Security Cipher

Additional Resources

Compilation of Resources Featuring Daily Bug Bounty Writeups

xss
sql injection
xxe
bug-bounty
recon
wordpress
ai
red-team
ctf
graphql
Lab
TitleLinkAuthorTagsPublication date
Well, now that you’ve put your mind in the right direction and started testing a website, the first…https://medium.com/@shaikhminhaz1975/well-now-that-youve-put-your-mind-in-the-right-direction-and-started-testing-a-website-the-first-c900776d6f89?source=rss------bug_bounty-5Shaikh Minhazbrute-force, bug-bounty, ethical-hacking, cybersecurity, penetration-testing04-Oct-2024
Guarding the Gateway: Understanding and Preventing File Upload Attackshttps://medium.com/@wintersoldiers/guarding-the-gateway-understanding-and-preventing-file-upload-attacks-b116abd5eef0?source=rss------bug_bounty-5Winter_Soldiersfile-upload-vulnerability, web-security, hacking, bug-bounty, rce-vulnerability04-Oct-2024
Directory Brute-Forcing: All Methods You Need to Know — File Extension, Status Filter, and…https://medium.com/@shaikhminhaz1975/well-now-that-youve-put-your-mind-in-the-right-direction-and-started-testing-a-website-the-first-c900776d6f89?source=rss------bug_bounty-5Shaikh Minhazbrute-force, bug-bounty, ethical-hacking, cybersecurity, penetration-testing04-Oct-2024
SQL injection with filter bypass via XML encodinghttps://medium.com/@codingbolt.in/sql-injection-with-filter-bypass-via-xml-encoding-754808d7d29a?source=rss------bug_bounty-5codingboltbug-bounty, sql-injection-attack, sql-injection, bug-bounty-tips, cybersecurity04-Oct-2024
Identifying the LLM Attack Surface: A Beginner’s Guidehttps://medium.com/@360Security/identifying-the-llm-attack-surface-a-beginners-guide-190b6e1c0aba?source=rss------bug_bounty-5Anandllm, bug-bounty, vapt, penetration-testing, cybersecurity04-Oct-2024
GraphQL vs REST: Comparison and exploithttps://medium.com/@kabi_777/graphql-vs-rest-comparison-and-security-insights-f481f3389e43?source=rss------bug_bounty-5Kabi_777bug-bounty, bug-bounty-writeup, bug-bounty-hunter, cybersecurity, bug-bounty-tips04-Oct-2024
Unlocking Cybersecurity: The Power of Bug Bounty Programs in 2024https://medium.com/@eyowas1994/unlocking-cybersecurity-the-power-of-bug-bounty-programs-in-2024-d77d33137e64?source=rss------bug_bounty-5CyberSec Tacticsethical-hacking, bug-bounty, cybersecurity, hacking, web-security04-Oct-2024
From File Upload to Remote Code Execution (RCE)https://medium.com/@lukasz.wierzbicki/from-file-upload-to-remote-code-execution-rce-d8f210b22a8c?source=rss------bug_bounty-5Lukasz Wierzbickisecurity-testing, security-research, bug-bounty, pentesting, pentest04-Oct-2024
Broken Access Control — Unprotected admin functionalityhttps://medium.com/@codingbolt.in/broken-access-control-unprotected-admin-functionality-9905f57fa88a?source=rss------bug_bounty-5codingboltaccess-control, privilege-escalation, cybersecurity, bug-bounty, broken-access-control04-Oct-2024
A Methodology Guide to Bypassing RASP and Root Detection in Mobile Apps with Fridahttps://medium.com/@abhijithknamboothiri96/a-methodology-guide-to-bypassing-rasp-and-root-detection-in-mobile-apps-with-frida-17e4f97b88bc?source=rss------bug_bounty-5Abhijith Namboothirycybersecurity, mobile-pentesting, penetration-testing, bug-bounty, security04-Oct-2024
Understanding Cryptographic Failures: A Key Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-cryptographic-failures-a-key-vulnerability-in-web-security-bb024a4c41ca?source=rss------bug_bounty-5Mrutunjaya Senapatiowasp-top-10, bug-bounty, web-penetration-testing, cyrptography, hacking04-Oct-2024
How to choose the Correct Severity or CVSS Score for a Bug: A Practical Guidehttps://medium.com/@a13h1/how-to-choose-the-correct-severity-or-cvss-score-for-a-bug-a-practical-guide-7a83be0096f3?source=rss------bug_bounty-5Abhi Sharmacybersecurity, bug-bounty, bug-bounty-tips, hacking, infosec04-Oct-2024
Are you ready to take over entire infrastructure?https://medium.com/@alex122303q/are-you-ready-to-take-over-entire-infrastructure-a93d2a0f902c?source=rss------bug_bounty-5Nebtyctf, malicious-document, standoff365, bug-bounty, penetration-testing04-Oct-2024
US Trading Account Fund Exploit: An IDOR Vulnerability Walkthroughhttps://medium.com/@360Security/us-trading-account-fund-exploit-an-idor-vulnerability-walkthrough-a61ba5186874?source=rss------bug_bounty-5360 Securityvapt, web-security, bug-bounty, cybersecurity, penetration-testing04-Oct-2024
Identifying the LLM Attack Surface: A Beginner’s Guidehttps://medium.com/@360Security/identifying-the-llm-attack-surface-a-beginners-guide-190b6e1c0aba?source=rss------bug_bounty-5360 Securityllm, bug-bounty, vapt, penetration-testing, cybersecurity04-Oct-2024
Command Injection: How Exploiting User Input Can Lead to Full System Compromisehttps://systemweakness.com/command-injection-how-exploiting-user-input-can-lead-to-full-system-compromise-6becf5b981a1?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, hacking, technology, bug-bounty04-Oct-2024
one of the best tool for subdomains finding.https://osintteam.blog/one-of-the-best-tool-for-subdomains-finding-0769dff261f4?source=rss------bug_bounty-5loyalonlytodaybug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, hacking04-Oct-2024
easy bug bounty as a beginner part 1https://medium.com/@canonminibeast/easy-bug-bounty-as-a-beginner-part-1-38833747da8d?source=rss------bug_bounty-5Canonminibeasthacking-tools, hacking, web-penetration-testing, bug-bounty, bugbounty-poc04-Oct-2024
Are you ready to take over entire infrastructure?https://medium.com/@nebty/are-you-ready-to-take-over-entire-infrastructure-a93d2a0f902c?source=rss------bug_bounty-5Nebtyctf, malicious-document, standoff365, bug-bounty, penetration-testing04-Oct-2024
Some XSS Situationhttps://medium.com/@haticezkmnl/some-xss-situation-31fa64e113fe?source=rss------bug_bounty-5Hatice Zehra Kamanlıcyber, xss-attack, bug-bounty, exploitation, cybersecurity03-Oct-2024
OTP Bypass Methods | Bug Bountyhttps://medium.com/@arrheniuspaelongan09/otp-bypass-methods-bug-bounty-4a988573c12a?source=rss------bug_bounty-5Qchadprogramming, bug-bounty, penetration-testing, technology, hacking03-Oct-2024
Understanding Broken Access Control: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-broken-access-control-a-critical-vulnerability-in-web-security-6ebd33ad4d35?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, web-penetration-testing, owasp, hacking, broken-access-control03-Oct-2024
Hacker Kali Toolkit Zero-Hero | Primary Hacking School #4https://medium.com/@nnface/hacker-kali-toolkit-zero-hero-primary-hacking-school-4-a489aafb7f75?source=rss------bug_bounty-5NnFacelinux, cybersecurity, hacking, bug-bounty, kali-linux03-Oct-2024
Visible error-based SQL injectionhttps://medium.com/@codingbolt.in/visible-error-based-sql-injection-46b8bafe9059?source=rss------bug_bounty-5codingboltbug-bounty-tips, sql-injection, bug-bounty, sql-injection-attack, cybersecurity03-Oct-2024
Blind SQL injection with conditional errorshttps://medium.com/@codingbolt.in/blind-sql-injection-with-conditional-errors-f7c05ef531ad?source=rss------bug_bounty-5codingboltsql-injection, cybersecurity, sql-injection-attack, bug-bounty-tips, bug-bounty03-Oct-2024
Blind SQL injection with conditional responseshttps://medium.com/@codingbolt.in/blind-sql-injection-with-conditional-responses-7ffa3a1ac84d?source=rss------bug_bounty-5codingboltbug-bounty-tips, sql-injection, bug-bounty, sql-injection-attack, cybersecurity03-Oct-2024
SQL injection UNION attack, retrieving multiple values in a single columnhttps://medium.com/@codingbolt.in/sql-injection-union-attack-retrieving-multiple-values-in-a-single-column-ed5ce734abf2?source=rss------bug_bounty-5codingboltsql-injection-attack, cybersecurity, bug-bounty-tips, bug-bounty, sql-injection03-Oct-2024
SQL injection UNION attack, retrieving data from other tableshttps://medium.com/@codingbolt.in/sql-injection-union-attack-retrieving-data-from-other-tables-11cc211f5ad3?source=rss------bug_bounty-5codingboltsql-injection-attack, sql-injection, bug-bounty, cybersecurity, bug-bounty-tips03-Oct-2024
DNS — Port 53 — Pentestinghttps://medium.com/@verylazytech/dns-port-53-pentesting-7b8ca6307d54?source=rss------bug_bounty-5Very Lazy Techcybersecurity, bug-bounty, hacking, dns-exploit, dns03-Oct-2024
VDP: Broken Session Management Allows Unlimited Free Scans on Pentesting Websitehttps://medium.com/@enigma_/vdp-broken-session-management-allows-unlimited-free-scans-on-pentesting-website-99467dce1d3c?source=rss------bug_bounty-5enigmapenetration-testing, hacking, owasp, bug-bounty, bug-bounty-writeup03-Oct-2024
Subdomain Enumeration & Takeovers 
(Part-2: Active Enumeration)"https://medium.com/@bitthr3at/subdomain-enumeration-takeovers-part-2-active-enumeration-304cb3381813?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)recon, subdomain-enumeration, web, bug-bounty, attack-surface03-Oct-2024
How I hacked RD Sharma’s Publisher Website?https://abhayvis.medium.com/how-i-hacked-rd-sharmas-publisher-website-7a76b3cb12ae?source=rss------bug_bounty-5Abhay Vishwakarmasql-injection, hacking, bug-bounty03-Oct-2024
Blind SQL injection with out-of-band data exfiltrationhttps://medium.com/@codingbolt.in/blind-sql-injection-with-out-of-band-data-exfiltration-0a08129bfad5?source=rss------bug_bounty-5codingboltsql-injection, cybersecurity, bug-bounty-tips, sql-injection-attack, bug-bounty03-Oct-2024
Blind SQL injection with out-of-band interactionhttps://medium.com/@codingbolt.in/blind-sql-injection-with-out-of-band-interaction-e44f6f75bc47?source=rss------bug_bounty-5codingboltbug-bounty-tips, sql-injection-attack, cybersecurity, sql-injection, bug-bounty03-Oct-2024
Blind SQL injection with time delays and information retrievalhttps://medium.com/@codingbolt.in/blind-sql-injection-with-time-delays-and-information-retrieval-fa38f3618a99?source=rss------bug_bounty-5codingboltsql-injection-attack, cybersecurity, sql-injection, bug-bounty, bug-bounty-tips03-Oct-2024
Blind SQL injection with time delayshttps://medium.com/@codingbolt.in/blind-sql-injection-with-time-delays-94cc5d962902?source=rss------bug_bounty-5codingboltcybersecurity, sql-injection-attack, bug-bounty, sql-injection, bug-bounty-tips03-Oct-2024
Pre-Account Takeover via Facebook OAuth Misconfigurationhttps://nyein-chan-aung.medium.com/pre-account-takeover-via-facebook-oauth-misconfiguration-e16b984b7953?source=rss------bug_bounty-5Nyein Chan Aungbug-bounty-tips, takeovers, bug-bounty03-Oct-2024
XML External Entity (XXE) Injection: How Malicious XML Payloads Can Breach Your Applicationhttps://systemweakness.com/xml-external-entity-xxe-injection-how-malicious-xml-payloads-can-breach-your-application-4837f732781e?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, cybersecurity, hacking, bug-bounty, careers03-Oct-2024
How ChatGPT Made Me a Hacker.https://medium.com/@wajeehakhan9797/how-chatgpt-made-me-a-hacker-b89b1cce992b?source=rss------bug_bounty-5Wajeeha Khanlearning, openai, large-language-models, hacking, bug-bounty03-Oct-2024
Critical Vulnerabilities in DrayTek Vigor Routers: Over 700,000 Devices Exposed to Remote Exploits…https://infosecwriteups.com/critical-vulnerabilities-in-draytek-vigor-routers-over-700-000-devices-exposed-to-remote-exploits-2f3f731b50d9?source=rss------bug_bounty-5Ajay Naikcybersecurity, penetration-testing, bug-bounty, rewards, hacking03-Oct-2024
Blind SQL injection with out-of-band data exfiltrationhttps://systemweakness.com/blind-sql-injection-with-out-of-band-data-exfiltration-0a08129bfad5?source=rss------bug_bounty-5codingboltsql-injection, cybersecurity, bug-bounty-tips, sql-injection-attack, bug-bounty03-Oct-2024
Critical Information Disclosure Vulnerability via CNAME (AUTOMATED SCAN)https://offsec01.medium.com/critical-information-disclosure-vulnerability-via-cname-automated-scan-be0f6597ac5e?source=rss------bug_bounty-5Facundo Fernandezbug-bounty, penetration-testing, ethical-hacking, hacking, cybersecurity03-Oct-2024
https://forms.gle/bHE9FbPTuzYzREAz7https://medium.com/@a1il7j99h/https-forms-gle-bhe9fbptuzyzreaz7-5f9f5d561a4b?source=rss------bug_bounty-5Re$@T!l<cyber, bug-bounty, hacker02-Oct-2024
How I Earned $4000+ from a Simple Information Disclosure Bughttps://medium.com/@rajauzairabdullah/how-i-earned-4000-from-a-simple-information-disclosure-bug-d644c47803c1?source=rss------bug_bounty-5Raja Uzair Abdullahinformation-disclosure, bug-bounty-tips, bug-bounty, penetration-testing02-Oct-2024
Seri Belajar APT (Advanced Persistent Threat) Secara Sederhana Pada Target OS Linux — Pengumpulan…https://medium.com/@mrp.bpp/seri-belajar-apt-advanced-persistent-threat-secara-sederhana-pada-target-os-linux-pengumpulan-967c3c2f46cc?source=rss------bug_bounty-5Mada Perdhanahacking, apt, linux-hacking, bug-bounty, ethical-hacking-tips02-Oct-2024
Seri Belajar APT (Advanced Persistent Threat) Secara Sederhana Pada Target OS Linux — Pengumpulan…https://medium.com/@mrp.bpp/seri-belajar-apt-advanced-persistent-threat-secara-sederhana-pada-target-os-linux-pengumpulan-4cbd83db98af?source=rss------bug_bounty-5Mada Perdhanaapt, nmap, hacking, bug-bounty, ethical-hacking-tips02-Oct-2024
How i got my first bounty of $$$https://rivudon.medium.com/how-i-got-my-first-bounty-of-e163f970d1e0?source=rss------bug_bounty-5Rivek Raj Tamang ( RivuDon )infosec, hackerone, bug-bounty-tips, bug-bounty02-Oct-2024
Mastering Code Qualityhttps://python.plainenglish.io/mastering-code-quality-2f595404d547?source=rss------bug_bounty-5rahul bhatiacoverage, python, code-quality, bug-bounty, bug-detection02-Oct-2024
$175 Prototype Pollution Vulnerability — My first bountyhttps://1-day.medium.com/175-prototype-pollution-vulnerability-my-first-bounty-197738a32330?source=rss------bug_bounty-51daywriteup, penetration-testing, bug-bounty, hacking, bug-bounty-writeup02-Oct-2024
Boost Your Code Quality with Python Coveragehttps://python.plainenglish.io/mastering-code-quality-2f595404d547?source=rss------bug_bounty-5rahul bhatiacoverage, python, code-quality, bug-bounty, bug-detection02-Oct-2024
Comment j’ai découvert une vulnérabilité d’Information Disclosure sur un site que j’utilisehttps://medium.com/@Itachi0xf/comment-jai-d%C3%A9couvert-une-vuln%C3%A9rabilit%C3%A9-d-information-disclosure-sur-un-site-que-j-utilise-3a9fed9daa02?source=rss------bug_bounty-5Itachix0finformation-disclosure, hacking, apihacking, bug-bounty02-Oct-2024
How to Find Bugs and Vulnerabilities Using ChatGPT: Guaranteed Resultshttps://bevijaygupta.medium.com/how-to-find-bugs-and-vulnerabilities-using-chatgpt-guaranteed-results-288ff81dfe40?source=rss------bug_bounty-5Vijay Guptabugs, bug-bounty, vulnerability, bug-bounty-tips, chatgpt02-Oct-2024
SQL injection attack, listing the database contents on non-Oracle databaseshttps://medium.com/@codingbolt.in/sql-injection-attack-listing-the-database-contents-on-non-oracle-databases-718de8ba755a?source=rss------bug_bounty-5codingboltbugs, bug-bounty, cybersecurity, sql-injection, bug-bounty-tips02-Oct-2024
SQL injection UNION attack, determining the number of columns returned by the queryhttps://medium.com/@codingbolt.in/sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-f04154bd5b3c?source=rss------bug_bounty-5codingboltsql-injection-attack, sql-injection, bug-bounty, bug-bounty-tips, cybersecurity02-Oct-2024
Exfiltration of Data from a Standalone PChttps://roadtooscp.medium.com/exfiltration-of-data-from-a-standalone-pc-00a538f0f773?source=rss------bug_bounty-5RoadToOSCPbug-bounty, hacking, red-teaming, malware, data-security02-Oct-2024
Découverte d’une vulnérabilité XSS avec contournement de la CSP via unpkg.comhttps://medium.com/@Itachi0xf/d%C3%A9couverte-dune-vuln%C3%A9rabilit%C3%A9-xss-avec-contournement-de-la-csp-via-unpkg-com-02437e0eac34?source=rss------bug_bounty-5Itachix0fhacking, xss-attack, csp-bypass, bug-bounty, xss-bypass02-Oct-2024
“A Vulnerability, A Treasure: Go on a Fun Treasure Hunt with OWASP Top 10!”https://medium.com/@rootspaghetti/a-vulnerability-a-treasure-go-on-a-fun-treasure-hunt-with-owasp-top-10-d9fe21911856?source=rss------bug_bounty-5Root@Spaghettihacking, bug-bounty, bug-bounty-tips02-Oct-2024
SQL injection attack, listing the database contents on Oraclehttps://medium.com/@codingbolt.in/sql-injection-attack-listing-the-database-contents-on-oracle-ceb843466f32?source=rss------bug_bounty-5codingboltsql-injection, bug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty02-Oct-2024
Exploiting Blind XSS to Access Admin Dashboard for Bounty Rewardshttps://medium.com/@arrheniuspaelongan09/exploiting-blind-xss-to-access-admin-dashboard-for-bounty-rewards-fcdd54ddea7c?source=rss------bug_bounty-5Qchadtechnology, hacking, bug-bounty, penetration-testing, hacker02-Oct-2024
Which path to choose in cybersecurity?https://medium.com/@mr_prey3r/which-path-to-choose-in-cybersecurity-ca048e621ba0?source=rss------bug_bounty-5Rubayet Hasan aka MR_Prey3rcybersecurity, hacking, bug-bounty, ethical-hacking02-Oct-2024
OWASP Top 10: 2021 vs. 2017 — A Comparative Analysishttps://medium.com/@mrutunjayasenapati0/owasp-top-10-2021-vs-2017-a-comparative-analysis-70990e5570f8?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, bugs, vulnerability, owasp, hacking02-Oct-2024
Deep Dive in Reconnaissancehttps://medium.com/@bitthr3at/deep-dive-in-reconnaissance-a1e88cfdebf5?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)recon, subdomains-enumeration, bug-bounty, web, attack-surface02-Oct-2024
Bug Bounty Proqramlarına Giriş: Zəifliklərin Aşkar Edilməsi və Etik Hakerlik (Bölüm 1)https://zeynalxan.medium.com/bug-bounty-proqramlar%C4%B1na-giri%C5%9F-z%C9%99iflikl%C9%99rin-a%C5%9Fkar-edilm%C9%99si-v%C9%99-etik-hakerlik-b%C3%B6l%C3%BCm-1-8caa7eb90dd8?source=rss------bug_bounty-5Zeynalxan Quliyevetik-xaker, bug-bounty, whitehat, bug-bounty-nədir, hakerlik2-Oct-2024
A Comprehensive Bug Bounty Checklist for Beginners.https://medium.com/@anandrishav2228/a-comprehensive-bug-bounty-checklist-for-beginners-f96ba591cf3d?source=rss------bug_bounty-5Rishav anandcomputer-science, security, cybersecurity, engineering, bug-bounty2-Oct-2024
Cross-Origin Resource Sharing (CORS) Misconfiguration: How Attackers Exploit Weak Policies to Steal…https://cyberw1ng.medium.com/cross-origin-resource-sharing-cors-misconfiguration-how-attackers-exploit-weak-policies-to-steal-5902af92d71f?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, technology, bug-bounty, cybersecurity2-Oct-2024
SQL injection UNION attack, finding a column containing texthttps://medium.com/@codingbolt.in/sql-injection-union-attack-finding-a-column-containing-text-09d913162e0f?source=rss------bug_bounty-5codingboltsql-injection, sql-injection-attack, bug-bounty, cybersecurity, bug-bounty-tips2-Oct-2024
Reverse Shells: A Practical Guidehttps://medium.com/@learntheshell/reverse-shells-a-practical-guide-af1815bc3127?source=rss------bug_bounty-5LearnTheShellbug-bounty, bug-bounty-tips, reverse-shell, cybersecurity, pentesting02-Oct-2024
Secrets Manager exposed (HasiCorp Vault)https://medium.com/@manumanram2/secrets-manager-exposed-hasicorp-vault-7075539a9e1e?source=rss------bug_bounty-5SrPatoManinformation-disclosure, hacking, bug-bounty02-Oct-2024
Cross-Origin Resource Sharing (CORS) Misconfiguration: How Attackers Exploit Weak Policies to Steal…https://systemweakness.com/cross-origin-resource-sharing-cors-misconfiguration-how-attackers-exploit-weak-policies-to-steal-5902af92d71f?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, technology, bug-bounty, cybersecurity02-Oct-2024
Utilizing AI Model for Hacking: Bypassing CAPTCHAs using AI leads to Account Takeover | Bug Bountyhttps://ph-hitachi.medium.com/utilizing-ai-model-for-hacking-bypassing-captchas-using-ai-leads-to-account-takeover-bug-bounty-028804b779a0?source=rss------bug_bounty-5Ph.Hitachivulnerability, bug-bounty, captcha, security, ai01-Oct-2024
Chaining Application-Level DoS with CSRF: A Sneaky Exploit to Block User Loginshttps://medium.com/@dsmodi484/chaining-application-level-dos-with-csrf-a-sneaky-exploit-to-block-user-logins-4caaac781883?source=rss------bug_bounty-5Dishant Modihackerone, bug-bounty, csrf, python, vulnerability01-Oct-2024
Top 10 Documentation Every Hacker Should Knowhttps://medium.com/@RaunakGupta1922/top-10-documentation-every-hacker-should-know-f28e73f7c207?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitethical-hacking, cybersecurity, bug-bounty, programming, infosec01-Oct-2024
Mastering XSS (Cross-Site Scripting) Attacks: A Comprehensive Guide to become Professional Bug…https://medium.com/@kumawatabhijeet2002/mastering-xss-cross-site-scripting-attacks-a-comprehensive-guide-to-become-professional-bug-6251058c576e?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, xss-vulnerability, bug-bounty-tips, dom-based-xss, xss-attack01-Oct-2024
Don’t Miss Out! The Best Platforms to Report Vulnerabilities and Earn Big!https://medium.com/@paritoshblogs/dont-miss-out-the-best-platforms-to-report-vulnerabilities-and-earn-big-787bbb03607a?source=rss------bug_bounty-5Paritoshhow-to, vulnerability, hacking, bug-bounty, cybersecurity01-Oct-2024
Why can’t Bug Bounty Hunter find a bug?https://m0hitrawat.medium.com/why-cant-bug-bounty-hunter-find-a-bug-b5c9bc72a30d?source=rss------bug_bounty-5Mohit Rawatpentesting-checklist, bug-bounty, bug-bounty-writeup, pentesting-guide, bug-bounty-tips01-Oct-2024
Android Application Pentesting Part 2 ‍ | Android Platform Architecturehttps://dkcyberz.medium.com/android-application-pentesting-part-2-android-platform-architecture-0db5e27f209a?source=rss------bug_bounty-5Harpy Hunterandroid-pentesting, bug-bounty, bugbounty-writeup, pentesting, ethical-hacking01-Oct-2024
Understanding the OWASP Top 10: Your Guide to Web Application Securityhttps://medium.com/@mrutunjayasenapati0/understanding-the-owasp-top-10-your-guide-to-web-application-security-fab59537db8b?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, bug-bounty, owasp-top-10, hunting, bounty-program01-Oct-2024
Why Web3Projects Should Start with Smaller Bug Bountieshttps://medium.com/@rangashree.rangaraja/why-web3projects-should-start-with-smaller-bug-bounties-a391777bc559?source=rss------bug_bounty-5Rangashree Rangarajabug-bounty, web3-security, web3, blockchain, blockchain-technology01-Oct-2024
Exploiting the Unprotected: How I Gained Unauthorized Access to Redishttps://medium.com/@impratikdabhi/exploiting-the-unprotected-how-i-gained-unauthorized-access-to-redis-5070eea7da35?source=rss------bug_bounty-5Pratik Dabhihacking, hacking-tools, bugcrowd, hackerone, bug-bounty01-Oct-2024
Taming Post Clapshttps://medium.engineering/taming-post-claps-273d97ce1ced?source=rss------bug_bounty-5Ryan Lattanzidynamodb, software-development, programming, bug-bounty01-Oct-2024
4 Burpsuite Intruder Attack Types You Should Know —Bug Tuesdayhttps://medium.com/@kerstan/4-burpsuite-intruder-attack-types-you-should-know-bug-tuesday-5c7a0900cb56?source=rss------bug_bounty-5kerstanbug-bounty, hacking, cybersecurity01-Oct-2024
Escalating stored XSS to Account Takeoverhttps://nyein-chan-aung.medium.com/escalating-stored-xss-to-account-takeover-28c549cd5f6b?source=rss------bug_bounty-5Nyein Chan Aungbug-bounty, bug-bounty-writeup, bug-bounty-tips01-Oct-2024
Unauthenticated PHP Object Injection in GiveWP Plugin for WordPresshttps://infosecwriteups.com/unauthenticated-php-object-injection-in-givewp-plugin-for-wordpress-5fffa8df79c8?source=rss------bug_bounty-5Ajay Naikrewards, hacking, bug-bounty, vulnerability, cybersecurity01-Oct-2024
File Upload (RCE) to Bounty | HackerOnehttps://starlox.medium.com/file-upload-rce-to-bounty-hackerone-928e8e5b375e?source=rss------bug_bounty-5#$ubh@nk@rinfosec, hacking, pentesting, bug-bounty, cybersecurity01-Oct-2024
Sneaking into your documents: How I hacked DigiLocker?https://medium.com/codechef-vit/sneaking-into-your-documents-how-i-hacked-digilocker-ae6dc44267fb?source=rss------bug_bounty-5Prateek Srivastavabug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, penetration-testing01-Oct-2024
Cross-Site Request Forgery (CSRF): How Attackers Exploit Trust to Hijack User Actionshttps://systemweakness.com/cross-site-request-forgery-csrf-how-attackers-exploit-trust-to-hijack-user-actions-94d29d787e47?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, bug-bounty, technology, hacking01-Oct-2024
How I Manipulated A User’s Email: A CSRF PoC Walkthrough from TCM Academyhttps://medium.com/@trixiahorner/csrf-walkthrough-5876cdf437ea?source=rss------bug_bounty-5Trixia Hornercybersecurity, hacking, bug-bounty, vulnerability, website01-Oct-2024
Nmap: A Comprehensive Guide for Web Application Bug Huntinghttps://medium.com/@anandrishav2228/nmap-a-comprehensive-guide-for-web-application-bug-hunting-d8c2a0ef360a?source=rss------bug_bounty-5Rishav anandcybersecurity, nmap, bug-bounty, engineering, hacking01-Oct-2024
Bug in a Mailing List Exposed Hundreds of American Universities: How I Found and Exploited the…https://medium.com/@sarvagnpathak/bug-in-a-mailing-list-exposed-hundreds-of-american-universities-how-i-found-and-exploited-the-cf5df54baf37?source=rss------bug_bounty-5Sarvagn Pathakcybersecurity, bug-bounty, awareness, hacking01-Oct-2024
AllSafe Challengeshttps://medium.com/@soliman_almansor/all-safe-challenges-599a09cce447?source=rss------bug_bounty-5Soliman Almansorhacking, bug-bounty, information-security, android-pentesting, infosec01-Oct-2024
Excited to announce our Industrial Security Training Program at @security_lit!https://securitylit.medium.com/excited-to-announce-our-industrial-security-training-program-at-security-lit-82a21753634e?source=rss------bug_bounty-5Security Lit Limitedit-security, cybersecurity, penetration-testing, bug-bounty, traning01-Oct-2024
Open Redirect Bug | wedohackshttps://wedohack.medium.com/open-redirect-bug-wedohacks-26012e51d50c?source=rss------bug_bounty-5WE DO HACKSopen-redirect, bug-bounty, bugs, bug-hunting, hacking01-Oct-2024
CORS Vulnerability with Trusted Insecure Protocolshttps://medium.com/@rcxsecurity/cors-vulnerability-with-trusted-insecure-protocols-09df3304e3d8?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafebug-bounty, information-security, penetration-testing, cybersecurity, hacking01-Oct-2024
Remote code Executionhttps://medium.com/@roshiniyathakula/remote-code-execution-9b2e9f26963d?source=rss------bug_bounty-5Roshiniyathakularce-vulnerability, penetration-testing, bug-bounty, reverse-shell, hacking30-Sep-2024
Uncovering Hidden Subdomains with Favicons: Advanced Enumeration Techniqueshttps://systemweakness.com/uncovering-hidden-subdomains-with-favicons-advanced-enumeration-techniques-e92cb30cbcc3?source=rss------bug_bounty-5Khaleel Khanbug-bounty-tips, hacking, cybersecurity, infosec, bug-bounty30-Sep-2024
Discovering Facebook OAuth Misconfigurations: A Journey into Pre-Account Takeoverhttps://medium.com/@cybershree/discovering-facebook-oauth-misconfigurations-a-journey-into-pre-account-takeover-92a38254cbec?source=rss------bug_bounty-5cybershreebug-bounty, bug-bounty-tips, writing, cybersecurity, bugcrowd30-Sep-2024
Android Application Penetration Testing Part 1 ‍ | Introductionhttps://dkcyberz.medium.com/android-application-penetration-testing-part-1-introduction-738351fe8806?source=rss------bug_bounty-5Harpy Hunterbug-bounty, pentesting, mobile-pentesting, android-pentesting, bugbounty-writeup30-Sep-2024
How to use AI for Bug Bounty in 2024https://medium.com/@anandrishav2228/how-to-use-ai-for-bug-bounty-in-2024-39ef4d2a518a?source=rss------bug_bounty-5Rishav anandai, networking, security, cybersecurity, bug-bounty30-Sep-2024
SQL Injection vulnerability in CRMEB v.5.2.2 — $$$$ Bountyhttps://osintteam.blog/sql-injection-vulnerability-in-crmeb-v-5-2-2-bounty-7bc056a19cce?source=rss------bug_bounty-5Ajay Naikvulnerability, sql, rewards, bug-bounty, sql-injection30-Sep-2024
Easy P2 — Pre account takeover via Facebook OAuth misconfigurationhttps://sudosuraj.medium.com/easy-p2-pre-account-takeover-via-facebook-oauth-misconfiguration-23c681ba8f07?source=rss------bug_bounty-5sudosurajcybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup, penetration-testing30-Sep-2024
SQL Injection Vulnerability on Login Page Allows Unauthorized Database Dumphttps://medium.com/@harshitha431/sql-injection-sqli-9675e21cc54a?source=rss------bug_bounty-5Harshithabug-bounty, vulnerability, hacking, penetration-testing, sql-injection30-Sep-2024
Prototype Pollution: How a JavaScript Quirk Can Lead to Complete Application Takeoverhttps://cyberw1ng.medium.com/prototype-pollution-how-a-javascript-quirk-can-lead-to-complete-application-takeover-9adb5e4f6b6b?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, hacking, cybersecurity, technology30-Sep-2024
CVE-2024–23897 — Jenkins File Read Vulnerability — POChttps://medium.com/@verylazytech/cve-2024-23897-jenkins-file-read-vulnerability-poc-6a1dfdbfd6f2?source=rss------bug_bounty-5Very Lazy Techcve-2024-23897, jenkins, cybersecurity, bug-bounty, pentesting30-Sep-2024
XSS + OAuth Misconfigs = Token Theft and ATOhttps://7odamoo.medium.com/xss-oauth-misconfigs-token-theft-and-ato-d0837c44cd31?source=rss------bug_bounty-5Mahmoud Hamedpenetration-testing, bug-bounty, cybersecurity30-Sep-2024
How to Use Medusa for Fast, Multi-Protocol Brute-Force Attackshttps://medium.com/@stealthsecurity/how-to-use-medusa-for-fast-multi-protocol-brute-force-attacks-0627997c5686?source=rss------bug_bounty-5Stealth Securityethical-hacking, penetration-testing, cybersecurity, bug-bounty, hacking30-Sep-2024
Prototype Pollution: How a JavaScript Quirk Can Lead to Complete Application Takeoverhttps://infosecwriteups.com/prototype-pollution-how-a-javascript-quirk-can-lead-to-complete-application-takeover-9adb5e4f6b6b?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, hacking, cybersecurity, technology30-Sep-2024
OWASP juice shop -How I get account takeover from XSShttps://medium.com/@abdo-eg/owasp-juice-shop-how-i-get-account-takeover-from-xss-ae3cfc978381?source=rss------bug_bounty-5Abdullah Ahmedxss-attack, owasp, hashing, bug-bounty, ato29-Sep-2024
Hacking with Linux: Your Ultimate Guide to Cyber Security Masteryhttps://medium.com/@RaunakGupta1922/hacking-with-linux-your-ultimate-guide-to-cyber-security-mastery-e8f8bb38510c?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitcybersecurity, linux, ethical-hacking, bug-bounty, hacking29-Sep-2024
OWASP juice-shop login as an admin using SQLi and OSINThttps://medium.com/@abdo-eg/owasp-juice-shop-login-as-an-admin-using-sqli-and-osint-90c4abc4322b?source=rss------bug_bounty-5Abdullah Ahmedweb-security, ethical-hacking, owasp, bug-bounty, penetration-testing29-Sep-2024
H7CTF — WEB CHALLENGEShttps://medium.com/@josangeorge27/h7ctf-web-challenges-db1883775dfd?source=rss------bug_bounty-5Josan Georgectf, ctf-walkthrough, cybersecurity, bug-bounty, web-application-security29-Sep-2024
Essential Port Scanning Skills for Bug Bounty Huntershttps://bevijaygupta.medium.com/essential-port-scanning-skills-for-bug-bounty-hunters-f0e09f3612ce?source=rss------bug_bounty-5Vijay Guptabug-bounty, port-scanning, bug-zero, bugs, bug-bounty-tips29-Sep-2024
Bypassing Filters: SSRF Exploitation via DNS Rebinding with Just 1 in 30 Successful Requestshttps://mokhansec.medium.com/bypassing-filters-ssrf-exploitation-via-dns-rebinding-with-just-1-in-30-successful-requests-2fdc3a9cfd7d?source=rss------bug_bounty-5Mohsin khanbug-bounty-writeup, bug-bounty-tips, bug-bounty, ssrf, bugs29-Sep-2024
Privacy concern bughttps://osintteam.blog/privacy-concern-bug-72b30aead215?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, tips, bug-bounty, cybersecurity, hacking29-Sep-2024
How to Find Bugs and Vulnerabilities Using ChatGPT: Guaranteed Resultshttps://medium.com/@shaikhminhaz1975/how-to-find-bugs-and-vulnerabilities-using-chatgpt-guaranteed-results-3b630fae4691?source=rss------bug_bounty-5Shaikh Minhazbug-bounty, chatgpt, penetration-testing, cybersecurity, how-to29-Sep-2024
Find Vulnerabilities With This Single Nmap Commandhttps://medium.com/@josuofficial327/find-vulnerabilities-with-this-single-nmap-command-a4476c16c82c?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuethical-hacking, cybersecurity, vulnerability, bug-bounty-tips, bug-bounty29-Sep-2024
Performing a Dependency Confusion Attack with Remote Code Execution (RCE): A Step-by-Step Guidehttps://medium.com/@360Security/performing-a-dependency-confusion-attack-with-remote-code-execution-rce-a-step-by-step-guide-8d6055aa53e4?source=rss------bug_bounty-5Anandvapt, cybersecurity, sdlc, rce, bug-bounty29-Sep-2024
Critical bug in MediaTek Chips:CVE-2024–20017https://medium.com/@dudleydaniel.raj2005/critical-bug-in-mediatek-chips-cve-2024-20017-6e955ad56923?source=rss------bug_bounty-5Hydra_101mediatek, chips, cybersecurity, bug-bounty, wifi29-Sep-2024
Mastering Advanced Google Dorks for Ethical Hacking and Vulnerability Discoveryhttps://osintteam.blog/mastering-advanced-google-dorks-for-ethical-hacking-and-vulnerability-discovery-6d9e3dde0433?source=rss------bug_bounty-5Ajay Naikbug-bounty, cybersecurity, rewards, medium, google-dork29-Sep-2024
SMTP/s — Port 25,465,587 For pentestershttps://medium.com/@verylazytech/smtp-s-port-25-465-587-3e5706e081e9?source=rss------bug_bounty-5Very Lazy Techbug-bounty, cybersecurity, smtp, penetration-testing, hacking29-Sep-2024
how i found union based sql injection in hackerone public vdp program?https://doordiefordream.medium.com/how-i-found-union-based-sql-injection-in-hackerone-public-vdp-program-7c76d61f6c77?source=rss------bug_bounty-5cybersecurity researcherethical-hacking, cyber-security-awareness, bug-bounty-writeup, bug-bounty, cybersecurity29-Sep-2024
KidRecon: The Ultimate Automated Subdomain Reconnaissance Tool for Ethical Hackershttps://angixblack.medium.com/kidrecon-the-ultimate-automated-subdomain-reconnaissance-tool-for-ethical-hackers-afb8ed8ea883?source=rss------bug_bounty-5Angix blackinfosec, bug-bounty, recon, automation, bug-bounty-tips29-Sep-2024
Server-Side Request Forgery (SSRF): How Attackers Can Exploit Internal Networkshttps://systemweakness.com/server-side-request-forgery-ssrf-how-attackers-can-exploit-internal-networks-417ed78ae69b?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, technology, cybersecurity29-Sep-2024
Best Bug Bounty and VA/PT Tools in 2024: Use Cases & Commandshttps://medium.com/@anandrishav2228/best-bug-bounty-and-va-pt-tools-in-2024-use-cases-commands-42986d594190?source=rss------bug_bounty-5Rishav anandcybersecurity, bug-bounty, company, pentesting, computer-science29-Sep-2024
Why is Bug Triage Important in Software Testing?https://medium.com/@divyarajsinhdev/why-is-bug-triage-important-in-software-testing-678decfb727f?source=rss------bug_bounty-5Divyarajsinh Dodiaautomation, qa, bug-bounty, testing29-Sep-2024
Understanding Bug Triage: A Crucial Process for Efficient Software Testinghttps://medium.com/@divyarajsinhdev/understanding-bug-triage-a-crucial-process-for-efficient-software-testing-790b9b353177?source=rss------bug_bounty-5Divyarajsinh Dodiatest, qa, automation, bug-bounty, testing29-Sep-2024
DVWA : Cross Site Scripting (XSS) Vulnerability Solution (Low Security Level)https://medium.com/@Kamal_S/dvwa-cross-site-scripting-xss-vulnerability-solution-low-security-level-452396997b5a?source=rss------bug_bounty-5Kamal Ssecurity-testing, xs, bug-bounty, dvwa, owasp29-Sep-2024
Mac Spoofinghttps://bob218.medium.com/mac-spoofing-ad0b180f3fad?source=rss------bug_bounty-5bob218cybersecurity, network-security, cyberattack, osint, bug-bounty29-Sep-2024
Life Sucks P-1https://medium.com/@janpreet9697/life-sucks-p-1-182d702bab02?source=rss------bug_bounty-5Janpreetcybersecurity, life, engineering, bug-bounty, motivation29-Sep-2024
How Bug Bounty Programs can enable widespread fraudhttps://medium.com/@hacktheplanet/how-bug-bounty-programs-can-enable-widespread-fraud-b027f36a49ef?source=rss------bug_bounty-5SirHaxAlotbug-bounty, hacking, fraud, cybersecurity28-Sep-2024
Stories of a sporadic bug bounty hunterhttps://jayaye15.medium.com/stories-of-a-sporadic-bug-bounty-hunter-a09cd32cf0a2?source=rss------bug_bounty-5jb00giecybersecurity, sql-injection, bug-bounty28-Sep-2024
My First Bounty Report Experiencehttps://medium.com/@sreedeepcs.gurukripa/my-first-bounty-report-experience-71095e5c34cd?source=rss------bug_bounty-5ambuheckerbug-bounty, cybersecurity, bug-hunting, hacking28-Sep-2024
Account Takeover and DoS: Weaponizing Enumeration, IDOR, and Registration Floodinghttps://medium.com/@tusharpuri6/account-takeover-and-dos-weaponizing-enumeration-idor-and-registration-flooding-4b88fce20f4b?source=rss------bug_bounty-5Tusharpuripenetration-testing, bug-bounty, offensive-security, application-security, infosec28-Sep-2024
Exploiting a Logic Bug in Discounts Code Generationhttps://medium.com/@sam_0x0/exploiting-a-logic-bug-in-discount-code-generation-a7f624bb396f?source=rss------bug_bounty-5Eslam Omarbug-bounty, logic-bug, hackerone, bug-bounty-tips, bug-bounty-writeup28-Sep-2024
