty-tips, bug-bounty, bug-bounty-writeup, cybersecurity, hacking17-Oct-2024
Over 7 Million WooCommerce Sites Affected by a Simple HTML Injection: CVE-2024–9944 Analysishttps://dropn0w.medium.com/over-7-million-woocommerce-sites-affected-by-a-simple-html-injection-cve-2024-9944-analysis-ce81c918c39a?source=rss------bug_bounty-5dropcve, cybersecurity, bug-bounty, woocommerce, wordpress17-Oct-2024
Advanced IDOR Exploitation: Discovering Hidden Vulnerabilities Through Delayed Object Creationhttps://medium.com/@ashfquejahan5/advanced-idor-exploitation-discovering-hidden-vulnerabilities-through-delayed-object-creation-beb9da9e036f?source=rss------bug_bounty-5jahanajbug-bounty, idor, web17-Oct-2024
Unmasking Server-Side Request Forgery (SSRF): How Attackers Exploit Internal Systemshttps://medium.com/@mrutunjayasenapati0/unmasking-server-side-request-forgery-ssrf-how-attackers-exploit-internal-systems-286b5b71a46a?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, vulnerability, ethical-hacking, hacking, ssrf-attack17-Oct-2024
Bug Bounty — IDOR lead to Restriction Bypass!!https://kumarmohank889.medium.com/idor-lead-to-restriction-bypass-7f42d593ffd4?source=rss------bug_bounty-5Mohan Kumar Nbug-bounty-tips, bug-bounty, bug-bounty-writeup, cybersecurity, hacking17-Oct-2024
Maximizing Web3 Security with Bug Bounty Program Datahttps://securrtech.medium.com/maximizing-web3-security-with-bug-bounty-program-data-1434315dbcdb?source=rss------bug_bounty-5Securrweb3-security, blockchain-technology, bug-bounty, smart-contract-auditing, web317-Oct-2024
Walkthrough for the Appointment Machine — Hack The Box (HTB) Challengehttps://medium.com/@jessemridley/walkthrough-for-the-appointment-machine-hack-the-box-htb-challenge-b228fe34e2f5?source=rss------bug_bounty-5Jesse Ridleyethical-hacking, cybersecurity, bug-bounty, technology, penetration-testing17-Oct-2024
FROM OUT OF SCOPE TO ACCEPTEDhttps://medium.com/@nightcoders0/from-out-of-scope-to-accepted-4f52e626b734?source=rss------bug_bounty-5Nightcodersbugs, bug-bounty-writeup, ethical-hacking, bug-bounty, bug-bounty-tips17-Oct-2024
Hack The Box Challenge: Day 4 — Knowledge Check Walkthroughhttps://medium.com/@jessemridley/hack-the-box-challenge-day-4-knowledge-check-walkthrough-ce22f62d0854?source=rss------bug_bounty-5Jesse Ridleycybersecurity, freelancing, technology, bug-bounty, hacking17-Oct-2024
Payload Pursuit: XSS Challengehttps://medium.com/@josh.beck2006/payload-pursuit-xss-challenge-40105e34379c?source=rss------bug_bounty-5Josh Beckcybersecurity, ctf-writeup, bug-bounty, ctf17-Oct-2024
ACCESS MEDIUM PAID BLOGS FOR YOUR RESEARCH IN BUG BOUNTYhttps://medium.com/@anonymousshetty2003/access-medium-paid-blogs-for-your-research-in-bug-bounty-b19395d20e0b?source=rss------bug_bounty-5Anonymousshettycybersecurity, hacking, ethical-hacking, bug-bounty17-Oct-2024
$600 Bug Bounty: How I Poked Microservices and Got Paid!https://osintteam.blog/600-bug-bounty-how-i-poked-microservices-and-got-paid-9e1bbe0f45e8?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitvulnerability, programming, cybersecurity, bug-bounty, penetration-testing17-Oct-2024
Breaking News: Sudan Brothers Charged in DDoS Attack Service Disruption!https://medium.com/@wiretor/breaking-news-sudan-brothers-charged-in-ddos-attack-service-disruption-856290eb0dfb?source=rss------bug_bounty-5WIRE TORusa, virus, bug-bounty, hacking, trojan17-Oct-2024
Vulnerability Discovered in Kubernetes Image Builder!https://medium.com/@wiretor/vulnerability-discovered-in-kubernetes-image-builder-5846cf32cb80?source=rss------bug_bounty-5WIRE TORbug-bounty, usa, hacking, europe, virus17-Oct-2024
Use Case: Bypassing In-App Purchase By Payment Client-Side Validationhttps://secfathy0x1.medium.com/use-case-bypassing-in-app-purchase-by-payment-client-side-validation-e87e2c775a9c?source=rss------bug_bounty-5Mohamed K. Fathybug-bounty-writeup, hacking, bug-bounty, android, cybersecurity17-Oct-2024
I Can Crash Anyone’s Instagram Post - Zero Day-Permanent DoS | Meta | BugBounty | 2024https://prathapilango.medium.com/i-can-crash-anyones-instagram-post-zero-day-permanent-dos-meta-bugbounty-2024-a2e50ac15caf?source=rss------bug_bounty-5Prathapilangocyebrsecurity, bug-bounty, bug-bounty-writeup, meta-bug-bounty, info-sec-writeups17-Oct-2024
Admin Panel Takeover Using a Leaky JS Filehttps://medium.com/@RaunakGupta1922/admin-panel-takeover-using-a-leaky-js-file-dc41fac0f86d?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitjavascript, programming, technology, bug-bounty, cybersecurity16-Oct-2024
How I Deleted Users from the Database on Private Bug Bounty Programhttps://medium.com/@sharp488/how-i-deleted-users-from-the-database-on-private-bug-bounty-program-f1939e83dd6f?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbugs, bug-bounty, information-technology, information-security, bug-bounty-tips16-Oct-2024
Birdie Flies in to Save the Day: Our Custom Bug Tracking Tool for Android & iOS Appshttps://engineering.probo.in/birdie-flies-in-to-save-the-day-our-custom-bug-tracking-tool-for-android-ios-apps-3834ab2bc434?source=rss------bug_bounty-5Probocoding, app-development, engineering, bug-bounty, prediction-markets16-Oct-2024
How Website Workhttps://medium.com/@Joshua_su/how-website-work-3df5e4e93a61?source=rss------bug_bounty-5Joshua Suksakorncurl, cybersecurity, website, bug-bounty16-Oct-2024
How to Find API Bugs and Earn Big with Bug Bounties upto $20,000https://medium.com/@anandrishav2228/how-to-find-api-bugs-and-earn-big-with-bug-bounties-upto-20-000-12358743fcf9?source=rss------bug_bounty-5Rishav anandmoney, api, bug-bounty, hacker, cybersecurity16-Oct-2024
Admin Panel Takeover Using a Leaky JS Filehttps://osintteam.blog/admin-panel-takeover-using-a-leaky-js-file-dc41fac0f86d?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitjavascript, programming, technology, bug-bounty, cybersecurity16-Oct-2024
Quantity Manipulation Allows Purchases at Reduced Priceshttps://medium.com/@abdelrahman0x01/quantity-manipulation-allows-purchases-at-reduced-prices-d2e998b82a02?source=rss------bug_bounty-5Abdelrahman0x01bug-bounty, information-security, cybersecurity, penetration-testing, cyberattack16-Oct-2024
How I do my recon and end up finding hidden assets and vulnerabilities before anyone else Pt.1https://medium.com/@demonia/how-i-do-my-recon-and-end-up-finding-hidden-assets-and-vulnerabilities-before-anyone-else-pt-1-30777f987c93?source=rss------bug_bounty-5Mohammed Diefreconnaissance, bug-bounty, hacking, bug-bounty-tips, cybersecurity16-Oct-2024
Cracking the HTB Cap Box: A Step-by-Step Walkthroughhttps://medium.com/@vignesh6872610/cracking-the-htb-cap-box-a-step-by-step-walkthrough-0b08a4fff3f9?source=rss------bug_bounty-5Vignesh Pcap, hackthebox, retiredmachine, bug-bounty-tips, bug-bounty16-Oct-2024
How to Earn money online using Cybersecurity knowledgehttps://medium.com/@rashad.desk/how-to-earn-money-online-using-cybersecurity-knowledge-ece1078969f4?source=rss------bug_bounty-5Rashadul Islamfreelancing, cybersecurity, earn-money-online, bug-bounty16-Oct-2024
Unauthorized SQL Injection: Turning ‘No Entry’ Signs into Dollar Signs!https://medium.com/@Xt3sY/unauthorized-sql-injection-turning-no-entry-signs-into-dollar-signs-80dcf1168dbd?source=rss------bug_bounty-5Pushkar Bhagatbug-bounty, hacking, hackerone, bugcrowd, hacker16-Oct-2024
Hidden Reflected XSS via Android Application in VDPhttps://cyb3rc4t.medium.com/hidden-reflected-xss-via-android-application-in-vdp-68f4210196f1?source=rss------bug_bounty-5CYB3RC4Tbug-bounty-tips, security, infosec, android-pentesting, bug-bounty16-Oct-2024
Insecure direct object referenceshttps://medium.com/@codingbolt.in/insecure-direct-object-references-8daea91886f4?source=rss------bug_bounty-5codingboltbug-bounty, ethical-hacking, idor, cybersecurity, owasp16-Oct-2024
User ID controlled by request parameter with password disclosurehttps://medium.com/@codingbolt.in/user-id-controlled-by-request-parameter-with-password-disclosure-98e4f9ebe167?source=rss------bug_bounty-5codingboltethical-hacking, owasp, owasp-top-10, bug-bounty, cybersecurity16-Oct-2024
User ID controlled by request parameter with data leakage in redirecthttps://medium.com/@codingbolt.in/user-id-controlled-by-request-parameter-with-data-leakage-in-redirect-65b571611c7b?source=rss------bug_bounty-5codingboltcybersecurity, ethical-hacking, owasp-top-10, owasp, bug-bounty16-Oct-2024
User ID controlled by request parameter, with unpredictable user IDshttps://medium.com/@codingbolt.in/user-id-controlled-by-request-parameter-with-unpredictable-user-ids-b9e12542330d?source=rss------bug_bounty-5codingboltcybersecurity, bug-bounty, owasp-top-10, ethical-hacking, owasp16-Oct-2024
User ID controlled by request parameterhttps://medium.com/@codingbolt.in/user-id-controlled-by-request-parameter-7a0bb3006f68?source=rss------bug_bounty-5codingboltcybersecurity, owasp, owasp-top-10, bug-bounty, ethical-hacking16-Oct-2024
User role can be modified in user profilehttps://medium.com/@codingbolt.in/user-role-can-be-modified-in-user-profile-eb1a28631358?source=rss------bug_bounty-5codingboltcybersecurity, bug-bounty, owasp-top-10, owasp, ethical-hacking16-Oct-2024
Exposing Vulnerabilities: The Power of Google Dorking in Cybersecurity Part-2https://medium.com/@abhilov/exposing-vulnerabilities-the-power-of-google-dorking-in-cybersecurity-part-2-90dbf2e68ded?source=rss------bug_bounty-5Abhilov Guptabug-bounty, dorking, google, cybersecurity, hacking16-Oct-2024
HOW I FIND XXS REFLECTED IN 5 SEChttps://medium.com/@mr.matrex00.7/xxxs-reflected-in-external-programme-1d234bd3b3c3?source=rss------bug_bounty-5Mr Matrexxss-attack, xss-vulnerability, hunter, bug-bounty16-Oct-2024
WAF Bypass — Parameter Poisoninghttps://medium.com/@unrealdenis2020/waf-bypass-parameter-poisoning-21ad6e0db83c?source=rss------bug_bounty-5E1nZwaf, bugbounty-writeup, waf-bypass, parameter-poisoning, bug-bounty16-Oct-2024
Hidden Reflected XSS via Android Application in VDPhttps://cyb3rc4t.medium.com/hidden-reflected-xss-via-android-application-in-vdp-68f4210196f1?source=rss------bug_bounty-5CYB3RC4Tbug-bounty-tips, cybersecurity, infosec, bug-bounty, hackerone16-Oct-2024
Zero-Hero Hacker By Reading. Top 5 Books Designed For Hackers | Primary Hacking School #7https://medium.com/@nnface/zero-hero-hacker-by-reading-top-5-books-designed-for-hackers-primary-hacking-school-7-559618b200b3?source=rss------bug_bounty-5NnFacecybersecurity, linux, hacking, bug-bounty, kali-linux16-Oct-2024
How Google Dorking Helps me to Earn more than $2,000 in Bug Bounty.https://medium.com/@anandrishav2228/how-google-dorking-helps-me-to-earn-more-than-2-000-in-bug-bounty-b2ac959b3905?source=rss------bug_bounty-5Rishav anandcybersecurity, google, bug-bounty, money, advanced15-Oct-2024
5 Cybersecurity Projects You Can Build This Weekend (with Python)https://medium.com/@paritoshblogs/5-cybersecurity-projects-you-can-build-this-weekend-with-python-74bf03c3ba5d?source=rss------bug_bounty-5Paritoshbug-bounty, python, coding, cybersecurity, hacking15-Oct-2024
Perform a Command Injection Attack in Large Language Models (LLMs)https://medium.com/@360Security/perform-a-command-injection-attack-in-large-language-models-llms-86cd7db5e528?source=rss------bug_bounty-5360 Securitypenetration-testing, llm, cybersecurity, bug-bounty, ai15-Oct-2024
Sensitive Information Disclosure (Critical Finding)https://medium.com/@bughunt789/sensitive-information-disclosure-critical-finding-8fcbd7fe1704?source=rss------bug_bounty-5BUG HUNTERbắc, bug-bounty, sensitive-information, idor15-Oct-2024
Best AI Tool Used by Hacker 2025https://medium.com/@TahirAyoub/best-ai-tool-used-by-hacker-2025-715ab6ac8843?source=rss------bug_bounty-5Tahir Ayoubai, hacking, cybersecurity, ethical-hacking, bug-bounty15-Oct-2024
Google Dorks for Bug Bounty | Find Sensitive Informationhttps://medium.com/@shardulsawant67/google-dorks-for-bug-bounty-find-sensitive-information-6ed3e165bc02?source=rss------bug_bounty-5Shardul Sawantenumeration, hacking, google-dork, google-hacking, bug-bounty15-Oct-2024
The 50 Ultimate Fuzzing Guide for Bug Bounty Hunters: Mastering FUZZINGhttps://medium.com/@pankajkryadav1/the-50-ultimate-fuzzing-guide-for-bug-bounty-hunters-mastering-fuzzing-9f70e5474dc5?source=rss------bug_bounty-5Pankaj kr Yadavbug-bounty-tips, bug-bounty, fuzzing, web-security, ethical-hacking15-Oct-2024
How I got Account Take Over in a Bug Bounty Programhttps://hiroki-sawada.medium.com/how-i-got-account-take-over-in-a-bug-bounty-program-df3412c46274?source=rss------bug_bounty-5Hiroki Sawadabugcrowd, xss-attack, account-takeover, bug-bounty, hackerone15-Oct-2024
Mass Account Takeover via simple IDOR and funny OTP Bypasshttps://medium.com/@manibharathi.b/mass-account-takeover-via-simple-idor-and-funny-otp-bypass-23c12979e92d?source=rss------bug_bounty-5Mani Bharathi Bbug-bounty, hacker, cybersecurity, ethical-hacking, bug-bounty-tips15-Oct-2024
Insufficient Workflow Validationhttps://medium.com/@rcxsecurity/insufficient-workflow-validation-795d90f881dc?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafepenetration-testing, cybersecurity, hacking, information-security, bug-bounty15-Oct-2024
How I Discovered My First Bug: Worth $150 for Information Exposure Through Debug Logs (CWE-215)https://medium.com/@rupaitanudas/how-i-discovered-my-first-bug-worth-150-for-information-exposure-through-debug-logs-cwe-215-6a66dd10b21b?source=rss------bug_bounty-5Rupaitanudasyeswehack, hacking, ethical-hacking, hackerone, bug-bounty15-Oct-2024
How I Accessed an Admin Panel Without Touching the Keyboardhttps://medium.com/@ranjanyadav2003/how-i-accessed-an-admin-panel-without-touching-the-keyboard-43ad45a06f8d?source=rss------bug_bounty-5Ranjan_Yadavbug-bounty, hacking, cybersecurity, web-security, programming15-Oct-2024
How I Accidentally Deleted My Medium Account While Hacking Medium (Oops)https://medium.com/@vivekps143/how-i-accidentally-deleted-my-medium-account-while-hacking-medium-oops-82aa44c6bc69?source=rss------bug_bounty-5Vivek PSbug-hunter, bloging, automation, developer, bug-bounty15-Oct-2024
Peeling Back the Layers: Exploring Critical Security Flaws in Chatbot Systemshttps://medium.com/@tusharpuri6/peeling-back-the-layers-exploring-critical-security-flaws-in-chatbot-systems-940e14d62ac6?source=rss------bug_bounty-5Tusharpuriinfosec, bug-bounty, application-security, penetration-testing, offensive-security15-Oct-2024
Attacking organisations with big scope: Part 2https://medium.com/@sabirasdev/attacking-organisations-with-big-scope-part-2-6a0ee0387551?source=rss------bug_bounty-5S A B I Rcybersecurity, cyberattack, reconnaissance, bug-bounty, dorking15-Oct-2024
Best AI Tool Used by Hacker 2025https://infosecwriteups.com/best-ai-tool-used-by-hacker-2025-715ab6ac8843?source=rss------bug_bounty-5Tahir Ayoubai, hacking, cybersecurity, ethical-hacking, bug-bounty15-Oct-2024
How I Accessed an Admin Panel Without Touching the Keyboardhttps://medium.com/@ranjanyadav2003/how-i-accessed-an-admin-panel-without-touching-the-keyboard-43ad45a06f8d?source=rss------bug_bounty-5Ranjanbug-bounty, hacking, cybersecurity, web-security, programming15-Oct-2024
OAuth: A Backdoor in Disguise — a $7500 Study Casehttps://xdead4f.medium.com/oauth-a-backdoor-in-disguise-a-7500-study-case-3383a4012295?source=rss------bug_bounty-50xdead4fcyber-sec, security-reseach, cybersecurity, bug-bounty, cyber-security-writeup14-Oct-2024
Web3 BBP journal:https://medium.com/@harryfyx/web3-bbp-journal-777d830f35d0?source=rss------bug_bounty-5hhhkbweb3, bug-bounty14-Oct-2024
Passively Found Secrets in Javascript File on a Private Bug Bounty Programhttps://medium.com/@sharp488/passively-found-secrets-in-javascript-file-on-a-private-bug-bounty-program-36eb29c2a35c?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty, bug-bounty-tips, burpsuite-extension, burpsuite, bug-bounty-writeup14-Oct-2024
Bug bounty programs pada aplikasi Laravel memungkinkan penemuan celah keamanan (vulnerabilities)…https://medium.com/@_azwar/bug-bounty-programs-pada-aplikasi-laravel-memungkinkan-penemuan-celah-keamanan-vulnerabilities-7db40b405794?source=rss------bug_bounty-5azwarbug-bounty, vulnerability, laravel14-Oct-2024
ColdRoot Malwarehttps://medium.com/@reemmoslem34/coldroot-malware-de44cf04e319?source=rss------bug_bounty-5Rem Khalidbug-bounty, cyberattack, cybersecurity, hacking, malware14-Oct-2024
Zerologon Exploithttps://medium.com/@reemmoslem34/zerologon-exploit-ce83a5a8ef3b?source=rss------bug_bounty-5Rem Khalidbug-bounty, hacking, malware, cybersecurity, cyberattack14-Oct-2024
List of the Best Free Labs to Start Learning Cybersecurity on TryHackMehttps://medium.com/@malwarilia/list-of-the-best-free-labs-to-start-learning-cybersecurity-on-tryhackme-b94c1803c496?source=rss------bug_bounty-5Marília Rochabug-bounty, information-security, cybersecurity, pentest, cyberattack14-Oct-2024
Finding XSS Vulnerabilities and earn upto $200-$10,000 easily .https://medium.com/@anandrishav2228/finding-xss-vulnerabilities-and-earn-upto-200-10-000-easily-0aab2c725882?source=rss------bug_bounty-5Rishav anandcompany, xss-attack, bug-bounty, cybersecurity, money14-Oct-2024
Bug on ParrotCTFhttps://infosecwriteups.com/bug-on-parrotctf-e64424b0d043?source=rss------bug_bounty-5SIDHARTH PANDAparrotctf, bug-bounty, extention, hacking14-Oct-2024
TERGET WEBSITE RECON PROCESShttps://medium.com/@MdAktarujaman.ehp/terget-website-recon-process-d8e38649782e?source=rss------bug_bounty-5Md Aktarujjamanbug-bounty, hacking, penetration-testing, target, website14-Oct-2024
GraphQL Hacking 101: Finding and Exploiting APIs for Fun and Profithttps://medium.com/@v1xtron/graphql-hacking-101-finding-and-exploiting-apis-for-fun-and-profit-af34b5ea15f3?source=rss------bug_bounty-5v1xtrongraphql, reconnaissance, bug-bounty-tips, bug-bounty, penetration-testing14-Oct-2024
Attacking organisation with big scope: Part 1https://medium.com/@sabirasdev/attacking-organisation-with-big-scope-part-1-631fdc00e973?source=rss------bug_bounty-5S A B I Rcyber-security-awareness, reconnaissance, cybersecurity, bug-bounty14-Oct-2024
10 Habits to Become A PRO Hacker!https://medium.com/@TahirAyoub/10-habits-to-become-a-pro-hacker-3c826b650192?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, habits, hacking, cybersecurity, ethical-hacking14-Oct-2024
JWT Authentication Bypass leads to Admin Control Panelhttps://infosecwriteups.com/jwt-authentication-bypass-leads-to-admin-control-panel-dfa6efcdcbf5?source=rss------bug_bounty-5Hohkybug-bounty, bug-bounty-writeup, account-takeover, jwt-token, hacking14-Oct-2024
❤Bug Bounty tool List❤https://medium.com/@shardulsawant67/bug-bounty-tool-list-fee6620c0048?source=rss------bug_bounty-5Shardul Sawantbug-bounty-tool, website-hosting, bug-bounty, bug-bounty-tips, web-enumeration14-Oct-2024
Social media account hijacking — VDPhttps://medium.com/@embossdotar/social-media-account-hijacking-vdp-fa674b25af44?source=rss------bug_bounty-5embossdotarcybersecurity, bug-bounty, it-security, vulnerability, hacking14-Oct-2024
Exposing 100,000 User Data : Massive API Bug Exposinghttps://medium.com/@360Security/exposing-100-000-user-data-massive-api-bug-exposing-037b56cfe98d?source=rss------bug_bounty-5360 Securitycybersecurity, bug-bounty, penetration-testing, information-security, api-security14-Oct-2024
10 Habits to Become A PRO Hacker!https://osintteam.blog/10-habits-to-become-a-pro-hacker-3c826b650192?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, habits, hacking, cybersecurity, ethical-hacking14-Oct-2024
Blind SSRF Vulnerabilityhttps://medium.com/@guravtushar231/blind-ssrf-vulnerability-97d2f1decfe6?source=rss------bug_bounty-5Tushar_infosecbug-bounty, cybersecurity, ethical-hacking, ssrf, hacking14-Oct-2024
Pokémon Developer Game Freak Hacked: 2,600 Employees’ Data Leaked!https://medium.com/@wiretor/pok%C3%A9mon-developer-game-freak-hacked-2-600-employees-data-leaked-9e00ad9b3b0e?source=rss------bug_bounty-5WIRE TORvirus, pentest, malware, bug-bounty, hacking14-Oct-2024
10 Habits to Become A PRO Hacker!https://infosecwriteups.com/10-habits-to-become-a-pro-hacker-3c826b650192?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, habits, hacking, cybersecurity, ethical-hacking14-Oct-2024
0dSSRF | Automate Finding SSRF & External Service Interactions & Open Redirectshttps://kariiem.medium.com/0dssrf-automate-finding-ssrf-external-service-interactions-open-redirects-944be6770a02?source=rss------bug_bounty-5Kariiem Gamalbug-bounty, bug-bounty-tips, ssrf, web-pen-testing, pentesting14-Oct-2024
P4 bug’s and their POC steps | Part 6https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-6-8e3aa981673a?source=rss------bug_bounty-5socalledhackerbugs, infosec, web-security, bug-bounty, cybersecurity14-Oct-2024
IDOR chained with JWT token cracking leads to edit, view and deletion of 160000 user accounts.https://aswinthambipanik07.medium.com/idor-chained-with-jwt-token-cracking-leads-to-edit-view-and-deletion-of-160000-user-accounts-65e65e6dc1f1?source=rss------bug_bounty-5Aswin Thambi Panikulangarabug-bounty, bug-bounty-tips, jwt, hacking, cybersecurity13-Oct-2024
No Rate Limit on Forgot Password: Leading to Email Flooding or mail bombinghttps://medium.com/@mrutunjayasenapati0/no-rate-limit-on-forgot-password-leading-to-email-flooding-or-mail-bombing-c68d842d6eaf?source=rss------bug_bounty-5Mrutunjaya Senapaticybersecurity, linux, hunting, bug-bounty, hacking13-Oct-2024
How I got Time Based SQL Injection in an Old Public Bug Bounty Programhttps://medium.com/@kshunya/how-i-got-time-based-sql-injection-in-an-old-public-bug-bounty-program-f6260cd4e75e?source=rss------bug_bounty-5Vishal Barotethical-hacking, bug-bounty, vapt, cybersecurity, penetration-testing13-Oct-2024
IDOR : Step by Step guide to Account Takeover of Any Userhttps://medium.com/@360Security/idor-step-by-step-guide-to-account-takeover-of-any-user-cb90bbcfd0fc?source=rss------bug_bounty-5360 Securityinformation-security, cybersecurity, bug-bounty, penetration-testing, vulnerability13-Oct-2024
Recon Nədir və Niyə Əhəmiyyətlidir? : Zəifliklərin Aşkar Edilməsi və Etik Hakerlik (Bölüm 2)https://zeynalxan.medium.com/recon-n%C9%99dir-v%C9%99-niy%C9%99-%C9%99h%C9%99miyy%C9%99tlidir-z%C9%99iflikl%C9%99rin-a%C5%9Fkar-edilm%C9%99si-v%C9%99-etik-hakerlik-b%C3%B6l%C3%BCm-2-c4b554db0c8e?source=rss------bug_bounty-5Zeynalxan Quliyevrecon, recon-nece-edilir, bug-bounty-tips, recon-nədir, bug-bounty13-Oct-2024
⚠️ How to crash a PC Forever ⚠️https://medium.com/@emailrajdeepmishra/%EF%B8%8F-how-to-crash-a-pc-forever-%EF%B8%8F-09aa122c1844?source=rss------bug_bounty-5RAJDEEP MISHRAbug-bounty, cybersecurity, ethical-hacking, crash, bugs13-Oct-2024
Breaking the Game: Score Manipulation and Leaderboard Takeoverhttps://aminudin.medium.com/breaking-the-game-score-manipulation-and-leaderboard-takeover-b3ab16d02060?source=rss------bug_bounty-5Aminudinbug-bounty-tips, bug-bounty-writeup, bugs, bug-bounty13-Oct-2024
A Deep Dive into Subdomain Management Using SubScopehttps://medium.com/@hunthubspace/a-deep-dive-into-subdomain-management-using-subscope-43f8653b4593?source=rss------bug_bounty-5hunThubpenetration-testing, bug-bounty, bug-bounty-tips, cybersecurity, automation13-Oct-2024
Bypassing Location Restrictions on a Android App Using Fridahttps://medium.com/@omdubey170/hello-pentester-07209d5d8d42?source=rss------bug_bounty-5Omdubeyandroid, bug-bounty, android-pentesting, hacking, cybersecurity13-Oct-2024
The Great Photo Heist: IDOR Vulnerability Strikes Againhttps://rofes1337.medium.com/the-great-photo-heist-idor-vulnerability-strikes-again-6ed9a47c8c74?source=rss------bug_bounty-5Yousef Muhammedelkhirhackerone, bug-bounty, poc, idor-vulnerability, idor-poc13-Oct-2024
Creating a Honeypot: A Practical Guide to Understanding Cybersecurity Threatshttps://medium.com/@paritoshblogs/creating-a-honeypot-a-practical-guide-to-understanding-cybersecurity-threats-9d2e63e90892?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, cybersecurity, hacking, honeypot13-Oct-2024
“The Biggest Mistake Holding You Back in Bug Bounty Hunting: Why You’re Not Making Progress”https://medium.com/@mahdisalhi0500/the-biggest-mistake-holding-you-back-in-bug-bounty-hunting-why-youre-not-making-progress-1475eef8f04b?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, hacking, ethical-hacking, cybersecurity, bug-bounty13-Oct-2024
Cracking WordPress Security with WPScan: A Bug Bounty Hunter’s Journey ️️‍♂️https://medium.com/@gouravrathod8788/cracking-wordpress-security-with-wpscan-a-bug-bounty-hunters-journey-%EF%B8%8F-%EF%B8%8F-%EF%B8%8F-c9389c94cc6b?source=rss------bug_bounty-5Gourav Singh Rajputcybersecurity, bug-bounty, bug-bounty-tips, wordpress13-Oct-2024
From simple recon to PWN wordpress admin panel writeuphttps://ro0od.medium.com/from-simple-recon-to-pwn-wordpress-admin-panel-writeup-622156a1c9b2?source=rss------bug_bounty-5roodbug-bounty, writeup, infosec-write-ups, infosec13-Oct-2024
How to create a custom daemon using shell scriptshttps://medium.com/@mysticraganork66/how-to-create-a-custom-daemon-using-shell-scripts-ce27c13657d1?source=rss------bug_bounty-50verlo0kedhacking, cybersecurity, writeup, daemon, bug-bounty13-Oct-2024
Unleashing the Power of Kali Linux Daemonshttps://systemweakness.com/unleashing-the-power-of-kali-linux-daemons-c19133db43ec?source=rss------bug_bounty-50verlo0kedbug-bounty, penetration-testing, docker, hacking, cybersecurity13-Oct-2024
Cache Deception | 450$https://medium.com/@0x_karim/cache-deception-450-a02cd655b33f?source=rss------bug_bounty-50xkarimbug-bounty, bug-bounty-tips, hacking, web-security, bugs13-Oct-2024
OAuth Misconfiguration: How I Hijacked Accounts with 0 Clicks and Got Paid!https://osintteam.blog/oauth-misconfiguration-how-i-hijacked-accounts-with-0-clicks-and-got-paid-df8f7a20b438?source=rss------bug_bounty-5Raunak Gupta Aka Biscuittechnology, programming, cybersecurity, bug-bounty, javascript13-Oct-2024
Open Redirect to XSS to Account Takeover to $$$$https://osintteam.blog/open-redirect-to-xss-to-account-takeover-to-de8739f9a4f0?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitjavascript, technology, programming, cybersecurity, bug-bounty13-Oct-2024
UNION Tabanlı SQL Injectionhttps://medium.com/@kenes7667/union-tabanl%C4%B1-sql-injection-bcc023156b64?source=rss------bug_bounty-5EnessKoçbug-bounty, sql-injection12-Oct-2024
Automation in Cyber Defence: The Future of Securing Digital Frontiershttps://medium.com/@paritoshblogs/automation-in-cyber-defence-the-future-of-securing-digital-frontiers-992fa1ceb552?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, coding, cybersecurity, automation12-Oct-2024
Clickjacking Is Worth Reporting Nowadays? | Removing all confusion on Clickjacking bugs.https://medium.com/@the.air.cyborg/clickjacking-is-worth-reporting-nowadays-removing-all-confusion-on-clickjacking-bugs-a1c77fc4e5b8?source=rss------bug_bounty-5the_air_cyborgclickjacking, bug-bounty-tips, bugbounty-writeup, bug-bounty, vulnerability12-Oct-2024
Port Scanning Essentials for Bug Bounty Researchershttps://bevijaygupta.medium.com/port-scanning-essentials-for-bug-bounty-researchers-de52c6aa7b8a?source=rss------bug_bounty-5Vijay Guptabug-bounty, port-scanning, bounty-program, bugs, bug-bounty-tips12-Oct-2024
Cracking ATO via Email HTML Injectionhttps://medium.com/@dsmodi484/cracking-ato-via-email-html-injection-edd19c8e1b8f?source=rss------bug_bounty-5Dishant Modiemail, injection, vulnerability, html, bug-bounty12-Oct-2024
How I Discovered Account Takeover (ATO) via Cross-Site Scripting (XSS)https://osintteam.blog/how-i-discovered-account-takeover-ato-via-cross-site-scripting-xss-34698ee54009?source=rss------bug_bounty-5JEETPALato, bug-bounty-tips, xss-attack, bug-bounty, bug-bounty-writeup12-Oct-2024
Understanding Server-Side Request Forgery (SSRF): A Critical Web Vulnerabilityhttps://medium.com/@mrutunjayasenapati0/understanding-server-side-request-forgery-ssrf-a-critical-web-vulnerability-11a7ee2d87f7?source=rss------bug_bounty-5Mrutunjaya Senapatiowasp, vulnerability, hacking, ssrf, bug-bounty12-Oct-2024
Cybersecurity Breach Forces Calgary Public Library to Shut Down All Locations ️https://medium.com/@wiretor/cybersecurity-breach-forces-calgary-public-library-to-shut-down-all-locations-%EF%B8%8F-f1c0921f40e8?source=rss------bug_bounty-5WIRE TORhacked, bug-bounty, hacker, data, breach12-Oct-2024
Unlocking Some Effective Information Gathering Methodologieshttps://medium.com/@prasanna.acharya/unlocking-some-effective-information-gathering-methodologies-1f67787019d1?source=rss------bug_bounty-5Prasanna Acharyabug-bounty, web-security, bug-bounty-tips, information-gathering, web-penetration-testing12-Oct-2024
From NA to P1, How i was able to get access to a Bank Admin Panelhttps://medium.com/@yousefmoh15/from-na-to-p1-how-i-was-able-to-get-access-to-a-bank-admin-panel-52e5f9ef7ef5?source=rss------bug_bounty-5Yousef Mohamedhacking, bug-bounty, wordpress, bugcrowd12-Oct-2024
Uncovering Path Traversal Vulnerabilities Through Host Monitoringhttps://mchklt.medium.com/uncovering-path-traversal-vulnerabilities-through-host-monitoring-c8abb65f48f5?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAautomation, ethical-hacking, penetration-testing, bug-bounty-hunter, bug-bounty12-Oct-2024
Uncovering Path Traversal Through Host Monitoringhttps://mchklt.medium.com/uncovering-path-traversal-vulnerabilities-through-host-monitoring-c8abb65f48f5?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAautomation, ethical-hacking, penetration-testing, bug-bounty-hunter, bug-bounty12-Oct-2024
Effective Port Scanning for Finding Vulnerabilities in Bug Bountieshttps://bevijaygupta.medium.com/effective-port-scanning-for-finding-vulnerabilities-in-bug-bounties-0c16871a7e0b?source=rss------bug_bounty-5Vijay Guptabug-bounty, bugs, bug-bounty-tips, vulnerability, port-scanning11-Oct-2024
Bug Hunting Recon Methodology | Part2 | LegionHunterhttps://osintteam.blog/bug-hunting-recon-methodology-part2-legionhunter-4bb925e3e1bf?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, pentesting, infosec, cybersecurity, bug-bounty-tips11-Oct-2024
How to Find SQL Vulnerabilities in Web Applications and Websites and Earn up to $500—$10,000https://medium.com/@anandrishav2228/how-to-find-sql-vulnerabilities-in-web-applications-and-websites-and-earn-up-to-500-10-000-f0935e9d4892?source=rss------bug_bounty-5Rishav anandbug-bounty, money, ai, cybersecurity, india11-Oct-2024
How I Made $6,200 in a Single Bug Bounty Using SubdomainRadar.iohttps://medium.com/@alexandrevandammepro/how-i-made-6-200-in-a-single-bug-bounty-using-subdomainradar-io-a557f2baae0b?source=rss------bug_bounty-5Alexandre Vandammepentesting, cybersecurity, osint, bug-bounty, bug-bounty-tips11-Oct-2024
How I Got $250 with a Weak Signup Flowhttps://infosecwriteups.com/how-i-got-250-with-a-weak-signup-flow-3d87d34059fa?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitbug-bounty, technology, programming, cybersecurity11-Oct-2024
Hacking Documentaries and Movies for Bug Bounty Huntershttps://medium.com/cyberscribers-exploring-cybersecurity/hacking-documentaries-and-movies-for-bug-bounty-hunters-92e02b6ab264?source=rss------bug_bounty-5Tahir Ayoubcybersecurity, documentary, hacking, security, bug-bounty11-Oct-2024
CVE-2024–0195 Improper Control of Generation of Code (‘Code Injection’)https://infosecwriteups.com/cve-2024-0195-improper-control-of-generation-of-code-code-injection-c292836e03ec?source=rss------bug_bounty-5Ajay Naikvulnerability, bugs, bug-bounty, cyber-security-awareness, cybersecurity11-Oct-2024
Introduction to Netcathttps://medium.com/@Code_With_Ssn/introduction-to-netcat-af57e11ee756?source=rss------bug_bounty-5N4!TR0 07bug-bounty-writeup, bug-bounty-tips, netcat, bug-bounty, cybersecurity11-Oct-2024
One Cookie Paid Me $500 in under a minutehttps://medium.com/@nireshpandian19/one-cookie-paid-me-500-in-under-a-minute-8a9fb1a034ae?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty-tips, cybersecurity, programming, technology, bug-bounty11-Oct-2024
Lenfi Successfully Concludes Its Bug Bounty Programhttps://medium.com/@lenfi/lenfi-successfully-concludes-its-bug-bounty-program-e317df3967b2?source=rss------bug_bounty-5Lenfidefi, bug-bounty, cardano, project-catalyst, lenfi11-Oct-2024
File Path Traversal Sequences Stripped Non-Recursivelyhttps://medium.com/@rcxsecurity/file-path-traversal-sequences-stripped-non-recursively-6d8a6a2d92d4?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafeinformation-security, cybersecurity, red-team, penetration-testing, bug-bounty11-Oct-2024
Understanding Security Logging and Monitoring Failures: A Crucial Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-security-logging-and-monitoring-failures-a-crucial-vulnerability-in-web-security-d63a7b42062e?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, vulnerability, bugs, bug-bounty, owasp11-Oct-2024
How I discovered 2FA bypass leading to potential ATO lead funds loss in a web3https://medium.com/@jeetpal2007/how-i-discovered-2fa-bypass-leading-to-potential-ato-lead-funds-loss-in-a-web3-dc19f5588fbd?source=rss------bug_bounty-5JEETPALcybersecurity, bug-bounty, bugbounty-writeup, ato, web311-Oct-2024
How I discovered 2FA bypass leading to potential ATO lead funds loss in a web3https://medium.com/h7w/how-i-discovered-2fa-bypass-leading-to-potential-ato-lead-funds-loss-in-a-web3-e498ce26b29e?source=rss------bug_bounty-5JEETPALbug-bounty, bugbounty-writeup, ato, web3, cybersecurity11-Oct-2024
Broken Access Control Vulnerability in an Order Management Systemhttps://medium.com/@omdubey170/broken-access-control-vulnerability-in-an-order-management-system-8a1097b03926?source=rss------bug_bounty-5Omdubeybug-bounty, infosec, hacking, cybersecurity, vulnerability11-Oct-2024
Effective Domain Management for Bug Bounty Programs Using SubScopehttps://medium.com/@hunthubspace/effective-domain-management-for-bug-bounty-programs-using-subscope-f74b7a0db428?source=rss------bug_bounty-5hunThubprogramming, penetration-testing, automation, bug-bounty, bug-bounty-tips11-Oct-2024
Endpoint confusion lead to 2FA bypasshttps://medium.com/@mohamed0xmuslim/endpoint-confusion-lead-to-2fa-bypass-67015dbb4c70?source=rss------bug_bounty-5Muhammad_Mostafabug-bounty-hunter, bug-bounty, bug-bounty-writeup, penetration-testing, bug-bounty-tips11-Oct-2024
CVE-2024-44000 - WordPress Debug Log Exposure Leading to Session Cookie Hijackinghttps://infosecwriteups.com/cve-2024-44000-wordpress-debug-log-exposure-leading-to-session-cookie-hijacking-afcfada02c44?source=rss------bug_bounty-5Ajay Naikvulnerability, vulnerability-management, penetration-testing, cybersecurity, bug-bounty11-Oct-2024
Bypass WAF & Grab a $200 Bug Bounty!https://osintteam.blog/bypass-waf-grab-a-200-bug-bounty-4442621cd90a?source=rss------bug_bounty-5Raunak Gupta Aka Biscuittechnology, bug-bounty, cybersecurity, javascript, programming11-Oct-2024
Firefox&Chrome extensions for bugbounty hunters.https://osintteam.blog/firefox-chrome-extensions-for-bugbounty-hunters-4006707ee87b?source=rss------bug_bounty-5loyalonlytodaycybersecurity, hacking, penetration-testing, bug-bounty, tips11-Oct-2024
Bypass WAF & Grab a $300 Bug Bounty!https://osintteam.blog/bypass-waf-grab-a-200-bug-bounty-4442621cd90a?source=rss------bug_bounty-5Raunak Gupta Aka Biscuittechnology, bug-bounty, cybersecurity, javascript, programming11-Oct-2024
Unlocking the Potential of OSINT: Shaping the Future of Intelligence in Our Data-Driven Worldhttps://medium.com/@narayanadasbalaji2004/unlocking-the-potential-of-osint-shaping-the-future-of-intelligence-in-our-data-driven-world-b0cda62d6bb5?source=rss------bug_bounty-5Narayanadas Balajihacking, osint, cybersecurity, bugbounty-tips, bug-bounty10-Oct-2024
Streamlining Your Bug Bounty Projects: Adding and Managing Programs via SubScopehttps://medium.com/@hunthubspace/streamlining-your-bug-bounty-projects-adding-and-managing-programs-via-subscope-e394acfdf711?source=rss------bug_bounty-5hunThubautomation, bug-bounty-tips, bug-bounty, penetration-testing, cybersecurity10-Oct-2024
How I Earned $250 for Reporting a simple Bug To CodaPaymentshttps://medium.com/@aligoodluck427/how-i-earned-250-for-reporting-a-simple-bug-to-codapayments-b8f1be275138?source=rss------bug_bounty-5Aligoodluckbugbounty-tips, bug-bounty, bugbounty-automation, bugbounty-writeup, bugbounty-poc10-Oct-2024
First Bug, Big Win: How a $100 IDOR Bug Kicked-off My Bug Bounty Journeyhttps://dukrov.medium.com/first-bug-big-win-how-a-100-idor-bug-kicked-off-my-bug-bounty-journey-69e2e7179477?source=rss------bug_bounty-5͏ ͏Dukrovhackerone, bugbounty-tips, hacking, cybersecurity, bug-bounty10-Oct-2024
How i got my first Letter of Appreciation + Hall of Famehttps://rivudon.medium.com/how-i-got-my-first-letter-of-appreciation-hall-of-fame-a3c0079e60ef?source=rss------bug_bounty-5Rivek Raj Tamang ( RivuDon )bug-bounty-tips, bug-bounty, infosec, information-security, cybersecurity10-Oct-2024
Critical IDOR Vulnerability leads to PII leakagehttps://snc0pe.medium.com/critical-idor-vulnerability-leads-to-pii-leakage-684795ede850?source=rss------bug_bounty-5Snc0pebug-bounty, web-app-security, idor10-Oct-2024
How to Use ChatGPT Effectively for Bug Bounty Huntinghttps://medium.com/@anandrishav2228/how-to-use-chatgpt-effectively-for-bug-bounty-hunting-47ff0762139e?source=rss------bug_bounty-5Rishav anandchatgpt, money, ai, bug-bounty, cybersecurity10-Oct-2024
The Truth About Bug Bounty Hunting.https://medium.com/@thebughunttribe/the-truth-about-bug-bounty-hunting-597e54acd2a0?source=rss------bug_bounty-5The Hunt Tribebug-bounty-hunter, bug-bounty, bugs, bugbounty-tips, bugbounty-writeup10-Oct-2024
Forced OAuth Profile Linking Lead to Account Takeoverhttps://medium.com/@0xtal3at/forced-oauth-profile-linking-lead-to-account-takeover-954114158818?source=rss------bug_bounty-50Xtal3atbug-bounty, bugbounty-writeup, cybersecurity10-Oct-2024
Understanding Software and Data Integrity Failures: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-software-and-data-integrity-failures-a-critical-vulnerability-in-web-security-9d3f96f20bb9?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, bugs, bug-bounty, vulnerability, owasp10-Oct-2024
Bypassing Multiple Checks on Android Applications: A Security Researcher’s Experiencehttps://medium.com/@sc128496/bypassing-multiple-checks-on-android-applications-a-security-researchers-experience-2ec1a3005b60?source=rss------bug_bounty-5Sahil Choudharyandroid, pentesting, bug-bounty, cybersecurity, reverse-engineering10-Oct-2024
How i found my first open redirecthttps://medium.com/@yagomartins30/how-i-found-my-first-open-redirect-cd9ca60d307d?source=rss------bug_bounty-5Yago Martinshacking, bug-bounty, programming, writeup, pentesting10-Oct-2024
Top 10 Cybersecurity Tools Every Business Should Use in 2024https://cyberconsultingcompany.medium.com/top-10-cybersecurity-tools-every-business-should-use-in-2024-f7b93c208722?source=rss------bug_bounty-5Cyber Consulting Companycyber, cyber-security-awareness, cyber-security-solutions, bug-bounty, cyber-security-services09-Oct-2024
Unlock Unlimited Access to ChatGPT-4: A Step-by-Step Guide to Using Images and Files Without Limitshttps://medium.com/@shaikhminhaz1975/unlock-unlimited-access-to-chatgpt-4-a-step-by-step-guide-to-using-images-and-files-without-limits-0f1db3ca57d8?source=rss------bug_bounty-5Shaikh Minhazbug-bounty, gpt-4, cybersecurity, free, chatgpt09-Oct-2024
Bug Hunting Recon Methodology | Part1 | LegionHunterhttps://systemweakness.com/bug-hunting-recon-methodology-part1-legionhunter-975b7bbe3231?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, pentesting, bug-hunting, legionhunter, bug-bounty-tips09-Oct-2024
Port Scanning Demystified for Bug Bounty Successhttps://bevijaygupta.medium.com/port-scanning-demystified-for-bug-bounty-success-a820c2c632cd?source=rss------bug_bounty-5Vijay Guptaport-scanning, bug-bounty-tips, bugs, bug-zero, bug-bounty09-Oct-2024
E-commerce website vulnerability bounty practice sharing: Pre-Authentication takeover, API security…https://medium.com/@security.tecno/e-commerce-website-vulnerability-bounty-practice-sharing-pre-authentication-takeover-api-security-b27b51edfaff?source=rss------bug_bounty-5TECNO Securityhacking, web, security, bug-bounty09-Oct-2024
How I Found SSRF in 5 minuteshttps://medium.com/@gguzelkokar.mdbf15/how-i-found-ssrf-in-5-minutes-a3a58e3d53e1?source=rss------bug_bounty-5Gökhan Güzelkokarbug-bounty, web-security, application-security, hacking, ssrf09-Oct-2024
Curated List of Awesome Hacker Search Engines for Penetration Testing and Cybersecurity…https://osintteam.blog/curated-list-of-awesome-hacker-search-engines-for-penetration-testing-and-cybersecurity-9f0b9cb63a1d?source=rss------bug_bounty-5Ajay Naikvulnerability, information-security, cybersecurity, bug-bounty, bug-bounty-tips09-Oct-2024
How to Start Your Hacking Journey and Choose the Right Role in Cybersecurityhttps://medium.com/@harshkatiyar5556/how-to-start-your-hacking-journey-and-choose-the-right-role-in-cybersecurity-9eff1ec5e7f2?source=rss------bug_bounty-5Harsh Katiyarethical-hacking, bug-bounty, careers, penetration-testing, cybersecurity09-Oct-2024
My Active Subdomain Enumeration Techniquehttps://mr-abdullah.medium.com/my-active-subdomain-enumeration-technique-57a508343fc4?source=rss------bug_bounty-5Mr Abdullahbug-bounty, web-hacking, enumeration, hacking, information09-Oct-2024
SSRF via Flawed Request Parsinghttps://medium.com/@rcxsecurity/ssrf-via-flawed-request-parsing-7b32a119f047?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafepenetration-testing, information-security, hacking, cybersecurity, bug-bounty09-Oct-2024
Understanding Identification and Authentication Failures: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-identification-and-authentication-failures-a-critical-vulnerability-in-web-security-88a4bcbcc783?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, bugs, vulnerability, hacking, owasp09-Oct-2024
Understanding Vulnerable and Outdated Components: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-vulnerable-and-outdated-components-a-critical-vulnerability-in-web-security-f8a9a9ae0b10?source=rss------bug_bounty-5Mrutunjaya Senapatiowasp, hacking, bug-bounty, vulnerability, bugs09-Oct-2024
No Easy P1s on the fly if your site runs WP or Drupalhttps://medium.com/@nireshpandian19/no-easy-p1s-on-the-fly-if-your-site-runs-wp-or-drupal-a7700650f86b?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty, wordpress, bug-bounty-writeup, ethical-hacking, idor09-Oct-2024
Finding a no ratelimit bug on invite teammate page.https://osintteam.blog/finding-a-no-ratelimit-bug-on-invite-teammate-page-02c97e845b00?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, cybersecurity, bug-bounty, tips, hacking09-Oct-2024
Easy P1s on the fly if your site runs WP or Drupalhttps://medium.com/@nireshpandian19/no-easy-p1s-on-the-fly-if-your-site-runs-wp-or-drupal-a7700650f86b?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty, wordpress, bug-bounty-writeup, ethical-hacking, idor09-Oct-2024
Race Condition leads to Cache Poisoning ?!https://ltidi.medium.com/race-condition-leads-to-cache-poisoning-77bdfb9483fd?source=rss------bug_bounty-5LTiDiweb-cache-poisoning, bug-bounty08-Oct-2024
Unlocking Hidden Vulnerabilities: How to Automate Your Bug Bounty Game with GitHub Actionshttps://theshaco.com/unlocking-hidden-vulnerabilities-how-to-automate-your-bug-bounty-game-with-github-actions-3f6c9501fe64?source=rss------bug_bounty-5Khaleel Khanhacking, bug-bounty, bug-bounty-tips, cybersecurity, infosec08-Oct-2024
From Ports to Payouts: Scanning Strategies for Bug Bountieshttps://bevijaygupta.medium.com/from-ports-to-payouts-scanning-strategies-for-bug-bounties-a2861077a0d8?source=rss------bug_bounty-5Vijay Guptascanning, bug-bounty-tips, bug-bounty, payouts, ports08-Oct-2024
How I Discovered an Email Verification Bypasshttps://mo9khu93r.medium.com/how-i-discovered-an-email-verification-bypass-e487270a61d3?source=rss------bug_bounty-5mo9khu93rvulnerability, hacking, bug-bounty, cybersecurity, pentesting08-Oct-2024
Understanding and Detecting XSS Vulnerabilities: A Complete Guidehttps://medium.com/@anandrishav2228/understanding-and-detecting-xss-vulnerabilities-a-complete-guide-4d3a85e4bed0?source=rss------bug_bounty-5Rishav anandai, bug-bounty, testing, cybersecurity, money08-Oct-2024
A quick P2 vulnerability, just like that !https://medium.com/@nireshpandian19/a-quick-p2-vulnerability-just-like-that-5fc4f25f3b09?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty, hackerone, bug-bounty-writeup, idor, ethical-hacking08-Oct-2024
Methods to Bypass Captchas: A Deep Dive into Common Techniqueshttps://medium.com/@dasmanish6176/methods-to-bypass-captchas-a-deep-dive-into-common-techniques-309006f28923?source=rss------bug_bounty-5Dasmanishbug-bounty, ethical-hacking, vapt, captcha08-Oct-2024
How i found endpoints from reading hacker-one reportshttps://medium.com/@anonymousshetty2003/how-i-found-endpoints-from-reading-hacker-one-reports-20cfd6f0f62c?source=rss------bug_bounty-5Anonymousshettycybersecurity, hacking, dorking, bug-bounty08-Oct-2024
Blind XSS Practical Guide — Bug Bounty Tuesdayhttps://medium.com/@kerstan/blind-xss-practical-guide-bug-bounty-tuesday-3126bd52fae6?source=rss------bug_bounty-5kerstanhacking, cybersecurity, bug-bounty08-Oct-2024
ironCTF 2024 Writeuphttps://medium.com/@pphreak313/ironctf-2024-writeup-782f41854341?source=rss------bug_bounty-5Shlok Kctf-writeup, cybersecurity, bug-bounty, ctf08-Oct-2024
From 401 — Unauthorized Access to 3000 $ Bounty from Microsoft.https://medium.com/@bashir69emceeaka5/from-401-unauthorized-access-to-3000-bounty-from-microsoft-53b086379a08?source=rss------bug_bounty-5Bashir Mohammedred-team, microsoft, bug-bounty, bugbounty-writeup, security08-Oct-2024
How I Hacked an Admin Panel in Just 2 Minuteshttps://medium.com/@ranjanyadav2003/how-i-hacked-an-admin-panel-in-just-2-minutes-19d145820ee7?source=rss------bug_bounty-5Ranjan_Yadavbug-bounty, cybersecurity08-Oct-2024
CVE-2024–25600: WordPress Bricks Builder Remote Code Execution Vulnerability -$$$$ BOUNTYhttps://infosecwriteups.com/cve-2024-25600-wordpress-bricks-builder-remote-code-execution-vulnerability-bounty-997d488fd54e?source=rss------bug_bounty-5Ajay Naikbug-bounty, cyberattack, rewards, cybersecurity, information-technology08-Oct-2024
Exploiting NoSQL operator injection to extract unknown fieldshttps://medium.com/@codingbolt.in/exploiting-nosql-operator-injection-to-extract-unknown-fields-b0d58bea9bbe?source=rss------bug_bounty-5codingboltcybersecurity, bug-bounty, nosql-injection, nosql, ethical-hacking08-Oct-2024
Exploiting NoSQL injection to extract datahttps://medium.com/@codingbolt.in/exploiting-nosql-injection-to-extract-data-70fea37ed111?source=rss------bug_bounty-5codingboltethical-hacking, nosql-injection, cybersecurity, nosql, bug-bounty08-Oct-2024
Exploiting NoSQL operator injection to bypass authenticationhttps://medium.com/@codingbolt.in/exploiting-nosql-operator-injection-to-bypass-authentication-9239353b9424?source=rss------bug_bounty-5codingboltethical-hacking, nosql-injection, bug-bounty, cybersecurity, nosql08-Oct-2024
How Disabling 2FA Could End with a Bug?https://7odamoo.medium.com/hacking-hackerone-how-disabling-2fa-could-end-with-a-bug-b637c154ce06?source=rss------bug_bounty-5Mahmoud Hamedbug-bounty, pentesting08-Oct-2024
Breaking into the Shoutcast Server of a Multimedia Companyhttps://medium.com/@anonymousshetty2003/breaking-into-the-shoutcast-server-of-a-multimedia-company-e13dae3b17a3?source=rss------bug_bounty-5Anonymousshettycybersecurity, hacking, bug-bounty, vapt, wapt08-Oct-2024
Understanding Security Misconfiguration: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-security-misconfiguration-a-critical-vulnerability-in-web-security-4c87a5de4937?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, owasp, bug-bounty, server-misconfiguration, vulnerability08-Oct-2024
Account Takeover via Hidden Parameters in BBPhttps://cyb3rc4t.medium.com/account-takeover-via-hidden-parameters-in-bbp-f65ce42ca96f?source=rss------bug_bounty-5CYB3RC4Tbounty-program, bug-bounty, infosec, account-takeover, hackerone8-Oct-2024
Using ‘Waymore’ to Uncover Archived Treasures and Customer Datahttps://sl4x0.medium.com/using-waymore-to-uncover-archived-treasures-and-customer-data-a969474447a7?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)bugcrowd, hackerone, web-security, pentesting, bug-bounty8-Oct-2024
How I got a 5000 $ Bounty from Microsofthttps://medium.com/@bashir69emceeaka5/how-i-got-a-5000-bounty-from-microsoft-fb2e27fd40f7?source=rss------bug_bounty-5Bashir Mohammedred-team, bug-bounty-tips, security, bug-bounty-writeup, bug-bounty8-Oct-2024
How I got a 5000 $ Bounty from Microsofthttps://medium.com/@bashir69emceeaka5/how-i-got-a-5000-bounty-from-microsoft-fb2e27fd40f7?source=rss------bug_bounty-5Bashir Mohamedred-team, bug-bounty-tips, security, bug-bounty-writeup, bug-bounty08-Oct-2024
From 401 — Unauthorized Access to 3000 $ Bounty from Microsoft.https://medium.com/@bashir69emceeaka5/from-401-unauthorized-access-to-3000-bounty-from-microsoft-53b086379a08?source=rss------bug_bounty-5Bashir Mohamedred-team, microsoft, bug-bounty, bugbounty-writeup, security08-Oct-2024
HOW TO INSTALL GO IN KALILINUX.https://osintteam.blog/how-to-install-go-in-kalilinux-95924b5e9cde?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, hacking, go, tips08-Oct-2024
Top 10 BurpSuite Extensions Every Bug Bounty Hunter Needshttps://osintteam.blog/top-10-burpsuite-extensions-every-bug-bounty-hunter-needs-67b6fddf612b?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitprogramming, ethical-hacking, hacking, burpsuite, bug-bounty08-Oct-2024
Asset discovery with favicon hash.https://osintteam.blog/asset-discovery-with-favicon-hash-515d1c8a85cd?source=rss------bug_bounty-5loyalonlytodayhacking, tips, bug-bounty-tips, cybersecurity, bug-bounty07-Oct-2024
Finding a easy p4 as per bugcrowd vrthttps://osintteam.blog/finding-a-easy-p4-as-per-bugcrowd-vrt-3e5c132f28d0?source=rss------bug_bounty-5loyalonlytodaybugs, tips, bug-bounty, cybersecurity, hacking07-Oct-2024
Bug Bounty VS Motivationhttps://osintteam.blog/bug-bounty-vs-motivation-27c3c37f2c28?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitprogramming, motivation, hacking, cybersecurity, bug-bounty07-Oct-2024
Subdomain Enumeration | BBOT ✅>= Subfinder + Sublist3r + Assetfinder + Amass ❌https://medium.com/@kumawatabhijeet2002/subdomain-enumeration-bbot-subfinder-sublist3r-assetfinder-amass-e4880cf4ab5b?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, subdomain-takeover, subdomain-enumeration, bug-bounty, bug-bounty-writeup07-Oct-2024
Scanning Kerentanan Website zero.webappsecurity.comhttps://medium.com/@bimosp56/scanning-kerentanan-website-zero-webappsecurity-com-ce1d10f730b7?source=rss------bug_bounty-5Bimo Salasa Putracybersecurity, scanning, bug-bounty, vulnerabili, pentesting07-Oct-2024
Chinese Hackers Breach US Court Wiretap Systemhttps://medium.com/@wiretor/chinese-hackers-breach-us-court-wiretap-system-b7181fbe93b2?source=rss------bug_bounty-5WIRE TORcybersecurity, bug-bounty, hacking, pentesting, xss-attack07-Oct-2024
How a Simple Bug Could Have Taken Down Your Instagram Tagshttps://medium.com/@kiril.krivogyz/how-a-simple-bug-could-have-taken-down-your-instagram-tags-d3247e931c9d?source=rss------bug_bounty-5Kiril Krivogyzbug-bounty, bug-bounty-tips, bug-bounty-writeup, hacking, instagram07-Oct-2024
Accidental Exposure of Private GraphQL Fieldshttps://medium.com/@codingbolt.in/accidental-exposure-of-private-graphql-fields-729b3fb99471?source=rss------bug_bounty-5codingboltapi, bug-bounty, graphql, cybersecurity, api-penetration-testing07-Oct-2024
Exploiting server-side parameter pollution in a REST URLhttps://medium.com/@codingbolt.in/exploiting-server-side-parameter-pollution-in-a-rest-url-2ed599aafdbc?source=rss------bug_bounty-5codingboltcybersecurity, bugs, api-penetration-testing, api-testing, bug-bounty07-Oct-2024
Exploiting a mass assignment vulnerabilityhttps://medium.com/@codingbolt.in/exploiting-a-mass-assignment-vulnerability-07dd9e598302?source=rss------bug_bounty-5codingboltapi-testing, api-penetration-testing, bug-bounty, apihacking, cybersecurity07-Oct-2024
Finding and Exploiting an Unused API Endpointhttps://medium.com/@codingbolt.in/finding-and-exploiting-an-unused-api-endpoint-0a79f47f38f1?source=rss------bug_bounty-5codingboltbugs, cybersecurity, bug-bounty, api-penetration-testing, api-testing07-Oct-2024
Introducing Bug Bounty Program For Thorn Protocolhttps://thornprotocol.medium.com/introducing-bug-bounty-program-for-thorn-protocol-4d7a89d898e0?source=rss------bug_bounty-5Thorn Protocolbug-bounty07-Oct-2024
xmlrpc.php allows SSRF!https://take0verx0.medium.com/xmlrpc-php-allows-ssrf-5357049d43e9?source=rss------bug_bounty-5Shahariar Aminbug-bounty, cybersecurity, bug-bounty-tips07-Oct-2024
cURL for API Testing & Automation: Advanced Commands for Penetration Testers and Developershttps://theshaco.com/curl-for-api-testing-automation-advanced-commands-for-penetration-testers-and-developers-67b2ce7d8f4f?source=rss------bug_bounty-5Khaleel Khanhacking, infosec, kali-linux, cybersecurity, bug-bounty07-Oct-2024
Finding a Hidden GraphQL Endpointhttps://medium.com/@codingbolt.in/finding-a-hidden-graphql-endpoint-56001ab29f85?source=rss------bug_bounty-5codingboltgraphql, api, api-testing, cybersecurity, bug-bounty07-Oct-2024
How I Got my First Bounty €€ ?https://medium.com/@muralidharan1530/how-i-got-my-first-bounty-776e8487f9a0?source=rss------bug_bounty-5Murali Dharanbug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs07-Oct-2024
Finding DOM XSS via File Uploadhttps://medium.com/@0Xdarsh/finding-dom-xss-via-file-upload-2a533a97cfaa?source=rss------bug_bounty-50Xdarshpentesting, web-penetration-testing, bug-hunting, bug-bounty07-Oct-2024
My 2nd bounty : Referer-based access control + Response manipulationhttps://medium.com/@adebayosec/my-2nd-bounty-referer-based-access-control-response-manipulation-2ab7f54d083f?source=rss------bug_bounty-5Toriouspenetration-testing, broken-access-control, hacking, bug-bounty, cybersecurity07-Oct-2024
Bypassing GraphQL brute force protectionshttps://medium.com/@codingbolt.in/bypassing-graphql-brute-force-protections-5cce7b3657c8?source=rss------bug_bounty-5codingboltapi, api-testing, cybersecurity, bug-bounty, graphql07-Oct-2024
First Bug report as a beginner in Bug Bountyhttps://blue3dot.medium.com/first-bug-report-as-a-beginner-in-bug-bounty-367e406cd960?source=rss------bug_bounty-5Manikanta Ginfo-sec-writeups, hackerone, cybersecurity, bug-bounty07-Oct-2024
How I found Cache Deception in a private bug bounty program.https://medium.com/@mos693570/how-i-found-cache-deception-in-a-private-bug-bounty-program-0e3056d15858?source=rss------bug_bounty-5Mo Salahweb-cache-deception, bug-bounty07-Oct-2024
IDOR Attack Slips Through the Cracks: Vulnerability Scanners Miss Critical Security Flaw!https://medium.com/@Aman-Gupta.cse/idor-attack-slips-through-the-cracks-vulnerability-scanners-miss-critical-security-flaw-c0061ea8c122?source=rss------bug_bounty-5Aman Guptabug-bounty, news, idor-vulnerability, cybersecurity, automation07-Oct-2024
tool to generate xss payloads.https://medium.com/h7w/tool-to-generate-xss-payloads-09bf1e519121?source=rss------bug_bounty-5loyalonlytodayhacking, bug-bounty-tips, cybersecurity, bug-bounty, xss-attack07-Oct-2024
5 Most Usefull Programming Language For Hackers | Primary Hacking School #6https://medium.com/@nnface/5-most-usefull-programming-language-for-hackers-primary-hacking-school-6-21b5979f0fe6?source=rss------bug_bounty-5NnFaceprogramming, kali-linux, cybersecurity, bug-bounty, hacking07-Oct-2024
How i get to find no rate limit bug worth $300https://medium.com/@sreejihkn43073/how-i-get-to-find-no-rate-limit-bug-worth-300-5036b0abbc7f?source=rss------bug_bounty-5Sreejihknbugcrowd, cybersecurity, bug-bounty, no-rate-limit, bug-bounty-tips06-Oct-2024
What To Do After Installing Kali #2? | Primary Hacking School #5https://medium.com/@nnface/what-to-do-after-installing-kali-2-primary-hacking-school-5-e9a4a8272dfa?source=rss------bug_bounty-5NnFacecybersecurity, hacking, kali-linux, bug-bounty, linux06-Oct-2024
Enhancing Vulnerability Detection: Leveraging Shodan and ChatGPT for Efficient CIDR Scanninghttps://medium.com/@malzureedi/enhancing-vulnerability-detection-leveraging-shodan-and-chatgpt-for-efficient-cidr-scanning-48970d4b94fa?source=rss------bug_bounty-5Malzureedired-team, bug-bounty-tips, cybersecurity, penetration-testing, bug-bounty06-Oct-2024
Exploiting server-side parameter pollution in a query stringhttps://medium.com/@codingbolt.in/exploiting-server-side-parameter-pollution-in-a-query-string-38768943c6ca?source=rss------bug_bounty-5codingboltbug-bounty-tips, bug-bounty, api-security, cybersecurity, bug-bounty-writeup06-Oct-2024
I Studied 100+ SSRF Reports, and Here’s What I Learnedhttps://infosecwriteups.com/i-studied-100-ssrf-reports-and-heres-what-i-learned-1654c72ee2df?source=rss------bug_bounty-5Aditya Sawantbug-bounty, cybersecurity, penetration-testing, appsec, bug-bounty-tips06-Oct-2024
Exploiting an API endpoint using documentationhttps://medium.com/@codingbolt.in/exploiting-an-api-endpoint-using-documentation-d07d3cedfddc?source=rss------bug_bounty-5codingboltbug-bounty, api-penetration-testing, cybersecurity, bug-bounty-tips, api-testing06-Oct-2024
High-Risk Vulnerabilities in Apache HTTP Server’s mod_proxy Encoding Problem Allow Authentication…https://infosecwriteups.com/high-risk-vulnerabilities-in-apache-http-servers-mod-proxy-encoding-problem-allow-authentication-cbe8d422738d?source=rss------bug_bounty-5Ajay Naikcybersecurity, cyberattack, bug-bounty, vulnerability, bug-bounty-tips06-Oct-2024
Understanding Insecure Design: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-insecure-design-a-critical-vulnerability-in-web-security-1185e989ba0c?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, vulnerability, insecure-design, owasp, hacking06-Oct-2024
How i found the rxss on hackerone vdp program?https://doordiefordream.medium.com/how-i-found-the-rxss-on-hackerone-vdp-program-c14530481c90?source=rss------bug_bounty-5balu bandiethical-hacking, cybersecurity, bug-bounty, xss-attack, bugs06-Oct-2024
How I Secured the Data of 15 Million Consumers: Uncovering Critical Vulnerabilities in Gujarat’s…https://medium.com/@yashprajapati791/how-i-secured-the-data-of-15-million-consumers-uncovering-critical-vulnerabilities-in-gujarats-6dc453323851?source=rss------bug_bounty-5Yash Virendra Prajapatiresponsible-disclosure, bug-bounty, unauthorized-access, trending, ethical-hacking06-Oct-2024
Conditional Error Blind SQLi — Real World vs. Portswigger Labshttps://medium.com/@rodriguezjorgex/conditional-error-blind-sqli-real-world-vs-portswigger-labs-75d8eaee8c13?source=rss------bug_bounty-5Rodriguezjorgexsql-injection, bug-bounty, hacking06-Oct-2024
Race Condition , Allows creation of unlimited projects, bypassing free-tier limits.https://dark0x.medium.com/race-condition-allows-creation-of-unlimited-projects-bypassing-free-tier-limits-109dd91c6783?source=rss------bug_bounty-5Mahmoud Hatem (0xDark)sybersecurity, bugs, bug-bounty, hacking, bug-bounty-writeup06-Oct-2024
Network Penetration Testing: A Comprehensive Guide to Securing Your Infrastructurehttps://systemweakness.com/network-penetration-testing-a-comprehensive-guide-to-securing-your-infrastructure-64ce44712dd2?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, technology, bug-bounty, hacking, careers06-Oct-2024
Why I Quit Bug Bounty Hunting 🙁https://infosecwriteups.com/why-i-quit-bug-bounty-hunting-95e81c907a6f?source=rss------bug_bounty-5Satyam Pathaniabug-bounty, technology, hacking, cybersecurity, information-technology06-Oct-2024
Critical Vulnerabilities in porte_plume plugin to Remote Exploits -$$$$ Bounty -CVE-2024–7954https://infosecwriteups.com/critical-vulnerabilities-in-porte-plume-plugin-to-remote-exploits-bounty-cve-2024-7954-3dbee45134ac?source=rss------bug_bounty-5Ajay Naikbug-bounty, rewards, information-security, cybersecurity, penetration-testing06-Oct-2024
Finding a easy bug in profile picture field.https://infosecwriteups.com/finding-a-easy-bug-in-profile-picture-field-a9b5f853a5bf?source=rss------bug_bounty-5loyalonlytodaycybersecurity, bug-bounty, bug-bounty-tips, hacking, penetration-testing06-Oct-2024
Unrestricted File Upload in AWS S3 Buckethttps://infosecwriteups.com/unrestricted-file-upload-in-aws-s3-bucket-2a764a3965f4?source=rss------bug_bounty-5mo9khu93rpentesting, aws, bug-bounty, hacking, cybersecurity06-Oct-2024
Understanding XSS Vulnerability For Beginners: A Deep Dive into Web Security Riskshttps://medium.com/@error.not.known.404/understanding-xss-vulnerability-a-deep-dive-into-web-security-risks-189276a2d695?source=rss------bug_bounty-5Errorhacking, bug-bounty, ethical-hacking, security, bug-bounty-tips06-Oct-2024
Write-Up — Telegram Anonymous Chat Hack Bothttps://medium.com/@EroHack/write-up-telegram-anonymous-chat-hack-bot-ad3497f813ed?source=rss------bug_bounty-5EroHackbug-bounty, telegram-bot, hacking, pentesting, writeup05-Oct-2024
Sensitive Data Leak using Cors Misconfiguration in prominent Domain Registrarhttps://infosecwriteups.com/sensitive-data-leak-using-cors-misconfiguration-in-prominent-domain-registrar-b3010e4e6501?source=rss------bug_bounty-5Ronak Patelbug-bounty, bug-bounty-writeup, ethical-hacking, information-security05-Oct-2024
SQL Injection Due To Weak Filtering in PHPhttps://medium.com/@bountyget/sql-injection-due-to-weak-filtering-in-php-51f9e8d705c0?source=rss------bug_bounty-5Dhiren Kumar Pradhansql-injection, info-sec-writeups, bug-bounty, secure-coding, infosec05-Oct-2024
Burp Suite and Android: A Step-by-Step Connection Guide #part 1https://medium.com/@mahdisalhi0500/burp-suite-and-android-a-step-by-step-connection-guide-part-1-550dab3aa4c5?source=rss------bug_bounty-5CaptinSHArky(Mahdi)penetration-testing, androidhacking, infosec, ethical-hacking, bug-bounty05-Oct-2024
Uncovering Hidden Vulnerabilities: How I Earned Two Bounties for the Same Issuehttps://medium.com/@milanjain7906/uncovering-hidden-vulnerabilities-how-i-earned-two-bounties-for-the-same-issue-f55cf960110d?source=rss------bug_bounty-5Milanjainbug-bounty, hacker, bugbounty-writeup, hacking, cybersecurity05-Oct-2024
Resource Exhaustion: Leveraging Denial-of-Service Attacks for Maximum Impacthttps://medium.com/@tusharpuri6/unleashing-the-chaos-my-dive-into-denial-of-service-dos-attacks-1ad06478b89a?source=rss------bug_bounty-5Tusharpuripenetration-testing, infosec, bug-bounty, application-security, offensive-security05-Oct-2024
#6. Bug Bounty Series: Vertical Privilege Escalation via Session Storagehttps://cyb3rmind.medium.com/6-bug-bounty-series-vertical-privilege-escalation-via-session-storage-be377380bfe4?source=rss------bug_bounty-5Cyb3r M!ndspenetration-testing, bug-bounty-tips, privilege-escalation, hacking, bug-bounty05-Oct-2024
Understanding Coordinated Vulnerability Disclosure (CVD) & Vulnerability Disclosure Programs (VDP)https://medium.com/@yotamperkal/understanding-coordinated-vulnerability-disclosure-cvd-vulnerability-disclosure-programs-vdp-27ea33c882e0?source=rss------bug_bounty-5Yotam Perkalinformation-security, cybersecurity, bug-bounty, ethical-hacking, vulnerability-management05-Oct-2024
Understanding Injection: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-injection-a-critical-vulnerability-in-web-security-7c5c5b692958?source=rss------bug_bounty-5Mrutunjaya Senapatiowasp, bug-bounty, hacking, injection, vulnerability05-Oct-2024
WHAT IS THE IMPORTANCE OF FINDING AQUISITIONS FOR BUG BOUNTY.https://osintteam.blog/what-is-the-importance-of-finding-aquisitions-for-bug-bounty-02688ef90553?source=rss------bug_bounty-5loyalonlytodaybug-bounty, tips, cybersecurity, hacking, bug-bounty-tips05-Oct-2024
Bug Bounty VS Procrastinationhttps://osintteam.blog/bug-bounty-vs-procrastination-66fadc0a3ace?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitprogramming, bug-bounty, patience, procrastination, cybersecurity05-Oct-2024
Subdomain Enumeration & Takeovers  (Part-3: Takeovers)https://medium.com/@bitthr3at/subdomain-enumeration-takeovers-part-3-takeovers-e5c2b66be7fa?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)bug-bounty, recon, web, attack-surface, subdomain-takeover05-Oct-2024
Power of SQL Injection: How a Simple Query Can Lead to Complete Database Compromisehttps://cyberw1ng.medium.com/power-of-sql-injection-how-a-simple-query-can-lead-to-complete-database-compromise-11ddbefd9e9a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, technology, bug-bounty05-Oct-2024
Full Privilege Escalation from Agent to Admin Leads to Team Takeoverhttps://medium.com/@abdelrahman0x01/full-privilege-escalation-from-agent-to-admin-leads-to-team-takeover-2819507af2f1?source=rss------bug_bounty-5Abdelrahman0x01cybersecurity, cyberattack, bug-bounty-tips, penetration-testing, bug-bounty05-Oct-2024
My First XSS Vulnerability Discovery on WebApphttps://medium.com/@sultonhasan017/my-first-xss-vulnerability-discovery-on-webapp-60cfad40f67a?source=rss------bug_bounty-5Sulton hasanbug-bounty, dom-based-xss, xss-vulnerability, penetration-testing05-Oct-2024
Well, now that you’ve put your mind in the right direction and started testing a website, the first…https://medium.com/@shaikhminhaz1975/well-now-that-youve-put-your-mind-in-the-right-direction-and-started-testing-a-website-the-first-c900776d6f89?source=rss------bug_bounty-5Shaikh Minhazbrute-force, bug-bounty, ethical-hacking, cybersecurity, penetration-testing04-Oct-2024
Guarding the Gateway: Understanding and Preventing File Upload Attackshttps://medium.com/@wintersoldiers/guarding-the-gateway-understanding-and-preventing-file-upload-attacks-b116abd5eef0?source=rss------bug_bounty-5Winter_Soldiersfile-upload-vulnerability, web-security, hacking, bug-bounty, rce-vulnerability04-Oct-2024
Directory Brute-Forcing: All Methods You Need to Know — File Extension, Status Filter, and…https://medium.com/@shaikhminhaz1975/well-now-that-youve-put-your-mind-in-the-right-direction-and-started-testing-a-website-the-first-c900776d6f89?source=rss------bug_bounty-5Shaikh Minhazbrute-force, bug-bounty, ethical-hacking, cybersecurity, penetration-testing04-Oct-2024
SQL injection with filter bypass via XML encodinghttps://medium.com/@codingbolt.in/sql-injection-with-filter-bypass-via-xml-encoding-754808d7d29a?source=rss------bug_bounty-5codingboltbug-bounty, sql-injection-attack, sql-injection, bug-bounty-tips, cybersecurity04-Oct-2024
Identifying the LLM Attack Surface: A Beginner’s Guidehttps://medium.com/@360Security/identifying-the-llm-attack-surface-a-beginners-guide-190b6e1c0aba?source=rss------bug_bounty-5Anandllm, bug-bounty, vapt, penetration-testing, cybersecurity04-Oct-2024
GraphQL vs REST: Comparison and exploithttps://medium.com/@kabi_777/graphql-vs-rest-comparison-and-security-insights-f481f3389e43?source=rss------bug_bounty-5Kabi_777bug-bounty, bug-bounty-writeup, bug-bounty-hunter, cybersecurity, bug-bounty-tips04-Oct-2024
Unlocking Cybersecurity: The Power of Bug Bounty Programs in 2024https://medium.com/@eyowas1994/unlocking-cybersecurity-the-power-of-bug-bounty-programs-in-2024-d77d33137e64?source=rss------bug_bounty-5CyberSec Tacticsethical-hacking, bug-bounty, cybersecurity, hacking, web-security04-Oct-2024
From File Upload to Remote Code Execution (RCE)https://medium.com/@lukasz.wierzbicki/from-file-upload-to-remote-code-execution-rce-d8f210b22a8c?source=rss------bug_bounty-5Lukasz Wierzbickisecurity-testing, security-research, bug-bounty, pentesting, pentest04-Oct-2024
Broken Access Control — Unprotected admin functionalityhttps://medium.com/@codingbolt.in/broken-access-control-unprotected-admin-functionality-9905f57fa88a?source=rss------bug_bounty-5codingboltaccess-control, privilege-escalation, cybersecurity, bug-bounty, broken-access-control04-Oct-2024
A Methodology Guide to Bypassing RASP and Root Detection in Mobile Apps with Fridahttps://medium.com/@abhijithknamboothiri96/a-methodology-guide-to-bypassing-rasp-and-root-detection-in-mobile-apps-with-frida-17e4f97b88bc?source=rss------bug_bounty-5Abhijith Namboothirycybersecurity, mobile-pentesting, penetration-testing, bug-bounty, security04-Oct-2024
Understanding Cryptographic Failures: A Key Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-cryptographic-failures-a-key-vulnerability-in-web-security-bb024a4c41ca?source=rss------bug_bounty-5Mrutunjaya Senapatiowasp-top-10, bug-bounty, web-penetration-testing, cyrptography, hacking04-Oct-2024
How to choose the Correct Severity or CVSS Score for a Bug: A Practical Guidehttps://medium.com/@a13h1/how-to-choose-the-correct-severity-or-cvss-score-for-a-bug-a-practical-guide-7a83be0096f3?source=rss------bug_bounty-5Abhi Sharmacybersecurity, bug-bounty, bug-bounty-tips, hacking, infosec04-Oct-2024
Are you ready to take over entire infrastructure?https://medium.com/@alex122303q/are-you-ready-to-take-over-entire-infrastructure-a93d2a0f902c?source=rss------bug_bounty-5Nebtyctf, malicious-document, standoff365, bug-bounty, penetration-testing04-Oct-2024
US Trading Account Fund Exploit: An IDOR Vulnerability Walkthroughhttps://medium.com/@360Security/us-trading-account-fund-exploit-an-idor-vulnerability-walkthrough-a61ba5186874?source=rss------bug_bounty-5360 Securityvapt, web-security, bug-bounty, cybersecurity, penetration-testing04-Oct-2024
Identifying the LLM Attack Surface: A Beginner’s Guidehttps://medium.com/@360Security/identifying-the-llm-attack-surface-a-beginners-guide-190b6e1c0aba?source=rss------bug_bounty-5360 Securityllm, bug-bounty, vapt, penetration-testing, cybersecurity04-Oct-2024
Command Injection: How Exploiting User Input Can Lead to Full System Compromisehttps://systemweakness.com/command-injection-how-exploiting-user-input-can-lead-to-full-system-compromise-6becf5b981a1?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, hacking, technology, bug-bounty04-Oct-2024
one of the best tool for subdomains finding.https://osintteam.blog/one-of-the-best-tool-for-subdomains-finding-0769dff261f4?source=rss------bug_bounty-5loyalonlytodaybug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, hacking04-Oct-2024
easy bug bounty as a beginner part 1https://medium.com/@canonminibeast/easy-bug-bounty-as-a-beginner-part-1-38833747da8d?source=rss------bug_bounty-5Canonminibeasthacking-tools, hacking, web-penetration-testing, bug-bounty, bugbounty-poc04-Oct-2024
Are you ready to take over entire infrastructure?https://medium.com/@nebty/are-you-ready-to-take-over-entire-infrastructure-a93d2a0f902c?source=rss------bug_bounty-5Nebtyctf, malicious-document, standoff365, bug-bounty, penetration-testing04-Oct-2024
Some XSS Situationhttps://medium.com/@haticezkmnl/some-xss-situation-31fa64e113fe?source=rss------bug_bounty-5Hatice Zehra Kamanlıcyber, xss-attack, bug-bounty, exploitation, cybersecurity03-Oct-2024
OTP Bypass Methods | Bug Bountyhttps://medium.com/@arrheniuspaelongan09/otp-bypass-methods-bug-bounty-4a988573c12a?source=rss------bug_bounty-5Qchadprogramming, bug-bounty, penetration-testing, technology, hacking03-Oct-2024
Understanding Broken Access Control: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-broken-access-control-a-critical-vulnerability-in-web-security-6ebd33ad4d35?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, web-penetration-testing, owasp, hacking, broken-access-control03-Oct-2024
Hacker Kali Toolkit Zero-Hero | Primary Hacking School #4https://medium.com/@nnface/hacker-kali-toolkit-zero-hero-primary-hacking-school-4-a489aafb7f75?source=rss------bug_bounty-5NnFacelinux, cybersecurity, hacking, bug-bounty, kali-linux03-Oct-2024
Visible error-based SQL injectionhttps://medium.com/@codingbolt.in/visible-error-based-sql-injection-46b8bafe9059?source=rss------bug_bounty-5codingboltbug-bounty-tips, sql-injection, bug-bounty, sql-injection-attack, cybersecurity03-Oct-2024
Blind SQL injection with conditional errorshttps://medium.com/@codingbolt.in/blind-sql-injection-with-conditional-errors-f7c05ef531ad?source=rss------bug_bounty-5codingboltsql-injection, cybersecurity, sql-injection-attack, bug-bounty-tips, bug-bounty03-Oct-2024
Blind SQL injection with conditional responseshttps://medium.com/@codingbolt.in/blind-sql-injection-with-conditional-responses-7ffa3a1ac84d?source=rss------bug_bounty-5codingboltbug-bounty-tips, sql-injection, bug-bounty, sql-injection-attack, cybersecurity03-Oct-2024
SQL injection UNION attack, retrieving multiple values in a single columnhttps://medium.com/@codingbolt.in/sql-injection-union-attack-retrieving-multiple-values-in-a-single-column-ed5ce734abf2?source=rss------bug_bounty-5codingboltsql-injection-attack, cybersecurity, bug-bounty-tips, bug-bounty, sql-injection03-Oct-2024
SQL injection UNION attack, retrieving data from other tableshttps://medium.com/@codingbolt.in/sql-injection-union-attack-retrieving-data-from-other-tables-11cc211f5ad3?source=rss------bug_bounty-5codingboltsql-injection-attack, sql-injection, bug-bounty, cybersecurity, bug-bounty-tips03-Oct-2024
DNS — Port 53 — Pentestinghttps://medium.com/@verylazytech/dns-port-53-pentesting-7b8ca6307d54?source=rss------bug_bounty-5Very Lazy Techcybersecurity, bug-bounty, hacking, dns-exploit, dns03-Oct-2024
VDP: Broken Session Management Allows Unlimited Free Scans on Pentesting Websitehttps://medium.com/@enigma_/vdp-broken-session-management-allows-unlimited-free-scans-on-pentesting-website-99467dce1d3c?source=rss------bug_bounty-5enigmapenetration-testing, hacking, owasp, bug-bounty, bug-bounty-writeup03-Oct-2024
Subdomain Enumeration & Takeovers (Part-2: Active Enumeration)https://medium.com/@bitthr3at/subdomain-enumeration-takeovers-part-2-active-enumeration-304cb3381813?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)recon, subdomain-enumeration, web, bug-bounty, attack-surface03-Oct-2024
How I hacked RD Sharma’s Publisher Website?https://abhayvis.medium.com/how-i-hacked-rd-sharmas-publisher-website-7a76b3cb12ae?source=rss------bug_bounty-5Abhay Vishwakarmasql-injection, hacking, bug-bounty03-Oct-2024
Blind SQL injection with out-of-band data exfiltrationhttps://medium.com/@codingbolt.in/blind-sql-injection-with-out-of-band-data-exfiltration-0a08129bfad5?source=rss------bug_bounty-5codingboltsql-injection, cybersecurity, bug-bounty-tips, sql-injection-attack, bug-bounty03-Oct-2024
Blind SQL injection with out-of-band interactionhttps://medium.com/@codingbolt.in/blind-sql-injection-with-out-of-band-interaction-e44f6f75bc47?source=rss------bug_bounty-5codingboltbug-bounty-tips, sql-injection-attack, cybersecurity, sql-injection, bug-bounty03-Oct-2024
Blind SQL injection with time delays and information retrievalhttps://medium.com/@codingbolt.in/blind-sql-injection-with-time-delays-and-information-retrieval-fa38f3618a99?source=rss------bug_bounty-5codingboltsql-injection-attack, cybersecurity, sql-injection, bug-bounty, bug-bounty-tips03-Oct-2024
Blind SQL injection with time delayshttps://medium.com/@codingbolt.in/blind-sql-injection-with-time-delays-94cc5d962902?source=rss------bug_bounty-5codingboltcybersecurity, sql-injection-attack, bug-bounty, sql-injection, bug-bounty-tips03-Oct-2024
Pre-Account Takeover via Facebook OAuth Misconfigurationhttps://nyein-chan-aung.medium.com/pre-account-takeover-via-facebook-oauth-misconfiguration-e16b984b7953?source=rss------bug_bounty-5Nyein Chan Aungbug-bounty-tips, takeovers, bug-bounty03-Oct-2024
XML External Entity (XXE) Injection: How Malicious XML Payloads Can Breach Your Applicationhttps://systemweakness.com/xml-external-entity-xxe-injection-how-malicious-xml-payloads-can-breach-your-application-4837f732781e?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, cybersecurity, hacking, bug-bounty, careers03-Oct-2024
How ChatGPT Made Me a Hacker.https://medium.com/@wajeehakhan9797/how-chatgpt-made-me-a-hacker-b89b1cce992b?source=rss------bug_bounty-5Wajeeha Khanlearning, openai, large-language-models, hacking, bug-bounty03-Oct-2024
Critical Vulnerabilities in DrayTek Vigor Routers: Over 700,000 Devices Exposed to Remote Exploits…https://infosecwriteups.com/critical-vulnerabilities-in-draytek-vigor-routers-over-700-000-devices-exposed-to-remote-exploits-2f3f731b50d9?source=rss------bug_bounty-5Ajay Naikcybersecurity, penetration-testing, bug-bounty, rewards, hacking03-Oct-2024
Blind SQL injection with out-of-band data exfiltrationhttps://systemweakness.com/blind-sql-injection-with-out-of-band-data-exfiltration-0a08129bfad5?source=rss------bug_bounty-5codingboltsql-injection, cybersecurity, bug-bounty-tips, sql-injection-attack, bug-bounty03-Oct-2024
Critical Information Disclosure Vulnerability via CNAME (AUTOMATED SCAN)https://offsec01.medium.com/critical-information-disclosure-vulnerability-via-cname-automated-scan-be0f6597ac5e?source=rss------bug_bounty-5Facundo Fernandezbug-bounty, penetration-testing, ethical-hacking, hacking, cybersecurity03-Oct-2024
https://forms.gle/bHE9FbPTuzYzREAz7https://medium.com/@a1il7j99h/https-forms-gle-bhe9fbptuzyzreaz7-5f9f5d561a4b?source=rss------bug_bounty-5Re$@T!l<cyber, bug-bounty, hacker02-Oct-2024
How I Earned $4000+ from a Simple Information Disclosure Bughttps://medium.com/@rajauzairabdullah/how-i-earned-4000-from-a-simple-information-disclosure-bug-d644c47803c1?source=rss------bug_bounty-5Raja Uzair Abdullahinformation-disclosure, bug-bounty-tips, bug-bounty, penetration-testing02-Oct-2024
Seri Belajar APT (Advanced Persistent Threat) Secara Sederhana Pada Target OS Linux — Pengumpulan…https://medium.com/@mrp.bpp/seri-belajar-apt-advanced-persistent-threat-secara-sederhana-pada-target-os-linux-pengumpulan-967c3c2f46cc?source=rss------bug_bounty-5Mada Perdhanahacking, apt, linux-hacking, bug-bounty, ethical-hacking-tips02-Oct-2024
Seri Belajar APT (Advanced Persistent Threat) Secara Sederhana Pada Target OS Linux — Pengumpulan…https://medium.com/@mrp.bpp/seri-belajar-apt-advanced-persistent-threat-secara-sederhana-pada-target-os-linux-pengumpulan-4cbd83db98af?source=rss------bug_bounty-5Mada Perdhanaapt, nmap, hacking, bug-bounty, ethical-hacking-tips02-Oct-2024
How i got my first bounty of $$$https://rivudon.medium.com/how-i-got-my-first-bounty-of-e163f970d1e0?source=rss------bug_bounty-5Rivek Raj Tamang ( RivuDon )infosec, hackerone, bug-bounty-tips, bug-bounty02-Oct-2024
Mastering Code Qualityhttps://python.plainenglish.io/mastering-code-quality-2f595404d547?source=rss------bug_bounty-5rahul bhatiacoverage, python, code-quality, bug-bounty, bug-detection02-Oct-2024
$175 Prototype Pollution Vulnerability — My first bountyhttps://1-day.medium.com/175-prototype-pollution-vulnerability-my-first-bounty-197738a32330?source=rss------bug_bounty-51daywriteup, penetration-testing, bug-bounty, hacking, bug-bounty-writeup02-Oct-2024
Boost Your Code Quality with Python Coveragehttps://python.plainenglish.io/mastering-code-quality-2f595404d547?source=rss------bug_bounty-5rahul bhatiacoverage, python, code-quality, bug-bounty, bug-detection02-Oct-2024
Comment j’ai découvert une vulnérabilité d’Information Disclosure sur un site que j’utilisehttps://medium.com/@Itachi0xf/comment-jai-d%C3%A9couvert-une-vuln%C3%A9rabilit%C3%A9-d-information-disclosure-sur-un-site-que-j-utilise-3a9fed9daa02?source=rss------bug_bounty-5Itachix0finformation-disclosure, hacking, apihacking, bug-bounty02-Oct-2024
How to Find Bugs and Vulnerabilities Using ChatGPT: Guaranteed Resultshttps://bevijaygupta.medium.com/how-to-find-bugs-and-vulnerabilities-using-chatgpt-guaranteed-results-288ff81dfe40?source=rss------bug_bounty-5Vijay Guptabugs, bug-bounty, vulnerability, bug-bounty-tips, chatgpt02-Oct-2024
SQL injection attack, listing the database contents on non-Oracle databaseshttps://medium.com/@codingbolt.in/sql-injection-attack-listing-the-database-contents-on-non-oracle-databases-718de8ba755a?source=rss------bug_bounty-5codingboltbugs, bug-bounty, cybersecurity, sql-injection, bug-bounty-tips02-Oct-2024
SQL injection UNION attack, determining the number of columns returned by the queryhttps://medium.com/@codingbolt.in/sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-f04154bd5b3c?source=rss------bug_bounty-5codingboltsql-injection-attack, sql-injection, bug-bounty, bug-bounty-tips, cybersecurity02-Oct-2024
Exfiltration of Data from a Standalone PChttps://roadtooscp.medium.com/exfiltration-of-data-from-a-standalone-pc-00a538f0f773?source=rss------bug_bounty-5RoadToOSCPbug-bounty, hacking, red-teaming, malware, data-security02-Oct-2024
Découverte d’une vulnérabilité XSS avec contournement de la CSP via unpkg.comhttps://medium.com/@Itachi0xf/d%C3%A9couverte-dune-vuln%C3%A9rabilit%C3%A9-xss-avec-contournement-de-la-csp-via-unpkg-com-02437e0eac34?source=rss------bug_bounty-5Itachix0fhacking, xss-attack, csp-bypass, bug-bounty, xss-bypass02-Oct-2024
“A Vulnerability, A Treasure: Go on a Fun Treasure Hunt with OWASP Top 10!”https://medium.com/@rootspaghetti/a-vulnerability-a-treasure-go-on-a-fun-treasure-hunt-with-owasp-top-10-d9fe21911856?source=rss------bug_bounty-5Root@Spaghettihacking, bug-bounty, bug-bounty-tips02-Oct-2024
SQL injection attack, listing the database contents on Oraclehttps://medium.com/@codingbolt.in/sql-injection-attack-listing-the-database-contents-on-oracle-ceb843466f32?source=rss------bug_bounty-5codingboltsql-injection, bug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty02-Oct-2024
Exploiting Blind XSS to Access Admin Dashboard for Bounty Rewardshttps://medium.com/@arrheniuspaelongan09/exploiting-blind-xss-to-access-admin-dashboard-for-bounty-rewards-fcdd54ddea7c?source=rss------bug_bounty-5Qchadtechnology, hacking, bug-bounty, penetration-testing, hacker02-Oct-2024
Which path to choose in cybersecurity?https://medium.com/@mr_prey3r/which-path-to-choose-in-cybersecurity-ca048e621ba0?source=rss------bug_bounty-5Rubayet Hasan aka MR_Prey3rcybersecurity, hacking, bug-bounty, ethical-hacking02-Oct-2024
OWASP Top 10: 2021 vs. 2017 — A Comparative Analysishttps://medium.com/@mrutunjayasenapati0/owasp-top-10-2021-vs-2017-a-comparative-analysis-70990e5570f8?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, bugs, vulnerability, owasp, hacking02-Oct-2024
Deep Dive in Reconnaissancehttps://medium.com/@bitthr3at/deep-dive-in-reconnaissance-a1e88cfdebf5?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)recon, subdomains-enumeration, bug-bounty, web, attack-surface02-Oct-2024
Bug Bounty Proqramlarına Giriş: Zəifliklərin Aşkar Edilməsi və Etik Hakerlik (Bölüm 1)https://zeynalxan.medium.com/bug-bounty-proqramlar%C4%B1na-giri%C5%9F-z%C9%99iflikl%C9%99rin-a%C5%9Fkar-edilm%C9%99si-v%C9%99-etik-hakerlik-b%C3%B6l%C3%BCm-1-8caa7eb90dd8?source=rss------bug_bounty-5Zeynalxan Quliyevetik-xaker, bug-bounty, whitehat, bug-bounty-nədir, hakerlik2-Oct-2024
A Comprehensive Bug Bounty Checklist for Beginners.https://medium.com/@anandrishav2228/a-comprehensive-bug-bounty-checklist-for-beginners-f96ba591cf3d?source=rss------bug_bounty-5Rishav anandcomputer-science, security, cybersecurity, engineering, bug-bounty2-Oct-2024
Cross-Origin Resource Sharing (CORS) Misconfiguration: How Attackers Exploit Weak Policies to Steal…https://cyberw1ng.medium.com/cross-origin-resource-sharing-cors-misconfiguration-how-attackers-exploit-weak-policies-to-steal-5902af92d71f?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, technology, bug-bounty, cybersecurity2-Oct-2024
SQL injection UNION attack, finding a column containing texthttps://medium.com/@codingbolt.in/sql-injection-union-attack-finding-a-column-containing-text-09d913162e0f?source=rss------bug_bounty-5codingboltsql-injection, sql-injection-attack, bug-bounty, cybersecurity, bug-bounty-tips2-Oct-2024
Reverse Shells: A Practical Guidehttps://medium.com/@learntheshell/reverse-shells-a-practical-guide-af1815bc3127?source=rss------bug_bounty-5LearnTheShellbug-bounty, bug-bounty-tips, reverse-shell, cybersecurity, pentesting02-Oct-2024
Secrets Manager exposed (HasiCorp Vault)https://medium.com/@manumanram2/secrets-manager-exposed-hasicorp-vault-7075539a9e1e?source=rss------bug_bounty-5SrPatoManinformation-disclosure, hacking, bug-bounty02-Oct-2024
Cross-Origin Resource Sharing (CORS) Misconfiguration: How Attackers Exploit Weak Policies to Steal…https://systemweakness.com/cross-origin-resource-sharing-cors-misconfiguration-how-attackers-exploit-weak-policies-to-steal-5902af92d71f?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, technology, bug-bounty, cybersecurity02-Oct-2024
Utilizing AI Model for Hacking: Bypassing CAPTCHAs using AI leads to Account Takeover | Bug Bountyhttps://ph-hitachi.medium.com/utilizing-ai-model-for-hacking-bypassing-captchas-using-ai-leads-to-account-takeover-bug-bounty-028804b779a0?source=rss------bug_bounty-5Ph.Hitachivulnerability, bug-bounty, captcha, security, ai01-Oct-2024
Chaining Application-Level DoS with CSRF: A Sneaky Exploit to Block User Loginshttps://medium.com/@dsmodi484/chaining-application-level-dos-with-csrf-a-sneaky-exploit-to-block-user-logins-4caaac781883?source=rss------bug_bounty-5Dishant Modihackerone, bug-bounty, csrf, python, vulnerability01-Oct-2024
Top 10 Documentation Every Hacker Should Knowhttps://medium.com/@RaunakGupta1922/top-10-documentation-every-hacker-should-know-f28e73f7c207?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitethical-hacking, cybersecurity, bug-bounty, programming, infosec01-Oct-2024
Mastering XSS (Cross-Site Scripting) Attacks: A Comprehensive Guide to become Professional Bug…https://medium.com/@kumawatabhijeet2002/mastering-xss-cross-site-scripting-attacks-a-comprehensive-guide-to-become-professional-bug-6251058c576e?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, xss-vulnerability, bug-bounty-tips, dom-based-xss, xss-attack01-Oct-2024
Don’t Miss Out! The Best Platforms to Report Vulnerabilities and Earn Big!https://medium.com/@paritoshblogs/dont-miss-out-the-best-platforms-to-report-vulnerabilities-and-earn-big-787bbb03607a?source=rss------bug_bounty-5Paritoshhow-to, vulnerability, hacking, bug-bounty, cybersecurity01-Oct-2024
Why can’t Bug Bounty Hunter find a bug?https://m0hitrawat.medium.com/why-cant-bug-bounty-hunter-find-a-bug-b5c9bc72a30d?source=rss------bug_bounty-5Mohit Rawatpentesting-checklist, bug-bounty, bug-bounty-writeup, pentesting-guide, bug-bounty-tips01-Oct-2024
Android Application Pentesting Part 2 ‍ | Android Platform Architecturehttps://dkcyberz.medium.com/android-application-pentesting-part-2-android-platform-architecture-0db5e27f209a?source=rss------bug_bounty-5Harpy Hunterandroid-pentesting, bug-bounty, bugbounty-writeup, pentesting, ethical-hacking01-Oct-2024
Understanding the OWASP Top 10: Your Guide to Web Application Securityhttps://medium.com/@mrutunjayasenapati0/understanding-the-owasp-top-10-your-guide-to-web-application-security-fab59537db8b?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, bug-bounty, owasp-top-10, hunting, bounty-program01-Oct-2024
Why Web3Projects Should Start with Smaller Bug Bountieshttps://medium.com/@rangashree.rangaraja/why-web3projects-should-start-with-smaller-bug-bounties-a391777bc559?source=rss------bug_bounty-5Rangashree Rangarajabug-bounty, web3-security, web3, blockchain, blockchain-technology01-Oct-2024
Exploiting the Unprotected: How I Gained Unauthorized Access to Redishttps://medium.com/@impratikdabhi/exploiting-the-unprotected-how-i-gained-unauthorized-access-to-redis-5070eea7da35?source=rss------bug_bounty-5Pratik Dabhihacking, hacking-tools, bugcrowd, hackerone, bug-bounty01-Oct-2024
Taming Post Clapshttps://medium.engineering/taming-post-claps-273d97ce1ced?source=rss------bug_bounty-5Ryan Lattanzidynamodb, software-development, programming, bug-bounty01-Oct-2024
4 Burpsuite Intruder Attack Types You Should Know —Bug Tuesdayhttps://medium.com/@kerstan/4-burpsuite-intruder-attack-types-you-should-know-bug-tuesday-5c7a0900cb56?source=rss------bug_bounty-5kerstanbug-bounty, hacking, cybersecurity01-Oct-2024
Escalating stored XSS to Account Takeoverhttps://nyein-chan-aung.medium.com/escalating-stored-xss-to-account-takeover-28c549cd5f6b?source=rss------bug_bounty-5Nyein Chan Aungbug-bounty, bug-bounty-writeup, bug-bounty-tips01-Oct-2024
Unauthenticated PHP Object Injection in GiveWP Plugin for WordPresshttps://infosecwriteups.com/unauthenticated-php-object-injection-in-givewp-plugin-for-wordpress-5fffa8df79c8?source=rss------bug_bounty-5Ajay Naikrewards, hacking, bug-bounty, vulnerability, cybersecurity01-Oct-2024
File Upload (RCE) to Bounty | HackerOnehttps://starlox.medium.com/file-upload-rce-to-bounty-hackerone-928e8e5b375e?source=rss------bug_bounty-5#$ubh@nk@rinfosec, hacking, pentesting, bug-bounty, cybersecurity01-Oct-2024
Sneaking into your documents: How I hacked DigiLocker?https://medium.com/codechef-vit/sneaking-into-your-documents-how-i-hacked-digilocker-ae6dc44267fb?source=rss------bug_bounty-5Prateek Srivastavabug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, penetration-testing01-Oct-2024
Cross-Site Request Forgery (CSRF): How Attackers Exploit Trust to Hijack User Actionshttps://systemweakness.com/cross-site-request-forgery-csrf-how-attackers-exploit-trust-to-hijack-user-actions-94d29d787e47?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, bug-bounty, technology, hacking01-Oct-2024
How I Manipulated A User’s Email: A CSRF PoC Walkthrough from TCM Academyhttps://medium.com/@trixiahorner/csrf-walkthrough-5876cdf437ea?source=rss------bug_bounty-5Trixia Hornercybersecurity, hacking, bug-bounty, vulnerability, website01-Oct-2024
Nmap: A Comprehensive Guide for Web Application Bug Huntinghttps://medium.com/@anandrishav2228/nmap-a-comprehensive-guide-for-web-application-bug-hunting-d8c2a0ef360a?source=rss------bug_bounty-5Rishav anandcybersecurity, nmap, bug-bounty, engineering, hacking01-Oct-2024
Bug in a Mailing List Exposed Hundreds of American Universities: How I Found and Exploited the…https://medium.com/@sarvagnpathak/bug-in-a-mailing-list-exposed-hundreds-of-american-universities-how-i-found-and-exploited-the-cf5df54baf37?source=rss------bug_bounty-5Sarvagn Pathakcybersecurity, bug-bounty, awareness, hacking01-Oct-2024
AllSafe Challengeshttps://medium.com/@soliman_almansor/all-safe-challenges-599a09cce447?source=rss------bug_bounty-5Soliman Almansorhacking, bug-bounty, information-security, android-pentesting, infosec01-Oct-2024
Excited to announce our Industrial Security Training Program at @security_lit!https://securitylit.medium.com/excited-to-announce-our-industrial-security-training-program-at-security-lit-82a21753634e?source=rss------bug_bounty-5Security Lit Limitedit-security, cybersecurity, penetration-testing, bug-bounty, traning01-Oct-2024
Open Redirect Bug | wedohackshttps://wedohack.medium.com/open-redirect-bug-wedohacks-26012e51d50c?source=rss------bug_bounty-5WE DO HACKSopen-redirect, bug-bounty, bugs, bug-hunting, hacking01-Oct-2024
CORS Vulnerability with Trusted Insecure Protocolshttps://medium.com/@rcxsecurity/cors-vulnerability-with-trusted-insecure-protocols-09df3304e3d8?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafebug-bounty, information-security, penetration-testing, cybersecurity, hacking01-Oct-2024
Remote code Executionhttps://medium.com/@roshiniyathakula/remote-code-execution-9b2e9f26963d?source=rss------bug_bounty-5Roshiniyathakularce-vulnerability, penetration-testing, bug-bounty, reverse-shell, hacking30-Sep-2024
Uncovering Hidden Subdomains with Favicons: Advanced Enumeration Techniqueshttps://systemweakness.com/uncovering-hidden-subdomains-with-favicons-advanced-enumeration-techniques-e92cb30cbcc3?source=rss------bug_bounty-5Khaleel Khanbug-bounty-tips, hacking, cybersecurity, infosec, bug-bounty30-Sep-2024
Discovering Facebook OAuth Misconfigurations: A Journey into Pre-Account Takeoverhttps://medium.com/@cybershree/discovering-facebook-oauth-misconfigurations-a-journey-into-pre-account-takeover-92a38254cbec?source=rss------bug_bounty-5cybershreebug-bounty, bug-bounty-tips, writing, cybersecurity, bugcrowd30-Sep-2024
Android Application Penetration Testing Part 1 ‍ | Introductionhttps://dkcyberz.medium.com/android-application-penetration-testing-part-1-introduction-738351fe8806?source=rss------bug_bounty-5Harpy Hunterbug-bounty, pentesting, mobile-pentesting, android-pentesting, bugbounty-writeup30-Sep-2024
How to use AI for Bug Bounty in 2024https://medium.com/@anandrishav2228/how-to-use-ai-for-bug-bounty-in-2024-39ef4d2a518a?source=rss------bug_bounty-5Rishav anandai, networking, security, cybersecurity, bug-bounty30-Sep-2024
SQL Injection vulnerability in CRMEB v.5.2.2 — $$$$ Bountyhttps://osintteam.blog/sql-injection-vulnerability-in-crmeb-v-5-2-2-bounty-7bc056a19cce?source=rss------bug_bounty-5Ajay Naikvulnerability, sql, rewards, bug-bounty, sql-injection30-Sep-2024
Easy P2 — Pre account takeover via Facebook OAuth misconfigurationhttps://sudosuraj.medium.com/easy-p2-pre-account-takeover-via-facebook-oauth-misconfiguration-23c681ba8f07?source=rss------bug_bounty-5sudosurajcybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup, penetration-testing30-Sep-2024
SQL Injection Vulnerability on Login Page Allows Unauthorized Database Dumphttps://medium.com/@harshitha431/sql-injection-sqli-9675e21cc54a?source=rss------bug_bounty-5Harshithabug-bounty, vulnerability, hacking, penetration-testing, sql-injection30-Sep-2024
Prototype Pollution: How a JavaScript Quirk Can Lead to Complete Application Takeoverhttps://cyberw1ng.medium.com/prototype-pollution-how-a-javascript-quirk-can-lead-to-complete-application-takeover-9adb5e4f6b6b?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, hacking, cybersecurity, technology30-Sep-2024
CVE-2024–23897 — Jenkins File Read Vulnerability — POChttps://medium.com/@verylazytech/cve-2024-23897-jenkins-file-read-vulnerability-poc-6a1dfdbfd6f2?source=rss------bug_bounty-5Very Lazy Techcve-2024-23897, jenkins, cybersecurity, bug-bounty, pentesting30-Sep-2024
XSS + OAuth Misconfigs = Token Theft and ATOhttps://7odamoo.medium.com/xss-oauth-misconfigs-token-theft-and-ato-d0837c44cd31?source=rss------bug_bounty-5Mahmoud Hamedpenetration-testing, bug-bounty, cybersecurity30-Sep-2024
How to Use Medusa for Fast, Multi-Protocol Brute-Force Attackshttps://medium.com/@stealthsecurity/how-to-use-medusa-for-fast-multi-protocol-brute-force-attacks-0627997c5686?source=rss------bug_bounty-5Stealth Securityethical-hacking, penetration-testing, cybersecurity, bug-bounty, hacking30-Sep-2024
Prototype Pollution: How a JavaScript Quirk Can Lead to Complete Application Takeoverhttps://infosecwriteups.com/prototype-pollution-how-a-javascript-quirk-can-lead-to-complete-application-takeover-9adb5e4f6b6b?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, hacking, cybersecurity, technology30-Sep-2024
OWASP juice shop -How I get account takeover from XSShttps://medium.com/@abdo-eg/owasp-juice-shop-how-i-get-account-takeover-from-xss-ae3cfc978381?source=rss------bug_bounty-5Abdullah Ahmedxss-attack, owasp, hashing, bug-bounty, ato29-Sep-2024
Hacking with Linux: Your Ultimate Guide to Cyber Security Masteryhttps://medium.com/@RaunakGupta1922/hacking-with-linux-your-ultimate-guide-to-cyber-security-mastery-e8f8bb38510c?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitcybersecurity, linux, ethical-hacking, bug-bounty, hacking29-Sep-2024
OWASP juice-shop login as an admin using SQLi and OSINThttps://medium.com/@abdo-eg/owasp-juice-shop-login-as-an-admin-using-sqli-and-osint-90c4abc4322b?source=rss------bug_bounty-5Abdullah Ahmedweb-security, ethical-hacking, owasp, bug-bounty, penetration-testing29-Sep-2024
H7CTF — WEB CHALLENGEShttps://medium.com/@josangeorge27/h7ctf-web-challenges-db1883775dfd?source=rss------bug_bounty-5Josan Georgectf, ctf-walkthrough, cybersecurity, bug-bounty, web-application-security29-Sep-2024
Essential Port Scanning Skills for Bug Bounty Huntershttps://bevijaygupta.medium.com/essential-port-scanning-skills-for-bug-bounty-hunters-f0e09f3612ce?source=rss------bug_bounty-5Vijay Guptabug-bounty, port-scanning, bug-zero, bugs, bug-bounty-tips29-Sep-2024
Bypassing Filters: SSRF Exploitation via DNS Rebinding with Just 1 in 30 Successful Requestshttps://mokhansec.medium.com/bypassing-filters-ssrf-exploitation-via-dns-rebinding-with-just-1-in-30-successful-requests-2fdc3a9cfd7d?source=rss------bug_bounty-5Mohsin khanbug-bounty-writeup, bug-bounty-tips, bug-bounty, ssrf, bugs29-Sep-2024
Privacy concern bughttps://osintteam.blog/privacy-concern-bug-72b30aead215?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, tips, bug-bounty, cybersecurity, hacking29-Sep-2024
How to Find Bugs and Vulnerabilities Using ChatGPT: Guaranteed Resultshttps://medium.com/@shaikhminhaz1975/how-to-find-bugs-and-vulnerabilities-using-chatgpt-guaranteed-results-3b630fae4691?source=rss------bug_bounty-5Shaikh Minhazbug-bounty, chatgpt, penetration-testing, cybersecurity, how-to29-Sep-2024
Find Vulnerabilities With This Single Nmap Commandhttps://medium.com/@josuofficial327/find-vulnerabilities-with-this-single-nmap-command-a4476c16c82c?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuethical-hacking, cybersecurity, vulnerability, bug-bounty-tips, bug-bounty29-Sep-2024
Performing a Dependency Confusion Attack with Remote Code Execution (RCE): A Step-by-Step Guidehttps://medium.com/@360Security/performing-a-dependency-confusion-attack-with-remote-code-execution-rce-a-step-by-step-guide-8d6055aa53e4?source=rss------bug_bounty-5Anandvapt, cybersecurity, sdlc, rce, bug-bounty29-Sep-2024
Critical bug in MediaTek Chips:CVE-2024–20017https://medium.com/@dudleydaniel.raj2005/critical-bug-in-mediatek-chips-cve-2024-20017-6e955ad56923?source=rss------bug_bounty-5Hydra_101mediatek, chips, cybersecurity, bug-bounty, wifi29-Sep-2024
Mastering Advanced Google Dorks for Ethical Hacking and Vulnerability Discoveryhttps://osintteam.blog/mastering-advanced-google-dorks-for-ethical-hacking-and-vulnerability-discovery-6d9e3dde0433?source=rss------bug_bounty-5Ajay Naikbug-bounty, cybersecurity, rewards, medium, google-dork29-Sep-2024
SMTP/s — Port 25,465,587 For pentestershttps://medium.com/@verylazytech/smtp-s-port-25-465-587-3e5706e081e9?source=rss------bug_bounty-5Very Lazy Techbug-bounty, cybersecurity, smtp, penetration-testing, hacking29-Sep-2024
how i found union based sql injection in hackerone public vdp program?https://doordiefordream.medium.com/how-i-found-union-based-sql-injection-in-hackerone-public-vdp-program-7c76d61f6c77?source=rss------bug_bounty-5cybersecurity researcherethical-hacking, cyber-security-awareness, bug-bounty-writeup, bug-bounty, cybersecurity29-Sep-2024
KidRecon: The Ultimate Automated Subdomain Reconnaissance Tool for Ethical Hackershttps://angixblack.medium.com/kidrecon-the-ultimate-automated-subdomain-reconnaissance-tool-for-ethical-hackers-afb8ed8ea883?source=rss------bug_bounty-5Angix blackinfosec, bug-bounty, recon, automation, bug-bounty-tips29-Sep-2024
Server-Side Request Forgery (SSRF): How Attackers Can Exploit Internal Networkshttps://systemweakness.com/server-side-request-forgery-ssrf-how-attackers-can-exploit-internal-networks-417ed78ae69b?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, technology, cybersecurity29-Sep-2024
Best Bug Bounty and VA/PT Tools in 2024: Use Cases & Commandshttps://medium.com/@anandrishav2228/best-bug-bounty-and-va-pt-tools-in-2024-use-cases-commands-42986d594190?source=rss------bug_bounty-5Rishav anandcybersecurity, bug-bounty, company, pentesting, computer-science29-Sep-2024
Why is Bug Triage Important in Software Testing?https://medium.com/@divyarajsinhdev/why-is-bug-triage-important-in-software-testing-678decfb727f?source=rss------bug_bounty-5Divyarajsinh Dodiaautomation, qa, bug-bounty, testing29-Sep-2024
Understanding Bug Triage: A Crucial Process for Efficient Software Testinghttps://medium.com/@divyarajsinhdev/understanding-bug-triage-a-crucial-process-for-efficient-software-testing-790b9b353177?source=rss------bug_bounty-5Divyarajsinh Dodiatest, qa, automation, bug-bounty, testing29-Sep-2024
DVWA : Cross Site Scripting (XSS) Vulnerability Solution (Low Security Level)https://medium.com/@Kamal_S/dvwa-cross-site-scripting-xss-vulnerability-solution-low-security-level-452396997b5a?source=rss------bug_bounty-5Kamal Ssecurity-testing, xs, bug-bounty, dvwa, owasp29-Sep-2024
Mac Spoofinghttps://bob218.medium.com/mac-spoofing-ad0b180f3fad?source=rss------bug_bounty-5bob218cybersecurity, network-security, cyberattack, osint, bug-bounty29-Sep-2024
Life Sucks P-1https://medium.com/@janpreet9697/life-sucks-p-1-182d702bab02?source=rss------bug_bounty-5Janpreetcybersecurity, life, engineering, bug-bounty, motivation29-Sep-2024
How Bug Bounty Programs can enable widespread fraudhttps://medium.com/@hacktheplanet/how-bug-bounty-programs-can-enable-widespread-fraud-b027f36a49ef?source=rss------bug_bounty-5SirHaxAlotbug-bounty, hacking, fraud, cybersecurity28-Sep-2024
Stories of a sporadic bug bounty hunterhttps://jayaye15.medium.com/stories-of-a-sporadic-bug-bounty-hunter-a09cd32cf0a2?source=rss------bug_bounty-5jb00giecybersecurity, sql-injection, bug-bounty28-Sep-2024
My First Bounty Report Experiencehttps://medium.com/@sreedeepcs.gurukripa/my-first-bounty-report-experience-71095e5c34cd?source=rss------bug_bounty-5ambuheckerbug-bounty, cybersecurity, bug-hunting, hacking28-Sep-2024
Account Takeover and DoS: Weaponizing Enumeration, IDOR, and Registration Floodinghttps://medium.com/@tusharpuri6/account-takeover-and-dos-weaponizing-enumeration-idor-and-registration-flooding-4b88fce20f4b?source=rss------bug_bounty-5Tusharpuripenetration-testing, bug-bounty, offensive-security, application-security, infosec28-Sep-2024
Exploiting a Logic Bug in Discounts Code Generationhttps://medium.com/@sam_0x0/exploiting-a-logic-bug-in-discount-code-generation-a7f624bb396f?source=rss------bug_bounty-5Eslam Omarbug-bounty, logic-bug, hackerone, bug-bounty-tips, bug-bounty-writeup28-Sep-2024
Exploring the Role of Port Scanning in Bug Bounty Huntinghttps://bevijaygupta.medium.com/exploring-the-role-of-port-scanning-in-bug-bounty-hunting-a365e9006b6e?source=rss------bug_bounty-5Vijay Guptaport-scanning, bug-bounty-hunter, scanning, bug-bounty, bugs28-Sep-2024
Essential Tools for Bug Bounty Huntershttps://medium.com/@jatniwalafizza786/essential-tools-for-bug-bounty-hunters-3c2788cf64ae?source=rss------bug_bounty-5Jatniwalafizzacybersecurity, cybersecurity-course, bug-bounty-courses, bug-bounty28-Sep-2024
500$ Email Verification Token Leaks in Requesthttps://medium.com/@0xchoudhary/500-email-verification-token-leaks-in-request-4f0b5ff4b121?source=rss------bug_bounty-5Sushil Choudharyhackerone, bug-bounty, hacking, bounty-program, bugbounty-writeup28-Sep-2024
Top 20 Must-Have Hacking Gadgets for Cybersecurity Professionalshttps://medium.com/@ajaynaikhack/top-20-must-have-hacking-gadgets-for-cybersecurity-professionals-bec4dfe896cf?source=rss------bug_bounty-5Ajay Naikcybersecurity, bug-bounty, gadgets, hacking, information-security28-Sep-2024
Security Misconfiguration: Identifying and Preventing This Common Vulnerabilityhttps://medium.com/@mrutunjayasenapati0/security-misconfiguration-identifying-and-preventing-this-common-vulnerability-14ab1c4989ac?source=rss------bug_bounty-5Mrutunjaya Senapativulnerability, hacking, security-misconfiguration, bug-bounty, penetration-testing28-Sep-2024
Insecure Direct Object References (IDOR): Understanding and Preventing This Vulnerabilityhttps://medium.com/@mrutunjayasenapati0/insecure-direct-object-references-idor-understanding-and-preventing-this-vulnerability-4c8e831f17b4?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, idor, idor-vulnerability, vulnerability, hacking28-Sep-2024
Exploiting a Logic Bug in Discount Codes Generationhttps://medium.com/@sam_0x0/exploiting-a-logic-bug-in-discount-code-generation-a7f624bb396f?source=rss------bug_bounty-5Eslam Omarbug-bounty, logic-bug, hackerone, bug-bounty-tips, bug-bounty-writeup28-Sep-2024
Why Go is the Perfect Choice for CLIshttps://medium.com/@rezauditore/why-go-is-the-perfect-choice-for-clis-477281989ace?source=rss------bug_bounty-5rezauditorepeace, lgbtq, golang, bug-bounty, programming28-Sep-2024
Exposed private key leads to Google cloud service account takeover — Privilege Escalationhttps://vettrivel007.medium.com/exposed-private-key-leads-to-google-cloud-service-account-takeover-privilege-escalation-6f031e20c819?source=rss------bug_bounty-5VETTRIVELbug-bounty-tips, bounty-program, pentesting, bug-bounty, cybersecurity28-Sep-2024
Broken Authentication: A Common Vulnerability Exposing User Accountshttps://cyberw1ng.medium.com/broken-authentication-a-common-vulnerability-exposing-user-accounts-2b48b6f9b644?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, technology28-Sep-2024
Nuclei ile Zafiyet Tespitihttps://medium.com/@alperenkeskk/nuclei-ile-zafiyet-tespiti-ec94aa180aab?source=rss------bug_bounty-5Alperen Keskincyber-security-awareness, bug-bounty-tips, security, tools, bug-bounty28-Sep-2024
HackTheBox Broken Authentication (Skills Assessment)https://medium.com/@N0UR0X01/hackthebox-broken-authentication-skills-assessment-c43feaab1a52?source=rss------bug_bounty-5N0UR0x01htb-writeup, htb-academy, bug-bounty, htb-academy-writeup, broken-authentication28-Sep-2024
How to google dork effectively for private and other bug bounty programshttps://medium.com/@malikirtizameg/how-to-google-dork-effectively-for-private-and-other-bug-bounty-program-d54f9e7b4d57?source=rss------bug_bounty-5bug bountypenetration-testing, python, bug-bounty, cybersecurity, hacking28-Sep-2024
Full Account Takeover via Facebook OAuth Misconfigurationhttps://medium.com/@0x_xnum/full-account-takeover-via-facebook-oauth-misconfiguration-9e30fe1c1da1?source=rss------bug_bounty-5Ahmed Tarekbug-bounty, oauth, bugbounty-writeup, bugcrowd, account-takeover28-Sep-2024
SQL injection attack, querying the database type and version on MySQL and Microsofthttps://medium.com/@codingbolt.in/sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft-162715c6cd0e?source=rss------bug_bounty-5codingboltsql-injection-attack, sql-injection, bug-bounty-writeup, bug-bounty, bug-bounty-tips28-Sep-2024
SQL injection attack, querying the database type and version on Oraclehttps://medium.com/@codingbolt.in/sql-injection-attack-querying-the-database-type-and-version-on-oracle-f78a035c654d?source=rss------bug_bounty-5codingboltbug-bounty-tips, sql-injection, bug-bounty-writeup, bug-bounty, sql-injection-attack28-Sep-2024
ORM HQL Injectionhttps://medium.com/@oscuridad1010/orm-hql-injection-e072207e8942?source=rss------bug_bounty-5Gamiel Manbiotaninfosec, hackerone, bugcrowd, developer, bug-bounty28-Sep-2024
How to use built with for bugbountyhttps://osintteam.blog/how-to-use-built-with-for-bugbounty-9f58ba501f5a?source=rss------bug_bounty-5loyalonlytodayhacking, bug-bounty-tips, cybersecurity, bug-bounty, recon28-Sep-2024
P4 bug’s and their POC steps | Part 5https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-5-242eddd02fd0?source=rss------bug_bounty-5socalledhackerinfosec, hacking, bug-bounty, web-security, bug-bounty-tips28-Sep-2024
Level Up your Bug Bounty Game — to P1s and P2s Series : PART 1https://medium.com/@nireshpandian19/level-up-your-bug-bounty-game-to-p1s-and-p2s-series-part-1-edaa702c8499?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty-writeup, bug-bounty, cybersecurity, ethical-hacking, bug-hunting27-Sep-2024
Web App Hacking Tips & Trick—Celah File Upload — Bagian 1https://medium.com/@mrp.bpp/web-app-hacking-tips-trick-celah-file-upload-bagian-1-1df16a844279?source=rss------bug_bounty-5Mada Perdhanafile-upload-vulnerability, hacking, bug-bounty-tips, bug-bounty, web-hacking27-Sep-2024
Sedikit Tips & Trick Saat Testing API — Bagian 2https://medium.com/@mrp.bpp/sedikit-tips-trick-saat-testing-api-bagian-2-a548a85bcea6?source=rss------bug_bounty-5Mada Perdhanaweb-hacking, api-hacing, bug-bounty, bug-hunting, bug-bounty-tips27-Sep-2024
Sedikit Tips & Trick Saat Testing API — Bagian 1https://medium.com/@mrp.bpp/sedikit-tips-trick-saat-testing-api-bagian-1-3983017fec4d?source=rss------bug_bounty-5Mada Perdhanahacking-apis, web-hacking, bug-bounty, bug-bounty-tips, bug-hunting27-Sep-2024
Deep Dive in Reconnaissance (Chapter 1 [part-2] — Root Domain Enumeration)https://medium.com/@bitthr3at/deep-dive-in-reconnaissance-chapter-1-part-2-root-domain-enumeration-87765a50d125?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)appsec, recon, osint, attack-surface-discovery, bug-bounty27-Sep-2024
How to Become a Bug Bounty Hunter: A Complete Guide for Beginnershttps://medium.com/@anandrishav2228/how-to-become-a-bug-bounty-hunter-a-complete-guide-for-beginners-316c27bb2c8c?source=rss------bug_bounty-5Rishav anandbug-bounty, hackerspaces, hacking, website, cybersecurity27-Sep-2024
SQL injection vulnerability allowing login bypasshttps://medium.com/@codingbolt.in/sql-injection-vulnerability-allowing-login-bypass-7f1de7d77a6a?source=rss------bug_bounty-5codingboltbug-bounty, sql-injection, bug-bounty-tips, bug-bounty-writeup, cybersecurity27-Sep-2024
SQL injection vulnerability in WHERE clause allowing retrieval of hidden datahttps://medium.com/@codingbolt.in/sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-8ea2be5f13df?source=rss------bug_bounty-5codingboltbug-bounty-tips, bug-bounty-writeup, sql-injection, bugs, bug-bounty27-Sep-2024
NMAP Usagehttps://medium.com/@mohanmecktro/nmap-usage-780a7f4ccdcc?source=rss------bug_bounty-5Mohan Mecktrohacking-tools, nmap, bug-bounty, penetration-testing, kali27-Sep-2024
Web App Hacking Tips & Trick — Celah File Upload — Bagian 2https://medium.com/@mrp.bpp/web-app-hacking-tips-trick-celah-file-upload-bagian-2-fdc536d3045e?source=rss------bug_bounty-5Mada Perdhanafile-upload-vulnerability, bug-bounty, web-hacking, bug-bounty-tips, hacking27-Sep-2024
Cross-Site Request Forgery (CSRF): Understanding the Threat and How to Mitigate Ithttps://medium.com/@mrutunjayasenapati0/cross-site-request-forgery-csrf-understanding-the-threat-and-how-to-mitigate-it-fb5db007f13b?source=rss------bug_bounty-5Mrutunjaya Senapatihunting, hacking, vulnerability, csrf, bug-bounty27-Sep-2024
5 Key Factors to Help You Choose the Best Bug Bounty Program on HackerOnehttps://medium.com/@blackarazi/5-key-factors-to-help-you-choose-the-best-bug-bounty-program-on-hackerone-b27bb2159d07?source=rss------bug_bounty-5Azhari Harahapbug-bounty-tips, hackerone, bug-bounty-program, bug-bounty27-Sep-2024
I Spent a Month on a Private Program and Earned $$$$$https://mokhansec.medium.com/i-spent-a-month-on-a-private-program-and-earned-c57b4c3d7dba?source=rss------bug_bounty-5Mohsin khanbug-bounty-tips, bugs, bug-bounty27-Sep-2024
What is Bug Bountyhttps://medium.com/@iabhipathak/what-is-bug-bounty-fc9fe6a73e16?source=rss------bug_bounty-5Abhinav Pathakinformation-security, hacking, bug-bounty, security, cybersecurity27-Sep-2024
Unlocking Success: My Journey to Bypassing 2FA and Winning My First Bounty $800https://medium.com/@mihad0x1/unlocking-success-my-journey-to-bypassing-2fa-and-winning-my-first-bounty-800-c6e7654feea4?source=rss------bug_bounty-5mihad0x1hacking, security-research, bugbounty-writeup, bug-bounty, hacker27-Sep-2024
High vs. Low Severity Bugs: A Complete Guide to Bug Classification in Software and Cybersecurityhttps://medium.com/@shoaibjamal663/classification-of-bugs-high-vs-low-severity-bugs-62ce16630ddf?source=rss------bug_bounty-5Muhammad Shoaib Jamalsoftware-development, bugs, risk-management, cybersecurity, bug-bounty27-Sep-2024
NoSQL Injection Attackshttps://medium.com/@majix_de/nosql-injection-attacks-1397fd366c28?source=rss------bug_bounty-5Majixhacking, bug-bounty, penetration-testing, nosql, bug-bounty-tips27-Sep-2024
️ Information Disclosure Vulnerability: Exposing API Keys and Tokens in a Private Programhttps://medium.com/@kumawatabhijeet2002/%EF%B8%8F-information-disclosure-vulnerability-exposing-api-keys-and-tokens-in-a-private-program-e06c4d110552?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, information-disclosure, vulnerability, bug-bounty-tips, pii-data27-Sep-2024
From Enumeration to Takeover: Crack the Code of Subdomain Vulnerabilities!https://enigma96.medium.com/from-enumeration-to-takeover-crack-the-code-of-subdomain-vulnerabilities-4fea92cd0374?source=rss------bug_bounty-5enigmabug-bounty-tips, pentesting, bug-bounty, bugs, hacking27-Sep-2024
How a Simple Exploit Can Lead to a $500 Bounty — Cache Deceptionhttps://infosecwriteups.com/how-a-simple-exploit-can-lead-to-a-500-bounty-cache-deception-8da0583f6013?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, technology, bug-bounty, cybersecurity, careers27-Sep-2024
How I Found an Authentication Flaw in a Chat Featurehttps://medium.com/@krishnast545/my-first-high-severity-bug-how-i-found-an-authentication-flaw-in-a-chat-feature-58fb0f939a4a?source=rss------bug_bounty-5Krishnabugs, bug-bounty27-Sep-2024
Privilege Escalation on Amazon Linux (SageMaker)https://medium.com/@rickconsole/privilege-escalation-on-amazon-linux-sagemaker-cf115042ea5f?source=rss------bug_bounty-5Rick Consolebug-bounty, cloud-computing, cybersecurity, aws, penetration-testing27-Sep-2024
Web App Hacking Tips & Trick — Celah File Upload — Bagian 3https://medium.com/@mrp.bpp/web-app-hacking-tips-trick-celah-file-upload-bagian-3-8ec192d1633b?source=rss------bug_bounty-5Mada Perdhanahacking, bug-hunting, bug-bounty-tips, bug-bounty, file-upload-vulnerability27-Sep-2024
Web Cache Poisoning with Multiple Headershttps://medium.com/@rcxsecurity/web-cache-poisoning-with-multiple-headers-d4e27497288e?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafeinformation-security, information-technology, penetration-testing, cybersecurity, bug-bounty27-Sep-2024
It’s not a bug. It really is a feature.https://medium.com/@info_11548/its-not-a-bug-it-really-is-a-feature-b758f1454970?source=rss------bug_bounty-5Cloette Zager with FranGuardian Corporationbug-bounty, features, featured, featured-stories, bugs27-Sep-2024
Vulnerability: Multiple Vulnerabilities in Linux CUPS (CVSS 9.9)https://infosecwriteups.com/vulnerability-multiple-vulnerabilities-in-linux-cups-cvss-9-9-49dbdcd73cb0?source=rss------bug_bounty-5Ajay Naikbug-bounty, vulnerability, rewards, information-security, cybersecurity27-Sep-2024
my first easy IDOR in a big companyhttps://medium.com/@malikirtizameg/my-first-easy-idor-in-a-big-company-104ee6c4a7ff?source=rss------bug_bounty-5bug bountybug-bounty-tips, cybersecurity, bug-bounty, hacking, ethical-hacking27-Sep-2024
Shodan Revealed: How to Discover Vulnerabilities Across the Webhttps://medium.com/@RejuKole.com/shodan-revealed-how-to-discover-vulnerabilities-across-the-web-925a382bb9bd?source=rss------bug_bounty-5Reju Kolebug-bounty, ethical-hacking, shodan, bug-bounty-tips, web27-Sep-2024
The Art of the Phantom Deposit: a study on vulnerabilities in crypto exchangeshttps://medium.com/@silviosaturnowk/the-art-of-the-phantom-deposit-a-study-on-vulnerabilities-in-crypto-exchanges-3a356153bfe2?source=rss------bug_bounty-5Silvio Saturnoexploit, cybersecurity, bug-bounty, smart-contracts, solidity27-Sep-2024
How to install Subdominator & how to find subdomains using Subdominator !!https://medium.com/@sherlock297/how-to-install-subdominator-how-to-find-subdomains-using-subdominator-fe9b48be2aea?source=rss------bug_bounty-5Ravindra Dagalewindows, tools, tutorial, bug-bounty, subdominator26-Sep-2024
10 Essential Blog Sites For Bug Bounty Huntershttps://medium.com/@RaunakGupta1922/10-essential-blog-sites-for-bug-bounty-hunters-8309cbbe3756?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitknowledge, learning, articles, hacking, bug-bounty26-Sep-2024
Deep Dive in Reconnaissance (Chapter 1 [part-1] — Root Domain Enumeration)https://medium.com/@bitthr3at/deep-dive-in-reconnaissance-chapter-1-part-1-root-domain-enumeration-7ddfda1283fd?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)osint, appsec, recon, attack-surface-discovery, bug-bounty26-Sep-2024
Exploiting SMTP on Metasploitable 2: Unveiling the Power of Port 25https://medium.com/@thefellowhacker/exploiting-smtp-on-metasploitable-2-unveiling-the-power-of-port-25-4fab583855f8?source=rss------bug_bounty-5Taahir Mujawarrhacker, hacking, cybersecurity, technology, bug-bounty26-Sep-2024
Cross-Site Scripting (XSS): Understanding and Mitigating a Common Web Vulnerabilityhttps://medium.com/@mrutunjayasenapati0/cross-site-scripting-xss-understanding-and-mitigating-a-common-web-vulnerability-fe82824c24f5?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, hunting, xss-attack, vulnerability, bug-bounty26-Sep-2024
Story of Time Machines: Where Archived URLs and Juicy Information Handshake Each Otherhttps://medium.com/@security.tecno/story-of-time-machines-where-archived-urls-and-juicy-information-handshake-each-other-11efd831da46?source=rss------bug_bounty-5TECNO Securitysecurity, bug-bounty, research, hacking26-Sep-2024
Vulnerable WordPress August 2024 (Museum of Ostad Bohtouni)https://medium.com/@onhexgroup/vulnerable-wordpress-august-2024-museum-of-ostad-bohtouni-dad683a3ef15?source=rss------bug_bounty-5Onhexgroupwordpress-security, wordpress, bug-bounty, info, cybersecurity26-Sep-2024
Top 7 Free Cybersecurity Tools Every Beginner Must Try Today!https://medium.com/@paritoshblogs/top-7-free-cybersecurity-tools-every-beginner-must-try-today-44eea1aa91b8?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, projects, cybersecurity, free26-Sep-2024
Analyzing a Real HTTP Request Smuggling Attack. What Happened here?https://medium.com/@rezauditore/analyzing-a-real-http-request-smuggling-attack-what-happened-here-19dbc6edf9a4?source=rss------bug_bounty-5rezauditorepentesting, bug-bounty, ctf-writeup, lgbtq, tips26-Sep-2024
CVE-2024–45519 in Zimbra — Bounty 1000 USDhttps://infosecwriteups.com/cve-2024-45519-in-zimbra-bounty-1000-usd-0304b2a813f3?source=rss------bug_bounty-5Ajay Naikhacking, vulnerability, bug-bounty, rewards, cybersecurity26-Sep-2024
Mastering IDS: A Comprehensive Guide with Snort Implementationhttps://medium.com/@hackeraakash2002/mastering-ids-a-comprehensive-guide-with-snort-implementation-4ccc8192a0cf?source=rss------bug_bounty-5HackwithAJnetwork-security, bug-bounty, hacking, cyber-security-awareness, ids-ips26-Sep-2024
SSH Hacking: How to Exploit Port 22 Vulnerabilities for Penetration Testinghttps://medium.com/@verylazytech/ssh-hacking-how-to-exploit-port-22-vulnerabilities-for-penetration-testing-601d257ee491?source=rss------bug_bounty-5Very Lazy Techcybersecurity, hacking, penetration-testing, bug-bounty, exploit26-Sep-2024
Bug bounty – Recon Tips for subdomain enumerationhttps://medium.com/@tharunteja725_8686/bug-bounty-recon-tips-for-subdomain-enumeration-0b3d51ad1cc8?source=rss------bug_bounty-5Chidurala Tharun tejabug-bounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity, oscp26-Sep-2024
Akamai WAF Bypass Lead To Discover 30 XSS bugshttps://medium.com/@nagashygaballah/akamai-waf-bypass-lead-to-discover-30-xss-bugs-bea0f8be1dd4?source=rss------bug_bounty-5111xNagashytips-and-tricks, cybersecurity, xss-attack, penetration-testing, bug-bounty26-Sep-2024
SUBDOMAIN ENUMERATION — BUGBOUNTYhttps://medium.com/@tharunteja725_8686/subdomain-enumeration-bugbounty-2831b70ee735?source=rss------bug_bounty-5Chidurala Tharun tejapenetration-testing, bug-bounty, cybersecurity, oscp, bug-bounty-tips26-Sep-2024
Reflected XSS with event handlers and href attributes blockedhttps://medium.com/@codingbolt.in/reflected-xss-with-event-handlers-and-href-attributes-blocked-b333eb18942e?source=rss------bug_bounty-5codingboltxss-attack, xss-vulnerability, cyberattack, cybersecurity, bug-bounty26-Sep-2024
Reflected XSS with AngularJS sandbox escape and CSPhttps://medium.com/@codingbolt.in/reflected-xss-with-angularjs-sandbox-escape-and-csp-e68867138b6f?source=rss------bug_bounty-5codingboltxss-attack, cybersecurity, bug-bounty, cybercrime, bug-bounty-tips26-Sep-2024
Reflected XSS with AngularJS sandbox escape without stringshttps://medium.com/@codingbolt.in/reflected-xss-with-angularjs-sandbox-escape-without-strings-e434c669ac56?source=rss------bug_bounty-5codingboltbug-bounty, xss-attack, cyberattack, cybersecurity, bug-bounty-tips26-Sep-2024
Exploiting XSS to perform CSRFhttps://medium.com/@codingbolt.in/exploiting-xss-to-perform-csrf-1aac291690bd?source=rss------bug_bounty-5codingboltxss-attack, bug-bounty-writeup, bug-bounty-tips, bug-bounty, cybersecurity26-Sep-2024
How To Configure Metasploitable Machine To Hack? | Primary Hacking School #3https://medium.com/@nnface/how-to-configure-metasploitable-machine-to-hack-primary-hacking-school-3-083cd63c47cf?source=rss------bug_bounty-5NnFacehacking-tools, hacking, bug-bounty, cybersecurity, kali-linux26-Sep-2024
White Hat vs Black Hat Hackers: What’s the Real Difference & Which One Are You?https://codingrasi.medium.com/white-hat-vs-black-hat-hackers-whats-the-real-difference-which-one-are-you-f2c7327d77a7?source=rss------bug_bounty-5CodingRasiyoutube-creators, hacking, bug-bounty, ethical-hacking, hacker26-Sep-2024
Reflected XSS protected by CSP, with CSP bypasshttps://medium.com/@codingbolt.in/reflected-xss-protected-by-csp-with-csp-bypass-58d46ec1fc71?source=rss------bug_bounty-5codingboltxss-attack, xss-vulnerability, bug-bounty, bug-bounty-tips, cybersecurity26-Sep-2024
Reflected XSS protected by very strict CSP, with dangling markup attackhttps://medium.com/@codingbolt.in/reflected-xss-protected-by-very-strict-csp-with-dangling-markup-attack-029d16b86163?source=rss------bug_bounty-5codingboltxss-vulnerability, xss-attack, bug-bounty-tips, bug-bounty, cybersecurity26-Sep-2024
SSRF Simplified (OWASP 2021-A10)https://medium.com/@kannnannmk/ssrf-simplified-owasp-2021-a10-62586a3468f4?source=rss------bug_bounty-5Neelamegha Kannan Spenetration-testing, vulnerability, cybersecurity, bug-bounty, information-security26-Sep-2024
Reflected XSS in a JavaScript URL with some characters blockedhttps://medium.com/@codingbolt.in/reflected-xss-in-a-javascript-url-with-some-characters-blocked-7decfa413c79?source=rss------bug_bounty-5codingboltbug-bounty-tips, cybersecurity, bugs, xss-attack, bug-bounty26-Sep-2024
Finding subdomains using security trails api keyhttps://osintteam.blog/finding-subdomains-using-security-trails-api-key-8b45d5a4629e?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, hacking, bug-bounty-tips, cybersecurity, bug-bounty26-Sep-2024
IDORS — leaking 1.5 crore user detailshttps://medium.com/@nireshpandian19/idors-leaking-1-5-crore-user-details-5bbc3b9368e2?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty, idor-vulnerability, ethical-hacking, idor, cybersecurity25-Sep-2024
Exploring the Role of Port Scanning in Bug Bounty Huntinghttps://bevijaygupta.medium.com/exploring-the-role-of-port-scanning-in-bug-bounty-hunting-169a1d723bb0?source=rss------bug_bounty-5Vijay Guptaport-scanning, bug-bounty, bugs, bug-bounty-writeup, bug-bounty-tips25-Sep-2024
My First Easy IDOR: A Simple Guide to Understanding Insecure Direct Object Referenceshttps://medium.com/@Alireza.salmani/my-first-easy-idor-a-simple-guide-to-understanding-insecure-direct-object-references-8b48aa1da8ea?source=rss------bug_bounty-5Alireza Salmanibug-bounty, access-control, ethical-hacking, web-application-security, cybersecurity25-Sep-2024
Golang edge case: when “defer” will never work out in your codehttps://waclawthedev.medium.com/golang-edge-case-when-defer-will-never-work-out-in-your-code-f783518679e9?source=rss------bug_bounty-5Wacław The Developergolang, bug-bounty, defer, go, backend25-Sep-2024
Finding a p4 as per bugcrowd vrthttps://medium.com/@loyalonlytoday/finding-a-p4-as-per-bugcrowd-vrt-9f08278a75ae?source=rss------bug_bounty-5loyalonlytodaybug-bounty, penetration-testing, web-hacking, bugbounty-writeup, bugs25-Sep-2024
How I Discovered DOM XSS by Analyzing Javascript Codehttps://medium.com/@fajarsylvana/how-i-discovered-dom-xss-by-analyzing-javascript-code-6fa57c680a0e?source=rss------bug_bounty-5Fajar Sylvanapentesting, bug-bounty-tips, hacking, penetration-testing, bug-bounty25-Sep-2024
FTP Hacking: How to Exploit Port 21 Vulnerabilities for Penetration Testinghttps://medium.com/@verylazytech/ftp-hacking-how-to-exploit-port-21-vulnerabilities-for-penetration-testing-bbd65e2238da?source=rss------bug_bounty-5Very Lazy Technetwork-security, ethical-hacking, bug-bounty, cybersecurity, penetration-testing25-Sep-2024
Cracking the Code: How I Took Over Admin Accounts Across Organizationshttps://medium.com/@ismailsaid1603/cracking-the-code-how-i-took-over-admin-accounts-across-organizations-5d135ba152b4?source=rss------bug_bounty-5Esmail Saied (0xSp1DeR)tips-and-tricks, hackerone, bugcrowd, bugbounty-writeup, bug-bounty25-Sep-2024
How I proved impact with Google Map API Keyhttps://r0b0ts.medium.com/how-i-proved-impact-with-google-map-api-key-7aa801616abb?source=rss------bug_bounty-5r0b0tsbug-bounty-writeup, bug-bounty-tips, bugbounty-writeup, bug-bounty, bug-bounty-hunter25-Sep-2024
website leaking otp in inspect elemethttps://osintteam.blog/website-leaking-otp-in-inspect-elemet-8da71ae4004d?source=rss------bug_bounty-5loyalonlytodaybug-bounty, hacking, bugbounty-writeup, bug-bounty-tips, penetration-testing25-Sep-2024
Reflected XSS into a JavaScript string with single quote and backslash escapedhttps://medium.com/@codingbolt.in/reflected-xss-into-a-javascript-string-with-single-quote-and-backslash-escaped-621b6a187f04?source=rss------bug_bounty-5codingboltbugs, bug-bounty-tips, xss-attack, bug-bounty, xss-vulnerability25-Sep-2024
Reflected XSS in canonical link taghttps://medium.com/@codingbolt.in/reflected-xss-in-canonical-link-tag-c4902808a6e7?source=rss------bug_bounty-5codingboltxss-attack, bug-hunting, bug-bounty, bug-bounty-tips, bugs25-Sep-2024
Kerentanan Kritis : Bypass Autentikasi (CVE-2024–7593) pada Ivanti vTM: Penjelasan dan Tindakan…https://medium.com/@mrp.bpp/kerentanan-bypass-autentikasi-kritis-cve-2024-7593-pada-ivanti-vtm-penjelasan-dan-tindakan-77d159f53199?source=rss------bug_bounty-5Mada Perdhanabug-bounty, hacking, ivanti-service-manager, exploit, 0-day-attacks25-Sep-2024
Eksfiltrasi Data Menggunakan Komunikasi DNS (Out-of-Band)https://medium.com/@mrp.bpp/eksfiltrasi-data-menggunakan-komunikas-idns-out-of-band-7932a1ab335f?source=rss------bug_bounty-5Mada Perdhanaoob, bug-bounty, bug-bounty-tips, hacking25-Sep-2024
Exploiting cross-site scripting to steal cookieshttps://medium.com/@codingbolt.in/exploiting-cross-site-scripting-to-steal-cookies-8f57e316e8d3?source=rss------bug_bounty-5codingboltbug-bounty-tips, xss-attack, xss-vulnerability, cookies, bug-bounty25-Sep-2024
Understanding Common Web Vulnerabilities: A Guide for Beginnershttps://medium.com/@mrutunjayasenapati0/understanding-common-web-vulnerabilities-a-guide-for-beginners-398e8987cc4f?source=rss------bug_bounty-5Mrutunjaya Senapatibeginner, bug-bounty, vulnerability, beginners-guide, guides-and-tutorials25-Sep-2024
Reflected XSS into a template literal with angle brackets, single, double quotes, backslash and…https://medium.com/@codingbolt.in/reflected-xss-into-a-template-literal-with-angle-brackets-single-double-quotes-backslash-and-5acbbd9f2631?source=rss------bug_bounty-5codingboltbug-bounty, bug-bounty-writeup, bug-bounty-tips, xss-attack25-Sep-2024
Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and single quotes…https://medium.com/@codingbolt.in/stored-xss-into-onclick-event-with-angle-brackets-and-double-quotes-html-encoded-and-single-quotes-9af43308602b?source=rss------bug_bounty-5codingboltbug-bounty-tips, bug-bounty, xss-vulnerability, bugs, xss-attack25-Sep-2024
Reflected XSS into a JavaScript string with angle brackets and double quotes HTML-encoded and…https://medium.com/@codingbolt.in/reflected-xss-into-a-javascript-string-with-angle-brackets-and-double-quotes-html-encoded-and-e1ad9b482189?source=rss------bug_bounty-5codingboltbug-bounty-tips, xss-attack, xss-vulnerability, bugs, bug-bounty25-Sep-2024
Skrip Otomatisasi XSS (Cross-Site Scripting)https://medium.com/@mrp.bpp/skrip-otomatisasi-xss-cross-site-scripting-6b6064da0408?source=rss------bug_bounty-5Mada Perdhanabug-bounty, xss-attack, tools, hacking, bug-bounty-tips25-Sep-2024
How to Create a Fun, Engaging, and Long-Lasting Bug Bounty Program for Your Communityhttps://medium.com/@GrowthKingdom/how-to-create-a-fun-engaging-and-long-lasting-bug-bounty-program-for-your-community-f67da7fb230a?source=rss------bug_bounty-5Growth Kingdomdapps, blockchain, web3, crypto, bug-bounty25-Sep-2024
Understanding SQL Injection: A Deep Dive into One of the Most Common Web Vulnerabilitieshttps://medium.com/@mrutunjayasenapati0/understanding-sql-injection-a-deep-dive-into-one-of-the-most-common-web-vulnerabilities-2c5d031180c6?source=rss------bug_bounty-5Mrutunjaya Senapatisql-injection, hacking, injection, bug-bounty, sql25-Sep-2024
How Bug Bounties Strengthen Defenses -InITScienceAIhttps://medium.com/@initscienceaiandlooklivenews/how-bug-bounties-strengthen-defenses-initscienceai-c727d3b8a2d3?source=rss------bug_bounty-5InITScienceAibug-bounty-tips, bugs, bugbounting, bug-bounty, bug-bounty-hunter24-Sep-2024
Advanced Port Scanning Techniques for Bug Bounty Programshttps://bevijaygupta.medium.com/advanced-port-scanning-techniques-for-bug-bounty-programs-fd22a049ed37?source=rss------bug_bounty-5Vijay Guptabugs, bug-bounty, bug-bounty-tips, port-scanning, bug-zero24-Sep-2024
test:test not Part 2https://medium.com/@bxrowski0x/test-test-not-part-2-492fb030c8c2?source=rss------bug_bounty-5Omar ElSayedbug-bounty, keycloak, bug-bounty-tips, bug-bounty-writeup, cybersecurity24-Sep-2024
Unlocking Web3 Success: Why Code4rena & Codehawk Are the Ultimate Bug Bounty Platforms for Newbieshttps://medium.com/@firmanregar/unlocking-web3-success-why-code4rena-codehawk-are-the-ultimate-bug-bounty-platforms-for-newbies-c1c041117934?source=rss------bug_bounty-5Firman Siregarbug-bounty, smart-contract-security24-Sep-2024
Mastering Subdomain Takeoverhttps://medium.com/@verylazytech/mastering-subdomain-takeover-48d9b9d593a9?source=rss------bug_bounty-5Very Lazy Techsubdomain-takeover, cybersecurity, bug-bounty, subdomain, hacking24-Sep-2024
DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encodedhttps://medium.com/@codingbolt.in/dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-51f3b873d180?source=rss------bug_bounty-5codingbolthacking, web-hacking, bug-bounty, xss-attack, xss-vulnerability24-Sep-2024
DOM XSS in document.write sink using source location.search inside a select elementhttps://medium.com/@codingbolt.in/dom-xss-in-document-write-sink-using-source-location-search-inside-a-select-element-80223838d4af?source=rss------bug_bounty-5codingboltxss-attack, xss-vulnerability, bug-bounty, hacking, bugs24-Sep-2024
What Are Bugs in Cybersecurity? Understanding the Basicshttps://medium.com/@shoaibjamal663/what-are-bugs-in-cybersecurity-understanding-the-basics-84f2f9ef7304?source=rss------bug_bounty-5Muhammad Shoaib Jamalbugs, cybersecurity, vulnerability, bug-bounty, bug-bounty-tips24-Sep-2024
Price Tampering | Buying course at ₹1!https://medium.com/@anchalrajawat009/price-tampering-buying-course-at-1-09759112e9a4?source=rss------bug_bounty-5Aanchal Singh Rajawatbug-bounty, business-logic-flaw, hacking24-Sep-2024
$1500-P1-Business logic/Failed Defense Vulnerabilityhttps://itsravikiran25.medium.com/1500-p1-business-logic-failed-defense-vulnerability-0b1915aca994?source=rss------bug_bounty-5ravikiraNinfosec, cybersecurity, bug-bounty, hacking, bugbounty-tips24-Sep-2024
Panduan Bagi Pemula untuk Memasuki Dunia Bug Bountyhttps://medium.com/@mrp.bpp/panduan-bagi-pemula-untuk-memasuki-dunia-bug-bounty-bba812d0f680?source=rss------bug_bounty-5Mada Perdhanabug-bounty-writeup, bug-bounty, bug-bounty-tips, bug-bounty-hunter, panduan-pemula24-Sep-2024
Going Crazy with Farming VDPs: Extplorer Admin Panel Bypass & Remote Code Execution (RCE)https://infosecwriteups.com/going-crazy-with-farming-vdps-extplorer-admin-panel-bypass-remote-code-execution-rce-ed6ae27bbce9?source=rss------bug_bounty-5YoungVandainfosec, technology, cybersecurity, hacking, bug-bounty24-Sep-2024
Unlock the Hidden Doors of the Android World: Legendary Recon Tools for Bug Bounty!https://medium.com/@rootspaghetti/unlock-the-hidden-doors-of-the-android-world-legendary-recon-tools-for-bug-bounty-9065e3aa6268?source=rss------bug_bounty-5Root@Spaghettibug-bounty, bug-bounty-tips24-Sep-2024
An IDOR leads to leak users detailshttps://medium.com/@mohameddiv77/an-idor-leads-to-leak-users-details-b54a2280e0f9?source=rss------bug_bounty-5Mohamed Ibrahimbug-bounty-tips, bug-bounty24-Sep-2024
diffrent types of burpsuite extenstions for bughuntinghttps://medium.com/@loyalonlytoday/diffrent-types-of-burpsuite-extenstions-for-bughunting-d411b3d002e1?source=rss------bug_bounty-5loyalonlytodayhacking, bugs, bug-bounty-tips, bug-bounty, burpsuite24-Sep-2024
Reflected XSS with some SVG markup allowedhttps://medium.com/@codingbolt.in/reflected-xss-with-some-svg-markup-allowed-e7aafbf02378?source=rss------bug_bounty-5codingboltxss-attack, xss-vulnerability, ethical-hacking, bug-bounty, cybersecurity24-Sep-2024
Reflected XSS into HTML context with most tags and attributes blockedhttps://medium.com/@codingbolt.in/reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-0bb80ac37064?source=rss------bug_bounty-5codingboltbug-bounty, xss-attack, bug-bounty-tips, xss-vulnerability, bug-bounty-writeup24-Sep-2024
$1500-P1-Business logic/Failed Defense Vulnerabilityhttps://itsravikiran25.medium.com/1500-p1-business-logic-failed-defense-vulnerability-0b1915aca994?source=rss------bug_bounty-5r@v!k!r@ncybersecurity, bug-bounty, hacking, infosec-write-ups, bugbounty-tips24-Sep-2024
Mendapatkan Akses SMTP Melalui Celah SQL Injectionhttps://rdnzx.medium.com/mendapatkan-akses-smtp-melalui-celah-sql-injection-f6d593fcad5e?source=rss------bug_bounty-5Radian IDcybersecurity, bug-bounty, sql-injection, bug-bounty-writeup, bug-bounty-tips24-Sep-2024
You Won’t Find Any Vulnerabilities Without This Technique: Get Your First Bug Bountyhttps://medium.com/@shaikhminhaz1975/you-wont-find-any-vulnerabilities-without-this-technique-get-your-first-bug-bounty-dee2af93e607?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, red-team, penetration-testing, vulnerability, bug-bounty23-Sep-2024
Master the subdomain hunting Part 2https://infosecwriteups.com/master-the-subdomain-hunting-part-2-dea0ee035019?source=rss------bug_bounty-5ʏᴀꜱʜʜ2fa, subdomain, bug-bounty-tips, bugs, bug-bounty23-Sep-2024
Automate Bug Hunting With This Toolhttps://medium.com/@josuofficial327/automate-bug-hunting-with-this-tool-68dfbbaaa0b1?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binucybersecurity, info-sec-writeups, ethical-hacking, bug-bounty, bug-bounty-hunter23-Sep-2024
From Developer to Hacker: Breaking into GraphQLhttps://medium.com/@jonathanmondaut/from-developer-to-hacker-breaking-into-graphql-6083c80b4588?source=rss------bug_bounty-5Jonathan Mondautbug-bounty, graphql, hacker, hacking, technology23-Sep-2024
Unlocking Bug Bounties: The Power of Port Scanninghttps://bevijaygupta.medium.com/unlocking-bug-bounties-the-power-of-port-scanning-ebca71c898a7?source=rss------bug_bounty-5Vijay Guptaport-scanning, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs23-Sep-2024
Best Platforms to Learn for Becoming a Pentester or Bug Bounty Hunterhttps://rendiero.medium.com/best-platforms-to-learn-for-becoming-a-pentester-or-bug-bounty-hunter-6c6aa8cbdd64?source=rss------bug_bounty-5Rendierobug-bounty, penetration-testing, hacker, learning, resources23-Sep-2024
RXSS with My Approachhttps://medium.com/@nomad8061/rxss-with-my-approach-c9a989d3ba0b?source=rss------bug_bounty-5Ahmed Badrybug-bounty-tips, bug-bounty-writeup, bug-zero, bugs, bug-bounty23-Sep-2024
From CORS Misconfiguration to Account Takeoverhttps://medium.com/@majix_de/from-cors-misconfiguration-to-account-takeover-1231f263a90e?source=rss------bug_bounty-5Majixbug-bounty-tips, bug-bounty, hacking, penetration-testing, programming23-Sep-2024
Unauthenticated API Endpoint to Create Support Ticket Worth $500https://vijetareigns.medium.com/unauthenticated-api-endpoint-to-create-support-ticket-worth-500-789e91ad9a00?source=rss------bug_bounty-5the_unlucky_guybug-bounty, cybersecurity, bug-bounty-tips, bugbounty-writeup, bug-bounty-writeup23-Sep-2024
DOM XSS using Web Messages and a JavaScript URLhttps://medium.com/@rcxsecurity/dom-xss-using-web-messages-and-a-javascript-url-dcced7fa4195?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafeinformation-technology, information-security, cybersecurity, penetration-testing, bug-bounty23-Sep-2024
Uncovering a Stored XSS Vulnerability on Drugs.comhttps://medium.com/@regan_temudo/uncovering-a-stored-xss-vulnerability-on-drugs-com-1748ccbecc16?source=rss------bug_bounty-5Regan Temudocross-site-scripting, bug-bounty, xx, cybersecurity, stored-xxs23-Sep-2024
How to Guide to SQL Injection Testing: Manual Testing Techniques and SQLMap Usagehttps://medium.com/@mustafa_kamal/how-to-guide-to-sql-injection-testing-manual-testing-techniques-and-sqlmap-usage-5e45046b07bf?source=rss------bug_bounty-5Mustafa Khansql, hacking, bug-bounty, sql-injection, sqlmap23-Sep-2024
finding a easy p4https://medium.com/@loyalonlytoday/finding-a-easy-p4-08272e48f778?source=rss------bug_bounty-5loyalonlytodaybugs, penetration-testing, bug-bounty, bugbounty-writeup, bug-bounty-tips23-Sep-2024
Bypassing restrictions using special charactershttps://medium.com/@youssefmoner2022/bypassing-restrictions-using-special-characters-8f11af75d278?source=rss------bug_bounty-5Youssefmonerbug-bounty, hacking, vulnerability23-Sep-2024
Turning a Closed Bug Report into $650: The Art of Demonstrating Impact!https://hasanka-amarasinghe.medium.com/turning-a-closed-bug-report-into-650-the-art-of-demonstrating-impact-730a3df78df8?source=rss------bug_bounty-5Hasanka Amarasinghebugbounty-writeup, salesforce, bug-bounty, infosec, cybersecurity23-Sep-2024
Cross-Site-Scripting (XSS): Understanding and Mitigating Web Vulnerabilitieshttps://medium.com/@RejuKole.com/cross-site-scripting-xss-understanding-and-mitigating-web-vulnerabilities-b2b5a2c606fc?source=rss------bug_bounty-5Reju Kolebug-bounty-tips, bug-bounty, web, xss-attack, xss-vulnerability23-Sep-2024
Reflected XSS into a JavaScript string with angle brackets HTML encodedhttps://medium.com/@codingbolt.in/reflected-xss-into-a-javascript-string-with-angle-brackets-html-encoded-b9b60f4b2823?source=rss------bug_bounty-5codingboltxss-attack, bug-bounty, bugs, xss-vulnerability, bug-bounty-tips23-Sep-2024
Stored XSS into anchor href attribute with double quotes HTML-encodedhttps://medium.com/@codingbolt.in/stored-xss-into-anchor-href-attribute-with-double-quotes-html-encoded-9f384d27aa95?source=rss------bug_bounty-5codingboltbug-bounty-tips, bugs, bug-bounty, xss-attack, xss-vulnerability23-Sep-2024
750$ in 5 Minutes - XXE to LFIhttps://skramthu.medium.com/750-in-5-minutes-xxe-to-lfi-897bca9c304c?source=rss------bug_bounty-5Ramhackerone, money, security, bug-bounty, infosec23-Sep-2024
How to Guide SQL Injection: Manual Testing Techniques and SQLMap Usagehttps://medium.com/@mustafa_kamal/how-to-guide-to-sql-injection-testing-manual-testing-techniques-and-sqlmap-usage-5e45046b07bf?source=rss------bug_bounty-5Mustafa Khansql, hacking, bug-bounty, sql-injection, sqlmap23-Sep-2024
When a Session Token Isn’t Enough, A Full Account Takeover Storyhttps://medium.com/@ahmedramadan.ar16148/when-a-session-token-isnt-enough-a-full-account-takeover-story-cf99421bb1e3?source=rss------bug_bounty-5Ahmed Ramadanoauth2, oauth, penetration-testing, authentication, bug-bounty23-Sep-2024
Hacking The butler — Jenkins hacking 101https://thexssrat.medium.com/hacking-the-butler-jenkins-hacking-101-e437ed557460?source=rss------bug_bounty-5Thexssrathacks, bug-bounty, hacking, jenkins23-Sep-2024
P4 bug’s and their POC steps | Part 4https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-4-fd81b91fd368?source=rss------bug_bounty-5socalledhackerbugs, web-security, infosec, bug-bounty, cybersecurity23-Sep-2024
TECNO Security Response Center 3rd Anniversary | Safeguarding Product Security, Grateful for Our…https://medium.com/@security.tecno/tecno-security-response-center-3rd-anniversary-safeguarding-product-security-grateful-for-our-550016adce10?source=rss------bug_bounty-5TECNO Securitybirthday, security, hacking, bug-bounty22-Sep-2024
Practical Incident Response: A Step-by-Step Guidehttps://medium.com/@paritoshblogs/practical-incident-response-a-step-by-step-guide-290dadca6e2d?source=rss------bug_bounty-5Paritoshinformation-technology, incident-response, cybersecurity, bug-bounty, ai22-Sep-2024
5 unique Lesser-known methods to find vulnerabilities for bug bounty huntershttps://harish45.medium.com/5-unique-lesser-known-methods-to-find-vulnerabilities-for-bug-bounty-hunters-03799e73c153?source=rss------bug_bounty-5Harishcybersecurity, bug-bounty, bug-bounty-tips, ethical-hacking, hackerrank22-Sep-2024
Port Scanning Tactics to Boost Your Bug Bounty Successhttps://bevijaygupta.medium.com/port-scanning-tactics-to-boost-your-bug-bounty-success-5d46191fa92e?source=rss------bug_bounty-5Vijay Guptabugs, bug-bounty-tips, bug-bounty, tactics, port-scanning22-Sep-2024
How I Leveraged Open Redirect to Account Takeoverhttps://medium.com/@abdelrahman0x01/how-i-leveraged-open-redirect-to-account-takeover-b0ff213d23dc?source=rss------bug_bounty-5Abdelrahman0x01cyberattack, account-takeover, penetration-testing, cybersecurity, bug-bounty22-Sep-2024
Finding emails for this issue. Finding a easy bug to get a easy $$$https://medium.com/@loyalonlytoday/finding-emails-for-this-issue-finding-a-easy-bug-to-get-a-easy-5bc4cd00d112?source=rss------bug_bounty-5loyalonlytodaybug-bounty, penetration-testing, bugbounty-writeup, hacking, bug-bounty-tips22-Sep-2024
How i got 250 euro bountyhttps://doordiefordream.medium.com/how-i-got-250-euro-bounty-9e523fdf807d?source=rss------bug_bounty-5cybersecurity researcherbug-bounty, bugs, cybersecurity, ethical-hacking22-Sep-2024
How I Discovered an Account Takeover from a Reset Password Vulnerabilityhttps://medium.com/@bountyget/how-i-discovered-an-account-takeover-from-a-reset-password-vulnerability-aa39fe0896b5?source=rss------bug_bounty-5Dhiren Kumar Pradhancybersecurity, infosec, bug-bounty-writeup, bug-bounty-tips, bug-bounty22-Sep-2024
From Simple File Import to Full Server Exposure: The Power of SSRF Exploitationhttps://medium.com/@tusharpuri6/from-simple-file-import-to-full-server-exposure-the-power-of-ssrf-exploitation-64ee925e54dc?source=rss------bug_bounty-5Tusharpuriinfosec, bug-bounty, penetration-testing, offensive-security, application-security22-Sep-2024
5 unique Lesser-known methods to find vulnerabilities for bug bounty huntershttps://osintteam.blog/5-unique-lesser-known-methods-to-find-vulnerabilities-for-bug-bounty-hunters-03799e73c153?source=rss------bug_bounty-5Harishcybersecurity, bug-bounty, bug-bounty-tips, ethical-hacking, hackerrank22-Sep-2024
How I was decrypting the traffic and getting from low privilege user to full admin accesshttps://sadc0d3r.medium.com/how-i-was-decrypting-the-traffic-and-getting-from-low-privilege-user-to-full-admin-access-6a2f3b743ac5?source=rss------bug_bounty-5Ahmed Rabeaa Mosaa (SadC0d3r)penetration-test, penetration-testing, cybersecurity, web-attack, bug-bounty22-Sep-2024
How I Hacked Into a Nationwide University Database System Exposing Thousands of Student Recordshttps://1-day.medium.com/how-i-hacked-into-a-nationwide-university-database-system-exposing-thousands-of-student-records-65dce4e4ee23?source=rss------bug_bounty-51daybug-bounty-writeup, penetration-testing, writeup, hacking, bug-bounty22-Sep-2024
Join any project = Criticalhttps://medium.com/@etfchg18/join-any-project-critical-b3625d09876e?source=rss------bug_bounty-5iiiwaleedbug-bounty, web-security, bug-bounty-tips22-Sep-2024
Top 3 subdomain takeovershttps://infosecwriteups.com/top-3-subdomain-takeovers-ea51ecd911fd?source=rss------bug_bounty-5Hicham Almakroudiethical-hacking, hackerone, subdomain-takeover, bug-report, bug-bounty22-Sep-2024
#1 Bug Hunting: Subdomain Enumeration — Explainedhttps://infosecwriteups.com/1-bug-hunting-subdomain-enumeration-explained-389e6fcb3f62?source=rss------bug_bounty-5Om Maniyacybersecurity, enumeration, bug-bounty, programming, bug-bounty-tips21-Sep-2024
Understanding Insecure Deserializationhttps://medium.com/@kannnannmk/understanding-insecure-deserialization-faea7bc5ff5e?source=rss------bug_bounty-5Neelamegha Kannan Sbug-bounty, insecure-deserialization, bug-bounty-tips, cybersecurity, penetration-testing21-Sep-2024
Mastering Port Scanning for Bug Bounty Huntershttps://bevijaygupta.medium.com/mastering-port-scanning-for-bug-bounty-hunters-226c8d007023?source=rss------bug_bounty-5Vijay Guptaport-scanning, bug-bounty-tips, bug-bounty, bugs, port-scan21-Sep-2024