Exploring the Role of Port Scanning in Bug Bounty Huntinghttps://bevijaygupta.medium.com/exploring-the-role-of-port-scanning-in-bug-bounty-hunting-a365e9006b6e?source=rss------bug_bounty-5Vijay Guptaport-scanning, bug-bounty-hunter, scanning, bug-bounty, bugs28-Sep-2024
Essential Tools for Bug Bounty Huntershttps://medium.com/@jatniwalafizza786/essential-tools-for-bug-bounty-hunters-3c2788cf64ae?source=rss------bug_bounty-5Jatniwalafizzacybersecurity, cybersecurity-course, bug-bounty-courses, bug-bounty28-Sep-2024
500$ Email Verification Token Leaks in Requesthttps://medium.com/@0xchoudhary/500-email-verification-token-leaks-in-request-4f0b5ff4b121?source=rss------bug_bounty-5Sushil Choudharyhackerone, bug-bounty, hacking, bounty-program, bugbounty-writeup28-Sep-2024
Top 20 Must-Have Hacking Gadgets for Cybersecurity Professionalshttps://medium.com/@ajaynaikhack/top-20-must-have-hacking-gadgets-for-cybersecurity-professionals-bec4dfe896cf?source=rss------bug_bounty-5Ajay Naikcybersecurity, bug-bounty, gadgets, hacking, information-security28-Sep-2024
Security Misconfiguration: Identifying and Preventing This Common Vulnerabilityhttps://medium.com/@mrutunjayasenapati0/security-misconfiguration-identifying-and-preventing-this-common-vulnerability-14ab1c4989ac?source=rss------bug_bounty-5Mrutunjaya Senapativulnerability, hacking, security-misconfiguration, bug-bounty, penetration-testing28-Sep-2024
Insecure Direct Object References (IDOR): Understanding and Preventing This Vulnerabilityhttps://medium.com/@mrutunjayasenapati0/insecure-direct-object-references-idor-understanding-and-preventing-this-vulnerability-4c8e831f17b4?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, idor, idor-vulnerability, vulnerability, hacking28-Sep-2024
Exploiting a Logic Bug in Discount Codes Generationhttps://medium.com/@sam_0x0/exploiting-a-logic-bug-in-discount-code-generation-a7f624bb396f?source=rss------bug_bounty-5Eslam Omarbug-bounty, logic-bug, hackerone, bug-bounty-tips, bug-bounty-writeup28-Sep-2024
Why Go is the Perfect Choice for CLIshttps://medium.com/@rezauditore/why-go-is-the-perfect-choice-for-clis-477281989ace?source=rss------bug_bounty-5rezauditorepeace, lgbtq, golang, bug-bounty, programming28-Sep-2024
Exposed private key leads to Google cloud service account takeover — Privilege Escalationhttps://vettrivel007.medium.com/exposed-private-key-leads-to-google-cloud-service-account-takeover-privilege-escalation-6f031e20c819?source=rss------bug_bounty-5VETTRIVELbug-bounty-tips, bounty-program, pentesting, bug-bounty, cybersecurity28-Sep-2024
Broken Authentication: A Common Vulnerability Exposing User Accountshttps://cyberw1ng.medium.com/broken-authentication-a-common-vulnerability-exposing-user-accounts-2b48b6f9b644?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, technology28-Sep-2024
Nuclei ile Zafiyet Tespitihttps://medium.com/@alperenkeskk/nuclei-ile-zafiyet-tespiti-ec94aa180aab?source=rss------bug_bounty-5Alperen Keskincyber-security-awareness, bug-bounty-tips, security, tools, bug-bounty28-Sep-2024
HackTheBox Broken Authentication (Skills Assessment)https://medium.com/@N0UR0X01/hackthebox-broken-authentication-skills-assessment-c43feaab1a52?source=rss------bug_bounty-5N0UR0x01htb-writeup, htb-academy, bug-bounty, htb-academy-writeup, broken-authentication28-Sep-2024
How to google dork effectively for private and other bug bounty programshttps://medium.com/@malikirtizameg/how-to-google-dork-effectively-for-private-and-other-bug-bounty-program-d54f9e7b4d57?source=rss------bug_bounty-5bug bountypenetration-testing, python, bug-bounty, cybersecurity, hacking28-Sep-2024
Full Account Takeover via Facebook OAuth Misconfigurationhttps://medium.com/@0x_xnum/full-account-takeover-via-facebook-oauth-misconfiguration-9e30fe1c1da1?source=rss------bug_bounty-5Ahmed Tarekbug-bounty, oauth, bugbounty-writeup, bugcrowd, account-takeover28-Sep-2024
SQL injection attack, querying the database type and version on MySQL and Microsofthttps://medium.com/@codingbolt.in/sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft-162715c6cd0e?source=rss------bug_bounty-5codingboltsql-injection-attack, sql-injection, bug-bounty-writeup, bug-bounty, bug-bounty-tips28-Sep-2024
SQL injection attack, querying the database type and version on Oraclehttps://medium.com/@codingbolt.in/sql-injection-attack-querying-the-database-type-and-version-on-oracle-f78a035c654d?source=rss------bug_bounty-5codingboltbug-bounty-tips, sql-injection, bug-bounty-writeup, bug-bounty, sql-injection-attack28-Sep-2024
ORM HQL Injectionhttps://medium.com/@oscuridad1010/orm-hql-injection-e072207e8942?source=rss------bug_bounty-5Gamiel Manbiotaninfosec, hackerone, bugcrowd, developer, bug-bounty28-Sep-2024
How to use built with for bugbountyhttps://osintteam.blog/how-to-use-built-with-for-bugbounty-9f58ba501f5a?source=rss------bug_bounty-5loyalonlytodayhacking, bug-bounty-tips, cybersecurity, bug-bounty, recon28-Sep-2024
P4 bug’s and their POC steps | Part 5https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-5-242eddd02fd0?source=rss------bug_bounty-5socalledhackerinfosec, hacking, bug-bounty, web-security, bug-bounty-tips28-Sep-2024
Level Up your Bug Bounty Game — to P1s and P2s Series : PART 1https://medium.com/@nireshpandian19/level-up-your-bug-bounty-game-to-p1s-and-p2s-series-part-1-edaa702c8499?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty-writeup, bug-bounty, cybersecurity, ethical-hacking, bug-hunting27-Sep-2024
Web App Hacking Tips & Trick—Celah File Upload — Bagian 1https://medium.com/@mrp.bpp/web-app-hacking-tips-trick-celah-file-upload-bagian-1-1df16a844279?source=rss------bug_bounty-5Mada Perdhanafile-upload-vulnerability, hacking, bug-bounty-tips, bug-bounty, web-hacking27-Sep-2024
Sedikit Tips & Trick Saat Testing API — Bagian 2https://medium.com/@mrp.bpp/sedikit-tips-trick-saat-testing-api-bagian-2-a548a85bcea6?source=rss------bug_bounty-5Mada Perdhanaweb-hacking, api-hacing, bug-bounty, bug-hunting, bug-bounty-tips27-Sep-2024
Sedikit Tips & Trick Saat Testing API — Bagian 1https://medium.com/@mrp.bpp/sedikit-tips-trick-saat-testing-api-bagian-1-3983017fec4d?source=rss------bug_bounty-5Mada Perdhanahacking-apis, web-hacking, bug-bounty, bug-bounty-tips, bug-hunting27-Sep-2024
Deep Dive in Reconnaissance (Chapter 1 [part-2] — Root Domain Enumeration)https://medium.com/@bitthr3at/deep-dive-in-reconnaissance-chapter-1-part-2-root-domain-enumeration-87765a50d125?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)appsec, recon, osint, attack-surface-discovery, bug-bounty27-Sep-2024
How to Become a Bug Bounty Hunter: A Complete Guide for Beginnershttps://medium.com/@anandrishav2228/how-to-become-a-bug-bounty-hunter-a-complete-guide-for-beginners-316c27bb2c8c?source=rss------bug_bounty-5Rishav anandbug-bounty, hackerspaces, hacking, website, cybersecurity27-Sep-2024
SQL injection vulnerability allowing login bypasshttps://medium.com/@codingbolt.in/sql-injection-vulnerability-allowing-login-bypass-7f1de7d77a6a?source=rss------bug_bounty-5codingboltbug-bounty, sql-injection, bug-bounty-tips, bug-bounty-writeup, cybersecurity27-Sep-2024
SQL injection vulnerability in WHERE clause allowing retrieval of hidden datahttps://medium.com/@codingbolt.in/sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-8ea2be5f13df?source=rss------bug_bounty-5codingboltbug-bounty-tips, bug-bounty-writeup, sql-injection, bugs, bug-bounty27-Sep-2024
NMAP Usagehttps://medium.com/@mohanmecktro/nmap-usage-780a7f4ccdcc?source=rss------bug_bounty-5Mohan Mecktrohacking-tools, nmap, bug-bounty, penetration-testing, kali27-Sep-2024
Web App Hacking Tips & Trick — Celah File Upload — Bagian 2https://medium.com/@mrp.bpp/web-app-hacking-tips-trick-celah-file-upload-bagian-2-fdc536d3045e?source=rss------bug_bounty-5Mada Perdhanafile-upload-vulnerability, bug-bounty, web-hacking, bug-bounty-tips, hacking27-Sep-2024
Cross-Site Request Forgery (CSRF): Understanding the Threat and How to Mitigate Ithttps://medium.com/@mrutunjayasenapati0/cross-site-request-forgery-csrf-understanding-the-threat-and-how-to-mitigate-it-fb5db007f13b?source=rss------bug_bounty-5Mrutunjaya Senapatihunting, hacking, vulnerability, csrf, bug-bounty27-Sep-2024
5 Key Factors to Help You Choose the Best Bug Bounty Program on HackerOnehttps://medium.com/@blackarazi/5-key-factors-to-help-you-choose-the-best-bug-bounty-program-on-hackerone-b27bb2159d07?source=rss------bug_bounty-5Azhari Harahapbug-bounty-tips, hackerone, bug-bounty-program, bug-bounty27-Sep-2024
I Spent a Month on a Private Program and Earned $$$$$https://mokhansec.medium.com/i-spent-a-month-on-a-private-program-and-earned-c57b4c3d7dba?source=rss------bug_bounty-5Mohsin khanbug-bounty-tips, bugs, bug-bounty27-Sep-2024
What is Bug Bountyhttps://medium.com/@iabhipathak/what-is-bug-bounty-fc9fe6a73e16?source=rss------bug_bounty-5Abhinav Pathakinformation-security, hacking, bug-bounty, security, cybersecurity27-Sep-2024
Unlocking Success: My Journey to Bypassing 2FA and Winning My First Bounty $800https://medium.com/@mihad0x1/unlocking-success-my-journey-to-bypassing-2fa-and-winning-my-first-bounty-800-c6e7654feea4?source=rss------bug_bounty-5mihad0x1hacking, security-research, bugbounty-writeup, bug-bounty, hacker27-Sep-2024
High vs. Low Severity Bugs: A Complete Guide to Bug Classification in Software and Cybersecurityhttps://medium.com/@shoaibjamal663/classification-of-bugs-high-vs-low-severity-bugs-62ce16630ddf?source=rss------bug_bounty-5Muhammad Shoaib Jamalsoftware-development, bugs, risk-management, cybersecurity, bug-bounty27-Sep-2024
NoSQL Injection Attackshttps://medium.com/@majix_de/nosql-injection-attacks-1397fd366c28?source=rss------bug_bounty-5Majixhacking, bug-bounty, penetration-testing, nosql, bug-bounty-tips27-Sep-2024
️ Information Disclosure Vulnerability: Exposing API Keys and Tokens in a Private Programhttps://medium.com/@kumawatabhijeet2002/%EF%B8%8F-information-disclosure-vulnerability-exposing-api-keys-and-tokens-in-a-private-program-e06c4d110552?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, information-disclosure, vulnerability, bug-bounty-tips, pii-data27-Sep-2024
From Enumeration to Takeover: Crack the Code of Subdomain Vulnerabilities!https://enigma96.medium.com/from-enumeration-to-takeover-crack-the-code-of-subdomain-vulnerabilities-4fea92cd0374?source=rss------bug_bounty-5enigmabug-bounty-tips, pentesting, bug-bounty, bugs, hacking27-Sep-2024
How a Simple Exploit Can Lead to a $500 Bounty — Cache Deceptionhttps://infosecwriteups.com/how-a-simple-exploit-can-lead-to-a-500-bounty-cache-deception-8da0583f6013?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, technology, bug-bounty, cybersecurity, careers27-Sep-2024
How I Found an Authentication Flaw in a Chat Featurehttps://medium.com/@krishnast545/my-first-high-severity-bug-how-i-found-an-authentication-flaw-in-a-chat-feature-58fb0f939a4a?source=rss------bug_bounty-5Krishnabugs, bug-bounty27-Sep-2024
Privilege Escalation on Amazon Linux (SageMaker)https://medium.com/@rickconsole/privilege-escalation-on-amazon-linux-sagemaker-cf115042ea5f?source=rss------bug_bounty-5Rick Consolebug-bounty, cloud-computing, cybersecurity, aws, penetration-testing27-Sep-2024
Web App Hacking Tips & Trick — Celah File Upload — Bagian 3https://medium.com/@mrp.bpp/web-app-hacking-tips-trick-celah-file-upload-bagian-3-8ec192d1633b?source=rss------bug_bounty-5Mada Perdhanahacking, bug-hunting, bug-bounty-tips, bug-bounty, file-upload-vulnerability27-Sep-2024
Web Cache Poisoning with Multiple Headershttps://medium.com/@rcxsecurity/web-cache-poisoning-with-multiple-headers-d4e27497288e?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafeinformation-security, information-technology, penetration-testing, cybersecurity, bug-bounty27-Sep-2024
It’s not a bug. It really is a feature.https://medium.com/@info_11548/its-not-a-bug-it-really-is-a-feature-b758f1454970?source=rss------bug_bounty-5Cloette Zager with FranGuardian Corporationbug-bounty, features, featured, featured-stories, bugs27-Sep-2024
Vulnerability: Multiple Vulnerabilities in Linux CUPS (CVSS 9.9)https://infosecwriteups.com/vulnerability-multiple-vulnerabilities-in-linux-cups-cvss-9-9-49dbdcd73cb0?source=rss------bug_bounty-5Ajay Naikbug-bounty, vulnerability, rewards, information-security, cybersecurity27-Sep-2024
my first easy IDOR in a big companyhttps://medium.com/@malikirtizameg/my-first-easy-idor-in-a-big-company-104ee6c4a7ff?source=rss------bug_bounty-5bug bountybug-bounty-tips, cybersecurity, bug-bounty, hacking, ethical-hacking27-Sep-2024
Shodan Revealed: How to Discover Vulnerabilities Across the Webhttps://medium.com/@RejuKole.com/shodan-revealed-how-to-discover-vulnerabilities-across-the-web-925a382bb9bd?source=rss------bug_bounty-5Reju Kolebug-bounty, ethical-hacking, shodan, bug-bounty-tips, web27-Sep-2024
The Art of the Phantom Deposit: a study on vulnerabilities in crypto exchangeshttps://medium.com/@silviosaturnowk/the-art-of-the-phantom-deposit-a-study-on-vulnerabilities-in-crypto-exchanges-3a356153bfe2?source=rss------bug_bounty-5Silvio Saturnoexploit, cybersecurity, bug-bounty, smart-contracts, solidity27-Sep-2024
How to install Subdominator & how to find subdomains using Subdominator !!https://medium.com/@sherlock297/how-to-install-subdominator-how-to-find-subdomains-using-subdominator-fe9b48be2aea?source=rss------bug_bounty-5Ravindra Dagalewindows, tools, tutorial, bug-bounty, subdominator26-Sep-2024
10 Essential Blog Sites For Bug Bounty Huntershttps://medium.com/@RaunakGupta1922/10-essential-blog-sites-for-bug-bounty-hunters-8309cbbe3756?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitknowledge, learning, articles, hacking, bug-bounty26-Sep-2024
Deep Dive in Reconnaissance (Chapter 1 [part-1] — Root Domain Enumeration)https://medium.com/@bitthr3at/deep-dive-in-reconnaissance-chapter-1-part-1-root-domain-enumeration-7ddfda1283fd?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)osint, appsec, recon, attack-surface-discovery, bug-bounty26-Sep-2024
Exploiting SMTP on Metasploitable 2: Unveiling the Power of Port 25https://medium.com/@thefellowhacker/exploiting-smtp-on-metasploitable-2-unveiling-the-power-of-port-25-4fab583855f8?source=rss------bug_bounty-5Taahir Mujawarrhacker, hacking, cybersecurity, technology, bug-bounty26-Sep-2024
Cross-Site Scripting (XSS): Understanding and Mitigating a Common Web Vulnerabilityhttps://medium.com/@mrutunjayasenapati0/cross-site-scripting-xss-understanding-and-mitigating-a-common-web-vulnerability-fe82824c24f5?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, hunting, xss-attack, vulnerability, bug-bounty26-Sep-2024
Story of Time Machines: Where Archived URLs and Juicy Information Handshake Each Otherhttps://medium.com/@security.tecno/story-of-time-machines-where-archived-urls-and-juicy-information-handshake-each-other-11efd831da46?source=rss------bug_bounty-5TECNO Securitysecurity, bug-bounty, research, hacking26-Sep-2024
Vulnerable WordPress August 2024 (Museum of Ostad Bohtouni)https://medium.com/@onhexgroup/vulnerable-wordpress-august-2024-museum-of-ostad-bohtouni-dad683a3ef15?source=rss------bug_bounty-5Onhexgroupwordpress-security, wordpress, bug-bounty, info, cybersecurity26-Sep-2024
Top 7 Free Cybersecurity Tools Every Beginner Must Try Today!https://medium.com/@paritoshblogs/top-7-free-cybersecurity-tools-every-beginner-must-try-today-44eea1aa91b8?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, projects, cybersecurity, free26-Sep-2024
Analyzing a Real HTTP Request Smuggling Attack. What Happened here?https://medium.com/@rezauditore/analyzing-a-real-http-request-smuggling-attack-what-happened-here-19dbc6edf9a4?source=rss------bug_bounty-5rezauditorepentesting, bug-bounty, ctf-writeup, lgbtq, tips26-Sep-2024
CVE-2024–45519 in Zimbra — Bounty 1000 USDhttps://infosecwriteups.com/cve-2024-45519-in-zimbra-bounty-1000-usd-0304b2a813f3?source=rss------bug_bounty-5Ajay Naikhacking, vulnerability, bug-bounty, rewards, cybersecurity26-Sep-2024
Mastering IDS: A Comprehensive Guide with Snort Implementationhttps://medium.com/@hackeraakash2002/mastering-ids-a-comprehensive-guide-with-snort-implementation-4ccc8192a0cf?source=rss------bug_bounty-5HackwithAJnetwork-security, bug-bounty, hacking, cyber-security-awareness, ids-ips26-Sep-2024
SSH Hacking: How to Exploit Port 22 Vulnerabilities for Penetration Testinghttps://medium.com/@verylazytech/ssh-hacking-how-to-exploit-port-22-vulnerabilities-for-penetration-testing-601d257ee491?source=rss------bug_bounty-5Very Lazy Techcybersecurity, hacking, penetration-testing, bug-bounty, exploit26-Sep-2024
Bug bounty – Recon Tips for subdomain enumerationhttps://medium.com/@tharunteja725_8686/bug-bounty-recon-tips-for-subdomain-enumeration-0b3d51ad1cc8?source=rss------bug_bounty-5Chidurala Tharun tejabug-bounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity, oscp26-Sep-2024
Akamai WAF Bypass Lead To Discover 30 XSS bugshttps://medium.com/@nagashygaballah/akamai-waf-bypass-lead-to-discover-30-xss-bugs-bea0f8be1dd4?source=rss------bug_bounty-5111xNagashytips-and-tricks, cybersecurity, xss-attack, penetration-testing, bug-bounty26-Sep-2024
SUBDOMAIN ENUMERATION — BUGBOUNTYhttps://medium.com/@tharunteja725_8686/subdomain-enumeration-bugbounty-2831b70ee735?source=rss------bug_bounty-5Chidurala Tharun tejapenetration-testing, bug-bounty, cybersecurity, oscp, bug-bounty-tips26-Sep-2024
Reflected XSS with event handlers and href attributes blockedhttps://medium.com/@codingbolt.in/reflected-xss-with-event-handlers-and-href-attributes-blocked-b333eb18942e?source=rss------bug_bounty-5codingboltxss-attack, xss-vulnerability, cyberattack, cybersecurity, bug-bounty26-Sep-2024
Reflected XSS with AngularJS sandbox escape and CSPhttps://medium.com/@codingbolt.in/reflected-xss-with-angularjs-sandbox-escape-and-csp-e68867138b6f?source=rss------bug_bounty-5codingboltxss-attack, cybersecurity, bug-bounty, cybercrime, bug-bounty-tips26-Sep-2024
Reflected XSS with AngularJS sandbox escape without stringshttps://medium.com/@codingbolt.in/reflected-xss-with-angularjs-sandbox-escape-without-strings-e434c669ac56?source=rss------bug_bounty-5codingboltbug-bounty, xss-attack, cyberattack, cybersecurity, bug-bounty-tips26-Sep-2024
Exploiting XSS to perform CSRFhttps://medium.com/@codingbolt.in/exploiting-xss-to-perform-csrf-1aac291690bd?source=rss------bug_bounty-5codingboltxss-attack, bug-bounty-writeup, bug-bounty-tips, bug-bounty, cybersecurity26-Sep-2024
How To Configure Metasploitable Machine To Hack? | Primary Hacking School #3https://medium.com/@nnface/how-to-configure-metasploitable-machine-to-hack-primary-hacking-school-3-083cd63c47cf?source=rss------bug_bounty-5NnFacehacking-tools, hacking, bug-bounty, cybersecurity, kali-linux26-Sep-2024
White Hat vs Black Hat Hackers: What’s the Real Difference & Which One Are You?https://codingrasi.medium.com/white-hat-vs-black-hat-hackers-whats-the-real-difference-which-one-are-you-f2c7327d77a7?source=rss------bug_bounty-5CodingRasiyoutube-creators, hacking, bug-bounty, ethical-hacking, hacker26-Sep-2024
Reflected XSS protected by CSP, with CSP bypasshttps://medium.com/@codingbolt.in/reflected-xss-protected-by-csp-with-csp-bypass-58d46ec1fc71?source=rss------bug_bounty-5codingboltxss-attack, xss-vulnerability, bug-bounty, bug-bounty-tips, cybersecurity26-Sep-2024
Reflected XSS protected by very strict CSP, with dangling markup attackhttps://medium.com/@codingbolt.in/reflected-xss-protected-by-very-strict-csp-with-dangling-markup-attack-029d16b86163?source=rss------bug_bounty-5codingboltxss-vulnerability, xss-attack, bug-bounty-tips, bug-bounty, cybersecurity26-Sep-2024
SSRF Simplified (OWASP 2021-A10)https://medium.com/@kannnannmk/ssrf-simplified-owasp-2021-a10-62586a3468f4?source=rss------bug_bounty-5Neelamegha Kannan Spenetration-testing, vulnerability, cybersecurity, bug-bounty, information-security26-Sep-2024
Reflected XSS in a JavaScript URL with some characters blockedhttps://medium.com/@codingbolt.in/reflected-xss-in-a-javascript-url-with-some-characters-blocked-7decfa413c79?source=rss------bug_bounty-5codingboltbug-bounty-tips, cybersecurity, bugs, xss-attack, bug-bounty26-Sep-2024
Finding subdomains using security trails api keyhttps://osintteam.blog/finding-subdomains-using-security-trails-api-key-8b45d5a4629e?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, hacking, bug-bounty-tips, cybersecurity, bug-bounty26-Sep-2024
IDORS — leaking 1.5 crore user detailshttps://medium.com/@nireshpandian19/idors-leaking-1-5-crore-user-details-5bbc3b9368e2?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty, idor-vulnerability, ethical-hacking, idor, cybersecurity25-Sep-2024
Exploring the Role of Port Scanning in Bug Bounty Huntinghttps://bevijaygupta.medium.com/exploring-the-role-of-port-scanning-in-bug-bounty-hunting-169a1d723bb0?source=rss------bug_bounty-5Vijay Guptaport-scanning, bug-bounty, bugs, bug-bounty-writeup, bug-bounty-tips25-Sep-2024
My First Easy IDOR: A Simple Guide to Understanding Insecure Direct Object Referenceshttps://medium.com/@Alireza.salmani/my-first-easy-idor-a-simple-guide-to-understanding-insecure-direct-object-references-8b48aa1da8ea?source=rss------bug_bounty-5Alireza Salmanibug-bounty, access-control, ethical-hacking, web-application-security, cybersecurity25-Sep-2024
Golang edge case: when “defer” will never work out in your codehttps://waclawthedev.medium.com/golang-edge-case-when-defer-will-never-work-out-in-your-code-f783518679e9?source=rss------bug_bounty-5Wacław The Developergolang, bug-bounty, defer, go, backend25-Sep-2024
Finding a p4 as per bugcrowd vrthttps://medium.com/@loyalonlytoday/finding-a-p4-as-per-bugcrowd-vrt-9f08278a75ae?source=rss------bug_bounty-5loyalonlytodaybug-bounty, penetration-testing, web-hacking, bugbounty-writeup, bugs25-Sep-2024
How I Discovered DOM XSS by Analyzing Javascript Codehttps://medium.com/@fajarsylvana/how-i-discovered-dom-xss-by-analyzing-javascript-code-6fa57c680a0e?source=rss------bug_bounty-5Fajar Sylvanapentesting, bug-bounty-tips, hacking, penetration-testing, bug-bounty25-Sep-2024
FTP Hacking: How to Exploit Port 21 Vulnerabilities for Penetration Testinghttps://medium.com/@verylazytech/ftp-hacking-how-to-exploit-port-21-vulnerabilities-for-penetration-testing-bbd65e2238da?source=rss------bug_bounty-5Very Lazy Technetwork-security, ethical-hacking, bug-bounty, cybersecurity, penetration-testing25-Sep-2024
Cracking the Code: How I Took Over Admin Accounts Across Organizationshttps://medium.com/@ismailsaid1603/cracking-the-code-how-i-took-over-admin-accounts-across-organizations-5d135ba152b4?source=rss------bug_bounty-5Esmail Saied (0xSp1DeR)tips-and-tricks, hackerone, bugcrowd, bugbounty-writeup, bug-bounty25-Sep-2024
How I proved impact with Google Map API Keyhttps://r0b0ts.medium.com/how-i-proved-impact-with-google-map-api-key-7aa801616abb?source=rss------bug_bounty-5r0b0tsbug-bounty-writeup, bug-bounty-tips, bugbounty-writeup, bug-bounty, bug-bounty-hunter25-Sep-2024
website leaking otp in inspect elemethttps://osintteam.blog/website-leaking-otp-in-inspect-elemet-8da71ae4004d?source=rss------bug_bounty-5loyalonlytodaybug-bounty, hacking, bugbounty-writeup, bug-bounty-tips, penetration-testing25-Sep-2024
Reflected XSS into a JavaScript string with single quote and backslash escapedhttps://medium.com/@codingbolt.in/reflected-xss-into-a-javascript-string-with-single-quote-and-backslash-escaped-621b6a187f04?source=rss------bug_bounty-5codingboltbugs, bug-bounty-tips, xss-attack, bug-bounty, xss-vulnerability25-Sep-2024
Reflected XSS in canonical link taghttps://medium.com/@codingbolt.in/reflected-xss-in-canonical-link-tag-c4902808a6e7?source=rss------bug_bounty-5codingboltxss-attack, bug-hunting, bug-bounty, bug-bounty-tips, bugs25-Sep-2024
Kerentanan Kritis : Bypass Autentikasi (CVE-2024–7593) pada Ivanti vTM: Penjelasan dan Tindakan…https://medium.com/@mrp.bpp/kerentanan-bypass-autentikasi-kritis-cve-2024-7593-pada-ivanti-vtm-penjelasan-dan-tindakan-77d159f53199?source=rss------bug_bounty-5Mada Perdhanabug-bounty, hacking, ivanti-service-manager, exploit, 0-day-attacks25-Sep-2024
Eksfiltrasi Data Menggunakan Komunikasi DNS (Out-of-Band)https://medium.com/@mrp.bpp/eksfiltrasi-data-menggunakan-komunikas-idns-out-of-band-7932a1ab335f?source=rss------bug_bounty-5Mada Perdhanaoob, bug-bounty, bug-bounty-tips, hacking25-Sep-2024
Exploiting cross-site scripting to steal cookieshttps://medium.com/@codingbolt.in/exploiting-cross-site-scripting-to-steal-cookies-8f57e316e8d3?source=rss------bug_bounty-5codingboltbug-bounty-tips, xss-attack, xss-vulnerability, cookies, bug-bounty25-Sep-2024
Understanding Common Web Vulnerabilities: A Guide for Beginnershttps://medium.com/@mrutunjayasenapati0/understanding-common-web-vulnerabilities-a-guide-for-beginners-398e8987cc4f?source=rss------bug_bounty-5Mrutunjaya Senapatibeginner, bug-bounty, vulnerability, beginners-guide, guides-and-tutorials25-Sep-2024
Reflected XSS into a template literal with angle brackets, single, double quotes, backslash and…https://medium.com/@codingbolt.in/reflected-xss-into-a-template-literal-with-angle-brackets-single-double-quotes-backslash-and-5acbbd9f2631?source=rss------bug_bounty-5codingboltbug-bounty, bug-bounty-writeup, bug-bounty-tips, xss-attack25-Sep-2024
Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and single quotes…https://medium.com/@codingbolt.in/stored-xss-into-onclick-event-with-angle-brackets-and-double-quotes-html-encoded-and-single-quotes-9af43308602b?source=rss------bug_bounty-5codingboltbug-bounty-tips, bug-bounty, xss-vulnerability, bugs, xss-attack25-Sep-2024
Reflected XSS into a JavaScript string with angle brackets and double quotes HTML-encoded and…https://medium.com/@codingbolt.in/reflected-xss-into-a-javascript-string-with-angle-brackets-and-double-quotes-html-encoded-and-e1ad9b482189?source=rss------bug_bounty-5codingboltbug-bounty-tips, xss-attack, xss-vulnerability, bugs, bug-bounty25-Sep-2024
Skrip Otomatisasi XSS (Cross-Site Scripting)https://medium.com/@mrp.bpp/skrip-otomatisasi-xss-cross-site-scripting-6b6064da0408?source=rss------bug_bounty-5Mada Perdhanabug-bounty, xss-attack, tools, hacking, bug-bounty-tips25-Sep-2024
How to Create a Fun, Engaging, and Long-Lasting Bug Bounty Program for Your Communityhttps://medium.com/@GrowthKingdom/how-to-create-a-fun-engaging-and-long-lasting-bug-bounty-program-for-your-community-f67da7fb230a?source=rss------bug_bounty-5Growth Kingdomdapps, blockchain, web3, crypto, bug-bounty25-Sep-2024
Understanding SQL Injection: A Deep Dive into One of the Most Common Web Vulnerabilitieshttps://medium.com/@mrutunjayasenapati0/understanding-sql-injection-a-deep-dive-into-one-of-the-most-common-web-vulnerabilities-2c5d031180c6?source=rss------bug_bounty-5Mrutunjaya Senapatisql-injection, hacking, injection, bug-bounty, sql25-Sep-2024
How Bug Bounties Strengthen Defenses -InITScienceAIhttps://medium.com/@initscienceaiandlooklivenews/how-bug-bounties-strengthen-defenses-initscienceai-c727d3b8a2d3?source=rss------bug_bounty-5InITScienceAibug-bounty-tips, bugs, bugbounting, bug-bounty, bug-bounty-hunter24-Sep-2024
Advanced Port Scanning Techniques for Bug Bounty Programshttps://bevijaygupta.medium.com/advanced-port-scanning-techniques-for-bug-bounty-programs-fd22a049ed37?source=rss------bug_bounty-5Vijay Guptabugs, bug-bounty, bug-bounty-tips, port-scanning, bug-zero24-Sep-2024
test:test not Part 2https://medium.com/@bxrowski0x/test-test-not-part-2-492fb030c8c2?source=rss------bug_bounty-5Omar ElSayedbug-bounty, keycloak, bug-bounty-tips, bug-bounty-writeup, cybersecurity24-Sep-2024
Unlocking Web3 Success: Why Code4rena & Codehawk Are the Ultimate Bug Bounty Platforms for Newbieshttps://medium.com/@firmanregar/unlocking-web3-success-why-code4rena-codehawk-are-the-ultimate-bug-bounty-platforms-for-newbies-c1c041117934?source=rss------bug_bounty-5Firman Siregarbug-bounty, smart-contract-security24-Sep-2024
Mastering Subdomain Takeoverhttps://medium.com/@verylazytech/mastering-subdomain-takeover-48d9b9d593a9?source=rss------bug_bounty-5Very Lazy Techsubdomain-takeover, cybersecurity, bug-bounty, subdomain, hacking24-Sep-2024
DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encodedhttps://medium.com/@codingbolt.in/dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-51f3b873d180?source=rss------bug_bounty-5codingbolthacking, web-hacking, bug-bounty, xss-attack, xss-vulnerability24-Sep-2024
DOM XSS in document.write sink using source location.search inside a select elementhttps://medium.com/@codingbolt.in/dom-xss-in-document-write-sink-using-source-location-search-inside-a-select-element-80223838d4af?source=rss------bug_bounty-5codingboltxss-attack, xss-vulnerability, bug-bounty, hacking, bugs24-Sep-2024
What Are Bugs in Cybersecurity? Understanding the Basicshttps://medium.com/@shoaibjamal663/what-are-bugs-in-cybersecurity-understanding-the-basics-84f2f9ef7304?source=rss------bug_bounty-5Muhammad Shoaib Jamalbugs, cybersecurity, vulnerability, bug-bounty, bug-bounty-tips24-Sep-2024
Price Tampering | Buying course at ₹1!https://medium.com/@anchalrajawat009/price-tampering-buying-course-at-1-09759112e9a4?source=rss------bug_bounty-5Aanchal Singh Rajawatbug-bounty, business-logic-flaw, hacking24-Sep-2024
$1500-P1-Business logic/Failed Defense Vulnerabilityhttps://itsravikiran25.medium.com/1500-p1-business-logic-failed-defense-vulnerability-0b1915aca994?source=rss------bug_bounty-5ravikiraNinfosec, cybersecurity, bug-bounty, hacking, bugbounty-tips24-Sep-2024
Panduan Bagi Pemula untuk Memasuki Dunia Bug Bountyhttps://medium.com/@mrp.bpp/panduan-bagi-pemula-untuk-memasuki-dunia-bug-bounty-bba812d0f680?source=rss------bug_bounty-5Mada Perdhanabug-bounty-writeup, bug-bounty, bug-bounty-tips, bug-bounty-hunter, panduan-pemula24-Sep-2024
Going Crazy with Farming VDPs: Extplorer Admin Panel Bypass & Remote Code Execution (RCE)https://infosecwriteups.com/going-crazy-with-farming-vdps-extplorer-admin-panel-bypass-remote-code-execution-rce-ed6ae27bbce9?source=rss------bug_bounty-5YoungVandainfosec, technology, cybersecurity, hacking, bug-bounty24-Sep-2024
Unlock the Hidden Doors of the Android World: Legendary Recon Tools for Bug Bounty!https://medium.com/@rootspaghetti/unlock-the-hidden-doors-of-the-android-world-legendary-recon-tools-for-bug-bounty-9065e3aa6268?source=rss------bug_bounty-5Root@Spaghettibug-bounty, bug-bounty-tips24-Sep-2024
An IDOR leads to leak users detailshttps://medium.com/@mohameddiv77/an-idor-leads-to-leak-users-details-b54a2280e0f9?source=rss------bug_bounty-5Mohamed Ibrahimbug-bounty-tips, bug-bounty24-Sep-2024
diffrent types of burpsuite extenstions for bughuntinghttps://medium.com/@loyalonlytoday/diffrent-types-of-burpsuite-extenstions-for-bughunting-d411b3d002e1?source=rss------bug_bounty-5loyalonlytodayhacking, bugs, bug-bounty-tips, bug-bounty, burpsuite24-Sep-2024
Reflected XSS with some SVG markup allowedhttps://medium.com/@codingbolt.in/reflected-xss-with-some-svg-markup-allowed-e7aafbf02378?source=rss------bug_bounty-5codingboltxss-attack, xss-vulnerability, ethical-hacking, bug-bounty, cybersecurity24-Sep-2024
Reflected XSS into HTML context with most tags and attributes blockedhttps://medium.com/@codingbolt.in/reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-0bb80ac37064?source=rss------bug_bounty-5codingboltbug-bounty, xss-attack, bug-bounty-tips, xss-vulnerability, bug-bounty-writeup24-Sep-2024
$1500-P1-Business logic/Failed Defense Vulnerabilityhttps://itsravikiran25.medium.com/1500-p1-business-logic-failed-defense-vulnerability-0b1915aca994?source=rss------bug_bounty-5r@v!k!r@ncybersecurity, bug-bounty, hacking, infosec-write-ups, bugbounty-tips24-Sep-2024
Mendapatkan Akses SMTP Melalui Celah SQL Injectionhttps://rdnzx.medium.com/mendapatkan-akses-smtp-melalui-celah-sql-injection-f6d593fcad5e?source=rss------bug_bounty-5Radian IDcybersecurity, bug-bounty, sql-injection, bug-bounty-writeup, bug-bounty-tips24-Sep-2024
You Won’t Find Any Vulnerabilities Without This Technique: Get Your First Bug Bountyhttps://medium.com/@shaikhminhaz1975/you-wont-find-any-vulnerabilities-without-this-technique-get-your-first-bug-bounty-dee2af93e607?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, red-team, penetration-testing, vulnerability, bug-bounty23-Sep-2024
Master the subdomain hunting Part 2https://infosecwriteups.com/master-the-subdomain-hunting-part-2-dea0ee035019?source=rss------bug_bounty-5ʏᴀꜱʜʜ2fa, subdomain, bug-bounty-tips, bugs, bug-bounty23-Sep-2024
Automate Bug Hunting With This Toolhttps://medium.com/@josuofficial327/automate-bug-hunting-with-this-tool-68dfbbaaa0b1?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binucybersecurity, info-sec-writeups, ethical-hacking, bug-bounty, bug-bounty-hunter23-Sep-2024
From Developer to Hacker: Breaking into GraphQLhttps://medium.com/@jonathanmondaut/from-developer-to-hacker-breaking-into-graphql-6083c80b4588?source=rss------bug_bounty-5Jonathan Mondautbug-bounty, graphql, hacker, hacking, technology23-Sep-2024
Unlocking Bug Bounties: The Power of Port Scanninghttps://bevijaygupta.medium.com/unlocking-bug-bounties-the-power-of-port-scanning-ebca71c898a7?source=rss------bug_bounty-5Vijay Guptaport-scanning, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs23-Sep-2024
Best Platforms to Learn for Becoming a Pentester or Bug Bounty Hunterhttps://rendiero.medium.com/best-platforms-to-learn-for-becoming-a-pentester-or-bug-bounty-hunter-6c6aa8cbdd64?source=rss------bug_bounty-5Rendierobug-bounty, penetration-testing, hacker, learning, resources23-Sep-2024
RXSS with My Approachhttps://medium.com/@nomad8061/rxss-with-my-approach-c9a989d3ba0b?source=rss------bug_bounty-5Ahmed Badrybug-bounty-tips, bug-bounty-writeup, bug-zero, bugs, bug-bounty23-Sep-2024
From CORS Misconfiguration to Account Takeoverhttps://medium.com/@majix_de/from-cors-misconfiguration-to-account-takeover-1231f263a90e?source=rss------bug_bounty-5Majixbug-bounty-tips, bug-bounty, hacking, penetration-testing, programming23-Sep-2024
Unauthenticated API Endpoint to Create Support Ticket Worth $500https://vijetareigns.medium.com/unauthenticated-api-endpoint-to-create-support-ticket-worth-500-789e91ad9a00?source=rss------bug_bounty-5the_unlucky_guybug-bounty, cybersecurity, bug-bounty-tips, bugbounty-writeup, bug-bounty-writeup23-Sep-2024
DOM XSS using Web Messages and a JavaScript URLhttps://medium.com/@rcxsecurity/dom-xss-using-web-messages-and-a-javascript-url-dcced7fa4195?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafeinformation-technology, information-security, cybersecurity, penetration-testing, bug-bounty23-Sep-2024
Uncovering a Stored XSS Vulnerability on Drugs.comhttps://medium.com/@regan_temudo/uncovering-a-stored-xss-vulnerability-on-drugs-com-1748ccbecc16?source=rss------bug_bounty-5Regan Temudocross-site-scripting, bug-bounty, xx, cybersecurity, stored-xxs23-Sep-2024
How to Guide to SQL Injection Testing: Manual Testing Techniques and SQLMap Usagehttps://medium.com/@mustafa_kamal/how-to-guide-to-sql-injection-testing-manual-testing-techniques-and-sqlmap-usage-5e45046b07bf?source=rss------bug_bounty-5Mustafa Khansql, hacking, bug-bounty, sql-injection, sqlmap23-Sep-2024
finding a easy p4https://medium.com/@loyalonlytoday/finding-a-easy-p4-08272e48f778?source=rss------bug_bounty-5loyalonlytodaybugs, penetration-testing, bug-bounty, bugbounty-writeup, bug-bounty-tips23-Sep-2024
Bypassing restrictions using special charactershttps://medium.com/@youssefmoner2022/bypassing-restrictions-using-special-characters-8f11af75d278?source=rss------bug_bounty-5Youssefmonerbug-bounty, hacking, vulnerability23-Sep-2024
Turning a Closed Bug Report into $650: The Art of Demonstrating Impact!https://hasanka-amarasinghe.medium.com/turning-a-closed-bug-report-into-650-the-art-of-demonstrating-impact-730a3df78df8?source=rss------bug_bounty-5Hasanka Amarasinghebugbounty-writeup, salesforce, bug-bounty, infosec, cybersecurity23-Sep-2024
Cross-Site-Scripting (XSS): Understanding and Mitigating Web Vulnerabilitieshttps://medium.com/@RejuKole.com/cross-site-scripting-xss-understanding-and-mitigating-web-vulnerabilities-b2b5a2c606fc?source=rss------bug_bounty-5Reju Kolebug-bounty-tips, bug-bounty, web, xss-attack, xss-vulnerability23-Sep-2024
Reflected XSS into a JavaScript string with angle brackets HTML encodedhttps://medium.com/@codingbolt.in/reflected-xss-into-a-javascript-string-with-angle-brackets-html-encoded-b9b60f4b2823?source=rss------bug_bounty-5codingboltxss-attack, bug-bounty, bugs, xss-vulnerability, bug-bounty-tips23-Sep-2024
Stored XSS into anchor href attribute with double quotes HTML-encodedhttps://medium.com/@codingbolt.in/stored-xss-into-anchor-href-attribute-with-double-quotes-html-encoded-9f384d27aa95?source=rss------bug_bounty-5codingboltbug-bounty-tips, bugs, bug-bounty, xss-attack, xss-vulnerability23-Sep-2024
750$ in 5 Minutes - XXE to LFIhttps://skramthu.medium.com/750-in-5-minutes-xxe-to-lfi-897bca9c304c?source=rss------bug_bounty-5Ramhackerone, money, security, bug-bounty, infosec23-Sep-2024
How to Guide SQL Injection: Manual Testing Techniques and SQLMap Usagehttps://medium.com/@mustafa_kamal/how-to-guide-to-sql-injection-testing-manual-testing-techniques-and-sqlmap-usage-5e45046b07bf?source=rss------bug_bounty-5Mustafa Khansql, hacking, bug-bounty, sql-injection, sqlmap23-Sep-2024
When a Session Token Isn’t Enough, A Full Account Takeover Storyhttps://medium.com/@ahmedramadan.ar16148/when-a-session-token-isnt-enough-a-full-account-takeover-story-cf99421bb1e3?source=rss------bug_bounty-5Ahmed Ramadanoauth2, oauth, penetration-testing, authentication, bug-bounty23-Sep-2024
Hacking The butler — Jenkins hacking 101https://thexssrat.medium.com/hacking-the-butler-jenkins-hacking-101-e437ed557460?source=rss------bug_bounty-5Thexssrathacks, bug-bounty, hacking, jenkins23-Sep-2024
P4 bug’s and their POC steps | Part 4https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-4-fd81b91fd368?source=rss------bug_bounty-5socalledhackerbugs, web-security, infosec, bug-bounty, cybersecurity23-Sep-2024
TECNO Security Response Center 3rd Anniversary | Safeguarding Product Security, Grateful for Our…https://medium.com/@security.tecno/tecno-security-response-center-3rd-anniversary-safeguarding-product-security-grateful-for-our-550016adce10?source=rss------bug_bounty-5TECNO Securitybirthday, security, hacking, bug-bounty22-Sep-2024
Practical Incident Response: A Step-by-Step Guidehttps://medium.com/@paritoshblogs/practical-incident-response-a-step-by-step-guide-290dadca6e2d?source=rss------bug_bounty-5Paritoshinformation-technology, incident-response, cybersecurity, bug-bounty, ai22-Sep-2024
5 unique Lesser-known methods to find vulnerabilities for bug bounty huntershttps://harish45.medium.com/5-unique-lesser-known-methods-to-find-vulnerabilities-for-bug-bounty-hunters-03799e73c153?source=rss------bug_bounty-5Harishcybersecurity, bug-bounty, bug-bounty-tips, ethical-hacking, hackerrank22-Sep-2024
Port Scanning Tactics to Boost Your Bug Bounty Successhttps://bevijaygupta.medium.com/port-scanning-tactics-to-boost-your-bug-bounty-success-5d46191fa92e?source=rss------bug_bounty-5Vijay Guptabugs, bug-bounty-tips, bug-bounty, tactics, port-scanning22-Sep-2024
How I Leveraged Open Redirect to Account Takeoverhttps://medium.com/@abdelrahman0x01/how-i-leveraged-open-redirect-to-account-takeover-b0ff213d23dc?source=rss------bug_bounty-5Abdelrahman0x01cyberattack, account-takeover, penetration-testing, cybersecurity, bug-bounty22-Sep-2024
Finding emails for this issue. Finding a easy bug to get a easy $$$https://medium.com/@loyalonlytoday/finding-emails-for-this-issue-finding-a-easy-bug-to-get-a-easy-5bc4cd00d112?source=rss------bug_bounty-5loyalonlytodaybug-bounty, penetration-testing, bugbounty-writeup, hacking, bug-bounty-tips22-Sep-2024
How i got 250 euro bountyhttps://doordiefordream.medium.com/how-i-got-250-euro-bounty-9e523fdf807d?source=rss------bug_bounty-5cybersecurity researcherbug-bounty, bugs, cybersecurity, ethical-hacking22-Sep-2024
How I Discovered an Account Takeover from a Reset Password Vulnerabilityhttps://medium.com/@bountyget/how-i-discovered-an-account-takeover-from-a-reset-password-vulnerability-aa39fe0896b5?source=rss------bug_bounty-5Dhiren Kumar Pradhancybersecurity, infosec, bug-bounty-writeup, bug-bounty-tips, bug-bounty22-Sep-2024
From Simple File Import to Full Server Exposure: The Power of SSRF Exploitationhttps://medium.com/@tusharpuri6/from-simple-file-import-to-full-server-exposure-the-power-of-ssrf-exploitation-64ee925e54dc?source=rss------bug_bounty-5Tusharpuriinfosec, bug-bounty, penetration-testing, offensive-security, application-security22-Sep-2024
5 unique Lesser-known methods to find vulnerabilities for bug bounty huntershttps://osintteam.blog/5-unique-lesser-known-methods-to-find-vulnerabilities-for-bug-bounty-hunters-03799e73c153?source=rss------bug_bounty-5Harishcybersecurity, bug-bounty, bug-bounty-tips, ethical-hacking, hackerrank22-Sep-2024
How I was decrypting the traffic and getting from low privilege user to full admin accesshttps://sadc0d3r.medium.com/how-i-was-decrypting-the-traffic-and-getting-from-low-privilege-user-to-full-admin-access-6a2f3b743ac5?source=rss------bug_bounty-5Ahmed Rabeaa Mosaa (SadC0d3r)penetration-test, penetration-testing, cybersecurity, web-attack, bug-bounty22-Sep-2024
How I Hacked Into a Nationwide University Database System Exposing Thousands of Student Recordshttps://1-day.medium.com/how-i-hacked-into-a-nationwide-university-database-system-exposing-thousands-of-student-records-65dce4e4ee23?source=rss------bug_bounty-51daybug-bounty-writeup, penetration-testing, writeup, hacking, bug-bounty22-Sep-2024
Join any project = Criticalhttps://medium.com/@etfchg18/join-any-project-critical-b3625d09876e?source=rss------bug_bounty-5iiiwaleedbug-bounty, web-security, bug-bounty-tips22-Sep-2024
Top 3 subdomain takeovershttps://infosecwriteups.com/top-3-subdomain-takeovers-ea51ecd911fd?source=rss------bug_bounty-5Hicham Almakroudiethical-hacking, hackerone, subdomain-takeover, bug-report, bug-bounty22-Sep-2024
#1 Bug Hunting: Subdomain Enumeration — Explainedhttps://infosecwriteups.com/1-bug-hunting-subdomain-enumeration-explained-389e6fcb3f62?source=rss------bug_bounty-5Om Maniyacybersecurity, enumeration, bug-bounty, programming, bug-bounty-tips21-Sep-2024
Understanding Insecure Deserializationhttps://medium.com/@kannnannmk/understanding-insecure-deserialization-faea7bc5ff5e?source=rss------bug_bounty-5Neelamegha Kannan Sbug-bounty, insecure-deserialization, bug-bounty-tips, cybersecurity, penetration-testing21-Sep-2024
Mastering Port Scanning for Bug Bounty Huntershttps://bevijaygupta.medium.com/mastering-port-scanning-for-bug-bounty-hunters-226c8d007023?source=rss------bug_bounty-5Vijay Guptaport-scanning, bug-bounty-tips, bug-bounty, bugs, port-scan21-Sep-2024
Email Injection | Unseen Threathttps://medium.com/@abolfazl.vaziri/email-injection-unseen-threat-6db7e32ab656?source=rss------bug_bounty-5Abolfazl Vaziriemail, email-attack, bug-bounty, hacking, email-injection21-Sep-2024
My First CVE: A Dream Realizedhttps://medium.com/@mAd13/my-first-cve-a-dream-realized-8bad3ede900a?source=rss------bug_bounty-5Makwana Abhikhacking, cve, cybersecurity, cve-2024-8042, bug-bounty21-Sep-2024
DOM-based XSS: Exploiting `document.write` with `location.search`https://medium.com/@codingbolt.in/dom-based-xss-exploiting-document-write-with-location-search-b5276b34b51b?source=rss------bug_bounty-5Coding Boltxss-attack, bug-bounty, xss-vulnerability, bug-hunting, bugs21-Sep-2024
Some Token Leak Can Lead to Disclose a Lot of Users’ Personal Datahttps://r0b0ts.medium.com/some-token-leak-can-lead-to-disclose-a-lot-of-users-personal-data-6b5b7748ccec?source=rss------bug_bounty-5r0b0tsbug-bounty-writeup, pentesting, bug-bounty, web-security, bug-bounty-tips21-Sep-2024
500$: Open Redirect Vulnerabilityhttps://medium.com/@a13h1/500-open-redirect-vulnerability-9cc9fd4d9b7b?source=rss------bug_bounty-5Abhi Sharmaprogramming, cybersecurity, open-redirect, infosec, bug-bounty21-Sep-2024
My First CVE: A Dream Realizedhttps://medium.com/@mAd13/my-first-cve-a-dream-realized-8bad3ede900a?source=rss------bug_bounty-5Abhik Makwanahacking, cve, cybersecurity, cve-2024-8042, bug-bounty21-Sep-2024
Simple IDOR vulnerability can lead to leak Email address of all usershttps://r0b0ts.medium.com/simple-idor-vulnerability-can-lead-to-leak-email-address-of-all-users-055ada3ba3fc?source=rss------bug_bounty-5r0b0tsbug-bounty, bug-bounty-tips, bug-bounty-writeup, web-security, pentesting21-Sep-2024
How Hackers Crack Active Directory Passwords and Exploit MFA : Are You Next?https://medium.com/@paritoshblogs/how-hackers-crack-active-directory-passwords-and-exploit-mfa-are-you-next-11cfdd0feb20?source=rss------bug_bounty-5Paritoshchatgpt, active-directory, hacking, bug-bounty, cybersecurity21-Sep-2024
Welcome to My Cybersecurity Journeyhttps://medium.com/@mrutunjayasenapati0/welcome-to-my-cybersecurity-journey-e795aebd096d?source=rss------bug_bounty-5Mrutunjaya Senapatiethical-hacking, bugs, bug-bounty, bug-bounty-tips, cybersecurity21-Sep-2024
DOM-based XSS: Exploiting `document.write` with `location.search`https://medium.com/@codingbolt.in/dom-based-xss-exploiting-document-write-with-location-search-b5276b34b51b?source=rss------bug_bounty-5codingboltxss-attack, bug-bounty, xss-vulnerability, bug-hunting, bugs21-Sep-2024
Reflected XSS into Attribute with HTML-Encodedhttps://medium.com/@codingbolt.in/reflected-xss-into-attribute-with-html-encoded-ffe97e2c1439?source=rss------bug_bounty-5codingboltbugs, xss-vulnerability, xss-attack, bug-bounty, cybersecurity21-Sep-2024
Taking ffuf Fuzzing Furtherhttps://medium.com/@learntheshell/taking-ffuf-fuzzing-further-016be44d0b07?source=rss------bug_bounty-5LearnTheShellbug-bounty, hacking, ffuf, bug-bounty-tips, fuzzing21-Sep-2024
Finding a easy Bughttps://medium.com/@loyalonlytoday/finding-a-easy-bug-caed2e199b1d?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, hacking, bug-bounty, bug-bounty-tips, bugbounty-writeup21-Sep-2024
DOM XSS in jQuery: The Danger of `href` Attribute with `location.search` Sourcehttps://medium.com/@codingbolt.in/dom-xss-in-jquery-the-danger-of-href-attribute-with-location-search-source-b2d883cbec59?source=rss------bug_bounty-5codingboltbug-hunting, bug-bounty, xss-attack, bug-bounty-tips, bugs21-Sep-2024
DOM-based XSS: The Case of `innerHTML` and `location.search`https://medium.com/@codingbolt.in/dom-based-xss-the-case-of-innerhtml-and-location-search-373c47866c56?source=rss------bug_bounty-5codingboltbug-bounty, bug-bounty-writeup, xss-vulnerability, xss-attack, bug-bounty-tips21-Sep-2024
Accessing full history of Firepad users.https://medium.com/@adityaahuja.work/accessing-full-history-of-firepad-users-ddc889e73936?source=rss------bug_bounty-5Aditya Ahujaowasp-top-10, cybersecurity, bug-bounty, information-disclosure, cyber-awareness21-Sep-2024
test:test type of bughttps://medium.com/@bxrowski0x/test-test-type-of-bug-cfb352d9bf85?source=rss------bug_bounty-5Omar ElSayedbug-bounty, cybersecurity, keycloak, bug-bounty-writeup, bug-bounty-tips21-Sep-2024
XSS via Cookie Injection: A Deep Dive into the Discoveryhttps://medium.com/@ayushkr99732/xss-via-cookie-injection-a-deep-dive-into-the-discovery-9ef70e22eceb?source=rss------bug_bounty-5Ayushkrpentesting, cross-site-scripting, bug-bounty, cookie-injection21-Sep-2024
Persistent XSS via Cookie Injection: A Deep Dive into the Discoveryhttps://medium.com/@ayushkr99732/xss-via-cookie-injection-a-deep-dive-into-the-discovery-9ef70e22eceb?source=rss------bug_bounty-5Ayushkrpentesting, cross-site-scripting, bug-bounty, cookie-injection21-Sep-2024
Safety above all else! MoreLogin joins Bugrap Bug Bounty Platformhttps://medium.com/@moreloginbrowser/safety-above-all-else-morelogin-joins-bugrap-bug-bounty-platform-b92a99d7e4d7?source=rss------bug_bounty-5MoreLogin Browsersecurity, bug-bounty, antidetect-browser, white-hat-hacker, cybersecurity20-Sep-2024
Common Job Roles in Cyber Securityhttps://medium.com/@RaunakGupta1922/common-job-roles-in-cyber-security-e792d367af67?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitcyber-security-awareness, bug-bounty, diversity, jobs, hacking20-Sep-2024
A Perfect Story Which help to Understand Bug Bountyhttps://medium.com/@Butcher_hell/a-perfect-story-which-help-to-understand-bug-bounty-c0a699239629?source=rss------bug_bounty-5W H I Z H A W Kcybersecurity, storytelling, hacking, bug-bounty, technology20-Sep-2024
How to Learn and Participate in Bug Bountieshttps://rendiero.medium.com/how-to-learn-and-participate-in-bug-bounties-1a2e71dd190b?source=rss------bug_bounty-5Rendierocybersecurity, beginners-guide, learning, bug-bounty, hacking20-Sep-2024
Bypassing Rate Limits: All Known Techniqueshttps://medium.com/@raxomara/bypassing-rate-limits-all-known-techniques-25891bb5ca59?source=rss------bug_bounty-5Raxomararate-limit-bypass, bug-bounty-tips, security-research, cybersecurity, bug-bounty20-Sep-2024
Finding a easy p4https://medium.com/@loyalonlytoday/finding-a-easy-p4-e32c47c8b54a?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs20-Sep-2024
The Ultimate Guide to Forgot Password Test Cases ‍https://medium.com/@chinmaya_ramana/the-ultimate-guide-to-forgot-password-test-cases-059e483fdc40?source=rss------bug_bounty-5Chinmaya Ramanasecurity, hacking, bug-bounty, web-application-security, application-security20-Sep-2024
Clickjacking Vulnerability to trigger Reflacted XSShttps://medium.com/@g52238317/clickjacking-vulnerability-to-trigger-reflacted-xss-9029cc5fd676?source=rss------bug_bounty-5Abdelrhman Yassercybersecurity, clickjacking, xss-attack, bug-bounty20-Sep-2024
Bypassing Date Restrictions in an Educational Platform: A Logic Flaw Exploithttps://medium.com/@ahmed_ashraf/bypassing-date-restrictions-in-an-educational-platform-a-logic-flaw-exploit-fdd3d0e3a1cb?source=rss------bug_bounty-5Ahmedashrafbusiness-logic-flaw, privilege-escalation, cybersecurity, bug-bounty, penetration-testing20-Sep-2024
Bug Bounty Dark Reality: The Hidden Truth of Successful Bug Huntinghttps://medium.com/@yashpawar1199/bug-bounty-dark-reality-the-hidden-truth-of-successful-bug-hunting-0b9ed547802d?source=rss------bug_bounty-5Yash Pawar @HackersParadisebug-bounty-dark-reality, bug-bounty, howu-hnters-find-bugs, bounty-efforts-fail, successful-bug-hunting20-Sep-2024
Unlocking Restricted Features: A Vulnerability Analysis of Organization’s Role Managementhttps://0xmatrix.medium.com/unlocking-restricted-features-a-vulnerability-analysis-of-organizations-role-management-aa6a4f7bd0d3?source=rss------bug_bounty-5Mo2men Elmadyhacking, penetration-testing, bug-bounty-tips, bug-bounty, cybersecurity20-Sep-2024
Exploiting GraphQL API Suggestionshttps://nir-choubey-2011.medium.com/exploiting-graphql-api-suggestions-7695e5b8c3ef?source=rss------bug_bounty-5niraj choubeyapi-security, bug-bounty, security, graphql-security20-Sep-2024
Safety above all else! MoreLogin joins Bugrap Bug Bounty Platformhttps://medium.com/@moreloginbrowser/safety-above-all-else-morelogin-joins-bugrap-bug-bounty-platform-cdc178fd6e7e?source=rss------bug_bounty-5MoreLogin Browserbug-bounty, cybersecurity, morelogin, antidetect-browser, security19-Sep-2024
Best Bug Bounty and Pentesting Methodology for Beginners: A Step-by-Step Guidehttps://bevijaygupta.medium.com/best-bug-bounty-and-pentesting-methodology-for-beginners-a-step-by-step-guide-a68170d3acc8?source=rss------bug_bounty-5Vijay Guptabugs, penetration-testing, bug-bounty, bug-bounty-tips, pentesting19-Sep-2024
How to get shodan membership upgrade for freehttps://medium.com/@hichamalmakroudi/how-to-get-shodan-membership-upgrade-for-free-4f21122d2d73?source=rss------bug_bounty-5Hicham Almakroudishodan, hacking-tools, ethical-hacking, bug-bounty, free19-Sep-2024
Nikto A Powerful Web Server Scanner for Vulnerability Assessmenthttps://medium.com/@yashpawar1199/nikto-a-powerful-web-server-scanner-for-vulnerability-assessment-1bd257204f41?source=rss------bug_bounty-5Yash Pawar @HackersParadisebug-bounty, hacking, penetration-testing, cybersecurity, nikto19-Sep-2024
How a 403 bypass got me a bountyhttps://medium.com/@ehsameer/how-a-403-bypass-got-me-a-bounty-7b2d58c0fd88?source=rss------bug_bounty-5ehsameerbug-bounty-tips, bugbounty-writeup, bug-bounty, hackerone19-Sep-2024
How Hackers Trick You Into Actions You Never Meant to Do !https://medium.com/@yassentaalab51/how-hackers-trick-you-into-actions-you-never-meant-to-do-c0993c8f1bbe?source=rss------bug_bounty-5Yassen Taalabowasp, penetration-testing, bug-bounty, cybersecurity, clickjacking19-Sep-2024
How to install Bug Bounty Hunting Tools on Linux and Windows by using Golang(Go)[ProjectDiscovery]https://medium.com/@abdulrahman.muhammad.qarni52/getting-started-with-projectdiscovery-tools-on-linux-and-windows-70e644f1198c?source=rss------bug_bounty-5OxLegacy52hacking, tools-for-hacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty19-Sep-2024
Finding a easy bug to get a easy $$$https://medium.com/@loyalonlytoday/finding-a-easy-bug-to-get-a-easy-f008b2b25f73?source=rss------bug_bounty-5loyalonlytodayhacking, bug-bounty-tips, penetration-testing, bugbounty-writeup, bug-bounty19-Sep-2024
Primary Hacking School #2 After Installing Kalihttps://medium.com/@nnface/primary-hacking-school-2-after-installing-kali-6a226c68e7de?source=rss------bug_bounty-5NnFacekali-linux, linux, bug-bounty, cybersecurity, hacking19-Sep-2024
Understanding File Permissions and Ownershiphttps://cyberw1ng.medium.com/understanding-file-permissions-and-ownership-d73c07f373e2?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, technology, bug-bounty, careers, cybersecurity19-Sep-2024
How I hacked multiple Indian universities (AGAIN).https://medium.com/@alimuhammadsecured/how-i-hacked-multiple-indian-universities-again-d1b9c2a0e01d?source=rss------bug_bounty-5Alimuhammadsecuredctf, cybersecurity, hacking, bug-bounty, malware19-Sep-2024
How Hackers Trick You Into Actions You Never Meant to Do !https://medium.com/@yassentaalab51/how-hackers-trick-you-into-actions-you-never-meant-to-do-c0993c8f1bbe?source=rss------bug_bounty-5Killuaowasp, penetration-testing, bug-bounty, cybersecurity, clickjacking19-Sep-2024
Understanding File Permissions and Ownershiphttps://systemweakness.com/understanding-file-permissions-and-ownership-d73c07f373e2?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, technology, bug-bounty, careers, cybersecurity19-Sep-2024
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node packagehttps://medium.com/@p0lyxena/2-500-bug-bounty-write-up-remote-code-execution-rce-via-unclaimed-node-package-6b9108d10643?source=rss------bug_bounty-5Fuleki Ioanbugcrowd, bug-bounty, writeup, cybersecurity, remote-code-execution18-Sep-2024
Write up : Business Logic Flaw in Payment Discount Calculation Allows Excessive Discount…https://medium.com/@jakboubmostefa/write-up-business-logic-flaw-in-payment-discount-calculation-allows-excessive-discount-19d567f5da18?source=rss------bug_bounty-5Mostefa Jakboubvulnerability, bug-bounty, cybersecurity18-Sep-2024
10 Essential Browser Extensions for Bug Bounty Huntershttps://medium.com/@firdansp/10-essential-browser-extensions-for-bug-bounty-hunters-f17f8b001bcc?source=rss------bug_bounty-50verRidabug-bounty-tips, writeup, bug-hunting, extension, bug-bounty18-Sep-2024
How to Perform a Cybersecurity Risk Assessment: The Simple Guidehttps://medium.com/@paritoshblogs/how-to-perform-a-cybersecurity-risk-assessment-the-simple-guide-b37d1b986682?source=rss------bug_bounty-5Paritoshbug-bounty, risk, hacking, chatgpt, cybersecurity18-Sep-2024
Leveling Up the Wrong Way: Exploiting API Vulnerabilities in Game Progressionhttps://aminudin.medium.com/leveling-up-the-wrong-way-exploiting-api-vulnerabilities-in-game-progression-19f883f48da8?source=rss------bug_bounty-5Aminudinhacker, bug-bounty, bug-bounty-tips18-Sep-2024
Scanning ip’s got from virustotalhttps://medium.com/@loyalonlytoday/scanning-ips-got-from-virustotal-7baa7398ba83?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, bug-bounty, penetration-testing, hacking, bug-bounty-writeup18-Sep-2024
Mastering Cybersecurity “A Guide to Effective Learning”https://rendiero.medium.com/mastering-cybersecurity-a-guide-to-effective-learning-9e32bd8c5926?source=rss------bug_bounty-5Rendierocybersecurity, bug-bounty, penetration-testing, hacking, learning18-Sep-2024
Scanning ip’s got from virustotal to find a bughttps://medium.com/@loyalonlytoday/scanning-ips-got-from-virustotal-7baa7398ba83?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, bug-bounty, penetration-testing, hacking, bug-bounty-writeup18-Sep-2024
The Reality of Cybersecurity Jobs: Why Freshers Should Focus on Defense✨ Over Hackinghttps://medium.com/@mohammedthoufeeq_25137/the-reality-of-cybersecurity-jobs-why-freshers-should-focus-on-defense-over-hacking-002cd641a453?source=rss------bug_bounty-5Mohamed Thoufeeqcybersecurity, hacking, cyberattack, programming, bug-bounty18-Sep-2024
#ERROR!https://medium.com/@shari7a0x/protect-your-account-zero-click-account-takeover-for-admin-support-through-password-update-d155c7966b6e?source=rss------bug_bounty-5Shari7a0xbug-bounty-tips, bug-bounty, ato, bugs18-Sep-2024
Real Bug Bounty & Penetration Testing on Live Websites: Step-by-Step Guide (Part 2)https://medium.com/@shaikhminhaz1975/real-bug-bounty-penetration-testing-on-live-websites-step-by-step-guide-part-2-19ca30b17b93?source=rss------bug_bounty-5Shaikh Minhazethical-hacking, bug-bounty, cybersecurity, penetration-testing, chatgpt18-Sep-2024
How Black Hat Hackers Hack into your Telegram Groups !!!https://medium.com/@josuofficial327/how-black-hat-hackers-hack-into-your-telegram-groups-6970a93a20e1?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binupenetration-testing, ethical-hacking, bug-bounty, hacking, cybersecurity18-Sep-2024
Missing Rate Limit Vulnerability: How to Test and Identify Ithttps://medium.com/@octayus/missing-rate-limit-vulnerability-how-to-test-and-identify-it-2f3937e903e6?source=rss------bug_bounty-5OctaYuscybersecurity, infosec, hacking, bug-bounty, twitter18-Sep-2024
How I Utilized AI to Discover an Amazon S3 Bucket Takeover Vulnerability in Red Bull’s Bug Bounty…https://medium.com/@mohamedsaqibc/how-i-utilized-ai-to-discover-an-amazon-s3-bucket-takeover-vulnerability-in-red-bulls-bug-bounty-503d3c4d995f?source=rss------bug_bounty-5Mohamed Saqib Chacking, artificial-intelligence, cybersecurity, bug-bounty18-Sep-2024
Hunting APIs for Bounties: How to Hack and Win Big in Bug Bounties!https://medium.com/@rootspaghetti/hunting-apis-for-bounties-how-to-hack-and-win-big-in-bug-bounties-942d0f4e0885?source=rss------bug_bounty-5Root@Spaghettihacking, bug-bounty, bug-bounty-tips18-Sep-2024
P4 bug’s and their POC steps | Part 3https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-3-298087630cac?source=rss------bug_bounty-5socalledhackerweb, web-security, p4-bugs, bug-bounty, vulnerability18-Sep-2024
Live Bug Bounty Walkthrough: How to Hunt & Report Bugs Effectively (Part 2)https://medium.com/cyberscribers-exploring-cybersecurity/real-bug-bounty-penetration-testing-on-live-websites-step-by-step-guide-part-2-19ca30b17b93?source=rss------bug_bounty-5Shaikh Minhazethical-hacking, bug-bounty, cybersecurity, penetration-testing, chatgpt18-Sep-2024
Using Application Functionality to Exploit Insecure Deserializationhttps://medium.com/@rcxsecurity/using-application-functionality-to-exploit-insecure-deserialization-b4e7c6abdae1?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafeinformation-security, penetration-testing, bug-bounty, information-technology, cybersecurity17-Sep-2024
First-Time Penetration Testing: How to Uncovered Critical Flaws at a Company (Interactive Guide)https://medium.com/@paritoshblogs/first-time-penetration-testing-how-to-uncovered-critical-flaws-at-a-company-interactive-guide-4275f79c02ce?source=rss------bug_bounty-5Paritoshhacking, bug-bounty, ai, penetration-testing, cybersecurity17-Sep-2024
From GitHub Recon to Hotstar Admin Access: A Deep Dive into Security Flawshttps://infosecwriteups.com/from-github-recon-to-hotstar-admin-access-a-deep-dive-into-security-flaws-2e4ae0ec937e?source=rss------bug_bounty-5Vishal Vishwakarmahacking, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-writeup17-Sep-2024
“ part 2 Beginner’s Bug Bounty Methodology: A Journey from Writeups to Real-World Application”https://medium.com/@mahdisalhi0500/part-2-beginners-bug-bounty-methodology-a-journey-from-writeups-to-real-world-application-5d62f79e039f?source=rss------bug_bounty-5CaptinSHArky(Mahdi)cybersecurity, bug-bounty-tips, bug-bounty, ethical-hacking, infose17-Sep-2024
How To Find Clickjacking Easily…https://medium.com/@josuofficial327/how-to-find-clickjacking-under-a-minute-751089be3f74?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binupenetration-testing, bug-bounty, cybersecurity, info-sec-writeups, bug-bounty-tips17-Sep-2024
#5. Bug Bounty Series: $$$ by AWS S3 Bucket misconfigurationshttps://cyb3rmind.medium.com/5-bug-bounty-series-by-aws-s3-bucket-misconfigurations-fb645057d03e?source=rss------bug_bounty-5Cyb3r M!ndspenetration-testing, takeovers, bug-bounty, subdomain-takeover, s3-bucket17-Sep-2024
How I got my first $$$ bounty?https://medium.com/@yashsomalkar/how-i-got-my-first-bounty-098d75ae650d?source=rss------bug_bounty-5Rudrakshackerbug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips, idor-vulnerability17-Sep-2024
Platforms and vulnerable webapps for practing and learning webpentestinghttps://medium.com/@loyalonlytoday/platforms-and-vulnerable-webapps-for-practing-and-learning-webpentesting-b76df42e3ec4?source=rss------bug_bounty-5loyalonlytodaybug-bounty, penetration-testing, hacking, bugbounty-writeup, web-penetration-testing17-Sep-2024
Direct Volume Access Attackhttps://medium.com/@reemmoslem34/direct-volume-access-attack-dfbb2d73e406?source=rss------bug_bounty-5Rem Khalidbug-bounty, cryptocurrency, malware, hacking, cybersecurity17-Sep-2024
Dll Side Loading Attackhttps://medium.com/@reemmoslem34/dll-side-loading-attack-80ea716fd588?source=rss------bug_bounty-5Rem Khalidpython, malware, cybersecurity, hacking, bug-bounty17-Sep-2024
A bypass on GitLab’s Login Email Verification via OAuth ROPC flow.https://cybxis.medium.com/a-bypass-on-gitlabs-login-email-verification-via-oauth-ropc-flow-e194242cad96?source=rss------bug_bounty-5cybxishackerone, gitlab, oauth2, bug-bounty17-Sep-2024
Type of Cyber Securityhttps://medium.com/@RaunakGupta1922/type-of-cyber-security-c43047a34fe7?source=rss------bug_bounty-5Raunak Gupta Aka Biscuithacking, bug-bounty, social-media, cybersecurity, basics16-Sep-2024
Menguasai Reconnaissance: Metode lengkap untuk mengumpulkan informasihttps://hack4funacademy.medium.com/menguasai-reconnaissance-metode-lengkap-untuk-mengumpulkan-informasi-acdeba7dc054?source=rss------bug_bounty-5Hack4Fun Academyprogramming, bug-bounty, hacking, cybersecurity, networking16-Sep-2024
How to Set Up Proxychains in Kali Linuxhttps://medium.com/@vignesh6872610/how-to-set-up-proxychains-in-kali-linux-ddd44c3502af?source=rss------bug_bounty-5Vignesh Pbug-bounty, bug-bounty-writeup, proxychains, linux-tutorial, bug-bounty-tips16-Sep-2024
Three Months of Full-Time Bug Bounty Hunting as a Newbie in 2024https://medium.com/@nchaitreddyutilities/three-months-of-full-time-bug-bounty-hunting-as-a-newbie-in-2024-a941977b61f1?source=rss------bug_bounty-5Chaitanya Reddybug-bounty-tips, cybersecurity, bug-bounty, writeup16-Sep-2024
WhatsApp View Once Privacy Issue Initial Fix Assessment: The Good, the Bad and The Uglyhttps://medium.com/@TalBeerySec/whatsapp-view-once-privacy-issue-initial-fix-assessment-the-good-the-bad-and-the-ugly-be97ec1cc2e5?source=rss------bug_bounty-5Tal Be'erysecurity, web-development, bug-bounty, privacy, whatsapp16-Sep-2024
Guide to Finding and Exploiting Web Cache Poisoninghttps://systemweakness.com/guide-to-finding-and-exploiting-web-cache-poisoning-f32d0962d28d?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, careers, technology, bug-bounty16-Sep-2024
The Curious Case Of MutantBedrog’s Trusted-Types CSP Bypasshttps://blog.confiant.com/the-curious-case-of-mutantbedrogs-trusted-types-csp-bypass-950b19a38b4f?source=rss------bug_bounty-5Eliya Steinbug-bounty, malvertising, hacking, cybersecurity, threat-intelligence16-Sep-2024
How I Found Live Traffic Exposure on a Public Server: One of my interesting findingshttps://medium.com/@josuofficial327/how-i-found-live-traffic-exposure-on-a-public-server-one-of-my-interesting-findings-0ecde16813a8?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty, cybersecurity, penetration-testing, bugbounty-writeup, bug-bounty-hunter16-Sep-2024
Using Full potential of Virustotal for Bugbountyhttps://medium.com/@loyalonlytoday/using-full-potential-of-virustotal-for-bugbounty-8d80221ab2e4?source=rss------bug_bounty-5loyalonlytodaybugbounty-tips, penetration-testing, hacking, bug-bounty, bugbounty-writeup16-Sep-2024
How i accidently found a server side template injectionhttps://medium.com/@malikirtizameg/how-i-accidently-found-a-server-side-template-injection-f5e7aec0b64d?source=rss------bug_bounty-5Insbat Arshadcybersecurity, bug-bounty, programming, devops, python16-Sep-2024
CloudSek CTF 2024 Writeuphttps://naumankh4n.medium.com/cloudsek-ctf-aug-2024-writeup-6b4409675f88?source=rss------bug_bounty-5Nauman Khanhacking, bug-bounty, ctf, penetration-testing, ctf-writeup16-Sep-2024
Subdomain takeover amazon S3https://medium.com/@hichamalmakroudi/subdomain-takeover-amazon-s3-21de0af8a1d3?source=rss------bug_bounty-5Hicham Almakroudibug-bounty, aws, hacking, s3, subdomain-takeover16-Sep-2024
How To Get Easy critical 0 click account takeover on public bug bounty program at hackerone !https://medium.com/@kaforybory/how-to-get-easy-critical-0-click-account-takeover-on-public-bug-bounty-program-at-hackerone-8b1859cc7738?source=rss------bug_bounty-5Hassan Makkiinfosec, bug-bounty-tips, cybersecurity, bug-bounty, bug-hunting16-Sep-2024
Structure your recon files before they structure youhttps://medium.com/@paractmol/structure-your-recon-files-before-they-structure-you-ba3509a182f0?source=rss------bug_bounty-5paractmolgolang, recon, tools, bug-bounty, automation-tools16-Sep-2024
How to Kick Off Your Journey into Bug Hunting: A Beginner's Guidehttps://medium.com/@justluke5691/how-to-kick-off-your-journey-into-bug-hunting-a-beginners-guide-eb5a551f4edb?source=rss------bug_bounty-5K. Niraj Chandra Singhabug-bounty, technology, cybersecurity16-Sep-2024
very easy and helpfull for new hunters, how i accidently found a server side template injectionhttps://medium.com/@malikirtizameg/how-i-accidently-found-a-server-side-template-injection-f5e7aec0b64d?source=rss------bug_bounty-5Insbat Arshadcybersecurity, bug-bounty, programming, devops, python16-Sep-2024
Structure your recon files before they become unstructuredhttps://medium.com/@paractmol/structure-your-recon-files-before-they-structure-you-ba3509a182f0?source=rss------bug_bounty-5paractmolgolang, recon, tools, bug-bounty, automation-tools16-Sep-2024
#3 HOW TO FIND OPEN REDIRECT EASILY ???https://medium.com/@josuofficial327/3-how-to-find-open-redirect-easily-fd8a7ea6e12b?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuthreat-intelligence, bug-bounty, bug-bounty-tips, threat-hunting, cybersecurity15-Sep-2024
Subdomain Takeovers for Beginnershttps://medium.com/@hichamalmakroudi/subdomain-takeovers-for-beginners-a51ed74db543?source=rss------bug_bounty-5Hicham Almakroudisubdomain-takeover, bug-bounty, bug-bounty-tips, ethical-hacking, hacking15-Sep-2024
XSS — Cross Site Scriptinghttps://medium.com/@codingboltacademy/xss-cross-site-scripting-65e1981817df?source=rss------bug_bounty-5Coding Bolt Academyxss-vulnerability, xss-attack, bug-bounty, cross-site-scripting, ethical-hacking15-Sep-2024
IDOR — Broken Access Controlhttps://medium.com/@codingboltacademy/idor-broken-access-control-efeb6698919f?source=rss------bug_bounty-5Coding Bolt Academyethical-hacking, penetration-testing, cybersecurity, bug-bounty, idor15-Sep-2024
How i got 100$ bountyhttps://medium.com/@mukkumukku110/how-i-got-100-bounty-b3dd58e82e00?source=rss------bug_bounty-5bughunterbug-bounty, bugs, bug-bounty-writeup, bug-bounty-tips15-Sep-2024
Hunting for Corporate Accounts: Exploiting IDOR and Parameter Pollution in Web Applicationshttps://medium.com/@tusharpuri6/hunting-for-corporate-accounts-exploiting-idor-and-parameter-pollution-in-web-applications-1792294e0c48?source=rss------bug_bounty-5Tusharpuribug-bounty, application-security, penetration-testing, offensive-security, infosec15-Sep-2024
Live Bug Bounty & Penetration Testing on Real Websites: Step-by-Step Guide (Part 1)https://medium.com/@shaikhminhaz1975/live-bug-bounty-penetration-testing-on-real-websites-step-by-step-guide-part-1-971ccc9b9587?source=rss------bug_bounty-5Shaikh Minhazbug-bounty, bug-bounty-tips, penetration-testing, cybersecurity, information-gathering15-Sep-2024
SQL Injetionhttps://medium.com/@adhikarisudip869/sql-injetion-f6f5f4291cbc?source=rss------bug_bounty-5Sudip Adhikarisql, sql-injection, bug-bounty15-Sep-2024
How to Find IDOR Vulnerabilities: A Guide for Bug Bounty Hunters and Developershttps://cyberw1ng.medium.com/how-to-find-idor-vulnerabilities-a-guide-for-bug-bounty-hunters-and-developers-3d2ba2a766f5?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, cybersecurity, technology, careers15-Sep-2024
BugBounty platforms Listhttps://medium.com/@loyalonlytoday/bugbounty-platforms-list-ed3a5af3a8a2?source=rss------bug_bounty-5loyalonlytodaybugbounty-writeup, bug-bounty-tips, hacking, bug-bounty, penetration-testing15-Sep-2024
Automating the CORS Vulnerability Scanhttps://angixblack.medium.com/automating-the-cors-vulnerability-scan-66d57752cc36?source=rss------bug_bounty-5Angix blackcors, infosec, pentesting, bug-bounty, corsan15-Sep-2024
A very easy bug anyone can findhttps://medium.com/@malikirtizameg/a-very-easy-bug-anyone-can-find-8d2b11a768c7?source=rss------bug_bounty-5Insbat Arshadprogramming, cybersecurity, bug-bounty, software-engineering, devops15-Sep-2024
How to Find IDOR Vulnerabilities: A Guide for Bug Bounty Hunters and Developershttps://systemweakness.com/how-to-find-idor-vulnerabilities-a-guide-for-bug-bounty-hunters-and-developers-3d2ba2a766f5?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, cybersecurity, technology, careers15-Sep-2024
Mastering WordPress Pentesting: The Ultimate Resource Guidehttps://medium.com/@RaunakGupta1922/mastering-wordpress-pentesting-the-ultimate-resource-guide-423bc1e1ddef?source=rss------bug_bounty-5Raunak Gupta Aka Biscuithacking, cybersecurity, wordpress, bug-bounty, wordpress-plugins14-Sep-2024
Telnet Takedown: The Port 23 Exploit on Metasploitable 2, Part IIIhttps://medium.com/@thefellowhacker/telnet-takedown-the-port-23-exploit-on-metasploitable-2-part-iii-a10a6e15b468?source=rss------bug_bounty-5Taahir Mujawarrcybersecurity, bug-bounty, metasploitable, hacking, penetration-testing14-Sep-2024
Open Redirect via Image Uploadhttps://medium.com/@osamamohamed21212121/open-redirect-via-image-upload-bf6f87f8d447?source=rss------bug_bounty-5Osamamohamedbug-bounty-tips, bug-bounty, bugs, bug-zero, bug-bounty-writeup14-Sep-2024
SSRF Via Image Uploadhttps://medium.com/@osamamohamed21212121/ssrf-via-image-upload-f046e2d0e692?source=rss------bug_bounty-5Osamamohamedbug-bounty, bug-zero, bug-bounty-writeup, bugs, bug-bounty-tips14-Sep-2024
Critical Data Breach Exposed: A Deep Dive into a Government Agency’s Security Flawhttps://medium.com/@contact.adnanks/critical-data-breach-exposed-a-deep-dive-into-a-government-agencys-security-flaw-3c4a9b431de6?source=rss------bug_bounty-5Adnan K Sbug-bounty-tips, security, cybersecurity, bug-bounty-writeup, bug-bounty14-Sep-2024
Unlocking Admin Privileges: How I Exploited an IDOR Vulnerabilityhttps://medium.com/@cybsersec/unlocking-admin-privileges-how-i-exploited-an-idor-vulnerability-6829b595889a?source=rss------bug_bounty-5Cybserseccybersecurity, security-research, bug-bounty14-Sep-2024
Unlocking Admin Privileges: How I Exploited an IDOR Vulnerabilityhttps://medium.com/@Krypton09/unlocking-admin-privileges-how-i-exploited-an-idor-vulnerability-6829b595889a?source=rss------bug_bounty-5Kryptoncybersecurity, security-research, bug-bounty14-Sep-2024
How I Discovered a Major Security Flaw in Keltron’s Server Using Google Dorkinghttps://medium.com/@contact.adnanks/how-i-discovered-a-major-security-flaw-in-keltrons-server-using-google-dorking-f8bb3c784803?source=rss------bug_bounty-5Adnan K Scybersecurity, security, owncloud, bug-bounty-tips, bug-bounty14-Sep-2024
how to install kali linux on windows using wsl(windows subsystem linux)https://medium.com/@loyalonlytoday/how-to-install-kali-linux-on-windows-using-wsl-windows-subsystem-linux-92019022ac57?source=rss------bug_bounty-5loyalonlytodaybug-bounty, penetration-testing, wsl-2, hacking, wsl14-Sep-2024
fisher: Cybertalents Cybersecurity Bootcamp Cohort 8https://medium.com/@bridget4/fisher-cybertalents-cybersecurity-bootcamp-cohort-8-cfb9aa6b7a6c?source=rss------bug_bounty-5Bridgetcareers, bug-bounty, cybersecurity, learning, cyber-talents14-Sep-2024
What is Prototype Pollution?https://systemweakness.com/what-is-prototype-pollution-4e2049f68fca?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, technology, careers, hacking, cybersecurity14-Sep-2024
How I Discovered a Major Security Flaw in Keltron’s Server Using Google Dorkinghttps://medium.com/@contact.adnanks/how-i-discovered-a-major-security-flaw-in-keltrons-server-using-google-dorking-e8a8c1dae09b?source=rss------bug_bounty-5Adnan K Shacking, bug-bounty, cybersecurity, ethical-hacking, bug-bounty-tips14-Sep-2024