Email Injection | Unseen Threathttps://medium.com/@abolfazl.vaziri/email-injection-unseen-threat-6db7e32ab656?source=rss------bug_bounty-5Abolfazl Vaziriemail, email-attack, bug-bounty, hacking, email-injection21-Sep-2024
My First CVE: A Dream Realizedhttps://medium.com/@mAd13/my-first-cve-a-dream-realized-8bad3ede900a?source=rss------bug_bounty-5Makwana Abhikhacking, cve, cybersecurity, cve-2024-8042, bug-bounty21-Sep-2024
DOM-based XSS: Exploiting `document.write` with `location.search`https://medium.com/@codingbolt.in/dom-based-xss-exploiting-document-write-with-location-search-b5276b34b51b?source=rss------bug_bounty-5Coding Boltxss-attack, bug-bounty, xss-vulnerability, bug-hunting, bugs21-Sep-2024
Some Token Leak Can Lead to Disclose a Lot of Users’ Personal Datahttps://r0b0ts.medium.com/some-token-leak-can-lead-to-disclose-a-lot-of-users-personal-data-6b5b7748ccec?source=rss------bug_bounty-5r0b0tsbug-bounty-writeup, pentesting, bug-bounty, web-security, bug-bounty-tips21-Sep-2024
500$: Open Redirect Vulnerabilityhttps://medium.com/@a13h1/500-open-redirect-vulnerability-9cc9fd4d9b7b?source=rss------bug_bounty-5Abhi Sharmaprogramming, cybersecurity, open-redirect, infosec, bug-bounty21-Sep-2024
My First CVE: A Dream Realizedhttps://medium.com/@mAd13/my-first-cve-a-dream-realized-8bad3ede900a?source=rss------bug_bounty-5Abhik Makwanahacking, cve, cybersecurity, cve-2024-8042, bug-bounty21-Sep-2024
Simple IDOR vulnerability can lead to leak Email address of all usershttps://r0b0ts.medium.com/simple-idor-vulnerability-can-lead-to-leak-email-address-of-all-users-055ada3ba3fc?source=rss------bug_bounty-5r0b0tsbug-bounty, bug-bounty-tips, bug-bounty-writeup, web-security, pentesting21-Sep-2024
How Hackers Crack Active Directory Passwords and Exploit MFA : Are You Next?https://medium.com/@paritoshblogs/how-hackers-crack-active-directory-passwords-and-exploit-mfa-are-you-next-11cfdd0feb20?source=rss------bug_bounty-5Paritoshchatgpt, active-directory, hacking, bug-bounty, cybersecurity21-Sep-2024
Welcome to My Cybersecurity Journeyhttps://medium.com/@mrutunjayasenapati0/welcome-to-my-cybersecurity-journey-e795aebd096d?source=rss------bug_bounty-5Mrutunjaya Senapatiethical-hacking, bugs, bug-bounty, bug-bounty-tips, cybersecurity21-Sep-2024
DOM-based XSS: Exploiting `document.write` with `location.search`https://medium.com/@codingbolt.in/dom-based-xss-exploiting-document-write-with-location-search-b5276b34b51b?source=rss------bug_bounty-5codingboltxss-attack, bug-bounty, xss-vulnerability, bug-hunting, bugs21-Sep-2024
Reflected XSS into Attribute with HTML-Encodedhttps://medium.com/@codingbolt.in/reflected-xss-into-attribute-with-html-encoded-ffe97e2c1439?source=rss------bug_bounty-5codingboltbugs, xss-vulnerability, xss-attack, bug-bounty, cybersecurity21-Sep-2024
Taking ffuf Fuzzing Furtherhttps://medium.com/@learntheshell/taking-ffuf-fuzzing-further-016be44d0b07?source=rss------bug_bounty-5LearnTheShellbug-bounty, hacking, ffuf, bug-bounty-tips, fuzzing21-Sep-2024
Finding a easy Bughttps://medium.com/@loyalonlytoday/finding-a-easy-bug-caed2e199b1d?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, hacking, bug-bounty, bug-bounty-tips, bugbounty-writeup21-Sep-2024
DOM XSS in jQuery: The Danger of `href` Attribute with `location.search` Sourcehttps://medium.com/@codingbolt.in/dom-xss-in-jquery-the-danger-of-href-attribute-with-location-search-source-b2d883cbec59?source=rss------bug_bounty-5codingboltbug-hunting, bug-bounty, xss-attack, bug-bounty-tips, bugs21-Sep-2024
DOM-based XSS: The Case of `innerHTML` and `location.search`https://medium.com/@codingbolt.in/dom-based-xss-the-case-of-innerhtml-and-location-search-373c47866c56?source=rss------bug_bounty-5codingboltbug-bounty, bug-bounty-writeup, xss-vulnerability, xss-attack, bug-bounty-tips21-Sep-2024
Accessing full history of Firepad users.https://medium.com/@adityaahuja.work/accessing-full-history-of-firepad-users-ddc889e73936?source=rss------bug_bounty-5Aditya Ahujaowasp-top-10, cybersecurity, bug-bounty, information-disclosure, cyber-awareness21-Sep-2024
test:test type of bughttps://medium.com/@bxrowski0x/test-test-type-of-bug-cfb352d9bf85?source=rss------bug_bounty-5Omar ElSayedbug-bounty, cybersecurity, keycloak, bug-bounty-writeup, bug-bounty-tips21-Sep-2024
XSS via Cookie Injection: A Deep Dive into the Discoveryhttps://medium.com/@ayushkr99732/xss-via-cookie-injection-a-deep-dive-into-the-discovery-9ef70e22eceb?source=rss------bug_bounty-5Ayushkrpentesting, cross-site-scripting, bug-bounty, cookie-injection21-Sep-2024
Persistent XSS via Cookie Injection: A Deep Dive into the Discoveryhttps://medium.com/@ayushkr99732/xss-via-cookie-injection-a-deep-dive-into-the-discovery-9ef70e22eceb?source=rss------bug_bounty-5Ayushkrpentesting, cross-site-scripting, bug-bounty, cookie-injection21-Sep-2024
Safety above all else! MoreLogin joins Bugrap Bug Bounty Platformhttps://medium.com/@moreloginbrowser/safety-above-all-else-morelogin-joins-bugrap-bug-bounty-platform-b92a99d7e4d7?source=rss------bug_bounty-5MoreLogin Browsersecurity, bug-bounty, antidetect-browser, white-hat-hacker, cybersecurity20-Sep-2024
Common Job Roles in Cyber Securityhttps://medium.com/@RaunakGupta1922/common-job-roles-in-cyber-security-e792d367af67?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitcyber-security-awareness, bug-bounty, diversity, jobs, hacking20-Sep-2024
A Perfect Story Which help to Understand Bug Bountyhttps://medium.com/@Butcher_hell/a-perfect-story-which-help-to-understand-bug-bounty-c0a699239629?source=rss------bug_bounty-5W H I Z H A W Kcybersecurity, storytelling, hacking, bug-bounty, technology20-Sep-2024
How to Learn and Participate in Bug Bountieshttps://rendiero.medium.com/how-to-learn-and-participate-in-bug-bounties-1a2e71dd190b?source=rss------bug_bounty-5Rendierocybersecurity, beginners-guide, learning, bug-bounty, hacking20-Sep-2024
Bypassing Rate Limits: All Known Techniqueshttps://medium.com/@raxomara/bypassing-rate-limits-all-known-techniques-25891bb5ca59?source=rss------bug_bounty-5Raxomararate-limit-bypass, bug-bounty-tips, security-research, cybersecurity, bug-bounty20-Sep-2024
Finding a easy p4https://medium.com/@loyalonlytoday/finding-a-easy-p4-e32c47c8b54a?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs20-Sep-2024
The Ultimate Guide to Forgot Password Test Cases ‍https://medium.com/@chinmaya_ramana/the-ultimate-guide-to-forgot-password-test-cases-059e483fdc40?source=rss------bug_bounty-5Chinmaya Ramanasecurity, hacking, bug-bounty, web-application-security, application-security20-Sep-2024
Clickjacking Vulnerability to trigger Reflacted XSShttps://medium.com/@g52238317/clickjacking-vulnerability-to-trigger-reflacted-xss-9029cc5fd676?source=rss------bug_bounty-5Abdelrhman Yassercybersecurity, clickjacking, xss-attack, bug-bounty20-Sep-2024
Bypassing Date Restrictions in an Educational Platform: A Logic Flaw Exploithttps://medium.com/@ahmed_ashraf/bypassing-date-restrictions-in-an-educational-platform-a-logic-flaw-exploit-fdd3d0e3a1cb?source=rss------bug_bounty-5Ahmedashrafbusiness-logic-flaw, privilege-escalation, cybersecurity, bug-bounty, penetration-testing20-Sep-2024
Bug Bounty Dark Reality: The Hidden Truth of Successful Bug Huntinghttps://medium.com/@yashpawar1199/bug-bounty-dark-reality-the-hidden-truth-of-successful-bug-hunting-0b9ed547802d?source=rss------bug_bounty-5Yash Pawar @HackersParadisebug-bounty-dark-reality, bug-bounty, howu-hnters-find-bugs, bounty-efforts-fail, successful-bug-hunting20-Sep-2024
Unlocking Restricted Features: A Vulnerability Analysis of Organization’s Role Managementhttps://0xmatrix.medium.com/unlocking-restricted-features-a-vulnerability-analysis-of-organizations-role-management-aa6a4f7bd0d3?source=rss------bug_bounty-5Mo2men Elmadyhacking, penetration-testing, bug-bounty-tips, bug-bounty, cybersecurity20-Sep-2024
Exploiting GraphQL API Suggestionshttps://nir-choubey-2011.medium.com/exploiting-graphql-api-suggestions-7695e5b8c3ef?source=rss------bug_bounty-5niraj choubeyapi-security, bug-bounty, security, graphql-security20-Sep-2024
Safety above all else! MoreLogin joins Bugrap Bug Bounty Platformhttps://medium.com/@moreloginbrowser/safety-above-all-else-morelogin-joins-bugrap-bug-bounty-platform-cdc178fd6e7e?source=rss------bug_bounty-5MoreLogin Browserbug-bounty, cybersecurity, morelogin, antidetect-browser, security19-Sep-2024
Best Bug Bounty and Pentesting Methodology for Beginners: A Step-by-Step Guidehttps://bevijaygupta.medium.com/best-bug-bounty-and-pentesting-methodology-for-beginners-a-step-by-step-guide-a68170d3acc8?source=rss------bug_bounty-5Vijay Guptabugs, penetration-testing, bug-bounty, bug-bounty-tips, pentesting19-Sep-2024
How to get shodan membership upgrade for freehttps://medium.com/@hichamalmakroudi/how-to-get-shodan-membership-upgrade-for-free-4f21122d2d73?source=rss------bug_bounty-5Hicham Almakroudishodan, hacking-tools, ethical-hacking, bug-bounty, free19-Sep-2024
Nikto A Powerful Web Server Scanner for Vulnerability Assessmenthttps://medium.com/@yashpawar1199/nikto-a-powerful-web-server-scanner-for-vulnerability-assessment-1bd257204f41?source=rss------bug_bounty-5Yash Pawar @HackersParadisebug-bounty, hacking, penetration-testing, cybersecurity, nikto19-Sep-2024
How a 403 bypass got me a bountyhttps://medium.com/@ehsameer/how-a-403-bypass-got-me-a-bounty-7b2d58c0fd88?source=rss------bug_bounty-5ehsameerbug-bounty-tips, bugbounty-writeup, bug-bounty, hackerone19-Sep-2024
How Hackers Trick You Into Actions You Never Meant to Do !https://medium.com/@yassentaalab51/how-hackers-trick-you-into-actions-you-never-meant-to-do-c0993c8f1bbe?source=rss------bug_bounty-5Yassen Taalabowasp, penetration-testing, bug-bounty, cybersecurity, clickjacking19-Sep-2024
How to install Bug Bounty Hunting Tools on Linux and Windows by using Golang(Go)[ProjectDiscovery]https://medium.com/@abdulrahman.muhammad.qarni52/getting-started-with-projectdiscovery-tools-on-linux-and-windows-70e644f1198c?source=rss------bug_bounty-5OxLegacy52hacking, tools-for-hacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty19-Sep-2024
Finding a easy bug to get a easy $$$https://medium.com/@loyalonlytoday/finding-a-easy-bug-to-get-a-easy-f008b2b25f73?source=rss------bug_bounty-5loyalonlytodayhacking, bug-bounty-tips, penetration-testing, bugbounty-writeup, bug-bounty19-Sep-2024
Primary Hacking School #2 After Installing Kalihttps://medium.com/@nnface/primary-hacking-school-2-after-installing-kali-6a226c68e7de?source=rss------bug_bounty-5NnFacekali-linux, linux, bug-bounty, cybersecurity, hacking19-Sep-2024
Understanding File Permissions and Ownershiphttps://cyberw1ng.medium.com/understanding-file-permissions-and-ownership-d73c07f373e2?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, technology, bug-bounty, careers, cybersecurity19-Sep-2024
How I hacked multiple Indian universities (AGAIN).https://medium.com/@alimuhammadsecured/how-i-hacked-multiple-indian-universities-again-d1b9c2a0e01d?source=rss------bug_bounty-5Alimuhammadsecuredctf, cybersecurity, hacking, bug-bounty, malware19-Sep-2024
How Hackers Trick You Into Actions You Never Meant to Do !https://medium.com/@yassentaalab51/how-hackers-trick-you-into-actions-you-never-meant-to-do-c0993c8f1bbe?source=rss------bug_bounty-5Killuaowasp, penetration-testing, bug-bounty, cybersecurity, clickjacking19-Sep-2024
Understanding File Permissions and Ownershiphttps://systemweakness.com/understanding-file-permissions-and-ownership-d73c07f373e2?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, technology, bug-bounty, careers, cybersecurity19-Sep-2024
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node packagehttps://medium.com/@p0lyxena/2-500-bug-bounty-write-up-remote-code-execution-rce-via-unclaimed-node-package-6b9108d10643?source=rss------bug_bounty-5Fuleki Ioanbugcrowd, bug-bounty, writeup, cybersecurity, remote-code-execution18-Sep-2024
Write up : Business Logic Flaw in Payment Discount Calculation Allows Excessive Discount…https://medium.com/@jakboubmostefa/write-up-business-logic-flaw-in-payment-discount-calculation-allows-excessive-discount-19d567f5da18?source=rss------bug_bounty-5Mostefa Jakboubvulnerability, bug-bounty, cybersecurity18-Sep-2024
10 Essential Browser Extensions for Bug Bounty Huntershttps://medium.com/@firdansp/10-essential-browser-extensions-for-bug-bounty-hunters-f17f8b001bcc?source=rss------bug_bounty-50verRidabug-bounty-tips, writeup, bug-hunting, extension, bug-bounty18-Sep-2024
How to Perform a Cybersecurity Risk Assessment: The Simple Guidehttps://medium.com/@paritoshblogs/how-to-perform-a-cybersecurity-risk-assessment-the-simple-guide-b37d1b986682?source=rss------bug_bounty-5Paritoshbug-bounty, risk, hacking, chatgpt, cybersecurity18-Sep-2024
Leveling Up the Wrong Way: Exploiting API Vulnerabilities in Game Progressionhttps://aminudin.medium.com/leveling-up-the-wrong-way-exploiting-api-vulnerabilities-in-game-progression-19f883f48da8?source=rss------bug_bounty-5Aminudinhacker, bug-bounty, bug-bounty-tips18-Sep-2024
Scanning ip’s got from virustotalhttps://medium.com/@loyalonlytoday/scanning-ips-got-from-virustotal-7baa7398ba83?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, bug-bounty, penetration-testing, hacking, bug-bounty-writeup18-Sep-2024
Mastering Cybersecurity “A Guide to Effective Learning”https://rendiero.medium.com/mastering-cybersecurity-a-guide-to-effective-learning-9e32bd8c5926?source=rss------bug_bounty-5Rendierocybersecurity, bug-bounty, penetration-testing, hacking, learning18-Sep-2024
Scanning ip’s got from virustotal to find a bughttps://medium.com/@loyalonlytoday/scanning-ips-got-from-virustotal-7baa7398ba83?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, bug-bounty, penetration-testing, hacking, bug-bounty-writeup18-Sep-2024
The Reality of Cybersecurity Jobs: Why Freshers Should Focus on Defense✨ Over Hackinghttps://medium.com/@mohammedthoufeeq_25137/the-reality-of-cybersecurity-jobs-why-freshers-should-focus-on-defense-over-hacking-002cd641a453?source=rss------bug_bounty-5Mohamed Thoufeeqcybersecurity, hacking, cyberattack, programming, bug-bounty18-Sep-2024
😞The Reality of Cybersecurity Jobs: Why Freshers Should Focus on Defense✨ Over Hacking 😎https://medium.com/@shari7a0x/protect-your-account-zero-click-account-takeover-for-admin-support-through-password-update-d155c7966b6e?source=rss------bug_bounty-5Shari7a0xbug-bounty-tips, bug-bounty, ato, bugs18-Sep-2024
Real Bug Bounty & Penetration Testing on Live Websites: Step-by-Step Guide (Part 2)https://medium.com/@shaikhminhaz1975/real-bug-bounty-penetration-testing-on-live-websites-step-by-step-guide-part-2-19ca30b17b93?source=rss------bug_bounty-5Shaikh Minhazethical-hacking, bug-bounty, cybersecurity, penetration-testing, chatgpt18-Sep-2024
How Black Hat Hackers Hack into your Telegram Groups !!!https://medium.com/@josuofficial327/how-black-hat-hackers-hack-into-your-telegram-groups-6970a93a20e1?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binupenetration-testing, ethical-hacking, bug-bounty, hacking, cybersecurity18-Sep-2024
Missing Rate Limit Vulnerability: How to Test and Identify Ithttps://medium.com/@octayus/missing-rate-limit-vulnerability-how-to-test-and-identify-it-2f3937e903e6?source=rss------bug_bounty-5OctaYuscybersecurity, infosec, hacking, bug-bounty, twitter18-Sep-2024
How I Utilized AI to Discover an Amazon S3 Bucket Takeover Vulnerability in Red Bull’s Bug Bounty…https://medium.com/@mohamedsaqibc/how-i-utilized-ai-to-discover-an-amazon-s3-bucket-takeover-vulnerability-in-red-bulls-bug-bounty-503d3c4d995f?source=rss------bug_bounty-5Mohamed Saqib Chacking, artificial-intelligence, cybersecurity, bug-bounty18-Sep-2024
Hunting APIs for Bounties: How to Hack and Win Big in Bug Bounties!https://medium.com/@rootspaghetti/hunting-apis-for-bounties-how-to-hack-and-win-big-in-bug-bounties-942d0f4e0885?source=rss------bug_bounty-5Root@Spaghettihacking, bug-bounty, bug-bounty-tips18-Sep-2024
P4 bug’s and their POC steps | Part 3https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-3-298087630cac?source=rss------bug_bounty-5socalledhackerweb, web-security, p4-bugs, bug-bounty, vulnerability18-Sep-2024
Live Bug Bounty Walkthrough: How to Hunt & Report Bugs Effectively (Part 2)https://medium.com/cyberscribers-exploring-cybersecurity/real-bug-bounty-penetration-testing-on-live-websites-step-by-step-guide-part-2-19ca30b17b93?source=rss------bug_bounty-5Shaikh Minhazethical-hacking, bug-bounty, cybersecurity, penetration-testing, chatgpt18-Sep-2024
Using Application Functionality to Exploit Insecure Deserializationhttps://medium.com/@rcxsecurity/using-application-functionality-to-exploit-insecure-deserialization-b4e7c6abdae1?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafeinformation-security, penetration-testing, bug-bounty, information-technology, cybersecurity17-Sep-2024
First-Time Penetration Testing: How to Uncovered Critical Flaws at a Company (Interactive Guide)https://medium.com/@paritoshblogs/first-time-penetration-testing-how-to-uncovered-critical-flaws-at-a-company-interactive-guide-4275f79c02ce?source=rss------bug_bounty-5Paritoshhacking, bug-bounty, ai, penetration-testing, cybersecurity17-Sep-2024
From GitHub Recon to Hotstar Admin Access: A Deep Dive into Security Flawshttps://infosecwriteups.com/from-github-recon-to-hotstar-admin-access-a-deep-dive-into-security-flaws-2e4ae0ec937e?source=rss------bug_bounty-5Vishal Vishwakarmahacking, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-writeup17-Sep-2024
“ part 2 Beginner’s Bug Bounty Methodology: A Journey from Writeups to Real-World Application”https://medium.com/@mahdisalhi0500/part-2-beginners-bug-bounty-methodology-a-journey-from-writeups-to-real-world-application-5d62f79e039f?source=rss------bug_bounty-5CaptinSHArky(Mahdi)cybersecurity, bug-bounty-tips, bug-bounty, ethical-hacking, infose17-Sep-2024
How To Find Clickjacking Easily…https://medium.com/@josuofficial327/how-to-find-clickjacking-under-a-minute-751089be3f74?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binupenetration-testing, bug-bounty, cybersecurity, info-sec-writeups, bug-bounty-tips17-Sep-2024
#5. Bug Bounty Series: $$$ by AWS S3 Bucket misconfigurationshttps://cyb3rmind.medium.com/5-bug-bounty-series-by-aws-s3-bucket-misconfigurations-fb645057d03e?source=rss------bug_bounty-5Cyb3r M!ndspenetration-testing, takeovers, bug-bounty, subdomain-takeover, s3-bucket17-Sep-2024
How I got my first $$$ bounty?https://medium.com/@yashsomalkar/how-i-got-my-first-bounty-098d75ae650d?source=rss------bug_bounty-5Rudrakshackerbug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips, idor-vulnerability17-Sep-2024
Platforms and vulnerable webapps for practing and learning webpentestinghttps://medium.com/@loyalonlytoday/platforms-and-vulnerable-webapps-for-practing-and-learning-webpentesting-b76df42e3ec4?source=rss------bug_bounty-5loyalonlytodaybug-bounty, penetration-testing, hacking, bugbounty-writeup, web-penetration-testing17-Sep-2024
Direct Volume Access Attackhttps://medium.com/@reemmoslem34/direct-volume-access-attack-dfbb2d73e406?source=rss------bug_bounty-5Rem Khalidbug-bounty, cryptocurrency, malware, hacking, cybersecurity17-Sep-2024
Dll Side Loading Attackhttps://medium.com/@reemmoslem34/dll-side-loading-attack-80ea716fd588?source=rss------bug_bounty-5Rem Khalidpython, malware, cybersecurity, hacking, bug-bounty17-Sep-2024
A bypass on GitLab’s Login Email Verification via OAuth ROPC flow.https://cybxis.medium.com/a-bypass-on-gitlabs-login-email-verification-via-oauth-ropc-flow-e194242cad96?source=rss------bug_bounty-5cybxishackerone, gitlab, oauth2, bug-bounty17-Sep-2024
Type of Cyber Securityhttps://medium.com/@RaunakGupta1922/type-of-cyber-security-c43047a34fe7?source=rss------bug_bounty-5Raunak Gupta Aka Biscuithacking, bug-bounty, social-media, cybersecurity, basics16-Sep-2024
Menguasai Reconnaissance: Metode lengkap untuk mengumpulkan informasihttps://hack4funacademy.medium.com/menguasai-reconnaissance-metode-lengkap-untuk-mengumpulkan-informasi-acdeba7dc054?source=rss------bug_bounty-5Hack4Fun Academyprogramming, bug-bounty, hacking, cybersecurity, networking16-Sep-2024
How to Set Up Proxychains in Kali Linuxhttps://medium.com/@vignesh6872610/how-to-set-up-proxychains-in-kali-linux-ddd44c3502af?source=rss------bug_bounty-5Vignesh Pbug-bounty, bug-bounty-writeup, proxychains, linux-tutorial, bug-bounty-tips16-Sep-2024
Three Months of Full-Time Bug Bounty Hunting as a Newbie in 2024https://medium.com/@nchaitreddyutilities/three-months-of-full-time-bug-bounty-hunting-as-a-newbie-in-2024-a941977b61f1?source=rss------bug_bounty-5Chaitanya Reddybug-bounty-tips, cybersecurity, bug-bounty, writeup16-Sep-2024
WhatsApp View Once Privacy Issue Initial Fix Assessment: The Good, the Bad and The Uglyhttps://medium.com/@TalBeerySec/whatsapp-view-once-privacy-issue-initial-fix-assessment-the-good-the-bad-and-the-ugly-be97ec1cc2e5?source=rss------bug_bounty-5Tal Be'erysecurity, web-development, bug-bounty, privacy, whatsapp16-Sep-2024
Guide to Finding and Exploiting Web Cache Poisoninghttps://systemweakness.com/guide-to-finding-and-exploiting-web-cache-poisoning-f32d0962d28d?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, careers, technology, bug-bounty16-Sep-2024
The Curious Case Of MutantBedrog’s Trusted-Types CSP Bypasshttps://blog.confiant.com/the-curious-case-of-mutantbedrogs-trusted-types-csp-bypass-950b19a38b4f?source=rss------bug_bounty-5Eliya Steinbug-bounty, malvertising, hacking, cybersecurity, threat-intelligence16-Sep-2024
How I Found Live Traffic Exposure on a Public Server: One of my interesting findingshttps://medium.com/@josuofficial327/how-i-found-live-traffic-exposure-on-a-public-server-one-of-my-interesting-findings-0ecde16813a8?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty, cybersecurity, penetration-testing, bugbounty-writeup, bug-bounty-hunter16-Sep-2024
Using Full potential of Virustotal for Bugbountyhttps://medium.com/@loyalonlytoday/using-full-potential-of-virustotal-for-bugbounty-8d80221ab2e4?source=rss------bug_bounty-5loyalonlytodaybugbounty-tips, penetration-testing, hacking, bug-bounty, bugbounty-writeup16-Sep-2024
How i accidently found a server side template injectionhttps://medium.com/@malikirtizameg/how-i-accidently-found-a-server-side-template-injection-f5e7aec0b64d?source=rss------bug_bounty-5Insbat Arshadcybersecurity, bug-bounty, programming, devops, python16-Sep-2024
CloudSek CTF 2024 Writeuphttps://naumankh4n.medium.com/cloudsek-ctf-aug-2024-writeup-6b4409675f88?source=rss------bug_bounty-5Nauman Khanhacking, bug-bounty, ctf, penetration-testing, ctf-writeup16-Sep-2024
Subdomain takeover amazon S3https://medium.com/@hichamalmakroudi/subdomain-takeover-amazon-s3-21de0af8a1d3?source=rss------bug_bounty-5Hicham Almakroudibug-bounty, aws, hacking, s3, subdomain-takeover16-Sep-2024
How To Get Easy critical 0 click account takeover on public bug bounty program at hackerone !https://medium.com/@kaforybory/how-to-get-easy-critical-0-click-account-takeover-on-public-bug-bounty-program-at-hackerone-8b1859cc7738?source=rss------bug_bounty-5Hassan Makkiinfosec, bug-bounty-tips, cybersecurity, bug-bounty, bug-hunting16-Sep-2024
Structure your recon files before they structure youhttps://medium.com/@paractmol/structure-your-recon-files-before-they-structure-you-ba3509a182f0?source=rss------bug_bounty-5paractmolgolang, recon, tools, bug-bounty, automation-tools16-Sep-2024
How to Kick Off Your Journey into Bug Hunting: A Beginner's Guidehttps://medium.com/@justluke5691/how-to-kick-off-your-journey-into-bug-hunting-a-beginners-guide-eb5a551f4edb?source=rss------bug_bounty-5K. Niraj Chandra Singhabug-bounty, technology, cybersecurity16-Sep-2024
very easy and helpfull for new hunters, how i accidently found a server side template injectionhttps://medium.com/@malikirtizameg/how-i-accidently-found-a-server-side-template-injection-f5e7aec0b64d?source=rss------bug_bounty-5Insbat Arshadcybersecurity, bug-bounty, programming, devops, python16-Sep-2024
Structure your recon files before they become unstructuredhttps://medium.com/@paractmol/structure-your-recon-files-before-they-structure-you-ba3509a182f0?source=rss------bug_bounty-5paractmolgolang, recon, tools, bug-bounty, automation-tools16-Sep-2024
#3 HOW TO FIND OPEN REDIRECT EASILY ???https://medium.com/@josuofficial327/3-how-to-find-open-redirect-easily-fd8a7ea6e12b?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuthreat-intelligence, bug-bounty, bug-bounty-tips, threat-hunting, cybersecurity15-Sep-2024
Subdomain Takeovers for Beginnershttps://medium.com/@hichamalmakroudi/subdomain-takeovers-for-beginners-a51ed74db543?source=rss------bug_bounty-5Hicham Almakroudisubdomain-takeover, bug-bounty, bug-bounty-tips, ethical-hacking, hacking15-Sep-2024
XSS — Cross Site Scriptinghttps://medium.com/@codingboltacademy/xss-cross-site-scripting-65e1981817df?source=rss------bug_bounty-5Coding Bolt Academyxss-vulnerability, xss-attack, bug-bounty, cross-site-scripting, ethical-hacking15-Sep-2024
IDOR — Broken Access Controlhttps://medium.com/@codingboltacademy/idor-broken-access-control-efeb6698919f?source=rss------bug_bounty-5Coding Bolt Academyethical-hacking, penetration-testing, cybersecurity, bug-bounty, idor15-Sep-2024
How i got 100$ bountyhttps://medium.com/@mukkumukku110/how-i-got-100-bounty-b3dd58e82e00?source=rss------bug_bounty-5bughunterbug-bounty, bugs, bug-bounty-writeup, bug-bounty-tips15-Sep-2024
Hunting for Corporate Accounts: Exploiting IDOR and Parameter Pollution in Web Applicationshttps://medium.com/@tusharpuri6/hunting-for-corporate-accounts-exploiting-idor-and-parameter-pollution-in-web-applications-1792294e0c48?source=rss------bug_bounty-5Tusharpuribug-bounty, application-security, penetration-testing, offensive-security, infosec15-Sep-2024
Live Bug Bounty & Penetration Testing on Real Websites: Step-by-Step Guide (Part 1)https://medium.com/@shaikhminhaz1975/live-bug-bounty-penetration-testing-on-real-websites-step-by-step-guide-part-1-971ccc9b9587?source=rss------bug_bounty-5Shaikh Minhazbug-bounty, bug-bounty-tips, penetration-testing, cybersecurity, information-gathering15-Sep-2024
SQL Injetionhttps://medium.com/@adhikarisudip869/sql-injetion-f6f5f4291cbc?source=rss------bug_bounty-5Sudip Adhikarisql, sql-injection, bug-bounty15-Sep-2024
How to Find IDOR Vulnerabilities: A Guide for Bug Bounty Hunters and Developershttps://cyberw1ng.medium.com/how-to-find-idor-vulnerabilities-a-guide-for-bug-bounty-hunters-and-developers-3d2ba2a766f5?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, cybersecurity, technology, careers15-Sep-2024
BugBounty platforms Listhttps://medium.com/@loyalonlytoday/bugbounty-platforms-list-ed3a5af3a8a2?source=rss------bug_bounty-5loyalonlytodaybugbounty-writeup, bug-bounty-tips, hacking, bug-bounty, penetration-testing15-Sep-2024
Automating the CORS Vulnerability Scanhttps://angixblack.medium.com/automating-the-cors-vulnerability-scan-66d57752cc36?source=rss------bug_bounty-5Angix blackcors, infosec, pentesting, bug-bounty, corsan15-Sep-2024
A very easy bug anyone can findhttps://medium.com/@malikirtizameg/a-very-easy-bug-anyone-can-find-8d2b11a768c7?source=rss------bug_bounty-5Insbat Arshadprogramming, cybersecurity, bug-bounty, software-engineering, devops15-Sep-2024
How to Find IDOR Vulnerabilities: A Guide for Bug Bounty Hunters and Developershttps://systemweakness.com/how-to-find-idor-vulnerabilities-a-guide-for-bug-bounty-hunters-and-developers-3d2ba2a766f5?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, cybersecurity, technology, careers15-Sep-2024
Mastering WordPress Pentesting: The Ultimate Resource Guidehttps://medium.com/@RaunakGupta1922/mastering-wordpress-pentesting-the-ultimate-resource-guide-423bc1e1ddef?source=rss------bug_bounty-5Raunak Gupta Aka Biscuithacking, cybersecurity, wordpress, bug-bounty, wordpress-plugins14-Sep-2024
Telnet Takedown: The Port 23 Exploit on Metasploitable 2, Part IIIhttps://medium.com/@thefellowhacker/telnet-takedown-the-port-23-exploit-on-metasploitable-2-part-iii-a10a6e15b468?source=rss------bug_bounty-5Taahir Mujawarrcybersecurity, bug-bounty, metasploitable, hacking, penetration-testing14-Sep-2024
Open Redirect via Image Uploadhttps://medium.com/@osamamohamed21212121/open-redirect-via-image-upload-bf6f87f8d447?source=rss------bug_bounty-5Osamamohamedbug-bounty-tips, bug-bounty, bugs, bug-zero, bug-bounty-writeup14-Sep-2024
SSRF Via Image Uploadhttps://medium.com/@osamamohamed21212121/ssrf-via-image-upload-f046e2d0e692?source=rss------bug_bounty-5Osamamohamedbug-bounty, bug-zero, bug-bounty-writeup, bugs, bug-bounty-tips14-Sep-2024
Critical Data Breach Exposed: A Deep Dive into a Government Agency’s Security Flawhttps://medium.com/@contact.adnanks/critical-data-breach-exposed-a-deep-dive-into-a-government-agencys-security-flaw-3c4a9b431de6?source=rss------bug_bounty-5Adnan K Sbug-bounty-tips, security, cybersecurity, bug-bounty-writeup, bug-bounty14-Sep-2024
Unlocking Admin Privileges: How I Exploited an IDOR Vulnerabilityhttps://medium.com/@cybsersec/unlocking-admin-privileges-how-i-exploited-an-idor-vulnerability-6829b595889a?source=rss------bug_bounty-5Cybserseccybersecurity, security-research, bug-bounty14-Sep-2024
Unlocking Admin Privileges: How I Exploited an IDOR Vulnerabilityhttps://medium.com/@Krypton09/unlocking-admin-privileges-how-i-exploited-an-idor-vulnerability-6829b595889a?source=rss------bug_bounty-5Kryptoncybersecurity, security-research, bug-bounty14-Sep-2024
How I Discovered a Major Security Flaw in Keltron’s Server Using Google Dorkinghttps://medium.com/@contact.adnanks/how-i-discovered-a-major-security-flaw-in-keltrons-server-using-google-dorking-f8bb3c784803?source=rss------bug_bounty-5Adnan K Scybersecurity, security, owncloud, bug-bounty-tips, bug-bounty14-Sep-2024
how to install kali linux on windows using wsl(windows subsystem linux)https://medium.com/@loyalonlytoday/how-to-install-kali-linux-on-windows-using-wsl-windows-subsystem-linux-92019022ac57?source=rss------bug_bounty-5loyalonlytodaybug-bounty, penetration-testing, wsl-2, hacking, wsl14-Sep-2024
fisher: Cybertalents Cybersecurity Bootcamp Cohort 8https://medium.com/@bridget4/fisher-cybertalents-cybersecurity-bootcamp-cohort-8-cfb9aa6b7a6c?source=rss------bug_bounty-5Bridgetcareers, bug-bounty, cybersecurity, learning, cyber-talents14-Sep-2024
What is Prototype Pollution?https://systemweakness.com/what-is-prototype-pollution-4e2049f68fca?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, technology, careers, hacking, cybersecurity14-Sep-2024
How I Discovered a Major Security Flaw in Keltron’s Server Using Google Dorkinghttps://medium.com/@contact.adnanks/how-i-discovered-a-major-security-flaw-in-keltrons-server-using-google-dorking-e8a8c1dae09b?source=rss------bug_bounty-5Adnan K Shacking, bug-bounty, cybersecurity, ethical-hacking, bug-bounty-tips14-Sep-2024
How I Gained Access to a Corporate CCTV Surveillance System Using Shodanhttps://medium.com/@contact.adnanks/how-i-gained-access-to-a-corporate-cctv-surveillance-system-using-shodan-daac1fa3b37a?source=rss------bug_bounty-5Adnan K Sbug-bounty, surveillance, cctv, cybersecurity, hacking14-Sep-2024
How I Discovered a Critical Vulnerability and Took Over an Organization Using Burp Suitehttps://medium.com/@contact.adnanks/how-i-discovered-a-critical-vulnerability-and-took-over-an-organization-using-burp-suite-fb2d52adc944?source=rss------bug_bounty-5Adnan K Sresearch, bug-bounty-tips, cybersecurity, bug-bounty, ethical-hacking14-Sep-2024
Critical Data Breach Exposed: A Deep Dive into a Government Agency’s Security Flaw (Part 2)https://medium.com/@contact.adnanks/critical-data-breach-exposed-a-deep-dive-into-a-government-agencys-security-flaw-part-2-ba190920e945?source=rss------bug_bounty-5Adnan K Sbug-bounty, grafana, research-reports, cybersecurity, bug-bounty-tips14-Sep-2024
Let the Hunt Begin with Nuclei: The Secret Weapon of the Bug Bounty World!https://medium.com/@rootspaghetti/let-the-hunt-begin-with-nuclei-the-secret-weapon-of-the-bug-bounty-world-9b2491d3a9cb?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, hacking, bug-bounty14-Sep-2024
Mastering GraphQL API Pentesting: The Ultimate Resource Guidehttps://medium.com/@RaunakGupta1922/mastering-graphql-api-pentesting-the-ultimate-resource-guide-7755c08bddd2?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitvulnerability, cybersecurity, graphql, bug-bounty, hacking13-Sep-2024
Deleting a folder led to the deactivation of the company’s accounts.https://medium.com/@hossam_hamada/deleting-a-folder-led-to-the-deactivation-of-the-companys-accounts-3759b6b92927?source=rss------bug_bounty-5Hossam Hamadabug-bounty-tips, hackerone, bug-bounty, penetration-testing, bugcrowd13-Sep-2024
#2 ANOTHER EASY BUG- HTML INJECTIONhttps://medium.com/@josuofficial327/2-another-easy-bug-html-injection-0447a79b6c66?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty-hunter, bug-bounty, linux, vulnerability, cybersecurity13-Sep-2024
How Unguessable IDOR Worth me €1000 On Intigritihttps://medium.com/@manan_sanghvi/how-unguessable-idor-worth-me-1000-on-intigriti-7ab6f928b3d9?source=rss------bug_bounty-5Manan Sanghvibounty-program, bug-bounty, intigriti, idor, hacking13-Sep-2024
Logic Flaw: I Can Block You from Accessing Your Own Accounthttps://medium.com/@hashimamin/logic-flaw-i-can-block-you-from-accessing-your-own-account-63fc2a88bb72?source=rss------bug_bounty-5Hashim Aminbug-bounty-tips, bug-bounty, bugs, ethical-hacking, infosec13-Sep-2024
What is an Open Redirect Vulnerability? And How to Find Ithttps://systemweakness.com/what-is-an-open-redirect-vulnerability-and-how-to-find-it-7d94a3b9d0ef?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, technology, bug-bounty, hacking13-Sep-2024
Log4j Exploit Lab: Reverse Shell with JNDI Exploit Kithttps://medium.com/@josh.beck2006/log4j-exploit-lab-reverse-shell-with-jndi-exploit-kit-21f015204e29?source=rss------bug_bounty-5Josh Beckbug-bounty, cybersecurity, ctf13-Sep-2024
How to find and exploit bugsnag API Keyhttps://medium.com/@socalledhacker/how-to-find-and-exploit-bugsnag-api-key-312e0f216735?source=rss------bug_bounty-5socalledhackercybersecurity, bug-bounty, web-security, bug-bounty-tips, infosec13-Sep-2024
How to Write an Effective Bug Bounty Report: Tips, Structure, and Exampleshttps://infosecwriteups.com/how-to-write-an-effective-bug-bounty-report-tips-structure-and-examples-3248d81dd759?source=rss------bug_bounty-5Abhi Sharmabug-bounty, hacking, bug-bounty-tips, cybersecurity, infosec13-Sep-2024
Finding a easy p4 it can be worth 200$https://medium.com/@loyalonlytoday/finding-a-easy-p4-it-can-be-worth-200-10d6682f6923?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, bug-bounty, bugbounty-writeup, website-hacking, hacking13-Sep-2024
Subdomain Enumeration Part 2 (Manual & Automation)https://osintteam.blog/subdomain-enumeration-part-2-manual-automation-77a46d93e2ed?source=rss------bug_bounty-5Mr Abdullahethical-hacking, hacking, web-hacking, bug-bounty, bug-bounty-tips13-Sep-2024
Unleashing GitHub Dorks: The Ultimate Hack for Finding Hidden Secrets in Bug Bounties!https://enigma96.medium.com/unleashing-github-dorks-the-ultimate-hack-for-finding-hidden-secrets-in-bug-bounties-125b83fd9c93?source=rss------bug_bounty-5enigmagithub-dorking, penetration-testing, bug-bounty, hackin, bug-bounty-tips13-Sep-2024
Stored XSS via Image Uploadhttps://medium.com/@osamamohamed21212121/stored-xss-via-image-upload-b75edecf1e54?source=rss------bug_bounty-5Osamamohamedbug-bounty-tips, bugs, bug-bounty, bug-zero, bug-bounty-writeup13-Sep-2024
IDOR in Bug Bounty Programhttps://medium.com/@osamamohamed21212121/idor-in-bug-bounty-program-8fbbffe32f6e?source=rss------bug_bounty-5Osamamohamedbug-bounty, bugs, bug-bounty-writeup, bug-zero, bug-bounty-tips13-Sep-2024
Mastering Dirsearch: Finding Hidden Web Directorieshttps://medium.com/@bootstrapsecurity/mastering-dirsearch-finding-hidden-web-directories-f57327c06fed?source=rss------bug_bounty-5BootstrapSecurityethical-hacking, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-hunter12-Sep-2024
Computer Security: How Bureaucracies Ignore Unexploded Ordinancehttps://kf106.medium.com/computer-security-how-bureaucracies-ignore-unexploded-ordinance-319e8e931ad5?source=rss------bug_bounty-5Keir Finlow-Batesbureaucracy, bug-bounty, security, cybersecurity, hacker12-Sep-2024
The Secrets to Writing Threat Intelligence Reports That Actually Stop Cyber Attacks!https://medium.com/@paritoshblogs/the-secrets-to-writing-threat-intelligence-reports-that-actually-stop-cyber-attacks-330fd6fc37a5?source=rss------bug_bounty-5Paritoshai, hacking, threat-intelligence, bug-bounty, cybersecurity12-Sep-2024
Password Reset Flaws: Key Methods for Finding Vulnerabilitieshttps://medium.com/@dsmodi484/password-reset-flaws-key-methods-for-finding-vulnerabilities-eb843440e06c?source=rss------bug_bounty-5Dishant Modibug-bounty, vulnerability, bug-bounty-tips, account-takeover, testing12-Sep-2024
Leveraging GreyNoise for Enhanced Threat Detection and Intelligencehttps://medium.com/@ajaynaikhack/leveraging-greynoise-for-enhanced-threat-detection-and-intelligence-437aac815d38?source=rss------bug_bounty-5Ajay Naikrewards, vulnerability, cybersecurity, bug-bounty, threat-detection12-Sep-2024
Insecure Direct Object Reference (IDOR)https://medium.com/@security.tecno/insecure-direct-object-reference-idor-ffecf6cbc211?source=rss------bug_bounty-5TECNO Securitybug-bounty, security, research, hacking12-Sep-2024
Mastering IDOR: The Ultimate Resource Guidehttps://medium.com/@RaunakGupta1922/mastering-idor-the-ultimate-resource-guide-84e44052f70c?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitbug-bounty, hacking, cybersecurity, college, idor12-Sep-2024
[IDOR] View other users’ transaction detailshttps://rhidayah.medium.com/idor-view-other-users-transaction-details-73c0c80aada6?source=rss------bug_bounty-5Rohmad Hidayahbroken-access-control, idor, bug-bounty, idor-vulnerability, information-disclosure12-Sep-2024
Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOShttps://mikko-kenttala.medium.com/zero-click-calendar-invite-critical-zero-click-vulnerability-chain-in-macos-a7a434fc887b?source=rss------bug_bounty-5Mikko Kenttälävulnerability, macos, information-security, bug-bounty12-Sep-2024
Hide & Seek - Hidden Open Redirect | Bug Huntinghttps://mo9khu93r.medium.com/hide-seek-hidden-open-redirect-bug-hunting-88499f5e0e99?source=rss------bug_bounty-5mo9khu93rhacking, pentesting, bug-bounty, cybersecurity, kali-linux12-Sep-2024
Hydra for bruteforcinghttps://medium.com/@tharunteja725_8686/hydra-for-bruteforcing-3784a98bab6a?source=rss------bug_bounty-5Chidurala Tharun tejahacking, oscp, bug-bounty, bug-bounty-tips, cybersecurity12-Sep-2024
How an Open Redirect Vulnerability Got a Bug Bounty of $500https://cyberw1ng.medium.com/how-an-open-redirect-vulnerability-got-a-bug-bounty-of-500-13ece7a987d8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, technology, bug-bounty, careers, cybersecurity12-Sep-2024
My first Account-take-overhttps://medium.com/@osamamohamed21212121/my-first-account-take-over-f6590c4a3a54?source=rss------bug_bounty-5Osamamohamedbugs, bug-bounty, bug-zero, bug-bounty-writeup, bug-bounty-tips12-Sep-2024
My journey to find CSRF (Cross-Site Request Forgery )https://medium.com/@osamamohamed21212121/my-journey-to-find-csrf-cross-site-request-forgery-ddf1e1bd579d?source=rss------bug_bounty-5Osamamohamedbug-bounty-writeup, bug-bounty-tips, bug-bounty, bugs, bug-zero12-Sep-2024
Stored XSS via File upload(using .svg file Extension )https://ch4ndan.medium.com/stored-xss-via-file-upload-using-svg-file-extension-515e23536d4d?source=rss------bug_bounty-5Ch4ndan dascybersecurity, xss-attack, bug-bounty, bugs, bug-bounty-tips12-Sep-2024
My first XSS: Reflected XSShttps://medium.com/@osamamohamed21212121/my-first-xss-reflected-xss-0949992b94ab?source=rss------bug_bounty-5Osamamohamedbugs, bug-bounty-tips, bug-bounty, bug-zero, bug-bounty-writeup12-Sep-2024
Hack Google Like a Pro: Automate Google Dorks with Bash for Bug Bounties!https://enigma96.medium.com/hack-google-like-a-pro-automate-google-dorks-with-bash-for-bug-bounties-7611818a4bf0?source=rss------bug_bounty-5enigmahacker, bug-bounty, pentesting, bug-bounty-tips, dorks12-Sep-2024
How to learn Game Hacking in 6 minutes | Part 1https://medium.com/@deadoverflow/how-to-learn-game-hacking-in-10-minutes-part-1-19991004fd99?source=rss------bug_bounty-5Imad Husanovicgames, hacking, bug-bounty-tips, bug-bounty, cybersecurity12-Sep-2024
How to learn Game Hacking in 6 minutes | Part 1https://systemweakness.com/how-to-learn-game-hacking-in-10-minutes-part-1-19991004fd99?source=rss------bug_bounty-5Imad Husanovicgames, hacking, bug-bounty-tips, bug-bounty, cybersecurity12-Sep-2024
Introduction to Bug Bounty Huntinghttps://medium.com/@kanishkar22052004/introduction-to-bug-bounty-hunting-183f133c7d0d?source=rss------bug_bounty-5Kanishkarbug-bounty, ethical-hacking, cybersecurity11-Sep-2024
Understanding the OWASP Top 10 in 2024https://bootstrapsecurity.medium.com/understanding-the-owasp-top-10-in-2024-245b600737f9?source=rss------bug_bounty-5BootstrapSecuritybug-bounty-tips, bug-bounty, ethical-hacking, cybersecurity, infosec-write-ups11-Sep-2024
Understanding the OWASP Top 10 in 2024https://medium.com/@bootstrapsecurity/understanding-the-owasp-top-10-in-2024-245b600737f9?source=rss------bug_bounty-5BootstrapSecuritybug-bounty-tips, bug-bounty, ethical-hacking, cybersecurity, infosec-write-ups11-Sep-2024
HTB Academy: Information Gathering — Web Edition (Updated).https://medium.com/@mazalwebdesign/htb-academy-information-gathering-web-edition-updated-50058fdec55e?source=rss------bug_bounty-5maz4lhtb-walkthrough, htb-writeup, penetration-testing, bug-bounty, ethical-hacking11-Sep-2024
API Bug Bounty Hunting: Reconnaissance and Reverse Engineering an APIhttps://towardsdev.com/api-bug-bounty-hunting-reconnaissance-and-reverse-engineering-an-api-1d61f82b5d72?source=rss------bug_bounty-5Adithyakrishna Vcybersecurity, bug-bounty, hacking, api11-Sep-2024
NGINX HTTP/3 QUIC Module Vulnerability -CVE-2024–35200https://infosecwriteups.com/nginx-http-3-quic-module-vulnerability-cve-2024-35200-e2f6aaea2a68?source=rss------bug_bounty-5Ajay Naikbug-bounty, security, cve, vulnerability, rewards11-Sep-2024
BIG-IP HSB vulnerability CVE-2024–39778https://medium.com/@ajaynaikhack/big-ip-hsb-vulnerability-cve-2024-39778-9fd33cc4d5e5?source=rss------bug_bounty-5Ajay Naikrewards-and-recognition, vulnerability, bug-bounty, security11-Sep-2024
Why Django’s [DEBUG=True] is a Goldmine for Hackershttps://medium.com/@verylazytech/why-djangos-debug-true-is-a-goldmine-for-hackers-01486289607d?source=rss------bug_bounty-5Very Lazy Techhacking, cybersecurity, django, bug-bounty, misconfiguration11-Sep-2024
Best Bug Bounty and Pentesting Methodology for Beginners(Step By Step)https://medium.com/@shaikhminhaz1975/best-bug-bounty-and-pentesting-methodology-for-beginners-step-by-step-b6167128156a?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, methodology, penetration-testing, bug-bounty, ethical-hacking11-Sep-2024
MY First Bug Hunt: A Beginner’s Guide to Cybersecurity with Google Dorkshttps://medium.com/@KpCyberInfo/my-first-bug-hunt-a-beginners-guide-to-cybersecurity-with-google-dorks-b62a28214d38?source=rss------bug_bounty-5Krunal Patelbug-bounty, cybersecurity, google-dork, beginner, security11-Sep-2024
How Finding an SQL Injection Vulnerability Earned a $1000 Bug Bountyhttps://systemweakness.com/how-finding-an-sql-injection-vulnerability-earned-a-1000-bug-bounty-af2ee0b62f6c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, technology, bug-bounty, hacking11-Sep-2024
Interesting Story of an Account Takeover Vulnerabilityhttps://medium.com/@deepanshudev369/interesting-story-of-an-account-takeover-vulnerability-140a45a058a3?source=rss------bug_bounty-5Deepanshu(golu369)cybersecurity, ethical-hacking, vulnerability-assessment, bug-bounty, research11-Sep-2024
P4 bug’s and their POC steps | Part 2https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-2-17b6583c57d9?source=rss------bug_bounty-5socalledhackerweb-security, hacking, bug-bounty-tips, vulnerability, bug-bounty11-Sep-2024
Pemburuan Hacker Penpie: Menyediakan Hingga 10% dari Dana yang Dikembalikan sebagai Hadiahhttps://blog.penpiexyz.io/pemburuan-hacker-penpie-menyediakan-hingga-10-dari-dana-yang-dikembalikan-sebagai-hadiah-6e81cc0f610b?source=rss------bug_bounty-50xJultoshidefi, bahasa, bug-bounty, investasi, crypto11-Sep-2024
Primary Hacking School #1 Installing Kalihttps://medium.com/@nnface/primary-hacking-school-1-installing-kali-a3e249c41730?source=rss------bug_bounty-5NnFacebug-bounty, cybersecurity, hacking, linux, kali-linux11-Sep-2024
How I Stole a Player Spot with Simple XSShttps://medium.com/@ali_guell/how-i-stole-a-player-spot-with-simple-xss-6a8fa2776a84?source=rss------bug_bounty-5black_wheatearwriteup, bug-bounty, hacking, web-development, cybersecurity11-Sep-2024
Securing Your Applications Against CSRF Attacks: Best Practices for Cybersecurity Expertshttps://medium.com/@kpishear/securing-your-applications-against-csrf-attacks-best-practices-for-cybersecurity-experts-4e572b9fc032?source=rss------bug_bounty-5kpishearbug-bounty, tech, cybersecurity, trading, technology10-Sep-2024
Free Bug Bounty Course For Beginners ️https://medium.com/@amanktec12/free-bug-bounty-course-for-beginners-%EF%B8%8F-f126b9907c96?source=rss------bug_bounty-5Cyberxealfree-bug-hunting-course, free, course, bug-bounty, bug-hunting10-Sep-2024
Would you mind to tell me what your bank balance is? No? Okay, I’ll hack it.https://infosecwriteups.com/would-you-mind-to-tell-me-what-your-bank-balance-is-no-okay-ill-hack-it-b3f49810cfe2?source=rss------bug_bounty-5Manav Bankatwalabank-hack, cybersecurity, information-security, idor, bug-bounty10-Sep-2024
My first Hall of Fame (HoF) | Bug Bounty Journey.https://rivudon.medium.com/my-first-hall-of-fame-hof-bug-bounty-journey-59a56b1e96c2?source=rss------bug_bounty-5Rivek Raj Tamang ( RivuDon )bug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips, infosec-writeup10-Sep-2024
The “Who Needs Secure Attachments Anyway?” Sagahttps://medium.com/@shobitsharma/the-who-needs-secure-attachments-anyway-saga-6026dc61a371?source=rss------bug_bounty-5Shobit Sharmabug-bounty, cybersecurity, bug-bounty-tips, infosec-write-ups, bug-bounty-writeup10-Sep-2024
How Hackers Can Steal Your Data in 15 Secondshttps://medium.com/@kerstan/how-hackers-can-steal-your-data-in-15-seconds-798bbed9cbac?source=rss------bug_bounty-5kerstanhacking, cybersecurity, bug-bounty10-Sep-2024
Basic Challenge Level 11https://aftab700.medium.com/basic-challenge-level-11-eaa689246c31?source=rss------bug_bounty-5Aftab Samactf, cybersecurity, information-security, bug-bounty, ethical-hacking10-Sep-2024
Basic Challenge Level 10https://aftab700.medium.com/basic-challenge-level-10-afaac3919778?source=rss------bug_bounty-5Aftab Samacybersecurity, bug-bounty, ctf-writeup, ctf, information-security10-Sep-2024
Basic Challenge Level 9https://aftab700.medium.com/basic-challenge-level-9-588ab110cc2d?source=rss------bug_bounty-5Aftab Samactf-writeup, ctf, bug-bounty, information-security, cybersecurity10-Sep-2024
OWASP top 10 A09:Security Logging and Monitoring failureshttps://medium.com/@shivamsharma.ss484/owasp-top-10-a09-security-logging-and-monitoring-failures-e2f4bdc50fbe?source=rss------bug_bounty-5Shivamsharmaowasp, hacking, cybersecurity, owasp-top-10, bug-bounty10-Sep-2024
‘find’ command for Reconhttps://medium.com/@DatBoyBlu3/find-command-for-recon-4f3cf296c5d5?source=rss------bug_bounty-5Daniel Edwardscybersecurity, linux, bug-bounty, unix, penetration-testing10-Sep-2024
Top Reconnaissance Tools for Ethical Security Testinghttps://medium.com/@ajaynaikhack/top-reconnaissance-tools-for-ethical-security-testing-2b4088106b81?source=rss------bug_bounty-5Ajay Naikreconnaissance, ethical-hacking, bug-bounty, rewards, vulnerability10-Sep-2024
Introducing FavFreak: Unlock the Power of Favicon Hashing for Bug Bounty Huntinghttps://medium.com/@unreal_umber_hyena_37/introducing-favfreak-unlock-the-power-of-favicon-hashing-for-bug-bounty-hunting-0361dbb629c3?source=rss------bug_bounty-5Cyber Sentinel Xsecurity, cybersecurity, penetration-testing, bug-bounty, ethical-hacking10-Sep-2024
How I got RCE on an Indian university without admin credentials Tale of directory listing, SQL…https://medium.com/@alimuhammadsecured/how-i-got-rce-on-an-indian-university-without-admin-credentials-tale-of-directory-listing-sql-1f77e2933011?source=rss------bug_bounty-5Alimuhammadsecuredbug-bounty, bug-bounty-writeup, ctf, rce, hacking10-Sep-2024
TryHackMe | Simple CTF | Walkthrough | By HexaHunterhttps://hexahunter.medium.com/tryhackme-simple-ctf-walkthrough-by-hexahunter-b9457e4d7d16?source=rss------bug_bounty-5Momal Nazweb-security, penetration-testing, tryhackme-walkthrough, ctf-writeup, bug-bounty09-Sep-2024
Mastering Reconnaissance with Nmap: Unveiling Your Target’s Secretshttps://infosecwriteups.com/mastering-reconnaissance-with-nmap-unveiling-your-targets-secrets-ec940d05a140?source=rss------bug_bounty-5Ajay Naikcybersecurity, information-security, nmap, bug-bounty, infosec-write-ups09-Sep-2024
Self-XSS to ATO via Quick Login featurehttps://thecatfather.medium.com/self-xss-to-ato-via-quick-login-feature-532df12d1c08?source=rss------bug_bounty-5The CatFatherbug-bounty-writeup, bug-bounty, bug-bounty-tips09-Sep-2024
Exploiting Firestore Database Rules: A Pathway to Data Breacheshttps://medium.com/@S3THU/exploiting-firestore-database-rules-a-pathway-to-data-breaches-aa945476cc16?source=rss------bug_bounty-5Sethu Satheeshfirebase, hacking, cybersecurity, bug-bounty, pentesting09-Sep-2024
Google Dorks for Bug Bounty Part 3: Exposing Hidden Admin Panels & Login Portalshttps://enigma96.medium.com/google-dorks-for-bug-bounty-part-3-exposing-hidden-admin-panels-login-portals-52b600e3f10b?source=rss------bug_bounty-5enigmabug-bounty, bug-bounty-tips, pentesting, hacking, penetration-testing09-Sep-2024
2nd Order SQL Injectionhttps://medium.com/@bountyget/2nd-order-sql-injection-e2ac60e792a4?source=rss------bug_bounty-5Dhiren Kumar Pradhanbug-bounty-tips, sql-injection, cybersecurity, penetration-testing, bug-bounty09-Sep-2024
{إِنَّ اللَّهَ وَمَلائِكَتَهُ يُصَلُّونَ عَلَى النَّبِيِّ يَا أَيُّهَا الَّذِينَ آمَنُوا صَلُّوا…https://medium.com/@mahdisalhi0500/%D8%A5%D9%90%D9%86%D9%8E%D9%91-%D8%A7%D9%84%D9%84%D9%8E%D9%91%D9%87%D9%8E-%D9%88%D9%8E%D9%85%D9%8E%D9%84%D8%A7%D8%A6%D9%90%D9%83%D9%8E%D8%AA%D9%8E%D9%87%D9%8F-%D9%8A%D9%8F%D8%B5%D9%8E%D9%84%D9%8F%D9%91%D9%88%D9%86%D9%8E-%D8%B9%D9%8E%D9%84%D9%8E%D9%89-%D8%A7%D9%84%D9%86%D9%8E%D9%91%D8%A8%D9%90%D9%8A%D9%90%D9%91-%D9%8A%D9%8E%D8%A7-%D8%A3%D9%8E%D9%8A%D9%8F%D9%91%D9%87%D9%8E%D8%A7-%D8%A7%D9%84%D9%8E%D9%91%D8%B0%D9%90%D9%8A%D9%86%D9%8E-%D8%A2%D9%85%D9%8E%D9%86%D9%8F%D9%88%D8%A7-%D8%B5%D9%8E%D9%84%D9%8F%D9%91%D9%88%D8%A7-4cdb13f5ff52?source=rss------bug_bounty-5CaptinSHArky(Mahdi)hacking, information-security, ethical-hacking, bug-bounty, information-technology09-Sep-2024
SQL Injection Attack, Listing the Database Contents on Non-Oracle Databaseshttps://medium.com/@marduk.i.am/sql-injection-attack-listing-the-database-contents-on-non-oracle-databases-825485566585?source=rss------bug_bounty-5Marduk I Ambug-bounty, portswigger-lab, sqli, information-security, sql-injection09-Sep-2024
Hunting for Hidden API Endpoints Using Katana and Hakralerhttps://anasbetis023.medium.com/hunting-for-hidden-api-endpoints-using-katana-and-hakraler-ba0bd6b9611f?source=rss------bug_bounty-5Anas H Hmaidybug-bounty, penetration-testing, bug-bounty-tips, cybersecurity09-Sep-2024
Optimal Ethical Hacker Setup for Penetration Testinghttps://infosecwriteups.com/optimal-ethical-hacker-setup-for-penetration-testing-4847a8afbe45?source=rss------bug_bounty-5Ajay Naiksecurity, bug-bounty, vulnerability, desktop09-Sep-2024
Unveiling Hidden Threats: Advanced Recon Techniques and the Path to Automationhttps://medium.com/@rootspaghetti/unveiling-hidden-threats-advanced-recon-techniques-and-the-path-to-automation-4c1b3dd885a3?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, bug-bounty, hacking09-Sep-2024
P4 bug’s and their POC steps | Part 1https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-1-1cef0152d1a5?source=rss------bug_bounty-5socalledhackervulnerability, p4-bugs, hacking, web-app-security, bug-bounty09-Sep-2024
How HTTP Request Smuggling Vulnerability Gets You a $750 Bug Bountyhttps://cyberw1ng.medium.com/how-http-request-smuggling-vulnerability-gets-you-a-750-bug-bounty-3dfe9063fd8d?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, cybersecurity, technology09-Sep-2024
Introducing CorScan: A Comprehensive Tool for CORS Vulnerability Detectionhttps://angixblack.medium.com/introducing-corscan-a-comprehensive-tool-for-cors-vulnerability-detection-4ce83be6870e?source=rss------bug_bounty-5Angix blackpenetration-testing, bug-bounty, cors, bugbounty-automation, corscan09-Sep-2024
Lap 1: JWT authentication bypass via unverified signaturehttps://abdelrahmansalaheldeen.medium.com/lap-1-jwt-authentication-bypass-via-unverified-signature-8e450a7b2f59?source=rss------bug_bounty-5Abdelrahman Salaheldeencybersecurity, web-application-security, web-app-pentesting, jwt, bug-bounty08-Sep-2024
The Only Oscp Tip You Needhttps://medium.com/@issam.qsous/the-only-oscp-tip-you-need-cfac65948f68?source=rss------bug_bounty-5Essam Qsousoscp, bug-bounty, cybersecurity, pentesting, hacking08-Sep-2024
JSON Web Token attacks (JWT)https://abdelrahmansalaheldeen.medium.com/json-web-token-attacks-jwt-c082d76f3e4c?source=rss------bug_bounty-5Abdelrahman Salaheldeenjwt, web-penetration-testing, web-application-security, bug-bounty, cybersecurity08-Sep-2024
0-Click Mass Account Takeover via Password Reset Functionalityhttps://0d-samii.medium.com/0-click-mass-account-takeover-via-password-reset-functionality-68cdf27e028d?source=rss------bug_bounty-50d_samiibugs, bug-bounty-tips, bug-bounty, cybersecurity08-Sep-2024
How To Stay Ahead of 99% of Bug Bounty Huntershttps://bevijaygupta.medium.com/how-to-stay-ahead-of-99-of-bug-bounty-hunters-d77030705ed5?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bugs, hackthebox, bug-bounty, bounty-hunter08-Sep-2024
Discovering a Stored XSS Vulnerability on a Bug Bounty Programhttps://anmolvishwakarma7466.medium.com/discovering-a-stored-xss-vulnerability-on-a-bug-bounty-program-8dad1b475695?source=rss------bug_bounty-5Anmolvishwakarmaxss-attack, appsec, bug-bounty-tips, bug-bounty, bug-bounty-writeup08-Sep-2024
Found Bugs, Got Paid, Stayed Poor: Making a Living with Bug Bountieshttps://bevijaygupta.medium.com/found-bugs-got-paid-stayed-poor-making-a-living-with-bug-bounties-a30355564d32?source=rss------bug_bounty-5Vijay Guptamoney-making-ideas, bug-bounty-tips, bug-bounty, money-management, bugs08-Sep-2024
Nmap: The Best Network Scanning Utility for Security Experthttps://medium.com/@mohanmecktro/nmap-the-best-network-scanning-utility-for-security-expert-ea7a6fd01efb?source=rss------bug_bounty-5Mohan Mecktrobug-bounty-hunter, penetration-testing, bug-bounty, nmap, kali-linux-tools08-Sep-2024
How I Become Google HOFhttps://medium.com/@lijoparappur/how-i-become-google-hof-ef697b8b5963?source=rss------bug_bounty-5Lijoparappurbug-bounty, google-hacking08-Sep-2024
How i found xss in goverment website with one tools.https://medium.com/@sulthanyluthfi/how-i-found-xss-in-goverment-website-with-one-tools-5dd5d431ed03?source=rss------bug_bounty-5Luthfi Sulthanyxss-attack, bug-bounty, linux, penetration-testing, cybersecurity08-Sep-2024
Day 30of 30 Day — 30 Vulnerabilities | Cross-Site Request Forgery (CSRF)https://medium.com/@kumawatabhijeet2002/day-30of-30-day-30-vulnerabilities-cross-site-request-forgery-csrf-062ff53c5efd?source=rss------bug_bounty-5Abhijeet kumawat30dayswritingchallenge, bug-bounty, bug-bounty-tips, csrf08-Sep-2024
My recon methodology for hunting CVE-2021–42063 led to discovering an RXSS vulnerability in the…https://medium.com/@karthithehacker/my-recon-methodology-for-hunting-cve-2021-42063-led-to-discovering-an-rxss-vulnerability-in-the-27a7aa435fd3?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, infosec, bugbounty-writeup, ethical-hacking, cybersecurity08-Sep-2024
The Weak Link in Two-Factor Authentication: Exploiting Reusable OTPshttps://medium.com/@tusharpuri6/the-weak-link-in-two-factor-authentication-exploiting-reusable-otps-ed30bd8bf4da?source=rss------bug_bounty-5Tusharpurioffensive-security, bug-bounty, penetration-testing, vulnerability, application-security08-Sep-2024
OWASP top 10 A08:Software and Data Integrity Failureshttps://medium.com/@shivamsharma.ss484/owasp-top-10-a08-software-and-data-integrity-failures-bd41b5f9db2c?source=rss------bug_bounty-5Shivamsharmaowasp-top-10, bug-bounty, cybersecurity, hacking, owasp08-Sep-2024
Post-Exploitation Techniques: What Happens After a Hack?https://cyberw1ng.medium.com/post-exploitation-techniques-what-happens-after-a-hack-961ddc068fb6?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, technology, hacking, cybersecurity, careers08-Sep-2024
Post-Exploitation Techniques: What Happens After a Hack?https://systemweakness.com/post-exploitation-techniques-what-happens-after-a-hack-961ddc068fb6?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, technology, hacking, cybersecurity, careers08-Sep-2024
Bug Bounty Road ️ Map ️https://osintteam.blog/bug-bounty-road-%EF%B8%8F-map-%EF%B8%8F-b42c14750a6a?source=rss------bug_bounty-5Mr Abdullahbug-bounty-roadmap, bug-bounty, bug-bounty-writeup, ethical-hacking, cybersecurity07-Sep-2024
Users without roles are able to find out whether the “Invite other people” feature on a Pinterest…https://rhidayah.medium.com/users-without-roles-are-able-to-find-out-whether-the-invite-other-people-feature-on-a-pinterest-b1cf86305337?source=rss------bug_bounty-5Rohmad Hidayahpinterest, bug-bounty, privacy, business-logic-flaw07-Sep-2024
Exploiting the Silent Threat: Time-Based Blind SQL Injection via the Object_ID Parameterhttps://harshit3.medium.com/exploring-time-based-blind-sql-injection-vulnerability-via-the-object-id-parameter-7cd377c6e00d?source=rss------bug_bounty-5Harshitowasp, vulnerability, cybersecurity, bug-bounty, information-security07-Sep-2024
Account takeover through no rate limitshttps://rhidayah.medium.com/account-takeover-through-no-rate-limits-3d7a82a69779?source=rss------bug_bounty-5Rohmad Hidayahaccount-takeover, no-rate-limit, bug-bounty, broken-authentication07-Sep-2024
The Rise of AI in Cybersecurity: Opportunities and Threatshttps://bootstrapsecurity.medium.com/the-rise-of-ai-in-cybersecurity-opportunities-and-threats-531b42f9bef9?source=rss------bug_bounty-5BootstrapSecuritybug-bounty-tips, bug-bounty, cybersecurity, ethical-hacking, ai-in-cybersecurity07-Sep-2024
how i finded a google map it’s worths 300$https://systemweakness.com/how-i-finded-a-google-map-its-worths-300-9fe5fe32e6de?source=rss------bug_bounty-5loyalonlytodaybugs, penetration-testing, hacking, bug-bounty, bug-bounty-tips07-Sep-2024
Subdomain Takeover : The Hacker’s Jackpot (And How You Can Hit It Too!)https://medium.com/@Kaizen2977/subdomain-takeover-the-hackers-jackpot-and-how-you-can-hit-it-too-76d49b916bc1?source=rss------bug_bounty-5Kapil Chotaliabug-bounty, subdomain-takeover, subdomains-enumeration, hacking, penetration-testing07-Sep-2024
Users without roles are able to find out whether the “Invite other people” feature on a Pinterest…https://rhidayah.medium.com/users-without-roles-are-able-to-find-out-whether-the-invite-other-people-feature-on-a-pinterest-b1cf86305337?source=rss------bug_bounty-5Rohmad Hidayahpinterest, bug-bounty, privacy, bugcrowd, business-logic-flaw07-Sep-2024
Day 29 of 30 Day — 30 Vulnerabilities | Remote Code Execution (RCE)https://medium.com/@kumawatabhijeet2002/day-29-of-30-day-30-vulnerabilities-remote-code-execution-rce-eb3f8f7ccf62?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, rce, bug-bounty, 30dayswritingchallenge, remote-code-execution07-Sep-2024
Vulnerability Scannerhttps://medium.com/@hydra_/vulnerability-scanner-1ad628218979?source=rss------bug_bounty-5hydrabug-bounty, vulnerability-scanner, infosec07-Sep-2024
Understanding window.postMessage() and Its XSS Riskshttps://medium.com/@spideyyy/understanding-window-postmessage-and-its-xss-risks-5a96bcd90428?source=rss------bug_bounty-5spideycybersecurity, bug-bounty, web-security, hacking, xss-attack07-Sep-2024
Find Your First 5 Bug Bounties in Easy Wayshttps://infosecwriteups.com/find-your-first-5-bug-bounties-in-easy-ways-3aaca5c57a2d?source=rss------bug_bounty-5Subh Dhunganahackerone, infosec, cybersecurity, bug-bounty, hacking07-Sep-2024
My recon methodology for hunting CVE-2021–42063 led to discovering an RXSS vulnerability in the…https://medium.com/@karthithehacker/my-recon-methodology-for-hunting-cve-2021-42063-led-to-discovering-an-rxss-vulnerability-in-the-80bd4ca0f623?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, infosec, cybersecurity07-Sep-2024
Hunting in the Cyber World: Effective Recon Strategies for a Successful Bug Bountyhttps://medium.com/@rootspaghetti/hunting-in-the-cyber-world-effective-recon-strategies-for-a-successful-bug-bounty-8ec5f27bd9ae?source=rss------bug_bounty-5Root@Spaghettibug-bounty, cybersecurity, hacking, bug-bounty-tips07-Sep-2024
850$ IDOR:Unauthorized Session Revokation of any userhttps://infosecwriteups.com/850-idor-unauthorized-session-revokation-of-any-user-93f9cb92fdfe?source=rss------bug_bounty-5Abhi Sharmacybersecurity, infosec, idor, bug-bounty, programming07-Sep-2024
Google Dorks Secrets: Discover Hidden Endpoints & Parameters with Google Dorkshttps://enigma96.medium.com/google-dorks-secrets-discover-hidden-endpoints-parameters-with-google-dorks-7c3bb3257ef9?source=rss------bug_bounty-5enigmaweb-security-testing, hacking, bug-bounty-tips, bug-bounty, penetration-testing07-Sep-2024
cyberExploring Client-Side Desync: Understanding the Risk and Mitigating the Threathttps://cyberw1ng.medium.com/cyberexploring-client-side-desync-understanding-the-risk-and-mitigating-the-threat-b375dec78f21?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, technology, cybersecurity, careers07-Sep-2024
Day 28 of 30 Day — 30 Vulnerabilities | DOM-based XSShttps://medium.com/@kumawatabhijeet2002/day-28-of-30-day-30-vulnerabilities-dom-based-xss-e7bfadc56b2f?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, 30dayswritingchallenge, bug-bounty-tips, dom-based-xss06-Sep-2024
Bounty Hunter’s Handbook: Practical Tips for Bug Huntinghttps://medium.com/@security.tecno/bounty-hunters-handbook-practical-tips-for-bug-hunting-b3a8b03d1101?source=rss------bug_bounty-5TECNO Securityhacking, hunting, tips, bug-bounty06-Sep-2024
[$12000] 3 Critical 0-click TikTok Account Takeover Vulnerabilities, 2FA bypass & more security…https://vojtechcekal.medium.com/12000-3-critical-0-click-tiktok-account-takeover-vulnerabilities-2fa-bypass-more-security-78554827cfc3?source=rss------bug_bounty-5Vojtech Cekalvulnerability, bug-bounty-writeup, bug-bounty-tips, cybersecurity, bug-bounty06-Sep-2024
OAuth Based CSRF: Exploiting The Flaw In Implementation Of State Parameterhttps://medium.com/@cyberpro151/oaauth-based-csrf-exploiting-the-flaw-in-implementation-of-state-parameter-36bfae68aa65?source=rss------bug_bounty-5cyberpro151bug-bounty, cybersecurity, appsec, hacking, pentest06-Sep-2024
Google Map API Key Exposure $$$ | Just 2 Minutes | Don’t Miss Your Bountyhttps://dkcyberz.medium.com/google-map-api-key-exposure-just-2-minutes-dont-miss-your-bounty-380eac7b9dd9?source=rss------bug_bounty-5Harpy Hunterbug-bounty-tips, bugbounty-writeup, google-map-api, bug-bounty, owasp-top-1006-Sep-2024
Google Dork Mastery Part 1 : Finding Hidden Critical Files with Google Dorks Like a Prohttps://enigma96.medium.com/google-dork-mastery-part-1-finding-hidden-critical-files-with-google-dorks-like-a-pro-d28ad159e9ae?source=rss------bug_bounty-5enigmapenetration-testing, hacking, bug-bounty-tips, web-security, bug-bounty06-Sep-2024
Master Mobile Traffic Hacking: Intercept Android App Data with Burp Suitehttps://medium.com/@WillFromSwiss/master-mobile-traffic-hacking-intercept-android-app-data-with-burp-suite-9278163310ad?source=rss------bug_bounty-5WillFromSwisscybersecurity, application-security, hacking, android, bug-bounty06-Sep-2024
As Luck Would Have It — tales of good fortune in bug bountyhttps://medium.com/@l_s_/as-luck-would-have-it-tales-of-good-fortune-in-bug-bounty-9c56d31b3ef5?source=rss------bug_bounty-5LSinfosec, information-security, bug-bounty-writeup, hacking, bug-bounty06-Sep-2024
How I Explored Further and Chained HTTP Request Smuggling with Other Vulnerabilitieshttps://cyberw1ng.medium.com/how-i-explored-further-and-chained-http-request-smuggling-with-other-vulnerabilities-cfb974e1e8aa?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, technology, hacking, bug-bounty, cybersecurity06-Sep-2024
How 100% Manual Hacking (Without Even Kali And Burp) Led To 2 Medium Vulnerabilities On YesWeHackhttps://medium.com/@manan_sanghvi/how-100-manual-hacking-without-even-kali-and-burp-led-to-2-medium-vulnerabilities-on-yeswehack-bbda00fcd84e?source=rss------bug_bounty-5Manan Sanghvivulnerability, bug-bounty, xss-attack, cybersecurity, ethical-hacking05-Sep-2024
Day 27 of 30 Day — 30 Vulnerabilities | Server-Side Template Injection (SSTI)https://medium.com/@kumawatabhijeet2002/day-27-of-30-day-30-vulnerabilities-server-side-template-injection-ssti-f12c851d7e08?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, server-side-technology, 30dayswritingchallenge, ssti, bug-bounty-tips05-Sep-2024
Exploiting Salesforce Lightning Permissions Issueshttps://medium.com/@theodorejackson.us/exploiting-salesforce-lightning-permissions-issues-5c04f202c887?source=rss------bug_bounty-5Ted Jacksonpentesting, bug-bounty, security, salesforce, cybersecurity05-Sep-2024
RCE Exploits Explained: Techniques & Tools in 2024https://bootstrapsecurity.medium.com/rce-exploits-explained-techniques-tools-in-2024-79dbbbc67ba6?source=rss------bug_bounty-5BootstrapSecurityethical-hacking, vulnerability-assessment, cybersecurity, bug-bounty-tips, bug-bounty05-Sep-2024
What is WAF? & Secret Techniques to Bypass Ithttps://medium.com/huntersec-security/what-is-waf-secret-techniques-to-bypass-it-2a4de4768131?source=rss------bug_bounty-5Ajay Naikbug-bounty, firewall-security, infosec05-Sep-2024
SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuffhttps://medium.com/@ali.zamini/ssti-in-bug-bounty-program-the-time-i-played-with-handlebars-and-broke-stuff-7dc1f9834a3d?source=rss------bug_bounty-5Ali Zaminibug-hunting, bug-bounty, hacking, web-app-pentesting, ssti05-Sep-2024
Blocking Users from Registrationhttps://medium.com/@patidarbhuwan44/blocking-users-from-registration-e3a584f25e4b?source=rss------bug_bounty-5Bhuwan Patidarbug-bounty, hacking, bug-bounty-tips, web, cybersecurity05-Sep-2024
Uncover Hidden Subdomains with Sublist3r and curl: Boost Your Bug Hunting Successhttps://enigma96.medium.com/uncover-hidden-subdomains-with-sublist3r-and-curl-boost-your-bug-hunting-success-a80b180a9377?source=rss------bug_bounty-5enigmabug-bounty, bug-bounty-tips, penetration-testing, hacking, web-security05-Sep-2024
Find SSRF , LFI , XSS using httpx , waybackurls , gf , gau , qsreplacehttps://medium.com/@SatyamPathania/find-ssrf-lfi-xss-using-httpx-waybackurls-gf-gau-qsreplace-96c4794e404c?source=rss------bug_bounty-5Satyam Pathaniaearn-money-online, cybersecurity, bug-bounty, hacking, money05-Sep-2024
Cybersecurity 101 : Subdomain Scanner ทำงานยังไง ?https://medium.com/@nengapi/cybersecurity-101-subdomain-scanner-%E0%B8%97%E0%B8%B3%E0%B8%87%E0%B8%B2%E0%B8%99%E0%B8%A2%E0%B8%B1%E0%B8%87%E0%B9%84%E0%B8%87-04c9993620ed?source=rss------bug_bounty-5Neng Apichetsubdomain, bug-bounty, subdomain-enumeration, cybersecurity05-Sep-2024
Practical Bug Bounty — TCM Academy | Automated Toolshttps://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-automated-tools-ed177aab16f6?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamiweb-penetration-testing, bug-bounty, penetration-testing, ethical-hacking, cybersecurity05-Sep-2024
Dependency Confusion: A Namespace Takeover Storyhttps://medium.com/@sakshirathore3478/dependency-confusion-a-namespace-takeover-story-fa334533bd50?source=rss------bug_bounty-5Sakshi Rathorebug-bounty-tips, webapplicationpentest, bug-bounty, cybersecurity, bug-bounty-hunter05-Sep-2024
Reflected XSS | US Department of Education Recognitionhttps://codingninjablogs.tech/reflected-xss-us-department-of-education-recognition-270ec27e7f5f?source=rss------bug_bounty-5#$ubh@nk@rvulnerability, bug-bounty, cybersecurity, infosec, hacking05-Sep-2024
My first Bug : Uncovering a Reflected XSS with a Simple Payloadhttps://medium.com/@firdansp/my-first-bug-uncovering-a-reflected-xss-with-a-simple-payload-270b5e3742bb?source=rss------bug_bounty-5Firda Nureliaxs, bug-bounty, bug-bounty-tips, xss-vulnerability, writeup05-Sep-2024
How I Discovered an HTTP Request Smuggling Vulnerability in a Major Web Consolehttps://cyberw1ng.medium.com/how-i-discovered-an-http-request-smuggling-vulnerability-in-a-major-web-console-5188b2b4c539?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, technology, bug-bounty, cybersecurity05-Sep-2024
Hidden Reflected XSS on 403 Page.https://medium.com/@Hacker_Yogi/hidden-reflected-xss-on-403-page-0cbb46683138?source=rss------bug_bounty-5Ruben (Hacker_Yogi)pentesting, bug-bounty-tips, information-security, xss-attack, bug-bounty05-Sep-2024
Broken Authentication Leads to the Ability to Unsubscribe Other Users' Payment Remindershttps://medium.com/@blackarazi/broken-authentication-leads-to-the-ability-to-unsubscribe-other-users-payment-reminders-0fdb1a63edec?source=rss------bug_bounty-5Azhari Harahapbug-bounty, broken-authentication, api-security, application-security, bug-bounty-writeup04-Sep-2024
Ultimate FFUF Cheatsheet: Advanced Fuzzing Tactics for Pro Bug Hunters!https://medium.com/h7w/ultimate-ffuf-cheatsheet-advanced-fuzzing-tactics-for-pro-bug-hunters-492598750150?source=rss------bug_bounty-5Khaleel Khanhacking-tools, bug-bounty, hacking, cybersecurity, infosec04-Sep-2024
dirsearch: Panduan Lengkap untuk Pengumpulan Informasi Web yang Efektif!https://medium.com/@adriansyah1230/dirsearch-panduan-lengkap-untuk-pengumpulan-informasi-web-yang-efektif-c7fdee43b2d4?source=rss------bug_bounty-5Adrian Syah Abidinbug-bounty, cybersecurity, infosec, dirsearch, pentesting04-Sep-2024
Aquatone: Solusi Cerdas untuk Inspeksi Visual Website yang Mendalam!https://medium.com/@adriansyah1230/aquatone-solusi-cerdas-untuk-inspeksi-visual-website-yang-mendalam-68811f0735c7?source=rss------bug_bounty-5Adrian Syah Abidincybersecurity, aquatone, keamanan-informasi, bug-bounty, infosec04-Sep-2024
A Comprehensive Guide to FFUF for Bug Huntershttps://maelstromenigma.medium.com/a-comprehensive-guide-to-ffuf-for-bug-hunters-76942e90f92b?source=rss------bug_bounty-5enigmawebservices-testing, bug-bounty-tips, bug-bounty, bug-hunting, recon04-Sep-2024
Nmap: Pemindai Keamanan Jaringan yang Kuat dan Alat Unggulan untuk Pengumpulan Informasi!https://medium.com/@adriansyah1230/nmap-pemindai-keamanan-jaringan-yang-kuat-dan-alat-unggulan-untuk-pengumpulan-informasi-ce2186eda0d1?source=rss------bug_bounty-5Adrian Syah Abidinnmap-command, cybersecurity, infosec, bug-bounty, nmap04-Sep-2024
Subdomain Enumeration | BBOT ✅>= Subfinder + Sublist3r + Assetfinder + Amasshttps://dkcyberz.medium.com/bbot-subfinder-sublist3r-assetfinder-amass-subdomain-enumeration-c42bbbf76052?source=rss------bug_bounty-5Harpy Hunterbug-bounty, subdomain-takeover, bugbounty-tips, subdomains-enumeration, bugbounty-writeup04-Sep-2024
OWASP Amass: Alat Canggih untuk Pengumpulan Informasi dan Strategi Pemetaan Serangan yang Efektif!https://medium.com/@adriansyah1230/owasp-amass-alat-canggih-untuk-pengumpulan-informasi-dan-strategi-pemetaan-serangan-yang-efektif-7859ad0515ad?source=rss------bug_bounty-5Adrian Syah Abidinmassa, owasp, bug-bounty, pentest, cybersecurity04-Sep-2024
Day 26 of 30 Day — 30 Vulnerabilities | Race Conditionshttps://medium.com/@kumawatabhijeet2002/day-26-of-30-day-30-vulnerabilities-race-conditions-e6b761e006b1?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, bug-bounty, 30dayswritingchallenge, race-condition04-Sep-2024
reNgine: Framework Otomatisasi Terbaik untuk Pengumpulan Informasi dan Pengujian Penetrasi Web!https://medium.com/@adriansyah1230/rengine-framework-otomatisasi-terbaik-untuk-pengumpulan-informasi-dan-pengujian-penetrasi-web-13e338edff02?source=rss------bug_bounty-5Adrian Syah Abidininfosec, bug-bounty, keamanan-informasi, rengine, cybersecurity04-Sep-2024
Exploring the World of `magicRecon`: A Fun Guide to Target Information Gatheringhttps://medium.com/@rootspaghetti/exploring-the-world-of-magicrecon-a-fun-guide-to-target-information-gathering-03a9e2bb7e39?source=rss------bug_bounty-5Root@Spaghetticybersecurity, bug-bounty-tips, hacking, bug-bounty04-Sep-2024
Zomatoooo! IDOR in Saved Paymentshttps://prateeksrivastavaa.medium.com/zomatoooo-idor-in-saved-payments-f8c014879741?source=rss------bug_bounty-5Prateek Srivastavabug-bounty-writeup, bug-bounty, cybersecurity, penetration-testing, bug-bounty-tips04-Sep-2024
Openredirect CSRF SSRF XSS And Sqli vulnerabilityhttps://medium.com/@shadowhackr_87285/openredirect-csrf-ssrf-xss-and-sqli-vulnerability-6a9f3a5662e2?source=rss------bug_bounty-5Shadowhackrxss-attack, cybersecurity, bug-bounty, vulnerability, sql04-Sep-2024
Zero-Day Exploits: An Inconspicuous Dangerhttps://medium.com/@mohanmecktro/zero-day-exploits-an-inconspicuous-danger-7e3ca32c164e?source=rss------bug_bounty-5Mohan Mecktrobug-bounty-tips, cyber, cybersecurity, bug-bounty, hacking04-Sep-2024
Decoding the Enigma: A Deep Dive into the /home/000~ROOT~000/ Directoryhttps://soltanali0.medium.com/decoding-the-enigma-a-deep-dive-into-the-home-000-root-000-directory-3be592f05525?source=rss------bug_bounty-5soltanali0information-security, bug-bounty, directory-listing, security-research, lfi04-Sep-2024
TeamCity Takedown: Breach, Backup, and Break-in.https://medium.com/@josh.beck2006/teamcity-takedown-breach-backup-and-break-in-3ce333b63788?source=rss------bug_bounty-5Josh Beckcybersecurity, bug-bounty, ctf-writeup04-Sep-2024
Advanced Strategies to Defend Against HTTP Request Smuggling: A Deep Divehttps://cyberw1ng.medium.com/advanced-strategies-to-defend-against-http-request-smuggling-a-deep-dive-ba7c0abe911a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, technology, penetration-testing04-Sep-2024
Shodan: Senjata Rahasia Wajib Bagi Peretas dan Peneliti Keamanan untuk Pengumpulan Informasi yang…https://medium.com/@adriansyah1230/shodan-senjata-rahasia-wajib-bagi-peretas-dan-peneliti-keamanan-untuk-pengumpulan-informasi-yang-a3f86dd47eed?source=rss------bug_bounty-5Adrian Syah Abidininfosec, shodan, bug-bounty, hacking, cybersecurity03-Sep-2024
Bug Bounty: Your Guide to Ethical Hacking, Rewards, and the Best Learning Resourceshttps://medium.com/@akatrigger53/bug-bounty-your-guide-to-ethical-hacking-rewards-and-the-best-learning-resources-071c6eb14a27?source=rss------bug_bounty-5Akansh Pandaybug-bounty, hacking, darkweb, cybersecurity03-Sep-2024
How to overcome the pause point in BugBountyhttps://anonysm.medium.com/how-to-overcome-the-pause-point-in-bugbounty-02b849cfcff8?source=rss------bug_bounty-5Muthu Dcybersecurity, bug-bounty, penetration-testing, motivation, hacking03-Sep-2024
DNSDumpster: Eksplorasi Informasi Domain Mendalamhttps://medium.com/@adriansyah1230/dnsdumpster-eksplorasi-informasi-domain-mendalam-d20fa2635596?source=rss------bug_bounty-5Adrian Syah Abidinkeamanan-informasi, cybersecurity, infosec, bug-bounty, dnsdumpster03-Sep-2024
Day 25 of 30 Day — 30 Vulnerabilities | HTTP Request Smugglinghttps://medium.com/@kumawatabhijeet2002/day-25-of-30-day-30-vulnerabilities-http-request-smuggling-722c3f01dbc4?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, http-request-smuggling, bug-bounty-tips, 30dayswritingchallenge03-Sep-2024
How to Bypass Web Application Firewalls (WAFs)https://bootstrapsecurity.medium.com/how-to-bypass-web-application-firewalls-10cec76e8276?source=rss------bug_bounty-5BootstrapSecuritybugbounty-tips, cybersecurity, ethical-hacking, bug-bounty03-Sep-2024
The removed employee can see whether the users he invited to the victim’s Pinterest business…https://rhidayah.medium.com/the-removed-employee-can-see-whether-the-users-he-invited-to-the-victims-pinterest-business-085d2ee8e14e?source=rss------bug_bounty-5Rohmad Hidayahbugcrowd, bug-bounty, pinterest, business-logic-flaw03-Sep-2024
[IDOR] Update another user’s profilehttps://rhidayah.medium.com/idor-update-another-users-profile-79d0158ae60c?source=rss------bug_bounty-5Rohmad Hidayahidor, bug-bounty03-Sep-2024
Pre account takeover via google sign inhttps://rhidayah.medium.com/pre-account-takeover-via-google-sign-in-bb442f4c32a2?source=rss------bug_bounty-5Rohmad Hidayahbug-bounty, account-takeover03-Sep-2024
P3 (Medium) : How I Gain Access To NASA's Internal Workspace?!https://medium.com/@srishavinkumar/p3-medium-how-i-gain-access-to-nasas-internal-workspace-d0896fee563c?source=rss------bug_bounty-5Sri Shavin Kumarbug-bounty, bug-bounty-tips, cybersecurity, technology, programming03-Sep-2024
Improper Authorization via Mass Assignment of Membership Parametershttps://ahmedtamer0.medium.com/improper-authorization-via-mass-assignment-of-membership-parameters-7245925b09f5?source=rss------bug_bounty-5Ahmed Tamerbug-hunting, api, mass-assignment, writeup, bug-bounty03-Sep-2024
How Bypassed KonyLab Code Protectionhttps://medium.com/@xmosb7/how-bypassed-konylab-code-protection-cac53da01ad1?source=rss------bug_bounty-5Mahmoud Mosbahmobilesec, infosec, cybersecurity, cyberattack, bug-bounty03-Sep-2024
Subdomain Enumeration part 1 (Manual & Automation)https://mrunknown124154.medium.com/subdomain-enumeration-part-1-manual-automation-45108388bdb2?source=rss------bug_bounty-5Mr Abdullahsubdomains-enumeration, hacking, bug-bounty, web-hacking, web-penetration-testing03-Sep-2024
API VULNERABILITIEShttps://medium.com/@adithyakrishnav001/api-vulnerabilities-9b68a0bd87a8?source=rss------bug_bounty-5Adithyakrishna Vcybersecurity, hacking, aad1, api-security, bug-bounty03-Sep-2024
HTTP Request Smuggling: The Hidden Web Threat You Need to Know Abouthttps://cyberw1ng.medium.com/http-request-smuggling-the-hidden-web-threat-you-need-to-know-about-71ff45c7f94a?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, cybersecurity, bug-bounty, hacking, careers03-Sep-2024
My First Bounty: How I Exploited a CORS Misconfigurationhttps://anas0x1.medium.com/my-first-bounty-how-i-exploited-a-cors-misconfiguration-bc1f9137b272?source=rss------bug_bounty-5Anas Ibrahimcors, bug-bounty, bug-hunting, hackerone, cybersecurity03-Sep-2024
How I Discovered a Hidden XSS and What I Learnedhttps://medium.com/@issam.qsous/how-i-discovered-a-hidden-xss-and-what-i-learned-9a34995ebbd2?source=rss------bug_bounty-5Essam Qsousweb-development, hacking, penetration-testing, security, bug-bounty03-Sep-2024
The Accidental Discoveryhttps://medium.com/@Kinqdathacker/the-accidental-discovery-8ed6f9622b0c?source=rss------bug_bounty-5Kinqdathackercybersecurity, hacking, technology, web-hacking, bug-bounty02-Sep-2024
Day 23 of 30 Days — 30 Vulnerabilities | JSON Web Token (JWT) Attackshttps://medium.com/@kumawatabhijeet2002/day-23-of-30-days-30-vulnerabilities-json-web-token-jwt-attacks-e77c719fe22d?source=rss------bug_bounty-5Abhijeet kumawatweb, bug-bounty, bug-bounty-tips, 30dayswritingchallenge02-Sep-2024
Advanced Web Application Security Checklisthttps://securitycipher.medium.com/advanced-web-application-security-checklist-6f7ed5917c72?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)cybersecurity, bug-bounty-tips, bug-bounty, technology, security02-Sep-2024
How I Hacked into Yamaha using CVE 2017-5487https://medium.com/@josuofficial327/how-i-found-an-easy-cve-in-yamaha-964366a34b59?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binucybersecurity, bug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-tips02-Sep-2024
[Specially Customized] TECNO Security 3rd Anniversary Bug Hunting Competition!https://medium.com/@security.tecno/specially-customized-tecno-security-3rd-anniversary-bug-hunting-competition-8a4e6501e91e?source=rss------bug_bounty-5TECNO Securitybug-bounty, bounty-program, hacking, hunting02-Sep-2024
Hunting JavaScript Files for Bug Huntershttps://bevijaygupta.medium.com/hunting-javascript-files-for-bug-hunters-7355df2215ec?source=rss------bug_bounty-5Vijay Guptahunting, javascript, bugs, bug-bounty, bug-hunting02-Sep-2024
A Story About How i Found CVE-2020–27838 in TVH responsible disclosurehttps://medium.com/@karthithehacker/a-story-about-how-i-found-cve-2020-27838-in-tvh-responsible-disclosure-16946f8f8faf?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, cybersecurity, infosec, web-security02-Sep-2024
Advanced Web Application Security Checklisthttps://infosecwriteups.com/advanced-web-application-security-checklist-6f7ed5917c72?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)cybersecurity, bug-bounty-tips, bug-bounty, technology, security02-Sep-2024
Business logic / Failed defense Vulnerability in bug bountyhttps://itsravikiran25.medium.com/business-logic-failed-defense-vulnerability-in-bug-bounty-4ab932a1a200?source=rss------bug_bounty-5Ravikiranbug-bounty-writeup, cybersecurity, penetration-testing, bug-bounty, hacking02-Sep-2024
A Story About How i Found CVE-2020–27838 in TVH responsible disclosurehttps://infosecwriteups.com/a-story-about-how-i-found-cve-2020-27838-in-tvh-responsible-disclosure-16946f8f8faf?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, cybersecurity, infosec, web-security02-Sep-2024
HTML Form Injection Vulnerability in Gmailhttps://medium.com/@h4x0r_dz/html-form-injection-vulnerability-in-gmail-152a01f6d423?source=rss------bug_bounty-5h4x0r_dzgoogle, web, bug-bounty, vulnerability, security02-Sep-2024
Easy 500$ Bounty with Host Header Injection By Ramthullahttps://skramthu.medium.com/easy-500-bounty-with-host-header-injection-by-ramthulla-bb556ebd4c46?source=rss------bug_bounty-5Raminfosec-write-ups, bounty-program, hackerone, bug-bounty, bugbounty-writeup02-Sep-2024
Pentesting vs Bug Bounty: Apa Perbedaannya dan Bagaimana Tahapannya?https://medium.com/@adriansyah1230/pentesting-vs-bug-bounty-apa-perbedaannya-dan-bagaimana-tahapannya-182cc05a2721?source=rss------bug_bounty-5Adrian Syah Abidinhacking, bug-bounty, pentesting, cybersecurity02-Sep-2024
How to Automate Subdomain Takeover Finding: Low Hang Fruit…https://dkcyberz.medium.com/how-to-automate-subdomain-takeover-finding-low-hang-fruit-5733f2794df1?source=rss------bug_bounty-5Harpy Hunterbug-bounty-tips, how-to-takeover-s3-bucket, bug-bounty, bug-bounty-writeup, subdomain-takeover02-Sep-2024
Secure your Instagram Account Today, Or be a victim.https://mayur-jadhav.medium.com/secure-your-instagram-account-today-or-be-a-victim-9f476937a5e2?source=rss------bug_bounty-5Mayur Jadhavbug-bounty, social-media, hacking, cybersecurity02-Sep-2024
26.18 Lab: Web cache poisoning via HTTP/2 request tunnellinghttps://cyberw1ng.medium.com/26-18-lab-web-cache-poisoning-via-http-2-request-tunnelling-72abd219dc68?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, technology, careers, hacking, bug-bounty02-Sep-2024
SSRF via DNS Rebinding That Leads to Several Clouds Access (Arabic)https://medium.com/@Berserker1337/ssrf-via-dns-rebinding-that-leads-to-several-clouds-access-arabic-db9f9a9c530c?source=rss------bug_bounty-5Berserkerbug-bounty, infosec02-Sep-2024
Lessons Learned #1: One line of code can make your application vulnerable (Pre-Auth RCE in Metabase…https://medium.com/appsec-untangled/lessons-learned-1-one-line-of-code-can-make-your-application-vulnerable-pre-auth-rce-in-metabase-a8579ca0102d?source=rss------bug_bounty-5Mohamed AboElKheirthreat-modeling, vulnerability, bug-bounty, application-security, cybersecurity02-Sep-2024
Insider Secrets to Earning $100 to $250 in Bug Bountieshttps://medium.com/@ajaynaikhack/insider-secrets-to-earning-100-to-250-in-bug-bounties-9dd6adb2a304?source=rss------bug_bounty-5Ajay Naikcybersecurity, bug-bounty02-Sep-2024
The Wild World of Path Traversal: Sneaking Around the Web’s Dark Cornershttps://cluelesszay.medium.com/the-wild-world-of-path-traversal-sneaking-around-the-webs-dark-corners-088f5522e371?source=rss------bug_bounty-5zaythecluelessdevpath-traversal, web-security, cybersecurity, bug-bounty, ethical-hacking01-Sep-2024
Race condition to bypass email verify, part #2https://siratsami71.medium.com/race-condition-to-bypass-email-verify-part-2-5efca002cf24?source=rss------bug_bounty-5Sirat Sami (analyz3r)bug-bounty-tips, cybersecurity, bugbounty-writeup, bug-bounty01-Sep-2024
How I found exif metdata leak and earned small bountyhttps://medium.com/@deepk007/how-i-found-exif-metdata-leak-and-earned-small-bounty-34c93de2fa2e?source=rss------bug_bounty-5DEepbug-bounty, ethical-hacking, hacking, bug-bounty-tips, cybersecurity01-Sep-2024
Advanced Techniques for Exploiting SSRF Vulnerabilitieshttps://bootstrapsecurity.medium.com/advanced-techniques-for-exploiting-ssrf-vulnerabilities-9996cade3a64?source=rss------bug_bounty-5BootstrapSecuritybug-bounty-tips, bug-bounty-hunter, cybersecurity, ethical-hacking, bug-bounty01-Sep-2024
Port Scanning for Bug Bountieshttps://bevijaygupta.medium.com/port-scanning-for-bug-bounties-1b660ea41483?source=rss------bug_bounty-5Vijay Guptabug-fixes, port-scanning, bugs, bug-bounty, bug-bounty-tips01-Sep-2024
Subdomain Discovery Toolhttps://medium.com/@World-Breaker/subdomain-discovery-tool-7403e38a760f?source=rss------bug_bounty-5usu@rioZ3r0python, enum, enumeration, subdomain, bug-bounty01-Sep-2024
OWASP A05 :Security Misconfigurationhttps://medium.com/@shivamsharma.ss484/owasp-a05-security-misconfiguration-10518396c757?source=rss------bug_bounty-5Shivamsharmaowasp, owasp-top-10, cybersecurity, bug-bounty, oscp01-Sep-2024
A Story About How I Found XSS in ASUShttps://infosecwriteups.com/a-story-about-how-i-found-xss-in-asus-cb233ce3bb9c?source=rss------bug_bounty-5Karthikeyan.Vbugbounty-tips, infosec, bugbounty-writeup, bug-bounty, bugbounty-poc01-Sep-2024
# 5 Install OWASP Juice Shop on Kali Linux — Guide for Burp Suitehttps://securitycipher.medium.com/5-install-owasp-juice-shop-on-kali-linux-guide-for-burp-suite-6b31c1ece398?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)bug-bounty-tips, security, technology, cybersecurity, bug-bounty01-Sep-2024
How I found My first P1 Bug which ended up ….$?https://medium.com/@yashsomalkar/how-i-found-my-first-p1-bug-which-ended-up-5e6cffdbb066?source=rss------bug_bounty-5Yashsomalkarbugbounty-writeup, bugbounty-poc, aws, bug-bounty, cybersecurity01-Sep-2024
How I Got $250 For My Second Bug In HackerOnehttps://medium.com/@likithteki76/how-i-got-250-for-my-second-bug-in-hackerone-35c75cbd84bd?source=rss------bug_bounty-5Likith Tekihackerone, bug-bounty, bug-bounty-tips, bug-hunting, bugbounty-writeup01-Sep-2024
26.18 Lab: Bypassing access controls via HTTP/2 request tunnelinghttps://cyberw1ng.medium.com/26-18-lab-bypassing-access-controls-via-http-2-request-tunneling-f92ae50661bc?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, bug-bounty, cybersecurity, careers01-Sep-2024
How I found My first P1 Bug which ended up ….$?https://medium.com/@yashsomalkar/how-i-found-my-first-p1-bug-which-ended-up-5e6cffdbb066?source=rss------bug_bounty-5Rudrakshackerbugbounty-writeup, bugbounty-poc, aws, bug-bounty, cybersecurity01-Sep-2024
How I Got $250 For My Second Bug on HackerOnehttps://medium.com/@likithteki76/how-i-got-250-for-my-second-bug-in-hackerone-35c75cbd84bd?source=rss------bug_bounty-5Likith Tekihackerone, bug-bounty, bug-bounty-tips, bug-hunting, bugbounty-writeup01-Sep-2024
26.17 Lab: Exploiting HTTP request smuggling to perform web cache deceptionhttps://cyberw1ng.medium.com/26-17-lab-exploiting-http-request-smuggling-to-perform-web-cache-deception-69a6e9654b7e?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, careers, bug-bounty, cybersecurity31-Aug-2024
All You Need to know About Broken Authentication and Session Managementhttps://medium.com/@ahmed.hilal/all-you-need-to-know-about-broken-authentication-and-session-management-26920f100714?source=rss------bug_bounty-5X0_AhMeD_0Xbug-bounty, pentesting, cybersecurity, bugs, vulnerability31-Aug-2024
DEPENDENCY CONFUSION CAN LEAD TO P5 OR P2 BASED ON LUCKhttps://medium.com/@anonymousshetty2003/dependency-confusion-can-lead-to-p5-or-p2-based-on-luck-64a5b94b80c1?source=rss------bug_bounty-5Anonymousshettyhacking, dependency-confusion, cybersecurity, bug-bounty31-Aug-2024
“Boost Your Productivity: Essential Tips for Organizing Your Work as a Bug Bounty Hunter”https://medium.com/@mahdisalhi0500/boost-your-productivity-essential-tips-for-organizing-your-work-as-a-bug-bounty-hunter-8de1517dc6a4?source=rss------bug_bounty-5Mahdisalhibug-bounty, bug-bounty-tips, ethical-hacking, infosec, hacking31-Aug-2024
HOW I GOT ACCESS TO ACCOUNT BY OTP BYPASShttps://medium.com/@anonymousshetty2003/how-i-got-access-to-account-by-otp-bypass-c49eb0490744?source=rss------bug_bounty-5Anonymousshettycybersecurity, hacking, bug-bounty, otp-bypass31-Aug-2024
Bug bounty Hunting 101https://medium.com/@sys_br3ach3r/bug-bounty-hunting-101-7d2258a3b21d?source=rss------bug_bounty-5sys_br3ach3rbug-bounty-tips, bug-bounty31-Aug-2024
OTP bypass through the Response manipulationhttps://itsravikiran25.medium.com/otp-bypass-through-the-response-manipulation-4f25ab36f60b?source=rss------bug_bounty-5Ravikirancybersecurity, bugbounty-writeup, bug-bounty, hacking, otp-bypass31-Aug-2024
The Discovery of CVE-2024–5947: Authentication Bypass in Deep Sea Electronics DSE855https://medium.com/@karthithehacker/the-discovery-of-cve-2024-5947-authentication-bypass-in-deep-sea-electronics-dse855-5fa2e89cbdfb?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, infosec, information-security, bugbounty-tips, bugbounty-writeup31-Aug-2024
Using Default Credential to Admin Account Takeoverhttps://ch4ndan.medium.com/using-default-credential-to-admin-account-takeover-04c557e67969?source=rss------bug_bounty-5Ch4ndan dasbugs, bug-bounty-tips, hacking, bug-bounty, cybersecurity31-Aug-2024
How to Take Over a Subdomain Through S3 Bucket Takeover…https://dkcyberz.medium.com/how-to-take-over-a-subdomain-through-s3-bucket-takeover-a53238499b81?source=rss------bug_bounty-5Harpy Hunterbug-bounty, bug-hunting, hackerone, s3-bucket, subdomain-takeover31-Aug-2024
How to Get Started in Bug Bounty Hunting: A Comprehensive Beginner’s Guidehttps://shubhdhungana.medium.com/how-to-get-started-in-bug-bounty-hunting-a-comprehensive-beginners-guide-4cdaf3dcd910?source=rss------bug_bounty-5Subh Dhunganabug-bounty, cybersecurity, hacking, hackerone, infosec31-Aug-2024
Most Asked Questions from Cybersecurity Beginners with Answershttps://medium.com/@cham3leon/most-asked-questions-from-cybersecurity-beginners-with-answers-91b7c680e967?source=rss------bug_bounty-5cham3leonfaq, cybersecurity, guides-and-tutorials, pentesting, bug-bounty31-Aug-2024
The Discovery of CVE-2024–5947: Authentication Bypass in Deep Sea Electronics DSE855https://infosecwriteups.com/the-discovery-of-cve-2024-5947-authentication-bypass-in-deep-sea-electronics-dse855-5fa2e89cbdfb?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, infosec, information-security, bugbounty-tips, bugbounty-writeup31-Aug-2024
Bypassing CSP via URL Parser Confusions : XSS on Netlify’s Image CDNhttps://sudhanshur705.medium.com/bypassing-csp-via-url-parser-confusions-xss-on-netlifys-image-cdn-755a27065fd9?source=rss------bug_bounty-5Sudhanshu Rajbharbug-bounty, csp, xss-attack31-Aug-2024
Parameter tampering result in product price manipulationhttps://medium.com/@RaunakGupta1922/parameter-tampering-result-in-product-price-manipulation-356c07a571e5?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitbusiness, cybersecurity, hacking, college, bug-bounty31-Aug-2024
IIS welcome page to source code review to LFI!https://medium.com/@omarahmed_13016/iis-welcome-page-to-source-code-review-to-lfi-23ec581049f5?source=rss------bug_bounty-5Omar Ahmedbug-bounty, hackerone, application-security, bug-bounty-tips31-Aug-2024
How to Get Started in Bug Bounty Hunting: A Comprehensive Beginner’s Guidehttps://infosecwriteups.com/how-to-get-started-in-bug-bounty-hunting-a-comprehensive-beginners-guide-4cdaf3dcd910?source=rss------bug_bounty-5Subh Dhunganabug-bounty, cybersecurity, hacking, hackerone, infosec31-Aug-2024
From Reset to Takeover: The Exploitation Potential of IDOR in Password Recovery Systemshttps://medium.com/@tusharpuri6/from-reset-to-takeover-the-exploitation-potential-of-idor-in-password-recovery-systems-5d1b6f53530a?source=rss------bug_bounty-5Tusharpuribug-bounty, application-security, penetration-testing, offensive-security, authentication31-Aug-2024
How to find webcams using the Google Dorking.https://bob218.medium.com/how-to-find-webcams-using-the-google-dorking-4c7b491fa856?source=rss------bug_bounty-5bob218hacking, bug-bounty, osint, cybersecurity, google-dork31-Aug-2024
How Attackers Sneak in Hidden Requests and What You Can Do About Ithttps://cyberw1ng.medium.com/how-attackers-sneak-in-hidden-requests-and-what-you-can-do-about-it-cc085f245b4e?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing31-Aug-2024
Day 23 of 30 Days — 30 Vulnerabilities | JSON Web Token (JWT) Attackshttps://medium.com/@kumawatabhijeet2002/day-23-of-30-days-30-vulnerabilities-json-web-token-jwt-attacks-d9509595ebd8?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, bug-bounty, jwt-token, jwt-authentication, 30dayswritingchallenge30-Aug-2024
New trick to make self xss impactfulhttps://medium.com/@Rahulkrishnan_R_Panicker/new-trick-to-make-self-xss-impactful-073d52a07d4f?source=rss------bug_bounty-5Rahulkrishnan R Panickerbug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty, xss-attack30-Aug-2024
How to install dnsReaper and use of dnsReaperhttps://medium.com/@sherlock297/how-to-install-dnsreaper-and-use-of-dnsreaper-bc69d66d8c08?source=rss------bug_bounty-5Ravindra Dagalednsreaper, tools, bug-bounty, how-to, subdomain-takeover30-Aug-2024
Google Dorkshttps://medium.com/@twinkspap/google-dorks-c83abf0918ef?source=rss------bug_bounty-5twinksbug-bounty, google-dork, learning, skills, cybersecurity30-Aug-2024
Top 100Vulnerabilities: Identifying and Addressing Security Riskshttps://medium.com/@0xvan/top-100vulnerabilities-identifying-and-addressing-security-risks-bce861b5fa31?source=rss------bug_bounty-50xvanbug-bounty-tips, security, cybersecurity, bug-bounty, web-security30-Aug-2024
./Fingerprinting Web Technologieshttps://gauravdavre.medium.com/fingerprinting-web-technologies-fde6631f9ef7?source=rss------bug_bounty-5Gaurav Davrebug-bounty, cybersecurity, open-source-intelligence, reconnaissance, web-technology30-Aug-2024
26.16 Lab: Exploiting HTTP request smuggling to perform web cache poisoninghttps://cyberw1ng.medium.com/26-16-lab-exploiting-http-request-smuggling-to-perform-web-cache-poisoning-fa35ac4fdf4c?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, bug-bounty, careers, cybersecurity30-Aug-2024
Unlock Hidden Web Vulnerabilities: Advanced ParamSpider Tactics Every Hacker Must Know!https://systemweakness.com/unlock-hidden-web-vulnerabilities-advanced-paramspider-tactics-every-hacker-must-know-62487db3e8c8?source=rss------bug_bounty-5Khaleel Khanpenetration-testing, bug-bounty, hacking, infosec, cybersecurity30-Aug-2024
The Easiest Bug For Beginnershttps://medium.com/@josuofficial327/the-easiest-bug-for-beginners-491986cbc53c?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty-hunter, cybersecurity, ethical-hacking, hacking, bug-bounty30-Aug-2024
The Hunt for XXE to LFI: How I Uncovered CVE-2019–9670 in a Bug Bounty Programhttps://medium.com/@karthithehacker/the-hunt-for-xxe-to-lfi-how-i-uncovered-cve-2019-9670-in-a-bug-bounty-program-5668e4afa806?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, information-security, infosec, bugbounty-writeup, bug-bounty-tips30-Aug-2024
When Giving Out Cheap Hotel Deals Go Wrong:https://medium.com/@ralph.andalis92/when-giving-out-cheap-hotel-deals-go-wrong-bfea34fa3cde?source=rss------bug_bounty-5Ralph Andalisbug-bounty-tips, pentesting, bug-bounty, web-application-security, web-security30-Aug-2024
My Five Minute Critical Vulnerability Discovery on Hackeronehttps://medium.com/@0xvan/my-five-minute-critical-vulnerability-discovery-on-hackerone-067258333c80?source=rss------bug_bounty-50xvanbug-bounty-writeup, bug-bounty-tips, ethical-hacking, pentesting, bug-bounty30-Aug-2024
DVWA Cheat Sheet (Low & Medium)https://medium.com/@loaysalah276/dvwa-cheat-sheet-low-medium-c7490e76f1b5?source=rss------bug_bounty-5Loay Salahbug-bounty, cybersecurity, penetration-testing, owasp-top-10, dvwa30-Aug-2024
Understanding Bugcrowd’s Vulnerability Rating Taxonomy (VRT):https://medium.com/@js8971105/understanding-bugcrowds-vulnerability-rating-taxonomy-vrt-d5bc946443b5?source=rss------bug_bounty-5jatin singhbug-bounty, web-security, hacking, vrt, web30-Aug-2024
Top 100 Vulnerabilities: Identifying and Addressing Security Riskshttps://medium.com/@0xvan/top-100vulnerabilities-identifying-and-addressing-security-risks-bce861b5fa31?source=rss------bug_bounty-50xvanbug-bounty-tips, security, cybersecurity, bug-bounty, web-security30-Aug-2024
Subdomain Analysis for Bug Bounty Hunting: A Comprehensive Guidehttps://bughunteralltime.medium.com/subdomain-analysis-for-bug-bounty-hunting-a-comprehensive-guide-920e33a59a91?source=rss------bug_bounty-5Bug_Hunter_All_Timebug-bounty30-Aug-2024
How to Hunt for Sensitive Directories in Bug Bounty Huntinghttps://bughunteralltime.medium.com/how-to-hunt-for-sensitive-directories-in-bug-bounty-hunting-f61a7f61d8fb?source=rss------bug_bounty-5Bug_Hunter_All_Timebug-bounty-tips, bug-bounty, hacking30-Aug-2024
How to Map Out a Target for Bug Bounty Huntinghttps://bughunteralltime.medium.com/how-to-map-out-a-target-for-bug-bounty-hunting-acea0ed59783?source=rss------bug_bounty-5Bug_Hunter_All_Timebug-bounty-tips, bug-bounty, hacking, bugs30-Aug-2024
How To FindWeb Technology Identification for Effective Bug Bounty Huntinghttps://bughunteralltime.medium.com/how-to-findweb-technology-identification-for-effective-bug-bounty-hunting-a0f57c80b67b?source=rss------bug_bounty-5Bug_Hunter_All_Timehacking, bug-bounty-tips, bug-bounty, bug-fixes, web-development30-Aug-2024
Interview joke 2: Application Security (Prod.https://medium.com/@kannnannmk/interview-joke-2-application-security-prod-7a0c4c6cdd1a?source=rss------bug_bounty-5Neelamegha Kannan Sbug-bounty, application-security, code-review, pentesting, bug-bounty-tips30-Aug-2024
Easy Subdomain Enumeration Tools & Commandshttps://medium.com/@josuofficial327/easy-subdomain-enumeration-tools-commands-5f8a8fe0f3a0?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binucybersecurity, ethical-hacking, bug-bounty-tips, bug-hunting, bug-bounty30-Aug-2024
Interview joke 1: Application Security (Prod.https://medium.com/@kannnannmk/application-security-prod-3868c0b8cb64?source=rss------bug_bounty-5Neelamegha Kannan Sbug-bounty-tips, interview, bug-bounty, web-security, application-security30-Aug-2024
OWASP A04:2021 INSECURE DESIGNhttps://medium.com/@shivamsharma.ss484/owasp-a04-2021-insecure-design-34ef11e83e6f?source=rss------bug_bounty-5Shivamsharmaowasp, owasp-top-10, bug-bounty, hacking, cybersecurity30-Aug-2024
A Comprehensive AI Security Model for Penetration Testing leverages advanced AI techniques to…https://medium.com/@ajaynaik_16635/a-comprehensive-ai-security-model-for-penetration-testing-leverages-advanced-ai-techniques-to-9caa4febfc21?source=rss------bug_bounty-5Ajay Naikbug-bounty-tips, bug-bounty, ai-security, ethical-hacking30-Aug-2024
Bad Effect Of Bug In Domain.https://medium.com/@nazmulhasan017191/bad-effect-of-bug-in-domain-e0cfd62cb3bc?source=rss------bug_bounty-5Nazmul Hasantechnical-analysis, information-security, cybersecurity, bug-hunting, bug-bounty30-Aug-2024
How to Find Clickjacking Vulnerabilities Using the Command Line in Kali Linuxhttps://bughunteralltime.medium.com/how-to-find-clickjacking-vulnerabilities-using-the-command-line-in-kali-linux-a07cc64437f3?source=rss------bug_bounty-5Bug_Hunter_All_Timebug-bounty-tips, hacking, bugs, bug-bounty30-Aug-2024
Understanding Log Stealer and Its Role in Security Testing — Part 1https://medium.com/haktrak-cybersecurity-squad/understanding-log-stealer-and-its-role-in-security-testing-part-1-5f2223b47847?source=rss------bug_bounty-5YoKo Khosecurity-testing, stealer-logs, stealer-malware, broken-access-control, bug-bounty30-Aug-2024
Understanding Stealer Logs and Its Role in Security Testing — Part 1https://medium.com/haktrak-cybersecurity-squad/understanding-log-stealer-and-its-role-in-security-testing-part-1-5f2223b47847?source=rss------bug_bounty-5YoKo Khostealer-logs, stealer-malware, red-team, broken-access-control, bug-bounty30-Aug-2024
A Comprehensive AI Security Model for Penetration Testing leverages advanced AI techniques to…https://medium.com/@ajaynaikhack/a-comprehensive-ai-security-model-for-penetration-testing-leverages-advanced-ai-techniques-to-9caa4febfc21?source=rss------bug_bounty-5Ajay Naikbug-bounty-tips, bug-bounty, ai-security, ethical-hacking30-Aug-2024
Overview CVE-2024–38063 is a critical zero-click remote code execution (RCE) vulnerability…https://medium.com/@ajaynaikhack/overview-cve-2024-38063-is-a-critical-zero-click-remote-code-execution-rce-vulnerability-9be862382548?source=rss------bug_bounty-5Ajay Naikhacking, bug-bounty, cve, network-security, windows30-Aug-2024
Day 22 of 30 Days — 30 Vulnerabilities | Business Logic Flawshttps://medium.com/@kumawatabhijeet2002/day-22-of-30-days-30-vulnerabilities-business-logic-flaws-734c2f4b0575?source=rss------bug_bounty-5Abhijeet kumawatbusiness-logic, bug-bounty-tips, business-logic-flaw, 30dayswritingchallenge, bug-bounty29-Aug-2024
Part -2: Uncovering a Critical Parameter Tampering Vulnerability on a Major OTT Platformhttps://medium.com/@sulmanfarooq531/uncovering-a-critical-parameter-tampering-vulnerability-on-a-major-ott-platform-e3342cd3437c?source=rss------bug_bounty-5Sulman Farooq Scybersecurity, bug-bounty, http-parameter-pollution, ethical-hacking, ott29-Aug-2024
How Hackers Use Cross-Site Scripting to Break Through Web Application Firewalls!https://theshaco.com/how-hackers-use-cross-site-scripting-to-break-through-web-application-firewalls-ab101f1778a1?source=rss------bug_bounty-5Khaleel Khanweb-development, cybersecurity, infosec, hacking, bug-bounty29-Aug-2024
Practical Bug Bounty — TCM Academy | Module 8 pt.3 (SSTI, XXE, Insecure File Uploads)https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-8-pt-3-ssti-xxe-insecure-file-uploads-1ed7056ea0c7?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamibug-bounty, web-penetration-testing, cybersecurity, ethical-hacking, tcm-academy29-Aug-2024
Part 2 — How I Found Vulnerabilities in NASA and Got into the Hall of Fame — 4 Bugs | Karthikeyan…https://systemweakness.com/part-2-how-i-found-vulnerabilities-in-nasa-and-got-into-the-hall-of-fame-4-bugs-karthikeyan-79c3ec17a336?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, cybersecurity, hacking, bug-bounty29-Aug-2024
Disable Any Customer Ability To Create Service Account With Business Logic Vulnerabilityhttps://medium.com/@bilalresearcher/disable-any-customer-ability-to-create-service-account-with-business-logic-vulnerability-05ab37901a4a?source=rss------bug_bounty-5Bilal Researcherhacking, bug-bounty-writeup, cybersecurity, bug-bounty, bugbounty-writeup29-Aug-2024
Reflected XSS To Account Takeover Without Stealing Session Cookiehttps://medium.com/@bilalresearcher/reflected-xss-to-account-takeover-without-stealing-session-cookie-413e522aac40?source=rss------bug_bounty-5Bilal Researcherhacking, bug-bounty-writeup, bug-bounty, bugbounty-writeup, cybersecurity29-Aug-2024
Detecting Blind Injection Attacks with Discord Webhookshttps://medium.com/@bilalresearcher/detecting-blind-injection-attacks-with-discord-webhooks-9a9d3b566bf1?source=rss------bug_bounty-5Bilal Researcherhacking, cybersecurity, bugbounty-writeup, bug-bounty, bug-bounty-writeup29-Aug-2024
A Beautiful Bug: Interesting URL scheme bypass + Race Conditionhttps://medium.com/@bilalresearcher/a-beautiful-bug-interesting-url-scheme-bypass-race-condition-e8ff79361740?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bugbounty-writeup, hacking, cybersecurity, bug-bounty-writeup29-Aug-2024
Stored XSS to Account Takeover (AWS Cognito)https://medium.com/@bilalresearcher/stored-xss-to-account-takeover-aws-cognito-bd29d241e5d1?source=rss------bug_bounty-5Bilal Researcherxss-vulnerability, bug-bounty-tips, bugbounty-writeup, cybersecurity, bug-bounty29-Aug-2024
My Journey to the United Nations Hall of Fame: A Story of Lucky Mehttps://medium.com/@siddharth_1/my-journey-to-the-united-nations-hall-of-fame-a-story-of-lucky-me-d489d93bd363?source=rss------bug_bounty-5Siddharthcybersecurity, united-nations, vulnerability, bug-bounty, bug-bounty-writeup29-Aug-2024
XSS Web Application Firewall Bypass Techniqueshttps://medium.com/@bilalresearcher/xss-web-application-firewall-bypass-techniques-e10476b5fa72?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-writeup, hacking, bugbounty-writeup, cybersecurity29-Aug-2024
OAuth CSRF: Exploiting the Authorization Code Flow for Account Takeoverhttps://medium.com/@bilalresearcher/oauth-csrf-exploiting-the-authorization-code-flow-for-account-takeover-b1e3790416b7?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bugbounty-writeup, cybersecurity, hacking, bug-bounty-writeup29-Aug-2024
Two Factor Authentication Bypass via using Victim’s DeviceIDhttps://medium.com/@bilalresearcher/two-factor-authentication-bypass-via-using-victims-deviceid-1fc10bfe95c9?source=rss------bug_bounty-5Bilal Researcherhacking, bugbounty-writeup, bug-bounty-writeup, bug-bounty, cybersecurity29-Aug-2024
Bypassed an Admin Panel Using SQL Payloadshttps://medium.com/@bilalresearcher/bypassed-an-admin-panel-using-sql-payloads-572574b41d1c?source=rss------bug_bounty-5Bilal Researcherbug-bounty, hacking, cybersecurity, bug-bounty-writeup, bugbounty-writeup29-Aug-2024
Hunting JavaScript File for Bug Huntershttps://medium.com/@bilalresearcher/hunting-javascript-file-for-bug-hunters-ae4af0479a9c?source=rss------bug_bounty-5Bilal Researchercybersecurity, bugbounty-writeup, hacking, bug-bounty, bug-bounty-writeup29-Aug-2024
Common 403 Bypasses Part 2https://medium.com/@bilalresearcher/common-403-bypasses-part-2-80fd094a86fe?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, hacking, bug-bounty, cybersecurity, bug-bounty-writeup29-Aug-2024
Common 403 Bypasses Part 1https://medium.com/@bilalresearcher/common-403-bypasses-part-1-a693a8413108?source=rss------bug_bounty-5Bilal Researchercybersecurity, bugbounty-writeup, bug-bounty-writeup, bug-bounty, hacking29-Aug-2024
Advanced SQLMap Customizationhttps://medium.com/@bilalresearcher/advanced-sqlmap-customization-34d04b6c0984?source=rss------bug_bounty-5Bilal Researchercybersecurity, hacking, bug-bounty, bug-bounty-writeup, bugbounty-writeup29-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-91)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-91-bcac49fd0f29?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, cybersecurity, money, bug-bounty, hacking28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-90)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-90-0f7e5ae09f8c?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, hacking, ethical-hacking, money28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-89)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-89-f7771af9355f?source=rss------bug_bounty-5Mehedi Hasan Rafidmoney, bug-bounty, hacking, cybersecurity, ethical-hacking28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-88)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-88-5fba54f61fd0?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, money, hacking, cybersecurity, ethical-hacking28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-87)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-87-d78ff97837fd?source=rss------bug_bounty-5Mehedi Hasan Rafidmoney, hacking, cybersecurity, ethical-hacking, bug-bounty28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-86)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-86-dfcf154a34d3?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, cybersecurity, money, bug-bounty, ethical-hacking28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-85)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-85-46305e104b6f?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, ethical-hacking, cybersecurity, bug-bounty, money28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-84)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-84-d3a454db9673?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, money, cybersecurity, hacking28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-83)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-83-45728838a32c?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, hacking, bug-bounty, cybersecurity, money28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-82)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-82-8c89ec5c5ef7?source=rss------bug_bounty-5Mehedi Hasan Rafidmoney, bug-bounty, hacking, cybersecurity, ethical-hacking28-Aug-2024
Day 21 of 30 Days — 30 Vulnerabilities | OAuth Misconfigurationshttps://medium.com/@kumawatabhijeet2002/day-21-of-30-days-30-vulnerabilities-oauth-misconfigurations-693c16cf5476?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, web-security-testing, bug-bounty-tips, 30dayswritingchallenge, oauth28-Aug-2024
How to Scan a Range of IP Addresses with Nmaphttps://medium.com/@sherlock297/how-to-scan-a-range-of-ip-addresses-with-nmap-d802dc168846?source=rss------bug_bounty-5Ravindra Dagaletools, nmap, information-technology, bug-bounty, security28-Aug-2024
The Secret to Finding Anyone’s Digital Footprint: Master OSINT in 7 Easy Steps!https://medium.com/@paritoshblogs/the-secret-to-finding-anyones-digital-footprint-master-osint-in-7-easy-steps-bd278a058c73?source=rss------bug_bounty-5Paritoshinformation-technology, cybersecurity, osint, hacking, bug-bounty28-Aug-2024
Exploiting Second-Order IDOR Vulnerabilitieshttps://medium.com/@bountyget/exploiting-second-order-idor-vulnerabilities-6d2554eb1319?source=rss------bug_bounty-5Dhiren Kumar Pradhanbug-bounty, infosec, information-security, bug-bounty-tips, bug-bounty-writeup28-Aug-2024
Exploiting IDORs in APIs That Use Static Keywordshttps://medium.com/@bountyget/exploiting-idors-in-apis-that-use-static-keywords-f94b7797634a?source=rss------bug_bounty-5Dhiren Kumar Pradhaninformation-security, bug-bounty-writeup, bug-bounty-tips, infosec, bug-bounty28-Aug-2024
IDOR : Deleting Comments Like a Boss!https://medium.com/@tanyago/idor-deleting-comments-like-a-boss-0413a375024f?source=rss------bug_bounty-5Tanya Goyalbug-bounty, bug-bounty-tips, bug-bounty-writeup, idor, bug-hunting28-Aug-2024
25.7 Lab: Password reset poisoning via dangling markuphttps://cyberw1ng.medium.com/25-7-lab-password-reset-poisoning-via-dangling-markup-cee4cc5a20f3?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing28-Aug-2024
The Ultimate List of Browser Extensions for Bug Bounty Huntershttps://medium.com/@k4r7hx/the-ultimate-list-of-browser-extensions-for-bug-bounty-hunters-5e349437e063?source=rss------bug_bounty-5Karthikeyanextension, ethical-hacking, bug-bounty, penetration-testing, web28-Aug-2024
How important Cookies can be?https://medium.com/@alireza.razaghzadegan1999/how-important-cookies-can-be-86c7a3fdd790?source=rss------bug_bounty-5Alireza Razaghzadegantechnology, website, bug-bounty, security28-Aug-2024
Blind Command Injection Leads to Nothing!!https://medium.com/@kush.kira/blind-command-injection-leads-to-nothing-ea56f6662a58?source=rss------bug_bounty-5Kiraos-command-injection, command-injection, ssrf, bug-bounty, hacking28-Aug-2024
OTP Bypassing with Response Manipulationhttps://medium.com/@sahilkushwaha275/otp-bypassing-with-response-manipulation-238498b02737?source=rss------bug_bounty-5S33NUbug-hunting, cybersecurity, hacking, pentesting, bug-bounty28-Aug-2024
Dramatic Surge in Password-Stealing Attacks Targeting Amazon, Facebook, and Google Usershttps://medium.com/@realahmedmoses/dramatic-surge-in-password-stealing-attacks-targeting-amazon-facebook-and-google-users-011f6bd3315a?source=rss------bug_bounty-5Moses Ahmedtechnology, coding, bug-bounty, cybersecurity, programming28-Aug-2024
How To Get Stored Xss & RCE Using Bypass Signature & Extension Via File Upload |_|https://medium.com/@bilalresearcher/how-to-get-stored-xss-rce-using-bypass-signature-extension-via-file-upload-9b3e8d9348cd?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bugbounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips27-Aug-2024
Find Blind XSS like a pro.https://medium.com/@bilalresearcher/find-blind-xss-like-a-pro-ddc9ef8d5e89?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, bug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips27-Aug-2024
The only recon methodology you need to know.https://medium.com/@bilalresearcher/the-only-recon-methodology-you-need-to-know-9feb257ca4a2?source=rss------bug_bounty-5Bilal Researcherbug-bounty, idor, bug-bounty-writeup, cybersecurity, bugbounty-writeup27-Aug-2024
Advanced Web Cache Poisoning Techniques (Part 2): Tools, Methods, and Exploitshttps://medium.com/@bilalresearcher/advanced-web-cache-poisoning-techniques-part-2-tools-methods-and-exploits-b379aeb7ab36?source=rss------bug_bounty-5Bilal Researcheridor, hacking, bug-bounty-writeup, bug-bounty, bugbounty-writeup27-Aug-2024
Unraveling Web Cache Poisoning: A Deep Dive (Part 1)https://medium.com/@bilalresearcher/unraveling-web-cache-poisoning-a-deep-dive-part-1-49fa00e81d1a?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, cybersecurity, idor, bug-bounty, bug-bounty-writeup27-Aug-2024
Finding IDOR Vulnerabilities: Key Endpoints and Resourceshttps://medium.com/@bilalresearcher/finding-idor-vulnerabilities-key-endpoints-and-resources-e4c2457aa231?source=rss------bug_bounty-5Bilal Researcheridor, bug-bounty-writeup, bugbounty-writeup, bug-bounty, hacking27-Aug-2024
How I was able to discover ATO Via IDOR vulnerabilityhttps://medium.com/@bilalresearcher/how-i-was-able-to-discover-ato-via-idor-vulnerability-c31d074a62e8?source=rss------bug_bounty-5Bilal Researchercybersecurity, hacking, bug-bounty, bug-bounty-writeup, bugbounty-writeup27-Aug-2024
SAML Authentication Bypass Leading to Admin Panel Accesshttps://medium.com/@bilalresearcher/saml-authentication-bypass-leading-to-admin-panel-access-751380db249e?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bugbounty-writeup, cybersecurity, bug-bounty-writeup, hacking27-Aug-2024
Critical Security Vulnerability Discovered on Reserve Bank of India’s Website: A Wake-Up Call…https://medium.com/@psychomong/critical-security-vulnerability-discovered-on-reserve-bank-of-indias-website-a-wake-up-call-06fd08db0559?source=rss------bug_bounty-5psychomongbugs, hacker, bug-bounty, no-rate-limit, hacking27-Aug-2024
Day 20 0f 30 Days — 30 Vulnerabilities | Host Header Injectionhttps://medium.com/@kumawatabhijeet2002/day-20-0f-30-days-30-vulnerabilities-host-header-injection-9bc006b4734c?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-writeup, bug-bounty, host-header-injection, bug-bounty-tips, hostattack27-Aug-2024
Day 19 of 30 Days — 30 Vulnerabilities | Rate Limiting Bypasshttps://medium.com/@kumawatabhijeet2002/day-19-of-30-days-30-vulnerabilities-rate-limiting-bypass-896c8e2bdfc1?source=rss------bug_bounty-5Abhijeet kumawat30dayswritingchallenge, bug-bounty-tips, bug-bounty, rate-limit-bypass27-Aug-2024
24.13 Lab: Internal cache poisoninghttps://cyberw1ng.medium.com/24-13-lab-internal-cache-poisoning-2c328e4d4a6d?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing27-Aug-2024
Practical Bug Bounty — TCM Academy | Module 8 pt. 2 (XSS, CMDI)https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-8-pt-2-xss-cmdi-b8728aa5261d?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamibug-bounty, xss-attack, web-penetration-testing, ethical-hacking, cybersecutiy27-Aug-2024
$15k RCE Through Monitoring Debug Modehttps://medium.com/@0xold/15k-rce-through-monitoring-debug-mode-4f474d8549d5?source=rss------bug_bounty-50xoldlocal-file-inclusion, pentesting, hacking, bug-bounty, rce27-Aug-2024
Exploiting IDORs via JSON Globbinghttps://medium.com/@bountyget/exploiting-idors-via-json-globbing-e4c6e2c0535c?source=rss------bug_bounty-5Dhiren Kumar Pradhanpenetration-testing, idor, bug-bounty-tips, bug-bounty, bug-bounty-writeup27-Aug-2024
How i get OTP bypass leads to ATOhttps://kiraadx.medium.com/how-i-get-otp-bypass-leads-to-ato-a7645ade3a90?source=rss------bug_bounty-5KiRaaDxbug-bounty-tips, bug-bounty, bug-bounty-writeup27-Aug-2024
Discovering Two Out-of-Scope Blind/Stored XSS Vulnerabilities in an Admin Panel on a Public Bug…https://medium.com/@octayus/discovering-two-out-of-scope-blind-stored-xss-vulnerabilities-in-an-admin-panel-on-a-public-bug-c0262fa35238?source=rss------bug_bounty-5OctaYusbug-bounty, python, xss-attack, penetration-testing, cybersecurity27-Aug-2024
CSRF Bypass Using Domain Confusion Leads To ATOhttps://infosecwriteups.com/csrf-bypass-using-domain-confusion-leads-to-ato-ac682dd17722?source=rss------bug_bounty-5Osama Alybug-bounty, cybersecurity, hackerone27-Aug-2024
How did I manage to get my first p2 vulnerability using only ffufhttps://medium.com/@loayahmed686/how-did-i-manage-to-get-my-first-p2-vulnerability-using-only-ffuf-a8a70d965d33?source=rss------bug_bounty-5r00tbug-bounty, cybersecurity27-Aug-2024
Fundora on Testnet Bounty Hunt: Spotting Bugs and Reaping Rewardshttps://gingerjoygames.medium.com/fundora-on-testnet-bounty-hunt-spotting-bugs-and-reaping-rewards-7529ec61b1cc?source=rss------bug_bounty-5Ginger Joy Gamesgames, testnet, mobile-games, web3, bug-bounty27-Aug-2024
Monitoring Gitlab Snippets for secrets with TruffleHoghttps://medium.com/@learntheshell/monitoring-gitlab-snippets-for-secrets-with-trufflehog-5c77281ff5b7?source=rss------bug_bounty-5LearnTheShelltrufflehog, bug-bounty, git, bug-bounty-tips, gitlab27-Aug-2024
How I Got Sensitive Directory Using Shodanhttps://ch4ndan.medium.com/how-i-got-sensitive-directory-using-shodan-10e5b91cda86?source=rss------bug_bounty-5Ch4ndan dasbug-bounty, cybersecurity, bug-bounty-tips, bugs, information-disclosure27-Aug-2024
Unveiling the Secrets of Malware Traffic: Analyzing Malware Infected pcap with Wiresharkhttps://medium.com/@dsksatheesh35/unveiling-the-secrets-of-malware-traffic-analyzing-malware-infected-pcap-with-wireshark-5989a9b013fd?source=rss------bug_bounty-5D Satheesh Kumarmalware-analysis, bug-bounty, cybersecurity, wireshark, network-security27-Aug-2024
HTML Injection in email via fname fieldhttps://medium.com/@hossam_hamada/html-injection-in-email-via-fname-field-564c3657e8ad?source=rss------bug_bounty-5Hossam Hamadapenetration-testing, bug-bounty, hackerone, bugcrowd, html-injection27-Aug-2024
How I Took Over Two Subdomains: A Step-by-Step Guidehttps://medium.com/@0xSphinx/how-i-took-over-two-subdomains-a-step-by-step-guide-df5d9eecbb2e?source=rss------bug_bounty-50xSphinxcybersecurity, security, aws, hacking, bug-bounty27-Aug-2024
Day 17 of 30 Days — 30 Vulnerabilities | Path/Directory Traversalhttps://medium.com/@kumawatabhijeet2002/day-17-of-30-days-30-vulnerabilities-path-directory-traversal-008e92c07f23?source=rss------bug_bounty-5Abhijeet kumawat30dayswritingchallenge, bug-bounty-tips, path-traversal, bug-bounty26-Aug-2024
Thief Raccoon — Login Phishing Toolhttps://medium.com/@bountyget/thief-raccoon-login-phishing-tool-59c574687aae?source=rss------bug_bounty-5Bountygetpython3, infosec, info-sec-writeups, bug-bounty, penetration-testing26-Aug-2024
From Developer to Hacker — Entering the Red teamhttps://medium.com/@jonathanmondaut/from-developer-to-hacker-entering-the-red-team-8b50989b9464?source=rss------bug_bounty-5Jonathan Mondautbug-bounty, youtube, networking, twitter, cybersecurity26-Aug-2024
New Malware Uses PHP Exploit to Backdoor Windows Systems - Stay Informed!https://medium.com/@realahmedmoses/new-malware-uses-php-exploit-to-backdoor-windows-systems-stay-informed-8df12e89391a?source=rss------bug_bounty-5Moses Ahmedtechnology, bug-bounty, data-science, cybersecurity, programming26-Aug-2024
Password Reset Glitch Leads to Instant Account Takeoverhttps://bevijaygupta.medium.com/password-reset-glitch-leads-to-instant-account-takeover-a4e67b667eaf?source=rss------bug_bounty-5Vijay Guptavulnerability, reset, bug-bounty, passwords, glitch26-Aug-2024
DNS enumeration methodology and techniqueshttps://systemweakness.com/dns-enumeration-methodology-and-techniques-1945fa4164fd?source=rss------bug_bounty-5Harsh Hatejkali-linux, cybersecurity, linux, subdomains-enumeration, bug-bounty26-Aug-2024
Account Take Over | P1 — Criticalhttps://irsyadsec.medium.com/account-take-over-p1-critical-5468ce8218b9?source=rss------bug_bounty-5Irsyad Muhammad Fawwazwriteup, bugcrowd, bug-bounty, cybersecurity, bug-bounty-tips26-Aug-2024
Understanding Robots.txt: The Key to Managing Web Crawlershttps://medium.com/@kanishk.k1410/understanding-robots-txt-the-key-to-managing-web-crawlers-04eda892ec92?source=rss------bug_bounty-5Kanishk Kumarinformation-technology, investigation, cybersecurity, osint, bug-bounty26-Aug-2024
Hacking My College panel using University Website Like a Prohttps://medium.com/@RaunakGupta1922/hacking-my-college-panel-using-university-website-like-a-pro-9dd075133dce?source=rss------bug_bounty-5Raunak Gupta Aka Biscuithacking, bugbounty-writeup, college, cybersecurity, bug-bounty26-Aug-2024
Exposing Hidden Risks: Uncovering Sensitive Data on a Government Website using Google Dorkshttps://medium.com/@sulmanfarooq531/exposing-hidden-risks-uncovering-sensitive-data-on-a-government-website-using-google-dorks-51748e4f3695?source=rss------bug_bounty-5Sulman Farooq Scybersecurity, government, google-dork, google, bug-bounty26-Aug-2024
“Like” Bypass on Customer Reviews — €500 bountyhttps://medium.com/@asharm.khan7/like-bypass-on-customer-reviews-500-bounty-b8d45a98c096?source=rss------bug_bounty-5Ashar Mahmoodhacking-for-defense, ethical-hacking, bug-bounty, bug-bounty-tips, hacking26-Aug-2024
Best Attack Surface Visualization Toolshttps://netlas.medium.com/best-attack-surface-visualization-tools-8034e681807d?source=rss------bug_bounty-5Netlas.iobug-bounty, penetration-testing, attack-surface, cybersecurity, attack-surface-management26-Aug-2024
Meet Dobby: Your New Bug Bounty Assistanthttps://medium.com/@h3llbl4ckk/meet-dobby-your-new-bug-bounty-assistant-f5bebfeb7607?source=rss------bug_bounty-5Mehmet Kayacybersecurity, github, open-source, hacking, bug-bounty26-Aug-2024
Account Takeover (Same OTP)https://medium.com/@raxomara/account-takeover-same-otp-81bfba35d9b3?source=rss------bug_bounty-5Raxomaraaccount-takeover, bug-bounty-tips, cybersecurity, bug-bounty, race-condition26-Aug-2024
WebSec — CSRF/XSRF (Cross-Site Request Forgery)https://medium.com/@meryemddalgali/websec-csrf-xsrf-cross-site-request-forgery-6c048c6323d1?source=rss------bug_bounty-5Meryem Dalgalıbug-bounty, web-security, xsrf, csrf-attack, vulnerability26-Aug-2024
24.12 Lab: Cache key injection vulnerabilitieshttps://cyberw1ng.medium.com/24-12-lab-cache-key-injection-vulnerabilities-22429a13eebf?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, cybersecurity, penetration-testing26-Aug-2024
Day 18 of 30 Days — 30 Vulnerabilities | Insecure Deserializationhttps://medium.com/@kumawatabhijeet2002/day-18-of-30-days-30-vulnerabilities-insecure-deserialization-29656c0d212a?source=rss------bug_bounty-5Abhijeet kumawatserialization, insecure-design, 30dayswritingchallenge, bug-bounty-tips, bug-bounty26-Aug-2024
How I was able to give verification badge to any YouTube channel and bypass needed requirementshttps://xtt0k.medium.com/how-i-was-able-to-give-verification-badge-to-any-youtube-channel-and-bypass-needed-requirements-b88855afe4b7?source=rss------bug_bounty-5Vojtech Cekalyoutube, bug-bounty, bounty-hunter, bugs, vulnerability26-Aug-2024
OSINT, ChatGPT, and Password Spraying to Takeover System Administrator Accounthttps://medium.com/@mmaulanaabdullah/osint-chatgpt-and-password-spraying-to-takeover-system-administrator-account-b0a6295edbbc?source=rss------bug_bounty-5M Maulana Abdullahcybersecurity, infosec, chatgpt, ai, bug-bounty26-Aug-2024
How I found XSS and open redirect in Kamiapp.com accidentallyhttps://medium.com/@alimuhammadsecured/how-i-found-xss-and-open-redirect-in-kamiapp-com-accidentally-2ff0d3c2b61b?source=rss------bug_bounty-5Alimuhammadsecuredbbp, ctf, bug-bounty, hacking26-Aug-2024
How do I chain multiple Nuclei templates together in a single scan?https://medium.com/@sherlock297/how-do-i-chain-multiple-nuclei-templates-together-in-a-single-scan-621a3fb8787f?source=rss------bug_bounty-5Ravindra Dagalelinux, bug-bounty, how-to, cybersecurity, tips25-Aug-2024
How to get your first valid bug by reading disclosed reportshttps://anonysm.medium.com/how-to-get-your-first-valid-bug-by-reading-disclosed-reports-2663c9987bf3?source=rss------bug_bounty-5Muthu Dcybersecurity, ethical-hacking, bug-bounty, hacking, penetration-testing25-Aug-2024
Bypass Brute-force IP Blockhttps://icecream23.medium.com/bypass-brute-force-ip-block-870a4329c3be?source=rss------bug_bounty-5Aman Bhuiyanethical-hacking, bypassing, ip, bug-bounty25-Aug-2024
The Evolution of Phishing Attacks: A Growing Cybersecurity Challengehttps://medium.com/@paritoshblogs/the-evolution-of-phishing-attacks-a-growing-cybersecurity-challenge-800b0eeacf00?source=rss------bug_bounty-5Paritoshphishing, hacking, social-media, cybersecurity, bug-bounty25-Aug-2024
Vulnerable WordPress July 2024 (Ash-e_doogh)https://medium.com/@onhexgroup/vulnerable-wordpress-july-2024-ash-e-doogh-c7e71d7d94d5?source=rss------bug_bounty-5Onhexgroupwordpress-security, wordpress, bug-bounty, cybersecurity, infosec25-Aug-2024
Finding origin ip addresshttps://systemweakness.com/finding-origin-ip-address-672ca2e2967b?source=rss------bug_bounty-5loyalonlytodaybugbounty-writeup, bug-bounty, bug-bounty-tips, hacking, penetration-testing25-Aug-2024
Explore Koii Network’s DEPIN world with a $10,000 Bug Bounty rewardhttps://medium.com/coinmonks/explore-koii-networks-depin-world-with-a-10-000-bug-bounty-reward-6a57a5450a44?source=rss------bug_bounty-5xeefoxai, koii, depin, koii-network, bug-bounty25-Aug-2024
Defensive Strategies and Best Practices to Protect Against Web Cache Poisoninghttps://cyberw1ng.medium.com/defensive-strategies-and-best-practices-to-protect-against-web-cache-poisoning-7d9b855658c7?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, penetration-testing, careers25-Aug-2024
HOW TO START IN BUG BOUNTY HUNTINGhttps://medium.com/@gouravrathod8788/how-to-start-in-bug-bounty-hunting-848f5c74807f?source=rss------bug_bounty-5Gourav Singh Rajputcybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty25-Aug-2024
TOP USEFUL CYBR SECURITY & BUG HUNTING TOOLhttps://medium.com/@gouravrathod8788/top-useful-cybr-security-bug-hunting-tool-de9ae281e12f?source=rss------bug_bounty-5Gourav Singh Rajputcybersecurity, hacking-tools, bug-bounty, ethical-hacking, hacking25-Aug-2024
Solving the Prompt Airlines CTFhttps://infosecwriteups.com/solving-the-prompt-airlines-ctf-2235c725050b?source=rss------bug_bounty-5hackerdevilbug-bounty, ctf, ctf-writeup, promptairlines, cybersecurity25-Aug-2024
Hitting the jackpot with RCE!https://medium.com/@gokulsspace/hitting-the-jackpot-with-rce-43755cac1415?source=rss------bug_bounty-5Gokulsspacepentesting, cybersecurity, kerala, ethical-hacking, bug-bounty25-Aug-2024
How I was able to Edit/Read Users Workspaces/Data without any access to ithttps://medium.com/@octayus/how-i-was-able-to-edit-read-users-workspaces-data-without-any-access-to-it-aed616dbde8e?source=rss------bug_bounty-5OctaYusinformation-technology, cybersecurity, infosec, bug-bounty, bounty-program25-Aug-2024
How I got $24000 Bounty from a Log4j RCE in Apple App Store.https://medium.com/@meharhuzaifa777/exploiting-log4j-rce-in-apple-app-store-ca99a549de1f?source=rss------bug_bounty-5Meharhuzaifacybersecurity, bug-bounty-writeup, ethical-hacking, bug-bounty25-Aug-2024
Intruder + Frida to Account Takeoverhttps://medium.com/@bilalresearcher/intruder-frida-to-account-takeover-548d4dd785ef?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-writeup, cybersecurity, bugbounty-writeup, hacking25-Aug-2024
Using E-Notation to bypass Access Control restrictions to access arbitrary user PII-discussionshttps://medium.com/@bilalresearcher/using-e-notation-to-bypass-access-control-restrictions-to-access-arbitrary-user-pii-discussions-d16bbad42394?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, idor, hacking, cybersecurity, bug-bounty25-Aug-2024
PwnOS-1 Walkthroughhttps://erdemstar.medium.com/pwnos-1-walkthrough-fec01bd0e8d4?source=rss------bug_bounty-5Erdemstarbug-bounty, oscp-preparation, oscp, cybersecurity, security25-Aug-2024
Kioptrix Level 4 Walkthroughhttps://erdemstar.medium.com/kioptrix-level-4-walkthrough-96d46095c789?source=rss------bug_bounty-5Erdemstaroscp-preparation, bug-bounty-tips, oscp, cybersecurity, bug-bounty25-Aug-2024
LOLbins / LOLBAS Attack !https://medium.com/@reemmoslem34/lolbins-lolbas-attack-006aad1ac364?source=rss------bug_bounty-5Rem Khalidbug-bounty, cybersecurity, malware, python, cryptocurrency25-Aug-2024
What Really Provides Security in the Cloud?https://medium.com/@paritoshblogs/what-really-provides-security-in-the-cloud-2f0cc83d113a?source=rss------bug_bounty-5Paritoshinformation-technology, bug-bounty, information-security, cybersecurity, infosec24-Aug-2024
Practical Bug Bounty — TCM Academy | Module 8https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-8-44663b4f87e3?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamisqli, bug-bounty, sql-injection, tcm-academy, web-penetration-testing24-Aug-2024
Cross-Site Origin Policy (CORS)https://itsravikiran25.medium.com/cross-site-origin-policy-cors-c82e4b0208f8?source=rss------bug_bounty-5Ravikiraninfosec-write-ups, vulnerability-assessment, cybersecurity, bug-bounty, cors24-Aug-2024
Exploiting Privilege Escalation via Role Parameter Manipulationhttps://medium.com/@tusharpuri6/exploiting-privilege-escalation-via-role-parameter-manipulation-5f8df062eb71?source=rss------bug_bounty-5Tusharpuripenetration-testing, offensive-security, privilege-escalation, application-security, bug-bounty24-Aug-2024
MASS HUNTING TO FIND XSS(CROSS SITE SCRIPTING)https://systemweakness.com/mass-hunting-to-find-xss-cross-site-scripting-27cc687e58e0?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, xss-vulnerability, bugbounty-automation, bug-bounty, bug-bounty-tips24-Aug-2024
Unleash Your Inner Hacker with Koii’s $10,000 Bug Bounty Challengehttps://medium.com/nest-of-rin/unleash-your-inner-hacker-with-koiis-10-000-bug-bounty-challenge-d37c23969df1?source=rss------bug_bounty-5Rinkoii-network, koii, developer, hackathons, bug-bounty24-Aug-2024
Top 5 Vulnerabilities That Can Earn You Big in Bug Bountieshttps://medium.com/@verylazytech/top-5-vulnerabilities-that-can-earn-you-big-in-bug-bounties-4541878d7e19?source=rss------bug_bounty-5Very Lazy Techethical-hacking, cybersecurity, hacking, bug-bounty, cyber24-Aug-2024
What I Learned from Reading 217* Subdomain Takeover Bug Reportshttps://bevijaygupta.medium.com/what-i-learned-from-reading-217-subdomain-takeover-bug-reports-5c6caae2b5da?source=rss------bug_bounty-5Vijay Guptasubdomain, bugs, bug-report, subdomain-takeover, bug-bounty24-Aug-2024
Reset password Checklisthttps://medium.com/@hozayfan782/reset-password-checklist-1ebabdd6c0f3?source=rss------bug_bounty-5Hozayfa Nasserbug-bounty, bug-bounty-writeup, bug-bounty-tips, cybersecurity, research24-Aug-2024
How do I run Nuclei in silent mode to avoid unnecessary output?https://medium.com/@sherlock297/how-do-i-run-nuclei-in-silent-mode-to-avoid-unnecessary-output-25fbb9d2e26d?source=rss------bug_bounty-5Ravindra Dagalenucleus, information-security, bug-bounty, output, how-to24-Aug-2024
Unauthorized Deletion of Forms by Low-Level Unlicensed Users: A 500$ Access Control Bughttps://medium.com/@a13h1/unauthorized-deletion-of-forms-by-low-level-unlicensed-users-a-500-access-control-bug-98dc50c8c193?source=rss------bug_bounty-5Abhi Sharmaprogramming, bug-bounty, infosec, cybersecurity, access-control24-Aug-2024
Essential Resources for Exploiting Web Cache Poisoning: Tools, Techniques, and Learning Materialshttps://cyberw1ng.medium.com/essential-resources-for-exploiting-web-cache-poisoning-tools-techniques-and-learning-materials-cbbef5221392?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, penetration-testing, cybersecurity, bug-bounty24-Aug-2024
Beware of fake bug bounty programs, my real life experiencehttps://harish45.medium.com/beware-of-fake-bug-bounty-programs-my-real-life-experience-ce009d435ed8?source=rss------bug_bounty-5Harishbug-bounty, cybersecurity-awareness, cybersecurity, ethical-hacking, bug-bounty-tips24-Aug-2024
Find Bugs From Google Dorkshttps://ch44nd.medium.com/find-bugs-from-google-dorks-ec574c01471b?source=rss------bug_bounty-5Chandan dasbug-bounty, information-disclosure, bugs, hacking, google-dork24-Aug-2024
One-click Account Take Overhttps://medium.com/@bilalresearcher/one-click-account-take-over-50e4128c990d?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, hacking, bug-bounty-tips, bugbounty-writeup, bug-bounty24-Aug-2024
0-click Full Account Takeoverhttps://medium.com/@bilalresearcher/0-click-full-account-takeover-0ddc951e14ae?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bug-bounty, hacking, bug-bounty-tips, bugbounty-writeup24-Aug-2024
Drupal Website Takeover | Admin Dashboardhttps://medium.com/@bilalresearcher/drupal-website-takeover-admin-dashboard-6ae4a34d0689?source=rss------bug_bounty-5Bilal Researcherhacking, bug-bounty-writeup, bug-bounty-tips, bugbounty-writeup, bug-bounty24-Aug-2024
STRIPE Live Key Exposed:: Bounty: $1000https://medium.com/@bilalresearcher/stripe-live-key-exposed-bounty-1000-57018f1d4520?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-writeup, bug-bounty-program, hacking, bug-bounty-tips24-Aug-2024
[GraphQL IDOR]Leaking credit card information of 1000s of users [External Audit]https://medium.com/@bilalresearcher/graphql-idor-leaking-credit-card-information-of-1000s-of-users-external-audit-1404256b761f?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, hacking, bugbounty-writeup, bug-bounty-tips, bug-bounty24-Aug-2024
Exposing Database Creds via SVN: A $400 Discoveryhttps://medium.com/@bilalresearcher/exposing-database-creds-via-svn-a-400-discovery-fa7c2de288bf?source=rss------bug_bounty-5Bilal Researcherbug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking, bugbounty-writeup24-Aug-2024
SQL Injections for bug bountyhttps://medium.com/@boogsta/sql-injections-for-bug-bounty-3a608babd9b1?source=rss------bug_bounty-5Boogstahacking, bug-bounty, cybersecurity, programming, cyber24-Aug-2024
Chain of Rate Limit Bypass and Weak Token Expiry Leads To Account Take Overhttps://medium.com/@bilalresearcher/chain-of-rate-limit-bypass-and-weak-token-expiry-leads-to-account-take-over-0cf794fef31c?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-writeup, bugbounty-writeup, bug-bounty-tips, hacking24-Aug-2024
CSRF Bypass Combined with IDOR To Complete Account Takeover!https://medium.com/@bilalresearcher/csrf-bypass-combined-with-idor-to-complete-account-takeover-588b34b9cf60?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bug-bounty-tips, bug-bounty, hacking, bugbounty-writeup24-Aug-2024
User information disclosure via message reactionshttps://medium.com/@bilalresearcher/user-information-disclosure-via-message-reactions-affc72cfd8de?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, hacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty24-Aug-2024
IDOR Lead to Data Leakhttps://medium.com/@bilalresearcher/idor-lead-to-data-leak-6943ade0a3d6?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-tips, bugbounty-writeup, bug-bounty-writeup, hacking24-Aug-2024
XSS & IDOR & CSRF to ATOhttps://medium.com/@bilalresearcher/xss-idor-csrf-to-ato-0e898876789d?source=rss------bug_bounty-5Bilal Researcherbug-bounty-tips, bug-bounty-writeup, hacking, bugbounty-writeup, bug-bounty24-Aug-2024
How I Turned a Rate-Limit Bypass into an Account Takeoverhttps://medium.com/@bilalresearcher/how-i-turned-a-rate-limit-bypass-into-an-account-takeover-5a50b0f4dc6a?source=rss------bug_bounty-5Bilal Researcherbug-bounty-tips, bugbounty-writeup, bug-bounty-writeup, hacking, bug-bounty24-Aug-2024
$$$ Bypassing SSRF Restrictions on a Google Product: A Journey Through DNS Rebindinghttps://medium.com/@bilalresearcher/bypassing-ssrf-restrictions-on-a-google-product-a-journey-through-dns-rebinding-caaf00ebe479?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, bug-bounty-writeup, bug-bounty-tips, bug-bounty, hacking24-Aug-2024
Discovering a Session Persistence Vulnerability That Led to a $$$$ Bountyhttps://medium.com/@bilalresearcher/discovering-a-session-persistence-vulnerability-that-led-to-a-bounty-bbf3dd526f01?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, bug-bounty-tips, hacking, bug-bounty-writeup, bug-bounty24-Aug-2024
Bypassing methods that I used to find CSRF vulnerabilitieshttps://medium.com/@bilalresearcher/bypassing-methods-that-i-used-to-find-csrf-vulnerabilities-0709cc8a3c4d?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bugbounty-writeup, bug-bounty, bug-bounty-tips, hacking24-Aug-2024
Mobile Pentesting: A Walkthrough of the First 10 Challenges on Injured Android App-Part1https://medium.com/@mly57003/mobile-pentesting-a-walkthrough-of-the-first-10-challenges-on-injured-android-app-part1-0e85c600494f?source=rss------bug_bounty-5mohamed alibug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-hunter24-Aug-2024
Can AI and ML Stop Cyber Attacks?https://medium.com/@paritoshblogs/can-ai-and-ml-stop-cyber-attacks-291c6425d0e8?source=rss------bug_bounty-5Paritoshai, cybersecurity, machine-learning, bug-bounty, chatgpt23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-81)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-81-833084004f21?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, money, cybersecurity, hacking23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-80)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-80-ae2ad3c7f971?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, bug-bounty, hacking, money23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-79)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-79-415c1bd4f7c3?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, hacking, money, ethical-hacking, cybersecurity23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-78)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-78-85e87ffc94f9?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, money, cybersecurity, hacking23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-77)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-77-b9b1354812cc?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, bug-bounty, cybersecurity, money, hacking23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-76)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-76-07a4d8f583c0?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, bug-bounty, cybersecurity, skills, hacking23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-75)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-75-8d5930bd46dc?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, skills, hacking, ethical-hacking, bug-bounty23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-74)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-74-778fd4767e52?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, bug-bounty, ethical-hacking, hacking, skills23-Aug-2024
Elevate Your Cybersecurity Skills with Expert Training and Penetration Testing!https://imranthe3rd3ye.medium.com/elevate-your-cybersecurity-skills-with-expert-training-and-penetration-testing-b16e8b122642?source=rss------bug_bounty-5Md. Imran Chowdhurylearn-hacking, ethical-hacking, penetration-testing, kali-linux, bug-bounty23-Aug-2024
Monitoring Gists for secrets with Trufflehoghttps://medium.com/@learntheshell/monitoring-gists-with-trufflehog-612b7d9dbab5?source=rss------bug_bounty-5LearnTheShellgithub, git, bug-bounty, trufflehog, bug-bounty-tips23-Aug-2024
Hidden in Plain Sight: Uncovering RCE on a Forgotten Axis2 Instancehttps://medium.com/@domenicoveneziano/hidden-in-plain-sight-uncovering-rce-on-a-forgotten-axis2-instance-86ddc91f1415?source=rss------bug_bounty-5Domenico Venezianobug-bounty-tips, bug-bounty-writeup, bug-bounty23-Aug-2024
Finally, SSL Pinning for Flutter Bypassed After Frustration..https://wahaz.medium.com/finally-ssl-pinning-for-flutter-bypassed-after-frustration-4573e15ed18e?source=rss------bug_bounty-5Rizaldi Wahazbug-bounty, cybersecurity, hacking, flutter, penetration-testing23-Aug-2024
How I Got an Appreciation Letter from NASA for Finding a Simple Bughttps://infosecwriteups.com/how-i-got-an-appreciation-letter-from-nasa-for-finding-a-simple-bug-8812852d0337?source=rss------bug_bounty-5Om Arorabug-bounty, programming, technology, cybersecurity, infosec23-Aug-2024
Web Cache Poisoning: Understanding the Threat and How to Protect Your Websitehttps://cyberw1ng.medium.com/web-cache-poisoning-understanding-the-threat-and-how-to-protect-your-website-82ebaba2f0e8?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, hacking, careers, bug-bounty23-Aug-2024
Day 16 of 30 Days — 30 Vulnerabilities | Subdomain Takeoverhttps://medium.com/@kumawatabhijeet2002/day-16-of-30-days-30-vulnerabilities-subdomain-takeover-01088ad1d525?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, subdomain-takeover, bug-bounty, 30dayswritingchallenge23-Aug-2024
how i got into the server of our university.https://medium.com/@mesterx54/how-i-got-into-the-server-of-our-university-aae2782bcc64?source=rss------bug_bounty-5Abdeladime Mk (mesterx54)bug-bounty, rce, bug-bounty-tips, sqli, pentesting23-Aug-2024
Stealing Admin Cookies: An XSS Challenge from TCM Security’s Practical Bug Bounty Coursehttps://medium.com/@trixiahorner/stealing-admin-cookies-an-xss-challenge-from-tcm-securitys-practical-bug-bounty-course-b08a990cca84?source=rss------bug_bounty-5Trixia Hornerpenetration-testing, ethical-hacking, hacking, cybersecurity, bug-bounty23-Aug-2024
Boost Subdomain Discovery with Subfinder and API Integrationshttps://saurabh-jain.medium.com/integrating-shodan-and-censys-api-keys-into-subfinder-c28452af2efb?source=rss------bug_bounty-5Saurabh Jainbug-bounty-writeup, bug-bounty, subdomains-enumeration, subfinder, hacking23-Aug-2024
Response Manipulation FTW: Understanding and Exploiting Response Manipulationhttps://medium.com/@security.tecno/response-manipulation-ftw-understanding-and-exploiting-response-manipulation-6ad2d81f2eb4?source=rss------bug_bounty-5TECNO Securitysecurity, reserach, hacking, bug-bounty22-Aug-2024
10 Secrets Ethical Hackers Don’t Want You to Know (But We’re Revealing Them Anyway!)https://medium.com/@paritoshblogs/10-secrets-ethical-hackers-dont-want-you-to-know-but-we-re-revealing-them-anyway-094ca920c3d8?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, hacking, information-technology, ethical-hacking22-Aug-2024
CORRUPT SEBI INDIA JEOPARDIZING DIRECTOES FINANCIAL INFO, ZOMATO BUG BOUNTY HACKERONE FRAUDhttps://medium.com/@krivadna_87390/corrupt-sebi-india-jeopardizing-directoes-financial-info-zomato-bug-bounty-hackerone-fraud-f27145ccfad8?source=rss------bug_bounty-5Krivadnaandroid, social-media, bug-bounty, cybersecurity, bugbounty-writeup22-Aug-2024
Grep tips for Javascript Analysis | Bug Bountyhttps://0xmaruf.medium.com/grep-tips-for-javascript-analysis-bug-bounty-7dce88266121?source=rss------bug_bounty-5Md Maruf Hosan (0xMaruf)cybersecurity, bug-bounty-tips, bug-bounty22-Aug-2024
TESLA MOTORS VIN NUMBER LEAK THROUGH IT’S API ENDPOINT, THEY CALL IT NO SECURITY IMPACT..https://medium.com/@krivadna_87390/tesla-motors-vin-number-leak-through-its-api-endpoint-they-call-it-no-security-impact-bb30fb5f1314?source=rss------bug_bounty-5Krivadnaandroid, bug-bounty, penetration-testing, bugbounty-writeup, cybersecurity22-Aug-2024
CORRUPT SEBI INDIA JEOPARDIZING DIRECTOR'S FINANCIAL INFO • PAN NUMBER LEAK ZOMATO BUG BOUNTY…https://medium.com/@krivadna_87390/corrupt-sebi-india-jeopardizing-directoes-financial-info-zomato-bug-bounty-hackerone-fraud-f27145ccfad8?source=rss------bug_bounty-5Krivadnaandroid, social-media, bug-bounty, cybersecurity, bugbounty-writeup22-Aug-2024