How I Gained Access to a Corporate CCTV Surveillance System Using Shodanhttps://medium.com/@contact.adnanks/how-i-gained-access-to-a-corporate-cctv-surveillance-system-using-shodan-daac1fa3b37a?source=rss------bug_bounty-5Adnan K Sbug-bounty, surveillance, cctv, cybersecurity, hacking14-Sep-2024
How I Discovered a Critical Vulnerability and Took Over an Organization Using Burp Suitehttps://medium.com/@contact.adnanks/how-i-discovered-a-critical-vulnerability-and-took-over-an-organization-using-burp-suite-fb2d52adc944?source=rss------bug_bounty-5Adnan K Sresearch, bug-bounty-tips, cybersecurity, bug-bounty, ethical-hacking14-Sep-2024
Critical Data Breach Exposed: A Deep Dive into a Government Agency’s Security Flaw (Part 2)https://medium.com/@contact.adnanks/critical-data-breach-exposed-a-deep-dive-into-a-government-agencys-security-flaw-part-2-ba190920e945?source=rss------bug_bounty-5Adnan K Sbug-bounty, grafana, research-reports, cybersecurity, bug-bounty-tips14-Sep-2024
Let the Hunt Begin with Nuclei: The Secret Weapon of the Bug Bounty World!https://medium.com/@rootspaghetti/let-the-hunt-begin-with-nuclei-the-secret-weapon-of-the-bug-bounty-world-9b2491d3a9cb?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, hacking, bug-bounty14-Sep-2024
Mastering GraphQL API Pentesting: The Ultimate Resource Guidehttps://medium.com/@RaunakGupta1922/mastering-graphql-api-pentesting-the-ultimate-resource-guide-7755c08bddd2?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitvulnerability, cybersecurity, graphql, bug-bounty, hacking13-Sep-2024
Deleting a folder led to the deactivation of the company’s accounts.https://medium.com/@hossam_hamada/deleting-a-folder-led-to-the-deactivation-of-the-companys-accounts-3759b6b92927?source=rss------bug_bounty-5Hossam Hamadabug-bounty-tips, hackerone, bug-bounty, penetration-testing, bugcrowd13-Sep-2024
#2 ANOTHER EASY BUG- HTML INJECTIONhttps://medium.com/@josuofficial327/2-another-easy-bug-html-injection-0447a79b6c66?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty-hunter, bug-bounty, linux, vulnerability, cybersecurity13-Sep-2024
How Unguessable IDOR Worth me €1000 On Intigritihttps://medium.com/@manan_sanghvi/how-unguessable-idor-worth-me-1000-on-intigriti-7ab6f928b3d9?source=rss------bug_bounty-5Manan Sanghvibounty-program, bug-bounty, intigriti, idor, hacking13-Sep-2024
Logic Flaw: I Can Block You from Accessing Your Own Accounthttps://medium.com/@hashimamin/logic-flaw-i-can-block-you-from-accessing-your-own-account-63fc2a88bb72?source=rss------bug_bounty-5Hashim Aminbug-bounty-tips, bug-bounty, bugs, ethical-hacking, infosec13-Sep-2024
What is an Open Redirect Vulnerability? And How to Find Ithttps://systemweakness.com/what-is-an-open-redirect-vulnerability-and-how-to-find-it-7d94a3b9d0ef?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, technology, bug-bounty, hacking13-Sep-2024
Log4j Exploit Lab: Reverse Shell with JNDI Exploit Kithttps://medium.com/@josh.beck2006/log4j-exploit-lab-reverse-shell-with-jndi-exploit-kit-21f015204e29?source=rss------bug_bounty-5Josh Beckbug-bounty, cybersecurity, ctf13-Sep-2024
How to find and exploit bugsnag API Keyhttps://medium.com/@socalledhacker/how-to-find-and-exploit-bugsnag-api-key-312e0f216735?source=rss------bug_bounty-5socalledhackercybersecurity, bug-bounty, web-security, bug-bounty-tips, infosec13-Sep-2024
How to Write an Effective Bug Bounty Report: Tips, Structure, and Exampleshttps://infosecwriteups.com/how-to-write-an-effective-bug-bounty-report-tips-structure-and-examples-3248d81dd759?source=rss------bug_bounty-5Abhi Sharmabug-bounty, hacking, bug-bounty-tips, cybersecurity, infosec13-Sep-2024
Finding a easy p4 it can be worth 200$https://medium.com/@loyalonlytoday/finding-a-easy-p4-it-can-be-worth-200-10d6682f6923?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, bug-bounty, bugbounty-writeup, website-hacking, hacking13-Sep-2024
Subdomain Enumeration Part 2 (Manual & Automation)https://osintteam.blog/subdomain-enumeration-part-2-manual-automation-77a46d93e2ed?source=rss------bug_bounty-5Mr Abdullahethical-hacking, hacking, web-hacking, bug-bounty, bug-bounty-tips13-Sep-2024
Unleashing GitHub Dorks: The Ultimate Hack for Finding Hidden Secrets in Bug Bounties!https://enigma96.medium.com/unleashing-github-dorks-the-ultimate-hack-for-finding-hidden-secrets-in-bug-bounties-125b83fd9c93?source=rss------bug_bounty-5enigmagithub-dorking, penetration-testing, bug-bounty, hackin, bug-bounty-tips13-Sep-2024
Stored XSS via Image Uploadhttps://medium.com/@osamamohamed21212121/stored-xss-via-image-upload-b75edecf1e54?source=rss------bug_bounty-5Osamamohamedbug-bounty-tips, bugs, bug-bounty, bug-zero, bug-bounty-writeup13-Sep-2024
IDOR in Bug Bounty Programhttps://medium.com/@osamamohamed21212121/idor-in-bug-bounty-program-8fbbffe32f6e?source=rss------bug_bounty-5Osamamohamedbug-bounty, bugs, bug-bounty-writeup, bug-zero, bug-bounty-tips13-Sep-2024
Mastering Dirsearch: Finding Hidden Web Directorieshttps://medium.com/@bootstrapsecurity/mastering-dirsearch-finding-hidden-web-directories-f57327c06fed?source=rss------bug_bounty-5BootstrapSecurityethical-hacking, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-hunter12-Sep-2024
Computer Security: How Bureaucracies Ignore Unexploded Ordinancehttps://kf106.medium.com/computer-security-how-bureaucracies-ignore-unexploded-ordinance-319e8e931ad5?source=rss------bug_bounty-5Keir Finlow-Batesbureaucracy, bug-bounty, security, cybersecurity, hacker12-Sep-2024
The Secrets to Writing Threat Intelligence Reports That Actually Stop Cyber Attacks!https://medium.com/@paritoshblogs/the-secrets-to-writing-threat-intelligence-reports-that-actually-stop-cyber-attacks-330fd6fc37a5?source=rss------bug_bounty-5Paritoshai, hacking, threat-intelligence, bug-bounty, cybersecurity12-Sep-2024
Password Reset Flaws: Key Methods for Finding Vulnerabilitieshttps://medium.com/@dsmodi484/password-reset-flaws-key-methods-for-finding-vulnerabilities-eb843440e06c?source=rss------bug_bounty-5Dishant Modibug-bounty, vulnerability, bug-bounty-tips, account-takeover, testing12-Sep-2024
Leveraging GreyNoise for Enhanced Threat Detection and Intelligencehttps://medium.com/@ajaynaikhack/leveraging-greynoise-for-enhanced-threat-detection-and-intelligence-437aac815d38?source=rss------bug_bounty-5Ajay Naikrewards, vulnerability, cybersecurity, bug-bounty, threat-detection12-Sep-2024
Insecure Direct Object Reference (IDOR)https://medium.com/@security.tecno/insecure-direct-object-reference-idor-ffecf6cbc211?source=rss------bug_bounty-5TECNO Securitybug-bounty, security, research, hacking12-Sep-2024
Mastering IDOR: The Ultimate Resource Guidehttps://medium.com/@RaunakGupta1922/mastering-idor-the-ultimate-resource-guide-84e44052f70c?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitbug-bounty, hacking, cybersecurity, college, idor12-Sep-2024
[IDOR] View other users’ transaction detailshttps://rhidayah.medium.com/idor-view-other-users-transaction-details-73c0c80aada6?source=rss------bug_bounty-5Rohmad Hidayahbroken-access-control, idor, bug-bounty, idor-vulnerability, information-disclosure12-Sep-2024
Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOShttps://mikko-kenttala.medium.com/zero-click-calendar-invite-critical-zero-click-vulnerability-chain-in-macos-a7a434fc887b?source=rss------bug_bounty-5Mikko Kenttälävulnerability, macos, information-security, bug-bounty12-Sep-2024
Hide & Seek - Hidden Open Redirect | Bug Huntinghttps://mo9khu93r.medium.com/hide-seek-hidden-open-redirect-bug-hunting-88499f5e0e99?source=rss------bug_bounty-5mo9khu93rhacking, pentesting, bug-bounty, cybersecurity, kali-linux12-Sep-2024
Hydra for bruteforcinghttps://medium.com/@tharunteja725_8686/hydra-for-bruteforcing-3784a98bab6a?source=rss------bug_bounty-5Chidurala Tharun tejahacking, oscp, bug-bounty, bug-bounty-tips, cybersecurity12-Sep-2024
How an Open Redirect Vulnerability Got a Bug Bounty of $500https://cyberw1ng.medium.com/how-an-open-redirect-vulnerability-got-a-bug-bounty-of-500-13ece7a987d8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, technology, bug-bounty, careers, cybersecurity12-Sep-2024
My first Account-take-overhttps://medium.com/@osamamohamed21212121/my-first-account-take-over-f6590c4a3a54?source=rss------bug_bounty-5Osamamohamedbugs, bug-bounty, bug-zero, bug-bounty-writeup, bug-bounty-tips12-Sep-2024
My journey to find CSRF (Cross-Site Request Forgery )https://medium.com/@osamamohamed21212121/my-journey-to-find-csrf-cross-site-request-forgery-ddf1e1bd579d?source=rss------bug_bounty-5Osamamohamedbug-bounty-writeup, bug-bounty-tips, bug-bounty, bugs, bug-zero12-Sep-2024
Stored XSS via File upload(using .svg file Extension )https://ch4ndan.medium.com/stored-xss-via-file-upload-using-svg-file-extension-515e23536d4d?source=rss------bug_bounty-5Ch4ndan dascybersecurity, xss-attack, bug-bounty, bugs, bug-bounty-tips12-Sep-2024
My first XSS: Reflected XSShttps://medium.com/@osamamohamed21212121/my-first-xss-reflected-xss-0949992b94ab?source=rss------bug_bounty-5Osamamohamedbugs, bug-bounty-tips, bug-bounty, bug-zero, bug-bounty-writeup12-Sep-2024
Hack Google Like a Pro: Automate Google Dorks with Bash for Bug Bounties!https://enigma96.medium.com/hack-google-like-a-pro-automate-google-dorks-with-bash-for-bug-bounties-7611818a4bf0?source=rss------bug_bounty-5enigmahacker, bug-bounty, pentesting, bug-bounty-tips, dorks12-Sep-2024
How to learn Game Hacking in 6 minutes | Part 1https://medium.com/@deadoverflow/how-to-learn-game-hacking-in-10-minutes-part-1-19991004fd99?source=rss------bug_bounty-5Imad Husanovicgames, hacking, bug-bounty-tips, bug-bounty, cybersecurity12-Sep-2024
How to learn Game Hacking in 6 minutes | Part 1https://systemweakness.com/how-to-learn-game-hacking-in-10-minutes-part-1-19991004fd99?source=rss------bug_bounty-5Imad Husanovicgames, hacking, bug-bounty-tips, bug-bounty, cybersecurity12-Sep-2024
Introduction to Bug Bounty Huntinghttps://medium.com/@kanishkar22052004/introduction-to-bug-bounty-hunting-183f133c7d0d?source=rss------bug_bounty-5Kanishkarbug-bounty, ethical-hacking, cybersecurity11-Sep-2024
Understanding the OWASP Top 10 in 2024https://bootstrapsecurity.medium.com/understanding-the-owasp-top-10-in-2024-245b600737f9?source=rss------bug_bounty-5BootstrapSecuritybug-bounty-tips, bug-bounty, ethical-hacking, cybersecurity, infosec-write-ups11-Sep-2024
Understanding the OWASP Top 10 in 2024https://medium.com/@bootstrapsecurity/understanding-the-owasp-top-10-in-2024-245b600737f9?source=rss------bug_bounty-5BootstrapSecuritybug-bounty-tips, bug-bounty, ethical-hacking, cybersecurity, infosec-write-ups11-Sep-2024
HTB Academy: Information Gathering — Web Edition (Updated).https://medium.com/@mazalwebdesign/htb-academy-information-gathering-web-edition-updated-50058fdec55e?source=rss------bug_bounty-5maz4lhtb-walkthrough, htb-writeup, penetration-testing, bug-bounty, ethical-hacking11-Sep-2024
API Bug Bounty Hunting: Reconnaissance and Reverse Engineering an APIhttps://towardsdev.com/api-bug-bounty-hunting-reconnaissance-and-reverse-engineering-an-api-1d61f82b5d72?source=rss------bug_bounty-5Adithyakrishna Vcybersecurity, bug-bounty, hacking, api11-Sep-2024
NGINX HTTP/3 QUIC Module Vulnerability -CVE-2024–35200https://infosecwriteups.com/nginx-http-3-quic-module-vulnerability-cve-2024-35200-e2f6aaea2a68?source=rss------bug_bounty-5Ajay Naikbug-bounty, security, cve, vulnerability, rewards11-Sep-2024
BIG-IP HSB vulnerability CVE-2024–39778https://medium.com/@ajaynaikhack/big-ip-hsb-vulnerability-cve-2024-39778-9fd33cc4d5e5?source=rss------bug_bounty-5Ajay Naikrewards-and-recognition, vulnerability, bug-bounty, security11-Sep-2024
Why Django’s [DEBUG=True] is a Goldmine for Hackershttps://medium.com/@verylazytech/why-djangos-debug-true-is-a-goldmine-for-hackers-01486289607d?source=rss------bug_bounty-5Very Lazy Techhacking, cybersecurity, django, bug-bounty, misconfiguration11-Sep-2024
Best Bug Bounty and Pentesting Methodology for Beginners(Step By Step)https://medium.com/@shaikhminhaz1975/best-bug-bounty-and-pentesting-methodology-for-beginners-step-by-step-b6167128156a?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, methodology, penetration-testing, bug-bounty, ethical-hacking11-Sep-2024
MY First Bug Hunt: A Beginner’s Guide to Cybersecurity with Google Dorkshttps://medium.com/@KpCyberInfo/my-first-bug-hunt-a-beginners-guide-to-cybersecurity-with-google-dorks-b62a28214d38?source=rss------bug_bounty-5Krunal Patelbug-bounty, cybersecurity, google-dork, beginner, security11-Sep-2024
How Finding an SQL Injection Vulnerability Earned a $1000 Bug Bountyhttps://systemweakness.com/how-finding-an-sql-injection-vulnerability-earned-a-1000-bug-bounty-af2ee0b62f6c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, technology, bug-bounty, hacking11-Sep-2024
Interesting Story of an Account Takeover Vulnerabilityhttps://medium.com/@deepanshudev369/interesting-story-of-an-account-takeover-vulnerability-140a45a058a3?source=rss------bug_bounty-5Deepanshu(golu369)cybersecurity, ethical-hacking, vulnerability-assessment, bug-bounty, research11-Sep-2024
P4 bug’s and their POC steps | Part 2https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-2-17b6583c57d9?source=rss------bug_bounty-5socalledhackerweb-security, hacking, bug-bounty-tips, vulnerability, bug-bounty11-Sep-2024
Pemburuan Hacker Penpie: Menyediakan Hingga 10% dari Dana yang Dikembalikan sebagai Hadiahhttps://blog.penpiexyz.io/pemburuan-hacker-penpie-menyediakan-hingga-10-dari-dana-yang-dikembalikan-sebagai-hadiah-6e81cc0f610b?source=rss------bug_bounty-50xJultoshidefi, bahasa, bug-bounty, investasi, crypto11-Sep-2024
Primary Hacking School #1 Installing Kalihttps://medium.com/@nnface/primary-hacking-school-1-installing-kali-a3e249c41730?source=rss------bug_bounty-5NnFacebug-bounty, cybersecurity, hacking, linux, kali-linux11-Sep-2024
How I Stole a Player Spot with Simple XSShttps://medium.com/@ali_guell/how-i-stole-a-player-spot-with-simple-xss-6a8fa2776a84?source=rss------bug_bounty-5black_wheatearwriteup, bug-bounty, hacking, web-development, cybersecurity11-Sep-2024
Securing Your Applications Against CSRF Attacks: Best Practices for Cybersecurity Expertshttps://medium.com/@kpishear/securing-your-applications-against-csrf-attacks-best-practices-for-cybersecurity-experts-4e572b9fc032?source=rss------bug_bounty-5kpishearbug-bounty, tech, cybersecurity, trading, technology10-Sep-2024
Free Bug Bounty Course For Beginners ️https://medium.com/@amanktec12/free-bug-bounty-course-for-beginners-%EF%B8%8F-f126b9907c96?source=rss------bug_bounty-5Cyberxealfree-bug-hunting-course, free, course, bug-bounty, bug-hunting10-Sep-2024
Would you mind to tell me what your bank balance is? No? Okay, I’ll hack it.https://infosecwriteups.com/would-you-mind-to-tell-me-what-your-bank-balance-is-no-okay-ill-hack-it-b3f49810cfe2?source=rss------bug_bounty-5Manav Bankatwalabank-hack, cybersecurity, information-security, idor, bug-bounty10-Sep-2024
My first Hall of Fame (HoF) | Bug Bounty Journey.https://rivudon.medium.com/my-first-hall-of-fame-hof-bug-bounty-journey-59a56b1e96c2?source=rss------bug_bounty-5Rivek Raj Tamang ( RivuDon )bug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips, infosec-writeup10-Sep-2024
The “Who Needs Secure Attachments Anyway?” Sagahttps://medium.com/@shobitsharma/the-who-needs-secure-attachments-anyway-saga-6026dc61a371?source=rss------bug_bounty-5Shobit Sharmabug-bounty, cybersecurity, bug-bounty-tips, infosec-write-ups, bug-bounty-writeup10-Sep-2024
How Hackers Can Steal Your Data in 15 Secondshttps://medium.com/@kerstan/how-hackers-can-steal-your-data-in-15-seconds-798bbed9cbac?source=rss------bug_bounty-5kerstanhacking, cybersecurity, bug-bounty10-Sep-2024
Basic Challenge Level 11https://aftab700.medium.com/basic-challenge-level-11-eaa689246c31?source=rss------bug_bounty-5Aftab Samactf, cybersecurity, information-security, bug-bounty, ethical-hacking10-Sep-2024
Basic Challenge Level 10https://aftab700.medium.com/basic-challenge-level-10-afaac3919778?source=rss------bug_bounty-5Aftab Samacybersecurity, bug-bounty, ctf-writeup, ctf, information-security10-Sep-2024
Basic Challenge Level 9https://aftab700.medium.com/basic-challenge-level-9-588ab110cc2d?source=rss------bug_bounty-5Aftab Samactf-writeup, ctf, bug-bounty, information-security, cybersecurity10-Sep-2024
OWASP top 10 A09:Security Logging and Monitoring failureshttps://medium.com/@shivamsharma.ss484/owasp-top-10-a09-security-logging-and-monitoring-failures-e2f4bdc50fbe?source=rss------bug_bounty-5Shivamsharmaowasp, hacking, cybersecurity, owasp-top-10, bug-bounty10-Sep-2024
‘find’ command for Reconhttps://medium.com/@DatBoyBlu3/find-command-for-recon-4f3cf296c5d5?source=rss------bug_bounty-5Daniel Edwardscybersecurity, linux, bug-bounty, unix, penetration-testing10-Sep-2024
Top Reconnaissance Tools for Ethical Security Testinghttps://medium.com/@ajaynaikhack/top-reconnaissance-tools-for-ethical-security-testing-2b4088106b81?source=rss------bug_bounty-5Ajay Naikreconnaissance, ethical-hacking, bug-bounty, rewards, vulnerability10-Sep-2024
Introducing FavFreak: Unlock the Power of Favicon Hashing for Bug Bounty Huntinghttps://medium.com/@unreal_umber_hyena_37/introducing-favfreak-unlock-the-power-of-favicon-hashing-for-bug-bounty-hunting-0361dbb629c3?source=rss------bug_bounty-5Cyber Sentinel Xsecurity, cybersecurity, penetration-testing, bug-bounty, ethical-hacking10-Sep-2024
How I got RCE on an Indian university without admin credentials Tale of directory listing, SQL…https://medium.com/@alimuhammadsecured/how-i-got-rce-on-an-indian-university-without-admin-credentials-tale-of-directory-listing-sql-1f77e2933011?source=rss------bug_bounty-5Alimuhammadsecuredbug-bounty, bug-bounty-writeup, ctf, rce, hacking10-Sep-2024
TryHackMe | Simple CTF | Walkthrough | By HexaHunterhttps://hexahunter.medium.com/tryhackme-simple-ctf-walkthrough-by-hexahunter-b9457e4d7d16?source=rss------bug_bounty-5Momal Nazweb-security, penetration-testing, tryhackme-walkthrough, ctf-writeup, bug-bounty09-Sep-2024
Mastering Reconnaissance with Nmap: Unveiling Your Target’s Secretshttps://infosecwriteups.com/mastering-reconnaissance-with-nmap-unveiling-your-targets-secrets-ec940d05a140?source=rss------bug_bounty-5Ajay Naikcybersecurity, information-security, nmap, bug-bounty, infosec-write-ups09-Sep-2024
Self-XSS to ATO via Quick Login featurehttps://thecatfather.medium.com/self-xss-to-ato-via-quick-login-feature-532df12d1c08?source=rss------bug_bounty-5The CatFatherbug-bounty-writeup, bug-bounty, bug-bounty-tips09-Sep-2024
Exploiting Firestore Database Rules: A Pathway to Data Breacheshttps://medium.com/@S3THU/exploiting-firestore-database-rules-a-pathway-to-data-breaches-aa945476cc16?source=rss------bug_bounty-5Sethu Satheeshfirebase, hacking, cybersecurity, bug-bounty, pentesting09-Sep-2024
Google Dorks for Bug Bounty Part 3: Exposing Hidden Admin Panels & Login Portalshttps://enigma96.medium.com/google-dorks-for-bug-bounty-part-3-exposing-hidden-admin-panels-login-portals-52b600e3f10b?source=rss------bug_bounty-5enigmabug-bounty, bug-bounty-tips, pentesting, hacking, penetration-testing09-Sep-2024
2nd Order SQL Injectionhttps://medium.com/@bountyget/2nd-order-sql-injection-e2ac60e792a4?source=rss------bug_bounty-5Dhiren Kumar Pradhanbug-bounty-tips, sql-injection, cybersecurity, penetration-testing, bug-bounty09-Sep-2024
{إِنَّ اللَّهَ وَمَلائِكَتَهُ يُصَلُّونَ عَلَى النَّبِيِّ يَا أَيُّهَا الَّذِينَ آمَنُوا صَلُّوا…https://medium.com/@mahdisalhi0500/%D8%A5%D9%90%D9%86%D9%8E%D9%91-%D8%A7%D9%84%D9%84%D9%8E%D9%91%D9%87%D9%8E-%D9%88%D9%8E%D9%85%D9%8E%D9%84%D8%A7%D8%A6%D9%90%D9%83%D9%8E%D8%AA%D9%8E%D9%87%D9%8F-%D9%8A%D9%8F%D8%B5%D9%8E%D9%84%D9%8F%D9%91%D9%88%D9%86%D9%8E-%D8%B9%D9%8E%D9%84%D9%8E%D9%89-%D8%A7%D9%84%D9%86%D9%8E%D9%91%D8%A8%D9%90%D9%8A%D9%90%D9%91-%D9%8A%D9%8E%D8%A7-%D8%A3%D9%8E%D9%8A%D9%8F%D9%91%D9%87%D9%8E%D8%A7-%D8%A7%D9%84%D9%8E%D9%91%D8%B0%D9%90%D9%8A%D9%86%D9%8E-%D8%A2%D9%85%D9%8E%D9%86%D9%8F%D9%88%D8%A7-%D8%B5%D9%8E%D9%84%D9%8F%D9%91%D9%88%D8%A7-4cdb13f5ff52?source=rss------bug_bounty-5CaptinSHArky(Mahdi)hacking, information-security, ethical-hacking, bug-bounty, information-technology09-Sep-2024
SQL Injection Attack, Listing the Database Contents on Non-Oracle Databaseshttps://medium.com/@marduk.i.am/sql-injection-attack-listing-the-database-contents-on-non-oracle-databases-825485566585?source=rss------bug_bounty-5Marduk I Ambug-bounty, portswigger-lab, sqli, information-security, sql-injection09-Sep-2024
Hunting for Hidden API Endpoints Using Katana and Hakralerhttps://anasbetis023.medium.com/hunting-for-hidden-api-endpoints-using-katana-and-hakraler-ba0bd6b9611f?source=rss------bug_bounty-5Anas H Hmaidybug-bounty, penetration-testing, bug-bounty-tips, cybersecurity09-Sep-2024
Optimal Ethical Hacker Setup for Penetration Testinghttps://infosecwriteups.com/optimal-ethical-hacker-setup-for-penetration-testing-4847a8afbe45?source=rss------bug_bounty-5Ajay Naiksecurity, bug-bounty, vulnerability, desktop09-Sep-2024
Unveiling Hidden Threats: Advanced Recon Techniques and the Path to Automationhttps://medium.com/@rootspaghetti/unveiling-hidden-threats-advanced-recon-techniques-and-the-path-to-automation-4c1b3dd885a3?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, bug-bounty, hacking09-Sep-2024
P4 bug’s and their POC steps | Part 1https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-1-1cef0152d1a5?source=rss------bug_bounty-5socalledhackervulnerability, p4-bugs, hacking, web-app-security, bug-bounty09-Sep-2024
How HTTP Request Smuggling Vulnerability Gets You a $750 Bug Bountyhttps://cyberw1ng.medium.com/how-http-request-smuggling-vulnerability-gets-you-a-750-bug-bounty-3dfe9063fd8d?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, cybersecurity, technology09-Sep-2024
Introducing CorScan: A Comprehensive Tool for CORS Vulnerability Detectionhttps://angixblack.medium.com/introducing-corscan-a-comprehensive-tool-for-cors-vulnerability-detection-4ce83be6870e?source=rss------bug_bounty-5Angix blackpenetration-testing, bug-bounty, cors, bugbounty-automation, corscan09-Sep-2024
Lap 1: JWT authentication bypass via unverified signaturehttps://abdelrahmansalaheldeen.medium.com/lap-1-jwt-authentication-bypass-via-unverified-signature-8e450a7b2f59?source=rss------bug_bounty-5Abdelrahman Salaheldeencybersecurity, web-application-security, web-app-pentesting, jwt, bug-bounty08-Sep-2024
The Only Oscp Tip You Needhttps://medium.com/@issam.qsous/the-only-oscp-tip-you-need-cfac65948f68?source=rss------bug_bounty-5Essam Qsousoscp, bug-bounty, cybersecurity, pentesting, hacking08-Sep-2024
JSON Web Token attacks (JWT)https://abdelrahmansalaheldeen.medium.com/json-web-token-attacks-jwt-c082d76f3e4c?source=rss------bug_bounty-5Abdelrahman Salaheldeenjwt, web-penetration-testing, web-application-security, bug-bounty, cybersecurity08-Sep-2024
0-Click Mass Account Takeover via Password Reset Functionalityhttps://0d-samii.medium.com/0-click-mass-account-takeover-via-password-reset-functionality-68cdf27e028d?source=rss------bug_bounty-50d_samiibugs, bug-bounty-tips, bug-bounty, cybersecurity08-Sep-2024
How To Stay Ahead of 99% of Bug Bounty Huntershttps://bevijaygupta.medium.com/how-to-stay-ahead-of-99-of-bug-bounty-hunters-d77030705ed5?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bugs, hackthebox, bug-bounty, bounty-hunter08-Sep-2024
Discovering a Stored XSS Vulnerability on a Bug Bounty Programhttps://anmolvishwakarma7466.medium.com/discovering-a-stored-xss-vulnerability-on-a-bug-bounty-program-8dad1b475695?source=rss------bug_bounty-5Anmolvishwakarmaxss-attack, appsec, bug-bounty-tips, bug-bounty, bug-bounty-writeup08-Sep-2024
Found Bugs, Got Paid, Stayed Poor: Making a Living with Bug Bountieshttps://bevijaygupta.medium.com/found-bugs-got-paid-stayed-poor-making-a-living-with-bug-bounties-a30355564d32?source=rss------bug_bounty-5Vijay Guptamoney-making-ideas, bug-bounty-tips, bug-bounty, money-management, bugs08-Sep-2024
Nmap: The Best Network Scanning Utility for Security Experthttps://medium.com/@mohanmecktro/nmap-the-best-network-scanning-utility-for-security-expert-ea7a6fd01efb?source=rss------bug_bounty-5Mohan Mecktrobug-bounty-hunter, penetration-testing, bug-bounty, nmap, kali-linux-tools08-Sep-2024
How I Become Google HOFhttps://medium.com/@lijoparappur/how-i-become-google-hof-ef697b8b5963?source=rss------bug_bounty-5Lijoparappurbug-bounty, google-hacking08-Sep-2024
How i found xss in goverment website with one tools.https://medium.com/@sulthanyluthfi/how-i-found-xss-in-goverment-website-with-one-tools-5dd5d431ed03?source=rss------bug_bounty-5Luthfi Sulthanyxss-attack, bug-bounty, linux, penetration-testing, cybersecurity08-Sep-2024
Day 30of 30 Day — 30 Vulnerabilities | Cross-Site Request Forgery (CSRF)https://medium.com/@kumawatabhijeet2002/day-30of-30-day-30-vulnerabilities-cross-site-request-forgery-csrf-062ff53c5efd?source=rss------bug_bounty-5Abhijeet kumawat30dayswritingchallenge, bug-bounty, bug-bounty-tips, csrf08-Sep-2024
My recon methodology for hunting CVE-2021–42063 led to discovering an RXSS vulnerability in the…https://medium.com/@karthithehacker/my-recon-methodology-for-hunting-cve-2021-42063-led-to-discovering-an-rxss-vulnerability-in-the-27a7aa435fd3?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, infosec, bugbounty-writeup, ethical-hacking, cybersecurity08-Sep-2024
The Weak Link in Two-Factor Authentication: Exploiting Reusable OTPshttps://medium.com/@tusharpuri6/the-weak-link-in-two-factor-authentication-exploiting-reusable-otps-ed30bd8bf4da?source=rss------bug_bounty-5Tusharpurioffensive-security, bug-bounty, penetration-testing, vulnerability, application-security08-Sep-2024
OWASP top 10 A08:Software and Data Integrity Failureshttps://medium.com/@shivamsharma.ss484/owasp-top-10-a08-software-and-data-integrity-failures-bd41b5f9db2c?source=rss------bug_bounty-5Shivamsharmaowasp-top-10, bug-bounty, cybersecurity, hacking, owasp08-Sep-2024
Post-Exploitation Techniques: What Happens After a Hack?https://cyberw1ng.medium.com/post-exploitation-techniques-what-happens-after-a-hack-961ddc068fb6?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, technology, hacking, cybersecurity, careers08-Sep-2024
Post-Exploitation Techniques: What Happens After a Hack?https://systemweakness.com/post-exploitation-techniques-what-happens-after-a-hack-961ddc068fb6?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, technology, hacking, cybersecurity, careers08-Sep-2024
Bug Bounty Road ️ Map ️https://osintteam.blog/bug-bounty-road-%EF%B8%8F-map-%EF%B8%8F-b42c14750a6a?source=rss------bug_bounty-5Mr Abdullahbug-bounty-roadmap, bug-bounty, bug-bounty-writeup, ethical-hacking, cybersecurity07-Sep-2024
Users without roles are able to find out whether the “Invite other people” feature on a Pinterest…https://rhidayah.medium.com/users-without-roles-are-able-to-find-out-whether-the-invite-other-people-feature-on-a-pinterest-b1cf86305337?source=rss------bug_bounty-5Rohmad Hidayahpinterest, bug-bounty, privacy, business-logic-flaw07-Sep-2024
Exploiting the Silent Threat: Time-Based Blind SQL Injection via the Object_ID Parameterhttps://harshit3.medium.com/exploring-time-based-blind-sql-injection-vulnerability-via-the-object-id-parameter-7cd377c6e00d?source=rss------bug_bounty-5Harshitowasp, vulnerability, cybersecurity, bug-bounty, information-security07-Sep-2024
Account takeover through no rate limitshttps://rhidayah.medium.com/account-takeover-through-no-rate-limits-3d7a82a69779?source=rss------bug_bounty-5Rohmad Hidayahaccount-takeover, no-rate-limit, bug-bounty, broken-authentication07-Sep-2024
The Rise of AI in Cybersecurity: Opportunities and Threatshttps://bootstrapsecurity.medium.com/the-rise-of-ai-in-cybersecurity-opportunities-and-threats-531b42f9bef9?source=rss------bug_bounty-5BootstrapSecuritybug-bounty-tips, bug-bounty, cybersecurity, ethical-hacking, ai-in-cybersecurity07-Sep-2024
how i finded a google map it’s worths 300$https://systemweakness.com/how-i-finded-a-google-map-its-worths-300-9fe5fe32e6de?source=rss------bug_bounty-5loyalonlytodaybugs, penetration-testing, hacking, bug-bounty, bug-bounty-tips07-Sep-2024
Subdomain Takeover : The Hacker’s Jackpot (And How You Can Hit It Too!)https://medium.com/@Kaizen2977/subdomain-takeover-the-hackers-jackpot-and-how-you-can-hit-it-too-76d49b916bc1?source=rss------bug_bounty-5Kapil Chotaliabug-bounty, subdomain-takeover, subdomains-enumeration, hacking, penetration-testing07-Sep-2024
Users without roles are able to find out whether the “Invite other people” feature on a Pinterest…https://rhidayah.medium.com/users-without-roles-are-able-to-find-out-whether-the-invite-other-people-feature-on-a-pinterest-b1cf86305337?source=rss------bug_bounty-5Rohmad Hidayahpinterest, bug-bounty, privacy, bugcrowd, business-logic-flaw07-Sep-2024
Day 29 of 30 Day — 30 Vulnerabilities | Remote Code Execution (RCE)https://medium.com/@kumawatabhijeet2002/day-29-of-30-day-30-vulnerabilities-remote-code-execution-rce-eb3f8f7ccf62?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, rce, bug-bounty, 30dayswritingchallenge, remote-code-execution07-Sep-2024
Vulnerability Scannerhttps://medium.com/@hydra_/vulnerability-scanner-1ad628218979?source=rss------bug_bounty-5hydrabug-bounty, vulnerability-scanner, infosec07-Sep-2024
Understanding window.postMessage() and Its XSS Riskshttps://medium.com/@spideyyy/understanding-window-postmessage-and-its-xss-risks-5a96bcd90428?source=rss------bug_bounty-5spideycybersecurity, bug-bounty, web-security, hacking, xss-attack07-Sep-2024
Find Your First 5 Bug Bounties in Easy Wayshttps://infosecwriteups.com/find-your-first-5-bug-bounties-in-easy-ways-3aaca5c57a2d?source=rss------bug_bounty-5Subh Dhunganahackerone, infosec, cybersecurity, bug-bounty, hacking07-Sep-2024
My recon methodology for hunting CVE-2021–42063 led to discovering an RXSS vulnerability in the…https://medium.com/@karthithehacker/my-recon-methodology-for-hunting-cve-2021-42063-led-to-discovering-an-rxss-vulnerability-in-the-80bd4ca0f623?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, infosec, cybersecurity07-Sep-2024
Hunting in the Cyber World: Effective Recon Strategies for a Successful Bug Bountyhttps://medium.com/@rootspaghetti/hunting-in-the-cyber-world-effective-recon-strategies-for-a-successful-bug-bounty-8ec5f27bd9ae?source=rss------bug_bounty-5Root@Spaghettibug-bounty, cybersecurity, hacking, bug-bounty-tips07-Sep-2024
850$ IDOR:Unauthorized Session Revokation of any userhttps://infosecwriteups.com/850-idor-unauthorized-session-revokation-of-any-user-93f9cb92fdfe?source=rss------bug_bounty-5Abhi Sharmacybersecurity, infosec, idor, bug-bounty, programming07-Sep-2024
Google Dorks Secrets: Discover Hidden Endpoints & Parameters with Google Dorkshttps://enigma96.medium.com/google-dorks-secrets-discover-hidden-endpoints-parameters-with-google-dorks-7c3bb3257ef9?source=rss------bug_bounty-5enigmaweb-security-testing, hacking, bug-bounty-tips, bug-bounty, penetration-testing07-Sep-2024
cyberExploring Client-Side Desync: Understanding the Risk and Mitigating the Threathttps://cyberw1ng.medium.com/cyberexploring-client-side-desync-understanding-the-risk-and-mitigating-the-threat-b375dec78f21?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, technology, cybersecurity, careers07-Sep-2024
Day 28 of 30 Day — 30 Vulnerabilities | DOM-based XSShttps://medium.com/@kumawatabhijeet2002/day-28-of-30-day-30-vulnerabilities-dom-based-xss-e7bfadc56b2f?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, 30dayswritingchallenge, bug-bounty-tips, dom-based-xss06-Sep-2024
Bounty Hunter’s Handbook: Practical Tips for Bug Huntinghttps://medium.com/@security.tecno/bounty-hunters-handbook-practical-tips-for-bug-hunting-b3a8b03d1101?source=rss------bug_bounty-5TECNO Securityhacking, hunting, tips, bug-bounty06-Sep-2024
[$12000] 3 Critical 0-click TikTok Account Takeover Vulnerabilities, 2FA bypass & more security…https://vojtechcekal.medium.com/12000-3-critical-0-click-tiktok-account-takeover-vulnerabilities-2fa-bypass-more-security-78554827cfc3?source=rss------bug_bounty-5Vojtech Cekalvulnerability, bug-bounty-writeup, bug-bounty-tips, cybersecurity, bug-bounty06-Sep-2024
OAuth Based CSRF: Exploiting The Flaw In Implementation Of State Parameterhttps://medium.com/@cyberpro151/oaauth-based-csrf-exploiting-the-flaw-in-implementation-of-state-parameter-36bfae68aa65?source=rss------bug_bounty-5cyberpro151bug-bounty, cybersecurity, appsec, hacking, pentest06-Sep-2024
Google Map API Key Exposure $$$ | Just 2 Minutes | Don’t Miss Your Bountyhttps://dkcyberz.medium.com/google-map-api-key-exposure-just-2-minutes-dont-miss-your-bounty-380eac7b9dd9?source=rss------bug_bounty-5Harpy Hunterbug-bounty-tips, bugbounty-writeup, google-map-api, bug-bounty, owasp-top-1006-Sep-2024
Google Dork Mastery Part 1 : Finding Hidden Critical Files with Google Dorks Like a Prohttps://enigma96.medium.com/google-dork-mastery-part-1-finding-hidden-critical-files-with-google-dorks-like-a-pro-d28ad159e9ae?source=rss------bug_bounty-5enigmapenetration-testing, hacking, bug-bounty-tips, web-security, bug-bounty06-Sep-2024
Master Mobile Traffic Hacking: Intercept Android App Data with Burp Suitehttps://medium.com/@WillFromSwiss/master-mobile-traffic-hacking-intercept-android-app-data-with-burp-suite-9278163310ad?source=rss------bug_bounty-5WillFromSwisscybersecurity, application-security, hacking, android, bug-bounty06-Sep-2024
As Luck Would Have It — tales of good fortune in bug bountyhttps://medium.com/@l_s_/as-luck-would-have-it-tales-of-good-fortune-in-bug-bounty-9c56d31b3ef5?source=rss------bug_bounty-5LSinfosec, information-security, bug-bounty-writeup, hacking, bug-bounty06-Sep-2024
How I Explored Further and Chained HTTP Request Smuggling with Other Vulnerabilitieshttps://cyberw1ng.medium.com/how-i-explored-further-and-chained-http-request-smuggling-with-other-vulnerabilities-cfb974e1e8aa?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, technology, hacking, bug-bounty, cybersecurity06-Sep-2024
How 100% Manual Hacking (Without Even Kali And Burp) Led To 2 Medium Vulnerabilities On YesWeHackhttps://medium.com/@manan_sanghvi/how-100-manual-hacking-without-even-kali-and-burp-led-to-2-medium-vulnerabilities-on-yeswehack-bbda00fcd84e?source=rss------bug_bounty-5Manan Sanghvivulnerability, bug-bounty, xss-attack, cybersecurity, ethical-hacking05-Sep-2024
Day 27 of 30 Day — 30 Vulnerabilities | Server-Side Template Injection (SSTI)https://medium.com/@kumawatabhijeet2002/day-27-of-30-day-30-vulnerabilities-server-side-template-injection-ssti-f12c851d7e08?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, server-side-technology, 30dayswritingchallenge, ssti, bug-bounty-tips05-Sep-2024
Exploiting Salesforce Lightning Permissions Issueshttps://medium.com/@theodorejackson.us/exploiting-salesforce-lightning-permissions-issues-5c04f202c887?source=rss------bug_bounty-5Ted Jacksonpentesting, bug-bounty, security, salesforce, cybersecurity05-Sep-2024
RCE Exploits Explained: Techniques & Tools in 2024https://bootstrapsecurity.medium.com/rce-exploits-explained-techniques-tools-in-2024-79dbbbc67ba6?source=rss------bug_bounty-5BootstrapSecurityethical-hacking, vulnerability-assessment, cybersecurity, bug-bounty-tips, bug-bounty05-Sep-2024
What is WAF? & Secret Techniques to Bypass Ithttps://medium.com/huntersec-security/what-is-waf-secret-techniques-to-bypass-it-2a4de4768131?source=rss------bug_bounty-5Ajay Naikbug-bounty, firewall-security, infosec05-Sep-2024
SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuffhttps://medium.com/@ali.zamini/ssti-in-bug-bounty-program-the-time-i-played-with-handlebars-and-broke-stuff-7dc1f9834a3d?source=rss------bug_bounty-5Ali Zaminibug-hunting, bug-bounty, hacking, web-app-pentesting, ssti05-Sep-2024
Blocking Users from Registrationhttps://medium.com/@patidarbhuwan44/blocking-users-from-registration-e3a584f25e4b?source=rss------bug_bounty-5Bhuwan Patidarbug-bounty, hacking, bug-bounty-tips, web, cybersecurity05-Sep-2024
Uncover Hidden Subdomains with Sublist3r and curl: Boost Your Bug Hunting Successhttps://enigma96.medium.com/uncover-hidden-subdomains-with-sublist3r-and-curl-boost-your-bug-hunting-success-a80b180a9377?source=rss------bug_bounty-5enigmabug-bounty, bug-bounty-tips, penetration-testing, hacking, web-security05-Sep-2024
Find SSRF , LFI , XSS using httpx , waybackurls , gf , gau , qsreplacehttps://medium.com/@SatyamPathania/find-ssrf-lfi-xss-using-httpx-waybackurls-gf-gau-qsreplace-96c4794e404c?source=rss------bug_bounty-5Satyam Pathaniaearn-money-online, cybersecurity, bug-bounty, hacking, money05-Sep-2024
Cybersecurity 101 : Subdomain Scanner ทำงานยังไง ?https://medium.com/@nengapi/cybersecurity-101-subdomain-scanner-%E0%B8%97%E0%B8%B3%E0%B8%87%E0%B8%B2%E0%B8%99%E0%B8%A2%E0%B8%B1%E0%B8%87%E0%B9%84%E0%B8%87-04c9993620ed?source=rss------bug_bounty-5Neng Apichetsubdomain, bug-bounty, subdomain-enumeration, cybersecurity05-Sep-2024