Exposing Source Code via SVN: A $400 Discoveryhttps://infosecwriteups.com/exposing-source-code-via-svn-a-400-discovery-9fc54b3f3f31?source=rss------bug_bounty-5Vipul Sahubug-bounty-tips, bug-bounty, information-security, cybersecurity22-Aug-2024
安全賞金計劃來了,獎金最高達¥6000!https://medium.com/@AdsPowerHK/%E5%AE%89%E5%85%A8%E8%B3%9E%E9%87%91%E8%A8%88%E5%8A%83%E4%BE%86%E4%BA%86-%E7%8D%8E%E9%87%91%E6%9C%80%E9%AB%98%E9%81%94-6000-672c3dcf1483?source=rss------bug_bounty-5AdsPower 指紋瀏覽器adspower, 指纹浏览器, 漏洞, bug-bounty, 指纹浏览器ip22-Aug-2024
Automating the Hunt for Reflected XSS: Essential One-Liners for Web Securityhttps://medium.com/@garvsanwariya60/automating-the-hunt-for-reflected-xss-essential-one-liners-for-web-security-025bbd82f95d?source=rss------bug_bounty-5Garvsanwariyaxss-attack, cybersecurity, hacking, web-security, bug-bounty22-Aug-2024
Instagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts Centerhttps://medium.com/@scriptshuva/instagram-and-meta-2fa-bypass-by-unprotected-backup-code-retrieval-in-accounts-center-c735ff650f10?source=rss------bug_bounty-5Shuva Sahabug-bounty-writeup, bug-bounty, facebook-bug-bounty, 2fa-bypass, meta-bug-bounty22-Aug-2024
Exposing Database Creds via SVN: A $400 Discoveryhttps://infosecwriteups.com/exposing-source-code-via-svn-a-400-discovery-9fc54b3f3f31?source=rss------bug_bounty-5Vipul Sahubug-bounty-tips, bug-bounty, information-security, cybersecurity22-Aug-2024
How I can easily get four P1 at NASA using Simple Google Dorking.https://k4tedu.medium.com/how-i-can-easily-get-four-p1-at-nasa-using-simple-google-dorking-d4457bec1971?source=rss------bug_bounty-5k4tedubug-bounty, dorking, penetration-testing, nasa-vdp, pentest-web22-Aug-2024
WebSec — SSTI (Server Site Template Injection)https://medium.com/@meryemddalgali/websec-ssti-server-site-template-injection-1a9603caa51e?source=rss------bug_bounty-5Meryem Dalgalıvulnerability, application-security, bug-bounty, pentest-learnings, web-security22-Aug-2024
Bypassing methods that I used to find CSRF vulnerabilitieshttps://anonysm.medium.com/bypassing-methods-that-i-used-to-find-csrf-vulnerabilities-b7dbf88cdb0a?source=rss------bug_bounty-5Muthu Dcybersecurity, ethical-hacking, hacking, bug-bounty, penetration-testing22-Aug-2024
How I Found Vulnerabilities in NASA and Got into the Hall of Fame — 4 Bugshttps://infosecwriteups.com/how-i-found-vulnerabilities-in-nasa-and-got-into-the-hall-of-fame-4-bugs-78e0fc4cc5cc?source=rss------bug_bounty-5Karthikeyan Nagarajhall-of-fame, careers, cybersecurity, bug-bounty, hacking22-Aug-2024
Easy Bug | Email Spoofinghttps://saeidmicro.medium.com/easy-bug-email-spoofing-5d1bfc1a885e?source=rss------bug_bounty-5Saeid Khaterbug-bounty22-Aug-2024
Blind SSRFhttps://saeidmicro.medium.com/blind-ssrf-ee5f0e6ed86f?source=rss------bug_bounty-5Saeid Khaterbug-bounty22-Aug-2024
Battle of the Web Security Titans: Burp Suite vs. OWASP ZAPhttps://shaifsec.medium.com/battle-of-the-web-security-titans-burp-suite-vs-owasp-zap-e3da58d36203?source=rss------bug_bounty-5Shaif Alipenetration-testing, bug-bounty, web-security, cybersecurity, shaifsec22-Aug-2024
Advanced Web Cache Poisoning Techniques (Part 2): Tools, Methods, and Exploitshttps://medium.com/@dsmodi484/advanced-web-cache-poisoning-techniques-part-2-tools-methods-and-exploits-d35619d4bd75?source=rss------bug_bounty-5Dishant Modiresources, vulnerability, web-cache-poisoning, bug-bounty, methodology21-Aug-2024
Secrets of Red Teaming: Must-Know Tips and Tricks for Beginners!https://medium.com/@paritoshblogs/secrets-of-red-teaming-must-know-tips-and-tricks-for-beginners-7a0dbf8eb021?source=rss------bug_bounty-5Paritoshred-teaming, hacking, bug-bounty, pentesting, cybersecurity21-Aug-2024
Beyond the Login The Path Traversal Attackhttps://medium.com/@rajqureshi07/beyond-the-login-the-path-traversal-attack-30c1cfc09b3a?source=rss------bug_bounty-5Raj Qureshibug-bounty, information-technology, infosec, bug-bounty-tips, information-security21-Aug-2024
Deploying Rust Smart Contractshttps://medium.com/@bugbountydegen/deploying-rust-smart-contracts-7a22e04c4cd9?source=rss------bug_bounty-5bugbountydegenrust, bug-bounty, smart-contract-security, blockchain21-Aug-2024
Forging a Path to Account Takeover: Copy Password Reset Link Vulnerability worth $$$$.https://medium.com/@bilalresearcher/forging-a-path-to-account-takeover-copy-password-reset-link-vulnerability-worth-3135c3df60d6?source=rss------bug_bounty-5Bilal Researcherbug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking, cybersecurity21-Aug-2024
[Account Take Over] through reset password token leaked in response, 2500 € Rewardhttps://medium.com/@bilalresearcher/account-take-over-through-reset-password-token-leaked-in-response-2500-reward-97cc22d0b65d?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-writeup, cybersecur, hacking, bugbounty-writeup21-Aug-2024
Discovering a $5000 RCE via Dependency Confusion Vulnerabilityhttps://medium.com/@bilalresearcher/discovering-a-5000-rce-via-dependency-confusion-vulnerability-9a1cd88ddb0c?source=rss------bug_bounty-5Bilal Researcherbug-bounty, cybersecurity, hacking, bug-bounty-tips, bug-bounty-writeup21-Aug-2024
A Simple 2FA Bypasshttps://medium.com/@bilalresearcher/a-simple-2fa-bypass-368a2861c6df?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bug-bounty, hacking, bug-bounty-tips, cybersecurity21-Aug-2024
Account Takeover using IDOR in Password reset Functionalityhttps://medium.com/@bilalresearcher/account-takeover-using-idor-in-password-reset-functionality-b736a85f4f02?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bugbounty-writeup, cybersecurity, info-sec-writeups, bug-bounty-writeup21-Aug-2024
How I got my first $13500 bounty through Parameter Polluting (HPP)https://medium.com/@bilalresearcher/how-i-got-my-first-13500-bounty-through-parameter-polluting-hpp-237bd8cdfeff?source=rss------bug_bounty-5Bilal Researcherbug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty, cybersecurity21-Aug-2024
Authorization bypass due to cache misconfigurationhttps://rikeshbaniya.medium.com/authorization-bypass-due-to-cache-misconfiguration-fde8b2332d2d?source=rss------bug_bounty-5Rikesh Baniyasecurity-research, bug-bounty-writeup, hackerone, bug-bounty-tips, bug-bounty21-Aug-2024
The Future of Web Cache Poisoning Defense: Anticipating New Threats and Adopting Next-Generation…https://cyberw1ng.medium.com/the-future-of-web-cache-poisoning-defense-anticipating-new-threats-and-adopting-next-generation-56a62d115bcd?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, bug-bounty, hacking21-Aug-2024
Race Condition on Likes of Product Leads to Products can appear more popularhttps://medium.com/@omdubey170/race-condition-on-likes-of-product-leads-to-products-can-appear-more-popular-a39038d16203?source=rss------bug_bounty-5Omdubeycache, bug-bounty-tips, security, bug-bounty, race-condition21-Aug-2024
Authorization bypass due to cache misconfigurationhttps://medium.com/@bilalresearcher/authorization-bypass-due-to-cache-misconfiguration-7407aa1c6374?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, bug-bounty-writeup, bug-bounty, hacking, cybersecurity21-Aug-2024
Day 15 of 30 Days — 30 Vulnerabilities | ClickJackinghttps://medium.com/@kumawatabhijeet2002/day-15-of-30-days-30-vulnerabilities-clickjacking-33e38c25d528?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, 30-day-challenge, bug-bounty-tips, 30dayswritingchallenge, clickjacking20-Aug-2024
Information Disclosure : 80+ Emails and LongID Disclosed !!https://pushkarhax.medium.com/information-disclosure-80-emails-and-longid-disclosed-8952e2c6978b?source=rss------bug_bounty-5Pushkar Nandwalkarbugbounty-tips, offensive-security, bug-bounty, cybersecurity, hacking20-Aug-2024
Unveiling a Critical Vulnerability: Exposing AWS Credentials in a Penetration Testhttps://notifybugme.medium.com/unveiling-a-critical-vulnerability-exposing-aws-credentials-in-a-penetration-test-2f7119a7c816?source=rss------bug_bounty-5Santosh Kumar Sha (@killmongar1996)penetration-testing, bug-bounty, ethical-hacking, security, aws20-Aug-2024
How a Lazy Bug Bounty Hunter got a place on NASA HOF ( An XSS Story).https://medium.com/@trffnsec/how-a-lazy-bug-bounty-hunter-got-a-place-on-nasa-hof-an-xss-story-e14fccc326e2?source=rss------bug_bounty-5Augustinetriffinxss-attack, bug-bounty, cybersecurity, hacking, nasa20-Aug-2024
How a Lazy Bug Bounty Hunter got a place on NASA HOF ( An XSS Story).https://medium.com/@trffnsec/how-a-lazy-bug-bounty-hunter-got-a-place-on-nasa-hof-an-xss-story-e14fccc326e2?source=rss------bug_bounty-5TrffnSecxss-attack, bug-bounty, cybersecurity, hacking, nasa20-Aug-2024
My first XSS: Reflected XSS in hidden parameterhttps://anonysm.medium.com/my-first-xss-reflected-xss-in-hidden-parameter-4142a02edfb1?source=rss------bug_bounty-5Muthu Dcybersecurity, hacking, penetration-testing, ethical-hacking, bug-bounty20-Aug-2024
cyberseReal-World Applications and Case Studies: Combating Web Cache Poisoning in Complex…https://cyberw1ng.medium.com/cybersereal-world-applications-and-case-studies-combating-web-cache-poisoning-in-complex-5bf41b0073c1?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, hacking, bug-bounty20-Aug-2024
Invitation link hijacking on a bug bounty programhttps://harish45.medium.com/invitation-link-hijacking-on-a-bug-bounty-program-50d3b92d5532?source=rss------bug_bounty-5Harishhackerone, bugcrowd, bug-bounty, bug-bounty-tips, ethical-hacking20-Aug-2024
Best Directory Brute-forcing Tools for Beginner Bug Huntershttps://medium.com/@josuofficial327/best-directory-brute-forcing-tools-for-beginner-bug-hunters-3388dd97c055?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuethical-hacking, bug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup19-Aug-2024
0-click Full Account Takeoverhttps://dynnyd20.medium.com/0-click-full-account-takeover-9bb6b4d692a9?source=rss------bug_bounty-5dynnyd20cybersecurity, pentest, ato, bug-bounty, pentesting19-Aug-2024
Beyond Web Caching Vulnerabilitieshttps://medium.com/@0xAwali/beyond-web-caching-vulnerabilities-c617d8cdbb85?source=rss------bug_bounty-5Mahmoud M. Awaliweb-security, bug-bounty19-Aug-2024
Discovering a Session Persistence Vulnerability That Led to a $$$$ Bountyhttps://anonysm.medium.com/discovering-a-session-persistence-vulnerability-225e4b38e605?source=rss------bug_bounty-5Muthu Dcybersecurity, penetration-testing, infosec, bug-bounty, ethical-hacking19-Aug-2024
Advanced Techniques for Mitigating Web Cache Poisoning Attackshttps://cyberw1ng.medium.com/advanced-techniques-for-mitigating-web-cache-poisoning-attacks-8f818fd7eb00?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, cybersecurity, bug-bounty, penetration-testing19-Aug-2024
How to Bypass Company Email Feature While Creating an Accounthttps://medium.com/@josuofficial327/how-to-bypass-company-email-feature-while-creating-an-account-f792b37a231f?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty-hunter, cybersecurity, bug-bounty-tips, vulnerability, bug-bounty18-Aug-2024
BugBounty WriteUp — Creative thinking is our everything (Race Condition + Business Logic Error)https://medium.com/@bilalresearcher/bugbounty-writeup-creative-thinking-is-our-everything-race-condition-business-logic-error-c7cfcc6d9125?source=rss------bug_bounty-5Bilal Researcherhacking, writeup, bug-bounty, penetration-testing, programming18-Aug-2024
Bug Bounty Writeup: $2500 Reward for Session Hijack via Chained Attackhttps://medium.com/@bilalresearcher/bug-bounty-writeup-2500-reward-for-session-hijack-via-chained-attack-b5ad443bc9b9?source=rss------bug_bounty-5Bilal Researcherethical-hacking, cybersecurity, xss-attack, bug-bounty-tips, bug-bounty18-Aug-2024
How Automation Detected Default Admin Credential Worth $500https://medium.com/@bilalresearcher/how-automation-detected-default-admin-credential-worth-500-9f2c3ed460c4?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bug-bounty, bug-bounty-tips, cybersecurity18-Aug-2024
Accessing deleted comment for $$: A Bug Bounty Writeuphttps://medium.com/@bilalresearcher/accessing-deleted-comment-for-a-bug-bounty-writeup-085e836660c1?source=rss------bug_bounty-5Bilal Researchercybersecurity, bug-bounty, writeup, bug-bounty-tips, bug-bounty-writeup18-Aug-2024
PII Disclosure Worth $750https://medium.com/@bilalresearcher/pii-disclosure-worth-750-1f9caeac484f?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-tips, bugbounty-writeup, cybersecurity, bug-bounty-writeup18-Aug-2024
Burp Suite Filtering Trick — Reducing Log Noise with TLS Pass-Throughhttps://systemweakness.com/burp-suite-filtering-trick-reducing-log-noise-with-tls-pass-through-468d00fbc7dc?source=rss------bug_bounty-5Khaleel Khanethical-hacking, infosec, bug-bounty-tips, cybersecurity, bug-bounty18-Aug-2024
Day 15 of 30 Days — 30 Vulnerabilities | ClickJackinghttps://it4chis3c.medium.com/day-15-of-30-days-30-vulnerabilities-clickjacking-592505aff54d?source=rss------bug_bounty-5It4chis3cweb-security, bug-bounty, clickjacking, 30dayswritingchallenge, bug-bounty-tips18-Aug-2024
How I Bypassed 2FA and Earned My First Bounty $$$https://anonysm.medium.com/how-i-bypassed-2fa-and-earned-my-first-bounty-3fdc58938347?source=rss------bug_bounty-5Muthu Dcybersecurity, bug-bounty, ethical-hacking, hacking, penetration-testing18-Aug-2024
SQL Vulnerability in WordPress Automatic Plugin (CVE-2024–27956)https://roadtooscp.medium.com/sql-vulnerability-in-wordpress-automatic-plugin-cve-2024-27956-3635f1d32b4e?source=rss------bug_bounty-5RoadToOSCPbug-bounty, penetration-testing, wordpress-plugins, ethical-hacking, wordpress-security18-Aug-2024
HTML Injection in Mobile App Support Ticket Form on target.techhttps://medium.com/@shobitsharma/html-injection-in-mobile-app-support-ticket-form-on-target-tech-f45d2de510af?source=rss------bug_bounty-5Shobit Sharmahtml-injection, owasp, bug-bounty, vulnerability, bug-bounty-tips18-Aug-2024
Advanced Techniques and Emerging Trends in Web Cache Poisoninghttps://cyberw1ng.medium.com/advanced-techniques-and-emerging-trends-in-web-cache-poisoning-d2c8d3807d46?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing18-Aug-2024
Title: Mastering CSRF Exploits with Port Swigger Academy Lab: How to Bypass SameSite Strict via…https://medium.com/@dsksatheesh35/title-mastering-csrf-exploits-with-port-swigger-academy-lab-how-to-bypass-samesite-strict-via-7976c3f42d12?source=rss------bug_bounty-5D Satheesh Kumarpenetration-testing, bug-bounty, csrf-attack, csrf-bypass, ctf-walkthrough18-Aug-2024
Day 14 of 30 Days — 30 Vulnerabilities | HTTP Parameter Pollution (HPP) Vulnerabilityhttps://medium.com/@kumawatabhijeet2002/day-14-of-30-days-30-vulnerabilities-http-parameter-pollution-hpp-vulnerability-6c767a9227d8?source=rss------bug_bounty-5Abhijeet kumawathttp-parameter-pollution, bug-bounty-tips, 30dayswritingchallenge, bug-bounty18-Aug-2024
XSS CHECKLISThttps://medium.com/@mehmetfarisacar/xss-checklist-a2bf18ed6992?source=rss------bug_bounty-5Mehmet Faris Acarbug-bounty, xss-vulnerability, cybersecurity, xss-attack18-Aug-2024
Day 13 of 30 Days — 30 Vulnerabilities | XML External Entity (XXE)https://medium.com/@kumawatabhijeet2002/day-13-of-30-days-30-vulnerabilities-xml-external-entity-xxe-93118ac3a167?source=rss------bug_bounty-5Abhijeet kumawatxxe-attack, 30dayswritingchallenge, xxe, bug-bounty, bug-bounty-tips17-Aug-2024
Everything about CSP (Content Security Policy)and bypassing it Like a PRO!!https://shauryasharma05.medium.com/everything-about-csp-content-security-policy-and-bypassing-it-like-a-pro-290d3b06b721?source=rss------bug_bounty-5Shaurya Sharmabugbounty-writeup, cybersecurity, bug-bounty, hacking, bug-bounty-tips17-Aug-2024
A Step-by-Step Guide to Installing and Using dirsearchhttps://medium.com/@sherlock297/a-step-by-step-guide-to-installing-and-using-dirsearch-7833d9dbe6c3?source=rss------bug_bounty-5Ravindra Dagaletools, dirsearch, bug-bounty, tips, information-technology17-Aug-2024
Targeting Hidden API Endpoints in IDOR Exploitshttps://systemweakness.com/targeting-hidden-api-endpoints-in-idor-exploits-269b6ae0f16e?source=rss------bug_bounty-5Khaleel Khaninfosec, bug-bounty, cybersecurity, hacking, bug-bounty-tips17-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-73)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-73-210a9520bff3?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, money, hacking, bug-bounty17-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-72)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-72-a2bf155d3162?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, ethical-hacking, cybersecurity, money, bug-bounty17-Aug-2024
Broken Access Control in a Crypto Trading Platform | Auth Bypass worth $$$$https://medium.com/@midnight-mihir/how-i-found-broken-access-control-in-a-crypto-trading-platform-auth-bypass-worth-b0048eb87e09?source=rss------bug_bounty-5Mihirethical-hacking, bug-bounty-tips, bug-bounty, cybersecurity17-Aug-2024
Another 1500$: CR/LF Injectionhttps://infosecwriteups.com/1500-cr-lf-injection-59152daaf413?source=rss------bug_bounty-5Abhi Sharmacrlf-injection, infosec, bug-bounty, programming, cybersecurity17-Aug-2024
Security Flaws in Privilege Downgrades: How Users Can Exploit API Keys and Privilege escalationhttps://medium.com/@Az3m/security-flaws-in-privilege-downgrades-how-users-can-exploit-api-keys-and-privilege-escalation-886b37c2344d?source=rss------bug_bounty-5Az3mbug-bounty-tips, privilege-escalation, bugs, bug-bounty17-Aug-2024
Sub-finder tool methodologyhttps://medium.com/@tharunteja725_8686/sub-finder-tool-methodology-1dcb2622b0d5?source=rss------bug_bounty-5Chidurala Tharun tejabug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty-hunter17-Aug-2024
IDOR Vulnerabilities Between Admin Privilege Users in the Same Organizationhttps://medium.com/@Az3m/idor-vulnerabilities-between-admin-privilege-users-in-the-same-organization-7718192bba0e?source=rss------bug_bounty-5Az3mbug-bounty-tips, idor, bug-bounty, idor-vulnerability17-Aug-2024
How Find Multi open redirect Bugs with Bing search enginehttps://medium.com/@Az3m/how-find-multi-open-redirect-bugs-with-bing-search-engine-14d953b707ec?source=rss------bug_bounty-5Az3mbugs, open-redirect, bug-bounty-tips, bug-bounty17-Aug-2024
Boost Your Bug Bounty Game: Get Started with Free VPS on Krutrim Cloudhttps://infosecwriteups.com/boost-your-bug-bounty-game-get-started-with-free-vps-on-krutrim-cloud-6a37444a9ce0?source=rss------bug_bounty-5Vicky Aryankrutrim-cloud, bug-bounty, vps, cloud, hacking17-Aug-2024
Understanding Web Cache Poisoning: How It Works and How to Prevent Ithttps://cyberw1ng.medium.com/understanding-web-cache-poisoning-how-it-works-and-how-to-prevent-it-55af897e1eb5?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, bug-bounty, cybersecurity, hacking17-Aug-2024
$$$ Bypassing SSRF Restrictions on a Google Product: A Journey Through DNS Rebindinghttps://anonysm.medium.com/bypassing-ssrf-restrictions-on-a-google-product-a-journey-through-dns-rebinding-a4e9d18213af?source=rss------bug_bounty-5Muthu Dbug-bounty, cybersecurity, ethical-hacking, penetration-testing, hacking17-Aug-2024
Understanding Open Redirect Vulnerabilities: A Simple Discoveryhttps://shaifsec.medium.com/understanding-open-redirect-vulnerabilities-a-simple-discovery-476a675839f7?source=rss------bug_bounty-5Shaif Aliweb-security, cybersecurity, shaifsec, penetration-testing, bug-bounty17-Aug-2024
Top 20 Open Redirect Bug Bounty Reportshttps://medium.com/@thenumberof9/top-20-open-redirect-bug-bounty-reports-610c57fb006f?source=rss------bug_bounty-5TheNumberOf-9host-redirect, bug-bounty, open-redirect, hacking, ethical-hacking16-Aug-2024
How to find a easy bug it worth $100https://medium.com/@sangamahesh650/how-to-find-a-easy-bug-it-worth-100-7485f9bf638f?source=rss------bug_bounty-5loyalonlytodaybugbounty-writeup, hacking, bug-bounty-tips, penetration-testing, bug-bounty16-Aug-2024
The Bug Bounty Billionairehttps://medium.com/@shwetapapnai783/the-bug-bounty-billionaire-acaa5e64959e?source=rss------bug_bounty-5Shweta Papnaisecurity, cybersecurity, billionaires, bug-bounty, technology16-Aug-2024
️ Reconnaissance and Vulnerability Scanning Script️https://securitycipher.medium.com/%EF%B8%8F-reconnaissance-and-vulnerability-scanning-script-%EF%B8%8F-086f4051eeba?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)cybersecurity, coding, technology, bug-bounty, hacking16-Aug-2024
Complete Guide on Attack Surface Discoveryhttps://osintteam.blog/complete-guide-on-attack-surface-discovery-d684710d6a3e?source=rss------bug_bounty-5Netlas.iobug-bounty, attack-surface, attack-surface-discovery, cybersecurity, penetration-testing16-Aug-2024
Easy Critical Bugs: Uncovering Treasure Troves in Adobe Experience Manager (AEM)https://anonysm.medium.com/easy-critical-bugs-uncovering-treasure-troves-in-adobe-experience-manager-aem-59ce8656ef9b?source=rss------bug_bounty-5Muthu Dpenetration-testing, bug-bounty, cybersecurity, pentesting, hacking16-Aug-2024
Two Factor Authentication Bypass via using Victim’s DeviceIDhttps://medium.com/@cyberpro151/two-factor-authentication-bypass-via-using-victims-deviceid-b46afb4fe7a5?source=rss------bug_bounty-5cyberpro151application-security, hacking, bug-bounty, cybersecurity, hackerone16-Aug-2024
BlackhatOps #1: A Syndicate Of Hackershttps://medium.com/@red.whisperer/blackhatops-1-a-syndicate-of-hackers-3f599f6f9c63?source=rss------bug_bounty-5Chuxcybersecurity, pentesting, red-team, bug-bounty, hacking16-Aug-2024
Forced SSO Session Fixationhttps://infosecwriteups.com/forced-sso-session-fixation-5d3b457b79cb?source=rss------bug_bounty-5Serj Novoselovbug-bounty, vulnerability, penetration-testing, information-security, writeup16-Aug-2024
24.10 Lab: Web cache poisoning to exploit a DOM vulnerability via a cache with strict cacheability…https://cyberw1ng.medium.com/24-10-lab-web-cache-poisoning-to-exploit-a-dom-vulnerability-via-a-cache-with-strict-cacheability-78d30bb559e4?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, bug-bounty, cybersecurity16-Aug-2024
500$ From Meta by reporting a HTMLi(Accidental Bug)https://armx64.medium.com/500-from-meta-by-reporting-a-htmli-accidental-bug-fef2e5a0f4c4?source=rss------bug_bounty-5A.R Maheerbug-bounty, accidental-bug16-Aug-2024
NewLine Character Cause DoS: Folder & File Deletion Flawhttps://medium.com/@bilalresearcher/newline-character-cause-dos-folder-file-deletion-flaw-2b128252720b?source=rss------bug_bounty-5Bilal Researcherinfosec, denial-of-service, programming, cybersecurity, bug-bounty16-Aug-2024
1000$ IDOR : Unauthorized Project Inclusion in Expensehttps://medium.com/@bilalresearcher/1000-idor-unauthorized-project-inclusion-in-expense-da9176a96015?source=rss------bug_bounty-5Bilal Researcherbug-bounty, cybersecurity, idor, information-security, broken-access-control16-Aug-2024
Bypass Plan Restriction & Get 350$ Bountyhttps://medium.com/@bilalresearcher/bypass-plan-restriction-get-350-bounty-105790e994cb?source=rss------bug_bounty-5Bilal Researcherprivilege-escalation, bug-bounty, cybersecurity, programming, access-control16-Aug-2024
How I Earned $469 Bounty: Bypassing Plan Restrictionhttps://medium.com/@bilalresearcher/how-i-earned-469-bounty-bypassing-plan-restriction-6c215221b6f6?source=rss------bug_bounty-5Bilal Researcheraccess-control, infosec, bug-bounty, cybersecurity, programming16-Aug-2024
$800 Improper Authorization Flaw: Unauthorized Project Reclaiming Post Transferhttps://medium.com/@bilalresearcher/800-improper-authorization-flaw-unauthorized-project-reclaiming-post-transfer-d99ee6b2708c?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-tips, idor, idor-vulnerability, cybersecurity16-Aug-2024
921$ Privilege Escalation: Unauthorized User Addition to Shared APP Connectionshttps://medium.com/@bilalresearcher/921-privilege-escalation-unauthorized-user-addition-to-shared-app-connections-681d807ccd1e?source=rss------bug_bounty-5Bilal Researcherprogramming, bug-bounty, privilege-escalation, cybersecurity, hacking16-Aug-2024
500$: MFA bypass By Race Conditionhttps://medium.com/@bilalresearcher/500-mfa-bypass-by-race-condition-8952b6718b89?source=rss------bug_bounty-5Bilal Researchercybersecurity, 2fa, programming, bug-bounty, race-condition16-Aug-2024
The UI Slip I Hit 750$: UI Manipulation Leading to Unauthorized Permission Changeshttps://medium.com/@bilalresearcher/the-ui-slip-i-hit-750-ui-manipulation-leading-to-unauthorized-permission-changes-23c544918111?source=rss------bug_bounty-5Bilal Researchercybersecurity, user-interface, programming, bug-bounty, hacking16-Aug-2024
1500$: CR/LF Injectionhttps://medium.com/@bilalresearcher/1500-cr-lf-injection-09b7ae3cfaef?source=rss------bug_bounty-5Bilal Researcherbug-bounty, crlf-injection, cybersecurity, hacking, programming16-Aug-2024
$500 for Cracking Invitation Code For Unauthorized Access & Account Takeoverhttps://medium.com/@bilalresearcher/500-for-cracking-invitation-code-for-unauthorized-access-account-takeover-b0b693b2ae47?source=rss------bug_bounty-5Bilal Researcherbug-bounty, cybersecurity, account-takeover16-Aug-2024
Exploiting phar stream wrapperhttps://rudrasarkar.medium.com/exploiting-phar-stream-wrapper-d2140592c6e7?source=rss------bug_bounty-5Rudra Sarkarsource-code-analysis, php, bug-bounty, hackthebox15-Aug-2024
Unauthorized Deletion of Reports via Folder Manipulationhttps://medium.com/@hossam_hamada/unauthorized-deletion-of-reports-via-folder-manipulation-d0760582e168?source=rss------bug_bounty-5Hossam Hamadaidor, hackerone, idor-vulnerability, bug-bounty, bugcrowd15-Aug-2024
Day 12: Mastering Server Side Request Forgery Vulnerability — Essential Tricks & Techniques Based…https://medium.com/@kumawatabhijeet2002/day-12-mastering-server-side-request-forgery-vulnerability-essential-tricks-techniques-based-21dc8b576e37?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, ssrf-bug, ssrf, ssrf-attack, bug-bounty-tips15-Aug-2024
Hacking Large Corporations: The Art and Science of Reconnaissancehttps://harshit3.medium.com/hacking-large-corporations-the-art-and-science-of-reconnaissance-1a6fc8f90616?source=rss------bug_bounty-5Harshitbug-bounty, information-technology, corporations, cybersecurity, ethical-hacking15-Aug-2024
23.7 Lab: Server-side template injection with a custom exploithttps://cyberw1ng.medium.com/23-7-lab-server-side-template-injection-with-a-custom-exploit-263dcc38653e?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, bug-bounty, cybersecurity15-Aug-2024
Fourth Layer And Attacks !https://medium.com/@reemmoslem34/fourth-layer-and-attacks-7bcdbbf6b53c?source=rss------bug_bounty-5Rem Khalidcybersecurity, security, bug-bounty15-Aug-2024
2FA Bypass - IDN Mischiefhttps://shahjerry33.medium.com/2fa-bypass-idn-mischief-157f06cb6904?source=rss------bug_bounty-5Jerry Shah (Jerry)vulnerability, bug-bounty, infosec, cybersecurity, 2fa15-Aug-2024
Cracking the Armour: Bypassed WAF using Ibrahimxss Tool for easyhttps://medium.com/@jitinyaduvanshi/cracking-the-armour-bypassed-waf-using-ibrahimxss-tool-for-easy-6867cfcd850b?source=rss------bug_bounty-5Jitinyaduvanshicybersecurity, xss-attack, bug-bounty15-Aug-2024
Swisstronik: A Blockchain Solution for Privacy and Compliance.https://medium.com/@danishkhatri023/swisstronik-a-blockchain-solution-for-privacy-and-compliance-73c662eadf7a?source=rss------bug_bounty-5Danish Khatritestnet, blockchain, gui̇de, bug-bounty, swisstronik15-Aug-2024
Protecting against multi-step SQL injections: A shield for your datahttps://medium.com/@Progsky/protecting-against-multi-step-sql-injections-a-shield-for-your-data-bf14e41dc412?source=rss------bug_bounty-5Progskybug-bounty, web-security, hacking15-Aug-2024
Passenger Information Disclosure Vulnerability Over the MQTT Protocolhttps://medium.com/@moradloo1779/passenger-information-disclosure-vulnerability-over-the-mqtt-protocol-667402289583?source=rss------bug_bounty-5Moradloobugbounty-writeup, bug-bounty, pentest15-Aug-2024
Account takeover on 8 years old public programhttps://medium.com/@pranshux0x/account-takeover-on-8-years-old-public-program-c0c0a30cfdd2?source=rss------bug_bounty-5priyanshu shakyaaccount-takeover, bug-bounty, bug-bounty-tips, hacking, vulnerability14-Aug-2024
New Bug Bounty Alerthttps://medium.com/@vic-thor/new-bug-bounty-alert-874fefd2ea6b?source=rss------bug_bounty-5victech, online, technology, cybersecurity, bug-bounty14-Aug-2024
XSS Tipleri için Test Caselerhttps://medium.com/@NadirSensoy/xss-tipleri-i%C3%A7in-test-caseler-ce006d2cd57f?source=rss------bug_bounty-5Nadir Sensoyxss-attack, bug-bounty, xss-vulnerability, cybersecurity14-Aug-2024
My journey towards Bug Bounty and Ambassador World Cup 2023 Recaphttps://bhattaraiprashant98.medium.com/my-journey-towards-bug-bounty-and-ambassador-world-cup-2023-recap-bc5fc1d00e72?source=rss------bug_bounty-5Prashant Bhattaraibug-bounty, hacking, hackerone, cybersecurity14-Aug-2024
Server-side template injection in Web App Penetration Testing | 2024https://cyberw1ng.medium.com/server-side-template-injection-in-web-app-penetration-testing-2024-67961a32cadd?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, bug-bounty, hacking14-Aug-2024
Automate your Google Dorking to Find Bugshttps://mrunknown124154.medium.com/automate-your-google-dorking-to-find-bugs-f7d86dc2d279?source=rss------bug_bounty-5Mr Abdullahbug-bounty, cybersecurity, google-dorking, cyber-security-awareness, dorking14-Aug-2024
Authentication Bypass -MFA , Account Takeover…https://medium.com/@prakashchand72/authentication-bypass-mfa-account-takeover-32166aedb3b9?source=rss------bug_bounty-5ASTUTEbypass, hacking, bug-bounty, authentication-bypass, account-takeover14-Aug-2024
My journey towards Bug Bounty and Ambassador World Cup 2023 Recaphttps://g0ndaar.medium.com/my-journey-towards-bug-bounty-and-ambassador-world-cup-2023-recap-bc5fc1d00e72?source=rss------bug_bounty-5Prashant Bhattaraibug-bounty, hacking, hackerone, cybersecurity14-Aug-2024
Open S3 Buckets Through Reconnaissancehttps://offsec01.medium.com/open-s3-buckets-through-reconnaissance-920f8b35be47?source=rss------bug_bounty-5Facundo Fernandezbug-bounty-tips, bug-bounty, penetration-testing, hacking, offensive-security14-Aug-2024
A Critical 403 Bypass Vulnerability Lead to a Staging Environment with User Enumerationhttps://ay0ub-n0uri.medium.com/a-critical-403-bypass-vulnerability-lead-to-a-staging-environment-with-user-enumeration-25b94ebadcfa?source=rss------bug_bounty-5Ay0ub N0urioffensive-security, bug-bounty-tips, penetration-testing, cybersecurity, bug-bounty14-Aug-2024
How I Prevented a Data Breach by Reporting an IDOR in a System Exposing over 500,000 US Passportshttps://offsec01.medium.com/how-i-prevented-a-data-breach-by-reporting-an-idor-in-a-system-exposing-over-500-000-us-passports-bc6bec99aa3d?source=rss------bug_bounty-5Facundo Fernandezpassport, bug-bounty, penetration-testing, data-breach, hacking14-Aug-2024
Identifying and Exploiting SQL Injection Vulnerabilitieshttps://im4x.medium.com/identifying-and-exploiting-sql-injection-vulnerabilities-cdfaa90b7b04?source=rss------bug_bounty-5Ahmed Najehbug-bounty, bugs, sqlmap14-Aug-2024
Finding a easy p3 bughttps://medium.com/@sangamahesh650/finding-a-easy-p3-bug-05b54f70e14c?source=rss------bug_bounty-5loyalonlytodaybugbounty-writeup, bug-bounty-tips, penetration-testing, bug-bounty, hacking13-Aug-2024
Hidden Form Fields Reveal Test Answers for Easy Perfect Scorehttps://osintteam.blog/hidden-form-fields-reveal-test-answers-for-easy-perfect-score-c4d202416ad7?source=rss------bug_bounty-5enigmabug-bounty, ethical-hacking, penetration-testing, cybersecurity, misconfiguration13-Aug-2024
NoSQL Injection | Try Hack Mehttps://ahmed-makawi.medium.com/nosql-injection-try-hack-me-e624fa71743f?source=rss------bug_bounty-5Ahmed Makawicybersecurity, bug-bounty, it, penetration-testing, sql-injection13-Aug-2024
Role-based Privilege Escalation Worth $2000 in a bug bounty programhttps://medium.com/@_K3rnel/role-based-privilege-escalation-worth-2000-in-a-bug-bounty-program-0ca40a4cecb9?source=rss------bug_bounty-5_K3rnelbugbounting, bug-bounty, bugs, bug-bounty-tips, bugbounty-writeup13-Aug-2024
Threat Modeling 101: Mapping OWASP Top 10 to STRIDEhttps://justm0rph3u5.medium.com/threat-modeling-101-mapping-owasp-top-10-to-stride-cb8e8613e396?source=rss------bug_bounty-5Divyanshustride, bug-bounty, owasp, threat-model, pasta13-Aug-2024
23.6 Lab: Server-side template injection in a sandboxed environmenthttps://cyberw1ng.medium.com/23-6-lab-server-side-template-injection-in-a-sandboxed-environment-f731eacf2530?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, penetration-testing, cybersecurity, careers13-Aug-2024
Logic Flaw: User Account Lockouthttps://medium.com/@raxomara/logic-flaw-user-account-lockout-8865c622cef0?source=rss------bug_bounty-5Raxomarapenetration-testing, bug-bounty, cybersecurity, bug-bounty-tips, bug-hunting13-Aug-2024
NoSQL Injection | Try Hack Mehttps://systemweakness.com/nosql-injection-try-hack-me-e624fa71743f?source=rss------bug_bounty-5Ahmed Makawicybersecurity, bug-bounty, it, penetration-testing, sql-injection13-Aug-2024
My first bounty report was a duplicatehttps://medium.com/@World-Breaker/my-first-bounty-report-was-a-duplicate-ad2ba4ec595e?source=rss------bug_bounty-5usu@rioZ3r0bug-bounty13-Aug-2024
Effortless Go Language Setup: Installing Go Lang Like a Pro!https://imran407704.medium.com/effortless-go-language-setup-installing-go-lang-like-a-pro-e668c51454c3?source=rss------bug_bounty-5Imranbug-bounty, go-language, go-language-tutorial13-Aug-2024
How I Discovered a Directory Listing Vulnerability on a NASA Subdomainhttps://medium.com/@shubhammpawar7438/how-i-discovered-a-directory-listing-vulnerability-on-a-nasa-subdomain-979883e47874?source=rss------bug_bounty-5Shubham pawarvulnerability-disclosure, bug-bounty, cybersecurity, web-security, nasa-security13-Aug-2024
How To Get free burpsuite professionalhttps://medium.com/@sangamahesh650/how-to-get-free-burpsuite-professional-b6ebca7a60a3?source=rss------bug_bounty-5loyalonlytodaybug-bounty, pentesting, bug-bounty-tips, hacking, bugbounty-writeup13-Aug-2024
Breaking the Barrier: Admin Panel Takeover Worth $3500https://medium.com/@noob.assassin/breaking-the-barrier-admin-panel-takeover-worth-3500-78da79089ca3?source=rss------bug_bounty-5Aditya Sharmabug-bounty-tips, bug-bounty, hacker, hacking, vulnerability13-Aug-2024
Simple but Elegant DOM XSS on Hidden Parameter— Bypassing Filterhttps://medium.com/@YourFinalSin/simple-but-elegant-dom-xss-on-hidden-parameter-bypassing-filter-ab58ca1e6135?source=rss------bug_bounty-5SINxss-vulnerability, bug-bounty, xss-attack, bug-bounty-tips, bug-bounty-writeup13-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-71)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-71-3232e47be803?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, cybersecurity, bug-bounty, skills, ethical-hacking13-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-70)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-70-f603b2fde234?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, bug-bounty, hacking, cybersecurity, skills13-Aug-2024
Insecure Direct Object Referencehttps://medium.com/@yassentaalab51/insecure-direct-object-reference-6bddf9be8dcd?source=rss------bug_bounty-5Yassen Taalabidor, bug-bounty, owasp, cybersecurity, broken-access-control13-Aug-2024
CloudBrute — Awesome Cloud Enumeratorhttps://medium.com/@pentesterclubpvtltd/cloudbrute-awesome-cloud-enumerator-b6d86e168b2c?source=rss------bug_bounty-5Pentester Clubbug-bounty, hacking, ethical-hacking, cybersecurity, cloud-computing13-Aug-2024
Embedding Beacon Payloads in PDF Fileshttps://medium.com/@pentesterclubpvtltd/embedding-beacon-payloads-in-pdf-files-e789820f340b?source=rss------bug_bounty-5Pentester Clubhacking, cobalt-strike, bug-bounty, cybersecurity, pdf13-Aug-2024
DOM XSS — Simple but Elegant on Hidden Parameter— Bypassing Filterhttps://medium.com/@YourFinalSin/simple-but-elegant-dom-xss-on-hidden-parameter-bypassing-filter-ab58ca1e6135?source=rss------bug_bounty-5SINxss-vulnerability, bug-bounty, xss-attack, bug-bounty-tips, bug-bounty-writeup13-Aug-2024
Common Types of Bugs in Software Testinghttps://medium.com/optimizory-apps/common-types-of-bugs-in-software-testing-aea2ff2138bd?source=rss------bug_bounty-5Divyansh Vatsbug-bounty, bugs, software-testing12-Aug-2024
How to balance bug fix costs with software performance?https://medium.com/@harleyrose981/how-to-balance-bug-fix-costs-with-software-performance-92e9df481c36?source=rss------bug_bounty-5Harley Roseweb3, technology, bug-bounty, web-development, seo12-Aug-2024
3rd Anniversary Fun Activity: TECNO Security Bug Bounty Rules Challenging Testhttps://medium.com/@security.tecno/3rd-anniversary-fun-activity-tecno-security-bug-bounty-rules-challenging-test-d6dac9f552e7?source=rss------bug_bounty-5TECNO Securitytesting, bug-bounty, activity, security12-Aug-2024
5 Minutes to Take Over the System Administrator Account of a GPS Tracker Solution Providerhttps://medium.com/@mmaulanaabdullah/5-minutes-for-taking-over-system-administrator-account-of-gps-tracker-solution-provider-system-24bd083f1559?source=rss------bug_bounty-5M Maulana Abdullahapi, disruption, bug-bounty, information-security, infosec12-Aug-2024
Maintaining Software Excellence: The Importance of Bug Fixes and Maintenancehttps://medium.com/@harleyrose981/maintaining-software-excellence-the-importance-of-bug-fixes-and-maintenance-87db9a864a5f?source=rss------bug_bounty-5Harley Rosetechnology, software-development, web-development, tech, bug-bounty12-Aug-2024
From Fries to Flaws : My Journey into Web App Security (Part V)https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-v-f0ea86e55845?source=rss------bug_bounty-5OiQpenetration-testing, vulnerability, bug-bounty-tips, cybersecurity, bug-bounty12-Aug-2024
The Importance of Functionality and Usability in Web Applicationshttps://medium.com/@owaisbagali2/the-importance-of-functionality-and-usability-in-web-applications-65f5cf44374d?source=rss------bug_bounty-5OwaisBself-awareness, bug-bounty, audi, software-testing, basics12-Aug-2024
Earned $188 in bug bounty simply through the invitation feature.https://medium.com/@Mu1berry/earned-188-in-bug-bounty-simply-through-the-invitation-feature-534486d6ec1c?source=rss------bug_bounty-5Mu1berrybugcrowd, vulnerability, money, bug-bounty, hacker12-Aug-2024
Detecting Blind Injection Attacks with Discord Webhookshttps://osintteam.blog/detecting-injection-attacks-with-discord-webhooks-5df22a5679c5?source=rss------bug_bounty-5mrunoriginalweb-application-security, cybersecurity, bug-bounty, information-security, ethical-hacking12-Aug-2024
New Reconnaissance Methodologies/Tools for Bug Bounty Hunting & Ethical Hackinghttps://medium.com/@retr0x/new-reconnaissance-methodologies-tools-for-bug-bounty-hunting-ethical-hacking-be7ca14a7ae2?source=rss------bug_bounty-5R3tr0x | Vinay Kumarcyber, ethical-hacking, cyber-security-awareness, cybersecurity, bug-bounty12-Aug-2024
“My Journey to Earning the First Bounty”https://medium.com/@asharm.khan7/my-journey-to-earning-the-first-bounty-5314d1780f84?source=rss------bug_bounty-5Ashar Mahmoodbug-bounty, hacking, cyber-security-awareness, ethical-hacking, find-your-first-bug12-Aug-2024
21.4 Lab: Exploiting insecure output handling in LLMshttps://cyberw1ng.medium.com/21-4-lab-exploiting-insecure-output-handling-in-llms-4b17d8401fe6?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, cybersecurity, bug-bounty, careers12-Aug-2024
Getting all ips from Shodan easyhttps://medium.com/@sangamahesh650/getting-all-ips-from-shodan-easy-400706799e53?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, hacking, bugbounty-writeup, penetration-testing, bug-bounty12-Aug-2024
Cross-Site Scripting Explained: Protect Your Website from Modern Threatshttps://7hecoder.medium.com/secure-your-site-xss-guide-d780dd2ad098?source=rss------bug_bounty-5Aamir Khanxss-vulnerability, web-development, secure-coding, bug-bounty, cybersecurity12-Aug-2024
The Hidden Threat: How Reverse Shells Packaged as .pyz Files Evade Detectionhttps://medium.com/@psychomong/the-hidden-threat-how-reverse-shells-packaged-as-pyz-files-evade-detection-e82d1f234187?source=rss------bug_bounty-5psychomonghacker, hacking, meta, bug-bounty, whatsapp12-Aug-2024
How Much Did I Make in My First Year of Bug Bounty Work?https://medium.com/@bountyget/how-much-did-i-make-in-my-first-year-of-bug-bounty-work-2f0583002db6?source=rss------bug_bounty-5Bountygetinfosec-write-ups, bug-bounty, earn-money-online, bug-bounty-tips, hacking12-Aug-2024
How I Hacked Into the World’s Top Universities Including MIT Cambridge & University of Oxfordhttps://medium.com/@josuofficial327/how-i-hacked-into-the-worlds-top-universities-including-mit-cambridge-university-of-oxford-a2e209d8abf7?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binucybersecurity, bug-bounty, vulnerability, ethical-hacking, hacking12-Aug-2024
Stored XSS in LibreOfficehttps://bunny0417.medium.com/stored-xss-in-libreoffice-ed4ad22e0f56?source=rss------bug_bounty-5Aayush kumarbug-bounty-tips, xs, libreoffice, stored-xss, bug-bounty11-Aug-2024
From Fries to Flaws : My Journey into Web App Security (Part IV)https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-iv-956c3fcbec68?source=rss------bug_bounty-5OiQbug-bounty, web-app-security, vulnerability, bug-bounty-tips, penetration-testing11-Aug-2024
Internal and External Network penetration Testinghttps://gaya3-r.medium.com/internal-and-external-network-penetration-testing-6a9421394618?source=rss------bug_bounty-5gayatri rtools, bug-bounty, penetration-testing, owasp11-Aug-2024
How I found my first P3 bug (disclosure of PII/Privilege Escalation)https://medium.com/@the.bugcrowd.testerpawan/how-i-found-my-first-p3-bug-disclosure-of-pii-privilege-escalation-148dbf610334?source=rss------bug_bounty-5the_air_cyborgbug-bounty-tips, bugbounty-writeup, bug-bounty11-Aug-2024
Introduction to JWThttps://medium.com/@chanpreetkaur2005/introduction-to-jwt-f69162b59c24?source=rss------bug_bounty-5Chanpreet Kaurweb-exploitation, cybersecurity, bug-bounty, jwt, web-development11-Aug-2024
20.10 Lab: Using PHAR deserialization to deploy a custom gadget chainhttps://cyberw1ng.medium.com/20-10-lab-using-phar-deserialization-to-deploy-a-custom-gadget-chain-39270975163f?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity11-Aug-2024
Udemy Course off 50% CYBER082024https://cyberbruharmy.medium.com/udemy-course-off-50-cyber082024-c61d755d2714?source=rss------bug_bounty-5CyberBruhArmybug-bounty, firewall, bug-bounty-tips, security, cybersecurity11-Aug-2024
Hacking the System: How I Beat Subscription Restrictions in Admin Controlshttps://0xmatrix.medium.com/hacking-the-system-how-i-beat-subscription-restrictions-in-admin-controls-5684fd90279a?source=rss------bug_bounty-5Mo2men Elmadyhacking, bugs, penetration-testing, red-team, bug-bounty11-Aug-2024
How I Got $150 on HackerOne for My First Bughttps://medium.com/@likithteki76/how-i-got-150-on-hackerone-for-my-first-bug-8af0ed515e79?source=rss------bug_bounty-5Likith Tekibug-bounty-tips, 2fa-bypass, vulnerability, bug-bounty, ethical-hacking11-Aug-2024
IDOR — How I Leaked Data of 50k+ Usershttps://medium.com/@YourFinalSin/idor-how-i-leaked-data-of-50k-users-bc44201e777a?source=rss------bug_bounty-5SINidor, bug-bounty-hunter, bug-bounty-writeup, bug-bounty, bug-bounty-tips10-Aug-2024
How I got my first $13500 bounty through Parameter Polluting (HPP)https://infosecwriteups.com/how-i-got-my-first-13500-bounty-through-parameter-polluting-hpp-179666b8e8bb?source=rss------bug_bounty-5rAmpancisthacking, bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips10-Aug-2024
IDOR — Exposing private forms $$$https://medium.com/@hellother18/idor-exposing-private-forms-0204c1ed560a?source=rss------bug_bounty-5Manthan_ mahalehacking, cybersecurity, ethical-hacking, bug-bounty, bugbounty-writeup10-Aug-2024
Day 8 of 30 Days — 30 Vulnerabilities | Security Misconfigurationhttps://medium.com/@kumawatabhijeet2002/day-8-of-30-days-30-vulnerabilities-security-misconfiguration-5d8ee574e7e3?source=rss------bug_bounty-5Abhijeet kumawatsecurity-misconfiguration, bug-bounty, bug-bounty-tips10-Aug-2024
What is a Bug Bounty Program?https://medium.com/@pasan62nanayakkara/what-is-a-bug-bounty-program-f64c90197229?source=rss------bug_bounty-5Ravindu Nanayakkarabug-bounty, cybersecurity, security10-Aug-2024
$800 Improper Authorization Flaw: Unauthorized Project Reclaiming Post Transferhttps://medium.com/@a13h1/800-improper-authorization-flaw-unauthorized-project-reclaiming-post-transfer-15fe36976604?source=rss------bug_bounty-5Abhi Sharmaimproper-authorization, cybersecurity, bug-bounty, idor, programming10-Aug-2024
Practice Lab Setup for Application Security Testinghttps://medium.com/@Kamal_S/practice-lab-setup-for-application-security-testing-9fa2c9b45917?source=rss------bug_bounty-5Kamal Sbug-bounty, vapt, security-testing, appsec, owasp10-Aug-2024
The Evolution of Deserialization Attacks: Understanding the Risks and Future Trendshttps://cyberw1ng.medium.com/the-evolution-of-deserialization-attacks-understanding-the-risks-and-future-trends-0e485ec7e833?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, cybersecurity, hacking, bug-bounty10-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-69)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-69-fa42b90989a1?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, bug-bounty, skills, hacking, cybersecurity10-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-68)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-68-8e3af48d1c65?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, ethical-hacking, cybersecurity, bug-bounty, skills10-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-67)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-67-01756817b60c?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, skills, ethical-hacking, bug-bounty, hacking10-Aug-2024
How to Mitigate SQL Injectionhttps://medium.com/@dhiren.pradhan263/how-to-mitigate-sql-injection-20a26cfa96f5?source=rss------bug_bounty-5Dhiren Pradhansecurity, bug-bounty, information-security09-Aug-2024
How to find P1 SQL injection in indian website.https://medium.com/@padhyepushkar/how-to-find-p1-sql-injection-in-indian-website-59ad091a9e1b?source=rss------bug_bounty-5Pushkar Padhyebug-bounty09-Aug-2024
How to Mitigate SQL Injectionhttps://medium.com/@bountyget/how-to-mitigate-sql-injection-20a26cfa96f5?source=rss------bug_bounty-5Bountygetsecurity, bug-bounty, information-security09-Aug-2024
Bug Bounty Programs Launched in August 2024https://medium.com/@vic-thor/bug-bounty-programs-launched-in-august-2024-ab698f18b7c5?source=rss------bug_bounty-5vicbug-bounty, technology, tech, money, cybersecurity09-Aug-2024
Part 3: Enhancing Database Items in Angular using the Decorator Design Pattern: Bug Prevention…https://medium.com/@nemanjablagojevic/part-3-enhancing-database-items-in-angular-using-the-decorator-design-pattern-bug-prevention-e965373a6219?source=rss------bug_bounty-5Nemanja Blagojevicsingleton, programming, angular, bug-bounty, ecommerce-web-development09-Aug-2024
From Developer to Hacker: Putting on the White Hathttps://medium.com/@jonathanmondaut/from-developer-to-hacker-putting-on-the-white-hat-b4292af8c1d4?source=rss------bug_bounty-5Jonathan Mondautcybersecurity, technology, bug-bounty, ethical-hacking, programming09-Aug-2024
How I Turned a Rate-Limit Bypass into an Account Takeoverhttps://anonysm.medium.com/how-i-turned-a-rate-limit-bypass-into-an-account-takeover-4588541c2d29?source=rss------bug_bounty-5Muthu Dethical-hacking, hacking, pentesting, bug-bounty, penetration-testing09-Aug-2024
Enriching Nuclei results with Vulnerability Intelhttps://medium.com/@nvi_90805/enriching-nuclei-results-with-vulnerability-intel-d760b756b066?source=rss------bug_bounty-5NVI - North Vulnerability Intelligencevulnerability, cve, bug-bounty, nuclei-template, exploit09-Aug-2024
Mastering Subfinder for Subdomain Enumeration: A Quick Guide for Bug Bounty Huntershttps://medium.com/@k4r7hx/mastering-subfinder-for-subdomain-enumeration-a-quick-guide-for-bug-bounty-hunters-5d6c3d471896?source=rss------bug_bounty-5Karthikeyansubdomain-enumeration, subdomains-enumeration, subdomain, bug-bounty, subdomain-takeover09-Aug-2024
Bug Bounty Methodology — Step By Step Guide To Find Subdomains And Vulnerable URLshttps://medium.com/@shaikhminhaz1975/bug-bounty-methodology-step-by-step-guide-to-find-subdomains-and-vulnerable-urls-18bdd76e979f?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, reconnaissance, subdomains-enumeration, bug-bounty, methodology09-Aug-2024
20 Essential Google Dorking Queries to find vulnerable targetshttps://offsec01.medium.com/20-essential-google-dorking-queries-to-find-vulnerable-targets-a98b657dc66d?source=rss------bug_bounty-5Facundo Fernandezoffensive-security, google-dorking, hacking-training, bug-bounty, hacking09-Aug-2024
Day 7 of 30 Days — 30 Vulnerability | IDOR (Insecure Direct Object Reference)https://medium.com/@kumawatabhijeet2002/day-7-of-30-days-30-vulnerability-idor-insecure-direct-object-reference-79b8051d67e2?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, 30dayswritingchallenge, idor-vulnerability, idor, bug-bounty-tips09-Aug-2024
How dirsearch Uncovered a $750 Bountyhttps://medium.com/@bountyget/how-dirsearch-uncovered-a-750-bounty-fd215c925eb7?source=rss------bug_bounty-5Bountygetinfosec, dirsearch, wordlist, bug-bounty, hackerone09-Aug-2024
What After Recon ? Part 01 Bug Bounty Methodologyhttps://omarora1603.medium.com/what-after-recon-part-01-bug-bounty-methodology-25ff3705a738?source=rss------bug_bounty-5Om Arorainfosec, bug-bounty, bug-bounty-writeup, methodology, hacking09-Aug-2024
Embracing Proactive Security Measures: Future-Proofing Against PHAR Deserialization and Beyondhttps://cyberw1ng.medium.com/embracing-proactive-security-measures-future-proofing-against-phar-deserialization-and-beyond-49e1dec9000d?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, hacking, penetration-testing, bug-bounty09-Aug-2024
How i hacked NASA? NASA VDP.https://medium.com/@momos1337/how-i-hacked-nasa-bug-bounty-6975b833eb45?source=rss------bug_bounty-5Fadhli Almunawarcybersecurity, bug-bounty09-Aug-2024
How dirsearch Uncovered a $750 Bountyhttps://medium.com/@bountyget/how-dirsearch-uncovered-a-750-bounty-fd215c925eb7?source=rss------bug_bounty-5Bountygetinfosec, dirsearch, wordlist, info-sec-writeups, bug-bounty09-Aug-2024
L6 — Postbookhttps://scissor07.medium.com/l6-postbook-8d5b322a0801?source=rss------bug_bounty-5scissor_sevenwriteup, cybersecurity, bug-bounty, hackerone, ctf08-Aug-2024
Web App Security Scanner- Vex Scannerhttps://medium.com/@pentesterclubpvtltd/web-app-security-scanner-vex-scanner-e150e9a03ffc?source=rss------bug_bounty-5Pentester Clubcybersecurity, scalability, bug-bounty, hacking, security08-Aug-2024
OAuth Impersonation Attack: Misconfiguration of Facebook and Google OAuth Leading to Account…https://medium.com/@security.tecno/oauth-impersonation-attack-misconfiguration-of-facebook-and-google-oauth-leading-to-account-9f838439de31?source=rss------bug_bounty-5TECNO Securitybug-bounty, security, hacker08-Aug-2024
Hijacking User Privileges: The Story of a Patched Vulnerability in Open Bug Bountyhttps://take0verx0.medium.com/hijacking-user-privileges-the-story-of-a-patched-vulnerability-in-open-bug-bounty-4db81fa0fd1f?source=rss------bug_bounty-5Shahariar Aminbug-bounty, bug-bounty-tips, web-security, openbugbounty08-Aug-2024
Last Week in tech — 5th editionhttps://medium.com/@azefox/last-week-in-tech-5th-edition-0f559055dcf6?source=rss------bug_bounty-5Azefoxcloud-computing, ai, bug-bounty, infosec, news08-Aug-2024
O manual do Hacker Modernohttps://medium.com/@espectrx/o-manual-do-hacker-moderno-2a715e35184c?source=rss------bug_bounty-5Rafael Henriquehackingrévolution, hackerone, hacker-ético, bug-bounty, hacking08-Aug-2024
Building a Resilient Security Framework: Long-Term Strategies for Combating PHAR Deserialization…https://cyberw1ng.medium.com/building-a-resilient-security-framework-long-term-strategies-for-combating-phar-deserialization-de5b38c6aff2?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, penetration-testing, careers08-Aug-2024
Easiest P3 You May Not Knowhttps://muneebalamkhan.medium.com/easiest-p3-you-may-not-know-54ae73cd3361?source=rss------bug_bounty-5Muneeb Alam Khanbug-bounty-tips, penetration-testing, bug-bounty, bounty-hunter, penetration-test07-Aug-2024
SSRF: Blacklist and Whitelist-Based Input Filtershttps://infosecwriteups.com/ssrf-blacklist-and-whitelist-based-input-filters-1c602b872731?source=rss------bug_bounty-5Neetroxcybersecurity, cyber-security-awareness, bug-bounty, cyberattack, technology07-Aug-2024
Client-Side Desync in HTTP: Understanding the Vulnerabilities and How to Mitigate Themhttps://medium.com/@miladkeivanfar/client-side-desync-in-http-understanding-the-vulnerabilities-and-how-to-mitigate-them-f3552164a6c9?source=rss------bug_bounty-5Milad keivanfarsecurity, pentesting, desync, bug-bounty, smuggling07-Aug-2024
Nahamsec’s Intro to Bug Bounty Labs: Your Setup Guidehttps://medium.com/@k4r7hx/nahamsecs-intro-to-bug-bounty-labs-your-setup-guide-145199ee948a?source=rss------bug_bounty-5Karthikeyanbug-bounty, ethical-hacking, penetration-testing, nahamstore, hacking07-Aug-2024
ALL ABOUT TRAVA BUG BOUNTY — FINDING THE FAULTS IN TRAVA.FINANCEhttps://blog.trava.finance/all-about-trava-bug-bounty-finding-the-faults-in-trava-finance-ebdcf476c1d6?source=rss------bug_bounty-5Trava.Financedapps, web3, bug-bounty, blockchain07-Aug-2024
Easiest P3/P4 security misconfiguration to make $$ as a beginner.https://medium.com/@sugamdangal52/easiest-p3-p4-security-misconfiguration-to-make-as-a-beginner-d4f019ad4b85?source=rss------bug_bounty-5Sugam Dangalbug-bounty-program, bug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-tips07-Aug-2024
Real-World Applications and Case Studies of PHAR Deserialization Defensehttps://cyberw1ng.medium.com/real-world-applications-and-case-studies-of-phar-deserialization-defense-f65b67c503aa?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, bug-bounty, hacking07-Aug-2024
Day 5 of 30 Days — 30 Vulnerabilities | Open Redirectshttps://medium.com/@kumawatabhijeet2002/day-5-of-30-days-30-vulnerabilities-open-redirects-386ea2fa1a66?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, bug-bounty-tips, open-redirect, 30dayschallenge, 30dayswritingchallenge07-Aug-2024
Mastering Dirsearch for Bug Huntinghttps://medium.com/@josuofficial327/mastering-dirsearch-for-bug-hunting-f34272c0ba28?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty, bug-bounty-tips, ethical-hacking, cybersecurity, hacking06-Aug-2024
SSRF to Server Takeover PoC (Bug Bounty Writeup)https://medium.com/@malvinval/ssrf-to-server-takeover-poc-bug-bounty-writeup-82d6715e333d?source=rss------bug_bounty-5Malvin Valeriancybersecurity, ethical-hacking, bug-bounty-tips, hacking, bug-bounty06-Aug-2024
From Fries to Flaws : My Journey into Web App Security (Part III)https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-iii-ce91eb384da7?source=rss------bug_bounty-5OiQpenetration-testing, broken-access-control, web-app-security, bug-bounty, bug-bounty-tips06-Aug-2024
My First Bug Bounty: CORS Misconfigurationhttps://r0b0ts.medium.com/my-first-bug-bounty-cors-misconfiguration-3e6f38835c4e?source=rss------bug_bounty-5r0b0tsbug-bounty-writeup, bug-bounty, secu, bug-bounty-tips, bug-bounty-hunter06-Aug-2024
Reflected HTML injection leads to redirection and what’s not!https://medium.com/@shahariarwalid/reflected-html-injection-leads-to-redirection-and-whats-not-3de256b16c30?source=rss------bug_bounty-5Shahariar Aminbug-bounty, web-hacking, poc06-Aug-2024
Race Condition About The User Version and Ignoredhttps://r0b0ts.medium.com/race-condition-about-the-user-version-and-ignored-c98fec642d1b?source=rss------bug_bounty-5r0b0tsbug-bounty-tips, bug-bounty-writeup, bug-bounty, security, bug-bounty-hunter06-Aug-2024
Mastering Network Reconnaissance with Nmap: A Comprehensive Guidehttps://medium.com/@WillFromSwiss/mastering-network-reconnaissance-with-nmap-a-comprehensive-guide-e37fe3cdf8ff?source=rss------bug_bounty-5WillFromSwisspentesting, hacking, bug-bounty, recon, nmap06-Aug-2024
Bypass Admin Panel Access Steps — Bug Tuesdayhttps://medium.com/@kerstan/bypass-admin-panel-access-steps-bug-tuesday-36e7be470dae?source=rss------bug_bounty-5kerstancybersecurity, bug-bounty, hacking06-Aug-2024
Discovering and Exploiting an XSS Vulnerability in an Admin Panelhttps://soltanali0.medium.com/discovering-and-exploiting-an-xss-vulnerability-in-an-admin-panel-8abbc97931fd?source=rss------bug_bounty-5soltanali0admin-panel, xss-attack, hackerone, bug-bounty-tips, bug-bounty06-Aug-2024
Reflected HTML injection leads to redirection and what’s not!https://take0verx0.medium.com/reflected-html-injection-leads-to-redirection-and-whats-not-3de256b16c30?source=rss------bug_bounty-5Shahariar Aminbug-bounty, web-hacking, poc06-Aug-2024
Advanced Defense Mechanisms and Continuous Monitoring Against PHAR Deserializationhttps://cyberw1ng.medium.com/advanced-defense-mechanisms-and-continuous-monitoring-against-phar-deserialization-00512489faf1?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, careers, hacking06-Aug-2024
Hacking OWASP Juice Shop: Part 5- Privilege Escalation via Manipulated User Registrationhttps://infosecwriteups.com/hacking-owasp-juice-shop-part-5-privilege-escalation-via-manipulated-user-registration-4b1c5227aa81?source=rss------bug_bounty-5callgh0sthacking, manipulation, logic, privilege-escalation, bug-bounty06-Aug-2024
From Secure to Breached: The Journey from Confidence to Compromisehttps://medium.com/@armandjasharaj/from-secure-to-breached-the-journey-from-confidence-to-compromise-38fcb7e9ef7c?source=rss------bug_bounty-5Armand Jasharajpenetration-testing, bug-bounty, cybersecurity, information-security06-Aug-2024
Understanding and Mitigating Open Redirection Vulnerability (CVE-2021–36580) in Webmail/Basic…https://medium.com/@anonymousshetty2003/understanding-and-mitigating-open-redirection-vulnerability-cve-2021-36580-in-webmail-basic-24b12c3df17d?source=rss------bug_bounty-5Anonymousshettyopen-redirection, ethical-hacking, cybersecurity, bug-bounty06-Aug-2024
How to Use Netcat as a Persistent Backdoor Utility?https://medium.com/@pentesterclubpvtltd/how-to-use-netcat-as-a-persistent-backdoor-utility-57bb01cbf9cc?source=rss------bug_bounty-5Pentester Clubhacking, bug-bounty-tips, bug-bounty, metasploit, cybersecurity06-Aug-2024
Ping a site to find out information about it.https://medium.com/@pentesterclubpvtltd/ping-a-site-to-find-out-information-about-it-43efdb62b4a0?source=rss------bug_bounty-5Pentester Clubcyber-security-awareness, bug-bounty, cybersecurity, ping, cybercrime05-Aug-2024
Maltego — The Automated OSINT Tool for Ethical Hackershttps://medium.com/@pentesterclubpvtltd/maltego-the-automated-osint-tool-for-ethical-hackers-d6bc5737812e?source=rss------bug_bounty-5Pentester Clubbug-bounty, ethical-hacking, maltego, cybersecurity, osint05-Aug-2024
Recon-ng — Complete Scan — Emails, Sub Domains & Hidden Fileshttps://medium.com/@pentesterclubpvtltd/recon-ng-complete-scan-emails-sub-domains-hidden-files-b357cffd1e0b?source=rss------bug_bounty-5Pentester Clubscan, recon, enumeration, cybersecurity, bug-bounty05-Aug-2024
Perform Network Tracerouting in Linux Machineshttps://medium.com/@pentesterclubpvtltd/perform-network-tracerouting-in-linux-machines-28b6bf57bf71?source=rss------bug_bounty-5Pentester Clubbug-bounty, machine-learning, linux, networking, cybersecurity05-Aug-2024
Gather Information About a Target Website Using Photonhttps://medium.com/@pentesterclubpvtltd/gather-information-about-a-target-website-using-photon-839612a85319?source=rss------bug_bounty-5Pentester Clubweb-design, cybersecurity, bug-bounty, web-development, web305-Aug-2024
Mirror a Target Website Using HTTrack website Copierhttps://medium.com/@pentesterclubpvtltd/mirror-a-target-website-using-httrack-website-copier-0489c23d66b3?source=rss------bug_bounty-5Pentester Clubweb3, website-design, web-development, cybersecurity, bug-bounty05-Aug-2024
Extract Companys Website Data Using Web Data Extractorhttps://medium.com/@pentesterclubpvtltd/extract-companys-website-data-using-web-data-extractor-a2957c56fd3f?source=rss------bug_bounty-5Pentester Clubdata, website, bug-bounty, web3, cybersecurity05-Aug-2024
Gather Personal Information Using PeekYou online People Search Servicehttps://medium.com/@pentesterclubpvtltd/gather-personal-information-using-peekyou-online-people-search-service-8a523a180f0d?source=rss------bug_bounty-5Pentester Clubdata, bug-bounty, cybersecurity, people, search-engine-optimizati05-Aug-2024
Mastering Angry IP Scanner: Unleashing the Power of Network Diagnosticshttps://medium.com/@pentesterclubpvtltd/mastering-angry-ip-scanner-unleashing-the-power-of-network-diagnostics-43388a593650?source=rss------bug_bounty-5Pentester Clubnetworking, bug-zero, cybersecurity, bug-bounty, angry05-Aug-2024
Uncover the Shocking Truth Behind HTTP Header Injection Attacks: Protect Yourself Now!https://systemweakness.com/the-hidden-danger-lurking-in-your-http-headers-3f93474933cb?source=rss------bug_bounty-5Khaleel Khanhacking, bug-bounty, cybersecurity, infosec, web-development05-Aug-2024
Exploit Public-Facing Application conceptshttps://medium.com/@alimostafaeiorg/exploit-public-facing-application-concepts-95c9d9efe76b?source=rss------bug_bounty-5Ali Mostafaeipentest, exploit, xs, exploit-public-facing, bug-bounty05-Aug-2024
You might have never understood the OSI Model this way.https://medium.com/@rohillachhavi12/you-might-have-never-understood-the-osi-model-this-way-2b3d234c5bac?source=rss------bug_bounty-5Chhavi Rohillanetworking, technology, bug-bounty, learning, cybersecurity05-Aug-2024
SQL Injection Part 1️⃣https://infosecwriteups.com/sql-injection-part-1%EF%B8%8F%E2%83%A3-eead93a673a2?source=rss------bug_bounty-5Neetroxcybersecurity, sql, data, bug-bounty, cyber-security-awareness05-Aug-2024
Discovering and Exploiting an XSS Vulnerability in a Bug Bounty Program Scopehttps://medium.com/@anonymousshetty2003/discovering-and-exploiting-an-xss-vulnerability-in-a-bug-bounty-program-scope-383327e7f290?source=rss------bug_bounty-5Anonymousshettycybersecurity, bug-bounty, xss-vulnerability, ethical-hacking05-Aug-2024
From Detection to Notification: Security Automation to Earn $$$$https://vijetareigns.medium.com/from-detection-to-notification-security-automation-to-earn-4ea1a13576bc?source=rss------bug_bounty-5the_unlucky_guybugbounty-writeup, cybersecurity, technology, bug-bounty, automation05-Aug-2024
How i found Host Header Injection on SpaceXhttps://medium.com/@gitlime71/how-i-found-host-header-injection-on-spacex-3a9b45db70e8?source=rss------bug_bounty-5Raccoonpenetration-testing, bug-bounty, pentesting, hacking, bug-bounty-tips05-Aug-2024
Zero-Click account Take-overhttps://0xebn-taimia.medium.com/zero-click-account-take-over-deb0fae7a6c1?source=rss------bug_bounty-50xEbn-Taimiabug-bounty, cybersecurity, bugs, ato05-Aug-2024
Advanced Techniques and Defenses Against PHAR Deserialization Exploitshttps://cyberw1ng.medium.com/advanced-techniques-and-defenses-against-phar-deserialization-exploits-c65074fa5035?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, hacking, careers05-Aug-2024
Day 3 of 30 Days — 30 Vulnerability | CSRFhttps://medium.com/@kumawatabhijeet2002/day-3-of-30-days-30-vulnerability-csrf-3958560fb941?source=rss------bug_bounty-5Abhijeet kumawatvulnerability, bug-bounty, cybersecurity, csrf-attack05-Aug-2024
Unveiling Remote Code Execution in AI chatbot workflowshttps://infosecwriteups.com/unveiling-remote-code-execution-in-ai-chatbot-workflows-3c7f633f63c3?source=rss------bug_bounty-5Anurag__Vermaethical-hacking, infosec, penetration-testing, bugs, bug-bounty05-Aug-2024
How I Got Critical P2 Bug on Google VRPhttps://medium.com/@rhashibur75/how-i-got-critical-p2-bug-on-google-vrp-165017145af8?source=rss------bug_bounty-5Kazi Hashibur Rahmangoogle-bug, bugs, bug-bounty-tips, bug-bounty, google04-Aug-2024
Insecure Deserialization — Why it is a vulnerabilityhttps://medium.com/@nanak.singh/insecure-deserialization-why-it-is-a-vulnerability-74e22e878cf4?source=rss------bug_bounty-5Nanak Singh Khuranaweb-security, insecure-deserialization, hacking, bug-bounty04-Aug-2024
Simple Authentication Bypass By Response Manipulation.https://medium.com/@test123cybertest/simple-authentication-bypass-by-response-manipulation-44ba530e803b?source=rss------bug_bounty-5praveenarsh0xx0hacking, tips-and-tricks, cybersecurity, pentest, bug-bounty04-Aug-2024
Hacking OWASP Juice Shop: Part 3- Exploiting Insufficient Server-Side Checks:::Bypassing Input…https://infosecwriteups.com/hacking-owasp-juice-shop-part-3-exploiting-insufficient-server-side-checks-bypassing-input-6b4368449c2f?source=rss------bug_bounty-5callgh0sthacking, input-validation, burpsuite, consistency, bug-bounty04-Aug-2024
SQL Injection Attack, Querying the Database Type and Version on MySQL and Microsofthttps://medium.com/@marduk.i.am/sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft-caf947d0208a?source=rss------bug_bounty-5Marduk I Amsqli, sql-injection, bug-bounty, information-security, portswigger-lab04-Aug-2024
Hacking OWASP Juice Shop: Part4 — Exploiting Payment and Input Validation Loopholeshttps://infosecwriteups.com/hacking-owasp-juice-shop-part4-exploiting-payment-and-input-validation-loopholes-59f6b8485c3e?source=rss------bug_bounty-5callgh0stprompt, bypass, consistency, hacking, bug-bounty04-Aug-2024
Simple logic flaw lead to P3 bug in public BBPhttps://medium.com/@mohamed0xmuslim/simple-logic-flaw-lead-to-p3-bug-in-public-bbp-7cf21a4fb7c6?source=rss------bug_bounty-5Muhammad_Mostafabug-bounty, bugcrowd, bugbounty-writeup, bug-bounty-tips, hackerone04-Aug-2024
curityPHAR Deserialization: Exploiting Hidden Vulnerabilities in PHPhttps://cyberw1ng.medium.com/curityphar-deserialization-exploiting-hidden-vulnerabilities-in-php-c68891254c13?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, cybersecurity, penetration-testing, hacking04-Aug-2024
Kioptrix Level 3 Walkthroughhttps://erdemstar.medium.com/kioptrix-level-3-walkthrough-25dce894e7e3?source=rss------bug_bounty-5Erdemstaroscp-preparation, bug-bounty, pentesting, oscp, bug-bounty-tips04-Aug-2024
Exploiting Negative Quantity Manipulation for Total Price Reductionhttps://medium.com/@adhammedhat101/s-e615c50a1798?source=rss------bug_bounty-5SemZcybersecurity, bug-bounty, bugbounty-writeup, penetration-testing, web-app-security04-Aug-2024
Don’t Know Where to Look for Bugs? A Beginner’s Guide to Bug Huntinghttps://medium.com/@paritoshblogs/dont-know-where-to-look-for-bugs-a-beginner-s-guide-to-bug-hunting-780780eec09b?source=rss------bug_bounty-5Paritoshbug-bounty-tips, bug-bounty, information-technology, information-security, cybersecurity03-Aug-2024
How I prevented a mass leak of user data at one of the largest Tech companieshttps://medium.com/@syarifsajjad07/how-i-prevented-a-mass-leak-of-user-data-at-one-of-the-largest-tech-companies-caea05474af8?source=rss------bug_bounty-5Syarifsajjadhackerone, bug-bounty-tips, cybersecurity, bug-bounty, bugbounty-writeup03-Aug-2024
30 Days — 30 Vulnerability Challengehttps://it4chis3c.medium.com/30-days-30-vulnerability-challenge-28edae3b25d4?source=rss------bug_bounty-5It4chis3cbug-bounty-tips, bug-bounty, 30dayswritingchallenge03-Aug-2024
Day 1 of 30 Days — 30 Vulnerabilities Tips & Trickshttps://it4chis3c.medium.com/day-1-of-30-days-30-vulnerabilities-tips-tricks-4cff7b2756a2?source=rss------bug_bounty-5It4chis3c30dayswritingchallenge, xss-attack, xss-vulnerability, bug-bounty-tips, bug-bounty03-Aug-2024
How I Hacked and Secured a Croatian Government Website: A White Hat Journeyhttps://harshit3.medium.com/how-i-hacked-and-secured-a-croatian-government-website-a-white-hat-journey-d452fbb8e711?source=rss------bug_bounty-5Harshitethical-hacking, bug-bounty, security, vulnerability, cybersecurity03-Aug-2024
How a Host Header Injection Bug Earned Me My Fourth Hall of Fame Spot at Applehttps://medium.com/@MohaseenK/how-a-host-header-injection-bug-earned-me-my-fourth-hall-of-fame-spot-at-apple-b5d880acbba2?source=rss------bug_bounty-5Mohaseeninfosec, hall-of-fame, hackerone, bug-bounty, apple03-Aug-2024
Your AI Conversations Aren’t Safe: How We Stole Themhttps://h0tak88r.medium.com/your-ai-conversations-arent-safe-how-we-stole-them-02c17db2ed72?source=rss------bug_bounty-5sallambug-bounty-tips, prompt-injection-attack, ai-hacking, bug-bounty, oauth03-Aug-2024
How I Earned $469 Bounty: Bypassing Plan Restrictionhttps://medium.com/@a13h1/how-i-earned-469-bounty-bypassing-plan-restriction-58f6d3120b6e?source=rss------bug_bounty-5Abhi Sharmaaccess-control, programming, infosec, cybersecurity, bug-bounty03-Aug-2024
How to Find Vulnerabilities and Bugs with the Help of ChatGPT and Get Bountyhttps://medium.com/@shaikhminhaz1975/how-to-find-vulnerabilities-and-bugs-with-the-help-of-chatgpt-and-get-bounty-f1ee5b6b0dd0?source=rss------bug_bounty-5Shaikh Minhazbug-bounty-with-ai, bug-bounty, chatgpt, cybersecurity, find-bug-with-chatgpt03-Aug-2024
how I found a critical bug using response manipulationhttps://matrixm0x1.medium.com/how-i-found-a-critical-bug-using-response-manipulation-4403a562db12?source=rss------bug_bounty-5matrixm0x1security, vulnerability, cybersecurity, bugs, bug-bounty03-Aug-2024
20.9 Lab: Developing a custom gadget chain for PHP deserializationhttps://cyberw1ng.medium.com/20-9-lab-developing-a-custom-gadget-chain-for-php-deserialization-c173ff462156?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing03-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-66)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-66-9a60c229db5e?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, skills, hacking, bug-bounty, cybersecurity03-Aug-2024
How could privilege escalation vulnerability lead to full account takeover?https://medium.com/@moxallam/how-could-privilege-escalation-vulnerability-lead-to-full-account-takeover-0d49d3d5fbee?source=rss------bug_bounty-53llampentesting, web-application-security, bug-bounty, cyber-security-services, bug-bounty-writeup03-Aug-2024
Uncovering a Reflected XSS Vulnerability in an Insurance Company’s Websitehttps://medium.com/@anonymousshetty2003/uncovering-a-reflected-xss-vulnerability-in-an-insurance-companys-website-ee56c3492381?source=rss------bug_bounty-5Anonymousshettybug-bounty, cybersecurity, ethical-hacking03-Aug-2024
Discovering a Reflected XSS Vulnerability in an Shopping Websitehttps://medium.com/@anonymousshetty2003/discovering-a-reflected-xss-vulnerability-in-an-shopping-website-d9ea72be73ef?source=rss------bug_bounty-5Anonymousshettybug-bounty, xss-vulnerability, ethical-hacking, cybersecurity03-Aug-2024
The first $100 from Bug Hunterhttps://medium.com/@osamamohamed21212121/the-first-100-from-bug-hunter-aaee9a0ac547?source=rss------bug_bounty-5Osamamohamedcybersecurity, security, vulnerability, bug-bounty, bus03-Aug-2024
How I Escalated N/A to High and Got Rewarded £££: Bug Hunting Journeyhttps://medium.com/@iamrizwanvp/how-i-escalated-n-a-to-medium-and-got-rewarded-bug-hunting-journey-c6e6097fe93c?source=rss------bug_bounty-5iamrizwanvpbug-bounty, penetration-testing, cybersecurity, bugbounty-writeup03-Aug-2024
From Fries to Flaws : My Journey into Web App Security (Part II)https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-ii-6127ecc7d93f?source=rss------bug_bounty-5OiQbug-bounty, web-application-security, cybersecurity, xss-vulnerability, bug-bounty-tips03-Aug-2024
Tips about bug bounty for complete begginershttps://medium.com/@mrkimia097/tips-about-bug-bounty-for-complete-begginers-0fa1c85594ad?source=rss------bug_bounty-5Mrkimiabug-bounty, hacker, bugbounty-tips03-Aug-2024
How I Escalated N/A to High and Got Rewarded $$$: Bug Hunting Journeyhttps://medium.com/@iamrizwanvp/how-i-escalated-n-a-to-medium-and-got-rewarded-bug-hunting-journey-c6e6097fe93c?source=rss------bug_bounty-5iamrizwanvpbug-bounty-tips, bug-bounty, penetration-testing, cybersecurity, bugbounty-writeup03-Aug-2024
#4. Bug Bounty Series: Exploiting Boolean-based SQL Injectionhttps://cyb3rmind.medium.com/4-bug-bounty-series-exploiting-boolean-based-sql-injection-3455d800892e?source=rss------bug_bounty-5Cyb3r M!ndspentesting, hacking, bug-bounty, sql-injection02-Aug-2024
Bounty Hunting — Complete Guide (Part-65)https://medium.com/@rafid19/bounty-hunting-complete-guide-part-65-885040ada45a?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, hacking, cybersecurity, ethical-hacking, bug-bounty02-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-64)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-64-aa6bc5c45197?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, hacking, skills, bug-bounty02-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-63)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-63-fdea83c2c38f?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, ethical-hacking, skills, hacking02-Aug-2024
Best youtube channels to learn bughunting and penetration testinghttps://medium.com/@sangamahesh650/best-youtube-channels-to-learn-bughunting-and-penetration-testing-eea2e78a202a?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, bug-bounty-writeup, bugbounty-tips, bug-bounty-tips, bug-bounty02-Aug-2024
Finding subdomains from googlehttps://medium.com/@sangamahesh650/finding-subdomains-from-google-7f370fe60ad1?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, bugbounting, bug-bounty, bug-bounty-tips, bug-bounty-writeup02-Aug-2024
Search engines for hackers and bughuntershttps://medium.com/@sangamahesh650/search-engines-for-hackers-and-bughunters-16139aa60752?source=rss------bug_bounty-5loyalonlytodaybugbounty-writeup, bug-bounty-tips, bug-bounty, hacking, penetration-testing02-Aug-2024
Finding more subdomainshttps://medium.com/@sangamahesh650/finding-more-subdomains-1f5221e79310?source=rss------bug_bounty-5loyalonlytodaybug-bounty, bugbounty-tips, bug-bounty-tips02-Aug-2024
Overview of API Penetration Testinghttps://medium.com/@aakashgupthagwapt/overview-of-api-penetration-testing-2065f6722f4e?source=rss------bug_bounty-5Aakashgupthapenetration-testing, api-penetration-testing, bug-bounty, cybersecurity, api02-Aug-2024
20.8 Lab: Developing a custom gadget chain for Java deserializationhttps://cyberw1ng.medium.com/20-8-lab-developing-a-custom-gadget-chain-for-java-deserialization-01b85e1e998a?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, hacking, bug-bounty, cybersecurity02-Aug-2024
I found RCE on Viber.https://medium.com/@deadoverflow/i-found-rce-on-viber-432cf9e17eb0?source=rss------bug_bounty-5Imad Husanoviccyber-security-awareness, programming, hacking, rce, bug-bounty02-Aug-2024
Email Verification Bypass Easy-P4https://medium.com/@Ajakcybersecurity/email-verification-bypass-easy-p4-70039d0b8fd9?source=rss------bug_bounty-5AjakCybersecuritytechnology, penetration-testing, bug-bounty, hacking, ethical-hacking02-Aug-2024
Client-Side XSS: The DOM-based Debacle (Cross Site Scripting)https://medium.com/@godsxfinger/client-side-xss-the-dom-based-debacle-cross-site-scripting-7a14904934d9?source=rss------bug_bounty-5Aadi (godsxfinger)xs, web-app-security, bug-bounty, cybersecurity, bug-bounty-tips01-Aug-2024
Serialization and Deserialization: Advanced Concepts and Best Practiceshttps://cyberw1ng.medium.com/serialization-and-deserialization-advanced-concepts-and-best-practices-c6562fce9e4b?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, penetration-testing, cybersecurity01-Aug-2024
Understanding Cross-Site Scripting (XSS)https://medium.com/@soheilvanaee.net/understanding-cross-site-scripting-xss-5610d02cc5c4?source=rss------bug_bounty-5Soheilvanaee Netbug-bounty, cybersecurity, web-hacking01-Aug-2024
First Bug Report: HTML Injection Vulnerability ️‍♂️https://medium.com/@youseftamereg/first-bug-report-html-injection-vulnerability-%EF%B8%8F-%EF%B8%8F-7a5e042d6548?source=rss------bug_bounty-5yousef tamerhtml-injection, writeup, bug-bounty01-Aug-2024
Wasabi Bucket Takeover | Bug Bountyhttps://mo9khu93r.medium.com/wasabi-bucket-takeover-bug-bounty-7520e8decde7?source=rss------bug_bounty-5mo9khu93rethical-hacking, cybersecurity, subdomain-takeover, bug-bounty31-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-62)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-62-4ff0fce045ca?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, skills, bug-bounty, hacking31-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-61)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-61-1c6514a2067b?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, cybersecurity, bug-bounty, skills, hacking31-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-60)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-60-76ea9ba1551c?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, bug-bounty, hacking, cybersecurity, ethical-hacking31-Jul-2024
Step-by-Step Guide On How to Find Your First Bug in Web Applicationshttps://medium.com/@shaikhminhaz1975/step-by-step-guide-on-how-to-find-your-first-bug-in-web-applications-0080f6a7f945?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, bug-bounty, vulnerability, information-disclosure, ethical-hacking31-Jul-2024
How To Find Your 1st Bug For Bug Bounty Hunters (Step by Step Guide) Guarantee Resulthttps://medium.com/@shaikhminhaz1975/step-by-step-guide-on-how-to-find-your-first-bug-in-web-applications-0080f6a7f945?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, bug-bounty, vulnerability, information-disclosure, ethical-hacking31-Jul-2024
SAML Authentication Bypass Leading to Admin Panel Accesshttps://medium.com/@0x_xnum/saml-authentication-bypass-leading-to-admin-panel-access-24f23812ed76?source=rss------bug_bounty-5Ahmed Tarekbug-bounty, saml, privilege-escalation, broken-access-control, authentication-bypass31-Jul-2024
Don’t know where to look for bugs ?? In Depth Recon Bug Bounty — Part 02https://omarora1603.medium.com/dont-know-where-to-look-for-bugs-in-depth-recon-bug-bounty-part-02-9d7c55e045aa?source=rss------bug_bounty-5Om Arorabug-bounty-writeup, hacking, bug-bounty, methodology, infosec31-Jul-2024
My Journey into Cybersecurity: Learning Bug Bounty from Scratchhttps://medium.com/@akashathare411/my-journey-into-cybersecurity-learning-bug-bounty-from-scratch-abc2b45f04c5?source=rss------bug_bounty-5Akash Atharelearning, cybersecurity, bug-bounty, iit, masters-degree31-Jul-2024
Serialization and Deserialization: An Essential Guidehttps://cyberw1ng.medium.com/serialization-and-deserialization-an-essential-guide-30552a9cf379?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, cybersecurity, penetration-testing31-Jul-2024
Hack and make money — Bug Bountyhttps://medium.com/@victoras.croitoru/hack-and-make-money-bug-bounty-d9db818eb33e?source=rss------bug_bounty-5viconline, ethical-hacking, hacking, money, bug-bounty31-Jul-2024
NgeSec Bebas #3 — How to Avoid N/A on Submissionshttps://muh-hidayat7799.medium.com/ngesec-bebas-3-how-to-avoid-n-a-on-submissions-9acf14ef7ba1?source=rss------bug_bounty-5Muhamad Hidayatmethodology, risk-management, bug-bounty, app-security, penetration-testing31-Jul-2024
Don’t know where to look for bugs ?? In Depth Recon Bug Bounty — Part 02https://infosecwriteups.com/dont-know-where-to-look-for-bugs-in-depth-recon-bug-bounty-part-02-9d7c55e045aa?source=rss------bug_bounty-5Om Arorabug-bounty-writeup, hacking, bug-bounty, methodology, infosec31-Jul-2024
Why bug bounty program should be a part of your security strategy — ET CISOhttps://nowitsanurag.medium.com/why-bug-bounty-program-should-be-a-part-of-your-security-strategy-et-ciso-ad5abf991292?source=rss------bug_bounty-5Anuragcybersecurity, bug-bounty, ransomware, vulnerability31-Jul-2024
Uncovering Sensitive Information: A Case Study on a Government Websitehttps://medium.com/@anonymousshetty2003/uncovering-sensitive-information-a-case-study-on-a-government-website-1f5ad0e158ec?source=rss------bug_bounty-5Anonymousshettyhacking, ethical-hacking, bug-bounty, wpscan, cybersecurity31-Jul-2024
Stored XSS: When Bad Code Happens to Good Websites (Cross Site Scripting)https://medium.com/@godsxfinger/stored-xss-when-bad-code-happens-to-good-websites-a5d6b4e629ca?source=rss------bug_bounty-5Aadi (godsxfinger)bug-bounty, cross-site-scripting, xs, web-app-security, cybersecurity31-Jul-2024
Reflected XSS: Navigating the Web’s Wild West (Cross-Site Scripting)https://medium.com/@godsxfinger/reflected-xss-navigating-the-webs-wild-west-cross-site-scripting-a1e092e58b73?source=rss------bug_bounty-5Aadi (godsxfinger)cybersecurity, cross-site-scripting, xs, bug-bounty, web-app-security31-Jul-2024
From Fries to Flaws : My Journey into Web App Security (Part I)https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-i-958c67c20771?source=rss------bug_bounty-5OiQweb-application-security, web-vulnerabilities, bug-bounty, bug-bounty-tips, cybersecurity31-Jul-2024
ICMTC Final CTF 2024 Web Hackig Challengeshttps://medium.com/@medohythem2019/icmtc-final-ctf-2024-web-hackig-challenges-5135cccf09ba?source=rss------bug_bounty-50xdragonbug-bounty, hacking, pentesting, ctf30-Jul-2024
LFI WITH PHPINFO TO RCEhttps://infosecwriteups.com/lfi-with-phpinfo-to-rce-78318f0dc9ce?source=rss------bug_bounty-5c0d3x27bug-bounty, hacking-tools, hacking, web-development, cybersecurity30-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-59)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-59-a0a4a25d7f97?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, cybersecurity, ethical-hacking, bug-bounty, skills30-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-58)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-58-f4102848b19d?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, bug-bounty, ethical-hacking, cybersecurity, skills30-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-57)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-57-1c470cccf094?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, bug-bounty, skills, hacking30-Jul-2024
Triple XSS in a Private Bug Bounty Program via a Hidden Parameterhttps://infosecwriteups.com/triple-xss-in-a-private-bug-bounty-program-via-a-hidden-parameter-b42d0263f56d?source=rss------bug_bounty-5Andreahacking, bug-bounty, xss-attack30-Jul-2024
Interesting Business Logic Error leads to Pre-Account Takeover via Verification bypass on GoogleVRPhttps://medium.com/@jerryhackgather/interesting-business-logic-error-leads-to-pre-account-takeover-via-verification-bypass-on-googlevrp-d362f9469e3d?source=rss------bug_bounty-5Jerry1319cybersecurity, bug-bounty-tips, bug-bounty, bugbounty-writeup30-Jul-2024
Cross-Site Scripting (XSS) Vulnerabilities:https://medium.com/@yassentaalab51/cross-site-scripting-xss-vulnerabilities-1397653cef7d?source=rss------bug_bounty-5Yassen Taalabowasp, web-vulnerabilities, bug-bounty, web-security, xss-attack30-Jul-2024
6 tips for finding security vulnerabilities with GitHub Code Search — Bug Bounty Tuesdayhttps://medium.com/@kerstan/6-tips-for-finding-security-vulnerabilities-with-github-code-search-bug-bounty-tuesday-d4035bc7e302?source=rss------bug_bounty-5kerstanhacking, bug-bounty, cybersecurity30-Jul-2024
Stealing First Party Access Token of Facebook Users: Meta Bug Bountyhttps://iamsaugat.medium.com/stealing-first-party-access-token-of-facebook-users-meta-bug-bounty-44b3b2e87d07?source=rss------bug_bounty-5Saugat Pokharelmeta, cybersecurity, facebook-bug-bounty, bug-bounty, hacking30-Jul-2024
第一次课程笔记整理https://medium.com/@starkxun5215/%E7%AC%AC%E4%B8%80%E6%AC%A1%E8%AF%BE%E7%A8%8B%E7%AC%94%E8%AE%B0%E6%95%B4%E7%90%86-52d34c91f3fc?source=rss------bug_bounty-5xun starkbug-bounty30-Jul-2024
Race Conditions Uncovered: A Practical Guidehttps://yaseenzubair.medium.com/race-conditions-uncovered-a-practical-guide-3cb69d73c946?source=rss------bug_bounty-5Yaseen Zubairweb-security, penetration-testing, bug-bounty, bug-bounty-tips, race-condition30-Jul-2024
Navigating the Dangers of Insecure Deserializationhttps://cyberw1ng.medium.com/navigating-the-dangers-of-insecure-deserialization-73254b5ed415?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, bug-bounty, hacking, careers30-Jul-2024
How I got my first valid bug on nasahttps://medium.com/@mrkimia097/how-i-got-my-first-valid-bug-on-nasa-bf5e95531f00?source=rss------bug_bounty-5Mrkimiabug-bounty30-Jul-2024
Top Google Dorks Explainedhttps://infosecwriteups.com/top-google-dorks-explained-ee6cac1673da?source=rss------bug_bounty-5Mike Takahashi (TakSec)information-security, seo, hacking, cybersecurity, bug-bounty30-Jul-2024
Exposing OTP Bypass Vulnerabilities: Step-by-Step Bug Bounty Case Studyhttps://b0mk35h.medium.com/exposing-otp-bypass-vulnerabilities-step-by-step-bug-bounty-case-study-0dc39dc543bd?source=rss------bug_bounty-5Pronay Biswaspenetration-testing, hacking, bug-bounty, vulnerability, cybersecurity29-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-56)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-56-5d2efa89b759?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, bug-bounty, ethical-hacking, cybersecurity, skills29-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-55)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-55-1032e6222b41?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, skills, bug-bounty, hacking29-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-54)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-54-8e83629a6942?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, hacking, ethical-hacking, skills, bug-bounty29-Jul-2024
Exploiting Open Redirection $1000https://medium.com/@mdnafeed3/how-about-exploiting-open-redirection-how-base64-encoding-can-uncover-hidden-vulnerabilities-cb5beb11b763?source=rss------bug_bounty-5H4cker-Nafeedcybersecurity, web3, infosec, hacking, bug-bounty29-Jul-2024
Insecure Deserialization Vulnerabilities: A Deep Dive into Risks and Mitigationshttps://cyberw1ng.medium.com/insecure-deserialization-vulnerabilities-a-deep-dive-into-risks-and-mitigations-5c37f297c763?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, bug-bounty, penetration-testing, hacking29-Jul-2024
Discovering and Exploiting an XSS Vulnerability in a Large Finance Websitehttps://medium.com/@anonymousshetty2003/discovering-and-exploiting-an-xss-vulnerability-in-a-large-finance-website-f125dbd6d984?source=rss------bug_bounty-5Anonymousshettyxss-vulnerability, cybersecurity, ethical-hacking, hacking, bug-bounty29-Jul-2024
Advanced scan with Bashhttps://mosec0.medium.com/advanced-scan-with-bash-52005537a63c?source=rss------bug_bounty-5Mohamed Alipentester, bug-bounty, new-security-tool29-Jul-2024
Uncovering Sensitive File Information: A Case Study in Web Securityhttps://medium.com/@anonymousshetty2003/uncovering-sensitive-file-information-a-case-study-in-web-security-f5d03f2c5cd4?source=rss------bug_bounty-5Anonymousshettysensitive-data, cybersecurity, ethical-hacking, bug-bounty, dorking29-Jul-2024
Kioptrix Level 2 Walkthroughhttps://erdemstar.medium.com/kioptrix-level-2-walkthrough-439c56f87c?source=rss------bug_bounty-5Erdemstarvulnerability, oscp-preparation, bug-bounty-tips, bug-bounty, oscp29-Jul-2024
JS Link Finder Burp Suite Extension Guidehttps://infosecwriteups.com/js-link-finder-burp-suite-extension-guide-e4809a6da268?source=rss------bug_bounty-5Mike Takahashi (TakSec)information-security, cybersecurity, hacking, bug-bounty, appsec29-Jul-2024
New Planshttps://medium.com/@nnface/new-plans-0b11cfa5495d?source=rss------bug_bounty-5NnFacebugs, bug-bounty, bug-bounty-writeup, hacker, hacking29-Jul-2024
Chain Reaction On Big Playerhttps://medium.com/@nnface/chain-reaction-on-big-player-4e331faf57b9?source=rss------bug_bounty-5NnFacebug-bounty, bug-bounty-tips, bugs, bugs-bunny, hacking29-Jul-2024
JavaScript: Hunting And Analyzing for Bug Bounty..https://hacktivistattacker.medium.com/javascript-hunting-and-analyzing-for-bug-bounty-a15416de32cd?source=rss------bug_bounty-5Hacktivist-Attackerbug-bounty, ethical-hacking, code-analysis, education, javascript28-Jul-2024
Hunting for Vulnerabilities that are ignored by most of the Bug Bounty Hunters — Part 2https://medium.com/@kshunya/hunting-for-vulnerabilities-that-are-ignored-by-most-of-the-bug-bounty-hunters-part-2-d2a51edaa8e8?source=rss------bug_bounty-5Vishal Barotpentesting, infosec, bug-bounty, penetration-testing, vapt28-Jul-2024
Hacking OWASP Juice Shop: Part 2 — Exposing Critical Vulnerabilities in the Payment Flowhttps://callgh0st.medium.com/hacking-owasp-juice-shop-part-2-exposing-critical-vulnerabilities-in-the-payment-flow-45630ed1633e?source=rss------bug_bounty-5callgh0stvulnerability, hacking, bug-bounty, payments, logic28-Jul-2024
Unveiling Hidden Git Repositories: A Deep Dive into the Git Source Code Disclosure Scannerhttps://maordayanofficial.medium.com/unveiling-hidden-git-repositories-a-deep-dive-into-the-git-source-code-disclosure-scanner-f704470de59a?source=rss------bug_bounty-5Maor Dayanthreat-hunting, vulnerability, white-hat-hacker, bug-bounty28-Jul-2024
How I bypass Safegurads of meta AI (Llama)https://medium.com/@jeetpal2007/how-i-bypass-safegurads-of-meta-ai-llama-d735b521da2b?source=rss------bug_bounty-5JEETPALllamas, bug-bounty, llm, bugbounty-tips, bugbounty-writeup28-Jul-2024
How to Fight Procrastination as a Bug Hunterhttps://medium.com/@Progsky/how-to-fight-procrastination-as-a-bug-hunter-48d0d280e572?source=rss------bug_bounty-5Progskybug-bounty, hacking, pentesting, penetration-testing, procrastination28-Jul-2024
Exploiting Insecure Deserialization Vulnerabilitieshttps://cyberw1ng.medium.com/exploiting-insecure-deserialization-vulnerabilities-cb9c586cd146?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, penetration-testing, hacking28-Jul-2024
Subdomain Takeoverhttps://medium.com/@mukkagopi50/subdomain-takeover-1de38466fdcc?source=rss------bug_bounty-5Gopi Mukkabug-bounty28-Jul-2024
Bypass Plan Restriction & Get 350$ Bountyhttps://infosecwriteups.com/bypass-plan-restriction-get-350-bounty-2df24f406462?source=rss------bug_bounty-5Abhi Sharmaprivilege-escalation, bug-bounty, programming, cybersecurity, access-control28-Jul-2024
Here are some common parameters to test for XSS (Cross-Site Scripting) vulnerabilities:https://medium.com/@BugHunterMan/here-are-some-common-parameters-to-test-for-xss-cross-site-scripting-vulnerabilities-fbe25f1968cc?source=rss------bug_bounty-5BugHUnterManbug-bounty, vulnerability28-Jul-2024
Hacking OWASP Juice Shop: Part 2 — Exposing Critical Vulnerabilities in the Payment Flowhttps://infosecwriteups.com/hacking-owasp-juice-shop-part-2-exposing-critical-vulnerabilities-in-the-payment-flow-45630ed1633e?source=rss------bug_bounty-5callgh0stvulnerability, hacking, bug-bounty, payments, logic28-Jul-2024
0-Click ATO Due to Weak Reset Password Tokens and Lack of Rate Limitinghttps://h0tak88r.medium.com/0-click-ato-due-to-weak-reset-password-tokens-and-lack-of-rate-limiting-b7fe20487a45?source=rss------bug_bounty-5sallamcybersecurity, ato, bug-bounty, account-takeover, bug-bounty-tips28-Jul-2024
how did i find leakage of information just by fuzzing?https://medium.com/@onader104/how-did-i-find-leakage-of-information-just-by-fuzzing-888d6ce6d8f7?source=rss------bug_bounty-5Omar Naderinfosec, bug-bounty, cybersecurity, bug-bounty-tips, info-sec-writeups28-Jul-2024
The Looming Threat: How an IDOR Vulnerability Could Have Exposed Millions of Merchants Details.https://medium.com/@cy3erbeast/the-looming-threat-how-an-idor-vulnerability-could-have-exposed-millions-of-merchants-details-f488725489a0?source=rss------bug_bounty-5Rahulbug-bounty-writeup, bug-bounty, idor-vulnerability, bug-bounty-tips, data-breach28-Jul-2024
Discovered Sensitive Data Exposure on Wati.com: A Case Study Using Sublist3r and DirBusterhttps://medium.com/@anonymousshetty2003/discovered-sensitive-data-exposure-on-wati-com-a-case-study-using-sublist3r-and-dirbuster-409a03f8f75d?source=rss------bug_bounty-5Anonymousshettybug-bounty, hacking, cybersecurity, ethical-hacking27-Jul-2024
Open Redirect Vulnerability in Microsoft Create Portalhttps://zeynalxan.medium.com/open-redirect-vulnerability-in-microsoft-create-portal-6654eb3e6b7a?source=rss------bug_bounty-5Zeynalxan Quliyevbug-bounty, microsoft-hack, open-redirect, bug-bounty-writeup, microsoft-open-redirect27-Jul-2024
How I found a Privilege Escalation bug in bug bounty.https://medium.com/@gitlime71/how-i-found-a-privilege-escalation-bug-in-bug-bounty-eff018f19020?source=rss------bug_bounty-5Raccoonhacking, bug-bounty, penetration-testing, pentesting, bug-bounty-tips27-Jul-2024
Jailbreak of Meta AI (Llama -3.1) revealing configuration detailshttps://medium.com/@kiranmaraju/jailbreak-of-meta-ai-llama-3-1-revealing-configuration-details-9f0759f5006a?source=rss------bug_bounty-5Kiran Marajullm, nlp, cybersecurity, bug-bounty, chatbots27-Jul-2024
Subdomain Takeoverhttps://medium.com/@ibnibrahim/subdomain-takeover-34bd662b5a7a?source=rss------bug_bounty-5TestUsercybersecurity, hacking, ethical-hacking, bug-bounty, information-security27-Jul-2024
Exploiting insecure deserialization vulnerabilitieshttps://cyberw1ng.medium.com/exploiting-insecure-deserialization-vulnerabilities-3595e4c24e2d?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, penetration-testing, cybersecurity, careers27-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-48)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-48-241d35293a81?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, cybersecurity, hacking, skills, bug-bounty26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-47)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-47-8d21d898cc97?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, skills, cybersecurity, ethical-hacking, hacking26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-46)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-46-e851213880f4?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, bug-bounty, ethical-hacking, hacking, cybersecurity26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-45)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-45-7a90d1667a7a?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, skills, ethical-hacking, bug-bounty, hacking26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-44)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-44-e4649fab9a0c?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking26-Jul-2024
30-day Time Limit: Swagshop Credit-Giving Activityhttps://medium.com/@security.tecno/30-day-time-limit-swagshop-credit-giving-activity-61454ef3757b?source=rss------bug_bounty-5TECNO Securitybug-bounty, security, bonus, hacker26-Jul-2024
SIMPLE IDEA IN 2FA BYPASS LEADS TO $$$$ & CRITICAL IMPACT !https://medium.com/@alderson.philip/simple-idea-in-2fa-bypass-leads-to-critical-impact-a98e7c6a4190?source=rss------bug_bounty-5Philip Aldersonhacker, bugs, bug-bounty, 2fa-bypass26-Jul-2024
Inside the Bug Bounty World: Challenges, Rewards, and Tips for Successhttps://medium.com/codex/inside-the-bug-bounty-world-challenges-rewards-and-tips-for-success-74ea37cbfd9c?source=rss------bug_bounty-5Security Lit Limitedbug-bounty, vulnerability, bug-bounty-tips, cybersecurity, penetration-testing26-Jul-2024
Quick Guide: API Penetration Testinghttps://medium.com/@miladkeivanfar/quick-guide-api-penetration-testing-496c2e356a2e?source=rss------bug_bounty-5Milad keivanfarpentesting, api-penetration-testing, bug-bounty, bug-bounty-tips, api-security26-Jul-2024
Solving an extremely difficult cryptography CTF pack: Level 1https://medium.com/@f3tch/day-1-of-solving-an-extremely-difficulty-level-cryptography-ctf-pack-level-1-b8b3d89a531c?source=rss------bug_bounty-5f3tchhacking, ctf-writeup, ctf, bug-bounty, cryptography26-Jul-2024
ElasticSearch Smash & Grabhttps://hogarth45.medium.com/elasticsearch-smash-grab-99cf36cdefbb?source=rss------bug_bounty-5Jesselasticsearch, hacking, bug-bounty26-Jul-2024
Pentesting vs. Bug Bounty: Understanding the Differences and Choosing the Right Approachhttps://ip-specialist.medium.com/pentesting-vs-bug-bounty-understanding-the-differences-and-choosing-the-right-approach-0af4e0569193?source=rss------bug_bounty-5IPSpecialistdifference, pentester, pentesting, bug-bounty, security26-Jul-2024
18.7 Lab: Clobbering DOM attributes to bypass HTML filtershttps://cyberw1ng.medium.com/18-7-lab-clobbering-dom-attributes-to-bypass-html-filters-d1af9a33ae41?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, penetration-testing, careers, hacking26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-49)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-49-2ef3a8eb3b4b?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, bug-bounty, cybersecurity, ethical-hacking, skills26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-53)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-53-bea2f5cf6a14?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, cybersecurity, hacking, ethical-hacking, bug-bounty26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-52)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-52-26b5cc12f0c2?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, bug-bounty26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-51)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-51-379ea39fb723?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, skills, cybersecurity, ethical-hacking, hacking26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-50)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-50-4a59a3c4f97b?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, skills, ethical-hacking, hacking26-Jul-2024
IDOR : Payment Fraud on GYM Membership websitehttps://uzet.medium.com/idor-payment-fraud-on-gym-membership-website-d4e67f07db57?source=rss------bug_bounty-5Timotius Benhurbug-bounty, pentesting, bug-bounty-writeup, bug-bounty-tips, cybersecurity25-Jul-2024
SQL Injection in 5 mins //Just because of CURIOSITY //https://larebsec.medium.com/sql-injection-in-5-mins-just-because-of-curiosity-56e186f6296d?source=rss------bug_bounty-5Larebsql-injection, hacking, cybersecurity, security, bug-bounty25-Jul-2024
Useful JavaScript functions & API’s to exploit XSS (Cross-Site Scripting)https://medium.com/@godsxfinger/useful-javascript-functions-apis-to-exploit-xss-cross-site-scripting-5d99a93d9899?source=rss------bug_bounty-5Aadi (godsxfinger)cross-site-scripting, xs, bug-bounty, cybersecurity25-Jul-2024
Bypassing OTP Verification in a Signup Pagehttps://medium.com/@rat010/bypassing-otp-verification-in-a-signup-page-13976f724017?source=rss------bug_bounty-5Kanhaiya Kumar Singhbug-bounty, web-application-security, web-app-testing, bug-hunting, bug-bounty-tips25-Jul-2024
18.6 Lab: Exploiting DOM clobbering to enable XSShttps://cyberw1ng.medium.com/18-6-lab-exploiting-dom-clobbering-to-enable-xss-640dd7c5fcf8?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing25-Jul-2024
The Importance of Cybersecurity in Today’s Digital Agehttps://medium.com/@erkankavas/the-importance-of-cybersecurity-in-todays-digital-age-8d5a61d47416?source=rss------bug_bounty-5Erkan Kavascybersecurity, bug-bounty, threat-intelligence25-Jul-2024
Automatiser la découverte des XSShttps://medium.com/@hazeprojecte/automatiser-la-d%C3%A9couverte-des-xss-9810f89172a4?source=rss------bug_bounty-5Itachix0fxss-attack, automatisation, bug-bounty-tips, bug-bounty25-Jul-2024
Automatiser la découverte des XSShttps://medium.com/@Itachi0xf/automatiser-la-d%C3%A9couverte-des-xss-9810f89172a4?source=rss------bug_bounty-5Itachix0fxss-attack, automatisation, bug-bounty-tips, bug-bounty25-Jul-2024
The Basic SQLmap Tutorial and SQLInjection | PortswiggerLab with SQLMaphttps://medium.com/@barsavak/the-basic-sqlmap-tutorial-and-sqlinjection-portswiggerlab-with-sqlmap-1bb0cdf086fb?source=rss------bug_bounty-5bariss30bug-bounty, test, sql-injection, web-vulnerabilities, tools24-Jul-2024
Bug Bounty basic for beginners & Types of bug bounty programshttps://systemweakness.com/bug-bounty-basic-for-beginners-types-of-bug-bounty-programs-e4a8dab68fcd?source=rss------bug_bounty-5Harsh Hatejbug-bounty, bug-bounty-program, kali-linux, bug-bounty-tips, bounty-program24-Jul-2024
14.30 Lab: Reflected XSS protected by CSP, with CSP bypasshttps://cyberw1ng.medium.com/14-30-lab-reflected-xss-protected-by-csp-with-csp-bypass-779c76173f7a?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, cybersecurity, careers, hacking24-Jul-2024
Android PenTesting Toolshttps://medium.com/@evilprince007/android-pentesting-tools-efd0685ffeb7?source=rss------bug_bounty-5Prathamesh Khatavkarandroid, bug-bounty, hacking, cybersecurity, mobile24-Jul-2024
Hacking Moodle Apps Via External Functionshttps://medium.com/@dub-flow/hacking-moodle-apps-via-external-functions-1fc88a6d697c?source=rss------bug_bounty-5Florian Walterpenetration-testing, moodle, ethical-hacking, cybersecurity, bug-bounty24-Jul-2024
Accelerating Cybersecurity Learning with Speed Reading and Memory Traininghttps://medium.com/@enigma_/accelerating-cybersecurity-learning-with-speed-reading-and-memory-training-97305b666660?source=rss------bug_bounty-5enigmabug-bounty, memory-improvement, ethical-hacking, speed-reading, cybersecurity24-Jul-2024
How Almost Sacrificing a University Group Project led to a Microsoft Bug Bountyhttps://medium.com/@pyrus369/how-almost-sacrificing-a-university-group-project-led-to-a-microsoft-bug-bounty-9801e0f8f006?source=rss------bug_bounty-5Pyrusmicrosoft, cybersecurity, web-security, bug-bounty, infosec23-Jul-2024
How Almost Sacrificing a University Group Project led to a Microsoft Bug Bountyhttps://medium.com/@ericdesquivel3/how-almost-sacrificing-a-university-group-project-led-to-a-microsoft-bug-bounty-7e1b4eaabe22?source=rss------bug_bounty-5Eric Esquivelbug-bounty, web-app-security23-Jul-2024
Unmasking Keystroke Secrets: How Hackers Exploit Your Keyboard — A Deep Dive into…https://systemweakness.com/unmasking-keystroke-secrets-how-hackers-exploit-your-keyboard-a-deep-dive-into-5bdb1bbabb25?source=rss------bug_bounty-5Khaleel Khaninfosec, bug-bounty, python, hacking, cybersecurity23-Jul-2024
Preparing Your VPS for Bug Bounty Operations: A Complete Guidehttps://medium.com/@adityasingh4180/preparing-your-vps-for-bug-bounty-operations-a-complete-guide-f55c30331df0?source=rss------bug_bounty-5Security Empirecybersecurity, vps, bugcrowd, automation-testing, bug-bounty23-Jul-2024
5 Tips For Writing Bug Bounty Reports — Bug Bounty Tuesdayhttps://medium.com/@kerstan/5-tips-for-writing-bug-bounty-reports-bug-bounty-tuesday-0c5ed937a657?source=rss------bug_bounty-5kerstanhacking, bug-bounty, cybersecurity23-Jul-2024
Complex Attack Types: Sample Scenarios 48https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-48-410ddcb3010e?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, bug-bounty, cyberattack, cybersecurity, penetration-testing23-Jul-2024
Top 10 XSS Payloadshttps://rodoassis.medium.com/top-10-xss-payloads-e4774a43e285?source=rss------bug_bounty-5Rodolfo Assis (Brute)xss-vulnerability, xss-attack, web-security, bug-bounty, web-hacking23-Jul-2024
How i created my first XSS tool:-XSS-Pro #BugBountyhttps://medium.com/@mithun_/how-i-created-my-first-xss-tool-xss-pro-bugbounty-982a16079baf?source=rss------bug_bounty-5Mithunxss-vulnerability, xss-attack, pentesting, bug-bounty, automation23-Jul-2024
I made a big mistake…https://medium.com/@deadoverflow/i-made-a-big-mistake-a3e2dac4138c?source=rss------bug_bounty-5Imad Husanovicbug-bounty, cybsersecurity, bug-bounty-tips, hacking, programming23-Jul-2024
How to start Bug Huntinghttps://medium.com/@hackerhyaato/how-to-start-bug-hunting-73ce283db5ac?source=rss------bug_bounty-5Hackerhyaatohow-to-start-bug-hunting, bug-bounty, bug-hunting, bugbounty-tips, how-to-start-bug-bounty23-Jul-2024
What is CSP (content security policy)?https://cyberw1ng.medium.com/what-is-csp-content-security-policy-cb3580832442?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, bug-bounty, hacking23-Jul-2024
How to Install websocat on linux (Debian / Ubuntu)https://medium.com/@brianokinyi/how-to-install-websocat-on-linux-debian-ubuntu-85893655355e?source=rss------bug_bounty-5Brian Okinyiwebsocket, bug-bounty, linux, pentesting22-Jul-2024
Case Studies: High-Profile Vulnerabilities Discovered Through Bug Bounty Programshttps://medium.com/@paritoshblogs/case-studies-high-profile-vulnerabilities-discovered-through-bug-bounty-programs-2a063561f733?source=rss------bug_bounty-5Paritoshinformation-technology, hacking, bug-bounty, cybersecurity, information-security22-Jul-2024
OverTheWire — Bandit27https://medium.com/@evilprince007/overthewire-bandit27-465df4274d80?source=rss------bug_bounty-5Prathamesh Khatavkarhacking, cybersecurity, bug-bounty22-Jul-2024
TapSwap Clone Script Your Gateway to a Lucrative Tap-to-Earn Game !!!https://medium.com/@peterkester96/tapswap-clone-script-your-gateway-to-a-lucrative-tap-to-earn-game-68a589821305?source=rss------bug_bounty-5Peterkesterplayers, bug-bounty, telegram, profit, reflections22-Jul-2024
Burp Suite Made Easy: A Step-By-Step Tutorial (Part 1 of 2)https://medium.com/@trixiahorner/burp-suite-made-easy-a-step-by-step-tutorial-part-1-of-2-451695ce84b1?source=rss------bug_bounty-5Trixia Hornertryhackme, ethical-hacking, cybersecurity, penetration-testing, bug-bounty22-Jul-2024
14.28 Lab: Reflected XSS in a JavaScript URL with some characters blockedhttps://cyberw1ng.medium.com/14-28-lab-reflected-xss-in-a-javascript-url-with-some-characters-blocked-db67819d5aa6?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, cybersecurity, penetration-testing22-Jul-2024
What is IDOR (along with IDOR Attack Method)https://medium.com/@errorfiathck/what-is-idor-along-with-idor-attack-method-e183b28e8546?source=rss------bug_bounty-5Errorfiathckvulnerability, hacking, bug-bounty, idor, idor-vulnerability22-Jul-2024
The First Bug bounty forum !https://elb4rt0.medium.com/the-first-bug-bounty-forum-ba0399fb70c0?source=rss------bug_bounty-5Elb4rt0bug-bounty-hunter, bug-bounty-tips, bugs, bug-bounty, bug-bounty-writeup22-Jul-2024
First €200 bug that started my Bug Bounty Careerhttps://medium.com/@sugamdangal52/first-200-bug-that-started-my-bug-bounty-career-c11a871e116f?source=rss------bug_bounty-5Sugam Dangalbug-bounty-hunter, bug-bounty, bug-bounty-tips, bugs, bug-bounty-writeup22-Jul-2024
My Encounter with an Admin Panel in a Gas Agency Websitehttps://medium.com/@parthh_rana/my-encounter-with-an-admin-panel-in-a-gas-agency-website-72ded4fa4345?source=rss------bug_bounty-5Parth Ranalaravel, admin-panel, cybersecurity, bug-bounty, directory-listing22-Jul-2024
HACKERONE IS A SCAMhttps://medium.com/@proseizala/hackerone-is-a-scam-1623a5030284?source=rss------bug_bounty-5Proseizalacybersecurity, hackerone, hacker, bug-bounty22-Jul-2024
Complex Attack Types: Sample Scenarios 47https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-47-c0314c0e0b02?source=rss------bug_bounty-5Baris Dincerpenetration-testing, freedomofinternet, bug-bounty, cyberattack, cybersecurity22-Jul-2024
Discovering Account Takeover Vulnerability Through Source Map Analysishttps://medium.com/@eduardinholuiz691/discovering-account-takeover-vulnerability-through-source-map-analysis-0cd4038cbc04?source=rss------bug_bounty-5Daniel Silvavulnerability, bug-bounty, bug-bounty-writeup, reconnaissance22-Jul-2024
Discovering Account Takeover Vulnerability Through Source Map Analysishttps://medium.com/@danielsilva691/discovering-account-takeover-vulnerability-through-source-map-analysis-0cd4038cbc04?source=rss------bug_bounty-5Daniel Silvavulnerability, bug-bounty, bug-bounty-writeup, reconnaissance22-Jul-2024
CVE-2024–40725 and CVE-2024–40898: Critical Vulnerabilities in Apache HTTP Serverhttps://infosecwriteups.com/cve-2024-40725-and-cve-2024-40898-critical-vulnerabilities-in-apache-http-server-d292084255dc?source=rss------bug_bounty-5ElNiakapache, cybersecurity, https, bug-bounty, vulnerability21-Jul-2024
TryHackMe — NahamStore — Walkthroughhttps://medium.com/@nayanjyoti16/tryhackme-nahamstore-walkthrough-d4ecfe586c96?source=rss------bug_bounty-5Nayanjyoti Kumartryhackme, hacking, web, nahamstore, bug-bounty21-Jul-2024
How I bypassed payment in one of the popular mobile apk and got free subsciptionhttps://medium.com/@deepk007/how-i-bypassed-payment-in-one-of-the-popular-mobile-apk-and-got-free-subsciption-46e94f61c089?source=rss------bug_bounty-5DEepbug-bounty, bug-bounty-tips, ethical-hacking, red-team, cybersecurity21-Jul-2024
Community Building in Bug Bounties: The Power of Networking and Collaborationhttps://sarthakbhingare15.medium.com/community-building-in-bug-bounties-the-power-of-networking-and-collaboration-6adcdea4435b?source=rss------bug_bounty-5Sarthak Bhingarecommunity, improve, bug-bounty-tips, bug-bounty, tips21-Jul-2024
14.27 Lab: Reflected XSS with event handlers and href attributes blockedhttps://cyberw1ng.medium.com/14-27-lab-reflected-xss-with-event-handlers-and-href-attributes-blocked-d2f9871fc8a8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, penetration-testing, careers, bug-bounty21-Jul-2024
How To Setup Private Interactsh Serverhttps://medium.com/@learntheshell/how-to-setup-private-interactsh-server-016c344a10b3?source=rss------bug_bounty-5LearnTheShellbug-bounty, bug-bounty-tips, cybersecurity, linux21-Jul-2024
Advanced XXE Injectionhttps://medium.com/illumination/advanced-xxe-injection-fb269f281a40?source=rss------bug_bounty-5Quintius Walkerpoetry, poetry-writing, poetry-on-medium, illumination, bug-bounty21-Jul-2024
BSOD error due to crowdstrike.https://gaya3-r.medium.com/bsod-error-due-to-crowdstrike-d675c348d09e?source=rss------bug_bounty-5gayatri rbug-bounty, crowdstrike, crowdstrike-outage, bsod-error, information-security21-Jul-2024
Email verification bypass due to race condition.https://medium.com/@mohamed.yasser442200/email-verification-bypass-due-to-race-condition-8e4492313208?source=rss------bug_bounty-5Spider4race-condition, red-team, bug-bounty, security, pentesting21-Jul-2024
Community Building in Bug Bounties: The Power of Networking and Collaborationhttps://sarthakbhingare15.medium.com/community-building-in-bug-bounties-the-power-of-networking-and-collaboration-6adcdea4435b?source=rss------bug_bounty-5Sarthak Raju Bhingarecommunity, improve, bug-bounty-tips, bug-bounty, tips21-Jul-2024
Uncovering a Critical Vulnerability: Unauthorized Access to Sensitive Datahttps://medium.com/@anonymousshetty2003/uncovering-a-critical-vulnerability-unauthorized-access-to-sensitive-data-024182daa127?source=rss------bug_bounty-5Anonymousshettypenetration-testing, bug-bounty, dorking, cybersecurity, ethical-hacking20-Jul-2024
Discovering a High-Severity Bug in a Major Mobile Distribution Companyhttps://medium.com/@anonymousshetty2003/discovering-a-high-severity-bug-in-a-major-mobile-distribution-company-3fdb2a0f1987?source=rss------bug_bounty-5Anonymousshettycybersecurity, ethical-hacking, bug-bounty20-Jul-2024
How I was able to escalate my privileges and Bypass 403 Forbiddenhttps://medium.com/@momen_besher/how-i-was-able-to-escalate-my-privileges-and-bypass-403-forbidden-17b8aea4cba6?source=rss------bug_bounty-5steve55555cybersecurity, bug-bounty, bug-bounty-tips20-Jul-2024
Kali Linux: Starting Out with Bug Bounty Huntinghttps://medium.com/@nimrashahidktk3/kali-linux-starting-out-with-bug-bounty-hunting-d7a0150645bd?source=rss------bug_bounty-5Nimra Shahidpenetration-testing, cybersecurity, kali-linux, bug-bounty20-Jul-2024
14.26 Lab: Reflected XSS with AngularJS sandbox escape and CSPhttps://cyberw1ng.medium.com/14-26-lab-reflected-xss-with-angularjs-sandbox-escape-and-csp-b98791b2a5a6?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, penetration-testing, bug-bounty, hacking20-Jul-2024
Complex Attack Types: Sample Scenarios 46https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-46-a6707ef9e910?source=rss------bug_bounty-5Baris Dincerpenetration-testing, cyberattack, bug-bounty, freedomofinternet, cybersecurity20-Jul-2024
The Type of Bug That We Can’t Seehttps://medium.com/illumination/the-type-of-bug-that-we-cant-see-82ff07cdcd71?source=rss------bug_bounty-5Quintius Walkercreative-writing, poetry-on-medium, poetry, bug-bounty, illumination20-Jul-2024
This is how i escalated self XSS with CSRFhttps://medium.com/@pvnk24/this-is-how-i-escalated-self-xss-with-csrf-80113ab3080e?source=rss------bug_bounty-5Pavan Kcybersecurity, bug-bounty, penetration-testing, security, pentesting20-Jul-2024
Basic Pentesting 1 Walkthroughhttps://erdemstar.medium.com/basic-pentesting-1-walkthrough-4e447a2ac35d?source=rss------bug_bounty-5Erdemstaroscp-preparation, oscp, bug-bounty, application-security, penetration-testing20-Jul-2024
Discovering an XML File Upload Vulnerability Lead to SSRF: My Bug Hunting Journeyhttps://javroot.medium.com/discovering-an-xml-file-upload-vulnerability-lead-to-ssrf-my-bug-hunting-journey-8e1bac89f60f?source=rss------bug_bounty-5Javrootxml, bug-bounty, vulnerability, cybersecurity, bug-bounty-tips20-Jul-2024
The Type of Bug That We Can’t Seehttps://medium.com/@The_StarHack3r/the-type-of-bug-that-we-cant-see-82ff07cdcd71?source=rss------bug_bounty-5Quintius Walkercreative-writing, poetry-on-medium, poetry, bug-bounty, illumination20-Jul-2024
14.25 Lab: Reflected XSS with AngularJS sandbox escape without stringshttps://cyberw1ng.medium.com/14-25-lab-reflected-xss-with-angularjs-sandbox-escape-without-strings-6ffac9f6bdf4?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, cybersecurity, careers19-Jul-2024
Subdomain Takeover on hatenablog.com (はてなブログ)https://medium.com/@daichiharada/subdomain-takeover-hatenablog-2cb3576bf881?source=rss------bug_bounty-5Daichi Haradasubdomain-takeover, security, bug-bounty19-Jul-2024
1000$ IDOR : Unauthorized Project Inclusion in Expensehttps://medium.com/@a13h1/1000-idor-unauthorized-project-inclusion-in-expense-b9ce08b28c71?source=rss------bug_bounty-5Abhi Sharmacybersecurity, idor, bug-bounty, broken-access-control, information-security19-Jul-2024
Information Disclosure that made me $2000 in under 5 minuteshttps://medium.com/@sugamdangal52/information-disclosure-that-made-me-2000-in-under-5-minutes-63e1ce00ca07?source=rss------bug_bounty-5Sugam Dangalinformation-disclosure, bug-bounty-writeup, bug-bounty, bug-bounty-tips19-Jul-2024
Common Technique To Exploit File Upload Vulnerabilityhttps://medium.com/@p00dl3/common-technique-to-exploit-file-upload-vulnerability-bf84beed7207?source=rss------bug_bounty-5p00dl3cybersecurity, bug-bounty, file-upload19-Jul-2024
Complete Cybersecurity Roadmap 2024 (Part-1)https://osintteam.blog/complete-cybersecurity-roadmap-2024-part-1-c69986288f16?source=rss------bug_bounty-5LogicTechcybersecurity, osint, bug-bounty, hacking, roadmaps19-Jul-2024
Hello …..https://medium.com/@rutujasoundale693/hello-4a42a834d006?source=rss------bug_bounty-5Rutujasoundalecybersecurity, bug-bounty19-Jul-2024
Complex Attack Types: Sample Scenarios 45https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-45-17057d9de6dd?source=rss------bug_bounty-5Baris Dincercybersecurity, bug-bounty, penetration-testing, freedomofinternet, cyberattack19-Jul-2024
Não Experimente a Tela Azul da Microsoft(BUG?)https://medium.com/@liviaxavier200317/n%C3%A3o-experimente-a-tela-azul-da-microsoft-bug-9f631ea24c8d?source=rss------bug_bounty-5Livia Xaviercrowdstrike, cibernéticos, bug-bounty, microsoft, bugs19-Jul-2024
Specialized Bug Sweeps for Unique Environmentshttps://medium.com/@siddiquiasad2299/specialized-bug-sweeps-for-unique-environments-43a1ea56930c?source=rss------bug_bounty-5Asad Siddiquibug-detection, tscm, bug-bounty, bug-sweep19-Jul-2024
Kursus Cyber Security Di Linuxhackingidhttps://medium.com/@linuxhackingid_official/kursus-cyber-security-di-linuxhackingid-dc4e52760661?source=rss------bug_bounty-5Linuxhackingidhacker, bug-bounty, cybersecurity, linuxhackingid, hacking18-Jul-2024
Top 50+ XSS Bug Bounty Writeups | Cross-Site Scripting(XSS) Attacks Reportshttps://medium.com/@proseizala/top-50-xss-bug-bounty-writeups-cross-site-scripting-xss-attacks-reports-700332ed6c87?source=rss------bug_bounty-5Proseizalahacker, hacking, bug-bounty, cybersecurity18-Jul-2024
Sub Domains Finder Toolshttps://medium.com/@proseizala/sub-domains-finder-tools-fefa2b44bb34?source=rss------bug_bounty-5Proseizalabug-bounty, cybersecurity, hacker18-Jul-2024
13.5 Lab: Exploiting server-side parameter pollution in a REST URLhttps://cyberw1ng.medium.com/13-5-lab-exploiting-server-side-parameter-pollution-in-a-rest-url-a1876056a5f6?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, bug-bounty, hacking, cybersecurity18-Jul-2024
Critical Logic Flaw Allows Overwrite of Any User Accounthttps://medium.com/@elcapitano7x/critical-logic-flaw-allows-overwrite-of-any-user-account-015b102e1da7?source=rss------bug_bounty-5Elcapitanobug-bounty, bug-bounty-tips, hackerone, bugbounty-writeup, hacking18-Jul-2024
How I Found and Bypassed a Spring Boot Actuator Information Disclosure Bughttps://cametom006.medium.com/how-i-found-and-bypassed-a-spring-boot-actuator-information-disclosure-bug-c4930b740a50?source=rss------bug_bounty-5Fahad Faisalbug-bounty18-Jul-2024
Summary Of The Basics of Web Hacking, PRT 2https://medium.com/@zghzwbcn/summary-of-the-basics-of-web-hacking-prt-2-e3d7bdbf902d?source=rss------bug_bounty-5Henrietta Awosoberekonbug-bounty, technology, cybersecurity, web-development, web-vulnerabilities18-Jul-2024
IDOR at the Get Payment Data Endpoint Leads to Personal Identifiable Information (PII) Disclosurehttps://medium.com/@blackarazi/idor-at-the-get-payment-data-endpoint-leads-to-personal-identifiable-information-pii-disclosure-7956c57058af?source=rss------bug_bounty-5Azhari Harahapapi-security, broken-access-control, application-security, bug-bounty-writeup, bug-bounty17-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-43)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-43-0699b919a514?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, hacking, cybersecurity, skills, bug-bounty17-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-42)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-42-4cb955de4cc7?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, bug-bounty, skills, hacking, cybersecurity17-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-41)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-41-7b2b5aed416c?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, cybersecurity, skills, bug-bounty, ethical-hacking17-Jul-2024
Why does you all guys think that you really need Python for hackinghttps://systemweakness.com/why-does-you-all-guys-think-that-you-really-need-python-for-hacking-b50b65238401?source=rss------bug_bounty-5Imran Niazprogramming-languages, penetration-testing, cybersecurity, data-science, bug-bounty17-Jul-2024
Temenos Transact Vulnerable to Reflected XSS (CVE-2022–38322)https://qotoz.medium.com/temenos-transact-vulnerable-to-reflected-xss-cve-2022-38322-7b1e2f681db1?source=rss------bug_bounty-5ِAshraf Harbcve, bug-bounty, penetration-testing, temenos17-Jul-2024
Bypassing Account Suspension Using Anonymous Posting | Facebook Bug Bountyhttps://ph-hitachi.medium.com/bypassing-account-suspension-using-anonymous-posting-facebook-bug-bounty-b204433c98d1?source=rss------bug_bounty-5Ph.Hitachibug-bounty, facebook-bug-bounty, bypass-restriction17-Jul-2024
Practical Bug Bounty — TCM Academy | Module 6https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-6-9cab8d004034?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamiethical-hacking, bug-bounty, cybersecurity, appsec, fuzzing17-Jul-2024
Default Credentials Leads to $1200 Bounty Reward (Quest NetVault CVE-2017–17417)https://medium.com/@tester333/default-credentials-leads-to-1200-bounty-reward-quest-netvault-cve-2017-17417-b34c6e0e7a86?source=rss------bug_bounty-5Testercybersecurity, bug-bounty-tips, bug-bounty, penetration-testing, ethical-hacking17-Jul-2024
The WordPress bug very few know about.https://osintteam.blog/the-wordpress-bug-very-few-know-about-1bf16ee4a2a6?source=rss------bug_bounty-5an0nbilwordpress, programming, vulnerability, web-development, bug-bounty17-Jul-2024
Exploiting Server-Side Parameter Pollution in a REST URLhttps://cyberw1ng.medium.com/exploiting-server-side-parameter-pollution-in-a-rest-url-0d52d4261c86?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, hacking, cybersecurity, bug-bounty17-Jul-2024
How Easily I Found My First P2 on Bugcrowdhttps://medium.com/@hashimamin/how-easily-i-found-my-first-p2-on-bugcrowd-ed827a79a50c?source=rss------bug_bounty-5Hashim Amincsrf, recon, csrf-bypass, bug-bounty-tips, bug-bounty17-Jul-2024
OS CTFhttps://medium.com/@Shaybaa/os-ctf-27cc9a8ab0cc?source=rss------bug_bounty-5Shaybaabug-bounty, web-security, idor-vulnerability17-Jul-2024
Hacker Himselfhttps://medium.com/@nnface/hacker-himself-01d4978e189c?source=rss------bug_bounty-5NnFacebugbounty-writeup, bug-bounty, hacking, cybersecurity, bug-bounty-tips17-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-40)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-40-f1b43fb596ae?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, cybersecurity, skills, ethical-hacking, bug-bounty16-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-39)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-39-740c7ada54ea?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, bug-bounty, cybersecurity, ethical-hacking, skills16-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-38)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-38-fa2ceb6f8bbd?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, cybersecurity, hacking, skills16-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-37)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-37-20111980eaa5?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, ethical-hacking, hacking, bug-bounty, cybersecurity16-Jul-2024
Exploiting CVE-2024–22274: A Deep Dive into VMware vCenter Server Vulnerabilities and Defense…https://systemweakness.com/exploiting-cve-2024-22274-a-deep-dive-into-vmware-vcenter-server-vulnerabilities-and-defense-5d79b44ed215?source=rss------bug_bounty-5Khaleel Khaninfosec, cybersecurity, ethical-hacking, hacking, bug-bounty16-Jul-2024
Complex Attack Types: Sample Scenarios 44https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-44-83d2bc9b2d7d?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, information-technology, cybersecurity, bug-bounty, cyberattack16-Jul-2024
How Use 6 Step To Find Ssrf — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-use-6-step-to-find-ssrf-bug-bounty-tuesday-acc44d806c08?source=rss------bug_bounty-5kerstancybersecurity, hacking, bug-bounty16-Jul-2024
API Recon and Testing for Bug Bountyhttps://cyberw1ng.medium.com/api-recon-and-testing-for-bug-bounty-3969d1f90f5c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, penetration-testing, cybersecurity16-Jul-2024
Intro to Debugging Java Web Servers Without Source Code For Security Researchershttps://infosecwriteups.com/intro-to-debugging-java-web-servers-without-source-code-for-security-researchers-80ff00de4753?source=rss------bug_bounty-5Jayateertha Guruprasadbug-bounty, pentesting, cybersecurity, java, infosec16-Jul-2024
Reflected XSS via Base64-encoded on My college website.https://uzet.medium.com/reflected-xss-via-base64-encoded-on-my-college-website-2df9755b1856?source=rss------bug_bounty-5Timotius Benhurpenetration-testing, pentesting, bug-bounty, bug-hunting, bug-bounty-tips15-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-36)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-36-a8fd178e9b07?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, cybersecurity, hacking, bug-bounty, skills15-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-35)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-35-adbfa228814a?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, ethical-hacking, skills, hacking15-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-34)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-34-73069fab6ff6?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, bug-bounty, hacking, skills15-Jul-2024
My First Bounty: A story of a Blind SQL Injectionhttps://medium.com/@adebayosec/my-first-bounty-a-story-of-a-blind-sql-injection-69d9ad6716b6?source=rss------bug_bounty-5Victorioussql-injection, penetration-testing, cybersecurity, bug-bounty, burpsuite15-Jul-2024
CVE-2024–23692: A Critical Vulnerability in Rejetto HTTP File Serverhttps://infosecwriteups.com/cve-2024-23692-a-critical-vulnerability-in-rejetto-http-file-server-1df322a2e688?source=rss------bug_bounty-5ElNiakbug-bounty, python, cybersecurity, system, ssti15-Jul-2024
My First Bounty: A story of a Blind SQL Injectionhttps://medium.com/@adebayosec/my-first-bounty-a-story-of-a-blind-sql-injection-69d9ad6716b6?source=rss------bug_bounty-5Torioussql-injection, penetration-testing, cybersecurity, bug-bounty, burpsuite15-Jul-2024
Echidnahttps://medium.com/@Progsky/echidna-b9e454de096b?source=rss------bug_bounty-5Progskyhacking-tools, pentesting, penetration-testing, bug-bounty, blockchain15-Jul-2024
Complex Attack Types: Sample Scenarios 43https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-43-39deed779c6c?source=rss------bug_bounty-5Baris Dincerpenetration-testing, cyberattack, freedomofinternet, bug-bounty, cybersecurity15-Jul-2024
Understanding White Hat Hacking: The Guardians of Cybersecurityhttps://medium.com/@cosmiczoomies/understanding-white-hat-hacking-the-guardians-of-cybersecurity-87200caf5820?source=rss------bug_bounty-5GalaxyGoosecybersecurity, hacking, white-hat-hacker, bug-bounty, penetration-testing15-Jul-2024
11.9 Lab: Exploiting XXE to retrieve data by repurposing a local DTDhttps://cyberw1ng.medium.com/11-9-lab-exploiting-xxe-to-retrieve-data-by-repurposing-a-local-dtd-30f4098a7789?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, hacking, cybersecurity, bug-bounty15-Jul-2024
XSS Türleri için Test Case Yazmahttps://medium.com/@tugbaglsn/xss-t%C3%BCrleri-i%C3%A7in-test-case-yazma-1832eb0a27f9?source=rss------bug_bounty-5Tuğba Gülşencybersecurity, xss-attack, xss-vulnerability, bug-bounty15-Jul-2024
How to Easily Earn a $200 Bountyhttps://medium.com/@xiaodongsec/how-to-easily-earn-a-200-bounty-6e27eaaec13f?source=rss------bug_bounty-5Mu1berrybugcrowd, hacker, bug-bounty, money, vulnerability14-Jul-2024
Review: AppSec Pentesting eXpert (CAPenX) from The SecOps Grouphttps://medium.com/@p0lyxena/review-appsec-pentesting-expert-capenx-from-the-secops-group-eb5674e4bf8d?source=rss------bug_bounty-5Fuleki Ioanbug-bounty, penetration-testing, certification, cybersecurity, capenx14-Jul-2024
Detection Engineering: A Comprehensive Overviewhttps://medium.com/@paritoshblogs/detection-engineering-a-comprehensive-overview-92fc01973ce7?source=rss------bug_bounty-5Paritoshdetection-engineering, information-technology, cybersecurity, hacking, bug-bounty14-Jul-2024
Hunting for Firebase Enums in Android Applicationhttps://medium.com/@tanish.saxena26/hunting-for-firebase-enums-in-android-application-42b79e9b76f8?source=rss------bug_bounty-5Tanish Saxenacloud, bug-bounty, firebase, android, gcp14-Jul-2024
My First Critical Vulnerabilityhttps://medium.com/@0xchoudhary/my-first-critical-vulnerability-fd83a81f70b3?source=rss------bug_bounty-5Sushil Choudharybugbounty-writeup, bug-hunting, bug-bounty-tips, hackerone, bug-bounty14-Jul-2024
How I Can Get P1 Nasa easily — Dorkinghttps://0xc4thack.medium.com/how-i-can-get-p1-nasa-easily-dorking-c9c4a4cee251?source=rss------bug_bounty-50xc4tpentesting, nasa-vdp, pentest-web, bug-bounty, dorking14-Jul-2024
New York Flankees Room TryHackMe Walkthroughhttps://matsecurity.medium.com/new-york-flankees-room-tryhackme-walkthrough-ef6862c781f1?source=rss------bug_bounty-5MatSecctf-writeup, tryhackme-writeup, bug-bounty, tryhackme, tryhackme-walkthrough14-Jul-2024
The easiest admin panel bypasshttps://medium.com/@paraskhorwal9/the-easiest-admin-panel-bypass-4b6fb4d7d1ea?source=rss------bug_bounty-5Paraskhorwalbug-bounty, penetration-testing, admin-panel14-Jul-2024
Complex Attack Types: Sample Scenarios 42https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-42-d0a11c84cc73?source=rss------bug_bounty-5Baris Dincercyberattack, freedomofinternet, bug-bounty, penetration-testing, cybersecurity14-Jul-2024
New York Flankees TryHackMe Room Walkthrough: Step-by-Step Youtube Guidehttps://matsecurity.medium.com/new-york-flankees-room-tryhackme-walkthrough-ef6862c781f1?source=rss------bug_bounty-5MatSecctf-writeup, tryhackme-writeup, bug-bounty, tryhackme, tryhackme-walkthrough14-Jul-2024
Automate Subdomain Monitoringhttps://medium.com/@Aftab700/automate-subdomain-monitoring-171338c66dd5?source=rss------bug_bounty-5Aftab Samabug-bounty, monitoring, infosec, automation, hacking14-Jul-2024
What is XML external entity (XXE) injectionhttps://cyberw1ng.medium.com/what-is-xml-external-entity-xxe-injection-8914620c2d24?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, penetration-testing, careers14-Jul-2024
Escaping the Citrix Sandbox — Understanding Citrix Breakouthttps://medium.com/@suprajabaskaran8/escaping-the-citrix-sandbox-understanding-citrix-breakout-80320a3d44af?source=rss------bug_bounty-5Suprajabaskaranbug-bounty-tips, hacking, bug-bounty, pentesting, penetration-testing14-Jul-2024
Vulnerable WordPress June 2024 (Turkish delight)https://medium.com/@onhexgroup/vulnerable-wordpress-june-2024-turkish-delight-96cae8ef8161?source=rss------bug_bounty-5Onhexgroupbug-bounty, infosec, web-security, information-security, wordpress14-Jul-2024
Escaping the Citrix Sandbox — Understanding Citrix Breakouthttps://infosecwriteups.com/escaping-the-citrix-sandbox-understanding-citrix-breakout-80320a3d44af?source=rss------bug_bounty-5Suprajabaskaranbug-bounty-tips, hacking, bug-bounty, pentesting, penetration-testing14-Jul-2024
Airplane TryHackMe Room Walkthrough | MatSec Youtubehttps://matsecurity.medium.com/airplane-tryhackme-room-walkthrough-matsec-youtube-7fca40406a20?source=rss------bug_bounty-5MatSectryhackme-walkthrough, bug-bounty, tryhackme-writeup, tryhackme, ctf-writeup13-Jul-2024
10.7 Lab: SSRF with whitelist-based input filterhttps://cyberw1ng.medium.com/10-7-lab-ssrf-with-whitelist-based-input-filter-36db84b1a13d?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, hacking, cybersecurity, bug-bounty13-Jul-2024
Securing Crypto Company: Addressing Web 2.0 Vulnerabilitieshttps://metanetwebhostingsecurity.medium.com/securing-crypto-company-addressing-web-2-0-vulnerabilities-209bd7fc3d85?source=rss------bug_bounty-5metanetwebhosting securitycryptocurrency, cybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty13-Jul-2024
Linux Exploitation: Stack Smashinghttps://medium.com/@boogsta/linux-exploitation-stack-smashing-70c1bf6c13d2?source=rss------bug_bounty-5Boogstahacking, cybersecurity, bug-bounty, cyber, hacker13-Jul-2024
My First Bug: Gitingore exposure combined with 403 bypasshttps://medium.com/@nnface/my-first-bug-gitingore-exposure-combined-with-403-bypass-5db750e211ff?source=rss------bug_bounty-5NnFacebug-bounty, bug-bounty-tips, cybersecurity, hacking, low-hanging-fruit13-Jul-2024
Here is the story of how i found Stored XSS on a targethttps://medium.com/@pvnk24/here-is-the-story-of-how-i-found-stored-xss-on-a-target-7baaeed76765?source=rss------bug_bounty-5Pavan Kpenetration-testing, bug-bounty, pentesting, hacking, ethical-hacking13-Jul-2024
Complex Attack Types: Sample Scenarios 41https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-41-48e4f10a07ef?source=rss------bug_bounty-5Baris Dincerpenetration-testing, freedomofinternet, information-security, bug-bounty, cybersecurity13-Jul-2024
Email Update Restricted Bypasshttps://medium.com/@mahfujwhh/email-update-restricted-bypass-f6af935da67e?source=rss------bug_bounty-5mahfujwhhcybersecurity, bug-bounty13-Jul-2024
Credential stuffing in bug bountieshttps://bunny0417.medium.com/credential-stuffing-in-bug-bounties-d51b8e321135?source=rss------bug_bounty-5Aayush kumarcredential-stuffing, leaked-passwords, bug-bounty, darkweb, bugbounty-writeup12-Jul-2024
Can bug bounty be a full time career?https://medium.com/@shwetapapnai783/can-bug-bounty-be-a-full-time-career-5606f1ddd440?source=rss------bug_bounty-5Shweta Papnaisecurity, cybersecurity, technology, money, bug-bounty12-Jul-2024
The Hidden Pitfalls of Bug Bounties on Indian Government Sites: My First Experiencehttps://medium.com/@rolextital/the-hidden-pitfalls-of-bug-bounties-on-indian-government-sites-my-first-experience-9204312a8325?source=rss------bug_bounty-5Rolextitalhacking, bug-bounty, govt, idor12-Jul-2024
Firmware Analysis: Hands-on Guidehttps://hackerassociate.medium.com/firmware-analysis-hands-on-guide-19913a5166ca?source=rss------bug_bounty-5Harshad Shahbug-bounty, infosec, cybersecurity, hacking, iot12-Jul-2024
DΞX Points Festhttps://d3xxyz.medium.com/d%CE%BEx-points-fest-e39019566b3f?source=rss------bug_bounty-5DΞXairdrop, bounty-program, bug-bounty12-Jul-2024
Windows privilege escalation: Abusing npm’s design patterns to escalate your permissionshttps://medium.com/@demonia/windows-privilege-escalation-abusing-npms-design-patterns-to-escalate-your-permissions-da0ac6c96d72?source=rss------bug_bounty-5Mohammed Diefcybersecurity, npm, bug-bounty, windows, privilege-escalation12-Jul-2024
VULNERABILITY RESEARCHhttps://medium.com/@workwithsane/vulnerability-research-896c0ba07a57?source=rss------bug_bounty-5Sanebug-bounty, cybersecurity, bug-bounty-tips12-Jul-2024
My First Bug!!!Stored Cross Site Scripting(XSS)https://medium.com/@shahariarwalid/my-first-bug-stored-cross-site-scripting-xss-d84051ee4e86?source=rss------bug_bounty-5Shahariar Aminbug-bounty, xss-vulnerability, stored-xss12-Jul-2024
File Upload se kuch hatke : File Inclusion aur Path Traversal Vulnerabiliteshttps://medium.com/@yashprajapati791/file-upload-se-kuch-hatke-file-inclusion-aur-path-traversal-vulnerabilites-d10e16be0d7a?source=rss------bug_bounty-5Yash Virendra Prajapatipenetration-testing, bug-bounty, file-inclusion, vulnerability, file-upload12-Jul-2024
How i got Bug -XSShttps://medium.com/@basxth/how-i-got-bug-xss-8eec781ab58b?source=rss------bug_bounty-5Mohammed Basith K Bbug-bounty, xss-attack, google-dorking, xss-bypass, cybersecurity12-Jul-2024
Master Bug Bounty Hunting with Top Recon Toolshttps://medium.com/@labcodetech/master-bug-bounty-hunting-with-top-recon-tools-83516a4bcc54?source=rss------bug_bounty-5Codetech Labvulnerability, recon, bug-bounty, penetration-testing12-Jul-2024
NewLine Character Cause DoS: Folder & File Deletion Flawhttps://medium.com/@a13h1/newline-character-cause-dos-folder-file-deletion-flaw-8bec3079ed85?source=rss------bug_bounty-5Abhi Sharmacybersecurity, bug-bounty, programming, denial-of-service, infosec12-Jul-2024
10.6 Lab: Blind SSRF with Shellshock Exploitationhttps://cyberw1ng.medium.com/10-6-lab-blind-ssrf-with-shellshock-exploitation-a13e25b27dbc?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, cybersecurity, bug-bounty, penetration-testing12-Jul-2024
Setting up a private Burp Collaborator Serverhttps://medium.com/@AstroKrypTech/setting-up-a-private-burp-collaborator-server-71c55ff85815?source=rss------bug_bounty-5AstroKrypTechweb-application-security, bug-bounty-tips, bug-bounty12-Jul-2024
Git Gone Wrong: Application Compromise via Exposed .git Directoryhttps://medium.com/@cybersekler/git-gone-wrong-application-compromise-via-exposed-git-directory-392806b23435?source=rss------bug_bounty-5Cyber Seklerpenetration-testing, hacking, application-security, bug-bounty12-Jul-2024
RECON IS IMPORTANT !!! In Depth Recon Methodology Bug Bounty Part 01https://omarora1603.medium.com/recon-is-important-in-depth-recon-methodology-bug-bounty-part-01-2b69c3b168fe?source=rss------bug_bounty-5Om Aroramethodology, infosec, hacking, bug-bounty, bug-bounty-tips12-Jul-2024
NewLine Character Cause DoS: Folder & File Deletion Flawhttps://infosecwriteups.com/newline-character-cause-dos-folder-file-deletion-flaw-8bec3079ed85?source=rss------bug_bounty-5Abhi Sharmacybersecurity, bug-bounty, programming, denial-of-service, infosec12-Jul-2024
RECON IS IMPORTANT !!! In Depth Recon Methodology Bug Bounty Part 01https://infosecwriteups.com/recon-is-important-in-depth-recon-methodology-bug-bounty-part-01-2b69c3b168fe?source=rss------bug_bounty-5Om Aroramethodology, infosec, hacking, bug-bounty, bug-bounty-tips12-Jul-2024
How I Make Two SQL Injections Exploitable under the Magic Restricts in WordPresshttps://medium.com/@zpbrent/how-i-make-two-sql-injections-exploitable-under-the-magic-restricts-in-wordpress-817cd60dc80a?source=rss------bug_bounty-5Peng Zhouwordpress-plugins, wordpress, infosec, bug-bounty, web-security12-Jul-2024
آسیب پذیری های Jira را برطرف کنیدhttps://medium.com/@pardis.cloud/%D8%A2%D8%B3%DB%8C%D8%A8-%D9%BE%D8%B0%DB%8C%D8%B1%DB%8C-%D9%87%D8%A7%DB%8C-jira-%D8%B1%D8%A7-%D8%A8%D8%B1%D8%B7%D8%B1%D9%81-%DA%A9%D9%86%DB%8C%D8%AF-b28879e65c2e?source=rss------bug_bounty-5PardisCo Professional Tech Teamآسیبپذیری, bug-bounty, سرور, jira11-Jul-2024
How I Can Still See Your Image on Facebook After You Deleted It | Meta | BugBounty | 2024https://prathapilango.medium.com/how-i-can-still-see-your-image-on-facebook-after-you-deleted-it-meta-bugbounty-2024-3fa63022c4fc?source=rss------bug_bounty-5Prathapilangocybersecurity, meta, bug-bounty, bugbounty-writeup11-Jul-2024
Host Header Injectionhttps://medium.com/@nareshkumar76191/host-header-injection-bd6ffdafe1c0?source=rss------bug_bounty-5Nareshkumarred-team, hacker, bounty-program, bug-bounty, bug-bounty-tips11-Jul-2024
Admin panel Bypassed Just by reading “support team quotes”https://medium.com/@Ajakcybersecurity/admin-panel-bypassed-just-by-reading-support-team-quotes-5462538ea3a4?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, hacking, penetration-testing, ethical-hacking, cybersecurity11-Jul-2024
Cross-Account Profile Picture Deletion via CSRF Token Bypass paid me 500$.https://mustafa2.medium.com/cross-account-profile-picture-deletion-via-csrf-token-bypass-paid-me-500-60d5f4529a7b?source=rss------bug_bounty-5Hajusbug-bounty-tips, csrf-bypass, bug-bounty11-Jul-2024
A Revolutionary Bug Bounty Platform: Zero-Knowledge Proofs in Web3https://medium.com/@JohnnyTime/a-revolutionary-bug-bounty-platform-zero-knowledge-proofs-in-web3-5e9aaa536084?source=rss------bug_bounty-5Johnny Timebug-bounty, web3, bug-hunting, rewards, smart-contracts11-Jul-2024
Building an Ethical Hacking Playground at Homehttps://l00pinfinity.medium.com/building-an-ethical-hacking-playground-at-home-98439af54a78?source=rss------bug_bounty-5Collins K. Boitnetwork, hacking, security-analysts, ethical-hacking, bug-bounty11-Jul-2024
9.6 Lab: Partial construction race conditionshttps://cyberw1ng.medium.com/9-6-lab-partial-construction-race-conditions-303bfc70b5f8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, penetration-testing, bug-bounty, careers11-Jul-2024
Practical Bug Bounty — TCM Academy | Module 5https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-5-508b7fad93f1?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamiinformation-security, appsec, cybersecurity, bug-bounty, penetration-testing11-Jul-2024
Disclose the email address and phone number of chinese business resellerhttps://gtm0x01.medium.com/disclose-the-email-address-and-phone-number-of-chinese-business-reseller-f882978b8733?source=rss------bug_bounty-5Gtm Mänôzbug-bounty-writeup, facebook, hacking, bug-bounty, facebook-bug-bounty11-Jul-2024
XSS Zafiyetleri Test Casehttps://medium.com/@beyzatekinli/xss-t%C3%BCrleri-test-case-18f91987fb63?source=rss------bug_bounty-5Beyzanur Tekinligallipoli, xss-vulnerability, bug-bounty, xss-attack, xss-challenge11-Jul-2024
Abusing CORS for an XSS on Flickrhttps://medium.com/@proseizala/abusing-cors-for-an-xss-on-flickr-a820e3f28083?source=rss------bug_bounty-5Proseizalabug-bounty, hacker, cybersecurity, bug-bounty-tips11-Jul-2024
No Way Out: Enforced and Inescapable Organizational Membershiphttps://0xmatrix.medium.com/no-way-out-enforced-and-inescapable-organizational-membership-a2247caa1790?source=rss------bug_bounty-5Mo2men Elmadyhacking, bug-bounty, cybersecurity, penetration-testing11-Jul-2024
Complex Attack Types: Sample Scenarios 40https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-40-117efeaeaf61?source=rss------bug_bounty-5Baris Dincercybersecurity, penetration-testing, bug-bounty, information-technology, freedomofinternet11-Jul-2024
No Way Out: Enforced and Inescapable Organizational Membershiphttps://0xmatrix.medium.com/no-way-out-enforced-and-inescapable-organizational-membership-125ae7f52d61?source=rss------bug_bounty-5Mo2men Elmadybug-bounty, hacking, penetration-testing, cybersecurity11-Jul-2024
Reconnaissance Basichttps://medium.com/@ronyhassan091101/reconnaissance-basic-bf292dc3b705?source=rss------bug_bounty-5M. Mahmudul Hassanbug-bounty11-Jul-2024
Cracking the Code: A Walkthrough of the W1seGuy Room on TryHackMehttps://matsecurity.medium.com/cracking-the-code-a-walkthrough-of-the-w1seguy-room-on-tryhackme-678673298429?source=rss------bug_bounty-5MatSeccybersecurity, bug-bounty, tryhackme-walkthrough, ethical-hacking, cryptography11-Jul-2024
Bypass CSRF Protectionhttps://medium.com/@dr4040x00/bypass-csrf-protection-707b81c04149?source=rss------bug_bounty-5Ahmed Mohamedcsrf-attack, xss-vulnerability, bug-bounty, csrf, xss-attack11-Jul-2024
Tryhackme W1seGuy Room Walkthrough | MatSec Youtubehttps://matsecurity.medium.com/cracking-the-code-a-walkthrough-of-the-w1seguy-room-on-tryhackme-678673298429?source=rss------bug_bounty-5MatSeccybersecurity, bug-bounty, tryhackme-walkthrough, ethical-hacking, cryptography11-Jul-2024
Bug Bounty Hunting 101: A Comprehensive Guide for Beginnershttps://cyberw1ng.medium.com/bug-bounty-hunting-101-a-comprehensive-guide-for-beginners-41fa78ff0bbd?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, cybersecurity, careers10-Jul-2024
Magix Bug Bounty: magix.com (RCE, SQLi) and xara.com (LFI, XSS)https://medium.com/@proseizala/magix-bug-bounty-magix-com-rce-sqli-and-xara-com-lfi-xss-c4e8492bbf3e?source=rss------bug_bounty-5Proseizalabug-bounty-tips, hackerone, cybersecurity, bug-bounty, hacking10-Jul-2024
Rate Limit Bypass $150https://medium.com/@mr_ayyan/rate-limit-bypass-150-d4fecc05d31b?source=rss------bug_bounty-5Mrayyanirfanrewards, rate-limit, bug-bounty, bugs, hunting10-Jul-2024
The most important HTTP security headershttps://medium.com/@ronyhassan091101/the-most-important-http-security-headers-be4238f181d7?source=rss------bug_bounty-5M. Mahmudul Hassanbug-bounty10-Jul-2024
Complex Attack Types: Sample Scenarios 39https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-39-5ed408a9075d?source=rss------bug_bounty-5Baris Dincerbug-bounty, information-security, penetration-testing, cybersecurity, freedomofinternet10-Jul-2024
Bug Bounty Program for Gluon on Ergohttps://news.stability.nexus/bug-bounty-program-for-gluon-on-ergo-0ca233ce2d9a?source=rss------bug_bounty-5Zahnentfernercrypto, cryptocurrency, stable-coin, blockchain, bug-bounty10-Jul-2024
Host Header Poisoning Vulnerability: A Critical Web Security Flawhttps://zierax.medium.com/host-header-poisoning-vulnerability-a-critical-web-security-flaw-1c2991177e8c?source=rss------bug_bounty-5Zieraxpenetration-testing, cybersecurity, bug-bounty, hacking, vulnerability10-Jul-2024
The Ultimate Guide to Finding and Escalating XSS Bugshttps://medium.com/@proseizala/the-ultimate-guide-to-finding-and-escalating-xss-bugs-22894ef03fc4?source=rss------bug_bounty-5Proseizalabug-bounty-tips, hacker, cybersecurity, bug-bounty, hacking10-Jul-2024
My First Bug Bountyhttps://vikasrai11.medium.com/my-first-bug-bounty-975c47b3f5b5?source=rss------bug_bounty-5Vikas Raiethical-hacking, security, vulnerability, hacking, bug-bounty10-Jul-2024
Exploiting IDOR Vulnerability in PostgRESThttps://aminudin.medium.com/exploiting-idor-vulnerability-in-postgrest-ba0e980032b7?source=rss------bug_bounty-5Aminudinbugs, bug-bounty-tips, writeup, bug-bounty10-Jul-2024
HackerOne 2FA Bypass Vulnerability Exposed!https://medium.com/@lucas.verdan/hackerone-2fa-bypass-vulnerability-exposed-f41f61d6e7be?source=rss------bug_bounty-5Lucas Verdancybersecurity, cyber-attack-prevention, hackerone, bug-bounty-tips, bug-bounty09-Jul-2024
Detecting and exploiting limit overrun race conditions with Burp Repeaterhttps://cyberw1ng.medium.com/detecting-and-exploiting-limit-overrun-race-conditions-with-burp-repeater-43c26128642d?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, bug-bounty, cybersecurity, hacking09-Jul-2024
Airbnb — When Bypassing JSON Encoding, XSS Filter, WAF, CSP, and Auditor turns into Eight…https://medium.com/@proseizala/airbnb-when-bypassing-json-encoding-xss-filter-waf-csp-and-auditor-turns-into-eight-92a004f1cbe8?source=rss------bug_bounty-5Proseizalahacker, bug-bounty-tips, cybersecurity, bug-bounty09-Jul-2024
XSS TÜRLERİ TEST CASEhttps://medium.com/@aarda418/xss-t%C3%BCrleri%CC%87-test-case-a4ab5849100f?source=rss------bug_bounty-5Arda Aslanxss-attack, bug-bounty, xss-vulnerability09-Jul-2024
Become a Digital Detective: Earn Dollars by Testing Apps and Websiteshttps://medium.com/@wnaim11/become-a-digital-detective-earn-dollars-by-testing-apps-and-websites-00a45433d3e8?source=rss------bug_bounty-5The EmpowHERtech Collectivetesting, software-testing, bugs, crowdtesting, bug-bounty09-Jul-2024
Complex Attack Types: Sample Scenarios 38https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-38-10e2ee4d4316?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, threat-intelligence, cybersecurity, penetration-testing, bug-bounty09-Jul-2024
Nmap Cheat Sheet For Penetration Testing.https://medium.com/@umarhere4u/nmap-cheat-sheet-for-penetration-testing-70b555b91285?source=rss------bug_bounty-5Mohammad Umar Kachiethical-hacking, penetration-testing, nmap, hacking, bug-bounty09-Jul-2024
Account Takeover via Weak Reset Token Entropyhttps://medium.com/@majix_de/account-takeover-via-weak-reset-token-entropy-c475268daae6?source=rss------bug_bounty-5Majixprogramming, penetration-testing, bugbounty-writeup, bug-bounty, python09-Jul-2024
Subdomain Enumerationhttps://medium.com/@ronyhassan091101/subdomain-enumeration-4370bac688e1?source=rss------bug_bounty-5M. Mahmudul Hassanbug-bounty09-Jul-2024
10 tips and questions to help you find secondary context bugs — Bug Bounty Tuesdayhttps://medium.com/@kerstan/10-tips-and-questions-to-help-you-find-secondary-context-bugs-bug-bounty-tuesday-b8b3f9173522?source=rss------bug_bounty-5kerstanhacking, bug-bounty, cybersecurity09-Jul-2024
What Is The Attacks On Session Layer!https://medium.com/@reemmoslem34/what-is-the-attacks-on-session-layer-d3ac90d9c4cb?source=rss------bug_bounty-5Rem Khalidcybersecurity, malware, bug-bounty, programming, security09-Jul-2024
What Is The Attacks On Presentation Layer !https://medium.com/@reemmoslem34/what-is-the-attacks-on-presentation-layer-d98cbde4005b?source=rss------bug_bounty-5Rem Khalidprogramming, security, cybersecurity, malware, bug-bounty09-Jul-2024
What Is The Attacks On Application Layer!https://medium.com/@reemmoslem34/%D8%B7%D9%8A%D8%A8-%D8%AA%D8%B9%D8%A7%D9%84%D9%88%D8%A7-%D8%A3%D8%AE%D8%AA%D8%B5%D8%B1-%D8%A7%D9%84%D8%AD%D9%88%D8%A7%D8%B1-6e6617528bba?source=rss------bug_bounty-5Rem Khalidsecurity, bug-bounty, cybersecurity, malware, programming09-Jul-2024
Unearthing Hidden Assets: The Power of Active DNS Brute Forcing in Subdomain Discoveryhttps://bunny0417.medium.com/unearthing-hidden-assets-the-power-of-active-dns-brute-forcing-in-subdomain-discovery-44ec7f1250d4?source=rss------bug_bounty-5Aayush kumarsubdomains-enumeration, infosec, dns-brute-forcing, bug-bounty-tips, bug-bounty09-Jul-2024
Bypassing Admin Authentication Website Kampushttps://uzet.medium.com/bypassing-admin-authentication-website-kampus-b59bc43b6c98?source=rss------bug_bounty-5Timotius Benhurbug-bounty-tips, penetration-testing, bug-hunting, programming, bug-bounty08-Jul-2024
Revolutionizing Content Issue Detection with CiBI: A Game-Changer in Automationhttps://argotriwidodo.medium.com/revolutionizing-content-issue-detection-with-cibi-a-game-changer-in-automation-1e0f0b6e8ce9?source=rss------bug_bounty-5Argo triwidodoqa, bug-bounty, ai, automation08-Jul-2024
Web3 Development: Key Security Considerationshttps://securrtech.medium.com/web3-development-key-security-considerations-5358015e767a?source=rss------bug_bounty-5Securrblockchain, security, securr, web3, bug-bounty08-Jul-2024
Discovering a Sigma SQLi Vulnerability in Explore CMS 1.0https://soltanali0.medium.com/discovering-a-sigma-sqli-vulnerability-in-explore-cms-1-0-f68599f0e5dd?source=rss------bug_bounty-5soltanali0sqli, programming, bug-bounty-tips, bug-bounty, hackerone08-Jul-2024
PII Disclosure on NASAhttps://medium.com/@psychomong/pii-disclosure-on-nasa-667a96d3c31c?source=rss------bug_bounty-5psychomongbugs, sensitive, hacker, bug-bounty, pii08-Jul-2024
Last week in tech 4th editionhttps://medium.com/@azefox/last-week-in-tech-4th-edition-ec091e853fd3?source=rss------bug_bounty-5Azefoxtech, cybersecurity, infosec, cloud, bug-bounty08-Jul-2024
Ctrl + U to Bounty: How I Found Sensitive Info in the Source Codehttps://rofes1337.medium.com/ctrl-u-to-bounty-how-i-found-sensitive-info-in-the-source-code-e583528ee2fe?source=rss------bug_bounty-5Yousef Muhammedelkhirbug-bounty-writeup, hackerone, bug-bounty, information-disclosure, bugbounty-poc08-Jul-2024
Complex Attack Types: Sample Scenarios 37https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-37-2cd4d68b23f6?source=rss------bug_bounty-5Baris Dincerbug-bounty, freedomofinternet, penetration-testing, information-security, cybersecurity08-Jul-2024
Burpsuite SQL Injection Lab 4(Uhttps://medium.com/@paradoxicalThief/burpsuite-sql-injection-lab-4-u-065f1592531f?source=rss------bug_bounty-5The Cyber Guybug-bounty, ctf, web-security, infosec, ethical-hacking08-Jul-2024
Partial construction race conditionshttps://cyberw1ng.medium.com/partial-construction-race-conditions-007c478c53af?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, bug-bounty, hacking, careers08-Jul-2024
Disguising Malicious Files to Look Like Normal EXE or PDFshttps://osintteam.blog/disguising-malicious-files-to-look-like-normal-exe-or-pdfs-d785e116e989?source=rss------bug_bounty-5Meerabellhacking, osint-tool, bug-bounty, cybersecurity, microsoft08-Jul-2024
IDOR in Multinational Retail Company Leading to Unauthorized Access and Modificationshttps://medium.com/@kamalinux/idor-in-multinational-retail-company-leading-to-unauthorized-access-and-modifications-e36f8ea9e859?source=rss------bug_bounty-5Kamalbug-bounty, application-security, cybersecurity, penetration-testing, web-security08-Jul-2024
Zero to OSWE: Navigating the Journey with HTBhttps://adipsharif.medium.com/zero-to-oswe-navigating-the-journey-with-htb-b1972b99a646?source=rss------bug_bounty-5ADIPbug-bounty, penetration-testing, bug-bounty-tips, infosec-write-ups, infosec08-Jul-2024
The world’s most expensive insect… weighs 5 grams and costs 75 lakhs, know why people are crazy…https://medium.com/@blogy.bub/the-worlds-most-expensive-insect-weighs-5-grams-and-costs-75-lakhs-know-why-people-are-crazy-ce77bc2d8204?source=rss------bug_bounty-5Blogy Hubbug-bounty, health, news, news-articles, bugs08-Jul-2024
Find XSS on the Fly ( Full guide )https://medium.com/@zack0x01_/find-xss-on-the-fly-full-guide-300f07fb86ae?source=rss------bug_bounty-5zack0x01hacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty, bugbounty-poc08-Jul-2024
Escalating XSS in PhantomJS Image Rendering to SSRF/Local-File Readhttps://medium.com/@proseizala/escalating-xss-in-phantomjs-image-rendering-to-ssrf-local-file-read-9e11e94c480a?source=rss------bug_bounty-5Proseizalabug-bounty, bug-bounty-tips, hacking, cybersecurity08-Jul-2024
CVE-2024–34750 Apache Tomcat DoS vulnerability in HTTP/2 connectorhttps://medium.com/@proseizala/cve-2024-34750-apache-tomcat-dos-vulnerability-in-http-2-connector-54033187cd4b?source=rss------bug_bounty-5Proseizalacybersecurity, bugs, hacking, bug-bounty08-Jul-2024
I found an email verification bypasshttps://medium.com/@pvnk24/i-found-an-email-verification-bypass-982b00864366?source=rss------bug_bounty-5Pavan Kethical-hacking, security, web-security, penetration-testing, bug-bounty07-Jul-2024
Demystifying HTTP Parameters for beginnershttps://medium.com/@mrunoriginal/demystifying-http-parameters-for-beginners-219d5c65499e?source=rss------bug_bounty-5mrunoriginalinformation-security, web-application-security, web-application-hacking, bug-bounty, cybersecurity07-Jul-2024
Everything About CISM: Your Comprehensive Guide to the Certified Information Security Manager…https://medium.com/@mazharshadab292/everything-about-cism-your-comprehensive-guide-to-the-certified-information-security-manager-3d57969a066d?source=rss------bug_bounty-5Shadab Mazharcertification, cybersecurity, hacking, bug-bounty07-Jul-2024
Practical Bug Bounty — TCM Academy | Module 1https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-1-17dadeda56a0?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamiinformation-security, tcm-security, bug-bounty, cybersecurity, ethical-hacking07-Jul-2024
Exposing Sensitive Data: A Journey into CDN Path Traversal Vulnerabilitieshttps://medium.com/@sulmanfarooq531/exposing-sensitive-data-a-journey-into-cdn-path-traversal-vulnerabilities-fec1c7917a86?source=rss------bug_bounty-5Sulman Farooq Sbug-bounty, cybersecurity, hacking, path-traversal, cdn07-Jul-2024
Hunting the Hunters: Exposing the Fake SBI YONO APKhttps://medium.com/@tirqwork1/hunting-the-hunters-exposing-the-fake-sbi-yono-apk-0dd979aad23f?source=rss------bug_bounty-5ARoyinformation-security, cybersecurity, bug-bounty, scammer-exposed, info-sec-writeups07-Jul-2024
Using ChatGPT for Bug Bounty and finding vulnerabilitieshttps://medium.com/@siratsami71/using-chatgpt-for-bug-bounty-and-finding-vulnerabilities-4a04de771a68?source=rss------bug_bounty-5Sirat Sami (analyz3r)hacker, chatgpt, bug-bounty, cybersecurity07-Jul-2024
Cracking the Runner: A Step-by-Step Guide to Hacking a Medium-Level Machine on Hack The Boxhttps://medium.com/@niranjanshinde2325/cracking-the-runner-a-step-by-step-guide-to-hacking-a-medium-level-machine-on-hack-the-box-ae6f55ca01bd?source=rss------bug_bounty-5Niranjanethical-hacking, hack-the-box-writeup, bug-bounty, penetration-testing, cybersecurity07-Jul-2024
8.6 Lab: Web shell upload via race conditionhttps://cyberw1ng.medium.com/8-6-lab-web-shell-upload-via-race-condition-1870707752d3?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, penetration-testing, cybersecurity07-Jul-2024
Avoid ‘OR 1=1’ while doing SQL Injection, Why?https://medium.com/@aaftaba.k47/avoid-or-1-1-while-doing-sql-injection-why-5e7cc0716ef3?source=rss------bug_bounty-5Aaftab A. Kadavaikarcybersecurity-awareness, bug-bounty, sql-injection, web-penetration-testing07-Jul-2024
How i got Cross-site Scripting (XSS)Reflected Using an unknown techniquehttps://medium.com/@0xmekky/how-i-got-cross-site-scripting-xss-reflected-using-an-unknown-technique-ca4984827465?source=rss------bug_bounty-5abdelrahem mekkyxss-vulnerability, xss-attack, bug-bounty07-Jul-2024
Race Conditions Attacks To limit bypasshttps://sharmajijvs.medium.com/race-conditions-attacks-to-limit-bypass-c9dee647145b?source=rss------bug_bounty-5Jay Sharmabug-report, bug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup07-Jul-2024
Complex Attack Types: Sample Scenarios 36https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-36-c648fd8d55bd?source=rss------bug_bounty-5Baris Dincerthreat-intelligence, penetration-testing, freedomofinternet, cybersecurity, bug-bounty07-Jul-2024
404 Not Found to Google cloud service account credentials disclosure!https://kumarmohank889.medium.com/404-not-found-to-google-cloud-service-account-credentials-disclosure-3b5f64e80fd5?source=rss------bug_bounty-5Mohan Kumar Nbug-bounty-tips, bug-bounty, infosec-write-ups, hacking, security-research07-Jul-2024
Bug Hunter? If only…https://medium.com/@ded3y3/bug-hunter-if-only-5fabca6cffb7?source=rss------bug_bounty-5cr00k3d3y3cybersecurity, bug-bounty, life07-Jul-2024
Stored XSS in PDF Viewerhttps://medium.com/@osamaavvan/stored-xss-in-pdf-viewer-9cc5b955de2b?source=rss------bug_bounty-5Osama Avvanbug-bounty, cybersecurity, pdf, xss-attack06-Jul-2024
Understanding and Preventing Server-Side Request Forgery (SSRF)https://medium.com/@ashhadali2019/understanding-and-preventing-server-side-request-forgery-ssrf-15d939dc9529?source=rss------bug_bounty-5Ashhadalissrf, bug-bounty, web, cybersecurity06-Jul-2024
MerlinChain Partners with BugRap, Launches $200,000 Bug Bounty to Enhance BTC Ecosystem Securityhttps://medium.com/@BugRap_Team/merlinchain-partners-with-bugrap-launches-200-000-bug-bounty-to-enhance-btc-ecosystem-security-17ef71444914?source=rss------bug_bounty-5BugRap Teamcrypto, security, web3, btc, bug-bounty06-Jul-2024
A Simple 2FA Bypasshttps://infosecwriteups.com/a-simple-2fa-bypass-43c8af9006ec?source=rss------bug_bounty-5hackerdevilbug-bounty, hacking, bug-bounty-tips, bug-bounty-writeup, penetration-testing06-Jul-2024
Complex Attack Types: Sample Scenarios 35https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-35-bc24cffb5f95?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, cybersecurity, information-technology, bug-bounty, penetration-testing06-Jul-2024
From Long-Term Hacking to Instant Rewards: Finding SQLi in 3 Minutes Worth $3125https://medium.com/@gguzelkokar.mdbf15/from-long-term-hacking-to-instant-rewards-finding-sqli-in-3-minutes-worth-3125-ac36c6e950bf?source=rss------bug_bounty-5Gökhan Güzelkokarsql, hacking, bug-bounty, hackerone, sql-injection06-Jul-2024
$500 for Cracking Invitation Code For Unauthorized Access & Account Takeoverhttps://medium.com/@a13h1/500-for-cracking-invitation-code-for-unauthorized-access-account-takeover-558c663fb947?source=rss------bug_bounty-5Abhi Sharmarate-limiting, bug-bounty, account-takeover, base64, cybersecurity06-Jul-2024
Rate Limit Bypass Due to Cryptographic Weaknesshttps://javroot.medium.com/rate-limit-bypass-due-to-cryptographic-weakness-2cdb3a112bba?source=rss------bug_bounty-5Javrootsecurity-token, bug-bounty, web, cryptography, research06-Jul-2024
Exploiting flawed validation of file uploadshttps://cyberw1ng.medium.com/exploiting-flawed-validation-of-file-uploads-8a089992e3a1?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, penetration-testing06-Jul-2024
Identifying, ChronosCodeFail, a Critical Bug in the Dayforce Clock Systemhttps://medium.com/@quantumsquint/identifying-chronoscodefail-a-critical-bug-in-the-dayforce-clock-system-58cb98c00d32?source=rss------bug_bounty-5Quantum Squint Research Dept.developer-tools, penetration-testing, bug-bounty, regression-analysis, cybersecurity06-Jul-2024
Penjelasan Wifi Deauth Attack dan Demonstrasinyahttps://hack4funacademy.medium.com/penjelasan-wifi-deauth-attack-dan-demonstrasinya-1cecaca53915?source=rss------bug_bounty-5Hack4Fun Academyethical-hacking, wifi, cybersecurity, hacking, bug-bounty05-Jul-2024
BountyDork: Your Ultimate Automatic Dorking Testing Companion For Bug Bountyhttps://infosecwriteups.com/bountydork-your-ultimate-automatic-dorking-testing-companion-for-bug-bounty-b2bd41cb7344?source=rss------bug_bounty-5ElNiakgoogle-dork, python, bug-bounty, cybersecurity, technology05-Jul-2024
How to Install Bwapp in Virtualboxhttps://medium.com/@bhardwajshekhar/how-to-install-bwapp-in-virtualbox-6bf7f1ba9a0f?source=rss------bug_bounty-5Shekhar Bhardwajowasp-top-10, bwapp, pentesting, bug-bounty05-Jul-2024
How I Found Critical Bugs :: SQL Injection → Compromised 10+ Govt. website’s Whole Databases !!https://medium.com/@p.ra.dee.p_0xx01/how-i-found-critical-bugs-sql-injection-compromised-10-govt-websites-whole-databases-ad55899ff5db?source=rss------bug_bounty-5Professor0xx01cybersecurity, bug-bounty, offensive-security, penetration-testing, vdp05-Jul-2024
How to Find Subdomains Using Various Tools and Methodshttps://medium.com/@j0k3r01/how-to-find-subdomains-using-various-tools-and-methods-583a7311c897?source=rss------bug_bounty-5J0k3Rsubdomains-enumeration, recon, penetration-testing, bug-bounty, osint05-Jul-2024
Complex Attack Types: Sample Scenarios 34https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-34-48d60e2bb0fb?source=rss------bug_bounty-5Baris Dincerthreat-intelligence, penetration-testing, bug-bounty, cybersecurity, freedomofinternet05-Jul-2024
Everything About OSCP: A Comprehensive Guidehttps://medium.com/@mazharshadab292/everything-about-oscp-a-comprehensive-guide-36794d325e67?source=rss------bug_bounty-5Shadab Mazharhacking, bug-bounty, certification, programming05-Jul-2024
Penggunaan Tools Steghide, ExifTool dan Uji Coba Automation Scanner Bug Bounty (Dalfox)https://medium.com/@anggitaniaaurien/penggunaan-tools-steghide-exiftool-dan-uji-coba-automation-scanner-bug-bounty-dalfox-4fbe93e83eb3?source=rss------bug_bounty-5Anggitania Aurienbug-bounty, exiftool, xs, steghide, kxss05-Jul-2024
The PDF Trojan Horse: Leveraging HTML Injection for SSRF and Internal Resource Accesshttps://uchihamrx.medium.com/the-pdf-trojan-horse-leveraging-html-injection-for-ssrf-and-internal-resource-access-fbf69efcb33d?source=rss------bug_bounty-5Abdelrhman Amincybersecurity, web-penetration-testing, penetration-testing, bug-bounty, bug-bounty-tips05-Jul-2024
Unlocking the Power of Nmap: Your Ultimate Guide to Network Scanninghttps://medium.com/@josuofficial327/unlocking-the-power-of-nmap-your-ultimate-guide-to-network-scanning-3cb66fe66d75?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuhacking, cybersecurity, bug-bounty, penetration-testing, linux05-Jul-2024
2.14 Lab: 2FA bypass using a brute-force attackhttps://cyberw1ng.medium.com/2-14-lab-2fa-bypass-using-a-brute-force-attack-ad74afd23fcd?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, penetration-testing, hacking05-Jul-2024
A Big Gmail Flaw: Sending Hidden Viruses in Gmail.https://medium.com/@azanulrana/a-big-gmail-flaw-sending-hidden-viruses-in-gmail-09b52dd891e9?source=rss------bug_bounty-50xazanulinfosec-write-ups, infosec, hackerone, bug-bounty05-Jul-2024
How I Found Critical Bugs :: SQL Injection → Compromised 10+ Govt. website’s Whole Databases !!https://medium.com/@p.ra.dee.p_0xx01/how-i-found-critical-bugs-sql-injection-compromised-10-govt-websites-whole-databases-ad55899ff5db?source=rss------bug_bounty-5Professor.0xx01cybersecurity, bug-bounty, offensive-security, penetration-testing, vdp05-Jul-2024
How to Use Google Dorks to Access Online Camerashttps://medium.com/@mirabelle.dib/how-to-use-google-dorks-to-access-online-cameras-251e83106f6b?source=rss------bug_bounty-5Meerabellinformation-security, cybersecurity, bug-bounty, hacking, google-dork05-Jul-2024
Nuclei Kullanımıhttps://medium.com/@sabriacun552/nuclei-kullan%C4%B1m%C4%B1-7038742dc53e?source=rss------bug_bounty-5Sabriacunvulnerability-scanning, cybersecurity, bug-bounty, penetration-testing05-Jul-2024
SSRF Vulnerability in HiTranslate: A Technical Breakdownhttps://medium.com/@security.tecno/ssrf-vulnerability-in-hitranslate-a-technical-breakdown-a5f517467a5b?source=rss------bug_bounty-5TECNO Securityhacking, security, bug-bounty, apps04-Jul-2024
Mastering Bug Bounty with Professor: Strategies for Successhttps://bughuntar.medium.com/mastering-bug-bounty-with-professor-strategies-for-success-436fac3c7e28?source=rss------bug_bounty-5Professor the Huntercybersecurity, professorthehunter, bug-bounty, bug-bounty-tips, bughuntar04-Jul-2024
Google launches $250,000 bug bounty, this time targeting KVM, a virtual machine elementhttps://medium.com/@tothe21century/google-launches-250-000-bug-bounty-this-time-targeting-kvm-a-virtual-machine-element-d73cfbd63243?source=rss------bug_bounty-5RICH CHOIbug-bounty04-Jul-2024
How I Found an IDOR Vulnerability in a Public Program on HackerOnehttps://medium.com/@muhammadfurqanoffical/how-i-found-an-idor-vulnerability-in-a-public-program-on-hackerone-44c6724b0292?source=rss------bug_bounty-5Muhammad Furqanbug-bounty-writeup, infosec-write-ups, bug-bounty, idor, hackerone04-Jul-2024
Apa itu XSS dan Bagaimana cara saya menemukan puluhan XSS Vulnerabilityhttps://hack4funacademy.medium.com/apa-itu-xss-dan-bagaimana-cara-saya-menemukan-puluhan-xss-vulnerability-46fba9491bba?source=rss------bug_bounty-5Hack4Fun Academyvulnerability, xss-attack, hacking, cybersecurity, bug-bounty04-Jul-2024
Understanding Request Smuggling: A Hidden Web Vulnerability (K-Edition)https://medium.com/@friendly_/understanding-request-smuggling-a-hidden-web-vulnerability-k-edition-6ffab38d5aa1?source=rss------bug_bounty-5Friendlyhacking, bug-bounty, bugbounty-writeup, bug-bounty-tips04-Jul-2024
How I Used Keylogger XSS to Capture Credentials Leading to ATOhttps://medium.com/@yyaminn/how-i-used-keylogger-xss-to-capture-credentials-leading-to-ato-06593e7a0798?source=rss------bug_bounty-5yyaminncybersecurity, bug-bounty, xss-attack, bugbounty-writeup, infosec04-Jul-2024
HACKBAR: A BROWSER EXTENSION FOR WEB SECURITY TESTINGhttps://medium.com/@Progsky/hackbar-a-browser-extension-for-web-security-testing-461b97d1a9e9?source=rss------bug_bounty-5Progskyhacking, bug-bounty, pentesting, penetration-testing, web-security04-Jul-2024
How I earned $500 bounty for privilege escalation vulnerability !!https://kumarmohank889.medium.com/how-i-earned-500-bounty-for-privilege-escalation-vulnerability-c42977abcc52?source=rss------bug_bounty-5Mohan Kumar Nhacking, bug-bounty, security, bug-bounty-tips, security-research04-Jul-2024
2.13 Lab: Broken brute-force protection, multiple credentials per requesthttps://cyberw1ng.medium.com/2-13-lab-broken-brute-force-protection-multiple-credentials-per-request-1beb6a85b12c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, hacking, bug-bounty, penetration-testing04-Jul-2024
Tools For Beginner Bug Hunter, Penetration Tester or Web Security Engineerhttps://medium.com/@a5adujjaman/tools-for-beginner-bug-hunter-penetration-tester-or-web-security-engineer-a5510748fc5a?source=rss------bug_bounty-5Asadujjaman Asifweb-security, penetration-testing, security, bug-bounty, hacking04-Jul-2024
0 star rating got me 40 EUR. MY first bug I got paid for.https://medium.com/@siyamhassan.main/0-star-rating-got-me-40-eur-my-first-bug-i-got-paid-for-18417f76a707?source=rss------bug_bounty-52004siyam_hassanbug-bounty, bunty04-Jul-2024
IDOR to change other’s Account Namehttps://codingninjablogs.tech/idor-to-change-others-account-name-43ddf7cfe429?source=rss------bug_bounty-5#$ubh@nk@ridor, hacking, bug-bounty, infosec, web-security04-Jul-2024
The Problem With Bug Bountieshttps://kf106.medium.com/the-problem-with-bug-bounties-0c5d956411d8?source=rss------bug_bounty-5Keir Finlow-Batesbug-bounty, bug-bounty-program, hacking, computer-security, cryptocurrency04-Jul-2024
Mass Hunting XSS vulnerabilitieshttps://systemweakness.com/mass-hunting-xss-vulnerabilities-8d4785968727?source=rss------bug_bounty-5Imran Niazcross-site-scripting, bug-bounty-hunter, bug-bounty, bug-bounty-tips, xss-vulnerability04-Jul-2024
0 star rating got me 40 EUR. MY first bug I got paid for.https://medium.com/@siyamhassan.main/0-star-rating-got-me-40-eur-my-first-bug-i-got-paid-for-18417f76a707?source=rss------bug_bounty-5Clasherbug-bounty, bunty04-Jul-2024
IDOR vulnerability allow attacker to make a checkout order on behalf of other usershttps://medium.com/@omarataallah98/idor-vulnerability-allow-attacker-to-make-an-order-checkout-on-behalf-other-users-accounts-2bdc4c7b8eca?source=rss------bug_bounty-5Omarataallahsecurity-testing, hacking, bug-bounty, hacks, idor-vulnerability03-Jul-2024
How to find wildcard bug bounty assets owned by a company.https://medium.com/@tom.sh/how-to-find-wildcard-bug-bounty-assets-owned-by-a-company-991db585a554?source=rss------bug_bounty-5Tombug-bounty, recon, reconnaissance, cybersecurity, hacking03-Jul-2024
26.1 Lab: Exploiting LLM APIs with excessive agencyhttps://cyberw1ng.medium.com/26-1-lab-exploiting-llm-apis-with-excessive-agency-bb94aa506893?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, hacking, cybersecurity, penetration-testing03-Jul-2024
Complex Attack Types: Sample Scenarios 32https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-32-7c47b8e5d139?source=rss------bug_bounty-5Baris Dincercybersecurity, bug-bounty, threat-intelligence, penetration-testing, freedomofinternet03-Jul-2024
Mobile App Testing with Android Studio & Fridahttps://medium.com/@jaylinscorner/mobile-app-testing-with-android-studio-frida-b65484121ba6?source=rss------bug_bounty-5Jaylin Nelsonbug-bounty, penetration-testing, cybersecurity, mobile-app-testing, frida03-Jul-2024
Blind OS Command Injection with time delays from Theory to Practical POChttps://medium.com/@dhruvsingh0203/hola-hackers-im-dhruv-singh-a-cybersecurity-enthusiast-passionate-about-exploring-the-depths-834a9d140115?source=rss------bug_bounty-5Dhruv Singhethical-hacking, command-injection, bug-bounty, hacking03-Jul-2024
IDOR vulnerability allow attacker to make a checkout order on behalf of other usershttps://medium.com/@Bug_Bounty/idor-vulnerability-allow-attacker-to-make-a-checkout-order-on-behalf-of-other-users-397b16ece8fc?source=rss------bug_bounty-5Bug Bountybug-bounty, bountytips, togetherwehitharder, idor03-Jul-2024
Meta MFA bypass security bug was turned down, calling it a feature! What do you think?https://medium.com/@kannnannmk/meta-mfa-bypass-security-bug-was-turned-down-calling-it-a-feature-what-do-you-think-9663e7c5a65e?source=rss------bug_bounty-5Neelamegha Kannan Sbug-bounty-tips, bug-bounty, cybersecurity, penetration-testing, meta03-Jul-2024
Aylık Özet Haziran 2024: Incognitee Hata Ödülü Lansmanı, Polkadot Hazine Teklifi ve Daha Fazlasıhttps://medium.com/@integriteetr/ayl%C4%B1k-%C3%B6zet-haziran-2024-incognitee-hata-%C3%B6d%C3%BCl%C3%BC-lansman%C4%B1-polkadot-hazine-teklifi-ve-daha-fazlas%C4%B1-22beabdf77aa?source=rss------bug_bounty-5Integriteetrintegritee, bug-bounty, blockchain, polkadot, wrap-up03-Jul-2024
PortSwigger LABs- SQL Injectionhttps://medium.com/@1dnz/lab-sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-ec0d03f83574?source=rss------bug_bounty-5H-ACK-inghacks, portswigger-lab, bug-bounty, hacking03-Jul-2024
A story of a nice SSRF vulnerability.https://medium.com/@oXnoOneXo/a-story-of-a-nice-ssrf-vulnerability-51e16ff6a33f?source=rss------bug_bounty-5oXnoOneXohackerone, bug-bounty, ssrf03-Jul-2024
#IBRAHIMXSS TOOL RELEASEhttps://ibrahimxss.medium.com/ibrahimxss-tool-release-97ba90fc3419?source=rss------bug_bounty-5#IbrahimXSSxss-challenge, xss-bypass, xss-attack, xss-vulnerability, bug-bounty03-Jul-2024
How I Discovered Authentication Bypass That Blocks Users from Accessing the Website ?https://sayedv2.medium.com/how-i-discovered-authentication-bypass-that-blocks-users-from-accessing-the-website-93140fa180ac?source=rss------bug_bounty-5Mohamed Sayedbug-bounty-writeup, bug-bounty-tips, hackerone, authentication, bug-bounty03-Jul-2024
Bypassing Input Validation $0 - $1000https://medium.com/@mdnafeed3/bypassing-input-validation-0-1000-799682d547ba?source=rss------bug_bounty-5H4cker-Nafeedtechnology, infosec, cybersecurity, bug-bounty02-Jul-2024
Understanding Admin Login Bypass: A Critical Security Discussionhttps://farrosfr.medium.com/understanding-admin-login-bypass-a-critical-security-discussion-2641e54e60fd?source=rss------bug_bounty-5Mochammad Farros Fatchur Rojiphp, programming, bug-bounty, web, cybersecurity02-Jul-2024
Do Hackers Really Need Coding Skills? Let’s Understand . . .https://d3athcod3.medium.com/do-hackers-really-need-coding-skills-lets-understand-51e60e16c978?source=rss------bug_bounty-5D3athCod3technology, hacking, cybersecurity, bug-bounty, computer-science02-Jul-2024
18.4 Lab: Arbitrary object injection in PHPhttps://cyberw1ng.medium.com/18-4-lab-arbitrary-object-injection-in-php-30a164de4595?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, hacking, cybersecurity02-Jul-2024
Secret phishing bug google dont want you to knowhttps://medium.com/@eyaalgabay/secret-phishing-bug-google-dont-want-you-to-know-4d6d7616fa3f?source=rss------bug_bounty-5Eyaalgabayweb-hacking, bug-bounty, hacking, cybersecurity, unicode02-Jul-2024
LendingOwl introduces Bug Bounty Program.https://medium.com/@valeriecameron70/lendingowl-introduces-bug-bounty-program-739910791826?source=rss------bug_bounty-5Valerie Cameronlending, fintech, p2p, bug-bounty, news-articles02-Jul-2024
How I found IDOR in NASAhttps://infosecwriteups.com/how-i-found-idor-in-nasa-4186a03455b4?source=rss------bug_bounty-5Eslam Omarhacking, bug-bounty, bug-bounty-tips, nasa02-Jul-2024
AT&T Bug Bounty Program Scopehttps://medium.com/@imusabkhan/at-t-bug-bounty-program-scope-ae256fbf1bf9?source=rss------bug_bounty-5Mohammad Musab Khanbug-bounty, ethical-hacking, att, writeup, hackerone02-Jul-2024
Monthly Wrap-Up June 2024: Incognitee Bug Bounty Launch, Polkadot Treasury Proposal & Morehttps://medium.com/integritee/monthly-wrap-up-june-2024-incognitee-bug-bounty-launch-polkadot-treasury-proposal-more-c3623df413d4?source=rss------bug_bounty-5Integritee Networkbug-bounty, integritee, polkadot, wrap-up, blockchain02-Jul-2024
How to Find Your First CVE: A Guide for Aspiring Security Researchershttps://medium.com/@khammassilouay21/how-to-find-your-first-cve-a-guide-for-aspiring-security-researchers-c1e5eb9e819a?source=rss------bug_bounty-5Khammassilouaycve, web-security, bug-bounty, cybersecurity02-Jul-2024
Self XSS + Login CSRF + OAuth = Account Takeoverhttps://medium.com/@l_s_/self-xss-login-csrf-oauth-account-takeover-6357f3395b49?source=rss------bug_bounty-5LSbug-bounty, xss-attack, oauth, csrf, hacking02-Jul-2024
INFORMATION DISCLOSURE THROUGH AN ORGANIZATION’S NETWORKhttps://hackhive.medium.com/information-disclosure-through-an-organizations-network-1f4e0bac1c55?source=rss------bug_bounty-5HackHivebug-bounty, pentesting, vulnerability-assessment, information-security, information-disclosure02-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-33)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-33-31e20416b7aa?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, cybersecurity, hacking, ethical-hacking, bug-bounty02-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-32)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-32-044ea32fd931?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, hacking, skills, cybersecurity, bug-bounty02-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-31)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-31-401155afb539?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, skills, hacking, bug-bounty, ethical-hacking02-Jul-2024
File upload to RCE — Bug Bounty Tuesdayhttps://medium.com/@kerstan/file-upload-to-rce-bug-bounty-tuesday-f8dda0ed4077?source=rss------bug_bounty-5kerstanhacking, cybersecurity, bug-bounty02-Jul-2024
The Dark Side of Contact Forms: How I Identified 7 CVEs in WordPress Pluginshttps://dropn0w.medium.com/the-dark-side-of-contact-forms-how-i-identified-7-cves-in-wordpress-plugins-30f6111dfebf?source=rss------bug_bounty-5dropbug-bounty, hacking, information-security, wordpress, cybersecurity02-Jul-2024
How to Find Your First CVE: A Guide for Aspiring Security Researchershttps://systemweakness.com/how-to-find-your-first-cve-a-guide-for-aspiring-security-researchers-c1e5eb9e819a?source=rss------bug_bounty-5Khammassilouaycve, web-security, bug-bounty, cybersecurity02-Jul-2024
How to Use Google Dorks to Find Vulnerabilitieshttps://medium.com/@meerabell/how-to-use-google-dorks-to-find-vulnerabilities-da782f05826e?source=rss------bug_bounty-5Meerabellhacking, information-security, bug-bounty, google-dork, cybersecurity02-Jul-2024
Exploiting Response Manipulation for Account Takeoverhttps://medium.com/@sdarmwal17/exploiting-response-manipulation-for-account-takeover-b19ce1494109?source=rss------bug_bounty-5Shubham Darmwalotp-bypass, cybersecurity, account-takeover, bug-bounty, response-manipulation02-Jul-2024
Complex Attack Types: Sample Scenarios 31https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-31-b4f0ee2f90ac?source=rss------bug_bounty-5Baris Dincerbug-bounty, cybersecurity, active-directory, penetration-testing, freedomofinternet02-Jul-2024
How to Use Google Dorks to Find Vulnerabilitieshttps://medium.com/@mirabelle.dib/how-to-use-google-dorks-to-find-vulnerabilities-da782f05826e?source=rss------bug_bounty-5Meerabellhacking, information-security, bug-bounty, google-dork, cybersecurity02-Jul-2024
Effective XSS methodology : The true way to hunt XSShttps://xdead4f.medium.com/effective-xss-methodology-the-true-way-to-hunt-xss-4f4d740035cc?source=rss------bug_bounty-50xdead4fxss-attack, bug-hunting, bug-bounty, cybersecurity01-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-29)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-29-d5e656812d96?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, cybersecurity, bug-bounty, hacking, skills01-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-28)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-28-ae3cb3e93960?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, bug-bounty, cyber-security-awareness, ethical-hacking, hacking01-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-27)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-27-f5c03938d8fb?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cyber-security-awareness, ethical-hacking, hacking, bug-bounty-tips01-Jul-2024
Understanding and Mitigating Smart Contract Vulnerabilitieshttps://securrtech.medium.com/understanding-and-mitigating-smart-contract-vulnerabilities-291b7fe168f2?source=rss------bug_bounty-5Securrvulnerability, bug-bounty, cybersecurity, securr, smart-contracts01-Jul-2024
18.3 Using application functionality to exploit insecure deserializationhttps://cyberw1ng.medium.com/18-3-using-application-functionality-to-exploit-insecure-deserialization-d6f18fe4811c?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, penetration-testing, bug-bounty, careers01-Jul-2024
Phishing or What?? How I Got Access to the Internal Email of a Companyhttps://infosecwriteups.com/phishing-or-what-how-i-got-access-to-the-internal-email-of-a-company-a098fb08728?source=rss------bug_bounty-5whit3ros3infosec, ethical-hacking, hacking, bug-bounty, bug-bounty-tips01-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-30)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-30-e3519045da6d?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, skills, cybersecurity, bug-bounty, hacking01-Jul-2024
Unmasking the Danger: Open Redirection via Referer Headerhttps://medium.com/@sulmanfarooq531/unmasking-the-danger-open-redirection-via-referer-header-a527ab4e7be1?source=rss------bug_bounty-5Sulman Farooq Scybersecurity, bug-bounty, hacking, open-redirect01-Jul-2024
How I Found CVE-2019-9826 on one of famous crypto company. $$$$https://medium.com/@a7madhacck/how-i-found-cve-2019-9826-on-one-of-famous-crypto-company-f23d9ba69861?source=rss------bug_bounty-5Ahmad Yussefbug-bounty-writeup, cybersecurity, bug-bounty-tips, hacking, bug-bounty01-Jul-2024
3 Easy cash via cachehttps://medium.com/@mohamed0xmuslim/3-easy-cash-via-cache-99d600565ac5?source=rss------bug_bounty-5Muhammad_Mostafabug-bounty01-Jul-2024
Story of a 1000$ Open Redirecthttps://infosecwriteups.com/story-of-a-1000-open-redirect-1405fb8a0e7a?source=rss------bug_bounty-5Debangshu Kunducybersecurity, medium, bug-bounty, hacking, technology01-Jul-2024
‍Hacking Hidden Gems: Content Discovery with Webseekhttps://medium.com/@hackertam1/hacking-hidden-gems-content-discovery-with-webseek-cf5a00c97d72?source=rss------bug_bounty-5Tahir Mujawarcybersecurity, bug-bounty, recon, ethical-hacking, penetration-testing01-Jul-2024
How I found Bug on NASAhttps://medium.com/@psychomong/how-i-found-bug-on-nasa-b2408e14aa17?source=rss------bug_bounty-5psychomongbug-bounty, real-world-bug-hunting, nasa, hacking, hacker01-Jul-2024
My 60 Days Journey To Find My First Bughttps://medium.com/@binarysleuth247/my-60-days-journey-to-find-my-first-bug-59a2e676fda8?source=rss------bug_bounty-5binarysleuth247bug-bounty01-Jul-2024
VPS -Virtual Private Server-https://medium.com/@haticezkmnl/vps-virtual-private-server-f37ffab2f3f1?source=rss------bug_bounty-5Hatice Zehra Kamanlıservers, website, bug-bounty, public, vps01-Jul-2024
THM — Blog walkthroughhttps://medium.com/@riickyrick/thm-blog-walkthrough-21f2844eafda?source=rss------bug_bounty-5Riickythm, bug-bounty, metasploit, wordpress, writeup01-Jul-2024
Mengumpulkan javascript file pada suatu websites untuk menemukan information disclosurehttps://hack4funacademy.medium.com/mengumpulkan-javascript-file-pada-suatu-websites-untuk-menemukan-information-disclosure-8126fcccd77d?source=rss------bug_bounty-5Hack4Fun Academypentesting, cybersecurity, bug-bounty, bug-bounty-tips, hacking30-Jun-2024
XSS Deep Learning and Test Case Preparationhttps://medium.com/@barsavak/xss-deep-learning-and-test-case-preparation-3f796a7ad5ed?source=rss------bug_bounty-5bariss30bug-bounty-tips, bug-bounty, xss-vulnerability30-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-26)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-26-49760a380496?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program, bug-bounty30-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-25)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-25-25328dcc629f?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty-writeup, bug-bounty-program, bug-bounty, bug-bounty-tips30-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-24)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-24-17e137c514ed?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty-program, bug-bounty-tips, bug-bounty, bug-bounty-writeup30-Jun-2024
The Only Methodology you need to Know to earn $$$$ in Bug Bounty in your First Dayhttps://xdead4f.medium.com/the-only-methodology-you-need-to-know-to-earn-in-bug-bounty-in-your-first-day-e8a361c89eb5?source=rss------bug_bounty-50xdead4fbug-bounty, side-hustle, bug-bounty-methodology30-Jun-2024
Guide to Using ffufhttps://medium.com/@learntheshell/guide-to-using-ffuf-74824770076b?source=rss------bug_bounty-5LearnTheShellbug-bounty, cybersecurity, fuzzing, hacking, linux30-Jun-2024
Bug Report from Product Testing https://hng.tech/https://medium.com/@teslimahsalahudeen/bug-report-from-product-testing-https-hng-tech-98e290fe3c0e?source=rss------bug_bounty-5CyberGoodness^product-testing, bug-bounty, security30-Jun-2024
XSS TEST CASE TASKhttps://medium.com/@avar.talha08/xss-test-case-task-7a4bfd5b223a?source=rss------bug_bounty-5Talha Acarbug-bounty-writeup, bug-bounty, php30-Jun-2024
Cisco Finesse Remote File Inclusion (CVE-2024–20405)https://0x3zzat.medium.com/cisco-finesse-remote-file-inclusion-cve-2024-20405-7947c3327e0c?source=rss------bug_bounty-5Abd El Rahman Ezzatcve, penetration-testing, bug-bounty, cve-2024-20405, cisco30-Jun-2024
Cisco Finesse Server Side Request Forgery (CVE-2024–20404)https://0x3zzat.medium.com/cisco-finesse-server-side-request-forgery-cve-2024-20404-5d74b449a4a2?source=rss------bug_bounty-5Abd El Rahman Ezzatcve-2024-20404, penetration-testing, cve, cisco, bug-bounty30-Jun-2024
18.2 Modifying Serialized Data Typeshttps://cyberw1ng.medium.com/18-2-modifying-serialized-data-types-726426fb3350?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, cybersecurity, bug-bounty, penetration-testing30-Jun-2024
XSS 101: XSS Nedir ?https://medium.com/@kormorphus/xss-101-xss-nedir-15b04f7e4269?source=rss------bug_bounty-5Kormorphusbug-bounty, cybersecurity, xss-attack30-Jun-2024
How to use Cheat Engine on Opera Gxhttps://medium.com/@MrRipperoni/how-to-use-cheat-engine-on-opera-gx-ea6b121f0301?source=rss------bug_bounty-5Mr.Ripperoniprogramming, bug-bounty, hacking, gamehacking, hacking-tools30-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-23)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-23-9f3497d279f1?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-program, bug-bounty29-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-22)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-22-8edd54306b83?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty-program, bug-bounty-hunter, bug-bounty-writeup, bug-bounty29-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-21)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-21-e008298773da?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-program29-Jun-2024
XSS TEST CASEhttps://medium.com/@aarda418/xss-test-case-6158aad30604?source=rss------bug_bounty-5Arda Aslanbug-bounty-tips, xss-vulnerability, bug-bounty29-Jun-2024
14.9 Lab: CSRF where token is tied to non-session cookiehttps://cyberw1ng.medium.com/14-9-lab-csrf-where-token-is-tied-to-non-session-cookie-926338db4ba7?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, hacking, cybersecurity, bug-bounty29-Jun-2024
Using AI to hunt for XSS.https://medium.com/@deadoverflow/using-ai-to-hunt-for-xss-e04ba8d32ba8?source=rss------bug_bounty-5Imad Husanoviccybersecurity, ethical-hacking, bug-bounty-tips, bug-bounty, hacking29-Jun-2024
XSS TEST CASEhttps://medium.com/@mehmetfarisacar/xss-test-case-199e0bec59a6?source=rss------bug_bounty-5Mehmet Faris Acarbug-bounty, xss-vulnerability, bug-bounty-tips29-Jun-2024
LEARNING PROCESS module from HTB بالعربيhttps://medium.com/@am3002297/learning-process-module-from-htb-%D8%A8%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A-37675b8144b0?source=rss------bug_bounty-530obdcybersecurity, bug-bounty29-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-19)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-19-7dfd1bd2d1ba?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-program28-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-18)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-18-5179747f60c3?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-program28-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-20)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-20-a60e30106e0c?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips28-Jun-2024
Race Condition Vulnerability to bypass email confirmationhttps://medium.com/@siratsami71/race-condition-vulnerability-to-bypass-email-confirmation-2af8d916fe61?source=rss------bug_bounty-5Sirat Sami (analyz3r)hacking, bug-bounty, cybersecurity28-Jun-2024
XSS Zafiyeti Hakkında:https://medium.com/@hhuseyinuyar17/xss-zafiyeti-hakk%C4%B1nda-98b5849d4700?source=rss------bug_bounty-5Hhuseyinuyarreflected-xss, xss-attack, dom-xss, stored-xss, bug-bounty28-Jun-2024
An Easy RACE CONDITION Bug That Made Me Famehttps://medium.com/@hashimamin/an-easy-race-condition-bug-that-made-me-fame-97d6921ae7f4?source=rss------bug_bounty-5Hashim Aminvulnerability, race-condition, infosec, bugbounty-writeup, bug-bounty28-Jun-2024
Why is programming so important in bug bounty?https://medium.com/@deadoverflow/why-is-programming-so-important-in-bug-bounty-b7d7889ae026?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, cybersecurity, programming, bug-bounty, hacking28-Jun-2024
HTML Injection — HTB labhttps://zhunter12.medium.com/html-injection-htb-lab-cd7bdcd8fd93?source=rss------bug_bounty-5Oscar Romerohtb-academy, htb, html-injection, cybersecurity, bug-bounty28-Jun-2024
14.8 Lab: CSRF where token is duplicated in cookiehttps://cyberw1ng.medium.com/14-8-lab-csrf-where-token-is-duplicated-in-cookie-d688fd0ac2ac?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, cybersecurity, bug-bounty, careers28-Jun-2024
0-click Account Takeover (ATO) via Google Authenticationhttps://medium.com/@elcapitano7x/0-click-account-takeover-ato-via-google-authentication-b63a01a80a03?source=rss------bug_bounty-5Elcapitanobug-bounty-tips, hackerone, bug-bounty-writeup, account-takeover, bug-bounty28-Jun-2024
[Bounty Weekend] Phone Verification Bypass With Business Logic Vulnerabilityhttps://medium.com/@rifqihz/bounty-weekend-phone-verification-bypass-with-business-logic-vulnerability-1b2844b93d5a?source=rss------bug_bounty-5Rifqi Hilmy Zhafranthackerone, writeup, bug-bounty28-Jun-2024
Writeup: Discovering and Exploiting XSS Vulnerabilities — My First Bug Hunting Rewardhttps://medium.com/@heyrm/writeup-discovering-and-exploiting-xss-vulnerabilities-my-first-bug-hunting-reward-0dfb0ebfd6aa?source=rss------bug_bounty-5heyrmbug-bounty-writeup, cybersecurity, bug-bounty, xss-attack, bug-hunting27-Jun-2024
Writeup: Menemukan dan Mengeksploitasi Kerentanan XSS — Reward Bug Hunting Pertamakuhttps://medium.com/@heyrm/writeup-menemukan-dan-mengeksploitasi-kerentanan-xss-reward-bug-hunting-pertamaku-cbf76c9eaf65?source=rss------bug_bounty-5heyrmxss-vulnerability, bug-bounty, cybersecurity, xss-attack, bug-hunting27-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-17)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-17-8d38292448cf?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty-program, bug-bounty-writeup, bug-bounty-tips, bug-bounty27-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-16)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-16-aacc2aab0f71?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty, bug-bounty-program, bug-bounty-hunter, bug-bounty-writeup27-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-15)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-15-2cd3a0188386?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, bug-bounty-writeup, bug-bounty-program, bug-bounty-tips, bug-bounty-hunter27-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-14)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-14-985969cf2f17?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-program, bug-bounty-tips27-Jun-2024
Hunting Bugs for RE Hunter 350https://vijetareigns.medium.com/hunting-bugs-for-re-hunter-350-81338c4ebf20?source=rss------bug_bounty-5the_unlucky_guybug-bounty, bug-bounty-tips, bug-bounty-writeup, bugbounty-writeup, cybersecurity27-Jun-2024
Malicious Document Analysis: Emotet Case Ihttps://medium.com/@brsdncr/malicious-document-analysis-emotet-case-i-4a5f1ca8c565?source=rss------bug_bounty-5Baris Dincercybersecurity, threat-intelligence, penetration-testing, bug-bounty, freedomofinternet27-Jun-2024
IDORs Never Disappoint Me— Hacking Into Online Bookings ($$$$)https://aravind07.medium.com/idors-never-disappoint-me-hacking-into-online-bookings-5b2f34e1af25?source=rss------bug_bounty-5Gnana Aravind Kcybersecurity, penetration-testing, infosec, hacking, bug-bounty27-Jun-2024
How I was able to steal cookies via stored XSShttps://medium.com/@xnum.1/how-i-was-able-to-steal-cookies-via-stored-xss-c7f172fe114c?source=rss------bug_bounty-5Ahmed Tarekstored-xss, xss-attack, bug-bounty, cookies, javascript27-Jun-2024
14.7 Lab: CSRF where token is not tied to user sessionhttps://cyberw1ng.medium.com/14-7-lab-csrf-where-token-is-not-tied-to-user-session-841faddd036a?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, bug-bounty, careers, hacking27-Jun-2024
XSS Test Cases Preperationhttps://medium.com/@NadirSensoy/xss-test-cases-preperation-566e34ff94fb?source=rss------bug_bounty-5Nadir Sensoybug-bounty-tips, bug-bounty, xss-vulnerability27-Jun-2024
Front End y Back End: Lab HTB Exposición de Datos Sensibleshttps://zhunter12.medium.com/front-end-y-back-end-lab-htb-exposici%C3%B3n-de-datos-sensibles-a21431c08d9d?source=rss------bug_bounty-5Oscar Romerocybersecurity, frontend, sensitive-data-exposure, htb-academy, bug-bounty27-Jun-2024
How I was able to steal cookies via stored XSShttps://medium.com/@0x_xnum/how-i-was-able-to-steal-cookies-via-stored-xss-c7f172fe114c?source=rss------bug_bounty-5Ahmed Tarekstored-xss, xss-attack, bug-bounty, cookies, javascript27-Jun-2024
How long did it take me to find my first bug?https://medium.com/@deadoverflow/how-long-did-it-take-me-to-find-my-first-bug-969699fa9080?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, hacking, cybersecurity, bug-bounty, programming27-Jun-2024
ICMTC CTF 2024 (Web Exploitation)https://0x0anas.medium.com/icmtc-ctf-2024-web-exploitation-57998a15107b?source=rss------bug_bounty-5Anas Ibrahimctf, icmtc-ctf, pentesting, bug-bounty27-Jun-2024
IDORs Never Disappoint Me — Hacking Into Online Bookings ($$$$)https://aravind07.medium.com/idors-never-disappoint-me-hacking-into-online-bookings-5b2f34e1af25?source=rss------bug_bounty-5Gnana Aravind Kcybersecurity, penetration-testing, infosec, hacking, bug-bounty27-Jun-2024
Checklist for Forgot Password functionalityhttps://infosecwriteups.com/checklist-for-forgot-password-functionality-3f61c34a15eb?source=rss------bug_bounty-5Suprajabaskaranpenetration-testing, passwords, bug-bounty, bug-bounty-tips, pentesting26-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-13)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-13-b7bc7fa2123b?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty-program, bug-bounty, bug-bounty-tips, bug-bounty-writeup26-Jun-2024
Basic Cyber Security Course First Dayhttps://mrunknown124154.medium.com/basic-cyber-security-course-first-day-c6ad0cb7d907?source=rss------bug_bounty-5Mr Abdullahcyber-security-awareness, ethical-hacking, bug-bounty, cybersecurity26-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-12)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-12-4b892dc13d9f?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty-program, bug-bounty-tips, bug-bounty-writeup, bug-bounty26-Jun-2024
XSS: Demonstrating Impact Without Credentialshttps://infosecwriteups.com/xss-demonstrating-impact-without-credentials-db7fff38792a?source=rss------bug_bounty-5Shlok Kxss-attack, vulnerability, infosec, bug-bounty, cross-site-scripting26-Jun-2024
Penetration Testing with Termux: A Newbie’s Success Storyhttps://medium.com/@yp400215/penetration-testing-with-termux-a-newbies-success-story-649e3393a311?source=rss------bug_bounty-5Yash Pawarbug-bounty, penetration-testing, idor-vulnerability26-Jun-2024
Come backhttps://medium.com/@anonymous19999/come-back-802e211927f6?source=rss------bug_bounty-5Anonymouslife, love, bug-bounty, comeback26-Jun-2024
Learn Android Penetration Testing Skill with This Vulnerable APKhttps://medium.com/@phyowathone/learn-android-penetration-testing-skill-with-this-vulnerable-apk-94d9300a11c4?source=rss------bug_bounty-5Phyo WaThone Winandroid-pentesting, android-security, application-security, android-bug-bounty, bug-bounty26-Jun-2024
How I found XSS and open redirect in Kamiapp.com accidentallyhttps://medium.com/@alimuhammadsecured/how-i-found-xss-and-open-redirect-in-kamiapp-com-accidentally-364ef7db939d?source=rss------bug_bounty-5Alimuhammadsecuredxss-attack, cybersecurity, hacking, bug-bounty26-Jun-2024
Complex Attack Types: Sample Scenarios 26https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-26-9b05b2b26815?source=rss------bug_bounty-5Baris Dincerbug-bounty, penetration-testing, freedomofinternet, cybersecurity, information-security26-Jun-2024
Unveiling the Secrets of Server-Side Template Injection (SSTI) in Flask and Jinja2https://medium.com/@baraiprince0111/unveiling-the-secrets-of-server-side-template-injection-ssti-in-flask-and-jinja2-25c57ab3199f?source=rss------bug_bounty-5Baraiprincectf, hacking, cybersecurity, trends, bug-bounty26-Jun-2024
Unveiling OAuth Vulnerabilities: Exploring Account Access Without Email Verificationhttps://medium.com/@sulmanfarooq531/unveiling-oauth-vulnerabilities-exploring-account-access-without-email-verification-d36762361df7?source=rss------bug_bounty-5Sulman Farooq Sbug-bounty, cybersecurity, oauth, hacking, oauth226-Jun-2024
How i’ve found : ( IDOR + XSS ) = all USERS account takeover 🙂 ?https://medium.com/@zack0x01_/how-ive-found-idor-xss-all-users-account-takeover-a49d59cf5108?source=rss------bug_bounty-5zack0x01bugbounty-tips, bug-bounty, bugbounty-poc, hacking, bugbounty-writeup26-Jun-2024
VRP [IDOR] Menghapus dan Melihat Data Korbanhttps://medium.com/@anvilleofficial/vrp-idor-menghapus-dan-melihat-data-korban-a9e1f8978798?source=rss------bug_bounty-5barridor, bug-bounty26-Jun-2024
How I compromised 1500 accounts/month with no technical skillhttps://theclemvp.medium.com/how-i-compromised-1500-accounts-month-with-no-technical-skill-6a83ecd5c8eb?source=rss------bug_bounty-5Clémentcybersecurity, pentesting, penetration-testing, hacking, bug-bounty26-Jun-2024
14.6 Lab: CSRF Vulnerability where token validation depends on request methodhttps://cyberw1ng.medium.com/14-6-lab-csrf-vulnerability-where-token-validation-depends-on-request-method-78f2a2c33173?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity26-Jun-2024
OTP Bypass through Response Manipulationhttps://medium.com/@xnum.1/otp-bypass-through-response-manipulation-905bc70e5ff4?source=rss------bug_bounty-5Ahmed Tarekauthentication-bypass, authentication, bug-bounty, otp-verification, otp-bypass26-Jun-2024
Explotando Vulnerabilidades de Validación de Entrada en un Workflow de Compras — Web Sec Academyhttps://zhunter12.medium.com/explotando-vulnerabilidades-de-validaci%C3%B3n-de-entrada-en-un-workflow-de-compras-web-sec-academy-a1e3265c46b8?source=rss------bug_bounty-5Oscar Romerociberseguridad, portswigger-lab, bug-bounty, business-logic-flaw, burpsuite26-Jun-2024
Understanding Web Security Concepts: A Comprehensive Guidehttps://medium.com/@cybe3king/understanding-web-security-concepts-a-comprehensive-guide-61ced70c3337?source=rss------bug_bounty-5Cybe3kingbug-bounty, cybersecurity, penetration-testing, web-security, ethical-hacking26-Jun-2024
Securing Your Home Network: Final Stepshttps://medium.com/@jessemridley/securing-your-home-network-final-steps-676b1d7c3787?source=rss------bug_bounty-5Jesse Ridleybug-bounty, network-security, hackathons, freelancing, cybersecurity25-Jun-2024
13.31 Lab: Exploiting XSS to perform CSRFhttps://cyberw1ng.medium.com/13-31-lab-exploiting-xss-to-perform-csrf-0fffd6243312?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, bug-bounty, hacking, cybersecurity25-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-10)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-10-466f0806866b?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, bug-bounty-writeup, bug-bounty-program, bug-bounty-tips, bug-bounty-hunter25-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-9)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-9-f76dc4218c1c?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty, bug-bounty-program, bug-bounty-writeup, bug-bounty-tips25-Jun-2024
#3. Bug Bounty Series: OTP Verification Bypasshttps://cyb3rmind.medium.com/3-bug-bounty-series-otp-verification-bypass-468526b76720?source=rss------bug_bounty-5Cyb3r M!ndsbug-bounty, otp-bypass, hacking, bug-bounty-tips, pentesting25-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-11)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-11-f5009818fb39?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty, bug-bounty-start-up, bug-bounty-tips, bug-bounty-hunting25-Jun-2024
The Role of Ethical Hackers in Web3 Securityhttps://securrtech.medium.com/the-role-of-ethical-hackers-in-web3-security-e858b516b43d?source=rss------bug_bounty-5Securrblockchain, bug-bounty, web3bugbounty, web3-security, web325-Jun-2024
“Onerror” Ne Demek ?https://medium.com/@beratkolay37/onerror-ne-demek-bb751f8e6a1b?source=rss------bug_bounty-5Berat K.kali-linux, html, bug-bounty, onerror, javascript25-Jun-2024
#3. Bug Bounty Series: OTP Verification bypass leads to unauthorized booking appointmenthttps://cyb3rmind.medium.com/3-bug-bounty-series-otp-verification-bypass-468526b76720?source=rss------bug_bounty-5Cyb3r M!ndsbug-bounty, otp-bypass, hacking, bug-bounty-tips, pentesting25-Jun-2024
ZDay Olarak Bulduğum PostMessage XSS Zafiyetinin Analizihttps://grolar.medium.com/zday-olarak-buldu%C4%9Fum-postmessage-xss-zafiyetinin-analizi-4c81471e32e5?source=rss------bug_bounty-5Grolarbug-bounty-writeup, dom-xss, bug-bounty, xss-vulnerability, web-security25-Jun-2024
Testing SolarWinds Serv-U Path Directory Transversal Vulnerability (CVE-2024–28995)https://noorhomaid.medium.com/testing-solarwinds-serv-u-path-directory-transversal-vulnerability-cve-2024-28995-d80e60d31a8d?source=rss------bug_bounty-5NoorHomaidcybersecurity, cve, penetration-testing, bug-bounty, solarwinds-hack25-Jun-2024
The one where I owned a customer service platformhttps://medium.com/@un1tycyb3r/the-one-where-i-owned-a-customer-service-platform-2fd4cff11b28?source=rss------bug_bounty-5Un1tycyb3rbug-bounty25-Jun-2024
Find Sensitive Data’s using via network analysis make me 250$https://medium.com/@test123cybertest/find-sensitive-datas-using-via-network-analysis-make-me-250-a0b23b0cb03b?source=rss------bug_bounty-5praveenarsh0xx0pentesting, bug-bounty, cybersecurity, bug-bounty-tips25-Jun-2024
How I Found a Vulnerability in Paytm and Received a Bountyhttps://mufazmi.medium.com/how-i-found-a-vulnerability-in-paytm-and-received-a-bounty-d580ea14e9a8?source=rss------bug_bounty-5Umair Farooqui ✪paytm-bug-bounty, mufazmi, bug-bounty, umair-farooqui, paytm-bug25-Jun-2024
Hackathon CTF VulnHub | Writeup | Walkthroughhttps://shamsulmehmood.medium.com/hackathon-ctf-vulnhub-writeup-walkthrough-aa36adedc49e?source=rss------bug_bounty-5SHAMS UL MEHMOODvulnerability, cybersecurity, ai, hacker, bug-bounty25-Jun-2024
My First Bug Hunting Experience: A Journey from Disappointment to Successhttps://b0mk35h.medium.com/my-first-bug-hunting-experience-a-journey-from-disappointment-to-success-ae92c222a0d0?source=rss------bug_bounty-5Pronay Biswasbug-bounty, ethical-hacking, cybersecurity, web-security, cyberattack24-Jun-2024
Unseen Dangers: How Cloud Misconfigurations Could Be Your Company’s Biggest Threathttps://medium.com/@paritoshblogs/unseen-dangers-how-cloud-misconfigurations-could-be-your-companys-biggest-threat-c1ed86b10093?source=rss------bug_bounty-5Paritoshcloud-computing, cybersecurity, hacking, bug-bounty, cloud24-Jun-2024
Roadmap to Becoming a Professional Penetration Tester with Estimated Learning Timehttps://medium.com/@cuncis/roadmap-to-becoming-a-professional-penetration-tester-with-estimated-learning-time-d352bdd43fbe?source=rss------bug_bounty-5Cunciscybersecurity, penetration-test, bug-bounty, penetration-testing, hacker24-Jun-2024
Understanding Cybersecurity: Exploits, CVEs, and Morehttps://systemweakness.com/understanding-cybersecurity-exploits-cves-and-more-59b41bf679dc?source=rss------bug_bounty-5Khaleel Khancybersecurity, bug-bounty, hacking, infosec, ethical-hacking24-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-6)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-6-2ad674553fa0?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-writeup, bug-bounty-tips, bug-bounty, bug-bounty-program, bug-bounty-hunter24-Jun-2024
CVE Seeker — Unveiling Cyber Threats: From Assets to Vulnerability Insightshttps://anmolksachan.medium.com/cve-seeker-unveiling-cyber-threats-from-assets-to-vulnerability-insights-b4b485a7aefb?source=rss------bug_bounty-5Anmol K Sachanrecon, shodan, asm, bug-bounty, attack-surface-management24-Jun-2024
13.30 Lab: Exploiting cross-site scripting to capture passwordshttps://cyberw1ng.medium.com/13-30-lab-exploiting-cross-site-scripting-to-capture-passwords-bd3714035b4a?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, penetration-testing, careers, cybersecurity24-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-8)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-8-3d5a833a4842?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty, bug-bounty-program, bug-bounty-hunter, bug-bounty-writeup24-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-7)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-7-6a8786ecb6f4?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup24-Jun-2024
OTP Bypass through Session Manipulationhttps://medium.com/@n4if/otp-bypass-through-session-manipulation-d73deceaa42f?source=rss------bug_bounty-50xNAiFpenetration-testing, bug-bounty, computer-science, cybersecurity24-Jun-2024
Insecure Direct Object Reference (IDOR) Walkthrough — VulnLab by Yavuzlarhttps://medium.com/@muhammadriva/insecure-direct-object-reference-idor-walkthrough-vulnlab-by-yavuzlar-3d16ce3f5345?source=rss------bug_bounty-5Muhammad Riva Fanzury Scybersecurity, bug-bounty, ethical-hacking, penetration-testing, idor-vulnerability24-Jun-2024
Cross Site Scripting (XSS) Walkthrough — VulnLab XSS by Yavuzlarhttps://medium.com/@muhammadriva/cross-site-scripting-xss-walkthrough-vulnlab-xss-by-yavuzlar-149d14ab2d6b?source=rss------bug_bounty-5Muhammad Riva Fanzury Scross-site-scripting, bug-bounty, cybersecurity, penetration-testing, ethical-hacking24-Jun-2024
OAuth CSRF: Exploiting the Authorization Code Flow for Account Takeoverhttps://medium.com/@cyberpro151/oauth-csrf-exploiting-the-authorization-code-flow-for-account-takeover-f67cee914d39?source=rss------bug_bounty-5cyberpro151web-security, account-takeover, bug-bounty, appsec, hacking24-Jun-2024
Bypassing Reset Password ATO (Account takeover) through JavaScript Breakpointshttps://medium.com/@asaad0x/bypassing-reset-password-ato-account-takeover-through-javascript-breakpoints-e71187ad7171?source=rss------bug_bounty-5Ahmad Asaadaccount-takeover, bug-bounty, penetration-testing, cybersecurity, infosec24-Jun-2024
Poodle Haney Bug Bountyhttps://medium.com/@haneypoodle/poodle-haney-bug-bounty-1b0a10a03689?source=rss------bug_bounty-5Poodle Haneymemecoins, haney, bug-bounty, poodle-haney24-Jun-2024
Tutorial Install Burpsuite Beginnerhttps://medium.com/@muhammadriva/tutorial-install-burpsuite-beginner-927375c22f94?source=rss------bug_bounty-5Muhammad Riva Fanzury Sbug-bounty, penetration-testing, cybersecurity, junior-pentester, burpsuite24-Jun-2024
Unrestricted File Upload Walkthrough — VulnLab by Yavuzlarhttps://medium.com/@muhammadriva/unrestricted-file-upload-walkthrough-vulnlab-by-yavuzlar-76854ebafe84?source=rss------bug_bounty-5Muhammad Riva Fanzury Spenetration-testing, bug-bounty, remote-code-execution, cybersecurity, backdoor24-Jun-2024
Bypassing Reset Password ATO (Account takeover) through JavaScript Breakpointshttps://read.martiandefense.llc/bypassing-reset-password-ato-account-takeover-through-javascript-breakpoints-e71187ad7171?source=rss------bug_bounty-5Ahmad Asaadaccount-takeover, bug-bounty, penetration-testing, cybersecurity, infosec24-Jun-2024
Next.js and cache poisoning: a quest for the black holehttps://medium.com/@zhero_/next-js-and-cache-poisoning-a-quest-for-the-black-hole-1ae634170a1e?source=rss------bug_bounty-5Rachid.Ahacking, bug-bounty, nextjs, web-security, javascript24-Jun-2024
Bug Bounty Programs: How Outsourcing Can Help Your Project — Sinhala Translationhttps://medium.com/@integriteesrilanka/bug-bounty-programs-how-outsourcing-can-help-your-project-sinhala-translation-0a40a97e58c7?source=rss------bug_bounty-5Integritee Sri Lankabug-bounty, immunefi, blockchain24-Jun-2024
OTP Bypass through Session Manipulationhttps://medium.com/@n4if/otp-bypass-through-session-manipulation-d73deceaa42f?source=rss------bug_bounty-50xn4ifpenetration-testing, bug-bounty, computer-science, cybersecurity24-Jun-2024
How i got easy multiple RXSShttps://medium.com/@0xmekky/how-i-got-easy-multiple-rxss-dd3a6bc521dd?source=rss------bug_bounty-5abdelrahem mekkyxss-attack, penetration-testing, reflected-xss, web-app-security, bug-bounty23-Jun-2024
Complex Attack Types: Sample Scenarios 23https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-23-c0079166f4d9?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, threat-intelligence, cybersecurity, penetration-testing, bug-bounty23-Jun-2024
13.29 Exploiting cross-site scripting to steal cookieshttps://cyberw1ng.medium.com/13-29-exploiting-cross-site-scripting-to-steal-cookies-21c7d5851ea3?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, penetration-testing, cybersecurity, bug-bounty23-Jun-2024
Duplicate P1 in public programhttps://medium.com/@mohamed.yasser442200/duplicate-p1-in-public-program-aa9ade8f61c3?source=rss------bug_bounty-5Spider4pentesting, bug-bounty-tips, authentication, hacking, bug-bounty23-Jun-2024
New 100$ Bug in My Methodology!https://medium.com/@rewmcode/new-100-bug-in-my-methodology-60d99f0dafe2?source=rss------bug_bounty-5Ali Rembug-bounty-tips, hacking, hacker, bug-bounty23-Jun-2024
Chaining bugs for Account Takeoverhttps://medium.com/@hbenja47/chaining-bugs-for-account-takeover-0b90a2d952af?source=rss------bug_bounty-5Benja (bronxi)hacking, bug-bounty23-Jun-2024
Guide to Using httpxhttps://medium.com/@learntheshell/guide-to-using-httpx-a542cbdc4ed4?source=rss------bug_bounty-5LearnTheShellcybersecurity, httpx, bug-bounty, linux, hacking22-Jun-2024
The Ultimate Shodan Search Guide for Cybersecurity Analystshttps://systemweakness.com/the-ultimate-shodan-search-guide-for-cybersecurity-analysts-283f17f56182?source=rss------bug_bounty-5Khaleel Khanhacking, cybersecurity, infosec, bug-bounty, cheatsheet22-Jun-2024
How I Found a Simple IDOR Bug That Exposed Sensitive Datahttps://medium.com/@dra0x0/how-i-found-a-simple-idor-bug-that-exposed-sensitive-data-36e6e9b508db?source=rss------bug_bounty-5dra0x0application-security, ethical-hacking, cybersecurity, software-testing, bug-bounty22-Jun-2024
How I found a .env file and can access the whole server of mysqlhttps://medium.com/@jeetpal2007/how-i-found-a-env-file-and-can-access-the-whole-server-of-mysql-a21af69cbd12?source=rss------bug_bounty-5JEETPALbug-bounty-tips, bug-bounty, cybersecurity, bugbounty-writeup, env-file22-Jun-2024
Practical Threat Hunting Using Known IOC IPshttps://medium.com/@paritoshblogs/practical-threat-hunting-using-known-ioc-ips-26a4eab0b616?source=rss------bug_bounty-5Paritoshcybersecurity, incident-response, bug-bounty, ransomware, threat-hunting22-Jun-2024
CVE-2024–28999 SolarWinds Race Conditionhttps://medium.com/@0xSphinx/cve-2024-28999-solarwinds-race-condition-62e175339b46?source=rss------bug_bounty-50xSphinxcybersecurity, bug-bounty, hacking, cyber-security-awareness, security22-Jun-2024
13.28 Lab: Reflected XSS into a template literal with angle brackets, single, double quotes…https://cyberw1ng.medium.com/13-28-lab-reflected-xss-into-a-template-literal-with-angle-brackets-single-double-quotes-45602869f45f?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, penetration-testing, cybersecurity22-Jun-2024
Found Bugs, Got paid, Stayed poor: Making a Living with Bug Bountieshttps://slava-moskvin.medium.com/found-bugs-got-paid-stayed-poor-making-a-living-with-bug-bounties-04ba1fbbab73?source=rss------bug_bounty-5Path Cybersec [Slava Moskvin]pentesting, reverse-engineering, cybersecurity, bug-bounty, offensive-security22-Jun-2024
Update on DNS problem with Lubuntu 24.04https://ariedwikusuma9.medium.com/update-on-dns-problem-with-lubuntu-24-04-5c48a903026f?source=rss------bug_bounty-5Ariekusumalinux, lubuntu, ubuntu, wireguard, bug-bounty21-Jun-2024
Bypassing iCloud Web Access Restrictionhttps://ltsirkov.medium.com/bypassing-icloud-web-access-restriction-30cdf12b979c?source=rss------bug_bounty-5Lyubomir Tsirkovbug-bounty, bug-bounty-tips, bugbounty-writeup, cybersecurity21-Jun-2024
How I Found 3 Bugs in a Single Dayhttps://medium.com/@dsmodi484/how-i-found-3-bugs-in-a-single-day-a690e2abd4fb?source=rss------bug_bounty-5Dishant Modioffensive-security, vapt, idor, bugs, bug-bounty21-Jun-2024
Dork Like a Pro: Exploiting Google for Bug Bounty Winshttps://medium.com/@RaunakGupta1922/dork-like-a-pro-exploiting-google-for-bug-bounty-wins-fd2612d7fde3?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitgoogle-dork, bug-bounty, vulnerability, hacking, cyber-security-awareness21-Jun-2024
Complex Attack Types: Sample Scenarios 22https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-22-f720da3d9dc3?source=rss------bug_bounty-5Baris Dincerinformation-technology, penetration-testing, bug-bounty, cybersecurity, freedomofinternet21-Jun-2024
Broken Access Control on an E-commerce website allows attackers to lengthen trial planhttps://medium.com/@p00dl3/broken-access-control-on-an-e-commerce-website-allows-attackers-to-lengthen-trial-plan-e59f5976bca3?source=rss------bug_bounty-5p00dl3cybersecurity, bug-bounty21-Jun-2024
Say Goodbye to Pesky Bugs: Top Bug Zappers for Perfect Family Gatheringshttps://medium.com/@seng4k2/say-goodbye-to-pesky-bugs-top-bug-zappers-for-perfect-family-gatherings-b23f405ac0c5?source=rss------bug_bounty-5Kear Sengmosquito, insects, bugs, bug-bounty, pest-control21-Jun-2024
13.27 Lab: Reflected XSS into a JavaScript string with a single quote and backslash-escapedhttps://cyberw1ng.medium.com/13-27-lab-reflected-xss-into-a-javascript-string-with-a-single-quote-and-backslash-escaped-2fbc757feb1a?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, bug-bounty, careers, cybersecurity21-Jun-2024
Exploring Web Infrastructure: Tools and Techniques for Effective Reconhttps://medium.com/@Kaizen2977/exploring-web-infrastructure-tools-and-techniques-for-effective-recon-11907b7ec938?source=rss------bug_bounty-5kapil Chotaliabug-bounty, penetration-testing, dns, email, cybersecurity21-Jun-2024
Quick & Easy $100 Bug That You Can Find In 5 minuteshttps://levelup.gitconnected.com/quick-easy-100-bug-that-you-can-find-in-5-minutes-aeb4b16745d9?source=rss------bug_bounty-5Hamza Avvanethical-hacking, bug-bounty, cybersecurity, earn-money-online, api21-Jun-2024
Best Practices for Securing Your Decentralized Applicationhttps://securrtech.medium.com/best-practices-for-securing-your-decentralized-application-d049a9ec547d?source=rss------bug_bounty-5Securrblockchain, web3, security, securr, bug-bounty21-Jun-2024
Everything About EC-Council CEHhttps://medium.com/@mazharshadab292/everything-about-ec-council-ceh-fb47b0392104?source=rss------bug_bounty-5Shadab Mazharhacking, social-media, computer-science, cybersecurity, bug-bounty21-Jun-2024
If youre looking for thorough and professional penetration testing services, youve come to the…https://medium.com/@kafim3137/if-youre-looking-for-thorough-and-professional-penetration-testing-services-youve-come-to-the-ea3d1129b61f?source=rss------bug_bounty-5Farhadbug-bounty, penetration-test, vulnerability, vulnerability-assessment, penetration-testing21-Jun-2024
Part 1- Everything You Need to Know About Browser Security Policies — SOP, CORS.https://medium.com/@vikramroot/part-1-everything-you-need-to-know-about-browser-security-policies-sop-cors-3eb025fd3ab8?source=rss------bug_bounty-5vikram naidubugbounty-writeup, penetration-testing, application-security, cybersecurity, bug-bounty21-Jun-2024
Part 2- Everything You Need to Know About Browser Security Policies — CSP, Cookie Attributes, etc.https://medium.com/@vikramroot/part-2-everything-you-need-to-know-about-browser-security-policies-csp-cookie-attributes-etc-3ea98f737b3a?source=rss------bug_bounty-5vikram naidupenetration-testing, bug-bounty, product-security, cybersecurity, application-security21-Jun-2024
Microsoft Subdomain XSS Report — Publishedhttps://ibrahimxss.medium.com/microsoft-subdomain-xss-report-published-3e4f54eea93c?source=rss------bug_bounty-5#IbrahimXSSxss-attack, xss-bypass, bug-bounty, microsoft, xss-vulnerability21-Jun-2024
Discovering an XSS Vulnerability on Vue.js 2.6.10 WebApphttps://ibrahimxss.medium.com/discovering-an-xss-vulnerability-on-vue-js-2-6-10-webapp-e6c0cc88e840?source=rss------bug_bounty-5#IbrahimXSSxss-attack, bug-bounty, xss-bypass, hacking, xss-vulnerability21-Jun-2024
Being Better at Burphttps://medium.com/@fat_zombi/being-better-at-burp-b9585186aa08?source=rss------bug_bounty-5Fatzombiappsec, bug-bounty, proxy, burpsuite20-Jun-2024
OWASP Top 10 SQL Injection Vulnerabilityhttps://medium.com/@Joshua_sk/owasp-top-10-sql-injection-vulnerability-97168af8978e?source=rss------bug_bounty-5Joshua_skvulnerability, web-hacking, bug-bounty, sql-injection, owasp-top-1020-Jun-2024
Kraken Crypto Exchange Hit by $3 Million Theft Exploiting Zero-Day Flawhttps://medium.com/@malikijlal/kraken-crypto-exchange-hit-by-3-million-theft-exploiting-zero-day-flaw-6f218c3aef57?source=rss------bug_bounty-5Malik Ijlalbug-bounty, cryptocurrency, cybersecurity, hacking, kraken20-Jun-2024
Getting Into Cybersecurity: A Roadmaphttps://medium.com/@majix_de/getting-into-cybersecurity-a71cde8a57b3?source=rss------bug_bounty-5Majixcybersecurity-tips, bug-bounty, infoseccareer, ethical-hacking, hack-to-learn20-Jun-2024
Untold story of Zomato XSShttps://medium.com/@info_4040/untold-story-of-zomato-xss-148c91d2faec?source=rss------bug_bounty-5Bug Detector'sxss-vulnerability, bug-bounty, bug-bounty-tips, penetration-testing, xss-attack20-Jun-2024
TryHackMe SQLMap Roomhttps://medium.com/@Joshua_sk/tryhackme-sqlmap-room-06fd30f8a0b1?source=rss------bug_bounty-5Joshua_sktryhackme, cybersecurity, sqlmap, bug-bounty, sql-injection20-Jun-2024
Kraken Faces Extortion Attempt After $3M Bug Exploithttps://medium.com/@whalecrypto/kraken-faces-extortion-attempt-after-3m-bug-exploit-f086f479a4f1?source=rss------bug_bounty-5Crypto Whale Mediumkraken, crypto-hack, blockchain-security, cryptoextortion, bug-bounty20-Jun-2024
Complex Attack Types: Sample Scenarios 21https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-21-e65a13b96002?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, threat-intelligence, bug-bounty, penetration-testing, cybersecurity20-Jun-2024
OAuth Misconfiguration: Preemptive Account Registration Exploitationhttps://mmnahian.medium.com/oauth-misconfiguration-preemptive-account-registration-exploitation-407be50d6037?source=rss------bug_bounty-5mmnahianbug-bounty, information-security, bug-bounty-tips, sso, oauth20-Jun-2024
What is prototype pollution?https://cyberw1ng.medium.com/what-is-prototype-pollution-76694f0db76a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing20-Jun-2024
Very damn vulnerable government site 2.0https://medium.com/@bl4cksku11/very-damn-vulnerable-government-site-2-0-cf9535cbdb4e?source=rss------bug_bounty-5Bl4cksku11vulnerability, bug-bounty, research, hacking, red-team20-Jun-2024
IF YOU DON.T HAVE money, SELL YOUR CROSS SITE SCRIPTINGhttps://medium.com/@1daytosee/if-you-don-t-have-money-sell-your-cross-site-scripting-dc4b6bdd046f?source=rss------bug_bounty-51day2seexss-attack, bug-bounty, pentesting, selling, hacking20-Jun-2024
Inside the Kraken $3M Hack: What Happened?https://medium.com/@cryptopiannews/inside-the-kraken-3m-hack-what-happened-4a0af98c498e?source=rss------bug_bounty-5Cryptopiannewsbug-bounty, kraken, kraken-3m-hack, cryptopiannews, crypto-hack20-Jun-2024
How Static Analysis Uncovers Hidden Malware Threats !https://medium.com/@paritoshblogs/how-static-analysis-uncovers-hidden-malware-threats-7c62d132f7f8?source=rss------bug_bounty-5Paritoshcybersecurity, malware, bug-bounty, static-malware-analysis, hacking19-Jun-2024
Analyzing a Major Web3 Vulnerability and Its Resolutionhttps://securrtech.medium.com/analyzing-a-major-web3-vulnerability-and-its-resolution-69955d55a0f6?source=rss------bug_bounty-5Securrblockchain, bug-bounty, web3, security, securr19-Jun-2024
29.9 Lab: Remote code execution via server-side prototype pollutionhttps://cyberw1ng.medium.com/29-9-lab-remote-code-execution-via-server-side-prototype-pollution-d5c98bfe3e73?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, cybersecurity, penetration-testing19-Jun-2024
Code Execution Vulnerability in Behave: A Deep Divehttps://medium.com/@piyushbhor22/code-execution-vulnerability-in-behave-a-deep-dive-b8c7431a71f9?source=rss------bug_bounty-5Pisecurity-research, bug-bounty, code-review, cybersecurity, vulnerability-research19-Jun-2024
Mastering Bug Bounty: Tips and Strategies for Successhttps://medium.com/@whitehatcyber404/mastering-bug-bounty-tips-and-strategies-for-success-df27b24f2009?source=rss------bug_bounty-5Cyber_catzbug-bounty-writeup, bugbounty-writeup, bug-bounty-tips, bug-bounty, bugbounty-tips19-Jun-2024
Complex Attack Types: Sample Scenarios 19https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-19-2a39b7806616?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, cybersecurity, bug-bounty, information-technology, penetration-testing19-Jun-2024
The Best Resources for Cybersecurity Pros and Bug Bounty Huntershttps://medium.com/@turvsec/the-best-resources-for-cybersecurity-pros-and-bug-bounty-hunters-f674c2abebb2?source=rss------bug_bounty-5TurvSecpentesting, infosec, bug-bounty, cybersecurity19-Jun-2024
Unlocking the Future of Web Security with the #IBRAHIMXSS Toolhttps://ibrahimxss.medium.com/unlocking-the-future-of-web-security-with-the-ibrahimxss-tool-a33843cdc259?source=rss------bug_bounty-5#IbrahimXSSxss-vulnerability, bug-bounty, xss-attack, hacking, xss-bypass19-Jun-2024
A Place for Cybersecurity and Bug Bounty Content Creators to Shinehttps://medium.com/@turvsec/a-place-for-cybersecurity-and-bug-bounty-content-creators-to-shine-fa0096ce2559?source=rss------bug_bounty-5TurvSecbug-bounty, cybersecurity, infosec19-Jun-2024
Complex Attack Types: Sample Scenarios 20https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-20-f2f9e8f6725e?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, cybersecurity, penetration-testing, bug-bounty, information-technology19-Jun-2024
Mastering Bug Bounty: Tips and Strategies for Successhttps://medium.com/@cyber_catz/mastering-bug-bounty-tips-and-strategies-for-success-df27b24f2009?source=rss------bug_bounty-5cyber_catzbug-bounty-writeup, bugbounty-writeup, bug-bounty-tips, bug-bounty, bugbounty-tips19-Jun-2024
Web App Sec RECON — Black Box Foundations and TTPshttps://medium.com/@meshcode/web-app-sec-recon-black-box-foundations-and-ttps-4bf095b7c004?source=rss------bug_bounty-5Mateusz (meshcode)recon, stealth, web-app-security, infosec, bug-bounty19-Jun-2024
IDOR on HackerOne Embedded Submission Formhttps://medium.com/pinoywhitehat/idor-on-hackerone-embedded-submission-form-9e59c6f044b3?source=rss------bug_bounty-5Japz Divinohacking, pinoywhitehat, infosec, bug-bounty19-Jun-2024
Kraken’s $3 Million Bug Bounty Breach: Ethical Dilemmas and Security Challengeshttps://medium.com/@MiamiCryptoCom/krakens-3-million-bug-bounty-breach-ethical-dilemmas-and-security-challenges-cc459b015fd8?source=rss------bug_bounty-5Miami Cryptocryptocurrency-security, kraken, ethical-hacking, bug-bounty19-Jun-2024
Web App Sec RECON — Black Box Foundations and TTPshttps://medium.com/cyberpower-telenoia/web-app-sec-recon-black-box-foundations-and-ttps-4bf095b7c004?source=rss------bug_bounty-5Mateusz (meshcode)recon, stealth, web-app-security, infosec, bug-bounty19-Jun-2024
Web App Sec RECON — Black Box Foundations and TTPshttps://medium.com/cyberpower-telenoia/web-app-sec-recon-black-box-foundations-and-ttps-4bf095b7c004?source=rss------bug_bounty-5Matty K.recon, stealth, web-app-security, infosec, bug-bounty19-Jun-2024
Unmasking the Invisible Threat: The Ultimate Guide to Malware Analysishttps://medium.com/@paritoshblogs/unmasking-the-invisible-threat-the-ultimate-guide-to-malware-analysis-d287c4d74e7d?source=rss------bug_bounty-5Paritoshmalware-analysis, cybersecurity, information-technology, malware, bug-bounty18-Jun-2024
A Comprehensive Guide to Android App Pentesting for Bug Bounty Hunterhttps://medium.com/@pankajkryadav1/a-comprehensive-guide-to-android-app-pentesting-for-bug-bounty-hunter-ada51e521814?source=rss------bug_bounty-5Pankaj kr Yadavmethodology, bug-bounty, android-pentesting, bug-bounty-tips18-Jun-2024
Exploring the DAO Hack: Lessons Learned for Web3 Securityhttps://securrtech.medium.com/exploring-the-dao-hack-lessons-learned-for-web3-security-08d23984af79?source=rss------bug_bounty-5Securrdao, securr, web3, bug-bounty, web3-security18-Jun-2024
Subdomains Enumeration: Tools, Techniques, and Tipshttps://medium.com/@Kaizen2977/subdomains-enumeration-tools-techniques-and-tips-4d43ea31dc0f?source=rss------bug_bounty-5kapil Chotaliainfosec, penetration-testing, bug-bounty, subdomain, enumeration18-Jun-2024
Intentions HackTheBox Walkthroughhttps://d3athcod3.medium.com/intentions-hackthebox-walkthrough-ad2eb053e224?source=rss------bug_bounty-5D3athCod3cybersecurity, ethical-hacking, development, bug-bounty, hackthebox18-Jun-2024
How I got started in Cyber Security | Getting my first job and How you can too..https://captain-pool.medium.com/how-i-got-started-in-cyber-security-getting-my-first-job-and-how-you-can-too-dc52da614d6d?source=rss------bug_bounty-5Captain Poolweb-app-security, hackthebox, cybersecurity, bug-bounty, hacking18-Jun-2024
Server Access: Admin Panel and RFU Bypasshttps://zvitox.medium.com/server-access-admin-panel-and-rfu-bypass-45af32057a2d?source=rss------bug_bounty-5Mohammad Sadra Naderireport, tips, security, bug-bounty, hacking18-Jun-2024
How ChatGPT Turned Me into a Hackerhttps://medium.com/@jonathanmondaut/how-chatgpt-turned-me-into-a-hacker-7469d5b43026?source=rss------bug_bounty-5Jonathan Mondautbug-bounty, openai, large-language-models, hacking, learning18-Jun-2024
Day 22 of our #CyberQuest1095 Day Challengehttps://d3athcod3.medium.com/day-22-of-our-cyberquest1095-day-challenge-c993ded22604?source=rss------bug_bounty-5D3athCod3bug-bounty, development, cybersecurity, hacking, challenge18-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-5)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-5-efb95db2210b?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-bounty-hunter18-Jun-2024
Bug Bounty Hunting — Complete Guide (Part -4)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-4-00e815fa8026?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty18-Jun-2024
29.8 Lab: Bypassing flawed input filters for server-side prototype pollutionhttps://cyberw1ng.medium.com/29-8-lab-bypassing-flawed-input-filters-for-server-side-prototype-pollution-fa379f811a06?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, careers, bug-bounty, penetration-testing18-Jun-2024
Server Access: Admin Panel and RFU Bypasshttps://zvitox.medium.com/server-access-admin-panel-and-rfu-bypass-45af32057a2d?source=rss------bug_bounty-5Mohammad Sadra Naderi (ZVitoX)report, tips, security, bug-bounty, hacking18-Jun-2024
A Learning Journey: Attempting to Turn a WordPress Theme CVE into a PoChttps://medium.com/@motoko_ayanami/a-learning-journey-attempting-to-turn-a-wordpress-theme-cve-into-a-poc-225cde954493?source=rss------bug_bounty-5Motoko Ayanamiwordpress, wpscan, hacking, bug-bounty18-Jun-2024
Demystifying Bug Bounty Hunting: A Deep Dive into Cybersecurity's Hidden Gemhttps://medium.com/@biswalsandeep594/demystifying-bug-bounty-hunting-a-deep-dive-into-cybersecuritys-hidden-gem-d8ad2d2d7fcb?source=rss------bug_bounty-5Sandeep priyadarshi Biswalbug-bounty, hacking, cryptocurrency, software-engineering, cybersecurity18-Jun-2024
Guide to Using Nucleihttps://medium.com/@learntheshell/guide-to-using-nuclei-9c37869be30e?source=rss------bug_bounty-5LearnTheShellbug-bounty, linux, vulnerability-scanning, cybersecurity18-Jun-2024
Brand-new prototype pollution gadget in MongoDB leading to RCEhttps://medium.com/@vuusale/brand-new-prototype-pollution-gadget-in-mongodb-leading-to-rce-8c5e0087c15e?source=rss------bug_bounty-5Vuusalecybersecurity, vulnerability, bug-bounty, npm17-Jun-2024
Breaking into the VIP Club: A Tale of Parameter Tampering Exploitshttps://systemweakness.com/breaking-into-the-vip-club-a-tale-of-parameter-tampering-exploits-83df7b6b9691?source=rss------bug_bounty-5Jody ritongaweb, bug-bounty, hacking, bugs, bug-bounty-tips17-Jun-2024
Understanding Web3 Bug Bounties: How They Enhance Blockchain Securityhttps://securrtech.medium.com/understanding-web3-bug-bounties-how-they-enhance-blockchain-security-ac9e8361d7cf?source=rss------bug_bounty-5Securrweb3, bug-bounty, hacker, web3bugbounty, security17-Jun-2024
Hunting for Origin IP: A Beginner’s Guidehttps://medium.com/@pruthu.raut/hunting-for-origin-ip-a-beginners-guide-70235f3dd415?source=rss------bug_bounty-5PRUTHU RAUTcyber-security-awareness, bug-bounty, cybersecurity, bug-bounty-tips, bug-hunting17-Jun-2024
29.7 Lab: Detecting server-side prototype pollution without polluted property reflectionhttps://cyberw1ng.medium.com/29-7-lab-detecting-server-side-prototype-pollution-without-polluted-property-reflection-50e36dbe2629?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, bug-bounty, penetration-testing, careers17-Jun-2024
OSINT FOR BUG HUNTERhttps://medium.com/@Progsky/osint-for-bug-hunter-4ae5c700a13a?source=rss------bug_bounty-5Progskyosint, hacking, bug-bounty17-Jun-2024
Cross-Site Scripting via Web Cache Poisoning and WAF bypasshttps://ltsirkov.medium.com/cross-site-scripting-via-web-cache-poisoning-and-waf-bypass-6cb3412d9e11?source=rss------bug_bounty-5Lyubomir Tsirkovbug-bounty, bug-bounty-tips17-Jun-2024
Naabuhttps://medium.com/@roymemory2018/naabu-21c5438e05ae?source=rss------bug_bounty-5Audity Memory Roynaabu, port-scanner, kali-tools, bug-bounty, penetration-testing17-Jun-2024
0xhashimRESETriddle: Vulnerable Web Applicationhttps://medium.com/@hashimamin/0xhashimresetriddle-4f3270411800?source=rss------bug_bounty-5Hashim Aminvulnerability-management, bug-bounty, vulnerability, portswigger, cybersecurity17-Jun-2024
Brand-new prototype pollution gadget in MongoDB leading to RCEhttps://systemweakness.com/brand-new-prototype-pollution-gadget-in-mongodb-leading-to-rce-8c5e0087c15e?source=rss------bug_bounty-5Vuusalecybersecurity, vulnerability, bug-bounty, npm17-Jun-2024
29.6 Lab: Privilege escalation via server-side prototype pollutionhttps://cyberw1ng.medium.com/29-6-lab-privilege-escalation-via-server-side-prototype-pollution-4895762ce7d6?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, penetration-testing, careers, hacking16-Jun-2024
Broken Link Hijackinghttps://medium.com/@saeidmicro/broken-link-hijacking-8ff4808a6cd2?source=rss------bug_bounty-5Saeid Khaterbroken-link-hijacking, bug-bounty, cybersecurity16-Jun-2024
Bug Zero — This month in CyberSecurity (June 1–15)https://blog.bugzero.io/bug-zero-this-month-in-cybersecurity-june-1-15-51c4d918b5ae?source=rss------bug_bounty-5Akila Maithripalacybersecurity, bug-zero, newsletter, bug-bounty16-Jun-2024
Mastering Unauthenticated XSS Detection: Best Burp Suite Configurations for XSS Huntinghttps://medium.com/@mayank_prajapati/mastering-unauthenticated-xss-detection-best-burp-suite-configurations-for-xss-hunting-523d78ecfda8?source=rss------bug_bounty-5Mayank Kumar Prajapatibug-bounty, xss-attack, hunting, hacking, penetration-testing16-Jun-2024
Introducing r3conwhal3: Your Go-To Recon Automation Frameworkhttps://ibrahimtahaistikbal.medium.com/introducing-r3conwhal3-your-go-to-recon-automation-framework-c8840f3a4e0b?source=rss------bug_bounty-5İbrahim Taha İstikbalbug-bounty, security-tool, bug-bounty-tool, penetration-testing, reconnaissance16-Jun-2024
Direct access to admin dashboard via leaked credentialshttps://medium.com/@saeidmicro/direct-access-to-admin-dashboard-via-leaked-credentials-d1ed9bd18edb?source=rss------bug_bounty-5Saeid Khaterbug-bounty, cybersecurity16-Jun-2024
Complex Attack Types: Sample Scenarios 17https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-17-b73b1854ddbd?source=rss------bug_bounty-5Baris Dincercybersecurity, bug-bounty, threat-intelligence, freedomofinternet, penetration-testing16-Jun-2024
Hacking (not only) for Moneyhttps://medium.com/@guce/hacking-not-only-for-money-e71d72ab8c55?source=rss------bug_bounty-5gu cecybersecurity, bug-bounty, bug-bounty-program, vulnerability-assessment16-Jun-2024
Day 20 of Our #CyberQuest1095 Day Challengehttps://d3athcod3.medium.com/day-20-of-our-cyberquest1095-day-challenge-680fbd060cb5?source=rss------bug_bounty-5D3athCod3cybersecurity, challenge, penetration-testing, hacker, bug-bounty16-Jun-2024
Enumeração de subdomínios de diferentes fonteshttps://medium.com/@souzaw/enumera%C3%A7%C3%A3o-de-subdom%C3%ADnios-de-diferentes-fontes-9c67f5bc59e3?source=rss------bug_bounty-5Wagner Souzashell, bug-bounty, pentest, osint16-Jun-2024
Complex Attack Types: Sample Scenarios 18https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-18-efaf527942ba?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, bug-bounty, penetration-testing, information-technology, cybersecurity16-Jun-2024
Secrets in the Wild: Uncovering Hidden Threatshttps://medium.com/@dzianisskliar29/secrets-in-the-wild-uncovering-hidden-threats-9b26bf180d0c?source=rss------bug_bounty-5Dzianis Skliarbug-bounty, cybersecurity, threat-intelligence, penetration-testing16-Jun-2024
Top 10 Search Engines Every Cybersecurity Professional Should Knowhttps://ikhaleelkhan.medium.com/top-10-search-engines-every-cybersecurity-professional-should-know-ad92a80ce5e6?source=rss------bug_bounty-5Khaleel Khanbug-bounty, ethical-hacking, hacking, cybersecurity, infosec15-Jun-2024
[Bounty Weekend] View Any User Design With Simple Path Traversal IDORhttps://medium.com/@rifqihz/bounty-weekend-view-any-user-design-with-simple-path-traversal-idor-5fe0f59f56a6?source=rss------bug_bounty-5Rifqi Hilmy Zhafranthackerone, bug-bounty, broken-access-control15-Jun-2024
[Bounty Weekend] Possible Code Execution With Integration Script Tamperinghttps://medium.com/@rifqihz/bounty-weekend-possible-code-execution-with-integration-script-tampering-f38691e99d4b?source=rss------bug_bounty-5Rifqi Hilmy Zhafranthackerone, bug-bounty, cloud15-Jun-2024
Unveiling the Secret World of Google Dorks: How Hackers Use These Search Tricks to Access Your…https://systemweakness.com/unveiling-the-secret-world-of-google-dorks-how-hackers-use-these-search-tricks-to-access-your-117c53c05705?source=rss------bug_bounty-5Khaleel Khancybersecurity, bug-bounty, infosec, hacking, google15-Jun-2024
Top 10 Search Engines Every Cybersecurity Professional Should Knowhttps://medium.com/the-shaco/top-10-search-engines-every-cybersecurity-professional-should-know-ad92a80ce5e6?source=rss------bug_bounty-5Khaleel Khanbug-bounty, ethical-hacking, hacking, cybersecurity, infosec15-Jun-2024
29.5 Lab: Client-side prototype pollution in third-party librarieshttps://cyberw1ng.medium.com/29-5-lab-client-side-prototype-pollution-in-third-party-libraries-e767b8352862?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, careers, cybersecurity, bug-bounty15-Jun-2024
Intelligence HackTheBox Walkthrough | Active Directoryhttps://d3athcod3.medium.com/intelligence-hackthebox-walkthrough-active-directory-d9cb695201ce?source=rss------bug_bounty-5D3athCod3computer-science, bug-bounty, cybersecurity, hackthebox, hacking15-Jun-2024
Desvendando uma Vulnerabilidade no Single Sign-On do Facebook: Minha Jornada e Recompensa de $3.000https://medium.com/@patrick-mns/desvendando-uma-vulnerabilidade-no-single-sign-on-do-facebook-minha-jornada-e-recompensa-de-3-000-9c1bcd2a9f4d?source=rss------bug_bounty-5Patrick Manoelhackerone, meta, facebook, hacker, bug-bounty15-Jun-2024
Complex Attack Types: Sample Scenarios 16https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-16-2424fcc0af62?source=rss------bug_bounty-5Baris Dincerbug-bounty, information-technology, freedomofinternet, cybersecurity, penetration-testing15-Jun-2024
How I hacked a marriage database: tale of IDORhttps://medium.com/@alimuhammadsecured/how-i-hacked-a-marriage-database-tale-of-idor-b4f951d23aa6?source=rss------bug_bounty-5Alimuhammadsecuredweb-app-security, bug-bounty, penetration-testing, cybersecurity14-Jun-2024
Postmortem a HTTP Requesthttps://medium.com/@RaunakGupta1922/postmortem-a-http-request-9599bb9d994b?source=rss------bug_bounty-5Raunak Gupta Aka Biscuithacking, burpsuite, http-request, web, bug-bounty14-Jun-2024
Bug Bounty Hunting — Complete Guide (Part — 3)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-3-141b7bfa6ed6?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-program14-Jun-2024
Complex Attack Types: Sample Scenarios 15https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-15-44899075e8fd?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, penetration-testing, information-technology, bug-bounty, cybersecurity14-Jun-2024
How I Discovered a Critical Vulnerability in a Message Tracking Systemhttps://adarshkrduaby.medium.com/how-i-discovered-a-critical-vulnerability-in-a-message-tracking-system-590b3518dcb8?source=rss------bug_bounty-5Adarsh Kumarhacking, bug-report, programming, bug-hunting, bug-bounty14-Jun-2024
29.4 Lab: DOM XSS via an alternative prototype pollution vectorhttps://cyberw1ng.medium.com/29-4-lab-dom-xss-via-an-alternative-prototype-pollution-vector-6ad80e62c8c8?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, cybersecurity, penetration-testing14-Jun-2024
Discovering Critical Security Vulnerabilities: My Journey into Microsoft’s Release Plans Subdomainhttps://ibrahimxss.medium.com/discovering-critical-security-vulnerabilities-my-journey-into-microsofts-release-plans-subdomain-c47621b2da2d?source=rss------bug_bounty-5#IbrahimXSShtml-injection, microsoft, xss-attack, bug-bounty, stored-xss14-Jun-2024
How i discovered my first CVEhttps://1-day.medium.com/how-i-discovered-my-first-cve-3692fab374ab?source=rss------bug_bounty-51daybug-bounty, bug-bounty-tips, cve, bug-hunting, ethical-hacking14-Jun-2024
Bug bounty: managing disappointment, avoiding burnout and consistent growthhttps://medium.com/@un1tycyb3r/bug-bounty-managing-disappointment-avoiding-burnout-and-consistent-growth-df1e6195ca4e?source=rss------bug_bounty-5Un1tycyb3rbug-bounty14-Jun-2024
Discovering a Reflected XSS Vulnerability: My Journey into Microsoft’s Xbox.comhttps://ibrahimxss.medium.com/discovering-a-reflected-xss-vulnerability-my-journey-into-microsofts-xbox-com-d607751be100?source=rss------bug_bounty-5#IbrahimXSSbug-bounty, xss-attack, microsoft, xss-vulnerability, xbox14-Jun-2024
Discovering 10 XSS Vulnerabilities: My Journey into Microsoft’s Support Platformshttps://ibrahimxss.medium.com/discovering-10-xss-vulnerabilities-my-journey-into-microsofts-support-platforms-b19c4e520c90?source=rss------bug_bounty-5#IbrahimXSSxss-attack, xss-filter-bypass, microsoft, bug-bounty, xss-vulnerability14-Jun-2024
Discovering Critical Security Vulnerabilities: My Journey into Microsoft’s Tech Community Portalhttps://ibrahimxss.medium.com/discovering-critical-security-vulnerabilities-my-journey-into-microsofts-tech-community-portal-068505cd4316?source=rss------bug_bounty-5#IbrahimXSSxss-attack, microsoft, bug-bounty, xss-bypass, xss-vulnerability14-Jun-2024
Discovering Critical Security Vulnerabilities: My Journey into Microsoft’s Power Apps Portalhttps://ibrahimxss.medium.com/discovering-critical-security-vulnerabilities-my-journey-into-microsofts-power-apps-portal-86e28311448e?source=rss------bug_bounty-5#IbrahimXSSxss-attack, xss-vulnerability, bug-bounty, microsoft, xss-filter-bypass14-Jun-2024
Discovering a Reflected XSS Filter Bypass: My Journey into Microsoft’s Support UAT Subdomainhttps://ibrahimxss.medium.com/discovering-a-reflected-xss-filter-bypass-my-journey-into-microsofts-support-uat-subdomain-f9be22d8d795?source=rss------bug_bounty-5#IbrahimXSSmicrosoft, xss-vulnerability, filter-bypass, xss-bypass, bug-bounty14-Jun-2024
Discovering a CRLF Injection Vulnerability: My Journey into the MSRC Blog Websitehttps://ibrahimxss.medium.com/discovering-a-crlf-injection-vulnerability-my-journey-into-the-msrc-blog-website-5285169adddb?source=rss------bug_bounty-5#IbrahimXSSbug-bounty, microsoft, xss-attack, crlf-injection14-Jun-2024
Discovering a Critical Security Vulnerability: My Journey into Microsoft’s Lists Subdomainhttps://ibrahimxss.medium.com/discovering-a-critical-security-vulnerability-my-journey-into-microsofts-lists-subdomain-f3e95ce68929?source=rss------bug_bounty-5#IbrahimXSSbug-bounty, xss-bypass, microsoft, xss-attack, xss-vulnerability14-Jun-2024
List of Easy P4 $$$$https://medium.com/@anonymoustriager/list-of-easy-p4-85ffb9d493ed?source=rss------bug_bounty-5Anonymous Triagerhacking, bugbounty-tips, easy-money, bugbounty-writeup, bug-bounty13-Jun-2024
ICMTC CTF 2023 — International Competition of the Military Technical Collegehttps://0xm4r5h4l.medium.com/icmtc-ctf-2023-international-competition-of-the-military-technical-college-65788f3c01a0?source=rss------bug_bounty-50xM4r5h4lctf-writeup, bug-bounty, ctf, ctf-walkthrough, cybersecurity13-Jun-2024
The Best Games for Practicing Game Hackinghttps://medium.com/@MrRipperoni/the-best-games-for-practicing-game-hacking-baba13493db8?source=rss------bug_bounty-5Mr.Ripperonibug-bounty, reverse-engineering, hacking, gamehacking, coding13-Jun-2024
Path Traversal and RCE in Online Compilershttps://medium.com/@amal_n47h/path-traversal-and-rce-in-online-compilers-454a446effca?source=rss------bug_bounty-5Amal Nathrce, online-compiler, bug-bounty, path-traversal, vulnerability13-Jun-2024
Hacking Using Shodanhttps://medium.com/@umarhere4u/hacking-using-shodan-3c4d46df81df?source=rss------bug_bounty-5Mohammad Umar Kachishodan, cybersecurity, bug-bounty, tips, search-engine-optimizati13-Jun-2024
Understanding and Mitigating Cross-Site Request Forgery (CSRF)https://medium.com/technology-hits/understanding-and-mitigating-cross-site-request-forgery-csrf-399d26627e60?source=rss------bug_bounty-5Yeu Lind Yeoweb-security, csrf, cybersecurity-awareness, bug-bounty, hacker13-Jun-2024
Stealing credentials using XSS (xss on login page) Your password my password .https://medium.com/@brutal_panda/stealing-credentials-using-xss-xss-on-login-page-your-password-my-password-059354240801?source=rss------bug_bounty-5Eliezer Binyambug-bounty13-Jun-2024
Interview with Georgi Krastenov: Diving Deep into Web3 Securityhttps://web3-bug-bounty-platform.medium.com/interview-with-georgi-krastenov-diving-deep-into-web3-security-f6fae1f290f1?source=rss------bug_bounty-5Bug Bounty Platformsecurity-audit, web3, bug-bounty, cybersecurity13-Jun-2024
Finding the newest and top-rated cybersecurity tools and content.https://medium.com/@turvsec/finding-the-newest-and-top-rated-cybersecurity-tools-and-content-a06c9cb54e41?source=rss------bug_bounty-5TurvSecpentesting, bug-bounty, cybersecurity, infosec13-Jun-2024
Direct SSRF Leads to Exposing GitHub Codespaces Sensitive Metadata Instance on Azure Cloudhttps://ph-hitachi.medium.com/direct-ssrf-leads-to-exposing-github-codespaces-sensitive-metadata-instance-on-azure-cloud-eb8ac4f076b1?source=rss------bug_bounty-5Ph.Hitachissrf, bug-bounty, tips-and-tricks, metadata13-Jun-2024
Hata Ödül Programları: Dış Kaynak Kullanımı Projenize Nasıl Yardımcı Olabilir?https://medium.com/@integriteetr/hata-%C3%B6d%C3%BCl-programlar%C4%B1-d%C4%B1%C5%9F-kaynak-kullan%C4%B1m%C4%B1-projenize-nas%C4%B1l-yard%C4%B1mc%C4%B1-olabilir-9e55995ec74a?source=rss------bug_bounty-5Integriteetrbug-bounty, immunefi, blockchain13-Jun-2024
29.3 Lab: Client-side prototype pollution via flawed sanitizationhttps://cyberw1ng.medium.com/29-3-lab-client-side-prototype-pollution-via-flawed-sanitization-ce78a48758fa?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, careers, bug-bounty, hacking13-Jun-2024
Breaking Business Logic — Part: 42–4= 2https://thehemdeep.medium.com/breaking-business-logic-part-42-4-2-d8509ef70436?source=rss------bug_bounty-5Hemdeep Gamitweb-penetration-testing, web-security-testing, web-security, bug-bounty13-Jun-2024
You Won’t Believe What We Found Using Shodan!https://medium.com/@paritoshblogs/you-wont-believe-what-we-found-using-shodan-e796e13417a3?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, information-security, hacking, shodan12-Jun-2024
Using Shodan to Find and Exploit FTP Servers with Anonymous Access: A Step-by-Step Guidehttps://systemweakness.com/using-shodan-to-find-and-exploit-ftp-servers-with-anonymous-access-a-step-by-step-guide-86a5b6e72f75?source=rss------bug_bounty-5Khaleel Khanethical-hacking, pentesting, hacking, bug-bounty, ctf-writeup12-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-2)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-2-ef65d69de157?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-tips12-Jun-2024
Hacking the Imaginary: A Journey to Discovering a Blind SSRFhttps://medium.com/@kandar.souvik6/hacking-the-imaginary-a-journey-to-discovering-a-blind-ssrf-657aac60d8d0?source=rss------bug_bounty-5hacker_mightpenetration-testing, server-side-request, ssrf, bug-bounty, imaginaries12-Jun-2024
Securing 10,000+ Restaurants’ Customer PII Datahttps://infosecwriteups.com/securing-10-000-restaurants-customer-pii-data-60013c9b44dc?source=rss------bug_bounty-5Renganathanit-solutions, information-technology, bug-bounty, cybersecurity, bug-bounty-tips12-Jun-2024
29.2 Lab: DOM XSS via client-side prototype pollutionhttps://cyberw1ng.medium.com/29-2-lab-dom-xss-via-client-side-prototype-pollution-ebee89f58933?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, hacking, bug-bounty, penetration-testing12-Jun-2024
ExtPenPy: Accelerate Your Reconnaissance Phase with Easehttps://medium.com/@maliktawfiq12/extpenpy-accelerate-your-reconnaissance-phase-with-ease-e79a164d4f68?source=rss------bug_bounty-5Maliktawfiqcybersecurity, penetration-testing, bug-bounty-tips, bug-bounty, external-pentest12-Jun-2024
Securing 10,000+ Restaurants’ Customer PII Datahttps://renganathanofficial.medium.com/securing-10-000-restaurants-customer-pii-data-60013c9b44dc?source=rss------bug_bounty-5Renganathanit-solutions, information-technology, bug-bounty, cybersecurity, bug-bounty-tips12-Jun-2024
How I get an easy Blind SSRF by just reading writeupshttps://medium.com/@mohamed0xmuslim/how-i-get-an-easy-blind-ssrf-by-just-reading-writeups-a5459bbdf96d?source=rss------bug_bounty-5Muhammad_Mostafabug-bounty, bugbounty-writeup, bug-bounty-tips12-Jun-2024
HackerOne’s Double Standards: A Security Researcher’s Nightmarehttps://medium.com/@redworld/hackerones-double-standards-a-security-researcher-s-nightmare-642be91ca64b?source=rss------bug_bounty-5Redcybersecurity, bug-bounty, hackerone, scam-alert, scam11-Jun-2024
Account Takeover (ATO) Checklisthttps://medium.com/@anonymoustriager/account-takeover-ato-checklist-f67d2543b01f?source=rss------bug_bounty-5Anonymous Triagerbug-bounty-program, bug-bounty-writeup, bugbounty-tips, bugbounty-poc, bug-bounty11-Jun-2024
BBB #2 — Introducing Daneelhttps://medium.com/@JakobTheDev/bbb-2-introducing-daneel-69a391294654?source=rss------bug_bounty-5Jakob Penningtonsoftware-development, bug-bounty11-Jun-2024
How I found OpenHAB Automation Panels Accessible Without Authenticationhttps://medium.com/@jeetpal2007/how-i-found-openhab-automation-panels-accessible-without-authentication-d9edbb3280fd?source=rss------bug_bounty-5JEETPALbug-bounty-writeup, bug-bounty, authentication-bypass, bugbounty-tips, openhab-panel11-Jun-2024
How to exploit CVE-2024–24919 path traversalhttps://medium.com/@jeetpal2007/how-to-exploit-cve-2024-24919-path-traversal-5493c50d2581?source=rss------bug_bounty-5JEETPALbug-bounty, bug-bounty-writeup, bug-bounty-tips, path-traversal, cve-2024-2491911-Jun-2024
Forensic Investigation Operations — Basic Linux File System Analysishttps://medium.com/@brsdncr/forensic-investigation-operations-basic-linux-file-system-analysis-52025d7b2ec2?source=rss------bug_bounty-5Baris Dincerforensics, penetration-testing, bug-bounty, freedomofinternet, cybersecurity11-Jun-2024
1250 $ For 3 Stored XSS AND PII Disclosure , Let’s See How FIS Scammed Me AND Bugcrowd Covered It…https://medium.com/@0xAwali/1250-for-3-stored-xss-and-pii-disclosure-lets-see-how-fis-scammed-me-and-bugcrowd-covered-it-8561d9ce57b5?source=rss------bug_bounty-5Mahmoud M. Awalibug-bounty11-Jun-2024
Explaining the OWASP ZAP Proxy & Burp Suite tool in one video in just one hourhttps://gentilsecurity.medium.com/explaining-the-owasp-zap-proxy-burp-suite-tool-in-one-video-in-just-one-hour-537bd7801134?source=rss------bug_bounty-5GenTiLowaspzap, automation-testing, burpsuite, penetration-testing, bug-bounty11-Jun-2024
شرح اداة OWASP ZAP Proxy & Burp Suite في فيديو واحد في ساعة واحدة فقطhttps://gentilsecurity.medium.com/%D8%B4%D8%B1%D8%AD-%D8%A7%D8%AF%D8%A7%D8%A9-owasp-zap-proxy-burp-suite-%D9%81%D9%8A-%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%88%D8%A7%D8%AD%D8%AF-%D9%81%D9%8A-%D8%B3%D8%A7%D8%B9%D8%A9-%D9%88%D8%A7%D8%AD%D8%AF%D8%A9-%D9%81%D9%82%D8%B7-4e4c5e1142bf?source=rss------bug_bounty-5GenTiLowaspzap, automation-testing, bug-bounty, penetration-testing, burpsuite11-Jun-2024
29.1 Lab: Client-side prototype pollution via browser APIshttps://cyberw1ng.medium.com/29-1-lab-client-side-prototype-pollution-via-browser-apis-642e91b8159d?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, penetration-testing, cybersecurity11-Jun-2024
Uncovering Hidden Web Content with ffufhttps://medium.com/@umang.gulati19/uncovering-hidden-web-content-with-ffuf-55d29b21e627?source=rss------bug_bounty-5Math and Codecybersecurity, bug-bounty, webfuzzing, web-security, infosec11-Jun-2024
OWASP Mobile Top 10 for Android Penetration Testing and Checklisthttps://medium.com/@phyowathone/owasp-mobile-top-10-52987725a12c?source=rss------bug_bounty-5Phyo WaThone Winbug-bounty, bug-bounty-tips, androidhacking, android-security, android-pentesting-series11-Jun-2024
Understand the world of Bug Bountyhttps://medium.com/@hydd3n.sec/understand-the-world-of-bug-bounty-595c99b6782d?source=rss------bug_bounty-5Hydd3nmindset, bug-bounty, infosec, goals10-Jun-2024
Automation Tool for Easy P4https://medium.com/@anonymoustriager/automation-tool-for-easy-p4-c159bcae0cf2?source=rss------bug_bounty-5Anonymous Triagerbugbounty-tips, bug-bounty-program, hacking, bug-bounty, bugbounty-writeup10-Jun-2024
28.5 Lab: Server-side template injection with information disclosure via user-supplied objectshttps://cyberw1ng.medium.com/28-5-lab-server-side-template-injection-with-information-disclosure-via-user-supplied-objects-bbb18def43e1?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, careers, penetration-testing10-Jun-2024
Communication and Network Securityhttps://medium.com/@paritoshblogs/communication-and-network-security-bb6c5558aa51?source=rss------bug_bounty-5Paritoshcybersecurity, communication, bug-bounty, network-security, hacking10-Jun-2024
Top 10 Cybersecurity Vulnerabilities and it’s Mitigation Methodshttps://securrtech.medium.com/top-10-cybersecurity-vulnerabilities-and-its-mitigation-methods-0a5d75aceb34?source=rss------bug_bounty-5Securrbug-bounty, cybersecurity, xss-attack, hacking, vulnerability10-Jun-2024
Become a White Hat: Your Guide to Learning Ethical Hackinghttps://medium.com/@itsamanyadav/become-a-white-hat-your-guide-to-learning-ethical-hacking-022842c49eec?source=rss------bug_bounty-5Its Aman Yadavhacker, cybersecurity, hacking, learn-ethical-hacking, bug-bounty10-Jun-2024
Why Bad Reviews Can Kill Your Softwarehttps://medium.com/@joseph_52850/why-bad-reviews-can-kill-your-software-928f4af30a53?source=rss------bug_bounty-5Joseph Lacsamanasoftware-testing, software-development, bug-bounty, software-company, software-engineering10-Jun-2024
I reported Zero-Day (CVE-2024–24919) … and got informative.https://systemweakness.com/i-reported-zero-day-cve-2024-24919-and-got-informative-25409fac9765?source=rss------bug_bounty-5Sumedh Dawadicve-2024-24919, recon, hacking, zero-day-vulnerability, bug-bounty10-Jun-2024
POC — CVE-2024–4956 -Unauthenticated Path Traversalhttps://medium.com/@verylazytech/poc-cve-2024-4956-unauthenticated-path-traversal-f24b1a595e0e?source=rss------bug_bounty-5Very Lazy Techhacking, bug-bounty, cve-2023-4966, vulnerability, cybersecurity10-Jun-2024
Bug Bounty Programs: How Outsourcing Can Help Your Projecthttps://medium.com/integritee/bug-bounty-programs-how-outsourcing-can-help-your-project-644539de575a?source=rss------bug_bounty-5Integritee Networkblockchain, bug-bounty, immunefi10-Jun-2024
How I Found My First Bug Through Simple Fuzzinghttps://medium.com/@hashimamin/how-i-found-my-first-bug-through-simple-fuzzing-c7d694a59a6b?source=rss------bug_bounty-5Hashim Aminbugbounty-writeup, bug-bounty-tips, bugcrowd, bug-bounty, infosec10-Jun-2024
Bug Bounty Hunting — Complete Guide (Part -1)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-1-21a87e35fdfa?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, bug-bounty, hacking09-Jun-2024
How to Identify Vulnerable Hikvision Devices (IoT) to CVE-2017–7921https://blog.bugzero.io/how-to-identify-vulnerable-hikvision-devices-iot-to-cve-2017-7921-88b294645687?source=rss------bug_bounty-5Kawya De Silvahikvison-cameras, security-alert, cybersecurity, bug-zero, bug-bounty09-Jun-2024
How to Become a Hacker in 2024: A Comprehensive Guidehttps://medium.com/@itsamanyadav/how-to-become-a-hacker-in-2024-a-comprehensive-guide-9bae6cfa6b15?source=rss------bug_bounty-5Its Aman Yadavbug-bounty, become-a-hacker, hacker-in-2024, how-to-be-a-hacker, hacking-courses09-Jun-2024
Discovering a vulnerability in HackerOnehttps://medium.com/@loaymorad11/discovering-a-vulnerability-in-hackerone-00bbfc438d90?source=rss------bug_bounty-5Loaymoradpenetration-testing, hackerone, bug-bounty, cybersecurity09-Jun-2024
Advanced Exploitation Techniques for Bug Bounty: Beyond the Basicshttps://medium.com/@verylazytech/advanced-exploitation-techniques-for-bug-bounty-beyond-the-basics-2ee9cbc12773?source=rss------bug_bounty-5Very Lazy Techcyber, hacking, cybersecurity, bug-bounty, exploit09-Jun-2024
28.4 Lab: Server-side template injection in an unknown language with a documented exploithttps://cyberw1ng.medium.com/28-4-lab-server-side-template-injection-in-an-unknown-language-with-a-documented-exploit-df988ccf6277?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, penetration-testing, cybersecurity, bug-bounty09-Jun-2024
Complex Attack Types: Sample Scenarios 13https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-13-8a5008c396db?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, bug-bounty, cybersecurity, threat-intelligence, penetration-testing09-Jun-2024
STRIPE API-Key Disclosure to Bountyhttps://starlox.medium.com/stripe-api-key-disclosure-to-bounty-239d069f2455?source=rss------bug_bounty-5#$ubh@nk@rbug-bounty, hacking, infosec, bug-hunting, information-disclosure09-Jun-2024
HOW I HACKED NASA?https://infosecwriteups.com/how-i-hacked-nasa-0715b6b5d7b8?source=rss------bug_bounty-5Krishnadev P Melevilabug-bounty, hallof-fame, vdp, cybersecurity, nasa09-Jun-2024
Day 13 of Our #CyberQuest1095 Challenge — Rust, Hack The Box, and Active Directory Adventures!https://d3athcod3.medium.com/day-13-of-our-cyberquest1095-challenge-rust-hack-the-box-and-active-directory-adventures-442cd2c48f41?source=rss------bug_bounty-5D3athCod3bug-bounty, challenge, hacking, cybersecurity, cyberquest109509-Jun-2024
Walk-Through of Bepractical.tech lab #4https://medium.com/@ross.jubert/walk-through-of-bepractical-tech-lab-4-bd4a96dc56bd?source=rss------bug_bounty-5Ross Jubertbug-bounty, red-team, account-takeover, ethical-hacking, account-takeover-attacks09-Jun-2024
The Ultimate Guide to Chaining Bugs: How I Found a Reverse Shell in a Bug Bounty Programhttps://b0mk35h.medium.com/the-ultimate-guide-to-chaining-bugs-how-i-found-a-reverse-shell-in-a-bug-bounty-program-9dca54c20674?source=rss------bug_bounty-5Pronay Biswasethical-hacking, hunting, bug-bounty, cyberse, xss-attack09-Jun-2024
How to preform recon in Bug Bounty?https://systemweakness.com/how-to-preform-recon-in-bug-bounty-8d37a1fd262f?source=rss------bug_bounty-5Imad Husanovicprogramming, cybersecurity, hacking, bug-bounty-tips, bug-bounty09-Jun-2024
ʟᴀɴᴢᴀᴍɪᴇɴᴛᴏ ɪɴᴄᴇɴᴛɪᴠᴀᴅᴏ ᴅᴇ ᴛᴇsᴛɴᴇᴛhttps://medium.com/@Tallomania/%CA%9F%E1%B4%80%C9%B4%E1%B4%A2%E1%B4%80%E1%B4%8D%C9%AA%E1%B4%87%C9%B4%E1%B4%9B%E1%B4%8F-%C9%AA%C9%B4%E1%B4%84%E1%B4%87%C9%B4%E1%B4%9B%C9%AA%E1%B4%A0%E1%B4%80%E1%B4%85%E1%B4%8F-%E1%B4%85%E1%B4%87-%E1%B4%9B%E1%B4%87s%E1%B4%9B%C9%B4%E1%B4%87%E1%B4%9B-df0c7d1e77cd?source=rss------bug_bounty-5Ay Zedrewards, testnet, bug-bounty, ai09-Jun-2024
[Bounty Weekend] Disable Any Customer Ability To Create Service Account With Business Logic…https://medium.com/@rifqihz/bounty-weekend-disable-any-customer-ability-to-create-service-account-with-business-logic-b83baa893b4d?source=rss------bug_bounty-5Rifqi Hilmy Zhafrantbug-bounty-tips, penetration-testing, hackerone, bug-bounty08-Jun-2024
[Bounty Weekend] CTF Level XSS in a Real-World Applicationhttps://medium.com/@rifqihz/bounty-weekend-ctf-level-xss-in-a-real-world-application-7a9278bc7018?source=rss------bug_bounty-5Rifqi Hilmy Zhafranthackerone, penetration-testing, bug-bounty-tips, bug-bounty08-Jun-2024
How to Find Bugs and Get Bucks: 2024 Editionhttps://medium.com/@itsamanyadav/how-to-find-bugs-and-get-bucks-2024-edition-776c5b098b3e?source=rss------bug_bounty-5Its Aman Yadavbug-bounty, how-to-find-bug, 2024, how-to-be-a-hacker, hacking08-Jun-2024
Capturing Android App Traffic via Wireshark - Android Pentestinghttps://medium.com/@phyowathone/capturing-android-app-traffic-via-wireshark-android-pentesting-d0ee1539089f?source=rss------bug_bounty-5Phyo WaThone Wincybersecurity, android-pentesting, bug-bounty-hunting, pentesting, bug-bounty08-Jun-2024
28.3 Lab: Server-side template injection using documentationhttps://cyberw1ng.medium.com/28-3-lab-server-side-template-injection-using-documentation-3e8f761b0ca8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, penetration-testing08-Jun-2024
Day 12 of Our #CyberQuest1095 Day Challengehttps://d3athcod3.medium.com/day-12-of-our-cyberquest1095-day-challenge-977225c7ce97?source=rss------bug_bounty-5D3athCod3cyberquest1095, security, cybersecurity, hacking, bug-bounty08-Jun-2024
Abusing auto mail responders to access internal workplaceshttps://rikeshbaniya.medium.com/abusing-auto-mail-responders-to-access-internal-workplaces-04fcc8ba2c99?source=rss------bug_bounty-5Rikesh Baniyabounties, pentest, hackerone, bounty-reward, bug-bounty08-Jun-2024
POV HTB Writeuphttps://medium.com/@damaidec/pov-htb-writeup-becf386c6dc0?source=rss------bug_bounty-5Damaidechacking, ethical-hacking, bug-bounty, hackthebox, ctf-writeup08-Jun-2024
Super Blind SQL Injection- $20000 bounty | Thousands of targets still vulnerablehttps://medium.com/@pranshux0x/super-blind-sql-injection-20000-bounty-thousands-of-targets-still-vulnerable-f9b013765448?source=rss------bug_bounty-5priyanshu shakyabug-bounty08-Jun-2024
Create Your Own Public-Private Key Pair in Just 5 Minutes! (Cybersecurity)https://medium.com/@paritoshblogs/create-your-own-public-private-key-pair-in-just-5-minutes-cybersecurity-535038665ad9?source=rss------bug_bounty-5Paritoshhacking, keys, cryptography, cybersecurity, bug-bounty08-Jun-2024
Vulnerable WordPress May 2024 (Leylan)https://medium.com/@onhexgroup/vulnerable-wordpress-may-2024-leylan-bd429d56d300?source=rss------bug_bounty-5Onhexgroupwordpress-security, infosec, wordpress, bug-bounty, web-security08-Jun-2024
Cracking the Code: How Cryptography Safeguards Your Digital Worldhttps://medium.com/@paritoshblogs/cracking-the-code-how-cryptography-safeguards-your-digital-world-c1c1887c84ae?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, cryptography, hacking, cybersecurity07-Jun-2024
I got my First Bounty $$$ after three years of hard workhttps://medium.com/@mr_ayyan/i-got-my-first-bounty-after-three-years-of-hard-work-856c43bbb6c1?source=rss------bug_bounty-5Mrayyanirfanbounty-program, rewards-programs, vulnerability, bug-bounty, first-bounty07-Jun-2024
JS for Bug Bounties 2.0 Extreme Edition 2024https://kongsec.medium.com/js-for-bug-bounties-2-0-extreme-edition-2024-f167fa48276a?source=rss------bug_bounty-5Kongsecrecon, bugcrowd, hackerone, javascript, bug-bounty07-Jun-2024
28.2 Lab: Basic server-side template injection (code context)https://cyberw1ng.medium.com/28-2-lab-basic-server-side-template-injection-code-context-2a927ed117e6?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, penetration-testing, hacking07-Jun-2024
Simulating a Ransomware Attack with Caldera.https://medium.com/@josh.beck2006/simulating-a-ransomware-attack-with-caldera-3d77d0cb95d2?source=rss------bug_bounty-5Josh Beckcybersecurity, penetration-testing, ctf, bug-bounty07-Jun-2024
Hacking Porn and Dating sites — a Theme Based Bugbounty Huntinghttps://medium.com/@nithissh/hacking-porn-and-dating-sites-a-theme-based-bugbounty-hunting-d024b8137bc7?source=rss------bug_bounty-5Nithisshbugbounty-writeup, research, bug-bounty07-Jun-2024
Complex Attack Types: Sample Scenarios 12https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-12-0d93a70ee8f4?source=rss------bug_bounty-5Baris Dincercybersecurity, freedomofinternet, bug-bounty, penetration-testing, threat-intelligence07-Jun-2024
Another Easy P4 you miss!!!https://medium.com/@anonymoustriager/another-easy-p4-you-miss-dcadf65adbcb?source=rss------bug_bounty-5Anonymous Triagerbugbounty-poc, bugs, bug-bounty, bug-bounty-tips, bug-bounty-hunter06-Jun-2024
Unlock Any PC Remotely with Just an Image: The Ultimate VNC Hack!https://medium.com/@paritoshblogs/unlock-any-pc-remotely-with-just-an-image-the-ultimate-vnc-hack-a92b22637094?source=rss------bug_bounty-5Paritoshcybersecurity, remote-working, hacking, vnc, bug-bounty06-Jun-2024
The only recon methodology you need.https://an0nbil.medium.com/the-only-recon-methodology-you-need-cf6c3aff1af1?source=rss------bug_bounty-5an0nbilethical-hacking, bug-bounty, bug-bounty-tips, reconnaissance, programming06-Jun-2024
Decimal x Securrhttps://decimalchain.medium.com/decimal-x-securr-96114c277d70?source=rss------bug_bounty-5DecimalChainbug-bounty, decimal, securr06-Jun-2024
Scope Sentry is a tool with functions such as asset mapping…https://medium.com/@Autumn52/scope-sentry-is-a-tool-with-functions-such-as-asset-mapping-fe0af70ace0a?source=rss------bug_bounty-5Autumnhacker, hackathons, bug-bounty, tools, bug-bounty-tips06-Jun-2024
Securing the Future: Understanding Vulnerabilities in Large Language Modelshttps://medium.com/@tusharsaini484/securing-the-future-understanding-vulnerabilities-in-large-language-models-13bbfeac95cf?source=rss------bug_bounty-5Tushar Sainiblog, artificial-intelligence, bug-bounty, large-language-models, cybersecurity06-Jun-2024
Bug bounty — Cybersecurity subcontractor exposes business data to other customershttps://theclemvp.medium.com/bug-bounty-cybersecurity-subcontractor-exposes-business-data-to-other-customers-d8e1a011ff4b?source=rss------bug_bounty-5Clémentcybersecurity, bug-bounty06-Jun-2024
28.1 Lab: Basic Server-side template injectionhttps://cyberw1ng.medium.com/28-1-lab-basic-server-side-template-injection-0744f96c74b8?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, careers, penetration-testing06-Jun-2024
Understanding Cybersecurity : Keeping Our Digital World Safehttps://adnancodestech.medium.com/understanding-cybersecurity-keeping-our-digital-world-safe-1abdd2876a7c?source=rss------bug_bounty-5Cryptifycybersecurity, penetration-testing, bug-bounty-tips, bug-bounty, pentesting06-Jun-2024
Getting started with Bug Bountyhttps://securrtech.medium.com/getting-started-with-bug-bounty-8fd72650184f?source=rss------bug_bounty-5Securrweb3, cybersecurity, ai, bug-bounty, learn06-Jun-2024
Discovering a Critical Vulnerability in application : The Journey of an Accidental Adminhttps://adarshkrduaby.medium.com/discovering-a-critical-vulnerability-in-application-the-journey-of-an-accidental-admin-1aebe9d31e09?source=rss------bug_bounty-5Adarsh Kumarbug-zero, cyber-security-research, critical-vulnerabilities, securityflaw, bug-bounty06-Jun-2024
Stored XSS to Account Takeover (AWS Cognito)https://medium.com/@majix_de/stored-xss-to-account-takeover-aws-cognito-c5f76f04befe?source=rss------bug_bounty-5Majixcybersecurity, account-takeover, pentest, bug-bounty, cognito06-Jun-2024
Easy Latest Critical Severity?https://medium.com/@anonymoustriager/easy-latest-critical-severity-fc9413d57d80?source=rss------bug_bounty-5Anonymous Triagerhacking, bug-bounty, bug-bounty-tips, bugbounty-writeup, bug-bounty-program05-Jun-2024
Active Directory Red Teaming: A Comprehensive Guidehttps://medium.com/@paritoshblogs/active-directory-red-teaming-a-comprehensive-guide-06b1f008d0d4?source=rss------bug_bounty-5Paritoshbug-bounty, cybersecurity, hacking, information-technology, active-directory05-Jun-2024
EMPIRE CTF: LUPINONE VulnHub Walkthrough | Writeuphttps://shamsulmehmood.medium.com/empire-ctf-lupinone-vulnhub-walkthrough-writeup-bea8558ea03b?source=rss------bug_bounty-5SHAMS UL MEHMOODbug-bounty, pentesting, cybersecurity, machine-learning, hacking05-Jun-2024
Master Bug Bounty Hunting: Your Comprehensive Bug Bounty Course in Hindihttps://medium.com/@marketing_94387/master-bug-bounty-hunting-your-comprehensive-bug-bounty-course-in-hindi-ab990527f9b0?source=rss------bug_bounty-5Skilcamponline-learning-platform, bug-bounty-tips, skilcamp, bug-bounty05-Jun-2024
27.5 Lab: DOM-based cookie manipulationhttps://cyberw1ng.medium.com/27-5-lab-dom-based-cookie-manipulation-b939af57ef06?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, careers, hacking05-Jun-2024
SmartAuditor.AI and new ChatGPT bot for auditshttps://medium.com/@bugbountydegen/smartauditor-ai-and-new-chatgpt-bot-for-audits-a8361ec7f52d?source=rss------bug_bounty-5Bug Bounty Degenopenai, smart-contracts, bug-bounty, cybersecurity, chatgpt05-Jun-2024
CVE-2024–4358 Critical Flaw Found in Progress Telerik Report Serverhttps://medium.com/@arafatx90n/cve-2024-4358-critical-flaw-found-in-progress-telerik-report-server-0f379f844819?source=rss------bug_bounty-5ARAFATethical-hacking, bug-bounty, cybersecurity05-Jun-2024
Insecure Firebase Unauthorized Write Access on Crypto Exchange Bug Bountyhttps://scr1pty.medium.com/insecure-firebase-unauthorized-write-access-on-crypto-exchange-bug-bounty-9e9187b627b1?source=rss------bug_bounty-5Scr1ptypenetration-testing, bug-bounty-tips, crypto, bug-bounty, security05-Jun-2024
Another Easy P4?https://medium.com/@anonymoustriager/another-easy-p4-ceaa67ef7e52?source=rss------bug_bounty-5Anonymous Triagerbugbounty-writeup, bug-bounty-tips, bug-bounty-program, cybersecurity, bug-bounty05-Jun-2024
CVE-2024–4956: UNAUTHENTICATED PATH TRAVERSAL IN NEXUS REPOSITORY MANAGER 3https://codewithvamp.medium.com/cve-2024-4956-unauthenticated-path-traversal-in-nexus-repository-manager-3-b4e811ad7e37?source=rss------bug_bounty-5Vaibhav Kumar Srivastavabug-bounty, cve, coding, hacking, cybersecurity05-Jun-2024
Easiest P4?https://medium.com/@anonymoustriager/easiest-p4-feb9e9302562?source=rss------bug_bounty-5Anonymous Triagerbug-bounty-tips, hacking, swag, bounty-program, bug-bounty04-Jun-2024
My report on using lubuntu 24.04https://ariedwikusuma9.medium.com/my-report-on-using-lubuntu-24-04-3040bbdb9bab?source=rss------bug_bounty-5Ariekusumabug-bounty, ubuntu, wireguard, lubuntu, linux04-Jun-2024
The Chronicle Protocol Bug Bounty is Livehttps://medium.com/@ChronicleProtocol/the-chronicle-protocol-bug-bounty-is-live-05b5332e6c76?source=rss------bug_bounty-5Chronicle Protocoloracle, bug-bounty, blockchain, cantina, chronicle-protocol04-Jun-2024
Hacking Android Apps: A Comprehensive Guidehttps://medium.com/@roguepayload/hacking-android-apps-a-comprehensive-guide-9905c075021f?source=rss------bug_bounty-5Rogue Payloadhacking, bug-bounty-tips, pentesting, android, bug-bounty04-Jun-2024
27.4 Lab: DOM-based open redirectionhttps://cyberw1ng.medium.com/27-4-lab-dom-based-open-redirection-e00e760c9046?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, hacking, penetration-testing, bug-bounty04-Jun-2024
How We Got $$$$$ For a Blind Stored XSS To ATOhttps://medium.com/@shari7a0x/how-we-got-for-a-blind-stored-xss-to-ato-2e9b939055ec?source=rss------bug_bounty-5Shari7a0xbugs, hackerone, bug-bounty-tips, bug-bounty, xss-attack04-Jun-2024
Exposing Login Page Vulnerabilities with Time-Based SQL Injectionhttps://medium.com/@sachinkewat809/exposing-login-page-vulnerabilities-with-time-based-sql-injection-694a04911e93?source=rss------bug_bounty-5Sachin kewatbug-bounty-tips, cybersecurity, penetration-testing, bug-bounty, security03-Jun-2024
How I Got My First €€€€ Bountyhttps://machiavellli.medium.com/how-i-got-my-first-bounty-65ad8a1763de?source=rss------bug_bounty-5Machiavellicybersecurity, bug-bounty, information-security03-Jun-2024
Earning Your First $1000 as a Cybersecurity Researcher, Hacker, or Hunterhttps://securrtech.medium.com/earning-your-first-1000-as-a-cybersecurity-researcher-hacker-or-hunter-8532bcaa48b6?source=rss------bug_bounty-5Securrdollar, cyber-security-awareness, earn, bug-bounty, web-development03-Jun-2024
My First Finding Bug on a Bugcrowd BBPhttps://medium.com/@bhuiyanaman71/my-first-bug-on-a-bbp-fdd512307284?source=rss------bug_bounty-5Aman Bhuiyanxss-vulnerability, bug-bounty, hacking, injection03-Jun-2024
27.2 Lab: DOM XSS using web messages and JSON.parsehttps://cyberw1ng.medium.com/27-2-lab-dom-xss-using-web-messages-and-json-parse-79dbe4290efb?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, hacking, bug-bounty, careers03-Jun-2024
Hack and Pay Later: Bypassing Online Payment Methodhttps://medium.com/@tirqwork1/hack-and-pay-later-bypassing-online-payment-method-8b366e0dc7ee?source=rss------bug_bounty-5ARoybug-bounty, cybersecurity, bugbounty-writeup, payment-gateway, infosec03-Jun-2024
27.3 Lab: DOM XSS using web messages and JSON.parsehttps://cyberw1ng.medium.com/27-2-lab-dom-xss-using-web-messages-and-json-parse-79dbe4290efb?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, hacking, bug-bounty, careers03-Jun-2024
UPI Recon | Scammed on Instagram /Telegram?https://medium.com/@anonymoustriager/upi-recon-scammed-on-instagram-telegram-3713f9dd77cd?source=rss------bug_bounty-5Anonymous Triagerhacker, telegram, recon, cybersecurity, bug-bounty02-Jun-2024
Bug Zero — 2 Weeks in Cybersecurity (May 15–31)https://blog.bugzero.io/bug-zero-2-weeks-in-cybersecurity-may-15-31-dbc07d60dfe5?source=rss------bug_bounty-5Akila Maithripalabug-zero, sri-lanka, cybersecurity, bug-bounty02-Jun-2024
BBB #1 — Back Hackinghttps://medium.com/@JakobTheDev/bbb-1-back-hacking-acafd03d7d4e?source=rss------bug_bounty-5Jakob Penningtonbug-bounty, application-security, hacking02-Jun-2024
27.2 Lab: DOM XSS using web messages and a JavaScript URLhttps://cyberw1ng.medium.com/27-2-lab-dom-xss-using-web-messages-and-a-javascript-url-3d29822c295d?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing02-Jun-2024
A simple IDOR worth $400.https://el-cezeri.medium.com/a-simple-idor-worth-400-65663937a5f4?source=rss------bug_bounty-5Samet Yiğitbugbounty-tips, bug-bounty, ödülavcılığı02-Jun-2024
Mastering Sway-Analyzerhttps://medium.com/@angelos404/mastering-sway-analyzer-27379d7903db?source=rss------bug_bounty-5angelos404smart-contracts, web3, blockchain, bug-bounty, sway02-Jun-2024
Easy $$$$ Bounty for leaked token in java script urlhttps://medium.com/@eslammonex/easy-bounty-for-leaked-token-in-java-script-url-5491cf567328?source=rss------bug_bounty-5EslamMonexbug-bounty02-Jun-2024
How To Escalate P5 Email HTML Injection to P4.https://medium.com/@Ajakcybersecurity/how-to-escalate-p5-email-html-injection-to-p4-19a61a85a76b?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, hacking, penetration-testing, cybersecurity, technology02-Jun-2024
شرح اللاب بطريقة سهلة ومبسطة لفهم نوع ال Reflected XSS into HTML context with nothing encodedhttps://gentilsecurity.medium.com/%D8%B4%D8%B1%D8%AD-%D8%A7%D9%84%D9%84%D8%A7%D8%A8-%D8%A8%D8%B7%D8%B1%D9%8A%D9%82%D8%A9-%D8%B3%D9%87%D9%84%D8%A9-%D9%88%D9%85%D8%A8%D8%B3%D8%B7%D8%A9-%D9%84%D9%81%D9%87%D9%85-%D9%86%D9%88%D8%B9-%D8%A7%D9%84-reflected-xss-into-html-context-with-nothing-encoded-9dde8cf2baa3?source=rss------bug_bounty-5GenTiLowasp, web-development, penetration-testing, cybersecurity, bug-bounty01-Jun-2024
ماذا تعرف عن ثغرة XSS? (Cross-Site Script)https://gentilsecurity.medium.com/%D9%85%D8%A7%D8%B0%D8%A7-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%86-%D8%AB%D8%BA%D8%B1%D8%A9-xss-cross-site-script-d45ecf75b0a6?source=rss------bug_bounty-5GenTiLxss-attack, bug-bounty, vulnerability, technology, hacking01-Jun-2024
كيفية استخدام أداة ParamSpider — لبرنامج الجوائز الأمنية (Bug Bounty)https://gentilsecurity.medium.com/%D9%83%D9%8A%D9%81%D9%8A%D8%A9-%D8%A7%D8%B3%D8%AA%D8%AE%D8%AF%D8%A7%D9%85-%D8%A3%D8%AF%D8%A7%D8%A9-paramspider-%D9%84%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D8%A7%D9%84%D8%AC%D9%88%D8%A7%D8%A6%D8%B2-%D8%A7%D9%84%D8%A3%D9%85%D9%86%D9%8A%D8%A9-bug-bounty-c1361d476c4a?source=rss------bug_bounty-5GenTiLparamspider, penetration-testing, bug-bounty, web-development, penetration-testing-tools01-Jun-2024
هل مازلت محتار في الاختلاف بين Reflected XSS و DOM XSS؟ اليوم ستحسم المسألة بكل ثقةhttps://gentilsecurity.medium.com/%D9%87%D9%84-%D9%85%D8%A7%D8%B2%D9%84%D8%AA-%D9%85%D8%AD%D8%AA%D8%A7%D8%B1-%D9%81%D9%8A-%D8%A7%D9%84%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81-%D8%A8%D9%8A%D9%86-reflected-xss-%D9%88-dom-xss-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%B3%D8%AA%D8%AD%D8%B3%D9%85-%D8%A7%D9%84%D9%85%D8%B3%D8%A3%D9%84%D8%A9-%D8%A8%D9%83%D9%84-%D8%AB%D9%82%D8%A9-c4224d126056?source=rss------bug_bounty-5GenTiLreflected-xss, hacking, dom-xss, web-penetration-testing, bug-bounty01-Jun-2024
MY FIRST BUG !https://medium.com/@amjadkhan_72632/my-first-bug-8d52edf256c7?source=rss------bug_bounty-5Amjad Khancybersecurity, bug-bounty01-Jun-2024
SQLi, SSRF And Code Secrets — All In Onehttps://medium.com/@red.whisperer/sqli-ssrf-and-code-secrets-all-in-one-a387c734c84f?source=rss------bug_bounty-5Chuxsecurity, hacking, cybersecurity, infosec, bug-bounty01-Jun-2024
Are you still confused about the difference between Reflected XSS and DOM XSS?https://gentilsecurity.medium.com/are-you-still-confused-about-the-difference-between-reflected-xss-and-dom-xss-45715d0fe37b?source=rss------bug_bounty-5GenTiLdom-xss, hacking, bug-bounty, web-penetration-testing, reflected-xss01-Jun-2024
Chaining NOSQLi and XSS to Take Over a Server — HackTheBox Stocker Walkthroughhttps://medium.com/@The_Hiker/chaining-nosqli-and-xss-to-take-over-a-server-hackthebox-stocker-walkthrough-e549bf3f8bbf?source=rss------bug_bounty-5TheHikerhackthebox, hackthebox-writeup, web-exploitation, hacking, bug-bounty01-Jun-2024
Unveiling the Sneaky CSV Injection: VDP vs. Objective-Based Offensive Tacticshttps://abawazeeer.medium.com/unveiling-the-sneaky-csv-injection-vdp-vs-objective-based-offensive-tactics-208b22b8bba1?source=rss------bug_bounty-5AliBawazeEervulnerability-disclosure, bug-bounty, vulnerability-assessment, owasp-top-10, application-security01-Jun-2024
cy27.1 Lab: DOM XSS using web messageshttps://cyberw1ng.medium.com/cy27-1-lab-dom-xss-using-web-messages-5c2346edc08b?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, hacking, careers, cybersecurity01-Jun-2024
Use FFUF to bypass Burp Suite’s Intruder attacks delay!!!https://hackermater.medium.com/use-ffuf-to-bypass-burp-suite-intruder-attacks-delay-c5087c912741?source=rss------bug_bounty-5hackermaterbug-bounty-writeup, burpsuite, hacking, bug-bounty-tips, bug-bounty01-Jun-2024
90 Days Cybersecurity Learning Challengehttps://medium.com/@unknow.com/90-days-cybersecurity-learning-challenge-81e1777b31f5?source=rss------bug_bounty-5Cyber_hunterbug-bounty, careers, cybersecurity01-Jun-2024
Attacking Web Applications with Ffuf | Skills Assessment — Walkthroughhttps://medium.com/@Mx0o14/attacking-web-applications-with-ffuf-skills-assessment-walkthrough-5af4160fe75b?source=rss------bug_bounty-5Mohamed Ashrafhackthebox, bug-bounty, cybersecurity, hacking31-May-2024
The Planets CTF | Earth CTF | Vulnhub | WriteUp | Walkthroughhttps://shamsulmehmood.medium.com/the-planets-ctf-earth-ctf-vulnhub-writeup-walkthrough-38d13c16643c?source=rss------bug_bounty-5SHAMS UL MEHMOODhacking, cybersecurity, bug-bounty, bugs, cybercrime31-May-2024
Pattern Scanning Intro (For Game Hacking)https://medium.com/@MrRipperoni/pattern-scanning-intro-for-game-hacking-b13401b562fb?source=rss------bug_bounty-5Mr.Ripperonicoding, reverse-engineering, games, bug-bounty, hacking31-May-2024
How i get XSS & HTMLi with FUFFhttps://kiraadx.medium.com/how-i-get-xss-htmli-with-fuff-0c8a4b094636?source=rss------bug_bounty-5KiRaaDxbug-bounty, cybersecurity, bug-bounty-tips31-May-2024
OSCP Reviewhttps://medium.com/@nosignalrightnow/oscp-review-3a9568bf9c5d?source=rss------bug_bounty-5cowabungabug-bounty, offensive-security, penetration-testing, oscp, cybersecurity31-May-2024
26.3 Lab: Indirect prompt injectionhttps://cyberw1ng.medium.com/26-3-lab-indirect-prompt-injection-27d35f2e0e90?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, careers, cybersecurity, bug-bounty31-May-2024
CVE-2024–24919: Zero-Day Vulnerability leads to unauthorized Information Disclosure in Checkpointhttps://codewithvamp.medium.com/cve-2024-24919-zero-day-vulnerability-leads-to-unauthorized-information-disclosure-in-checkpoint-97873b47d160?source=rss------bug_bounty-5Vaibhav Kumar Srivastavacomputer-science, hacking, bug-bounty, cybersecurity, cve31-May-2024
How I Found a Vulnerability in Apple: A Journey of Discovery and Impacthttps://medium.com/@husnainsuleman/how-i-found-a-vulnerability-in-apple-a-journey-of-discovery-and-impact-0e55f14eef75?source=rss------bug_bounty-5Husnain Sulemanbug-bounty, storytelling, security, cybersecurity, apple31-May-2024
IDOR Exploit: A Tale of Account Takeoverhttps://danial1337.medium.com/idor-exploit-a-tale-of-account-takeover-51ab2c47c246?source=rss------bug_bounty-5Muhammad Danialpenetration-testing, hacking, cybersecurity, web-security, bug-bounty31-May-2024
Advanced Web Cache Poisoninghttps://medium.com/@majix_de/advanced-web-cache-poisoning-e6e17d5290ce?source=rss------bug_bounty-5Majixweb-cache-poisoning, penetration-testing, hacking, bug-bounty, pentesting31-May-2024
Creative Steps | Reflected XSS into HTML context with nothing encodedhttps://gentilsecurity.medium.com/creative-steps-reflected-xss-into-html-context-with-nothing-encoded-0a30d4f2dc24?source=rss------bug_bounty-5GenTiLcybersecurity, bug-bounty, owasp, penetration-testing, web-development30-May-2024
Exported Activity In Android Application Allowing Access to Payments Informationhttps://medium.com/@mohanad.hussam23/exported-activity-in-android-application-allowing-access-to-payments-information-166dfee5008e?source=rss------bug_bounty-5Muhanad Israiwihacking, bugs, penetration-testing, bug-bounty, androidhacking30-May-2024
Static Testing of iOS Applicationshttps://sandeepvi.medium.com/static-testing-of-ios-applications-cb09bd8f2927?source=rss------bug_bounty-5Sandeep Vishwakarmahacking, bug-bounty, ios, static-code-analysis30-May-2024
Secrets of Data Security : Trendy Tools and Tips You Can’t Ignore!https://medium.com/@paritoshblogs/secrets-of-data-security-trendy-tools-and-tips-you-cant-ignore-a5d72eb7eedf?source=rss------bug_bounty-5Paritoshdata-security, hacking, cybersecurity, bug-bounty, security30-May-2024
Exciting Announcement: We’re Collaborating with Aptron to Boost Web3 Security!https://securrtech.medium.com/exciting-announcement-were-collaborating-with-aptron-to-boost-web3-security-4f58726c3ae0?source=rss------bug_bounty-5Securrweb3, ai, web3-security, bug-bounty, blockchain30-May-2024
Enhancing Cybersecurity: Lessons from a Critical XSS Vulnerability in DMRC’s Websitehttps://hackerhalt.medium.com/enhancing-cybersecurity-lessons-from-a-critical-xss-vulnerability-in-dmrcs-website-a0e39aeb0318?source=rss------bug_bounty-5Hacker Halt Livehacker, hacking, bug-bounty, security, cybersecurity30-May-2024
Application Level DoS - The Lagging Nightmarehttps://shahjerry33.medium.com/application-level-dos-the-lagging-nightmare-d3332f2ade86?source=rss------bug_bounty-5Jerry Shah (Jerry)pentesting, cybersecurity, bug-bounty, infosec, vulnerability30-May-2024
26.2 Lab: Exploiting vulnerabilities in LLM APIshttps://cyberw1ng.medium.com/26-2-lab-exploiting-vulnerabilities-in-llm-apis-83150b4cdf98?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, careers, hacking, bug-bounty30-May-2024
WAF as a weapon and DOS as a bullethttps://medium.com/@zhero_/waf-as-a-weapon-and-dos-as-a-bullet-46acad12a9b6?source=rss------bug_bounty-5Rachid.Ainfosec, bug-bounty, firewall, hacking, cybersecurity30-May-2024
Low hanging fruit in real website: Cookie invalidation.https://medium.com/@siyamhassan.main/low-hanging-fruit-in-real-website-cookie-invalidation-bd24556dc673?source=rss------bug_bounty-52004siyam_hassanauthentication, session-invalidation, bug-bounty30-May-2024
Buy Multiple Translink Travel Ticket for the Price of One.https://medium.com/@aswinmanikandan/buy-multiple-translink-travel-ticket-for-the-price-of-one-82014216c510?source=rss------bug_bounty-5Aswin Manikandanbug-bounty, bug-bounty-tips30-May-2024
(1)بالمصري Bug Bounty Bootcamp ملخصhttps://medium.com/@am3002297/1-%D8%A8%D8%A7%D9%84%D9%85%D8%B5%D8%B1%D9%8A-bug-bounty-bootcamp-%D9%85%D9%84%D8%AE%D8%B5-8cdf2bf4e108?source=rss------bug_bounty-530obdbug-bounty-hunter, tech-bootcamp, bug-bounty, infosec, information-security30-May-2024
Microsoft IIS Server Shortnames & Tilde Magichttps://retkoussa.medium.com/microsoft-iis-server-shortnames-tilde-magic-64df65d26450?source=rss------bug_bounty-5Firas Al-Koussahacking, bug-bounty, penetration-testing, cybersecurity, penetration-testing-tools30-May-2024
How I Found My First Bug in My Bug Bounty Journeyhttps://medium.com/@HuseyinAdgzl/how-i-found-my-first-bug-in-bug-bounty-journey-49a318874ed8?source=rss------bug_bounty-5Hüseyin Adiguzelbug-bounty-tips, bug-bounty, api, security, bugs30-May-2024
A Beautiful Bug: Interesting URL scheme bypass + Race Condition.https://medium.com/@Nightbloodz/a-beautiful-bug-interesting-url-scheme-bypass-race-condition-61109771a250?source=rss------bug_bounty-5Alvaro Baladacybersecurity, xss-attack, bug-bounty-tips, bug-bounty-writeup, bug-bounty30-May-2024
Understanding Fileless Malware: How It Works and Real-World Exampleshttps://medium.com/@paritoshblogs/understanding-fileless-malware-how-it-works-and-real-world-examples-76085c99543d?source=rss------bug_bounty-5Paritoshhacking, bug-bounty, fileless-malware, malware, cybersecurity29-May-2024
An interesting Bug that I found in Android Mobile Applicationhttps://medium.com/@jooelsaka/an-interesting-bug-that-i-found-in-android-mobile-application-becf25c8c4d8?source=rss------bug_bounty-5dnelsakasecurity, pentesting, mobile-security, android, bug-bounty29-May-2024
Subdomain takeover via AWS s3 buckethttps://infosecwriteups.com/subdomain-takeover-via-aws-s3-bucket-9c54b1b71c46?source=rss------bug_bounty-5Bikram kharalvulnerability, subdomain-takeover, bug-bounty, penetration-testing, hacking29-May-2024
Unauthenticated Cache Purge, Really a Bug?https://medium.com/@anonymoustriager/unauthenticated-cache-purge-really-a-bug-1da44d6fbfd9?source=rss------bug_bounty-5Anonymous Triagerhacker, bug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup29-May-2024
Bypassing Discord marked links filterhttps://nickguitar.medium.com/bypassing-discord-marked-links-filter-88bcd7946f2a?source=rss------bug_bounty-5Nickguitarhacking, bug-bounty, bypass, discord, pentest29-May-2024
Bug Bounty Automationshttps://medium.com/@michellepantelouris/bug-bounty-automations-65f4a4dd6121?source=rss------bug_bounty-5Michelle Pantelourisbug-bounty, cybersecurity, penetration-testing29-May-2024
Building tech profile of a companyhttps://netlas.medium.com/building-tech-profile-of-a-company-f2145dedad31?source=rss------bug_bounty-5Netlas.ioreconnaissance, cybersecurity, osint, penetration-testing, bug-bounty29-May-2024
Content Discovery: Directories, Files And Links Enumeration:https://hacktivistattacker.medium.com/content-discovery-directories-files-and-links-enumeration-38e407b8ff0a?source=rss------bug_bounty-5Hacktivist-Attackercontent-discovery, bug-bounty, web-penetration-testing, reconnaissance-bug-bounty, educação29-May-2024
Bug Bounty Tips and Tricks: Improve Your Success Ratehttps://medium.com/@verylazytech/bug-bounty-tips-and-tricks-improve-your-success-rate-37fa7941d05f?source=rss------bug_bounty-5Very Lazy Techbug-bounty, hacking, bug-bounty-program, cyber, cybersecurity29-May-2024
S3 bucket enumeration simplified.https://secureitmania.medium.com/s3-bucket-enumeration-simplified-80bdcdf581d7?source=rss------bug_bounty-5secureITmaniahacking, cloud-services, devops, bug-bounty, it-security29-May-2024
Agent Sudo Walkthroughhttps://medium.com/@anubhavbali2004/agent-sudo-walkthrough-0a2954d2bb7e?source=rss------bug_bounty-5Anubhav Balictf-walkthrough, ctf-writeup, bug-bounty, ctf, cybersecurity29-May-2024
Mastering Burp Suite for Web Application Security Testinghttps://medium.com/@zerodayfreak/mastering-burp-suite-for-web-application-security-testing-9ac8919f89a8?source=rss------bug_bounty-5ZeroDay Freakbug-bounty, infosec, burpsuite, web-hacking, penetration-testing29-May-2024
The Easiest Vulnerability to Find and How to bypass the WAFhttps://medium.com/@probza261/the-easiest-vulnerability-to-find-and-how-to-bypass-the-waf-3dbcc422aa7e?source=rss------bug_bounty-5OctaYusbug-bounty, infosec, web-security29-May-2024
[Low]Unintended Feature: Exploiting an “Invisible” Delete Function for Temporary Premium Accesshttps://r4v3n0r.medium.com/low-unintended-feature-exploiting-an-invisible-delete-function-for-temporary-premium-access-909812add8eb?source=rss------bug_bounty-5Fabian Cruzweb-application-security, cybersecurity, idor, bug-bounty, information-security29-May-2024
What do you know about XSS? (Cross-Site Script)https://gentilsecurity.medium.com/what-do-you-know-about-xss-cross-site-script-fa050d37be1c?source=rss------bug_bounty-5GenTiLbug-bounty, vulnerability, hacking, technology, xss-attack28-May-2024
Hacking NASA: Critical SSRF + Subdomain Takeover + XSShttps://nickguitar.medium.com/hacking-nasa-critical-ssrf-subdomain-takeover-xss-699be0ce3c06?source=rss------bug_bounty-5Nickguitarpentesting, bug-bounty, hacking, web-application-security, writeup28-May-2024
Bug Bounty In 2024https://medium.com/@Code_With_Ssn/bug-bounty-in-2024-54b1f0c3fe75?source=rss------bug_bounty-5Salik Seraj Naikcybersecurity, bug-bounty, software-development, blockchain, data-science28-May-2024
8 Different Ways to Bypass SSL Pinning in iOS Applicationshttps://medium.com/@vaishalinagori112/8-different-ways-to-bypass-ssl-pinning-in-ios-applications-427dfcbe8bf7?source=rss------bug_bounty-5Vaishali Nagoribug-bounty, vapt-services, hacking, ciso, ssl-pinning-bypass28-May-2024
Talkpal — vulnerability disclosurehttps://karol-mazurek.medium.com/talkpal-vulnerability-disclosure-70b18d14772f?source=rss------bug_bounty-5Karol Mazurekcybersecurity, bug-bounty, information-technology, penetration-testing, information-security28-May-2024
Cross-Site Script _XSS_ Extract Herehttps://gentilsecurity.medium.com/cross-site-script-xss-extract-here-d76053546fe3?source=rss------bug_bounty-5GenTiLtechnology, bug-bounty, ethical-hacking, cybersecurity, web-development28-May-2024
RCE Exploitation via Report Upload + Leveraging MachineKeys to Forge ASPXAUTH Cookies to privesc…https://medium.com/@ph4nt0mbyt3/rce-exploitation-via-report-upload-leveraging-machinekeys-to-forge-aspxauth-cookies-to-privesc-50d38991da2e?source=rss------bug_bounty-5ph4nt0mbyt3pentesting, hacking, bug-bounty, cookies, aspnetcore28-May-2024
PENTESTING DAY — 01https://medium.com/@workwithsane/pentesting-day-01-7eba23231870?source=rss------bug_bounty-5Saneoffensive-security, pentesting, bug-bounty, defensive-security, ethical-hacking28-May-2024
A Whistledown Exclusive: Netflix’s Journey to One Million in Bug Bounty and Beyondhttps://netflixtechblog.medium.com/a-whistledown-exclusive-netflixs-journey-to-one-million-in-bug-bounty-and-beyond-9087ffebc3e1?source=rss------bug_bounty-5Netflix Technology Blogvulnerability-management, application-security, cybersecurity, bug-bounty28-May-2024
25.8 Lab: Web cache poisoning via a fat GET requesthttps://cyberw1ng.medium.com/25-8-lab-web-cache-poisoning-via-a-fat-get-request-ee8a42d01868?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, penetration-testing, cybersecurity28-May-2024
Self-XSS via filename + CSRF on contact us ‘multipart/data’ formhttps://mchklt.medium.com/self-xss-via-filename-csrf-on-contact-us-multipart-data-form-f852dd539547?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAcyberattack, tips, bug-bounty, cybersecurity, hacking28-May-2024
PENTESTING INTRODUCTIONhttps://medium.com/@workwithsane/pentesting-day-01-7eba23231870?source=rss------bug_bounty-5Saneoffensive-security, pentesting, bug-bounty, defensive-security, ethical-hacking28-May-2024
Best Packet Sniffers For Reverse Engineering Game Servershttps://medium.com/@MrRipperoni/best-packet-sniffers-for-reverse-engineering-game-servers-c09987c46b33?source=rss------bug_bounty-5Mr.Ripperonigames, bug-bounty, hacking, penetration-testing, reverse-engineering28-May-2024
25.9 Lab: URL normalization in Web Cache Poisioninghttps://cyberw1ng.medium.com/25-9-lab-url-normalization-in-web-cache-poisioning-9a4b72e10a5e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, hacking, bug-bounty28-May-2024
شمارع خاله اردبیل شماره خاله رامسرشماره خاله یزدشماره خاله نورآباد09333709804https://medium.com/@xgxtccbj/%D8%B4%D9%85%D8%A7%D8%B1%D8%B9-%D8%AE%D8%A7%D9%84%D9%87-%D8%A7%D8%B1%D8%AF%D8%A8%DB%8C%D9%84-%D8%B4%D9%85%D8%A7%D8%B1%D9%87-%D8%AE%D8%A7%D9%84%D9%87-%D8%B1%D8%A7%D9%85%D8%B3%D8%B1%D8%B4%D9%85%D8%A7%D8%B1%D9%87-%D8%AE%D8%A7%D9%84%D9%87-%DB%8C%D8%B2%D8%AF%D8%B4%D9%85%D8%A7%D8%B1%D9%87-%D8%AE%D8%A7%D9%84%D9%87-%D9%86%D9%88%D8%B1%D8%A2%D8%A8%D8%A7%D8%AF09333709804-045d16786c2a?source=rss------bug_bounty-5فاطمهbug-bounty, vjosa, cj, cjng, bybit-event28-May-2024
25.7 Lab: Parameter cloaking in Web Cache Poisoninghttps://cyberw1ng.medium.com/25-7-lab-parameter-cloaking-in-web-cache-poisoning-ee64feeb01c1?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, bug-bounty, careers, penetration-testing27-May-2024
Earning with Exploits: The Bug Bounty Journeyhttps://deepseng.medium.com/earning-with-exploits-the-bug-bounty-journey-9d864743c011?source=rss------bug_bounty-5Deep SenGuptacybersecurity, appsec, information-security, careers, bug-bounty27-May-2024
How To Stay Ahead of 99% Of Bug Bounty Huntershttps://infosecwriteups.com/how-to-stay-ahead-of-99-of-bug-bounty-hunters-a51fb3fc2ecb?source=rss------bug_bounty-5Om Aroramethodology, infosec, hacking, bug-bounty-tips, bug-bounty27-May-2024