Practical Bug Bounty — TCM Academy | Automated Toolshttps://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-automated-tools-ed177aab16f6?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamiweb-penetration-testing, bug-bounty, penetration-testing, ethical-hacking, cybersecurity05-Sep-2024
Dependency Confusion: A Namespace Takeover Storyhttps://medium.com/@sakshirathore3478/dependency-confusion-a-namespace-takeover-story-fa334533bd50?source=rss------bug_bounty-5Sakshi Rathorebug-bounty-tips, webapplicationpentest, bug-bounty, cybersecurity, bug-bounty-hunter05-Sep-2024
Reflected XSS | US Department of Education Recognitionhttps://codingninjablogs.tech/reflected-xss-us-department-of-education-recognition-270ec27e7f5f?source=rss------bug_bounty-5#$ubh@nk@rvulnerability, bug-bounty, cybersecurity, infosec, hacking05-Sep-2024
My first Bug : Uncovering a Reflected XSS with a Simple Payloadhttps://medium.com/@firdansp/my-first-bug-uncovering-a-reflected-xss-with-a-simple-payload-270b5e3742bb?source=rss------bug_bounty-5Firda Nureliaxs, bug-bounty, bug-bounty-tips, xss-vulnerability, writeup05-Sep-2024
How I Discovered an HTTP Request Smuggling Vulnerability in a Major Web Consolehttps://cyberw1ng.medium.com/how-i-discovered-an-http-request-smuggling-vulnerability-in-a-major-web-console-5188b2b4c539?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, technology, bug-bounty, cybersecurity05-Sep-2024
Hidden Reflected XSS on 403 Page.https://medium.com/@Hacker_Yogi/hidden-reflected-xss-on-403-page-0cbb46683138?source=rss------bug_bounty-5Ruben (Hacker_Yogi)pentesting, bug-bounty-tips, information-security, xss-attack, bug-bounty05-Sep-2024
Broken Authentication Leads to the Ability to Unsubscribe Other Users' Payment Remindershttps://medium.com/@blackarazi/broken-authentication-leads-to-the-ability-to-unsubscribe-other-users-payment-reminders-0fdb1a63edec?source=rss------bug_bounty-5Azhari Harahapbug-bounty, broken-authentication, api-security, application-security, bug-bounty-writeup04-Sep-2024
Ultimate FFUF Cheatsheet: Advanced Fuzzing Tactics for Pro Bug Hunters!https://medium.com/h7w/ultimate-ffuf-cheatsheet-advanced-fuzzing-tactics-for-pro-bug-hunters-492598750150?source=rss------bug_bounty-5Khaleel Khanhacking-tools, bug-bounty, hacking, cybersecurity, infosec04-Sep-2024
dirsearch: Panduan Lengkap untuk Pengumpulan Informasi Web yang Efektif!https://medium.com/@adriansyah1230/dirsearch-panduan-lengkap-untuk-pengumpulan-informasi-web-yang-efektif-c7fdee43b2d4?source=rss------bug_bounty-5Adrian Syah Abidinbug-bounty, cybersecurity, infosec, dirsearch, pentesting04-Sep-2024
Aquatone: Solusi Cerdas untuk Inspeksi Visual Website yang Mendalam!https://medium.com/@adriansyah1230/aquatone-solusi-cerdas-untuk-inspeksi-visual-website-yang-mendalam-68811f0735c7?source=rss------bug_bounty-5Adrian Syah Abidincybersecurity, aquatone, keamanan-informasi, bug-bounty, infosec04-Sep-2024
A Comprehensive Guide to FFUF for Bug Huntershttps://maelstromenigma.medium.com/a-comprehensive-guide-to-ffuf-for-bug-hunters-76942e90f92b?source=rss------bug_bounty-5enigmawebservices-testing, bug-bounty-tips, bug-bounty, bug-hunting, recon04-Sep-2024
Nmap: Pemindai Keamanan Jaringan yang Kuat dan Alat Unggulan untuk Pengumpulan Informasi!https://medium.com/@adriansyah1230/nmap-pemindai-keamanan-jaringan-yang-kuat-dan-alat-unggulan-untuk-pengumpulan-informasi-ce2186eda0d1?source=rss------bug_bounty-5Adrian Syah Abidinnmap-command, cybersecurity, infosec, bug-bounty, nmap04-Sep-2024
Subdomain Enumeration | BBOT ✅>= Subfinder + Sublist3r + Assetfinder + Amasshttps://dkcyberz.medium.com/bbot-subfinder-sublist3r-assetfinder-amass-subdomain-enumeration-c42bbbf76052?source=rss------bug_bounty-5Harpy Hunterbug-bounty, subdomain-takeover, bugbounty-tips, subdomains-enumeration, bugbounty-writeup04-Sep-2024
OWASP Amass: Alat Canggih untuk Pengumpulan Informasi dan Strategi Pemetaan Serangan yang Efektif!https://medium.com/@adriansyah1230/owasp-amass-alat-canggih-untuk-pengumpulan-informasi-dan-strategi-pemetaan-serangan-yang-efektif-7859ad0515ad?source=rss------bug_bounty-5Adrian Syah Abidinmassa, owasp, bug-bounty, pentest, cybersecurity04-Sep-2024
Day 26 of 30 Day — 30 Vulnerabilities | Race Conditionshttps://medium.com/@kumawatabhijeet2002/day-26-of-30-day-30-vulnerabilities-race-conditions-e6b761e006b1?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, bug-bounty, 30dayswritingchallenge, race-condition04-Sep-2024
reNgine: Framework Otomatisasi Terbaik untuk Pengumpulan Informasi dan Pengujian Penetrasi Web!https://medium.com/@adriansyah1230/rengine-framework-otomatisasi-terbaik-untuk-pengumpulan-informasi-dan-pengujian-penetrasi-web-13e338edff02?source=rss------bug_bounty-5Adrian Syah Abidininfosec, bug-bounty, keamanan-informasi, rengine, cybersecurity04-Sep-2024
Exploring the World of `magicRecon`: A Fun Guide to Target Information Gatheringhttps://medium.com/@rootspaghetti/exploring-the-world-of-magicrecon-a-fun-guide-to-target-information-gathering-03a9e2bb7e39?source=rss------bug_bounty-5Root@Spaghetticybersecurity, bug-bounty-tips, hacking, bug-bounty04-Sep-2024
Zomatoooo! IDOR in Saved Paymentshttps://prateeksrivastavaa.medium.com/zomatoooo-idor-in-saved-payments-f8c014879741?source=rss------bug_bounty-5Prateek Srivastavabug-bounty-writeup, bug-bounty, cybersecurity, penetration-testing, bug-bounty-tips04-Sep-2024
Openredirect CSRF SSRF XSS And Sqli vulnerabilityhttps://medium.com/@shadowhackr_87285/openredirect-csrf-ssrf-xss-and-sqli-vulnerability-6a9f3a5662e2?source=rss------bug_bounty-5Shadowhackrxss-attack, cybersecurity, bug-bounty, vulnerability, sql04-Sep-2024
Zero-Day Exploits: An Inconspicuous Dangerhttps://medium.com/@mohanmecktro/zero-day-exploits-an-inconspicuous-danger-7e3ca32c164e?source=rss------bug_bounty-5Mohan Mecktrobug-bounty-tips, cyber, cybersecurity, bug-bounty, hacking04-Sep-2024
Decoding the Enigma: A Deep Dive into the /home/000~ROOT~000/ Directoryhttps://soltanali0.medium.com/decoding-the-enigma-a-deep-dive-into-the-home-000-root-000-directory-3be592f05525?source=rss------bug_bounty-5soltanali0information-security, bug-bounty, directory-listing, security-research, lfi04-Sep-2024
TeamCity Takedown: Breach, Backup, and Break-in.https://medium.com/@josh.beck2006/teamcity-takedown-breach-backup-and-break-in-3ce333b63788?source=rss------bug_bounty-5Josh Beckcybersecurity, bug-bounty, ctf-writeup04-Sep-2024
Advanced Strategies to Defend Against HTTP Request Smuggling: A Deep Divehttps://cyberw1ng.medium.com/advanced-strategies-to-defend-against-http-request-smuggling-a-deep-dive-ba7c0abe911a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, technology, penetration-testing04-Sep-2024
Shodan: Senjata Rahasia Wajib Bagi Peretas dan Peneliti Keamanan untuk Pengumpulan Informasi yang…https://medium.com/@adriansyah1230/shodan-senjata-rahasia-wajib-bagi-peretas-dan-peneliti-keamanan-untuk-pengumpulan-informasi-yang-a3f86dd47eed?source=rss------bug_bounty-5Adrian Syah Abidininfosec, shodan, bug-bounty, hacking, cybersecurity03-Sep-2024
Bug Bounty: Your Guide to Ethical Hacking, Rewards, and the Best Learning Resourceshttps://medium.com/@akatrigger53/bug-bounty-your-guide-to-ethical-hacking-rewards-and-the-best-learning-resources-071c6eb14a27?source=rss------bug_bounty-5Akansh Pandaybug-bounty, hacking, darkweb, cybersecurity03-Sep-2024
How to overcome the pause point in BugBountyhttps://anonysm.medium.com/how-to-overcome-the-pause-point-in-bugbounty-02b849cfcff8?source=rss------bug_bounty-5Muthu Dcybersecurity, bug-bounty, penetration-testing, motivation, hacking03-Sep-2024
DNSDumpster: Eksplorasi Informasi Domain Mendalamhttps://medium.com/@adriansyah1230/dnsdumpster-eksplorasi-informasi-domain-mendalam-d20fa2635596?source=rss------bug_bounty-5Adrian Syah Abidinkeamanan-informasi, cybersecurity, infosec, bug-bounty, dnsdumpster03-Sep-2024
Day 25 of 30 Day — 30 Vulnerabilities | HTTP Request Smugglinghttps://medium.com/@kumawatabhijeet2002/day-25-of-30-day-30-vulnerabilities-http-request-smuggling-722c3f01dbc4?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, http-request-smuggling, bug-bounty-tips, 30dayswritingchallenge03-Sep-2024
How to Bypass Web Application Firewalls (WAFs)https://bootstrapsecurity.medium.com/how-to-bypass-web-application-firewalls-10cec76e8276?source=rss------bug_bounty-5BootstrapSecuritybugbounty-tips, cybersecurity, ethical-hacking, bug-bounty03-Sep-2024
The removed employee can see whether the users he invited to the victim’s Pinterest business…https://rhidayah.medium.com/the-removed-employee-can-see-whether-the-users-he-invited-to-the-victims-pinterest-business-085d2ee8e14e?source=rss------bug_bounty-5Rohmad Hidayahbugcrowd, bug-bounty, pinterest, business-logic-flaw03-Sep-2024
[IDOR] Update another user’s profilehttps://rhidayah.medium.com/idor-update-another-users-profile-79d0158ae60c?source=rss------bug_bounty-5Rohmad Hidayahidor, bug-bounty03-Sep-2024
Pre account takeover via google sign inhttps://rhidayah.medium.com/pre-account-takeover-via-google-sign-in-bb442f4c32a2?source=rss------bug_bounty-5Rohmad Hidayahbug-bounty, account-takeover03-Sep-2024
P3 (Medium) : How I Gain Access To NASA's Internal Workspace?!https://medium.com/@srishavinkumar/p3-medium-how-i-gain-access-to-nasas-internal-workspace-d0896fee563c?source=rss------bug_bounty-5Sri Shavin Kumarbug-bounty, bug-bounty-tips, cybersecurity, technology, programming03-Sep-2024
Improper Authorization via Mass Assignment of Membership Parametershttps://ahmedtamer0.medium.com/improper-authorization-via-mass-assignment-of-membership-parameters-7245925b09f5?source=rss------bug_bounty-5Ahmed Tamerbug-hunting, api, mass-assignment, writeup, bug-bounty03-Sep-2024
How Bypassed KonyLab Code Protectionhttps://medium.com/@xmosb7/how-bypassed-konylab-code-protection-cac53da01ad1?source=rss------bug_bounty-5Mahmoud Mosbahmobilesec, infosec, cybersecurity, cyberattack, bug-bounty03-Sep-2024
Subdomain Enumeration part 1 (Manual & Automation)https://mrunknown124154.medium.com/subdomain-enumeration-part-1-manual-automation-45108388bdb2?source=rss------bug_bounty-5Mr Abdullahsubdomains-enumeration, hacking, bug-bounty, web-hacking, web-penetration-testing03-Sep-2024
API VULNERABILITIEShttps://medium.com/@adithyakrishnav001/api-vulnerabilities-9b68a0bd87a8?source=rss------bug_bounty-5Adithyakrishna Vcybersecurity, hacking, aad1, api-security, bug-bounty03-Sep-2024
HTTP Request Smuggling: The Hidden Web Threat You Need to Know Abouthttps://cyberw1ng.medium.com/http-request-smuggling-the-hidden-web-threat-you-need-to-know-about-71ff45c7f94a?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, cybersecurity, bug-bounty, hacking, careers03-Sep-2024
My First Bounty: How I Exploited a CORS Misconfigurationhttps://anas0x1.medium.com/my-first-bounty-how-i-exploited-a-cors-misconfiguration-bc1f9137b272?source=rss------bug_bounty-5Anas Ibrahimcors, bug-bounty, bug-hunting, hackerone, cybersecurity03-Sep-2024
How I Discovered a Hidden XSS and What I Learnedhttps://medium.com/@issam.qsous/how-i-discovered-a-hidden-xss-and-what-i-learned-9a34995ebbd2?source=rss------bug_bounty-5Essam Qsousweb-development, hacking, penetration-testing, security, bug-bounty03-Sep-2024
The Accidental Discoveryhttps://medium.com/@Kinqdathacker/the-accidental-discovery-8ed6f9622b0c?source=rss------bug_bounty-5Kinqdathackercybersecurity, hacking, technology, web-hacking, bug-bounty02-Sep-2024
Day 23 of 30 Days — 30 Vulnerabilities | JSON Web Token (JWT) Attackshttps://medium.com/@kumawatabhijeet2002/day-23-of-30-days-30-vulnerabilities-json-web-token-jwt-attacks-e77c719fe22d?source=rss------bug_bounty-5Abhijeet kumawatweb, bug-bounty, bug-bounty-tips, 30dayswritingchallenge02-Sep-2024
Advanced Web Application Security Checklisthttps://securitycipher.medium.com/advanced-web-application-security-checklist-6f7ed5917c72?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)cybersecurity, bug-bounty-tips, bug-bounty, technology, security02-Sep-2024
How I Hacked into Yamaha using CVE 2017-5487https://medium.com/@josuofficial327/how-i-found-an-easy-cve-in-yamaha-964366a34b59?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binucybersecurity, bug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-tips02-Sep-2024
[Specially Customized] TECNO Security 3rd Anniversary Bug Hunting Competition!https://medium.com/@security.tecno/specially-customized-tecno-security-3rd-anniversary-bug-hunting-competition-8a4e6501e91e?source=rss------bug_bounty-5TECNO Securitybug-bounty, bounty-program, hacking, hunting02-Sep-2024
Hunting JavaScript Files for Bug Huntershttps://bevijaygupta.medium.com/hunting-javascript-files-for-bug-hunters-7355df2215ec?source=rss------bug_bounty-5Vijay Guptahunting, javascript, bugs, bug-bounty, bug-hunting02-Sep-2024
A Story About How i Found CVE-2020–27838 in TVH responsible disclosurehttps://medium.com/@karthithehacker/a-story-about-how-i-found-cve-2020-27838-in-tvh-responsible-disclosure-16946f8f8faf?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, cybersecurity, infosec, web-security02-Sep-2024
Advanced Web Application Security Checklisthttps://infosecwriteups.com/advanced-web-application-security-checklist-6f7ed5917c72?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)cybersecurity, bug-bounty-tips, bug-bounty, technology, security02-Sep-2024
Business logic / Failed defense Vulnerability in bug bountyhttps://itsravikiran25.medium.com/business-logic-failed-defense-vulnerability-in-bug-bounty-4ab932a1a200?source=rss------bug_bounty-5Ravikiranbug-bounty-writeup, cybersecurity, penetration-testing, bug-bounty, hacking02-Sep-2024
A Story About How i Found CVE-2020–27838 in TVH responsible disclosurehttps://infosecwriteups.com/a-story-about-how-i-found-cve-2020-27838-in-tvh-responsible-disclosure-16946f8f8faf?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, cybersecurity, infosec, web-security02-Sep-2024
HTML Form Injection Vulnerability in Gmailhttps://medium.com/@h4x0r_dz/html-form-injection-vulnerability-in-gmail-152a01f6d423?source=rss------bug_bounty-5h4x0r_dzgoogle, web, bug-bounty, vulnerability, security02-Sep-2024
Easy 500$ Bounty with Host Header Injection By Ramthullahttps://skramthu.medium.com/easy-500-bounty-with-host-header-injection-by-ramthulla-bb556ebd4c46?source=rss------bug_bounty-5Raminfosec-write-ups, bounty-program, hackerone, bug-bounty, bugbounty-writeup02-Sep-2024
Pentesting vs Bug Bounty: Apa Perbedaannya dan Bagaimana Tahapannya?https://medium.com/@adriansyah1230/pentesting-vs-bug-bounty-apa-perbedaannya-dan-bagaimana-tahapannya-182cc05a2721?source=rss------bug_bounty-5Adrian Syah Abidinhacking, bug-bounty, pentesting, cybersecurity02-Sep-2024
How to Automate Subdomain Takeover Finding: Low Hang Fruit…https://dkcyberz.medium.com/how-to-automate-subdomain-takeover-finding-low-hang-fruit-5733f2794df1?source=rss------bug_bounty-5Harpy Hunterbug-bounty-tips, how-to-takeover-s3-bucket, bug-bounty, bug-bounty-writeup, subdomain-takeover02-Sep-2024
Secure your Instagram Account Today, Or be a victim.https://mayur-jadhav.medium.com/secure-your-instagram-account-today-or-be-a-victim-9f476937a5e2?source=rss------bug_bounty-5Mayur Jadhavbug-bounty, social-media, hacking, cybersecurity02-Sep-2024
26.18 Lab: Web cache poisoning via HTTP/2 request tunnellinghttps://cyberw1ng.medium.com/26-18-lab-web-cache-poisoning-via-http-2-request-tunnelling-72abd219dc68?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, technology, careers, hacking, bug-bounty02-Sep-2024
SSRF via DNS Rebinding That Leads to Several Clouds Access (Arabic)https://medium.com/@Berserker1337/ssrf-via-dns-rebinding-that-leads-to-several-clouds-access-arabic-db9f9a9c530c?source=rss------bug_bounty-5Berserkerbug-bounty, infosec02-Sep-2024
Lessons Learned #1: One line of code can make your application vulnerable (Pre-Auth RCE in Metabase…https://medium.com/appsec-untangled/lessons-learned-1-one-line-of-code-can-make-your-application-vulnerable-pre-auth-rce-in-metabase-a8579ca0102d?source=rss------bug_bounty-5Mohamed AboElKheirthreat-modeling, vulnerability, bug-bounty, application-security, cybersecurity02-Sep-2024
Insider Secrets to Earning $100 to $250 in Bug Bountieshttps://medium.com/@ajaynaikhack/insider-secrets-to-earning-100-to-250-in-bug-bounties-9dd6adb2a304?source=rss------bug_bounty-5Ajay Naikcybersecurity, bug-bounty02-Sep-2024
The Wild World of Path Traversal: Sneaking Around the Web’s Dark Cornershttps://cluelesszay.medium.com/the-wild-world-of-path-traversal-sneaking-around-the-webs-dark-corners-088f5522e371?source=rss------bug_bounty-5zaythecluelessdevpath-traversal, web-security, cybersecurity, bug-bounty, ethical-hacking01-Sep-2024
Race condition to bypass email verify, part #2https://siratsami71.medium.com/race-condition-to-bypass-email-verify-part-2-5efca002cf24?source=rss------bug_bounty-5Sirat Sami (analyz3r)bug-bounty-tips, cybersecurity, bugbounty-writeup, bug-bounty01-Sep-2024
How I found exif metdata leak and earned small bountyhttps://medium.com/@deepk007/how-i-found-exif-metdata-leak-and-earned-small-bounty-34c93de2fa2e?source=rss------bug_bounty-5DEepbug-bounty, ethical-hacking, hacking, bug-bounty-tips, cybersecurity01-Sep-2024
Advanced Techniques for Exploiting SSRF Vulnerabilitieshttps://bootstrapsecurity.medium.com/advanced-techniques-for-exploiting-ssrf-vulnerabilities-9996cade3a64?source=rss------bug_bounty-5BootstrapSecuritybug-bounty-tips, bug-bounty-hunter, cybersecurity, ethical-hacking, bug-bounty01-Sep-2024
Port Scanning for Bug Bountieshttps://bevijaygupta.medium.com/port-scanning-for-bug-bounties-1b660ea41483?source=rss------bug_bounty-5Vijay Guptabug-fixes, port-scanning, bugs, bug-bounty, bug-bounty-tips01-Sep-2024
Subdomain Discovery Toolhttps://medium.com/@World-Breaker/subdomain-discovery-tool-7403e38a760f?source=rss------bug_bounty-5usu@rioZ3r0python, enum, enumeration, subdomain, bug-bounty01-Sep-2024
OWASP A05 :Security Misconfigurationhttps://medium.com/@shivamsharma.ss484/owasp-a05-security-misconfiguration-10518396c757?source=rss------bug_bounty-5Shivamsharmaowasp, owasp-top-10, cybersecurity, bug-bounty, oscp01-Sep-2024
A Story About How I Found XSS in ASUShttps://infosecwriteups.com/a-story-about-how-i-found-xss-in-asus-cb233ce3bb9c?source=rss------bug_bounty-5Karthikeyan.Vbugbounty-tips, infosec, bugbounty-writeup, bug-bounty, bugbounty-poc01-Sep-2024
# 5 Install OWASP Juice Shop on Kali Linux — Guide for Burp Suitehttps://securitycipher.medium.com/5-install-owasp-juice-shop-on-kali-linux-guide-for-burp-suite-6b31c1ece398?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)bug-bounty-tips, security, technology, cybersecurity, bug-bounty01-Sep-2024
How I found My first P1 Bug which ended up ….$?https://medium.com/@yashsomalkar/how-i-found-my-first-p1-bug-which-ended-up-5e6cffdbb066?source=rss------bug_bounty-5Yashsomalkarbugbounty-writeup, bugbounty-poc, aws, bug-bounty, cybersecurity01-Sep-2024
How I Got $250 For My Second Bug In HackerOnehttps://medium.com/@likithteki76/how-i-got-250-for-my-second-bug-in-hackerone-35c75cbd84bd?source=rss------bug_bounty-5Likith Tekihackerone, bug-bounty, bug-bounty-tips, bug-hunting, bugbounty-writeup01-Sep-2024
26.18 Lab: Bypassing access controls via HTTP/2 request tunnelinghttps://cyberw1ng.medium.com/26-18-lab-bypassing-access-controls-via-http-2-request-tunneling-f92ae50661bc?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, bug-bounty, cybersecurity, careers01-Sep-2024
How I found My first P1 Bug which ended up ….$?https://medium.com/@yashsomalkar/how-i-found-my-first-p1-bug-which-ended-up-5e6cffdbb066?source=rss------bug_bounty-5Rudrakshackerbugbounty-writeup, bugbounty-poc, aws, bug-bounty, cybersecurity01-Sep-2024
How I Got $250 For My Second Bug on HackerOnehttps://medium.com/@likithteki76/how-i-got-250-for-my-second-bug-in-hackerone-35c75cbd84bd?source=rss------bug_bounty-5Likith Tekihackerone, bug-bounty, bug-bounty-tips, bug-hunting, bugbounty-writeup01-Sep-2024
26.17 Lab: Exploiting HTTP request smuggling to perform web cache deceptionhttps://cyberw1ng.medium.com/26-17-lab-exploiting-http-request-smuggling-to-perform-web-cache-deception-69a6e9654b7e?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, careers, bug-bounty, cybersecurity31-Aug-2024
All You Need to know About Broken Authentication and Session Managementhttps://medium.com/@ahmed.hilal/all-you-need-to-know-about-broken-authentication-and-session-management-26920f100714?source=rss------bug_bounty-5X0_AhMeD_0Xbug-bounty, pentesting, cybersecurity, bugs, vulnerability31-Aug-2024
DEPENDENCY CONFUSION CAN LEAD TO P5 OR P2 BASED ON LUCKhttps://medium.com/@anonymousshetty2003/dependency-confusion-can-lead-to-p5-or-p2-based-on-luck-64a5b94b80c1?source=rss------bug_bounty-5Anonymousshettyhacking, dependency-confusion, cybersecurity, bug-bounty31-Aug-2024
“Boost Your Productivity: Essential Tips for Organizing Your Work as a Bug Bounty Hunter”https://medium.com/@mahdisalhi0500/boost-your-productivity-essential-tips-for-organizing-your-work-as-a-bug-bounty-hunter-8de1517dc6a4?source=rss------bug_bounty-5Mahdisalhibug-bounty, bug-bounty-tips, ethical-hacking, infosec, hacking31-Aug-2024
HOW I GOT ACCESS TO ACCOUNT BY OTP BYPASShttps://medium.com/@anonymousshetty2003/how-i-got-access-to-account-by-otp-bypass-c49eb0490744?source=rss------bug_bounty-5Anonymousshettycybersecurity, hacking, bug-bounty, otp-bypass31-Aug-2024
Bug bounty Hunting 101https://medium.com/@sys_br3ach3r/bug-bounty-hunting-101-7d2258a3b21d?source=rss------bug_bounty-5sys_br3ach3rbug-bounty-tips, bug-bounty31-Aug-2024
OTP bypass through the Response manipulationhttps://itsravikiran25.medium.com/otp-bypass-through-the-response-manipulation-4f25ab36f60b?source=rss------bug_bounty-5Ravikirancybersecurity, bugbounty-writeup, bug-bounty, hacking, otp-bypass31-Aug-2024
The Discovery of CVE-2024–5947: Authentication Bypass in Deep Sea Electronics DSE855https://medium.com/@karthithehacker/the-discovery-of-cve-2024-5947-authentication-bypass-in-deep-sea-electronics-dse855-5fa2e89cbdfb?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, infosec, information-security, bugbounty-tips, bugbounty-writeup31-Aug-2024
Using Default Credential to Admin Account Takeoverhttps://ch4ndan.medium.com/using-default-credential-to-admin-account-takeover-04c557e67969?source=rss------bug_bounty-5Ch4ndan dasbugs, bug-bounty-tips, hacking, bug-bounty, cybersecurity31-Aug-2024
How to Take Over a Subdomain Through S3 Bucket Takeover…https://dkcyberz.medium.com/how-to-take-over-a-subdomain-through-s3-bucket-takeover-a53238499b81?source=rss------bug_bounty-5Harpy Hunterbug-bounty, bug-hunting, hackerone, s3-bucket, subdomain-takeover31-Aug-2024
How to Get Started in Bug Bounty Hunting: A Comprehensive Beginner’s Guidehttps://shubhdhungana.medium.com/how-to-get-started-in-bug-bounty-hunting-a-comprehensive-beginners-guide-4cdaf3dcd910?source=rss------bug_bounty-5Subh Dhunganabug-bounty, cybersecurity, hacking, hackerone, infosec31-Aug-2024
Most Asked Questions from Cybersecurity Beginners with Answershttps://medium.com/@cham3leon/most-asked-questions-from-cybersecurity-beginners-with-answers-91b7c680e967?source=rss------bug_bounty-5cham3leonfaq, cybersecurity, guides-and-tutorials, pentesting, bug-bounty31-Aug-2024
The Discovery of CVE-2024–5947: Authentication Bypass in Deep Sea Electronics DSE855https://infosecwriteups.com/the-discovery-of-cve-2024-5947-authentication-bypass-in-deep-sea-electronics-dse855-5fa2e89cbdfb?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, infosec, information-security, bugbounty-tips, bugbounty-writeup31-Aug-2024
Bypassing CSP via URL Parser Confusions : XSS on Netlify’s Image CDNhttps://sudhanshur705.medium.com/bypassing-csp-via-url-parser-confusions-xss-on-netlifys-image-cdn-755a27065fd9?source=rss------bug_bounty-5Sudhanshu Rajbharbug-bounty, csp, xss-attack31-Aug-2024
Parameter tampering result in product price manipulationhttps://medium.com/@RaunakGupta1922/parameter-tampering-result-in-product-price-manipulation-356c07a571e5?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitbusiness, cybersecurity, hacking, college, bug-bounty31-Aug-2024
IIS welcome page to source code review to LFI!https://medium.com/@omarahmed_13016/iis-welcome-page-to-source-code-review-to-lfi-23ec581049f5?source=rss------bug_bounty-5Omar Ahmedbug-bounty, hackerone, application-security, bug-bounty-tips31-Aug-2024
How to Get Started in Bug Bounty Hunting: A Comprehensive Beginner’s Guidehttps://infosecwriteups.com/how-to-get-started-in-bug-bounty-hunting-a-comprehensive-beginners-guide-4cdaf3dcd910?source=rss------bug_bounty-5Subh Dhunganabug-bounty, cybersecurity, hacking, hackerone, infosec31-Aug-2024
From Reset to Takeover: The Exploitation Potential of IDOR in Password Recovery Systemshttps://medium.com/@tusharpuri6/from-reset-to-takeover-the-exploitation-potential-of-idor-in-password-recovery-systems-5d1b6f53530a?source=rss------bug_bounty-5Tusharpuribug-bounty, application-security, penetration-testing, offensive-security, authentication31-Aug-2024
How to find webcams using the Google Dorking.https://bob218.medium.com/how-to-find-webcams-using-the-google-dorking-4c7b491fa856?source=rss------bug_bounty-5bob218hacking, bug-bounty, osint, cybersecurity, google-dork31-Aug-2024
How Attackers Sneak in Hidden Requests and What You Can Do About Ithttps://cyberw1ng.medium.com/how-attackers-sneak-in-hidden-requests-and-what-you-can-do-about-it-cc085f245b4e?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing31-Aug-2024
Day 23 of 30 Days — 30 Vulnerabilities | JSON Web Token (JWT) Attackshttps://medium.com/@kumawatabhijeet2002/day-23-of-30-days-30-vulnerabilities-json-web-token-jwt-attacks-d9509595ebd8?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, bug-bounty, jwt-token, jwt-authentication, 30dayswritingchallenge30-Aug-2024
New trick to make self xss impactfulhttps://medium.com/@Rahulkrishnan_R_Panicker/new-trick-to-make-self-xss-impactful-073d52a07d4f?source=rss------bug_bounty-5Rahulkrishnan R Panickerbug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty, xss-attack30-Aug-2024
How to install dnsReaper and use of dnsReaperhttps://medium.com/@sherlock297/how-to-install-dnsreaper-and-use-of-dnsreaper-bc69d66d8c08?source=rss------bug_bounty-5Ravindra Dagalednsreaper, tools, bug-bounty, how-to, subdomain-takeover30-Aug-2024
Google Dorkshttps://medium.com/@twinkspap/google-dorks-c83abf0918ef?source=rss------bug_bounty-5twinksbug-bounty, google-dork, learning, skills, cybersecurity30-Aug-2024
Top 100Vulnerabilities: Identifying and Addressing Security Riskshttps://medium.com/@0xvan/top-100vulnerabilities-identifying-and-addressing-security-risks-bce861b5fa31?source=rss------bug_bounty-50xvanbug-bounty-tips, security, cybersecurity, bug-bounty, web-security30-Aug-2024
./Fingerprinting Web Technologieshttps://gauravdavre.medium.com/fingerprinting-web-technologies-fde6631f9ef7?source=rss------bug_bounty-5Gaurav Davrebug-bounty, cybersecurity, open-source-intelligence, reconnaissance, web-technology30-Aug-2024
26.16 Lab: Exploiting HTTP request smuggling to perform web cache poisoninghttps://cyberw1ng.medium.com/26-16-lab-exploiting-http-request-smuggling-to-perform-web-cache-poisoning-fa35ac4fdf4c?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, bug-bounty, careers, cybersecurity30-Aug-2024
Unlock Hidden Web Vulnerabilities: Advanced ParamSpider Tactics Every Hacker Must Know!https://systemweakness.com/unlock-hidden-web-vulnerabilities-advanced-paramspider-tactics-every-hacker-must-know-62487db3e8c8?source=rss------bug_bounty-5Khaleel Khanpenetration-testing, bug-bounty, hacking, infosec, cybersecurity30-Aug-2024
The Easiest Bug For Beginnershttps://medium.com/@josuofficial327/the-easiest-bug-for-beginners-491986cbc53c?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty-hunter, cybersecurity, ethical-hacking, hacking, bug-bounty30-Aug-2024
The Hunt for XXE to LFI: How I Uncovered CVE-2019–9670 in a Bug Bounty Programhttps://medium.com/@karthithehacker/the-hunt-for-xxe-to-lfi-how-i-uncovered-cve-2019-9670-in-a-bug-bounty-program-5668e4afa806?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, information-security, infosec, bugbounty-writeup, bug-bounty-tips30-Aug-2024
When Giving Out Cheap Hotel Deals Go Wrong:https://medium.com/@ralph.andalis92/when-giving-out-cheap-hotel-deals-go-wrong-bfea34fa3cde?source=rss------bug_bounty-5Ralph Andalisbug-bounty-tips, pentesting, bug-bounty, web-application-security, web-security30-Aug-2024
My Five Minute Critical Vulnerability Discovery on Hackeronehttps://medium.com/@0xvan/my-five-minute-critical-vulnerability-discovery-on-hackerone-067258333c80?source=rss------bug_bounty-50xvanbug-bounty-writeup, bug-bounty-tips, ethical-hacking, pentesting, bug-bounty30-Aug-2024
DVWA Cheat Sheet (Low & Medium)https://medium.com/@loaysalah276/dvwa-cheat-sheet-low-medium-c7490e76f1b5?source=rss------bug_bounty-5Loay Salahbug-bounty, cybersecurity, penetration-testing, owasp-top-10, dvwa30-Aug-2024
Understanding Bugcrowd’s Vulnerability Rating Taxonomy (VRT):https://medium.com/@js8971105/understanding-bugcrowds-vulnerability-rating-taxonomy-vrt-d5bc946443b5?source=rss------bug_bounty-5jatin singhbug-bounty, web-security, hacking, vrt, web30-Aug-2024
Top 100 Vulnerabilities: Identifying and Addressing Security Riskshttps://medium.com/@0xvan/top-100vulnerabilities-identifying-and-addressing-security-risks-bce861b5fa31?source=rss------bug_bounty-50xvanbug-bounty-tips, security, cybersecurity, bug-bounty, web-security30-Aug-2024
Subdomain Analysis for Bug Bounty Hunting: A Comprehensive Guidehttps://bughunteralltime.medium.com/subdomain-analysis-for-bug-bounty-hunting-a-comprehensive-guide-920e33a59a91?source=rss------bug_bounty-5Bug_Hunter_All_Timebug-bounty30-Aug-2024
How to Hunt for Sensitive Directories in Bug Bounty Huntinghttps://bughunteralltime.medium.com/how-to-hunt-for-sensitive-directories-in-bug-bounty-hunting-f61a7f61d8fb?source=rss------bug_bounty-5Bug_Hunter_All_Timebug-bounty-tips, bug-bounty, hacking30-Aug-2024
How to Map Out a Target for Bug Bounty Huntinghttps://bughunteralltime.medium.com/how-to-map-out-a-target-for-bug-bounty-hunting-acea0ed59783?source=rss------bug_bounty-5Bug_Hunter_All_Timebug-bounty-tips, bug-bounty, hacking, bugs30-Aug-2024
How To FindWeb Technology Identification for Effective Bug Bounty Huntinghttps://bughunteralltime.medium.com/how-to-findweb-technology-identification-for-effective-bug-bounty-hunting-a0f57c80b67b?source=rss------bug_bounty-5Bug_Hunter_All_Timehacking, bug-bounty-tips, bug-bounty, bug-fixes, web-development30-Aug-2024
Interview joke 2: Application Security (Prod.https://medium.com/@kannnannmk/interview-joke-2-application-security-prod-7a0c4c6cdd1a?source=rss------bug_bounty-5Neelamegha Kannan Sbug-bounty, application-security, code-review, pentesting, bug-bounty-tips30-Aug-2024
Easy Subdomain Enumeration Tools & Commandshttps://medium.com/@josuofficial327/easy-subdomain-enumeration-tools-commands-5f8a8fe0f3a0?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binucybersecurity, ethical-hacking, bug-bounty-tips, bug-hunting, bug-bounty30-Aug-2024
Interview joke 1: Application Security (Prod.https://medium.com/@kannnannmk/application-security-prod-3868c0b8cb64?source=rss------bug_bounty-5Neelamegha Kannan Sbug-bounty-tips, interview, bug-bounty, web-security, application-security30-Aug-2024
OWASP A04:2021 INSECURE DESIGNhttps://medium.com/@shivamsharma.ss484/owasp-a04-2021-insecure-design-34ef11e83e6f?source=rss------bug_bounty-5Shivamsharmaowasp, owasp-top-10, bug-bounty, hacking, cybersecurity30-Aug-2024
A Comprehensive AI Security Model for Penetration Testing leverages advanced AI techniques to…https://medium.com/@ajaynaik_16635/a-comprehensive-ai-security-model-for-penetration-testing-leverages-advanced-ai-techniques-to-9caa4febfc21?source=rss------bug_bounty-5Ajay Naikbug-bounty-tips, bug-bounty, ai-security, ethical-hacking30-Aug-2024
Bad Effect Of Bug In Domain.https://medium.com/@nazmulhasan017191/bad-effect-of-bug-in-domain-e0cfd62cb3bc?source=rss------bug_bounty-5Nazmul Hasantechnical-analysis, information-security, cybersecurity, bug-hunting, bug-bounty30-Aug-2024
How to Find Clickjacking Vulnerabilities Using the Command Line in Kali Linuxhttps://bughunteralltime.medium.com/how-to-find-clickjacking-vulnerabilities-using-the-command-line-in-kali-linux-a07cc64437f3?source=rss------bug_bounty-5Bug_Hunter_All_Timebug-bounty-tips, hacking, bugs, bug-bounty30-Aug-2024
Understanding Log Stealer and Its Role in Security Testing — Part 1https://medium.com/haktrak-cybersecurity-squad/understanding-log-stealer-and-its-role-in-security-testing-part-1-5f2223b47847?source=rss------bug_bounty-5YoKo Khosecurity-testing, stealer-logs, stealer-malware, broken-access-control, bug-bounty30-Aug-2024
Understanding Stealer Logs and Its Role in Security Testing — Part 1https://medium.com/haktrak-cybersecurity-squad/understanding-log-stealer-and-its-role-in-security-testing-part-1-5f2223b47847?source=rss------bug_bounty-5YoKo Khostealer-logs, stealer-malware, red-team, broken-access-control, bug-bounty30-Aug-2024
A Comprehensive AI Security Model for Penetration Testing leverages advanced AI techniques to…https://medium.com/@ajaynaikhack/a-comprehensive-ai-security-model-for-penetration-testing-leverages-advanced-ai-techniques-to-9caa4febfc21?source=rss------bug_bounty-5Ajay Naikbug-bounty-tips, bug-bounty, ai-security, ethical-hacking30-Aug-2024
Overview CVE-2024–38063 is a critical zero-click remote code execution (RCE) vulnerability…https://medium.com/@ajaynaikhack/overview-cve-2024-38063-is-a-critical-zero-click-remote-code-execution-rce-vulnerability-9be862382548?source=rss------bug_bounty-5Ajay Naikhacking, bug-bounty, cve, network-security, windows30-Aug-2024
Day 22 of 30 Days — 30 Vulnerabilities | Business Logic Flawshttps://medium.com/@kumawatabhijeet2002/day-22-of-30-days-30-vulnerabilities-business-logic-flaws-734c2f4b0575?source=rss------bug_bounty-5Abhijeet kumawatbusiness-logic, bug-bounty-tips, business-logic-flaw, 30dayswritingchallenge, bug-bounty29-Aug-2024
Part -2: Uncovering a Critical Parameter Tampering Vulnerability on a Major OTT Platformhttps://medium.com/@sulmanfarooq531/uncovering-a-critical-parameter-tampering-vulnerability-on-a-major-ott-platform-e3342cd3437c?source=rss------bug_bounty-5Sulman Farooq Scybersecurity, bug-bounty, http-parameter-pollution, ethical-hacking, ott29-Aug-2024
How Hackers Use Cross-Site Scripting to Break Through Web Application Firewalls!https://theshaco.com/how-hackers-use-cross-site-scripting-to-break-through-web-application-firewalls-ab101f1778a1?source=rss------bug_bounty-5Khaleel Khanweb-development, cybersecurity, infosec, hacking, bug-bounty29-Aug-2024
Practical Bug Bounty — TCM Academy | Module 8 pt.3 (SSTI, XXE, Insecure File Uploads)https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-8-pt-3-ssti-xxe-insecure-file-uploads-1ed7056ea0c7?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamibug-bounty, web-penetration-testing, cybersecurity, ethical-hacking, tcm-academy29-Aug-2024
Part 2 — How I Found Vulnerabilities in NASA and Got into the Hall of Fame — 4 Bugs | Karthikeyan…https://systemweakness.com/part-2-how-i-found-vulnerabilities-in-nasa-and-got-into-the-hall-of-fame-4-bugs-karthikeyan-79c3ec17a336?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, cybersecurity, hacking, bug-bounty29-Aug-2024
Disable Any Customer Ability To Create Service Account With Business Logic Vulnerabilityhttps://medium.com/@bilalresearcher/disable-any-customer-ability-to-create-service-account-with-business-logic-vulnerability-05ab37901a4a?source=rss------bug_bounty-5Bilal Researcherhacking, bug-bounty-writeup, cybersecurity, bug-bounty, bugbounty-writeup29-Aug-2024
Reflected XSS To Account Takeover Without Stealing Session Cookiehttps://medium.com/@bilalresearcher/reflected-xss-to-account-takeover-without-stealing-session-cookie-413e522aac40?source=rss------bug_bounty-5Bilal Researcherhacking, bug-bounty-writeup, bug-bounty, bugbounty-writeup, cybersecurity29-Aug-2024
Detecting Blind Injection Attacks with Discord Webhookshttps://medium.com/@bilalresearcher/detecting-blind-injection-attacks-with-discord-webhooks-9a9d3b566bf1?source=rss------bug_bounty-5Bilal Researcherhacking, cybersecurity, bugbounty-writeup, bug-bounty, bug-bounty-writeup29-Aug-2024
A Beautiful Bug: Interesting URL scheme bypass + Race Conditionhttps://medium.com/@bilalresearcher/a-beautiful-bug-interesting-url-scheme-bypass-race-condition-e8ff79361740?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bugbounty-writeup, hacking, cybersecurity, bug-bounty-writeup29-Aug-2024