The bugs: List of weird vulnerabilitieshttps://noobsixt9.medium.com/the-bugs-list-of-weird-vulnerabilities-6bc98fc5c1cc?source=rss------bug_bounty-5Rajan Kshedalwriteup, bug-bounty, bug-bounty-writeup, bug-bounty-tips, information-security27-May-2024
How I got my first US Dollar bountyhttps://medium.com/@deepk007/how-i-got-my-first-us-dollar-bounty-4df50ee82fc6?source=rss------bug_bounty-5DEepcybersecurity, bug-bounty, red-team, ethical-hacking, vulnerability27-May-2024
25.6 Lab: Web cache poisoning via an unkeyed query parameterhttps://cyberw1ng.medium.com/25-6-lab-web-cache-poisoning-via-an-unkeyed-query-parameter-ca2544560b5e?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, careers, bug-bounty, hacking26-May-2024
Embarking on the Bug Bounty Journeyhttps://medium.com/@verylazytech/embarking-on-the-bug-bounty-journey-e199897617a5?source=rss------bug_bounty-5Very Lazy Techbug-bounty, technology, programming, cybersecurity, cyber26-May-2024
Kokurate journey in Cyber Securityhttps://kokurate.medium.com/kokurate-journey-in-cyber-security-633e546eb175?source=rss------bug_bounty-5Kokuratebug-bounty, blue-team, journey, cybersecurity, red-team26-May-2024
Network Penetration Testing: A Comprehensive Guidehttps://medium.com/@paritoshblogs/network-penetration-testing-a-comprehensive-guide-1ba8fcb7c570?source=rss------bug_bounty-5Paritoshpentesting, networking, ai, cybersecurity, bug-bounty26-May-2024
Open Redirect via login pagehttps://medium.com/@saeidmicro/open-redirect-via-login-page-fe144f279da8?source=rss------bug_bounty-5Saeid Khaterbug-bounty, open-redirect, cybersecurity26-May-2024
My Journey in Cyber Securityhttps://kokurate.medium.com/kokurate-journey-in-cyber-security-633e546eb175?source=rss------bug_bounty-5Kokuratebug-bounty, blue-team, journey, cybersecurity, red-team26-May-2024
### Uncovering a Critical Security Bug: Email Duplication in Password Reset Mechanismhttps://medium.com/@siyamhassan.main/uncovering-a-critical-security-bug-email-duplication-in-password-reset-mechanism-44eed804203f?source=rss------bug_bounty-52004siyam_hassanbug-bounty, password-reset, authentication26-May-2024
### Discovering an OTP Reuse Vulnerability: My First Bug Reporthttps://medium.com/@siyamhassan.main/discovering-an-otp-reuse-vulnerability-my-first-bug-report-1a4c555113ab?source=rss------bug_bounty-52004siyam_hassanauthentication, otp-verification, bug-bounty26-May-2024
HTTP Headershttps://medium.com/@Zephyr_Night/http-headers-958a5d73ffd6?source=rss------bug_bounty-5Anshu(Zephyr_Night)bug-bounty, http-protocol, http-headers, http-authentication26-May-2024
WordPress application vulnerable to DoS attack via wp-cron.phphttps://medium.com/@saeidmicro/wordpress-application-vulnerable-to-dos-attack-via-wp-cron-php-da521e854fe5?source=rss------bug_bounty-5Saeid Khaterbug-bounty, dos-attack, cybersecurity26-May-2024
❇️ Web Hack Tool ❇️https://medium.com/@logicTech/%EF%B8%8F-web-hack-tool-%EF%B8%8F-0123843704ed?source=rss------bug_bounty-5LogicTechbug-bounty-tips, github, tools, hacking, bug-bounty26-May-2024
Insecure Account Removalhttps://medium.com/@saeidmicro/insecure-account-removal-867357ad9a08?source=rss------bug_bounty-5Saeid Khaterbug-bounty, cybersecurity26-May-2024
How I Got IDOR lead to PII In Login Pagehttps://medium.com/@shari7a0x/how-i-got-idor-lead-to-pii-in-login-page-12135f661c77?source=rss------bug_bounty-5Shari7a0xbugs, hacker, idor-vulnerability, bugcrowd, bug-bounty26-May-2024
How I Found 2 IDORS on My Phone and Made $1,500https://medium.com/@zack0x01_/how-i-found-2-idors-on-my-phone-and-made-1-500-8b088f5b28db?source=rss------bug_bounty-5zack0x01bug-bounty, cyber, idor, bug-bounty-tips, hacking26-May-2024
Session invalidation after updating e-mail.https://medium.com/@siyamhassan.main/session-invalidation-after-updating-e-mail-f03c8bb1fb0c?source=rss------bug_bounty-52004siyam_hassanbug-bounty, session-invalidation, help26-May-2024
All About API Security Pentestinghttps://infosecwriteups.com/all-about-api-security-pentesting-60dba50e2766?source=rss------bug_bounty-5Xcheaterapi-security, owasp-api-security-top-10, bug-bounty, pentesting, api-security-testing26-May-2024
JNDI Injection — Attack Flowhttps://medium.com/@prajeet67/jndi-injection-attack-flow-2061e792fef3?source=rss------bug_bounty-5Pradeep Kumarweb-penetration-testing, pentest, bug-bounty, java, jndi25-May-2024
CSRF Vulnerabilities: How to Exploit and Defend Against Attackshttps://xamiron.medium.com/csrf-vulnerabilities-how-to-exploit-and-defend-against-attacks-ca06e0fc0bf0?source=rss------bug_bounty-5Sabuj Kumar Modakpenetration-testing, burpsuite, csrf-attack, bug-bounty, web-app-pentesting25-May-2024
Outlook Hijacked: A Step-by-Step Recovery and Investigationhttps://raoshaab.medium.com/outlook-hijacked-a-step-by-step-recovery-and-investigation-02ea09136301?source=rss------bug_bounty-5Devender Raobug-bounty, phishing, hacking, cybersecurity, microsoft25-May-2024
Unauthenticated IDOR in Employee Login Exposes PII to more than 100K Usershttps://amrkadry7.medium.com/unauthenticated-idor-in-employee-login-exposes-pii-to-more-than-100k-users-830fa8121b33?source=rss------bug_bounty-5Amrcybersecurity, bug-bounty25-May-2024
How I Hacked India Today Subscription for 2 yearshttps://anudeep-vysyaraju.medium.com/how-i-hacked-india-today-subscription-for-2-years-4e49701fa7c8?source=rss------bug_bounty-5Anudeep Vysyarajucybersecurity, penetration-testing, ethical-hacking, hacking, bug-bounty25-May-2024
HOW HACKERS USE REVERSE ENGINEERINGhttps://medium.com/@Progsky/how-hackers-use-reverse-engineering-7f8940e2108a?source=rss------bug_bounty-5Progskybug-bounty, hacking, reverse-engineering25-May-2024
HTB PDFy Challengehttps://medium.com/@Pdaysec/htb-pdfy-challenge-490e678bd521?source=rss------bug_bounty-5Erfancybersecurity, htb, bug-bounty, challenge, htb-writeup25-May-2024
Uncovering the Hidden Vulnerability: How I Found an Authentication Bypass on Shopify’s Exchange…https://medium.com/@niraj1mahajan/uncovering-the-hidden-vulnerability-how-i-found-an-authentication-bypass-on-shopifys-exchange-cc2729ea31a9?source=rss------bug_bounty-5Niraj Mahajanbug-bounty, account-takeover, ato, authentication-bypass, bug-bounty-tips25-May-2024
Prototype Pollution: The Hidden Danger in JavaScripthttps://medium.com/@mayank_prajapati/prototype-pollution-the-hidden-danger-in-javascript-c8b17002e8da?source=rss------bug_bounty-5Mayank Kumar Prajapatihacking, bug-bounty, security, web, pentesting25-May-2024
Bypassing WAFs: The Art of Payload Obfuscationhttps://systemweakness.com/bypassing-wafs-the-art-of-payload-obfuscation-d4093c110713?source=rss------bug_bounty-5David Eduardo Karpinskiweb3, bug-bounty, firewall, cybersecurity, hacking25-May-2024
JavaScript Prototype Pollution Attack: A Simplified Guidehttps://medium.com/@dodir.sec/javascript-prototype-pollution-attack-a-simplified-guide-c3b4ba8a6441?source=rss------bug_bounty-5dodirbug-bounty, penetration-testing, web, javascript, cybersecurity25-May-2024
How i got xss in unusual wayhttps://medium.com/@cvjvqmmsm/how-i-got-xss-in-unusual-way-7c4f2d8dfaf6?source=rss------bug_bounty-5Barbarossaxss-attack, bug-bounty25-May-2024
HTB-PDFyhttps://medium.com/@Pdaysec/htb-pdfy-challenge-490e678bd521?source=rss------bug_bounty-5Erfancybersecurity, htb, bug-bounty, challenge, htb-writeup25-May-2024
Logic Bug | Forget password link not expiring after email changehttps://medium.com/@saeidmicro/logic-bug-forget-password-link-not-expiring-after-email-change-4edc6f2dce22?source=rss------bug_bounty-5Saeid Khatercybersecurity, bug-bounty24-May-2024
How to Use ParamSpider Tool — For Bug Bountyhttps://gentilsecurity.medium.com/how-to-use-paramspider-tool-for-bug-bounty-2cfb3e4c402c?source=rss------bug_bounty-5GenTiLpenetration-testing, automation-tools, parameter, paramspider, bug-bounty24-May-2024
Analyzing JavaScript Files To Find Bugshttps://medium.com/@hrofficial62/analyzing-javascript-files-to-find-bugs-7b277d1df435?source=rss------bug_bounty-5Mr Horbiohacking, bug-bounty-tips, cybersecurity, programming, bug-bounty24-May-2024
Bypassing 403 Protection To Get Admin Accesshttps://medium.com/@hrofficial62/bypassing-403-protection-to-get-admin-access-fe5b8888a935?source=rss------bug_bounty-5Mr Horbiobug-bounty, 403-forbidden, bug-bounty-tips, hacking24-May-2024
Bug Bounty Tutorial : Login Bypass Techniquehttps://medium.com/@hrofficial62/bug-bounty-tutorial-login-bypass-technique-ec4801b505c2?source=rss------bug_bounty-5Mr Horbiobugs, penetration-testing, hacking, bug-bounty, cybersecurity24-May-2024
How to Earn Bug Bounty as a Professional Bug hunterhttps://medium.com/@hrofficial62/how-to-earn-bug-bounty-as-a-professional-bug-hunter-cf11c1d16add?source=rss------bug_bounty-5Mr Horbioearn-money-online, cybersecurity, ethical-hacking, bugs, bug-bounty24-May-2024
How to Find First Bug (For Beginners)https://medium.com/@hrofficial62/how-to-find-first-bug-for-beginners-677ef726df2e?source=rss------bug_bounty-5Mr Horbiopython, cybersecurity, bug-bounty, hacking, programming24-May-2024
How to learn Hacking From 0 to Herohttps://medium.com/@hrofficial62/how-to-learn-hacking-from-0-to-hero-b7a13a72d035?source=rss------bug_bounty-5Mr Horbiohacking, horbio, programming, bug-bounty, cybersecurity24-May-2024
How to extract Google Chrome Saved Passwordhttps://medium.com/@hrofficial62/how-to-extract-google-chrome-saved-password-b6d6db825f36?source=rss------bug_bounty-5Mr Horbioethical-hacking, hacking, bug-bounty, passwords, cyber24-May-2024
Referrer-based access control Bug Bounty Tipshttps://medium.com/@hrofficial62/referrer-based-access-control-bug-bounty-tips-16112ae530cc?source=rss------bug_bounty-5Mr Horbiohacking, programming, hacker, cybersecurity, bug-bounty24-May-2024
Python Libraries for Hackershttps://medium.com/@hrofficial62/python-libraries-for-hackers-52a64f54131c?source=rss------bug_bounty-5Mr Horbiohacking, python-programming, python, bug-bounty, cybersecurity24-May-2024
Easy Bug | PHP info page disclosurehttps://medium.com/@saeidmicro/easy-bug-php-info-page-disclosure-d062dbc66a0e?source=rss------bug_bounty-5Saeid Khatercybersecurity, bug-bounty24-May-2024
Logic Bug: Easy Privilege Escalationhttps://medium.com/@saeidmicro/logic-bug-easy-privilege-escalation-7d3878816395?source=rss------bug_bounty-5Saeid Khatercybersecurity, bug-bounty, privilege-escalation24-May-2024
Logic Bug: Easy Privilege Escalationhttps://medium.com/@saeidmicro/logic-bug-easy-privilege-escalation-d12be8946e36?source=rss------bug_bounty-5Saeid Khaterbug-bounty, privilege-escalation, cybersecurity24-May-2024
Easy Bug | Email HTML Injectionhttps://medium.com/@saeidmicro/easy-bug-email-html-injection-8d15e1db69e0?source=rss------bug_bounty-5Saeid Khatercybersecurity, html-injection, bug-bounty24-May-2024
How to get your first $500 from an XSS vulnerabilityhttps://gentilsecurity.medium.com/how-to-get-your-first-500-from-an-xss-vulnerability-2c3800490e7a?source=rss------bug_bounty-5GenTiLmake-money-online, technology, xss-vulnerability, bug-bounty, xss-attack24-May-2024
[Bug Report] Medium Bug 3 dhttps://minerofideas.medium.com/bug-report-medium-bug-3-d-851c28f844cb?source=rss------bug_bounty-5Miner Of Ideaspython, medium, bug-bounty, medium-brasil, bugs24-May-2024
Using BBRF for tracking Javascript fileshttps://medium.com/@michal.lubicz/using-bbrf-for-tracking-javascript-files-76901a03939f?source=rss------bug_bounty-5Michał Lubiczbug-bounty-tips, bug-bounty, cybersecurity, pentesting24-May-2024
Busting CSRF: The Hidden Dangers of JSON Exploitedhttps://medium.com/@hack3dby0mar/busting-csrf-the-hidden-dangers-of-json-exploited-fd4aeb4cf47e?source=rss------bug_bounty-5Omar Essam (hack3dby0mar)web-security, bug-bounty, cybersecurity24-May-2024
25.4 Lab: Targeted web cache poisoning using an unknown headerhttps://cyberw1ng.medium.com/25-4-lab-targeted-web-cache-poisoning-using-an-unknown-header-18d261dcbf7a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, hacking, bug-bounty, cybersecurity24-May-2024
Exciting Announcement: We’re Collaborating with DAOPeople to Boost Web3 Securityhttps://securrtech.medium.com/exciting-announcement-were-collaborating-with-daopeople-to-boost-web3-security-0e4b70699385?source=rss------bug_bounty-5Securrbug-bounty, web3, web3-security, dao, blockchain24-May-2024
Flipping a ‘False’ to ‘True’: The Google Bug That Paid Offhttps://medium.com/@hellother18/flipping-a-false-to-true-the-google-bug-that-paid-off-c9c3b11944fb?source=rss------bug_bounty-5Manthan_ mahalepenetration-testing, bugbounty-tips, bug-bounty, cybersecurity, hacker24-May-2024
Session fixation | Cookie injection leading to ATO Write-Uphttps://infosecwriteups.com/session-fixation-cookie-injection-leading-to-ato-write-up-98e29d2851b9?source=rss------bug_bounty-5rAmpancisthacking, account-takeover, cybersecurity, bugbounty-writeup, bug-bounty24-May-2024
Top Tools Every Bug Bounty Hunter Should Usehttps://medium.com/@verylazytech/top-tools-every-bug-bounty-hunter-should-use-7ebec61a0f76?source=rss------bug_bounty-5Very Lazy Techbug-bounty, bug-bounty-tips, cyber, cybersecurity24-May-2024
Tips & Tricks To Get Hall of Fame In NASAhttps://medium.com/@Ajakcybersecurity/tips-tricks-to-get-hall-of-fame-in-nasa-53819d8221d3?source=rss------bug_bounty-5AjakCybersecurityhacking, ethical-hacking, bug-bounty, cybersecurity, penetration-testing24-May-2024
25.5 Lab: Web cache poisoning via an unkeyed query stringhttps://cyberw1ng.medium.com/25-5-lab-web-cache-poisoning-via-an-unkeyed-query-string-c264fccb80d0?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, cybersecurity, careers24-May-2024
Always Test Default Credentials on Bug Bounty even if it’s 2024https://scr1pty.medium.com/always-test-default-credentials-on-bug-bounty-even-if-its-2024-75e511e4ad7c?source=rss------bug_bounty-5Scr1ptyethical-hacking, hacking, bug-bounty, security, bug-bounty-tips23-May-2024
HTML Injectionhttps://medium.com/@0xchoudhary/html-injection-cc6f8e3a09f8?source=rss------bug_bounty-5Sushil Choudharybug-bounty-tips, hackerone, cybersecurity, bug-hunting, bug-bounty23-May-2024
25.3 Lab: Web cache poisoning with multiple headershttps://cyberw1ng.medium.com/25-3-lab-web-cache-poisoning-with-multiple-headers-65e4e83ace3a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing23-May-2024
Unlocked Secrets: How Leaked Credentials Fuel Bug Bountieshttps://medium.com/@cyberpro151/unlocked-secrets-how-leaked-credentials-fuel-bug-bounties-fe5032caf5f4?source=rss------bug_bounty-5cyberpro151admin-panel, infosec, breach, bug-bounty, hacking23-May-2024
Aleo Bug Bounty Programhttps://daonft.medium.com/aleo-bug-bounty-program-97a7fda9ceed?source=rss------bug_bounty-5Bogdanbug-bounty, web3, aleo23-May-2024
CSRF leading to Account Takeoverhttps://medium.com/@katmaca2014/csrf-leading-to-account-takeover-abb32bae0ba5?source=rss------bug_bounty-5Kaan Atmacabug-bounty, penetration-testing, pentesting, cybersecurity, hacking23-May-2024
Exploiting XML Injection to Establish Unauthorized SSH Connectionhttps://medium.com/@katmaca2014/exploiting-xml-injection-to-establish-unauthorized-ssh-connection-7c9bbc50a4d4?source=rss------bug_bounty-5Kaan Atmacahacking, coding, bug-bounty, penetration-testing, pentesting23-May-2024
How I Found Multiple XSS Vulnerabilities.https://medium.com/@helalmm71/how-i-found-multiple-xss-vulnerabilities-34bf8655f4e7?source=rss------bug_bounty-5MD Helalvulnerability, penetration-testing, cybersecurity, bug-bounty, ctf23-May-2024
How I use to find vulnerabilities like XSS,sqli using mixture of 3 simple toolshttps://medium.com/@sreejihkn43073/how-i-use-to-find-vulnerabilities-like-xss-sqli-using-mixture-of-3-simple-tools-5108068646d2?source=rss------bug_bounty-5Sreejihknxss-vulnerability, cybersecurity-training, bug-bounty, github, tools23-May-2024
Ink Finance Arbitrum Testnet Bug Bounty Hunthttps://inkfinance.medium.com/ink-finance-arbitrum-testnet-bug-bounty-hunt-85ca215118fa?source=rss------bug_bounty-5Ink Financedao, defi, testnet, arbitrum, bug-bounty23-May-2024
Chrome 125 Update Resolves High-Severities Bugs Reported by External Researchershttps://medium.com/@elnjasi/chrome-125-update-resolves-high-severities-bugs-reported-by-external-researchers-74be654feb3a?source=rss------bug_bounty-5eL Njas!™bug-bounty, vulnerbaility, google23-May-2024
Easy Bug: No Rate Limiting on Form which Triggers Emailshttps://medium.com/@saeidmicro/easy-bug-no-rate-limiting-on-form-which-triggers-emails-4cecb5dd80a8?source=rss------bug_bounty-5Saeid Khatercybersecurity, bug-bounty23-May-2024
First Swag from HackerRankhttps://codingninjablogs.tech/first-swag-from-hackerrank-df55cb2605b5?source=rss------bug_bounty-5#$ubh@nk@rhacking, swag, ethical-hacking, security, bug-bounty23-May-2024
Ink Finance Arbitrum Testnet User Experience & Bug Bounty Hunthttps://inkfinance.medium.com/ink-finance-arbitrum-testnet-bug-bounty-hunt-85ca215118fa?source=rss------bug_bounty-5Ink Financedao, defi, testnet, arbitrum, bug-bounty23-May-2024
Second Factor Authentication (2FA) Bypass in Private BBPhttps://medium.com/@saeidmicro/second-factor-authentication-2fa-bypass-in-private-bbp-325017cd187e?source=rss------bug_bounty-5Saeid Khaterbug-bounty, cybersecurity23-May-2024
Logic Bug | Old Session Does Not Expires After Password Changehttps://medium.com/@saeidmicro/logic-bug-old-session-does-not-expires-after-password-change-cd1fca05c33e?source=rss------bug_bounty-5Saeid Khaterbug-bounty, cybersecurity23-May-2024
Second bug on VDP programhttps://medium.com/@devMRT/second-bug-on-vdp-program-f1c4e67a3e42?source=rss------bug_bounty-5devMRTbugbounty-writeup, bug-bounty-tips, bug-bounty23-May-2024
Advanced Web Application Scanning Step-by-Step Guidehttps://0xm4r5h4l.medium.com/advanced-web-application-scanning-step-by-step-guide-4d59dff9c491?source=rss------bug_bounty-50xM4r5h4lhacking, web-penetration-testing, cybersecurity, bug-bounty, web-scanner22-May-2024
How I Found XSS in Swagger-UI Leading to Account Takeover on Bug Bountyhttps://scr1pty.medium.com/how-i-found-xss-in-swagger-ui-leading-to-account-takeover-on-bug-bounty-8d419c6b95d5?source=rss------bug_bounty-5Scr1ptybug-bounty, ethical-hacking, penetration-testing, bug-bounty-tips, it22-May-2024
Time-Based Google OAuth Account Takeover: Adventures in Bug Bountieshttps://medium.com/@iamrizwanvp/time-based-google-oauth-account-takeover-my-bug-bounty-journey-a0f534227bc6?source=rss------bug_bounty-5RIZWANbug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup, bugs22-May-2024
Silk Central : Bug Tracking Tutorialhttps://medium.com/@niranjanky14/silk-central-bug-tracking-tutorial-781e4a6550c6?source=rss------bug_bounty-5Nine Pages Of My Lifetesting, software-development, bug-bounty, silk, app-development22-May-2024
Open-Redirect Through HTTP Parameter Pollutionhttps://medium.com/@davidkarpinski1/open-redirect-through-http-parameter-pollution-ce5a3be7c78e?source=rss------bug_bounty-5David Eduardo Karpinskiweb3, bug-bounty, hacking, cybersecurity, pollution22-May-2024
Exciting Announcement: Our New Collaboration with jumboBlockchain to Enhance Web3 Security!https://securrtech.medium.com/exciting-announcement-our-new-collaboration-with-jumboblockchain-to-enhance-web3-security-fe0489ca2524?source=rss------bug_bounty-5Securrbug-bounty, layer-1, blockchain, web3-security, web322-May-2024
Swagger-UI XSS Leading to Account Takeover on Crypto Exchangehttps://scr1pty.medium.com/how-i-found-xss-in-swagger-ui-leading-to-account-takeover-on-bug-bounty-8d419c6b95d5?source=rss------bug_bounty-5Scr1ptybug-bounty, ethical-hacking, penetration-testing, bug-bounty-tips, it22-May-2024
25.2 Lab: Web cache poisoning with an unkeyed cookiehttps://cyberw1ng.medium.com/25-2-lab-web-cache-poisoning-with-an-unkeyed-cookie-3f4884ee1105?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, penetration-testing, careers, cybersecurity22-May-2024
SubActive: Cracking the Digital Codehttps://medium.com/@tamhacker1/subactive-cracking-the-digital-code-447769fdb6e2?source=rss------bug_bounty-5Tahir Mujawarbugbounty-writeup, hacker, hacking, cybersecurity, bug-bounty22-May-2024
Best tool to find subdomainshttps://medium.com/@sreejihkn43073/best-tool-to-find-subdomains-170ad5d6e034?source=rss------bug_bounty-5Sreejihknbug-bounty, subdomain, cybersecurity, cyber-security-awareness, pentesting22-May-2024
Top Network Hacking Techniques Familiar with Every Bug-Bounty Hunterhttps://medium.com/@logicTech/top-network-hacking-techniques-familiar-with-every-bug-bounty-hunter-a01d7319cadc?source=rss------bug_bounty-5LogicTechhacking, network-security, bug-bounty, bug-bounty-tips, bugs22-May-2024
Pentesting: AI: WEB 1 | Privilege Escalation Attack | Python Reverse Shell | Vulnerabilities | SQL…https://shamsulmehmood.medium.com/pentesting-ai-web-1-privilege-escalation-attack-python-reverse-shell-vulnerabilities-sql-7f9994a42ec1?source=rss------bug_bounty-5SHAMS UL MEHMOODai, cybersecurity, bugs, bug-bounty, ctf-writeup21-May-2024
Hackers Online Tools in 2024https://medium.com/@logicTech/hackers-online-tools-in-2024-da8f5aa232e5?source=rss------bug_bounty-5LogicTechosint, hackathons, bug-bounty, tools, hacking21-May-2024
Authentication Bypass due to Sensitive Data Exposure in Local Storagehttps://medium.com/@kritikasingh06/authentication-bypass-due-to-sensitive-data-exposure-in-local-storage-8a706c798800?source=rss------bug_bounty-5Kritika Singhvulnerability-assessment, webapplicationpentest, bug-bounty, penetration-testing, hacking21-May-2024
25.1 Lab: Web cache poisoning with an unkeyed headerhttps://cyberw1ng.medium.com/25-1-lab-web-cache-poisoning-with-an-unkeyed-header-177f24f0538e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, hacking, cybersecurity21-May-2024
Complex Attack Types: Sample Scenarios 7https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-7-9e7ad4454fe9?source=rss------bug_bounty-5Baris Dincerbug-bounty, cybersecurity, freedomofinternet, threat-intelligence, penetration-testing21-May-2024
Curiosity part #2 with $5000 bounty.https://medium.com/@nanwinata/curiosity-part-2-with-5000-bounty-025536feced7?source=rss------bug_bounty-5nanwncybersecurity, telnet, hackerone, bug-bounty, vulnerability21-May-2024
Next Generation Nuclei: Detecting SQLi with Logichttps://medium.com/@serhatcck/next-generation-nuclei-detecting-sqli-with-logic-05549c34885b?source=rss------bug_bounty-5Serhat ÇİÇEKhacking-tools, hacking, penetration-testing, application-security, bug-bounty21-May-2024
CSRF Leads to Delete Accounthttps://medium.com/@happyjester80/csrf-leads-to-delete-account-241f2cf8950b?source=rss------bug_bounty-5Happy Jesterandroid-pentesting, bug-bounty, android, hacking21-May-2024
How to find View Angles for Aimbots | Explainedhttps://medium.com/@yannik603/how-to-find-view-angles-for-aimbots-explained-f70c303a353c?source=rss------bug_bounty-5Yannik Castrogames, hacking-tools, bug-bounty, hacking, reverse-engineering21-May-2024
Working with a client, I came across a CSRF vulnerability in their existing web application.https://medium.com/@darkly_splendid/working-with-a-client-i-came-across-a-csrf-vulnerability-in-their-existing-web-application-6c256b74684d?source=rss------bug_bounty-5FF E4cybersecurity, csrf, bug-bounty20-May-2024
Bug Zero — This month in Cybersecurity [01–15 May]https://blog.bugzero.io/bug-zero-this-month-in-cybersecurity-01-15-may-354fd002d5e4?source=rss------bug_bounty-5Akila Maithripalabug-bounty, cybersecurity, sri-lanka, bug-zero20-May-2024
Open-Redirects Uncovered: Real-World Bypass Techniques Revealedhttps://systemweakness.com/open-redirects-uncovered-real-world-bypass-techniques-revealed-7b7422f02049?source=rss------bug_bounty-5David Eduardo Karpinskicybersecurity, hacking, web3, programming, bug-bounty20-May-2024
How I Hacked NASA Using Google Dork in Just 10 Minuteshttps://medium.com/@gaurish.main/how-i-hacked-nasa-using-google-dork-in-just-10-minutes-6ce3b3401512?source=rss------bug_bounty-5Gaurish Bahurupicybersecurity, penetration-testing, bug-bounty-tips, bug-bounty, bug-bounty-writeup20-May-2024
Bypassed the OTP verification process using “Turbo Intruder” Extension.https://xamiron.medium.com/bypassed-the-otp-verification-process-using-turbo-intruder-extension-2f56ac3d400d?source=rss------bug_bounty-5Sabuj Kumar Modakweb-app-pentesting, cybersecurity, bug-bounty, burpsuite-extension, penetration-testing20-May-2024
IDOR Explained: Discover It Through a Simple Story!https://medium.com/@1hehaq/idor-explained-discover-it-through-a-simple-story-ca4a018f6d4c?source=rss------bug_bounty-5haqidor, bug-bounty-tips, bug-bounty, idor-vulnerability20-May-2024
Your Account is Now Mine!https://medium.com/@karimelsayed0x1/your-account-is-now-mine-fd80ad56f868?source=rss------bug_bounty-5z3r0xkpentesting, bug-bounty, account-takeover, vulnerability20-May-2024
Reflected XSS Leading to Account Takeoverhttps://0onoproblem.medium.com/reflected-xss-leading-to-account-takeover-bea862cba885?source=rss------bug_bounty-50_oNoProblembug-bounty, xss-attack, cybersecurity, bug-bounty-writeup, vulnerability20-May-2024
Discovering a $5000 RCE via Dependency Confusion Vulnerabilityhttps://nvk0x.medium.com/discovering-a-5000-rce-via-dependency-confusion-vulnerability-6b0c08ecd5de?source=rss------bug_bounty-5Naveen kumawatbug-bounty, hacking, bug-bounty-tips, bug-bounty-writeup, supply-chain20-May-2024
Let’s Understand Price Oracle Manipulationhttps://securrtech.medium.com/lets-understand-price-oracle-manipulation-927ab725f131?source=rss------bug_bounty-5Securrbug-bounty, smart-contract-auditing, web3, blockchain, web3-security20-May-2024
How I Hacked NASA LDAP Serverhttps://medium.com/@maxcyber882/how-i-hacked-nasa-ldap-server-b7cbb8cd0eee?source=rss------bug_bounty-5Maxcyberbug-hunting, cybersecurity, penetration-testing, bug-bounty20-May-2024
How I found XSS from a medium articlehttps://medium.com/@jsamia/how-i-from-xss-from-a-medium-article-94d1b4e7e742?source=rss------bug_bounty-5Jaeden Samiainfosec, bug-bounty, ethical-hacking20-May-2024
How I got Hall of Fame in NASAhttps://medium.com/@Ajakcybersecurity/how-i-got-hall-of-fame-in-nasa-4d098c413f9e?source=rss------bug_bounty-5AjakCybersecurityhacking, penetration-testing, ethical-hacking, bug-bounty, cybersecurity20-May-2024
Walk-Through of Bepractical.tech lab #3https://medium.com/@ross.jubert/walk-through-of-bepractical-tech-lab-3-07079a7ad5c2?source=rss------bug_bounty-5Ross Jubertaccount-takeover, ethical-hacking, bug-bounty, bugbounty-writeup, account-takeover-attacks19-May-2024
Hacker101: Micro-CMS v1https://medium.com/@0xfxiii/hacker101-micro-cms-v1-982c61d24e3e?source=rss------bug_bounty-50xfhackerone, bug-bounty-tips, bug-bounty, hacking19-May-2024
Dependency Confusionhttps://deephunt3r.medium.com/dependency-confusion-4d675eb36e0f?source=rss------bug_bounty-5Rakeshbugbounty-writeup, bug-bounty19-May-2024
How I Found Multiple Vulnerabilities on Dutch Governmenthttps://medium.com/@neupanesindhu3/how-i-found-multiple-vulnerabilities-on-dutch-government-438059bcf88d?source=rss------bug_bounty-5sindhuneupanebug-bounty, swag, writeup, bug-hunting, infosec19-May-2024
How I Find Another Arbitrary File Upload Vulnerability and Bypass the Patch Twicehttps://medium.com/@zpbrent/how-i-find-another-arbitrary-file-upload-vulnerability-and-bypass-the-patch-twice-193eaaf0b8dc?source=rss------bug_bounty-5Peng Zhouwordpress-plugins, infosec, bug-bounty, wordpress, web-security19-May-2024
How I got an High IDOR + PII in few minutes. Bounty: €500https://medium.com/@ivoaabreu/how-i-got-an-high-idor-pii-in-few-minutes-bounty-500-88833b6e1807?source=rss------bug_bounty-5Ivoabreuidor, bug-bounty19-May-2024
JavaScript tools for BugBounty 2024https://medium.com/@logicTech/javascript-tools-for-bugbounty-2024-fc281111c7c0?source=rss------bug_bounty-5LogicTechtools-and-resources, osint, hacking, hacker, bug-bounty19-May-2024
VulnCon 2024 CTF — Internal Leakshttps://medium.com/@pphreak313/vulncon-2024-ctf-internal-leaks-0a7bf21bf96d?source=rss------bug_bounty-5Shlok Kctf-writeup, ctf, ctf-walkthrough, vulncon, bug-bounty19-May-2024
A basic Android Pentest Lab Setuphttps://medium.com/@majix_de/a-basic-android-pentest-lab-setup-e601c22c71ae?source=rss------bug_bounty-5Majixsetup-guide, android, pentest, bug-bounty, pentesting19-May-2024
22.5 Lab: JWT authentication bypass via jku header injectionhttps://cyberw1ng.medium.com/22-5-lab-jwt-authentication-bypass-via-jku-header-injection-1ec5032245b3?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, hacking, bug-bounty, careers19-May-2024
22.6 Lab: JWT authentication bypass via kid header path traversalhttps://cyberw1ng.medium.com/22-6-lab-jwt-authentication-bypass-via-kid-header-path-traversal-3f4392547f7d?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, hacking, careers19-May-2024
First bug on VDP programhttps://medium.com/@devMRT/first-bug-on-vdp-program-0f9e0baf43c7?source=rss------bug_bounty-5devMRTbug-bounty, bugbounty-writeup, bug-bounty-tips19-May-2024
HOW I HACKED INTO HARVARD UNIVERSITY’S DIGITAL INFRASTRUCTURE -Cycus Pectushttps://medium.com/@pectuscycus/how-i-hacked-into-harvard-universitys-digital-infrastructure-cycus-pectus-5d5e65e74a61?source=rss------bug_bounty-5Cycus Pectushacking, cybersecurity, bug-bounty-tips, ethical-hacking, bug-bounty18-May-2024
Mastering Network Scanning: Exploring Essential Nmap Commands (Part -2) :-https://medium.com/@shaikhwasim8120/mastering-network-scanning-exploring-essential-nmap-commands-part-2-9d24e2291fb6?source=rss------bug_bounty-5Wasim Shaikhcybersecurity, ethical-hacking, nmap-command, bug-bounty, penetration-testing18-May-2024
Mastering Network Scanning: Exploring Essential Nmap Commands :-https://medium.com/@shaikhwasim8120/mastering-network-scanning-exploring-essential-nmap-commands-3843f01e419e?source=rss------bug_bounty-5Wasim Shaikhcybersecurity, bug-bounty, nmap-command, penetration-testing, ethical-hacking18-May-2024
22.4 Lab: JWT authentication bypass via jwk header injectionhttps://cyberw1ng.medium.com/22-4-lab-jwt-authentication-bypass-via-jwk-header-injection-0bddcdbb2f31?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, hacking, cybersecurity, careers18-May-2024
Analyzing JavaScript Files To Find Bugshttps://rajput623929.medium.com/analyzing-javascript-files-to-find-bugs-2b7d67a52c4e?source=rss------bug_bounty-5Mr.Horbiobug-bounty, hacking, bug-bounty-tips, cybersecurity, ethical-hacking18-May-2024
Interesting .DS_Store finding worth $$$https://medium.com/@akrachliy/interesting-ds-store-finding-worth-6ee7cc46458d?source=rss------bug_bounty-5Yassine Akrachlibug-bounty, hacking, ethical-hacking, python, enumeration18-May-2024
Pay 0$, Get ∞ books!https://medium.com/@karimelsayed0x1/pay-0-get-books-0e093a5eb0de?source=rss------bug_bounty-5z3r0xkpenetration-testing, cybersecurity, bug-bounty, bussines-logic, vulnerability18-May-2024
Found Bug: Cross-Site Scripting (XSS) in Laravel Debug Mode !!https://medium.com/@p.ra.dee.p_0xx01/found-bug-cross-site-scripting-xss-in-laravel-debug-mode-a91939284541?source=rss------bug_bounty-5Professor0xx01bug-bounty, information-security, laravel-framework, xss-attack, web-security18-May-2024
My 6 Month bug hunting journey, what to expect.https://medium.com/@tom.sh/my-6-month-bug-hunting-journey-what-to-expect-be7532e187d4?source=rss------bug_bounty-5Tomopinion, bug-bounty, bpp, hacking18-May-2024
Top 50 Ports & Vulnerabilityhttps://medium.com/@logicTech/top-50-ports-vulnerability-572de4274305?source=rss------bug_bounty-5LogicTechbug-bounty, osint, networking, vulnerability, hacking18-May-2024
Broken Object Level Authorization — BOLA (ex crAPI)https://medium.com/@amaraltohami30/broken-object-level-authorization-bola-ex-crapi-e5a0d30eed2b?source=rss------bug_bounty-5Ammar Ahmedpentesting, api, cybersecurity, hacking, bug-bounty18-May-2024
How a Single Parameter Led to Two ATO Caseshttps://cametom006.medium.com/how-a-single-parameter-led-to-two-ato-cases-c3cf2f4d00c2?source=rss------bug_bounty-5Fahad Faisalbug-bounty, hackerone, bug-bounty-tips, twitter18-May-2024
CVE-2023–52424: The WiFi SSID Confusion Attack Explainedhttps://infosecwriteups.com/cve-2023-52424-the-wifi-ssid-confusion-attack-explained-26e43f5cff40?source=rss------bug_bounty-5ElNiakwifi, bug-bounty, technology, cybersecurity, penetration-testing17-May-2024
The Hacker’s Mind -Recon Mind maphttps://medium.com/@tamhacker1/the-hackers-mind-recon-mind-map-39d14e3750fb?source=rss------bug_bounty-5Tahir Mujawarbug-bounty-writeup, mindmap, ethical-hacking, bug-bounty, cybersecurity17-May-2024
Simple Tips for Bug Bounty Beginners: Finding PII Vulnerabilitieshttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-pii-vulnerabilities-3db5a7151dd4?source=rss------bug_bounty-5Anish Narayanbug-bounty-writeup, bug-bounty, bug-bounty-hunting, cybersecurity, bug-bounty-tips17-May-2024
How I found my first mistake Or why you shouldn’t overlook the obvious.https://medium.com/@nagavicyn2/how-i-found-my-first-mistake-or-why-you-shouldnt-overlook-the-obvious-1f1d443afa6b?source=rss------bug_bounty-5Jioninbug-bounty, wordpress, first-bug, pentesting, cve17-May-2024
22.3 Lab: JWT authentication bypass via weak signing keyhttps://cyberw1ng.medium.com/22-3-lab-jwt-authentication-bypass-via-weak-signing-key-f49138b16441?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity17-May-2024
How to Know If Your Android Device Has Been Hacked and What to Do About Ithttps://rajput623929.medium.com/how-to-know-if-your-android-device-has-been-hacked-and-what-to-do-about-it-740ea5a18b9c?source=rss------bug_bounty-5Mr.Horbiohacking, phone-hacking, bug-bounty, cybersecurity, ethical-hacking17-May-2024
A Story of Zero-click complete Account Takeoverhttps://medium.com/@shravanisheshasai/a-story-of-zero-click-complete-account-takeover-650784c2d229?source=rss------bug_bounty-5Shravani_kbvulnerability, web-vulnerabilities, hacking, bug-bounty, ethical-hacking17-May-2024
Breaking Barriers: A Personal Journey Through the World of Bug Bounty Huntinghttps://medium.com/@un1tycyb3r/breaking-barriers-a-personal-journey-through-the-world-of-bug-bounty-hunting-a30331db12fa?source=rss------bug_bounty-5Un1tycyb3rbug-bounty16-May-2024
How to Create a Cloud Lab for Anonymous Bug Bounty Huntinghttps://medium.com/@paritoshblogs/how-to-create-a-cloud-lab-for-anonymous-bug-bounty-hunting-e80ed3a68d8c?source=rss------bug_bounty-5Paritoshcloud, hacking, ai, cybersecurity, bug-bounty16-May-2024
Discovery Worth $$$ in KYC Verification Feature : Bug Bountyhttps://medium.com/@srishavinkumar/unveiling-a-surprising-bug-in-kyc-verification-the-discovery-worth-a82f3282b033?source=rss------bug_bounty-5Sri Shavin Kumarbug-bounty-writeup, bug-bounty, infosec-write-ups, ethical-hacking, cybersecurity16-May-2024
Account takeover with a sad endinghttps://imwaiting18.medium.com/account-takeover-with-a-sad-ending-31ab82f09a5b?source=rss------bug_bounty-5imwaiting18bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips16-May-2024
Vulnerable WordPress April 2024 (Arasbaran)https://medium.com/@onhexgroup/vulnerable-wordpress-april-2024-arasbaran-e9ae2acb8898?source=rss------bug_bounty-5Onhexgroupwordpress, infosec, web-security, bug-bounty, nuclei-template16-May-2024
21.5 Lab: Stealing OAuth access tokens via an open redirect | 2024https://cyberw1ng.medium.com/21-5-lab-stealing-oauth-access-tokens-via-an-open-redirect-2024-88c3679cf0a3?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, penetration-testing, cybersecurity16-May-2024
Reflected XSS via Cache Poisoninghttps://medium.com/@majix_de/reflected-xss-via-cache-poisoning-5f57317b7c71?source=rss------bug_bounty-5Majixpenetration-testing, cache-poisoning, xs, bug-bounty, hacking16-May-2024
Reflected XSS to Account Takeoverhttps://medium.com/@majix_de/reflected-xss-to-account-takeover-0fc429be34e8?source=rss------bug_bounty-5Majixxs, account-takeover, bug-bounty, hacking, penetration-testing16-May-2024
How I got Critical IDOR in one of India’s Best Known Food Delivery Websitehttps://medium.com/@bajajkrrish11/how-i-got-critical-idor-in-one-of-indias-best-known-food-delivery-website-5349c521e44b?source=rss------bug_bounty-5Krrish Bajajbug-bounty-tips, bug-bounty-writeup, bug-bounty-program, bug-bounty, medium16-May-2024
How I Hacked One of These Big Companies (JS files analysis)https://l0da.medium.com/how-i-hacked-one-of-these-big-companies-js-files-analysis-7cf47372b642?source=rss------bug_bounty-5L0dabug-bounty, cybersecurity, hacking, penetration-testing, bug-bounty-tips16-May-2024
The Art of OSINT: Discovering Locations with Image Analysis and Aritifical Intelligence Toolshttps://medium.com/@enigma_/the-art-of-osint-discovering-locations-with-image-analysis-and-aritifical-intelligence-tools-820a4b74d426?source=rss------bug_bounty-5enigmahacking, osint, cybersecurity, bug-bounty, ai16-May-2024
How to execute a Proof of Concept (PoC) for any CVEshttps://medium.com/@CTRL2030/how-to-execute-a-proof-of-concept-poc-for-any-cves-e343cb528f2e?source=rss------bug_bounty-5CTRLsoc, penetration-testing, bug-bounty, cve, cybersecurity16-May-2024
Account takeover using Blind XSS?https://imwaiting18.medium.com/account-takeover-with-a-sad-ending-31ab82f09a5b?source=rss------bug_bounty-5imwaiting18bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips16-May-2024
Broken Access Control (IDOR) & Credential Leak at Legacy API Video Transcodehttps://medium.com/@blackarazi/broken-access-control-idor-credential-leak-at-legacy-api-video-transcode-9b5d729fb2d6?source=rss------bug_bounty-5Azhari Harahapbroken-access-control, api-security, application-security, bug-bounty, bug-bounty-writeup15-May-2024
CVE-2024–4761: Exploiting Chrome’s JavaScript Engine Highly Exploited (PoC presented)https://infosecwriteups.com/cve-2024-4761-exploiting-chromes-javascript-engine-highly-exploited-poc-presented-dcf9cab95c00?source=rss------bug_bounty-5ElNiakbug-bounty, google, penetration-testing, cybersecurity, javascript15-May-2024
How I Got My First Bounty: The Exciting Story of My Bug Bounty Breakthroughhttps://infosecwriteups.com/how-i-got-my-first-bounty-the-exciting-story-of-my-bug-bounty-breakthrough-d8391973ed41?source=rss------bug_bounty-5whit3ros3bug-bounty, graphql, bounty-program, hacking, bug-bounty-tips15-May-2024
Subdomain Takeover: What is It? How to Exploit? How to Find Them?https://medium.com/@dub-flow/subdomain-takeover-what-is-it-how-to-exploit-how-to-find-them-d2b6b82b155b?source=rss------bug_bounty-5Florian Walterbug-bounty, application-security, cybersecurity, penetration-testing, web-application-security15-May-2024
How I Was Able to Perform a Subdomain Takeover Attackhttps://medium.com/@karnrishabh25/subdomain-takeover-00d2c5599715?source=rss------bug_bounty-5Rishabh Karnbug-bounty, hacking, subdomain-takeover, bugs, attack15-May-2024
21.4 Lab: OAuth account hijacking via redirect_uri | 2024https://cyberw1ng.medium.com/21-4-lab-oauth-account-hijacking-via-redirect-uri-2024-4a8bfbb95d12?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, bug-bounty, hacking15-May-2024
Multiple Business Logic Errors in APPLE music/TV allowing bypass of parental controlshttps://medium.com/@sam0-0/multiple-business-logic-errors-in-apple-music-tv-allowing-bypass-of-parental-controls-0d870d4870c5?source=rss------bug_bounty-5Samapple, infosec, bug-bounty15-May-2024
Gaining Control: How Response Manipulation Leads to Higher Privileges (PoC)https://medium.com/@mrmaulik191/gaining-control-how-response-manipulation-leads-to-higher-privileges-394bdf5f552b?source=rss------bug_bounty-5Mr.MGcybersecurity-research, cybersecurity, privilege-escalation, bug-hunting, bug-bounty15-May-2024
A Arte de Explorar SQL Injection: Uma abordagem profundahttps://medium.com/@davidkarpinski1/sql-injection-masterclass-d68f65cd71ae?source=rss------bug_bounty-5David Eduardo Karpinskibug-bounty, hacking, sql, mysql, sql-injection15-May-2024
5 bugs in one program $$$https://el-cezeri.medium.com/5-bugs-in-one-program-80b550c06a67?source=rss------bug_bounty-5Samet Yiğitödülavcılığı, bug-bounty-tips, bug-bounty15-May-2024
XSS via HTML Injection in Chatbothttps://medium.com/@nidishms1999/xss-via-html-injection-in-chatbot-a24c4f25dc92?source=rss------bug_bounty-5Nidish Nkvapt, cybersecurity, bug-bounty15-May-2024
Why I want to become a bug bounty hunterhttps://medium.com/@riccilovesdogs/why-i-want-to-become-a-bug-bounty-hunter-135e4f584af6?source=rss------bug_bounty-5Riccibug-bounty, coding, make-money-online15-May-2024
XSS via HTML Injection in Chatbothttps://medium.com/@nidishms1999/xss-via-html-injection-in-chatbot-a24c4f25dc92?source=rss------bug_bounty-5Nidish Nkvapt, cybersecurity, hacking, bug-bounty15-May-2024
Walk Through of Bepractical.tech lab #2https://medium.com/@ross.jubert/walk-through-of-bepractical-tech-lab-2-bef06b00ccfc?source=rss------bug_bounty-5Ross Jubertethical-hacking, cybersecurity, bug-bounty, red-team, ethical-hacking-training14-May-2024
XSS on TikTokhttps://19whoami19.medium.com/xss-on-tiktok-d2aa209c746d?source=rss------bug_bounty-5WHO AM I ?bug-bounty-tips, cross-site-scripting, cybersecurity, bug-bounty, xss-attack14-May-2024
An Email Authentication Bypass, But Marked as N/A in NASA domainhttps://medium.com/@Ajakcybersecurity/an-email-authentication-bypass-but-marked-as-n-a-in-nasa-domain-a47977aed8bd?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, penetration-testing, cybersecurity, hacking, bug-bounty14-May-2024
An easy way to find bugs: Enter wrong datahttps://systemweakness.com/an-easy-way-to-find-bugs-enter-wrong-data-0765ed4e9afd?source=rss------bug_bounty-5Nasrinaudit, web-app-security, pentesting, bug-bounty14-May-2024
21.3 Lab: SSRF via OpenID dynamic client registration | 2024https://cyberw1ng.medium.com/21-3-lab-ssrf-via-openid-dynamic-client-registration-2024-c9ffd445e438?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity14-May-2024
JNDI Injection — The Complete Storyhttps://infosecwriteups.com/jndi-injection-the-complete-story-4c5bfbb3f6e1?source=rss------bug_bounty-5Pradeep Kumarjava, pentesting, bug-bounty, jndi, web-penetration-testing14-May-2024
Root user account takeover via SQL Injectionhttps://medium.com/@stopvvar/root-user-account-takeover-via-sql-injection-5c21a6091d4c?source=rss------bug_bounty-5SWsql-injection, hacking, bug-bounty, infose, sql-server13-May-2024
RCE Through Account Takeoverhttps://medium.com/@iamrajchavan/rce-through-account-takeover-10a938a241d9?source=rss------bug_bounty-5Rajdip Chavansecurity, vapt, bug-bounty, web-application-security13-May-2024
Root user account takeover via SQL Injectionhttps://infosecwriteups.com/root-user-account-takeover-via-sql-injection-5c21a6091d4c?source=rss------bug_bounty-5SWsql-injection, hacking, bug-bounty, infose, sql-server13-May-2024
Story of Hall of Fame in Red Hat Linuxhttps://medium.com/@hritombhattacharya029/story-of-hall-of-fame-in-red-hat-linux-e267b9f22d06?source=rss------bug_bounty-5Hritom Bhattacharyaredhat-linux, xss-vulnerability, bug-bounty, hall-of-fame, hacking13-May-2024
Unintended File Downloads in Remote Desktop Environments: A Security Vulnerabilityhttps://medium.com/@Wolverineisstillalive/unintended-file-downloads-in-remote-desktop-environments-a-security-vulnerability-04114297665a?source=rss------bug_bounty-5Sharkbug-bounty, cybersecurity, microsoft, red-team, pentesting13-May-2024
Week 1https://medium.com/@fulltimebughunter/week-1-bad3f3f9e214?source=rss------bug_bounty-5.bugs, bug-bounty-tips, infosec, bug-bounty, infosec-write-ups13-May-2024
21.2 Lab: Forced OAuth profile linking | 2024https://cyberw1ng.medium.com/21-2-lab-forced-oauth-profile-linking-2024-e625dcfc319b?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, hacking, cybersecurity13-May-2024
$350 bounty: How I Got It | Broken linked Hijackedhttps://deepseng.medium.com/350-bounty-how-i-got-it-broken-linked-hijacked-3e72511e2571?source=rss------bug_bounty-5Deep SenGuptacybersecurity, bug-bounty, broken-link-hijacking13-May-2024
How To Find And Test S3 Buckets For Bug Bountyhttps://medium.com/@dante.falls/how-to-find-and-test-s3-buckets-for-bug-bounty-b91166f9b4e0?source=rss------bug_bounty-5Dante Fallsaws, amazon-web-services, bug-bounty, cybersecurity, cloud-services13-May-2024
Broken Access Control leads to Take Admin Rolehttps://0xebn-taimia.medium.com/broken-access-control-leads-to-take-admin-role-920e46d496b9?source=rss------bug_bounty-50xEbn-Taimiapenetration-testing, bug-bounty-tips, cybersecurity, bug-bounty, hunting13-May-2024
403 Jump: HTTP 403 Bypass toolhttps://medium.com/@anzeemashib/403-jump-http-403-bypass-tool-8b17204110d9?source=rss------bug_bounty-5Itsmeanzeemtools, bug-bounty, 403-forbidden, penetration-testing, cybersecurity13-May-2024
How I Found My First RCE !https://mchklt.medium.com/how-i-found-my-first-rce-f80073626fff?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAapache, cyberattack, cybersecurity, bug-bounty, hacking13-May-2024
Hundreds of companies’ internal data exposed — Part 2: The FreshService misconfigurationhttps://infosecwriteups.com/hundreds-of-companies-internal-data-exposed-part-2-the-freshservice-misconfiguration-a9432c0b5dc8?source=rss------bug_bounty-5Mohammed Moiz Pashabug-bounty, security, hacking, vulnerability, ethical-hacking13-May-2024
$350 bounty: How I Got It | Broken linked Hijackedhttps://deepseng.medium.com/350-bounty-how-i-got-it-broken-linked-hijacked-31bfbc15ac0e?source=rss------bug_bounty-5Deep SenGuptabroken-link-hijacking, cybersecurity, bug-bounty, burpsuite13-May-2024
How I found a IDOR at Monitor Mozilla ?https://medium.com/@abnid312/how-i-found-a-idor-at-monitor-mozilla-313fc6c52f25?source=rss------bug_bounty-5ryujinxbug-bounty, bug-hunter, information-technology, info-sec-writeups, hackerone13-May-2024
ZoneTransfer — ./Hopehttps://ezecias.medium.com/zonetransfer-hope-6261d5c7ac0a?source=rss------bug_bounty-5Ezeciasbug-bounty-tips, tools, bug-bounty13-May-2024
How I Found My First RCE !https://mchklt.medium.com/how-i-found-my-first-rce-f80073626fff?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAapache, cyberattack, cybersecurity, bug-bounty, hacking13-May-2024
A simple file upload bypass causing XSS attackhttps://medium.com/@xiaodongsec/a-simple-file-upload-bypass-causing-xss-attack-6cbbb4c42070?source=rss------bug_bounty-5Xiaodongxss-attack, bypass, vulnerability, bug-bounty, hacker12-May-2024
Read Code Like a Hacker With SASThttps://medium.com/@matejsmycka/read-code-like-a-hacker-with-sast-28dab6506e45?source=rss------bug_bounty-5Matejsmyckabug-bounty, static-code-analysis, testing, ethical-hacking, hacking12-May-2024
How I Found PII Disclosure of Users & PHPInfo() Page :: #NCIIPC #RVDPhttps://medium.com/@p.ra.dee.p_0xx01/how-i-found-pii-disclosure-of-users-phpinfo-page-nciipc-rvdp-58bec4ba27da?source=rss------bug_bounty-5Professor0xx01security, ethical-hacking, infosec, cybersecurity, bug-bounty12-May-2024
24.15 Lab: HTTP request smuggling, obfuscating the TE header | 2024https://cyberw1ng.medium.com/24-15-lab-http-request-smuggling-obfuscating-the-te-header-2024-efdbc0698848?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, cybersecurity, hacking, careers12-May-2024
Hacking more than 130 000 car worldwide in 5 minuteshttps://ahmadmansourr.medium.com/hacking-more-than-130-000-car-worldwide-in-5-minutes-766e76003c67?source=rss------bug_bounty-5Ahmad Mansourbug-bounty, bug-bounty-tips, cybersecurity, pentesting12-May-2024
16 Times Forced Browsing Leads to Authentication bypass [ 300$ Bounty ]https://medium.com/@jav333d/16-times-forced-browsing-leads-to-authentication-bypass-300-bounty-efc8bd52d310?source=rss------bug_bounty-5Javeed.skauthentication-bypass, bugs, ethical-hacking, bug-bounty-tips, bug-bounty12-May-2024
Breaking Down DOM-based XSS: A Practical Explorationhttps://medium.com/@osamaavvan/breaking-down-dom-based-xss-a-practical-exploration-929d44f10906?source=rss------bug_bounty-5Osama Avvanxss-attack, dom-xss, bug-bounty, cybersecurity, javascript11-May-2024
My LLM Bug Bounty Journey on Hugging Face Hub via Protect AIhttps://infosecwriteups.com/my-llm-bug-bounty-journey-on-hugging-face-hub-via-protect-ai-9f3a1bc72c2e?source=rss------bug_bounty-5Peng Zhouprotect-ai, hugging-face, bug-bounty, llm-security, ai-security11-May-2024
NMAP Command Optionshttps://medium.com/@sherlock297/nmap-command-options-114b7582b993?source=rss------bug_bounty-5Ravindra Dagalenmap, commands, information-security, bug-bounty, vulnerability11-May-2024
#2. Bug Bounty POC: Time-Based SQL Injection to Dump Databasehttps://cyb3rmind.medium.com/2-bug-bounty-poc-time-based-sql-injection-to-dump-database-f8cfa089f393?source=rss------bug_bounty-5Cyb3r M!ndssqli, hacking, pentesting, bug-bounty, sql-injection11-May-2024
24.14 Lab: HTTP request smuggling, basic TE.CL vulnerability | 2024https://cyberw1ng.medium.com/24-14-lab-http-request-smuggling-basic-te-cl-vulnerability-2024-f0159b2569d0?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, cybersecurity, bug-bounty11-May-2024
Exploiting Acunetix Vulnweb SQL Injectionhttps://medium.com/@davidkarpinski1/exploiting-acunetix-vulnweb-sql-injection-5fa5c24b2466?source=rss------bug_bounty-5David Eduardo Karpinskisql, hacking, mysql, bug-bounty, sql-injection11-May-2024
Unveiling an Account Takeover Vulnerability in a Leading Automobile Brandhttps://medium.com/@anekantsinghai/unveiling-an-account-takeover-vulnerability-in-a-leading-automobile-brand-aa41a4e94bfb?source=rss------bug_bounty-5Anekant Singhai Jaininfosec, hacking, bug-bounty, cybersecurity, bug-bounty-tips11-May-2024
دي روود ماب علشان تبدا web pentesthttps://medium.com/@akaramany3/%D8%AF%D9%8A-%D8%B1%D9%88%D9%88%D8%AF-%D9%85%D8%A7%D8%A8-%D8%B9%D9%84%D8%B4%D8%A7%D9%86-%D8%AA%D8%A8%D8%AF%D8%A7-web-pentest-91ea9560dbf6?source=rss------bug_bounty-509x99python, cybersecurity, bug-bounty, web-development, javascript11-May-2024
Mastering Subdomain Takeovershttps://tanishqshahsays.medium.com/mastering-subdomain-takeovers-c9a531fe5d3b?source=rss------bug_bounty-5Tanishq Sachin Shahbug-bounty, bugs, vulnerability, subdomain, cybersecurity11-May-2024
Linux Privilege Escalation — Capstone Challenge | TryHackMehttps://medium.com/@NoOne./linux-privilege-escalation-capstone-challenge-tryhackme-e69c798204bc?source=rss------bug_bounty-5Asim Anwarhacking, privilege-escalation, linux, bug-bounty, tryhackme11-May-2024
4 XSSs With A Simple & Optimized Payloadhttps://levelup.gitconnected.com/4-xsss-with-a-simple-optimized-payload-900753538e90?source=rss------bug_bounty-5Hamza Avvanethical-hacking, xss-uppercase-bypass, bug-bounty, xss-attack, cybersecurity11-May-2024
My Hunt: Discovering Microsoft Bugshttps://infosecwriteups.com/my-hunt-discovering-microsoft-bugs-f6a9c790bec0?source=rss------bug_bounty-5c0d3x27microsoft, hacking, bug-bounty, software-development, cybersecurity11-May-2024
Today I am going to walk through bepractical.techhttps://medium.com/@ross.jubert/today-i-am-going-to-walk-through-bepractical-tech-c15e1df8aa06?source=rss------bug_bounty-5Ross Jubertcybersecurity, bug-bounty, ethical-hacking, account-takeover, account-takeover-attacks11-May-2024
Exploiting Acunetix Vulnweb SQL Injectionhttps://systemweakness.com/exploiting-acunetix-vulnweb-sql-injection-5fa5c24b2466?source=rss------bug_bounty-5David Eduardo Karpinskisql, hacking, mysql, bug-bounty, sql-injection11-May-2024
IDOR and Missing Authorization leads to free contenthttps://medium.com/@enigma_/idor-and-missing-authorization-leads-to-free-content-b12037a887a0?source=rss------bug_bounty-5enigmacybersecurity, hacking, idor, oscp, bug-bounty10-May-2024
How I Discovered a CVE by Scanning Open Source Repositorieshttps://infosecwriteups.com/how-i-discovered-a-cve-by-scanning-open-source-repositories-a5922d21b797?source=rss------bug_bounty-5Scott Lindhbug-bounty, xss-attack, open-source, application-security, hacking10-May-2024
CSRF Bypass Combined with IDOR To Complete Account Takeover!https://medium.com/@ozomarzu/csrf-bypass-combined-with-idor-to-complete-account-takeover-f4995c5946d3?source=rss------bug_bounty-5CyberOzcybersecurity, idor, bug-bounty-writeup, bug-bounty-tips, bug-bounty10-May-2024
24.13 Lab: HTTP request smuggling, basic CL.TE vulnerability | 2024https://cyberw1ng.medium.com/24-13-lab-http-request-smuggling-basic-cl-te-vulnerability-2024-862e743cb078?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, bug-bounty, cybersecurity10-May-2024
A Strange Tale of Email Verification Bypasshttps://medium.com/@Arioex/a-strange-tale-of-email-verification-bypass-5eda231d14d8?source=rss------bug_bounty-5Huntsmanbug-bounty-writeup, cybersecurity, vulnerability, bug-bounty, hacking10-May-2024
Linux Privilege Escalation | TryHackMe — Part 2https://medium.com/@NoOne./linux-privilege-escalation-tryhackme-part-2-9a4cddba01ab?source=rss------bug_bounty-5Asim Anwarbug-bounty, tryhackme, linux, privilege-escalation, hacking10-May-2024
From Novice to Ninja: Unraveling Bug Bounty Beginnings through Cache Poisoninghttps://cametom006.medium.com/from-novice-to-ninja-unraveling-bug-bounty-beginnings-through-cache-poisoning-40de3f8fd211?source=rss------bug_bounty-5Fahad Faisalhackerone, bug-bounty, security, bug-bounty-tips10-May-2024
Database Info Disclose by Client-Side DOShttps://starlox.medium.com/database-info-disclose-by-client-side-dos-7fb25a26fae8?source=rss------bug_bounty-5#$ubh@nk@rdos-attack, infosec, hacking, bug-bounty10-May-2024
Inside the Life of a Full-Time Bug Hunter: Weekly Insights and Goalshttps://medium.com/@fulltimebughunter/inside-the-life-of-a-full-time-bug-hunter-weekly-insights-and-goals-6da07694fb0d?source=rss------bug_bounty-5.cybersecurity, bug-bounty, bug-bounty-tips, infosec, hacking09-May-2024
XSS | Here’s how I got my first bountyhttps://medium.com/@sM0ky4/xss-heres-how-i-got-my-first-bounty-4f64785fe6f8?source=rss------bug_bounty-5sM0ky4bug-bounty-writeup, bug-bounty, xss-vulnerability, xss-attack, first-post09-May-2024
idor affects all usershttps://medium.com/@mohamadfadelababede/how-are-you-my-friends-d60c44c29da0?source=rss------bug_bounty-5Mohamad Fade Lababedebug-bounty09-May-2024
24.12 Lab: CL.0 request smuggling | 2024https://cyberw1ng.medium.com/24-12-lab-cl-0-request-smuggling-2024-5b480979e285?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking09-May-2024
idor affects all usershttps://medium.com/@mohamadfadelababede/idor-affects-all-users-d3f3f12a11c2?source=rss------bug_bounty-5Mohamad Fade Lababedebug-bounty09-May-2024
HOW I FOUND MY FIRST BUGhttps://medium.com/@irenevenunye55/how-i-found-my-first-bug-7d66915a3fbb?source=rss------bug_bounty-5Irene Venunyebug-bounty, bug-bounty-hunting, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program09-May-2024
Fingerprinting♨♨: Identifying Technologies Of Our Target.https://hacktivistattacker.medium.com/fingerprinting-identifying-technologies-of-our-target-d3b0c021da0f?source=rss------bug_bounty-5Hacktivist-Attackerfingerprinting, fingerprint-system, bug-bounty, penetration-test, reconnaissance09-May-2024
Linux Privilege Escalation | TryHackMe — Part 1https://medium.com/@NoOne./linux-privilege-escalation-tryhackme-part-1-f0ae442e6864?source=rss------bug_bounty-5Asim Anwarbug-bounty, hacking, tryhackme, privilege-escalation, linux09-May-2024
How I Found XSS In Another Govt. Site :: NCIIPC VDP !!https://medium.com/@p.ra.dee.p_0xx01/how-i-found-xss-in-another-govt-site-nciipc-vdp-84d78c0319c2?source=rss------bug_bounty-5Professor0xx01infosec, security, information-security, bug-bounty, security-research09-May-2024
An easy bounty using fuzzinghttps://medium.com/@xnum.1/an-easy-bounty-using-fuzzing-d602ad06f562?source=rss------bug_bounty-5Ahmed Tarekbug-bounty, hacking, penteration-testing, fuzzing, pentesting09-May-2024
Exploiting JWT Token Leads To IDORhttps://medium.com/@Ajakcybersecurity/exploiting-jwt-token-leads-to-idor-ec48cb8888bb?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, hacking, cybersecurity, ethical-hacking, bug-bounty09-May-2024
Simple bug on Indian government website | Govt. bug huntinghttps://medium.com/@sidharthpanda1/simple-bug-on-indian-government-website-govt-bug-hunting-0522af40a6ff?source=rss------bug_bounty-5SIDHARTH PANDAbug-bounty, government, indian, hacking, bug-bounty-tips08-May-2024
ETHICAL AND LEGAL ASPECTS OF BUG HUNTING: RESPONSIBLE DISCLOSURE, SCOPE, NDA AND OTHERShttps://medium.com/@Progsky/ethical-and-legal-aspects-of-bug-hunting-responsible-disclosure-scope-nda-and-others-4832b13a1622?source=rss------bug_bounty-5Progskydocumentation, bug-bounty, contracts, ethical-hacking08-May-2024
NCIIPC VDP Bug : Open Redirection Vulnerability In Govt. Site !!https://medium.com/@p.ra.dee.p_0xx01/nciipc-vdp-bug-open-redirection-vulnerability-in-govt-site-b048860f5d2d?source=rss------bug_bounty-5Professor0xx01bug-bounty, security, vulnerability, information-security, infosec08-May-2024
Revealing a Critical Vulnerability: The Price Manipulation Flawhttps://medium.com/@pawarpushpak36/revealing-a-critical-vulnerability-the-price-manipulation-flaw-cfd640cacf46?source=rss------bug_bounty-5Pawarpushpakpenetration-testing, info-sec-writeups, pentesting, bug-zero, bug-bounty08-May-2024
Unlocking Bug Bounties: Your Comprehensive Guide to Getting Startedhttps://medium.com/@sachin.hack/unlocking-bug-bounties-your-comprehensive-guide-to-getting-started-427a51d7e875?source=rss------bug_bounty-5Sachin Kumarfor-beginners, bug-bounty-tips, bug-bounty, cybersecurity, begineers08-May-2024
24.11 Lab: HTTP/2 request splitting via CRLF injection |2024https://cyberw1ng.medium.com/24-11-lab-http-2-request-splitting-via-crlf-injection-2024-ddb2adaf0cce?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, careers, penetration-testing08-May-2024
Hack Any Browser With One Linkhttps://medium.com/@vishalchaudharydevsec/hack-any-browser-with-one-link-8d890b804627?source=rss------bug_bounty-5Vishal Chaudharysecurity, hacking, cybersecurity, beef, bug-bounty08-May-2024
Exposed Key In Page Source Led To Bypass Captchahttps://medium.com/@mohanad.hussam23/exposed-key-in-page-source-led-to-bypass-captcha-add64f8d133b?source=rss------bug_bounty-5Muhanad Israiwihacking, captcha, bug-bounty, bugs, penetration-testing08-May-2024
Writing your First Nuclei Templatehttps://medium.com/@technolifts/writing-your-first-nuclei-template-f88575635ea8?source=rss------bug_bounty-5TechnoLiftsnucleus, nuclei-template, cybersecurity, offensive-security, bug-bounty08-May-2024
XSS vulnerability caused by modifying the Content-Typehttps://medium.com/@xiaodongsec/xss-vulnerability-caused-by-modifying-the-content-type-5118e2d02286?source=rss------bug_bounty-5Xiaodongvulnerability, xss-attack, money, bug-bounty, hacker08-May-2024
Modify the request path to bypass upload restrictions, leading to an XSS vulnerability.https://medium.com/@xiaodongsec/modify-the-request-path-to-bypass-upload-restrictions-leading-to-an-xss-vulnerability-0610a893ff1a?source=rss------bug_bounty-5Xiaodongmoney, hacker, vulnerability, bug-bounty, xss-attack08-May-2024
An easily accomplished account takeoverhttps://medium.com/@xiaodongsec/an-easily-accomplished-account-takeover-cc2fd1c287ec?source=rss------bug_bounty-5Xiaodongbug-bounty, hacker, china, money, vulnerability07-May-2024
Title: Understanding Vertical Privilege Escalation in Cybersecurityhttps://alvinbijo.medium.com/title-understanding-vertical-privilege-escalation-in-cybersecurity-2a12c42f8d83?source=rss------bug_bounty-5Alvin bijobug-bounty07-May-2024
24.10 Lab: HTTP/2 request smuggling via CRLF injection | 2024https://cyberw1ng.medium.com/24-10-lab-http-2-request-smuggling-via-crlf-injection-2024-8970aa222b46?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, bug-bounty, penetration-testing, careers07-May-2024
Securitydegen.com Feature Update!https://medium.com/@bugbountydegen/securitydegen-com-feature-update-d0bda8b236c0?source=rss------bug_bounty-5Bug Bounty Degenvulnerability, web3, blockchain-security-audit, bug-bounty, smart-contracts07-May-2024
A Thrilling Dive into Cloud Penetration Testinghttps://adipsharif.medium.com/a-thrilling-dive-into-cloud-penetration-testing-fc88855f7f15?source=rss------bug_bounty-5ADIPbug-bounty, information-security, cloud, info-sec-writeups, penetration-testing07-May-2024
Threat Modeling for OAuth 2.0 Authorization Frameworkhttps://medium.com/@jayeshkunwal/threat-modeling-for-oauth-2-0-authorization-framework-fcab66226fd7?source=rss------bug_bounty-5Jayesh kunwalthreat-modeling, bug-bounty, oauth, cybersecurity, vapt07-May-2024
How I got $250 for IDOR via Business Logic Errorhttps://medium.com/@aryamanav.028/how-i-got-250-for-idor-via-business-logic-error-f3ba502baa5e?source=rss------bug_bounty-5Manav Aryacybersecurity, information-security, vulnerability, bug-bounty, bugcrowd07-May-2024
Athena TryHackMe Walkthroughhttps://medium.com/@boogsta/athena-tryhackme-walkthrough-58eb432f0daa?source=rss------bug_bounty-5Boogstacybersecurity, bug-bounty, hacking, tryhackme, cyber07-May-2024
A Comprehensive Review of the Guided Hacking Forumhttps://medium.com/@yannik603/a-comprehensive-review-of-the-guided-hacking-forum-918231ab4f68?source=rss------bug_bounty-5Yannik Castroreverse-engineering, bug-bounty, games, ctf, hacking07-May-2024
IDN Bootcamp Bug Bounty : Langkah awal Menjadi Bug Hunterhttps://medium.com/@cornelius.yuli.r/idn-bootcamp-bug-bounty-langkah-awal-menjadi-bug-hunter-a1fce0850681?source=rss------bug_bounty-5Corneliusidn-bootcamp, bug-bounty06-May-2024
Crypto bounty program got me $500 — Rate Limit Bypasshttps://mo9khu93r.medium.com/crypto-bounty-program-got-me-500-rate-limit-bypass-d573f7b7d390?source=rss------bug_bounty-5mo9khu93rcryptocurrency, security, hacking, web3, bug-bounty06-May-2024
IDN Bootcamp Bug Bounty : Langkah awal Menjadi Bug Hunterhttps://cornelius-y.medium.com/idn-bootcamp-bug-bounty-langkah-awal-menjadi-bug-hunter-a1fce0850681?source=rss------bug_bounty-5Cornelius Yuliidn-bootcamp, bug-bounty06-May-2024
Bounty Beginnings: My First Bug Discoveryhttps://cyberojas.medium.com/bounty-beginnings-my-first-bug-discovery-c4fea0b0c5c3?source=rss------bug_bounty-5cyberOjasbug-bounty, vulnerability, bugcrowd06-May-2024
Web3 Bug Bounty V/S Smart Contract Auditinghttps://securrtech.medium.com/web3-bug-bounty-v-s-smart-contract-auditing-94207960469d?source=rss------bug_bounty-5Securrblockchain, smart-contract-auditing, bug-bounty, web3, web3-security06-May-2024
alasan ingin belajar bug bounty IDN bootcamphttps://medium.com/@ilhamsabana100/alasan-ingin-belajar-bug-bounty-idn-bootcamp-abf359e6a628?source=rss------bug_bounty-5Ilhamsabanabug-bounty06-May-2024
Blog mengenai saya sebagai syarat Bug Bounty IDN Bootcamphttps://medium.com/@081335097475a/blog-mengenai-saya-sebagai-syarat-bug-bounty-idn-bootcamp-ba3a6d8cdf36?source=rss------bug_bounty-5Mohamad Fachry Alicybersecurity, bug-bounty06-May-2024
Pengalaman saya dibidang CyberSecurityhttps://medium.com/@ahmadfauzyhafidz/pengalaman-saya-dibidang-cybersecurity-6919e17302d8?source=rss------bug_bounty-5Ahmad Fauzy Hafidzcoding, cybersecurity, bug-bounty, capture-the-flag06-May-2024
My Journey to Become a Bug Hunters | Bug Bounty IDN Bootcamphttps://wahyukiddies.medium.com/my-journey-to-become-a-bug-hunters-bug-bounty-idn-bootcamp-9cc04860c874?source=rss------bug_bounty-5Wahyu Priambodotechnology, bug-bounty, experience, cybersecurity, bootcamp06-May-2024
Bug bounty IDN Bootcamp: Perjalanan menjadi pentester dan bug hunterhttps://medium.com/@rizkiarifsaifudin/bug-bounty-idn-bootcamp-perjalanan-menjadi-pentester-dan-bug-hunter-bf4eee8b64f5?source=rss------bug_bounty-5Rizki Arif Saifudinprogramming, bug-bounty, linux, cybersecurity06-May-2024
Pengalaman Menemukan Celah Keamanan (Bug) Pada Sebuah Website (Prelude Bug Bounty IDN Bootcamp)https://medium.com/@nugrohoandyreza/pengalaman-menemukan-celah-keamanan-bug-pada-sebuah-website-prelude-bug-bounty-idn-bootcamp-7c4d6ad2af1f?source=rss------bug_bounty-5Andy R. Nugrohobug-bounty06-May-2024
Guide To Subdomain Takeovers: DNS Resolutions:-Vertical Recon.https://hacktivistattacker.medium.com/dns-resolutions-guide-to-subdomain-takeovers-vertical-recon-9da92433e973?source=rss------bug_bounty-5Hacktivist-Attackerreconnaissance, subdomain-takeover, penetration-testing, subdomain, bug-bounty06-May-2024
Network Infrastructure Reconhttps://medium.com/@davidkarpinski1/network-infrastructure-recon-3d5741eec73b?source=rss------bug_bounty-5David Eduardo Karpinskidns, hacking, networking, cybersecurity, bug-bounty06-May-2024
BugBountyTraining Lab: FastFoodHackings Part 1https://hoppp3r.medium.com/bugbountytraining-lab-fastfoodhackings-part-1-39a7b06fdef9?source=rss------bug_bounty-5Hoppp3rbug-bounty-writeup, bugbountytraining, fastfoodhackings, bug-bounty, bug-bounty-labs05-May-2024
Bug Bounty IDN Bootcamphttps://medium.com/@nurdin8/bug-bounty-idn-bootcamp-dffeeba84854?source=rss------bug_bounty-5Senudin Nurdinbug-bounty05-May-2024
‍ Hack Like a Pro: Precon’s Simple Subdomain Secretshttps://medium.com/@tamhacker1/hack-like-a-pro-precons-simple-subdomain-secrets-a87e5b741b0b?source=rss------bug_bounty-5Tamhackerethical-hacking, bug-bounty, hacker, hacking, cybersecurity05-May-2024
Exposing Information Of All Users “Email,Mobile Number ..etc”https://medium.com/@dr4040x00/exposing-information-of-all-users-email-mobile-number-etc-697c328e0584?source=rss------bug_bounty-5Dr404information-disclosure, web-pen-testing, bug-bounty, bug-bounty-tips05-May-2024
24.9 Lab: H2.CL request smuggling | 2024https://cyberw1ng.medium.com/24-9-lab-h2-cl-request-smuggling-2024-792b86db2c2a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, cybersecurity, hacking05-May-2024
An Impactful ‘No Rate Limiting’ Bughttps://medium.com/@duncanochieng682/an-impactful-no-rate-limiting-bug-29eb5158fd14?source=rss------bug_bounty-5JateloCybersecethical-hacking, web-app-security, bug-bounty, pentesting, bugs05-May-2024
Information gathering with OSINThttps://medium.com/@davidkarpinski1/information-gathering-with-osint-3b8af60a194d?source=rss------bug_bounty-5David Eduardo Karpinskihacking, osint, bug-bounty, cybersecurity, pentesting05-May-2024
JS-Snooper: Get More Bounty With Easy Bugshttps://aravind07.medium.com/js-snooper-get-more-bounty-with-easy-bugs-9d7b410f070e?source=rss------bug_bounty-5Gnana Aravind Kcybersecurity, infosec, bug-bounty, bug-bounty-tips, hacking05-May-2024
Proxying Web Traffic Via SSHhttps://medium.com/@mu.gl/proxying-web-traffic-via-ssh-f3cf09c35d46?source=rss------bug_bounty-5Mark El-Khourybug-bounty, ssh, pentesting, cybersecurity, infosec04-May-2024
LEARNING THE BUG BOUNTY PROGRAMhttps://medium.com/@basithrazaky/learning-the-bug-bounty-program-ffdfc54b3dee?source=rss------bug_bounty-5Ramadhani Basith Razakycapture-the-flag, bug-bounty, cybersecurity, linux, networking04-May-2024
24.8 Lab: Response queue poisoning via H2.TE request smuggling | 2024https://cyberw1ng.medium.com/24-8-lab-response-queue-poisoning-via-h2-te-request-smuggling-2024-33bdb4b56b0b?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, hacking, bug-bounty04-May-2024
# Certifcateshttps://medium.com/@scumdestroy/certifcates-f51eace48a7e?source=rss------bug_bounty-5penetration-testing, bug-bounty, recon, hacking, reconnaissance04-May-2024
Get Your First Award by Joining IDN Bootcamp Bug Bountyhttps://medium.com/@oktaa_/get-your-first-award-by-joining-idn-bootcamp-bug-bounty-7dd927ebe6b3?source=rss------bug_bounty-5oktabug-bounty, linux, network, penetration-testing, hacker04-May-2024
Alasan Kenapa Ingin Mengikuti “Bootcamp Bug Bounty IDN”https://medium.com/@naurayaffakamila/alasan-kenapa-ingin-mengikuti-bootcamp-bug-bounty-idn-2d4a5889518c?source=rss------bug_bounty-5Naursyy_bug-bounty, technology, cybersecurity04-May-2024
LEARNING BUG BOUNTY IDN BOOTCAMPhttps://medium.com/@basithrazaky/learning-the-bug-bounty-program-ffdfc54b3dee?source=rss------bug_bounty-5Ramadhani Basith Razakycapture-the-flag, bug-bounty, cybersecurity, linux, networking04-May-2024
24.7 Lab: Exploiting HTTP request smuggling to deliver reflected XSS | 2024https://cyberw1ng.medium.com/24-7-lab-exploiting-http-request-smuggling-to-deliver-reflected-xss-2024-334de5c0d400?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, cybersecurity, careers, hacking03-May-2024
Empire Breakout Vulnhub: WriteUp | Walkthrough | VulnHub CTF | Privilege Escalation Attack | Python…https://shamsulmehmood.medium.com/empire-breakout-vulnhub-writeup-walkthrough-vulnhub-ctf-privilege-escalation-attack-python-235087d3db54?source=rss------bug_bounty-5SHAMS UL MEHMOODcybersecurity, information-security, cyberattack, infosec, bug-bounty03-May-2024
Unleashing the Ethical Hacker Within: Cybersecurity Insights, Bug Bounty Tips, and the Art of…https://kd-200.medium.com/unleashing-the-ethical-hacker-within-cybersecurity-insights-bug-bounty-tips-and-the-art-of-2ebdb65a9ff3?source=rss------bug_bounty-5Nitin yadavtech, infosec, technology, bug-bounty, cybersecurity03-May-2024
3 easiest bugs that you can find right now [guarantied]https://medium.com/@deadoverflow/3-easiest-bugs-that-you-can-find-right-now-guarantied-71ef89efd1a7?source=rss------bug_bounty-5Imad Husanoviccybersecurity, hacking, bug-bounty-tips, programming, bug-bounty03-May-2024
Why and how to hide usernames on your WordPresss.https://medium.com/@izmir.suat/why-and-how-to-hide-usernames-on-your-wordpresss-b01320642838?source=rss------bug_bounty-5Izmir Suatwordpress, bug-bounty, information-security, pentest03-May-2024
XSS leads to HALL OF FAME on a French websitehttps://medium.com/@KaranMoudgil/xss-leads-to-hall-of-fame-on-a-french-website-95bd3a96ad24?source=rss------bug_bounty-5Karan Moudgilbug-bounty03-May-2024
Alasan saya ingin megikuti Bug Bounty IDN Bootcamphttps://wildan14ar.medium.com/alasan-saya-ingin-megikuti-bug-bounty-idn-bootcamp-339aa385b45b?source=rss------bug_bounty-5WILDAN ABDURRASYIDbootcamp, bug-bounty, idn, cybersecurity, sytem03-May-2024
How I bypassed OTP in unexpected wayhttps://medium.com/@ckachhadiya007/how-i-bypassed-otp-in-unexpected-way-2d4b478db512?source=rss------bug_bounty-5DEephacking, bug-bounty, red-team, cybersecurity, vulnerability03-May-2024
Real World GitLab Account Take Overhttps://medium.com/@red.whisperer/real-world-gitlab-account-take-over-b2e9896a1835?source=rss------bug_bounty-5Chuxhacking, cybersecurity, infosec, red-team, bug-bounty03-May-2024
IDOR lead to PII Disclosurehttps://medium.com/@karimelsayed0x1/idor-lead-to-pii-disclosure-121502394277?source=rss------bug_bounty-5z3r0xkidor, bug-bounty, web-security03-May-2024
How I Bypassed Rate limiting To Account Takeoverhttps://medium.com/@Ajakcybersecurity/how-i-bypassed-rate-limiting-to-account-takeover-1df722a527d5?source=rss------bug_bounty-5AjakCybersecurityhacking, cybersecurity, penetration-testing, bug-bounty, ethical-hacking03-May-2024
DNS Resolutions: Identifying Live Targets : Vertical RECON.https://hacktivistattacker.medium.com/dns-resolutions-identifying-live-targets-vertical-recon-2a2aed49bd6b?source=rss------bug_bounty-5Hacktivist-Attackerpenetration-testing, reconnaissance, bug-bounty, education, résolutions03-May-2024
what is RCE-[Remote code Execution]❓https://medium.com/@mmdesvand1386/what-is-rce-remote-code-execution-fee04264fe30?source=rss------bug_bounty-5mamadbug-bounty, website, security, cyber-security-website, social-security-website03-May-2024
Sql İnjection Nedir &Karşılaştığım Vakahttps://medium.com/@akostak/sql-i%CC%87njection-nedir-kar%C5%9F%C4%B1la%C5%9Ft%C4%B1%C4%9F%C4%B1m-vaka-708b17f5da9d?source=rss------bug_bounty-5Alibug-bounty-tips, bug-bounty, sql-injection, vulnerability, bugs03-May-2024
Bug Bounty IDhttps://medium.com/@nurdin8/bug-bounty-id-33c529b2cd1a?source=rss------bug_bounty-5Senudin Nurdinfree-course, linux, network, cyberse, bug-bounty02-May-2024
24.6 Lab: Exploiting HTTP request smuggling to capture other users requests | 2024https://cyberw1ng.medium.com/24-6-lab-exploiting-http-request-smuggling-to-capture-other-users-requests-2024-fd10d3b638bc?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, penetration-testing, careers02-May-2024
Langkah Awal Menuju Bug Bounty IDN BootCamphttps://medium.com/@caomaysss/langkah-awal-menuju-bug-bounty-idn-bootcamp-42bcc61ba7ef?source=rss------bug_bounty-5Caomaybug-bounty, xiaocaomay, idn, idn-network02-May-2024
Become a Bug Bounty hunter: Unveiling the Secrets to Success!https://adipsharif.medium.com/become-a-bug-bounty-hunter-unveiling-the-secrets-to-success-90dfab4c2832?source=rss------bug_bounty-5ADIPinfosec, bug-bounty-tips, info-sec-writeups, penetration-testing, bug-bounty02-May-2024
Google VRP Targets by Tierhttps://uprootsecurity.medium.com/google-vrp-targets-by-tier-c0679c27e545?source=rss------bug_bounty-5UprootSecurityinfosec, pentest, bug-bounty, cybersecurity, vapt02-May-2024
Alasan ingin belajar pada Bug Bounty IDN Bootcamphttps://medium.com/@putrantosurya38/alasan-ingin-belajar-bug-bounty-9f33d7d75161?source=rss------bug_bounty-5Putranto Suryacybersecurity, bug-bounty, bug-bounty-idn-bootcamp02-May-2024
How I Gained Account Access: Exploring the Risks of Password Reset Links in Cybersecurityhttps://kd-200.medium.com/how-i-gained-account-access-exploring-the-risks-of-password-reset-links-in-cybersecurity-5811e914c289?source=rss------bug_bounty-5Nitin yadavcybersecurity, bug-bounty, hacking, hackerone, technology02-May-2024
Mengapa bug bounty?https://medium.com/@rayyaramburambani11/mengapa-bug-bounty-0f77b824cc6c?source=rss------bug_bounty-5rayyanewbie, roboti̇k, bug-bounty-idn-bootcamp, bug-bounty02-May-2024
How i got admin panel without opening the targethttps://thesafdari.medium.com/how-i-got-admin-panel-without-opening-the-target-8ca4a2c219be?source=rss------bug_bounty-5Milad Safdari (TheSafdari)github, hacking, github-secret, bug-bounty, cybersecurity02-May-2024
Diving into the Depths: Unveiling Bug Bounty Adventures and Insights into Linux, Programming, and…https://medium.com/@mansorihack/diving-into-the-depths-unveiling-bug-bounty-adventures-and-insights-into-linux-programming-and-952cc8957dc0?source=rss------bug_bounty-5Mansorihacklinux, bug-bounty, pentesting02-May-2024
Bug Bounty IDN Bootcamp | By Ekyhttps://medium.com/@muhr6128/bug-bounty-idn-bootcamp-by-eky-7a65bc3f6844?source=rss------bug_bounty-5personcybersecurity, ethical-hacking, ctf, bug-bounty02-May-2024
Complex Attack Types: Sample Scenarios 3https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-3-bcd472d684cf?source=rss------bug_bounty-5Baris Dincercybersecurity, threat-intelligence, bug-bounty, penetration-testing, freedomofinternet02-May-2024
Real-World Example of Race Condition Exploits “adding Money”https://medium.com/@dr4040x00/real-world-example-of-race-condition-exploits-adding-money-c8fe62964067?source=rss------bug_bounty-5Dr404race-condition, web-penetration-testing, vulnerability, bug-bounty02-May-2024
#01: Path traversalhttps://medium.com/@karimelsayed0x1/01-path-traversal-0c52daffd26e?source=rss------bug_bounty-5z3r0xksource-code-review, path-traversal, web-security, nodejs, bug-bounty02-May-2024
My Journey to the Nokia Security Hall of Famehttps://mufazmi.medium.com/my-journey-to-the-nokia-security-hall-of-fame-4e9cf4d8b5e9?source=rss------bug_bounty-5Umair Farooquihof, bug-bounty, mufazmi, nokia-hall-of-fame, umair-farooqui01-May-2024
Harnessing the Power of Crowd-Sourced Securityhttps://medium.com/@paritoshblogs/harnessing-the-power-of-crowd-sourced-security-1326641d81b7?source=rss------bug_bounty-5Paritoshcybersecurity, information-technology, information-security, cloud-computing, bug-bounty01-May-2024
My First Verified Bug Bounty: Unmasking Flaws in University Web Appshttps://medium.com/@rafisyafrinaldi17/my-first-verified-bug-bounty-unmasking-flaws-in-university-web-apps-6c6b5fb1e8da?source=rss------bug_bounty-5Impeony | Rafivulnerability-assessment, cybersecurity, bug-bounty-writeup, bug-bounty01-May-2024
How I Bypass CSP that allow a iframe injection in a chat bot + HTML injection on emailshttps://medium.com/@jeetpal2007/how-i-bypass-csp-that-allow-a-iframe-injection-in-a-chat-bot-html-injection-on-emails-9d588aeef4c3?source=rss------bug_bounty-5JEETPALbug-bounty, htmli, bug-bounty-writeup, chatbotbugs, bug-bounty-tips01-May-2024
€150 Bounty: Chaining Vulns to fully Exploit CORS Misconfigurationhttps://r4v3n0r.medium.com/150-bounty-chaining-vulns-to-fully-exploit-cors-misconfiguration-521a0cd97316?source=rss------bug_bounty-5Fabian Cruzinformation-security, bug-bounty, infrastructure-security, cybersecurity, penetration-testing01-May-2024
How can I bypass the limit on the number of team membershttps://medium.com/@xiaodongsec/how-can-i-bypass-the-limit-on-the-number-of-team-members-c3dd56d265a0?source=rss------bug_bounty-5Xiaodongchina, vulnerability, money, bug-bounty, hacker01-May-2024
€400 Bounty: Unveiling a More Impactful CORS Misconfiguration Exploithttps://r4v3n0r.medium.com/400-bounty-unveiling-a-more-impactful-cors-misconfiguration-exploit-6db0a1b39bdc?source=rss------bug_bounty-5Fabian Cruzweb-security, bug-bounty, information-security, penetration-testing, cybersecurity01-May-2024
FortiClient Android Apphttps://medium.com/@3ed0x92/forticlient-android-app-958f942cb5b7?source=rss------bug_bounty-5Mohamed Eid Wahbybug-bounty, mobile-pentest, mobile-pentesting, penetration-testing, bug-bounty-tips01-May-2024
Partnering with fewerClicks- To Provide Robust Web3 Securityhttps://securrtech.medium.com/partnering-with-fewerclicks-to-provide-robust-web3-security-007328375783?source=rss------bug_bounty-5Securrsmart-contract-auditing, bug-bounty, pentesting, web301-May-2024
1500$ bounty: how unprotected directory leaked sensitive infohttps://medium.com/@aa.pietruczuk/1500-bounty-how-unprotected-directory-leaked-sensitive-info-929b55515232?source=rss------bug_bounty-5Agnieszka Pietruczukpentesting, bug-bounty01-May-2024
Exposed Secrets: The Peril of Broken Access Controlhttps://kd-200.medium.com/exposed-secrets-the-peril-of-broken-access-control-928223c62547?source=rss------bug_bounty-5Nitin yadavcybersecurity, bug-bounty, technology, hacking, penetration-testing01-May-2024
BBRADAR: A WEB TOOL TO FIND THE LATEST BUG BOUNTY PROGRAMShttps://medium.com/@Progsky/bbradar-a-web-tool-to-find-the-latest-bug-bounty-programs-833ba632f7a6?source=rss------bug_bounty-5Progskyweb-hacking, web-security, bug-bounty01-May-2024
I sent 1,000,000 Requests to a serverhttps://imwaiting18.medium.com/i-sent-1-000-000-requests-to-a-server-dcb6b41d5d7f?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)hacking, cybersecurity, bug-bounty, ethical-hacking01-May-2024
AWS S3 Bucket Misconfiguration Exposes PII and Documents of Job Seekershttps://infosecwriteups.com/aws-s3-bucket-misconfiguration-exposes-pii-and-documents-of-job-seekers-7b1332b0ecf1?source=rss------bug_bounty-5brutexploitercybersecurity, cloud, india, information-security, bug-bounty01-May-2024
Learning Offensive Cybersecurity — Day 2https://medium.com/@n4rkwh4l/learning-offensive-cybersecurity-day-2-73a682ba1e4d?source=rss------bug_bounty-5N4RKWH4Loffensive-security, cybersecurity, bug-bounty, learning, tech01-May-2024
Billions Bug Bounty Programhttps://billionsquest.medium.com/billions-bug-bounty-program-c86689b4fb29?source=rss------bug_bounty-5Billions Questbug-bounty-tips, bug-bounty, bug-bounty-hunter, bugs01-May-2024
Binary Exploitation: PicoCTF clutter-overflow challenge walk throughhttps://medium.com/@boogsta/binary-exploitation-picoctf-clutter-overflow-challenge-walk-through-80e2f775102c?source=rss------bug_bounty-5Boogstabug-bounty, hacking, hackathons, cyber, cybersecurity01-May-2024
1,000,000 requests 2FA bypasshttps://imwaiting18.medium.com/i-sent-1-000-000-requests-to-a-server-dcb6b41d5d7f?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)hacking, cybersecurity, bug-bounty, ethical-hacking01-May-2024
Javascript code inside HTMLhttps://medium.com/@thewhiteside2000/javascript-code-inside-html-389a71060bf0?source=rss------bug_bounty-5Thewhitesidebugs, bug-bounty-tips, bug-bounty01-May-2024
How OSINT Helped Me To Find User Credentials And Discover An OTP Bypasshttps://medium.com/@mohammed0x04/how-osint-helped-me-to-find-user-credentials-and-discover-an-otp-bypass-afb6b9e23b45?source=rss------bug_bounty-5Mohammed Waleedrecon, osint, bug-bounty-tips, cybersecurity, bug-bounty30-Apr-2024
Bypassing SSL Pinning with Frida and Objection in Mobile Applicationshttps://medium.com/@ria.banerjee005/bypassing-ssl-pinning-with-frida-and-objection-in-mobile-applications-0b42a778b0f2?source=rss------bug_bounty-5Ria Banerjeebug-bounty, cybersecurity, ssl-pinning, mobile-security, mobile-app-testing30-Apr-2024
Another ATO, will I get paid this time?https://imwaiting18.medium.com/another-ato-will-i-get-paid-this-time-ba86ed272f3e?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)hacking, ethical-hacking, security, bug-bounty, cyber-security-awareness30-Apr-2024
Useful GoogleDocks Tips — Bug Bounty Tuesdayhttps://medium.com/@kerstan/useful-googledocks-tips-bug-bounty-tuesday-45eddc06bf93?source=rss------bug_bounty-5kerstancybersecurity, bug-bounty, hacking30-Apr-2024
How I found three Critical Vulnerability in one site.https://medium.com/@ckachhadiya007/how-i-found-three-critical-vulnerability-in-one-site-70fc513669d8?source=rss------bug_bounty-5DEepvulnerability, hacking, cybersecurity, red-team, bug-bounty30-Apr-2024
O melhor curso de hacking etico do Brasilhttps://medium.com/@rafael.code77/o-melhor-curso-de-hacking-etico-do-brasil-cec8eec850bb?source=rss------bug_bounty-5Rafael Henriquetryhackme-writeup, hacking, bug-bounty, hacker, hackerone30-Apr-2024
24.4 Lab: Exploiting HTTP request smuggling to bypass front-end security controls, CL.TEhttps://cyberw1ng.medium.com/24-4-lab-exploiting-http-request-smuggling-to-bypass-front-end-security-controls-cl-te-458923cda52d?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, bug-bounty, hacking30-Apr-2024
Learning OffensiveCybersecurity — Day 1https://medium.com/@n4rkwh4l/learning-offensivecybersecurity-day-1-b5c26c55522c?source=rss------bug_bounty-5N4RKWH4Lbug-bounty, cybersecurity, offensive-security, learning, tech30-Apr-2024
Adding Certificates to Postman & Burp Suite for API Testinghttps://medium.com/r3d-buck3t/adding-certificates-to-postman-burp-suite-for-api-testing-06339a6d072a?source=rss------bug_bounty-5Nairuz Abulhulsecurity, bug-bounty, penetration-testing, hacking, infosec30-Apr-2024
Bug Bounty Challenge (final): [CONCLUSION]https://wallotry.medium.com/bug-bounty-challenge-final-day-10-30-04-2024-75a6f93d2687?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup30-Apr-2024
Finding a viper in the curved lawnhttps://medium.com/@kupiasec/finding-a-viper-in-the-curved-lawn-e43401997cce?source=rss------bug_bounty-5KupiaSeccurve-finance, bug-bounty, audit, blockchain, security30-Apr-2024
ineligible for bounty !!!https://medium.com/@thewhiteside2000/ineligible-for-bounty-d4b720bfb596?source=rss------bug_bounty-5Thewhitesidebug-bounty30-Apr-2024
postMessage() securityhttps://noobstain.medium.com/postmessage-security-e6c55ef1f1bd?source=rss------bug_bounty-5Sumeet darekarbug-bounty, xss-vulnerability, replit, postmessage, javascript30-Apr-2024
Learning Offensive Cybersecurity — Day 1https://medium.com/@n4rkwh4l/learning-offensivecybersecurity-day-1-b5c26c55522c?source=rss------bug_bounty-5N4RKWH4Lbug-bounty, cybersecurity, offensive-security, learning, tech30-Apr-2024
Bug Bounty Challenge (final): CONCLUSIONhttps://wallotry.medium.com/bug-bounty-challenge-final-day-10-30-04-2024-75a6f93d2687?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup30-Apr-2024
do FUZZ well!https://medium.com/@ugs20b126_cic.rajesh/do-fuzz-well-07cb19bb0675?source=rss------bug_bounty-5Rajesh Sagarbug-bounty, fuzzing, bug-bounty-tips30-Apr-2024
E-Commerce Application Penetration Testing- My Favourite Business Logical Flawhttps://medium.com/@vaishalinagori112/e-commerce-application-penetration-testing-my-favourite-business-logical-flaw-bac0367ad60c?source=rss------bug_bounty-5Vaishali Nagoriapplication-security, ciso, bug-bounty, penetration-testing, vapt29-Apr-2024
The Silent Threat: Uncovering IDOR Vulnerabilities Before They’re Exploited (PoC)https://medium.com/@mrmaulik191/the-silent-threat-uncovering-idor-vulnerabilities-before-theyre-exploited-poc-f98d2b8aec8d?source=rss------bug_bounty-5Mr.MGidor, penetration-testing, blog, cybersecurity, bug-bounty29-Apr-2024
The Story of a Mass Account Takeover Though Stored XSS (Cross-Site Scripting).https://medium.com/@iamrajchavan/the-story-of-a-mass-account-takeover-though-stored-xss-cross-site-scripting-bd2e484a0bd1?source=rss------bug_bounty-5Rajdip Chavanvapt, cybersecurity, bug-hunting, web-app-pentesting, bug-bounty29-Apr-2024
The Fuzzy Wuzzy: Unveiling Hidden Parametershttps://medium.com/@mendurim.r/the-fuzzy-wuzzy-unveiling-hidden-parameters-24169dfc9371?source=rss------bug_bounty-5m3nd00bug-bounty, fuzzing, ffuf29-Apr-2024
Explorando Acunetix Vulneweb SQL Injectionhttps://medium.com/@davidkarpinski1/explorando-acunetix-vulneweb-sql-injection-23360cf2d5f3?source=rss------bug_bounty-5David Eduardo Karpinskisql-injection, sql, bug-bounty, mysql, vulnerability29-Apr-2024
24.3 Lab: Exploiting HTTP request smuggling to bypass front-end security controls, CL.TEhttps://cyberw1ng.medium.com/24-3-lab-exploiting-http-request-smuggling-to-bypass-front-end-security-controls-cl-te-3a5f92a939d2?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, hacking, cybersecurity29-Apr-2024
Temu glitch - Temu system hacked and let me buy free items!https://medium.com/@verylazytech/temu-glitch-temu-system-hacked-and-let-me-buy-free-items-356fad19ae4a?source=rss------bug_bounty-5Very Lazy Techtemu, hacking, shopping, free, bug-bounty29-Apr-2024
The Fuzzy Wuzzy: Unveiling Hidden Parametershttps://medium.com/@mendurim.r/the-fuzzy-wuzzy-unveiling-hidden-parameters-24169dfc9371?source=rss------bug_bounty-5ScriptTeasebug-bounty, fuzzing, ffuf29-Apr-2024
Broken Link Hijacking: A Hidden Threat $350 Bountyhttps://medium.com/@chouhanhimanshu532/broken-link-hijacking-a-hidden-threat-350-bounty-bb5978177b1d?source=rss------bug_bounty-5Himanshu Chouhanbug-bounty, bugcrowd, bugs, broken-link-hijacking, bug-bounty-tips29-Apr-2024
Embracing Downtime: Why “Wasting Time” Can Be Beneficial for Bug Huntershttps://securitylit.medium.com/embracing-downtime-why-wasting-time-can-be-beneficial-for-bug-hunters-62d83da87a14?source=rss------bug_bounty-5Security Lit Limitedbug-bounty, cybersecurity, penetration-testing, bug-bounty-tips29-Apr-2024
Crypto Attacks Cheat-Sheethttps://medium.com/@davidkarpinski1/brute-forcing-cheat-sheet-30a9f58e024e?source=rss------bug_bounty-5David Eduardo Karpinskihacking, bug-bounty, dictionary, cheating, crack29-Apr-2024
Bug Bounty Challenge (final): Day 9–29/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-9-29-04-2024-9643d90e3ccf?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty29-Apr-2024
The Last Dance (HackTheBox Writeup)https://medium.com/@krishgera1/the-last-dance-hackthebox-writeup-ab0ffda6264f?source=rss------bug_bounty-5Krish Geractf, cybersecurity, hackthebox, hackerone, bug-bounty29-Apr-2024
Find PII Info Disclosure Bugs With this Simple GUI Tool-Easy P1https://medium.com/@Ajakcybersecurity/find-pii-info-disclosure-bugs-with-this-simple-gui-tool-easy-p1-7507a34ae172?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, cybersecurity, bug-bounty, hacking, penetration-testing29-Apr-2024
Bug Zero at a Glance [01–15 April]https://blog.bugzero.io/bug-zero-at-a-glance-01-15-april-1a761018d605?source=rss------bug_bounty-5Januka Dharmapriyacybersecurity, sri-lanka, bug-zero, newsletter, bug-bounty28-Apr-2024
2FA bypass that made me $______https://imwaiting18.medium.com/2fa-bypass-that-made-me-6d32d3b762b4?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)csrf, bug-bounty, cybersecurity, 2fa-bypass, hacking28-Apr-2024
How to choose less competitive Bug Bounty Programs ( No VDPs)https://medium.com/@h3mantsaini/how-to-choose-less-competitive-bug-bounty-programs-no-vdps-0acc3ddfe9b8?source=rss------bug_bounty-5H3mantbug-bounty-tips, bugbounty-writeup, bug-bounty, bug-bounty-writeup28-Apr-2024
Starting in Bug Bounty — First Master This Before Hunting.https://medium.com/@shuklaneel525/starting-in-bug-bounty-first-master-this-before-hunting-74d266a874a0?source=rss------bug_bounty-5NEEL SHUKLAbug-bounty, ethical-hacking, penetration-testing, bounty-program, bug-bounty-tips28-Apr-2024
Unveiling the Secrets of Internal Pentest Monitoring: A Game-Changer for Security Leadershttps://medium.com/@anirumble6776/unveiling-the-secrets-of-internal-pentest-monitoring-a-game-changer-for-security-leaders-09e57b46f9ef?source=rss------bug_bounty-5Aniniikethr12bug-bounty, pentesting, cybersecurity28-Apr-2024
Never use the GET method for Sensitive Actions in Web App: Ft. CSRFhttps://secureitmania.medium.com/never-use-the-get-method-for-sensitive-actions-in-web-app-ft-csrf-f106df3c228b?source=rss------bug_bounty-5secureITmaniabug-bounty, penetration-testing, information-security, hacking, web-development28-Apr-2024
Ability to Deny Subaccounts feature from all usershttps://medium.com/@mostafaaboelnour19/ability-to-deny-subaccounts-feature-from-all-users-e8fca424ffb9?source=rss------bug_bounty-50xAb031n0uRbugbounty-writeup, bug-bounty, cybersecurity28-Apr-2024
IDOR leads to Account Takeover of all users (ATO).https://medium.com/@xnum.1/idor-leads-to-account-takeover-of-all-users-ato-27af312c8481?source=rss------bug_bounty-5Ahmed Tarekpenteration-testing, account-takeover, bug-bounty, pentesting, hacking28-Apr-2024
Mi camino en el Bug Bounty comienza, pero antes..https://medium.com/@cyb3rbyt3/mi-camino-en-el-bug-bounty-comienza-pero-antes-e649661dddc0?source=rss------bug_bounty-5Cib3r Byt3bug-bounty28-Apr-2024
24.2 Lab: HTTP request smuggling, confirming a TE.CLhttps://cyberw1ng.medium.com/24-2-lab-http-request-smuggling-confirming-a-te-cl-1917e523470e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, bug-bounty, hacking28-Apr-2024
How I Hacked an Indian Government Website and Accessed Their Database Serverhttps://medium.com/@kamilrahman32/how-i-hacked-an-indian-government-website-and-accessed-their-database-server-02a81842cce8?source=rss------bug_bounty-5Kamil Rahumanbug-hunting, cybersecurity, bug-bounty, hacking28-Apr-2024
Bug Bounty Challenge (final): Day 8–28/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-8-28-04-2024-67bac40e6a35?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, bug-bounty28-Apr-2024
How We Hacked Voice Communication Solutions Company And Found BAC + Info Disclosure + IDOR 😀https://medium.com/@eslam.zayedw/how-we-hacked-voice-communication-solutions-company-and-found-bac-info-disclosure-idor-d-6884037064f0?source=rss------bug_bounty-5D0loresH4zebug-bounty, bug-bounty-tips, cybersecurity, hacking, penetration-testing28-Apr-2024
Flamingo Finance Bug Bounty Programhttps://medium.com/@kdmytro336/flamingo-finance-bug-bounty-program-e5736de7bfa0?source=rss------bug_bounty-5Dmytro Kovalenkoweb-security, bug-bounty, security, web3, flamingo-finance28-Apr-2024
VAPT: The Secret Weapon for Security Superheroeshttps://securitylit.medium.com/vapt-the-secret-weapon-for-security-superheroes-27fcdd79b16e?source=rss------bug_bounty-5Security Lit Limitedvapt, bug-bounty, cybersecurity, cyberattack28-Apr-2024
Security Testing Trends 2024https://innovateqa.medium.com/security-testing-trends-2024-38d9129fde4d?source=rss------bug_bounty-5InnovateQAsecurity-testing, devsecops, genai, bug-bounty, pentesting27-Apr-2024
Hidden parametershttps://medium.com/@thewhiteside2000/hidden-parameters-e818d572ea3e?source=rss------bug_bounty-5Thewhitesidebug-bounty, bug-bounty-tips27-Apr-2024
Top Ten Books for Bug Bountyhttps://medium.com/@verylazytech/top-ten-books-for-bug-bounty-95e8a42fb519?source=rss------bug_bounty-5Very Lazy Techpentesting, money, cybersecurity, bug-bounty, oscp27-Apr-2024
How to setup in 30 min your Web3 lab in Windowshttps://coinsbench.com/how-to-setup-in-30-min-your-web3-lab-in-windows-e0026185b64?source=rss------bug_bounty-5Bug Bounty Degenweb3, hacking-tools, ethereum, bug-bounty, blockchain27-Apr-2024
2:00 AM IDOR leads to some Adrenaline rushhttps://imwaiting18.medium.com/2-00-am-idor-leads-to-some-adrenaline-rush-996f710bd55a?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)bug-bounty27-Apr-2024
Logic Loopholes: The Fun Flawshttps://medium.com/@khode4li/logic-loopholes-the-fun-flaws-5a8e14b09dc7?source=rss------bug_bounty-5Khod4libusiness-logic, web-penetration, bug-bounty, pentest, xss-attack27-Apr-2024
How I Exploited an Auth0 Misconfiguration to Bypass Login Restrictionshttps://amjadali110.medium.com/how-i-exploited-an-auth0-misconfiguration-to-bypass-login-restrictions-c5d8c20d5505?source=rss------bug_bounty-5Amjad Alipenetration-testing, infosec, bug-bounty-tips, bug-bounty, cybersecurity27-Apr-2024
How A Blackbox Target Turned To Whitebox With Reconhttps://medium.com/@red.whisperer/how-a-blackbox-target-turned-to-whitebox-with-recon-e46536672702?source=rss------bug_bounty-5Chuxinfosec, cybersecurity, red-team, hacking, bug-bounty27-Apr-2024
Spotting Sensitive Data in iOS Applications A Penetration Tester’s Guidehttps://adipsharif.medium.com/spotting-sensitive-data-in-ios-applications-a-penetration-testers-guide-06f84af9cb0a?source=rss------bug_bounty-5ADIPpentesting, penetration-testing, infosec, information-security, bug-bounty27-Apr-2024
24.1 Lab: HTTP request smuggling, confirming a CL.TEhttps://cyberw1ng.medium.com/24-1-lab-http-request-smuggling-confirming-a-cl-te-c53051cf5875?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, penetration-testing, cybersecurity27-Apr-2024
privilege escalation allow the app admin to add the user as organization admin (on Microsoft own…https://medium.com/@amitkhandebharad5/privilege-escalation-allow-the-app-admin-to-add-the-user-as-organization-admin-on-microsoft-own-e24352219a24?source=rss------bug_bounty-5Amitkhandebharadsecurity, bug-bounty, bugcrowd, privilege-escalation, bug-hunter27-Apr-2024
Exploring the Filliquid Testnet Launch Bug Bounty Program!https://medium.com/@dekachi17/exploring-the-filliquid-testnet-launch-bug-bounty-program-e67c76557cc5?source=rss------bug_bounty-5I. Tobias Darlingtonfilecoin, bug-bounty, testnet, defi, filliquid27-Apr-2024
How I Hacked NASA Website and find a Criticial Source Code leak BUG on their websitehttps://medium.com/@phantom9863/how-i-hacked-nasa-website-and-find-a-criticial-source-code-leak-bug-on-their-website-9be0c38299fd?source=rss------bug_bounty-5Phantombugs, bug-bounty-tips, bug-fixes, bug-bounty, bug-zero27-Apr-2024
Unveiling Strategies to Identify Potentially Sensitive Data Stored by iOS Applicationshttps://adipsharif.medium.com/spotting-sensitive-data-in-ios-applications-a-penetration-testers-guide-06f84af9cb0a?source=rss------bug_bounty-5ADIPpentesting, penetration-testing, infosec, information-security, bug-bounty27-Apr-2024
What is HTTP request smuggling?https://cyberw1ng.medium.com/what-is-http-request-smuggling-7ab91748c6db?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, careers, cybersecurity, bug-bounty26-Apr-2024
I found a simple but rare misconfiguration and got $200 on a hackerone programhttps://harish45.medium.com/i-found-a-simple-but-rare-misconfiguration-and-got-200-on-a-hackerone-program-5863b6c51538?source=rss------bug_bounty-5Harishhackerone, bug-bounty-writeup, bug-bounty, bug-bounty-tips26-Apr-2024
Private Interact.sh server setup with a web dashboardhttps://infosecwriteups.com/private-interact-sh-server-setup-with-a-web-dashboard-6b0320645536?source=rss------bug_bounty-5Serj Novoselovtutorial, hacking, tools, cybersecurity, bug-bounty26-Apr-2024
Found Multiple Bugs :: XSS, MITM, Sec-MisConf :: In an Educational Sitehttps://medium.com/@p.ra.dee.p_0xx01/found-multiple-bugs-xss-mitm-sec-misconf-in-an-educational-site-5a3804085da0?source=rss------bug_bounty-5Professor0xx01security, bugs, bug-bounty, information-security, xss-attack26-Apr-2024
The Ultimate Guide to CISSP’s Eight Security Territorieshttps://systemweakness.com/the-ultimate-guide-to-cissps-eight-security-territories-836ec7bec836?source=rss------bug_bounty-5Gagan Yalamuristartup, information-security, information-technology, cybersecurity, bug-bounty26-Apr-2024
Unraveling the Nuances of 403 Bypass: Strengthening Web Application Securityhttps://medium.com/@dasmanish6176/unraveling-the-nuances-of-403-bypass-strengthening-web-application-security-ac2e8e885c3f?source=rss------bug_bounty-5Dasmanish403-forbidden, ethical-hacking, bug-bounty26-Apr-2024
How to baypass scaping filter(\)https://medium.com/@thewhiteside2000/how-to-baypass-scaping-filter-14393a23af4f?source=rss------bug_bounty-5Thewhitesidebug-bounty-tips, bug-bounty26-Apr-2024
How We Prevented a Mass Breach On One OF The Biggest CryptoCurrency Gateways On A Web3 Platform.https://medium.com/@eslam.zayedw/how-we-prevented-a-mass-breach-on-one-of-the-biggest-cryptocurrency-gateways-on-a-web3-platform-2d8393070b10?source=rss------bug_bounty-5D0loresH4zecybersecurity, bugbounty-writeup, bug-bounty, bug-bounty-tips, penetration-testing26-Apr-2024
Found Multiple Bugs :: XSS, MITM, Sec-MisConf :: In a GOVT Educational Sitehttps://medium.com/@p.ra.dee.p_0xx01/found-multiple-bugs-xss-mitm-sec-misconf-in-an-educational-site-5a3804085da0?source=rss------bug_bounty-5Professor0xx01security, bugs, bug-bounty, information-security, xss-attack26-Apr-2024
Bug Bounty Toolshttps://medium.com/@malishakali2002/bug-bounty-tools-bedcf7b94f8d?source=rss------bug_bounty-5Malisha_kalictf, bug-bounty-writeup, reconnaissance, bug-bounty, bug-bounty-tool25-Apr-2024
this is how I Bypassed the 2FA page in a big site…https://medium.com/@hannorayousef/this-is-how-i-bypassed-the-2fa-page-in-a-big-site-77c6a3b7596d?source=rss------bug_bounty-5Bar_0_0_nbug-bounty, 2fa, pentesting, bug-bounty-tips, cybersecurity25-Apr-2024
Android Pentesting Lab Setup step to step . Part -1https://medium.com/@adityasingh4180/android-pentesting-lab-setup-step-to-step-part-1-c50d210d118d?source=rss------bug_bounty-5Security Empirebug-bounty-tips, cybersecurity, android-pentesting, bug-bounty, cyber-sec25-Apr-2024
Bug Bounty Champions: Real Stories of Cybersecurity Triumphshttps://medium.com/@paritoshblogs/bug-bounty-champions-real-stories-of-cybersecurity-triumphs-35c0c976469a?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, ai, hacking, information-security25-Apr-2024
Understanding 403 Bypass: A Critical Vulnerability in Web Application Securityhttps://infosecwriteups.com/understanding-403-bypass-a-critical-vulnerability-in-web-application-security-2b9f0318f3a4?source=rss------bug_bounty-5Abhishek Bhujangbug-bounty, 403-bypass, cybersecurity, vulnerability, web-app-security25-Apr-2024
Hacking one of the largest Legal tech in MENAhttps://ahmadmansourr.medium.com/hacking-one-of-the-largest-legal-tech-in-mena-92365c276654?source=rss------bug_bounty-5Ahmad Mansourpentest, hacking, securing, bug-bounty25-Apr-2024
Cyber Detectives Unite: Advanced Tools for Web Securityhttps://medium.com/@gaganak.yalamuri/cyber-detectives-unite-advanced-tools-for-web-security-bb675f46b46e?source=rss------bug_bounty-5Gagan Yalamuriethical-hacking, information-security, cybersecurity, bug-bounty, computer-science25-Apr-2024
How a ‘.git’ file Leads to Zendesk Panel Takeoverhttps://sl4x0.medium.com/how-a-git-file-leads-to-zendesk-panel-takeover-11e8d2812076?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)bug-bounty-tips, admin-panel, pentesting, bug-bounty, hacking25-Apr-2024
Privilege Escalation to Admin through an Import Featurehttps://cristivlad.medium.com/privilege-escalation-to-admin-through-an-import-feature-ac8ac6b6abad?source=rss------bug_bounty-5Cristi Vladbug-bounty, cybersecurity, penetration-testing, pentesting, infosec25-Apr-2024
Unexpected gain, arbitrary forgery of user tokens.https://medium.com/@xiaodongsec/unexpected-gain-arbitrary-forgery-of-user-tokens-cb0dc1c4bd9f?source=rss------bug_bounty-5Xiaodongchina, hacker, vulnerability, bug-bounty, money25-Apr-2024
How to monitor your internal pentesters?https://medium.com/@levente.b.molnar/how-to-monitor-your-internal-pentesters-6fe0e18f9fd0?source=rss------bug_bounty-5Hackratebug-bounty, cybersecurity, it-security, penetration-testing-tools, penetration-testing25-Apr-2024
Find This Easy CSRF in Every Website- A Sweet P4https://medium.com/@Ajakcybersecurity/find-this-easy-csrf-in-every-website-a-sweet-p4-372a3198bf47?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, technology, bug-bounty, hacking, cybersecurity25-Apr-2024
Bug Bounty Challenge (final): Day 5–25/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-5-25-04-2024-a8d33630fe73?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips25-Apr-2024
Cyber Detectives Unite: Advanced Tools for Web Securityhttps://systemweakness.com/cyber-detectives-unite-advanced-tools-for-web-security-bb675f46b46e?source=rss------bug_bounty-5Gagan Yalamuriethical-hacking, information-security, cybersecurity, bug-bounty, computer-science25-Apr-2024
20.6 Lab: Host validation bypass via connection state attack | 2024https://cyberw1ng.medium.com/20-6-lab-host-validation-bypass-via-connection-state-attack-2024-ba5ddd95edc4?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, cybersecurity, penetration-testing25-Apr-2024
Privilege escalation mediante Race Condition.https://medium.com/@duality084/privilege-escalation-mediante-race-condition-0254df6ffbd8?source=rss------bug_bounty-5Matias Ramirezbug-bounty, bug-bounty-tips, bugbounty-writeup, hacking25-Apr-2024
A very useful asset collection tool: Asset Reconnaissance Lighthouse.https://medium.com/@xiaodongsec/a-very-useful-asset-collection-tool-asset-reconnaissance-lighthouse-94204f093c92?source=rss------bug_bounty-5Xiaodonghacks, hunting, tools, bug-bounty, china24-Apr-2024
Hack Stories: Hacking Hackers EP:3https://infosecwriteups.com/hack-stories-hacking-hackers-ep-3-11b1f0e002e8?source=rss------bug_bounty-5c0d3x27software, programming, cybersecurity, hacking, bug-bounty24-Apr-2024
#1. Bug Bounty POC: IDOR leads to Account Takeoverhttps://cyb3rmind.medium.com/1-bug-bounty-poc-idor-leads-to-account-takeover-e500701a8004?source=rss------bug_bounty-5Cyb3r M!ndsidor, account-takeover, web-penetration-testing, bug-bounty, pentesting24-Apr-2024
BALMER PEAK AND BUG HUNTINGhttps://medium.com/@Progsky/balmer-peak-and-bug-hunting-8ea030eaa4a4?source=rss------bug_bounty-5Progskyhumor, bug-bounty24-Apr-2024
20.5 Lab: SSRF via flawed request parsing | 2024https://cyberw1ng.medium.com/20-5-lab-ssrf-via-flawed-request-parsing-2024-77a91ca47898?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, careers, cybersecurity, hacking24-Apr-2024
Unveiling the Hidden: A Guide to Passive Subdomain Enumerationhttps://medium.com/@gaganak.yalamuri/unveiling-the-hidden-a-guide-to-passive-subdomain-enumeration-6f1db9a8bb50?source=rss------bug_bounty-5Gagan Yalamuriweb-security, technology, security, bug-bounty, hacking24-Apr-2024
Bug Bounty Challenge (final): Day 4–24/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-4-24-04-2024-ad138e4d1357?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter24-Apr-2024
Embarking on My Bug Bounty Hunting Journeyhttps://medium.com/@nikhil-/embarking-on-my-bug-bounty-hunting-journey-d4064cd28905?source=rss------bug_bounty-5Nikhilmy-journey-in-tech, cybersecurity, bug-bounty24-Apr-2024
Unveiling the Hidden: A Guide to Passive Subdomain Enumerationhttps://systemweakness.com/unveiling-the-hidden-a-guide-to-passive-subdomain-enumeration-6f1db9a8bb50?source=rss------bug_bounty-5Gagan Yalamuriweb-security, technology, security, bug-bounty, hacking24-Apr-2024
How easy I made $$$$https://anasbetis023.medium.com/how-easy-i-made-24edb0fd1364?source=rss------bug_bounty-5Anas H Hmaidypenetration-testing, bug-bounty-tips, cybersecurity, bug-bounty23-Apr-2024
Bug :: CORS Misconfiguration ~ could lead to disclosure of sensitive info..!!!https://medium.com/@p.ra.dee.p_0xx01/bug-cors-misconfiguration-could-lead-to-disclosure-of-sensitive-info-ad95e35162fd?source=rss------bug_bounty-5Professor0xx01cors, bug-bounty, threat-hunting, information-security, vulnerability23-Apr-2024
What are Some Ethical Considerations for Bug Bounty Hunters When Negotiating Rewards or Disclosing…https://medium.com/mynextdeveloper/what-are-some-ethical-considerations-for-bug-bounty-hunters-when-negotiating-rewards-or-disclosing-3008e87a6173?source=rss------bug_bounty-5MyNextDeveloperbug-bounty, ethics, data-breach, ethical-hacking, cybersecurity23-Apr-2024
IOS Penetration Testing: Guide to Static Analysishttps://medium.com/@adityasawant00/ios-penetration-testing-guide-to-static-analysis-4a9dea5d672d?source=rss------bug_bounty-5Aditya Sawantcybersecurity, static-analysis, bug-bounty, i̇os, penetration-testing23-Apr-2024
How I found my First Valid bughttps://medium.com/@tanyago/how-i-found-my-first-valid-bug-2a9c87ce7a91?source=rss------bug_bounty-5Tanya Goyalbug-bounty, bug-hunting, bug-bounty-writeup, bug-bounty-tips23-Apr-2024
Bypassing CloudFlare Error 1015: You Are Being Rate Limitedhttps://medium.com/@mdnafeed3/bypassing-cloudflare-error-1015-you-are-being-rate-limited-f25f4e8f7bb2?source=rss------bug_bounty-5H4cker-Nafeedbug-bounty, vulnerability, cybersecurity, hacking23-Apr-2024
QUICK ROADMAP TO BUG BOUNTY(things you need to know)https://medium.com/@joybhavanadam/quick-roadmap-to-bug-bounty-things-you-need-to-know-0aa1b64b9cdf?source=rss------bug_bounty-5Adam Paulo Antonytips, bug-bounty-tips, roadmaps, bug-bounty23-Apr-2024
VERTICAL RECON : SUBDOMAINS ENUMERATION. THE ART OF RECONISM:https://hacktivistattacker.medium.com/vertical-recon-subdomains-enumeration-the-art-of-reconism-66d3be42d5d0?source=rss------bug_bounty-5Hacktivist-Attackersubdomain-enumeration, information-gathering, subdomains-enumeration, bug-bounty, reconnaissance23-Apr-2024
20.4 Lab: Routing-based SSRF Vulnerability | 2024https://cyberw1ng.medium.com/20-4-lab-routing-based-ssrf-vulnerability-2024-c34402e8b6dd?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, cybersecurity, bug-bounty, careers23-Apr-2024
Browser Extension Security Testing: Part 1https://codewithvamp.medium.com/browser-extension-security-testing-part-1-0178766d2252?source=rss------bug_bounty-5Vaibhav Kumar Srivastavabug-bounty, hacking, browser-extension, bug-bounty-tips, testing23-Apr-2024
Email Verification Bypass via Remember Mehttps://infosecwriteups.com/email-verification-bypass-via-remember-me-c6d34e6060e9?source=rss------bug_bounty-5mo9khu93rbug-bounty, cybersecurity, pentesting, red-team, hacking22-Apr-2024
(Insecure Dangerous Component) Developer Backdoor `DebugActivity` included in the Production Game…https://medium.com/@hazeemyasseer/insecure-dangerous-component-developer-backdoor-debugactivity-included-in-the-production-game-390dddea9363?source=rss------bug_bounty-5Hazeem' Yasseerandroid-pentesting, android-pentest, bug-bounty-tips, bug-bounty, cybersecurity22-Apr-2024
20.3 Lab: Web cache poisoning via ambiguous requests | 2024https://cyberw1ng.medium.com/20-3-lab-web-cache-poisoning-via-ambiguous-requests-2024-8ab074dec0e4?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, careers, penetration-testing, bug-bounty22-Apr-2024
How many months took you to find your first bug ?! Let s seehttps://medium.com/@aiz3nsk/how-many-months-took-you-to-find-your-first-bug-let-s-see-c48e4cce0c29?source=rss------bug_bounty-5Aiz3n Skbug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program, bug-bounty-writeup22-Apr-2024
Don’t overlook any parameter, because the vulnerability lies within!https://medium.com/@xiaodongsec/dont-overlook-any-parameter-because-the-vulnerability-lies-within-d0107d0c4f3e?source=rss------bug_bounty-5Xiaodonghacker, vulnerability, china, money, bug-bounty22-Apr-2024
Exploiting PostMessage for cool XSS vulnerabilitieshttps://manasharsh.medium.com/exploiting-postmessage-for-cool-xss-vulnerabilities-cbea132398e1?source=rss------bug_bounty-5Manas Harshhacking, xss-vulnerability, bug-bounty, application-security22-Apr-2024
Google Map API Key Exposure: A Bug Bounty Journeyhttps://medium.com/@iamrizwanvp/google-map-api-key-exposure-a-bug-bounty-journey-6e0bb1560961?source=rss------bug_bounty-5RIZWANpentesting, bug-bounty, cybersecurity, bugbounty-writeup22-Apr-2024
Auto Bug Bounty Script — Unleash Your Hunting Potentialhttps://medium.com/@psychomong/auto-bug-bounty-script-unleash-your-hunting-potential-7ecd6ad417ea?source=rss------bug_bounty-5psychomongbug-bounty, vapt, hacker, bug-bounty-tips, automation22-Apr-2024
How i Find Database Credentials via Mass Recon & Recon Scoping on Gcashhttps://ph-hitachi.medium.com/how-i-find-database-credentials-via-mass-recon-recon-scoping-on-gcash-f43a0dae3ec1?source=rss------bug_bounty-5Ph.Hitachipentest, reconnaissance, recon, bug-bounty, gcash22-Apr-2024
What is SSRF and how to Detect them on Web Applicationhttps://alvinbijo.medium.com/what-is-ssrf-and-how-to-detect-them-on-web-application-687820c4d097?source=rss------bug_bounty-5Alvin bijobug-bounty-tips, bug-bounty, xs, ssrf22-Apr-2024
Bug Bounty Challenge (final): Day 3–22/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-3-22-04-2024-51adde52bf60?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-tips22-Apr-2024
Cross-Site Scripting Detectionhttps://medium.com/@b.c114303/cross-site-scripting-detection-b35e4bd744b3?source=rss------bug_bounty-5Anni0pbug-bounty, cybersecurity, xss-attack22-Apr-2024
Beware of Method Swapping: Unveiling a Potential Security Vulnerabilityhttps://infosecwriteups.com/beware-of-method-swapping-unveiling-a-potential-security-vulnerability-cc66c867e3b2?source=rss------bug_bounty-5HooSbug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips22-Apr-2024
How to avoid burnouts in bugbounty?https://medium.com/@mr_prey3r/how-to-avoid-burnouts-in-bugbounty-4d97e14f1ff1?source=rss------bug_bounty-5Rubayet Hasan aka MR_Prey3rbug-bounty-tips, bug-bounty, bug-bounty-writeup22-Apr-2024
Beware of Method Swapping: Unveiling a Potential Security Vulnerabilityhttps://medium.com/@hoosgamer/beware-of-method-swapping-unveiling-a-potential-security-vulnerability-cc66c867e3b2?source=rss------bug_bounty-5HooSbug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips22-Apr-2024
Beware of Method Swapping: Unveiling a Potential Security Vulnerabilityhttps://medium.com/@hohky_/beware-of-method-swapping-unveiling-a-potential-security-vulnerability-cc66c867e3b2?source=rss------bug_bounty-5Hohkybug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips22-Apr-2024
Project discovery`s Chaos: Subdomains Discovery for all Bug Bounty Programshttps://medium.com/@miladkeivanfar/project-discovery-s-chaos-subdomains-discovery-for-all-bug-bounty-programs-b9e39fe3589d?source=rss------bug_bounty-5Milad keivanfarsecurity, subdomains-enumeration, bug-bounty, penetration-testing21-Apr-2024
SQL Injection Vulnerability in WHERE Clause Allowing Retrieval of Hidden Datahttps://medium.com/@marduk.i.am/sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-96beb7f99d0c?source=rss------bug_bounty-5Marduk I Amportswigger-lab, sql-injection, information-security, bug-bounty, cybersecurity21-Apr-2024
Unraveling the Secrets of CWE and CVE in easily wayhttps://medium.com/@abdallahhendy15/unraveling-the-secrets-of-cwe-and-cve-in-easily-way-fc332b0294d6?source=rss------bug_bounty-5Abdallahhendypenetration-testing, cwe, cybersecurity, cve, bug-bounty21-Apr-2024
Such a simple zero-payment vulnerability.https://medium.com/@xiaodongsec/such-a-simple-zero-payment-vulnerability-8e29421cbf58?source=rss------bug_bounty-5Xiaodongmoney, vulnerability, bug-bounty, china, hacker21-Apr-2024
Linux Mastery, Practical Exercises for Effective Command Line Skillshttps://medium.com/@muhammadriva/linux-mastery-practical-exercises-for-effective-command-line-skills-e769d1010f73?source=rss------bug_bounty-5Muhammad Rivacyber-security-awareness, penetration-testing, cybersecurity, bug-bounty, kali-linux21-Apr-2024
What is server-side template injection?https://cyberw1ng.medium.com/what-is-server-side-template-injection-77b7e4d0cad2?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, penetration-testing, careers21-Apr-2024
How I could have hacked one LG website with a simple recon…https://medium.com/@rubixrub/how-i-could-have-hacked-one-lg-website-with-a-simple-recon-8306e6e4be54?source=rss------bug_bounty-5RubXhacking, bug-bounty, cybersecurity, bug-bounty-tips21-Apr-2024
HACKTHEBOX CBBH REVIEWhttps://medium.com/@admiralhr99/hackthebox-cbbh-review-76944984a573?source=rss------bug_bounty-5Admiralhrweb-application-security, bug-bounty, cybersecurity, cbbh, hackthebox21-Apr-2024
How do I get Started in Cyber Security? — My Perspective & Learning Path!https://medium.com/@aadhaarkoul2002/how-do-i-get-started-in-cyber-security-my-perspective-learning-path-cd45846dbe63?source=rss------bug_bounty-5Aadhaarkoulbug-bounty, infosec, technology, hacking, learning21-Apr-2024
Bug Bounty Challenge (final): Day 1–21/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-1-21-04-2024-f832f23f0464?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips21-Apr-2024
Bug Bounty Challenge (final): Day 2–21/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-1-21-04-2024-f832f23f0464?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips21-Apr-2024
Unsecured Content Provider leads to Account Takeoverhttps://medium.com/@ahmedelmorsy312/unsecure-content-provider-led-to-account-takeover-1e45d716bd7c?source=rss------bug_bounty-5Ahmed Elmorsihacker, bugbounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty20-Apr-2024
Best Bug Bounty Tipshttps://bevijaygupta.medium.com/best-bug-bounty-tips-af66fd076eb4?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bug-fixes, bugs, bug-bounty, bug-zero20-Apr-2024
Unraveling the Millennium Bug: A Digital Apocalypsehttps://medium.com/@ak123aryan/unraveling-the-millennium-bug-a-digital-apocalypse-39af9dbadc0b?source=rss------bug_bounty-5Akshay Aryanjava, bugs, software-development, bug-bounty20-Apr-2024
My methodology for hunting for open Redirect vulnerabilitieshttps://medium.com/@hozayfan782/my-methodology-for-hunting-for-open-redirect-vulnerabilities-fb79f2d24c22?source=rss------bug_bounty-5Hozayfa Nassertips, open-redirect, bug-bounty, tips-and-tricks20-Apr-2024
19.5 Lab: Finding a hidden GraphQL endpoint | 2024https://cyberw1ng.medium.com/19-5-lab-finding-a-hidden-graphql-endpoint-2024-aeb8cec440d1?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing20-Apr-2024
Paramspider Upgraded Versionhttps://medium.com/@pushkrajdhuri07/paramspider-upgraded-version-b14c1e8f9810?source=rss------bug_bounty-5PushkaraJhacking, bug-bounty, cybersecurity, redteam-tool, infosec20-Apr-2024
Bug Bounty Challenge (final): Day 1–20/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-1-20-04-2024-2db4a6c86cc2?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup, bug-bounty20-Apr-2024
April 2024 Reading Listhttps://daytontp.medium.com/april-2024-reading-list-e570dd5143c9?source=rss------bug_bounty-5Dayton Pruetbug-bounty, network-security, cloud-computing, google-cloud-platform, linux19-Apr-2024
Race Condition on Change Email Leads to Arbitrary Email Forgeryhttps://medium.com/@blackarazi/race-condition-on-change-email-leads-to-arbitrary-email-forgery-741b720ac840?source=rss------bug_bounty-5Azhari Harahapbug-bounty, application-security, api-security, race-condition, bug-bounty-writeup19-Apr-2024
Blockchain Bug Bountyhttps://bevijaygupta.medium.com/blockchain-bug-bounty-a84c5f5ac684?source=rss------bug_bounty-5Vijay Guptabug-bounty, bug-bounty-tips, blockchain, blockchain-technology, bugs19-Apr-2024
OTP Bypass Security Issues and Remediationshttps://pratham-08.medium.com/otp-bypass-security-issues-and-remediations-f207eecebbea?source=rss------bug_bounty-5Pratham Mittalsecure-coding, software-development, otp-bypass, bug-bounty, security19-Apr-2024
Reconnaissance in Bug Bounty Programshttps://bevijaygupta.medium.com/reconnaissance-in-bug-bounty-programs-d46fadeb4508?source=rss------bug_bounty-5Vijay Guptabugs, bug-bounty-tips, footprinting, reconnaissance, bug-bounty19-Apr-2024
First valid critical vulnerability of minehttps://medium.com/@shalabhdevliyal/first-valid-critical-vulnerability-of-mine-1143ceaffefc?source=rss------bug_bounty-5Shalabhdevliyalvulnerability, hackerone, bug-bounty, cybersecurity19-Apr-2024
OOGWAY — Vulnerability Search Toolhttps://symbolexe.medium.com/oogway-vulnerability-search-tool-494587f0c00d?source=rss------bug_bounty-5Yasinbug-bounty, cybersecurity, vulnerability, cve19-Apr-2024
An Interesting Case of XSS Caused by File Uploadhttps://medium.com/@xiaodongsec/an-interesting-case-of-xss-caused-by-file-upload-86bdfb09408f?source=rss------bug_bounty-5Xiaodongchina, security, bug-bounty, money, hacks19-Apr-2024
How I Disclosed Employees PII | The mistake I made..|https://medium.com/@the.bugcrowd.testerpawan/how-i-disclosed-employees-pii-the-mistake-i-made-ca299a155440?source=rss------bug_bounty-5the_air_sharmabug-bounty-hunter, bug-bounty-program, bug-bounty-tips, bug-bounty-writeup, bug-bounty19-Apr-2024
19.4 Lab: Performing CSRF exploits over GraphQL | 2024https://cyberw1ng.medium.com/19-4-lab-performing-csrf-exploits-over-graphql-2024-8362148aee53?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, careers, penetration-testing, hacking19-Apr-2024
let’s Unlock Advanced Permissionshttps://rofes1337.medium.com/lets-unlock-advanced-permissions-d8529e9048e4?source=rss------bug_bounty-5Yousef Muhammedelkhirbug-bounty-tips, penteration-testing, bug-bounty, web-app-pentesting, privilege-escalation19-Apr-2024
Defence Methodologiehttps://medium.com/@haticezkmnl/defence-methodologie-bd3aa669d90e?source=rss------bug_bounty-5Hatice Zehra Kamanlıpentesting, bug-bounty, soc, prevention, cybersecurity19-Apr-2024
A CRASH COURSE ON NETWORK PROTOCOLS FOR BUG HUNTERShttps://medium.com/@binarymaster/a-crash-course-on-network-protocols-for-bug-hunters-d2648b79ab0e?source=rss------bug_bounty-5Binarymasterhacking, bug-bounty, network19-Apr-2024
Rest API Pentesting Resourceshttps://medium.com/@m14r41/rest-api-pentesting-resources-3155985b8c4d?source=rss------bug_bounty-5Madhurendra Kumarpentesting, checklist, bug-bounty, api, hacking19-Apr-2024
A CRASH COURSE ON NETWORK PROTOCOLS FOR BUG HUNTERShttps://medium.com/@Progsky/a-crash-course-on-network-protocols-for-bug-hunters-d2648b79ab0e?source=rss------bug_bounty-5Progskyhacking, bug-bounty, network19-Apr-2024
Stored XSS chain on NASA VDPhttps://medium.com/@ph4nt0mbyt3/stored-xss-chain-on-nasa-vdp-93814e2df863?source=rss------bug_bounty-5ph4nt0mbyt3bug-bounty, vulnerability, nasa18-Apr-2024
Introducing SHIFU: Your Comprehensive CVE Finder Toolkithttps://symbolexe.medium.com/introducing-shifu-your-comprehensive-cve-finder-toolkit-4b036cce55c6?source=rss------bug_bounty-5Yasincybersecurity, cve, bug-bounty18-Apr-2024
How Shodan Helps me to Find SMTP misconfigurationhttps://thesafdari.medium.com/how-shodan-helps-me-to-find-smtp-misconfiguration-56f63f1116a5?source=rss------bug_bounty-5Milad Safdaribug-bounty, finding-smtp-misconfig, finding-vulnerabilities18-Apr-2024
Jamtangan Bug Bountyhttps://bevijaygupta.medium.com/jamtangan-bug-bounty-7c49fc09881f?source=rss------bug_bounty-5Vijay Guptabugs, bug-zero, bug-bounty-tips, bug-bounty, jam-tangan18-Apr-2024
IDOR Bug Bountyhttps://bevijaygupta.medium.com/idor-bug-bounty-282d62d91691?source=rss------bug_bounty-5Vijay Guptaidor, bugs, bug-zero, bug-bounty, bug-bounty-tips18-Apr-2024
Yahoo Bug Bountyhttps://bevijaygupta.medium.com/yahoo-bug-bounty-a8a711e9ec3a?source=rss------bug_bounty-5Vijay Guptabug-bounty, yahoo-bug-bounty, bugs, yahoo, bug-bounty-tips18-Apr-2024
A Beginner’s Guide To Insecure Deserializationhttps://medium.com/@four0four/a-beginners-guide-to-insecure-deserialization-d359adffb207?source=rss------bug_bounty-5four0fourprogramming, cybersecurity, bug-bounty18-Apr-2024
How I found HTMLi on main domain of programhttps://medium.com/@jeetpal2007/how-i-found-htmli-on-main-domain-of-program-5c88a8e1af9a?source=rss------bug_bounty-5JEETPALbug-bounty-tips, html-injection, bug-bounty18-Apr-2024
IDOR Lead to Data Leakhttps://melguerdawi.medium.com/idor-lead-to-data-leak-c5107094f9ca?source=rss------bug_bounty-5Mostafa Elguerdawibug-bounty, cybersecurity, bug-bounty-tips18-Apr-2024
VulnersX Toolhttps://symbolexe.medium.com/vulnersx-tool-7a10b3090bbf?source=rss------bug_bounty-5Yasincybersecurity, cve, vulnerability, bug-bounty18-Apr-2024
How Shodan Helps me to Find SMTP misconfigurationhttps://thesafdari.medium.com/how-shodan-helps-me-to-find-smtp-misconfiguration-56f63f1116a5?source=rss------bug_bounty-5Milad Safdari (TheSafdari)bug-bounty, finding-smtp-misconfig, finding-vulnerabilities18-Apr-2024
How i Hacked Globe/Gcash services and manage to get access on multiple databases including ssh…https://ph-hitachi.medium.com/how-i-hacked-globe-gcash-services-and-manage-to-get-access-on-multiple-databases-including-ssh-9ca781348e8f?source=rss------bug_bounty-5Ph.Hitachibug-bounty, public-disclosure, pentesting, gcash18-Apr-2024
SSL Pinning Bypass Simplifiedhttps://medium.com/@evilprince007/ssl-pinning-bypass-simplified-48c0d5294a6c?source=rss------bug_bounty-5Prathamesh Khatavkarbug-bounty, cybersecurity, android18-Apr-2024
Unveiling Access Control Flaws: Taking over an entire organizationhttps://medium.com/@im0thmann/unveiling-access-control-flaws-taking-over-an-entire-organization-23505eb75d89?source=rss------bug_bounty-5mohamed othmancybersecurity, bug-bounty18-Apr-2024
19.3 Lab: Bypassing GraphQL brute force protections | 2024https://cyberw1ng.medium.com/19-3-lab-bypassing-graphql-brute-force-protections-2024-ae9df787c7c7?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, careers, bug-bounty, hacking18-Apr-2024
How I Used the ‘Everything’ Service to Uncover Two High-Risk Threats and Earn Over $700 in Rewardshttps://medium.com/@xiaodongsec/how-i-used-the-everything-service-to-uncover-two-high-risk-threats-and-earn-over-700-in-rewards-c42d002707ad?source=rss------bug_bounty-5Xiaodongchina, bug-bounty, money, hacker, vulnerability17-Apr-2024
Uber Bug Bounty Programhttps://bevijaygupta.medium.com/uber-bug-bounty-program-04cfe5050cd1?source=rss------bug_bounty-5Vijay Guptauber, bug-bounty, bug-bounty-tips, bug-zero, bugs17-Apr-2024
“Mastering Bug Bounty Hunting: Unveiling Secrets to Finding Hidden Vulnerabilities”https://medium.com/@faizalin5555/mastering-bug-bounty-hunting-unveiling-secrets-to-finding-hidden-vulnerabilities-0b5088e213d4?source=rss------bug_bounty-5Faizal Nbug-bounty-tips, bug-bounty, cybersecurity, penetration-testing, vulnerability17-Apr-2024
Bug Bounty POChttps://bevijaygupta.medium.com/bug-bounty-poc-e7fefda2fad0?source=rss------bug_bounty-5Vijay Guptabug-bounty, poc, bug-bounty-tips, bug-zero, bugs17-Apr-2024
Vulnerability Bounty Tool Recommendation: WIHhttps://medium.com/@xiaodongsec/vulnerability-bounty-tool-recommendation-wih-1e7b559b5fbc?source=rss------bug_bounty-5Xiaodongchina, tools, hacker, bug-bounty, money17-Apr-2024
Leveraging XSS to Execute CSRF Attackshttps://medium.com/@dodir.sec/leveraging-xss-to-execute-csrf-attacks-421edb662b40?source=rss------bug_bounty-5dodirbug-bounty, cybersecurity, penetration-testing, csrf, xss-attack17-Apr-2024
API Mis configuration: How Employee can change Manager’s review for him. (Part 2)https://interc3pt3r.medium.com/api-mis-configuration-how-employee-can-change-managers-review-for-him-part-2-28b242216b40?source=rss------bug_bounty-5Aneesha Dweb-development, bug-bounty, tips, cybersecurity, hacking17-Apr-2024
19.2 Lab: Accidental exposure of private GraphQL fields | 2024https://cyberw1ng.medium.com/19-2-lab-accidental-exposure-of-private-graphql-fields-2024-0d0836dc82ba?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, hacking, bug-bounty, careers17-Apr-2024
How I approach Account takeover due to no rate limit on OTPhttps://medium.com/@jeetpal2007/how-i-approach-account-takeover-due-to-no-rate-limit-on-otp-10a7fe056184?source=rss------bug_bounty-5JEETPALbug-bounty, bountytips, no-rate-limit, account-takeover17-Apr-2024
How I found a P1 bug in just 40 minuteshttps://medium.com/@jeetpal2007/how-i-found-a-p1-bug-in-just-40-minutes-4f3614abe974?source=rss------bug_bounty-5JEETPALapi-key, p1bugs, bug-bounty-tips, bug-bounty17-Apr-2024
OTP Bruteforce Chained with Response Manipulation Leads to Zero Click Account Takeoverhttps://medium.com/@cyberpro151/otp-bruteforce-chained-with-response-manipulation-leads-to-zero-click-account-takeover-7d1bee79a19f?source=rss------bug_bounty-5cyberpro151cybersecurity, account-takeover, bug-bounty, web-hacking, hacking17-Apr-2024
(Part 2) API Mis configuration: How Employee can change Manager’s review for him.https://interc3pt3r.medium.com/api-mis-configuration-how-employee-can-change-managers-review-for-him-part-2-28b242216b40?source=rss------bug_bounty-5Aneesha Dweb-development, bug-bounty, tips, cybersecurity, hacking17-Apr-2024
TCM Security — Practical Ethical Hacking Course — Find & Exploit Common Web Vulnerabilities — XSS…https://shibushivansh.medium.com/tcm-security-practical-ethical-hacking-course-find-exploit-common-web-vulnerabilities-xss-00dbb33d45e2?source=rss------bug_bounty-5Shivansh Sethcross-site-scripting, blog, command-injection, bug-bounty, cybersecurity16-Apr-2024
PayPal Bug Bountyhttps://bevijaygupta.medium.com/paypal-bug-bounty-7838f8bc5e4b?source=rss------bug_bounty-5Vijay Guptabugs, paypal, paypal-account, bug-bounty, bug-bounty-tips16-Apr-2024
Discord Bug Bountyhttps://bevijaygupta.medium.com/discord-bug-bounty-e2d0d3829c99?source=rss------bug_bounty-5Vijay Guptabugs, discord, bug-bounty-tips, bug-bounty, discord-bot16-Apr-2024
Top 5 books to learn bug hunting beginner to advancehttps://medium.com/@buglearners.com/top-5-books-to-learn-bug-hunting-beginner-to-advance-9006c34ea126?source=rss------bug_bounty-5Buglearners.combug-bounty, cybersecurity, bug-hunting, advance, books16-Apr-2024
18.4 Lab: Exploiting Ruby deserialization using a documented gadget chain | 2024https://cyberw1ng.medium.com/18-4-lab-exploiting-ruby-deserialization-using-a-documented-gadget-chain-2024-2e02be94c6f8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, careers, bug-bounty, penetration-testing16-Apr-2024
Email Template Draft Feature Triggers SSRF, Earns ¥3000!https://medium.com/@xiaodongsec/email-template-draft-feature-triggers-ssrf-earns-3000-d59af1ffbae6?source=rss------bug_bounty-5Xiaodonghacker, vulnerability, china, money, bug-bounty16-Apr-2024
WhatWeb!?https://thehackersmeetup.medium.com/whatweb-c132eb13927c?source=rss------bug_bounty-5The Hackers Meetuptools, bug-bounty, whatweb, kali, web16-Apr-2024
XSS (Міжсайтовий скриптинг): детальний розбірhttps://medium.com/@max.pavlenko.dev/xss-%D0%BC%D1%96%D0%B6%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2%D0%B8%D0%B9-%D1%81%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%B8%D0%BD%D0%B3-%D0%B4%D0%B5%D1%82%D0%B0%D0%BB%D1%8C%D0%BD%D0%B8%D0%B9-%D1%80%D0%BE%D0%B7%D0%B1%D1%96%D1%80-23c36e5a7483?source=rss------bug_bounty-5Max Pavlenko (Certified Vue.js Developer)bug-bounty, security, front-end-development, xss-vulnerability16-Apr-2024
Reverse Engineering Sitecore Vulnerabilities-3https://medium.com/@nilayp799/reverse-engineering-sitecore-vulnerabilities-3-ba8a99563ca4?source=rss------bug_bounty-5Nilay Patelbug-bounty, vulnerability, automation, hacking, sitecore16-Apr-2024
Reverse Shell Scripting Concept.https://rahman0x01.medium.com/reverse-shell-scripting-concept-1bf1f60686a7?source=rss------bug_bounty-5rahman0x01netcat, bash-scripting, bug-bounty, reverse-shell, bash-script16-Apr-2024
I Found An IDOR Flaw where users' attached pictures and documents were leaked.https://medium.com/@Ajakcybersecurity/i-found-an-idor-flaw-where-users-attached-pictures-and-documents-were-leaked-961d564ce72f?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, cybersecurity, money, bug-bounty, penetration-testing16-Apr-2024
Bug Bounty Automationhttps://bevijaygupta.medium.com/bug-bounty-automation-f1fa68e3d903?source=rss------bug_bounty-5Vijay Guptaautomation-tools, automation-testing, bug-bounty-tips, automation, bug-bounty15-Apr-2024
Dell Bug Bountyhttps://bevijaygupta.medium.com/dell-bug-bounty-a578dc53d7bb?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, dell, dell-laptop, bugs, bug-bounty15-Apr-2024
CVE-2024–3400: A Critical Vulnerability in PAN-OS Firewallshttps://infosecwriteups.com/cve-2024-3400-a-critical-vulnerability-in-pan-os-firewalls-a7f8c66a10d2?source=rss------bug_bounty-5ElNiakbug-bounty, penetration-testing, command-injection, firewall, cybersecurity15-Apr-2024
Story of a strange IDOR without IDhttps://m7arm4n.medium.com/story-of-a-strange-idor-without-id-6735fd3dcd27?source=rss------bug_bounty-5M7arm4nhacking, bug-bounty, bug-bounty-tips, security, hacker15-Apr-2024
CSRF (1/3)https://medium.com/@karimelsayed0x1/csrf-1-3-22050bf9c92c?source=rss------bug_bounty-5z3r0xkbug-bounty, bug-bounty-tips, bug-bounty-writeup, csrf, web-attack15-Apr-2024
Advance XSS payload Listhttps://medium.com/@psychomong/advance-xss-payload-list-7b5d1a4df61c?source=rss------bug_bounty-5psychomonghacking, bug-bounty-tips, bugs, bug-bounty, xss-attack15-Apr-2024
18.3 Lab: Exploiting PHP deserialization with a pre-built gadget chain | 2024https://cyberw1ng.medium.com/18-3-lab-exploiting-php-deserialization-with-a-pre-built-gadget-chain-2024-64dcb875e23c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, hacking, penetration-testing, bug-bounty15-Apr-2024
How I got JS Execution (DOM XSS) Via CSTIhttps://medium.com/@amrkadry7/how-i-got-js-execution-dom-xss-via-csti-58a4171c2963?source=rss------bug_bounty-5Amrcybersecurity, bug-bounty15-Apr-2024
Acer Bug Bountyhttps://bevijaygupta.medium.com/acer-bug-bounty-9ce4d49c1051?source=rss------bug_bounty-5Vijay Guptaacer, bug-zero, bug-bounty, bug-bounty-tips, bugs14-Apr-2024
My Bug Bounty Journeyhttps://bevijaygupta.medium.com/my-bug-bounty-journey-b07f663c8ff8?source=rss------bug_bounty-5Vijay Guptabug-zero, bug-bounty-tips, my-journey, bugs, bug-bounty14-Apr-2024
Ten Tips You Have to Know for WordPress Bug Bountyhttps://medium.com/@zpbrent/ten-tips-you-have-to-know-for-wordpress-bug-bounty-b2b070f07add?source=rss------bug_bounty-5Peng Zhoubug-bounty, wordpress, infosec, hacker, bug-bounty-tips14-Apr-2024
How I Exploited the Account Cancellation Feature to Farm Rewardshttps://medium.com/@xiaodongsec/how-i-exploited-the-account-cancellation-feature-to-farm-rewards-19f6d6c0e181?source=rss------bug_bounty-5Xiaodonghacks, bug-bounty, skills, vulnerability, china14-Apr-2024
How I Hack Web Applications (Part 1)https://infosecwriteups.com/how-i-hack-web-applications-part-1-0833c002cc9a?source=rss------bug_bounty-5Rafin Rahman Chyethical-hacking, penetration-testing, bug-bounty, infosec, application-security14-Apr-2024
A unique SSRF hunt ( Invite user functionality vulnerable to blind SSRF attack )https://medium.com/@abhishek8602314652/a-unique-ssrf-hunt-invite-user-functionality-vulnerable-to-blind-ssrf-attack-c6804b2b398b?source=rss------bug_bounty-5Abhishek singh ( a6h1)bug-bounty, ssrf, bug-bounty-tips, bug-hunting, bug-bounty-writeup14-Apr-2024
A click can cause 1600$ | Auth0 misconfig .https://naumankh4n.medium.com/a-click-can-cause-1600-auth0-misconfig-9234aedad55c?source=rss------bug_bounty-5Nauman Khanpenetration-testing, bug-bounty, hacking, cybersecurity, money14-Apr-2024
18.2 Lab: Exploiting Java deserialization with Apache Commons | 2024https://cyberw1ng.medium.com/18-2-lab-exploiting-java-deserialization-with-apache-commons-2024-7ba379e97b52?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, careers, penetration-testing14-Apr-2024
Access to transparent security testing — Why we made HackGATE™ available to everyonehttps://medium.com/@levente.b.molnar/access-to-transparent-security-testing-why-we-made-hackgate-available-to-everyone-11c3e0efe44c?source=rss------bug_bounty-5Hackratebug-bounty, penetration-testing, pentesting, security, cybersecurity14-Apr-2024
THE ART OF RECONISM: HORIZONTAL RECON FOR PENETRATION TESTING:https://hacktivistattacker.medium.com/the-art-of-reconism-horizontal-recon-for-penetration-testing-fea5399af186?source=rss------bug_bounty-5Hacktivist-Attackerreconnaissance, horizonatl-reconaissance, scope-finding, bug-bounty, information-gathering13-Apr-2024
Power of CSRFhttps://medium.com/@hillrane24/power-of-csrf-43b736c74280?source=rss------bug_bounty-5NIKHIL RANEotp-bypass, bug-bounty, csrf, authentication-bypass13-Apr-2024
Unauthorized Admin Account Access via Google Authenticationhttps://nullr3x.medium.com/unauthorized-admin-account-access-via-google-authentication-a38d42577ac9?source=rss------bug_bounty-5Sahil Mehracybersecurity, web, bug-bounty, vulnerability, penetration-testing13-Apr-2024
Bancor Bug Bountyhttps://bevijaygupta.medium.com/bancor-bug-bounty-9c40e9389ab5?source=rss------bug_bounty-5Vijay Guptabug-zero, bug-bounty, bug-bounty-tips, bugs, bancor13-Apr-2024
Facebook Bug Bountyhttps://bevijaygupta.medium.com/facebook-bug-bounty-e9e73ce56f11?source=rss------bug_bounty-5Vijay Guptafacebook, bug-bounty-tips, bug-bounty, bugs, facebook-bug-bounty13-Apr-2024
Menggali Potensi Bug Bounty: Menghasilkan Uang atau Menemukan Keamanan?https://medium.com/@kaizen100801/menggali-potensi-bug-bounty-menghasilkan-uang-atau-menemukan-keamanan-170c44d2904e?source=rss------bug_bounty-5Zenbug-bounty, bug-bounty-tips, cybersecurity, hacking, cyber-security-awareness13-Apr-2024
Api Bug Bountyhttps://bevijaygupta.medium.com/api-bug-bounty-5f2aafced9a4?source=rss------bug_bounty-5Vijay Guptabugs, api, bug-bounty, api-development, bug-bounty-tips13-Apr-2024
How I saved over 200,000 job seekers’ data on staterecruit.in from a potential data breach.https://brutexploiter.medium.com/how-i-saved-over-200-000-job-seekers-data-on-staterecruit-in-from-a-potential-data-breach-7db5bad1c9e0?source=rss------bug_bounty-5brutexploitercybersecurity, web-development, web-security, sql-injection, bug-bounty13-Apr-2024
How do insecure deserialization vulnerabilities arise?https://cyberw1ng.medium.com/how-do-insecure-deserialization-vulnerabilities-arise-233c336b305b?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, careers, hacking, bug-bounty13-Apr-2024
How Did I Easily Find Stored XSS at Apple and earn $5000 ?https://medium.com/@xrypt0/how-did-i-easily-find-stored-xss-at-apple-and-earn-5000-3aadbae054b2?source=rss------bug_bounty-5Cryptosecurity, xss-attack, apple, bug-bounty, web-security13-Apr-2024
TryHackMe Creative Write-Uphttps://blog.devgenius.io/tryhackme-creative-write-up-f29e2cdbf7ae?source=rss------bug_bounty-5Joseph Alantryhackme-walkthrough, tryhackme, cybersecurity, tryhackme-writeup, bug-bounty13-Apr-2024
Broken Access Control (IDOR) on Forgot Password Could Lead to Attacker Change Password for Every…https://medium.com/@blackarazi/broken-access-control-idor-on-forgot-password-could-lead-to-attacker-change-password-for-every-e1b18e075b5a?source=rss------bug_bounty-5Azhari Harahapbug-bounty-writeup, bug-bounty, account-takeover, application-security, broken-access-control12-Apr-2024
How I managed to bypass 2FA on image linehttps://medium.com/@bishwajeetb1/how-i-managed-to-bypass-2fa-on-image-line-11f123fc32ea?source=rss------bug_bounty-5Bishwajeetcybersecurity, bug-bounty, application-security, web-application-testing, web-application-security12-Apr-2024
Using E-Notation to bypass Access Control restrictions to access arbitrary user PII-discussionshttps://medium.com/@keizobugbounty/using-e-notation-to-bypass-access-control-restrictions-to-access-arbitrary-user-pii-discussions-1fa014b544d4?source=rss------bug_bounty-5Keizobugbounty-writeup, cybersecurity, bug-bounty-writeup, bug-bounty, bug-bounty-tips12-Apr-2024
The Critical Role Of Bug Bounties in Ensuring Web3 Securityhttps://securrtech.medium.com/the-critical-role-of-bug-bounties-in-ensuring-web3-security-084cf518234b?source=rss------bug_bounty-5Securrweb3-security, bug-bounty, web312-Apr-2024
How I Find My First Internet Bug Bounty for Apache Airflowhttps://medium.com/@zpbrent/how-i-find-my-first-internet-bug-bounty-for-apache-airflow-9d3c1ec29b24?source=rss------bug_bounty-5Peng Zhoubug-bounty, open-source, airflow, python, infosec12-Apr-2024
Bug Zero at a Glance [16–31 March]https://blog.bugzero.io/bug-zero-at-a-glance-16-31-march-4f4cd6823a75?source=rss------bug_bounty-5Januka Dharmapriyacybersecurity, sri-lanka, bug-zero, bug-bounty, newsletter12-Apr-2024
How i Almost got 2K$ through a Race conditionhttps://medium.com/@0x3adly/how-i-almost-got-2k-through-a-race-condition-3b09232b3a25?source=rss------bug_bounty-5Anas Eladly ( 0x3adly )bug-bounty, bug-bounty-tips, race-condition, infosec, web-penetration-testing12-Apr-2024
A Comprehensive Guide to Static Analysis in Android Pentestinghttps://medium.com/@samireddisaimanikanta939/a-comprehensive-guide-to-static-analysis-in-android-pentesting-66023053ed18?source=rss------bug_bounty-5Intrud3rXpenetration-testing, ethical-hacking, android-static-analysis, android-pentesting, bug-bounty12-Apr-2024
Learn Bug Bountyhttps://bevijaygupta.medium.com/learn-bug-bounty-d67654f0c01f?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bugs, bug-bounty, learn, bug-zero12-Apr-2024
Microsoft Bug Bountyhttps://bevijaygupta.medium.com/microsoft-bug-bounty-1295263b135e?source=rss------bug_bounty-5Vijay Guptamicrosoft, microservices, bug-bounty-tips, bug-bounty-writeup, bug-bounty12-Apr-2024
How I Bypassed Offer Limits to Gain Multiple Membership Benefitshttps://medium.com/@xiaodongsec/how-i-bypassed-offer-limits-to-gain-multiple-membership-benefits-affea84c0844?source=rss------bug_bounty-5Xiaodongbug-bounty, hacker, china, vulnerability12-Apr-2024
Latest Bug Bounty And Web Hacking Tools Bug Bunty And Web Hacking Toolshttps://medium.com/@haidertallal786/latest-bug-bounty-and-web-hacking-tools-bug-bunty-and-web-hacking-tools-feff2224b200?source=rss------bug_bounty-5Muhammad haider Tallalbug-bounty, web-penetration-testing, hacking12-Apr-2024
Zoho Account Takeover: How a Single Click Can Lead to Full Control on your Zoho accounthttps://medium.com/@0xUsername/zoho-account-takeover-how-a-single-click-can-lead-to-full-control-on-your-zoho-account-04a5ea069382?source=rss------bug_bounty-5HackerWithOutHatsecurity, cybersecuirty, bug-bounty, infosec, information-security12-Apr-2024
Random account takeover via misconfigured OAuthhttps://medium.com/@Berserker1337/random-account-takeover-via-misconfigured-oauth-5dc2cbbbe905?source=rss------bug_bounty-5Berserkerbug-bounty, cybersecurity, information-security, infosec, vulnerability12-Apr-2024
16.5 Lab: Multistep clickjacking in Bug Bounty | 2024https://cyberw1ng.medium.com/16-5-lab-multistep-clickjacking-in-bug-bounty-2024-a5eb20de6900?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking12-Apr-2024
5 Methods I Use To Discover APIshttps://medium.com/@red.whisperer/5-methods-i-use-to-discover-apis-6d646baa3ffb?source=rss------bug_bounty-5Chuxapi, red-team, pentesting, hacking, bug-bounty12-Apr-2024
Token-Based Authentication vulnerabilityhttps://medium.com/@paulovitorcl/token-based-authentication-vulnerability-37d97efcca62?source=rss------bug_bounty-5Paulo Vitor Costa Limabug-bounty, cybersecurity12-Apr-2024
Hunting on Microsoft SharePoint: The art of manipulation.https://machiavellli.medium.com/hunting-on-microsoft-sharepoint-the-art-of-manipulation-25c96ee1de3a?source=rss------bug_bounty-5Machiavelliinfosec, bug-bounty12-Apr-2024
How I Discovered Vulnerabilities by Modifying App Memoryhttps://medium.com/@xiaodongsec/how-i-discovered-vulnerabilities-by-modifying-app-memory-5a87b685ed3d?source=rss------bug_bounty-5Xiaodonghacker, china, bug-bounty, vulnerability, money12-Apr-2024
How I Exposed a High-Risk SSRF Vulnerability in an AI Modelhttps://medium.com/@xiaodongsec/how-i-exposed-a-high-risk-ssrf-vulnerability-in-an-ai-model-e40d6f96a5e1?source=rss------bug_bounty-5Xiaodongsechacker, bug-bounty, ai11-Apr-2024
Building My Own Packet Sniffer for Game Security Testinghttps://medium.com/@yannik603/building-my-own-packet-sniffer-for-game-security-testing-8baf58a94d0c?source=rss------bug_bounty-5Yannik Castrogamehacking, bug-bounty, reverse-engineering, hacking, hacking-tools11-Apr-2024
Meta Bug Bountyhttps://bevijaygupta.medium.com/meta-bug-bounty-cc842ca0f614?source=rss------bug_bounty-5Vijay Guptabugs, bug-zero, bug-bounty, metaverse, bug-bounty-tips11-Apr-2024
How to Fuzz Prototype Pollution by Reusing Public CVEs for Fun and Researchhttps://medium.com/@zpbrent/how-to-fuzz-prototype-pollution-by-reusing-public-cves-for-fun-and-research-40891013bf0b?source=rss------bug_bounty-5Peng Zhouweb-security, nodejs, fuzzing, infosec, bug-bounty11-Apr-2024
How I Exposed a High-Risk SSRF Vulnerability in an AI Modelhttps://medium.com/@xiaodongsec/how-i-exposed-a-high-risk-ssrf-vulnerability-in-an-ai-model-e40d6f96a5e1?source=rss------bug_bounty-5Xiaodonghacker, bug-bounty, ai11-Apr-2024
How I Uncovered a Payment Vulnerabilityhttps://medium.com/@xiaodongsec/how-i-uncovered-a-payment-vulnerability-6355e15d1702?source=rss------bug_bounty-5Xiaodongvulnerability, china, bug-bounty, hacker11-Apr-2024
Indian software firms cheated me by failing to provide the promised bounty after I reported…https://medium.com/@mangbho28/indian-software-firms-cheated-me-by-failing-to-provide-the-promised-bounty-after-i-reported-ffc7fcc83993?source=rss------bug_bounty-5MB007bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-program11-Apr-2024
Bypassed the Amazon CloudFront Logic and got XSS at the National Weather Agency of the U.S.https://royzsec.medium.com/bypassed-the-amazon-cloudfront-logic-and-got-xss-at-the-national-weather-agency-of-the-u-s-100af330430a?source=rss------bug_bounty-5Prince Roy(RoyzSec)web-development, hacking, bug-bounty, cybersecurity, penetration-testing11-Apr-2024
7 Essential Skills Every Bug Bounty Hunter Needs to Succeedhttps://medium.com/mynextdeveloper/7-essential-skills-every-bug-bounty-hunter-needs-to-succeed-0e6ac8afa483?source=rss------bug_bounty-5MyNextDeveloperpenetration-testing, cybersecurity, kali-linux, darkweb, bug-bounty11-Apr-2024
GitHub Bug Bountyhttps://bevijaygupta.medium.com/github-bug-bounty-afa61eb789f3?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bug-zero, bugs, github, bug-bounty11-Apr-2024
16.4 Lab: Exploiting clickjacking vulnerability to trigger DOM-based XSS | 2024https://cyberw1ng.medium.com/16-4-lab-exploiting-clickjacking-vulnerability-to-trigger-dom-based-xss-2024-71c5b567fb4b?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, cybersecurity, bug-bounty, careers11-Apr-2024
Secret BurpSuite Extension For BugBounty~ Part-2https://medium.com/@Ajakcybersecurity/secret-burpsuite-extension-for-bugbounty-part-2-58b644b9222c?source=rss------bug_bounty-5AjakCybersecurityblog, bug-bounty, penetration-testing, ethical-hacking, hacking11-Apr-2024
How to Fuzz Prototype Pollution by Reusing Public CVEs for Fun and Researchhttps://medium.com/@zpbrent/how-to-fuzz-prototype-pollution-by-reusing-public-cves-for-fun-and-research-40891013bf0b?source=rss------bug_bounty-5Peng Zhoujavascript, web-security, nodejs, infosec, bug-bounty11-Apr-2024
Bug Bounty Challenge: Day 16–11/04/2024https://wallotry.medium.com/bug-bounty-challenge-day-16-11-04-2024-effc5c820319?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty11-Apr-2024
CVE-2024–24576: A Critical Rust Vulnerability on Windowshttps://infosecwriteups.com/cve-2024-24576-a-critical-rust-vulnerability-on-windows-4f0bb1a332e9?source=rss------bug_bounty-5ElNiakcybersecurity, windows, rust, penetration-testing, bug-bounty10-Apr-2024
How I Find an Arbitrary File Upload Vulnerability with a Unique Bypasshttps://medium.com/@zpbrent/how-i-find-an-arbitrary-file-upload-vulnerability-with-a-unique-bypass-8d679f45a497?source=rss------bug_bounty-5Peng Zhouinfosec, wordpress-plugins, web-security, bug-bounty, wordpress10-Apr-2024
Bug Bounty Certificationhttps://bevijaygupta.medium.com/bug-bounty-certification-27c95b8a1b80?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bugs, bug-bounty, bug-zero, bug-bounty-certification10-Apr-2024
Android Bug Bountyhttps://bevijaygupta.medium.com/android-bug-bounty-9a2daf0d2270?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, android-bug-bounty, android, bugs, bug-bounty10-Apr-2024
Apple Bug Bountyhttps://bevijaygupta.medium.com/apple-bug-bounty-88002b2c159d?source=rss------bug_bounty-5Vijay Guptaapple-bug-bounty, bug-zero, bug-bounty, bug-bounty-tips, bugs10-Apr-2024
SQL Injection: A Simple Beginner’s Guide.https://ishengoma.medium.com/sql-injection-a-simple-beginners-guide-58d237ff18da?source=rss------bug_bounty-5Ishengomavulnerability-assessment, sql-injection, hacking, vulnerability-management, bug-bounty10-Apr-2024
Privilege Escalation by manipulating endpointhttps://medium.com/@vijayrockstar.verma5/privilege-escalation-by-manipulating-endpoint-10feb974bab5?source=rss------bug_bounty-5Vijay Vermainfosec, hacking, bug-bounty, cybersecurity, pentesting10-Apr-2024
Vulnerable WordPress March 2024 (Kandovan)https://medium.com/@onhexgroup/vulnerable-wordpress-march-2024-kandovan-24103451060b?source=rss------bug_bounty-5Onhexgroupwordpress, bug-bounty, wordpress-security, infosec, exploitation10-Apr-2024
Clickjacking: A Comprehensive Guide to Finding Clickjacking Vulnerabilitieshttps://cyberw1ng.medium.com/clickjacking-a-comprehensive-guide-to-finding-clickjacking-vulnerabilities-3f51d8e63a41?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, security, bug-bounty, careers10-Apr-2024
Bug: No rate limiting on Email verification leads to huge Mass Mailing :: P4https://medium.com/@deypradip87jk/bug-no-rate-limiting-on-email-verification-leads-to-huge-mass-mailing-p4-b72c666d6e56?source=rss------bug_bounty-5Professor0xx01information-security, bug-bounty-tips, cybersecurity, bug-bounty, infosec-write-ups09-Apr-2024
How I Found Bug :: Reflected XSS (Cross-Site-Scripting) On a BBP.https://medium.com/@deypradip87jk/how-i-found-bug-reflected-xss-cross-site-scripting-on-a-bbp-9f57611eda91?source=rss------bug_bounty-5Professor0xx01bug-bounty, cyber-security-solutions, infosec-write-ups, offensive-security, bug-bounty-tips09-Apr-2024
Bug: No rate limiting on Email verification leads to huge Mass Mailing :: P4https://medium.com/@p.ra.dee.p_0xx01/bug-no-rate-limiting-on-email-verification-leads-to-huge-mass-mailing-p4-b72c666d6e56?source=rss------bug_bounty-5Professor0xx01information-security, bug-bounty-tips, cybersecurity, bug-bounty, infosec-write-ups09-Apr-2024
How I Found Bug :: Reflected XSS (Cross-Site-Scripting) On a BBP.https://medium.com/@p.ra.dee.p_0xx01/how-i-found-bug-reflected-xss-cross-site-scripting-on-a-bbp-9f57611eda91?source=rss------bug_bounty-5Professor0xx01bug-bounty, cyber-security-solutions, infosec-write-ups, offensive-security, bug-bounty-tips09-Apr-2024
Bug Bounty Reportshttps://bevijaygupta.medium.com/bug-bounty-reports-8a6480d06a80?source=rss------bug_bounty-5Vijay Guptabug-bounty, bug-bounty-tips, bugs, bug-bounty-reports, bug-zero09-Apr-2024
Bug Hunting Methodology for Beginnershttps://bevijaygupta.medium.com/bug-hunting-methodology-for-beginners-ce7ee1b11c25?source=rss------bug_bounty-5Vijay Guptabug-bounty-hunter, bug-hunting, bug-bounty, bug-bounty-tips, bug-bounty-writeup09-Apr-2024
Information Disclosure: Story of 500€ + 400$ Bountyhttps://v3d.medium.com/information-disclosure-story-of-500-400-bounty-97d3b343f9ad?source=rss------bug_bounty-5V3Dbug-bounty, penetration-testing, information-technology, cybersecurity, hacking09-Apr-2024
Card Payment Functionality Checklist — Bug Bounty Tuesdayhttps://medium.com/@kerstan/card-payment-functionality-checklist-bug-bounty-tuesday-6eab127d0126?source=rss------bug_bounty-5kerstantechnology, hacking, cybersecurity, bug-bounty, security09-Apr-2024
Mass automation for finding XSS vulnerabilities in large scope targetshttps://medium.com/@oumzarkar/mass-automation-for-finding-xss-vulnerabilities-in-large-scope-targets-019996b0515c?source=rss------bug_bounty-5dextrobug-bounty-tips, cybersecurity, walkthrough, automation, bug-bounty09-Apr-2024
How I Found My First Stored XSS || WAF & Characters Limitation Bypasshttps://kariiem.medium.com/how-i-found-my-first-stored-xss-waf-characters-limitation-bypass-cc414c4fadde?source=rss------bug_bounty-5Kariiem Gamalbug-bounty-tips, bug-hunting, bug-bounty, waf-bypass, bugbounty-writeup09-Apr-2024
My WordPress Bug Bounty Journey on Patchstackhttps://medium.com/@zpbrent/from-first-rejection-to-monthly-top-c0dedd4bbc7f?source=rss------bug_bounty-5Peng Zhoubug-bounty-program, bug-bounty-hunter, wordpress-security, ethical-hacking, bug-bounty09-Apr-2024
Simple Tips for Bug Bounty Beginners: Finding Blind XSS Vulnerabilitieshttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-blind-xss-vulnerabilities-ab67977ff756?source=rss------bug_bounty-5Anish Narayanbug-bounty-tips, bug-bounty, xss-attack, cross-site-scripting, cybersecurity09-Apr-2024
15.3 Lab: CORS vulnerability with trusted insecure protocols | 2024https://cyberw1ng.medium.com/15-3-lab-cors-vulnerability-with-trusted-insecure-protocols-2024-2ba1967daecc?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, penetration-testing, bug-bounty, cybersecurity, hacking09-Apr-2024
Hunting Bugs and Striking Gold: Forward Calls for Elite Hunters in the Bug Bounty Campaignhttps://forwardprotocol.medium.com/hunting-bugs-and-striking-gold-forward-calls-for-elite-hunters-in-the-bug-bounty-campaign-057e686c8577?source=rss------bug_bounty-5Forward Protocolblockchain-technology, bug-bounty, bug-bounty-hunter, web3, blockchain-developer09-Apr-2024
Is Your Business a Sitting Duck for Credit Card Hackers? Here’s How PCI DSS Can Save You!https://medium.com/@josuofficial327/is-your-business-a-sitting-duck-for-credit-card-hackers-heres-how-pci-dss-can-save-you-97d7b6562131?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binucybersecurity, payment-gateway, bug-bounty, hacking, bug-bounty-tips08-Apr-2024
Google Bug Huntershttps://bevijaygupta.medium.com/google-bug-hunters-673e2f5c2600?source=rss------bug_bounty-5Vijay Guptabug-hunter, bug-bounty-writeup, google, bug-bounty, bug-bounty-tips08-Apr-2024
Unleashing the Power of Bug Bounty Dorks: A Comprehensive Guidehttps://bevijaygupta.medium.com/unleashing-the-power-of-bug-bounty-dorks-a-comprehensive-guide-b121fce9e5e4?source=rss------bug_bounty-5Vijay Guptagoogle, bug-bounty, bug-bounty-tips, google-dork, bug-zero08-Apr-2024
How I Got Multiple Privilege Escalations — The Easy Trick?https://medium.com/@Mdabdulrahman/how-i-got-multiple-privilege-escalations-the-easy-trick-e915110bc08a?source=rss------bug_bounty-5Md Abdul Rahmanwin-privilege-escalation, bug-bounty, penetration-testing, privilege-escalation08-Apr-2024
Hacking Swisscom’s End-to-End Encrypted Cloud Storage for $4,000https://medium.com/@thomashouhou/hacking-swisscoms-end-to-end-encrypted-cloud-storage-for-4-000-3660722196ec?source=rss------bug_bounty-5Thomas Houhouweb-security, hacking, bug-bounty-tips, bug-bounty, cybersecurity08-Apr-2024
XSS on out of scope domain? CORS is your secret weapon!https://c4rrilat0r.medium.com/xss-on-out-of-scope-domain-cors-is-your-secret-weapon-93e433278080?source=rss------bug_bounty-5c4rrilat0rbug-bounty, bug-bounty-tips, hackerone, xss-attack, cors08-Apr-2024
Breaking Free: 26 Advanced Techniques to Escape Docker Containershttps://infosecwriteups.com/breaking-free-26-advanced-techniques-to-escape-docker-containers-530049816b55?source=rss------bug_bounty-5ElNiakbug-bounty, cybersecurity, penetration-testing, kubernetes, docker08-Apr-2024
15.2 Lab: CORS vulnerability with trusted null origin | 2024https://cyberw1ng.medium.com/15-2-lab-cors-vulnerability-with-trusted-null-origin-2024-a84020e4e254?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, cybersecurity, careers, bug-bounty08-Apr-2024
Why You Should Attend Cybersecurity Conferences: Unlock Opportunitieshttps://medium.com/@a13h1/why-you-should-attend-cybersecurity-conferences-unlock-opportunities-2a16dfe4658e?source=rss------bug_bounty-5Abhi Sharmanetworking, information-security, cybersecurity, conference, bug-bounty07-Apr-2024
How to Start Your Journey into Cybersecurity in 2024 (or how I did)https://medium.com/@j0hnc0nn0r/how-to-start-your-journey-into-cybersecurity-in-2024-or-how-i-did-ebe4910acdc7?source=rss------bug_bounty-5John Connorcybersecurity, penetration-testing, bug-bounty, tryhackme, hackthebox07-Apr-2024
How to Start Your Journey into Cybersecurity in 2024 (or how I did)https://medium.com/@j0hnc0nn0r/how-to-start-your-journey-into-cybersecurity-in-2024-or-how-i-did-ebe4910acdc7?source=rss------bug_bounty-5J0hn C0nn0rcybersecurity, penetration-testing, bug-bounty, tryhackme, hackthebox07-Apr-2024
How Employee can change Manager’s review for him.https://interc3pt3r.medium.com/how-employee-can-change-managers-review-for-him-a903bd329111?source=rss------bug_bounty-5Aneesha Dbug-bounty, cybersecurity, hacking, security, bugs07-Apr-2024
Unofficial Guide to OWASP Top 10:2021https://medium.com/@rafinrahmanchy/unofficial-guide-to-owasp-top-10-2021-87eebd03b614?source=rss------bug_bounty-5Rafin Rahman Chypentesting, web-security, bug-bounty, hacking, infosec07-Apr-2024
TryHackMe CTF: Vulnversity — Walkthroughhttps://medium.com/@suyogpatil1810/tryhackme-ctf-vulnversity-walkthrough-2f375c5521a6?source=rss------bug_bounty-5Suyog Patilsoftware-development, computer-science, hacking, ethical-hacking, bug-bounty07-Apr-2024
Mastering CORS: A Comprehensive Guide to Finding Cross-origin resource sharing Vulnerabilities |…https://cyberw1ng.medium.com/mastering-cors-a-comprehensive-guide-to-finding-cross-origin-resource-sharing-vulnerabilities-c22a5659f95f?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, security, penetration-testing07-Apr-2024
How We Found a 25K$ Bug in a Blockchain Project by Mistake | Bounty Hunting Journeyhttps://0d.dwalletlabs.com/how-we-found-a-25k-bug-in-a-blockchain-project-by-mistake-bounty-hunting-journey-21c0c20440f6?source=rss------bug_bounty-5Elad Ernstblockchain, exploitation, web3, bug-bounty, icon-foundation07-Apr-2024
IDOR Leads To Account Takeoverhttps://medium.com/@adityasawant00/idor-leads-to-account-takeover-28fe6e300a49?source=rss------bug_bounty-5Aditya Sawantidor, account-takeover, bug-bounty, penetration-testing, web-application-security07-Apr-2024
How Did I Find Reflected XSS In Domino’s ?https://medium.com/@xrypt0/how-did-i-find-reflected-xss-in-dominos-d1d41b120598?source=rss------bug_bounty-5Cryptocloudflare, bug-bounty, penetration-testing, xss-attack, web-security07-Apr-2024
File Upload Vulnerability Checklisthttps://medium.com/@dasmanish6176/file-upload-vulnerability-checklist-254c4680aa74?source=rss------bug_bounty-5Dasmanishweb-application-security, bug-bounty, web-penetration-testing, vapt, file-upload-vulnerability07-Apr-2024
Bug Bounties in Web3: Investing in Security for Sustainable Growthhttps://medium.com/@charliekaru/bug-bounties-in-web3-investing-in-security-for-sustainable-growth-5b4092474d3d?source=rss------bug_bounty-5Charlie Karunaratneweb3, defi-security, bug-bounty, web3-security07-Apr-2024
Teaching Spotify a Cryptography Lessonhttps://medium.com/@Fanicia/teaching-spotify-a-cryptography-lesson-51f5ee0b0f5c?source=rss------bug_bounty-5Security Guyopenid-connect, blue-team, bug-bounty, cybersecurity, bug-bounty-tips07-Apr-2024
Finding CSRF on Graphql Applicationhttps://medium.com/@alpernae/finding-csrf-on-graphql-application-3ffa1105a30d?source=rss------bug_bounty-5Alperenbug-bounty-tips, graphql, cybersecurity, bug-bounty, csrf7-Apr-2024
The Fast and the Curious: Finding a Race Condition in Worldcoinhttps://medium.com/@gonzo-hacks/the-fast-and-the-curious-finding-a-race-condition-in-worldcoin-621c89bfbd61?source=rss------bug_bounty-5Dane Sherretsbug-bounty, bug-fixes, bug-bounty-tips, blockchain, hacking7-Apr-2024
“Fortify Your Cyber Space: Embark on the Dominant Cyber Boot Camp Journey”https://medium.com/@rizvi4600779/fortify-your-cyber-space-embark-on-the-dominant-cyber-boot-camp-journey-3071bd0b1ec7?source=rss------bug_bounty-5Syed Muhammad Minhal Rizvihacking, writeup, cyber, bug-bounty, cybersecurity7-Apr-2024
Host Header Manipulation Leading to Unauthorized Access to Apple’s Internal Slack bot (Bug Bounty)https://amineaboud.medium.com/unauthorized-access-to-an-internal-app-used-by-apple-to-protect-confidential-information-shared-on-c8835a80079b?source=rss------bug_bounty-5Amine Aboudbug-bounty-writeup, bug-bounty, bug-bounty-tips07-Apr-2024
This Cryptocurrency exchange paid me $200 for reporting vulnerability in their websitehttps://medium.com/@abhishek8602314652/this-cryptocurrency-exchange-paid-me-200-for-reporting-vulnerability-in-their-website-6755b38702a8?source=rss------bug_bounty-5Abhishek singh ( a6h1)cybersecurity, cryptocurrency, vulnerability, bug-hunting, bug-bounty07-Apr-2024
Wordfence otorga su mayor bounty hasta la fechahttps://casi-cincuenta-monos.medium.com/wordfence-otorga-su-mayor-bounty-hasta-la-fecha-f2d9aa561f05?source=rss------bug_bounty-5Casi Cincuenta Monoswordpress, cybersecurity, bug-bounty06-Apr-2024
Recon automation with Telegram Notificationhttps://medium.com/@tamhacker1/recon-automation-with-telegram-notification-d4c6b564ed58?source=rss------bug_bounty-5Tamhackercybersecurity, hacker, bug-bounty, reconnaissance, hacking06-Apr-2024
How To Fix bWAPP Unknown Database Error Windows/Linuxhttps://hamzaavvan.medium.com/how-to-fix-bwapp-unknown-database-error-windows-linux-acefd1a4568b?source=rss------bug_bounty-5Hamza Avvanbwapp, php, ethical-hacking, bug-fixes, bug-bounty06-Apr-2024
Easiest way to find Broken links in a websitehttps://medium.com/@jeetpal2007/easiest-way-to-find-broken-links-in-a-website-cccbc1f0b6d2?source=rss------bug_bounty-5JEETPALbroken-link, easy-bug-to-find, bug-bounty, bug-bounty-tips, broken-link-hijacking06-Apr-2024
Advanced XSS Discovery: Streamlining Your Attack Strategy with Cutting-Edge Automation Toolshttps://medium.com/@0xelkot/advanced-xss-discovery-streamlining-your-attack-strategy-with-cutting-edge-automation-tools-88cfd0f68c8e?source=rss------bug_bounty-50xElkothackerone, xss-attack, methodology, bug-bounty, hacking06-Apr-2024
14.6 Lab: SameSite Strict bypass via sibling domain | 2024https://infosecwriteups.com/14-6-lab-samesite-strict-bypass-via-sibling-domain-2024-f2ad5f0167d1?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, penetration-testing, hacking06-Apr-2024
Bug Bounty: Secure Camino Network, Earn Rewardshttps://medium.com/@obobo/bug-bounty-secure-camino-network-earn-rewards-329a686da0b9?source=rss------bug_bounty-5O Boboweb3, hexen, travel, camino-network, bug-bounty06-Apr-2024
Step by Step Complete Beginners guide of iOS penetration testing with corelliumhttps://infosecwriteups.com/step-by-step-complete-beginners-guide-of-ios-penetration-testing-with-corellium-2b9e9c6382c2?source=rss------bug_bounty-5Sandeep Vishwakarmamobile-pentesting, bug-bounty, corellium, ios-penetration-testing, pentesting05-Apr-2024
Unmasking an Open Redirect on the India’s Government Websitehttps://medium.com/@nilkhant30/unmasking-an-open-redirect-on-the-indias-government-website-3f808b10bff9?source=rss------bug_bounty-5I AM Rajaopen-redirect, bug-bounty, hacking, bug-bounty-tips, security-research05-Apr-2024
IDOR To view other private users profile pictures in un.orghttps://medium.com/@Ajakcybersecurity/idor-to-view-other-private-users-profile-pictures-in-un-org-358e464335e8?source=rss------bug_bounty-5AjakCybersecurityhacking, bug-bounty, cybersecurity, ethical-hacking, penetration-testing05-Apr-2024
Apple’s Bug: From SQLi Suspicions to UI Bug Discoveryhttps://medium.com/@MohaseenK/apples-bug-from-sqli-suspicions-to-ui-bug-discovery-0e71e228b336?source=rss------bug_bounty-5Mohaseenapple, hof, bug-bounty, hackerone, bugcrowd05-Apr-2024
Race Condition Authentication Bypass Leads to Full Account Takeoverhttps://medium.com/@keizobugbounty/race-condition-authentication-bypass-leads-to-full-account-takeover-6b5c9bc0a54d?source=rss------bug_bounty-5Keizocybersecurity, bugbounty-writeup, bug-bounty, bug-bounty-writeup, bug-bounty-tips05-Apr-2024
Don’t Trust the Cache: Exposing Web Cache Poisoning and Deception vulnerabilitieshttps://anasbetis023.medium.com/dont-trust-the-cache-exposing-web-cache-poisoning-and-deception-vulnerabilities-3a829f221f52?source=rss------bug_bounty-5Anas H Hmaidybug-bounty-tips, penetration-testing, cybersecurity, web-security, bug-bounty05-Apr-2024
FB OAuth Misconfigurations to Account Takeoverhttps://medium.com/@hbenja47/fb-oauth-misconfigurations-to-account-takeover-e264a06ae4a0?source=rss------bug_bounty-5Benja (bronxi)hacking, bug-bounty, oauth, infosec05-Apr-2024
UUIDs Unmasked: Exploiting IDOR for User Data Accesshttps://medium.com/@cybersolution2172/uuids-unmasked-exploiting-idor-for-user-data-access-b199e3b08563?source=rss------bug_bounty-5Satyam Singhbug-bounty-tips, owasp, bug-bounty, idor-vulnerability, bug-bounty-writeup05-Apr-2024
14.5 Lab: CSRF with broken Referer validation | 2024https://cyberw1ng.medium.com/14-5-lab-csrf-with-broken-referer-validation-2024-9948aa660023?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, cybersecurity, careers, bug-bounty05-Apr-2024
Beetlebug Android Walkthrough & Basics Android application securityhttps://medium.com/@yousefneuer13/beetlebug-android-walkthrough-basics-android-application-security-c5e0fb9b284b?source=rss------bug_bounty-5Yousef Elsheikhcybersecurity, bug-bounty, android-security, ctf-writeup, ctf-walkthrough05-Apr-2024
One IP led to 4 bugs made the company delete the domainhttps://kalawy.medium.com/one-ip-led-to-4-bugs-made-the-company-delete-the-domain-f28a9e898a8a?source=rss------bug_bounty-5Kalawybug-bounty-tips, bug-bounty, hackerone04-Apr-2024
How to discovery vulnerabilities in your network?https://medium.com/@info_81845/how-to-discovery-vulnerabilities-in-your-network-a6fd140ad4d6?source=rss------bug_bounty-5BugFixingpenetration-testing, penetration-test-company, bug-bounty, hacking, vulnerability-assessment04-Apr-2024
Art of onscrollend | Demonstrating XSS through scroll events write-uphttps://medium.com/@rAmpancist/art-of-onscrollend-demonstrating-xss-through-scroll-events-write-up-d3b33afaaf64?source=rss------bug_bounty-5rAmpancistbug-bounty, bug-bounty-tips, xss-attack, cybersecurity, hacking04-Apr-2024
HTB Academy | CROSS_SITE SCRIPTING (XSS) -https://medium.com/@mazalwebdesign/htb-academy-cross-site-scripting-xss-7dc78e69b100?source=rss------bug_bounty-5Sara Mazal M. | maz4lethical-hacking, htb, htb-academy-writeup, htb-walkthrough, bug-bounty04-Apr-2024
FB OAuth Misconfiguration Leads to Takeover any Accounthttps://sl4x0.medium.com/fb-oauth-misconfiguration-leads-to-takeover-any-account-061316a5b31b?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)oauth2, account-takeover, bug-bounty, hacking, bug-bounty-tips04-Apr-2024
S3 Bucket Misconfigurationhttps://medium.com/@scorpiankapil/s3-bucket-misconfiguration-64d459abdb71?source=rss------bug_bounty-5Kapil Patelbug-bounty04-Apr-2024
14.4 Lab: CSRF where Referer validation depends on header being present | 2024https://cyberw1ng.medium.com/14-4-lab-csrf-where-referer-validation-depends-on-header-being-present-2024-2db1c7496091?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, bug-bounty, penetration-testing04-Apr-2024
NFShttps://medium.com/@mirackucuk595/nfs-873d049131b8?source=rss------bug_bounty-5Miraç Küçükfootprinting, bug-bounty, information-gathering, hack-the-box-writeup, nfs-server04-Apr-2024
Escalation of Admin and Supervisor Privileges Enables Organization Takeover and Access to Any…https://medium.com/@elcapitano7x/escalation-of-admin-and-supervisor-privileges-enables-organization-takeover-and-access-to-any-6d1eb82bbe08?source=rss------bug_bounty-5Elcapitanobug-bounty, hacking, idor-vulnerability, bug-bounty-tips, account-takeover04-Apr-2024
Bug Bounty Challenge: Day 10–04/04/2024https://wallotry.medium.com/bug-bounty-challenge-day-10-04-04-2024-d7d40e226af2?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup04-Apr-2024
My methodology to bypass CSRFhttps://medium.com/@0x7irix/my-methodology-to-bypass-csrf-957b4e552ae7?source=rss------bug_bounty-50x7irixcsrf-attack, csrf-token, csrf-bypass, csrf, bug-bounty04-Apr-2024
How I hacked medium and they didn’t pay mehttps://medium.com/@super_burgundy_weasel_439/how-i-hacked-medium-and-they-didnt-pay-me-f6c89cca3af7?source=rss------bug_bounty-5YouGotItCominghacking, bug-bounty, medium, neglect, bugs04-Apr-2024
ShentuChain’s OpenBounty Hackers and Projects Referral Programhttps://shentuchain.medium.com/shentuchains-openbounty-hackers-and-projects-referral-program-29b4b73c20c0?source=rss------bug_bounty-5Shentu Chainbug-bounty, ethical-hacker, cybersecurity, referral-program, web303-Apr-2024
SQLI with extract Huge Data just Got N/Ahttps://medium.com/@nomad8061/sqli-with-extract-huge-data-just-got-n-a-5956c3b5297b?source=rss------bug_bounty-5Ahmed Badrybug-bounty, sqlite, infosec, information-technology, ctf03-Apr-2024
Cracking the Code: XSS Exploits and Their Power in Phishing Warfarehttps://hackerhalt.medium.com/cracking-the-code-xss-exploits-and-their-power-in-phishing-warfare-252d04e9792e?source=rss------bug_bounty-5Hacker Halt Livebugbounty-writeup, phishing, xs, bug-bounty, phishing-attacks03-Apr-2024
Hack ChatGPT, Make Moneyhttps://medium.com/@david.azad.merian/hack-chatgpt-make-money-644bb4a7a529?source=rss------bug_bounty-5David Merianbug-bounty, hacking, cybersecurity, fuzzing, ai03-Apr-2024
How I Secured 50+ Brand & Startups in Shopify Stores | XSS | Responsible Disclosurehttps://prathapilango.medium.com/how-i-secured-50-brand-startups-in-shopify-stores-xss-responsible-disclosure-e38a72cf4a47?source=rss------bug_bounty-5Prathapilangoinfosec, info-sec-writeups, cybersecurity, cross-site-scripting, bug-bounty03-Apr-2024
Bug Bounty Challenge: Day 9–03/04/2024https://wallotry.medium.com/bug-bounty-challenge-day-9-03-04-2024-f7a6303bb674?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-tips03-Apr-2024
I asked ChatGPT to improve Jason Haddix V4 methodology. Here’s the answer:https://medium.com/@uniicorniumx/i-asked-chatgpt-to-improve-jason-haddix-v4-methodology-heres-the-answer-09de258da623?source=rss------bug_bounty-5• CrazyUnicornhacking, bug-bounty, pentesting, cybersecurity, bug-bounty-tips03-Apr-2024
Smart Fuzzing — Finding bugs like no one else. By Gilson Oliveirahttps://medium.com/@gilsgil/smart-fuzzing-finding-bugs-like-no-one-else-by-gilson-oliveira-d6aa0dbc285b?source=rss------bug_bounty-5Gilson Oliveirabug-bounty-tips, bug-bounty, bug-bounty-writeup03-Apr-2024
Struggling RCE on Jenkins Instancehttps://medium.com/@imusabkhan/struggling-rce-on-jenkins-instance-8851af98b7e6?source=rss------bug_bounty-5Mohammad Musab Khanhacker, bugs, bug-bounty, bug-bounty-tips, remote-code-execution03-Apr-2024
DNShttps://medium.com/@mirackucuk595/dns-4e18aa90b7cf?source=rss------bug_bounty-5Miraç Küçükfootprinting, hack-the-box-writeup, dns, bug-bounty03-Apr-2024
Bir sorgu dizesinde sunucu tarafı parametre kirliliğinden yararlanmahttps://medium.com/@hhuseyinuyar17/bir-sorgu-dizesinde-sunucu-taraf%C4%B1-parametre-kirlili%C4%9Finden-yararlanma-567489eefd65?source=rss------bug_bounty-5Hhuseyinuyarapi, hacking, burpsuite, bug-bounty, parameter03-Apr-2024
14.3 Lab: SameSite Lax bypass via cookie refresh | 2024https://cyberw1ng.medium.com/14-3-lab-samesite-lax-bypass-via-cookie-refresh-2024-4f10021e6ce8?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, cybersecurity, hacking, careers03-Apr-2024
Issues related to privacy (Cybersecurity)https://medium.com/@paritoshblogs/issues-related-to-privacy-cybersecurity-99368bf0bc10?source=rss------bug_bounty-5Paritoshinformation-security, bug-bounty, cybersecurity, information-technology, hacking02-Apr-2024
Welcome pentesters to cooperate with our company!https://medium.com/@alfabit_group/welcome-pentesters-to-cooperate-with-our-company-9cdf42f233bb?source=rss------bug_bounty-5AlfaBit Ecosystemblockchain, alfabit, bug-bounty, ecosystem02-Apr-2024
Unpacking CVE-2024–3094: A Critical Vulnerability in XZ Utilshttps://infosecwriteups.com/unpacking-cve-2024-3094-a-critical-vulnerability-in-xz-utils-c6a8207d7b54?source=rss------bug_bounty-5ElNiakcve, linux, backdoor, cybersecurity, bug-bounty02-Apr-2024
4 Mistakes To Avoid When Doing Bug Bounty — Bug Bounty Tuesdayhttps://medium.com/@kerstan/4-mistakes-to-avoid-when-doing-bug-bounty-bug-bounty-tuesday-fd0df75ca05d?source=rss------bug_bounty-5kerstanhacking, cybersecurity, technology, bug-bounty, security02-Apr-2024
14.2 Lab: SameSite Strict bypass via client-side redirect | 2024https://cyberw1ng.medium.com/14-2-lab-samesite-strict-bypass-via-client-side-redirect-2024-2a5e9b68fc1e?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, penetration-testing, careers, cybersecurity02-Apr-2024
One-click Account Take Overhttps://dynnyd20.medium.com/one-click-account-take-over-e500929656ea?source=rss------bug_bounty-5dynnyd20pentesting, bug-bounty, cybersecurity, information-security, security02-Apr-2024
Bug Bounty Challenge: Day 8–02/04/2024https://wallotry.medium.com/bug-bounty-challenge-day-8-02-04-2024-604382e079ac?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips02-Apr-2024
The Difference Between TCP and HTTP Reverse Connection:https://medium.com/@Hackerinja/the-difference-between-tcp-and-http-reverse-connection-bf13ccd16941?source=rss------bug_bounty-5Hackerinjabug-bounty, penetration-testing, cybersecurity, ethical-hacking02-Apr-2024
How I was able to send emails from anyone to anyonehttps://medium.com/@zeesek/how-i-was-able-to-send-emails-from-anyone-to-anyone-a44c57fd015b?source=rss------bug_bounty-5Muhammad Zeeshanpenetration-testing, bugs, bug-bounty-tips, bug-bounty, pentesting02-Apr-2024
How I Found My First Bug | XSShttps://medium.com/@fariio/how-i-found-my-first-bug-xss-031df71aedbe?source=rss------bug_bounty-5Fariiocybersecurity, bug-bounty-tips, penetration-testing, xss-vulnerability, bug-bounty01-Apr-2024
Bug to fix: Mastering the Life Cycle of Software Defectshttps://medium.com/@hannahanulur/bug-to-fix-mastering-the-life-cycle-of-software-defects-b227292bdb16?source=rss------bug_bounty-5Gulhanim Anulurbug-fixes, defect-management, defect-detection, bug-bounty, bugs01-Apr-2024
How to start Bug Bounty Hunting $$$$ in 2024?? | A short RoadMaphttps://infosecwriteups.com/how-to-start-bug-bounty-hunting-in-2024-a-short-roadmap-9f9eeddd24ca?source=rss------bug_bounty-57h3h4ckv157money, hacking, bug-bounty, ethical-hacking, infosec01-Apr-2024
IOS Pentesting Lab Setuphttps://hackerassociate.medium.com/ios-pentesting-lab-setup-516ec567b424?source=rss------bug_bounty-5Harshad Shahcybersecurity, penetration-testing, infosec, hacking, bug-bounty01-Apr-2024
Certified Bug Bounty Hunter: Should you go for Broke, or take a Junior Level Certification Firsthttps://medium.com/@codewidthme/certified-bug-bounty-hunter-should-you-go-for-broke-or-take-a-junior-level-certification-first-a905c105f9a2?source=rss------bug_bounty-5codewidthmehacking, bug-bounty, penetration-testing, certification, hackthebox01-Apr-2024
I will alter and update your websitehttps://medium.com/@fiverrtopfreelancer/i-will-alter-and-update-your-website-438eeb9bcde8?source=rss------bug_bounty-5Fiverr Top Freelancerhtml, website-design, bug-fixes, bug-bounty, css01-Apr-2024
Broken Application Logic Bug Doesn’t Validate Email, leading to DOShttps://medium.com/@saitle74/broken-application-logic-bug-doesnt-validate-email-leading-to-dos-d5ff73e752b4?source=rss------bug_bounty-5Saitleopbug-bounty, infosec-write-ups, cybersecurity, python, infosec01-Apr-2024
“Configuring Apache Web Server on CentOS 7”https://medium.com/@shaikhalshifa210/configuring-apache-web-server-on-centos-7-ed10245f2a4d?source=rss------bug_bounty-5Alshifa Shaikhserver-configuration, bug-bounty, machine-learning, penetration-testing, cybersecurity01-Apr-2024
How to set up Caido for Bug Bounty or Web Application Penetration?https://medium.com/@bytescheck0/how-to-set-up-caido-for-bug-bounty-or-web-application-penetration-a74729d31dca?source=rss------bug_bounty-5Bytescheckcybersecurity, penetration-testing, bug-bounty, technology01-Apr-2024
XSS Vulnerability in a Technical Assessment Application: Lessons Learned and Security Measureshttps://interc3pt3r.medium.com/xss-vulnerability-in-a-technical-assessment-application-lessons-learned-and-security-measures-9321ee4c7639?source=rss------bug_bounty-5Aneesha Dbug-bounty, cybersecurity, hacker, hacking, penetration-testing01-Apr-2024
How I Was Able To Find My First VALID XSShttps://medium.com/@harshsolanki2810/how-i-was-able-to-find-my-first-valid-xss-b1b8bd727b6a?source=rss------bug_bounty-5Dart0xxbug-bounty, cybersecurity, bug-bounty-writeup, bug-hunting01-Apr-2024
Mastering CSRF: A Comprehensive Guide to Finding Cross-site Request Forgery Vulnerabilities | 2024https://cyberw1ng.medium.com/mastering-csrf-a-comprehensive-guide-to-finding-cross-site-request-forgery-vulnerabilities-2024-8d1d13d83547?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, penetration-testing, hacking, careers01-Apr-2024
Subdomain Takeovers (Subdomain Devralma)https://medium.com/@mirackucuk595/subdomain-takeovers-subdomain-devralma-2ffa999c123b?source=rss------bug_bounty-5Miraç Küçükbug-bounty, domain-names, subdomain, hackerone01-Apr-2024
Bug Bounty Challenge: Updatehttps://wallotry.medium.com/bug-bounty-challenge-update-ebd1fa31426c?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup01-Apr-2024
How I Was Able To Find My First VALID XSShttps://medium.com/@0xdartx/how-i-was-able-to-find-my-first-valid-xss-b1b8bd727b6a?source=rss------bug_bounty-5Dart0xxbug-bounty, cybersecurity, bug-bounty-writeup, bug-hunting01-Apr-2024
Can I learn bug bounty for free?https://bevijaygupta.medium.com/can-i-learn-bug-bounty-for-free-59d71024ee15?source=rss------bug_bounty-5Vijay Guptabugs, bug-zero, bug-bounty-tips, bug-bounty, bug-fixes31-Mar-2024
Fake Tinder Account Verified By Bypassing Face Authenticationhttps://medium.com/@Ajakcybersecurity/fake-tinder-account-verified-by-bypassing-face-authentication-4b7c14e35c29?source=rss------bug_bounty-5AjakCybersecurityhacking, ethical-hacking, bug-bounty, blog, tinder31-Mar-2024
Swaggerdə qarşılaşdığım hücum vektorları ($$$)https://memmedrehimzade.medium.com/swaggerd%C9%99-qar%C5%9F%C4%B1la%C5%9Fd%C4%B1%C4%9F%C4%B1m-h%C3%BCcum-vektorlar%C4%B1-f3659eeccac5?source=rss------bug_bounty-5memmed rehimzadeswagger, cybersecurity, kibertəhlükəsizlik, bug-bounty31-Mar-2024
Understanding and Mitigating CVE-2024–3094https://medium.com/@mrblackstar26/understanding-and-mitigating-cve-2024-3094-2b8572d9e921?source=rss------bug_bounty-5Uday Patelinfosec, hacking, bug-bounty, penetration-testing, cybersecurity31-Mar-2024
Installation DVWA In Windows 10 Using XAMPPhttps://bevijaygupta.medium.com/installation-dvwa-in-windows-10-using-xampp-d6246279a10e?source=rss------bug_bounty-5Vijay Guptaxampp, dvwa, hacking, install-dvwa, bug-bounty31-Mar-2024
What is the future of bug bounty?https://bevijaygupta.medium.com/what-is-the-future-of-bug-bounty-696f0a894130?source=rss------bug_bounty-5Vijay Guptabug-bounty, bug-zero, bugs, future-technology, future31-Mar-2024
13.26 Lab: Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and…https://cyberw1ng.medium.com/13-26-lab-stored-xss-into-onclick-event-with-angle-brackets-and-double-quotes-html-encoded-and-4bde1cc39671?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-test, hacking, cybersecurity, careers31-Mar-2024
Shield your System — XZ Utils Backdoor (Linux Distribution)https://infosecwriteups.com/shield-your-system-xz-utils-backdoor-linux-distribution-54583b071ccc?source=rss------bug_bounty-5Ethical Kapslinux, cybersecurity, vulnerability, hacking, bug-bounty31-Mar-2024
“Unveiling a Stored XSS Vulnerability: Example.com Under the Spotlight”https://medium.com/@mdnafeed3/unveiling-a-stored-xss-vulnerability-example-com-under-the-spotlight-37d0895cebca?source=rss------bug_bounty-5H4cker-Nafeedbug-bounty, cybersecurity31-Mar-2024
#ERROR!https://medium.com/@mdnafeed3/unveiling-a-stored-xss-vulnerability-example-com-under-the-spotlight-37d0895cebca?source=rss------bug_bounty-5H4cker-Nafeedbug-bounty, cybersecurity31-Mar-2024
Best bug hunting methodology for EZ moneyhttps://medium.com/@tom.sh/best-bug-hunting-methodology-for-ez-money-58b7fe928e6f?source=rss------bug_bounty-5Tomhacking, money, bpp, methodology, bug-bounty30-Mar-2024
Advertisers able to identify individual consumers who visited their ads (Microsoft bug bounty)https://medium.com/@avig2009/advertisers-able-to-identify-individual-consumers-who-visited-their-ads-microsoft-bug-bounty-a8bcb2d727f2?source=rss------bug_bounty-5hatich_hackermicrosoft, privacy, bug-bounty30-Mar-2024
13.25 Lab: Reflected XSS in canonical link tag | 2024https://cyberw1ng.medium.com/13-25-lab-reflected-xss-in-canonical-link-tag-2024-c4478a82b466?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, hacking, careers30-Mar-2024
A Journey into Unusual Header Injectionhttps://medium.com/@imusabkhan/a-journey-into-unusual-header-injection-693cc0ddecc6?source=rss------bug_bounty-5Mohammad Musab Khanhackerone, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-hunting30-Mar-2024
Chain of Rate Limit Bypass and Weak Token Expiry Leads To Account Take Overhttps://medium.com/@ozomarzu/chain-of-rate-limit-bypass-and-weak-token-expiry-leads-to-account-take-over-d9cddf598c9c?source=rss------bug_bounty-5CyberOzbug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, hackerone30-Mar-2024
Email verification Bypass from P4 TO P2https://medium.com/@akrachliy/email-verification-bypass-from-p4-to-p2-50fa3dde8e5f?source=rss------bug_bounty-5Yassine Akrachlihacking, cybersecurity, bug-bounty, ethical-hacking, bugcrowd30-Mar-2024
Web Requesthttps://medium.com/@mirackucuk595/web-request-ea237118e259?source=rss------bug_bounty-5Miraç Küçükhttp-request, curl, https, bug-bounty, webrequest30-Mar-2024
Kioptrix Level 1 Walkthroughhttps://erdemstar.medium.com/kioptrix-level-1-walkthrough-6e985fbd0dc7?source=rss------bug_bounty-5Erdemstaroscp, application-security, bug-bounty-tips, bug-bounty, penetration-testing30-Mar-2024
1200 $ Email verification Bypass from P4 TO P2https://medium.com/@akrachliy/email-verification-bypass-from-p4-to-p2-50fa3dde8e5f?source=rss------bug_bounty-5Yassine Akrachlihacking, cybersecurity, bug-bounty, ethical-hacking, bugcrowd30-Mar-2024
How i found Multiple IDORhttps://medium.com/@hillrane24/how-i-found-multiple-idor-ab52815b375a?source=rss------bug_bounty-5NIKHIL RANEidor-vulnerability, bug-bounty30-Mar-2024
YouTube Growth Hackinghttps://sanparatama.medium.com/youtube-growth-hacking-a94457f04789?source=rss------bug_bounty-5Sanjaya paratamaweb-development, bug-bounty, hacking, hacking-tools, cybersecurity29-Mar-2024
The Future of Internet Security and Artificial Intelligence and Cyber Security Jobshttps://python.plainenglish.io/the-future-of-internet-security-and-artificial-intelligence-and-cyber-security-jobs-528b4c340cf9?source=rss------bug_bounty-5Imran Niazxss-attack, hacking, programming, ai, bug-bounty29-Mar-2024
[Walkthrough] Mobile Hacking Lab — Secure Notehttps://medium.com/@karimul.sh/walkthrough-mobile-hacking-lab-secure-note-eeb4af20e01b?source=rss------bug_bounty-5Md.Karimul Islam Shezanwalkthrough, android-app-security, bug-bounty, reverse-engineering, ctf29-Mar-2024
AutoLayer Bug Bounty Program: Full Information Releasehttps://autolayer.medium.com/autolayer-bug-bounty-program-full-information-release-d5de0bab972e?source=rss------bug_bounty-5AutoLayerdefi, bug-bounty29-Mar-2024
Web Security Short Series — CSRF.https://medium.com/@frankyyano/web-security-short-series-csrf-4cdf6f936773?source=rss------bug_bounty-5Yano.csrf, appsec, owasp, bug-bounty, oscp29-Mar-2024
How to learn Game Hacking? Recourse Compilation!https://medium.com/@yannik603/how-to-learn-game-hacking-recourse-compilation-1c5d2807a7cb?source=rss------bug_bounty-5Yannikreverse-engineering, bug-bounty, malware-analysis, gamehacking, coding29-Mar-2024
Unhiding the hidden 401 Bypasshttps://medium.com/@Xt3sY/unhiding-the-hidden-401-bypass-10f48c67b50d?source=rss------bug_bounty-5Pushkar Bhagatbug-bounty, hacking, bug-bounty-tips29-Mar-2024
13.24 Lab: Reflected XSS with some SVG markup allowed | 2024https://cyberw1ng.medium.com/13-24-lab-reflected-xss-with-some-svg-markup-allowed-2024-78279b906ec2?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, penetration-testing, careers29-Mar-2024
How to learn Game Hacking? Recourse Compilation!https://medium.com/@yannik603/how-to-learn-game-hacking-recourse-compilation-1c5d2807a7cb?source=rss------bug_bounty-5Yannik Castroreverse-engineering, bug-bounty, malware-analysis, gamehacking, coding29-Mar-2024
Yara Rules ✌︎ For Something ☠︎https://medium.com/@haticezkmnl/yara-rules-%EF%B8%8E-for-something-%EF%B8%8E-0164b38e3ddd?source=rss------bug_bounty-5Hatice Zehra Kamanlıcybersecurity, python, security, rules, bug-bounty29-Mar-2024
How to install drozer with dockerhttps://medium.com/@nomad8061/hello-geeks-e8d0f62b22a1?source=rss------bug_bounty-5Ahmed Badrybug-bounty29-Mar-2024
✌︎ Yara Rules ✌︎ For Something ☠︎https://medium.com/@haticezkmnl/yara-rules-%EF%B8%8E-for-something-%EF%B8%8E-0164b38e3ddd?source=rss------bug_bounty-5Hatice Zehra Kamanlıcybersecurity, python, security, rules, bug-bounty29-Mar-2024
13.23 Lab: Reflected XSS into HTML context with most tags and attributes blocked | 2024https://cyberw1ng.medium.com/13-23-lab-reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-2024-63d649c6cc2c?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, penetration-testing, cybersecurity28-Mar-2024
Bug Bounty Recon At Its Easiest with Netlas.iohttps://medium.com/@omarora1603/bug-bounty-recon-at-its-easiest-with-netlas-io-d313ae0f1c09?source=rss------bug_bounty-5Om Arorainfosec, cybersecurity, bug-bounty, bug-bounty-tips, hacking28-Mar-2024
Bypassing 403 Protection To Get Admin Accesshttps://rajput623929.medium.com/bypassing-403-protection-to-get-admin-access-d7c9d0560e5c?source=rss------bug_bounty-5Mr.Horbio403-forbidden, bug-bounty-tips, cybersecurity, ethical-hacking, bug-bounty28-Mar-2024
How to become a bug bounty hunterhttps://bevijaygupta.medium.com/how-to-become-a-bug-bounty-hunter-c607bb7de595?source=rss------bug_bounty-5Vijay Guptabug-zero, bug-bounty, bugs, bug-bounty-tips, bug-fixes28-Mar-2024
OAuth Hijacking leads to account takeoverhttps://medium.com/@iknowhatodo/oauth-hijacking-leads-to-account-takeover-a051bdb5e9f0?source=rss------bug_bounty-5Hossam Ahmedbug-bounty, oauth28-Mar-2024
How I Hacked Your Private Repository in GitHub (And Got JackShit)https://medium.com/@reuveinas/how-i-hacked-your-private-repository-in-github-and-got-jackshit-cb7c342570b2?source=rss------bug_bounty-5Reuvein Vinokurov (CTO:UNIXi) - https://unixi.io/microsoft, bug-bounty, github, security, cybersecurity28-Mar-2024
How to write a Walkthroughhttps://bevijaygupta.medium.com/how-to-write-a-walkthrough-23eee7f6777c?source=rss------bug_bounty-5Vijay Guptabug-bounty-writeup, bug-bounty-tips, bug-bounty, walkthroughwednesday, walkthrough28-Mar-2024
Unveiling all techniques to find IDOR’S in web applicationshttps://adipsharif.medium.com/unveiling-all-techniques-to-find-idors-in-web-applications-578d2b8aa28a?source=rss------bug_bounty-5ADIPbug-bounty-tips, bug-bounty, pentesting, penetration-testing, bug-bounty-writeup28-Mar-2024
IDOR’a Girişhttps://medium.com/@mirackucuk595/idora-giri%C5%9F-23c22a5ae24f?source=rss------bug_bounty-5Miraç Küçükhack-the-box-writeup, burpsuite, idor-vulnerability, bug-bounty28-Mar-2024
Risks of Software Dependencies AKA Toxic Dependencieshttps://bytebusterx.medium.com/risks-of-software-dependencies-aka-toxic-dependencies-0a38150cf5ce?source=rss------bug_bounty-5ByteBusterXbug-bounty, hacking, infosec, vulnerability, cybersecurity28-Mar-2024
Penetration Testing Toolshttps://bevijaygupta.medium.com/penetration-testing-tools-b4c8ad807114?source=rss------bug_bounty-5Vijay Guptapenetration-testing-tools, pentesting, hacking, bug-bounty, penetration-testing28-Mar-2024
Stargazing Risks: Exploring the Data Breach that Exposed NASA Employees’ PIIhttps://interc3pt3r.medium.com/stargazing-risks-exploring-the-data-breach-that-exposed-nasa-employees-pii-68692cf7a5e9?source=rss------bug_bounty-5Aneesha Dbug-bounty-writeup, cybersecurity, hacking, security, bug-bounty28-Mar-2024
Finding Bug DMRC Reflected Xss and HTML Injectionhttps://medium.com/@abhishekaswal777/finding-bug-dmrc-reflected-xss-and-html-injection-fe4361a1db60?source=rss------bug_bounty-5Abhishekaswalbugs, poc, bug-bounty, bug-bounty-tips, hackerone28-Mar-2024
Annonforce — Tryhackme Walkthrough Easy Self-madehttps://medium.com/@shaswata.ssaha/annonforce-tryhackme-walkthrough-easy-self-made-f45c3a6f3e96?source=rss------bug_bounty-5Shaswata Sahatryhackme, security, anonforce, bug-bounty, ctf28-Mar-2024
Polyglot Files: The Cybersecurity Chameleon Threathttps://infosecwriteups.com/polyglot-files-the-cybersecurity-chameleon-threat-29890e382b59?source=rss------bug_bounty-5ElNiakpolyglot, cybersecurity, obfuscation, bug-bounty, penetration-testing27-Mar-2024
Hackerone提现人民币https://medium.com/@dem0ns/hackerone%E6%8F%90%E7%8E%B0%E4%BA%BA%E6%B0%91%E5%B8%81-a3e907fefce1?source=rss------bug_bounty-5猫猫虫hackerone, bug-bounty, 外汇27-Mar-2024
Mistakes To Avoid in Your Bug Bounty Career- Part 2https://medium.com/@Ajakcybersecurity/mistakes-to-avoid-in-your-bug-bounty-career-part-2-9da1c77788ea?source=rss------bug_bounty-5AjakCybersecurityhacking, bug-bounty, penetration-testing, blog, cybersecurity27-Mar-2024
13.22 Lab: Stored DOM XSS | 2024https://cyberw1ng.medium.com/13-22-lab-stored-dom-xss-2024-344ec753599a?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, penetration-testing, hacking, careers27-Mar-2024
HACKING WORDPRESShttps://medium.com/@mirackucuk595/hacking-wordpress-ac9ee6447045?source=rss------bug_bounty-5Miraç Küçükwpscan, wordpress-hacked, hack-the-box-writeup, hacking, bug-bounty27-Mar-2024
SSLStrippinghttps://bytebusterx.medium.com/sslstripping-e81dc95d6fab?source=rss------bug_bounty-5ByteBusterXinfosec, cybersecurity, vulnerability, hacking, bug-bounty27-Mar-2024
HTTP Verb Tampering 101 in Web Applications (Identify Exploit Prevention)https://adipsharif.medium.com/http-verb-tampering-101-in-web-applications-identify-exploit-prevention-3389258b6b93?source=rss------bug_bounty-5ADIPinfosec, penetration-testing, bug-bounty, pentesting, information-security27-Mar-2024
Hacking the Giant: Got XSS on Google’s Producthttps://adipsharif.medium.com/got-xss-on-googles-product-a4c79be8adbb?source=rss------bug_bounty-5ADIPinfosec, information-security, pentesting, bug-bounty, penetration-testing27-Mar-2024
Bug Bounty Isn’t A Scam Here’s Whyhttps://medium.com/@benbencsik/bug-bounty-isnt-a-scam-here-s-why-751547bd8531?source=rss------bug_bounty-5Ben Bencsikbug-bounty, computers, infosec, cybersecurity, technology27-Mar-2024
Hacking the Giant: XSS on Googlehttps://adipsharif.medium.com/got-xss-on-googles-product-a4c79be8adbb?source=rss------bug_bounty-5ADIPinfosec, information-security, pentesting, bug-bounty, penetration-testing27-Mar-2024
Fristileaks 1.3 Walkthroughhttps://erdemstar.medium.com/fristileaks-1-3-walkthrough-a6b962385752?source=rss------bug_bounty-5Erdemstaroscp, vulnhub-walkthrough, penetration-testing, bug-bounty, oscp-preparation27-Mar-2024
Web Application Hacking Required Readinghttps://hogarth45.medium.com/web-application-hacking-required-reading-0d2f046db191?source=rss------bug_bounty-5Jessbug-bounty, web-development, security27-Mar-2024
Why am I starting to hate Bug Bounty?https://systemweakness.com/why-am-i-starting-to-hate-bug-bounty-1f075fc96978?source=rss------bug_bounty-5Imad Husanovichacking, cybersecurity, programming, bug-bounty, bug-bounty-tips27-Mar-2024
Bug Bounty Isn’t A Scam Here’s Whyhttps://medium.com/@detroiton421094/bug-bounty-isnt-a-scam-here-s-why-751547bd8531?source=rss------bug_bounty-5Ben Bencsikbug-bounty, computers, infosec, cybersecurity, technology27-Mar-2024
RXSS Vulnerability in Less Than 10 Minutes on India’s Premier Travel Sitehttps://medium.com/@nilkhant30/rxss-vulnerability-in-less-than-10-minutes-on-indias-premier-travel-site-5b15ebb91d17?source=rss------bug_bounty-5I AM Rajabug-bounty, cybersecurity, cyber-security-awareness, hacking, xss-vulnerability26-Mar-2024
This skill is called ‘Early…’ in Software Testinghttps://medium.com/software-testing-and-automation/this-skill-is-called-early-in-software-testing-75cd641bfa93?source=rss------bug_bounty-5Temitopesoftware-testing, quality-assurance, communication, bug-bounty, software-development26-Mar-2024
HackGATE: Bug Bounty Program on steroidshttps://medium.com/@levente.b.molnar/hackgate-bug-bounty-program-on-steroids-cef50ae2f759?source=rss------bug_bounty-5Hackratehacking, ethical-hacking, cybersecurity, bug-bounty, penetration-testing26-Mar-2024
Exploring Cybersecurity with ZoomEye: A Review of the Premium Lifetime Membershiphttps://medium.com/@kenilalexandra07/exploring-cybersecurity-with-zoomeye-a-review-of-the-premium-lifetime-membership-f301a474bf88?source=rss------bug_bounty-5Kenilalexandrabug-bounty, shodan, bugbounting, zoomeye, security26-Mar-2024
How To Use AI And Nuclei To Make Money While You Sleep — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-to-use-ai-and-nuclei-to-make-money-while-you-sleep-bug-bounty-tuesday-4d9e584e6553?source=rss------bug_bounty-5kerstanhacking, security, cybersecurity, bug-bounty, technology26-Mar-2024
13.21 Lab: Reflected DOM XSS | 2024https://cyberw1ng.medium.com/13-21-lab-reflected-dom-xss-2024-78cacc8fa1e7?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, bug-bounty, penetration-testing, careers26-Mar-2024
Bug Bounty Programs for Beginnershttps://bevijaygupta.medium.com/bug-bounty-programs-for-beginners-fccc755957d9?source=rss------bug_bounty-5Vijay Guptacybersecurity, bug-bounty-hunter, bug-bounty, bugbounty-writeup, bug-bounty-tips26-Mar-2024
Account takeover through password reset functionalityhttps://rewscel.medium.com/account-takeover-through-password-reset-functionality-af07636db302?source=rss------bug_bounty-5rewscelbug-bounty26-Mar-2024
FFUF İLE WEB UYGULAMALARINA SALDIRMAKhttps://medium.com/@mirackucuk595/ffuf-i%CC%87le-web-uygulamalarina-saldirmak-89805e47e145?source=rss------bug_bounty-5Miraç Küçüksubdomain, bug-bounty, ffuf, brute-force, hack-the-box-writeup26-Mar-2024
What is Cross-Site Scripting (XSS)?https://medium.com/@bbhuntersa/cross-site-scripting-xss-b5d374fa6e43?source=rss------bug_bounty-5BBHUNTERxss-vulnerability, cross-site-scripting, bug-bounty, xss-attack26-Mar-2024
Exploiting Post Reflected XSS via CSRF : Real world bughttps://medium.com/@Rahulkrishnan_R_Panicker/exploiting-post-reflected-xss-via-csrf-real-world-bug-f374afeb081e?source=rss------bug_bounty-5Rahulkrishnan R Panickerxss-attack, hacking, bug-bounty, csrf, web-development25-Mar-2024
Zero Interaction Mass Account Password Reset Vulnerabilityhttps://medium.com/@manan_sanghvi/zero-interaction-mass-account-password-reset-vulnerability-86b87098e3ae?source=rss------bug_bounty-5Manan Sanghvipenetration-testing, ethical-hacking, bug-bounty, vulnerability, cybersecurity25-Mar-2024
XSS module HTB academy CBBH pathhttps://medium.com/@mohammed01550038865/xss-module-htb-academy-cbbh-path-dc3ac4810087?source=rss------bug_bounty-5Muhammed Mubarakbug-bounty, htb-academy-writeup, xss-vulnerability25-Mar-2024
Reverse Engineering Sitecore Vulnerabilities-2https://medium.com/@nilayp799/reverse-engineering-sitecore-vulnerabilities-2-dcf45a501894?source=rss------bug_bounty-5Nilay Patelsitecore, vulnerability, bug-bounty, automation, hacking25-Mar-2024
13.20 Lab: DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded |…https://cyberw1ng.medium.com/13-20-lab-dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-7966911c58f4?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, hacking, bug-bounty, penetration-testing25-Mar-2024
Burp Suite — ¿Confiar o no en Project Files?https://medium.com/@ArtsSEC/burp-suite-confiar-o-no-en-project-files-de5fa145f4a5?source=rss------bug_bounty-5ArtsSEChacking, burpsuite, infosec, pentesting, bug-bounty25-Mar-2024
COMMAND INJECTIONShttps://medium.com/@mirackucuk595/command-injections-9ef2aef0fa97?source=rss------bug_bounty-5Miraç Küçükcommand-injection, bug-bounty, hackthebox, burpsuite, injection25-Mar-2024
Unveiling Homoglyph: Silent Culprit of User-Level DOS Attackshttps://medium.com/@imusabkhan/unveiling-homoglyph-silent-culprit-of-user-level-dos-attacks-86a0576bca3a?source=rss------bug_bounty-5Mohammad Musab Khanbug-hunting, hackerone, bug-bounty, bugcrowd, bug-bounty-tips25-Mar-2024
[Account Take Over] through reset password token leaked in response, 2500 € Rewardhttps://infosecwriteups.com/account-take-over-through-reset-password-token-leaked-in-response-2500-reward-b643f97a7c67?source=rss------bug_bounty-5jedus0rbug-bounty-hunter, security-research, bug-bounty-tips, bug-bounty, bug-bounty-writeup25-Mar-2024
How I found Account Takeover by changing email addresshttps://medium.com/@mohddanish9536/how-i-found-account-takeover-by-changing-email-address-b0dc213e2df3?source=rss------bug_bounty-5Mohd Danishbug-bounty, cybersecurity, bugs24-Mar-2024
13.19 Lab: DOM XSS in document.writehttps://cyberw1ng.medium.com/13-19-lab-dom-xss-in-document-write-dddced06def8?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, careers, hacking24-Mar-2024
HTTP Verb Tamperinghttps://medium.com/@mirackucuk595/http-verb-tampering-4505d6491c95?source=rss------bug_bounty-5Miraç Küçükweb-attack, http-request, command-injection, bug-bounty, burpsuite24-Mar-2024
How to get started in Bug Bounty in 2024!https://medium.com/@FoxxCB/how-to-get-started-in-bug-bounty-in-2024-708754094de9?source=rss------bug_bounty-5Foxx C-Bhacking, infosec, bug-bounty, cybersecurity, ethical-hacking24-Mar-2024
Cloudflare WAF Huntinghttps://medium.com/@Device1306/cloudflare-waf-hunting-e878588488c8?source=rss------bug_bounty-5Device1306research, bug-bounty-tips, hacking, burpsuite, bug-bounty24-Mar-2024
Cookie Theft Deep Divehttps://cyberbull.medium.com/cookie-theft-deep-dive-3fe6d6be2d60?source=rss------bug_bounty-5Aditya Pandeybug-bounty, information-technology, ethical-hacking, security, cybersecurity23-Mar-2024
A list of Bug Bounty/Crowdsourced Security Platforms:https://medium.com/@mashunter/a-list-of-bug-bounty-crowdsourced-security-platforms-15ecd2ab6d4a?source=rss------bug_bounty-5MAS Hunterbug-bounty-program, bug-bounty, hacker, pentest23-Mar-2024
Hacking the Giant: How I Discovered Google’s Vulnerability and Hall of Fame Recognitionhttps://medium.com/@hncaga/hacking-the-giant-how-i-discovered-googles-vulnerability-and-hall-of-fame-recognition-694a9c18684a?source=rss------bug_bounty-5Henry N. Caga (hncaga)bug-bounty, vulnerability, google, xs, hacking23-Mar-2024
hellohttps://medium.com/@r.paulopereira123/hello-80ea07cbc757?source=rss------bug_bounty-5bretsadleahacking, ethical-hacking, bug-hunter, bug-bounty23-Mar-2024
Edge-Side Includes (ESI) Injection In Web Applicationshttps://adipsharif.medium.com/edge-side-includes-esi-injection-in-web-applications-2630139b6c19?source=rss------bug_bounty-5ADIPpentesting, bug-bounty-tips, infosec, information-security, bug-bounty23-Mar-2024
SSI Injection In web applications with a (exploitation example)https://adipsharif.medium.com/techniques-of-finding-ssi-injection-in-web-applications-with-a-exploitation-example-cad960f3d791?source=rss------bug_bounty-5ADIPbug-bounty-tips, penetration-testing, information-security, bug-bounty, infosec23-Mar-2024
Beyond RAM and ROM: IDOR Leads to Unauthenticated File Upload Vulnerability in Indian Government…https://systemweakness.com/beyond-ram-and-rom-idor-leads-to-unauthenticated-file-upload-vulnerability-in-indian-government-51efb80bcf50?source=rss------bug_bounty-5Vedavyasan S (@ved4vyasan)bug-bounty, bug-bounty-tips, hacking, cybersecurity, bugs23-Mar-2024
1500$: CR/LF Injectionhttps://medium.com/@a13h1/1500-cr-lf-injection-0d2a75f02ef3?source=rss------bug_bounty-5Abhi Sharmaprogramming, hacking, cybersecurity, bug-bounty, crlf-injection23-Mar-2024
Web Security Short Series — XXEhttps://medium.com/@frankyyano/web-security-short-series-xxe-64492ed1d893?source=rss------bug_bounty-5Yano.xxe, bug-bounty, xml, oscp, appsec23-Mar-2024
TEXAS BUG SWEEPS 65,000 BUGS DETECTEDhttps://medium.com/@siddiquiasad2299/texas-bug-sweeps-65-000-bugs-detected-a00ae73014b6?source=rss------bug_bounty-5Asad Siddiquitexas-bug-sweeps, bug-sweep, bug-bounty, bug-detection23-Mar-2024
How i get my bounty $$$ in YesWehack within 5mins?https://medium.com/@hacdoc/how-i-get-my-bounty-in-yeswehack-within-5mins-16706bb827e0?source=rss------bug_bounty-5ஜெய்hacking, cybersecurity, s3, bug-bounty, amazon23-Mar-2024
How we can check the Security Provider in Android applications during Pentesting (The Offensive…https://adipsharif.medium.com/how-we-can-check-the-security-provider-in-android-applications-during-pentesting-the-offensive-87c411c5d7ac?source=rss------bug_bounty-5ADIPpentesting, android-app-development, androiddev, android, bug-bounty23-Mar-2024
13.18 Lab: DOM XSS in jQuery selector sink using a hashchange event | 2024https://cyberw1ng.medium.com/13-18-lab-dom-xss-in-jquery-selector-sink-using-a-hashchange-event-2024-e990fc2ae28f?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, penetration-testing, bug-bounty23-Mar-2024
How To Test Data Encryption on the Network During Android Pentestinghttps://adipsharif.medium.com/how-to-test-data-encryption-on-the-network-during-android-pentesting-0b9d3407068f?source=rss------bug_bounty-5ADIPinfosec-write-ups, info-sec-writeups, pentesting, information-security, bug-bounty23-Mar-2024
Attacking XSLT in Web Applicationshttps://adipsharif.medium.com/attacking-xslt-in-web-applications-ea538a8fb9d0?source=rss------bug_bounty-5ADIPpentesting, information-security, bug-bounty-writeup, bug-bounty, infosec23-Mar-2024
SSTI Exploitation Part III In Web Applications (with exploitation example)https://adipsharif.medium.com/ssti-exploitation-part-iii-in-web-applications-with-exploitation-example-6856b89b0efb?source=rss------bug_bounty-5ADIPpenetration-testing, infosec, bug-bounty-tips, information-security, bug-bounty23-Mar-2024
FILE UPLOAD ATTACKShttps://medium.com/@mirackucuk595/file-upload-attacks-e5175a653d32?source=rss------bug_bounty-5Miraç Küçükweb-attack, file-upload, bug-bounty, https, burpsuite23-Mar-2024
SSTI Exploitation Part II In Web Applications (with exploitation example)https://adipsharif.medium.com/ssti-exploitation-part-ii-in-web-applications-with-exploitation-example-490192e7e966?source=rss------bug_bounty-5ADIPinformation-security, pentesting, penetration-testing, bug-bounty, infosec23-Mar-2024
Bruteforce Website Login Form Using Hydra And Crunchhttps://medium.com/@OthmaneAitBouftass/bruteforce-attack-using-hydra-and-crunch-8b48ea9e36ce?source=rss------bug_bounty-5Othmane Ait Bouftasscybersecurity, bug-bounty, penetration-testing, hacking, ethical-hacking23-Mar-2024
Making money only using AI [Free Course]https://medium.com/@deadoverflow/making-money-only-using-ai-free-course-e7c51d33fee1?source=rss------bug_bounty-5Imad Husanovicweb-development, hacking, ai, bug-bounty, programming22-Mar-2024
Unveiling Admin Panels: A Bug Bounty Hunter’s Guidehttps://medium.com/@dasmanish6176/unveiling-admin-panels-a-bug-bounty-hunters-guide-6e713ae18b2c?source=rss------bug_bounty-5Dasmanishbug-bounty, infosec, ethical-hacking, cybersecurity22-Mar-2024
13.17 Lab: Stored XSS into anchor href attribute with double quotes HTML-encoded | 2024https://cyberw1ng.medium.com/13-17-lab-stored-xss-into-anchor-href-attribute-with-double-quotes-html-encoded-2024-ebbe53b33015?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, penetration-testing, cybersecurity22-Mar-2024
AutoLayer is Starting a Bug Bounty Programhttps://autolayer.medium.com/autolayer-is-starting-a-bug-bounty-program-dfb59584a0ee?source=rss------bug_bounty-5AutoLayercrypto, defi, bug-bounty22-Mar-2024
Unveiling The Techniques Of Finding Blind & Time based SSRF In Web Applications (with a…https://adipsharif.medium.com/unveiling-the-techniques-of-finding-blind-ssrf-in-web-applications-with-a-exploitation-example-9e36a78ccca6?source=rss------bug_bounty-5ADIPbug-bounty-tips, bug-bounty, information-security, pentesting, penetration-testing22-Mar-2024
5 Advanced Ways I Test For File Upload Vulnerabilitieshttps://medium.com/@red.whisperer/5-advanced-ways-i-test-for-file-upload-vulnerabilities-5b01358f87d1?source=rss------bug_bounty-5RedPandabug-bounty, infosec, red-team, hacking22-Mar-2024
Understanding Subdomain Squattinghttps://bytebusterx.medium.com/understanding-subdomain-squatting-9d61f8c432fc?source=rss------bug_bounty-5ByteBusterXhacking, infosec, cybersecurity, bug-bounty, cyberattack22-Mar-2024
How i found my first 318.39$ bugs!https://cyberbh.medium.com/how-i-found-my-first-318-39-bugs-10ccd2379320?source=rss------bug_bounty-5Msecurity BHbug-bounty, information-exposure, penetration-testing, security-misconfiguration, api22-Mar-2024
Unveiling The Techniques Of Testing Endpoint Identify Verification In Android Applicationshttps://adipsharif.medium.com/unveiling-the-techniques-of-testing-endpoint-identify-verification-in-android-applications-2a8186091296?source=rss------bug_bounty-5ADIPinformation-security, bug-bounty, android-app-development, penetration-testing, pentesting22-Mar-2024
ABUSING HTTP MISCONFIGURATIONS (HTTP YANLIŞ YAPILANDIRMALARININ KÖTÜYE KULLANILMASI)https://medium.com/@mirackucuk595/abusing-http-misconfigurations-http-yanli%C5%9F-yapilandirmalarinin-k%C3%B6t%C3%BCye-kullanilmasi-2ebbf38b2622?source=rss------bug_bounty-5Miraç Küçükhttps, burpsuite, bug-bounty, web-attack, http-request22-Mar-2024
Javascript deobfuscation the easy wayhttps://medium.com/@jad2121/javascript-deobfuscation-the-easy-way-637d7e9b2952?source=rss------bug_bounty-5JDbug-bounty, bug-bounty-tips, javascript-obfuscate22-Mar-2024
Unveiling the One-Click Account Takeover: It Started with an Innocent Open Redirecthttps://medium.com/@hmuhamm3d/unveiling-the-one-click-account-takeover-it-started-with-an-innocent-open-redirect-9f4942ddf03f?source=rss------bug_bounty-5Hassaan Mohamedbug-bounty, bug-bounty-hunter, account-takeover, bugbounty-writeup, bug-bounty-tips22-Mar-2024
Critical Vulnerability in PostgreSQL JDBC Driver — Understanding CVE-2024–1597https://shubhamrooter.medium.com/critical-vulnerability-in-postgresql-jdbc-driver-understanding-cve-2024-1597-81ac202c295e?source=rss------bug_bounty-5Shubham Tiwaribug-bounty, cybersecurity, jdbc-driver, postgresql, cve-2024-159721-Mar-2024
Digital Goldmine: Innovative Ways to Make Money Online in 2024https://medium.com/@thewriterdude/digital-goldmine-innovative-ways-to-make-money-online-in-2024-c7d33d655535?source=rss------bug_bounty-5Thewriterdudebusiness, bug-bounty, artificial-intelligence, 100-followers, blockchain21-Mar-2024
User information disclosure via message reactionshttps://melguerdawi.medium.com/user-information-disclosure-via-message-reactions-1576a6b0f236?source=rss------bug_bounty-5Mostafa Elguerdawibug-bounty, bug-bounty-tips21-Mar-2024
Major Update for Attack Surface Discovery toolhttps://netlas.medium.com/major-update-for-attack-surface-discovery-tool-4ed4f1bc80fb?source=rss------bug_bounty-5Netlas.iobug-bounty, penetration-testing, cybersecurity, reconnaissance, osint21-Mar-2024
Vulnerability Disclosure vs Bug Bounty: What’s the difference and why it mattershttps://medium.com/@levente.b.molnar/vulnerability-disclosure-vs-bug-bounty-whats-the-difference-and-why-it-matters-ce99be906b1c?source=rss------bug_bounty-5Hackratebug-bounty, security, vulnerability-disclosure, cybersecurity, penetration-testing21-Mar-2024
Best Practices for Web3 Bug Bounty Programshttps://medium.com/@auditone.io/best-practices-for-web3-bug-bounty-programs-e333992aee9f?source=rss------bug_bounty-5AuditOneauditing-services, web3, bug-bounty-tips, bug-bounty, audit21-Mar-2024
Unveiling The Techniques Of Finding Server-Side Request Forgery (SSRF) In Web Applications (with a…https://adipsharif.medium.com/unveiling-the-techniques-of-finding-server-side-request-forgery-ssrf-in-web-applications-with-a-2ac1dd20ef87?source=rss------bug_bounty-5ADIPpentesting, bug-bounty, information-security, bug-bounty-tips, cybersecurity21-Mar-2024
urit13.16 Lab: DOM XSS in jQuery anchor href attribute sink using location.search source | 2024https://cyberw1ng.medium.com/urit13-16-lab-dom-xss-in-jquery-anchor-href-attribute-sink-using-location-search-source-2024-8f8df8703aef?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, cybersecurity, hacking, penetration-testing21-Mar-2024
Buy Any Movie Tickets for Just Rs 10 (IDOR Vulnerability)https://medium.com/@sahilkushwaha275/buy-any-movie-tickets-for-just-rs-10-idor-vulnerability-670d03a45def?source=rss------bug_bounty-5S33NUbugs, idor-vulnerability, bug-bounty, technology, cybersecurity21-Mar-2024
How I found my first DOM based XSShttps://medium.com/@jsamia/how-i-found-my-first-dom-based-xss-a79f342d50d6?source=rss------bug_bounty-5Jaeden Samiabug-bounty, ethical-hacking, security, vulnerability21-Mar-2024
Automate XSS With These 3 Simple Toolshttps://medium.com/@Ajakcybersecurity/automate-xss-with-these-3-simple-tools-e0dcc89c06d0?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, cybersecurity, hacking, bug-bounty, xss-attack21-Mar-2024
Frida Use Cases and Exampleshttps://medium.com/@prinsharma1999/frida-use-cases-and-examples-984f9a2ddc69?source=rss------bug_bounty-5Prinsharmabug-bounty, bug-bounty-tips, hacking, pentest, infosec21-Mar-2024
403 Forbidden Bypass Exposing API Keyhttps://medium.com/@georgeppmc/403-forbidden-bypass-exposing-api-key-b5c9df9daeb3?source=rss------bug_bounty-5George Torrescybersecurity, bug-bounty21-Mar-2024
A Tester's Journey Through Test Automation and Practical Scenarios.https://medium.com/@tomiwaodufote/a-testers-journey-through-test-automation-and-practical-scenarios-dfb9f7074062?source=rss------bug_bounty-5Tomiwaremote-work, test-automation, bug-bounty, testing, software-engineering20-Mar-2024
Reflected XSS To Account Takeover Without Stealing Session Cookiehttps://medium.com/@rifqihz/reflected-xss-to-account-takeover-without-stealing-session-cookie-89c6ed62a3e4?source=rss------bug_bounty-5Rifqi Hilmy Zhafrantxs, hackerone, bug-bounty20-Mar-2024
ABUSING HTTP MISCONFIGURATIONS (HTTP YANLIŞ YAPILANDIRMALARININ KÖTÜYE KULLANILMASI)https://medium.com/@mirackucuk595/abusing-http-misconfigurations-http-yanli%C5%9F-yapilandirmalarinin-k%C3%B6t%C3%BCye-kullanilmasi-428333a3ddc6?source=rss------bug_bounty-5Miraç Küçükburpsuite, web-attack, https, bug-bounty, web-cache20-Mar-2024
The Art of Debugging: Tips and Tricks for Finding the Root Cause of Bugshttps://medium.com/@securelearn/the-art-of-debugging-tips-and-tricks-for-finding-the-root-cause-of-bugs-c1d9e4b9e04a?source=rss------bug_bounty-5Rohan Giridebugging, bug-finding, bug-bounty-tips, bug-bounty20-Mar-2024
H@ppy H@cking Psychomonghttps://medium.com/@psychomong/h-ppy-h-cking-psychomong-335f9049aca9?source=rss------bug_bounty-5psychomongcyber, cybersecurity, bug-bounty-tips, bug-bounty, bugs20-Mar-2024
Recon With AIhttps://medium.com/@patidarbhuwan44/recon-with-ai-c211623604e8?source=rss------bug_bounty-5Bhuwan Patidarbug-bounty, recon, reconnaissance, bug-bounty-tips20-Mar-2024
Reflected XSS with some SVG markup allowedhttps://medium.com/@ebrahimelsayed4457/reflected-xss-with-some-svg-markup-allowed-74851ff591d5?source=rss------bug_bounty-5Ebrahim El-Sayedcybersecurity, bug-bounty, portswigger, xss-attack, penetration-testing20-Mar-2024
$200 Business Logic Blunder In Sole Source Projecthttps://medium.com/@_0jatin0_/200-business-logic-blunder-in-sole-source-project-99a7bbe0d2f0?source=rss------bug_bounty-5Jatin_Chudasamabug-bounty-writeup, logic-flaw, bug-bounty20-Mar-2024
The Art Of Probing Memory for Sensitive Data In Android Applications (The Offensive Security Way)https://medium.com/@adipsharif/the-art-of-probing-memory-for-sensitive-data-in-android-applications-the-offensive-security-way-6aca19ce522f?source=rss------bug_bounty-5ADIPbug-bounty, penetration-testing, information-security, cybersecurity, infosec20-Mar-2024
Why Bug Bounty is Trending?https://medium.com/@shivyanshi.shukla/why-bug-bounty-is-trending-c981e7c28423?source=rss------bug_bounty-5Shivyanshi shuklabug-bounty, cybersecurity20-Mar-2024
IDOR to make comment in user’s private postshttps://medium.com/@youssifm.raghib/idor-to-make-comment-in-users-private-posts-47d13b843c32?source=rss------bug_bounty-5Youssif M Raghibbug-bounty-tips, bug-bounty, bug-hunter, bug-hunting20-Mar-2024
No rate limit in comments with IDORhttps://medium.com/@youssifm.raghib/no-rate-limit-in-comments-with-idor-d8904f3db588?source=rss------bug_bounty-5Youssif M Raghibbug-bounty, bugs, bug-hunting20-Mar-2024
Electrum-Dime Beta Launch: A New Era for Dimecoinhttps://dimecoinnetwork.medium.com/electrum-dime-beta-launch-a-new-era-for-dimecoin-72b5740598d4?source=rss------bug_bounty-5Dimecoin Networkdevelopment, dimecoin, blockchain, bug-bounty, cryptocurrency20-Mar-2024
Behind the Bug Report: From Overlooked to Overhauledhttps://interc3pt3r.medium.com/behind-the-bug-report-from-overlooked-to-overhauled-94a9e5595a8a?source=rss------bug_bounty-5Aneesha Dcybersecurity, security, web-applications, bug-bounty, hacking20-Mar-2024
Mantente al tanto de las actualizaciones. ¿Qué representan el punto azul y rojo en Burp Suite?https://medium.com/@ArtsSEC/mantente-al-tanto-de-las-actualizaciones-qu%C3%A9-representan-el-punto-azul-y-rojo-en-burp-suite-1da1a5c74f16?source=rss------bug_bounty-5ArtsSECburpsuite, bug-bounty, vulnerability, pentesting, hacking20-Mar-2024
13.15 Lab: Reflected XSS into HTML context with all tags blocked except custom ones | 2024https://cyberw1ng.medium.com/13-15-lab-reflected-xss-into-html-context-with-all-tags-blocked-except-custom-ones-2024-ca34eec89d88?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, hacking, penetration-testing, cybersecurity20-Mar-2024
The Art Of Testing Symmetric Cryptography During Pentesting Android Applicationshttps://medium.com/@adipsharif/the-art-of-testing-symmetric-cryptography-during-pentesting-android-applications-154dbab795d7?source=rss------bug_bounty-5ADIPbug-bounty, cybersecurity, android, bug-bounty-tips, penetration-testing20-Mar-2024
Checking Backups For Sensitive Data in Android Applications (The Offensive Security Way)https://medium.com/@adipsharif/checking-backups-for-sensitive-data-in-android-applications-the-offensive-security-way-95bd8820b84e?source=rss------bug_bounty-5ADIPpenetration-testing, bug-bounty, android, cybersecurity, android-app-development20-Mar-2024
Why Regular Security Sweeps Are Crucial for Business Successhttps://medium.com/@siddiquiasad2299/why-regular-security-sweeps-are-crucial-for-business-success-7de57c663ca7?source=rss------bug_bounty-5Asad Siddiquitscm-services-bug-sweeps, bug-bounty, bug-detection20-Mar-2024
Passlord: Your Ultimate Weapon for Creating Tailored Wordlistshttps://navnee1h.medium.com/passlord-your-ultimate-weapon-for-creating-tailored-wordlists-924a491e9a0f?source=rss------bug_bounty-5Navaneeth M Shacking, bug-bounty, passwords, cybersecurity, wordlist20-Mar-2024
Bypassing an IDOR A couple of times — $$$$https://medium.com/@bxrowski0x/bypassing-an-idor-a-couple-of-times-4d67555a1545?source=rss------bug_bounty-5Omar ElSayedbug-bounty-tips, idor, cybersecurity, bug-bounty-writeup, bug-bounty20-Mar-2024
Biometric Authentication Bypass In Android Applications (The Offensive Security Way)https://medium.com/@adipsharif/biometric-authentication-bypass-in-android-applications-the-offensive-security-way-c37d89b06db2?source=rss------bug_bounty-5ADIPandroid-app-development, bug-bounty, penetration-testing, android, androiddev20-Mar-2024
How We Can Check Configuration of Cryptographic Standard Algorithms & Random Number Generation…https://medium.com/@adipsharif/how-we-can-check-configuration-of-cryptographic-standard-algorithms-random-number-generation-000cf9bfdb64?source=rss------bug_bounty-5ADIPhacking, cybersecurity, bug-bounty, pentesting, bug-bounty-tips20-Mar-2024
Detecting Cyber Threats with Resemble.js: Safeguarding Digital Assets through Image Analysishttps://medium.com/@corymack34/detecting-cyber-threats-with-resemble-js-safeguarding-digital-assets-through-image-analysis-9e2f3427f8ed?source=rss------bug_bounty-5Cory Macksteganalysis, threat-detection, bug-bounty, cybersecurity, image-analysis20-Mar-2024
Biometric Authentication Bypass In Android Applications (The Offensive Security Way)https://adipsharif.medium.com/biometric-authentication-bypass-in-android-applications-the-offensive-security-way-c37d89b06db2?source=rss------bug_bounty-5ADIPandroid-app-development, bug-bounty, penetration-testing, android, androiddev20-Mar-2024
Evaluate, apply, and sustain security governance principles !https://infosecwriteups.com/evaluate-apply-and-sustain-security-governance-principles-1e038a02423a?source=rss------bug_bounty-5Paritoshsecurity-governance, information-technology, cissp, bug-bounty, cybersecurity19-Mar-2024
The Ultimate Guide to Red Teaming: Inside “A-poc/RedTeam-Tools”https://infosecwriteups.com/the-ultimate-guide-to-red-teaming-inside-a-poc-redteam-tools-69645572cf0f?source=rss------bug_bounty-5ElNiakred-team, bug-bounty, github, penetration-testing, cybersecurity19-Mar-2024
3 Step Find Critical Bug In Bug Bounty — Bug Bounty Tuesdayhttps://medium.com/@kerstan/3-step-find-critical-bug-in-bug-bounty-bug-bounty-tuesday-99011ec2cf27?source=rss------bug_bounty-5kerstansecurity, technology, cybersecurity, hacking, bug-bounty19-Mar-2024
Hunting JavaScript File for Bug Huntershttps://vivek-ghinaiya.medium.com/hunting-javascript-file-for-bug-hunters-e8b278a1306a?source=rss------bug_bounty-5Vivek Ghinaiyabug-hunting, bug-bounty, bug-bounty-writeup, javascript, bug-bounty-tips19-Mar-2024
Finding the hidden function led to a $300 IDORhttps://infosecwriteups.com/finding-the-hidden-function-led-to-a-300-idor-d37219c66d03?source=rss------bug_bounty-5M7arm4nbug-bounty-tips, bug-bounty, hacking, hacker, security19-Mar-2024
CVE-2024–28436 Cross-Site Scripting Vulnerability in D-Link DAP Productshttps://djallalakira.medium.com/cve-2024-28436-cross-site-scripting-vulnerability-in-d-link-dap-products-3596976cc99f?source=rss------bug_bounty-5Djallalakirabug-bounty, cybersecurity, bug-bounty-writeup19-Mar-2024
IDOR to read all user’s private route commentshttps://medium.com/@youssifm.raghib/idor-to-read-all-users-private-route-comments-e97120d43262?source=rss------bug_bounty-5Youssif M Raghibcybersecurity, bug-bounty, bug-bounty-tips19-Mar-2024
Get allmost all subdomainshttps://medium.com/@petrukhin.s.a/get-allmost-all-subdomains-5694dcc3cb60?source=rss------bug_bounty-5Sergei Petrukhinsubdomain, bug-bounty, subdomains-enumeration, bug-bounty-tips19-Mar-2024
13.14 Lab: Reflected XSS into HTML context with most tags and attributes blocked | 2024https://cyberw1ng.medium.com/13-14-lab-reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-2024-7e2106ef89b2?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, cybersecurity, hacking19-Mar-2024
The Art Of Unveiling Logs for Sensitive Data In Android Applications (The Offensive Security Way)https://medium.com/@adipsharif/the-art-of-unveiling-logs-for-sensitive-data-in-android-applications-the-offensive-security-way-9c823532d004?source=rss------bug_bounty-5ADIPcybersecurity, bug-bounty, application-security, penetration-testing, bug-bounty-tips19-Mar-2024
HackTheBox — Information Gathering: Active Enumerationhttps://medium.com/@harry.hphu/hackthebox-information-gathering-active-enumeration-e43481ef85f9?source=rss------bug_bounty-5Huy Phusubdomains-enumeration, hackthebox, enumeration, bug-bounty, information-gathering19-Mar-2024
Unleashing Chaos: The Tale of the 0-Click Account Takeoverhttps://medium.com/@hmuhamm3d/unleashing-chaos-the-tale-of-the-0-click-account-takeover-21c2cedabc4b?source=rss------bug_bounty-5Hassaan Mohamedpenetration-testing, bug-bounty, account-takeover, bugswagger, infosec-write-ups19-Mar-2024
The Art Of Determining Whether Sensitive Data Is Shared with Third Parties via Embedded Services …https://medium.com/@adipsharif/the-art-of-determining-whether-sensitive-data-is-shared-with-third-parties-via-embedded-services-beba2856ef96?source=rss------bug_bounty-5ADIPbug-bounty-tips, cybersecurity, penetration-testing, bug-bounty, hacking19-Mar-2024
Medium Member Friend Links bughttps://karol-mazurek.medium.com/medium-member-friend-links-bug-b1d0020fbe39?source=rss------bug_bounty-5Karol Mazurekmedium, information-technology, penetration-testing, cybersecurity, bug-bounty18-Mar-2024
[Bug Bounty]xlsx 上传导致 XXE 漏洞https://medium.com/@_thorns/bug-bounty-xlsx-%E4%B8%8A%E4%BC%A0%E5%AF%BC%E8%87%B4-xxe-%E6%BC%8F%E6%B4%9E-e0615bee6af6?source=rss------bug_bounty-5_thornsbug-bounty18-Mar-2024
Burpsuite Beginners Guidehttps://medium.com/@OthmaneAitBouftass/burpsuite-beginners-guide-6bc7a08ca8f7?source=rss------bug_bounty-5Othmane Ait Bouftassweb-security, penetration-testing, bug-bounty, cybersecurity, ethical-hacking18-Mar-2024
LAMPSecurity CTF5 Walkthroughhttps://erdemstar.medium.com/lampsecurity-ctf5-walkthrough-d24f67a5fd63?source=rss------bug_bounty-5Erdemstaroscp-preparation, penetration-testing, bug-bounty, vulnhub-walkthrough, vulnhub18-Mar-2024
Subdomain Fuzzing worth 35k bounty!https://medium.com/@HX007/subdomain-fuzzing-worth-35k-bounty-daebcb56d9bc?source=rss------bug_bounty-5HX007cybersecurity, bug-bounty18-Mar-2024
Happy H@cking Psychomonghttps://medium.com/@psychomong/trhappy-h-cking-psychomong-bfa566350a01?source=rss------bug_bounty-5Psychomonghacking-tools, hacking, research, bug-bounty, bounty-program18-Mar-2024
13.13 Lab: Stored DOM XSS Cross Site Scripting | 2024https://cyberw1ng.medium.com/13-13-lab-stored-dom-xss-cross-site-scripting-2024-f4c9a21ea262?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, penetration-testing, hacking, cybersecurity18-Mar-2024
Security.txt Nedir ?https://medium.com/@ozanbozkurt1974/security-txt-nedir-d7d38a069cd8?source=rss------bug_bounty-5ozan bozkurtsecurity, bug-bounty, cybersecurity, red-team18-Mar-2024
Orderly Network: Unleashing Creativity in the DeFi Ecosystem through the Scaling Web3 Hackathonhttps://medium.com/@orderlynetwork/orderly-network-unleashing-creativity-in-the-defi-ecosystem-through-the-scaling-web3-hackathon-5cd75096ecba?source=rss------bug_bounty-5Orderly Network (,)encode-club, orderly-network, bug-bounty, defi, blockchain-development18-Mar-2024
Web Security Short Series — SQLi.https://medium.com/@frankyyano/web-security-short-series-sqli-f222f04431a6?source=rss------bug_bounty-5Yano.oscp, appsec, bug-bounty, sqli, sql18-Mar-2024
XML External Entity (XXE) attackhttps://bytebusterx.medium.com/xml-external-entity-xxe-attack-69f7b268be01?source=rss------bug_bounty-5ByteBusterXvulnerability, bug-bounty, infosec, web-security18-Mar-2024
Happy H@cking Psychomonghttps://medium.com/@psychomong123/trhappy-h-cking-psychomong-bfa566350a01?source=rss------bug_bounty-5Psychomong123hacking-tools, hacking, research, bug-bounty, bounty-program18-Mar-2024
Understanding Injection Attacks: A Deep Dive into OWASP’s Top Vulnerabilityhttps://osintteam.blog/understanding-injection-attacks-a-deep-dive-into-owasps-top-vulnerability-7d59e3535187?source=rss------bug_bounty-5Paritoshbug-bounty, cybersecurity, hacking, owasp, injection-attacks17-Mar-2024
Bug Zero at a Glance [01–15 March]https://blog.bugzero.io/bug-zero-at-a-glance-01-15-march-ba1ba88870ee?source=rss------bug_bounty-5Januka Dharmapriyasri-lanka, newsletter, cybersecurity, bug-zero, bug-bounty17-Mar-2024
Bug Bounty Platforms are a Scam [Mostly]https://medium.com/@hacktheplanet/bug-bounty-platforms-are-a-scam-mostly-ea53fe54c53d?source=rss------bug_bounty-5HackthePlanet - A Hacker's Blog.cybersecurity, scams-to-avoid, bug-bounty, hacking, bug-hunting17-Mar-2024
My Journey into Bug Bounty: Revealing My First Successful Discoveryhttps://medium.com/@kajol_singh/my-journey-into-bug-bounty-revealing-my-first-successful-discovery-81b5d2efcbde?source=rss------bug_bounty-5Kajol Kumaribug-bounty-tips, bounty-program, bug-bounty, developer, cybersecurity17-Mar-2024
Skipping the email verification is Good (or) Bad?https://medium.com/@Alex_crypto/skipping-the-email-verification-is-good-or-bad-ef045dc8d3ed?source=rss------bug_bounty-5Alex_Cryptobug-bounty, security-analytics, hacking17-Mar-2024
Mastering XSS: A Comprehensive Guide to Finding Cross-Site Scripting Vulnerabilitieshttps://cyberw1ng.medium.com/mastering-xss-a-comprehensive-guide-to-finding-cross-site-scripting-vulnerabilities-3891ab930274?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing17-Mar-2024
How I found my first ever bug.https://osintteam.blog/how-i-found-my-first-ever-bug-89fedb5a9b3c?source=rss------bug_bounty-5an0nbilcybersecurity, technology, programming, javascript, bug-bounty17-Mar-2024
Application Level DoS - Smoking with ‘null’ Againhttps://shahjerry33.medium.com/application-level-dos-smoking-with-null-again-364ce16dad74?source=rss------bug_bounty-5Jerry Shah (Jerry)pentesting, cybersecurity, bug-bounty, vulnerability, infosec17-Mar-2024
Redirecting a webpage from HTTP to HTTPS is safe and how to identify whether the webpage is safe or…https://medium.com/@Alex_crypto/if-the-forgot-password-link-is-copied-and-pasted-into-the-new-tab-it-opens-in-http-and-directs-to-8e8f80c4a9f6?source=rss------bug_bounty-5Alex_Cryptobug-bounty, security17-Mar-2024
Bug Bounty Learning Pathhttps://bevijaygupta.medium.com/bug-bounty-learning-path-0c0015d6a71d?source=rss------bug_bounty-5Vijay Guptabugs, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-zero17-Mar-2024
Bug Bounty Platformshttps://bevijaygupta.medium.com/bug-bounty-platforms-499275d1d9b4?source=rss------bug_bounty-5Vijay Guptabug-bounty-platforms, bugs, bug-bounty, bug-bounty-tips17-Mar-2024
Bug Bounty Tutorial : Login Bypass Techniquehttps://rajput623929.medium.com/bug-bounty-tutorial-login-bypass-technique-d7508856b2a1?source=rss------bug_bounty-5Mr.Horbiopoc, bug-bounty, cybersecurity, ethical-hacking, pentesting17-Mar-2024
I earned $1000 with IDOR’s vulnerability to PII leaks outside the platform.https://aryasec.medium.com/i-earned-1000-with-idors-vulnerability-to-pii-leaks-outside-the-platform-65b1cbcfa26e?source=rss------bug_bounty-5Tengku Arya Saputraidor, bugbounty-writeup, bug-bounty, idor-vulnerability17-Mar-2024
How to make a living as a Hacker!https://medium.com/@rafael.code77/how-to-make-a-living-as-a-hacker-ff8fafa98b0b?source=rss------bug_bounty-5Rafael Henriquescience, money, programming, bug-bounty, hacking16-Mar-2024
https://medium.com/@morganbinbash/-25027f11f71e?source=rss------bug_bounty-5Morgan Bin Bashpentesting, cybersecurity, bug-bounty, cyber-threat-intelligence16-Mar-2024
Types of Cyber Attacks on Each OSI Layerhttps://medium.com/@kumarsachin1642001/types-of-cyber-attacks-on-each-osi-layer-56e746dfa3b8?source=rss------bug_bounty-5sachin kumarcybersecurity, hackerone, hacker, cyberattack, bug-bounty16-Mar-2024
Tips to get your first bug/bountyhttps://medium.com/@mr_prey3r/tips-to-get-your-first-bug-bounty-c5a862ad8567?source=rss------bug_bounty-5Rubayet Hasan aka MR_Prey3rfirst-bug, bug-bounty, bug-bounty-tips, first-bounty, find-your-first-bug16-Mar-2024
Bug Bounty Challenge: Day 7–16/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-7-16-03-2024-5c48ff96f9d0?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty, bug-bounty-tips, bug-bounty-hunter16-Mar-2024
IDOR + Content Injection Penetration Testing Lesson 5https://medium.com/@or0to/idor-content-injection-penetration-testing-lesson-5-fe3bdce12f8f?source=rss------bug_bounty-5Ali Essamsecurity, penetration-testing, bug-bounty, cybersecurity, ali16-Mar-2024
13.12 Lab: Reflected DOM XSS — Cross Site Scripting | 2024https://infosecwriteups.com/13-12-lab-reflected-dom-xss-cross-site-scripting-2024-0dc98e91ae42?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, careers, penetration-testing16-Mar-2024
How Secure is Java’s SecureProcessing?https://medium.com/@dub-flow/how-secure-is-javas-secureprocessing-ec49544a59ad?source=rss------bug_bounty-5Florian Waltercybersecurity, application-security, java, code-review, bug-bounty16-Mar-2024
How I was able to disclose the Users’ chats with AI chat Bot?https://medium.com/@who1am1i999/how-i-was-able-to-disclose-the-users-chats-with-ai-chat-bot-c7d8b13ca713?source=rss------bug_bounty-5WHO AM I ?information-security, fuzzing, bug-bounty, cybersecurity, information-disclosure15-Mar-2024
Understanding Path Traversal Vulnerabilities: Risks and Mitigationhttps://medium.com/@paritoshblogs/understanding-path-traversal-vulnerabilities-risks-and-mitigation-6149a506a65b?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, hacking, cybersecurity, path-traversal15-Mar-2024
Account takeover via Password resethttps://medium.com/@Rahulkrishnan_R_Panicker/account-takeover-via-password-reset-c2658e1f58eb?source=rss------bug_bounty-5Rahulkrishnan R Panickerbug-bounty, cybersecurity, bugbounty-writeup, programming, bug-bounty-writeup15-Mar-2024
I discovered a new way to bypass CSRF protection to achieve Account Takeoverhttps://medium.com/@vflexo/i-discovered-a-new-way-to-bypass-csrf-protection-to-achieve-account-takeover-73d1dff3c67a?source=rss------bug_bounty-5vFlexoinformation-technology, bug-bounty, penetration-testing, vapt, ethical-hacking15-Mar-2024
BugRap Ecosystem Panorama: Empowering Web3 Security Developmenthttps://medium.com/@BugRap_Team/bugrap-ecosystem-panorama-empowering-web3-security-development-6cbe2f7adb24?source=rss------bug_bounty-5BugRap Teamweb-development, bug-bounty, security, btc15-Mar-2024
Exploring Bug Bounty Hunting as a Promising Career Choice for Cybersecurity Professionalshttps://medium.com/mynextdeveloper/exploring-bug-bounty-hunting-as-a-promising-career-choice-for-cybersecurity-professionals-2015563daac8?source=rss------bug_bounty-5MyNextDeveloperhacking, bug-bounty, cybersecurity, client-security, cyber15-Mar-2024
13.11 Lab: DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded |…https://cyberw1ng.medium.com/13-11-lab-dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-d7188a250ad8?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, hacking, careers, penetration-testing15-Mar-2024
Reconnaissance: How GitDorks can power up your recon!https://medium.com/@kieran.w/reconnaissance-how-gitdorks-can-power-up-your-recon-da3c5e412925?source=rss------bug_bounty-5Kieran Wgitdorking, reconnaissance, penetration-testing, bug-bounty, security-testing15-Mar-2024
Bug Bounty Challenge: Day 6–15/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-6-15-03-2024-a5c6c1a67647?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup15-Mar-2024
BChecks en Burp Suite Professionalhttps://medium.com/@ArtsSEC/bchecks-en-burp-suite-professional-5d8c4754349e?source=rss------bug_bounty-5ArtsSECburpsuite, development, penetration-testing, web-development, bug-bounty15-Mar-2024
13.10 Lab: DOM XSS in document.writehttps://cyberw1ng.medium.com/13-10-lab-dom-xss-in-document-write-c702cd0bd743?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, careers, penetration-testing, hacking14-Mar-2024
MRS #2: Bypassing premium features by checking “premium validation” parameters (€€€)https://infosecwriteups.com/mrs-2-bypassing-premium-features-by-checking-premium-validation-parameters-f2e211fad160?source=rss------bug_bounty-5can1337infosec, business-logic, bug-bounty-tips, bug-bounty, cybersecurity14-Mar-2024
Unleash the Power of the Crypto Drainer: Your Ultimate Weapon in Crypto Wallet Draining!https://medium.com/@colbe.judge/unleash-the-power-of-the-crypto-drainer-your-ultimate-weapon-in-crypto-wallet-draining-bd4ece99cc24?source=rss------bug_bounty-5CryptoDrainXbug-bounty, hacking, bug-bounty-tips, hacking-tools, money14-Mar-2024
Unleash the Ultimate Multichain Wallet Drainer — Crypto Drainer: Drain ’Em all with Just One Click!https://medium.com/@colbe.judge/unleash-the-ultimate-multichain-wallet-drainer-crypto-drainer-drain-em-all-with-just-one-click-0afa35f9b736?source=rss------bug_bounty-5CryptoDrainXbug-bounty, cryptocurrency, bug-bounty-tips, nft, bitcoin14-Mar-2024
Insane Crypto-Drainer Exposed: The Ultimate Wallet Drainer You Can’t Ignore!https://medium.com/@colbe.judge/insane-crypto-drainer-exposed-the-ultimate-wallet-drainer-you-cant-ignore-7545f4c9c86d?source=rss------bug_bounty-5CryptoDrainXbug-bounty, crypto, nft, defi, money14-Mar-2024
How To Get $100k in 2024 With Crypto [Unrevealed]https://medium.com/@colbe.judge/how-to-get-100k-in-2024-with-crypto-unrevealed-b40081b8fb41?source=rss------bug_bounty-5CryptoDrainXblockchain, cryptocurrency, hacking-tools, hacking, bug-bounty14-Mar-2024
5 Websites to Learn Bug Hunting: A Beginner’s Guidehttps://medium.com/@aayushdhakal005/5-websites-to-learn-bug-hunting-a-beginners-guide-4399c2f94917?source=rss------bug_bounty-5Creepyshitwebsite, bug-bounty, cybersecurity, resources14-Mar-2024
Bug Bounty Challenge: Day 5–14/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-5-14-03-2024-b8fe8dae8cb5?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter14-Mar-2024
GRWM for WebApp PenTest | Command Injectionhttps://redsock1337.medium.com/grwm-for-webapp-pentest-command-injection-e205906573e2?source=rss------bug_bounty-5Jbros, command-line, bug-bounty-tips, cybersecurity, bug-bounty14-Mar-2024
Uncovering Host Header Injection Vulnerabilities in 5 Apex Domain Hosts Part Two how to chainhttps://javroot.medium.com/uncovering-host-header-injection-vulnerabilities-in-5-apex-domain-hosts-part-two-how-to-chain-0abe308a4807?source=rss------bug_bounty-5Javrootweb, hacking, penetration-testing, bug-bounty-tips, bug-bounty14-Mar-2024
API Security: Essential Tools for Endpoint Analysishttps://iaraoz.medium.com/api-security-essential-tools-for-endpoint-analysis-efb1c72675c0?source=rss------bug_bounty-5Israel Aráoz Severichebug-bounty, owasp, appsec, cybersecurity, api-security14-Mar-2024
Exploiting Cross-Site Scripting XSS vulnerabilities for Bug Bounty — Portswigger | 2024https://cyberw1ng.medium.com/exploiting-cross-site-scripting-xss-vulnerabilities-for-bug-bounty-portswigger-2024-88d6e1df4658?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, penetration-testing, cybersecurity, bug-bounty13-Mar-2024
How To Do Malware Analysishttps://medium.com/@paritoshblogs/how-to-do-malware-analysis-62bd1f8052bb?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, information-technology, security, malware-analysis13-Mar-2024
Easiest way to find hidden api from js fileshttps://medium.com/@jeetpal2007/easiest-way-to-find-hidden-api-from-js-files-ce115a4ad1af?source=rss------bug_bounty-5JEETPALcybersecurity, bounties, api-key, easiest-way, bug-bounty13-Mar-2024
Enhancing Your Bug Hunting Skills: 5 Must-Read Bookshttps://medium.com/@aayushdhakal005/enhancing-your-bug-hunting-skills-5-must-read-books-edb6029c19a6?source=rss------bug_bounty-5Creepyshitbug-bounty, cybersecurity, books, web13-Mar-2024
Lets Talk Pentest Strategyhttps://medium.com/@hackstack/lets-talk-pentest-strategy-adea4d3b085e?source=rss------bug_bounty-5HackStackpentest, pentesting, how-to, bug-bounty13-Mar-2024
Email based IDOR makes me update Other User Profilehttps://rohmadhidayah.medium.com/email-based-idor-makes-me-update-other-user-profile-8e6e289f4391?source=rss------bug_bounty-5Rohmad Hidayahidor, info-sec-writeups, infosec-write-ups, bug-bounty, bug-bounty-tips13-Mar-2024
Bug-Bounty/How I Found My FIRST Vulnerability and How could I Access the Admin Panel using it +…https://medium.com/@rogxoorsafe/bug-bounty-how-i-found-my-first-vulnerability-and-how-could-i-access-the-admin-panel-using-it-899d75da2f37?source=rss------bug_bounty-5Alireza Rogxoorcyberattack, bug-bounty, cybersecurity, hacking, security13-Mar-2024
Fuzzing to Kubernetes to IDOR to PII leakhttps://nityanandjha18.medium.com/fuzzing-to-kubernetes-to-idor-to-pii-leak-dae0dda70090?source=rss------bug_bounty-5NITYA NAND JHAvapt, ethical-hacking, bug-bounty13-Mar-2024
Researcher Q&A: Friends Who Work Together, Hack Better Togetherhttps://blog.developer.adobe.com/researcher-q-a-friends-who-work-together-hack-better-together-c698ff0be732?source=rss------bug_bounty-5Renae Kangsecurity, bug-bounty-program, security-researchers, bug-bounty, ethical-hacker13-Mar-2024
PROXY FUZZINGhttps://karol-mazurek.medium.com/proxy-fuzzing-4dc77968cfd8?source=rss------bug_bounty-5Karol Mazurekprogramming, information-technology, bug-bounty, python, cybersecurity13-Mar-2024
Reconnaissance?https://mrrobotstxt.medium.com/reconnaissance-ca2fa7bf821d?source=rss------bug_bounty-5Mr. Robots.txthackathons, bug-bounty, hacking, penetration-testing, cybersecurity13-Mar-2024
How much money did I make from doing Bug Bounty?https://systemweakness.com/how-much-money-did-i-make-from-doing-bug-bounty-707438b71f47?source=rss------bug_bounty-5Imad Husanovicbug-bounty, programming, hacking, cybersecurity, bug-bounty-tips13-Mar-2024
Cross-site scripting contexts for Bug Bounty — Portswigger | 2024https://cyberw1ng.medium.com/cross-site-scripting-contexts-for-bug-bounty-portswigger-2024-b927cfa70de3?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, penetration-testing, bug-bounty, cybersecurity12-Mar-2024
Business Logic Errors allow me to buy Products at Low Prices on Farmaku.comhttps://rohmadhidayah.medium.com/business-logic-errors-allow-me-to-buy-products-at-low-prices-on-farmaku-com-b8c9c0bcf5cc?source=rss------bug_bounty-5Rohmad Hidayahinfo-sec-writeups, bug-bounty-tips, business-logic, bug-bounty, infosec-write-ups12-Mar-2024
ShentuChain Unveils a Constellation of High-profile Investorshttps://shentuchain.medium.com/shentuchain-unveils-a-constellation-of-high-profile-investors-54b612b8dc30?source=rss------bug_bounty-5Shentu Chainbinance, cybersecurity, investors, bug-bounty, announcements12-Mar-2024
How I Discovered My First Critical Vulnerability in My Bug Bounty Careerhttps://snip3rgg.medium.com/how-i-discovered-my-first-critical-vulnerability-in-my-bug-bounty-career-cf0e048d14cb?source=rss------bug_bounty-5Sahil Bugade (snip3rgg)infosec, bug-bounty, vulnerability, bug-bounty-tips, cybersecurity12-Mar-2024
Account Takeover Through Rate-Limit Bypass — Bug Bounty Tuesdayhttps://medium.com/@kerstan/account-takeover-through-rate-limit-bypass-bug-bounty-tuesday-01229168dd89?source=rss------bug_bounty-5kerstanbug-bounty, security, programming, cybersecurity, technology12-Mar-2024
How I found my first ever valid bug on Hackeronehttps://medium.com/@rubaethasanariyan/how-i-found-my-first-ever-valid-bug-on-hackerone-da30015aa08d?source=rss------bug_bounty-5Rubayet Hasan aka MR_Prey3rbug-bounty-tips, bugbounty-poc, first-bug, hackerone, bug-bounty12-Mar-2024
Guvenkaya Security Insights Series — Sweat Economyhttps://medium.com/@guvenkaya-sec/guvenkaya-security-insights-series-sweat-economy-dbe681a79e7a?source=rss------bug_bounty-5Guvenkayanear-protocol, bug-bounty, smart-contracts, rust, web312-Mar-2024
BYPASSING PARENTAL CONTROL ON WHOLE APPLE ECO-SYSTEMhttps://medium.com/@sam0-0/bypassing-parental-control-on-whole-apple-eco-system-1c6975c24105?source=rss------bug_bounty-5Sambug-bounty, apple, infosec, bugbounty-writeup12-Mar-2024
Bug Bounty Challenge: Day 4/15–12/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-4-15-12-03-2024-412bf44f8b83?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-hunting12-Mar-2024
Minha Experiência ao Obter a Certificação CBBHhttps://tiredandsick.medium.com/cbbh-experience-prbt-bc2b376c4124?source=rss------bug_bounty-5SickAndTiredbug-bounty, hacking, pentesting, cbbh, hackthebox-academy12-Mar-2024
Utilizing Log Poisoning: Elevating from LFI to RCEhttps://medium.com/@YNS21/utilizing-log-poisoning-elevating-from-lfi-to-rce-5dca90d0a2ac?source=rss------bug_bounty-5Youness Abbidabug-bounty, hackthebox, local-file-inclusion, hackthebox-writeup, cybersecurity12-Mar-2024
Bug Bounty — Improper Authentication using Google Authhttps://medium.com/@nourrisson.julien3/bug-bounty-improper-authentication-using-google-auth-b45fbddab9be?source=rss------bug_bounty-5Nourrisson Julienbug-bounty, cybersecurity11-Mar-2024
HTML INJECTION (Payload List)https://medium.com/@psychomong/html-injection-payload-list-735e69f522ca?source=rss------bug_bounty-5psychomongbug-bounty, bugs, html, injection, htmlinput11-Mar-2024
Race Conditions + IDOR Leads to Bypass Email Verification & Phone Verificationhttps://medium.com/@ozomarzu/race-conditions-idor-leads-to-bypass-email-verification-phone-verification-f62c7d7b97e5?source=rss------bug_bounty-5CyberOzbugs, writeup, bug-bounty, hacking, bug-bounty-tips11-Mar-2024
Exploring AI Penetration Testinghttps://medium.com/@adityasawant00/exploring-ai-penetration-testing-38891e861acd?source=rss------bug_bounty-5Aditya Sawanthacking, bug-bounty, penetration-testing, ai, large-language-models11-Mar-2024
Bug Bounty Challenge: Day 3/15–11/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-3-15-11-03-2024-38993610e657?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-writeup11-Mar-2024
HTML Injection on NASA.govhttps://medium.com/@boogsta/html-injection-on-nasa-gov-91b1d3602ea0?source=rss------bug_bounty-5Boogstahacking, cybersecurity, hacker, cyber, bug-bounty11-Mar-2024
3 Information Disclosure in Bug Bounty Programhttps://medium.com/@jm7.zx/3-information-disclosure-in-bug-bounty-program-e0c12f6e25d5?source=rss------bug_bounty-5Jm7.szbug-bounty, cybersecurity, programming, data-science11-Mar-2024
GRWM for WebApp PenTest | XPATH Injectionhttps://whyjbr.medium.com/grwm-for-webapp-pentest-xpath-injection-0906154bbe91?source=rss------bug_bounty-5Jbrxpath, bug-bounty, cybersecurity, hacking, ethical-hacking11-Mar-2024
Exfiltrating Sensitive Information via Reflected XSS Bypassing Cloudflarehttps://medium.com/@mayankchoubey507/exfiltrating-sensitive-information-via-reflected-xss-bypassing-cloudfare-d82d9ccc24d6?source=rss------bug_bounty-5Mayankchoubeycybersecurity, xss-bypass, cloudflare, bug-bounty, xss-attack11-Mar-2024
24.4 Lab: Exploiting server-side parameter pollution in a query string | 2024https://infosecwriteups.com/24-4-lab-exploiting-server-side-parameter-pollution-in-a-query-string-2024-ac0e23db9c02?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, cybersecurity, bug-bounty, careers11-Mar-2024
Top 7 BurpSuite Extensions for BugBounty- Part-1https://medium.com/@Ajakcybersecurity/top-7-burpsuite-extensions-for-bugbounty-part-1-4e9639649601?source=rss------bug_bounty-5AjakCybersecurityhacking, ethical-hacking, penetration-testing, burpsuite, bug-bounty11-Mar-2024
HackTheBox — Information Gatheringhttps://medium.com/@harry.hphu/hackthebox-information-gathering-a2d78c901dd0?source=rss------bug_bounty-5Huy Phuhackthebox, enumeration, bug-bounty, information-gathering11-Mar-2024
HackTheBox — Information Gathering: Passive Enumerationhttps://medium.com/@harry.hphu/hackthebox-information-gathering-passive-enumeration-85e45503683d?source=rss------bug_bounty-5Huy Phupassive-reconnaissance, hackthebox, information-gathering, bug-bounty11-Mar-2024
Vulnerability Vault: Breaking Down SSRF — Server Side Request Forgery (Part 2)https://psychovik.medium.com/vulnerability-vault-breaking-down-ssrf-server-side-request-forgery-part-2-a08d4a2b3d96?source=rss------bug_bounty-5Vikas Sharmahacking, cybersecurity, ssrf, bug-bounty, vulnerability10-Mar-2024
The Reset Password Attack Vectorhttps://balook.medium.com/the-reset-password-attack-vector-833e1291bb15?source=rss------bug_bounty-5baluzbug-bounty10-Mar-2024
How I get My First $$$$ Bounty?https://medium.com/@hacdoc/how-i-get-my-first-bounty-ec4d83eb5fbf?source=rss------bug_bounty-5Jaikumarbug-bounty-tips, hacking, bug-bounty10-Mar-2024
GRWM for WebApp PenTest | Insecure Deserializationhttps://whyjbr.medium.com/grwm-for-webapp-pentest-insecure-deserialization-adfa4f8cf53f?source=rss------bug_bounty-5Jbrphp, bug-bounty, inspiration, cybersecurity, hacking10-Mar-2024
How I get My First $$$$ Bounty?https://medium.com/@hacdoc/how-i-get-my-first-bounty-ec4d83eb5fbf?source=rss------bug_bounty-5ஜெய்bug-bounty-tips, hacking, bug-bounty10-Mar-2024
24.3 Lab: Exploiting a mass assignment vulnerability | 2024https://infosecwriteups.com/24-3-lab-exploiting-a-mass-assignment-vulnerability-2024-cc97a296d5fc?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, bug-bounty, hacking10-Mar-2024
Information Gathering #1https://medium.com/@mxfx1989/information-gathering-1-192f58c49f2e?source=rss------bug_bounty-5z4z4_h1red-team, cybersecurity, bug-bounty, hacking, infosec10-Mar-2024
Easiest bugs to starthttps://medium.com/@petrukhin.s.a/easiest-bugs-to-start-9f92d87f6e36?source=rss------bug_bounty-5Sergei Petrukhinopen-redirect, bug-bounty10-Mar-2024
Subdomains Enumerationhttps://d4t4s3c.medium.com/subdomains-enumeration-a23f44ba4687?source=rss------bug_bounty-5d4t4s3cbug-bounty, vhost, red-team, pentesting, subdomains-enumeration10-Mar-2024
Bug Bounty Challenge: Day 2/15–10/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-1-15-10-03-2024-b946472d71c8?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup, bug-bounty10-Mar-2024
Cross-origin resource sharing (CORS) | Web application Vulnerabilityhttps://abineshm.medium.com/cross-origin-resource-sharing-cors-web-application-vulnerability-afc0d3d35063?source=rss------bug_bounty-5Abinesh Mvulnerability, web-application-security, security, bug-bounty, bugs09-Mar-2024
Untangling Dependency Confusion: Exploring Threats and Protectionshttps://jareddouville.medium.com/untangling-dependency-confusion-exploring-threats-and-protections-7dd7f58de127?source=rss------bug_bounty-5Jared Douvillenpm, bug-bounty, hacking, hackerone09-Mar-2024
24.2 Lab: Finding and exploiting an unused API endpoint | 2024https://cyberw1ng.medium.com/24-2-lab-finding-and-exploiting-an-unused-api-endpoint-2024-81f3451df1a1?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, careers, bug-bounty, penetration-testing09-Mar-2024
Bug Bounty Challenge: Day 1/15–09/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-1-15-09-03-2024-f7b1824f2262?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup09-Mar-2024
24.1 Lab: Exploiting an API endpoint using documentation | 2024https://cyberw1ng.medium.com/24-1-lab-exploiting-an-api-endpoint-using-documentation-2024-5e7de5aaf53e?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, careers, hacking, bug-bounty08-Mar-2024
Vulnerability Vault: Breaking Down SSRF — Server Side Request Forgery (Part 1)https://psychovik.medium.com/vulnerability-vault-breaking-down-ssrf-server-side-request-forgery-part-1-b7e658589dd9?source=rss------bug_bounty-5Vikas Sharmacybersecurity, hacking, vulnerability, bug-bounty, ssrf08-Mar-2024
1K Followers Giveaway-https://medium.com/@Ajakcybersecurity/1k-followers-giveaway-892488a38a48?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, giveaway, free, bug-bounty, ethical-hacking08-Mar-2024
Sensitive Data Exposed when placing an Orderhttps://rohmadhidayah.medium.com/sensitive-data-exposed-when-placing-an-order-5549baed9186?source=rss------bug_bounty-5Rohmad Hidayahinfosec-write-ups, bug-bounty-tips, info-sec-writeups, bug-bounty08-Mar-2024
BSides Transylvania Is Not A Simple Conference, Is a Training Ground For Your Security Teamhttps://corneacristian.medium.com/bsides-transylvania-is-not-a-simple-conference-is-a-training-ground-for-your-security-team-c41cdf30778f?source=rss------bug_bounty-5Cristian Cornearomania, ethical-hacking, tech, cybersecurity, bug-bounty08-Mar-2024
Server-Side Template Injection (SSTI) ☠️ Deep Divehttps://cyberbull.medium.com/server-side-template-injection-ssti-%EF%B8%8F-deep-dive-512904b8a8ae?source=rss------bug_bounty-5Aditya Pandeyweb-security, security, cybersecurity, bug-bounty, ethical-hacking08-Mar-2024
Bug Bounty Challenge: Day 0/15https://wallotry.medium.com/bug-bounty-challenge-day-0-15-8e88c5b4cc6b?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty08-Mar-2024
0 Click Account Takeover Via reset password weird behaviorhttps://medium.com/@0xSnowmn/0-click-account-takeover-via-reset-password-weird-behavior-026846e5f850?source=rss------bug_bounty-5Snow Marsbug-bounty, bug-bounty-tips, cybersecurity08-Mar-2024
WinRAR 7.0 DLL Hijacking -> Local RCE [0-day]https://medium.com/@boogsta/winrar-7-0-dll-hijacking-local-rce-0-day-6d90765c6601?source=rss------bug_bounty-5Boogstacybersecurity, bug-bounty, hacks, hacking, cyber08-Mar-2024
Usb data recovery — Digital forensics introhttps://medium.com/@Rahulkrishnan_R_Panicker/usb-data-recovery-digital-forensics-intro-0c57337425b5?source=rss------bug_bounty-5Rahulkrishnan R Panickerdigital-forensics, tech, bug-bounty, pentesting, hacking07-Mar-2024
Increasing IMPACT of No Rate Limit on Email Endpoints.https://shubham-srt.medium.com/increasing-impact-of-no-rate-limit-on-email-endpoints-d66cf08dafaf?source=rss------bug_bounty-5Shubham SRTweb-app-security, hacking, cybersecurity, bug-bounty, vapt07-Mar-2024
API Testing for Bug Bounty — Portswigger | 2024https://cyberw1ng.medium.com/api-testing-for-bug-bounty-portswigger-2024-bd8343cc2c10?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, careers, hacking, security07-Mar-2024
Verileri Çıkarmak için NoSQL Enjeksiyonundan Yararlanmahttps://medium.com/@hhuseyinuyar17/verileri-%C3%A7%C4%B1karmak-i%C3%A7in-nosql-enjeksiyonundan-yararlanma-ace89e11bc69?source=rss------bug_bounty-5Hhuseyinuyarbug-bounty, nosql, injection, burpsuite, mongodb07-Mar-2024
Exploring Bug Bounty Programs: An overview and Varietieshttps://medium.com/@lovepatel3223/exploring-bug-bounty-programs-an-overview-and-varieties-6f8539279704?source=rss------bug_bounty-5Prem Patelbug-bounty, bug-bounty-types07-Mar-2024
API Testing for Bug Bounty — Portswigger | 2024https://infosecwriteups.com/api-testing-for-bug-bounty-portswigger-2024-bd8343cc2c10?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, careers, hacking, security07-Mar-2024
How I found Reflected XSS which leads to Account Takeover on an E-commerce websitehttps://medium.com/@npthin1804/how-i-found-reflected-xss-which-leads-to-account-takeover-on-an-e-commerce-website-47200dd631b6?source=rss------bug_bounty-5Npthinbug-bounty, infosec-write-ups, reflected-xss07-Mar-2024
Click, Intercept, Hack: Checkmate on Access Control Vulnerabilityhttps://anasbetis023.medium.com/click-intercept-hack-checkmate-on-access-control-vulnerability-20152a7149e2?source=rss------bug_bounty-5Anas H Hmaidycybersecurity, web-security, ethical-hacking, penetration-testing, bug-bounty07-Mar-2024
XSLeak de-anonymize Facebook user visiting websitehttps://mustafa0x2021.medium.com/xsleak-de-anonymize-facebook-user-visiting-website-8f6c725235e8?source=rss------bug_bounty-5Mustafabug-bounty, meta07-Mar-2024
echo “Hello, World”https://projectpolarbear.com/echo-hello-world-4233c914b944?source=rss------bug_bounty-5Mr. Robots.txtsoc, blue-team, cybersecurity, red-team, bug-bounty07-Mar-2024
Fixing Facebook: A Privacy Issue Ignored?https://medium.com/@mynkpdr/fixing-facebook-a-privacy-issue-ignored-6c048dacc824?source=rss------bug_bounty-5mynkpdrmessenger, bug-bounty-writeup, facebook, bug-bounty, facebook-bug-bounty07-Mar-2024
How to find server security misconfiguration leak data usershttps://medium.com/@sam_0x0/how-to-find-server-security-misconfiguration-leak-data-users-f7a43c008e33?source=rss------bug_bounty-5Eslam Omarbug-bounty, bug-bounty-tips, bugcrowd, bugs, web-pen-testing07-Mar-2024
How to find server security misconfiguration leak data usershttps://systemweakness.com/how-to-find-server-security-misconfiguration-leak-data-users-f7a43c008e33?source=rss------bug_bounty-5Eslam Omarbug-bounty, bug-bounty-tips, bugcrowd, bugs, web-pen-testing07-Mar-2024
How I found Reflected XSS which leads to Account Takeover on an E-commerce websitehttps://medium.com/@npthin1804/how-i-found-reflected-xss-which-leads-to-account-takeover-on-an-e-commerce-website-47200dd631b6?source=rss------bug_bounty-5p00dl3bug-bounty, infosec-write-ups, reflected-xss07-Mar-2024
Bug Bounty - Insecure Deserialization to Reverse Shellhttps://medium.com/@jobaa23/insecure-deserialization-to-reverse-shell-9f007b440d6f?source=rss------bug_bounty-50x4141bug-bounty, remote-code-execution, hacking, bug-hunting, insecure-deserialization07-Mar-2024
Host Header Poison lead to account takeoverhttps://medium.com/@masterhackor22/host-header-poison-lead-to-account-takeover-8c432fb54b29?source=rss------bug_bounty-5master hackorbounty-program, bugs, penetration-testing, cybersecurity, bug-bounty06-Mar-2024
[letsdefend.io] SOC164 — Suspicious Mshta Behaviorhttps://medium.com/@yasminramadini/letsdefend-io-soc164-suspicious-mshta-behavior-36dfa3d74843?source=rss------bug_bounty-5Yasmin Ramadinitryhackme, bug-bounty, indonesia, letsdefendio, ctf-writeup06-Mar-2024
[letsdefend.io] SOC169 — Possible IDOR Attack Detectedhttps://medium.com/@yasminramadini/letsdefend-io-soc169-possible-idor-attack-detected-dda468ceab28?source=rss------bug_bounty-5Yasmin Ramadinictf-writeup, bug-bounty, tryhackme, letsdefendio, indonesia06-Mar-2024
[letsdefend.io] SOC168 — Whoami Command Detected in Request Bodyhttps://medium.com/@yasminramadini/letsdefend-io-soc168-whoami-command-detected-in-request-body-c4813fab47e4?source=rss------bug_bounty-5Yasmin Ramadinibug-bounty, tryhackme, indonesia, letsdefendio, ctf-writeup06-Mar-2024
[Letsdefend.io] SOC170 — Passwd Found in Requested URL — Possible LFI Attackhttps://medium.com/@yasminramadini/letsdefend-io-soc170-passwd-found-in-requested-url-possible-lfi-attack-1828c436e703?source=rss------bug_bounty-5Yasmin Ramadiniletsdefendio, bug-bounty, tryhackme, ctf-writeup, indonesia06-Mar-2024
Apa Itu Kriptografi? Enkripsi, Encoding, Dan Hashinghttps://medium.com/@yasminramadini/apa-itu-kriptografi-enkripsi-encoding-dan-hashing-ddb39d69eb93?source=rss------bug_bounty-5Yasmin Ramadinipentesting, tryhackme, indonesia, cybersecurity, bug-bounty06-Mar-2024
How i bypassed input limitations to get Admin ATOhttps://medium.com/@0x3adly/how-i-bypassed-input-limit-to-get-admin-ato-f2d56f40f505?source=rss------bug_bounty-5Anas Eladly ( 0x3adly )cybersecurity, web-penetration-testing, xss-attack, bug-bounty, bug-bounty-tips06-Mar-2024
Microsoft Exchange Server Remote Code Execution Vulnerabilityhttps://medium.com/@ryuzakiryuga31/microsoft-exchange-server-remote-code-execution-vulnerability-89354c6e6586?source=rss------bug_bounty-5R09shbug-bounty, blackhat, rce-vulnerability, cybersecurity, cyberattack06-Mar-2024
At age of 18, How I got first “Future” Job Offer from Korean MNC through bug bountieshttps://medium.com/@manan_sanghvi/at-age-of-18-how-i-got-first-future-job-offer-from-korean-mnc-through-bug-bounties-2cfb7d4a9e8c?source=rss------bug_bounty-5Manan Sanghviethical-hacking, cybersecurity, bug-bounty, penetration-testing, job-offer06-Mar-2024
Vulnerable WordPress February 2024 (Jushin Castle)https://medium.com/@onhexgroup/vulnerable-wordpress-february-2024-jushin-castle-340990bdb9fb?source=rss------bug_bounty-5Onhexgroupbug-bounty, cybersecurity, security, infosec, wordpress06-Mar-2024
Data Lake introduces the second bug bounty campaign of its patients recruitment Applicationhttps://datalaketoken.medium.com/data-lake-introduces-the-second-bug-bounty-campaign-of-its-patients-recruitment-application-88be6e0399a4?source=rss------bug_bounty-5Data Lakebug-bounty, medical-data, research, data-lake, desci06-Mar-2024
How I Passed eWPTX v2 Exam Without Coursewarehttps://medium.com/@adityasawant00/how-i-passed-ewptx-v2-exam-without-courseware-1711edd7fb32?source=rss------bug_bounty-5Aditya Sawanthacking, penetration-testing, certification, bug-bounty, security06-Mar-2024
12.4 Lab: Exploiting NoSQL operator injection to extract unknown fields | 2024https://infosecwriteups.com/12-4-lab-exploiting-nosql-operator-injection-to-extract-unknown-fields-2024-866996b9fff2?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, hacking, careers, penetration-testing06-Mar-2024
Upload Backdoor in profile picture and OTP Bypasshttps://medium.com/@sahilkushwaha275/upload-backdoor-in-profile-picture-and-otp-bypass-3c2e2e18fbbb?source=rss------bug_bounty-5S33NUbug-bounty, technology, bug-hunting, bounty-program, programming06-Mar-2024
Story of Lock up users’ account by DOS attack cost $1,100https://m7arm4n.medium.com/story-of-lock-up-users-account-by-dos-attack-cost-1-100-87b47d06a7c1?source=rss------bug_bounty-5M7arm4nhacker, hacking, bug-bounty, security, bug-bounty-tips06-Mar-2024
Uncovering Host Header Injection Vulnerabilities in 5 Apex Domain Hostshttps://javroot.medium.com/uncovering-host-header-injection-vulnerabilities-in-5-apex-domain-hosts-c45f79e82862?source=rss------bug_bounty-5Javroothosting, bug-hunting, hacking, white-hat-hacker, bug-bounty05-Mar-2024
Bug-Bounty Beginning (Day-1)https://medium.com/@bv1459/bug-bounty-beginning-day-1-bc5fa649ff45?source=rss------bug_bounty-5Bala Prasanna Gopal Volisettybug-bounty, kali-linux, hacking-tools, hacking05-Mar-2024
XXEs are lurking in unexpected places and you'll find these vulnerabilities almost everywherehttps://medium.com/@securelearn/xxes-are-lurking-in-unexpected-places-and-youll-find-these-vulnerabilities-almost-everywhere-aefeef9d7cbb?source=rss------bug_bounty-5Rohan Giribug-bounty-tips, web-vulnerabilities, bug-bounty05-Mar-2024
How I Found Multiple XSS Vulnerabilities Using Unknown Techniqueshttps://infosecwriteups.com/how-i-found-multiple-xss-vulnerabilities-using-unknown-techniques-74f8e705ea0d?source=rss------bug_bounty-5Khaledyassenxss-attack, hacking, bug-bounty, bug-bounty-tips, cybersecurity05-Mar-2024
Tips Melakukan Analisa Email Phishinghttps://medium.com/@yasminramadini/tips-melakukan-analisa-email-phishing-e4d8f5b4bed6?source=rss------bug_bounty-5Yasmin Ramadinicybersecurity, indonesia, soc-analyst, tryhackme, bug-bounty05-Mar-2024
12.3 Lab: Exploiting NoSQL injection to extract data | 2024https://infosecwriteups.com/12-3-lab-exploiting-nosql-injection-to-extract-data-2024-ca9896a3c964?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, security05-Mar-2024
Apa Itu OSI Model? Protokol Dan Enkapsulasi Tiap Layernyahttps://medium.com/@yasminramadini/apa-itu-osi-model-protokol-dan-enkapsulasi-tiap-layernya-6faa7a0e8bbb?source=rss------bug_bounty-5Yasmin Ramadinisoc-analyst, tryhackme, cybersecurity, indonesia, bug-bounty05-Mar-2024
Apa Itu TCP, UDP, Dan Three-way Handshhttps://medium.com/@yasminramadini/apa-itu-tcp-udp-dan-three-way-handsh-03edaf55c42d?source=rss------bug_bounty-5Yasmin Ramadinisoc-analyst, bug-bounty, cybersecurity, indonesia, tryhackme05-Mar-2024
Road Map to Bug Bounty: A Beginner’s Guidehttps://bjamali.medium.com/road-map-to-bug-bounty-a-beginners-guide-bd14b44e174b?source=rss------bug_bounty-5Babar Ali Jamaliinformation-security, cyber, hacking, cybersecurity, bug-bounty05-Mar-2024
5 Tips GoogleDocks you should know — Bug Bounty Tuesdayhttps://medium.com/@kerstan/5-tips-googledocks-you-should-know-bug-bounty-tuesday-49007026903f?source=rss------bug_bounty-5kerstantechnology, cybersecurity, bug-bounty, programming, security5-Mar-2024
#9.TryHackMe Series writeups-LazyAdminhttps://cyb3rmind.medium.com/9-tryhackme-series-writeups-lazyadmin-7712917a2333?source=rss------bug_bounty-5Cyb3r M!ndwalkthrough, lazy-admin, tryhackme-writeup, tryhackme, bug-bounty05-Mar-2024
Unauthorized access to Facebook creator’s professional dashboardhttps://gtm0x01.medium.com/unauthorized-access-to-facebook-creators-professional-dashboard-e35d98644258?source=rss------bug_bounty-5Gtm Mänôzfacebook, medium, graphql, bug-bounty, writeup05-Mar-2024
My Recon Methodology (ep 1)https://realm3ter.medium.com/my-recon-methodology-ep-1-bc9e6fd660ad?source=rss------bug_bounty-5Muhammad Materbug-bounty, recon, osint05-Mar-2024
Knock, Knock. Who’s there? SSRF! SSRF who? Redirect SSRF!https://atemporalzen.medium.com/knock-knock-whos-there-ssrf-ssrf-who-redirect-ssrf-449f5d18c5a7?source=rss------bug_bounty-5atemporalzenbug-bounty, cybersecurity, hacking, ssrf05-Mar-2024
Payload will after youhttps://medium.com/@isuk4/payload-will-after-you-3e16eaa17517?source=rss------bug_bounty-5Isuka sanujsql-injection, second-order-attack, pentesting, web-app-exploits, bug-bounty05-Mar-2024
HTTP Request Smuggling: WWWWWH?https://medium.com/@rcxsecurity/http-request-smuggling-wwwwwh-85be9c46a38e?source=rss------bug_bounty-5RCXSecuritycybersecurity, pentesting, bug-bounty-tips, bug-bounty, application-security05-Mar-2024
The Danger of PHP Eval():https://medium.com/@pkhuyar/the-danger-of-php-eval-a23410187ca2?source=rss------bug_bounty-5Prashant Roybug-bounty, php, cybersecurity, penetration-testing, ctf05-Mar-2024
Hacking the UK government ( FULL database access )https://ahmadmansourr.medium.com/hacking-the-uk-government-full-database-access-496a94e6cc9c?source=rss------bug_bounty-5Ahmad Mansourcomputer-science, bug-bounty, hacking, pentesting, cybersecurity05-Mar-2024
BAC Leads To Full Takeover Of Any Organisationhttps://medium.com/@ismailsaid1603/bac-leads-to-full-takeover-of-any-organisation-0fc21cf4cb5e?source=rss------bug_bounty-5Esmail Saiedbug-bounty, broken-access-control, idor, bugcrowd, cybersecurity05-Mar-2024
Information Disclosure — Instructor’s Email Address leaked in Responsehttps://rohmadhidayah.medium.com/information-disclosure-instructors-email-address-leaked-in-response-1737551d5a8b?source=rss------bug_bounty-5Rohmad Hidayahinfo-sec-writeups, bug-bounty-tips, bug-bounty, information-disclosure, infosec-write-ups04-Mar-2024
OTP Bypass Via Response Manipulationhttps://medium.com/@maratherao93/otp-bypass-via-response-manipulation-e55352c5c419?source=rss------bug_bounty-5Marathe Raobug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup04-Mar-2024
the Intricacies of WiFi Hackinghttps://medium.com/@paritoshblogs/the-intricacies-of-wifi-hacking-76c404240111?source=rss------bug_bounty-5Paritoshbug-bounty, cybersecurity, hacking, wifi, programming04-Mar-2024
Apa Itu Cyber Kill Chain Dalam Cyber Securityhttps://medium.com/@yasminramadini/apa-itu-cyber-kill-chain-dalam-cyber-security-5e993233615c?source=rss------bug_bounty-5Yasmin Ramadinitryhackme, soc-analyst, indonesia, bug-bounty, cybersecurity04-Mar-2024
Apa Itu Pyramid Of Pain Dalam Cyber Securityhttps://medium.com/@yasminramadini/apa-itu-pyramid-of-pain-dalam-cyber-security-7e08932e8ed9?source=rss------bug_bounty-5Yasmin Ramadinitryhackme, indonesia, bug-bounty, cybersecurity, soc-analyst04-Mar-2024
It assignment helper https://www.fiverr.com/s/QAR93yhttps://medium.com/@drugdirectory96/it-assignment-helper-https-www-fiverr-com-s-qar93y-30e688ba78e9?source=rss------bug_bounty-5Masud Ranajavascript, money, bug-bounty, software-development, bug-bounty-tips04-Mar-2024
My Report Summaries #1: Project manager can see & download all users’ login history at redacted app…https://infosecwriteups.com/my-report-summaries-1-project-manager-can-see-download-all-users-login-history-at-redacted-app-6a41597b5d11?source=rss------bug_bounty-5can1337infosec, bug-bounty, idor, cybersecurity04-Mar-2024
Come diventare un hacker nel 2024https://medium.com/@d0lf1_/come-diventare-un-hacker-nel-2024-493c8c0ced9a?source=rss------bug_bounty-5d0lf1italiano, penetration-testing, google, bug-bounty, hacking04-Mar-2024
11.8 Lab: Exploiting XXE via image file upload | 2024https://cyberw1ng.medium.com/11-8-lab-exploiting-xxe-via-image-file-upload-2024-e2840c3b85f3?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing04-Mar-2024
Simple vulnerability in a Cyber Security conferencehttps://medium.com/@jsamia/simple-vulnerability-in-a-cyber-security-conference-c06a53c6e4b7?source=rss------bug_bounty-5Jaeden Samiasecurity, ethical-hacking, bugs, bug-bounty04-Mar-2024
The Ethics of Bug Bounties: Balancing Incentives and Securityhttps://medium.com/@securelearn/the-ethics-of-bug-bounties-balancing-incentives-and-security-7501a4aaa246?source=rss------bug_bounty-5Rohan Giribug-fixes, bug-bounty-tips, ethical-hacking, cybersecurity, bug-bounty03-Mar-2024
Recently Discovered Several Bugs in a Private Programhttps://zapstiko.medium.com/recently-discovered-several-bugs-in-a-private-program-8dc900bf6fe9?source=rss------bug_bounty-5Raihan Biswasbug-bounty, bugs, idor-vulnerability, information-disclosure, bug-bounty-tips03-Mar-2024
Google Dorking aka “Google Hacking”https://medium.com/@dasmanish6176/google-dorking-aka-google-hacking-49fb5a511345?source=rss------bug_bounty-5Dasmanishgoogle-dork, google-hacking, penetration-testing, bug-bounty03-Mar-2024
PHP Session Poisoning using LFI.https://medium.com/@YNS21/php-session-poisoning-using-lfi-36d7df012777?source=rss------bug_bounty-5Youness Abbidahackerone, bug-bounty, bugcrowd, php, vulnerability03-Mar-2024
Discovered potential SQL injection through parameter testinghttps://medium.com/@pankajnandkar/discovered-potential-sql-injection-through-parameter-testing-0be4364d9b7a?source=rss------bug_bounty-5Pankaj Nandkarbug-bounty-tips, ethical-hacking, sql-injection, bug-bounty, cybersecurity03-Mar-2024
11.7 Lab: Exploiting XInclude to retrieve files | 2024https://cyberw1ng.medium.com/11-7-lab-exploiting-xinclude-to-retrieve-files-2024-2f7751d777fa?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, hacking, cybersecurity03-Mar-2024
Sneak Peek: Mastering Blind SQL Injection with SQLMap and Manual Techniques (CVE-2023–6063)https://medium.com/@josh.beck2006/sneak-peek-mastering-blind-sql-injection-with-sqlmap-and-manual-techniques-cve-2023-6063-af904f61f822?source=rss------bug_bounty-5Josh Beckpenetration-testing, cybersecurity, bug-bounty, oscp03-Mar-2024
Magic Links as Gateways Account Takeovershttps://sl4x0.medium.com/magic-links-as-gateways-account-takeovers-e9c911ceb6f9?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)magic-link, account-takeover, bug-bounty, web-security, pentesting03-Mar-2024
HBO BUB in production. Can’t UNsubscribehttps://medium.com/@shanlogauthier/hbo-bub-in-production-cant-unsubscribe-b0b3982d2292?source=rss------bug_bounty-5Shanlogauthierbug-bounty, max, hbo-max, hbo, bugs03-Mar-2024
Exploiting Grafana To achieve Remote Command Executionhttps://medium.com/@konqi/exploiting-grafana-to-achieve-remote-command-execution-5eb0f99cb107?source=rss------bug_bounty-5Vahagn Israelianhacking, bug-bounty, vulnerability, penetration-testing, grafana02-Mar-2024
the Power of Twitter OSINThttps://medium.com/@paritoshblogs/the-power-of-twitter-osint-059cfaa3b0e2?source=rss------bug_bounty-5Paritoshtwitter, cybersecurity, bug-bounty, threat-intelligence, hacking02-Mar-2024
https://medium.com/@morganbinbash/-46d5d16114c8?source=rss------bug_bounty-5Morgan Bin Bashfrontend, cybersecurity, bug-bounty, pentesting02-Mar-2024
the Power of Twitter OSINThttps://infosecwriteups.com/the-power-of-twitter-osint-059cfaa3b0e2?source=rss------bug_bounty-5Paritoshtwitter, cybersecurity, bug-bounty, threat-intelligence, hacking02-Mar-2024
My first IDOR hunting storyhttps://medium.com/@loverslandgandhi/my-first-idor-hunting-story-42c71fbe06dc?source=rss------bug_bounty-5Loverslandgandhiethical-hacking, bug-bounty-hunter, bug-bounty-tips, cybersecurity, bug-bounty02-Mar-2024
How I Got Highly Sensetive Api Keys On A Private Hackerone Programhttps://medium.com/@mrraghavop12/how-i-got-highly-sensetive-api-keys-on-a-private-hackerone-program-b40c6de80708?source=rss------bug_bounty-5Ethical Raghavcybersecurity, data-science, bug-bounty, technology, web-development02-Mar-2024
Unveiling the Secrets: SSRF Adventures in Microsoft’s AI Playgroundhttps://medium.com/@soufianehabti/unveiling-the-secrets-ssrf-adventures-in-microsofts-ai-playground-26c7872b32fc?source=rss------bug_bounty-5Soufiane Habtibug-bounty, microsoft, security, ai, artificial-intelligence02-Mar-2024
Bypassing the Bluecoat Unified Agenthttps://medium.com/@0xSphinx/bypassing-the-bluecoat-unified-agent-36ada54fe789?source=rss------bug_bounty-50xSphinxhacking, penetration-testing, security, bug-bounty, cybersecurity02-Mar-2024
What is RedTeaming ?https://aboutjbr.medium.com/what-is-redteaming-8699650f4265?source=rss------bug_bounty-5Jbrethical-hacking, bug-bounty, red-team, cybersecurity, hacking02-Mar-2024
bersecurity11.6 Lab: Exploiting blind XXE to retrieve data via error messages | 2024https://cyberw1ng.medium.com/bersecurity11-6-lab-exploiting-blind-xxe-to-retrieve-data-via-error-messages-2024-4b7f1340195a?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, cybersecurity, careers02-Mar-2024
How to hack a LTE Router? Just text it!https://medium.com/@mateusz-msl-lach/how-to-hack-a-lte-router-just-text-it-847f526c0a7f?source=rss------bug_bounty-5Mateusz Lachxss-attack, cybersecurity, cve, bug-bounty, zte02-Mar-2024
My first IDOR hunting storyhttps://hackergandhi.medium.com/my-first-idor-hunting-story-42c71fbe06dc?source=rss------bug_bounty-5hackergandhiethical-hacking, bug-bounty-hunter, bug-bounty-tips, cybersecurity, bug-bounty02-Mar-2024
XML Injection: Deep Divehttps://cyberbull.medium.com/xml-injection-deep-dive-2e6e7132732d?source=rss------bug_bounty-5Aditya Pandeyxml, bug-fixes, injection, bug-bounty, cybersecurity01-Mar-2024
$600 Simple MFA Bypass — Graphqlhttps://securitycipher.medium.com/600-simple-mfa-bypass-graphql-b46c6a4c5b82?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)security, cybersecurity, bug-bounty, technology, hacking01-Mar-2024
XSS : A Fight With The WAFhttps://medium.com/@itsmeliodas/xss-a-fight-with-the-waf-a08a4fc6012c?source=rss------bug_bounty-5Meliodascybersecurity, xss-attack, bug-bounty01-Mar-2024
Understanding Cybersecurity: Safeguarding the Digital Realmhttps://medium.com/@thirdeye1910/understanding-cybersecurity-safeguarding-the-digital-realm-8b36c55bec61?source=rss------bug_bounty-5Rajib Hassenbug-bounty, ethereum, cyberattack, cybersecurity01-Mar-2024
11.5 Lab: Exploiting blind XXE to exfiltrate data using a malicious external DTD | 2024https://infosecwriteups.com/11-5-lab-exploiting-blind-xxe-to-exfiltrate-data-using-a-malicious-external-dtd-2024-a0cc2615cd5e?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, cybersecurity, hacking, security01-Mar-2024
Retrieving SUI Wallet Passphrase and Private Key without Passwordhttps://medium.com/@mgthuramoemyint/retrieving-sui-wallet-passphrase-and-private-key-without-password-8c7ae9d30033?source=rss------bug_bounty-5Thura Moe Myintbug-bounty, security01-Mar-2024
Medium Bug Bounty on Hacker One — Broken Linkhttps://medium.com/bugs-that-bite/medium-bug-bounty-on-hacker-one-broken-link-b121c8896843?source=rss------bug_bounty-5Teri Radichelsecurity, bug-bounty, bugs, medium, hackerone29-Feb-2024
Critical vulnerability in Flask AppBuilder — CVE-2024–25128https://systemweakness.com/critical-vulnerability-in-flask-appbuilder-cve-2024-25128-a8693fb31d86?source=rss------bug_bounty-5ElNiakvulnerability, cybersecurity, flask, bug-bounty, python29-Feb-2024
Version disclosure in headers and response : Security threathttps://medium.com/@zakeeandroid/version-disclosure-in-headers-and-response-security-threat-0b4e86272018?source=rss------bug_bounty-5Mohamed Zakeeapplication-security, bug-bounty, cybersecurity29-Feb-2024
Stored XSS on Bug Bounty Programhttps://medium.com/@bry4nzheng/stored-xss-on-bug-bounty-program-092d6c262c1b?source=rss------bug_bounty-5Bryan Zhengpenetration-testing, cybersecurity, bug-bounty29-Feb-2024
Simple Tips for Bug Bounty Beginners: Finding API Key Leakage Vulnerabilitieshttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-api-key-leakage-vulnerabilities-eddc416216ce?source=rss------bug_bounty-5Anish Narayanbug-bounty-writeup, secure-api-key, bug-bounty-tips, bug-bounty-hunting, bug-bounty29-Feb-2024
How to Excel at CTF Games with Linux Command Line Toolshttps://dpericich.medium.com/how-to-excel-at-ctf-games-with-linux-command-line-tools-a68fba09cbfa?source=rss------bug_bounty-5Daniel Pericichcybersecurity, linux, terminal, bug-bounty, software-engineering29-Feb-2024
How do I found Blind SSRF on a Hackerone Programhttps://codingninjablogs.tech/how-do-i-found-blind-ssrf-on-a-hackerone-program-3f7c315c20c9?source=rss------bug_bounty-5#!/Subhankarcve, hacking, bug-bounty, ssrf, hackerone29-Feb-2024
Horizontal Privilege Escalation Leads to Bountyhttps://medium.com/@hellother18/horizontal-privilege-escalation-leads-to-bounty-f87aebbed8ab?source=rss------bug_bounty-5Manthan_ mahalebugbounty-tips, hackerone, bounty-program, privilege-escalation, bug-bounty29-Feb-2024
11.4 Lab: Blind XXE with out-of-band interaction via XML parameter entities | 2024https://infosecwriteups.com/11-4-lab-blind-xxe-with-out-of-band-interaction-via-xml-parameter-entities-2024-14fbb40ba2f0?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, penetration-testing, cybersecurity, hacking29-Feb-2024
SQL Injection: Beyond ‘OR 1=1’. An iCSI CTFhttps://medium.com/@josh.beck2006/sql-injection-beyond-or-1-1-an-icsi-ctf-b468b1dfa851?source=rss------bug_bounty-5Josh Beckcybersecurity, oscp, bug-bounty, ctf-writeup29-Feb-2024
Authentication Bypass Using Response Manipulationhttps://medium.com/@kundanp70559361/authentication-bypass-using-response-manipulation-c95969e787a8?source=rss------bug_bounty-5kundan prasadscience, cyber-security-awareness, hacking, bug-bounty, cybersecurity29-Feb-2024
Maximizing Bug Bounty Earnings with Burp Suite: Essential Tools and Plugins.https://medium.com/@montymahapatra79/maximizing-bug-bounty-earnings-with-burp-suite-essential-tools-and-plugins-84468c5d969d?source=rss------bug_bounty-5Montymahapatraburpsuite-profissional, burpsuite, bug-bounty, burpsuite-extension, bug-bounty-tips29-Feb-2024
First Bug Bountyhttps://medium.com/@tom.sh/first-bug-bounty-ba6088fc2615?source=rss------bug_bounty-5Tomcybersecurity, bugcrowd, hackerone, bug-bounty, hacking29-Feb-2024
How to find your first XSS vulnerability!!!https://medium.com/@basti_Sec/how-to-find-your-first-xss-vulnerability-a35cb69b2f56?source=rss------bug_bounty-5Basti_Secbug-bounty-hunter, xss-vulnerability, hacking, bug-bounty, xss-attack29-Feb-2024
The Reality of Cloud Hackinghttps://medium.com/@paritoshblogs/the-reality-of-cloud-hacking-8a061059dfcc?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, cloud-computing, cloud-hacking, hacking28-Feb-2024
Email verification bypass leads to create unlimited user accounts with what ever email idhttps://medium.com/@Rahulkrishnan_R_Panicker/email-verification-bypass-leads-to-create-unlimited-user-accounts-with-what-ever-email-id-68a2069185e4?source=rss------bug_bounty-5Rahulkrishnan R Panickertechnology, cybersecurity, hacking, bug-bounty, programming28-Feb-2024
symfony profiler kritik təhlükəsizlik açığı $$$https://memmedrehimzade.medium.com/symfony-profiler-kritik-t%C9%99hl%C3%BCk%C9%99sizlik-a%C3%A7%C4%B1%C4%9F%C4%B1-622ae6495fef?source=rss------bug_bounty-5memmed rehimzadekibertəhlükəsizlik, bug-bounty, cybertime28-Feb-2024
Microsoft Azure Cloud Service’s uAMQP Library Flaw and Its Potential for RCE — CVE-2024–27099…https://medium.com/@elniak/microsoft-azure-cloud-services-uamqp-library-flaw-and-its-potential-for-rce-cve-2024-27099-3d717cdb45f3?source=rss------bug_bounty-5ElNiakvulnerability, bug-bounty, cloud, azure, cybersecurity28-Feb-2024
https://medium.com/@morganbinbash/-af057d8d6788?source=rss------bug_bounty-5Morgan Bin Bashcybersecurity, pentesting, bug-bounty28-Feb-2024
Revolutionize Your Bug Hunting: Jam.dev Turbocharges Bug Reportinghttps://medium.com/@merisstupar11/revolutionize-your-bug-hunting-jam-dev-turbocharges-bug-reporting-2df14351766f?source=rss------bug_bounty-5Meris Stuparbug-bounty, programming, testing, software-engineering, github28-Feb-2024
How do I automate my recon — Part Twohttps://medium.com/@aliraah/how-do-i-automate-my-recon-part-two-b39a66b4c23d?source=rss------bug_bounty-5Aliraahpython, bug-bounty, automation, infosec, reconnaissance28-Feb-2024
Pre-Account Takeover Leading To Broken Access Controlhttps://medium.com/@bcarikci-dev/pre-account-takeover-leading-to-broken-access-control-13916ca02483?source=rss------bug_bounty-5Berkay Çarıkçıoğlubroken-access-control, bug-bounty, cybersecurity, hacking, penetration-testing28-Feb-2024
cybers11.3 Lab: Blind XXE with out-of-band interaction | 2024https://infosecwriteups.com/cybers11-3-lab-blind-xxe-with-out-of-band-interaction-2024-9f2f5caf98ad?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, cybersecurity, penetration-testing, hacking28-Feb-2024
[TOOL GUIDE] Bypass-http a python tool to find 403 & 401 bypasshttps://medium.com/@reinhardt.pwn/tool-guide-bypass-http-a-python-tool-to-find-403-401-bypass-b46ff0bd6978?source=rss------bug_bounty-5|Reinhardt|cybersecurity-tools, cybersecurity, pentest, bug-bounty28-Feb-2024
Yerel bir DTD’yi yeniden kullanarak kör XXE’den yararlanmahttps://medium.com/@hhuseyinuyar17/yerel-bir-dtdyi-yeniden-kullanarak-k%C3%B6r-xxe-den-yararlanma-f999fbbfdd0a?source=rss------bug_bounty-5Hhuseyinuyarxml, burpsuite, injection, bug-bounty, xxe28-Feb-2024
how i make 6,000$ with jwt manipulation on web3 crypto application ?https://medium.com/@zack0x01_/how-i-make-6-000-with-jwt-manipulation-on-web3-crypto-application-1e659c927647?source=rss------bug_bounty-5zack0x01bug-bounty-program, bug-bounty, bug-bounty-tips, bug-bounty-writeup28-Feb-2024
Hack Stories: Hacking Hackers EP:2https://infosecwriteups.com/hack-stories-hacking-hackers-ep-2-b4d2e628781e?source=rss------bug_bounty-5c0d3x27cybersecurity, threat-intelligence, hacking, software-development, bug-bounty28-Feb-2024
First bug and bountyhttps://medium.com/@Rahulkrishnan_R_Panicker/first-bug-and-bounty-5612ba5d455e?source=rss------bug_bounty-5Rahulkrishnan R Panickerinfo-sec-writeups, bug-bounty, programming, technology, infosec27-Feb-2024
Jenkins Arbitrary File Reading Vulnerability (CVE-2024–23897) — Bug Bounty Tuesdayhttps://medium.com/@kerstan/jenkins-arbitrary-file-reading-vulnerability-cve-2024-23897-bug-bounty-tuesday-8e3a69443d9b?source=rss------bug_bounty-5kerstantechnology, bug-bounty, security, cybersecurity, programming27-Feb-2024
Bug Bounty should be a goto solution for your web3 security needshttps://securrtech.medium.com/bug-bounty-should-be-a-goto-solution-for-your-web3-security-needs-46b0f07b1a96?source=rss------bug_bounty-5Securrweb3-security, bug-bounty, web327-Feb-2024
Leak JWT Private Key leads to Bypass Authenticationhttps://sonnguy3n.medium.com/leak-jwt-private-key-leads-to-bypass-authentication-e0bd984f55ad?source=rss------bug_bounty-5Son Nguyensecurity, bypass, bug-bounty, jwt-token27-Feb-2024
Finding and exploiting blind XXE vulnerabilitieshttps://cyberw1ng.medium.com/finding-and-exploiting-blind-xxe-vulnerabilities-446f1f41eab9?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, penetration-testing, careers, bug-bounty27-Feb-2024
Reconnaissance: A Google-Dorking Affairhttps://medium.com/@kieran.x.willey/reconnaissance-a-google-dorking-affair-21edfb4e3b0f?source=rss------bug_bounty-5Kieran Wpenetration-testing, bug-bounty, reconnaissance, hacking, google-dorking27-Feb-2024
How do you know if someone has opened your email or not?https://medium.com/@deadoverflow/how-do-you-know-if-someone-has-opened-your-email-or-not-c5bcefda3a89?source=rss------bug_bounty-5Imad Husanovicbug-bounty, chrome-extension, hacking, programming, cybersecurity27-Feb-2024
Read This If You Still Watch Porn in Google Incognito Mode ⚫https://medium.com/@Ajakcybersecurity/read-this-if-you-still-watch-porn-in-google-incognito-mode-ab4a5faa1dcc?source=rss------bug_bounty-5AjakCybersecuritygoogle, history, ethical-hacking, bug-bounty, cybersecurity27-Feb-2024
CVE-2023–40000: How Safe Is Your Internet Box? ️https://medium.com/coded-tech-talk/cve-2023-40000-how-safe-is-your-internet-box-%EF%B8%8F-06ff1f872f7b?source=rss------bug_bounty-5Coded Conversationscyber-security-awareness, cve, vulnerability, cybersecurity, bug-bounty27-Feb-2024
The Exploitation of Massive Slack Workspaces Registration Vulnerabilityhttps://medium.com/@siratsami71/the-exploitation-of-massive-slack-workspaces-registration-vulnerability-0c0e76e5cd3e?source=rss------bug_bounty-5Sirat Sami (analyz3r)bug-bounty, cybersecurity, hackerone27-Feb-2024
Major Security Flaw in ConnectWise ScreenConnect — CVE-2024–1709https://medium.com/@elniak/major-security-flaw-in-connectwise-screenconnect-cve-2024-1709-633015ba2b9f?source=rss------bug_bounty-5ElNiakcve, cybersecurity, ransomware, bug-bounty, penetration-testing26-Feb-2024
Pwn College — Talking to Web Walkthrough by Karthikeyan Nagarajhttps://infosecwriteups.com/pwn-college-talking-to-web-walkthrough-by-karthikeyan-nagaraj-48d13b3a1216?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, hacking, security, careers26-Feb-2024
This is How I Received My Acknowledgement from Microsofthttps://medium.com/@kamilrahman32/this-is-how-i-received-my-acknowledgement-from-microsoft-2366b58cbd98?source=rss------bug_bounty-5Kamil Rahumanmicrosoft, cybersecurity, hall-of-fame, bug-bounty, bug-bounty-tips26-Feb-2024
Hunting for Hidden Parameters in Burp Suitehttps://medium.com/mii-cybersec/hunting-for-hidden-parameters-in-burp-suite-98b54616f863?source=rss------bug_bounty-5Bryan Matthewhidden-parameters, bug-bounty, burpsuite, red-team, owasp26-Feb-2024
Lakshya CTF 2k24 by pict cyber cellhttps://medium.com/@suyogpatil1810/lakshya-ctf-2k24-by-pict-cyber-cell-6ec37ec0b954?source=rss------bug_bounty-5Suyog Patilctf-writeup, bug-bounty, ctf, engineering, hacking26-Feb-2024
How I Found Xss In A Inactive Hackerone Program With My Mobilehttps://medium.com/@mrraghavop12/how-i-found-xss-in-a-inactive-hackerone-program-34464552256e?source=rss------bug_bounty-5Ethical Raghavbug-bounty-tips, technology, blockchain, bug-bounty, cybersecurity26-Feb-2024
Glider: Revolutionizing Web3 Auditing and Security Analysishttps://medium.com/coinmonks/glider-revolutionizing-web3-auditing-and-security-analysis-3a3ad6add87d?source=rss------bug_bounty-5Officer's Notesbug-bounty, solidity, smart-contracts, dapps, blockchain26-Feb-2024
Hacking Android Apps With Fridahttps://blog.prodefense.io/hacking-android-apps-with-frida-f4b9121228b6?source=rss------bug_bounty-5Matthew Keeleysecurity, pentesting, bug-bounty, android, hacking26-Feb-2024
Html-Injection [ Bug Bounty ]https://medium.com/@rhashibur75/html-injection-bug-bounty-a41f87217118?source=rss------bug_bounty-5Kazi Hashibur Rahmanbug-bounty25-Feb-2024
Create Your Own File Extensionhttps://medium.com/@paritoshblogs/create-your-own-file-extension-fa484c677590?source=rss------bug_bounty-5Paritoshcoding, file-extension, bug-bounty, programming, information-technology25-Feb-2024
Business Logic Error in the Comment Section of a Porn sitehttps://medium.com/@vflexo/business-logic-error-in-the-comment-section-of-a-porn-site-42643f66dfee?source=rss------bug_bounty-5vFlexovapt, cybersecurity, ethical-hacking, bug-bounty, penetration-testing25-Feb-2024
CRLF injectionhttps://medium.com/@R00tendo/crlf-injection-ae26521c5e4c?source=rss------bug_bounty-5R00tendoweb-application-security, bug-bounty, web-security, crlf-injection25-Feb-2024
The Story of How I Hacked a Website with a Simple Stored XSS Payload (And How Bugcrowd Turned Me…https://medium.com/@iamrizwanvp/the-story-of-how-i-hacked-a-website-with-a-simple-stored-xss-payload-and-how-bugcrowd-turned-me-63773d5906ff?source=rss------bug_bounty-5RIZWANbug-bounty-tips, cybersecurity, bug-bounty, penetration-testing, vulnerability25-Feb-2024
I took over 10 Million Accounts, Easy API Hackinghttps://infosecwriteups.com/i-took-over-10-million-accounts-easy-api-hacking-89a7092abe40?source=rss------bug_bounty-5Ravaanbug-bounty, bug-bounty-writeup, api, hacking, cybersecurity25-Feb-2024
Beyond the Wall: Bypassing OTP, WAF, and 403 for exploiting a SQL Injectionhttps://medium.com/@remmy9/beyond-the-wall-bypassing-otp-waf-and-403-for-exploiting-a-sql-injection-97f06a3527c0?source=rss------bug_bounty-5Remmyhacking, 403-bypass, bug-bounty, waf-bypass, sql-injection25-Feb-2024
10.5 Lab: Blind SSRF with out-of-band detection | 2024https://cyberw1ng.medium.com/10-5-lab-blind-ssrf-with-out-of-band-detection-2024-2497bcf7859c?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, security, careers25-Feb-2024
The Aspida Bug Bounty Programhttps://medium.com/@aspidabd/the-aspida-bug-bounty-program-84e4495955c1?source=rss------bug_bounty-5Aspidalsd, lsdfi, blockchain, staking, bug-bounty24-Feb-2024
Best Approach to active Directory: 2https://medium.com/@anekantsinghai/best-approach-to-active-directory-2-b32a8bb2be7e?source=rss------bug_bounty-5Anekant Singhai Jainpenetration-testing, windows, bug-bounty, cybersecurity, active-directory24-Feb-2024
Explaining and exploiting open redirect vulnerabilitieshttps://medium.com/@R00tendo/explaining-and-exploiting-open-redirect-vulnerabilities-67dd825e2c49?source=rss------bug_bounty-5R00tendoopen-redirect, web-security, bug-bounty, web-application-security, web-hacking24-Feb-2024
How I Got $5,000 for Out-of-Scope XSShttps://7odamoo.medium.com/how-i-got-5-000-for-out-of-scope-xss-f96938a8c561?source=rss------bug_bounty-5Mahmoud Hamed (7odamoo)bug-bounty-tips, bug-bounty, pentesting24-Feb-2024
Ethernaut Challenge Level 16: Solution (Preservation)https://shubhamnagar1.medium.com/ethernaut-challenge-level-16-solution-preservation-4403230b469c?source=rss------bug_bounty-5Shubham Nagarsolidity, blockchain, cybersecurity, bug-bounty, ethernaut24-Feb-2024
Bypass Rate Limits on authentication endpoints like a pro………!https://medium.com/@a13h1/bypass-rate-limits-on-authentication-endpoints-like-a-pro-2054460a43c0?source=rss------bug_bounty-5Abhi Sharmaprogramming, rate-limiting, api, cybersecurity, bug-bounty24-Feb-2024
10.4 Lab: SSRF with filter bypass via open redirection vulnerability | 2024https://cyberw1ng.medium.com/10-4-lab-ssrf-with-filter-bypass-via-open-redirection-vulnerability-2024-fa36d8f10968?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, security, bug-bounty, hacking24-Feb-2024
How i was able to hack over 10 million websites using BAC : broken access controle .https://medium.com/@zack0x01_/how-i-was-able-to-hack-over-10-million-websites-using-bac-broken-access-controle-ce6b704e3dcb?source=rss------bug_bounty-5zack0x01hacking-training, bug-bounty-tips, bug-bounty, bug-bounty-writeup, hacking23-Feb-2024
How Automation Detected Default Admin Credential Worth $500https://vijetareigns.medium.com/how-automation-detected-default-admin-credential-worth-500-d6c09719d307?source=rss------bug_bounty-5the_unlucky_guybug-bounty-tips, bug-bounty-writeup, bug-bounty, bugbounty-writeup, cybersecurity23-Feb-2024
Shodan - “Unauthorized access to setup panel”https://medium.com/@bug.hun3r/shodan-power-unauthorized-access-to-setup-panel-c64bd63f9b3e?source=rss------bug_bounty-5mo9kHu93rhacking, web-application-security, bug-hunting, cybersecurity, bug-bounty23-Feb-2024
10.3 Lab: SSRF with blacklist-based input filter | 2024https://cyberw1ng.medium.com/10-3-lab-ssrf-with-blacklist-based-input-filter-2024-9a7972ab7e8f?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, careers, hacking, bug-bounty23-Feb-2024
From CRLF Injection to XSS: Elevating the Stakes in Apple iTunes Securityhttps://xelkomy.medium.com/from-crlf-injection-to-xss-elevating-the-stakes-in-apple-itunes-security-597dc435fd82?source=rss------bug_bounty-5Khaled Mohamedcrlf, infosec, bug-bounty, penetration-testing, xs23-Feb-2024
Unveiling Bug Bounties: Balancing the Scale of Application Securityhttps://sushantkatare.medium.com/unveiling-bug-bounties-balancing-the-scale-of-application-security-be5645395101?source=rss------bug_bounty-5Sushant Katare, CISSPbug-bounty, vulnerability, bugs23-Feb-2024
Hacking Web Meeting/Webinar Apphttps://ronak-9889.medium.com/hacking-web-meeting-webinar-app-1cb31c648752?source=rss------bug_bounty-5Ronak Patelinformation-security, ethical-hacking, cybersecurity, bug-bounty23-Feb-2024
A Pen worth 80K (BBP#2)https://infosecwriteups.com/a-pen-worth-80k-bbp-2-dceb0db18366?source=rss------bug_bounty-5Devender Raopenetration-testing, cybersecurity, bug-bounty, application-security, linux23-Feb-2024
How I Got 1-Click ATO through self-XSShttps://medium.com/@0x3adly/how-i-was-able-to-get-1-click-ato-through-self-xss-6a6f59b3a6da?source=rss------bug_bounty-5Anas Eladly ( 0x3adly )bug-bounty, csrf, penetration-testing, cross-site-scripting, bug-bounty-tips22-Feb-2024
Disclose assigned apps of any facebook userhttps://gtm0x01.medium.com/disclose-assigned-apps-of-any-facebook-user-e78bcff1de71?source=rss------bug_bounty-5Gtm Mänôzbug-bounty, graphql, facebook-bug-bounty, bug-bounty-writeup, infosec22-Feb-2024
IDOR: The Simple Switchhttps://medium.com/@ganga_/idor-the-simple-switch-19d881358552?source=rss------bug_bounty-5Gangaethical-hacking, bug-bounty-writeup, bug-bounty, web-application-security, penetration-testing22-Feb-2024
How To Report a Vulnerability which is not a part of the VDP Program?https://medium.com/@Ajakcybersecurity/how-to-report-a-vulnerability-which-is-not-a-part-of-the-vdp-program-b7b951795c45?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, penetration-testing, bug-bounty, hacking, blog22-Feb-2024
HTTP-Only Sessions: No Problem? ATO Still Lurks via XSS!https://kokomagedd.medium.com/http-only-sessions-no-problem-ato-still-lurks-via-xss-d415dec701d0?source=rss------bug_bounty-5Kyrillos Magedbug-bounty, bug-bounty-tips, xss-attack, cybersecurity, infosec22-Feb-2024
Mastering BetterCap: A Beginner’s Guide to Network Attacks and Monitoringhttps://infosecwriteups.com/mastering-bettercap-a-beginners-guide-to-network-attacks-and-monitoring-b313c1f85489?source=rss------bug_bounty-5ElNiakbug-bounty, cybersecurity, reconnaissance, network-security, bettercap22-Feb-2024
Exploiting XSS to Perform CSRFhttps://medium.com/@marduk.i.am/exploiting-xss-to-perform-csrf-275288910459?source=rss------bug_bounty-5Marduk I Amstored-xss, cybersecurity, bug-bounty, portswigger-lab, cross-site-scripting22-Feb-2024
How I logged into user accounts with no informationhttps://medium.com/@jsamia/how-i-logged-into-user-accounts-with-no-information-629f50e8885d?source=rss------bug_bounty-5Jaeden Samiasecurity, ethical-hacking, bug-bounty22-Feb-2024
Using Wayback And DNS rebinding For SSRFhttps://medium.com/@amnotacat/using-wayback-and-dns-rebinding-for-ssrf-a5a16f611acc?source=rss------bug_bounty-5amnotacatbug-bounty22-Feb-2024
Exploit Development: Classic Buffer Overflowshttps://medium.com/@boogsta/exploit-development-classic-buffer-overflows-0416a7ed1d9a?source=rss------bug_bounty-5Boogstacyber, hacking, bug-bounty, tryhackme, cybersecurity22-Feb-2024
Hack The Box Certified Bug Bounty Hunter (CBBH) Reviewhttps://medium.com/@josselin_poupeney/hack-the-box-certified-bug-bounty-hunter-cbbh-review-f25796cb22ee?source=rss------bug_bounty-5Josselin Poupeneybug-bounty, pentesting, hackin, cbbh, hackthebox22-Feb-2024
How Bug Bounties Are Incentivising Ethical Hackinghttps://medium.com/@cybertec/how-bug-bounties-are-incentivising-ethical-hacking-1fa49410e0aa?source=rss------bug_bounty-5Jonathan Paulsonbug-bounty, hacking, cybercrime, cybersecurity, quantum-computing22-Feb-2024
Absolute Beginners Guide For Finding P4 Bugs (With Real Example!)-Part 2https://medium.com/@avbhijitdutta99/absolute-beginners-guide-for-finding-p4-bugs-with-real-example-part-2-c4a9d9c7af43?source=rss------bug_bounty-5Cyberbeatbugs, cybersecurity, cyberattack, bug-bounty, bug-bounty-tips21-Feb-2024
10 Kesalahan Coding Yang Membuat Aplikasi Kurang Amanhttps://medium.com/@yasminramadini/10-kesalahan-coding-yang-membuat-aplikasi-kurang-aman-77da9d768594?source=rss------bug_bounty-5Yasmin Ramadiniprogramming, cybersecurity, cyber-security-awareness, coding, bug-bounty21-Feb-2024
Understanding Wazuhhttps://medium.com/@paritoshblogs/understanding-wazuh-b4748d21c6ba?source=rss------bug_bounty-5Paritoshthreat-detection, siem, cybersecurity, bug-bounty, wazuh21-Feb-2024
Bug bounty writeup : 2F/OTP Bypass on Registeration via Response manipulationhttps://noorhomaid.medium.com/bug-bounty-writeup-2f-otp-bypass-on-registeration-via-response-manipulation-2e53573ffa4c?source=rss------bug_bounty-5NoorHomaidbug-bounty, ethical-hacking, bugbounty-writeup, cybersecurity21-Feb-2024
9.5 Lab: Exploiting time-sensitive vulnerabilities | 2024https://infosecwriteups.com/9-5-lab-exploiting-time-sensitive-vulnerabilities-2024-d5bf94cdcf59?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, security, hacking, cybersecurity21-Feb-2024
Critical Vulnerabilities in VMware EAP Uncovered — Unraveling CVE-2024–22245https://medium.com/@elniak/critical-vulnerabilities-in-vmware-eap-uncovered-unraveling-cve-2024-22245-08746ff09907?source=rss------bug_bounty-5ElNiakvulnerability, programming, bug-bounty, vmware, cybersecurity21-Feb-2024
This is the easiest bug you can find right now.https://medium.com/@an0nbil/this-is-the-easiest-bug-you-can-find-right-now-eb324861c238?source=rss------bug_bounty-5an0nbilethical-hacking, bug-bounty, programming, bug-bounty-tips, cybersecurity21-Feb-2024
Critical Vulnerabilities in VMware EAP Uncovered — Unraveling CVE-2024–22245https://systemweakness.com/critical-vulnerabilities-in-vmware-eap-uncovered-unraveling-cve-2024-22245-08746ff09907?source=rss------bug_bounty-5ElNiakvulnerability, programming, bug-bounty, vmware, cybersecurity21-Feb-2024
9.4 Lab: Single-endpoint race conditions | 2024https://cyberw1ng.medium.com/9-4-lab-single-endpoint-race-conditions-2024-40b12d1ae4be?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, security, careers, cybersecurity, hacking20-Feb-2024
Apa Itu Cross Site Scripting? Jenis, Dampak, Dan Pencegahannyahttps://medium.com/@yasminramadini/apa-itu-cross-site-scripting-jenis-dampak-dan-pencegahannya-e507eedb43f8?source=rss------bug_bounty-5Yasmin Ramadinicybersecurity, xss-attack, pentesting, cyber-security-awareness, bug-bounty20-Feb-2024
My Unbelievable Hack into HR Admin — A Bug Bounty Tale!!!https://medium.com/@ratnadip1998/my-unbelievable-hack-into-hr-admin-a-bug-bounty-tale-853338770d8c?source=rss------bug_bounty-5Ratnadip Gajbhiyebugcrowd, ethical-hacking, bug-bounty, bug-bounty-tips, hackerone20-Feb-2024
Hou I Discovering the Origin IP In Bug Bounty — Bug Bounty Tuesdayhttps://medium.com/@kerstan/hou-i-discovering-the-origin-ip-in-bug-bounty-bug-bounty-tuesday-47fa16c4ef34?source=rss------bug_bounty-5kerstansecurity, technology, bug-bounty, cybersecurity, programming20-Feb-2024
How I Discovering the Origin IP In Bug Bounty — Bug Bounty Tuesdayhttps://medium.com/@kerstan/hou-i-discovering-the-origin-ip-in-bug-bounty-bug-bounty-tuesday-47fa16c4ef34?source=rss------bug_bounty-5kerstansecurity, technology, bug-bounty, cybersecurity, programming20-Feb-2024