Stored XSS to Account Takeover (AWS Cognito)https://medium.com/@bilalresearcher/stored-xss-to-account-takeover-aws-cognito-bd29d241e5d1?source=rss------bug_bounty-5Bilal Researcherxss-vulnerability, bug-bounty-tips, bugbounty-writeup, cybersecurity, bug-bounty29-Aug-2024
My Journey to the United Nations Hall of Fame: A Story of Lucky Mehttps://medium.com/@siddharth_1/my-journey-to-the-united-nations-hall-of-fame-a-story-of-lucky-me-d489d93bd363?source=rss------bug_bounty-5Siddharthcybersecurity, united-nations, vulnerability, bug-bounty, bug-bounty-writeup29-Aug-2024
XSS Web Application Firewall Bypass Techniqueshttps://medium.com/@bilalresearcher/xss-web-application-firewall-bypass-techniques-e10476b5fa72?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-writeup, hacking, bugbounty-writeup, cybersecurity29-Aug-2024
OAuth CSRF: Exploiting the Authorization Code Flow for Account Takeoverhttps://medium.com/@bilalresearcher/oauth-csrf-exploiting-the-authorization-code-flow-for-account-takeover-b1e3790416b7?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bugbounty-writeup, cybersecurity, hacking, bug-bounty-writeup29-Aug-2024
Two Factor Authentication Bypass via using Victim’s DeviceIDhttps://medium.com/@bilalresearcher/two-factor-authentication-bypass-via-using-victims-deviceid-1fc10bfe95c9?source=rss------bug_bounty-5Bilal Researcherhacking, bugbounty-writeup, bug-bounty-writeup, bug-bounty, cybersecurity29-Aug-2024
Bypassed an Admin Panel Using SQL Payloadshttps://medium.com/@bilalresearcher/bypassed-an-admin-panel-using-sql-payloads-572574b41d1c?source=rss------bug_bounty-5Bilal Researcherbug-bounty, hacking, cybersecurity, bug-bounty-writeup, bugbounty-writeup29-Aug-2024
Hunting JavaScript File for Bug Huntershttps://medium.com/@bilalresearcher/hunting-javascript-file-for-bug-hunters-ae4af0479a9c?source=rss------bug_bounty-5Bilal Researchercybersecurity, bugbounty-writeup, hacking, bug-bounty, bug-bounty-writeup29-Aug-2024
Common 403 Bypasses Part 2https://medium.com/@bilalresearcher/common-403-bypasses-part-2-80fd094a86fe?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, hacking, bug-bounty, cybersecurity, bug-bounty-writeup29-Aug-2024
Common 403 Bypasses Part 1https://medium.com/@bilalresearcher/common-403-bypasses-part-1-a693a8413108?source=rss------bug_bounty-5Bilal Researchercybersecurity, bugbounty-writeup, bug-bounty-writeup, bug-bounty, hacking29-Aug-2024
Advanced SQLMap Customizationhttps://medium.com/@bilalresearcher/advanced-sqlmap-customization-34d04b6c0984?source=rss------bug_bounty-5Bilal Researchercybersecurity, hacking, bug-bounty, bug-bounty-writeup, bugbounty-writeup29-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-91)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-91-bcac49fd0f29?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, cybersecurity, money, bug-bounty, hacking28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-90)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-90-0f7e5ae09f8c?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, hacking, ethical-hacking, money28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-89)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-89-f7771af9355f?source=rss------bug_bounty-5Mehedi Hasan Rafidmoney, bug-bounty, hacking, cybersecurity, ethical-hacking28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-88)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-88-5fba54f61fd0?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, money, hacking, cybersecurity, ethical-hacking28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-87)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-87-d78ff97837fd?source=rss------bug_bounty-5Mehedi Hasan Rafidmoney, hacking, cybersecurity, ethical-hacking, bug-bounty28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-86)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-86-dfcf154a34d3?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, cybersecurity, money, bug-bounty, ethical-hacking28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-85)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-85-46305e104b6f?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, ethical-hacking, cybersecurity, bug-bounty, money28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-84)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-84-d3a454db9673?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, money, cybersecurity, hacking28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-83)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-83-45728838a32c?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, hacking, bug-bounty, cybersecurity, money28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-82)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-82-8c89ec5c5ef7?source=rss------bug_bounty-5Mehedi Hasan Rafidmoney, bug-bounty, hacking, cybersecurity, ethical-hacking28-Aug-2024
Day 21 of 30 Days — 30 Vulnerabilities | OAuth Misconfigurationshttps://medium.com/@kumawatabhijeet2002/day-21-of-30-days-30-vulnerabilities-oauth-misconfigurations-693c16cf5476?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, web-security-testing, bug-bounty-tips, 30dayswritingchallenge, oauth28-Aug-2024
How to Scan a Range of IP Addresses with Nmaphttps://medium.com/@sherlock297/how-to-scan-a-range-of-ip-addresses-with-nmap-d802dc168846?source=rss------bug_bounty-5Ravindra Dagaletools, nmap, information-technology, bug-bounty, security28-Aug-2024
The Secret to Finding Anyone’s Digital Footprint: Master OSINT in 7 Easy Steps!https://medium.com/@paritoshblogs/the-secret-to-finding-anyones-digital-footprint-master-osint-in-7-easy-steps-bd278a058c73?source=rss------bug_bounty-5Paritoshinformation-technology, cybersecurity, osint, hacking, bug-bounty28-Aug-2024
Exploiting Second-Order IDOR Vulnerabilitieshttps://medium.com/@bountyget/exploiting-second-order-idor-vulnerabilities-6d2554eb1319?source=rss------bug_bounty-5Dhiren Kumar Pradhanbug-bounty, infosec, information-security, bug-bounty-tips, bug-bounty-writeup28-Aug-2024
Exploiting IDORs in APIs That Use Static Keywordshttps://medium.com/@bountyget/exploiting-idors-in-apis-that-use-static-keywords-f94b7797634a?source=rss------bug_bounty-5Dhiren Kumar Pradhaninformation-security, bug-bounty-writeup, bug-bounty-tips, infosec, bug-bounty28-Aug-2024
IDOR : Deleting Comments Like a Boss!https://medium.com/@tanyago/idor-deleting-comments-like-a-boss-0413a375024f?source=rss------bug_bounty-5Tanya Goyalbug-bounty, bug-bounty-tips, bug-bounty-writeup, idor, bug-hunting28-Aug-2024
25.7 Lab: Password reset poisoning via dangling markuphttps://cyberw1ng.medium.com/25-7-lab-password-reset-poisoning-via-dangling-markup-cee4cc5a20f3?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing28-Aug-2024
The Ultimate List of Browser Extensions for Bug Bounty Huntershttps://medium.com/@k4r7hx/the-ultimate-list-of-browser-extensions-for-bug-bounty-hunters-5e349437e063?source=rss------bug_bounty-5Karthikeyanextension, ethical-hacking, bug-bounty, penetration-testing, web28-Aug-2024
How important Cookies can be?https://medium.com/@alireza.razaghzadegan1999/how-important-cookies-can-be-86c7a3fdd790?source=rss------bug_bounty-5Alireza Razaghzadegantechnology, website, bug-bounty, security28-Aug-2024
Blind Command Injection Leads to Nothing!!https://medium.com/@kush.kira/blind-command-injection-leads-to-nothing-ea56f6662a58?source=rss------bug_bounty-5Kiraos-command-injection, command-injection, ssrf, bug-bounty, hacking28-Aug-2024
OTP Bypassing with Response Manipulationhttps://medium.com/@sahilkushwaha275/otp-bypassing-with-response-manipulation-238498b02737?source=rss------bug_bounty-5S33NUbug-hunting, cybersecurity, hacking, pentesting, bug-bounty28-Aug-2024
Dramatic Surge in Password-Stealing Attacks Targeting Amazon, Facebook, and Google Usershttps://medium.com/@realahmedmoses/dramatic-surge-in-password-stealing-attacks-targeting-amazon-facebook-and-google-users-011f6bd3315a?source=rss------bug_bounty-5Moses Ahmedtechnology, coding, bug-bounty, cybersecurity, programming28-Aug-2024
How To Get Stored Xss & RCE Using Bypass Signature & Extension Via File Upload |_|https://medium.com/@bilalresearcher/how-to-get-stored-xss-rce-using-bypass-signature-extension-via-file-upload-9b3e8d9348cd?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bugbounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips27-Aug-2024
Find Blind XSS like a pro.https://medium.com/@bilalresearcher/find-blind-xss-like-a-pro-ddc9ef8d5e89?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, bug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips27-Aug-2024
The only recon methodology you need to know.https://medium.com/@bilalresearcher/the-only-recon-methodology-you-need-to-know-9feb257ca4a2?source=rss------bug_bounty-5Bilal Researcherbug-bounty, idor, bug-bounty-writeup, cybersecurity, bugbounty-writeup27-Aug-2024
Advanced Web Cache Poisoning Techniques (Part 2): Tools, Methods, and Exploitshttps://medium.com/@bilalresearcher/advanced-web-cache-poisoning-techniques-part-2-tools-methods-and-exploits-b379aeb7ab36?source=rss------bug_bounty-5Bilal Researcheridor, hacking, bug-bounty-writeup, bug-bounty, bugbounty-writeup27-Aug-2024
Unraveling Web Cache Poisoning: A Deep Dive (Part 1)https://medium.com/@bilalresearcher/unraveling-web-cache-poisoning-a-deep-dive-part-1-49fa00e81d1a?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, cybersecurity, idor, bug-bounty, bug-bounty-writeup27-Aug-2024
Finding IDOR Vulnerabilities: Key Endpoints and Resourceshttps://medium.com/@bilalresearcher/finding-idor-vulnerabilities-key-endpoints-and-resources-e4c2457aa231?source=rss------bug_bounty-5Bilal Researcheridor, bug-bounty-writeup, bugbounty-writeup, bug-bounty, hacking27-Aug-2024
How I was able to discover ATO Via IDOR vulnerabilityhttps://medium.com/@bilalresearcher/how-i-was-able-to-discover-ato-via-idor-vulnerability-c31d074a62e8?source=rss------bug_bounty-5Bilal Researchercybersecurity, hacking, bug-bounty, bug-bounty-writeup, bugbounty-writeup27-Aug-2024
SAML Authentication Bypass Leading to Admin Panel Accesshttps://medium.com/@bilalresearcher/saml-authentication-bypass-leading-to-admin-panel-access-751380db249e?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bugbounty-writeup, cybersecurity, bug-bounty-writeup, hacking27-Aug-2024
Critical Security Vulnerability Discovered on Reserve Bank of India’s Website: A Wake-Up Call…https://medium.com/@psychomong/critical-security-vulnerability-discovered-on-reserve-bank-of-indias-website-a-wake-up-call-06fd08db0559?source=rss------bug_bounty-5psychomongbugs, hacker, bug-bounty, no-rate-limit, hacking27-Aug-2024
Day 20 0f 30 Days — 30 Vulnerabilities | Host Header Injectionhttps://medium.com/@kumawatabhijeet2002/day-20-0f-30-days-30-vulnerabilities-host-header-injection-9bc006b4734c?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-writeup, bug-bounty, host-header-injection, bug-bounty-tips, hostattack27-Aug-2024
Day 19 of 30 Days — 30 Vulnerabilities | Rate Limiting Bypasshttps://medium.com/@kumawatabhijeet2002/day-19-of-30-days-30-vulnerabilities-rate-limiting-bypass-896c8e2bdfc1?source=rss------bug_bounty-5Abhijeet kumawat30dayswritingchallenge, bug-bounty-tips, bug-bounty, rate-limit-bypass27-Aug-2024
24.13 Lab: Internal cache poisoninghttps://cyberw1ng.medium.com/24-13-lab-internal-cache-poisoning-2c328e4d4a6d?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing27-Aug-2024
Practical Bug Bounty — TCM Academy | Module 8 pt. 2 (XSS, CMDI)https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-8-pt-2-xss-cmdi-b8728aa5261d?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamibug-bounty, xss-attack, web-penetration-testing, ethical-hacking, cybersecutiy27-Aug-2024
$15k RCE Through Monitoring Debug Modehttps://medium.com/@0xold/15k-rce-through-monitoring-debug-mode-4f474d8549d5?source=rss------bug_bounty-50xoldlocal-file-inclusion, pentesting, hacking, bug-bounty, rce27-Aug-2024
Exploiting IDORs via JSON Globbinghttps://medium.com/@bountyget/exploiting-idors-via-json-globbing-e4c6e2c0535c?source=rss------bug_bounty-5Dhiren Kumar Pradhanpenetration-testing, idor, bug-bounty-tips, bug-bounty, bug-bounty-writeup27-Aug-2024
How i get OTP bypass leads to ATOhttps://kiraadx.medium.com/how-i-get-otp-bypass-leads-to-ato-a7645ade3a90?source=rss------bug_bounty-5KiRaaDxbug-bounty-tips, bug-bounty, bug-bounty-writeup27-Aug-2024
Discovering Two Out-of-Scope Blind/Stored XSS Vulnerabilities in an Admin Panel on a Public Bug…https://medium.com/@octayus/discovering-two-out-of-scope-blind-stored-xss-vulnerabilities-in-an-admin-panel-on-a-public-bug-c0262fa35238?source=rss------bug_bounty-5OctaYusbug-bounty, python, xss-attack, penetration-testing, cybersecurity27-Aug-2024
CSRF Bypass Using Domain Confusion Leads To ATOhttps://infosecwriteups.com/csrf-bypass-using-domain-confusion-leads-to-ato-ac682dd17722?source=rss------bug_bounty-5Osama Alybug-bounty, cybersecurity, hackerone27-Aug-2024
How did I manage to get my first p2 vulnerability using only ffufhttps://medium.com/@loayahmed686/how-did-i-manage-to-get-my-first-p2-vulnerability-using-only-ffuf-a8a70d965d33?source=rss------bug_bounty-5r00tbug-bounty, cybersecurity27-Aug-2024
Fundora on Testnet Bounty Hunt: Spotting Bugs and Reaping Rewardshttps://gingerjoygames.medium.com/fundora-on-testnet-bounty-hunt-spotting-bugs-and-reaping-rewards-7529ec61b1cc?source=rss------bug_bounty-5Ginger Joy Gamesgames, testnet, mobile-games, web3, bug-bounty27-Aug-2024
Monitoring Gitlab Snippets for secrets with TruffleHoghttps://medium.com/@learntheshell/monitoring-gitlab-snippets-for-secrets-with-trufflehog-5c77281ff5b7?source=rss------bug_bounty-5LearnTheShelltrufflehog, bug-bounty, git, bug-bounty-tips, gitlab27-Aug-2024
How I Got Sensitive Directory Using Shodanhttps://ch4ndan.medium.com/how-i-got-sensitive-directory-using-shodan-10e5b91cda86?source=rss------bug_bounty-5Ch4ndan dasbug-bounty, cybersecurity, bug-bounty-tips, bugs, information-disclosure27-Aug-2024
Unveiling the Secrets of Malware Traffic: Analyzing Malware Infected pcap with Wiresharkhttps://medium.com/@dsksatheesh35/unveiling-the-secrets-of-malware-traffic-analyzing-malware-infected-pcap-with-wireshark-5989a9b013fd?source=rss------bug_bounty-5D Satheesh Kumarmalware-analysis, bug-bounty, cybersecurity, wireshark, network-security27-Aug-2024
HTML Injection in email via fname fieldhttps://medium.com/@hossam_hamada/html-injection-in-email-via-fname-field-564c3657e8ad?source=rss------bug_bounty-5Hossam Hamadapenetration-testing, bug-bounty, hackerone, bugcrowd, html-injection27-Aug-2024
How I Took Over Two Subdomains: A Step-by-Step Guidehttps://medium.com/@0xSphinx/how-i-took-over-two-subdomains-a-step-by-step-guide-df5d9eecbb2e?source=rss------bug_bounty-50xSphinxcybersecurity, security, aws, hacking, bug-bounty27-Aug-2024
Day 17 of 30 Days — 30 Vulnerabilities | Path/Directory Traversalhttps://medium.com/@kumawatabhijeet2002/day-17-of-30-days-30-vulnerabilities-path-directory-traversal-008e92c07f23?source=rss------bug_bounty-5Abhijeet kumawat30dayswritingchallenge, bug-bounty-tips, path-traversal, bug-bounty26-Aug-2024
Thief Raccoon — Login Phishing Toolhttps://medium.com/@bountyget/thief-raccoon-login-phishing-tool-59c574687aae?source=rss------bug_bounty-5Bountygetpython3, infosec, info-sec-writeups, bug-bounty, penetration-testing26-Aug-2024
From Developer to Hacker — Entering the Red teamhttps://medium.com/@jonathanmondaut/from-developer-to-hacker-entering-the-red-team-8b50989b9464?source=rss------bug_bounty-5Jonathan Mondautbug-bounty, youtube, networking, twitter, cybersecurity26-Aug-2024
New Malware Uses PHP Exploit to Backdoor Windows Systems - Stay Informed!https://medium.com/@realahmedmoses/new-malware-uses-php-exploit-to-backdoor-windows-systems-stay-informed-8df12e89391a?source=rss------bug_bounty-5Moses Ahmedtechnology, bug-bounty, data-science, cybersecurity, programming26-Aug-2024
Password Reset Glitch Leads to Instant Account Takeoverhttps://bevijaygupta.medium.com/password-reset-glitch-leads-to-instant-account-takeover-a4e67b667eaf?source=rss------bug_bounty-5Vijay Guptavulnerability, reset, bug-bounty, passwords, glitch26-Aug-2024
DNS enumeration methodology and techniqueshttps://systemweakness.com/dns-enumeration-methodology-and-techniques-1945fa4164fd?source=rss------bug_bounty-5Harsh Hatejkali-linux, cybersecurity, linux, subdomains-enumeration, bug-bounty26-Aug-2024
Account Take Over | P1 — Criticalhttps://irsyadsec.medium.com/account-take-over-p1-critical-5468ce8218b9?source=rss------bug_bounty-5Irsyad Muhammad Fawwazwriteup, bugcrowd, bug-bounty, cybersecurity, bug-bounty-tips26-Aug-2024
Understanding Robots.txt: The Key to Managing Web Crawlershttps://medium.com/@kanishk.k1410/understanding-robots-txt-the-key-to-managing-web-crawlers-04eda892ec92?source=rss------bug_bounty-5Kanishk Kumarinformation-technology, investigation, cybersecurity, osint, bug-bounty26-Aug-2024
Hacking My College panel using University Website Like a Prohttps://medium.com/@RaunakGupta1922/hacking-my-college-panel-using-university-website-like-a-pro-9dd075133dce?source=rss------bug_bounty-5Raunak Gupta Aka Biscuithacking, bugbounty-writeup, college, cybersecurity, bug-bounty26-Aug-2024
Exposing Hidden Risks: Uncovering Sensitive Data on a Government Website using Google Dorkshttps://medium.com/@sulmanfarooq531/exposing-hidden-risks-uncovering-sensitive-data-on-a-government-website-using-google-dorks-51748e4f3695?source=rss------bug_bounty-5Sulman Farooq Scybersecurity, government, google-dork, google, bug-bounty26-Aug-2024
“Like” Bypass on Customer Reviews — €500 bountyhttps://medium.com/@asharm.khan7/like-bypass-on-customer-reviews-500-bounty-b8d45a98c096?source=rss------bug_bounty-5Ashar Mahmoodhacking-for-defense, ethical-hacking, bug-bounty, bug-bounty-tips, hacking26-Aug-2024
Best Attack Surface Visualization Toolshttps://netlas.medium.com/best-attack-surface-visualization-tools-8034e681807d?source=rss------bug_bounty-5Netlas.iobug-bounty, penetration-testing, attack-surface, cybersecurity, attack-surface-management26-Aug-2024
Meet Dobby: Your New Bug Bounty Assistanthttps://medium.com/@h3llbl4ckk/meet-dobby-your-new-bug-bounty-assistant-f5bebfeb7607?source=rss------bug_bounty-5Mehmet Kayacybersecurity, github, open-source, hacking, bug-bounty26-Aug-2024
Account Takeover (Same OTP)https://medium.com/@raxomara/account-takeover-same-otp-81bfba35d9b3?source=rss------bug_bounty-5Raxomaraaccount-takeover, bug-bounty-tips, cybersecurity, bug-bounty, race-condition26-Aug-2024
WebSec — CSRF/XSRF (Cross-Site Request Forgery)https://medium.com/@meryemddalgali/websec-csrf-xsrf-cross-site-request-forgery-6c048c6323d1?source=rss------bug_bounty-5Meryem Dalgalıbug-bounty, web-security, xsrf, csrf-attack, vulnerability26-Aug-2024
24.12 Lab: Cache key injection vulnerabilitieshttps://cyberw1ng.medium.com/24-12-lab-cache-key-injection-vulnerabilities-22429a13eebf?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, cybersecurity, penetration-testing26-Aug-2024
Day 18 of 30 Days — 30 Vulnerabilities | Insecure Deserializationhttps://medium.com/@kumawatabhijeet2002/day-18-of-30-days-30-vulnerabilities-insecure-deserialization-29656c0d212a?source=rss------bug_bounty-5Abhijeet kumawatserialization, insecure-design, 30dayswritingchallenge, bug-bounty-tips, bug-bounty26-Aug-2024
How I was able to give verification badge to any YouTube channel and bypass needed requirementshttps://xtt0k.medium.com/how-i-was-able-to-give-verification-badge-to-any-youtube-channel-and-bypass-needed-requirements-b88855afe4b7?source=rss------bug_bounty-5Vojtech Cekalyoutube, bug-bounty, bounty-hunter, bugs, vulnerability26-Aug-2024
OSINT, ChatGPT, and Password Spraying to Takeover System Administrator Accounthttps://medium.com/@mmaulanaabdullah/osint-chatgpt-and-password-spraying-to-takeover-system-administrator-account-b0a6295edbbc?source=rss------bug_bounty-5M Maulana Abdullahcybersecurity, infosec, chatgpt, ai, bug-bounty26-Aug-2024
How I found XSS and open redirect in Kamiapp.com accidentallyhttps://medium.com/@alimuhammadsecured/how-i-found-xss-and-open-redirect-in-kamiapp-com-accidentally-2ff0d3c2b61b?source=rss------bug_bounty-5Alimuhammadsecuredbbp, ctf, bug-bounty, hacking26-Aug-2024
How do I chain multiple Nuclei templates together in a single scan?https://medium.com/@sherlock297/how-do-i-chain-multiple-nuclei-templates-together-in-a-single-scan-621a3fb8787f?source=rss------bug_bounty-5Ravindra Dagalelinux, bug-bounty, how-to, cybersecurity, tips25-Aug-2024
How to get your first valid bug by reading disclosed reportshttps://anonysm.medium.com/how-to-get-your-first-valid-bug-by-reading-disclosed-reports-2663c9987bf3?source=rss------bug_bounty-5Muthu Dcybersecurity, ethical-hacking, bug-bounty, hacking, penetration-testing25-Aug-2024
Bypass Brute-force IP Blockhttps://icecream23.medium.com/bypass-brute-force-ip-block-870a4329c3be?source=rss------bug_bounty-5Aman Bhuiyanethical-hacking, bypassing, ip, bug-bounty25-Aug-2024
The Evolution of Phishing Attacks: A Growing Cybersecurity Challengehttps://medium.com/@paritoshblogs/the-evolution-of-phishing-attacks-a-growing-cybersecurity-challenge-800b0eeacf00?source=rss------bug_bounty-5Paritoshphishing, hacking, social-media, cybersecurity, bug-bounty25-Aug-2024
Vulnerable WordPress July 2024 (Ash-e_doogh)https://medium.com/@onhexgroup/vulnerable-wordpress-july-2024-ash-e-doogh-c7e71d7d94d5?source=rss------bug_bounty-5Onhexgroupwordpress-security, wordpress, bug-bounty, cybersecurity, infosec25-Aug-2024
Finding origin ip addresshttps://systemweakness.com/finding-origin-ip-address-672ca2e2967b?source=rss------bug_bounty-5loyalonlytodaybugbounty-writeup, bug-bounty, bug-bounty-tips, hacking, penetration-testing25-Aug-2024
Explore Koii Network’s DEPIN world with a $10,000 Bug Bounty rewardhttps://medium.com/coinmonks/explore-koii-networks-depin-world-with-a-10-000-bug-bounty-reward-6a57a5450a44?source=rss------bug_bounty-5xeefoxai, koii, depin, koii-network, bug-bounty25-Aug-2024
Defensive Strategies and Best Practices to Protect Against Web Cache Poisoninghttps://cyberw1ng.medium.com/defensive-strategies-and-best-practices-to-protect-against-web-cache-poisoning-7d9b855658c7?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, penetration-testing, careers25-Aug-2024
HOW TO START IN BUG BOUNTY HUNTINGhttps://medium.com/@gouravrathod8788/how-to-start-in-bug-bounty-hunting-848f5c74807f?source=rss------bug_bounty-5Gourav Singh Rajputcybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty25-Aug-2024
TOP USEFUL CYBR SECURITY & BUG HUNTING TOOLhttps://medium.com/@gouravrathod8788/top-useful-cybr-security-bug-hunting-tool-de9ae281e12f?source=rss------bug_bounty-5Gourav Singh Rajputcybersecurity, hacking-tools, bug-bounty, ethical-hacking, hacking25-Aug-2024
Solving the Prompt Airlines CTFhttps://infosecwriteups.com/solving-the-prompt-airlines-ctf-2235c725050b?source=rss------bug_bounty-5hackerdevilbug-bounty, ctf, ctf-writeup, promptairlines, cybersecurity25-Aug-2024
Hitting the jackpot with RCE!https://medium.com/@gokulsspace/hitting-the-jackpot-with-rce-43755cac1415?source=rss------bug_bounty-5Gokulsspacepentesting, cybersecurity, kerala, ethical-hacking, bug-bounty25-Aug-2024
How I was able to Edit/Read Users Workspaces/Data without any access to ithttps://medium.com/@octayus/how-i-was-able-to-edit-read-users-workspaces-data-without-any-access-to-it-aed616dbde8e?source=rss------bug_bounty-5OctaYusinformation-technology, cybersecurity, infosec, bug-bounty, bounty-program25-Aug-2024
How I got $24000 Bounty from a Log4j RCE in Apple App Store.https://medium.com/@meharhuzaifa777/exploiting-log4j-rce-in-apple-app-store-ca99a549de1f?source=rss------bug_bounty-5Meharhuzaifacybersecurity, bug-bounty-writeup, ethical-hacking, bug-bounty25-Aug-2024
Intruder + Frida to Account Takeoverhttps://medium.com/@bilalresearcher/intruder-frida-to-account-takeover-548d4dd785ef?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-writeup, cybersecurity, bugbounty-writeup, hacking25-Aug-2024
Using E-Notation to bypass Access Control restrictions to access arbitrary user PII-discussionshttps://medium.com/@bilalresearcher/using-e-notation-to-bypass-access-control-restrictions-to-access-arbitrary-user-pii-discussions-d16bbad42394?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, idor, hacking, cybersecurity, bug-bounty25-Aug-2024
PwnOS-1 Walkthroughhttps://erdemstar.medium.com/pwnos-1-walkthrough-fec01bd0e8d4?source=rss------bug_bounty-5Erdemstarbug-bounty, oscp-preparation, oscp, cybersecurity, security25-Aug-2024
Kioptrix Level 4 Walkthroughhttps://erdemstar.medium.com/kioptrix-level-4-walkthrough-96d46095c789?source=rss------bug_bounty-5Erdemstaroscp-preparation, bug-bounty-tips, oscp, cybersecurity, bug-bounty25-Aug-2024
LOLbins / LOLBAS Attack !https://medium.com/@reemmoslem34/lolbins-lolbas-attack-006aad1ac364?source=rss------bug_bounty-5Rem Khalidbug-bounty, cybersecurity, malware, python, cryptocurrency25-Aug-2024
What Really Provides Security in the Cloud?https://medium.com/@paritoshblogs/what-really-provides-security-in-the-cloud-2f0cc83d113a?source=rss------bug_bounty-5Paritoshinformation-technology, bug-bounty, information-security, cybersecurity, infosec24-Aug-2024
Practical Bug Bounty — TCM Academy | Module 8https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-8-44663b4f87e3?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamisqli, bug-bounty, sql-injection, tcm-academy, web-penetration-testing24-Aug-2024
Cross-Site Origin Policy (CORS)https://itsravikiran25.medium.com/cross-site-origin-policy-cors-c82e4b0208f8?source=rss------bug_bounty-5Ravikiraninfosec-write-ups, vulnerability-assessment, cybersecurity, bug-bounty, cors24-Aug-2024
Exploiting Privilege Escalation via Role Parameter Manipulationhttps://medium.com/@tusharpuri6/exploiting-privilege-escalation-via-role-parameter-manipulation-5f8df062eb71?source=rss------bug_bounty-5Tusharpuripenetration-testing, offensive-security, privilege-escalation, application-security, bug-bounty24-Aug-2024
MASS HUNTING TO FIND XSS(CROSS SITE SCRIPTING)https://systemweakness.com/mass-hunting-to-find-xss-cross-site-scripting-27cc687e58e0?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, xss-vulnerability, bugbounty-automation, bug-bounty, bug-bounty-tips24-Aug-2024
Unleash Your Inner Hacker with Koii’s $10,000 Bug Bounty Challengehttps://medium.com/nest-of-rin/unleash-your-inner-hacker-with-koiis-10-000-bug-bounty-challenge-d37c23969df1?source=rss------bug_bounty-5Rinkoii-network, koii, developer, hackathons, bug-bounty24-Aug-2024
Top 5 Vulnerabilities That Can Earn You Big in Bug Bountieshttps://medium.com/@verylazytech/top-5-vulnerabilities-that-can-earn-you-big-in-bug-bounties-4541878d7e19?source=rss------bug_bounty-5Very Lazy Techethical-hacking, cybersecurity, hacking, bug-bounty, cyber24-Aug-2024
What I Learned from Reading 217* Subdomain Takeover Bug Reportshttps://bevijaygupta.medium.com/what-i-learned-from-reading-217-subdomain-takeover-bug-reports-5c6caae2b5da?source=rss------bug_bounty-5Vijay Guptasubdomain, bugs, bug-report, subdomain-takeover, bug-bounty24-Aug-2024
Reset password Checklisthttps://medium.com/@hozayfan782/reset-password-checklist-1ebabdd6c0f3?source=rss------bug_bounty-5Hozayfa Nasserbug-bounty, bug-bounty-writeup, bug-bounty-tips, cybersecurity, research24-Aug-2024
How do I run Nuclei in silent mode to avoid unnecessary output?https://medium.com/@sherlock297/how-do-i-run-nuclei-in-silent-mode-to-avoid-unnecessary-output-25fbb9d2e26d?source=rss------bug_bounty-5Ravindra Dagalenucleus, information-security, bug-bounty, output, how-to24-Aug-2024
Unauthorized Deletion of Forms by Low-Level Unlicensed Users: A 500$ Access Control Bughttps://medium.com/@a13h1/unauthorized-deletion-of-forms-by-low-level-unlicensed-users-a-500-access-control-bug-98dc50c8c193?source=rss------bug_bounty-5Abhi Sharmaprogramming, bug-bounty, infosec, cybersecurity, access-control24-Aug-2024
Essential Resources for Exploiting Web Cache Poisoning: Tools, Techniques, and Learning Materialshttps://cyberw1ng.medium.com/essential-resources-for-exploiting-web-cache-poisoning-tools-techniques-and-learning-materials-cbbef5221392?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, penetration-testing, cybersecurity, bug-bounty24-Aug-2024
Beware of fake bug bounty programs, my real life experiencehttps://harish45.medium.com/beware-of-fake-bug-bounty-programs-my-real-life-experience-ce009d435ed8?source=rss------bug_bounty-5Harishbug-bounty, cybersecurity-awareness, cybersecurity, ethical-hacking, bug-bounty-tips24-Aug-2024
Find Bugs From Google Dorkshttps://ch44nd.medium.com/find-bugs-from-google-dorks-ec574c01471b?source=rss------bug_bounty-5Chandan dasbug-bounty, information-disclosure, bugs, hacking, google-dork24-Aug-2024
One-click Account Take Overhttps://medium.com/@bilalresearcher/one-click-account-take-over-50e4128c990d?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, hacking, bug-bounty-tips, bugbounty-writeup, bug-bounty24-Aug-2024
0-click Full Account Takeoverhttps://medium.com/@bilalresearcher/0-click-full-account-takeover-0ddc951e14ae?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bug-bounty, hacking, bug-bounty-tips, bugbounty-writeup24-Aug-2024
Drupal Website Takeover | Admin Dashboardhttps://medium.com/@bilalresearcher/drupal-website-takeover-admin-dashboard-6ae4a34d0689?source=rss------bug_bounty-5Bilal Researcherhacking, bug-bounty-writeup, bug-bounty-tips, bugbounty-writeup, bug-bounty24-Aug-2024
STRIPE Live Key Exposed:: Bounty: $1000https://medium.com/@bilalresearcher/stripe-live-key-exposed-bounty-1000-57018f1d4520?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-writeup, bug-bounty-program, hacking, bug-bounty-tips24-Aug-2024
[GraphQL IDOR]Leaking credit card information of 1000s of users [External Audit]https://medium.com/@bilalresearcher/graphql-idor-leaking-credit-card-information-of-1000s-of-users-external-audit-1404256b761f?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, hacking, bugbounty-writeup, bug-bounty-tips, bug-bounty24-Aug-2024
Exposing Database Creds via SVN: A $400 Discoveryhttps://medium.com/@bilalresearcher/exposing-database-creds-via-svn-a-400-discovery-fa7c2de288bf?source=rss------bug_bounty-5Bilal Researcherbug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking, bugbounty-writeup24-Aug-2024
SQL Injections for bug bountyhttps://medium.com/@boogsta/sql-injections-for-bug-bounty-3a608babd9b1?source=rss------bug_bounty-5Boogstahacking, bug-bounty, cybersecurity, programming, cyber24-Aug-2024
Chain of Rate Limit Bypass and Weak Token Expiry Leads To Account Take Overhttps://medium.com/@bilalresearcher/chain-of-rate-limit-bypass-and-weak-token-expiry-leads-to-account-take-over-0cf794fef31c?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-writeup, bugbounty-writeup, bug-bounty-tips, hacking24-Aug-2024
CSRF Bypass Combined with IDOR To Complete Account Takeover!https://medium.com/@bilalresearcher/csrf-bypass-combined-with-idor-to-complete-account-takeover-588b34b9cf60?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bug-bounty-tips, bug-bounty, hacking, bugbounty-writeup24-Aug-2024
User information disclosure via message reactionshttps://medium.com/@bilalresearcher/user-information-disclosure-via-message-reactions-affc72cfd8de?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, hacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty24-Aug-2024
IDOR Lead to Data Leakhttps://medium.com/@bilalresearcher/idor-lead-to-data-leak-6943ade0a3d6?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-tips, bugbounty-writeup, bug-bounty-writeup, hacking24-Aug-2024
XSS & IDOR & CSRF to ATOhttps://medium.com/@bilalresearcher/xss-idor-csrf-to-ato-0e898876789d?source=rss------bug_bounty-5Bilal Researcherbug-bounty-tips, bug-bounty-writeup, hacking, bugbounty-writeup, bug-bounty24-Aug-2024
How I Turned a Rate-Limit Bypass into an Account Takeoverhttps://medium.com/@bilalresearcher/how-i-turned-a-rate-limit-bypass-into-an-account-takeover-5a50b0f4dc6a?source=rss------bug_bounty-5Bilal Researcherbug-bounty-tips, bugbounty-writeup, bug-bounty-writeup, hacking, bug-bounty24-Aug-2024
$$$ Bypassing SSRF Restrictions on a Google Product: A Journey Through DNS Rebindinghttps://medium.com/@bilalresearcher/bypassing-ssrf-restrictions-on-a-google-product-a-journey-through-dns-rebinding-caaf00ebe479?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, bug-bounty-writeup, bug-bounty-tips, bug-bounty, hacking24-Aug-2024
Discovering a Session Persistence Vulnerability That Led to a $$$$ Bountyhttps://medium.com/@bilalresearcher/discovering-a-session-persistence-vulnerability-that-led-to-a-bounty-bbf3dd526f01?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, bug-bounty-tips, hacking, bug-bounty-writeup, bug-bounty24-Aug-2024
Bypassing methods that I used to find CSRF vulnerabilitieshttps://medium.com/@bilalresearcher/bypassing-methods-that-i-used-to-find-csrf-vulnerabilities-0709cc8a3c4d?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bugbounty-writeup, bug-bounty, bug-bounty-tips, hacking24-Aug-2024
Mobile Pentesting: A Walkthrough of the First 10 Challenges on Injured Android App-Part1https://medium.com/@mly57003/mobile-pentesting-a-walkthrough-of-the-first-10-challenges-on-injured-android-app-part1-0e85c600494f?source=rss------bug_bounty-5mohamed alibug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-hunter24-Aug-2024
Can AI and ML Stop Cyber Attacks?https://medium.com/@paritoshblogs/can-ai-and-ml-stop-cyber-attacks-291c6425d0e8?source=rss------bug_bounty-5Paritoshai, cybersecurity, machine-learning, bug-bounty, chatgpt23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-81)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-81-833084004f21?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, money, cybersecurity, hacking23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-80)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-80-ae2ad3c7f971?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, bug-bounty, hacking, money23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-79)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-79-415c1bd4f7c3?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, hacking, money, ethical-hacking, cybersecurity23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-78)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-78-85e87ffc94f9?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, money, cybersecurity, hacking23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-77)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-77-b9b1354812cc?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, bug-bounty, cybersecurity, money, hacking23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-76)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-76-07a4d8f583c0?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, bug-bounty, cybersecurity, skills, hacking23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-75)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-75-8d5930bd46dc?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, skills, hacking, ethical-hacking, bug-bounty23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-74)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-74-778fd4767e52?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, bug-bounty, ethical-hacking, hacking, skills23-Aug-2024
Elevate Your Cybersecurity Skills with Expert Training and Penetration Testing!https://imranthe3rd3ye.medium.com/elevate-your-cybersecurity-skills-with-expert-training-and-penetration-testing-b16e8b122642?source=rss------bug_bounty-5Md. Imran Chowdhurylearn-hacking, ethical-hacking, penetration-testing, kali-linux, bug-bounty23-Aug-2024
Monitoring Gists for secrets with Trufflehoghttps://medium.com/@learntheshell/monitoring-gists-with-trufflehog-612b7d9dbab5?source=rss------bug_bounty-5LearnTheShellgithub, git, bug-bounty, trufflehog, bug-bounty-tips23-Aug-2024
Hidden in Plain Sight: Uncovering RCE on a Forgotten Axis2 Instancehttps://medium.com/@domenicoveneziano/hidden-in-plain-sight-uncovering-rce-on-a-forgotten-axis2-instance-86ddc91f1415?source=rss------bug_bounty-5Domenico Venezianobug-bounty-tips, bug-bounty-writeup, bug-bounty23-Aug-2024
Finally, SSL Pinning for Flutter Bypassed After Frustration..https://wahaz.medium.com/finally-ssl-pinning-for-flutter-bypassed-after-frustration-4573e15ed18e?source=rss------bug_bounty-5Rizaldi Wahazbug-bounty, cybersecurity, hacking, flutter, penetration-testing23-Aug-2024
How I Got an Appreciation Letter from NASA for Finding a Simple Bughttps://infosecwriteups.com/how-i-got-an-appreciation-letter-from-nasa-for-finding-a-simple-bug-8812852d0337?source=rss------bug_bounty-5Om Arorabug-bounty, programming, technology, cybersecurity, infosec23-Aug-2024
Web Cache Poisoning: Understanding the Threat and How to Protect Your Websitehttps://cyberw1ng.medium.com/web-cache-poisoning-understanding-the-threat-and-how-to-protect-your-website-82ebaba2f0e8?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, hacking, careers, bug-bounty23-Aug-2024
Day 16 of 30 Days — 30 Vulnerabilities | Subdomain Takeoverhttps://medium.com/@kumawatabhijeet2002/day-16-of-30-days-30-vulnerabilities-subdomain-takeover-01088ad1d525?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, subdomain-takeover, bug-bounty, 30dayswritingchallenge23-Aug-2024
how i got into the server of our university.https://medium.com/@mesterx54/how-i-got-into-the-server-of-our-university-aae2782bcc64?source=rss------bug_bounty-5Abdeladime Mk (mesterx54)bug-bounty, rce, bug-bounty-tips, sqli, pentesting23-Aug-2024
Stealing Admin Cookies: An XSS Challenge from TCM Security’s Practical Bug Bounty Coursehttps://medium.com/@trixiahorner/stealing-admin-cookies-an-xss-challenge-from-tcm-securitys-practical-bug-bounty-course-b08a990cca84?source=rss------bug_bounty-5Trixia Hornerpenetration-testing, ethical-hacking, hacking, cybersecurity, bug-bounty23-Aug-2024
Boost Subdomain Discovery with Subfinder and API Integrationshttps://saurabh-jain.medium.com/integrating-shodan-and-censys-api-keys-into-subfinder-c28452af2efb?source=rss------bug_bounty-5Saurabh Jainbug-bounty-writeup, bug-bounty, subdomains-enumeration, subfinder, hacking23-Aug-2024
Response Manipulation FTW: Understanding and Exploiting Response Manipulationhttps://medium.com/@security.tecno/response-manipulation-ftw-understanding-and-exploiting-response-manipulation-6ad2d81f2eb4?source=rss------bug_bounty-5TECNO Securitysecurity, reserach, hacking, bug-bounty22-Aug-2024
10 Secrets Ethical Hackers Don’t Want You to Know (But We’re Revealing Them Anyway!)https://medium.com/@paritoshblogs/10-secrets-ethical-hackers-dont-want-you-to-know-but-we-re-revealing-them-anyway-094ca920c3d8?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, hacking, information-technology, ethical-hacking22-Aug-2024
CORRUPT SEBI INDIA JEOPARDIZING DIRECTOES FINANCIAL INFO, ZOMATO BUG BOUNTY HACKERONE FRAUDhttps://medium.com/@krivadna_87390/corrupt-sebi-india-jeopardizing-directoes-financial-info-zomato-bug-bounty-hackerone-fraud-f27145ccfad8?source=rss------bug_bounty-5Krivadnaandroid, social-media, bug-bounty, cybersecurity, bugbounty-writeup22-Aug-2024
Grep tips for Javascript Analysis | Bug Bountyhttps://0xmaruf.medium.com/grep-tips-for-javascript-analysis-bug-bounty-7dce88266121?source=rss------bug_bounty-5Md Maruf Hosan (0xMaruf)cybersecurity, bug-bounty-tips, bug-bounty22-Aug-2024
TESLA MOTORS VIN NUMBER LEAK THROUGH IT’S API ENDPOINT, THEY CALL IT NO SECURITY IMPACT..https://medium.com/@krivadna_87390/tesla-motors-vin-number-leak-through-its-api-endpoint-they-call-it-no-security-impact-bb30fb5f1314?source=rss------bug_bounty-5Krivadnaandroid, bug-bounty, penetration-testing, bugbounty-writeup, cybersecurity22-Aug-2024
CORRUPT SEBI INDIA JEOPARDIZING DIRECTOR'S FINANCIAL INFO • PAN NUMBER LEAK ZOMATO BUG BOUNTY…https://medium.com/@krivadna_87390/corrupt-sebi-india-jeopardizing-directoes-financial-info-zomato-bug-bounty-hackerone-fraud-f27145ccfad8?source=rss------bug_bounty-5Krivadnaandroid, social-media, bug-bounty, cybersecurity, bugbounty-writeup22-Aug-2024
Exposing Source Code via SVN: A $400 Discoveryhttps://infosecwriteups.com/exposing-source-code-via-svn-a-400-discovery-9fc54b3f3f31?source=rss------bug_bounty-5Vipul Sahubug-bounty-tips, bug-bounty, information-security, cybersecurity22-Aug-2024
安全賞金計劃來了,獎金最高達¥6000!https://medium.com/@AdsPowerHK/%E5%AE%89%E5%85%A8%E8%B3%9E%E9%87%91%E8%A8%88%E5%8A%83%E4%BE%86%E4%BA%86-%E7%8D%8E%E9%87%91%E6%9C%80%E9%AB%98%E9%81%94-6000-672c3dcf1483?source=rss------bug_bounty-5AdsPower 指紋瀏覽器adspower, 指纹浏览器, 漏洞, bug-bounty, 指纹浏览器ip22-Aug-2024
Automating the Hunt for Reflected XSS: Essential One-Liners for Web Securityhttps://medium.com/@garvsanwariya60/automating-the-hunt-for-reflected-xss-essential-one-liners-for-web-security-025bbd82f95d?source=rss------bug_bounty-5Garvsanwariyaxss-attack, cybersecurity, hacking, web-security, bug-bounty22-Aug-2024
Instagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts Centerhttps://medium.com/@scriptshuva/instagram-and-meta-2fa-bypass-by-unprotected-backup-code-retrieval-in-accounts-center-c735ff650f10?source=rss------bug_bounty-5Shuva Sahabug-bounty-writeup, bug-bounty, facebook-bug-bounty, 2fa-bypass, meta-bug-bounty22-Aug-2024
Exposing Database Creds via SVN: A $400 Discoveryhttps://infosecwriteups.com/exposing-source-code-via-svn-a-400-discovery-9fc54b3f3f31?source=rss------bug_bounty-5Vipul Sahubug-bounty-tips, bug-bounty, information-security, cybersecurity22-Aug-2024
How I can easily get four P1 at NASA using Simple Google Dorking.https://k4tedu.medium.com/how-i-can-easily-get-four-p1-at-nasa-using-simple-google-dorking-d4457bec1971?source=rss------bug_bounty-5k4tedubug-bounty, dorking, penetration-testing, nasa-vdp, pentest-web22-Aug-2024
WebSec — SSTI (Server Site Template Injection)https://medium.com/@meryemddalgali/websec-ssti-server-site-template-injection-1a9603caa51e?source=rss------bug_bounty-5Meryem Dalgalıvulnerability, application-security, bug-bounty, pentest-learnings, web-security22-Aug-2024
Bypassing methods that I used to find CSRF vulnerabilitieshttps://anonysm.medium.com/bypassing-methods-that-i-used-to-find-csrf-vulnerabilities-b7dbf88cdb0a?source=rss------bug_bounty-5Muthu Dcybersecurity, ethical-hacking, hacking, bug-bounty, penetration-testing22-Aug-2024
How I Found Vulnerabilities in NASA and Got into the Hall of Fame — 4 Bugshttps://infosecwriteups.com/how-i-found-vulnerabilities-in-nasa-and-got-into-the-hall-of-fame-4-bugs-78e0fc4cc5cc?source=rss------bug_bounty-5Karthikeyan Nagarajhall-of-fame, careers, cybersecurity, bug-bounty, hacking22-Aug-2024
Easy Bug | Email Spoofinghttps://saeidmicro.medium.com/easy-bug-email-spoofing-5d1bfc1a885e?source=rss------bug_bounty-5Saeid Khaterbug-bounty22-Aug-2024
Blind SSRFhttps://saeidmicro.medium.com/blind-ssrf-ee5f0e6ed86f?source=rss------bug_bounty-5Saeid Khaterbug-bounty22-Aug-2024
Battle of the Web Security Titans: Burp Suite vs. OWASP ZAPhttps://shaifsec.medium.com/battle-of-the-web-security-titans-burp-suite-vs-owasp-zap-e3da58d36203?source=rss------bug_bounty-5Shaif Alipenetration-testing, bug-bounty, web-security, cybersecurity, shaifsec22-Aug-2024
Advanced Web Cache Poisoning Techniques (Part 2): Tools, Methods, and Exploitshttps://medium.com/@dsmodi484/advanced-web-cache-poisoning-techniques-part-2-tools-methods-and-exploits-d35619d4bd75?source=rss------bug_bounty-5Dishant Modiresources, vulnerability, web-cache-poisoning, bug-bounty, methodology21-Aug-2024
Secrets of Red Teaming: Must-Know Tips and Tricks for Beginners!https://medium.com/@paritoshblogs/secrets-of-red-teaming-must-know-tips-and-tricks-for-beginners-7a0dbf8eb021?source=rss------bug_bounty-5Paritoshred-teaming, hacking, bug-bounty, pentesting, cybersecurity21-Aug-2024
Beyond the Login The Path Traversal Attackhttps://medium.com/@rajqureshi07/beyond-the-login-the-path-traversal-attack-30c1cfc09b3a?source=rss------bug_bounty-5Raj Qureshibug-bounty, information-technology, infosec, bug-bounty-tips, information-security21-Aug-2024
Deploying Rust Smart Contractshttps://medium.com/@bugbountydegen/deploying-rust-smart-contracts-7a22e04c4cd9?source=rss------bug_bounty-5bugbountydegenrust, bug-bounty, smart-contract-security, blockchain21-Aug-2024
Forging a Path to Account Takeover: Copy Password Reset Link Vulnerability worth $$$$.https://medium.com/@bilalresearcher/forging-a-path-to-account-takeover-copy-password-reset-link-vulnerability-worth-3135c3df60d6?source=rss------bug_bounty-5Bilal Researcherbug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking, cybersecurity21-Aug-2024
[Account Take Over] through reset password token leaked in response, 2500 € Rewardhttps://medium.com/@bilalresearcher/account-take-over-through-reset-password-token-leaked-in-response-2500-reward-97cc22d0b65d?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-writeup, cybersecur, hacking, bugbounty-writeup21-Aug-2024
Discovering a $5000 RCE via Dependency Confusion Vulnerabilityhttps://medium.com/@bilalresearcher/discovering-a-5000-rce-via-dependency-confusion-vulnerability-9a1cd88ddb0c?source=rss------bug_bounty-5Bilal Researcherbug-bounty, cybersecurity, hacking, bug-bounty-tips, bug-bounty-writeup21-Aug-2024
A Simple 2FA Bypasshttps://medium.com/@bilalresearcher/a-simple-2fa-bypass-368a2861c6df?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bug-bounty, hacking, bug-bounty-tips, cybersecurity21-Aug-2024
Account Takeover using IDOR in Password reset Functionalityhttps://medium.com/@bilalresearcher/account-takeover-using-idor-in-password-reset-functionality-b736a85f4f02?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bugbounty-writeup, cybersecurity, info-sec-writeups, bug-bounty-writeup21-Aug-2024
How I got my first $13500 bounty through Parameter Polluting (HPP)https://medium.com/@bilalresearcher/how-i-got-my-first-13500-bounty-through-parameter-polluting-hpp-237bd8cdfeff?source=rss------bug_bounty-5Bilal Researcherbug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty, cybersecurity21-Aug-2024
Authorization bypass due to cache misconfigurationhttps://rikeshbaniya.medium.com/authorization-bypass-due-to-cache-misconfiguration-fde8b2332d2d?source=rss------bug_bounty-5Rikesh Baniyasecurity-research, bug-bounty-writeup, hackerone, bug-bounty-tips, bug-bounty21-Aug-2024
The Future of Web Cache Poisoning Defense: Anticipating New Threats and Adopting Next-Generation…https://cyberw1ng.medium.com/the-future-of-web-cache-poisoning-defense-anticipating-new-threats-and-adopting-next-generation-56a62d115bcd?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, bug-bounty, hacking21-Aug-2024
Race Condition on Likes of Product Leads to Products can appear more popularhttps://medium.com/@omdubey170/race-condition-on-likes-of-product-leads-to-products-can-appear-more-popular-a39038d16203?source=rss------bug_bounty-5Omdubeycache, bug-bounty-tips, security, bug-bounty, race-condition21-Aug-2024
Authorization bypass due to cache misconfigurationhttps://medium.com/@bilalresearcher/authorization-bypass-due-to-cache-misconfiguration-7407aa1c6374?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, bug-bounty-writeup, bug-bounty, hacking, cybersecurity21-Aug-2024
Day 15 of 30 Days — 30 Vulnerabilities | ClickJackinghttps://medium.com/@kumawatabhijeet2002/day-15-of-30-days-30-vulnerabilities-clickjacking-33e38c25d528?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, 30-day-challenge, bug-bounty-tips, 30dayswritingchallenge, clickjacking20-Aug-2024
Information Disclosure : 80+ Emails and LongID Disclosed !!https://pushkarhax.medium.com/information-disclosure-80-emails-and-longid-disclosed-8952e2c6978b?source=rss------bug_bounty-5Pushkar Nandwalkarbugbounty-tips, offensive-security, bug-bounty, cybersecurity, hacking20-Aug-2024
Unveiling a Critical Vulnerability: Exposing AWS Credentials in a Penetration Testhttps://notifybugme.medium.com/unveiling-a-critical-vulnerability-exposing-aws-credentials-in-a-penetration-test-2f7119a7c816?source=rss------bug_bounty-5Santosh Kumar Sha (@killmongar1996)penetration-testing, bug-bounty, ethical-hacking, security, aws20-Aug-2024
How a Lazy Bug Bounty Hunter got a place on NASA HOF ( An XSS Story).https://medium.com/@trffnsec/how-a-lazy-bug-bounty-hunter-got-a-place-on-nasa-hof-an-xss-story-e14fccc326e2?source=rss------bug_bounty-5Augustinetriffinxss-attack, bug-bounty, cybersecurity, hacking, nasa20-Aug-2024
How a Lazy Bug Bounty Hunter got a place on NASA HOF ( An XSS Story).https://medium.com/@trffnsec/how-a-lazy-bug-bounty-hunter-got-a-place-on-nasa-hof-an-xss-story-e14fccc326e2?source=rss------bug_bounty-5TrffnSecxss-attack, bug-bounty, cybersecurity, hacking, nasa20-Aug-2024
My first XSS: Reflected XSS in hidden parameterhttps://anonysm.medium.com/my-first-xss-reflected-xss-in-hidden-parameter-4142a02edfb1?source=rss------bug_bounty-5Muthu Dcybersecurity, hacking, penetration-testing, ethical-hacking, bug-bounty20-Aug-2024
cyberseReal-World Applications and Case Studies: Combating Web Cache Poisoning in Complex…https://cyberw1ng.medium.com/cybersereal-world-applications-and-case-studies-combating-web-cache-poisoning-in-complex-5bf41b0073c1?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, hacking, bug-bounty20-Aug-2024
Invitation link hijacking on a bug bounty programhttps://harish45.medium.com/invitation-link-hijacking-on-a-bug-bounty-program-50d3b92d5532?source=rss------bug_bounty-5Harishhackerone, bugcrowd, bug-bounty, bug-bounty-tips, ethical-hacking20-Aug-2024
Best Directory Brute-forcing Tools for Beginner Bug Huntershttps://medium.com/@josuofficial327/best-directory-brute-forcing-tools-for-beginner-bug-hunters-3388dd97c055?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuethical-hacking, bug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup19-Aug-2024
0-click Full Account Takeoverhttps://dynnyd20.medium.com/0-click-full-account-takeover-9bb6b4d692a9?source=rss------bug_bounty-5dynnyd20cybersecurity, pentest, ato, bug-bounty, pentesting19-Aug-2024
Beyond Web Caching Vulnerabilitieshttps://medium.com/@0xAwali/beyond-web-caching-vulnerabilities-c617d8cdbb85?source=rss------bug_bounty-5Mahmoud M. Awaliweb-security, bug-bounty19-Aug-2024
Discovering a Session Persistence Vulnerability That Led to a $$$$ Bountyhttps://anonysm.medium.com/discovering-a-session-persistence-vulnerability-225e4b38e605?source=rss------bug_bounty-5Muthu Dcybersecurity, penetration-testing, infosec, bug-bounty, ethical-hacking19-Aug-2024
Advanced Techniques for Mitigating Web Cache Poisoning Attackshttps://cyberw1ng.medium.com/advanced-techniques-for-mitigating-web-cache-poisoning-attacks-8f818fd7eb00?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, cybersecurity, bug-bounty, penetration-testing19-Aug-2024
How to Bypass Company Email Feature While Creating an Accounthttps://medium.com/@josuofficial327/how-to-bypass-company-email-feature-while-creating-an-account-f792b37a231f?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty-hunter, cybersecurity, bug-bounty-tips, vulnerability, bug-bounty18-Aug-2024
BugBounty WriteUp — Creative thinking is our everything (Race Condition + Business Logic Error)https://medium.com/@bilalresearcher/bugbounty-writeup-creative-thinking-is-our-everything-race-condition-business-logic-error-c7cfcc6d9125?source=rss------bug_bounty-5Bilal Researcherhacking, writeup, bug-bounty, penetration-testing, programming18-Aug-2024
Bug Bounty Writeup: $2500 Reward for Session Hijack via Chained Attackhttps://medium.com/@bilalresearcher/bug-bounty-writeup-2500-reward-for-session-hijack-via-chained-attack-b5ad443bc9b9?source=rss------bug_bounty-5Bilal Researcherethical-hacking, cybersecurity, xss-attack, bug-bounty-tips, bug-bounty18-Aug-2024
How Automation Detected Default Admin Credential Worth $500https://medium.com/@bilalresearcher/how-automation-detected-default-admin-credential-worth-500-9f2c3ed460c4?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bug-bounty, bug-bounty-tips, cybersecurity18-Aug-2024
Accessing deleted comment for $$: A Bug Bounty Writeuphttps://medium.com/@bilalresearcher/accessing-deleted-comment-for-a-bug-bounty-writeup-085e836660c1?source=rss------bug_bounty-5Bilal Researchercybersecurity, bug-bounty, writeup, bug-bounty-tips, bug-bounty-writeup18-Aug-2024
PII Disclosure Worth $750https://medium.com/@bilalresearcher/pii-disclosure-worth-750-1f9caeac484f?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-tips, bugbounty-writeup, cybersecurity, bug-bounty-writeup18-Aug-2024
Burp Suite Filtering Trick — Reducing Log Noise with TLS Pass-Throughhttps://systemweakness.com/burp-suite-filtering-trick-reducing-log-noise-with-tls-pass-through-468d00fbc7dc?source=rss------bug_bounty-5Khaleel Khanethical-hacking, infosec, bug-bounty-tips, cybersecurity, bug-bounty18-Aug-2024
Day 15 of 30 Days — 30 Vulnerabilities | ClickJackinghttps://it4chis3c.medium.com/day-15-of-30-days-30-vulnerabilities-clickjacking-592505aff54d?source=rss------bug_bounty-5It4chis3cweb-security, bug-bounty, clickjacking, 30dayswritingchallenge, bug-bounty-tips18-Aug-2024
How I Bypassed 2FA and Earned My First Bounty $$$https://anonysm.medium.com/how-i-bypassed-2fa-and-earned-my-first-bounty-3fdc58938347?source=rss------bug_bounty-5Muthu Dcybersecurity, bug-bounty, ethical-hacking, hacking, penetration-testing18-Aug-2024
SQL Vulnerability in WordPress Automatic Plugin (CVE-2024–27956)https://roadtooscp.medium.com/sql-vulnerability-in-wordpress-automatic-plugin-cve-2024-27956-3635f1d32b4e?source=rss------bug_bounty-5RoadToOSCPbug-bounty, penetration-testing, wordpress-plugins, ethical-hacking, wordpress-security18-Aug-2024
HTML Injection in Mobile App Support Ticket Form on target.techhttps://medium.com/@shobitsharma/html-injection-in-mobile-app-support-ticket-form-on-target-tech-f45d2de510af?source=rss------bug_bounty-5Shobit Sharmahtml-injection, owasp, bug-bounty, vulnerability, bug-bounty-tips18-Aug-2024
Advanced Techniques and Emerging Trends in Web Cache Poisoninghttps://cyberw1ng.medium.com/advanced-techniques-and-emerging-trends-in-web-cache-poisoning-d2c8d3807d46?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing18-Aug-2024
Title: Mastering CSRF Exploits with Port Swigger Academy Lab: How to Bypass SameSite Strict via…https://medium.com/@dsksatheesh35/title-mastering-csrf-exploits-with-port-swigger-academy-lab-how-to-bypass-samesite-strict-via-7976c3f42d12?source=rss------bug_bounty-5D Satheesh Kumarpenetration-testing, bug-bounty, csrf-attack, csrf-bypass, ctf-walkthrough18-Aug-2024
Day 14 of 30 Days — 30 Vulnerabilities | HTTP Parameter Pollution (HPP) Vulnerabilityhttps://medium.com/@kumawatabhijeet2002/day-14-of-30-days-30-vulnerabilities-http-parameter-pollution-hpp-vulnerability-6c767a9227d8?source=rss------bug_bounty-5Abhijeet kumawathttp-parameter-pollution, bug-bounty-tips, 30dayswritingchallenge, bug-bounty18-Aug-2024
XSS CHECKLISThttps://medium.com/@mehmetfarisacar/xss-checklist-a2bf18ed6992?source=rss------bug_bounty-5Mehmet Faris Acarbug-bounty, xss-vulnerability, cybersecurity, xss-attack18-Aug-2024
Day 13 of 30 Days — 30 Vulnerabilities | XML External Entity (XXE)https://medium.com/@kumawatabhijeet2002/day-13-of-30-days-30-vulnerabilities-xml-external-entity-xxe-93118ac3a167?source=rss------bug_bounty-5Abhijeet kumawatxxe-attack, 30dayswritingchallenge, xxe, bug-bounty, bug-bounty-tips17-Aug-2024
Everything about CSP (Content Security Policy)and bypassing it Like a PRO!!https://shauryasharma05.medium.com/everything-about-csp-content-security-policy-and-bypassing-it-like-a-pro-290d3b06b721?source=rss------bug_bounty-5Shaurya Sharmabugbounty-writeup, cybersecurity, bug-bounty, hacking, bug-bounty-tips17-Aug-2024
A Step-by-Step Guide to Installing and Using dirsearchhttps://medium.com/@sherlock297/a-step-by-step-guide-to-installing-and-using-dirsearch-7833d9dbe6c3?source=rss------bug_bounty-5Ravindra Dagaletools, dirsearch, bug-bounty, tips, information-technology17-Aug-2024
Targeting Hidden API Endpoints in IDOR Exploitshttps://systemweakness.com/targeting-hidden-api-endpoints-in-idor-exploits-269b6ae0f16e?source=rss------bug_bounty-5Khaleel Khaninfosec, bug-bounty, cybersecurity, hacking, bug-bounty-tips17-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-73)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-73-210a9520bff3?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, money, hacking, bug-bounty17-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-72)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-72-a2bf155d3162?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, ethical-hacking, cybersecurity, money, bug-bounty17-Aug-2024
Broken Access Control in a Crypto Trading Platform | Auth Bypass worth $$$$https://medium.com/@midnight-mihir/how-i-found-broken-access-control-in-a-crypto-trading-platform-auth-bypass-worth-b0048eb87e09?source=rss------bug_bounty-5Mihirethical-hacking, bug-bounty-tips, bug-bounty, cybersecurity17-Aug-2024
Another 1500$: CR/LF Injectionhttps://infosecwriteups.com/1500-cr-lf-injection-59152daaf413?source=rss------bug_bounty-5Abhi Sharmacrlf-injection, infosec, bug-bounty, programming, cybersecurity17-Aug-2024
Security Flaws in Privilege Downgrades: How Users Can Exploit API Keys and Privilege escalationhttps://medium.com/@Az3m/security-flaws-in-privilege-downgrades-how-users-can-exploit-api-keys-and-privilege-escalation-886b37c2344d?source=rss------bug_bounty-5Az3mbug-bounty-tips, privilege-escalation, bugs, bug-bounty17-Aug-2024
Sub-finder tool methodologyhttps://medium.com/@tharunteja725_8686/sub-finder-tool-methodology-1dcb2622b0d5?source=rss------bug_bounty-5Chidurala Tharun tejabug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty-hunter17-Aug-2024
IDOR Vulnerabilities Between Admin Privilege Users in the Same Organizationhttps://medium.com/@Az3m/idor-vulnerabilities-between-admin-privilege-users-in-the-same-organization-7718192bba0e?source=rss------bug_bounty-5Az3mbug-bounty-tips, idor, bug-bounty, idor-vulnerability17-Aug-2024
How Find Multi open redirect Bugs with Bing search enginehttps://medium.com/@Az3m/how-find-multi-open-redirect-bugs-with-bing-search-engine-14d953b707ec?source=rss------bug_bounty-5Az3mbugs, open-redirect, bug-bounty-tips, bug-bounty17-Aug-2024
Boost Your Bug Bounty Game: Get Started with Free VPS on Krutrim Cloudhttps://infosecwriteups.com/boost-your-bug-bounty-game-get-started-with-free-vps-on-krutrim-cloud-6a37444a9ce0?source=rss------bug_bounty-5Vicky Aryankrutrim-cloud, bug-bounty, vps, cloud, hacking17-Aug-2024
Understanding Web Cache Poisoning: How It Works and How to Prevent Ithttps://cyberw1ng.medium.com/understanding-web-cache-poisoning-how-it-works-and-how-to-prevent-it-55af897e1eb5?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, bug-bounty, cybersecurity, hacking17-Aug-2024
$$$ Bypassing SSRF Restrictions on a Google Product: A Journey Through DNS Rebindinghttps://anonysm.medium.com/bypassing-ssrf-restrictions-on-a-google-product-a-journey-through-dns-rebinding-a4e9d18213af?source=rss------bug_bounty-5Muthu Dbug-bounty, cybersecurity, ethical-hacking, penetration-testing, hacking17-Aug-2024
Understanding Open Redirect Vulnerabilities: A Simple Discoveryhttps://shaifsec.medium.com/understanding-open-redirect-vulnerabilities-a-simple-discovery-476a675839f7?source=rss------bug_bounty-5Shaif Aliweb-security, cybersecurity, shaifsec, penetration-testing, bug-bounty17-Aug-2024
Top 20 Open Redirect Bug Bounty Reportshttps://medium.com/@thenumberof9/top-20-open-redirect-bug-bounty-reports-610c57fb006f?source=rss------bug_bounty-5TheNumberOf-9host-redirect, bug-bounty, open-redirect, hacking, ethical-hacking16-Aug-2024
How to find a easy bug it worth $100https://medium.com/@sangamahesh650/how-to-find-a-easy-bug-it-worth-100-7485f9bf638f?source=rss------bug_bounty-5loyalonlytodaybugbounty-writeup, hacking, bug-bounty-tips, penetration-testing, bug-bounty16-Aug-2024
The Bug Bounty Billionairehttps://medium.com/@shwetapapnai783/the-bug-bounty-billionaire-acaa5e64959e?source=rss------bug_bounty-5Shweta Papnaisecurity, cybersecurity, billionaires, bug-bounty, technology16-Aug-2024
️ Reconnaissance and Vulnerability Scanning Script️https://securitycipher.medium.com/%EF%B8%8F-reconnaissance-and-vulnerability-scanning-script-%EF%B8%8F-086f4051eeba?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)cybersecurity, coding, technology, bug-bounty, hacking16-Aug-2024
Complete Guide on Attack Surface Discoveryhttps://osintteam.blog/complete-guide-on-attack-surface-discovery-d684710d6a3e?source=rss------bug_bounty-5Netlas.iobug-bounty, attack-surface, attack-surface-discovery, cybersecurity, penetration-testing16-Aug-2024
Easy Critical Bugs: Uncovering Treasure Troves in Adobe Experience Manager (AEM)https://anonysm.medium.com/easy-critical-bugs-uncovering-treasure-troves-in-adobe-experience-manager-aem-59ce8656ef9b?source=rss------bug_bounty-5Muthu Dpenetration-testing, bug-bounty, cybersecurity, pentesting, hacking16-Aug-2024
Two Factor Authentication Bypass via using Victim’s DeviceIDhttps://medium.com/@cyberpro151/two-factor-authentication-bypass-via-using-victims-deviceid-b46afb4fe7a5?source=rss------bug_bounty-5cyberpro151application-security, hacking, bug-bounty, cybersecurity, hackerone16-Aug-2024
BlackhatOps #1: A Syndicate Of Hackershttps://medium.com/@red.whisperer/blackhatops-1-a-syndicate-of-hackers-3f599f6f9c63?source=rss------bug_bounty-5Chuxcybersecurity, pentesting, red-team, bug-bounty, hacking16-Aug-2024
Forced SSO Session Fixationhttps://infosecwriteups.com/forced-sso-session-fixation-5d3b457b79cb?source=rss------bug_bounty-5Serj Novoselovbug-bounty, vulnerability, penetration-testing, information-security, writeup16-Aug-2024
24.10 Lab: Web cache poisoning to exploit a DOM vulnerability via a cache with strict cacheability…https://cyberw1ng.medium.com/24-10-lab-web-cache-poisoning-to-exploit-a-dom-vulnerability-via-a-cache-with-strict-cacheability-78d30bb559e4?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, bug-bounty, cybersecurity16-Aug-2024
500$ From Meta by reporting a HTMLi(Accidental Bug)https://armx64.medium.com/500-from-meta-by-reporting-a-htmli-accidental-bug-fef2e5a0f4c4?source=rss------bug_bounty-5A.R Maheerbug-bounty, accidental-bug16-Aug-2024
NewLine Character Cause DoS: Folder & File Deletion Flawhttps://medium.com/@bilalresearcher/newline-character-cause-dos-folder-file-deletion-flaw-2b128252720b?source=rss------bug_bounty-5Bilal Researcherinfosec, denial-of-service, programming, cybersecurity, bug-bounty16-Aug-2024
1000$ IDOR : Unauthorized Project Inclusion in Expensehttps://medium.com/@bilalresearcher/1000-idor-unauthorized-project-inclusion-in-expense-da9176a96015?source=rss------bug_bounty-5Bilal Researcherbug-bounty, cybersecurity, idor, information-security, broken-access-control16-Aug-2024
Bypass Plan Restriction & Get 350$ Bountyhttps://medium.com/@bilalresearcher/bypass-plan-restriction-get-350-bounty-105790e994cb?source=rss------bug_bounty-5Bilal Researcherprivilege-escalation, bug-bounty, cybersecurity, programming, access-control16-Aug-2024
How I Earned $469 Bounty: Bypassing Plan Restrictionhttps://medium.com/@bilalresearcher/how-i-earned-469-bounty-bypassing-plan-restriction-6c215221b6f6?source=rss------bug_bounty-5Bilal Researcheraccess-control, infosec, bug-bounty, cybersecurity, programming16-Aug-2024
$800 Improper Authorization Flaw: Unauthorized Project Reclaiming Post Transferhttps://medium.com/@bilalresearcher/800-improper-authorization-flaw-unauthorized-project-reclaiming-post-transfer-d99ee6b2708c?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-tips, idor, idor-vulnerability, cybersecurity16-Aug-2024
921$ Privilege Escalation: Unauthorized User Addition to Shared APP Connectionshttps://medium.com/@bilalresearcher/921-privilege-escalation-unauthorized-user-addition-to-shared-app-connections-681d807ccd1e?source=rss------bug_bounty-5Bilal Researcherprogramming, bug-bounty, privilege-escalation, cybersecurity, hacking16-Aug-2024
500$: MFA bypass By Race Conditionhttps://medium.com/@bilalresearcher/500-mfa-bypass-by-race-condition-8952b6718b89?source=rss------bug_bounty-5Bilal Researchercybersecurity, 2fa, programming, bug-bounty, race-condition16-Aug-2024
The UI Slip I Hit 750$: UI Manipulation Leading to Unauthorized Permission Changeshttps://medium.com/@bilalresearcher/the-ui-slip-i-hit-750-ui-manipulation-leading-to-unauthorized-permission-changes-23c544918111?source=rss------bug_bounty-5Bilal Researchercybersecurity, user-interface, programming, bug-bounty, hacking16-Aug-2024
1500$: CR/LF Injectionhttps://medium.com/@bilalresearcher/1500-cr-lf-injection-09b7ae3cfaef?source=rss------bug_bounty-5Bilal Researcherbug-bounty, crlf-injection, cybersecurity, hacking, programming16-Aug-2024
$500 for Cracking Invitation Code For Unauthorized Access & Account Takeoverhttps://medium.com/@bilalresearcher/500-for-cracking-invitation-code-for-unauthorized-access-account-takeover-b0b693b2ae47?source=rss------bug_bounty-5Bilal Researcherbug-bounty, cybersecurity, account-takeover16-Aug-2024
Exploiting phar stream wrapperhttps://rudrasarkar.medium.com/exploiting-phar-stream-wrapper-d2140592c6e7?source=rss------bug_bounty-5Rudra Sarkarsource-code-analysis, php, bug-bounty, hackthebox15-Aug-2024
Unauthorized Deletion of Reports via Folder Manipulationhttps://medium.com/@hossam_hamada/unauthorized-deletion-of-reports-via-folder-manipulation-d0760582e168?source=rss------bug_bounty-5Hossam Hamadaidor, hackerone, idor-vulnerability, bug-bounty, bugcrowd15-Aug-2024
Day 12: Mastering Server Side Request Forgery Vulnerability — Essential Tricks & Techniques Based…https://medium.com/@kumawatabhijeet2002/day-12-mastering-server-side-request-forgery-vulnerability-essential-tricks-techniques-based-21dc8b576e37?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, ssrf-bug, ssrf, ssrf-attack, bug-bounty-tips15-Aug-2024
Hacking Large Corporations: The Art and Science of Reconnaissancehttps://harshit3.medium.com/hacking-large-corporations-the-art-and-science-of-reconnaissance-1a6fc8f90616?source=rss------bug_bounty-5Harshitbug-bounty, information-technology, corporations, cybersecurity, ethical-hacking15-Aug-2024
23.7 Lab: Server-side template injection with a custom exploithttps://cyberw1ng.medium.com/23-7-lab-server-side-template-injection-with-a-custom-exploit-263dcc38653e?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, bug-bounty, cybersecurity15-Aug-2024
Fourth Layer And Attacks !https://medium.com/@reemmoslem34/fourth-layer-and-attacks-7bcdbbf6b53c?source=rss------bug_bounty-5Rem Khalidcybersecurity, security, bug-bounty15-Aug-2024
2FA Bypass - IDN Mischiefhttps://shahjerry33.medium.com/2fa-bypass-idn-mischief-157f06cb6904?source=rss------bug_bounty-5Jerry Shah (Jerry)vulnerability, bug-bounty, infosec, cybersecurity, 2fa15-Aug-2024
Cracking the Armour: Bypassed WAF using Ibrahimxss Tool for easyhttps://medium.com/@jitinyaduvanshi/cracking-the-armour-bypassed-waf-using-ibrahimxss-tool-for-easy-6867cfcd850b?source=rss------bug_bounty-5Jitinyaduvanshicybersecurity, xss-attack, bug-bounty15-Aug-2024
Swisstronik: A Blockchain Solution for Privacy and Compliance.https://medium.com/@danishkhatri023/swisstronik-a-blockchain-solution-for-privacy-and-compliance-73c662eadf7a?source=rss------bug_bounty-5Danish Khatritestnet, blockchain, gui̇de, bug-bounty, swisstronik15-Aug-2024
Protecting against multi-step SQL injections: A shield for your datahttps://medium.com/@Progsky/protecting-against-multi-step-sql-injections-a-shield-for-your-data-bf14e41dc412?source=rss------bug_bounty-5Progskybug-bounty, web-security, hacking15-Aug-2024
Passenger Information Disclosure Vulnerability Over the MQTT Protocolhttps://medium.com/@moradloo1779/passenger-information-disclosure-vulnerability-over-the-mqtt-protocol-667402289583?source=rss------bug_bounty-5Moradloobugbounty-writeup, bug-bounty, pentest15-Aug-2024
Account takeover on 8 years old public programhttps://medium.com/@pranshux0x/account-takeover-on-8-years-old-public-program-c0c0a30cfdd2?source=rss------bug_bounty-5priyanshu shakyaaccount-takeover, bug-bounty, bug-bounty-tips, hacking, vulnerability14-Aug-2024
New Bug Bounty Alerthttps://medium.com/@vic-thor/new-bug-bounty-alert-874fefd2ea6b?source=rss------bug_bounty-5victech, online, technology, cybersecurity, bug-bounty14-Aug-2024
XSS Tipleri için Test Caselerhttps://medium.com/@NadirSensoy/xss-tipleri-i%C3%A7in-test-caseler-ce006d2cd57f?source=rss------bug_bounty-5Nadir Sensoyxss-attack, bug-bounty, xss-vulnerability, cybersecurity14-Aug-2024
My journey towards Bug Bounty and Ambassador World Cup 2023 Recaphttps://bhattaraiprashant98.medium.com/my-journey-towards-bug-bounty-and-ambassador-world-cup-2023-recap-bc5fc1d00e72?source=rss------bug_bounty-5Prashant Bhattaraibug-bounty, hacking, hackerone, cybersecurity14-Aug-2024
Server-side template injection in Web App Penetration Testing | 2024https://cyberw1ng.medium.com/server-side-template-injection-in-web-app-penetration-testing-2024-67961a32cadd?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, bug-bounty, hacking14-Aug-2024
Automate your Google Dorking to Find Bugshttps://mrunknown124154.medium.com/automate-your-google-dorking-to-find-bugs-f7d86dc2d279?source=rss------bug_bounty-5Mr Abdullahbug-bounty, cybersecurity, google-dorking, cyber-security-awareness, dorking14-Aug-2024
Authentication Bypass -MFA , Account Takeover…https://medium.com/@prakashchand72/authentication-bypass-mfa-account-takeover-32166aedb3b9?source=rss------bug_bounty-5ASTUTEbypass, hacking, bug-bounty, authentication-bypass, account-takeover14-Aug-2024
My journey towards Bug Bounty and Ambassador World Cup 2023 Recaphttps://g0ndaar.medium.com/my-journey-towards-bug-bounty-and-ambassador-world-cup-2023-recap-bc5fc1d00e72?source=rss------bug_bounty-5Prashant Bhattaraibug-bounty, hacking, hackerone, cybersecurity14-Aug-2024
Open S3 Buckets Through Reconnaissancehttps://offsec01.medium.com/open-s3-buckets-through-reconnaissance-920f8b35be47?source=rss------bug_bounty-5Facundo Fernandezbug-bounty-tips, bug-bounty, penetration-testing, hacking, offensive-security14-Aug-2024
A Critical 403 Bypass Vulnerability Lead to a Staging Environment with User Enumerationhttps://ay0ub-n0uri.medium.com/a-critical-403-bypass-vulnerability-lead-to-a-staging-environment-with-user-enumeration-25b94ebadcfa?source=rss------bug_bounty-5Ay0ub N0urioffensive-security, bug-bounty-tips, penetration-testing, cybersecurity, bug-bounty14-Aug-2024
How I Prevented a Data Breach by Reporting an IDOR in a System Exposing over 500,000 US Passportshttps://offsec01.medium.com/how-i-prevented-a-data-breach-by-reporting-an-idor-in-a-system-exposing-over-500-000-us-passports-bc6bec99aa3d?source=rss------bug_bounty-5Facundo Fernandezpassport, bug-bounty, penetration-testing, data-breach, hacking14-Aug-2024
Identifying and Exploiting SQL Injection Vulnerabilitieshttps://im4x.medium.com/identifying-and-exploiting-sql-injection-vulnerabilities-cdfaa90b7b04?source=rss------bug_bounty-5Ahmed Najehbug-bounty, bugs, sqlmap14-Aug-2024
Finding a easy p3 bughttps://medium.com/@sangamahesh650/finding-a-easy-p3-bug-05b54f70e14c?source=rss------bug_bounty-5loyalonlytodaybugbounty-writeup, bug-bounty-tips, penetration-testing, bug-bounty, hacking13-Aug-2024
Hidden Form Fields Reveal Test Answers for Easy Perfect Scorehttps://osintteam.blog/hidden-form-fields-reveal-test-answers-for-easy-perfect-score-c4d202416ad7?source=rss------bug_bounty-5enigmabug-bounty, ethical-hacking, penetration-testing, cybersecurity, misconfiguration13-Aug-2024
NoSQL Injection | Try Hack Mehttps://ahmed-makawi.medium.com/nosql-injection-try-hack-me-e624fa71743f?source=rss------bug_bounty-5Ahmed Makawicybersecurity, bug-bounty, it, penetration-testing, sql-injection13-Aug-2024
Role-based Privilege Escalation Worth $2000 in a bug bounty programhttps://medium.com/@_K3rnel/role-based-privilege-escalation-worth-2000-in-a-bug-bounty-program-0ca40a4cecb9?source=rss------bug_bounty-5_K3rnelbugbounting, bug-bounty, bugs, bug-bounty-tips, bugbounty-writeup13-Aug-2024
Threat Modeling 101: Mapping OWASP Top 10 to STRIDEhttps://justm0rph3u5.medium.com/threat-modeling-101-mapping-owasp-top-10-to-stride-cb8e8613e396?source=rss------bug_bounty-5Divyanshustride, bug-bounty, owasp, threat-model, pasta13-Aug-2024
23.6 Lab: Server-side template injection in a sandboxed environmenthttps://cyberw1ng.medium.com/23-6-lab-server-side-template-injection-in-a-sandboxed-environment-f731eacf2530?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, penetration-testing, cybersecurity, careers13-Aug-2024
Logic Flaw: User Account Lockouthttps://medium.com/@raxomara/logic-flaw-user-account-lockout-8865c622cef0?source=rss------bug_bounty-5Raxomarapenetration-testing, bug-bounty, cybersecurity, bug-bounty-tips, bug-hunting13-Aug-2024
NoSQL Injection | Try Hack Mehttps://systemweakness.com/nosql-injection-try-hack-me-e624fa71743f?source=rss------bug_bounty-5Ahmed Makawicybersecurity, bug-bounty, it, penetration-testing, sql-injection13-Aug-2024
My first bounty report was a duplicatehttps://medium.com/@World-Breaker/my-first-bounty-report-was-a-duplicate-ad2ba4ec595e?source=rss------bug_bounty-5usu@rioZ3r0bug-bounty13-Aug-2024
Effortless Go Language Setup: Installing Go Lang Like a Pro!https://imran407704.medium.com/effortless-go-language-setup-installing-go-lang-like-a-pro-e668c51454c3?source=rss------bug_bounty-5Imranbug-bounty, go-language, go-language-tutorial13-Aug-2024
How I Discovered a Directory Listing Vulnerability on a NASA Subdomainhttps://medium.com/@shubhammpawar7438/how-i-discovered-a-directory-listing-vulnerability-on-a-nasa-subdomain-979883e47874?source=rss------bug_bounty-5Shubham pawarvulnerability-disclosure, bug-bounty, cybersecurity, web-security, nasa-security13-Aug-2024