Breach the Build: Exploiting Jenkins (CVE-2024–23897)https://medium.com/@josh.beck2006/breach-the-build-exploiting-jenkins-cve-2024-23897-f2ecc415f9bf?source=rss------bug_bounty-5Josh Beckoscp, cybersecurity, ctf-writeup, bug-bounty20-Feb-2024
How easy it is to find Private Info on Googlehttps://medium.com/@lochana8723/mastering-osint-gold-mines-a-guide-to-google-dorking-for-bug-bounty-success-e1f2acbbf4f2?source=rss------bug_bounty-5Lochana Dissanayakecybersecurity, ethical-hacking, bug-bounty, osint20-Feb-2024
Response Manipulation leads to Bypassing the OTP email verificationhttps://kiraadx.medium.com/response-manipulation-leads-to-bypassing-the-otp-email-verification-3107d558e8a5?source=rss------bug_bounty-5KiRaaDxbug-bounty-tips, bug-bounty20-Feb-2024
Day 14 Bug Bounty Challenge — Found $1000 Stored XSShttps://medium.com/@avbhijitdutta99/day-14-bug-bounty-challenge-found-1000-stored-xss-c0c9813bbe5a?source=rss------bug_bounty-5Abhijit Duttabug-bounty, bugbountychallenge, bug-bounty-tips, bug-bounty-writeup19-Feb-2024
9.3 Lab: Multi-endpoint race conditions | 2024https://cyberw1ng.medium.com/9-3-lab-multi-endpoint-race-conditions-2024-5617e806a0fc?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, bug-bounty, careers, hacking19-Feb-2024
HackTheBox — Monitoredhttps://medium.com/@mxzartxbyte/hackthebox-monitored-6cd7bc16f080?source=rss------bug_bounty-5mxz4rtbug-bounty, penetration-testing, network-penetration, hackthebox-writeup, hack-the-box-writeup19-Feb-2024
The Ultimate Guide to Top Bug Bounty Platforms in 2024https://medium.com/@crawsecurity/the-ultimate-guide-to-top-bug-bounty-platforms-in-2024-6934a3db42d2?source=rss------bug_bounty-5crawsecuritybugs, bug-fixes, bug-bounty-tips, bug-zero, bug-bounty19-Feb-2024
Unlocking Creativity: TCS HackQuest S8 Unveiled — Round 2https://medium.com/@Dark_D3v1l/unlocking-creativity-tcs-hackquest-s8-unveiled-round-2-a311e68becd4?source=rss------bug_bounty-5Ravitejaweb-security, ctf-writeup, bug-bounty, reverse-engineering, tcs-hackquest19-Feb-2024
How to Find First Bug (For Beginners)https://hackerhq.medium.com/how-to-find-first-bug-for-beginners-22a9177e94a0?source=rss------bug_bounty-5HackerHQcyber-security-awareness, bug-bounty-tips, cybersecurity, hackerone, bug-bounty19-Feb-2024
Android Architecture Components: Android Pentestinghttps://bot2root.medium.com/android-architecture-components-android-pentesting-1279e35c2d32?source=rss------bug_bounty-5Raghuveer Singh Chouhanpentesting, bug-bounty, hacking, cybersecurity, android19-Feb-2024
Searching industrial infrastructure with Netlas.iohttps://netlas.medium.com/searching-industrial-infrastructure-with-netlas-io-49c08ca519a2?source=rss------bug_bounty-5Netlas.iobug-bounty, critical-infrastructure, penetration-testing, cybersecurity, information-security19-Feb-2024
Absolute Beginners Guide For Finding P4 Bugs -Part 1https://medium.com/@avbhijitdutta99/absolute-beginners-guide-for-finding-p4-bugs-part-1-5585cc94ac8b?source=rss------bug_bounty-5Cyberbeatbug-bounty-hunter, bug-bounty-tips, bug-bounty-program, bug-bounty19-Feb-2024
Dorking-Pentesting: Create Your Own Automated Pentesting Toolshttps://medium.com/@elniak/dorking-pentesting-create-your-own-automated-pentesting-tools-11134114c2b7?source=rss------bug_bounty-5ElNiaktools, bug-bounty, python, penetration-testing, google19-Feb-2024
Web Cache Poisoing leads to ATO (Account takeover)https://medium.com/@hoosgamer/web-cache-poisoing-leads-to-ato-account-takeover-2522b4583a97?source=rss------bug_bounty-5HooShacking, bug-bounty-tips, bug-bounty, bug-bounty-writeup, web-security19-Feb-2024
Apa Itu Security Operation Center (SOC)https://medium.com/@yasminramadini/apa-itu-security-operation-center-soc-345f56cd85f3?source=rss------bug_bounty-5Yasmin Ramadinipentesting, bug-bounty, cybersecurity, soc-analyst, ethical-hacking18-Feb-2024
HackTheBox — SQLMap Essentialshttps://medium.com/@harry.hphu/hackthebox-sqlmap-essentials-72eaa7a13596?source=rss------bug_bounty-5Huy Phuweb-application-security, bug-bounty, sql, hackthebox18-Feb-2024
Introduction to API Testing — API Discovery and Interactionhttps://medium.com/@harry.hphu/introduction-to-api-testing-api-discovery-and-interaction-705248fc089e?source=rss------bug_bounty-5Huy Phuapi, bug-bounty, web-application-security, api-testing18-Feb-2024
Introduction to API Testing — Reconnaissancehttps://medium.com/@harry.hphu/introduction-to-api-testing-reconnaissance-7b471f4f4e73?source=rss------bug_bounty-5Huy Phuweb-application-security, api-testing, api, bug-bounty18-Feb-2024
Easy automation of bug bounty using Ethredhttps://medium.com/@eyaalgabay/automate-bug-bounty-using-ethred-de042fb19926?source=rss------bug_bounty-5Eyaalgabaypenetration-testing, bug-bounty, web-security, bugbounty-tips, hacking18-Feb-2024
My New Tool For Information Findinghttps://medium.com/@mrraghavop12/my-new-tool-for-information-finding-92a205a6e305?source=rss------bug_bounty-5Ethical Raghavdata-science, bug-bounty-tips, programming, bug-bounty, technology18-Feb-2024
Introduction to API Testing — Server-Side Parameter Pollutionhttps://medium.com/@harry.hphu/introduction-to-api-testing-server-side-parameter-pollution-52dc5c170d19?source=rss------bug_bounty-5Huy Phuweb-application-security, api, api-testing, bug-bounty18-Feb-2024
Introduction to API Testing — Mass Assignment vulnerabilitieshttps://medium.com/@harry.hphu/introduction-to-api-testing-mass-assignment-vulnerabilities-1643f75d1d20?source=rss------bug_bounty-5Huy Phuweb-application-security, api-testing, api, bug-bounty18-Feb-2024
Exploiting Cross-Site Scripting to Capture Passwordshttps://medium.com/@marduk.i.am/exploiting-cross-site-scripting-to-capture-passwords-b2cda84698b0?source=rss------bug_bounty-5Marduk I Amcybersecurity, cross-site-scripting, portswigger-lab, bug-bounty, stored-xss18-Feb-2024
9.2 Lab: Bypassing rate limits via race conditions | 2024https://cyberw1ng.medium.com/9-2-lab-bypassing-rate-limits-via-race-conditions-2024-533185d6d94e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, secuity, hacking18-Feb-2024
PortSwigger — LAB-6 Remote code execution via polyglot web shell upload (Bug Bounty Prep)[by…https://infosecwriteups.com/portswigger-lab-6-remote-code-execution-via-polyglot-web-shell-upload-bug-bounty-prep-by-b426b0d50d39?source=rss------bug_bounty-5dollarboysushilcybersecurity, ethical-hacking, portswigger, web-app-security, bug-bounty18-Feb-2024
Open a link, and your Wi-Fi password is changed.https://medium.com/@deadoverflow/open-a-link-and-your-wi-fi-password-is-changed-7c47ccb4d095?source=rss------bug_bounty-5Imad Husanovichacking, cybersecurity, programming, bug-bounty, bug-bounty-tips18-Feb-2024
Detecting and exploiting limit overrun race conditions with Turbo Intruderhttps://cyberw1ng.medium.com/detecting-and-exploiting-limit-overrun-race-conditions-with-turbo-intruder-424bed12f2cf?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, hacking, security, bug-bounty17-Feb-2024
0Day SQLi Discovered during internal PenTestinghttps://medium.com/@SentinelXTeam/0day-sqli-discovered-during-internal-pentesting-0d00db3147c5?source=rss------bug_bounty-5SentinelX Researchbug-bounty, exploitation, cybersecurity, bug-bounty-tips, 0day17-Feb-2024
Mengintip database Website Bimbel di Indonesiahttps://uzet.medium.com/mengintip-database-website-bimbel-di-indonesia-1d3620ce438d?source=rss------bug_bounty-5Timotius Benhurpentesting, web-security, bug-bounty-tips, bug-bounty17-Feb-2024
How much longer must we dwell, with W-S-D-L?https://medium.com/illumination/how-much-longer-must-we-dwell-with-w-s-d-l-789eb659b77a?source=rss------bug_bounty-5Quintius Walkerbug-bounty, poetry, web-development, creative-writing, hacking17-Feb-2024
PortSwigger — LAB -4 Web shell upload via extension blacklist bypass (Bug Bounty Prep)[by…https://infosecwriteups.com/portswigger-lab-4-web-shell-upload-via-extension-blacklist-bypass-bug-bounty-prep-by-7c6233320f81?source=rss------bug_bounty-5dollarboysushilweb-app-security, portswigger, cybersecurity, bug-bounty, file-upload-vulnerability17-Feb-2024
weird bug using fake id via photoshop worth $***https://hamzadzworm.medium.com/weird-bug-using-fake-id-via-photoshop-worth-1fe5dbd04497?source=rss------bug_bounty-5Hamzadzwormbugbounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips, infosec17-Feb-2024
PortSwigger — LAB-5 Web shell upload via obfuscated file extension (Bug Bounty Prep)[by…https://dollarboysushil.medium.com/portswigger-lab-5-web-shell-upload-via-obfuscated-file-extension-bug-bounty-prep-by-5232dd3fb8fa?source=rss------bug_bounty-5dollarboysushilportswigger, cybersecurity, bug-bounty, ethical-hacking, web-app-security17-Feb-2024
Harnessing Microsoft Copilot as a Cybersecurity Advisorhttps://infosecwriteups.com/harnessing-microsoft-copilot-as-a-cybersecurity-advisor-518c46f697b3?source=rss------bug_bounty-5Paritoshmicrosoft, cybersecurity, bug-bounty, information-security, microsoft-copilot17-Feb-2024
Demystifying HTTP Request Smuggling: Detection to Exploitationhttps://roadtooscp.medium.com/demystifying-http-request-smuggling-detection-to-exploitation-d6bc7beed73e?source=rss------bug_bounty-5RoadToOSCPbug-bounty, owasp, bug-bounty-tips, pentesting, ethical-hacking17-Feb-2024
GitHub Recon- For Finding Sensitive Informationhttps://medium.com/@pawan_rawat/github-recon-for-finding-sensitive-information-aecdeb9c9dce?source=rss------bug_bounty-5Pawanrawatgithub-recon, bug-bounty-writeup, sensitive-data-exposure, bug-bounty-tips, bug-bounty17-Feb-2024
How do I automate my recon — Part Onehttps://medium.com/@aliraah/how-do-i-automate-my-recon-part-one-fd17dc8717c8?source=rss------bug_bounty-5Alipython, reconnaissance, automation, bash, bug-bounty17-Feb-2024
The Unseen 0-Click Threat Lurking in Your Inbox: CVE-2024–21413 Explainedhttps://systemweakness.com/the-unseen-0-click-threat-lurking-in-your-inbox-cve-2024-21413-explained-a8bd9ec0c46d?source=rss------bug_bounty-5ElNiakvulnerability, cybersecurity, microsoft-outlook, bug-bounty, rce17-Feb-2024
Hacking the Dutch Governmenthttps://medium.com/@jackson_80133/hacking-the-dutch-government-153678a191c0?source=rss------bug_bounty-5Jacksoncybersecurity, hacking, bug-bounty17-Feb-2024
MonikerLink Meltdown: Demystifying CVE-2024–21413 and Dodging Outlook’s Booby Traphttps://medium.com/@chinamayjoshi/monikerlink-meltdown-demystifying-cve-2024-21413-and-dodging-outlooks-booby-trap-43ba52c4b458?source=rss------bug_bounty-5The Cyber Tornadoinformation-security, microsoft, vapt, cybersecurity, bug-bounty17-Feb-2024
The Importance of Sharing Cybersecurity Knowledge on Reading Platformshttps://medium.com/@paritoshblogs/the-importance-of-sharing-cybersecurity-knowledge-on-reading-platforms-34a474a51522?source=rss------bug_bounty-5Paritoshinformation-security, infosec, hacking, cybersecurity, bug-bounty16-Feb-2024
Researcher’s Experience — Bug Bounty Programhttps://medium.com/@_crac/researchers-experience-bug-bounty-program-7d588c363fa6?source=rss------bug_bounty-5CRAC Learningbug-bounty, security, research, cybersecurity16-Feb-2024
GitHub Enterprise Server vulnshttps://irsl.medium.com/github-enterprise-server-vulns-26889987919c?source=rss------bug_bounty-5Imre Radsecurity, github, bug-bounty16-Feb-2024
Windows Defender SmartScreen Vulnerability: CVE-2024–21412 Exposes Financial Traders to…https://systemweakness.com/windows-defender-smartscreen-vulnerability-cve-2024-21412-exposes-financial-traders-to-a03ff476a293?source=rss------bug_bounty-5ElNiakwindows, bug-bounty, cybersecurity, vulnerability, malware16-Feb-2024
Mastering Cross-Site Scripting (XSS): Risks, Detection, and Preventionhttps://medium.com/@elniak/mastering-cross-site-scripting-xss-risks-detection-and-prevention-3cee199d2fff?source=rss------bug_bounty-5ElNiakcybersecurity, xss-attack, bug-bounty, programming, xss-vulnerability16-Feb-2024
Mastering SQLMap: A Comprehensive Guide for Cybersecurity Enthusiastshttps://medium.com/@elniak/mastering-sqlmap-a-comprehensive-guide-for-cybersecurity-enthusiasts-4e224b42396a?source=rss------bug_bounty-5ElNiaksqlmap, programming, cybersecurity, sql-injection, bug-bounty16-Feb-2024
Guide: ProjectDiscovery’s cvemap to nuclei template mapping.https://medium.com/@matejsmycka/guide-projectdiscoverys-cvemap-to-nuclei-template-mapping-5535c2934811?source=rss------bug_bounty-5Matejsmyckacybersecurity, bug-bounty, bash, penetration-testing16-Feb-2024
My First Account Takeover Via Password Reset Poisoninghttps://medium.com/@cyberpro151/my-first-account-takeover-via-password-reset-poisoning-7c35baadfbe3?source=rss------bug_bounty-5cyberpro151web-hacking, bug-bounty, pentesting, account-takeover, offensive-security16-Feb-2024
Mastering Manual SQL Injection: A Comprehensive Guide for Cybersecurity Enthusiastshttps://systemweakness.com/mastering-manual-sql-injection-a-comprehensive-guide-for-cybersecurity-enthusiasts-4541d46b42a7?source=rss------bug_bounty-5ElNiaksql-injection, cybersecurity, sql, programming, bug-bounty16-Feb-2024
The Posemesh Avalanche C-Chain Bug Bounty Programhttps://medium.com/posemesh/the-posemesh-avalanche-c-chain-bug-bounty-program-b34c01da1277?source=rss------bug_bounty-5Auki Labsbug-bounty, auki-labs, avalanche, posemesh, blockchain16-Feb-2024
Mastering CSRF: A Comprehensive Guide to Cross-Site Request Forgeryhttps://medium.com/@elniak/mastering-csrf-a-comprehensive-guide-to-cross-site-request-forgery-a380aca0eab0?source=rss------bug_bounty-5ElNiakweb-development, programming, csrf, cybersecurity, bug-bounty16-Feb-2024
8.6 Lab: Remote code execution via polyglot web shell upload | 2024https://cyberw1ng.medium.com/8-6-lab-remote-code-execution-via-polyglot-web-shell-upload-2024-5646ef951c0b?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, security, careers, bug-bounty16-Feb-2024
how i made easy information disclosure bugs in graphqlhttps://medium.com/@eyaalgabay/how-i-made-easy-information-disclosure-bugs-in-graphql-82284b05d7b4?source=rss------bug_bounty-5Eyaalgabaypenetration-testing, bug-bounty, bug-bounty-tips, web-security, hacking16-Feb-2024
Bypassing Captchahttps://medium.com/@eyaalgabay/bypassing-captcha-29a77c768469?source=rss------bug_bounty-5Eyaalgabaybug-bounty, web-security, penetration-testing, hacking, bug-bounty-tips15-Feb-2024
The Rise of Large Language Models and the Evolution of Programming: A Thesis on Prompt…https://analystlevy.medium.com/the-rise-of-large-language-models-and-the-evolution-of-programming-a-thesis-on-prompt-3ab81578408a?source=rss------bug_bounty-5Asuquo Levy Eyo Jrcybercrime, cryptography, bug-bounty, cyber-security-awareness, black-hat-202115-Feb-2024
The Game-Changing Magic of RCE [Cybersecurity]https://medium.com/@paritoshblogs/the-game-changing-magic-of-rce-cybersecurity-6e1468425e06?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, cybersecurity, information-security, rce15-Feb-2024
Account Takeover [It Looked Secure at First]https://cristivlad.medium.com/account-takeover-it-looked-secure-at-first-f14a31cb7f5c?source=rss------bug_bounty-5Cristi Vladcybersecurity, bug-bounty, penetration-testing, infosec, pentesting15-Feb-2024
Github Dorking: A Beginner’s Guide to Finding Secrets in Repositorieshttps://medium.com/@elniak/github-dorking-a-beginners-guide-to-finding-secrets-in-repositories-2d4d36287913?source=rss------bug_bounty-5ElNiakthreat-intelligence, github, cybersecurity, github-dorking, bug-bounty15-Feb-2024
8.5 Lab: Web shell upload via obfuscated file extension | 2024https://cyberw1ng.medium.com/8-5-lab-web-shell-upload-via-obfuscated-file-extension-2024-0cb8b3e1e537?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, security, bug-bounty, cybersecurity15-Feb-2024
Portswigger — Command Injection All Labs Walkthrough(Bug Bounty Prep)[by dollarboysushil]https://infosecwriteups.com/portswigger-command-injection-all-labs-walkthrough-bug-bounty-prep-by-dollarboysushil-e836421212cf?source=rss------bug_bounty-5dollarboysushilcybersecurity, command-injection, bug-bounty, ethical-hacking, portswigger15-Feb-2024
HTML Injection in Mail BOXhttps://codingninjablogs.tech/html-injection-in-mail-box-c963a8c66d69?source=rss------bug_bounty-5#!/Subhankarhtml-injection, hackerone, hacking, bug-bounty15-Feb-2024
Edu-Hack: How a Simple Request Compromised Entire Classrooms Usershttps://uchihamrx.medium.com/edu-hack-how-a-simple-request-compromised-entire-classrooms-users-7cefc1225654?source=rss------bug_bounty-5Abdelrhman Aminbug-bounty-tips, cybersecurity, web-security, bug-bounty, penetration-testing15-Feb-2024
Behind the Screen: The Forgotten Password Feature That Almost Failed Ushttps://medium.com/@elcapitano7x/behind-the-screen-the-forgotten-password-feature-that-almost-failed-us-a3e67e103cc5?source=rss------bug_bounty-5Elcapitanobugswagger, bugsbounty, penetration-testing, information-security, bug-bounty15-Feb-2024
The effectiveness of employing BChecks to uncover significant secretshttps://xelkomy.medium.com/the-effectiveness-of-employing-bchecks-to-uncover-significant-secrets-788e15a8a952?source=rss------bug_bounty-5Khaled Mohamedsecrets, bug-bounty, bugswagger, cybersecurity, penetration-testing15-Feb-2024
Magic No More: Exposing Flaws in Magic Link Authenticationhttps://medium.com/@elcapitano7x/magic-no-more-exposing-flaws-in-magic-link-authentication-7cede724382f?source=rss------bug_bounty-5Elcapitanobug-bounty, penetration-testing, cybersecurity, bugswagger, information-security15-Feb-2024
Stored XSS with HTTP only Session Cookieshttps://medium.com/techiepedia/stored-xss-with-http-only-session-cookies-32e5eb121384?source=rss------bug_bounty-5Jessprogramming, website, security, web-development, bug-bounty15-Feb-2024
CVE-2024–24142 Exploitation & PoChttps://medium.com/@SentinelXTeam/cve-2024-24142-exploitation-poc-045021596804?source=rss------bug_bounty-5SentinelX Researchpenetration-testing, cybersecurity, hacking, bug-bounty, bug-bounty-tips15-Feb-2024
open redirect using homographshttps://medium.com/@eyaalgabay/open-redirect-using-homographs-ab2c21513b45?source=rss------bug_bounty-5Eyaalgabaybug-bounty-tips, penetration-testing, bug-bounty, open-redirect, web-hacking14-Feb-2024
Exploiting Cross-Site Scripting to Steal Cookieshttps://medium.com/@marduk.i.am/exploiting-cross-site-scripting-to-steal-cookies-3d14c8b42fae?source=rss------bug_bounty-5Marduk I Amcross-site-scripting, cybersecurity, portswigger-lab, xss-attack, bug-bounty14-Feb-2024
THIS IS HOW I FOUND FOUR VULNERABLILITY IN 45 MINUTEShttps://medium.com/@mrraghavop12/this-is-how-i-found-four-vulnerablility-in-45-minutes-050144a58161?source=rss------bug_bounty-5Ethical Raghavbug-bounty, blockchain, technology, bug-bounty-tips, cybersecurity14-Feb-2024
Portswigger — Path Traversal All Labs Walkthrough(Bug Bounty Prep)[by dollarboysushil]https://infosecwriteups.com/portswigger-path-traversal-all-labs-walkthrough-bug-bounty-prep-by-dollarboysushil-85ab64d6106a?source=rss------bug_bounty-5dollarboysushilbug-bounty, web-security, path-traversal, ethical-hacking, portswigger14-Feb-2024
How I was able to hack my college’s website with number of IDORs and CORS Misconfigurationshttps://medium.com/@cyberpro151/how-i-was-able-to-hack-my-colleges-website-with-number-of-idors-and-cors-misconfigurations-0f880d308b79?source=rss------bug_bounty-5cyberpro151hacking, web-hacking, bug-bounty, idor14-Feb-2024
GMX V1 Bug Disclosure.https://morphex.medium.com/gmx-v1-bug-disclosure-71e4ad9a918e?source=rss------bug_bounty-5Morphexdefi, bug-bounty, cryptocurrency14-Feb-2024
8.4 Lab: Web shell upload via extension blacklist bypass | 2024https://cyberw1ng.medium.com/8-4-lab-web-shell-upload-via-extension-blacklist-bypass-2024-2010bcaa283c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, security, hacking, bug-bounty, cybersecurity14-Feb-2024
A Journey through Reconnaissance to MySQL Server Access in the Gaming Realmhttps://medium.com/@daniel1895/a-journey-through-reconnaissance-to-mysql-server-access-in-the-gaming-realm-ce6a6f4eb21c?source=rss------bug_bounty-5Daniel1895fuzzing, bug-bounty, reconnaissance, bug-bounty-tips, hacking14-Feb-2024
The Hidden Dangers Lurking in NTLM Authentication (Cybersecurity)https://medium.com/@paritoshblogs/the-hidden-dangers-lurking-in-ntlm-authentication-cybersecurity-17fc4a02dbf9?source=rss------bug_bounty-5Paritoshntlm, hacking, cybersecurity, authentication, bug-bounty13-Feb-2024
Introducing M:N Hybrid Threading in Go: Unveiling the Power of Goroutineshttps://medium.com/@rezauditore/introducing-m-n-hybrid-threading-in-go-unveiling-the-power-of-goroutines-8f2bd31abc84?source=rss------bug_bounty-5rezauditoreprogramming, tutorial, multithreading, bug-bounty, golang13-Feb-2024
Best tools you must have to look at for penetration testing.https://medium.com/@coderjack0/best-tools-you-must-have-to-look-at-for-penetration-testing-5780ad9e7ddf?source=rss------bug_bounty-5Bugz_Bunnepentesting, hacking, cybersecurity, cybe, bug-bounty13-Feb-2024
Memory vulnerabilities: Buffer and integer overflows, memory leak, and pointer dereferencinghttps://medium.com/@forensics.000/memory-vulnerabilities-buffer-and-integer-overflows-memory-leak-and-pointer-dereferencing-b0e7cbbc0cd3?source=rss------bug_bounty-5forensicsbuffer-overflow, bug-bounty, null-pointer-dereference, memory-improvement13-Feb-2024
Cross-site and server-side request forgeries (CSRF and SSRF)https://medium.com/@forensics.000/cross-site-and-server-side-request-forgeries-csrf-and-ssrf-b91911e42e44?source=rss------bug_bounty-5forensicspenetration-testing, ssrf, csrf, bug-bounty, hackerone13-Feb-2024
Cross-site scriptinghttps://medium.com/@forensics.000/cross-site-scripting-706293b1ad8d?source=rss------bug_bounty-5forensicsweb-penetration-testing, ctf-writeup, hackerone, xss-attack, bug-bounty13-Feb-2024
Program Misuse and Privilege Escalation — PWN COLLEGEhttps://medium.com/illumination/program-misuse-and-privilege-escalation-pwn-college-9d5dbfd9cb3c?source=rss------bug_bounty-5B A T M A Npwn, pentesting, challenge, hacking, bug-bounty13-Feb-2024
Unauthenticated Jira CVEs Check List — Bug Tuesdayhttps://medium.com/@kerstan/unauthenticated-jira-cves-check-list-bug-tuesday-465b16266349?source=rss------bug_bounty-5kerstansecurity, cybersecurity, technology, information-security, bug-bounty13-Feb-2024
Email Triggering Leads to Rs1000 Amazon voucherhttps://medium.com/@bug.hun3r/email-triggering-leads-to-rs1000-amazon-voucher-7b9447a0b820?source=rss------bug_bounty-5mo9kHu93rbug-hunting, web-application-security, cybersecurity, bug-bounty, hacking13-Feb-2024
curity8.3 Lab: Web shell upload via path traversal | 2024https://cyberw1ng.medium.com/curity8-3-lab-web-shell-upload-via-path-traversal-2024-0c38695963a7?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, hacking, cybersecurity, careers, bug-bounty13-Feb-2024
Program Misuse and Privilege Escalation — PWN COLLEGEhttps://batm4n.medium.com/program-misuse-and-privilege-escalation-pwn-college-9d5dbfd9cb3c?source=rss------bug_bounty-5B A T M A Npwn, pentesting, challenge, hacking, bug-bounty13-Feb-2024
Comprehensive Guide to Pentesting Methodology: From Zero to Herohttps://medium.com/@elniak/comprehensive-guide-to-pentesting-methodology-from-zero-to-hero-78c94711d130?source=rss------bug_bounty-5ElNiakbug-bounty, technology, cybersecurity, penetration-testing, pentesting13-Feb-2024
Mastering Nmap: A Comprehensive Guide for Network Discovery and Security Auditinghttps://medium.com/@elniak/mastering-nmap-a-comprehensive-guide-for-network-discovery-and-security-auditing-29fa0c669ef7?source=rss------bug_bounty-5ElNiakcybersecurity, penetration-testing, bug-bounty, networking, nmap13-Feb-2024
Program Misuse and Privilege Escalation — PWN COLLEGEhttps://medium.com/illuminations-mirror/program-misuse-and-privilege-escalation-pwn-college-9d5dbfd9cb3c?source=rss------bug_bounty-5B A T M A Npwn, pentesting, challenge, hacking, bug-bounty13-Feb-2024
How I Found a Reflected XSS at NASAhttps://medium.com/@Jh0n_0x/how-i-found-a-reflected-xss-at-nasa-cc8b7584dee7?source=rss------bug_bounty-5Jh0n_0xpenetration-testing, securit, bugbounty-tips, bug-bounty, security-services12-Feb-2024
Most easiest bug in login page : Session Fixationhttps://medium.com/@mrraghavop12/most-easiest-bug-in-login-page-session-fixation-3b07eb396aab?source=rss------bug_bounty-5Ethical Raghavcybersecurity, blockchain, ethical-hacking, bug-bounty, technology12-Feb-2024
IDOR (Insecure direct object reference) pada Website Jual Beli Indonesiahttps://uzet.medium.com/idor-insecure-direct-object-reference-pada-website-jual-beli-indonesia-350e2f58755c?source=rss------bug_bounty-5Timotius Benhurwriteup, bug-bounty, idor12-Feb-2024
Webpages Have these Bugs, and can be EXPLOITED!!https://batm4n.medium.com/webpages-have-these-bugs-and-can-be-exploited-59e10dd94931?source=rss------bug_bounty-5B A T M A Nxss-vulnerability, hacking, penetration-testing, xss-attack, bug-bounty12-Feb-2024
Unraveling Three Critical Vulnerabilities in Atlassian Confluence: CVE-2023–22515, CVE-2023–22518…https://systemweakness.com/unraveling-three-critical-vulnerabilities-in-atlassian-confluence-cve-2023-22515-cve-2023-22518-071f58539142?source=rss------bug_bounty-5ElNiakvulnerability, exploitation, cybersecurity, atlassian, bug-bounty12-Feb-2024
Super Bowl and Cybersecurityhttps://medium.com/@paritoshblogs/super-bowl-and-cybersecurity-5a8c0097f1f7?source=rss------bug_bounty-5Paritoshbug-bounty, super-bowl, hacking, information-security, cybersecurity12-Feb-2024
Tow Senario To Pre Account TakeOverhttps://medium.com/@Hackoura001/tow-senario-to-pre-account-takeover-e437b772b0e2?source=rss------bug_bounty-5Ahmed Elhenybug-bounty-hunter, bug-bounty, hacking, bug-bounty-writeup, bugbounty-tips12-Feb-2024
7 Tingkatan IOC Dalam Investigasi Serangan Siberhttps://medium.com/@yasminramadini/7-tingkatan-ioc-dalam-investigasi-serangan-siber-107826a59a37?source=rss------bug_bounty-5Yasmin Ramadinibug-bounty, pyramid-of-pain, cybersecurity, cyber-security-awareness12-Feb-2024
Hack Stories: Hacking Hackers EP:1https://infosecwriteups.com/hack-stories-hacking-hackers-ep-1-ff4c3cfc09cc?source=rss------bug_bounty-5c0d3x27bug-bounty, hacking, cybersecurity, penetration-testing, software-development12-Feb-2024
Practical Guide to End-to-End Bug Reporting in Software Developmenthttps://medium.com/@niarsdet/practical-guide-to-end-to-end-bug-reporting-in-software-development-9d3e3e4ae8f2?source=rss------bug_bounty-5Niarbugs, issues, qa, bug-fixes, bug-bounty12-Feb-2024
How I Hacked the Dutch Government: Exploiting an Innocent Image for Remote Code Executionhttps://medium.com/@mukundbhuva/how-i-hacked-the-dutch-government-exploiting-an-innocent-image-for-remote-code-execution-df1fa936e46a?source=rss------bug_bounty-5Mukund Bhuvahacking, security, bug-bounty, information-security, cybersecurity12-Feb-2024
Understanding web applicationshttps://medium.com/@pentajbr/understanding-web-applications-ec5952eb1903?source=rss------bug_bounty-5Jbr AL-Otaibihacking, cybersecurity, bug-bounty, website, web-development12-Feb-2024
How I found a bug in Microsofthttps://nityanandjha18.medium.com/how-i-found-a-bug-in-microsoft-3b8524877a3c?source=rss------bug_bounty-5NITYA NAND JHAbug-bounty, cybersecurity, vulnerability12-Feb-2024
: Unveiling the Art of Breaching SSH Servers in Bug Bounties: A Dive into Cybersecurity Exploitshttps://medium.com/@bugspiderlee/unveiling-the-art-of-breaching-ssh-servers-in-bug-bounties-a-dive-into-cybersecurity-exploits-1b60c95c9075?source=rss------bug_bounty-5Pardon Mukoyibugbounty-tips, bug-bounty, bugbounty-writeup, cybersecurity12-Feb-2024
Extract & Scan SSL Certs for HeartBleed via CertGuard toolhttps://medium.com/@SentinelXTeam/extract-scan-ssl-certs-for-heartbleed-via-certguard-tool-06dfd891788a?source=rss------bug_bounty-5SentinelX Researchweb-development, bug-bounty-tips, ssl-certificate, cybersecurity, bug-bounty12-Feb-2024
Mastering Samba Exploitation: A Comprehensive Pentesting Guidehttps://medium.com/@elniak/mastering-samba-exploitation-a-comprehensive-pentesting-guide-016ae61c1031?source=rss------bug_bounty-5ElNiakcybersecurity, threat-intelligence, penetration-testing, samba, bug-bounty12-Feb-2024
Unveiling the World of Ethical Hacking: How Ethical Hackers Earn Moneyhttps://medium.com/@crawsecurity/unveiling-the-world-of-ethical-hacking-how-ethical-hackers-earn-money-939b7816debb?source=rss------bug_bounty-5crawsecurityethical-hacking, ways-to-earn-money-online, freelancing, bug-bounty, ethical-hacker11-Feb-2024
Online Password Cracking with THC-Hydra and Burp Suitehttps://medium.com/@0xalpraz/online-password-cracking-with-thc-hydra-and-burp-suite-31ec3019cead?source=rss------bug_bounty-50xClonazhacks, hacking, bug-bounty, cybersecurity11-Feb-2024
Getting Facebook Credentails Without Hackinghttps://medium.com/@0xalpraz/getting-facebook-credentails-without-hacking-e9c778e9e4ca?source=rss------bug_bounty-50xClonazbug-bounty, hacks, cybersecurity, hacking11-Feb-2024
Open Source Intelligence(OSINT), Part 4: Google Hacking to Find Unsecured Web Camshttps://medium.com/@0xalpraz/open-source-intelligence-osint-part-4-google-hacking-to-find-unsecured-web-cams-4493b08dd08f?source=rss------bug_bounty-50xClonazcybersecurity, hacks, hacker, hacking, bug-bounty11-Feb-2024
Open Source Intelligence (OSINT), Part 1: Mining Intelligence from Twitter (@mattgaetz)https://medium.com/@0xalpraz/open-source-intelligence-osint-part-1-mining-intelligence-from-twitter-mattgaetz-6bb71c3dae9b?source=rss------bug_bounty-50xClonazbug-bounty, cybersecurity, hacking, hacker, hacks11-Feb-2024
OSINT: Finding Email Passwords in Dumps with h8mailhttps://medium.com/@0xalpraz/osint-finding-email-passwords-in-dumps-with-h8mail-4fb8b80298d8?source=rss------bug_bounty-50xClonazbug-bounty, hacker, hacking, hacks, cybersecurity11-Feb-2024
Password Cracking: Creating Custom Password List with cupphttps://medium.com/master-hackers/password-cracking-creating-custom-password-list-with-cupp-167b7448b6c9?source=rss------bug_bounty-50xClonazcybersecurity, hacking, bug-bounty, hacker, hacks11-Feb-2024
Android Hacking: The libwebp Vulnerability (zero-day/zero-click)https://medium.com/master-hackers/android-hacking-the-libwebp-vulnerability-zero-day-zero-click-843279e0bb85?source=rss------bug_bounty-50xClonazhacks, hacking, hacker, cybersecurity, bug-bounty11-Feb-2024
Bug Bounty Hunting, Part 1: Getting Startedhttps://medium.com/master-hackers/bug-bounty-hunting-part-1-getting-started-f8c60e759738?source=rss------bug_bounty-50xClonazhacker, bug-bounty, hacking, cybersecurity11-Feb-2024
Preventing file execution in user-accessible directories by Portswigger | 2024https://cyberw1ng.medium.com/preventing-file-execution-in-user-accessible-directories-by-portswigger-2024-c30f1ef726b9?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, bug-bounty, security11-Feb-2024
IDOR(Insecure Direct Object Referece) Price Manipulation Through Encoded Url Parameterhttps://medium.com/@bry4nzheng/idor-insecure-direct-object-referece-price-manipulation-through-encoded-url-parameter-4232fa4758b0?source=rss------bug_bounty-5Bryan Zhengbug-bounty-writeup, bug-bounty, cybersecurity, penetration-testing11-Feb-2024
Signing up with Government and Military emailshttps://medium.com/@boogsta/signing-up-with-government-and-military-emails-4ebed8da5135?source=rss------bug_bounty-5Boogstabug-bounty-tips, cyber, cybersecurity, bug-bounty, hacking11-Feb-2024
IDOR(Insecure Direct Object Reference) Price Manipulation on Private Bug Bounty Programhttps://medium.com/@bry4nzheng/idor-insecure-direct-object-reference-price-manipulation-on-private-bug-bounty-program-2527431ffcfd?source=rss------bug_bounty-5Bryan Zhengbug-bounty-writeup, penetration-testing, bug-bounty, cybersecurity11-Feb-2024
Bug Bounty Programs: Unleashing the Force of Ethical Hackers to Strengthen Your Security Defenseshttps://medium.com/@pascal.o.anene/bug-bounty-programs-unleashing-the-force-of-ethical-hackers-to-strengthen-your-security-defenses-08506824e975?source=rss------bug_bounty-5Pascal Onyekachukwu Anenecybersecurity, security-engineering, bug-bounty11-Feb-2024
Almost 50% of web pages have this bug. Learn How it is exploited in the wildhttps://medium.com/@sreedeep200/almost-50-of-web-pages-have-this-bug-learn-how-it-is-exploited-in-the-wild-bfc591abdf8f?source=rss------bug_bounty-5Sreedeep cvjs, bug-bounty, xss-attack, hacking, dom11-Feb-2024
XSS in CMS / Blog sites bypassing HTML encoding and escaping.https://medium.com/@kannnannmk/xss-in-cms-blog-sites-bypassing-html-encoding-and-escaping-f61a720e6a02?source=rss------bug_bounty-5Neelamegha Kannan Spenetration-testing, cybersecurity, information-security, cyberattack, bug-bounty11-Feb-2024
From a customer to a ‘system owner’https://medium.com/@mmaulanaabdullah/from-a-customer-to-a-system-owner-ce4da3f6d56c?source=rss------bug_bounty-5M Maulana Abdullahapi-development, writeup, privilege-escalation, api, bug-bounty10-Feb-2024
Unlocking Creativity: TCS HackQuest S8 Unveiled - Round 1https://medium.com/@Dark_D3v1l/unlocking-creativity-tcs-hackquest-s8-unveiled-round-1-ffc02c753aaf?source=rss------bug_bounty-5Ravitejareverse-engineering, ctf, bug-bounty, hacking-tools, web-security10-Feb-2024
7.8 Lab: Referer-based access control | 2024https://cyberw1ng.medium.com/7-8-lab-referer-based-access-control-2024-ef0fa2eefbe0?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, security, bug-bounty, cybersecurity10-Feb-2024
Google Dorking: A Beginner’s Guide to Finding Vulnerabilitieshttps://medium.com/@elniak/google-dorking-a-beginners-guide-to-finding-vulnerabilities-815afedcaaec?source=rss------bug_bounty-5ElNiakthreat-intelligence, bug-bounty, google-dorking, cybersecurity, google10-Feb-2024
Web Security 101 : Cross-Site Scripting (XSS) Attackshttps://iaraoz.medium.com/web-security-101-cross-site-scripting-xss-attacks-5b6c6e8020c7?source=rss------bug_bounty-5Israel Aráoz Severichexss-attack, bug-bounty, cybersecurity, appsec09-Feb-2024
Securing Biggest Electronic Brand Worth Me My 2nd 4 fig. $2259 Bounty!https://medium.com/@manan_sanghvi/securing-biggest-electronic-brand-worth-me-my-2nd-4-fig-2259-bounty-a053d2053655?source=rss------bug_bounty-5Manan Sanghvibug-bounty, penetration-testing, web-application-security, ethical-hacking, idor-vulnerability09-Feb-2024
JSON CSRF in Microsoft Bing Maps Collectionshttps://infosecwriteups.com/json-csrf-in-microsoft-bing-maps-collections-74afc2b197d5?source=rss------bug_bounty-5Jayateertha Guruprasadbug-bounty-tips, microsoft, bug-bounty, infosec, cybersecurity09-Feb-2024
CVE-2024–24830: A Critical OpenObserve Vulnerability Exposedhttps://systemweakness.com/cve-2024-24830-a-critical-openobserve-vulnerability-exposed-7110ff223e49?source=rss------bug_bounty-5ElNiakbug-bounty, logs, vulnerability, cybersecurity, technology09-Feb-2024
Cyber Espionage Unveiled: The Dutch Defense Under Siege by Chinese Hackershttps://medium.com/@elniak/cyber-espionage-unveiled-the-dutch-defense-under-siege-by-chinese-hackers-2a7a5ffe99b6?source=rss------bug_bounty-5ElNiakmalware, chinese, bug-bounty, cyberattack, cybersecurity09-Feb-2024
CVE-2024–1207: A Deep Dive into WordPress Plugin Vulnerabilityhttps://systemweakness.com/cve-2024-1207-a-deep-dive-into-wordpress-plugin-vulnerability-3b12891813e6?source=rss------bug_bounty-5ElNiakbug-bounty, vulnerability, cybersecurity, wordpress, sql-injection09-Feb-2024
Cyber Espionage Unveiled: The Dutch Defense Under Siege by Chinese Hackershttps://systemweakness.com/cyber-espionage-unveiled-the-dutch-defense-under-siege-by-chinese-hackers-2a7a5ffe99b6?source=rss------bug_bounty-5ElNiakmalware, chinese, bug-bounty, cyberattack, cybersecurity09-Feb-2024
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Threehttps://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-three-cee1633de873?source=rss------bug_bounty-5Alipython, flask, bug-bounty, mongodb, reconnaissance09-Feb-2024
E: Package ‘libgtkglext1’ has no installation candidate | anydesk : Depends: libgtkglext1 but it is…https://medium.com/@sherlock297/e-package-libgtkglext1-has-no-installation-candidate-anydesk-depends-libgtkglext1-but-it-is-7eef2877f78d?source=rss------bug_bounty-5Ravindra Dagaleinformation-technology, bug-bounty, kali-linux, information-security, programming09-Feb-2024
7.7 Lab: Multi-step process with no access control on one step | 2024https://cyberw1ng.medium.com/7-7-lab-multi-step-process-with-no-access-control-on-one-step-2024-2b338dfd36ea?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, cybersecurity, bug-bounty, security09-Feb-2024
Beyond the Firewall: Finding a Stored XSS in Hacker101 CTFhttps://medium.com/@crashwire1/beyond-the-firewall-finding-a-stored-xss-in-hacker101-ctf-9b90df12e42e?source=rss------bug_bounty-5Crashwirexss-attack, cybersecurity, capture-the-flag, bug-bounty, hacking09-Feb-2024
Unlocking Your Potential: Elevating Your Bug Bounty Game**https://medium.com/@mrraghavop12/unlocking-your-potential-elevating-your-bug-bounty-game-5cbf22c4de00?source=rss------bug_bounty-5Ethical Raghavblockchain, bug-bounty, bug-bounty-tips, javascript, cybersecurity08-Feb-2024
Lenfi V2 to Begin Community-Driven Bug Bounty Program Nowhttps://medium.com/@lenfi/lenfi-v2-to-begin-community-driven-bug-bounty-program-now-c2d312203df2?source=rss------bug_bounty-5Lenfilending, cardano, defi, audit, bug-bounty08-Feb-2024
Chaining Subprober + Subfinder To Your Bug Bounty Recon.https://medium.com/@Ajakcybersecurity/chaining-subprober-subfinder-to-your-bug-bounty-recon-017151d1ffce?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, penetration-testing, hacking, cybersecurity08-Feb-2024
7.6 Lab: Method-based access control can be circumvented | 2024https://cyberw1ng.medium.com/7-6-lab-method-based-access-control-can-be-circumvented-2024-edb5df550a66?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, portswigger, cybersecurity, careers08-Feb-2024
Easy way to get privilege escalationhttps://medium.com/@Rzizah/easy-way-to-get-privilege-escalation-2c0a96862301?source=rss------bug_bounty-5Rzizahbug-bounty-tips, bug-bounty, bug-bounty-writeup, privilege-escalation08-Feb-2024
How I Find Open Redirect Bug — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-i-find-open-redirect-bug-bug-bounty-tuesday-40cc560c9cec?source=rss------bug_bounty-5kerstancybersecurity, bug-bounty, technology, security, information-security07-Feb-2024
Web3 Security: In-Depthhttps://medium.com/coinmonks/web3-security-in-depth-e102fb262a3a?source=rss------bug_bounty-5Officer's Notesbug-bounty, blockchain, smart-contracts, solidity, web307-Feb-2024
My first bug | Html injection|https://medium.com/@pandeyrishu621/my-first-bug-html-injection-82bbad239934?source=rss------bug_bounty-5Pandeyrishucybersecurity, bug-bounty, penetration-testing, technology, bug-bounty-tips07-Feb-2024
Revealing a Security Snag: Uncovering Sensitive Data Exposure in an Apple Applicationhttps://medium.com/@jazdprince/revealing-a-security-snag-uncovering-sensitive-data-exposure-in-an-apple-application-c93da97cae0d?source=rss------bug_bounty-5JzeeRxbug-bounty, bug-hunting, cybersecurity, apple-security, apple07-Feb-2024
7.5 Lab: URL-based access control can be circumvented | 2024https://cyberw1ng.medium.com/7-5-lab-url-based-access-control-can-be-circumvented-2024-f101542e9402?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, hacking, cybersecurity, careers, bug-bounty07-Feb-2024
I have hacked around 300 website in 1 Monthhttps://systemweakness.com/i-have-hacked-around-300-website-in-1-month-30417030560b?source=rss------bug_bounty-5Imran Niazbug-bounty, hacking, web-development, python-programming, cybersecurity07-Feb-2024
Rate Limiting: What It Is And Why It Matters in Bug Bountyhttps://infosecwriteups.com/rate-limiting-what-it-is-and-why-it-matters-in-bug-bounty-b0d2ce574049?source=rss------bug_bounty-5Alpbug-bounty-tips, bug-bounty, hackerone07-Feb-2024
How To Get Started With LLM Hacking? — A Beginner’s Guidehttps://medium.com/@hetisdemerckx/how-to-get-started-with-llm-hacking-a-beginners-guide-273af158b4b0?source=rss------bug_bounty-5Yannick Merckxbug-bounty, ai, hacking, llm-hacking, llm07-Feb-2024
My first bug | Html injection|https://systemweakness.com/my-first-bug-html-injection-82bbad239934?source=rss------bug_bounty-5Pandeyrishucybersecurity, bug-bounty, penetration-testing, technology, bug-bounty-tips07-Feb-2024
Enhancing Network Security: Best Practices and Strategieshttps://medium.com/@paritoshblogs/enhancing-network-security-best-practices-and-strategies-6fec2ef3f397?source=rss------bug_bounty-5Paritoshhacking, programming, bug-bounty, information-security, cybersecurity06-Feb-2024
Tumblr Subdomain Takeoverhttps://infosecwriteups.com/tumblr-subdomain-takeover-55f9cb494d65?source=rss------bug_bounty-5Scott Lindhwhite-hat-hacker, bug-bounty, hacker, subdomain-takeover, subdomains-enumeration06-Feb-2024
Harnessing Concurrency in Go: Exploring Asynchronous Executionhttps://medium.com/@rezauditore/harnessing-concurrency-in-go-exploring-asynchronous-execution-4134897d66a6?source=rss------bug_bounty-5rezauditoregolang, programming, bug-bounty, tutorial, hunting06-Feb-2024
A Deep Dive into FastAPI’s Security Vulnerability: CVE-2024–24762https://systemweakness.com/a-deep-dive-into-fastapis-security-vulnerability-cve-2024-24762-4ab6bb64644c?source=rss------bug_bounty-5ElNiakcybersecurity, programming, bug-bounty, fastapi, vulnerability06-Feb-2024
ALWAYS test 404 Not Found in Bug Bounties!https://medium.com/@mares.viktor/always-test-404-not-found-in-bug-bounties-2be47801b4c0?source=rss------bug_bounty-5Viktor Marescybersecurity, web-development, bug-bounty, penetration-testing, hacking06-Feb-2024
CVE-2024-23222: Apple WebKit’s Zero-Day Vulnerabilityhttps://medium.com/@elniak/cve-2024-23222-apple-webkits-zero-day-vulnerability-83109de9ddee?source=rss------bug_bounty-5ElNiakcybersecurity, vulnerability, apple, technology, bug-bounty06-Feb-2024
Symlink Sabotage: ZIPping Through Web Security. (LFI Lab)https://medium.com/@josh.beck2006/symlink-sabotage-zipping-through-web-security-lfi-lab-ca20e2d30c8d?source=rss------bug_bounty-5Josh Beckpenetration-testing, cybersecurity, ctf-writeup, bug-bounty06-Feb-2024
Unveiling CVE-2024–0953: Firefox iOS Open Redirect Vulnerabilityhttps://lohigowda.medium.com/unveiling-cve-2024-0953-firefox-ios-open-redirect-vulnerability-57533efb4cf4?source=rss------bug_bounty-5Lohith Gowda Mapplication-security, bug-bounty, firefox, ios, infosec06-Feb-2024
Understanding Ransomwarehttps://medium.com/@paritoshblogs/understanding-ransomware-aa45e2c43bbb?source=rss------bug_bounty-5Paritoshransomware, bug-bounty, cybersecurity, hacking, information-security05-Feb-2024
Urgent Security Alert: Microsoft Edge Vulnerabilities Exposed — Protect Your Data Now!https://medium.com/@elniak/urgent-security-alert-microsoft-edge-vulnerabilities-exposed-protect-your-data-now-bd7cd8b616dd?source=rss------bug_bounty-5ElNiakprivilege-escalation, cybersecurity, microsoft, bug-bounty, vulnerability05-Feb-2024
SSRF on a Headless Browser Becomes Critical!https://medium.com/@Nightbloodz/ssrf-on-a-headless-browser-becomes-critical-c08daaa1017e?source=rss------bug_bounty-5Alvaro Baladacybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty, cyber-security-awareness05-Feb-2024
IoT Devices Vulnerabilities Disclosed: BugStrike’s IoT Security Suitehttps://blog.bugstrike.io/iot-devices-vulnerabilities-disclosed-bugstrikes-iot-security-suite-4f3b7d907829?source=rss------bug_bounty-5BugStrike Teambugstrike, iot-security, bug-bounty, cybersecurity, iot05-Feb-2024
Unveiling the XSS Threats: Understanding and Defending Against Cross-Site Scriptinghttps://blog.bugstrike.io/unveiling-the-xss-threats-understanding-and-defending-against-cross-site-scripting-508e914367f4?source=rss------bug_bounty-5BugStrike Teambugsbounty, cybersecurity, bugstrike, xss-attack, bug-bounty05-Feb-2024
Broken access control resulting from platform misconfiguration | 2024https://cyberw1ng.medium.com/broken-access-control-resulting-from-platform-misconfiguration-2024-bc330363278c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, hacking, security05-Feb-2024
Euler Is So Back: Prizewinners and Educate Series Summaryhttps://www.blog.encode.club/euler-is-so-back-bounty-winners-and-educate-series-summary-6ea3de46b569?source=rss------bug_bounty-5Vanessa Losiceuler, euler-finance, bug-bounty, euler-educate, encode-club05-Feb-2024
How I got RCE in one of Bugcrowd's Public Programshttps://medium.com/@yousefmoh15/how-i-got-rce-in-one-of-bugcrowds-public-programs-5725c8dc46ce?source=rss------bug_bounty-5Yousef Mohamed Elsaidcybersecurity, bugcrowd, bug-bounty, rce, remote-code-execution05-Feb-2024
Every Cybersecurity Beginner’s Nightmare — You need to Read thishttps://medium.com/@majameeljameey/every-cybersecurity-beginners-nightmare-you-need-to-read-this-fc1b69e5dded?source=rss------bug_bounty-5MOHD ABDUL JAMEELpenetration-testing, bug-bounty, roadmaps, ethical-hacking, cybersecurity05-Feb-2024
Reflected XSS into a Template Literal with Angle Brackets, Single, Double Quotes, Backslash, and…https://medium.com/@marduk.i.am/reflected-xss-into-a-template-literal-with-angle-brackets-single-double-quotes-backslash-and-d5cf41f25b02?source=rss------bug_bounty-5Marduk I Ambug-bounty, portswigger-lab, reflected-xss, cross-site-scripting, cybersecurity05-Feb-2024
Skyfall — HackTheBox Seasonal Machine Simple Writeup by Karthikeyan Nagaraj | 2024https://infosecwriteups.com/skyfall-hackthebox-seasonal-machine-simple-writeup-by-karthikeyan-nagaraj-2024-d76fdaaba116?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, hackthebox-writeup, hackthebox, bug-bounty05-Feb-2024
This will change the way you hunt for bugs forever.https://medium.com/@deadoverflow/this-will-change-the-way-you-hunt-for-bugs-forever-6111f59b4e8b?source=rss------bug_bounty-5Imad Husanovichacking, cybersecurity, bug-bounty, programming, bug-bounty-tips04-Feb-2024
the Dark Art of NTLM Relay Attackshttps://medium.com/@paritoshblogs/the-dark-art-of-ntlm-relay-attacks-5a55cfb95b37?source=rss------bug_bounty-5Paritoshcybersecurity, hacking, ntlm-relay, active-directory, bug-bounty04-Feb-2024
The UI Slip I Hit 750$: UI Manipulation Leading to Unauthorized Permission Changeshttps://medium.com/@a13h1/the-ui-slip-i-hit-750-ui-manipulation-leading-to-unauthorized-permission-changes-d65621d8dd96?source=rss------bug_bounty-5Abhi Sharmauser-interface, hacking, programming, bug-bounty, cybersecurity04-Feb-2024
How I Hacked My College’s Sitehttps://infosecwriteups.com/how-i-hacked-my-colleges-site-26ae1ab872e4?source=rss------bug_bounty-5Rajneesh Kumar Aryabug-bounty, web-application-security, ethical-hacking, hacked, cybersecurity04-Feb-2024
Running a MITM on a Google Play App | Fintech Bug Bounty — Part 3https://0x4kd.medium.com/running-a-mitm-on-a-google-play-app-fintech-bug-bounty-part-3-82ebdd852d07?source=rss------bug_bounty-50x4KDbug-bounty, infosec, bounty-hunter, bug-bounty-tips, security04-Feb-2024
Certifications for bug bounty huntershttps://medium.com/@notahades/certifications-for-bug-bounty-hunters-4200c6a58c3c?source=rss------bug_bounty-5Deshahacking, certification, penetration-testing, bug-bounty04-Feb-2024
Hacking tools to use in 2024https://medium.com/@notahades/hacking-tools-to-use-in-2024-9dd47c126ef4?source=rss------bug_bounty-5Deshait-security, bug-bounty, hacking, penetration-testing, security04-Feb-2024
Tutorial: Shellcode Injection when the buffer is smallhttps://medium.com/@elniak/tutorial-shellcode-injection-when-the-buffer-is-small-ee3a29dcb955?source=rss------bug_bounty-5ElNiakbug-bounty, tutorial, hacking, shellcode, cybersecurity04-Feb-2024
TryHackMe | Bounty Hacker Walkthroughhttps://medium.com/@utsavadhikari99/tryhackme-bounty-hacker-walkthrough-eb7d9de074e3?source=rss------bug_bounty-5Utsavadhikaribug-bounty, bugs, linux, cybersecurity, computer-science04-Feb-2024
Stored XSS into ‘onclick’ Event with Angle Brackets and Double Quotes HTML-Encoded and Single…https://medium.com/@marduk.i.am/stored-xss-into-onclick-event-with-angle-brackets-and-double-quotes-html-encoded-and-single-002848f8deb1?source=rss------bug_bounty-5Marduk I Amportswigger-lab, cybersecurity, stored-xss, bug-bounty, cross-site-scripting04-Feb-2024
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Twohttps://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-two-468405eb3520?source=rss------bug_bounty-5Alidatabse, reconnaissance, bug-bounty, python, chatgpt04-Feb-2024
6.5 Lab: Information disclosure in version control history | 2024https://cyberw1ng.medium.com/6-5-lab-information-disclosure-in-version-control-history-2024-f886c7337cb7?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, careers, cybersecurity, bug-bounty, hacking04-Feb-2024
How to send WhatsApp Message automatically using python for impress someonehttps://rajput623929.medium.com/how-to-send-whatsapp-message-automatically-using-python-for-impress-someone-9c577664faaa?source=rss------bug_bounty-5Mr.Horbiohacking, automation, bug-bounty, cybersecurity, python03-Feb-2024
IDOR Pada Website Jual Beli Indonesiahttps://uzet.medium.com/idor-pada-website-jual-beli-indonesia-e4842bad515a?source=rss------bug_bounty-5Timotius Benhurbug-bounty, writeup, cyber-security-awareness, bugs03-Feb-2024
Zero-Day: Navigating the Storm of CVE-2024–21893 in Ivanti Productshttps://systemweakness.com/zero-day-navigating-the-storm-of-cve-2024-21893-in-ivanti-products-3b27078377e2?source=rss------bug_bounty-5ElNiakbug-bounty, penetration-testing, ivanti, cybersecurity, ssrf03-Feb-2024
Vulnerable WordPress January 2024 (Imadaddin Nasimi)https://medium.com/@onhexgroup/vulnerable-wordpress-january-2024-imadaddin-nasimi-09f163d473db?source=rss------bug_bounty-5Onhexgroupinfosec, bug-bounty, exploit, cybersecurity, wordpress03-Feb-2024
Title: Unveiling the Trio: Idor,Account,Takeover And Account Enumerationhttps://medium.com/@mrraghavop12/title-unveiling-the-trio-idor-account-takeover-and-account-enumeration-cad7f7ca671f?source=rss------bug_bounty-5Ethical Raghavbug-bounty, blockchain, technology, cybersecurity, data-science03-Feb-2024
Building a Robust Security Architecturehttps://medium.com/@paritoshblogs/building-a-robust-security-architecture-10d01b22380d?source=rss------bug_bounty-5Paritosharchitecture, bug-bounty, information-security, cybersecurity, security-architecture03-Feb-2024
A Story of an IDOR bug I found on a SaaS applicationhttps://medium.com/@duncanochieng682/a-story-of-an-idor-bug-i-found-on-a-saas-application-28fa65907bfd?source=rss------bug_bounty-5JateloCybersecaccess-control, web-application-security, bug-bounty-tips, idor-vulnerability, bug-bounty03-Feb-2024
Version Control History and Information Disclosure Vulnerabilities | 2024https://cyberw1ng.medium.com/version-control-history-and-information-disclosure-vulnerabilities-2024-3649060333bb?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, cybersecurity, careers, bug-bounty, hacking03-Feb-2024
Offensive Mobile Penetration Testinghttps://hackerassociate.medium.com/offensive-mobile-penetration-testing-ce87cc06fb46?source=rss------bug_bounty-5Harshad Shahbug-bounty, infosec, penetration-testing, cybersecurity, hacking02-Feb-2024
5.11 Lab: Authentication bypass via flawed state machine | 2024https://cyberw1ng.medium.com/5-11-lab-authentication-bypass-via-flawed-state-machine-2024-2226d33fba6d?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, cybersecurity, bug-bounty, security2-Feb-2024
CVE-2021–4434: A Critical WordPress Vulnerability Exposedhttps://medium.com/@elniak/cve-2021-4434-a-critical-wordpress-vulnerability-exposed-202b7d75dda5?source=rss------bug_bounty-5ElNiakvulnerability, bug-bounty, threat-intelligence, wordpress, cybersecurity2-Feb-2024
Join the Pay Protocol Bug Bounty Program and Earn Rewardshttps://cryptoanalyz.medium.com/join-the-pay-protocol-bug-bounty-program-and-earn-rewards-159d24608282?source=rss------bug_bounty-5Crypto Analystpayments, defi, bug-bounty-program, cryptocurrency, bug-bounty2-Feb-2024
Unveiling the Elite: Cyber Matrix Tech’s USD 7 Million Bug Bounty Coursehttps://medium.com/@African-Technology-Research/unveiling-the-elite-cyber-matrix-techs-usd-7-million-bug-bounty-course-4e648fb003d1?source=rss------bug_bounty-5African Technology Researchpenetration-testing, cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup2-Feb-2024
Mastering Fuzzing: A Comprehensive Tutorialhttps://medium.com/@elniak/mastering-fuzzing-a-comprehensive-tutorial-ba9431c8ff0f?source=rss------bug_bounty-5ElNiakfuzzing, bug-bounty, tutorial, cybersecurity, bugs02-Feb-2024
Unlocking Privacy: A Dive into Octopii, the Open-Source PII Scannerhttps://medium.com/@elniak/unlocking-privacy-a-dive-into-octopii-the-open-source-pii-scanner-8a8bdcc0b8be?source=rss------bug_bounty-5ElNiakprivacy, osint, cybersecurity, bug-bounty, pii02-Feb-2024
How to start in Bug Bounty Hunting: my personal experiencehttps://seeu-inspace.medium.com/how-to-start-in-bug-bounty-hunting-my-personal-experience-61fb2bc6bcee?source=rss------bug_bounty-5Riccardo Malatestabug-bounty-tips, bug-bounty02-Feb-2024
How to Pass eWPTv1 examhttps://medium.com/@pentajbr/how-to-pass-ewptv1-exam-3aab3d7d9fa5?source=rss------bug_bounty-5Jbr AL-Otaibipreparation, bug-bounty, bug-bounty-tips, cybersecurity, hacking02-Feb-2024
CVE-2021–4434: A Critical WordPress Vulnerability Exposedhttps://systemweakness.com/cve-2021-4434-a-critical-wordpress-vulnerability-exposed-202b7d75dda5?source=rss------bug_bounty-5ElNiakvulnerability, bug-bounty, threat-intelligence, wordpress, cybersecurity02-Feb-2024
How I was able to find PII of more than 15,000 People using the Directory Enumeration Tool…https://medium.com/@neelmunot2003/how-i-was-able-to-find-pii-of-more-than-15-000-people-using-the-directory-enumeration-tool-7ac3e9a37983?source=rss------bug_bounty-5Neel Munotinformation-disclosure, dirsearch, bug-bounty, cybersecurity, ethical-hacking02-Feb-2024
How I secured the United Nations Hall of Famehttps://medium.com/@kamilrahman32/how-i-secured-the-united-nations-hall-of-fame-67b036ff2620?source=rss------bug_bounty-5Kamil Rahumanbug-bounty, bug-bounty-tips, vulnerability, hall-of-fame, united-nations02-Feb-2024
Full Account Takeover via Password Reset Link Manipulationhttps://ikhaleelkhan.medium.com/full-account-takeover-via-password-reset-link-manipulation-840fb9402967?source=rss------bug_bounty-5Khaleel Khaninfosec, bug-bounty, cybersecurity, hacking, ethical-hacking01-Feb-2024
Docker and runC Vulnerabilities: A Deep Dive into CVE-2024–21626 and Its Counterpartshttps://medium.com/@elniak/docker-and-runc-vulnerabilities-a-deep-dive-into-cve-2024-21626-and-its-counterparts-4ca24e7d7aa1?source=rss------bug_bounty-5ElNiakcybersecurity, vulnerability, docker, penetration-testing, bug-bounty01-Feb-2024
5.10 Lab: Authentication bypass via encryption Oracle | 2024https://cyberw1ng.medium.com/5-10-lab-authentication-bypass-via-encryption-oracle-2024-b15f1879a30b?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, careers, hacking, cybersecurity01-Feb-2024
1.4M PII data leakage (IDOR)https://medium.com/@tusharaj98355/1-4m-pii-data-leakage-idor-aee596aef4d9?source=rss------bug_bounty-5tushar_reconbug-bounty, bug-bounty-tips01-Feb-2024
How i was able to hack a Company via watching a YouTube videohttps://ahmadmansourr.medium.com/how-i-was-able-to-hack-a-company-via-watching-a-youtube-video-without-any-technical-pentesting-4941753a150a?source=rss------bug_bounty-5Ahmad Mansourcyber-security-awareness, bug-bounty, penetration-testing01-Feb-2024
Reflected XSS into a JavaScript String with Angle Brackets and Double Quotes HTML-Encoded and…https://medium.com/@marduk.i.am/reflected-xss-into-a-javascript-string-with-angle-brackets-and-double-quotes-html-encoded-and-3e43059d901b?source=rss------bug_bounty-5Marduk I Amcybersecurity, portswigger-lab, reflected-xss, cross-site-scripting, bug-bounty01-Feb-2024
Bypass Arbitary File Upload With .pharhttps://medium.com/@mzrismuarf/bypass-arbitary-file-upload-with-phar-6a07627f5e2e?source=rss------bug_bounty-5Mizar Ismu Ariefexploitation, bug-bounty, pentesting, bypass01-Feb-2024
From No to Go — Uninvited Access To Invited Projectshttps://medium.com/@_0jatin0_/from-no-to-go-uninvited-access-to-invited-projects-c8a94feb7cf3?source=rss------bug_bounty-5Jatin_Chudasamabroken-access-control, writeup, bug-bounty, graphql, unauthorized-access01-Feb-2024
This is arguably the dumbest bug I’ve ever found.https://medium.com/@deadoverflow/this-is-arguably-the-dumbest-bug-ive-ever-found-3e451951d727?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, bug-bounty, hacking, programming, cybersecurity01-Feb-2024
Misconfiguration lead to company identity theft via bypass email verification.https://hamzadzworm.medium.com/misconfiguration-lead-to-company-identity-theft-via-bypass-email-verification-0dd60b61d943?source=rss------bug_bounty-5Hamzadzwormbugbounty-writeup, bug-bounty-writeup, bugbounty-tips, bug-bounty, infosec01-Feb-2024
Best Recon methodology (Shubham Rooter)https://shubhamrooter.medium.com/best-recon-methodology-shubham-rooter-dcdca8d4caa4?source=rss------bug_bounty-5Shubham Tiwarihackerone, recon, bug-bounty, bug-bounty-tips, bug-hunting01-Feb-2024
How to send WhatsApp Message automatically using python for impress someonehttps://rajput623929.medium.com/how-to-send-whatsapp-message-automatically-using-python-for-impress-someone-0a9f488a4b54?source=rss------bug_bounty-5Mr.Horbiohacking, cybersecurity, technology, python, bug-bounty01-Feb-2024
Understanding and Mitigating Active Directory Attackshttps://medium.com/@paritoshblogs/understanding-and-mitigating-active-directory-attacks-51b7b5737ecc?source=rss------bug_bounty-5Paritoshbug-bounty, azure, hacking, active-directory, cybersecurity31-Jan-2024
Uncovering a Parameter Tampering Vulnerability in Event Expo Ticketing Systemhttps://medium.com/@sulmanfarooq531/uncovering-a-parameter-tampering-vulnerability-in-event-expo-ticketing-system-89fc52e26414?source=rss------bug_bounty-5Sulman Farooq Sburpsuite, tampering, http-parameter-pollution, parameter-tampering, bug-bounty31-Jan-2024
Hunt, Hack, Reward — Hacking For Good with Bountieshttps://thethreatcops.medium.com/hunt-hack-reward-hacking-for-good-with-bounties-6a57d12c82a0?source=rss------bug_bounty-5the threat copsthethreatcops, cybersecurity, bug-bounty, hacking, infosec31-Jan-2024
Navigating the Storm: Understanding CVE-2023–34048’s Impact on VMware vCenter Serverhttps://medium.com/@elniak/navigating-the-storm-understanding-cve-2023-34048s-impact-on-vmware-vcenter-server-6004e6531e5b?source=rss------bug_bounty-5ElNiakthreat-intelligence, cybersecurity, bug-bounty, penetration-testing, vmware31-Jan-2024
Json Tokens (JWT) Token Checkshttps://akash-venky091.medium.com/json-tokens-jwt-token-checks-f23d5107e370?source=rss------bug_bounty-5Akash Venkycybersecurity, ethical-hacking, bug-bounty, security, jwt31-Jan-2024
What to expect from BSides Transylvania 2024https://corneacristian.medium.com/what-to-expect-from-bsides-transylvania-2024-38f62ffb1ebd?source=rss------bug_bounty-5Cristian Corneacybersecurity, technology, bug-bounty, software-development, tech31-Jan-2024
Tackling IDOR on UUID based objectshttps://medium.com/pentesternepal/tackling-idor-on-uuid-based-objects-71e8cb2dc265?source=rss------bug_bounty-5Veshraj Ghimireidor-vulnerability, bug-bounty31-Jan-2024
5.9 Lab: Infinite money logic flaw | 2024https://cyberw1ng.medium.com/5-9-lab-infinite-money-logic-flaw-2024-9aec41bc9ca0?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, security, bug-bounty31-Jan-2024
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Onehttps://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-one-77ec3fd3b914?source=rss------bug_bounty-5Alibug-bounty, database, reconnaissance, python31-Jan-2024
How to use Virtual Boxhttps://medium.com/@joshdesharnais1/how-to-use-virtual-box-f3b66be0d9d7?source=rss------bug_bounty-5Joshua Desharnaisbug-bounty, virtual, operating-systems, oracle31-Jan-2024
Bug Bounty Hunting, Part 1: Stealthy Parameter Detection with ParamSpiderhttps://medium.com/master-hackers/bug-bounty-hunting-part-1-stealthy-parameter-detection-with-paramspider-28e8ae3af5d4?source=rss------bug_bounty-50xClonazbug-bounty, hacker, bug-bounty-tips, cybersecurity, hacking31-Jan-2024
Ransomware: Build Your Own Ransomwarehttps://medium.com/master-hackers/ransomware-build-your-own-ransomware-b8002b355300?source=rss------bug_bounty-50xClonazhacking, cybersecurity, hacker, programming, bug-bounty31-Jan-2024
Recon Methodologyhttps://medium.com/@alanvv03/recon-methodology-6626fea2e6ed?source=rss------bug_bounty-5Alanvvcybersecurity, bug-bounty, reconnaissance31-Jan-2024
Une erreur fatalehttps://mr0me.medium.com/salut-a2c0cf7cfb4c?source=rss------bug_bounty-5Jephte Mangendamistakes, wordpress-development, wordpress, bug-bounty, bugs31-Jan-2024
Web Cache Poisoninghttps://k4gur4.medium.com/web-cache-poisoning-04fea694708e?source=rss------bug_bounty-5Kaguracybersecurity, web-security, bug-bounty31-Jan-2024
Decoding the OWASP Top 10https://medium.com/@paritoshblogs/decoding-the-owasp-top-10-e193b715cb37?source=rss------bug_bounty-5Paritoshbug-bounty, owasp, cybersecurity, pentesting, hacking30-Jan-2024
Critical Jenkins RCE Vulnerability (CVE-2024–23897)https://medium.com/@elniak/critical-jenkins-rce-vulnerability-cve-2024-23897-402061a2b187?source=rss------bug_bounty-5ElNiakjenkins, bug-bounty, penetration-testing, vulnerability, cybersecurity30-Jan-2024
Simplifying Issue Traceability with Links Explorer in the monday Platformhttps://medium.com/optimizory-apps/simplifying-issue-traceability-with-links-explorer-in-the-monday-platform-c8cfbee37668?source=rss------bug_bounty-5Divyansh Vatsproject-management, marketplaces, issues, bug-bounty, traceability30-Jan-2024
Title: Exploiting Path Traversal Vulnerability in User Profile URLshttps://medium.com/@kataeriidubstep/title-exploiting-path-traversal-vulnerability-in-user-profile-urls-82c0e8ba1a3e?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, cybersecurity, appsec30-Jan-2024
Reflected XSS into a JavaScript String with Single Quote and Backslash Escapedhttps://medium.com/@marduk.i.am/reflected-xss-into-a-javascript-string-with-single-quote-and-backslash-escaped-ba435167b43f?source=rss------bug_bounty-5Marduk I Amreflected-xss, cross-site-scripting, portswigger-lab, bug-bounty, cybersecurity30-Jan-2024
My SSRF Tricks — Bug Bounty Tuesdayhttps://medium.com/@kerstan/my-ssrf-tricks-bug-bounty-tuesday-f0d7e53c8d88?source=rss------bug_bounty-5kerstanbug-bounty, security, hacking, cybersecurity, technology30-Jan-2024
Rekomendasi Platform Bug Bounty Nasional Maupun Internasionalhttps://medium.com/@artiacode/rekomendasi-platform-bug-bounty-nasional-maupun-internasional-7406d388de08?source=rss------bug_bounty-5ArtiaCodecybersecurity, cyber-security-awareness, bug-bounty, bug-bounty-hunter, bug-bounty-program30-Jan-2024
Navigating the World of Bug Bounties in 2024: Opportunities and Platforms for Ethical Hackershttps://hacksheets.medium.com/navigating-the-world-of-bug-bounties-in-2024-opportunities-and-platforms-for-ethical-hackers-99ff20231e3e?source=rss------bug_bounty-5Hacksheets | Learn Cybersecuritybug-bounty, artificial-intelligence, chatgpt, cybersecurity, penetration-testing30-Jan-2024
Pov — HackTheBox Seasonal Machine Simple Writeup by Karthikeyan Nagaraj | 2024https://infosecwriteups.com/pov-hackthebox-seasonal-machine-simple-writeup-by-karthikeyan-nagaraj-2024-7516c938c688?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hackthebox, hackthebox-writeup, careers, cybersecurity30-Jan-2024
Attacking Session Management | Part 06 | What To Do After Choosing a Targethttps://medium.com/@omarora1603/attacking-session-management-part-06-what-to-do-after-choosing-a-target-b551ab0455c5?source=rss------bug_bounty-5Om Arorainfosec, information-security, hacking, bug-bounty, cybersecurity30-Jan-2024
Best Approach to RCEhttps://medium.com/@anekantsinghai/best-approach-to-rce-630187d4ad03?source=rss------bug_bounty-5Anekant Singhai Jainred-team, ethical-hacking, rce, penetration-testing, bug-bounty30-Jan-2024
An introductory guide to HTTP request smugglinghttps://medium.com/@mayank_prajapati/an-introductory-guide-to-http-request-smuggling-0defb95e87ce?source=rss------bug_bounty-5Mayank Kumar Prajapatiwebsite, web, bug-bounty, hacking, vulnerability30-Jan-2024
How to replicate Jenkins CVE-2024–23897: Arbitrary File Read Vulnerabilityhttps://medium.com/@red_darkin/how-to-replicate-jenkins-cve-2024-23897-arbitrary-file-read-vulnerability-260c8174dd94?source=rss------bug_bounty-5Red Darkinbug-bounty, cybersecurity, cve-2024-23897, jenkins, offsec30-Jan-2024
Behind the Scenes of DLLs : How Attackers Exploit Legitimate Programs for Mischief!https://osintteam.blog/behind-the-scenes-of-dlls-how-attackers-exploit-legitimate-programs-for-mischief-395a7540af1f?source=rss------bug_bounty-5Paritoshdll-hijacking, information-security, cybersecurity, hacking, bug-bounty29-Jan-2024
Fundamentals of .NET Decompilation With dnSpyhttps://infosecwriteups.com/fundamentals-of-net-decompilation-with-dnspy-e7456707b1d2?source=rss------bug_bounty-5Jowardpentesting, hacking, bug-bounty, dotnet29-Jan-2024
How to Earn Bug Bounty as a Professional Bug hunterhttps://rajput623929.medium.com/how-to-earn-bug-bounty-as-a-professional-bug-hunter-ef7de858f94b?source=rss------bug_bounty-5Mr.Horbiobug-bounty, bugs, earn-money-online, ethical-hacking, cybersecurity29-Jan-2024
Port Scanning: Pengertian, Teknik, Dan Pencegahannyahttps://medium.com/@talaskosec/port-scanning-pengertian-teknik-dan-pencegahannya-38dece0adf2e?source=rss------bug_bounty-5TalaskoSecbug-bounty-indonesia, coding, cyber-security-indonesia, cybersecurity, bug-bounty29-Jan-2024
XML External Entity injection with error-based data exfiltrationhttps://infosecwriteups.com/xml-external-entity-injection-with-error-based-data-exfiltration-985b063ec820?source=rss------bug_bounty-5Serj Novoselovpenetration-testing, hacking, bug-bounty, xml, writeup29-Jan-2024
OWASP Top 10 API Security Risks — 2023https://medium.com/@aayushdhakal005/owasp-top-10-api-security-risks-2023-0e1cd92214cf?source=rss------bug_bounty-5Creepydoomerbug-bounty, cybersecurity, owasp, api29-Jan-2024
Kenalan Sama Bug Bountyhttps://medium.com/@artiacode/kenalan-sama-bug-bounty-a9d72927a349?source=rss------bug_bounty-5ArtiaCodebug-bounty, cybersecurity, bug-bounty-tips, cyber-security-awareness, ethical-hacking29-Jan-2024
CheckList for Bug Bounty Huntinghttps://medium.com/@kalidaskamaraj/checklist-for-bug-bounty-hunting-ffcaf4841242?source=rss------bug_bounty-5Kalidaskamarajbug-bounty, cybersecurity, ethical-hacking, penetration-testing, web-application-testing29-Jan-2024
Meteor Subdomain Takeoverhttps://medium.com/@youngvanda/meteor-subdomain-takeover-b33034a44aa7?source=rss------bug_bounty-5YoungVandacybersecurity, technology, bug-bounty, javascript, programming29-Jan-2024
CVE-2024–0519: Chrome’s Gateway to Memory Accesshttps://medium.com/@elniak/cve-2024-0519-chromes-gateway-to-memory-access-8cfd6cbbd168?source=rss------bug_bounty-5ElNiakgoogle, cybersecurity, penetration-testing, bug-bounty, threat-intelligence29-Jan-2024
OWASP Top 10 API Security Risks — 2023https://medium.com/@aayushdhakal005/owasp-top-10-api-security-risks-2023-0e1cd92214cf?source=rss------bug_bounty-5Creepyshitbug-bounty, cybersecurity, owasp, api29-Jan-2024
Discord’s preview bot redirection vulnerabilityhttps://medium.com/@lenoctambule/discords-preview-bot-redirection-vulnerability-c8b08fe3721b?source=rss------bug_bounty-5Le Noctambulebug-bounty, bugs, software-development, cybersecurity29-Jan-2024
Simple Tips for Bug Bounty Beginners: Finding OTP Bypass Bughttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-otp-bypass-bug-22323a8ff49b?source=rss------bug_bounty-5Anish Narayanbug-bounty, cybersecurity, bug-bounty-tips, technology, programming29-Jan-2024
Huge Bug Bounty Resourcehttps://medium.com/@joshdesharnais1/huge-bug-bounty-resource-d25ee48d81cc?source=rss------bug_bounty-5Joshua Desharnaishacking, bug-bounty, bugs, bug-bounty-tips29-Jan-2024
Techniques in Exploiting Business Logic Vulnerabilities for Bug Bounty | 2024https://cyberw1ng.medium.com/techniques-in-exploiting-business-logic-vulnerabilities-for-bug-bounty-2024-93293353e99f?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, security29-Jan-2024
Automation Hacks: Unearthing a Critical RCE the Easy Wayhttps://asbawy.medium.com/automation-hacks-unearthing-a-critical-rce-the-easy-way-ad64f01a06a3?source=rss------bug_bounty-5Asbawybug-bounty-tips, hacking, bug-bounty, cybersecurity, automation-testing29-Jan-2024
Reflected XSS in canonical link taghttps://medium.com/@marduk.i.am/reflected-xss-in-canonical-link-tag-64c9719fc6ad?source=rss------bug_bounty-5Marduk I Amreflected-xss, cybersecurity, portswigger-lab, bug-bounty, cross-site-scripting29-Jan-2024
Bug Zero at a Glance [01–15 January]https://blog.bugzero.io/bug-zero-at-a-glance-01-15-january-70f2e0b58c59?source=rss------bug_bounty-5Januka Dharmapriyasri-lanka, newsletter, bug-zero, bug-bounty, cybersecurity28-Jan-2024
How I Learned To Exploit Buffer Overflows: An Introduction to Stack-Based Buffer Overflowshttps://medium.com/@shcyber/how-i-learned-to-exploit-buffer-overflows-an-introduction-to-stack-based-buffer-overflows-5b27e339a1a6?source=rss------bug_bounty-5SHCybercybersecurity, buffer-overflow-attack, bug-bounty, binary-exploitation, buffer-overflow28-Jan-2024
Explorasi Platform Bug Bounty untuk Cyber Security Enthusiastshttps://medium.com/@faisalhanafi112/explorasi-platform-bug-bounty-untuk-cyber-security-enthusiasts-5d3bde391f69?source=rss------bug_bounty-5Faisal Hanafired-team, linuxhacking, pentesting, bug-bounty, cybersecurity28-Jan-2024
Useful HTTP method every bug hunter must knowhttps://medium.com/@aayushdhakal005/useful-http-method-every-bug-hunter-must-know-02f57f59812a?source=rss------bug_bounty-5Creepydoomercybersecurity, web, https, bug-bounty28-Jan-2024
Thorough Review Bug Bounty Hunter Certification [CBBH]https://medium.com/@ozomarzu/thorough-review-bug-bounty-hunter-certification-cbbh-f39765da27bc?source=rss------bug_bounty-5CyberOzpentesting, hackthebox, bug-bounty-hunter, bug-bounty, web-vulnerabilities28-Jan-2024
I will be giving away my book for free!https://medium.com/@deadoverflow/i-will-be-giving-away-my-book-for-free-924191fdea84?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, hacking, cybersecurity, bug-hunting, bug-bounty28-Jan-2024
Get IDOR In No Permission To Access Page — Bug Bounty Tuesdayhttps://medium.com/@kerstan/get-idor-in-no-permission-to-access-page-bug-bounty-tuesday-a04fbb7e7821?source=rss------bug_bounty-5kerstancybersecurity, technology, hacking, security, bug-bounty28-Jan-2024
Reflected XSS with some SVG markup allowedhttps://medium.com/@marduk.i.am/reflected-xss-with-some-svg-markup-allowed-10d198692208?source=rss------bug_bounty-5Marduk I Amreflected-xss, cross-site-scripting, portswigger-lab, cybersecurity, bug-bounty28-Jan-2024
Roadmap Belajar SOC Analyst Dan Toolsnyahttps://medium.com/@yasminramadini/roadmap-belajar-soc-analyst-dan-toolsnya-5ce314f0b0ff?source=rss------bug_bounty-5Yeaszecbug-bounty, ethical-hacking, programmer, blue-team, cybersecurity28-Jan-2024
CVE-2023–45866: 0-Click Bluetooth vulnerabilityhttps://medium.com/@elniak/understanding-and-mitigating-cve-2023-45866-0-click-vulnerability-2576ec17c38f?source=rss------bug_bounty-5ElNiakbluetooth, cybersecurity, bug-bounty, penetration-testing, threat-intelligence28-Jan-2024
MIME Sniffing Explained: How Browsers Can Misinterpret Content Typeshttps://medium.com/@ab3lsec/mime-sniffing-explained-how-browsers-can-misinterpret-content-types-68c22d300345?source=rss------bug_bounty-5Abel Vsniffing, web-browser, cybersecurity, web-application-security, bug-bounty28-Jan-2024
Hunting for Vulnerabilities that are ignored by most of the Bug Bounty Hunters — Part 1https://medium.com/@vflexo/hunting-for-vulnerabilities-that-are-ignored-by-most-of-the-bug-bounty-hunters-part-1-187b35508e56?source=rss------bug_bounty-5vFlexoethical-hacking, bug-bounty, penetration-testing, vapt, information-security28-Jan-2024
How do you actually find bugs? (Part 2)https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-part-2-5d6930edeee7?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, bug-hunting, bug-bounty, hacking, cybersecurity28-Jan-2024
Clicker — HackTheBox Machine Simple Writeup by Karthikeyan Nagaraj | 2024https://infosecwriteups.com/clicker-hackthebox-machine-simple-writeup-by-karthikeyan-nagaraj-2024-313b383236bd?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, hackthebox-writeup, hackthebox28-Jan-2024
How do you actually find bugs? (My 2 years experience) | Part 2https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-part-2-5d6930edeee7?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, bug-hunting, bug-bounty, hacking, cybersecurity28-Jan-2024
This is the easiest bug you can find.https://medium.com/@deadoverflow/this-is-the-easiest-bug-you-can-find-90573d0053e1?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, cybersecurity, programming, bug-bounty, hacking28-Jan-2024
How to Get CVEs Online (Fast)https://fh4ntke.medium.com/how-to-get-cves-online-fast-c0d6d897c04d?source=rss------bug_bounty-5FHantkebug-bounty, information-technology, web-development, cybersecurity, hacking28-Jan-2024
XSS is hard to find… or is it? (How to you find bugs)https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-part-2-5d6930edeee7?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, bug-hunting, bug-bounty, hacking, cybersecurity28-Jan-2024
ARPA Monthly Report | December Progress Reviewhttps://arpa.medium.com/arpa-monthly-report-december-progress-review-d49a5a44b79c?source=rss------bug_bounty-5ARPA Officialstaking, cryptography, arpa, bug-bounty, rng27-Jan-2024
5.8 Lab: Insufficient workflow validation | 2024https://cyberw1ng.medium.com/5-8-lab-insufficient-workflow-validation-2024-ce57b036d908?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, cybersecurity, bug-bounty, hacking, careers27-Jan-2024
Essential Encoding Schemes for Bug Bounty Huntershttps://medium.com/@aayushdhakal005/essential-encoding-schemes-for-bug-bounty-hunters-2cccd3dcb124?source=rss------bug_bounty-5Creepydoomerbug-bounty, cybersecurity, ethical-hacking, security, encoding27-Jan-2024
Your Life in the Crosshairs of Cybersecurity Threats!https://medium.com/@paritoshblogs/your-life-in-the-crosshairs-of-cybersecurity-threats-526f4a122e14?source=rss------bug_bounty-5Paritoshsecurity, cybersecurity, programming, bug-bounty, information-security27-Jan-2024
500$: MFA bypass By Race Conditionhttps://medium.com/@a13h1/500-mfa-bypass-by-race-condition-176421462902?source=rss------bug_bounty-5Abhi Sharmarace-condition, bug-bounty, programming, 2fa, cybersecurity27-Jan-2024
Як працює програма винагороди за виправлення помилок від Aleo?https://medium.com/@prekrasnazasmin/%D1%8F%D0%BA-%D0%BF%D1%80%D0%B0%D1%86%D1%8E%D1%94-%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%B0-%D0%B2%D0%B8%D0%BD%D0%B0%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B8-%D0%B7%D0%B0-%D0%B2%D0%B8%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%BD%D1%8F-%D0%BF%D0%BE%D0%BC%D0%B8%D0%BB%D0%BE%D0%BA-%D0%B2%D1%96%D0%B4-aleo-edafe6e7dce0?source=rss------bug_bounty-5Marlin_2_2_0aleo, bug-bounty27-Jan-2024
Schneier’s Law In Bug Bountyhttps://wallotry.medium.com/schneiers-law-in-bug-bounty-df04bebfdf2f?source=rss------bug_bounty-5Wallotrybug-bounty-hunting, bug-bounty-tips, bug-bounty27-Jan-2024
SIEM Home Lab: Detecting Web Attackhttps://medium.com/@yasminramadini/siem-home-lab-detecting-web-attack-b08c0d575498?source=rss------bug_bounty-5Yeaszecsoc-analyst, pentester, cybersecurity, bug-bounty, ethical-hacking26-Jan-2024
Detecting Server-Side Technologies for Bug Hunting:https://medium.com/@aayushdhakal005/detecting-server-side-technologies-for-bug-hunting-9f894bd87da2?source=rss------bug_bounty-5Creepydoomerphp, python, servers, bug-bounty, microsoft26-Jan-2024
Evolution of Critical Log Sources in SIEM: A 5-Year Retrospectivehttps://infosecwriteups.com/evolution-of-critical-log-sources-in-siem-a-5-year-retrospective-841bae2b6a6c?source=rss------bug_bounty-5Paritoshsecurity, cybersecurity, siem, hacking, bug-bounty26-Jan-2024
Zero Click Account Takeoverhttps://medium.com/@bhavin87859/zero-click-account-takeover-404bb73121c9?source=rss------bug_bounty-5Sunny Sharmabug-bounty-writeup, bug-bounty26-Jan-2024
Bug Bounty For Beginners 2024 Part (3).https://medium.com/@lukwagoasuman236/bug-bounty-for-beginners-2024-part-3-3f8a70f8652e?source=rss------bug_bounty-5Asuman Lukwagobug-bounty-tips, vulnerability-assessment, bug-bounty, cybersecurity, beginners-guide26-Jan-2024
Unveiling the Odyssey: A Riveting Tale of PII Disclosure Vulnerability Discoveryhttps://medium.com/@mrraghavop12/unveiling-the-odyssey-a-riveting-tale-of-pii-disclosure-vulnerability-discovery-615f04432654?source=rss------bug_bounty-5Ethical Raghavblockchain, data-science, cybersecurity, technology, bug-bounty26-Jan-2024
Reflected XSS into HTML context with all tags blocked except custom oneshttps://medium.com/@marduk.i.am/reflected-xss-into-html-context-with-all-tags-blocked-except-custom-ones-7eec0b6b146f?source=rss------bug_bounty-5Marduk I Ambug-bounty, cross-site-scripting, cybersecurity, portswigger-lab, dom-xss26-Jan-2024
Strategies for Success in Audit Contests and Bug Bounty Huntinghttps://medium.com/@JohnnyTime/strategies-for-success-in-audit-contests-and-bug-bounty-hunting-082cef9b4021?source=rss------bug_bounty-5Johnny Timesmart-contract-auditing, audit-contest, bug-bounty, code4rena, bug-bounty-tips26-Jan-2024
Ensuro Partners with Immunefi to Launch Bug Bounty Programhttps://medium.com/@zorely/ensuro-partners-with-immunefi-to-launch-bug-bounty-program-e63368cdc0b0?source=rss------bug_bounty-5Ensuro ZEbug-bounty26-Jan-2024
How I Discovered a Sneaky Account Takeover Vulnerabilityhttps://sumedhgharpande.medium.com/how-i-discovered-a-sneaky-account-takeover-vulnerability-530c3a080a20?source=rss------bug_bounty-5Sumedh Gharpandebug-bounty, ethical-hacking, cyber-security-awareness, hacking, broken-access-control26-Jan-2024
General Questions Asked in Telephonic Interview (Q&A)for Cybersecurity Role-My Personal Experience…https://medium.com/@Ajakcybersecurity/general-questions-asked-in-telephonic-interview-q-a-for-cybersecurity-role-my-personal-experience-ae6298e5b8f0?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, interview, cybersecurity, jobs26-Jan-2024
5.7 Lab: Weak isolation on dual-use endpoint | 2024https://cyberw1ng.medium.com/5-7-lab-weak-isolation-on-dual-use-endpoint-2024-cd80519184b4?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, security, bug-bounty, careers26-Jan-2024
Bug Bounty 101: Unveiling the Crucial Role in Cybersecurity for Beginnershttps://systemweakness.com/bug-bounty-101-unveiling-the-crucial-role-in-cybersecurity-for-beginners-0d8611e6f315?source=rss------bug_bounty-5Fahri Yeşilcyber-threat-intelligence, bug-bounty, ethical-hacking, cybersecurity, vulnerability-research26-Jan-2024
Web Cache Poisoning: WWWWWH?https://medium.com/@rcxsecurity/web-cache-poisoning-wwwwwh-ee2b47d6bacc?source=rss------bug_bounty-5RCXSecuritycybersecurity, pentesting, bug-bounty-tips, penetration-testing, bug-bounty26-Jan-2024
How to get your email from different bug bounty platform to start hacking :https://medium.com/@aayushdhakal005/how-to-get-your-email-from-different-bug-bounty-platform-to-start-hacking-ce01dd45f7ca?source=rss------bug_bounty-5Creepydoomercybersecurity, bug-bounty, ethical-hacking, hackerone, hacker25-Jan-2024
Tool: SCRIPTKIDDI3: A Comprehensive Guide to Efficient Bug Bounty Reconnaissancehttps://nixiebytes.medium.com/tool-scriptkiddi3-a-comprehensive-guide-to-efficient-bug-bounty-reconnaissance-dc91c3517a5e?source=rss------bug_bounty-5Nixie_Bytes Security Teambug-bounty, hacking-tools, tools, cybersecurity, hacking25-Jan-2024
A Comprehensive Guide to Bug Bounty Hunting Masteryhttps://medium.com/@mrraghavop12/a-comprehensive-guide-to-bug-bounty-hunting-mastery-706934490626?source=rss------bug_bounty-5Ethical Raghavbug-bounty, cybersecurity, artificial-intelligence, blockchain, data-science25-Jan-2024
eJPT all you need to knowhttps://medium.com/@boogsta/ejpt-all-you-need-to-know-7c62fef04cf3?source=rss------bug_bounty-5Boogstacyber, bug-bounty, bug-bounty-tips, hacking, cybersecurity25-Jan-2024
5.6 Lab: Inconsistent handling of exceptional input | 2024https://cyberw1ng.medium.com/5-6-lab-inconsistent-handling-of-exceptional-input-2024-d02e2bb522f4?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, security, bug-bounty, cybersecurity25-Jan-2024
OWASP TOP 10 2021:https://medium.com/@aayushdhakal005/owasp-top-10-2021-cfb610db7dd4?source=rss------bug_bounty-5Creepydoomercybersecurity, ethical-hacking, bug-bounty, sql-injection, owasp24-Jan-2024
Git Directory Exposed Leads to Credentials Disclosurehttps://medium.com/@blackarazi/git-directory-exposed-leads-to-credentials-disclosure-1d1737638279?source=rss------bug_bounty-5Azhari Harahapbug-bounty-writeup, supply-chain-security, bug-bounty, application-security, git-exposed24-Jan-2024
Avedia Player r9300 Vulnerabilitieshttps://medium.com/@x41x41x41/avedia-player-r9300-vulnerabilities-1c71b4d8efa0?source=rss------bug_bounty-5John Mweb-development, cve, bug-bounty, hacking, exploit24-Jan-2024
5.5 Low-level logic flaw in Business logic vulnerabilities | 2024https://cyberw1ng.medium.com/5-5-low-level-logic-flaw-in-business-logic-vulnerabilities-2024-cf9a90e2e762?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, security24-Jan-2024
The Immunefi bug bounty campaign is livehttps://dexenetwork.medium.com/the-immunefi-bug-bounty-campaign-is-live-5782b93f823e?source=rss------bug_bounty-5DeXe Protocoldao, dexe, defi, bug-bounty24-Jan-2024
The art of learning bug bounty.https://medium.com/@siratsami71/the-art-of-learning-bug-bounty-9c2a48aee53b?source=rss------bug_bounty-5Sirat Sami (analyz3r)bugbounty-writeup, bug-bounty24-Jan-2024
IDOR Allowing to Place Other Students in Exam Sessionshttps://medium.com/@mr_payload_injector/idor-allowing-to-place-other-students-in-exam-sessions-1bbefd14ac8d?source=rss------bug_bounty-5Mr_Payload_Injectorbug-bounty, cybersecurity, idor, bug-bounty-writeup, ethical-hacking24-Jan-2024
Response Manipulation Lead To Premium Feature By Normal User Reward of $500https://medium.com/@zikola1/response-manipulation-lead-to-premium-feature-by-normal-user-reward-of-500-43381f769ab1?source=rss------bug_bounty-5Abdulrahman badawiweb-application-security, bug-bounty-tips, penetration-testing, bug-bounty, bug-bounty-writeup24-Jan-2024
OWASP TOP 10 2017:https://medium.com/@aayushdhakal005/owasp-top-10-2017-9daabe8c44bf?source=rss------bug_bounty-5Aayushdhakalbug-bounty, ethical-hacking, sql, owasp, cybersecurity23-Jan-2024
Get IDOR In No Permission To Access Page— Bug Bounty Tuesdayhttps://medium.com/@kerstan/get-idor-in-no-permission-to-access-page-bug-bounty-tuesday-68aa82402171?source=rss------bug_bounty-5kerstanhacking, cybersecurity, technology, bug-bounty, security23-Jan-2024
Dosya yükleme ile XSShttps://enesozlekk.medium.com/dosya-y%C3%BCkleme-ile-xss-8f2dd8d093c4?source=rss------bug_bounty-5Enes Özlekbug-bounty23-Jan-2024
How to Exploit Business Logic Vulnerabilities for Bug Bounty | 2024https://cyberw1ng.medium.com/how-to-exploit-business-logic-vulnerabilities-for-bug-bounty-2024-5c9f14420d50?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, security, cybersecurity, bug-bounty23-Jan-2024
SQL Injection on PostgreSQLhttps://medium.com/@yagizkocer/sql-injection-on-postgresql-8c8f823e44aa?source=rss------bug_bounty-5Yağız Koçersql-injection, penetration-testing, bug-bounty, hacking, cybersecurity23-Jan-2024
Leaked SQL error leading to XSS, and another BSQLi...https://medium.com/@zatikyan.sevada/leaked-sql-error-leading-to-xss-and-another-bsqli-cdadde032687?source=rss------bug_bounty-5Zatikyan Sevadabug-bounty, sql-injection, sql, xss-attack, cybersecurity22-Jan-2024
Hacking behind the WAFhttps://noorhomaid.medium.com/hacking-behind-the-waf-60c6c1a48411?source=rss------bug_bounty-5NoorHomaidinfosec, bug-bounty-tips, penetration-testing, bug-bounty, cybersecurity22-Jan-2024
Better understanding of User-Directed Spidering vs Automated Spideringhttps://medium.com/@aayushdhakal005/better-understanding-of-user-directed-spidering-vs-automated-spidering-a18342c42a25?source=rss------bug_bounty-5Aayushdhakalhacking, penetration-testing, spidering, web, bug-bounty22-Jan-2024
How to find unprotected databases with Netlas.io: Chapter 2https://netlas.medium.com/how-to-find-unprotected-databases-with-netlas-io-chapter-2-ba71b07c9630?source=rss------bug_bounty-5Netlas.iocybersecurity, information-security, bug-bounty, penetration-testing, osint22-Jan-2024
This Tool Helps Me To Find The Origin IP Addresshttps://medium.com/@Ajakcybersecurity/this-tool-helps-me-to-find-the-origin-ip-address-75b1444da57e?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, bug-bounty, hacking, cybersecurity, ethical-hacking22-Jan-2024
Is It Worth Quitting 9–5 Job For a Full-Time Bug Bounty In 2024?https://medium.com/@Ajakcybersecurity/is-it-worth-quitting-9-5-job-for-a-full-time-bug-bounty-in-2024-a408389d914e?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, medium, bug-bounty, jobs, penetration-testing22-Jan-2024
4.5 Lab: Blind OS command injection with out-of-band data exfiltration | 2024https://cyberw1ng.medium.com/4-5-lab-blind-os-command-injection-with-out-of-band-data-exfiltration-2024-7bb26c2473e7?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, security, hacking, cybersecurity22-Jan-2024
Bug Bounty For Beginners 2024.https://medium.com/@lukwagoasuman236/bug-bounty-for-beginners-2024-df4a38ed3ad2?source=rss------bug_bounty-5Asuman Lukwagoplanning, finance, cybersecurity, bug-bounty, info22-Jan-2024
Reflected XSS into HTML context with most tags and attributes blockedhttps://medium.com/@marduk.i.am/reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-4266c6c473ad?source=rss------bug_bounty-5Marduk I Ambug-bounty, portswigger-lab, cybersecurity, cross-site-scripting, dom-xss22-Jan-2024
How do you actually find bugs? (My 2 year experience)https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-my-2-year-experience-2d77d78994a0?source=rss------bug_bounty-5Imad Husanovicbug-bounty, hacking, programming, cybersecurity, bug-bounty-tips22-Jan-2024
HackTheBox Saturn: Explaining SSRFhttps://medium.com/@leomsec/hackthebox-saturn-explaining-ssrf-072234ab5ce3?source=rss------bug_bounty-5Leonardobug-bounty, hacker, pentesting, ctf, hackthebox22-Jan-2024
How I Discovered a Critical Vulnerability in a Leading UK Retail Giant’s Systemhttps://medium.com/@cathreat/how-i-discovered-a-critical-vulnerability-in-a-leading-uk-retail-giants-system-bc4211c159a7?source=rss------bug_bounty-5cathreatunited-kingdom, pentesting, bug-bounty, hacking, ssrf22-Jan-2024
Unveiling the Digital Tapestry: A Penetration Tester's Odyssey into the Heart of Cyber…https://medium.com/@mrraghavop12/title-unveiling-the-digital-tapestry-a-penetration-testers-odyssey-into-the-heart-of-cyber-2ac009e54e2f?source=rss------bug_bounty-5Ethical Raghavbug-bounty, cybersecurity, web-development, technology, artificial-intelligence21-Jan-2024
Gelios Testnet Bug Bounty Program: Earn Up to $5,000https://geliosofficial.medium.com/gelios-testnet-bug-bounty-program-earn-up-to-5-000-10e2d78124f8?source=rss------bug_bounty-5Geliosbitcoin-l2, gelios, blockchain, crypto, bug-bounty21-Jan-2024
Bug bounty platforms for 2024https://medium.com/@notahades/bug-bounty-platforms-for-2024-ab289e5c74a9?source=rss------bug_bounty-5Not_A_Hadesbug-bounty, cybersecurity, hacking, security21-Jan-2024
4.4 Lab: Blind OS command injection with out-of-band interaction | 2024https://cyberw1ng.medium.com/4-4-lab-blind-os-command-injection-with-out-of-band-interaction-2024-f9d0e7a1c7ac?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, hacking, cybersecurity, careers, bug-bounty21-Jan-2024
Making My First 10K by Hacking Open Source Targetshttps://infosecwriteups.com/making-my-first-10k-by-hacking-open-source-targets-14ee1e9eeb70?source=rss------bug_bounty-5SynapticSpacebug-bounty, foss, cybersecurity, hacking21-Jan-2024
Path traversalhttps://medium.com/@codersqs/path-traversal-78cce0994e2d?source=rss------bug_bounty-5Codersqsethical-hacking, server-side-rendering, bug-bounty, ssrf-bug, directory-traversal21-Jan-2024
Exploiting SSRF in PDF HTML Injection: Basic and Blindhttps://medium.com/@jbince/exploiting-ssrf-in-pdf-html-injection-basic-and-blind-047fec5317ae?source=rss------bug_bounty-5Jowardbug-bounty, ssrf, hacking, web-app-security, pentesting21-Jan-2024
Exploiting SSRF in PDF HTML Injection: Basic and Blindhttps://infosecwriteups.com/exploiting-ssrf-in-pdf-html-injection-basic-and-blind-047fec5317ae?source=rss------bug_bounty-5Jowardbug-bounty, ssrf, hacking, web-app-security, pentesting21-Jan-2024
China Implements Stringent Cybersecurity Regulations: Makers Urged to Swiftly Report…https://jareddouville.medium.com/china-implements-stringent-cybersecurity-regulations-makers-urged-to-swiftly-report-673f99696750?source=rss------bug_bounty-5Jared Douvillechina-hackers, cyber-security-awareness, bug-bounty, zero-day, china20-Jan-2024
How I Bypassed CSRF Token — 2 Wayshttps://medium.com/mii-cybersec/how-i-bypassed-csrf-token-2-ways-b87ac04969a8?source=rss------bug_bounty-5Bryan Matthewcsrf-bypass, red-team, bug-bounty, penetration-testing, csrf20-Jan-2024
Stored DOM XSShttps://medium.com/@marduk.i.am/stored-dom-xss-c7c9c972d086?source=rss------bug_bounty-5Marduk I Amportswigger-lab, dom-xss, bug-bounty, cybersecurity, cross-site-scripting20-Jan-2024
The art of account takeoverhttps://medium.com/@iknowhatodo/the-art-of-account-takeover-ec5f9a29c436?source=rss------bug_bounty-5Hossam Ahmedaccount-takeover, information-security, bug-bounty20-Jan-2024
Securing AWS: Understanding EC2 IMDS Vulnerabilities and Learning from the Capital One Breachhttps://kishoreramk.medium.com/securing-aws-understanding-ec2-imds-vulnerabilities-and-learning-from-the-capital-one-breach-6f753e06cd66?source=rss------bug_bounty-5KISHORERAMaws-ec2, aws-s3, cybersecurity, aws, bug-bounty20-Jan-2024
Login DoS — That requires simply sending a lot of specially crafted requestshttps://infosecwriteups.com/login-dos-that-requires-simply-sending-a-lot-of-specially-crafted-requests-2ca927c628dd?source=rss------bug_bounty-5Shriyans Sudhibug-bounty, hackerone, penetration-testing, cybersecurity, web-hacking20-Jan-2024
921$ Privilege Escalation: Unauthorized User Addition to Shared APP Connectionshttps://infosecwriteups.com/921-privilege-escalation-unauthorized-user-addition-to-shared-app-connections-0780134d6cf1?source=rss------bug_bounty-5Abhi Sharmaprivilege-escalation, hacking, cybersecurity, programming, bug-bounty20-Jan-2024
4.3 Lab: Blind OS command injection with output redirection | 2024https://cyberw1ng.medium.com/4-3-lab-blind-os-command-injection-with-output-redirection-2024-d92f52f139b4?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, bug-bounty, cybersecurity, security20-Jan-2024
Boosting Your Income: My Journey with Side Hustles in Cybersecurityhttps://medium.com/@himanshu_mahajan/boosting-your-income-my-journey-with-side-hustles-in-cybersecurity-8cc088c92469?source=rss------bug_bounty-5Himanshu Mahajanside-hustle, security, technology, bug-bounty, cybersecurity20-Jan-2024
How To Hide Any Payload: Day 3/100 Of Gaining Hacking Knowledgehttps://medium.com/@ssg30devil/how-to-hide-any-payload-day-3-100-of-gaining-hacking-knowledge-002c4adb328b?source=rss------bug_bounty-5rootzsbug-bounty-tool, bug-bounty, bug-bounty-tips, hacking19-Jan-2024
Dangling CNAME/Orphaned CNAME leads P2 on Google VRPhttps://medium.com/@jerryhackgather/dangling-cname-orphaned-cname-leads-p2-on-google-vrp-fca8964d983c?source=rss------bug_bounty-5Jerry1319bug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity19-Jan-2024
Penetration Testing Techniqueshttps://anticitizenone.medium.com/penetration-testing-techniques-5eaf254fc5e6?source=rss------bug_bounty-5Rodolfo Santos Flaboreablue-team, purple-team, red-team, pentesting, bug-bounty19-Jan-2024
Best Recon Website For BugBounty in 2024, I came across! Completely Free 🙂https://medium.com/@Ajakcybersecurity/best-recon-website-for-bugbounty-in-2024-i-came-across-completely-free-303d67187400?source=rss------bug_bounty-5AjakCybersecurityblogging, cybersecurity, penetration-testing, ethical-hacking, bug-bounty19-Jan-2024
Authentication Bypass | Part 05 | What To Do After Choosing a Targethttps://medium.com/@omarora1603/authentication-bypass-part-05-what-to-do-after-choosing-a-target-31eddc38029c?source=rss------bug_bounty-5Om Arorahacking, cybersecurity, bug-bounty, technology, infosec19-Jan-2024
4.2 Lab: Lab: Blind OS command injection with time delays | 2024https://cyberw1ng.medium.com/4-2-lab-lab-blind-os-command-injection-with-time-delays-2024-042ad98c27e6?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, careers, bug-bounty, security19-Jan-2024
IDOR To Massive Government Data Leakhttps://bishal0x01.medium.com/idor-to-massive-government-data-leak-e8ad510d7e5?source=rss------bug_bounty-5Bishal Shresthabug-bounty, information-security, writeup, data-leak19-Jan-2024
Authentication Bypass | Part 05 | What To Do After Choosing a Targethttps://infosecwriteups.com/authentication-bypass-part-05-what-to-do-after-choosing-a-target-31eddc38029c?source=rss------bug_bounty-5Om Arorahacking, cybersecurity, bug-bounty, technology, infosec19-Jan-2024
IDOR Vulnerability Allowing Unauthorized Access to Colleagues’ Bachelor Theseshttps://medium.com/@mr_payload_injector/idor-vulnerability-allowing-unauthorized-access-to-colleagues-bachelor-theses-8c76c4ec4480?source=rss------bug_bounty-5Mr_Payload_Injectorcybersecurity, ethical-hacking, bug-bounty-writeup, bug-bounty, bug-bounty-tips19-Jan-2024
#ERROR!https://medium.com/@Xt3sY/500-internal-server-bypass-everything-will-be-200-okay-bcd149397736?source=rss------bug_bounty-5Pushkar Bhagathackerone, hacking, bugcrowd, exploitation, bug-bounty19-Jan-2024
How I Bypassed CSRF Token — 2Wayshttps://medium.com/@bmatth21/how-i-bypassed-csrf-token-2ways-5662b4191188?source=rss------bug_bounty-5Bryan Matthewpenetration-testing, csrf-protection, csrf, bug-bounty, csrf-token19-Jan-2024
Roadmap to Cybersecurity Mastery: A Guide for Aspiring IT Professionalshttps://ikhaleelkhan.medium.com/roadmap-to-cybersecurity-mastery-a-guide-for-aspiring-it-professionals-b2f2e6cc9641?source=rss------bug_bounty-5Khaleel Khanhacking, infosec, cybersecurity, ethical-hacking, bug-bounty18-Jan-2024
AWS/S3 Subdomain Takeoverhttps://medium.com/@scottlindh/aws-s3-subdomain-takeover-79d705cc3553?source=rss------bug_bounty-5Scott Lindhpentesting, hacking, hacking-tools, bug-bounty, bug-bounty-tips18-Jan-2024
Exploiting vulnerabilities in LLM APIs [OS injection]https://medium.com/@s_novoselov/exploiting-vulnerabilities-in-llm-apis-os-injection-b7d31c803d1d?source=rss------bug_bounty-5Serj Novoselovllm, penetration-testing, bug-bounty, ai, hacking18-Jan-2024
Brutal Bug Bounty methodologyhttps://medium.com/@pentajbr/brutal-bug-bounty-methodology-f872d0c1b8da?source=rss------bug_bounty-5Major Jbrbug-bounty-tips, bug-bounty18-Jan-2024
Secret Input Header leads to Password Reset Poisoninghttps://medium.com/@mares.viktor/secret-input-header-leads-to-password-reset-poisoning-ad3081fd8488?source=rss------bug_bounty-5Viktor Maresbug-bounty, penetration-testing, hacking, web-development, cybersecurity18-Jan-2024
Business Logic: Bypass 2FA to ATOhttps://giongfnef.medium.com/business-logic-bypass-2fa-to-ato-e0dc7131b10e?source=rss------bug_bounty-5Giongnefsecurity, bug-bounty, cybersecurity, information-security, pentesting18-Jan-2024
Finding Secret Key Inside React Native Appshttps://aminudin.medium.com/finding-secret-key-inside-react-native-apps-9eb6beac02f8?source=rss------bug_bounty-5Aminudinbug-bounty, bugs, bug-bounty-tips18-Jan-2024
Blind OS command injection vulnerabilities in Portswigger | 2024https://cyberw1ng.medium.com/blind-os-command-injection-vulnerabilities-in-portswigger-2024-cdc10f62d0be?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, careers, hacking, bug-bounty18-Jan-2024
Master Bug Bounty Hunting Coursehttps://medium.com/@teamhydrashop/master-bug-bounty-hunting-course-ea3615f1160b?source=rss------bug_bounty-5Team Hydra Shoptool-hack-xổ-số, bug-fixes, bug-bounty, penetration-testing, hacking-tools18-Jan-2024
What is Cyberkill Chain (My first Interview Question of my carrier)https://akash-venky091.medium.com/what-is-cyberkill-chain-my-first-interview-question-of-my-carrier-e1cc6351a24b?source=rss------bug_bounty-5Akash Venkysecurity, bug-bounty, cybersecurity, information-technology, pentesting18-Jan-2024
How I Automatically Generate XSS Payload & Automate Reflected XSShttps://medium.com/@Ajakcybersecurity/how-i-automatically-generate-xss-payload-automate-reflected-xss-91f4a232cd78?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, ethical-hacking, xss-attack, bug-bounty, penetration-testing18-Jan-2024
Is PNPT Certification Worth It for a Cybersecurity Job? Exploring PNPT!https://medium.com/@Ajakcybersecurity/is-pnpt-certification-worth-it-for-a-cybersecurity-job-exploring-pnpt-8fa13a194fe4?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, hacking, certification, cybersecurity18-Jan-2024
A Best $5 Spent in My Entire Cybersecurity Journeyhttps://medium.com/@Ajakcybersecurity/a-best-5-spent-in-my-entire-cybersecurity-journey-baf09ae710d0?source=rss------bug_bounty-5AjakCybersecurityhacking, tryhackme, bug-bounty, cybersecurity, ethical-hacking18-Jan-2024
CSRF vulnerabilityhttps://medium.com/@os1764934/csrf-vulnerability-ebfbbe6dd81c?source=rss------bug_bounty-5Omar Samybug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips18-Jan-2024
Hydra Tryhackme: Walkthrough/Writeuphttps://proviesec.medium.com/hydra-tryhackme-walkthrough-writeup-784db55ab9a9?source=rss------bug_bounty-5Proviesechydra, tryhackme-walkthrough, cybersecurity, bug-bounty, tryhackme18-Jan-2024
Things should do after sublister(sublist3r)https://medium.com/@canonminibeast/things-should-do-after-sublister-sublist3r-90176a020409?source=rss------bug_bounty-5Canonminibeastbug-bounty, cybersecurity, sublist3r, web-development, web-pen-testing18-Jan-2024
Exploiting LLM APIs with excessive agencyhttps://jareddouville.medium.com/exploiting-llm-apis-with-excessive-agency-979d87a9937e?source=rss------bug_bounty-5Jared Douvilleportswigger-lab, bug-bounty, cyber-security-awareness, hackerone, llm18-Jan-2024
easy bug = big bounty | easy and small bug can give you a big bounty and Reputationhttps://medium.com/@no_oneee/easy-bug-big-bounty-easy-and-small-bug-can-give-you-a-big-bounty-and-reputation-08534a90d2e6?source=rss------bug_bounty-5no|onebug-bounty, hacking, bug-bounty-tips, information-security, bugs18-Jan-2024
Accessing deleted comment for $$: A Bug Bounty Writeuphttps://vijetareigns.medium.com/accessing-deleted-comment-for-a-bug-bounty-writeup-95d56662d209?source=rss------bug_bounty-5the_unlucky_guybug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips, writeup17-Jan-2024
Understanding and Mitigating Authentication Bypass Techniques in Web Applicationshttps://ikhaleelkhan.medium.com/understanding-and-mitigating-authentication-bypass-techniques-in-web-applications-d72795f469be?source=rss------bug_bounty-5Khaleel Khanhacking, bug-bounty, infosec, infosecurity, ethical-hacking17-Jan-2024
Best Hacking OSINT Site list in 2024https://medium.com/@logicTech/best-hacking-osint-site-list-in-2024-768db84c55e3?source=rss------bug_bounty-5LogicTechhacking-tools, bug-bounty, hacking, osint-investigation, journalism17-Jan-2024
Why Web2 Vulnerabilities Need Addressing Before Embracing Web3 — Part 1https://medium.com/@resonance.security/why-web2-vulnerabilities-need-addressing-before-embracing-web3-part-1-e881424e216c?source=rss------bug_bounty-5Resonancebug-bounty, web3, blockchain17-Jan-2024
Phishing using Google Sheets for Red Team Engagementshttps://infosecwriteups.com/phishing-using-google-sheets-for-red-team-engagements-ac79298ddb90?source=rss------bug_bounty-5Supun Halangoda (Suppa)cybersecurity, phishing-attacks, phishing, information-security, bug-bounty17-Jan-2024
Privilege escalation via response manipulationhttps://seek-er.medium.com/privilege-escalation-via-response-manipulation-e2ed5076b023?source=rss------bug_bounty-5Vikybug-bounty-writeup, hacking, web-application-security, bug-bounty, security17-Jan-2024
1 Program, 4 Business Logic Bugs and Cashing in 2300$.https://infosecwriteups.com/1-program-4-business-logic-bugs-and-cashing-in-2300-299b42236993?source=rss------bug_bounty-5Manav Bankatwalabounty-hunter, information-security, bug-bounty, appreciation, cybersecurity17-Jan-2024
3.6 Lab: File path traversal, validation of file extension with null byte bypass | 2024https://cyberw1ng.medium.com/3-6-lab-file-path-traversal-validation-of-file-extension-with-null-byte-bypass-2024-ccf8005b5379?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, careers, bug-bounty, hacking, cybersecurity17-Jan-2024
Shall I Start Bug Bounty Without Cybersecurity Basics in 2024?https://medium.com/@Ajakcybersecurity/shall-i-start-bug-bounty-without-cybersecurity-basics-in-2024-f62fa3ab1991?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, ethical-hacking, cybersecurity, hacking, bug-bounty17-Jan-2024
API_Security RoadMaphttps://akash-venky091.medium.com/api-security-roadmap-edb59a420b04?source=rss------bug_bounty-5Akash Venkycybersecurity, bug-bounty, vulnerability, information-technology, ethical-hacking16-Jan-2024
Extracting iOS IPA files Without Jailbreaking…!https://medium.com/@dhanush1895/extracting-ios-ipa-files-without-jailbreaking-6e7ee8e57ad7?source=rss------bug_bounty-5Daniel1895methodology, ios, bug-bounty-tips, bug-bounty, pentesting16-Jan-2024
Unleashing the Power of AutoRepeater: Automating Blind SQL Injection Detectionhttps://medium.com/@atikqur007/unleashing-the-power-of-autorepeater-automating-blind-sql-injection-detection-1b159ee81158?source=rss------bug_bounty-5Atik Rahmansql-injection, bug-bounty, blind-sql-injection, burpsuite-extension, cybersecurity16-Jan-2024
3.5 Lab: File path traversal, validation of start of path | 2024https://cyberw1ng.medium.com/3-5-lab-file-path-traversal-validation-of-start-of-path-2024-9b2b9b4f15d7?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, cybersecurity, hacking, careers16-Jan-2024
How to Discovered IDOR from a Blank Page — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-to-discovered-idor-from-a-blank-page-bug-bounty-tuesday-5af784533d1a?source=rss------bug_bounty-5kerstantechnology, programming, bug-bounty, cybersecurity16-Jan-2024
GUI Bug Bounty Tool To Find Easy P1s in 2024https://medium.com/@Ajakcybersecurity/gui-bug-bounty-tool-to-find-easy-p1s-in-2024-24d05dceba72?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, ethical-hacking, github, penetration-testing, bug-bounty16-Jan-2024
Secret Bug bounty Extension all Hackers Forget To Add. Part-2 (Not Common!)‍https://medium.com/@Ajakcybersecurity/secret-bug-bounty-extension-all-hackers-forget-to-add-part-2-not-common-e29d857f90e0?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, extension, cybersecurity, hacking, bug-bounty16-Jan-2024
Extensions I Use For My Bug Bounty Hunting in 2024, Part-1. ‍https://medium.com/@Ajakcybersecurity/extensions-i-use-for-my-bug-bounty-hunting-in-2024-part-1-5b8ba7501408?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, blog, hacking, bug-bounty, ethical-hacking16-Jan-2024
A Digital Date with a Hacker: A Café WiFi Adventure!https://medium.com/@Ajakcybersecurity/a-digital-date-with-a-hacker-a-caf%C3%A9-wifi-adventure-db7ae98bbd90?source=rss------bug_bounty-5AjakCybersecuritydigital-forensics, cybersecurity, bug-bounty, hacking, blog16-Jan-2024
What can a Hacker do with your IP Address? Track Your Location?https://medium.com/@Ajakcybersecurity/what-can-a-hacker-do-with-your-ip-address-track-your-location-f7854cd5c32f?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, cybersecurity, blog, digital-forensics, bug-bounty16-Jan-2024
Top 5 Sites to Improve Your Hacking Skill IN 2024https://medium.com/@Ajakcybersecurity/top-5-sites-to-improve-your-hacking-skill-in-2024-b9e786eb7adb?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, blog, cybersecurity, bug-bounty, hacking16-Jan-2024
Day 2/100 Of Gaining Hacking Knowledge — Easily change IP, Mac, DNS, Log killer, and more…….https://medium.com/@ssg30devil/day-2-100-of-gaining-hacking-knowledge-easily-change-ip-mac-dns-log-killer-and-more-7d286c7b7647?source=rss------bug_bounty-5rootzsbug-bounty, ethical-hacking, 100daychallenge, cybersecurity, git-tool16-Jan-2024
Web Security Academy — Business Logic Vulnerabilities Walkthroughhttps://iaraoz.medium.com/web-security-academy-business-logic-vulnerabilities-walkthrough-536f756cda9b?source=rss------bug_bounty-5Israel Aráoz Severichecybersecurity, owasp, vulnerability, appsec, bug-bounty16-Jan-2024
Demystifying Reflected XSS: Understanding and Mitigating This Common Web Security Vulnerabilityhttps://medium.com/@j0hnw1ck/demystifying-reflected-xss-understanding-and-mitigating-this-common-web-security-vulnerability-beaa3bb058c5?source=rss------bug_bounty-5J0hn W1ckbug-bounty, cybersecurity, web-development, pentesting, hacking16-Jan-2024
Bug Zero at a Glance [16–31 December]https://blog.bugzero.io/bug-zero-at-a-glance-16-31-december-d722a2b76ed4?source=rss------bug_bounty-5Januka Dharmapriyanewsletter, bug-bounty, bug-zero, sri-lanka, cybersecurity15-Jan-2024
How Apple Scammed Me Out Of $50,000 in their Bug Bounty Program (Silent Patching & Ignoring Me)https://medium.com/@just4g3nt/how-apple-scammed-me-out-of-50-000-in-their-bug-bounty-program-silent-patching-ignoring-me-18455a47a1f6?source=rss------bug_bounty-5Random Userbug-bounty, infosec, apple, scam, cybersecurity15-Jan-2024
Unrestricted File Upload Lead to Stored XSS at Microsoft main domainhttps://medium.com/@cavdarbashas/unrestricted-file-upload-lead-to-stored-xss-at-microsoft-main-domain-baa9cadac6bd?source=rss------bug_bounty-5Sokol Çavdarbashabug-bounty, penetration-testing, technology, web-security, ethical-hacking15-Jan-2024
HackenProof bug bounty campaign is now livehttps://dexenetwork.medium.com/hackenproof-bug-bounty-campaign-is-now-live-bf9bc5ddd6d1?source=rss------bug_bounty-5DeXe Protocolsecurity, dao, bug-bounty, defi15-Jan-2024
100-day Challenge Day 1/100 Ethical Hacking Knowledgehttps://medium.com/@ssg30devil/100-day-challenge-day-1-100-ethical-hacking-knowledge-9b0625a8e835?source=rss------bug_bounty-5rootzs100daychallenge, ethical-hacking, useful-websites, bug-bounty, most-useful-websites15-Jan-2024
Reflected DOM XSShttps://medium.com/@marduk.i.am/reflected-dom-xss-fdf60de841cb?source=rss------bug_bounty-5Marduk I Amportswigger-lab, bug-bounty, cybersecurity, cross-site-scripting, dom-xss15-Jan-2024
SMTP Server (JAMES SMTP Server 2.3.2)https://medium.com/@akshadjoshi/smtp-server-james-smtp-server-2-3-2-ad934435f021?source=rss------bug_bounty-5Akshad Joshismtp, bug-bounty, pentesting, hackthebox15-Jan-2024
Streamlining Vulnerability Hunting for Bug Bounty and pentestershttps://medium.com/@k-binsaeed/streamlining-vulnerability-hunting-for-bug-bounty-and-pentesters-81e77b3ab7d9?source=rss------bug_bounty-5NumLocK15bug-bounty, vulnerability, cybersecurity, pentesting15-Jan-2024
How I Used A Simple Python Script to Exploit a Vulnerable Google API Key.https://medium.com/@gradillagustavo87/how-i-used-a-simple-python-script-to-exploit-a-vulnerable-google-api-key-475b4fcaf895?source=rss------bug_bounty-5Gustavo Gradillahacking-tools, bug-bounty-writeup, bug-bounty, google15-Jan-2024
How I Automate Finding Amazon S3 Buckets Using A Simple Python Scripthttps://medium.com/@gradillagustavo87/how-i-automate-finding-amazon-s3-buckets-using-a-simple-python-script-c1a7c11a8b52?source=rss------bug_bounty-5Gustavo Gradillacybersecurity, hacking-tools, ethical-hacking, bug-bounty, hacking15-Jan-2024
S3 Bucket takeover with simple technique lead to $$$https://medium.com/@adhaamsayed3/s3-bucket-takeover-with-simple-technique-lead-to-0fc0b89eeecb?source=rss------bug_bounty-5Adham sayed (doosec101)web-app-pentesting, bug-bounty, hacker, hackerone, mobile-app-testing15-Jan-2024
3.3 Lab: File path traversal, traversal sequences stripped non-recursively | 2024https://cyberw1ng.medium.com/3-3-lab-file-path-traversal-traversal-sequences-stripped-non-recursively-2024-5dd6b7d227e6?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, security, hacking, careers14-Jan-2024
Logical Error leads to DOS for victimhttps://medium.com/@tanyago/logical-error-leads-to-dos-for-victim-8e4f6d18ae90?source=rss------bug_bounty-5Tanya Goyalbug-bounty-tips, bug-bounty-writeup, bug-hunting, bug-bounty14-Jan-2024
How to Nail a Perfect Bug Reporthttps://medium.com/@nambiarjishnu1210/how-to-nail-a-perfect-bug-report-b619690779a7?source=rss------bug_bounty-5Jishnu Nambiarsoftware-testing, automation, bug-bounty, testing, quality-assurance14-Jan-2024
Bug Bounty: The Ultimate Guide For Beginnershttps://medium.com/@securelearn/bug-bounty-the-ultimate-guide-for-beginners-92bd470b5c02?source=rss------bug_bounty-5RGsecure-learn, bug-bounty-tips, cybersecurity, hacking, bug-bounty14-Jan-2024
Elevate your Expertise: Key Cybersec Certifications 2k24https://thethreatcops.medium.com/elevate-your-expertise-key-cybersec-certifications-2k24-7a025f5566f4?source=rss------bug_bounty-5the threat copsinformation-security, hacking, career-development, bug-bounty, cybersecurity14-Jan-2024
Exploring the Web’s Hidden Corners with DorkDive: A Google Dorking Tool for Tech Enthusiastshttps://infosecwriteups.com/exploring-the-webs-hidden-corners-with-dorkdive-a-google-dorking-tool-for-tech-enthusiasts-c66816493c76?source=rss------bug_bounty-5Incoggeekpython, cybersecurity, bug-bounty, tools, hacking14-Jan-2024
Mastering Cybersecurity: A Deep Dive into Optimal Attack Surface Management for Public Bug Bounty…https://cyberarafat.medium.com/mastering-cybersecurity-a-deep-dive-into-optimal-attack-surface-management-for-public-bug-bounty-0eb182577c4c?source=rss------bug_bounty-5Arafat Ashrafi Talhaethical-hacking, bug-bounty-tips, bug-bounty, penetration-testing, cybersecurity14-Jan-2024
Layer 5: Bug Bountieshttps://medium.com/@triweisec/layer-5-bug-bounties-f67b2cbdf413?source=rss------bug_bounty-5TriWei.iobug-bounty, web3, blockchain-security, ethical-hacking, vulnerability-assessment14-Jan-2024
ExamSys — Multiple SQL Injectionshttps://fh4ntke.medium.com/examsys-multiple-sql-injections-ef94d84e440c?source=rss------bug_bounty-5FHantkeweb-development, technology, hacking, open-source, bug-bounty14-Jan-2024
How to set up a new Kali Linux virtual machine for Studying | Practicing | Bug Bounty ?https://medium.com/@recepbalibey/how-to-set-up-a-new-kali-linux-virtual-machine-for-studying-practicing-bug-bounty-6ec16222c294?source=rss------bug_bounty-5Recep Balıbeyvirtual-machine, kali-linux, ctf, bug-bounty, cybersecurity14-Jan-2024
Vulnerable Web Applications For Training and Testing Your New Toolshttps://medium.com/@eclectic-security/vulnerable-web-applications-for-training-and-testing-your-new-tools-e2411942edb2?source=rss------bug_bounty-5Eclectic Securitybug-bounty, software-development, cybersecurity, training, penetration-testing14-Jan-2024
Mass Hunting Blind XSS — Practical Techniqueshttps://infosecwriteups.com/mass-hunting-blind-xss-practical-techniques-182c422d773e?source=rss------bug_bounty-5Ott3rlybug-bounty-writeup, xss-vulnerability, cross-site-scripting, bug-bounty, cybersecurity14-Jan-2024
What is Bug Bounty Huntinghttps://medium.com/@chaudharyrohit644/what-is-bug-bounty-hunting-d2571271d612?source=rss------bug_bounty-5Rohit Chaudharybug-bounty14-Jan-2024
PII Data Leakage via Directory Listinghttps://medium.com/@fixthis1000time/pii-data-leakage-via-directory-listing-2a5ff7554cdc?source=rss------bug_bounty-5fixthi$infosec, cybersecurity, ethical-hacking, bug-bounty, hacking14-Jan-2024
User Enumeration in the login processhttps://medium.com/@majix_de/user-enumeration-in-the-login-process-a43a248ac70d?source=rss------bug_bounty-5Majixctf, bug-bounty, pentesting, hacking, penetration-testing14-Jan-2024
HackTheBox — Server-side Request Forgery (SSRF) Overviewhttps://medium.com/@harry.hphu/hackthebox-server-side-request-forgery-ssrf-overview-e55ef94ac435?source=rss------bug_bounty-5Huy Phubug-bounty, web-security, hackthebox, owasp-top-10, ssrf13-Jan-2024
What is SQL Injection and how SQL queries work in databasehttps://mrunknown124154.medium.com/what-is-sql-injection-and-how-sql-queries-work-in-database-6971f1729aed?source=rss------bug_bounty-5Mr Abdullahhacking, cyber-security-awareness, bug-bounty, sql-injection, web-hacking13-Jan-2024
Easy way to find RCE via SSTI(server side template injection)https://medium.com/@jeetpal2007/easy-way-to-find-rce-via-ssti-server-side-template-injection-b5f664ddf427?source=rss------bug_bounty-5JEETPALrce, bug-bounty, easy, bugs, ssti13-Jan-2024
DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encodedhttps://medium.com/@marduk.i.am/dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-62bc9a167c8e?source=rss------bug_bounty-5Marduk I Amcross-site-scripting, angularjs, dom-xss, bug-bounty, portswigger-lab13-Jan-2024
mistakes bug bounty hunters fall on it | the key of bug bounty |best advice for 2024https://medium.com/@no_oneee/hello-48e0488f6fa4?source=rss------bug_bounty-5no|oneinformation-security, bugs, bug-bounty-tips, cybersecurity, bug-bounty13-Jan-2024
3.2 Lab: File path traversal, traversal sequences blocked with absolute path bypass | 2024https://cyberw1ng.medium.com/3-2-lab-file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass-2024-b1eb44cf3151?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, security, hacking, cybersecurity13-Jan-2024
Regeneration of API key by low level user: 500$ Access Control bughttps://medium.com/@a13h1/regeneration-of-api-key-by-low-level-user-500-access-control-bug-87c76b9b5842?source=rss------bug_bounty-5Abhi Sharmabug-bounty, cybersecurity, hacking, api, programming13-Jan-2024
3.2 Lab: File path traversal, traversal sequences blocked with absolute path bypass | 2024https://systemweakness.com/3-2-lab-file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass-2024-b1eb44cf3151?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, security, hacking, cybersecurity13-Jan-2024
Burp Suite — Download, Set up and Get Going!https://medium.com/@eclectic-security/burp-suite-download-set-up-and-get-going-a58ba7daf678?source=rss------bug_bounty-5Eclectic Securitybug-bounty, tools, cyber-security-training, penetration-testing, burpsuite13-Jan-2024
DOM-Based XSS: Understanding and Mitigating a Stealthy Attack Vectorhttps://medium.com/@ravensec93/dom-based-xss-understanding-and-mitigating-a-stealthy-attack-vector-71ebc56806aa?source=rss------bug_bounty-5Raven Securitybug-bounty, web-security, cybersecurity, xss-attack, hacking13-Jan-2024
Weird bug to steal users credentialshttps://medium.com/@fuadahmad062/weird-bug-to-steal-users-credentials-5e80c5d4565f?source=rss------bug_bounty-5von001bug-bounty-tips, bug-bounty, content-spoofing12-Jan-2024
Forget Blockers, Own Your Freedom: SquareXhttps://tanishqshahsays.medium.com/forget-blockers-own-your-freedom-squarex-4e4d6a845fe8?source=rss------bug_bounty-5Tanishq Sachin Shahbug-bounty, squarex, security, cybersecurity, privacy12-Jan-2024
Mass Hunting Blind XSS — Initial Setuphttps://ott3rly.medium.com/mass-hunting-blind-xss-initial-setup-7fc5c1898999?source=rss------bug_bounty-5Ott3rlyxs, info-sec-writeups, blind-xss, bug-bounty, cross-site-scripting12-Jan-2024
The DeXe Protocol’s Bug Bounty Campaignhttps://dexenetwork.medium.com/the-dexe-protocols-bug-bounty-campaign-a68e960c36cd?source=rss------bug_bounty-5DeXe Protocoldefi, bug-bounty, smart-contracts, dao, security12-Jan-2024
tRPC Security Research: Hunting for Vulnerabilities in Modern APIshttps://medium.com/@LogicalHunter/trpc-security-research-hunting-for-vulnerabilities-in-modern-apis-b0d38e06fa71?source=rss------bug_bounty-5Borna Nematzadehbug-bounty-writeup, bug-bounty, web-security, security-research, api-security12-Jan-2024
Mass Hunting Blind XSS — Initial Setuphttps://infosecwriteups.com/mass-hunting-blind-xss-initial-setup-7fc5c1898999?source=rss------bug_bounty-5Ott3rlyxs, info-sec-writeups, blind-xss, bug-bounty, cross-site-scripting12-Jan-2024
The DeXe Protocol’s Bug Bounty Campaign announcementhttps://dexenetwork.medium.com/the-dexe-protocols-bug-bounty-campaign-a68e960c36cd?source=rss------bug_bounty-5DeXe Protocoldefi, bug-bounty, smart-contracts, dao, security12-Jan-2024
Unraveling the Mysteries of Zoo Services: Feign magic uncoveredhttps://medium.com/@boltaevt/unraveling-the-mysteries-of-zoo-services-feign-magic-uncovered-3d45d211fdec?source=rss------bug_bounty-5@boltaevtbug-bounty, spring-boot, java, microservices, feign12-Jan-2024
Unveiling Vulnerabilities: Loose Permissions in Salesforce Lightning Pose Data Security Threatshttps://samshadow.medium.com/unveiling-vulnerabilities-loose-permissions-in-salesforce-lightning-pose-data-security-threats-41eaba372937?source=rss------bug_bounty-5Sam Shadowbug-bounty-writeup, infosec, salesforce-lightning, bug-bounty, bug-bounty-tips12-Jan-2024
Common obstacles to exploiting path traversal vulnerabilities | 2024https://cyberw1ng.medium.com/common-obstacles-to-exploiting-path-traversal-vulnerabilities-2024-204fd57566f5?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, security, hacking, cybersecurity, careers12-Jan-2024
Holy Ffuf Unleashing Rapid Wealth with a 15-Minute $$$ Twisthttps://medium.com/@Xt3sY/holy-ffuf-unleashing-rapid-wealth-with-a-15-minute-twist-8fada0cc72ba?source=rss------bug_bounty-5Pushkar Bhagathacker101, bug-bounty, hackerone, hacker12-Jan-2024
SQL INJECTION FUNDAMENTALS_HACK THE BOXhttps://medium.com/@romimkhan5588/sql-injection-fundamentals-hack-the-box-d22cde7a7198?source=rss------bug_bounty-5root 28hacking, bug-bounty, cybersecurity, hackthebox, sql-injection12-Jan-2024
Account Takeover via password reset without user interactions (CVE-2023–7028)https://0xweb01.medium.com/account-takeover-via-password-reset-without-user-interactions-cve-2023-7028-cbd2e675992e?source=rss------bug_bounty-50xweb01cve, zero-day, bug-bounty, security12-Jan-2024
Holy Ffuf easy Bounty in 15 minshttps://medium.com/@Xt3sY/holy-ffuf-unleashing-rapid-wealth-with-a-15-minute-twist-8fada0cc72ba?source=rss------bug_bounty-5Pushkar Bhagathacker101, bug-bounty, hackerone, hacker12-Jan-2024
Bug Bountyhttps://medium.com/@pdinukanth/bug-bounty-b1843c8676b3?source=rss------bug_bounty-5Pdinukanthbug-bounty11-Jan-2024
IDN Homograph Attack - Reborn of the Rare Casehttps://shahjerry33.medium.com/idn-homograph-attack-reborn-of-the-rare-case-99fa1e342352?source=rss------bug_bounty-5Jerry Shah (Jerry)pentesting, bug-bounty, infosec, cybersecurity, vulnerability11-Jan-2024
Art of External Network Penetration Testing – Phase First: Preparationhttps://medium.com/@pentesterman/introduction-with-the-rapidly-developing-technologies-in-the-digital-world-the-security-measures-c21d0f62c48f?source=rss------bug_bounty-5Sevban Dönmezcybersecurity, external-pentest, bug-bounty, web-application-security, pentest-preparation11-Jan-2024
2.12 Lab: Password brute-force via password change | 2024https://cyberw1ng.medium.com/2-12-lab-password-brute-force-via-password-change-2024-94a39239f98e?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, cybersecurity, hacking, careers11-Jan-2024
How I discovered a Critical Vulnerability during a Pentest : IDOR to Privilege Escalationhttps://medium.com/@ravindu.lakmina1/how-i-discovered-a-critical-vulnerability-during-a-pentest-idor-to-privilege-escalation-937230b06e62?source=rss------bug_bounty-5Ravindu Lakminaethical-hacking, hacking, bug-bounty, penetration-testing, cybersecurity11-Jan-2024
Windows Exploitation Learning Path in TryHackMehttps://mrshan.medium.com/windows-exploitation-learning-path-in-tryhackme-8fa680daa775?source=rss------bug_bounty-5MR SHANtryhackme-writeup, cybersecurity, tryhackme-walkthrough, bug-bounty, tryhackme11-Jan-2024
How I got my first bug bountyhttps://medium.com/@b1ayn/how-i-got-my-first-bug-bounty-8772d41bccba?source=rss------bug_bounty-5B1aynbugcrowd, pentesting, hackerone, bug-bounty11-Jan-2024
How I Earned My First Bug Bounty Reward of $600https://medium.com/@zikola1/how-i-earned-my-first-bug-bounty-reward-of-600-14c268f94bbd?source=rss------bug_bounty-5Abdulrahman badawipenetration-testing, bug-bounty-writeup, bug-bounty, bug-bounty-tips, web-application-security11-Jan-2024
Skills Needed For Bug Bounty Part 2https://medium.com/@joshdesharnais1/skills-needed-for-bug-bounty-part-2-2f6897aa3390?source=rss------bug_bounty-5Joshua Desharnaisexploitation, bug-bounty-tips, bug-bounty11-Jan-2024
Hacking my college intranet (Bug Bounty)https://medium.com/@boogsta/hacking-my-college-intranet-8f77f5d8fe60?source=rss------bug_bounty-5Boogstacybersecurity, bug-bounty, hacking, cyber, bug-bounty-tips10-Jan-2024
How I Helped Indonesian Startup Company to Prevent Millions of PII Data Leakshttps://medium.com/@blackarazi/how-i-helped-indonesian-startup-company-to-prevent-millions-of-pii-data-leaks-55ef3edbd35d?source=rss------bug_bounty-5Azhari Harahapbug-bounty-writeup, pii, application-security, api-security, bug-bounty10-Jan-2024
Everything About Launching and Managing Your Bug Bounty Program (From a Former Triager)https://utkusen.medium.com/everything-about-launching-and-managing-your-bug-bounty-program-from-a-former-triager-e244105a31c6?source=rss------bug_bounty-5Utku Şencybersecurity, bug-bounty-tips, hackerone, bug-bounty10-Jan-2024
Businesses That Still Are Accepting Brute Force Vulnerabilities as Low Impact Need to Reconsiderhttps://malwarexhunt.medium.com/businesses-that-still-are-accepting-brute-force-vulnerabilities-as-low-impact-need-to-reconsider-c877f8b17ad3?source=rss------bug_bounty-5MalwareHuntertechnology, cybersecurity, bug-bounty, programming, penetration-testing10-Jan-2024
Bugs & JS :A Closer Look at JavaScript for Successful Bug Huntinghttps://anasbetis023.medium.com/bugs-js-a-closer-look-at-javascript-for-successful-bug-hunting-fddb0d796498?source=rss------bug_bounty-5Anas H Hmaidycybersecurity, bug-bounty, javascript, penetration-testing10-Jan-2024
A Beginner’s Guide to Bug Hunting: Your Passport to the World of Cybersecurityhttps://medium.com/@matsecurity/a-beginners-guide-to-bug-hunting-your-passport-to-the-world-of-cybersecurity-798cc4a1e76d?source=rss------bug_bounty-5MatSecbug-bounty, bug-bounty-tips, hackerone, cybersecurity, ethical-hacking10-Jan-2024
Daily Bug Bounty Writeupshttps://securitycipher.medium.com/daily-bug-bounty-writeups-2d754b87a546?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)hacking, technology, ai, security, bug-bounty09-Jan-2024
BYPASSING PAYMENTS IN APPLE FOR FREE TRAILS FOR LIFETIMEhttps://medium.com/@sam0-0/bypassing-payments-in-apple-for-free-trails-for-lifetime-8e3019dfe57b?source=rss------bug_bounty-5Sambug-bounty-writeup, bug-bounty, apple, apple-security09-Jan-2024
Bug Bounty prompt that can help you to find IDOR vulnerabilitieshttps://blog.gopenai.com/bug-bounty-prompt-that-can-help-you-to-find-idor-vulnerabilities-5a47fa5de44f?source=rss------bug_bounty-5aimasteridor, bug-bounty, bugbountyprompts, cybersecurity, chatgpt09-Jan-2024
Understanding Sherlock’s Smart Contract Coveragehttps://medium.com/@JohnnyTime/understanding-sherlocks-smart-contract-coverage-3eca7d9033bc?source=rss------bug_bounty-5Johnny Timesherlock, web3-security, audit-contest, bug-bounty, smart-contracts09-Jan-2024
How To Get A XSSI Bug In Bug Bounty— Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-to-get-a-xssi-bug-in-bug-bounty-bug-bounty-tuesday-7440b0caf32c?source=rss------bug_bounty-5kerstanbug-bounty, security, technology, programming, cybersecurity09-Jan-2024
Developed a Bug Bounty Calculatorhttps://medium.com/@chander.romesh/developed-a-bug-bounty-calculator-b8370e04b15a?source=rss------bug_bounty-5Romesh chanderinformation-security, infosec, pentesting, hacking, bug-bounty09-Jan-2024
Recon Nedir ve Kullanılan Araçlarhttps://medium.com/@eren.klai2/recon-nedir-ve-kullan%C4%B1lan-ara%C3%A7lar-bac6b28479e4?source=rss------bug_bounty-5ErenCataksubdomain, pentesting, subdomains-enumeration, bug-bounty, recon09-Jan-2024
Subdomain Bruteforce Toolhttps://0xshaheen.medium.com/subdomain-bruteforce-tool-9dd3cd673df6?source=rss------bug_bounty-5Shaheen Sikdersubdomains-enumeration, subdomain, bug-bounty, subdomain-bruteforce09-Jan-2024
Get All your Clickjacking Vulnerability Triaged with this Exploitation!https://medium.com/@Ajakcybersecurity/get-all-your-clickjacking-vulnerability-triaged-with-this-exploitation-95de8291e285?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, bug-bounty, cybersecurity, blog, clickjacking09-Jan-2024
A Straight 5-hour Escalation! Exploiting Boolean-Based SQL Injection.https://medium.com/@Ajakcybersecurity/a-straight-5-hour-escalation-exploiting-boolean-based-sql-injection-5d828fd3dacf?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, bug-bounty, cybersecurity, red-team, sql09-Jan-2024
How to Write A Bug Bounty Report Like a Pro!https://medium.com/@Ajakcybersecurity/how-to-write-a-bug-bounty-report-like-a-pro-a703034d095f?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, ethcial-hacking, hacking, cybersecurity09-Jan-2024
How To Report Bug In Indian Government Site?https://medium.com/@Ajakcybersecurity/how-to-report-bug-in-indian-government-site-3f104eb5c40b?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, bug-bounty, blog, india, cybersecurity09-Jan-2024
How To Check Whether Your Photo is Leaked In Online or Not?https://medium.com/@Ajakcybersecurity/how-to-check-whether-your-photo-is-leaked-in-online-or-not-286a9feeadbd?source=rss------bug_bounty-5AjakCybersecurityinvestigation, digital-forensics, blog, cybersecurity, bug-bounty09-Jan-2024
2.11 Lab: Password reset poisoning via middleware | 2024https://cyberw1ng.medium.com/2-11-lab-password-reset-poisoning-via-middleware-2024-862897c7fc77?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, careers, security, bug-bounty09-Jan-2024
Tricks I Do To Get Easy HOF and Bounty!https://medium.com/@Ajakcybersecurity/tricks-i-do-to-get-easy-hof-and-bounty-99d6158eb53e?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, penetration-testing, blog, cybersecurity, bug-bounty09-Jan-2024
How Much Was My First Bounty?https://medium.com/@Ajakcybersecurity/how-much-was-my-first-bounty-9c02df4b1958?source=rss------bug_bounty-5AjakCybersecurityhacking, ethical-hacking, cybersecurity, penetration-testing, bug-bounty09-Jan-2024
The Art and Science Behind Password Managershttps://medium.com/@paritoshblogs/the-art-and-science-behind-password-managers-fbf5fb9c7f99?source=rss------bug_bounty-5Paritoshinformation-security, cybersecurity, password-manager, hacking, bug-bounty08-Jan-2024
Top 13 Vulnerable Web Applications and Websites for Ethical Hacking Practicehttps://bytebusterx.medium.com/top-13-vulnerable-web-applications-and-websites-for-ethical-hacking-practice-1850c6163e89?source=rss------bug_bounty-5ByteBusterXbug-bounty, hacking, cybersecurity08-Jan-2024
Rapid Scan (Web Vulnerability Scanner)https://medium.com/@psychomong/rapid-scan-web-vulnerability-scanner-d164cefc3c9a?source=rss------bug_bounty-5psychomonghacking, bug-bounty, scanner, hackerone, python08-Jan-2024
2.10 Lab: Offline password cracking | 2024https://cyberw1ng.medium.com/2-10-lab-offline-password-cracking-2024-e730fb915f73?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, security, cybersecurity, hacking08-Jan-2024
Blind boolean-based SQLi, by manipulating urlhttps://medium.com/@zatikyan.sevada/blind-boolean-based-sqli-by-manipulating-url-96e1e086378c?source=rss------bug_bounty-5Zatikyan Sevadacybersecurity, sqlmap, bug-bounty, owasp, sql-injection08-Jan-2024
HTTP PARAMTER POLLUTION [TR]https://medium.com/@eren.klai2/http-paramter-pollution-tr-700e254be60e?source=rss------bug_bounty-5ErenCatakpentesting, bug-bounty, turkey, http-parameter-pollution, parameter-tampering08-Jan-2024
2.9 Lab: Brute-forcing a stay-logged-in cookie | 2024https://cyberw1ng.medium.com/2-9-lab-brute-forcing-a-stay-logged-in-cookie-2024-065110f81d48?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, security, cybersecurity, hacking, careers07-Jan-2024
Digital Forensics Investigation Report PDF- A Court Manner.https://medium.com/@Ajakcybersecurity/digital-forensics-investigation-report-pdf-a-court-manner-daaa24c60458?source=rss------bug_bounty-5AjakCybersecuritywireshark, bug-bounty, networking, digital-forensics, blog07-Jan-2024
Top Programming Languages You Need to Know In 2024https://medium.com/@Ajakcybersecurity/top-programming-languages-you-need-to-know-in-2024-372db341015f?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, cybersecurity, python, medium, programming07-Jan-2024
XSS (Cross-Site Scripting) Reports on codechef.comhttps://medium.com/@mr_sopyan/xss-cross-site-scripting-reports-on-codechef-com-1a674f9ba9d8?source=rss------bug_bounty-5Mr_Sopyancybersecurity, xss-attack, bug-bounty, it-security07-Jan-2024
How to match IOCs against SIEM logs ?https://medium.com/@paritoshblogs/how-to-match-iocs-against-siem-logs-9d61079d16c6?source=rss------bug_bounty-5Paritoshsiem, hacking, bug-bounty, cybersecurity, ioc07-Jan-2024
Paid Subscriptions Resources which will be useful for Ethical Hacking/Bug Bounty (No Promotion)…https://medium.com/@Ajakcybersecurity/paid-subscriptions-resources-which-will-be-useful-for-ethical-hacking-bug-bounty-no-promotion-94b2aad97b18?source=rss------bug_bounty-5AjakCybersecuritymedium, udemy, ethical-hacking, bug-bounty, cybersecurity07-Jan-2024
Learn Cybersecurity By Doing Simple Projects at Homehttps://medium.com/@Ajakcybersecurity/learn-cybersecurity-by-doing-simple-projects-at-home-81fe4a512a65?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, bug-bounty, projects, ethical-hacking, hacking07-Jan-2024
Top 5 Best Laptops for Bug Bounty and Ethical Hackinghttps://medium.com/@Ajakcybersecurity/top-5-best-laptops-for-bug-bounty-and-ethical-hacking-c0ce6fe4917c?source=rss------bug_bounty-5AjakCybersecurityhacking, blog, laptop, programming, bug-bounty07-Jan-2024
Os Command Injectionhttps://medium.com/@eren.klai2/os-command-injection-536087488e87?source=rss------bug_bounty-5ErenCatakbug-bounty, pentesting, os-command-injection, operating-systems, bash-script07-Jan-2024
Top 5 Best Books for Bug Bounty Hunting- My Personal Favouriteshttps://medium.com/@Ajakcybersecurity/top-5-best-books-for-bug-bounty-hunting-my-personal-favourites-ec416ab4ea25?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, hacking, money, bug-bounty, blog06-Jan-2024
HackerOne or BugCrowd or VDP? How To Choose your Bug Bounty Program?https://medium.com/@Ajakcybersecurity/hackerone-or-bugcrowd-or-vdp-how-to-choose-your-bug-bounty-program-c4a4d202397c?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, hackerone, blog, penetration-testing, ethical-hacking06-Jan-2024
How I Cracked CEH Within 6 Months Only With Free Resources.https://medium.com/@Ajakcybersecurity/how-i-cracked-ceh-within-6-months-only-with-free-resources-c362d122ee01?source=rss------bug_bounty-5AjakCybersecurityhacking, bug-bounty, blog, ethical-hacking, certification06-Jan-2024
Bug Bounty Mistakes I Made in 2023, So that You Can Avoid in 2024https://medium.com/@Ajakcybersecurity/bug-bounty-mistakes-i-made-in-2023-so-that-you-can-avoid-in-2024-3737663807fc?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, hacking, ethical-hacking, cybersecurity, bug-bounty06-Jan-2024
Unveiling the Dangers of CWE-319: Clear Text Transmission of Sensitive Informationhttps://medium.com/@georgeppmc/unveiling-the-dangers-of-cwe-319-clear-text-transmission-of-sensitive-information-1ada2d1f4ca5?source=rss------bug_bounty-5George Torresbug-bounty06-Jan-2024
Gi7w0rm’s personal year review — 2023https://gi7w0rm.medium.com/gi7w0rms-personal-year-review-2023-f4726b46b604?source=rss------bug_bounty-5Gi7w0rmioc, bug-bounty, cybersecurity, infosec, 202306-Jan-2024
500$ Access Control Bug: Performed Restricted Actions in Developer Settings by low level user.https://medium.com/@a13h1/500-access-control-bug-performed-restricted-actions-in-developer-settings-by-low-level-user-b4ecaa6d1aa1?source=rss------bug_bounty-5Abhi Sharmaprogramming, bug-bounty, pentesting, access-control, cybersecurity06-Jan-2024
Best AI Tools For Cybersecurity in 2024https://medium.com/@paritoshblogs/best-ai-tools-for-cybersecurity-in-2024-9f9972919f1d?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, networking, information-security, cybersecurity06-Jan-2024
The Art of Shodanhttps://astro0x00.medium.com/the-art-of-shodan-ee83bfa96105?source=rss------bug_bounty-5Mo2men Elmadybug-bounty, shodan, penetration-testing, cve, hacking06-Jan-2024
2.8 Lab: 2FA broken logic | 2024https://cyberw1ng.medium.com/2-8-lab-2fa-broken-logic-2024-30a843da98ca?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, careers, bug-bounty, security06-Jan-2024
The History Behind My First Bughttps://dropn0w.medium.com/the-history-behind-my-first-bug-539b913b9667?source=rss------bug_bounty-5dropbug-bounty-tips, hacking, bug-bounty, cybersecurity06-Jan-2024
The Story Behind My First Bughttps://dropn0w.medium.com/the-history-behind-my-first-bug-539b913b9667?source=rss------bug_bounty-5dropbug-bounty-tips, hacking, bug-bounty, cybersecurity06-Jan-2024
Ethical Hacking RoadMap 2024. A Complete Guide.https://medium.com/@testproxy027/ethical-hacking-roadmap-2024-a-complete-guide-74a7a09668af?source=rss------bug_bounty-5Ankit Hackercybersecurity, bug-bounty, hacking, ethical-hacking, medium05-Jan-2024
I received a Bank offer in my mailbox and discovered an IDOR vulnerability - $5,000 bounty - @bxmbnhttps://bxmbn.medium.com/i-received-a-bank-offer-in-my-mailbox-and-discovered-an-idor-vulnerability-5-000-bounty-bxmbn-5209cab1fba8?source=rss------bug_bounty-5bomboncybersecurity, idor, bug-bounty05-Jan-2024
How I Prevented a Mass Data Breach - $15,000 bounty - @bxmbnhttps://bxmbn.medium.com/how-i-prevented-a-mass-data-breach-15-000-bounty-bxmbn-1096e6400e3d?source=rss------bug_bounty-5bombonbug-bounty, data-breach, idor, cybersecurity05-Jan-2024
Cybersecurity Roadmap: 2024https://hackerassociate.medium.com/cybersecurity-roadmap-2024-ea3586fea603?source=rss------bug_bounty-5Harshad Shahinfosec, cybersecurity, penetration-testing, bug-bounty, hacking05-Jan-2024
How to Earn Money as a Digital Forensics Investigatorhttps://medium.com/@moneyiseasybro/how-to-earn-money-as-a-digital-forensics-investigator-dae9723ebb10?source=rss------bug_bounty-5How to Earnethical-hacking, cybersecurity, finance, money, bug-bounty05-Jan-2024
How Celebrities Social media accounts get hacked in real time?https://medium.com/@Ajakcybersecurity/how-celebrities-social-media-accounts-get-hacked-in-real-time-4ccb37ac0763?source=rss------bug_bounty-5AjakCybersecurityphishing, ethical-hacking, cybersecurity, digital-forensics, bug-bounty05-Jan-2024
How to Become a Successful Bug Bounty Hunter in 2024?https://medium.com/@Ajakcybersecurity/how-to-become-a-successful-bug-bounty-hunter-in-2024-3171b782b585?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, blog, cybersecurity, hacking05-Jan-2024
Listed in Top 15 Researchers in NCIIPC Indiahttps://devanshchauhan4565.medium.com/listed-in-top-15-researchers-in-nciipc-india-4143da2d75e9?source=rss------bug_bounty-5Devansh chauhantop-10, bug-bounty, internet, vulnerability, india05-Jan-2024
Privilege Escalation Using SCIM Provisioninghttps://ronak-9889.medium.com/privilege-escalation-using-scim-provisioning-ca61ed9606bd?source=rss------bug_bounty-5Ronak Patelbug-bounty, information-security, privilege-escalation, access-control, cybersecurity05-Jan-2024
Website Hacking, Penetration Testing & Bug Bounty Hunting Resources full coursehttps://thehackertools9.medium.com/website-hacking-penetration-testing-bug-bounty-hunting-resources-full-course-0010c0603bd9?source=rss------bug_bounty-5TheHackerLifebug-bounty-tips, bug-bounty, website-hacking, hacking-tools, ethical-hacking-tools05-Jan-2024
2.7 Lab: Username enumeration via account lock | 2024https://cyberw1ng.medium.com/2-7-lab-username-enumeration-via-account-lock-2024-9ae1d7eef4a6?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, hacking, bug-bounty, cybersecurity, careers05-Jan-2024
My first bugs in 2024https://medium.com/@el-cezeri/my-first-bugs-in-2024-82ea4e9de718?source=rss------bug_bounty-5Samet Yiğitödülavcılığı, bug-bounty, bug-bounty-tips05-Jan-2024
Vulnerable WordPress December 2023 (Shahriar)https://medium.com/@onhexgroup/vulnerable-wordpress-december-2023-shahriar-16277c1cd3b8?source=rss------bug_bounty-5Onhexgroupwordpress-security, wordpress-plugins, infosec, bug-bounty, wordpress05-Jan-2024
Exploring “Jok3r”: A Powerful Network/Host Reconnaissance and Enumeration Tool.https://sh1vv1.medium.com/exploring-jok3r-a-powerful-network-host-reconnaissance-and-enumeration-tool-43b524c580f0?source=rss------bug_bounty-5Hesham Ahmedtips-and-tricks, tools, penetration-testing, bug-bounty, bug-hunting05-Jan-2024
Web Security Academy — API Security Testing Walkthroughhttps://iaraoz.medium.com/web-security-academy-api-security-testing-walkthrough-11019ed93eae?source=rss------bug_bounty-5Israel Aráoz Severicheapi, bug-bounty, web, hacking, portswigger-lab05-Jan-2024
9 Subtle Tricks To Make Your Cybersecurity Skills Much Betterhttps://medium.com/@paritoshblogs/9-subtle-tricks-to-make-your-cybersecurity-skills-much-better-4f7e48b3fd57?source=rss------bug_bounty-5Paritoshbug-bounty, ai, cybersecurity, programming, hacking04-Jan-2024
Exploring Application Security with SAST, DAST, SCA, and IASThttps://securitycipher.medium.com/exploring-application-security-with-sast-dast-sca-and-iast-95b27043d9fd?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)security, bug-bounty, hacking, technology, cybersecurity04-Jan-2024
How do i bypass waf for xss in input tag?https://medium.com/@lyltvip/how-do-i-bypass-waf-for-xss-in-input-tag-2adcdc1b7e25?source=rss------bug_bounty-5lanyibug-bounty-tips, hacking, xss-vulnerability, xss-attack, bug-bounty04-Jan-2024
CORS Crossfire: An iCSI CTFhttps://medium.com/@josh.beck2006/cors-crossfire-an-icsi-ctf-35a73f700207?source=rss------bug_bounty-5Josh Beckcybersecurity, penetration-testing, ctf-writeup, bug-bounty04-Jan-2024
2.6 Lab: Broken brute-force protection, IP block | 2024https://cyberw1ng.medium.com/2-6-lab-broken-brute-force-protection-ip-block-2024-8057a53b999a?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, careers, cybersecurity, hacking04-Jan-2024
Account Takeover? $4 and a click, please.https://swehtpantz.medium.com/account-takeover-4-and-a-click-please-454c035aa3b6?source=rss------bug_bounty-5Swehtpantzhacking, pentesting, ethical-hacking, bug-bounty, bug-bounty-tips04-Jan-2024
Bug Bountyhttps://medium.com/@montymahapatra79/bug-bounty-02310f6d39f9?source=rss------bug_bounty-5Montymahapatrabug-bounty-tips, bug-bounty-hunter, bug-bounty04-Jan-2024
Ethical Hacking RoadMap 2024. A Complete Guide.https://ajaksecurities.medium.com/ethical-hacking-roadmap-2024-a-complete-guide-23b23262b1b8?source=rss------bug_bounty-5Ajak Cyber Securityethical-hacking, hacking, bug-bounty, medium, cybersecurity04-Jan-2024
How to Become a Successful Bug Bounty Hunter in 2024?https://ajaksecurities.medium.com/how-to-become-a-successful-bug-bounty-hunter-in-2024-106f576b03e2?source=rss------bug_bounty-5Ajak Cyber Securityethical-hacking, hacking, bug-bounty, cybersecurity, medium04-Jan-2024
Essential Gadgets for Bug Bounty Hunters: Enhancing Your Cybersecurity Arsenalhttps://securitylit.medium.com/essential-gadgets-for-bug-bounty-hunters-enhancing-your-cybersecurity-arsenal-40173ec2945f?source=rss------bug_bounty-5Security Lit Limitedgadgets, cybersecurity, bug-bounty, vulnerability04-Jan-2024
OpenBounty, phương pháp tiếp cận mới của Shentu trong Hệ sinh thái bảo mậthttps://shentuchain.medium.com/openbounty-ph%C6%B0%C6%A1ng-ph%C3%A1p-ti%E1%BA%BFp-c%E1%BA%ADn-m%E1%BB%9Bi-c%E1%BB%A7a-shentu-trong-h%E1%BB%87-sinh-th%C3%A1i-b%E1%BA%A3o-m%E1%BA%ADt-bc52f8fd13ff?source=rss------bug_bounty-5Shentu Chainbug-bounty, bounty-program, web3, bounty-hunter, cybersecurity03-Jan-2024
GooFuzz: A Fuzzing Tool with an OSINT Approachhttps://medium.com/@cuncis/goofuzz-a-fuzzing-tool-with-an-osint-approach-306fe481824f?source=rss------bug_bounty-5Cuncisbug-bounty, penetration-test, google-dork, penetration-testing, osint03-Jan-2024
How to Correctly setup Android Penetration Testing on a MacBookhttps://infosecwriteups.com/how-to-correctly-setup-android-penetration-testing-on-a-macbook-659f244f84c8?source=rss------bug_bounty-5Supun Halangoda (Suppa)bug-bounty, penetration-testing, mobile-penetration-test, macbook-pro, android-pentesting03-Jan-2024
LoveTok | HackTheBox web challenge Writeuphttps://gxbnt.medium.com/lovetok-hackthebox-web-challenge-writeup-e3b99967c3b7?source=rss------bug_bounty-5Bishal - #GxbNthackthebox-writeup, oscp, web, offensive-security, bug-bounty03-Jan-2024
A Guide on Crafting Robust Invariants with Echidnahttps://medium.com/coinmonks/a-guide-on-crafting-robust-invariants-with-echidna-fc980d8e2c0c?source=rss------bug_bounty-5Chirag Agrawalbug-bounty, smart-contracts, cybersecurity, cryptocurrency, security03-Jan-2024
Found reflected xss on a real targethttps://medium.com/@jeetpal2007/found-reflected-xss-on-a-real-target-30b80b2f53e4?source=rss------bug_bounty-5JEETPALrxss, xs, bugs, bug-bounty03-Jan-2024
My Bug Bounty Write Ups (Part-1)https://karthikeyamade.medium.com/my-bug-bounty-write-ups-part-1-63ed3e788873?source=rss------bug_bounty-5Karthikeya Saibug-bounty-tips, bug-bounty03-Jan-2024
My First Bug Bounty: Lessons Learned and Money Earnedhttps://medium.com/@georgeppmc/my-first-bug-bounty-lessons-learned-and-money-earned-d6fc31744621?source=rss------bug_bounty-5George Torresbug-bounty-tips, bug-hunting, bug-bounty-writeup, bug-bounty, hackerone03-Jan-2024
Comparing CVE & CWE : Understanding Security Vulnerabilitieshttps://medium.com/@zouhairelgarouni/comparing-cve-cwe-understanding-security-vulnerabilities-84442ab1e0e7?source=rss------bug_bounty-5ZOUHAIR EL GAROUNIvulnerability, vulnerability-management, cyber-security-awareness, cybersecurity, bug-bounty03-Jan-2024
you need to learn linux RIGHT NOW!!https://medium.com/@paritoshblogs/you-need-to-learn-linux-right-now-7239f4dcc1c6?source=rss------bug_bounty-5Paritoshhacking, cybersecurity, linux, programming, bug-bounty02-Jan-2024
Bug Bounty Hunting | Reconnaissance | Subdomain Enumerationhttps://me-ankeet.medium.com/bug-bounty-hunting-reconnaissance-subdomain-enumeration-854d880c3406?source=rss------bug_bounty-5Ankeetbug-bounty, hacking, information-security, cybersecurity, bug-bounty-tips02-Jan-2024
How .git folder can be exploited to access sensitive datahttps://satyasai1460.medium.com/how-git-folder-can-be-exploited-to-access-sensitive-data-eb805c38fd6c?source=rss------bug_bounty-5Bala Naga Satya sai Devarapalliinformation-technology, cybersecurity, bug-bounty, bugs, bug-bounty-tips02-Jan-2024
From P5 to Payday $$$: Escalating Reflected XSS to Account Takeoverhttps://hasanka-amarasinghe.medium.com/from-p5-to-payday-escalating-reflected-xss-to-account-takeover-bc25a171a3d5?source=rss------bug_bounty-5Hasanka Amarasinghexss-attack, bug-bounty, cross-site-scripting, account-takeover, cybersecurity02-Jan-2024
Account Takeover on International Exchange — Bug Bounty Tuesdayhttps://medium.com/@kerstan/account-takeover-on-international-exchange-bug-bounty-tuesday-cf41a54bc4b7?source=rss------bug_bounty-5kerstancybersecurity, bug-bounty, technology, programming02-Jan-2024
The Lexer Markets security review storyhttps://medium.com/@mweiss.eth/the-lexer-markets-security-review-story-a812539d62db?source=rss------bug_bounty-50xWeisssecurity, audit, bug-bounty, smart-contracts02-Jan-2024
DOM XSS in document.write sink using source location.search inside a select elementhttps://medium.com/@marduk.i.am/dom-xss-in-document-write-sink-using-source-location-search-inside-a-select-element-0c47fc033bcf?source=rss------bug_bounty-5Marduk I Amportswigger-lab, dom-xss, cross-site-scripting, cybersecurity, bug-bounty02-Jan-2024
2.4 Lab: Username enumeration via subtly different responses | 2024https://cyberw1ng.medium.com/2-4-lab-username-enumeration-via-subtly-different-responses-2024-eb37130d41a8?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, cybersecurity, security02-Jan-2024
Stealing private messages using XSS on subdomainhttps://medium.com/@shcyber/stealing-private-messages-using-xss-on-subdomain-97f0304b132f?source=rss------bug_bounty-5SHCyberwebsocket, csrf, bug-bounty, xss-attack, hacking02-Jan-2024
From Disclosure to High Severity: Leveraging Dyte API Key for Maximum Impacthttps://padsalatushal.medium.com/from-disclosure-to-high-severity-leveraging-dyte-api-key-for-maximum-impact-468c444963c6?source=rss------bug_bounty-5Padsala Tushalapi-security, cybersecurity, bug-bounty-tips, infosec, bug-bounty02-Jan-2024
SQL Injection (SQLi): WWWWWH?https://medium.com/@rcxsecurity/sql-injection-sqli-wwwwwh-d847972b3e45?source=rss------bug_bounty-5RCXSecuritysql-injection, bug-bounty, information-security, penetration-testing, cybersecurity01-Jan-2024
How Do I Get Root Access on a Linux Serverhttps://systemweakness.com/how-do-i-get-root-access-on-a-linux-server-874d29015305?source=rss------bug_bounty-5RyuuKhagetsubug-bounty, infosec, web-application-security, pentesting, bug-bounty-writeup01-Jan-2024
Understanding the MITRE ATT&CK Framework: A Comprehensive Overviewhttps://medium.com/@paritoshblogs/understanding-the-mitre-att-ck-framework-a-comprehensive-overview-c1499d195da0?source=rss------bug_bounty-5Paritoshmitre-attack, ai, hacking, bug-bounty, cybersecurity01-Jan-2024
Reflected XSS into a JavaScript string with angle brackets HTML encodedhttps://medium.com/@marduk.i.am/reflected-xss-into-a-javascript-string-with-angle-brackets-html-encoded-c9e2ed86f489?source=rss------bug_bounty-5Marduk I Ambug-bounty, reflected-xss, portswigger-lab, cross-site-scripting, cybersecurity01-Jan-2024
Automating GitHub Recon for Sensitive Information Discoveryhttps://medium.com/@paxnull/automating-github-recon-for-sensitive-information-discovery-c96b677857cf?source=rss------bug_bounty-5paxnullbug-bounty, bug-bounty-writeup, automation-tools, reconnaissance, bug-bounty-tips01-Jan-2024
The power of Client-Side Path Traversal: How I found and escalated 2 bugs through “../”https://medium.com/@Nightbloodz/the-power-of-client-side-path-traversal-how-i-found-and-escalated-2-bugs-through-670338afc90f?source=rss------bug_bounty-5Alvaro Baladabug-bounty-tips, info-sec-writeups, bug-bounty-writeup, cybersecurity, bug-bounty01-Jan-2024
1.18 Lab: SQL injection attack, listing the database contents on Oracle | 2024https://cyberw1ng.medium.com/1-18-lab-sql-injection-attack-listing-the-database-contents-on-oracle-2024-cec2a796740f?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, bug-bounty, careers, hacking01-Jan-2024
Another 4 Digit Bounty Story on Hackeronehttps://medium.com/@jai.lani9001/another-4-digit-bounty-story-on-hackerone-58dba8c19818?source=rss------bug_bounty-5Jai Lanibug-bounty01-Jan-2024
CVE-2023–34635: UNIBOX 3.0/3.1 SQL Injection login bypasshttps://medium.com/@davidkarpinski1/cve-2023-34635-unibox-3-0-3-1-sql-injection-login-bypass-fc33004e70c0?source=rss------bug_bounty-5David Eduardo Karpinskibug-bounty, sql-login, unibox, sqli, login-bypass01-Jan-2024
Exploring the Depths: DNS Wildcard and Subdomain Takhttps://alvinbijo.medium.com/exploring-the-depths-dns-wildcard-and-subdomain-tak-6deed7aebcb1?source=rss------bug_bounty-5Alvin bijobug-bounty, bugbounty-writeup01-Jan-2024
Bug Zero at a Glance [01–15 December]https://blog.bugzero.io/bug-zero-at-a-glance-01-15-december-cdb358653f8e?source=rss------bug_bounty-5Januka Dharmapriyacybersecurity, sri-lanka, bug-bounty, bug-zero, newsletter31-Dec-2023
Uncovering LFI Attack ‍https://medium.com/@cyberkarthi/uncovering-ssrf-attack-12064069205f?source=rss------bug_bounty-5Karthikeyan Cethical-hacking, pentesting, bug-bounty, bugbounty-writeup31-Dec-2023
I hate Hackerone / X Website Vulnerability — Bug Bounty Hunterhttps://medium.com/@batuhanaydinn/i-hate-hackerone-x-website-vulnerability-bug-bounty-hunter-3e43a7e0bc80?source=rss------bug_bounty-5Batuhan Aydınhacking, hackerone, bug-bounty, penetration-testing, hacker31-Dec-2023
1.17 Lab: SQL injection attack, listing the database contents on non-Oracle databases | 2023https://systemweakness.com/1-17-lab-sql-injection-attack-listing-the-database-contents-on-non-oracle-databases-2023-2026162bf6ef?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, security, careers31-Dec-2023
DNS-Related Attacks and Exampleshttps://medium.com/@paritoshblogs/dns-related-attacks-and-examples-fee4da0cc2d6?source=rss------bug_bounty-5Paritoshdns, cybersecurity, bug-bounty, hacking, programming31-Dec-2023
How I hacked India’s top company database.https://medium.com/@sritharcyber/how-i-hacked-indias-top-company-database-d66b9fc49cb0?source=rss------bug_bounty-5Srithar Cybersqli, pentest, recent, hacked, bug-bounty31-Dec-2023
Simple Subdomain Takeoverhttps://infosecwriteups.com/simple-subdomain-takeover-15129e19bbb4?source=rss------bug_bounty-5hackerdevilvulnerability-assessment, bug-bounty, bug-bounty-writeup, bug-bounty-tips, web-app-security31-Dec-2023
Master Subdomain HUNTING | Art of finding Hidden Assetshttps://yashh2.medium.com/master-subdomain-hunting-art-of-finding-hidden-assets-3351b3c8467a?source=rss------bug_bounty-5ʏᴀꜱʜʜcybersecurity, infosec, bug-bounty, bug-bounty-tips, hacking30-Dec-2023
Woowow Bug Bounty Campaignhttps://medium.com/@woowow/woowow-bug-bounty-campaign-569e7b7868f3?source=rss------bug_bounty-5Woowowqitmeerecosystem, bounty-campaign, marketplaces, woowow, bug-bounty30-Dec-2023
How i Hacked My First Target using GooGle Dorkinghttps://mrunknown124154.medium.com/how-i-hacked-my-first-target-using-google-dorking-43cb999ad8db?source=rss------bug_bounty-5Mr Abdullahsql-injection, google-dorking, bug-bounty, hacking, sql-injection-attack30-Dec-2023
417$ Simple IDOR: Unauthorized Contact Details Modificationhttps://medium.com/@a13h1/417-simple-idor-unauthorized-contact-details-modification-92e8211439e4?source=rss------bug_bounty-5Abhi Sharmaprogramming, cybersecurity, hacking, bug-bounty, idor30-Dec-2023
Sudomain Takeover via Shopify(Easy Bounty $$$$)https://medium.com/@paxnull/sudomain-takeover-via-shopify-easy-bounty-300f839aa15d?source=rss------bug_bounty-5paxnullbug-bounty, tips, bug-bounty-tips, subdomain-takeover, bug-bounty-writeup30-Dec-2023
XSS deep dive P1 (theory)(publish early,please waiting for 2 days to read)https://medium.com/@nguhuynh.148/xss-deep-dive-p1-theory-637af86f335d?source=rss------bug_bounty-5Nguhuynhxss-vulnerability, xss-attack, xss-bypass, bug-bounty30-Dec-2023
Stored XSS into anchor href attribute with double quotes HTML-encodedhttps://medium.com/@marduk.i.am/stored-xss-into-anchor-href-attribute-with-double-quotes-html-encoded-1f88ba0b990f?source=rss------bug_bounty-5Marduk I Amstored-xss, bug-bounty, cybersecurity, cross-site-scripting, portswigger-lab30-Dec-2023
1.16 Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft |…https://cyberw1ng.medium.com/1-16-lab-sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft-5f2785ebb06f?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, cybersecurity, bug-bounty, hacking, careers30-Dec-2023
HTTPX Troubleshooting Issuehttps://infosecwriteups.com/httpx-troubleshooting-issue-38b61549126b?source=rss------bug_bounty-5Jarred Longoriabug-bounty, linux, troubleshooting, help, httpx30-Dec-2023
From Google Dorking to Unauthorized AWS Account Access and Account Takeoverhttps://medium.com/@ar_hawk/from-google-dorking-to-unauthorized-aws-account-access-and-account-takeover-89eb2b9d284f?source=rss------bug_bounty-5Aayush Vishnoissrf, bug-bounty-tips, bug-bounty30-Dec-2023
Reflected XSS into attribute with angle brackets HTML-encodedhttps://medium.com/@marduk.i.am/reflected-xss-into-attribute-with-angle-brackets-html-encoded-986d943b3fd2?source=rss------bug_bounty-5Marduk I Amportswigger-lab, cybersecurity, bug-bounty, cross-site-scripting, xss-vulnerability29-Dec-2023
Beyond Search Queries: Bug Bounty Hunting with Dorkzhttps://medium.com/@paxnull/beyond-search-queries-bug-bounty-hunting-with-dorkz-850cfa8c3ddc?source=rss------bug_bounty-5paxnulltips, dorking, recon, bug-bounty-tips, bug-bounty29-Dec-2023
Behind the Firewall: My First Valid Bug — Exposing Security Flaw in a multi-dollar Financial and…https://medium.com/@MohaseenK/behind-the-firewall-my-first-valid-bug-exposing-security-flaw-in-a-multi-dollar-financial-and-ff56e7bc4589?source=rss------bug_bounty-5Mohaseenpentesting, bug-bounty, rate-limiting, hackerone, bugcrowd29-Dec-2023
How to find unprotected databases with Netlas.io?https://netlas.medium.com/how-to-find-unprotected-databases-with-netlas-io-2bf186e9fc2d?source=rss------bug_bounty-5Netlas.ioosint, penetration-testing, bug-bounty, osint-investigation, cybersecurity29-Dec-2023
1.15 Lab: SQL injection attack, querying the database type and version on Oracle | 2023https://cyberw1ng.medium.com/1-15-lab-sql-injection-attack-querying-the-database-type-and-version-on-oracle-2023-cd4118eb604d?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, careers, hacking, cybersecurity29-Dec-2023
KisMAC is a free, open source wireless stumbling and security tool for Mac OS Xhttps://medium.com/@dineshpathro593/kismac-is-a-free-open-source-wireless-stumbling-and-security-tool-for-mac-os-x-03746fdea831?source=rss------bug_bounty-5Dineshpathrobugs, bug-bounty, bug-bounty-tips, hacking, hackin29-Dec-2023
OTP-Bot Tool CLICK HEREhttps://medium.com/@dineshpathro593/otp-bot-tool-click-here-7f3ee559ca21?source=rss------bug_bounty-5Dineshpathrobug-bounty-tips, hacking-tools, bug-bounty, hacking, bugs29-Dec-2023
Recon Tools For Web Applicationhttps://medium.com/@dineshpathro593/recon-tools-for-web-application-714af64e7d07?source=rss------bug_bounty-5Dineshpathrohacking, hacker, bug-bounty, bug-bounty-tips, hackathons29-Dec-2023
200 Materials of CyberSecurity in PDFshttps://medium.com/@dineshpathro593/200-materials-of-cybersecurity-in-pdfs-e7a942123be5?source=rss------bug_bounty-5Dineshpathrocybersecurity, hackathons, bug-bounty, hacking, bug-bounty-tips29-Dec-2023
Bug Bounty: The road to my first $1000 through hacking public websiteshttps://swehtpantz.medium.com/bug-bounty-the-road-to-my-first-1000-through-hacking-public-websites-a0e2aa1b7271?source=rss------bug_bounty-5Swehtpantzethical-hacking, bug-bounty, bug-bounty-tips, hacking, bugbounty-writeup28-Dec-2023
HackTheBox(HTB) Writeup — Nodehttps://medium.com/@harman.preet.singh3738/hackthebox-htb-writeup-node-5600a442e393?source=rss------bug_bounty-5Harmanpreet Singhpenetration-testing, bug-bounty, tryhackme, ethical-hacking, hackthebox28-Dec-2023
️ Protect Yourself: The Power of OPSEChttps://medium.com/@teckgamer07/%EF%B8%8F-protect-yourself-the-power-of-opsec-17a7ec256427?source=rss------bug_bounty-5Macmelterbugsbounty, hacking, bug-bounty, cybersecurity28-Dec-2023
Multiple RXSShttps://medium.com/@0xchoudhary/multiple-rxss-f3f796287f34?source=rss------bug_bounty-5Sushil Choudharybounty-hunter, xss-attack, bug-bounty-tips, bug-bounty, hackerone28-Dec-2023
Stored XSS via File upload(using svg file)https://medium.com/@paxnull/stored-xss-via-file-upload-using-svg-file-c1e2a33ed8a8?source=rss------bug_bounty-5paxnullbug-bounty, tips, bugbounty-tips, xss-vulnerability, hacking28-Dec-2023
Authorization problemhttps://medium.com/@nguhuynh.148/authorization-problem-2bb053c215cd?source=rss------bug_bounty-5Nguhuynhbroken-access-control, hacking, bug-bounty, hacks, bug-bounty-tips28-Dec-2023
CVE-2023–51356: ARMember <= 4.0.10 — Authenticated Privilege Escalationhttps://revan-ar.medium.com/cve-2023-51356-armember-4-0-10-authenticated-privilege-escalation-7e0c7fbe5a79?source=rss------bug_bounty-5Revan Abug-bounty, privilege-escalation, wordpress-plugins, penetration-testing28-Dec-2023
1.14 Lab: SQL injection with filter bypass via XML encoding | 2023https://cyberw1ng.medium.com/1-14-lab-sql-injection-with-filter-bypass-via-xml-encoding-2023-9794dc7bf9f4?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, bug-bounty, penetration-testing, hacking28-Dec-2023
How I made 7K on Epic Games Bug Bountyhttps://medium.com/@synapticspace/how-i-made-7k-on-epic-games-bug-bounty-8529728b9fcf?source=rss------bug_bounty-5SynapticSpacebug-bounty-writeup, hacking, bug-bounty, bug-bounty-tips28-Dec-2023
How I made 7K on Epic Games Bug Bountyhttps://infosecwriteups.com/how-i-made-7k-on-epic-games-bug-bounty-8529728b9fcf?source=rss------bug_bounty-5SynapticSpacebug-bounty-writeup, hacking, bug-bounty, bug-bounty-tips28-Dec-2023
DOM XSS in jQuery selector sink using a hashchange eventhttps://medium.com/@marduk.i.am/dom-xss-in-jquery-selector-sink-using-a-hashchange-event-bb3c355b3633?source=rss------bug_bounty-5Marduk I Amportswigger-lab, bug-bounty, dom-xss, cybersecurity, cross-site-scripting27-Dec-2023
Amass: New Config File Updatehttps://hackerassociate.medium.com/amass-new-config-file-update-e95d09b6eb70?source=rss------bug_bounty-5Harshad Shahpenetration-testing, cybersecurity, infosec, hacking, bug-bounty27-Dec-2023
DOM XSS on Hackerone Programs — Bug Bounty Tuesdayhttps://medium.com/@kerstan/dom-xss-on-hackerone-programs-bug-bounty-tuesday-8973ecf6af95?source=rss------bug_bounty-5kerstanxss-attack, security, cybersecurity, technology, bug-bounty27-Dec-2023
1.13 Lab: Blind SQL injection with out-of-band data exfiltration | 2023https://cyberw1ng.medium.com/1-13-lab-blind-sql-injection-with-out-of-band-data-exfiltration-2023-f83a1448b685?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, cybersecurity, hacking, careers27-Dec-2023
“Crucial Bug Bounty Hacks: Habits with Enduring Benefits”https://medium.com/@paxnull/secrets-of-the-hunter-pro-tips-for-effective-bug-bounty-hunting-1a261df4444d?source=rss------bug_bounty-5paxnulltips, learning, programming, bugbounty-tips, bug-bounty27-Dec-2023
Inside the Digital Vault: How I Unearthed PII Goldmine — Exposing 15K GST Users’ Information in a…https://medium.com/@MohaseenK/inside-the-digital-vault-how-i-unearthed-pii-goldmine-exposing-15k-gst-users-information-in-a-38c3105889ea?source=rss------bug_bounty-5Mohaseenbug-bounty, hackerone, bugcrowd, information-disclosure, indian-government27-Dec-2023
How Does DNS Work and What is DNS Poisoning?https://medium.com/@bcanote/how-does-dns-work-and-what-is-dns-poisoning-4c187fb3f2b0?source=rss------bug_bounty-5bcanotecybersecurity, hacking, dns, dns-poisoning, bug-bounty27-Dec-2023
URL Redirection To DOM XSS on Hackerone Programs -Bug Bounty Tuesdayhttps://medium.com/@kerstan/dom-xss-on-hackerone-programs-bug-bounty-tuesday-8973ecf6af95?source=rss------bug_bounty-5kerstanxss-attack, security, cybersecurity, technology, bug-bounty27-Dec-2023
Mastering Bug Bounty: Your Ultimate Guide to Cybersecurity Successhttps://medium.com/@umidcyber.s/mastering-bug-bounty-your-ultimate-guide-to-cybersecurity-success-82dc9b30fc02?source=rss------bug_bounty-5Umid Mammadovbug-bounty-tips, tools, bug-bounty, information-technology, bugs26-Dec-2023
Deep Dive Into XSShttps://medium.com/@kavish2002ev3/deep-dive-into-xss-8420ddccc73b?source=rss------bug_bounty-5kavish shahxss-vulnerability, web-application-security, bug-bounty26-Dec-2023
The Tale Of Insecure Deserialization: A Journey From Serialization To Exploitationhttps://medium.com/@kavish2002ev3/the-tale-of-insecure-deserialization-a-journey-from-serialization-to-exploitation-47400a4c9093?source=rss------bug_bounty-5kavish shahctf-writeup, web-application-security, insecure-deserialization, bug-bounty26-Dec-2023
Portswigger Labs — CSRFhttps://medium.com/@rynnnn617/portswigger-labs-csrf-10b496d6580c?source=rss------bug_bounty-5Ry4nnnnbug-bounty, portswigger-lab, csrf, burpsuite26-Dec-2023
1.12 Lab: Blind SQL injection with out-of-band interaction | 2023https://infosecwriteups.com/1-12-lab-blind-sql-injection-with-out-of-band-interaction-2023-db12e3b10118?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking26-Dec-2023
Navigating Tree-Sitter Queries with jsluice for JavaScript File Analysishttps://lopseg.medium.com/navigating-tree-sitter-queries-with-jsluice-for-javascript-file-analysis-061b7cb4ea9d?source=rss------bug_bounty-5Lopsegbug-bounty-tips, bug-bounty, cybersecurity, bug-bounty-writeup, javascript26-Dec-2023
Portswigger Labs — CSRFhttps://medium.com/@ry4nnnn/portswigger-labs-csrf-10b496d6580c?source=rss------bug_bounty-5Ry4nnnnbug-bounty, portswigger-lab, csrf, burpsuite26-Dec-2023
Account takeover vulnerability that resulted in $2500 bounty!https://medium.com/@deadoverflow/account-takeover-vulnerability-that-resulted-in-2500-bounty-e1618363878d?source=rss------bug_bounty-5Imad Husanovicbug-bounty, hacking, bug-bounty-tips, cybersecurity, bug-hunting25-Dec-2023
Content Spoofing & Parameter Injectionhttps://codingninjablogs.tech/content-spoofing-parameter-injection-0861bfd146d4?source=rss------bug_bounty-5#!/Subhankarinjection-attacks, web-pen-testing, bug-bounty, spoofing25-Dec-2023
Top 3 Password Cracking Toolshttps://medium.com/@UsmanAtif/top-3-password-cracking-tools-18801fbdcdae?source=rss------bug_bounty-5Muhammad Usman Atifhacking, cybersecurity, passwords, bug-bounty, penetration-testing25-Dec-2023
Hackers Target Bug Bounty Hunters with Blackmail Emailshttps://rishikadesai.medium.com/hackers-target-bug-bounty-hunters-with-blackmail-emails-421cf57fe4a7?source=rss------bug_bounty-5Rishika Desaithreat-intelligence, threat-research, bug-bounty, cyber-security-awareness, cybersecurity25-Dec-2023
What is LFI (Local File Inclusion) Vulnerability ?https://medium.com/@errorfiathck/what-is-lfi-local-file-inclusion-vulnerability-c9372e25e389?source=rss------bug_bounty-5Errorfiathckpentesting, lfi, vulnerability, bug-bounty, pentest25-Dec-2023
Legacy of EternalBluehttps://medium.com/@akshadjoshi/legacy-of-eternalblue-de4d643e8f36?source=rss------bug_bounty-5Akshad Joshieternalblue, hackthebox, pentesting, bug-bounty, hacking24-Dec-2023
Hackeando GraphQL: Introducciónhttps://medium.com/@soyelmago/hackeando-graphql-introducci%C3%B3n-1537af763d0c?source=rss------bug_bounty-5Alan Brian @soyelmagographql, bug-bounty, information-security, pentesting, hacking24-Dec-2023
Ceklis Web Pentesting Untuk Pemula — Registration Feature Testinghttps://riodrwn.medium.com/ceklis-web-pentesting-untuk-pemula-registration-feature-testing-aceb545b587c?source=rss------bug_bounty-5Rio Darmawanbug-bounty-writeup, bug-bounty, pentesting, bugbounty-writeup, web-penetration-testing23-Dec-2023
The Crucial Role of Threat Intelligence Sharing in Cybersecurityhttps://medium.com/@paritoshblogs/the-crucial-role-of-threat-intelligence-sharing-in-cybersecurity-cd4be0b53a86?source=rss------bug_bounty-5Paritoshprogramming, hacking, threat-intelligence, cybersecurity, bug-bounty23-Dec-2023
The Evolving Role of a SOC Analysthttps://medium.com/@paritoshblogs/the-evolving-role-of-a-soc-analyst-c82e3e515558?source=rss------bug_bounty-5Paritoshinformation-security, cybersecurity, hacking, bug-bounty, soc-analyst23-Dec-2023
Out-of-Scope, Not Out-of-Impact: Unveiling Significant Sensitive Information Disclosurehttps://padsalatushal.medium.com/out-of-scope-not-out-of-impact-unveiling-significant-sensitive-information-disclosure-c8e76c1806e8?source=rss------bug_bounty-5Padsala Tushalcybersecurity, bug-bounty, bug-bounty-tips, infosec, information-disclosure23-Dec-2023
Hack Story: Unveiling Security Flaws in a Government Portalhttps://medium.com/@sahadmk/hack-story-unveiling-security-flaws-in-a-government-portal-995217f877c3?source=rss------bug_bounty-5Sahad Mkbug-bounty, javascript, pentesting, vulnerability, hacking23-Dec-2023
The ART of Chaining Vulnerabilitieshttps://ahmdhalabi.medium.com/the-art-of-chaining-vulnerabilities-e65382b7c627?source=rss------bug_bounty-5Ahmad Halabiethical-hacking, hacking, intelligence, hacker, bug-bounty23-Dec-2023
Hacking Communityhttps://medium.com/@mrunknown124154/hacking-community-ab774827006d?source=rss------bug_bounty-5Mrunknownbug-bounty, ethical-hacking, hacking23-Dec-2023
DoS’ing Zsecurityhttps://medium.com/@24bkdoor/dosing-zsecurity-a4cb99396935?source=rss------bug_bounty-524BkDoorbug-bounty, ethical-hacking, hacking, web-development, cybersecurity22-Dec-2023
Securing the Future: Enhancing the Safety of Compound Protocolhttps://medium.com/@topcrypto00/securing-the-future-enhancing-the-safety-of-compound-protocol-940498c78d68?source=rss------bug_bounty-5Top Cryptobug-bounty, bug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, compound-protocol22-Dec-2023
He stored your password in Cookiehttps://medium.com/@fixthis1000time/he-stored-your-password-in-cookie-5a6d0478e570?source=rss------bug_bounty-5fixthi$hacking, bug-bounty, ethical-hacking22-Dec-2023
How I was able to buy 2500 Rs product for 18rs in E-Commerce Website?https://medium.com/@shubhamsonani/how-i-was-able-to-buy-2500-rs-product-for-18rs-in-e-commerce-website-ada4e91b5b91?source=rss------bug_bounty-5Shubham Sonanibug-bounty, hacking, bug-bounty-tips, vulnerability, cybersecurity22-Dec-2023
PJWT Certificationhttps://medium.com/@OmarAlkhowaiter/pjwt-certification-f4f7995d35f6?source=rss------bug_bounty-5Omar Alkhowaitercertification, bug-bounty, penetration-testing, cybersecurity, web-exploitation22-Dec-2023
Consentify hits Beta Test phase boosted by a Bug Bounty program!https://datalaketoken.medium.com/consentify-hits-beta-test-phase-boosted-by-a-bug-bounty-program-6b621eadd02b?source=rss------bug_bounty-5Data Lakehealthcare, desci, bug-bounty, data-lake, research22-Dec-2023
Ideas for Testing Checkouthttps://lopseg.medium.com/ideas-for-testing-checkout-eebe6148729d?source=rss------bug_bounty-5Lopsegbug-bounty-tips, infosec, hacking, bug-bounty22-Dec-2023
Beyond Simple Alerts: Techniques for Evading WAF and Achieving XSS Successhttps://lopseg.medium.com/beyond-simple-alerts-techniques-for-evading-waf-and-achieving-xss-success-4409a5bd2ee0?source=rss------bug_bounty-5Lopsegbug-bounty-tips, hacking, xss-attack, bug-bounty22-Dec-2023
He stored your password in Cookiehttps://medium.com/@fixthis1000time/he-stored-your-password-in-cookie-5a6d0478e570?source=rss------bug_bounty-5fixthi$hacking, bug-bounty, cybersecurity, infosec, ethical-hacking22-Dec-2023
5 Tips Web Fuzz You Should Knowhttps://medium.com/@kerstan/5-tips-web-fuzz-you-should-know-00ef6c59407d?source=rss------bug_bounty-5kerstanbug-bounty, hacking, bug-bounty-tips, security, cybersecurity21-Dec-2023
TryHackMe AoC 2023 Side Quest final thoughtshttps://medium.com/@boogsta/tryhackme-aoc-2023-side-quest-final-thoughts-afcb5880be33?source=rss------bug_bounty-5Boogstahacking, cyber, tryhackme, cybersecurity, bug-bounty21-Dec-2023
88MPH Vulnerability Exploit and Get Free Crypt0S $$$$$$https://medium.com/@vinaysati/88mph-vulnerability-exploit-and-get-free-crypt0s-a4d4a8328dc7?source=rss------bug_bounty-5Vinaysatibug-bounty, hacking, web3bug, bug-bounty-tips, web321-Dec-2023
The art of subdomain monitoringhttps://medium.com/@muhannadahmed042/the-art-of-subdomain-monitoring-da610a0f8031?source=rss------bug_bounty-5muhannad hazaacybersecurity, penetration-testing, bug-bounty, recon21-Dec-2023
A Business logic error in Google Dialogflow enables a developer to delete the agent directly from…https://medium.com/@krityamkarma858041/a-business-logic-error-in-google-dialogflow-enables-a-developer-to-delete-the-agent-directly-from-3a5bf2a07706?source=rss------bug_bounty-5Krityamkarmagoogle-vrp, bug-bounty, ethical-hacking, google, hacking21-Dec-2023
Privacy at Risk: EXIF Metadata Exposure in User-Uploaded Imageshttps://samshadow.medium.com/privacy-at-risk-exif-metadata-exposure-in-user-uploaded-images-c2481f876d03?source=rss------bug_bounty-5Sam Shadowbug-bounty, bug-bounty-tips, bug-bounty-writeup, infosec, vulnerability21-Dec-2023
Aspiring Bug Bounty Hunters’ New Year Goals Toolkithttps://sl4x0.medium.com/aspiring-bug-bounty-hunters-new-year-goals-toolkit-a156c96e9de7?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)bug-bounty, new-year, goals, mindset, success21-Dec-2023
How Can Artificial Intelligence Revolutionize Bug Bounty?https://medium.com/@zouhairelgarouni/how-can-artificial-intelligence-revolutionize-bug-bounty-664e7f5ed3dd?source=rss------bug_bounty-5ZOUHAIR EL GAROUNItechnology, cybersecurity, bug-bounty, artificial-intelligence, cyberattack21-Dec-2023
I made online store to pay for my orders and get me free refunds.https://medium.com/@shubhamsonani/i-made-online-store-to-pay-for-my-orders-and-get-me-free-refunds-6f4db5893c13?source=rss------bug_bounty-5Shubham Sonanibug-bounty-tips, cybersecurity, vulnerability, hacking, bug-bounty21-Dec-2023
5 Tips Web Fuzz You Should Knowhttps://medium.com/@kerstan/5-tips-web-fuzz-you-should-know-00ef6c59407d?source=rss------bug_bounty-5kerstantechnology, bug-bounty, hacking, security, cybersecurity21-Dec-2023
A list of 50 tools every hacker should knowhttps://thexssrat.medium.com/a-list-of-50-tools-every-hacker-should-know-df8d87cf4b58?source=rss------bug_bounty-5Thexssrathacking-tools, hacking, bug-bounty, ethical-hacking21-Dec-2023
Open Redirect Validation Bypass Leads To Account Take Over (ATO)https://medium.com/@ozomarzu/open-redirect-validation-bypass-leads-to-account-take-over-ato-5166b3416e3f?source=rss------bug_bounty-5CyberOzbug-hunting, bug-bounty, bug-bounty-tips, hacker, web-security21-Dec-2023
Code4rena Blue vs. Traditional Bug Bountieshttps://medium.com/code4rena/code4rena-blue-vs-traditional-bug-bounties-478f469057c9?source=rss------bug_bounty-5aramasbug-bounty, smart-contract-security, code4rena, code4rena-blue21-Dec-2023
A Very Basic Beginner Bug Bounty Methodologyhttps://thexssrat.medium.com/a-very-basic-beginner-bug-bounty-methodology-15eca16ca787?source=rss------bug_bounty-5Thexssrathacking, bug-bounty, ethical-hacking21-Dec-2023
Bug Bounty: Tips for Finding Your First Bug as a Beginnerhttps://graph33.medium.com/bug-bounty-tips-for-finding-your-first-bug-as-a-beginner-120f71c709cd?source=rss------bug_bounty-5GHS08bug-bounty, hacking, cracking, coding21-Dec-2023
How My 9-Month-Old Daughter Earned Over $1,000 in a Bug Bounty Programhttps://maxilect-company.medium.com/how-my-9-month-old-daughter-earned-over-1-000-in-a-bug-bounty-program-be9ba1d77cad?source=rss------bug_bounty-5Maxilectsamsun, bug-bounty-program, bug-bounty20-Dec-2023
This is how much I made in my first year as a Bug Bounty Hunter in 2023 — Graduation Bonus!https://medium.com/@avbhijitdutta99/this-is-how-much-i-made-in-my-first-year-as-a-bug-bounty-hunter-in-2023-graduation-bonus-b45875225c88?source=rss------bug_bounty-5Abhijit Duttabug-bounty-tips, bug-bounty-program, bug-bounty, bugbountychallenge, bug-bounty-writeup20-Dec-2023
DOM XSS in jQuery anchor href attribute sink using location.search sourcehttps://medium.com/@marduk.i.am/dom-xss-in-jquery-anchor-href-attribute-sink-using-location-search-source-b1000b4b16b3?source=rss------bug_bounty-5Marduk I Amcross-site-scripting, portswigger-lab, cybersecurity, bug-bounty, dom-xss20-Dec-2023
How I doubled the store wallet amount for free?https://medium.com/@shubhamsonani/how-i-doubled-the-store-wallet-amount-for-free-d7396c05a304?source=rss------bug_bounty-5Shubham Sonanibug-bounty-tips, hacking, bug-bounty, cybersecurity, web-application-testing20-Dec-2023
Top Burp Suite Extensions Used by Penetration Testershttps://medium.com/@bharatvarshney567/top-burp-suite-extensions-used-by-penetration-testers-fa90fe26816c?source=rss------bug_bounty-5Bharat Varshneyowasp, bug-bounty, security-testing, security-services, penetration-testing20-Dec-2023
How to earn with earn bug boutny part-2?https://medium.com/@ashutoshgiri133/how-to-earn-with-earn-bug-boutny-part-2-1dcfe1922a33?source=rss------bug_bounty-5Tech Blaze ごじょcoding, money, bug-bounty, business20-Dec-2023
“CVE-2023–43837: Two-Factor Authentication (x2FA) Bypass Vulnerability in Roundcube Webmail Plugin”https://medium.com/@ChandSingh/cve-2023-43837-two-factor-authentication-x2fa-bypass-vulnerability-in-roundcube-webmail-plugin-f2fef177187e?source=rss------bug_bounty-5Chand Singhcve, vulnerability, cybersecurity, bug-bounty, security20-Dec-2023
Web Security Diaryhttps://medium.com/@muratkabakk1/web-security-diary-4b2148326abe?source=rss------bug_bounty-5Murat Kbug-bounty, web-security20-Dec-2023
Introducing Code4rena Blue: More than just bug bountieshttps://medium.com/code4rena/introducing-code4rena-blue-more-than-just-bug-bounties-f2a9949c6b9c?source=rss------bug_bounty-5aramassmart-contract-security, code4rena, bug-bounty20-Dec-2023
Learn Command Injection Vulnerabilitieshttps://bicodev.medium.com/learn-command-injection-vulnerabilities-2a8ed26eb47a?source=rss------bug_bounty-5BICODEVlinux, python-programming, cybersecurity, bug-bounty, penetration-testing19-Dec-2023
Hack the Web like a Pirate: Identifying Vulnerabilities with Stylehttps://bicodev.medium.com/hack-the-web-like-a-pirate-identifying-vulnerabilities-with-style-171246a302a5?source=rss------bug_bounty-5BICODEVpython, bug-bounty, cybersecurity, hacker, penetration-testing19-Dec-2023
3 Steps Discovered XXE You should Knowhttps://medium.com/@kerstan/3-steps-discovered-xxe-you-should-know-d779ab5eb056?source=rss------bug_bounty-5kerstansecurity, pentesting, hacking, cybersecurity, bug-bounty19-Dec-2023
DOM XSS in innerHTML sink using source location.searchhttps://medium.com/@marduk.i.am/dom-xss-in-innerhtml-sink-using-source-location-search-a3ac4546ca5c?source=rss------bug_bounty-5Marduk I Ambug-bounty, cybersecurity, dom-xss, cross-site-scripting, portswigger-lab19-Dec-2023
Zero Trust Architecturehttps://medium.com/@khan.ghufran.0000/zero-trust-architecture-f47e9da3eaec?source=rss------bug_bounty-5Khan Ghufranarchitecture, bug-bounty, cybersecurity, cyber-security-solutions, infosec19-Dec-2023
Rekomendasi Buku Bug Bounty Untuk Pemulahttps://medium.com/@arenaldyp/rekomendasi-buku-bug-bounty-untuk-pemula-5aadd03f434f?source=rss------bug_bounty-5K1ngP1ngbug-bounty, indonesia, web-security, recommendations, hacking19-Dec-2023
Is It Worth Quitting 9–5 Job For a Full-Time Bug Bounty?https://ajaksecurity.medium.com/is-it-worth-quitting-9-5-job-for-a-full-time-bug-bounty-8274f6808aab?source=rss------bug_bounty-5Ajak Cyber securityethical-hacking, cybersecurity, blog, jobs, bug-bounty19-Dec-2023
Directory Listing Vulnerabilityhttps://medium.com/@digant_15/directory-listing-vulnerability-b2e1583d8a7e?source=rss------bug_bounty-5Digant Prajapaticybersecurity, directory-listing, bug-bounty19-Dec-2023
How One Bug Scored Me Double Rewards!https://anasbetis023.medium.com/how-one-bug-scored-me-double-rewards-355b8d02cdbf?source=rss------bug_bounty-5Anas H Hmaidycybersecurity, bug-bounty, penetration-testing, ethical-hacking, web-security19-Dec-2023
Join Any Facebook Group As Deactivated Additional Profilehttps://zerocode-ph.medium.com/join-any-facebook-group-as-deactivated-additional-profile-f63a31db7797?source=rss------bug_bounty-5Syd Ricafortfacebook, bug-bounty, facebook-bug-bounty19-Dec-2023
How I Found SQL Injection worth of $4,000 bountyhttps://roberto99.medium.com/how-i-found-sql-injection-worth-of-4-000-bounty-16ca09cbf8ec?source=rss------bug_bounty-5Roberto Nunesbug-bounty, sql-injection, bug-bounty-writeup, bug-bounty-tips, reconnaissance19-Dec-2023
#6.TryHackMe Series writeups: Brooklyn Nine Ninehttps://cyb3rmind.medium.com/6-tryhackme-series-writeups-brooklyn-nine-nine-a0f7f074cbab?source=rss------bug_bounty-5Cyb3r M!ndthm-writeup, tryhackme, ctf-writeup, brooklyn-nine-nine, bug-bounty19-Dec-2023
The Ultimate Guide to Uncovering XSS Vulnerabilities at Scalehttps://medium.com/@cyndybruce1967/the-ultimate-guide-to-uncovering-xss-vulnerabilities-at-scale-1f35ecb765b7?source=rss------bug_bounty-5Cyndybrucecybersecurity, penetration-testing, automation, bug-bounty, xs19-Dec-2023
The Ultimate Guide to Hunting for XSS Vulnerabilities at Scalehttps://medium.com/@elitumbleson1978/the-ultimate-guide-to-hunting-for-xss-vulnerabilities-at-scale-bfde4a9beae6?source=rss------bug_bounty-5Elitumblesoncybersecurity, penetration-testing, bug-bounty, xs, automation19-Dec-2023
Understanding Cross-Site Scripting (XSS) Attacks: Risks, Prevention, and Impacthttps://securitylit.medium.com/understanding-cross-site-scripting-xss-attacks-risks-prevention-and-impact-ce002e5fbb1a?source=rss------bug_bounty-5Security Lit Limitedxss-attack, technology, bug-bounty, cybersecurity, vulnerability18-Dec-2023
why you need to filter the input and the output —  stored xsshttps://medium.com/@Mr3Moe/why-you-need-to-filter-the-input-and-the-output-stored-xss-66f67c663703?source=rss------bug_bounty-5Mr3Moeweb-penetration-testing, appsec, bug-bounty18-Dec-2023
Lets Dive into the Intense World of Malware Analysis!https://medium.com/@paritoshblogs/lets-dive-into-the-intense-world-of-malware-analysis-3c9e242d8c16?source=rss------bug_bounty-5Paritoshinformation-security, malware-analysis, cybersecurity, programming, bug-bounty18-Dec-2023
Burp Suite Bambdahttps://medium.com/offensive-black-hat-hacking-security/burp-suite-bambda-b9b8f57d6b46?source=rss------bug_bounty-5Harshad Shahbug-bounty, hacking, cybersecurity, infosec, penetration-testing18-Dec-2023
Top Burp Suite Extensions Used by Penetration Testershttps://securitycipher.medium.com/top-burp-suite-extensions-used-by-penetration-testers-ee971a73256a?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)bug-bounty-tips, security, cybersecurity, bug-bounty, technology18-Dec-2023
How to write a perfect pentest reporthttps://arex-godofwar.medium.com/how-to-write-a-perfect-pentest-report-edb63cc68b36?source=rss------bug_bounty-5Ahmadreza Parsizadehpentesting, bug-bounty, reporting, offensive-security18-Dec-2023
Mastering Web Application Security: Defending Against Injections and Broken Access Controlhttps://medium.com/@moldovanzsombor/mastering-web-application-security-defending-against-injections-and-broken-access-control-34161cbefc8f?source=rss------bug_bounty-5Moldovan Zsomborhacking, cybersecurity, web-applications, bug-bounty18-Dec-2023
CyberSecurity Day 01 to 100: DAY 08 |A Comprehensive Guide for Novices and Expertshttps://medium.com/@acs_society/cybersecurity-day-01-to-100-day-08-a-comprehensive-guide-for-novices-and-experts-55d3ef86abbf?source=rss------bug_bounty-5Association For Cyber Securityacsociety, ethical-hacking, cybersecurity, bug-bounty, security-engineer18-Dec-2023
This Tool Helps Me To Find The Origin IP Addresshttps://ajaksecurity.medium.com/this-tool-helps-me-to-find-the-origin-ip-address-d9c2abceafb2?source=rss------bug_bounty-5Ajak Cyber securityhacking, ethical-hacking, blog, bug-bounty, penetration-testing18-Dec-2023
ParagonsDAO’s Bug Bounty Programhttps://medium.com/paragonsdao/paragonsdaos-bug-bounty-program-8cfb82f786c0?source=rss------bug_bounty-5ParagonsDAOweb3, immunefi, bug-bounty, paragonsdao18-Dec-2023
Go Witness Install Guide…https://medium.com/@psychomong/go-witness-install-guide-a62d96be30b0?source=rss------bug_bounty-5psychomonghacking-tools, bug-bounty, golang, hacking, osint18-Dec-2023
CyberSecurity Day 01 to 100: DAY 08 | A Comprehensive Guide for Novices and Expertshttps://medium.com/@acs_society/cybersecurity-day-01-to-100-day-08-a-comprehensive-guide-for-novices-and-experts-55d3ef86abbf?source=rss------bug_bounty-5Association For Cyber Securityacsociety, ethical-hacking, cybersecurity, bug-bounty, security-engineer18-Dec-2023
How I Could Leak Phone Numbers and Emails of Indian Voters and Applicantshttps://medium.com/@Mr.Equinox/how-i-could-leak-phone-numbers-and-emails-of-indian-voters-and-applicants-dd1fc699d81e?source=rss------bug_bounty-5Sahil Mhatrebug-bounty, mybugs, bug-hunting, api-security, vapt18-Dec-2023
Horizon Protocol V2 — Hacken Bug Bounty Program Now Live On Testnethttps://horizonprotocol.medium.com/horizon-protocol-v2-hacken-bug-bounty-program-now-live-on-testnet-4617205c7184?source=rss------bug_bounty-5Horizon Protocolbug-bounty, defi, hacken, derivatives, synthetic-asset18-Dec-2023
Getting Started with Recon Automation using ReNgine on Windows (WSL): Installation Guidehttps://mxmd.medium.com/getting-started-with-recon-automation-using-rengine-on-windows-wsl-installation-guide-50ad95b8a7a9?source=rss------bug_bounty-5Max Klosereconnaissance, bug-bounty-hunting, automation, bug-bounty, guides-and-tutorials18-Dec-2023
Bug Zero at a Glance [19–30 November]https://blog.bugzero.io/bug-zero-at-a-glance-19-30-november-8470a11d3015?source=rss------bug_bounty-5Januka Dharmapriyabug-zero, newsletter, cybersecurity, sri-lanka, bug-bounty17-Dec-2023
Mitel MiCollab AWV Directory Traversal Vulnerability (CVE-2020–11798)https://samshadow.medium.com/mitel-micollab-awv-directory-traversal-vulnerability-cve-2020-11798-ec1408cd35b9?source=rss------bug_bounty-5Sam Shadowbug-bounty, bug-bounty-writeup, bug-bounty-tips, vulnerability, directory-traversal17-Dec-2023
Unveiling a Security Flaw: The Divergence of OTP and Link Password Authentication in redacted.comhttps://medium.com/@MohaseenK/unveiling-a-security-flaw-the-divergence-of-otp-and-link-password-authentication-in-redacted-com-27e0cc2dc73c?source=rss------bug_bounty-5Mohaseenbug-hunting, password-reset, bug-bounty, hackerone17-Dec-2023
XSSRF : The Unholy Matrimony of XSS and SSRFhttps://naumankh4n.medium.com/xssrf-the-unholy-matrimony-of-xss-and-ssrf-89f7abfca5b3?source=rss------bug_bounty-5Nauman Khancybersecurity, hacking, bug-bounty, penetration-testing, money17-Dec-2023
Bug Bounty programmes give people the fear (they shouldn’t)https://medium.com/@ethanrom/bug-bounty-programmes-give-people-the-fear-they-shouldnt-755466351140?source=rss------bug_bounty-5Leo Chacking, cybersecurity, ciso, culture, bug-bounty17-Dec-2023
V3 Testnet Bug Bountyhttps://tribeone.medium.com/v3-testnet-bug-bounty-8281b8775843?source=rss------bug_bounty-5TribeOnenft, smart-contract-security, bug-bounty17-Dec-2023
DOM XSS in document.write sink using source location.searchhttps://medium.com/@marduk.i.am/dom-xss-in-document-write-sink-using-source-location-search-ae458bc5c85f?source=rss------bug_bounty-5Marduk I Amdom-xss, cross-site-scripting, cybersecurity, bug-bounty, portswigger-lab17-Dec-2023
Reflected XSS in BGMIhttps://medium.com/@patil97/reflected-xss-in-bgmi-38ed48773981?source=rss------bug_bounty-5Patil97bug-bounty, xs, bugs, security17-Dec-2023
Main Methodology 1 | Part 04 | What To Do After Choosing a Targethttps://infosecwriteups.com/main-methodology-1-part-04-what-to-do-after-choosing-a-target-f9cea586d6af?source=rss------bug_bounty-5Om Arorabug-bounty, bug-bounty-tips, hacking, infosec, methodology17-Dec-2023
When not to rely on Automated Toolshttps://medium.com/@rodriguezjorgex/when-not-to-rely-on-automated-tools-429b331e0613?source=rss------bug_bounty-5Rodriguezjorgexcybersecurity, bug-bounty, xss-attack, prototype-pollution, bug-bounty-tips16-Dec-2023
Escalating DOM XSS to Stored XSShttps://medium.com/@rodriguezjorgex/escalating-dom-xss-to-stored-xss-eb6f3a669af3?source=rss------bug_bounty-5Rodriguezjorgexcross-site-scripting, bug-bounty, hacking, cybersecurity, xss-attack16-Dec-2023
Mitigating Risks: Securing Symfony Profiler from Unwanted Exposurehttps://samshadow.medium.com/mitigating-risks-securing-symfony-profiler-from-unwanted-exposure-14e90a53dd65?source=rss------bug_bounty-5Sam Shadowbug-bounty-writeup, bug-bounty, bug-bounty-tips, vulnerability16-Dec-2023
Unveiling Vulnerabilities: PHP Debug Bar Exposes Sensitive Informationhttps://samshadow.medium.com/unveiling-vulnerabilities-php-debug-bar-exposes-sensitive-information-ca341267fe33?source=rss------bug_bounty-5Sam Shadowvulnerability, bug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter16-Dec-2023
Self-XSS to Stored XSShttps://medium.com/@rodriguezjorgex/self-xss-to-stored-xss-b4b999610c5b?source=rss------bug_bounty-5Rodriguezjorgexhacking, cybersecurity, bug-bounty, xss-attack, bug-bounty-tips16-Dec-2023
Unveiling CVE-2019-11248: A Vulnerability in Kuberneteshttps://samshadow.medium.com/unveiling-cve-2019-11248-a-vulnerability-in-kubernetes-83a831afaccd?source=rss------bug_bounty-5Sam Shadowbug-bounty, bug-bounty-hunter, bug-bounty-tips, vulnerability, bug-bounty-writeup16-Dec-2023
DOM-based vulnerabilitieshttps://ayonthakur101.medium.com/dom-based-vulnerabilities-db02d7437b26?source=rss------bug_bounty-5Ayon Thakurpenetration-testing, bug-bounty, hacker, portswigger, burp-suit16-Dec-2023
SSTI gave me T-Shirt + € 50https://medium.com/@bug.hun3r/ssti-got-me-t-shirt-50-a8672ca766c9?source=rss------bug_bounty-5mo9kHu93rinformation-security, bug-bounty, bug-hunting, info-sec-writeups, cybersecurity16-Dec-2023
Kakar Securityhttps://medium.com/@walikhankakar313/kakar-security-cf15f39baede?source=rss------bug_bounty-5Wali Khan Kakarwebsite-scanning, penetration, security, hacking-world, bug-bounty16-Dec-2023
Headline: Indian Government Issues High-Risk Warning for Samsung Galaxy S23 and Other Modelshttps://riglabscollective.medium.com/headline-indian-government-issues-high-risk-warning-for-samsung-galaxy-s23-and-other-models-2c153d5bcc62?source=rss------bug_bounty-5Riglabs Collectivesamsung-galaxy, india, s23ultra, mobile, bug-bounty15-Dec-2023
6 Quick Discover Bug Search Syntax In Code-basehttps://medium.com/@kerstan/6-quick-discover-bug-search-syntax-in-code-base-eb3d6fb6e929?source=rss------bug_bounty-5kerstanhacker, cybersecurity, bug-bounty, security, bug-bounty-tips15-Dec-2023
Easy Money from the Most Trivially Easy Broken Access Controlhttps://abd11atarek.medium.com/easy-money-from-the-most-trivially-easy-broken-access-control-4d810af327f7?source=rss------bug_bounty-5abda11atarekbugcrowd, bug-bounty-tips, bug-hunter, bug-bounty, broken-access-control15-Dec-2023
HTTP/2 Request Smugglinghttps://medium.com/@kerstan/http-2-request-smuggling-b6ef5ae351fb?source=rss------bug_bounty-5kerstanhacking, https, bug-bounty-tips, bug-bounty, cybersecurity15-Dec-2023
3 Cases of DOM XSS in Bug Bountyhttps://medium.com/@kerstan/3-cases-of-dom-xss-in-bug-bounty-0744003f0b2b?source=rss------bug_bounty-5kerstanbug-bounty, xss-attack, hacking, cybersecurity, bug-bounty-tips15-Dec-2023
How I Automatically Discovered SSRF in Hackerone Programhttps://medium.com/@kerstan/how-i-automatically-discovered-ssrf-in-hackerone-program-2ae0b7a6ef1b?source=rss------bug_bounty-5kerstanbug-bounty-tips, cybersecurity, hacking, ssrf, bug-bounty15-Dec-2023
How I Discovered SSRF on Hackerone Programhttps://medium.com/@kerstan/how-i-discovered-ssrf-on-hackerone-program-7bbe72334f74?source=rss------bug_bounty-5kerstanbug-bounty-tips, bug-bounty, ssrf, hacker, graphql15-Dec-2023
From CloudSec to Application Security, Bug Bounties to Cybersecurity tooling, and Morehttps://infosecwriteups.com/from-cloudsec-to-application-security-bug-bounties-to-cybersecurity-tooling-and-more-9f4a1819620c?source=rss------bug_bounty-5InfoSec Write-upshacking, conference, bug-bounty, security, information-security15-Dec-2023
One port can be a costly mistake | Attack The Rsync Service in a Private Programhttps://medium.com/@sword0x00/one-port-can-be-a-costly-mistake-attack-the-rsync-service-in-a-private-program-cdbf9ecc650d?source=rss------bug_bounty-5Mohanad Heshamrsync, bug-bounty, fingerprinting, port-scan, hacking15-Dec-2023
How To Explore and Exploit GraphQL [Indonesia]https://revan-ar.medium.com/how-to-explore-and-exploit-graphql-indonesia-562c560f46c6?source=rss------bug_bounty-5Revan Abug-bounty, web-security, api, penetration-testing, graphql15-Dec-2023
Subdomain Takeover in Azure Trafficmanager for Fun & Profithttps://padsalatushal.medium.com/subdomain-takeover-in-azure-trafficmanager-for-fun-profit-09c858ca3d0e?source=rss------bug_bounty-5Padsala Tushalbug-bounty, cybersecurity, infosec, subdomain-takeover, bug-bounty-tips15-Dec-2023
Cookie Quest: XSS Admin Assaulthttps://medium.com/@josh.beck2006/cookie-quest-xss-admin-assault-694769f84796?source=rss------bug_bounty-5Josh Beckcybersecurity, programming, penetration-testing, bug-bounty, ctf-writeup14-Dec-2023
How did I find open redirect on LinkedInhttps://medium.com/@neverl0gbughunt/how-did-i-find-open-redirect-on-linkedin-e35918b3b129?source=rss------bug_bounty-5neverl0gbug-bounty-tips, bug-bounty-writeup, bug-bounty14-Dec-2023
All about Ethical Hackinghttps://securitycipher.medium.com/all-about-ethical-hacking-277b9c3e4b36?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)technology, security, cybersecurity, bug-bounty, hacking14-Dec-2023
Uncovering an Account Takeover Vulnerability: Auth Bypass via Response Manipulation.https://medium.com/@kataeriidubstep/uncovering-an-account-takeover-vulnerability-auth-bypass-via-response-manipulation-ba8257f917d2?source=rss------bug_bounty-5Pavan kumar.Gcybersecurity, appsec, bug-bounty14-Dec-2023
Remote Code execution at ws1.aholdusa.com — Compromising logins of Ahold Delhaize USA employeeshttps://medium.com/@jonathanbouman/remote-code-execution-at-ws1-aholdusa-com-compromising-logins-of-ahold-delhaize-usa-employees-c7c9aca7e05d?source=rss------bug_bounty-5Jonathan Boumancybersecurity, bug-bounty, rce, hacking, security14-Dec-2023
How I Quickly Discover Bug In Codebasehttps://medium.com/@kerstan/how-i-quickly-discover-bug-in-code-6a3bfa7e6e82?source=rss------bug_bounty-5kerstanbug-bounty, programming, technology, code-review, cybersecurity14-Dec-2023
How i found a Permanent Denial of Service via Account Lockout:https://medium.com/@kataeriidubstep/how-i-found-a-permanent-denial-of-service-via-account-lockout-ac1bc33c3c0a?source=rss------bug_bounty-5Pavan kumar.Gappsec, cybersecurity, bug-bounty14-Dec-2023
How i found a Misconfigured CORS Vulnerability — Unauthorized Cross-Origin Resource Sharing :https://medium.com/@kataeriidubstep/how-i-found-a-misconfigured-cors-vulnerability-unauthorized-cross-origin-resource-sharing-16effea37e78?source=rss------bug_bounty-5Pavan kumar.Gappsec, cybersecurity, bug-bounty14-Dec-2023
How i found a Password Reset Token Leak via Referer Header:https://medium.com/@kataeriidubstep/how-i-found-a-password-reset-token-leak-via-referer-header-7d71d35b0ea8?source=rss------bug_bounty-5Pavan kumar.Gappsec, cybersecurity, bug-bounty14-Dec-2023
Adobe Recap: 2023 Ambassador World Cup Final Fourhttps://blog.developer.adobe.com/adobe-recap-2023-ambassador-world-cup-final-four-df701e1a1b12?source=rss------bug_bounty-5Chris Parkersonhacking, security, bug-bounty, hackathons, security-research14-Dec-2023
Starlink Router Gen 2 is vulnerable to XSS.https://medium.com/@hackintoanetwork/starlink-router-gen-2-is-vulnerable-to-xss-48cfcadd0b13?source=rss------bug_bounty-5hackintoanetworkbug-bounty, starlink, exploit, dishy, router14-Dec-2023
VulnLab — SQL Injection series — Bypass Login part 2(Database Collect)https://medium.com/@kurobe09/vulnlab-sql-injection-series-bypass-login-part-2-database-collect-1e6aa36a1308?source=rss------bug_bounty-5kurobe09cybersecurity, cyberattack, pentest-learnings, sql-injection, bug-bounty13-Dec-2023
Cross-Site Scripting (XSS)https://medium.com/@savanghori1203/cross-site-scripting-xss-c288793349a9?source=rss------bug_bounty-5SavanGhoribug-bounty, xss-attack, xss-vulnerability, bug-bounty-tips, vulnerability13-Dec-2023
phpinfo() — My First Resolved Bug in HackerOnehttps://medium.com/@ft.eagle.eye.1/phpinfo-my-first-resolved-bug-in-hackerone-a22fea1adb9b?source=rss------bug_bounty-5Muhammad Farhad Ansarybug-bounty, bug-bounty-tips13-Dec-2023
AppSec Tales XXIV | Deserializationhttps://karol-mazurek95.medium.com/appsec-tales-xxiv-deserialization-841d6bfaa710?source=rss------bug_bounty-5Karol Mazurekpenetration-testing, bug-bounty, information-technology, information-security, cybersecurity13-Dec-2023
Only 3 Days Left For IWCON 2023https://infosecwriteups.com/only-3-days-left-for-iwcon-2023-bab915df5ae8?source=rss------bug_bounty-5InfoSec Write-upshacking, bug-bounty, conference, information-security, programming13-Dec-2023
A misconfiguration in the password reset process can lead to an account takeover.https://medium.com/@Mr3Moe/a-misconfiguration-in-the-password-reset-process-can-lead-to-an-account-takeover-30c43e17d744?source=rss------bug_bounty-5Mr3Moeweb-application-security, web-app-pentesting, bug-bounty, web-app-security13-Dec-2023
I found out what my neighbour was looking at on the internet, This is how ?https://navnee1h.medium.com/i-found-out-what-my-neighbour-was-looking-at-on-the-internet-this-is-how-050c4dfef8b4?source=rss------bug_bounty-5Navaneeth M Sbug-bounty, monitoring, dns, hacking, wifi13-Dec-2023
Day 13 Bug Bounty — 60 days 60 bugs challenge (Found P1!!! Hope it gets accepted)https://medium.com/@avbhijitdutta99/day-13-bug-bounty-60-days-60-bugs-challenge-found-p1-hope-it-gets-accepted-670f0dcc25f3?source=rss------bug_bounty-5Abhijit Duttabug-bounty-writeup, bug-bounty, bug-bounty-program, bug-bounty-tips, bugbountychallenge13-Dec-2023
OpenBounty, Shentu’s New Approach in Security Ecosystemhttps://shentuchain.medium.com/openbounty-shentus-new-approach-in-security-ecosystem-fbae6506d956?source=rss------bug_bounty-5Shentu Chainbounty-program, bounty-hunter, bug-bounty, web3, cybersecurity12-Dec-2023
Mobile Application Security Testing: Navigating the Digital Landscape Safelyhttps://medium.com/geekculture/mobile-application-security-testing-navigating-the-digital-landscape-safely-3aead90a5455?source=rss------bug_bounty-5Security Lit Limitedmobile-security, cybersecurity, programming, vapt, bug-bounty12-Dec-2023
I will do Vulnerability Assessment and penetration testing on your websitehttps://securitycipher.medium.com/i-will-do-vulnerability-assessment-and-penetration-testing-on-your-website-5cd4fb147a33?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)services, bug-bounty, security, cybersecurity, technology12-Dec-2023
Skills Needed For Bug Bountyhttps://medium.com/@joshdesharnais1/skills-needed-for-bug-bounty-23e289ef0853?source=rss------bug_bounty-5Joshua Desharnaisxss-attack, idor, bug-bounty, account-takeover12-Dec-2023
Duplicate CSRF… Leads to $$$$https://shellbreaker.medium.com/duplicate-csrf-leads-to-26c1ddc71dc5?source=rss------bug_bounty-5Bhavesh aka Shellbreakerhacking, info-sec-writeups, bug-bounty, cybersecurity, bug-bounty-tips12-Dec-2023
Server-Side Request Forgery (SSRF)https://medium.com/@savanghori1203/server-side-request-forgery-ssrf-ca04465ac41a?source=rss------bug_bounty-5SavanGhoribug-bounty, vulnerability, bug-bounty-tips, ssrf, bugs12-Dec-2023
Remote Code Execution (RCE)https://medium.com/@savanghori1203/remote-code-execution-rce-e8628b1432de?source=rss------bug_bounty-5SavanGhoribug-bounty-tips, bugs, vulnerability, rce, bug-bounty12-Dec-2023
Join ARPA’s Bug Bounty Program with Immunefi — Up to $50,000 in Rewards!https://arpa.medium.com/join-arpas-bug-bounty-program-with-immunefi-up-to-50-000-in-rewards-18d9fbd7b193?source=rss------bug_bounty-5ARPA Officialblockchain, developer, bug-bounty, debugging12-Dec-2023
Easy Admin Access — RVDP (2)https://infosecwriteups.com/easy-admin-access-rvdp-2-bf2ec8349ebf?source=rss------bug_bounty-5hackerdevilpenetration-testing, hacking, bug-bounty-tips, bug-bounty, bug-bounty-writeup12-Dec-2023
One Scheme to Rule Them All: OAuth Account Takeoverhttps://medium.com/@ostorlab/one-scheme-to-rule-them-all-oauth-account-takeover-26ac4cb5e898?source=rss------bug_bounty-5Ostorlabmobile-security, bug-bounty, oauth, bug-bounty-tips, account-takeover12-Dec-2023
The launch of incentivized testnet for TribeOne V3https://tribeone.medium.com/the-launch-of-incentivized-testnet-for-tribeone-v3-6e12a1eb6d0f?source=rss------bug_bounty-5TribeOnebug-bounty, perpetual-contracts, testnet, nft, trading-competition12-Dec-2023
Hacking NASA and Got Hall of Famehttps://medium.com/@bug.hun3r/hacking-nasa-and-got-hall-of-fame-71f9a344d1d0?source=rss------bug_bounty-5mo9kHu93rpenetration-testing, cybersecurity, nasa, ethical-hacking, bug-bounty12-Dec-2023
Build3rs Bug Bounty Programhttps://medium.com/@Lay3rsXR/build3rs-bug-bounty-program-8b874bdfee0e?source=rss------bug_bounty-5Lay3rsbuild3rs, bug-bounty, blockchain, refis12-Dec-2023
Bug Bounty and Hacking Books You Should Read (Must Read)https://rajkaran359.medium.com/bug-bounty-and-hacking-books-you-should-read-must-read-57ca722ad51d?source=rss------bug_bounty-5Rajkaranbug-bounty, hacking-books, hacking, cybersecurity, bug-bounty-tips12-Dec-2023
How I got $300 for Default Credential Login at Bugcrowdhttps://medium.com/@avbhijitdutta99/how-i-got-300-for-default-credential-login-at-bugcrowd-30368eb698f7?source=rss------bug_bounty-5Abhijit Duttabug-bounty-tips, bug-bounty-program, bug-bounty, bug-bounty-writeup12-Dec-2023
missing session scopes lead to authentication bypasshttps://medium.com/@Mr3Moe/missing-session-scopes-lead-to-authentication-bypass-2e1cdaebda7b?source=rss------bug_bounty-5Mr3Moeweb, bug-bounty, appsec, web-penetration-testing12-Dec-2023
Exploiting Django Debug Mode for Unrestricted Access to the Internal Dashboard?https://rokkamvamsi18.medium.com/exploiting-django-debug-mode-for-unrestricted-access-to-the-internal-dashboard-b725783714ae?source=rss------bug_bounty-5Rokkam_Vamshi1_8bug-bounty-tips, django, bug-bounty, hackerone, infosec12-Dec-2023
Portswigger Labs — Api-testinghttps://medium.com/@rynnnn617/portswigger-labs-api-testing-86a8827ddfdc?source=rss------bug_bounty-5Ry4nnnnportswigger, appsec, bug-bounty, burp11-Dec-2023
How to learn Hacking From 0 to Herohttps://rajput623929.medium.com/how-to-learn-hacking-from-0-to-hero-4a5f288c003d?source=rss------bug_bounty-5Mr.Horbiobug-bounty, cryptography, ethical-hacking, cybersecurity, hacking11-Dec-2023
How i found a Host Header Injection in Password Reset Function:https://medium.com/@kataeriidubstep/how-i-found-a-host-header-injection-in-password-reset-function-5c2ba8d209e6?source=rss------bug_bounty-5Pavan kumar.Gcybersecurity, appsec, bug-bounty11-Dec-2023
How I Automatically Discovered SSRF in Hackerone Programshttps://medium.com/@kerstan/how-i-automatically-discovered-ssrf-in-hackerone-programs-39e27a1554b5?source=rss------bug_bounty-5kerstansecurity, ssrf, bug-bounty-tips, bug-bounty, hacker11-Dec-2023
Next js and Antd Desing css demora milesimos de segundos para carregar na página.https://medium.com/@yurioliveiragochi/next-js-and-antd-desing-css-demora-milesimos-de-segundos-para-carregar-na-p%C3%A1gina-77f3b203dac8?source=rss------bug_bounty-5Yuri Oliveira Gochibug-bounty, antd, next, react11-Dec-2023
Unveiling the World of Bug Bounty Programs: Enhancing Cybersecurity Through Collaborationhttps://medium.com/@bahadur4630105/unveiling-the-world-of-bug-bounty-programs-enhancing-cybersecurity-through-collaboration-bde9831b6882?source=rss------bug_bounty-5Syed Dawoodcyber-security-awareness, bug-bounty, bugbounty-writeup, bug-bounty-tips, bug-bounty-hunter11-Dec-2023
Dollars and Detectives: An Unique way to XSS Mysteries ( Not a Simp one ) for a $150 Rewardhttps://naumankh4n.medium.com/dollars-and-detectives-an-unique-way-to-xss-mysteries-not-a-simp-one-for-a-150-reward-f5d2d80d5022?source=rss------bug_bounty-5Nauman Khanmoney, ai, cybersecurity, hacking, bug-bounty11-Dec-2023
Say Goodbye to Password Hassles with These Cutting-Edge Security Trends!https://medium.com/@paritoshblogs/say-goodbye-to-password-hassles-with-these-cutting-edge-security-trends-8b8f6ad8f6d4?source=rss------bug_bounty-5Paritoshbug-bounty, information-security, cybersecurity, passwordless, passwords11-Dec-2023
HackTheBox — Session Security: Obtain Session Identifier via XSShttps://medium.com/@harry.hphu/hackthebox-session-security-obtain-session-identifier-via-xss-c151160c03b0?source=rss------bug_bounty-5Huy Phuhackthebox, web-security, session-security, bug-bounty, xss-attack11-Dec-2023
So you found Auth0 secrets, now what?https://blog.prodefense.io/so-you-found-auth0-secrets-now-what-0945642ac09b?source=rss------bug_bounty-5Nightbanepentesting, security, red-team, bug-bounty, auth011-Dec-2023
Kubernetes CR injection techniquehttps://medium.com/@esonhugh/kubernetes-cr-injection-technique-b4506500b8e9?source=rss------bug_bounty-5Esonhughhacking, custom-resource, bug-bounty, kubernetes-security10-Dec-2023
Bug bounty training from scratch(part2->lesson10):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson10-57551e079751?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, appsec, bug-bounty, networking10-Dec-2023
Bug bounty training from scratch(part2->lesson9):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson9-4802a25a2570?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, bug-bounty, appsec, networking10-Dec-2023
Bug bounty training from scratch(part2->lesson8):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson8-e8a2b87c3ac2?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, networking, appsec, computer-science10-Dec-2023
Bug bounty training from scratch(part2->lesson7):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson7-152c167dbc0f?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, appsec, computer-science, networking10-Dec-2023
Bug bounty training from scratch(part2->lesson6):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson6-43abf1f342ec?source=rss------bug_bounty-5Pavan kumar.Gnetworking, computer-science, appsec, bug-bounty10-Dec-2023
Bug bounty training from scratch(part2->lesson5):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson5-f0042df50fca?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, networking, computer-science, appsec10-Dec-2023
Bug bounty training from scratch(part2->lesson4):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson4-29d491577d8c?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, networking, computer-science, appsec10-Dec-2023
Bug bounty training from scratch(part2->lesson3):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson3-80794013cf99?source=rss------bug_bounty-5Pavan kumar.Gnetworking, bug-bounty, computer-science, appsec10-Dec-2023
Bug bounty training from scratch(part2->lesson2):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson2-177e4a21e8d3?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, appsec, networking, bug-bounty10-Dec-2023
Bug bounty training from scratch(part2->lesson1) :https://medium.com/@kataeriidubstep/understanding-ip-addressing-a-comprehensive-overview-95bf12e05cae?source=rss------bug_bounty-5Pavan kumar.Gnetwork-engineering, computer-science, appsec, bug-bounty10-Dec-2023
Bug bounty training from scratch(part2->lessonhttps://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson-7a58ad73a31d?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, appsec, networking, computer-science10-Dec-2023
How to not implement payment features - Insights from Bugbountyhttps://medium.com/@sivakrishnasamireddi/how-to-not-implement-payment-features-insights-from-bugbounty-e3d375566ad0?source=rss------bug_bounty-5Siva Krishna Samireddihacking, payments, bug-bounty, security, bugbounty-writeup10-Dec-2023
5 Tips for the Beginners Who Want to Start Bug Bountyhttps://medium.com/@bhuiyanaman71/5-tips-for-the-beginners-who-want-to-start-bug-bounty-c1a1a952e605?source=rss------bug_bounty-5Aman Bhuiyanweb-hacking, bug-bounty, bug-bounty-tips, hacking, ethical-hacking10-Dec-2023
In under age (<18), How I Hacked Multi- Billion-Dollar-Corp and got first 4 fig. $2600 Bounty!https://medium.com/@manan_sanghvi/in-under-age-18-how-i-hacked-multi-billion-dollar-corp-and-got-first-4-fig-2600-bounty-d9ce97b3652e?source=rss------bug_bounty-5Manan Sanghviidor, bug-bounty, first-bounty, web-application-security, hacking10-Dec-2023
Bug Bounty Testing: Test Ideashttps://medium.com/@lopseg/bug-bounty-testing-test-ideas-cf6e8ec5aed1?source=rss------bug_bounty-5Lopsegbug-bounty-writeup, bug-bounty, hacking-training, bug-bounty-tips, info-sec-writeups10-Dec-2023
CORS Misconfiguration -> PII Leakhttps://medium.com/@boogsta/cors-misconfiguration-pii-leak-2765ff5b7115?source=rss------bug_bounty-5Boogstacybersecurity, cyber, hacking, bug-bounty-tips, bug-bounty10-Dec-2023
Awesome Bug Bounty Tools Exploring Subdomain Enumeration and Reconnaissance Toolshttps://cyberconqueror.medium.com/awesome-bug-bounty-tools-exploring-subdomain-enumeration-and-reconnaissance-tools-7bffb25210e6?source=rss------bug_bounty-5NEWenumeration, mentoring, bug-bounty, cybersecurity, medium09-Dec-2023
Is it safe to expose your Firebase API key?https://infosecwriteups.com/is-it-safe-to-expose-your-firebase-api-key-bf2a318c0f29?source=rss------bug_bounty-5Suprajabaskarancybersecurity, keys, firebase, bug-bounty, ethical-hacking09-Dec-2023
2FA & MFA Bypass, Bug Bounty Easy Wins ! ! Ultimate Guidehttps://medium.com/@Kalki2121/2fa-mfa-bypass-bug-bounty-easy-wins-ultimate-guide-3722de0ad26c?source=rss------bug_bounty-5ʏᴀꜱʜʜinformation-security, bug-bounty-tips, bug-bounty, infosec, cybersecurity09-Dec-2023
3 Symfony (RCE): A Peek Behind the Curtainhttps://medium.com/@bxrowski0x/3-symfony-rce-a-peek-behind-the-curtain-83da5433e149?source=rss------bug_bounty-5Omar ElSayedbug-bounty-tips, cybersecurity, bug-bounty, symfony, remote-code-execution09-Dec-2023
How I passed my CRTP Examhttps://medium.com/@damaidec/how-i-passed-my-crtp-exam-c1dadd4d9ec1?source=rss------bug_bounty-5Damaidecexam, active-directory, cybersecurity, hacking, bug-bounty09-Dec-2023
Introduction to Burpsuite Bambda Featurehttps://medium.com/@gguzelkokar.mdbf15/introduction-to-burpsuite-bambda-feature-4c6b5fbc168d?source=rss------bug_bounty-5Gökhan Güzelkokarhacking, burpsuite, bug-bounty09-Dec-2023
TryHackMe | Advent of Cyber 2023 | Day 5https://axoloth.medium.com/tryhackme-advent-of-cyber-2023-day-5-60a464ac8d07?source=rss------bug_bounty-5Axolothbug-bounty, tryhackme, hacking, cybersecurity, penetration-testing09-Dec-2023
TryHackMe | Advent of Cyber 2023 | Day 4https://axoloth.medium.com/tryhackme-advent-of-cyber-2023-day-4-efa5f90ccfc1?source=rss------bug_bounty-5Axolothtryhackme, hacking, cybersecurity, bug-bounty, penetration-testing09-Dec-2023
My first Bugs: Persistence and mentality (Not a Writeup).https://medium.com/@Nightbloodz/my-first-bugs-persistence-and-mentality-not-a-writeup-1017714abc8c?source=rss------bug_bounty-5Alvaro Baladabug-bounty-hunter, bug-bounty, bug-bounty-tips, cybersecurity09-Dec-2023
Introduction to Burpsuite Bambdas Featurehttps://medium.com/@gguzelkokar.mdbf15/introduction-to-burpsuite-bambda-feature-4c6b5fbc168d?source=rss------bug_bounty-5Gökhan Güzelkokarhacking, burpsuite, bug-bounty09-Dec-2023
My first dork on GHBDhttps://noorhomaid.medium.com/my-first-dork-on-ghbd-988c21b45869?source=rss------bug_bounty-5NoorHomaidcybersecurity, bug-bounty, google-dork, ethical-hacking, penetration-testing09-Dec-2023
HTTP Noir: The Dark Art of Smuggling Byteshttps://chayandatta.medium.com/http-noir-the-dark-art-of-smuggling-bytes-a471a0f990f5?source=rss------bug_bounty-5CHAYAN DATTAsecurity, http-request-smuggling, hacking, bug-bounty, network09-Dec-2023
Broken Link Hijackinghttps://0xtomcat.medium.com/broken-link-hijacking-e0afc5986ea6?source=rss------bug_bounty-5Tomcatbug-bounty, bug-bounty-writeup, bug-bounty-tips, bugbounty-writeup08-Dec-2023
Testing vulnerabilities beyond traditional cases — around login/signup featureshttps://infosecwriteups.com/testing-vulnerabilities-beyond-traditional-cases-around-login-signup-features-9d496bd283d4?source=rss------bug_bounty-5Suprajabaskaranethical-hacking, bug-bounty-tips, penetration-testing, pentesting, bug-bounty08-Dec-2023
#4 Install Burp’s CA Certificate in Firefox — Guide for Burp Suitehttps://securitycipher.medium.com/4-install-burps-ca-certificate-in-firefox-guide-for-burp-suite-75a555ed7225?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)technology, security, bug-bounty-tips, bug-bounty, cybersecurity08-Dec-2023
Enum is the key — Automatizado + Manual = Full shell.https://aleeeeex264.medium.com/enum-is-the-key-automatizado-manual-full-shell-4eead6c37dc4?source=rss------bug_bounty-5Alejandro Olivares 0x4lexkali-linux, bug-bounty, bug-bounty-tips, hacking, pentesting08-Dec-2023
PEARfection: From LFI to RCI: An iCSI CTF Challenge.https://medium.com/@josh.beck2006/pearfection-from-lfi-to-rci-an-icsi-ctf-challenge-4ecfb77a60c4?source=rss------bug_bounty-5Josh Beckbug-bounty, penetration-testing, ctf-writeup, cybersecurity08-Dec-2023
Unraveling The Story of Multiple Admin Panel Compromiseshttps://vedanttekale20.medium.com/unraveling-the-story-of-multiple-admin-panel-compromises-baac4444285f?source=rss------bug_bounty-5Vedant Tekaleinformation-security, recon, bug-bounty, hacking, cybersecurity08-Dec-2023
Blind XSS on Registration Systemhttps://medium.com/@aurelioyudistira/blind-xss-on-registration-system-410eb0b98109?source=rss------bug_bounty-5MxShinzupentesting, bug-bounty, cybersecurity08-Dec-2023
Bug bounty training from scratch:https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-f62cc13fbe64?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch for beginners:https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-for-beginners-1f17e609fbf0?source=rss------bug_bounty-5Pavan kumar.Gcybersecurity, appsec, computer-science, bug-bounty, linux07-Dec-2023
Bug bounty training from scratch(part1->lesson12):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson12-206baedf6747?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, appsec, computer-science07-Dec-2023
Bug bounty training from scratch(part1->lesson11):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson11-6f2c71aa8135?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, appsec, bug-bounty07-Dec-2023
Bug bounty training from scratch(part1->lesson10):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson10-b2af2898a6b1?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch(part1->lesson9):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson9-44b004fe5550?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch(part1-> lesson8):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson8-98680d93e4bf?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, appsec, computer-science07-Dec-2023
Bug bounty training from scratch(part1->lesson7):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson7-d04def4b4ef3?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch (part1->lesson6):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson6-1b4b8742a1ec?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, bug-bounty, appsec07-Dec-2023
Bug bounty training from scratch(part1->lesson5):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson5-15d8c1f2cc5e?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch (part1->lesson4):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson4-653699a21284?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Using reNgine with Netlas.io modulehttps://netlas.medium.com/using-rengine-with-netlas-io-module-436e764a5495?source=rss------bug_bounty-5Netlas.iopenetration-testing, reconnaissance, information-security, cybersecurity, bug-bounty07-Dec-2023
Automation for Target Surface Information Gathering — XCOODE + AI Prompting for Bug Bounty Giantshttps://medium.com/@xcoode/automation-for-target-surface-information-gathering-xcoode-ai-prompting-for-bug-bounty-giants-a545dadc87dc?source=rss------bug_bounty-5XCOODEai, hacking, hackerone, bug-bounty, openai07-Dec-2023
Markdown XSS tipshttps://medium.com/@lopseg/markdown-xss-tips-e166905b1f5e?source=rss------bug_bounty-5Rafael Silvabug-bounty-tips, info-sec-writeups, xss-attack, bug-bounty, bug-bounty-writeup07-Dec-2023
Hacking Indian Government, Finding XSS & SQL Injectionhttps://medium.com/@Kalki2121/hacking-indian-government-finding-xss-sql-injection-9f83e5e60c6f?source=rss------bug_bounty-5Yashhbugs, bug-bounty-tips, bug-bounty, hacking, sql-injection07-Dec-2023
Unveiling Critical Vulnerability: Account Hijacking — Art of play on tokenshttps://medium.com/@xcoode/unveiling-critical-vulnerability-account-hijacking-art-of-play-on-tokens-dd270140cd25?source=rss------bug_bounty-5XCOODEfintech, bug-bounty, security, hacking, cloud07-Dec-2023
Advent of Cyber 2023 -Day 6 Walkthrough.. By Manoj Mudabagil.https://medium.com/@manojmudabagil/advent-of-cyber-2023-day-6-walkthrough-by-manoj-mudabagil-cd7062261d33?source=rss------bug_bounty-5Manoj Mudabagiltryhackme, hacking, advent-of-cyber-2023, cybersecurity, bug-bounty07-Dec-2023
Exploring New Vulnerability Vectors: A Systematic Approach to Manual Google Dorkinghttps://medium.com/@mxmd/exploring-new-vulnerability-vectors-a-systematic-approach-to-manual-google-dorking-fdfc79e9825d?source=rss------bug_bounty-5Max Klosecybersecurity, bug-bounty-tips, bug-bounty, google-dorking, osint07-Dec-2023
Markdown XSS tipshttps://medium.com/@lopseg/markdown-xss-tips-e166905b1f5e?source=rss------bug_bounty-5Lopsegbug-bounty-tips, info-sec-writeups, xss-attack, bug-bounty, bug-bounty-writeup07-Dec-2023
Hunt for GitHub leaks with LOPSEG DORK HELPERhttps://medium.com/@lopseg/hunt-for-github-leaks-with-lopseg-dork-helper-c3ce96cb4177?source=rss------bug_bounty-5Lopsegbug-bounty-writeup, hacking-tools, bug-bounty, bug-bounty-tips, bug-bounty-hunter07-Dec-2023
Enhancing Bug Bounty Hunting with Lopseg OSINThttps://medium.com/@lopseg/enhancing-bug-bounty-hunting-with-lopseg-osint-4f2fd075621a?source=rss------bug_bounty-5Lopsegbug-bounty, ctf, bug-bounty-writeup, cybersecurity, bug-bounty-tips07-Dec-2023
Enhancing Bug Bounty Hunting with Lopseg OSINThttps://medium.com/@lopseg/enhancing-bug-bounty-hunting-with-lopseg-osint-4f2fd075621a?source=rss------bug_bounty-5Lopsegbug-bounty, ctf, bug-bounty-writeup, bug-bounty-tips, hacking-tools07-Dec-2023
Markdown XSS polyglothttps://medium.com/@lopseg/markdown-xss-tips-e166905b1f5e?source=rss------bug_bounty-5Lopsegbug-bounty-tips, info-sec-writeups, xss-attack, bug-bounty, bug-bounty-writeup07-Dec-2023
20 Days Of Hacking: Bug Bounty Challenge —Conclusionhttps://wallotry.medium.com/20-days-of-hacking-bug-bounty-challenge-conclusion-0ac57a737883?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-hunting06-Dec-2023
The Secret World of Malicious Strings and Hidden Threats – Are You at Risk?https://medium.com/@paritoshblogs/the-secret-world-of-malicious-strings-and-hidden-threats-are-you-at-risk-cb25535d4718?source=rss------bug_bounty-5Paritoshinformation-security, hacking, http-headers, bug-bounty, cybersecurity06-Dec-2023
Python Program to find GCD (Greatest Common Divisor) for Cryptographyhttps://rajput623929.medium.com/python-program-to-find-gcd-greatest-common-divisor-for-cryptography-816075bba2fa?source=rss------bug_bounty-5Mr.Horbiocybersecurity, hacking, crytocurrency, cryptography, bug-bounty06-Dec-2023
API Security — Web Security Academyhttps://mrshan.medium.com/api-security-web-security-academy-3578589fc3fa?source=rss------bug_bounty-5MR SHANweb-security-academy, bug-bounty06-Dec-2023
Spool Unveils Comprehensive Bug Bounty Programme to Fortify DeFi Securityhttps://medium.com/spoolfi/spool-unveils-comprehensive-bug-bounty-programme-to-fortify-defi-security-673559c463dd?source=rss------bug_bounty-5Spoolbug-bounty, security, blockchain, defi, smart-contracts06-Dec-2023
Cheat code for file upload vulnerability by kidnapshadowhttps://medium.com/@kidnapshadow/cheat-code-for-file-upload-vulnerability-by-kidnapshadow-ebb0794581f2?source=rss------bug_bounty-5Kidnapshadowkidnapshadow, owasp, vulnerability, file-upload-vulnerability, bug-bounty06-Dec-2023
API Documentation Tipshttps://medium.com/@lopseg/api-documentation-tips-e36e63f47589?source=rss------bug_bounty-5Rafael Silvabug-bounty-tips, bug-hunting, bug-bounty06-Dec-2023
From Bug Bounty Prodigy to Leadership Luminary: Aditya Shende Ascends at XCOODEhttps://medium.com/@xcoode/from-bug-bounty-prodigy-to-leadership-luminary-aditya-shende-ascends-at-xcoode-18a6aaab1471?source=rss------bug_bounty-5XCOODEcybersecurity, bug-bounty, leadership, cyber05-Dec-2023
Empowering the Next Generation: XCOODE Unveils Hacckers Bug Bounty Platform for Cyber Enthusiastshttps://medium.com/@xcoode/empowering-the-next-generation-xcoode-unveils-hacckers-bug-bounty-platform-for-cyber-enthusiasts-bc6dc31c27b9?source=rss------bug_bounty-5XCOODEcybersecurity, hacker, cyber, bug-bounty05-Dec-2023
PDF Upload Leading to Stored XSShttps://medium.com/@katmaca2014/pdf-upload-leading-to-stored-xss-f712326705ee?source=rss------bug_bounty-5Kaan Atmacacybersecurity, penetration-testing, bug-bounty, hacking, pentesting05-Dec-2023
LFI via SMTP log poisoninghttps://medium.com/@akshadjoshi/lfi-via-smtp-log-poisoning-65e02dd21068?source=rss------bug_bounty-5Akshad Joshilog-poisoning, local-file-inclusion, smtp, bug-bounty, rce05-Dec-2023
Bypassing 2FA Authentication in TeamPass Systemhttps://medium.com/@developer_1991/bypassing-2fa-authentication-in-teampass-system-f3184fe8589d?source=rss------bug_bounty-5HamidReza Faghanibug-bounty, account-takeover, security, 0day, exploitation05-Dec-2023
Admin Panel Accesshttps://medium.com/@omdubey170/admin-panel-access-5dd2fd4938a0?source=rss------bug_bounty-5Omdubeybug-bounty, bugs, bug-bounty-tips, ethical-hacking, pentesting05-Dec-2023
LFI on Microsofthttps://medium.com/@sushilgill08/lfi-on-microsoft-2d30c9283534?source=rss------bug_bounty-5Sushil Choudharyhackerone, bug-hunting, microsoft, bug-bounty, bugbounty-writeup04-Dec-2023
How I Found A Website Vulnerability In Under 10 Minuteshttps://medium.com/@abidmafahim7/how-i-found-a-website-vulnerability-in-under-10-minutes-2b2ff934545d?source=rss------bug_bounty-5Abidmafahimgit-exposed, web-vulnerabilities, bug-bounty04-Dec-2023
Elevating Security: Whatfix Transition to a Custom Vulnerability Disclosure Program (VDP)https://medium.com/whatfix-techblog/elevating-security-whatfix-transition-to-a-custom-vulnerability-disclosure-program-vdp-e6d5a7e11c9d?source=rss------bug_bounty-5Kamlesh Tukaralvulnerability-disclosure, whatfix, vdp, bug-bounty, infosec04-Dec-2023
The Hidden Dangers Lurking in Your Active Directory Certificate Services – What You Need to Know…https://medium.com/@paritoshblogs/the-hidden-dangers-lurking-in-your-active-directory-certificate-services-what-you-need-to-know-7c735c09e0fd?source=rss------bug_bounty-5Paritoshcybersecurity, active-directory, bug-bounty, information-security, adc04-Dec-2023
Bug Hunter journal day #3 and #4https://medium.com/@joaomaia171820/bug-hunter-journal-day-3-and-4-37b4c653abd9?source=rss------bug_bounty-5Jhonny_The_Kidbug-bounty-writeup, bug-bounty-program, bug-bounty, cybersecurity04-Dec-2023
Javascript Analysis to SQL injectionhttps://melguerdawi.medium.com/javascript-analysis-to-sql-injection-ca763f9c4c4e?source=rss------bug_bounty-5Mostafa Elguerdawibug-bounty, bug-bounty-tips, hackerone, sql-injection04-Dec-2023
Web Enumeration With Gobusterhttps://medium.com/@ronak.d.sharma111/web-enumeration-with-gobuster-ca4ac46da90b?source=rss------bug_bounty-5Ronak Sharmacybersecurity, hacking, bug-bounty04-Dec-2023
20 Days Of Hacking: Bug Bounty Challenge — Day 2https://wallotry.medium.com/20-days-of-hacking-bug-bounty-challenge-day-2-51b02ca865ea?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips03-Dec-2023
How I Found My First Website Vulnerability as a Web Pentesterhttps://medium.com/@abidmafahim7/how-i-found-my-first-website-vulnerability-as-a-web-pentester-2dee809e0eea?source=rss------bug_bounty-5Abidmafahimsql-injection-attack, bug-bounty, web-vulnerabilities, xss-vulnerability03-Dec-2023
My first and simple ATO in a private programhttps://medium.com/@pabs2141/my-first-and-simple-ato-in-a-private-program-212c6b17b245?source=rss------bug_bounty-5PanSabug-bounty, bug-bounty-writeup, hacking, account-takeover03-Dec-2023
My Confusion Over Local File Inclusionhttps://medium.com/illuminations-mirror/my-confusion-over-local-file-inclusion-11f3d7c43b23?source=rss------bug_bounty-5Quintius Walkerpoetry, bug-bounty, writeup, cybersecurity, poetry-on-medium03-Dec-2023
The Shocking Secrets Behind Foolproof Vulnerability Response!https://medium.com/@paritoshblogs/the-shocking-secrets-behind-foolproof-vulnerability-response-fc6fe8b91d47?source=rss------bug_bounty-5Paritoshvulnerability, cybersecurity, bug-bounty, hacking, information-security03-Dec-2023
The ONE Vulnerability Every Website Owner Fears — Learn How YOU Can Expose It!https://medium.com/@paritoshblogs/the-one-vulnerability-every-website-owner-fears-learn-how-you-can-expose-it-71fef31b0ece?source=rss------bug_bounty-5Paritoshprogramming, bug-bounty, hacking, information-security, cybersecurity03-Dec-2023
My First Valid Bug!!!https://medium.com/@sushilgill08/my-first-valid-bug-444f26e1f8be?source=rss------bug_bounty-5Sushil Choudharycybersecurity, bug-bounty-writeup, bugbounty-tips, bug-hunting, bug-bounty03-Dec-2023
Everything I know on Reconhttps://medium.com/@joshdesharnais1/everything-i-know-on-recon-689f6a535757?source=rss------bug_bounty-5Joshua Desharnaisrecon, tools-and-resources, tools, bug-bounty, bug-bounty-tips03-Dec-2023
Streamable Finance Bug Bounty Campaign is live!https://streamablefinance.medium.com/streamable-finance-bug-bounty-campaign-is-live-2ced6e4c68d5?source=rss------bug_bounty-5Streamable Financebug-bounty, product-launch03-Dec-2023
Business Logic Vulnerability: Payment bypasshttps://vrushabhd.medium.com/business-logic-vulnerability-payment-bypass-9335bdbdbdf6?source=rss------bug_bounty-5Mr. Vrushabhpentesting, bug-bounty, vulnerability, bug-bounty-tips, hackerone03-Dec-2023
How I Created an Advanced Web Code Analyzer Using ChatGPThttps://infosecwriteups.com/how-i-created-an-advanced-web-code-analyzer-using-chatgpt-6b32a7d42f88?source=rss------bug_bounty-5Jarred Longoriacybersecurity, chatgpt, infosec, bug-bounty03-Dec-2023
Azure Log Analysis: Real-Life Incidents and Practical Tips to Safeguardhttps://medium.com/@paritoshblogs/azure-log-analysis-real-life-incidents-and-practical-tips-to-safeguard-077faf28919b?source=rss------bug_bounty-5Paritoshcybersecurity, incident-response, azure, bug-bounty, information-security03-Dec-2023
How to debug android native libraries using JEB decompiler?https://medium.com/@shubhamsonani/how-to-debug-android-native-libraries-using-jeb-decompiler-eec681a22cf3?source=rss------bug_bounty-5Shubham Sonanibug-bounty, hacking, android, cybersecurity, penetration-testing03-Dec-2023
How to bypass debugger detection in Android/iOS native libraries using IDA Pro?https://medium.com/@shubhamsonani/how-to-bypass-debugger-detection-in-android-ios-native-libraries-using-ida-pro-3e289c2127d6?source=rss------bug_bounty-5Shubham Sonanibug-bounty, cybersecurity, android, hacking, penetration-testing03-Dec-2023
How to debug Android/iOS native library using GDB debugger?https://medium.com/@shubhamsonani/how-to-debug-android-ios-native-library-using-gdb-debugger-d02c0e0341eb?source=rss------bug_bounty-5Shubham Sonanihacking, penetration-testing, cybersecurity, technology, bug-bounty03-Dec-2023
20 Days Of Hacking: Bug Bounty Challenge — Day 1https://wallotry.medium.com/20-days-of-hacking-bug-bounty-challenge-day-1-38a1735644ab?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty02-Dec-2023
Vulnerability Discovery in SRC — Concurrencyhttps://medium.com/@rynnnn617/vulnerability-discovery-in-src-concurrency-baa9ffdfa9d9?source=rss------bug_bounty-5Ry4nnnnconcurrency, bug-bounty-tips, bug-bounty02-Dec-2023
Lateral Movement Techniques Through File Share Exploitationhttps://medium.com/@paritoshblogs/lateral-movement-techniques-through-file-share-exploitation-a50d1ffdb8e7?source=rss------bug_bounty-5Paritoshlateral-movement, hacking, information-security, cybersecurity, bug-bounty02-Dec-2023
The Rising Threat of Cookie Theft and RMM Takeoverhttps://medium.com/@paritoshblogs/the-rising-threat-of-cookie-theft-and-rmm-takeover-bafe0013ffc0?source=rss------bug_bounty-5Paritoshrealtime-monitoring, cookies, cybersecurity, hacking, bug-bounty02-Dec-2023
Bug Hunter journal day(week) #1https://medium.com/@joaomaia171820/bug-hunter-journal-day-week-1-699926bf1a70?source=rss------bug_bounty-5Jhonny_The_Kidbug-bounty-writeup, bug-bounty-program, bug-bounty, pentest02-Dec-2023
Mastering Bug Bounty: A Comprehensive Guide to Earning Money Ethically and Safely in Cybersecurity.https://medium.com/@thecyberxcompany/mastering-bug-bounty-a-comprehensive-guide-to-earning-money-ethically-and-safely-in-cybersecurity-46c1b44f52fd?source=rss------bug_bounty-5The CyberX Companyethical-hacking, hacking, cybersecurity, bug-bounty, earn-money-online02-Dec-2023
Mastering Bug Bounty Hunting: A Comprehensive Guide to Launch Your Cybersecurity Career.https://medium.com/@thecyberxcompany/mastering-bug-bounty-hunting-a-comprehensive-guide-to-launch-your-cybersecurity-career-5553ddcced30?source=rss------bug_bounty-5The CyberX Companybug-bounty-tips, bugs, ethical-hacking, cybersecurity, bug-bounty02-Dec-2023
How MAC Spoofing works and How attackers do that!!https://medium.com/@hackerdom_devil/how-mac-spoofing-works-and-how-attackers-do-that-57797179430f?source=rss------bug_bounty-5Gokuleswaran Bethical-hacking, mac-spoofing, penetration-testing, bug-bounty, bug-bounty-tips02-Dec-2023
Top 25 Advanced Google Dorks for OSINT and Bug Bounty Huntinghttps://osintteam.blog/top-25-advanced-google-dorks-for-osint-and-bug-bounty-hunting-f2d9dceed068?source=rss------bug_bounty-5as-squirrelbug-bounty, osint, cybersecurity, google-dorks-list, hacking02-Dec-2023
Day 12 Bug Bounty — 60 days 60 bugs challenge (Didn’t found anything, but could be something…https://medium.com/@avbhijitdutta99/day-12-bug-bounty-60-days-60-bugs-challenge-didnt-found-anything-but-could-be-something-ba0324d96ce7?source=rss------bug_bounty-5Abhijit Duttabug-bounty, bug-bounty-hunter, bugbountychallenge, bug-bounty-writeup01-Dec-2023
Writing High-Quality Bug Reports: Best Practices for Effective Bug Bounty Huntinghttps://medium.com/@prathameshbagul/writing-high-quality-bug-reports-best-practices-for-effective-bug-bounty-hunting-74542dff9793?source=rss------bug_bounty-5Prathcybersecurity, pentesting, report, bug-bounty-tips, bug-bounty01-Dec-2023
What is this httpx thing? Using it in your adventure with Bugbounty?https://systemweakness.com/what-is-this-httpx-thing-using-it-in-your-adventure-with-bugbounty-f91f1ef31d49?source=rss------bug_bounty-5Vicky Aryanrecon, bug-bounty, cybersecurity, hacking, httpx01-Dec-2023
Verification Bypass via “Mass Assignment”https://larebsec.medium.com/verification-bypass-via-mass-assignment-25707e210a42?source=rss------bug_bounty-5Larebbug-bounty, cybersecurity, bugbounty-writeup, hacking, vulnerability01-Dec-2023
How attackers use ARP Spoofing / Poisoning to takeover a complete Network!!https://medium.com/@hackerdom_devil/how-attackers-use-arp-spoofing-poisoning-to-takeover-a-complete-network-8477cea362c4?source=rss------bug_bounty-5Gokuleswaran Bpenetration-testing, bug-bounty, ethical-hacking, network-security, arp-spoofing01-Dec-2023
Building Kubernetes Detections: Strengthening Security with Real-world Exampleshttps://medium.com/@paritoshblogs/building-kubernetes-detections-strengthening-security-with-real-world-examples-8268cddd852f?source=rss------bug_bounty-5Paritoshbug-bounty, cybersecurity, programming, information-security, hacking01-Dec-2023
Part 03 | What To Do After Choosing a Target? | Post Recon |Bug Bountyhttps://infosecwriteups.com/part-03-what-to-do-after-choosing-a-target-post-recon-bug-bounty-1a7f431b4d79?source=rss------bug_bounty-5Om Arorabug-bounty, hacking, bug-bounty-tips, methodology, infosec01-Dec-2023
Navigating the Bug Bounty Arena: Earn $605,000 Reward, Learn Morehttps://medium.com/coded-tech-talk/navigating-the-bug-bounty-arena-earn-605-000-reward-learn-more-e754e077a81c?source=rss------bug_bounty-5Coded Conversationsbug-bounty-tips, cybersecurity, security, hacking, bug-bounty01-Dec-2023
Project 2510: Bug Bounty Challenge — The End?https://wallotry.medium.com/project-2510-bug-bounty-challenge-the-end-afb67ea2abd1?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunting, bug-bounty30-Nov-2023
Exploring the Logic of XSS Attacks and Bypassing Techniques through Browser Decodinghttps://medium.com/@test_90648/considering-xss-attacks-and-bypass-logic-from-the-perspective-of-browser-decoding-logic-can-provide-b4579d3c458b?source=rss------bug_bounty-5JessicaSecurityxs, bug-bounty, web, security, browsers30-Nov-2023
What is SQL injectionhttps://medium.com/@savanghori1203/what-is-sql-injection-a3907c6967a5?source=rss------bug_bounty-5Savanghorivulnerability, bug-bounty-tips, bug-bounty, sql-injection, sql30-Nov-2023
Cross-Site Scripting (XSS)https://medium.com/@savanghori1203/cross-site-scripting-xss-b6139b38fa2b?source=rss------bug_bounty-5Savanghoribug-bounty, xss-vulnerability, bug-bounty-tips, bugs, xss-attack30-Nov-2023
The Shocking Truth Behind Indicators of Compromise (IOCs) — You Won’t Believe What We Found!https://medium.com/@paritoshblogs/the-shocking-truth-behind-indicators-of-compromise-iocs-you-wont-believe-what-we-found-5255d54b98d9?source=rss------bug_bounty-5Paritoshbug-bounty, malware-analysis, cybersecurity, ioc, information-security30-Nov-2023
Subdomain Enumeration Techniqueshttps://medium.com/@savanghori1203/subdomain-enumeration-00f487d6b829?source=rss------bug_bounty-5Savanghoribug-bounty-tips, bug-bounty, recon, subdomains-enumeration, subdomain30-Nov-2023
Day 11 Bug Bounty — 60 days 60 bugs challengehttps://medium.com/@avbhijitdutta99/day-11-bug-bounty-60-days-60-bugs-challenge-530119a74c90?source=rss------bug_bounty-5Abhijit Duttabugbountychallenge, bug-bounty-tips, bug-bounty, bug-bounty-writeup30-Nov-2023
Network Managed Detection and Response (NMDR): Strengthening Cybersecurity Defenseshttps://medium.com/@paritoshblogs/network-managed-detection-and-response-nmdr-strengthening-cybersecurity-defenses-a8a5e989b310?source=rss------bug_bounty-5Paritoshinformation-security, managed-detection, bug-bounty, nmdr, cybersecurity30-Nov-2023
Server-Side Request Forgery (SSRF)https://medium.com/@savanghori1203/server-side-request-forgery-ssrf-1e9755b38c59?source=rss------bug_bounty-5SavanGhorissrf, vulnerability, bug-bounty, ssrf-bug, bug-bounty-tips30-Nov-2023
Ödeme sayfasında Business Logichttps://medium.com/@el-cezeri/%C3%B6deme-sayfas%C4%B1nda-business-logic-cba493d9f6b8?source=rss------bug_bounty-5Samet Yiğitbugbounty-writeup, ödülavcılığı, bug-bounty30-Nov-2023
Remote Code Execution (RCE)https://medium.com/@savanghori1203/remote-code-execution-rce-9f078b98316a?source=rss------bug_bounty-5SavanGhoribugs, bug-bounty-tips, bug-bounty, rce, vulnerability30-Nov-2023
Insecure Direct Object Reference(IDOR)https://medium.com/@savanghori1203/idor-insecure-direct-object-reference-88576225e265?source=rss------bug_bounty-5SavanGhorivulnerability, idor, bugs, bug-bounty, bug-bounty-tips30-Nov-2023
Simple Recon Di Android Menggunakan Tools TheTimeMachine dan Dirsearchhttps://alpinnnnnn13.medium.com/simple-recon-di-android-menggunakan-tools-thetimemachine-dan-dirsearch-3384aad17c15?source=rss------bug_bounty-5Mohammad Alfin Hidayatullahbug-bounty, bug-bounty-tips, recon, scanning30-Nov-2023
Race Condition - A cURL Chaoshttps://shahjerry33.medium.com/race-condition-a-curl-chaos-820cb289cbf1?source=rss------bug_bounty-5Jerry Shah (Jerry)cybersecurity, infosec, bug-bounty, vulnerability, pentesting30-Nov-2023
Easy Bug Hunting: HTML Injection Explained Step by Step”https://medium.com/@faizankhaliq26/easy-bug-hunting-html-injection-explained-step-by-step-011901f183d9?source=rss------bug_bounty-5MUHAMMAD FAIZAN KHANbwapp, bug-bounty, web-application-security, penetration-testing, html-injection30-Nov-2023
Top Free Resources for Ethical Hacking and Bug Bounty Beginners & Expertshttps://infosecwriteups.com/top-free-resources-for-ethical-hacking-and-bug-bounty-beginners-experts-9556ef045db4?source=rss------bug_bounty-5Jarred Longoriacybersecurity, ethical-hacking, bug-bounty, free-resources30-Nov-2023
1.11 Lab: Blind SQL injection with time delays and information retrieval | 2023https://cyberw1ng.medium.com/1-11-lab-blind-sql-injection-with-time-delays-and-information-retrieval-2023-e8123405e87d?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, penetration-testing, hacking, bug-bounty30-Nov-2023
Easy Bug Hunting: HTML Injection Explained Step by Stephttps://medium.com/@faizankhaliq26/easy-bug-hunting-html-injection-explained-step-by-step-011901f183d9?source=rss------bug_bounty-5MUHAMMAD FAIZAN KHANbwapp, bug-bounty, web-application-security, penetration-testing, html-injection30-Nov-2023
Rise of Broken Access Controlhttps://medium.com/@rafinrahmanchy/rise-of-broken-access-control-51356916235f?source=rss------bug_bounty-5Rafin Rahman Chybug-bounty, appsec, application-security, infosec, web-security30-Nov-2023
Easy Bug Hunting: HTML Injection Explained Step by Stephttps://medium.com/@faizankhaliq26/easy-bug-hunting-html-injection-explained-step-by-step-011901f183d9?source=rss------bug_bounty-5bwapp, bug-bounty, web-application-security, penetration-testing, html-injection30-Nov-2023
Day 10 Bug Bounty — 60 days 60bugs challenge — New Start!https://medium.com/@avbhijitdutta99/day-10-bug-bounty-60-days-60bugs-challenge-new-start-832988aeb569?source=rss------bug_bounty-5Abhijit Duttabug-bounty, bug-bounty-tips, bugbountychallenge, bug-bounty-writeup29-Nov-2023
Windows Login Bypasshttps://infosecwriteups.com/windows-login-bypass-eab148bc9dd5?source=rss------bug_bounty-5c0d3x27software-development, bug-bounty, cybersecurity, windows, hacking29-Nov-2023
Cybersecurity Risk of Opening Up to the Internethttps://medium.com/@paritoshblogs/cybersecurity-risk-of-opening-up-to-the-internet-c624c9a018ba?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, programming, hacking, internet-of-things29-Nov-2023
OSINT: How to find information on anyonehttps://medium.com/@sakthi172000/osint-how-to-find-information-on-anyone-14514216cec1?source=rss------bug_bounty-5SAKTHIVEL Pbug-bounty, infosec, cybersecurity, osint, osint-tool29-Nov-2023
Mastering API Penetration Testing: A Comprehensive Guide for Security Pentestershttps://infosecwriteups.com/mastering-api-penetration-testing-a-comprehensive-guide-for-security-pentesters-bf62f65b5b21?source=rss------bug_bounty-5Suprajabaskaranethical-hacking, bug-bounty, pentesting, cybersecurity, api29-Nov-2023
Useful tools for bug hunterhttps://medium.com/@cyberhansu/useful-tools-for-bug-hunter-f493866fa1bc?source=rss------bug_bounty-5cyberhansuhunter-s-thompson, bug-hunting, bug-bounty, hacker, bug-hunter29-Nov-2023
How to make money legally as a Hackerhttps://medium.com/@cyberhansu/how-to-make-money-legally-as-a-hacker-c27037b143a9?source=rss------bug_bounty-5cyberhansubug-bounty, make-money, web-application-security, mobileapplicationsecurity29-Nov-2023
PII Disclosure Worth $750https://vijetareigns.medium.com/pii-disclosure-worth-750-758b72e7e8ca?source=rss------bug_bounty-5the_unlucky_guybug-bounty-tips, bugbounty-writeup, bug-bounty, bug-bounty-writeup, cybersecurity29-Nov-2023
R.xyz: Web3 Bug Bounty Platformhttps://medium.com/coinmonks/r-xyz-web3-bug-bounty-platform-95d48c911989?source=rss------bug_bounty-5Officer's Notessmart-contract-security, bug-bounty-tips, bug-bounty, hacking, web329-Nov-2023
CRLF to XSShttps://medium.com/@a7med.ctf/crlf-to-xss-8059ceefd349?source=rss------bug_bounty-5Ahmed Mahmouedsnapchat, bug-bounty-tips, hacker, bug-bounty29-Nov-2023
Aztec Multiple-Spend Error Bugfix Reviewhttps://medium.com/immunefi/aztec-multiple-spend-error-bugfix-review-20074581d224?source=rss------bug_bounty-5Immunefi Editorcryptocurrency, security, bug-bounty, web3, multiple-spend-error29-Nov-2023
1.10 Lab: Blind SQL injection with time delays | 2023https://cyberw1ng.medium.com/1-10-lab-blind-sql-injection-with-time-delays-2023-a95a3b8557ec?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, hacking, cybersecurity, careers29-Nov-2023
IWCON 2023 CTF Registrations Now Openhttps://infosecwriteups.com/iwcon-2023-ctf-registrations-now-open-46c2611714f0?source=rss------bug_bounty-5InfoSec Write-upsctf, conference, infosec, hacking, bug-bounty29-Nov-2023
Top 25 Advanced Google Dorks for Uncovering Sensitive Documentshttps://osintteam.blog/top-25-advanced-google-dorks-for-uncovering-sensitive-documents-a9705e05353d?source=rss------bug_bounty-5as-squirrelosint, cybersecurity, hacking, google-dork, bug-bounty29-Nov-2023
Fat GET Authorization Bypasshttps://medium.com/techiepedia/fat-get-authorization-bypass-521a1ca37b6e?source=rss------bug_bounty-5Jessprogramming, hackerone, security, bug-bounty, bug-bounty-tips29-Nov-2023
HackTheBox — Web Attacks: Error Based XXE to exfiltrate datahttps://medium.com/@harry.hphu/hackthebox-web-attacks-error-based-xxe-to-exfiltrate-data-3f577eef18c7?source=rss------bug_bounty-5Huy Phuowasp-top-10, web-security, hackthebox, xxe-attack, bug-bounty28-Nov-2023
HackTheBox — Web Attacks: XXE with Blind Exfiltration Datahttps://medium.com/@harry.hphu/hackthebox-web-attacks-xxe-with-blind-exfiltration-data-123d4be1245e?source=rss------bug_bounty-5Huy Phubug-bounty, owasp-top-10, web-security, xxe-attack, hackthebox28-Nov-2023
Catching C2s with Regex Signatures, TLS Certificates, and OSINThttps://medium.com/@paritoshblogs/catching-c2s-with-regex-signatures-tls-certificates-and-osint-8871d9a46602?source=rss------bug_bounty-5Paritoshbug-bounty, information-security, cybersecurity, command-and-control, hacking28-Nov-2023
Apple security research.https://medium.com/@abhay2432455/apple-security-research-8780372757be?source=rss------bug_bounty-5Abhay Kailasiagoogle, apple, cybersecurity, bug-bounty, bug-bounty-writeup28-Nov-2023
XSS - Weaponization ATOhttps://p4n7h3rx.medium.com/xss-weaponization-ato-1de0ee30526b?source=rss------bug_bounty-5p4n7h3rxpenetration-testing, cybersecurity, infosec, bug-bounty-tips, bug-bounty28-Nov-2023
1.9 Lab: Visible error-based SQL injection | 2023https://cyberw1ng.medium.com/1-9-lab-visible-error-based-sql-injection-2023-771157e90ad8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, careers, penetration-testing28-Nov-2023
VulnLab — SQLi Injection series — Bypass Loginhttps://medium.com/@deandradarra05/vulnlab-sqli-injection-series-bypass-login-0d6af43a395d?source=rss------bug_bounty-5Deandradarrapenetration-testing, cybersecurity, bug-bounty, sqli28-Nov-2023
The Bug Hunter’s Methodology Live Course Reviewhttps://medium.com/@cybersekler/the-bug-hunters-methodology-live-course-review-4261a7a9121e?source=rss------bug_bounty-5Cyber Seklerhacking, red-team, reconnaissance, bug-bounty, application-security28-Nov-2023
Hall of Fame at NASAhttps://medium.com/@bijoy.redteamacademy/hall-of-fame-at-nasa-91539af7826c?source=rss------bug_bounty-5BIJOY Bgoogle-ads, hacker-news, google, nasa, bug-bounty28-Nov-2023
Understanding and Mitigating Insecure Direct Object References (IDOR) Vulnerabilitieshttps://medium.com/@harry.hphu/understanding-and-mitigating-insecure-direct-object-references-idor-vulnerabilities-b27047015e15?source=rss------bug_bounty-5Huy Phuidor-vulnerability, bug-bounty, web-security, owasp-top-10, hackthebox27-Nov-2023
Burpsuite Custom Scan Profileshttps://mrrootsec.medium.com/burpsuite-custom-scan-profiles-12a9df9e36bd?source=rss------bug_bounty-5mrrootsecowasp-top-10, bug-bounty, application-security-test27-Nov-2023
Understanding XML External Entity (XXE) Vulnerabilitieshttps://medium.com/@harry.hphu/understanding-xml-external-entity-xxe-vulnerabilities-e8b64c2c2b3c?source=rss------bug_bounty-5Huy Phubug-bounty, owasp-top-10, xml-injection, hackthebox, web-security27-Nov-2023
Confounding Adversaries Through the Art of Illusionhttps://medium.com/@paritoshblogs/confounding-adversaries-through-the-art-of-illusion-5cc56090d93a?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, information-security, cybersecurity, hacking27-Nov-2023
Unveiling Critical Bug Using Directory Search — Bug Bounty Tip!https://medium.com/@learningstuff110/unveiling-critical-bug-using-directory-search-bug-bounty-tip-330d4d9900ee?source=rss------bug_bounty-5Fahad Hasanweb-app-development, vulnerability, bug-bounty, cybersecurity, penetration-testing27-Nov-2023
Confounding Adversaries Through the Art of Illusionhttps://osintteam.blog/confounding-adversaries-through-the-art-of-illusion-5cc56090d93a?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, information-security, cybersecurity, hacking27-Nov-2023
Ruby One — Bug Bounty Program & Claim Your $RUBYhttps://rubyprotocol.medium.com/ruby-one-bug-bounty-program-claim-your-ruby-848c81c4b164?source=rss------bug_bounty-5Ruby Protocolblockchain, cryptocurrency, bug-bounty, crypto, ethereum27-Nov-2023
HTTP/2 Request Smugglinghttps://medium.com/@kerstanhgnhzhw/http-2-request-smuggling-eb56cfd84a37?source=rss------bug_bounty-5kerstanweb-security, bug-bounty, security, request-smuggling, pentesting27-Nov-2023
Kaynak kodu ile XSS’i nasıl buldum ?https://medium.com/@el-cezeri/kaynak-kodu-ile-xssi-nas%C4%B1l-buldum-9cf2632f4717?source=rss------bug_bounty-5Samet Yiğitxss-attack, bug-bounty-tips, ödülavcılığı, bug-bounty27-Nov-2023
Website Scanner…https://medium.com/@psychomong/website-scanner-4856d77bc600?source=rss------bug_bounty-5psychomonghacking, gui, scanner, bug-bounty, web27-Nov-2023
@pdiscoveryio’s Katana for Bug Bounty.https://medium.com/@BrownBearSec/pdiscoveryios-katana-for-bug-bounty-1aee11cfae14?source=rss------bug_bounty-5BrownBearSecbug-bounty, cybersecurity, bug-bounty-tips, red-team, infosec27-Nov-2023
1.8 Lab: Blind SQL injection with conditional errors | 2023https://cyberw1ng.medium.com/1-8-lab-blind-sql-injection-with-conditional-errors-2023-da84a7836bcd?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, cybersecurity, bug-bounty27-Nov-2023
My bug bounty journey: #1 Linuxhttps://medium.com/@VDMoscar/my-bug-bounty-journey-1-linux-176d3b4f4065?source=rss------bug_bounty-5Oscar Vandermeulenbug-bounty, hacking27-Nov-2023
Code4rena Audithttps://medium.com/@panoptic_xyz/code4rena-audit-96902468eece?source=rss------bug_bounty-5Panopticpanoptic, audit, bug-bounty, perpetual-options27-Nov-2023
“Navigating Risks: Vulnerability Stemming from a Third-Party Integration”https://shubhdeepp.medium.com/navigating-risks-vulnerability-stemming-from-a-third-party-integration-c877d15977d8?source=rss------bug_bounty-5shubhdeepvulnerability-assessment, vulnerability, cybersecurity, bug-bounty, supply-chain-management27-Nov-2023
HackTheBox — Web Attacks: From XXE Injection to Advanced Local File Disclosurehttps://medium.com/@harry.hphu/hackthebox-web-attacks-from-xxe-injection-to-advanced-local-file-disclosure-64d1bf5acdca?source=rss------bug_bounty-5Huy Phuweb-security, owasp-top-10, bug-bounty, xxe-attack, hackthebox27-Nov-2023
HackTheBox — Web Attacks: Mass IDOR enumerationhttps://medium.com/@harry.hphu/hackthebox-web-attacks-mass-idor-enumeration-dc12da1f6333?source=rss------bug_bounty-5Huy Phuhackthebox, owasp-top-10, bug-bounty, web-attack, mass-idor-enumeration26-Nov-2023
Bug Zero at a Glance [01–18 November]https://blog.bugzero.io/bug-zero-at-a-glance-01-18-november-1cfce20b881c?source=rss------bug_bounty-5Januka Dharmapriyabug-zero, cybersecurity, bug-bounty, sri-lanka, newsletter26-Nov-2023
HackTheBox — Web Attacks — IDOR: Bypassing Encoded Referenceshttps://medium.com/@harry.hphu/hackthebox-web-attacks-idor-bypassing-encoded-references-4e28008120fc?source=rss------bug_bounty-5Huy Phuidor-vulnerability, web-security, bug-bounty, hackthebox-writeup, owasp-top-1026-Nov-2023
Waybackurls leads to pwned Admin Panelhttps://medium.com/@cybersolution2172/waybackurls-leads-to-pwned-admin-panel-ac3f728b87ac?source=rss------bug_bounty-5Satyam Singhinfosec, bug-bounty, bug-bounty-tips, hacking, vulnerability26-Nov-2023
A Thrilling Expedition into AWS Securityhttps://medium.com/@paritoshblogs/a-thrilling-expedition-into-aws-security-bbce85cd1eed?source=rss------bug_bounty-5Paritoshaws-security, aws, bug-bounty, information-security, cybersecurity26-Nov-2023
Story of Http password reset link for $$$https://devanshchauhan4565.medium.com/story-of-http-password-reset-link-for-15b583519e03?source=rss------bug_bounty-5Devansh chauhanwriting-tips, bug-bounty, bug-bounty-tips26-Nov-2023
HackTheBox — Web Attacks: IDOR in Insecure APIs Write uphttps://medium.com/@harry.hphu/hackthebox-web-attacks-idor-in-insecure-apis-write-up-7adcf4e68968?source=rss------bug_bounty-5Huy Phuhackthebox, owasp-top-10, idor-vulnerability, bug-bounty, api-security26-Nov-2023
CSRF Bug Hunting Methodology: Intermediatehttps://medium.com/@drthkol478/csrf-bug-hunting-methodology-intermediate-4d0df3b63b59?source=rss------bug_bounty-5Mikołaj Prus ( nullorx )network, web-app-security, bug-bounty, csrf, application-security26-Nov-2023
Explorando redes com ESP32 WIFI.https://higordiego.medium.com/explorando-redes-com-esp32-wifi-5b15d48d0880?source=rss------bug_bounty-5Higor Diegobug-bounty, pentesting, wifi, tutorial, iot26-Nov-2023
1.7 Lab: Blind SQL injection with conditional responses | 2023https://cyberw1ng.medium.com/1-7-lab-blind-sql-injection-with-conditional-responses-2023-db2102f1ce44?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, bug-bounty, hacking, cybersecurity26-Nov-2023
Exploring Networks with ESP32 WIFI.https://higordiego.medium.com/exploring-networks-with-esp32-wifi-778a8d42b7f1?source=rss------bug_bounty-5Higor Diegonetwork-security, pentesting, iot-security, osint, bug-bounty26-Nov-2023
Mastering the Art of Bug Bounty Reconnaissancehttps://medium.com/@faizankhaliq26/mastering-the-art-of-bug-bounty-reconnaissance-5e1ec42fc405?source=rss------bug_bounty-5MUHAMMAD FAIZAN KHANweb-application-testing, recon, information-gathering, web-application-security, bug-bounty26-Nov-2023
Writeup Bugcrowd — Private program — QR codeshttps://medium.com/@embossdotar/writeup-bugcrowd-private-program-qr-codes-fa338161175a?source=rss------bug_bounty-5embossdotarbugcrowd, writeup, bug-bounty, it-security, cybersecurity26-Nov-2023
How I Made $$$ Using Open-Redirecthttps://medium.com/@rahulnakum/how-i-made-using-open-redirect-799f9ab14bda?source=rss------bug_bounty-5Rahul Nakumbug-bounty25-Nov-2023
What Happens When Hackers Gain Local Account Access !!https://medium.com/@paritoshblogs/what-happens-when-hackers-gain-local-account-access-64fc39ed25f5?source=rss------bug_bounty-5Paritoshpentesting, bug-bounty, programming, cybersecurity, hacking25-Nov-2023
First massive bug: Noise’s AWS Bucket Misconfigurationhttps://anshjain-napster.medium.com/first-massive-bug-noises-aws-bucket-misconfiguration-802821ed98b6?source=rss------bug_bounty-5Napster_Anshvulnerability, bug-bounty, aws-s3, cybersecurity, security25-Nov-2023
how to install waybackurls on parrot OS in 3 simple stepshttps://medium.com/@diy_tech_genuis/how-to-install-waybackurls-on-parrot-os-in-3-simple-steps-fb4746302647?source=rss------bug_bounty-5diy_tech_genuishacking, diytechgenius, waybackurls, bug-bounty, parrotos25-Nov-2023
1.6 Lab: SQL injection UNION attack, retrieving multiple values in a single column | 2023https://cyberw1ng.medium.com/1-6-lab-sql-injection-union-attack-retrieving-multiple-values-in-a-single-column-2023-6fb957198939?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, bug-bounty, hacking25-Nov-2023
Detecting and Confirming Exfiltration Activity Through Endpoint Detection and Response (EDR)https://medium.com/@paritoshblogs/detecting-and-confirming-exfiltration-activity-through-endpoint-detection-and-response-edr-6ff4c89e9847?source=rss------bug_bounty-5Paritoshhacking, cybersecurity, bug-bounty, information-security, edr25-Nov-2023
5 thing most new bug bounty hunters do wronghttps://medium.com/@diy_tech_genuis/5-thing-most-new-bug-bounty-hunters-do-wrong-321cb152363c?source=rss------bug_bounty-5diy_tech_genuisdiytechgenius, hacking, help, tips, bug-bounty25-Nov-2023
$20,000 Paid For A Bug That No One Has Ever Expectedhttps://siddardajagabathina.medium.com/20-000-paid-for-a-bug-that-no-one-has-ever-expected-5a4778620999?source=rss------bug_bounty-5SIDDARDA GOWTHAM JAGABATHINAhackerone, bug-bounty, bugs, cybersecurity, cybersecurity-awareness25-Nov-2023
Critical misconfiguration in Firebase-Bug bountyhttps://medium.com/@facu.tha/critical-misconfiguration-in-firebase-e682ec4239d6?source=rss------bug_bounty-5Facundo Fernandezhacking, bug-bounty, penetration-testing, cybersecurity, bug-bounty-tips25-Nov-2023
Introduction to Cybersecurity for Beginners: Understanding the Digital Security Worldhttps://medium.com/@fiqrifirdaus/introduction-to-cybersecurity-for-beginners-understanding-the-digital-security-world-f136896cda85?source=rss------bug_bounty-5Aditya Fiqri Firdausbug-bounty, cyber, cybersecurity, malware25-Nov-2023
How i get my first Logic Bug and how to find themhttps://medium.com/@zomasec/how-i-get-my-first-logic-bug-and-how-to-find-them-dd5fdf6478ee?source=rss------bug_bounty-5Hazem El-Sayedcybersecurity, web-security, bug-bounty-tips, bug-bounty, bugs25-Nov-2023
How to Find First Bug (For Beginners)https://medium.com/@rajput623929/how-to-find-first-bug-for-beginners-f594230f9e36?source=rss------bug_bounty-5Mr.Horbiocybersecurity, penetration-testing, bug-bounty, hacking, tricks24-Nov-2023
Bash Scripting Logic Section Part 01https://medium.com/@Rat_Attack72/bash-scripting-logic-section-part-01-a7424f4dd6c2?source=rss------bug_bounty-5Rat_Attack72cybersecurity, bash, shell-script, bug-bounty, automation24-Nov-2023
1.5 Lab: SQL injection UNION attack, retrieving data from other tables | 2023https://cyberw1ng.medium.com/1-5-lab-sql-injection-union-attack-retrieving-data-from-other-tables-2023-3e13076915fa?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity24-Nov-2023
Breaking the HTTPS Barrier: A Hacker’s Guide to Sneaky Link Exploits!https://medium.com/@mohammedthoufeeq_25137/breaking-the-https-barrier-a-hackers-guide-to-sneaky-link-exploits-622b07710a1c?source=rss------bug_bounty-5Mohamed Thoufeeqcybersecurity, hackthebox, bug-bounty, hacking, programming24-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 5https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-5-c1343b0f0ef9?source=rss------bug_bounty-5Hacker's Dumphacking, bug-bounty, android, pentesting, penetration-testing24-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 4https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-4-9bba2880b8cb?source=rss------bug_bounty-5Hacker's Dumpbug-bounty, android, hacking, penetration-testing, hacker24-Nov-2023
Bug Hunter GPT: A Game-Changer in Cybersecurityhttps://medium.com/@multiplatform.ai/bug-hunter-gpt-a-game-changer-in-cybersecurity-b25ccbab2f93?source=rss------bug_bounty-5Multiplatform.AIbug-bounty, ai, bughuntergpt, ai-assistant, artificial-intelligence24-Nov-2023
Cybersecurity Challenges with TryHackMe: A Hands-On Approachhttps://medium.com/@paritoshblogs/cybersecurity-challenges-with-tryhackme-a-hands-on-approach-e62f76a50446?source=rss------bug_bounty-5Paritoshtryhackme, programming, hacking, bug-bounty, cybersecurity23-Nov-2023
Project 2510: Bug Bounty Challenge — Day 17/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-17-25-f1337a6f4e66?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-hunting23-Nov-2023
Yet Another Rate Limit.https://allenlopes23.medium.com/yet-another-rate-limit-71257e7b33a2?source=rss------bug_bounty-5Allen Lopesvulnerability, rate-limiting, bug-bounty23-Nov-2023
1.4 Lab: SQL injection UNION attack, finding a column containing text | 2023https://cyberw1ng.medium.com/1-4-lab-sql-injection-union-attack-finding-a-column-containing-text-2023-94f3ee243db8?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, hacking, cybersecurity, careers23-Nov-2023
bWAPP iFrame Injectionhttps://medium.com/@yusufbaris/bwapp-iframe-injection-22bee548c30a?source=rss------bug_bounty-5Yusuf Barışcybersecurity, penetration-testing, bug-bounty, web-security, hacking23-Nov-2023
Project 2510: Bug Bounty Challenge — Day 18/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-18-25-924740430094?source=rss------bug_bounty-5Wallotrybug-bounty-hunting, bug-bounty-hunter, bug-bounty-tips, bug-bounty23-Nov-2023
Powershell/JS Payloads: A Closer Look at Malicious Code Deliveryhttps://medium.com/@paritoshblogs/powershell-js-payloads-a-closer-look-at-malicious-code-delivery-818b0ee743a3?source=rss------bug_bounty-5Paritoshprogramming, hacking, bug-bounty, information-security, cybersecurity22-Nov-2023
7 Sneaky Hacks Cybercriminals Use to Outsmart Your Antivirus!https://medium.com/@paritoshblogs/7-sneaky-hacks-cybercriminals-use-to-outsmart-your-antivirus-66953a606a53?source=rss------bug_bounty-5Paritoshantivirus, cybersecurity, hacking, bug-bounty, darkweb22-Nov-2023
Apple webserver vulnerable for HTTP request Sumggling attackhttps://medium.com/@abdulriyaz1200/apple-webserver-vulnerable-for-http-request-sumggling-attack-cabe1d53dab1?source=rss------bug_bounty-5Abdulriyazbug-bounty-tips, bug-bounty, bug-bounty-writeup, apple, hall-of-fame22-Nov-2023
200$ bounty for CRLF injection Attackhttps://medium.com/@abdulriyaz1200/200-bounty-for-crlf-injection-attack-39c482bad796?source=rss------bug_bounty-5Abdulriyazbug-bounty, bug-bounty-tips, hall-of-fame, bugbounty-writeup22-Nov-2023
Mass Hunting XSS vulnerabilitieshttps://ott3rly.medium.com/mass-hunting-xss-vulnerabilities-5b53363dd3db?source=rss------bug_bounty-5Ott3rlybug-bounty-tips, bug-bounty, cross-site-scripting, bug-bounty-hunter, xss-vulnerability22-Nov-2023
Google dorking is one of the best method | Hall of fame from XXX.govhttps://medium.com/@abdulriyaz1200/google-dorking-is-one-of-the-best-method-hall-of-fame-from-xxx-gov-8db6aa3c69f3?source=rss------bug_bounty-5Abdulriyazbug-bounty, government, bug-bounty-tips22-Nov-2023
1.3 Lab: SQL injection UNION attack, determining the number of columns returned by the query | 2023https://cyberw1ng.medium.com/1-3-lab-sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-2023-441930bf38b7?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity22-Nov-2023
Exploiting Exposed .git File to Access Webmail Credentialshttps://medium.com/@tanyago/exploiting-exposed-git-file-to-access-webmail-credentials-4b47a3afff38?source=rss------bug_bounty-5Tanya Goyalbug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-hunting22-Nov-2023
Mass Hunting XSS vulnerabilitieshttps://infosecwriteups.com/mass-hunting-xss-vulnerabilities-5b53363dd3db?source=rss------bug_bounty-5Ott3rlybug-bounty-tips, bug-bounty, cross-site-scripting, bug-bounty-hunter, xss-vulnerability22-Nov-2023
Hoping for a Bug Bounty This Year at AWS re:Invent :^)https://medium.com/cloud-security/hoping-for-a-bug-bounty-this-year-at-aws-re-invent-5c8a76d09514?source=rss------bug_bounty-5Teri Radichelawswishlist, cloud, aws, bug-bounty, security22-Nov-2023
Bug Hunter jornal Day #0https://medium.com/@joaomaia171820/bug-hunter-jornal-day-0-7a451f0292aa?source=rss------bug_bounty-5Jhonny_The_Kidcybersecurity, bug-bounty-writeup, bug-bounty-program, bug-bounty, hacking22-Nov-2023
SAML authentication bypass leads to account takeoverhttps://medium.com/@Xt3sY/saml-authentication-bypass-leads-to-account-takeover-f9aaa37a34fe?source=rss------bug_bounty-5Pushkar Bhagatbugs, bug-bounty, hacking, hackerone22-Nov-2023
How to earn $DCT on DecentraCredit Testnet V1 on Arbitrumhttps://decentracredit.medium.com/how-to-earn-dct-on-decentracredit-testnet-v1-on-arbitrum-915d9995c2e4?source=rss------bug_bounty-5Decentra Creditarbitrum, testnet-airdrop, bug-bounty, ethereum, airdrop22-Nov-2023
Semi-Automating IDORs: A Practical Approach to Working Smarter, Not Harderhttps://mux0xx.medium.com/semi-automating-idors-a-practical-approach-to-working-smarter-not-harder-5b7f1f47b55a?source=rss------bug_bounty-5Muhammed K. Sayedbug-bounty, cybersecurity, hacker, idor, hacking22-Nov-2023
Embracing the Future: Bug Bounty Hunting as a Lucrative Full-Time Careerhttps://infosecwriteups.com/embracing-the-future-bug-bounty-hunting-as-a-lucrative-full-time-career-3e4b147923f7?source=rss------bug_bounty-5Security Lit Limitedpenetration-testing, vulnerability, bug-bounty-tips, bug-bounty, cybersecurity22-Nov-2023
How i hacked a router (embedded system)https://medium.com/@Threat_Intelligence/how-i-hacked-a-router-embedded-system-9a5b8139e83e?source=rss------bug_bounty-5127.0.0.1 is safe.⚠️cybersecurity, tecnologia, hacking, bug-bounty, red-team22-Nov-2023
My First IDOR - Hiding in the Header Requesthttps://medium.com/@hbenja47/my-first-idor-hiding-in-the-header-request-8a03dddc23b5?source=rss------bug_bounty-5Benja (bronxi)hacker, bug-bounty, idor, hacking21-Nov-2023
Chaining CORS by Reflected XSS to Steal Sensitive Datahttps://infosecwriteups.com/chaining-cors-by-reflected-xss-to-steal-sensitive-data-c456e133c10d?source=rss------bug_bounty-5Mohammad reza Omranicybersecurity, infosec, steal-sensitive-data, cors-misconfiguration, bug-bounty21-Nov-2023
What is Next-Generation Antivirus (NGAV) ?https://medium.com/@paritoshblogs/what-is-next-generation-antivirus-ngav-f05267dd2613?source=rss------bug_bounty-5Paritoshbug-bounty, information-security, cybersecurity, hacking, antivirus21-Nov-2023
Top Recon Tools for Bug Bounty Huntershttps://securitycipher.medium.com/top-recon-tools-for-bug-bounty-hunters-fa655b8caf2e?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)bug-bounty, bug-bounty-tips, programming, cybersecurity, technology21-Nov-2023
Epic Bug Hunting Failures-2https://infosecwriteups.com/epic-bug-hunting-failures-2-fafb2af9b844?source=rss------bug_bounty-5Varshini Rameshdevelopment, hackerone, bug-bounty, cybersecurity, info-sec-writeups21-Nov-2023
The Crossroads of Code Crafting: A Personal Journey Between Rewriting and Quick Fixeshttps://blursdaywtf.medium.com/the-crossroads-of-code-crafting-a-personal-journey-between-rewriting-and-quick-fixes-8ab18e5a9a60?source=rss------bug_bounty-5Blursdaycoding, tech, bug-bounty, founders, apps21-Nov-2023
How I Gain $2,000-$3,000 a Month From Bug Bounties With No Code Experiencehttps://medium.com/@13032765d/how-i-gain-2-000-3-000-a-month-from-bug-bounties-with-no-code-experience-df2e89348fbb?source=rss------bug_bounty-5DataPsyLifemoney, hacking, side-hustle, bug-bounty, freelancing21-Nov-2023
Cybersecurity Toolshttps://bineshmadharapu.medium.com/cybersecurity-tools-02e85cb3c4ed?source=rss------bug_bounty-5Binesh Madharapucybersecurity, bug-bounty, network-security, nmap, ethical-hacking21-Nov-2023
CVE-2023–47837: ARMember ≤= 4.0.10 — Bypass Membership Planhttps://revan-ar.medium.com/cve-2023-47837-armember-4-0-10-bypass-membership-plan-4bc1e63f044c?source=rss------bug_bounty-5Revan Abug-bounty, wordpress, cve, bypass, privilege-escalation21-Nov-2023
SQL Injection UNION Attacks in Web App Pentesting | 2023https://cyberw1ng.medium.com/sql-injection-union-attacks-in-web-app-pentesting-2023-fbd072299b77?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, bug-bounty, cybersecurity21-Nov-2023
How to find sensitive information in an organization | (Como encontrar información sensible en una…https://medium.com/@l0calh0st/how-to-find-sensitive-information-in-an-organization-como-encontrar-informaci%C3%B3n-sensible-en-una-cb08c5128ab5?source=rss------bug_bounty-5127.0.0.1 is safe.⚠️tech, hacking, red-team, bug-bounty, cybersecurity21-Nov-2023
How I hacked Google’s bug tracking system itself for $15,600 in bountieshttps://jamilahmad-dev.medium.com/how-i-hacked-googles-bug-tracking-system-itself-for-15-600-in-bounties-0e9e36b772b9?source=rss------bug_bounty-5Jamil Ur Rehmanstartup, bug-bounty, security, google, technology21-Nov-2023
CRITICAL BUG Alert: How I HACKED into a company’s DATABASEhttps://jamilahmad-dev.medium.com/critical-bug-alert-how-i-hacked-into-a-companys-database-fc61179f5d5d?source=rss------bug_bounty-5Jamil Ur Rehmanhacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty, ethical-hacking21-Nov-2023
Project 2510: Bug Bounty Challenge — Day 16/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-16-25-f881c177b749?source=rss------bug_bounty-5Wallotrybug-bounty-hunting, bug-bounty-tips, bug-bounty, bug-bounty-hunter21-Nov-2023
Detecting and Understanding Cookies in Web Developmenthttps://medium.com/@nirvana.elahi/detecting-and-understanding-cookies-in-web-development-a520b279988b?source=rss------bug_bounty-5Nirvana Elowasp-top-10, cybersecurity, bug-bounty, penetration-testing21-Nov-2023
How to find sensitive information in an organization .https://medium.com/@Threat_Intelligence/how-to-find-sensitive-information-in-an-organization-como-encontrar-informaci%C3%B3n-sensible-en-una-cb08c5128ab5?source=rss------bug_bounty-5127.0.0.1 is safe.⚠️tech, hacking, red-team, bug-bounty, cybersecurity21-Nov-2023
Step-by-Step guide to writing a Metasploit Scripthttps://higordiego.medium.com/step-by-step-guide-to-writing-a-metasploit-script-6bacb96363e5?source=rss------bug_bounty-5Higor Diegovulnerability, exploit, bug-bounty, security, osint21-Nov-2023
Legal and Ethical Dimensions in Malware Analysis (Cybersecurity)https://medium.com/@paritoshblogs/legal-and-ethical-dimensions-in-malware-analysis-cybersecurity-86accca12049?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, legal, programming, hacking20-Nov-2023
Improper Input Sanitization Error in Web3https://medium.com/@vinaysati/improper-input-sanitization-error-in-web3-f4bd0f6d88cc?source=rss------bug_bounty-5Vinaysatihacking, cryptocurrency, bug-bounty, web3, web3bug20-Nov-2023
#3 Set-up FoxyProxy in Firefox — Guide for Burp Suitehttps://securitycipher.medium.com/3-set-up-foxyproxy-in-firefox-guide-for-burp-suite-ee9627b6f513?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)security, bug-bounty-tips, bug-bounty, penetration-testing, technology20-Nov-2023
Event Driven Bug Bounty on AWShttps://medium.com/@husein.ayoub/event-driven-bug-bounty-on-aws-d39f75d962a3?source=rss------bug_bounty-5Hussein Ayoubaws, bug-bounty, security20-Nov-2023
The Story of How I Hacked one of the online payment system website twicehttps://christmex.medium.com/the-story-of-how-i-hacked-one-of-the-online-payment-system-website-twice-b0ba48ed13db?source=rss------bug_bounty-5Jonathan Christianbug-bounty-writeup, programming, technology, cybersecurity, bug-bounty20-Nov-2023
ESSENTIAL HTML FOR HACKERShttps://medium.com/@agapehearts/essential-html-for-hackers-12d329927c9b?source=rss------bug_bounty-5Agape HearTsxss-attack, bug-bounty, html, hacker, pentesting20-Nov-2023
Writeups of All Apprentice Labs in Portswigger — All Lab’s Solution| Karthikeyan Nagarajhttps://cyberw1ng.medium.com/writeups-of-all-apprentice-labs-in-portswigger-all-labs-solution-karthikeyan-nagaraj-a5f23fd0c87b?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, penetration-testing, hacking20-Nov-2023
Go Beyond with Gretirehttps://systemweakness.com/go-beyond-with-gretire-313b7fbe3f47?source=rss------bug_bounty-5Whalebonecybersecurity, bug-bounty, open-source, information-security, hacking20-Nov-2023
Email address: The Online IDhttps://medium.com/@duncanochieng682/email-address-the-online-id-dd0061bf7828?source=rss------bug_bounty-5JateloCybersecinfosec, hacking, bug-bounty, ethical-hacking, blackhat20-Nov-2023
Understanding CVE-2023–46604: A Threat to Apache ActiveMQhttps://infosecwriteups.com/understanding-cve-2023-46604-a-threat-to-apache-activemq-d771eb408eba?source=rss------bug_bounty-5Security Lit Limitedbug-bounty, vulnerability, cybersecurity, programming, penetration-testing20-Nov-2023
Project 2510: Bug Bounty Challenge — Day 15/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-15-25-27d085f4bf95?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunting, bug-bounty-hunter, bug-bounty20-Nov-2023
Understanding CVE-2023–46604: A Threat to Apache ActiveMQhttps://securitylit.medium.com/understanding-cve-2023-46604-a-threat-to-apache-activemq-d771eb408eba?source=rss------bug_bounty-5Security Lit Limitedbug-bounty, vulnerability, cybersecurity, programming, penetration-testing20-Nov-2023
The Story of How I Hacked one of the online payment system websitehttps://christmex.medium.com/the-story-of-how-i-hacked-one-of-the-online-payment-system-website-twice-b0ba48ed13db?source=rss------bug_bounty-5Jonathan Christianbug-bounty-writeup, programming, technology, cybersecurity, bug-bounty20-Nov-2023
GraphQL Misconfiguration Leads to Unlimited Money Transfer (Intigriti CTF — Bug Bank)https://medium.com/@thewolfsec/graphql-misconfiguration-leads-to-unlimited-money-transfer-intigriti-ctf-bug-bank-48cdeb9c9aec?source=rss------bug_bounty-5TheWolf Secgraphql, intigriti, bug-bounty, ctf19-Nov-2023
#2 Different Burp Suite Tools — Guide for Burp Suitehttps://securitycipher.medium.com/2-different-burp-suite-tools-guide-for-burp-suite-7c5aa2ad05ed?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)penetration-testing, bug-bounty, security, cybersecurity, news19-Nov-2023
Find Vulnerabilities before other Hackers Exploitinghttps://medium.com/@salmanul060/find-vulnerabilities-before-other-hackers-exploiting-a86fe4c3d5eb?source=rss------bug_bounty-5Salmanul Farisweb-applications, cybersecurity, bug-bounty, penetrationtestingcompany, penetration-testing19-Nov-2023
SSTI bypass using CRLF (1337 UP CTF — Smarty Pants)https://medium.com/@thewolfsec/ssti-bypass-using-crlf-1337-up-ctf-smarty-pants-4ee8e1a72f98?source=rss------bug_bounty-5TheWolf Secintigriti, ssti, bug-bounty, ctf, php-developers19-Nov-2023
Privilege Escalation: Unauthorized Low-Privilege Users Creating Feature Bundleshttps://medium.com/@a13h1/privilege-escalation-unauthorized-low-privilege-users-creating-feature-bundles-75f6125eec78?source=rss------bug_bounty-5Abhi Sharmabug-bounty, programming, cybersecurity, hacking, api19-Nov-2023
#2 Different Burp Suite Tools — Guide for Burp Suitehttps://infosecwriteups.com/2-different-burp-suite-tools-guide-for-burp-suite-7c5aa2ad05ed?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)penetration-testing, bug-bounty, security, cybersecurity, news19-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 3https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-3-99e86d021190?source=rss------bug_bounty-5Hacker's Dumpandroid, android-pentesting, penetration-testing, hacking, bug-bounty19-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 4https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-4-c942fbd9cae5?source=rss------bug_bounty-5Hacker's Dumpbug-bounty, hacking, android, penetration-test, penetration-testing19-Nov-2023
23.6 Lab: Insecure direct object references | 2023https://cyberw1ng.medium.com/23-6-lab-insecure-direct-object-references-2023-dfd4a9f3eeb3?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, penetration-testing, hacking19-Nov-2023
A Guide to Indicators of Compromise (IoC) Analysishttps://medium.com/@paritoshblogs/a-guide-to-indicators-of-compromise-ioc-analysis-925708cbf8aa?source=rss------bug_bounty-5Paritoshprogramming, bug-bounty, ioc, hacking, cybersecurity19-Nov-2023
ByteGuard: Mastering the Art of Data Securityhttps://medium.com/@paritoshblogs/byteguard-mastering-the-art-of-data-security-5719be0d1c7c?source=rss------bug_bounty-5Paritoshinformation-security, data-security, cybersecurity, data, bug-bounty18-Nov-2023
Securing the Backbone: Supply Chain Securityhttps://medium.com/@paritoshblogs/securing-the-backbone-supply-chain-security-34282b6b505f?source=rss------bug_bounty-5Paritoshsupply-chain, information-security, cybersecurity, supply-chain-attack, bug-bounty18-Nov-2023
eWPTX Prepare Resourceshttps://medium.com/@0UN390/ewptx-prepare-resources-a741220cf145?source=rss------bug_bounty-50UN390bug-bounty, cybersecurity, web-security, penetration-testing18-Nov-2023
AppSec Tales XXIII | XPathIhttps://karol-mazurek95.medium.com/appsec-tales-xxiii-xpathi-ca6171826d2a?source=rss------bug_bounty-5Karol Mazurekinformation-technology, cybersecurity, application-security, bug-bounty, penetration-testing18-Nov-2023
#Day6 Bug Bounty Recon Part 2: ( Subdomains and S3 buckets )https://medium.com/codingninjablogs/day6-bug-bounty-recon-part-2-subdomains-and-s3-buckets-1a01780e6908?source=rss------bug_bounty-5OBSIDIANprogramming, technology, bug-bounty, ethical-hacking, cybersecurity18-Nov-2023
23.5 Lab: User ID controlled by request parameter with password disclosure | 2023https://cyberw1ng.medium.com/23-5-lab-user-id-controlled-by-request-parameter-with-password-disclosure-2023-ad748d1daa9e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing18-Nov-2023
Hacking Microsoft IIS : Enumerating IIS for Vhttps://medium.com/@mudasserhussain1111/hacking-microsoft-iis-enumerating-iis-for-v-39de5a27f101?source=rss------bug_bounty-5Mudasser Hussaininfosec-write-ups, cybersecurity, hacking, microsoft, bug-bounty18-Nov-2023
OAuth Misconfiguration Leads To Pre-Account Takeover(snapchat)https://medium.com/@a7med.ctf/oauth-misconfiguration-leads-to-pre-account-takeover-snapchat-129b118661f6?source=rss------bug_bounty-5Ahmed Mahmouedhacking, bug-bounty-tips, bug-bounty18-Nov-2023
CVE-2023–36025: An In-Depth Analysis of Circumventing Windows SmartScreen Securityhttps://infosecwriteups.com/cve-2023-36025-an-in-depth-analysis-of-circumventing-windows-smartscreen-security-6ff05c8b69d0?source=rss------bug_bounty-5Security Lit Limitedpenetration-testing, threat-intelligence, cybersecurity, microsoft, bug-bounty18-Nov-2023
Default Credentials, P1 with $$$$ Reward in a Bug Bounty Programhttps://medium.com/@jedus0r/default-credentials-p1-with-reward-in-a-bug-bounty-program-1aad9c008619?source=rss------bug_bounty-5jedus0rsecurity-research, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter18-Nov-2023
CVE-2023–35078 Unveiled: Ethical Vulnerability Discovery and Reporting By Me and My Hunting Buddy…https://medium.com/@jaini.rutvik/cve-2023-35078-unveiled-ethical-vulnerability-discovery-and-reporting-by-me-and-my-hunting-buddy-507582baf5c3?source=rss------bug_bounty-5Rj07responsible-disclosure, information-technology, zero-day, bug-bounty, information-security18-Nov-2023
Project 2510: Bug Bounty Challenge — Day 13/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-13-25-f6e21379749b?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-hunter, bug-bounty-hunting, bug-bounty-tips18-Nov-2023
Default Credentials, P1 with $$$$ Reward in a Bug Bounty Programhttps://systemweakness.com/default-credentials-p1-with-reward-in-a-bug-bounty-program-1aad9c008619?source=rss------bug_bounty-5jedus0rsecurity-research, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter18-Nov-2023
The Future of Cybersecurity: The Power of AI-Powered SIEMhttps://medium.com/@paritoshblogs/the-future-of-cybersecurity-the-power-of-ai-powered-siem-ae43921e9bce?source=rss------bug_bounty-5Paritoshbug-bounty, information-security, siem, hacking, cybersecurity17-Nov-2023
3 Command Line Games Which You Must Tryhttps://medium.com/@rushi.padhiyar098/3-command-line-games-which-you-must-try-fa77c2ff7127?source=rss------bug_bounty-5Cyph3r Ryxgames, cybersecurity, hacking, command-line, bug-bounty17-Nov-2023
Dastardly — Web Application Security Scanner — CI/CDhttps://securitycipher.medium.com/dastardly-web-application-security-scanner-ci-cd-3a4eea08719a?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)technology, security, bug-bounty, cybersecurity, penetration-testing17-Nov-2023
How I Automatically Generate XSS Payload & Automate Reflected XSShttps://ajaksecurity.medium.com/how-i-automatically-generate-xss-payload-automate-reflected-xss-be7c993f90d4?source=rss------bug_bounty-5Ajak Cyber securityhacking, cybersecurity, bug-bounty, ethical-hacking, penetration-testing17-Nov-2023
23.4 Lab: User ID controlled by request parameter with data leakage in redirect | 2023https://cyberw1ng.medium.com/23-4-lab-user-id-controlled-by-request-parameter-with-data-leakage-in-redirect-2023-5fa1b18bced1?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, bug-bounty, cybersecurity, security17-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 2https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-2-9c33c319a696?source=rss------bug_bounty-5Hacker's Dumpandroid-pentesting, android, penetration-testing, hacking, bug-bounty17-Nov-2023
How to find vulnerabilities in a web page in 10 minuteshttps://medium.com/@l0calh0st/how-to-find-vulnerabilities-in-a-web-page-in-10-minutes-66cd052b4fbc?source=rss------bug_bounty-5127.0.0.1 is safe.⚠️red-team, bug-bounty, error-message, cybersecurity, hacking17-Nov-2023
Access control vulnerabilitieshttps://medium.com/@abdullahwarsama28/access-control-vulnerabilities-02fe3ea2e17f?source=rss------bug_bounty-5Abdullah Warsamabug-bounty, web-security17-Nov-2023
JWT Intrigue: Hidden Keys within Web Applicationshttps://medium.com/@josh.beck2006/jwt-intrigue-hidden-keys-within-web-applications-4b042c80f427?source=rss------bug_bounty-5Josh Beckpenetration-testing, bug-bounty, cybersecurity, ctf-writeup, ctf16-Nov-2023
AuditOne Roundtable with Alexey from Aurora and Guido Vrankenhttps://medium.com/@auditone.io/auditone-roundtable-with-alexey-from-aurora-and-guido-vranken-3d7c709289c0?source=rss------bug_bounty-5AuditOnebug-bounty, defi, web3, aurora, fuzzing16-Nov-2023
#1 Introduction to Burp Suite — Guide for Burp Suitehttps://securitycipher.medium.com/1-introduction-to-burp-suite-guide-for-burp-suite-4054b64f10a0?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)penetration-testing, bug-bounty, cybersecurity, technology, security16-Nov-2023
Easy Admin Access — RVDPhttps://infosecwriteups.com/easy-admin-access-rvdp-d1eb2c97cb3e?source=rss------bug_bounty-5hackerdevilbug-bounty-tips, web-app-security, bug-bounty, bug-bounty-writeup, vulnerability-assessment16-Nov-2023
Bug Bounty Programs: Unleashing the Power of Ethical Hackinghttps://medium.com/@crawsecurity/bug-bounty-programs-unleashing-the-power-of-ethical-hacking-5da98f820ebb?source=rss------bug_bounty-5crawsecuritybug-bounty-program, bug-bounty, bug-bounty-tips, bugs, bug-bounty-writeup16-Nov-2023
Exploiting Blind XXE: Going Out of Bandhttps://medium.com/@mohamedtaha_42562/exploiting-blind-xxe-going-out-of-band-f04e3c1ea7ef?source=rss------bug_bounty-5Mohamed Tahasecurity, penetration-testing, bug-bounty16-Nov-2023
Introducing Bug Bounty Boosts: Supercharging Security With Timebound Eventshttps://medium.com/immunefi/introducing-bug-bounty-boosts-supercharging-security-with-timebound-events-51e3a1f208c3?source=rss------bug_bounty-5Immunefi Editorbug-bounty, web3, immunefi, cybersecurity, degate16-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 1https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-1-392cf9abf93f?source=rss------bug_bounty-5Hacker's Dumpandroid-pentesting, hacking, android, penetration-testing, bug-bounty16-Nov-2023
Malware Analysis: Understanding and Combatting Cyber Threatshttps://medium.com/@paritoshblogs/malware-analysis-understanding-and-combatting-cyber-threats-d0db1d56760c?source=rss------bug_bounty-5Paritoshmalware-analysis, hacking, bug-bounty, cybersecurity, information-security16-Nov-2023
How I got a $500 reward for finding an unacclaimed bucket on GitHubhttps://medium.com/@andre.pontes7/how-i-got-a-500-reward-for-finding-an-unacclaimed-bucket-on-github-57623c386515?source=rss------bug_bounty-5André Pontesaws-s3, hackerone, bug-bounty, aws16-Nov-2023
23.3 Lab: User ID controlled by request parameter, with unpredictable user IDs | 2023https://cyberw1ng.medium.com/23-3-lab-user-id-controlled-by-request-parameter-with-unpredictable-user-ids-2023-5827f93eca1d?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking16-Nov-2023
$1000 Bounty: How I scaled a Self-Redirect to an XSS in a web 3.0 system at Hackenproofhttps://erickfernandox.medium.com/1000-bounty-how-i-scaled-a-self-redirect-to-an-xss-in-a-web-3-0-system-at-hackenproof-37380f701892?source=rss------bug_bounty-5Erick Fernandobug-bounty, hackenproof, open-redirect, xss-bypass16-Nov-2023
DNS C2 — When Malware Goes Incognito!https://medium.com/@paritoshblogs/dns-c2-when-malware-goes-incognito-03fdc2e82057?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, information-security, dns, hacking15-Nov-2023
HackerOne Surpasses $300 Million in Rewards for Ethical Hackershttps://medium.com/@zerosecurity/hackerone-surpasses-300-million-in-rewards-for-ethical-hackers-eba7be4f106c?source=rss------bug_bounty-5ZeroSecuritybug-bounty15-Nov-2023
LandRocker Bug Bounty Programhttps://landrocker.medium.com/landrocker-bug-bounty-program-aa2f55f47297?source=rss------bug_bounty-5LandRockerbug-bounty, bitcoin, cryptocurrency-investment, token-sale, web315-Nov-2023
23.2 Lab: User ID controlled by request parameter | 2023https://cyberw1ng.medium.com/23-2-lab-user-id-controlled-by-request-parameter-2023-74764905c72c?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, hacking, cybersecurity15-Nov-2023
Understanding Post-Exploitation: Cybersecurityhttps://medium.com/@paritoshblogs/understanding-post-exploitation-cybersecurity-5c8d11b75812?source=rss------bug_bounty-5Paritoshcybersecurity, programming, information-security, bug-bounty, post-exploitation15-Nov-2023
Idor That allowed me to get access to sensitive users files and share them -.-https://hamzadzworm.medium.com/idor-that-allowed-me-to-get-access-to-sensitive-users-files-and-share-them-f7da741e9f63?source=rss------bug_bounty-5Hamzadzwormbugbounty-writeup, bug-bounty-tips, hackerone, bug-bounty, cybersecurity15-Nov-2023
Unveiling Sensitive Information Exposure: IIS Tilde Enumeration Vulnerabilityhttps://medium.com/@mohammed0anas/unveiling-sensitive-information-exposure-iis-tilde-enumeration-vulnerability-ffe034073288?source=rss------bug_bounty-5Nasbug-bounty, hacking, cybersecurity, bug-bounty-writeup15-Nov-2023
How I hacked Google’s bug tracking system itself for $15,600 in bountieshttps://homosapienimo.medium.com/how-i-hacked-googles-bug-tracking-system-itself-for-15-600-in-bounties-65c5aacaacdf?source=rss------bug_bounty-5Homo Sapiensbug-bounty, startup, google, technology, security15-Nov-2023
Project 2510: Bug Bounty Challenge — Day 10/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-10-25-7b9651fb1b26?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-hunting, bug-bounty, bug-bounty-tips15-Nov-2023
Exploiting Parallels Plesk Panels With Shodanhttps://blog.meese.enterprises/exploiting-parallels-plesk-panels-with-shodan-282248855af2?source=rss------bug_bounty-5Aaron Meesecybersecurity, shodan, osint-investigation, osint, bug-bounty15-Nov-2023
Detection Engineering: Strengthening Cybersecurity Defensehttps://medium.com/@paritoshblogs/detection-engineering-strengthening-cybersecurity-defense-8d31ab7a2d46?source=rss------bug_bounty-5Paritoshbug-bounty, information-security, detection-engineering, hacking, cybersecurity14-Nov-2023
Hackathon : KPU.GO.IDhttps://medium.com/@angryovalegg/hackathon-kpu-go-id-8fb6f3ce0d61?source=rss------bug_bounty-5Angry Oval Egghackathons, indo-hacker, bug-bounty, kpu, pemilu14-Nov-2023
How to find probably vulnerable objects in your own surface with Netlas.io?https://systemweakness.com/how-to-find-probably-vulnerable-objects-in-your-own-surface-with-netlas-io-7f3448363892?source=rss------bug_bounty-5Netlas.ioscript, automation, bug-bounty, attack-surface, reconnaissance14-Nov-2023
#4 Session Fixation — Secure Code Explainhttps://securitycipher.medium.com/4-session-fixation-secure-code-explain-7d9567f25f38?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)cybersecurity, technology, bug-bounty, vulnerability, coding14-Nov-2023
Escalating Blind SSRF to a Remote Code Executionhttps://mukibas37.medium.com/escalating-blind-ssrf-to-a-remote-code-execution-be65ed9a7d0f?source=rss------bug_bounty-5Mukilan Baskaraninfosec, ssrf, cybersecurity, bug-bounty, hacking14-Nov-2023
23.1 Lab: CORS vulnerability with trusted null origin | 2023https://cyberw1ng.medium.com/23-1-lab-cors-vulnerability-with-trusted-null-origin-2023-53d2de3b8e28?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, penetration-testing14-Nov-2023
Har Har Hijack: The Okta Plunderhttps://medium.com/@josh.beck2006/har-har-hijack-the-okta-plunder-8fb36f5c9d45?source=rss------bug_bounty-5Josh Beckpenetration-testing, cybersecurity, bug-bounty14-Nov-2023
bWAPP PHP Code Injectionhttps://medium.com/@yusufbaris/bwapp-php-code-injection-2b326b831924?source=rss------bug_bounty-5Yusuf Barışcybersecurity, web-security, hacking, bug-bounty, penetration-testing14-Nov-2023
Project 2510: Bug Bounty Challenge — Day 9/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-9-25-14cbedbecee2?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-hunting14-Nov-2023
Introduction to AI in Cybersecurityhttps://imran-niaz.medium.com/introduction-to-ai-in-cybersecurity-6d80460d9e37?source=rss------bug_bounty-5Imran Niazprogramming, cybersecurity, learning, penetration-testing, bug-bounty13-Nov-2023
Let's together dive deep into information disclosurehttps://medium.com/@parthnarulatech/lets-together-dive-deep-into-information-disclosure-8bdb0b5db728?source=rss------bug_bounty-5scriptjackerbug-bounty-tips, penetration-testing, bug-bounty, cybersecurity, owasp13-Nov-2023
SSL Search — A tool to identify infrastructure and discover attack surfaces.https://medium.com/@harsh8v/ssl-search-a-tool-to-identify-infrastructure-and-discover-attack-surfaces-449c83269574?source=rss------bug_bounty-5Harsh Varagiyabug-bounty, gcp, ssl-certificate, aws, internet13-Nov-2023
Google VRP -[IDOR] Deleted Victim Data & Leakedhttps://medium.com/@ggilang1135/google-vrp-idor-deleted-victim-data-leaked-0b3cba8e3f7a?source=rss------bug_bounty-5Gilang Romadonbug-bounty, idor-vulnerability, bug-bounty-tips, ggilangromadon, google-vrp13-Nov-2023
Announcing IWCON 2023 Speakers Second Batchhttps://infosecwriteups.com/announcing-iwcon-2023-speakers-second-batch-26762dc93491?source=rss------bug_bounty-5InfoSec Write-upsinfosec, security, bug-bounty, conference, hacking13-Nov-2023
Cracking the Code, Cobalt Strike — More Than Just a Fancy Pen Test Tool (And Why Cyber Baddies…https://medium.com/@paritoshblogs/cracking-the-code-cobalt-strike-more-than-just-a-fancy-pen-test-tool-and-why-cyber-baddies-8b5c56ece92c?source=rss------bug_bounty-5Paritoshbug-bounty, pentesting, cybersecurity, hacking, cobalt-strike13-Nov-2023
22.2 Lab: JWT authentication bypass via flawed signature verification | 2023https://cyberw1ng.medium.com/22-2-lab-jwt-authentication-bypass-via-flawed-signature-verification-2023-2a1d63d18ab2?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, bug-bounty, cybersecurity, penetration-testing13-Nov-2023
Weirdest API that has been ever foundhttps://medium.com/@mmaulanaabdullah/weirdest-api-that-has-been-ever-found-9270720d6f02?source=rss------bug_bounty-5M Maulana Abdullahwriteup, api, bug-bounty, api-development13-Nov-2023
Authentication Vulnerabilities- Lab #9 Brute-forcing a stay-logged-in cookiehttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-9-brute-forcing-a-stay-logged-in-cookie-dda91125f5f2?source=rss------bug_bounty-5dollarboysushilcookie-hacking, web-security, cybersecurity, portswigger, bug-bounty13-Nov-2023
Project 2510: Bug Bounty Challenge — Day 8/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-8-25-ea9bc1addd63?source=rss------bug_bounty-5Wallotrybug-bounty-hunting, bug-bounty, bug-bounty-hunter, bug-bounty-tips13-Nov-2023
I created posts on the newsletter page dedicated to the program administratorhttps://medium.com/@hossam_hamada/i-created-posts-on-the-newsletter-page-dedicated-to-the-program-administrator-aa271980aa53?source=rss------bug_bounty-5Hossam Hamadabug-bounty, penetration-testing, idor, idor-vulnerability, bug-hunting12-Nov-2023
1200$ IDOR Flaw: Allow Attacker To Approve Project Time Trackinghttps://medium.com/@a13h1/1200-idor-flaw-allow-attacker-to-approve-project-time-tracking-a9f64c06732a?source=rss------bug_bounty-5Abhi Sharmabug-bounty, programming, hacking, information-security, cybersecurity12-Nov-2023
Crafting XSS (Cross-Site Scripting) payloadshttps://infosecwriteups.com/crafting-xss-cross-site-scripting-payloads-919f62171bd0?source=rss------bug_bounty-5Security Lit Limitedxss-vulnerability, bug-bounty, xss-attack, technology, cybersecurity12-Nov-2023
Authentication Vulnerabilities- Lab #8 2FA (Two Factor Authentication) broken logichttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-8-2fa-two-factor-authentication-broken-logic-b3c6cd8923b9?source=rss------bug_bounty-5dollarboysushilportswigger, cybersecurity, 2fa-hacking, web-security, bug-bounty12-Nov-2023
22.1 Lab: JWT authentication bypass via unverified signature | 2023https://cyberw1ng.medium.com/22-1-lab-jwt-authentication-bypass-via-unverified-signature-2023-4401628467d9?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, penetration-testing, careers12-Nov-2023
Finding Sneaky Hackers, The Ultimate Way of Stalking Cyber Intruders (Without a Trench Coat)https://medium.com/@paritoshblogs/finding-sneaky-hackers-the-ultimate-way-of-stalking-cyber-intruders-without-a-trench-coat-8db574697fe7?source=rss------bug_bounty-5Paritoshprogramming, cybersecurity, lateral-movement, bug-bounty, hacking12-Nov-2023
Project 2510: Bug Bounty Challenge — Day 7/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-7-25-a9367edc5864?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-hunting12-Nov-2023
Introduction to API Hacking: A Free Course to Level Up Your Skillshttps://medium.com/@maisamnoyan/introduction-to-api-hacking-a-free-course-to-level-up-your-skills-537bfc70180d?source=rss------bug_bounty-5 Maisam Noyanhacking, bug-bounty, free-course, api, course11-Nov-2023
Authentication Vulnerabilities- Lab #4 Username enumeration via subtly different responseshttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-4-username-enumeration-via-subtly-different-responses-5eb512d899fa?source=rss------bug_bounty-5dollarboysushilweb-security, portswigger, bug-bounty, cybersecurity11-Nov-2023
Attention Cyber Enthusiasts! Exciting News Ahead! ️https://cyberconqueror.medium.com/attention-cyber-enthusiasts-exciting-news-ahead-%EF%B8%8F-26399c20b71a?source=rss------bug_bounty-5Cyber Conquerorfree-course, information-security, cybersecurity, bug-bounty, free11-Nov-2023
Authentication Vulnerabilities- Lab #5 Username enumeration via response timinghttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-5-username-enumeration-via-response-timing-16b07552275a?source=rss------bug_bounty-5dollarboysushilportswigger, bug-bounty, cybersecurity, hacking-passwords11-Nov-2023
AppSec Tales XXII | LDAPIhttps://karol-mazurek95.medium.com/appsec-tales-xxii-ldapi-fcef1f40e9b2?source=rss------bug_bounty-5Karol Mazurekinformation-technology, bug-bounty, cybersecurity, information-security, penetration-testing11-Nov-2023
JWT attack vulnerabilities in Web App Penetration Testing | 2023https://cyberw1ng.medium.com/jwt-attack-vulnerabilities-in-web-app-penetration-testing-2023-4eb8916133dc?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, penetration-testing, bug-bounty, cybersecurity11-Nov-2023
Downloading files using POST request (unorthodox method)https://medium.com/@paritoshblogs/downloading-files-using-post-request-unorthodox-method-d042bb06c1ce?source=rss------bug_bounty-5Paritoshcybersecurity, programming, bug-bounty, hacking, html11-Nov-2023
Authentication Vulnerabilities- Lab #6 Broken brute-force protection, IP blockhttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-6-broken-brute-force-protection-ip-block-b3afca0a2ea7?source=rss------bug_bounty-5dollarboysushilbrute-force, web-security, cybersecurity, bug-bounty, portswigger11-Nov-2023
Reconnaissance Is The Key — Bug Bounty Tip!https://medium.com/@learningstuff110/reconnaissance-is-the-key-bug-bounty-tip-527f24e56cc5?source=rss------bug_bounty-5Fahad Hasandirectory-enumeration, penetration-testing, bug-bounty, waybackurls, reconnaissance11-Nov-2023
Pentesting: I wanna be a hackerrr…https://areen-agrawal.medium.com/pentesting-i-wanna-be-a-hackerrr-4dcf9379a6fc?source=rss------bug_bounty-5Me, Just a Techie.bug-bounty, computer-security, red-teaming, technology, pentesting11-Nov-2023
Project 2510: Bug Bounty Challenge — Day 6/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-6-25-fe340a54386c?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-hunter, bug-bounty-tips, bug-bounty-hunting11-Nov-2023
Project 2510: Bug Bounty Challenge — Day 5/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-5-25-205300a2a65c?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-hunting, bug-bounty-hunter, bug-bounty-tips10-Nov-2023
Unlocking Cash: Easy P1 Bug in Grafana Dashboard with Default Credentials = €€€€https://infosecwriteups.com/unlocking-cash-easy-p1-bug-in-grafana-dashboard-with-default-credentials-fa36ddf271da?source=rss------bug_bounty-5Pratik Dabhihackerone, bug-bounty, bugcrowd10-Nov-2023
Authentication Vulnerabilities- Lab #3 Password reset broken logichttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-3-password-reset-broken-logic-95bc62a7b92a?source=rss------bug_bounty-5dollarboysushilbug-bounty, cybersecurity, portswigger, web-security, password-reset10-Nov-2023
21.1 Lab: Authentication bypass via OAuth implicit flow | 2023https://cyberw1ng.medium.com/21-1-lab-authentication-bypass-via-oauth-implicit-flow-2023-15f819305f73?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking10-Nov-2023
Authentication Vulnerabilities- Lab #2 2FA simple bypasshttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-2-2fa-simple-bypass-6bd390cf92bc?source=rss------bug_bounty-5dollarboysushilweb-security, cybersecurity, bug-bounty, portswigger, two-factor-authentication10-Nov-2023
Revealing True Industry Potential Through the Ultimate Web3 Security Ecosystem: R.xyzhttps://medium.com/coinmonks/revealing-true-industry-potential-through-the-ultimate-web3-security-ecosystem-r-xyz-007acfd25b62?source=rss------bug_bounty-5Officer's Notesblockchain-security, bug-bounty, web3, smart-contract-security, hacking10-Nov-2023
How I stopped a Wallet Hack and Got Almost Nothing.https://medium.com/@mahitman1/how-i-stopped-a-wallet-hack-and-got-almost-nothing-68babd824854?source=rss------bug_bounty-5Muhammad Abdullahweb3, blockchain, bug-bounty, security10-Nov-2023