How To Get free burpsuite professionalhttps://medium.com/@sangamahesh650/how-to-get-free-burpsuite-professional-b6ebca7a60a3?source=rss------bug_bounty-5loyalonlytodaybug-bounty, pentesting, bug-bounty-tips, hacking, bugbounty-writeup13-Aug-2024
Breaking the Barrier: Admin Panel Takeover Worth $3500https://medium.com/@noob.assassin/breaking-the-barrier-admin-panel-takeover-worth-3500-78da79089ca3?source=rss------bug_bounty-5Aditya Sharmabug-bounty-tips, bug-bounty, hacker, hacking, vulnerability13-Aug-2024
Simple but Elegant DOM XSS on Hidden Parameter— Bypassing Filterhttps://medium.com/@YourFinalSin/simple-but-elegant-dom-xss-on-hidden-parameter-bypassing-filter-ab58ca1e6135?source=rss------bug_bounty-5SINxss-vulnerability, bug-bounty, xss-attack, bug-bounty-tips, bug-bounty-writeup13-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-71)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-71-3232e47be803?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, cybersecurity, bug-bounty, skills, ethical-hacking13-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-70)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-70-f603b2fde234?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, bug-bounty, hacking, cybersecurity, skills13-Aug-2024
Insecure Direct Object Referencehttps://medium.com/@yassentaalab51/insecure-direct-object-reference-6bddf9be8dcd?source=rss------bug_bounty-5Yassen Taalabidor, bug-bounty, owasp, cybersecurity, broken-access-control13-Aug-2024
CloudBrute — Awesome Cloud Enumeratorhttps://medium.com/@pentesterclubpvtltd/cloudbrute-awesome-cloud-enumerator-b6d86e168b2c?source=rss------bug_bounty-5Pentester Clubbug-bounty, hacking, ethical-hacking, cybersecurity, cloud-computing13-Aug-2024
Embedding Beacon Payloads in PDF Fileshttps://medium.com/@pentesterclubpvtltd/embedding-beacon-payloads-in-pdf-files-e789820f340b?source=rss------bug_bounty-5Pentester Clubhacking, cobalt-strike, bug-bounty, cybersecurity, pdf13-Aug-2024
DOM XSS — Simple but Elegant on Hidden Parameter— Bypassing Filterhttps://medium.com/@YourFinalSin/simple-but-elegant-dom-xss-on-hidden-parameter-bypassing-filter-ab58ca1e6135?source=rss------bug_bounty-5SINxss-vulnerability, bug-bounty, xss-attack, bug-bounty-tips, bug-bounty-writeup13-Aug-2024
Common Types of Bugs in Software Testinghttps://medium.com/optimizory-apps/common-types-of-bugs-in-software-testing-aea2ff2138bd?source=rss------bug_bounty-5Divyansh Vatsbug-bounty, bugs, software-testing12-Aug-2024
How to balance bug fix costs with software performance?https://medium.com/@harleyrose981/how-to-balance-bug-fix-costs-with-software-performance-92e9df481c36?source=rss------bug_bounty-5Harley Roseweb3, technology, bug-bounty, web-development, seo12-Aug-2024
3rd Anniversary Fun Activity: TECNO Security Bug Bounty Rules Challenging Testhttps://medium.com/@security.tecno/3rd-anniversary-fun-activity-tecno-security-bug-bounty-rules-challenging-test-d6dac9f552e7?source=rss------bug_bounty-5TECNO Securitytesting, bug-bounty, activity, security12-Aug-2024
5 Minutes to Take Over the System Administrator Account of a GPS Tracker Solution Providerhttps://medium.com/@mmaulanaabdullah/5-minutes-for-taking-over-system-administrator-account-of-gps-tracker-solution-provider-system-24bd083f1559?source=rss------bug_bounty-5M Maulana Abdullahapi, disruption, bug-bounty, information-security, infosec12-Aug-2024
Maintaining Software Excellence: The Importance of Bug Fixes and Maintenancehttps://medium.com/@harleyrose981/maintaining-software-excellence-the-importance-of-bug-fixes-and-maintenance-87db9a864a5f?source=rss------bug_bounty-5Harley Rosetechnology, software-development, web-development, tech, bug-bounty12-Aug-2024
From Fries to Flaws : My Journey into Web App Security (Part V)https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-v-f0ea86e55845?source=rss------bug_bounty-5OiQpenetration-testing, vulnerability, bug-bounty-tips, cybersecurity, bug-bounty12-Aug-2024
The Importance of Functionality and Usability in Web Applicationshttps://medium.com/@owaisbagali2/the-importance-of-functionality-and-usability-in-web-applications-65f5cf44374d?source=rss------bug_bounty-5OwaisBself-awareness, bug-bounty, audi, software-testing, basics12-Aug-2024
Earned $188 in bug bounty simply through the invitation feature.https://medium.com/@Mu1berry/earned-188-in-bug-bounty-simply-through-the-invitation-feature-534486d6ec1c?source=rss------bug_bounty-5Mu1berrybugcrowd, vulnerability, money, bug-bounty, hacker12-Aug-2024
Detecting Blind Injection Attacks with Discord Webhookshttps://osintteam.blog/detecting-injection-attacks-with-discord-webhooks-5df22a5679c5?source=rss------bug_bounty-5mrunoriginalweb-application-security, cybersecurity, bug-bounty, information-security, ethical-hacking12-Aug-2024
New Reconnaissance Methodologies/Tools for Bug Bounty Hunting & Ethical Hackinghttps://medium.com/@retr0x/new-reconnaissance-methodologies-tools-for-bug-bounty-hunting-ethical-hacking-be7ca14a7ae2?source=rss------bug_bounty-5R3tr0x | Vinay Kumarcyber, ethical-hacking, cyber-security-awareness, cybersecurity, bug-bounty12-Aug-2024
“My Journey to Earning the First Bounty”https://medium.com/@asharm.khan7/my-journey-to-earning-the-first-bounty-5314d1780f84?source=rss------bug_bounty-5Ashar Mahmoodbug-bounty, hacking, cyber-security-awareness, ethical-hacking, find-your-first-bug12-Aug-2024
21.4 Lab: Exploiting insecure output handling in LLMshttps://cyberw1ng.medium.com/21-4-lab-exploiting-insecure-output-handling-in-llms-4b17d8401fe6?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, cybersecurity, bug-bounty, careers12-Aug-2024
Getting all ips from Shodan easyhttps://medium.com/@sangamahesh650/getting-all-ips-from-shodan-easy-400706799e53?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, hacking, bugbounty-writeup, penetration-testing, bug-bounty12-Aug-2024
Cross-Site Scripting Explained: Protect Your Website from Modern Threatshttps://7hecoder.medium.com/secure-your-site-xss-guide-d780dd2ad098?source=rss------bug_bounty-5Aamir Khanxss-vulnerability, web-development, secure-coding, bug-bounty, cybersecurity12-Aug-2024
The Hidden Threat: How Reverse Shells Packaged as .pyz Files Evade Detectionhttps://medium.com/@psychomong/the-hidden-threat-how-reverse-shells-packaged-as-pyz-files-evade-detection-e82d1f234187?source=rss------bug_bounty-5psychomonghacker, hacking, meta, bug-bounty, whatsapp12-Aug-2024
How Much Did I Make in My First Year of Bug Bounty Work?https://medium.com/@bountyget/how-much-did-i-make-in-my-first-year-of-bug-bounty-work-2f0583002db6?source=rss------bug_bounty-5Bountygetinfosec-write-ups, bug-bounty, earn-money-online, bug-bounty-tips, hacking12-Aug-2024
How I Hacked Into the World’s Top Universities Including MIT Cambridge & University of Oxfordhttps://medium.com/@josuofficial327/how-i-hacked-into-the-worlds-top-universities-including-mit-cambridge-university-of-oxford-a2e209d8abf7?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binucybersecurity, bug-bounty, vulnerability, ethical-hacking, hacking12-Aug-2024
Stored XSS in LibreOfficehttps://bunny0417.medium.com/stored-xss-in-libreoffice-ed4ad22e0f56?source=rss------bug_bounty-5Aayush kumarbug-bounty-tips, xs, libreoffice, stored-xss, bug-bounty11-Aug-2024
From Fries to Flaws : My Journey into Web App Security (Part IV)https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-iv-956c3fcbec68?source=rss------bug_bounty-5OiQbug-bounty, web-app-security, vulnerability, bug-bounty-tips, penetration-testing11-Aug-2024
Internal and External Network penetration Testinghttps://gaya3-r.medium.com/internal-and-external-network-penetration-testing-6a9421394618?source=rss------bug_bounty-5gayatri rtools, bug-bounty, penetration-testing, owasp11-Aug-2024
How I found my first P3 bug (disclosure of PII/Privilege Escalation)https://medium.com/@the.bugcrowd.testerpawan/how-i-found-my-first-p3-bug-disclosure-of-pii-privilege-escalation-148dbf610334?source=rss------bug_bounty-5the_air_cyborgbug-bounty-tips, bugbounty-writeup, bug-bounty11-Aug-2024
Introduction to JWThttps://medium.com/@chanpreetkaur2005/introduction-to-jwt-f69162b59c24?source=rss------bug_bounty-5Chanpreet Kaurweb-exploitation, cybersecurity, bug-bounty, jwt, web-development11-Aug-2024
20.10 Lab: Using PHAR deserialization to deploy a custom gadget chainhttps://cyberw1ng.medium.com/20-10-lab-using-phar-deserialization-to-deploy-a-custom-gadget-chain-39270975163f?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity11-Aug-2024
Udemy Course off 50% CYBER082024https://cyberbruharmy.medium.com/udemy-course-off-50-cyber082024-c61d755d2714?source=rss------bug_bounty-5CyberBruhArmybug-bounty, firewall, bug-bounty-tips, security, cybersecurity11-Aug-2024
Hacking the System: How I Beat Subscription Restrictions in Admin Controlshttps://0xmatrix.medium.com/hacking-the-system-how-i-beat-subscription-restrictions-in-admin-controls-5684fd90279a?source=rss------bug_bounty-5Mo2men Elmadyhacking, bugs, penetration-testing, red-team, bug-bounty11-Aug-2024
How I Got $150 on HackerOne for My First Bughttps://medium.com/@likithteki76/how-i-got-150-on-hackerone-for-my-first-bug-8af0ed515e79?source=rss------bug_bounty-5Likith Tekibug-bounty-tips, 2fa-bypass, vulnerability, bug-bounty, ethical-hacking11-Aug-2024
IDOR — How I Leaked Data of 50k+ Usershttps://medium.com/@YourFinalSin/idor-how-i-leaked-data-of-50k-users-bc44201e777a?source=rss------bug_bounty-5SINidor, bug-bounty-hunter, bug-bounty-writeup, bug-bounty, bug-bounty-tips10-Aug-2024
How I got my first $13500 bounty through Parameter Polluting (HPP)https://infosecwriteups.com/how-i-got-my-first-13500-bounty-through-parameter-polluting-hpp-179666b8e8bb?source=rss------bug_bounty-5rAmpancisthacking, bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips10-Aug-2024
IDOR — Exposing private forms $$$https://medium.com/@hellother18/idor-exposing-private-forms-0204c1ed560a?source=rss------bug_bounty-5Manthan_ mahalehacking, cybersecurity, ethical-hacking, bug-bounty, bugbounty-writeup10-Aug-2024
Day 8 of 30 Days — 30 Vulnerabilities | Security Misconfigurationhttps://medium.com/@kumawatabhijeet2002/day-8-of-30-days-30-vulnerabilities-security-misconfiguration-5d8ee574e7e3?source=rss------bug_bounty-5Abhijeet kumawatsecurity-misconfiguration, bug-bounty, bug-bounty-tips10-Aug-2024
What is a Bug Bounty Program?https://medium.com/@pasan62nanayakkara/what-is-a-bug-bounty-program-f64c90197229?source=rss------bug_bounty-5Ravindu Nanayakkarabug-bounty, cybersecurity, security10-Aug-2024
$800 Improper Authorization Flaw: Unauthorized Project Reclaiming Post Transferhttps://medium.com/@a13h1/800-improper-authorization-flaw-unauthorized-project-reclaiming-post-transfer-15fe36976604?source=rss------bug_bounty-5Abhi Sharmaimproper-authorization, cybersecurity, bug-bounty, idor, programming10-Aug-2024
Practice Lab Setup for Application Security Testinghttps://medium.com/@Kamal_S/practice-lab-setup-for-application-security-testing-9fa2c9b45917?source=rss------bug_bounty-5Kamal Sbug-bounty, vapt, security-testing, appsec, owasp10-Aug-2024
The Evolution of Deserialization Attacks: Understanding the Risks and Future Trendshttps://cyberw1ng.medium.com/the-evolution-of-deserialization-attacks-understanding-the-risks-and-future-trends-0e485ec7e833?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, cybersecurity, hacking, bug-bounty10-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-69)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-69-fa42b90989a1?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, bug-bounty, skills, hacking, cybersecurity10-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-68)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-68-8e3af48d1c65?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, ethical-hacking, cybersecurity, bug-bounty, skills10-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-67)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-67-01756817b60c?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, skills, ethical-hacking, bug-bounty, hacking10-Aug-2024
How to Mitigate SQL Injectionhttps://medium.com/@dhiren.pradhan263/how-to-mitigate-sql-injection-20a26cfa96f5?source=rss------bug_bounty-5Dhiren Pradhansecurity, bug-bounty, information-security09-Aug-2024
How to find P1 SQL injection in indian website.https://medium.com/@padhyepushkar/how-to-find-p1-sql-injection-in-indian-website-59ad091a9e1b?source=rss------bug_bounty-5Pushkar Padhyebug-bounty09-Aug-2024
How to Mitigate SQL Injectionhttps://medium.com/@bountyget/how-to-mitigate-sql-injection-20a26cfa96f5?source=rss------bug_bounty-5Bountygetsecurity, bug-bounty, information-security09-Aug-2024
Bug Bounty Programs Launched in August 2024https://medium.com/@vic-thor/bug-bounty-programs-launched-in-august-2024-ab698f18b7c5?source=rss------bug_bounty-5vicbug-bounty, technology, tech, money, cybersecurity09-Aug-2024
Part 3: Enhancing Database Items in Angular using the Decorator Design Pattern: Bug Prevention…https://medium.com/@nemanjablagojevic/part-3-enhancing-database-items-in-angular-using-the-decorator-design-pattern-bug-prevention-e965373a6219?source=rss------bug_bounty-5Nemanja Blagojevicsingleton, programming, angular, bug-bounty, ecommerce-web-development09-Aug-2024
From Developer to Hacker: Putting on the White Hathttps://medium.com/@jonathanmondaut/from-developer-to-hacker-putting-on-the-white-hat-b4292af8c1d4?source=rss------bug_bounty-5Jonathan Mondautcybersecurity, technology, bug-bounty, ethical-hacking, programming09-Aug-2024
How I Turned a Rate-Limit Bypass into an Account Takeoverhttps://anonysm.medium.com/how-i-turned-a-rate-limit-bypass-into-an-account-takeover-4588541c2d29?source=rss------bug_bounty-5Muthu Dethical-hacking, hacking, pentesting, bug-bounty, penetration-testing09-Aug-2024
Enriching Nuclei results with Vulnerability Intelhttps://medium.com/@nvi_90805/enriching-nuclei-results-with-vulnerability-intel-d760b756b066?source=rss------bug_bounty-5NVI - North Vulnerability Intelligencevulnerability, cve, bug-bounty, nuclei-template, exploit09-Aug-2024
Mastering Subfinder for Subdomain Enumeration: A Quick Guide for Bug Bounty Huntershttps://medium.com/@k4r7hx/mastering-subfinder-for-subdomain-enumeration-a-quick-guide-for-bug-bounty-hunters-5d6c3d471896?source=rss------bug_bounty-5Karthikeyansubdomain-enumeration, subdomains-enumeration, subdomain, bug-bounty, subdomain-takeover09-Aug-2024
Bug Bounty Methodology — Step By Step Guide To Find Subdomains And Vulnerable URLshttps://medium.com/@shaikhminhaz1975/bug-bounty-methodology-step-by-step-guide-to-find-subdomains-and-vulnerable-urls-18bdd76e979f?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, reconnaissance, subdomains-enumeration, bug-bounty, methodology09-Aug-2024
20 Essential Google Dorking Queries to find vulnerable targetshttps://offsec01.medium.com/20-essential-google-dorking-queries-to-find-vulnerable-targets-a98b657dc66d?source=rss------bug_bounty-5Facundo Fernandezoffensive-security, google-dorking, hacking-training, bug-bounty, hacking09-Aug-2024
Day 7 of 30 Days — 30 Vulnerability | IDOR (Insecure Direct Object Reference)https://medium.com/@kumawatabhijeet2002/day-7-of-30-days-30-vulnerability-idor-insecure-direct-object-reference-79b8051d67e2?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, 30dayswritingchallenge, idor-vulnerability, idor, bug-bounty-tips09-Aug-2024
How dirsearch Uncovered a $750 Bountyhttps://medium.com/@bountyget/how-dirsearch-uncovered-a-750-bounty-fd215c925eb7?source=rss------bug_bounty-5Bountygetinfosec, dirsearch, wordlist, bug-bounty, hackerone09-Aug-2024
What After Recon ? Part 01 Bug Bounty Methodologyhttps://omarora1603.medium.com/what-after-recon-part-01-bug-bounty-methodology-25ff3705a738?source=rss------bug_bounty-5Om Arorainfosec, bug-bounty, bug-bounty-writeup, methodology, hacking09-Aug-2024
Embracing Proactive Security Measures: Future-Proofing Against PHAR Deserialization and Beyondhttps://cyberw1ng.medium.com/embracing-proactive-security-measures-future-proofing-against-phar-deserialization-and-beyond-49e1dec9000d?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, hacking, penetration-testing, bug-bounty09-Aug-2024
How i hacked NASA? NASA VDP.https://medium.com/@momos1337/how-i-hacked-nasa-bug-bounty-6975b833eb45?source=rss------bug_bounty-5Fadhli Almunawarcybersecurity, bug-bounty09-Aug-2024
How dirsearch Uncovered a $750 Bountyhttps://medium.com/@bountyget/how-dirsearch-uncovered-a-750-bounty-fd215c925eb7?source=rss------bug_bounty-5Bountygetinfosec, dirsearch, wordlist, info-sec-writeups, bug-bounty09-Aug-2024
L6 — Postbookhttps://scissor07.medium.com/l6-postbook-8d5b322a0801?source=rss------bug_bounty-5scissor_sevenwriteup, cybersecurity, bug-bounty, hackerone, ctf08-Aug-2024
Web App Security Scanner- Vex Scannerhttps://medium.com/@pentesterclubpvtltd/web-app-security-scanner-vex-scanner-e150e9a03ffc?source=rss------bug_bounty-5Pentester Clubcybersecurity, scalability, bug-bounty, hacking, security08-Aug-2024
OAuth Impersonation Attack: Misconfiguration of Facebook and Google OAuth Leading to Account…https://medium.com/@security.tecno/oauth-impersonation-attack-misconfiguration-of-facebook-and-google-oauth-leading-to-account-9f838439de31?source=rss------bug_bounty-5TECNO Securitybug-bounty, security, hacker08-Aug-2024
Hijacking User Privileges: The Story of a Patched Vulnerability in Open Bug Bountyhttps://take0verx0.medium.com/hijacking-user-privileges-the-story-of-a-patched-vulnerability-in-open-bug-bounty-4db81fa0fd1f?source=rss------bug_bounty-5Shahariar Aminbug-bounty, bug-bounty-tips, web-security, openbugbounty08-Aug-2024
Last Week in tech — 5th editionhttps://medium.com/@azefox/last-week-in-tech-5th-edition-0f559055dcf6?source=rss------bug_bounty-5Azefoxcloud-computing, ai, bug-bounty, infosec, news08-Aug-2024
O manual do Hacker Modernohttps://medium.com/@espectrx/o-manual-do-hacker-moderno-2a715e35184c?source=rss------bug_bounty-5Rafael Henriquehackingrévolution, hackerone, hacker-ético, bug-bounty, hacking08-Aug-2024
Building a Resilient Security Framework: Long-Term Strategies for Combating PHAR Deserialization…https://cyberw1ng.medium.com/building-a-resilient-security-framework-long-term-strategies-for-combating-phar-deserialization-de5b38c6aff2?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, penetration-testing, careers08-Aug-2024
Easiest P3 You May Not Knowhttps://muneebalamkhan.medium.com/easiest-p3-you-may-not-know-54ae73cd3361?source=rss------bug_bounty-5Muneeb Alam Khanbug-bounty-tips, penetration-testing, bug-bounty, bounty-hunter, penetration-test07-Aug-2024
SSRF: Blacklist and Whitelist-Based Input Filtershttps://infosecwriteups.com/ssrf-blacklist-and-whitelist-based-input-filters-1c602b872731?source=rss------bug_bounty-5Neetroxcybersecurity, cyber-security-awareness, bug-bounty, cyberattack, technology07-Aug-2024
Client-Side Desync in HTTP: Understanding the Vulnerabilities and How to Mitigate Themhttps://medium.com/@miladkeivanfar/client-side-desync-in-http-understanding-the-vulnerabilities-and-how-to-mitigate-them-f3552164a6c9?source=rss------bug_bounty-5Milad keivanfarsecurity, pentesting, desync, bug-bounty, smuggling07-Aug-2024
Nahamsec’s Intro to Bug Bounty Labs: Your Setup Guidehttps://medium.com/@k4r7hx/nahamsecs-intro-to-bug-bounty-labs-your-setup-guide-145199ee948a?source=rss------bug_bounty-5Karthikeyanbug-bounty, ethical-hacking, penetration-testing, nahamstore, hacking07-Aug-2024
ALL ABOUT TRAVA BUG BOUNTY — FINDING THE FAULTS IN TRAVA.FINANCEhttps://blog.trava.finance/all-about-trava-bug-bounty-finding-the-faults-in-trava-finance-ebdcf476c1d6?source=rss------bug_bounty-5Trava.Financedapps, web3, bug-bounty, blockchain07-Aug-2024
Easiest P3/P4 security misconfiguration to make $$ as a beginner.https://medium.com/@sugamdangal52/easiest-p3-p4-security-misconfiguration-to-make-as-a-beginner-d4f019ad4b85?source=rss------bug_bounty-5Sugam Dangalbug-bounty-program, bug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-tips07-Aug-2024
Real-World Applications and Case Studies of PHAR Deserialization Defensehttps://cyberw1ng.medium.com/real-world-applications-and-case-studies-of-phar-deserialization-defense-f65b67c503aa?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, bug-bounty, hacking07-Aug-2024
Day 5 of 30 Days — 30 Vulnerabilities | Open Redirectshttps://medium.com/@kumawatabhijeet2002/day-5-of-30-days-30-vulnerabilities-open-redirects-386ea2fa1a66?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, bug-bounty-tips, open-redirect, 30dayschallenge, 30dayswritingchallenge07-Aug-2024
Mastering Dirsearch for Bug Huntinghttps://medium.com/@josuofficial327/mastering-dirsearch-for-bug-hunting-f34272c0ba28?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty, bug-bounty-tips, ethical-hacking, cybersecurity, hacking06-Aug-2024
SSRF to Server Takeover PoC (Bug Bounty Writeup)https://medium.com/@malvinval/ssrf-to-server-takeover-poc-bug-bounty-writeup-82d6715e333d?source=rss------bug_bounty-5Malvin Valeriancybersecurity, ethical-hacking, bug-bounty-tips, hacking, bug-bounty06-Aug-2024
From Fries to Flaws : My Journey into Web App Security (Part III)https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-iii-ce91eb384da7?source=rss------bug_bounty-5OiQpenetration-testing, broken-access-control, web-app-security, bug-bounty, bug-bounty-tips06-Aug-2024
My First Bug Bounty: CORS Misconfigurationhttps://r0b0ts.medium.com/my-first-bug-bounty-cors-misconfiguration-3e6f38835c4e?source=rss------bug_bounty-5r0b0tsbug-bounty-writeup, bug-bounty, secu, bug-bounty-tips, bug-bounty-hunter06-Aug-2024
Reflected HTML injection leads to redirection and what’s not!https://medium.com/@shahariarwalid/reflected-html-injection-leads-to-redirection-and-whats-not-3de256b16c30?source=rss------bug_bounty-5Shahariar Aminbug-bounty, web-hacking, poc06-Aug-2024
Race Condition About The User Version and Ignoredhttps://r0b0ts.medium.com/race-condition-about-the-user-version-and-ignored-c98fec642d1b?source=rss------bug_bounty-5r0b0tsbug-bounty-tips, bug-bounty-writeup, bug-bounty, security, bug-bounty-hunter06-Aug-2024
Mastering Network Reconnaissance with Nmap: A Comprehensive Guidehttps://medium.com/@WillFromSwiss/mastering-network-reconnaissance-with-nmap-a-comprehensive-guide-e37fe3cdf8ff?source=rss------bug_bounty-5WillFromSwisspentesting, hacking, bug-bounty, recon, nmap06-Aug-2024
Bypass Admin Panel Access Steps — Bug Tuesdayhttps://medium.com/@kerstan/bypass-admin-panel-access-steps-bug-tuesday-36e7be470dae?source=rss------bug_bounty-5kerstancybersecurity, bug-bounty, hacking06-Aug-2024
Discovering and Exploiting an XSS Vulnerability in an Admin Panelhttps://soltanali0.medium.com/discovering-and-exploiting-an-xss-vulnerability-in-an-admin-panel-8abbc97931fd?source=rss------bug_bounty-5soltanali0admin-panel, xss-attack, hackerone, bug-bounty-tips, bug-bounty06-Aug-2024
Reflected HTML injection leads to redirection and what’s not!https://take0verx0.medium.com/reflected-html-injection-leads-to-redirection-and-whats-not-3de256b16c30?source=rss------bug_bounty-5Shahariar Aminbug-bounty, web-hacking, poc06-Aug-2024
Advanced Defense Mechanisms and Continuous Monitoring Against PHAR Deserializationhttps://cyberw1ng.medium.com/advanced-defense-mechanisms-and-continuous-monitoring-against-phar-deserialization-00512489faf1?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, careers, hacking06-Aug-2024
Hacking OWASP Juice Shop: Part 5- Privilege Escalation via Manipulated User Registrationhttps://infosecwriteups.com/hacking-owasp-juice-shop-part-5-privilege-escalation-via-manipulated-user-registration-4b1c5227aa81?source=rss------bug_bounty-5callgh0sthacking, manipulation, logic, privilege-escalation, bug-bounty06-Aug-2024
From Secure to Breached: The Journey from Confidence to Compromisehttps://medium.com/@armandjasharaj/from-secure-to-breached-the-journey-from-confidence-to-compromise-38fcb7e9ef7c?source=rss------bug_bounty-5Armand Jasharajpenetration-testing, bug-bounty, cybersecurity, information-security06-Aug-2024
Understanding and Mitigating Open Redirection Vulnerability (CVE-2021–36580) in Webmail/Basic…https://medium.com/@anonymousshetty2003/understanding-and-mitigating-open-redirection-vulnerability-cve-2021-36580-in-webmail-basic-24b12c3df17d?source=rss------bug_bounty-5Anonymousshettyopen-redirection, ethical-hacking, cybersecurity, bug-bounty06-Aug-2024
How to Use Netcat as a Persistent Backdoor Utility?https://medium.com/@pentesterclubpvtltd/how-to-use-netcat-as-a-persistent-backdoor-utility-57bb01cbf9cc?source=rss------bug_bounty-5Pentester Clubhacking, bug-bounty-tips, bug-bounty, metasploit, cybersecurity06-Aug-2024
Ping a site to find out information about it.https://medium.com/@pentesterclubpvtltd/ping-a-site-to-find-out-information-about-it-43efdb62b4a0?source=rss------bug_bounty-5Pentester Clubcyber-security-awareness, bug-bounty, cybersecurity, ping, cybercrime05-Aug-2024
Maltego — The Automated OSINT Tool for Ethical Hackershttps://medium.com/@pentesterclubpvtltd/maltego-the-automated-osint-tool-for-ethical-hackers-d6bc5737812e?source=rss------bug_bounty-5Pentester Clubbug-bounty, ethical-hacking, maltego, cybersecurity, osint05-Aug-2024
Recon-ng — Complete Scan — Emails, Sub Domains & Hidden Fileshttps://medium.com/@pentesterclubpvtltd/recon-ng-complete-scan-emails-sub-domains-hidden-files-b357cffd1e0b?source=rss------bug_bounty-5Pentester Clubscan, recon, enumeration, cybersecurity, bug-bounty05-Aug-2024
Perform Network Tracerouting in Linux Machineshttps://medium.com/@pentesterclubpvtltd/perform-network-tracerouting-in-linux-machines-28b6bf57bf71?source=rss------bug_bounty-5Pentester Clubbug-bounty, machine-learning, linux, networking, cybersecurity05-Aug-2024
Gather Information About a Target Website Using Photonhttps://medium.com/@pentesterclubpvtltd/gather-information-about-a-target-website-using-photon-839612a85319?source=rss------bug_bounty-5Pentester Clubweb-design, cybersecurity, bug-bounty, web-development, web305-Aug-2024
Mirror a Target Website Using HTTrack website Copierhttps://medium.com/@pentesterclubpvtltd/mirror-a-target-website-using-httrack-website-copier-0489c23d66b3?source=rss------bug_bounty-5Pentester Clubweb3, website-design, web-development, cybersecurity, bug-bounty05-Aug-2024
Extract Companys Website Data Using Web Data Extractorhttps://medium.com/@pentesterclubpvtltd/extract-companys-website-data-using-web-data-extractor-a2957c56fd3f?source=rss------bug_bounty-5Pentester Clubdata, website, bug-bounty, web3, cybersecurity05-Aug-2024
Gather Personal Information Using PeekYou online People Search Servicehttps://medium.com/@pentesterclubpvtltd/gather-personal-information-using-peekyou-online-people-search-service-8a523a180f0d?source=rss------bug_bounty-5Pentester Clubdata, bug-bounty, cybersecurity, people, search-engine-optimizati05-Aug-2024
Mastering Angry IP Scanner: Unleashing the Power of Network Diagnosticshttps://medium.com/@pentesterclubpvtltd/mastering-angry-ip-scanner-unleashing-the-power-of-network-diagnostics-43388a593650?source=rss------bug_bounty-5Pentester Clubnetworking, bug-zero, cybersecurity, bug-bounty, angry05-Aug-2024
Uncover the Shocking Truth Behind HTTP Header Injection Attacks: Protect Yourself Now!https://systemweakness.com/the-hidden-danger-lurking-in-your-http-headers-3f93474933cb?source=rss------bug_bounty-5Khaleel Khanhacking, bug-bounty, cybersecurity, infosec, web-development05-Aug-2024
Exploit Public-Facing Application conceptshttps://medium.com/@alimostafaeiorg/exploit-public-facing-application-concepts-95c9d9efe76b?source=rss------bug_bounty-5Ali Mostafaeipentest, exploit, xs, exploit-public-facing, bug-bounty05-Aug-2024
You might have never understood the OSI Model this way.https://medium.com/@rohillachhavi12/you-might-have-never-understood-the-osi-model-this-way-2b3d234c5bac?source=rss------bug_bounty-5Chhavi Rohillanetworking, technology, bug-bounty, learning, cybersecurity05-Aug-2024
SQL Injection Part 1️⃣https://infosecwriteups.com/sql-injection-part-1%EF%B8%8F%E2%83%A3-eead93a673a2?source=rss------bug_bounty-5Neetroxcybersecurity, sql, data, bug-bounty, cyber-security-awareness05-Aug-2024
Discovering and Exploiting an XSS Vulnerability in a Bug Bounty Program Scopehttps://medium.com/@anonymousshetty2003/discovering-and-exploiting-an-xss-vulnerability-in-a-bug-bounty-program-scope-383327e7f290?source=rss------bug_bounty-5Anonymousshettycybersecurity, bug-bounty, xss-vulnerability, ethical-hacking05-Aug-2024
From Detection to Notification: Security Automation to Earn $$$$https://vijetareigns.medium.com/from-detection-to-notification-security-automation-to-earn-4ea1a13576bc?source=rss------bug_bounty-5the_unlucky_guybugbounty-writeup, cybersecurity, technology, bug-bounty, automation05-Aug-2024
How i found Host Header Injection on SpaceXhttps://medium.com/@gitlime71/how-i-found-host-header-injection-on-spacex-3a9b45db70e8?source=rss------bug_bounty-5Raccoonpenetration-testing, bug-bounty, pentesting, hacking, bug-bounty-tips05-Aug-2024
Zero-Click account Take-overhttps://0xebn-taimia.medium.com/zero-click-account-take-over-deb0fae7a6c1?source=rss------bug_bounty-50xEbn-Taimiabug-bounty, cybersecurity, bugs, ato05-Aug-2024
Advanced Techniques and Defenses Against PHAR Deserialization Exploitshttps://cyberw1ng.medium.com/advanced-techniques-and-defenses-against-phar-deserialization-exploits-c65074fa5035?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, hacking, careers05-Aug-2024
Day 3 of 30 Days — 30 Vulnerability | CSRFhttps://medium.com/@kumawatabhijeet2002/day-3-of-30-days-30-vulnerability-csrf-3958560fb941?source=rss------bug_bounty-5Abhijeet kumawatvulnerability, bug-bounty, cybersecurity, csrf-attack05-Aug-2024
Unveiling Remote Code Execution in AI chatbot workflowshttps://infosecwriteups.com/unveiling-remote-code-execution-in-ai-chatbot-workflows-3c7f633f63c3?source=rss------bug_bounty-5Anurag__Vermaethical-hacking, infosec, penetration-testing, bugs, bug-bounty05-Aug-2024
How I Got Critical P2 Bug on Google VRPhttps://medium.com/@rhashibur75/how-i-got-critical-p2-bug-on-google-vrp-165017145af8?source=rss------bug_bounty-5Kazi Hashibur Rahmangoogle-bug, bugs, bug-bounty-tips, bug-bounty, google04-Aug-2024
Insecure Deserialization — Why it is a vulnerabilityhttps://medium.com/@nanak.singh/insecure-deserialization-why-it-is-a-vulnerability-74e22e878cf4?source=rss------bug_bounty-5Nanak Singh Khuranaweb-security, insecure-deserialization, hacking, bug-bounty04-Aug-2024
Simple Authentication Bypass By Response Manipulation.https://medium.com/@test123cybertest/simple-authentication-bypass-by-response-manipulation-44ba530e803b?source=rss------bug_bounty-5praveenarsh0xx0hacking, tips-and-tricks, cybersecurity, pentest, bug-bounty04-Aug-2024
Hacking OWASP Juice Shop: Part 3- Exploiting Insufficient Server-Side Checks:::Bypassing Input…https://infosecwriteups.com/hacking-owasp-juice-shop-part-3-exploiting-insufficient-server-side-checks-bypassing-input-6b4368449c2f?source=rss------bug_bounty-5callgh0sthacking, input-validation, burpsuite, consistency, bug-bounty04-Aug-2024
SQL Injection Attack, Querying the Database Type and Version on MySQL and Microsofthttps://medium.com/@marduk.i.am/sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft-caf947d0208a?source=rss------bug_bounty-5Marduk I Amsqli, sql-injection, bug-bounty, information-security, portswigger-lab04-Aug-2024
Hacking OWASP Juice Shop: Part4 — Exploiting Payment and Input Validation Loopholeshttps://infosecwriteups.com/hacking-owasp-juice-shop-part4-exploiting-payment-and-input-validation-loopholes-59f6b8485c3e?source=rss------bug_bounty-5callgh0stprompt, bypass, consistency, hacking, bug-bounty04-Aug-2024
Simple logic flaw lead to P3 bug in public BBPhttps://medium.com/@mohamed0xmuslim/simple-logic-flaw-lead-to-p3-bug-in-public-bbp-7cf21a4fb7c6?source=rss------bug_bounty-5Muhammad_Mostafabug-bounty, bugcrowd, bugbounty-writeup, bug-bounty-tips, hackerone04-Aug-2024
curityPHAR Deserialization: Exploiting Hidden Vulnerabilities in PHPhttps://cyberw1ng.medium.com/curityphar-deserialization-exploiting-hidden-vulnerabilities-in-php-c68891254c13?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, cybersecurity, penetration-testing, hacking04-Aug-2024
Kioptrix Level 3 Walkthroughhttps://erdemstar.medium.com/kioptrix-level-3-walkthrough-25dce894e7e3?source=rss------bug_bounty-5Erdemstaroscp-preparation, bug-bounty, pentesting, oscp, bug-bounty-tips04-Aug-2024
Exploiting Negative Quantity Manipulation for Total Price Reductionhttps://medium.com/@adhammedhat101/s-e615c50a1798?source=rss------bug_bounty-5SemZcybersecurity, bug-bounty, bugbounty-writeup, penetration-testing, web-app-security04-Aug-2024
Don’t Know Where to Look for Bugs? A Beginner’s Guide to Bug Huntinghttps://medium.com/@paritoshblogs/dont-know-where-to-look-for-bugs-a-beginner-s-guide-to-bug-hunting-780780eec09b?source=rss------bug_bounty-5Paritoshbug-bounty-tips, bug-bounty, information-technology, information-security, cybersecurity03-Aug-2024
How I prevented a mass leak of user data at one of the largest Tech companieshttps://medium.com/@syarifsajjad07/how-i-prevented-a-mass-leak-of-user-data-at-one-of-the-largest-tech-companies-caea05474af8?source=rss------bug_bounty-5Syarifsajjadhackerone, bug-bounty-tips, cybersecurity, bug-bounty, bugbounty-writeup03-Aug-2024
30 Days — 30 Vulnerability Challengehttps://it4chis3c.medium.com/30-days-30-vulnerability-challenge-28edae3b25d4?source=rss------bug_bounty-5It4chis3cbug-bounty-tips, bug-bounty, 30dayswritingchallenge03-Aug-2024
Day 1 of 30 Days — 30 Vulnerabilities Tips & Trickshttps://it4chis3c.medium.com/day-1-of-30-days-30-vulnerabilities-tips-tricks-4cff7b2756a2?source=rss------bug_bounty-5It4chis3c30dayswritingchallenge, xss-attack, xss-vulnerability, bug-bounty-tips, bug-bounty03-Aug-2024
How I Hacked and Secured a Croatian Government Website: A White Hat Journeyhttps://harshit3.medium.com/how-i-hacked-and-secured-a-croatian-government-website-a-white-hat-journey-d452fbb8e711?source=rss------bug_bounty-5Harshitethical-hacking, bug-bounty, security, vulnerability, cybersecurity03-Aug-2024
How a Host Header Injection Bug Earned Me My Fourth Hall of Fame Spot at Applehttps://medium.com/@MohaseenK/how-a-host-header-injection-bug-earned-me-my-fourth-hall-of-fame-spot-at-apple-b5d880acbba2?source=rss------bug_bounty-5Mohaseeninfosec, hall-of-fame, hackerone, bug-bounty, apple03-Aug-2024
Your AI Conversations Aren’t Safe: How We Stole Themhttps://h0tak88r.medium.com/your-ai-conversations-arent-safe-how-we-stole-them-02c17db2ed72?source=rss------bug_bounty-5sallambug-bounty-tips, prompt-injection-attack, ai-hacking, bug-bounty, oauth03-Aug-2024
How I Earned $469 Bounty: Bypassing Plan Restrictionhttps://medium.com/@a13h1/how-i-earned-469-bounty-bypassing-plan-restriction-58f6d3120b6e?source=rss------bug_bounty-5Abhi Sharmaaccess-control, programming, infosec, cybersecurity, bug-bounty03-Aug-2024
How to Find Vulnerabilities and Bugs with the Help of ChatGPT and Get Bountyhttps://medium.com/@shaikhminhaz1975/how-to-find-vulnerabilities-and-bugs-with-the-help-of-chatgpt-and-get-bounty-f1ee5b6b0dd0?source=rss------bug_bounty-5Shaikh Minhazbug-bounty-with-ai, bug-bounty, chatgpt, cybersecurity, find-bug-with-chatgpt03-Aug-2024
how I found a critical bug using response manipulationhttps://matrixm0x1.medium.com/how-i-found-a-critical-bug-using-response-manipulation-4403a562db12?source=rss------bug_bounty-5matrixm0x1security, vulnerability, cybersecurity, bugs, bug-bounty03-Aug-2024
20.9 Lab: Developing a custom gadget chain for PHP deserializationhttps://cyberw1ng.medium.com/20-9-lab-developing-a-custom-gadget-chain-for-php-deserialization-c173ff462156?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing03-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-66)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-66-9a60c229db5e?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, skills, hacking, bug-bounty, cybersecurity03-Aug-2024
How could privilege escalation vulnerability lead to full account takeover?https://medium.com/@moxallam/how-could-privilege-escalation-vulnerability-lead-to-full-account-takeover-0d49d3d5fbee?source=rss------bug_bounty-53llampentesting, web-application-security, bug-bounty, cyber-security-services, bug-bounty-writeup03-Aug-2024
Uncovering a Reflected XSS Vulnerability in an Insurance Company’s Websitehttps://medium.com/@anonymousshetty2003/uncovering-a-reflected-xss-vulnerability-in-an-insurance-companys-website-ee56c3492381?source=rss------bug_bounty-5Anonymousshettybug-bounty, cybersecurity, ethical-hacking03-Aug-2024
Discovering a Reflected XSS Vulnerability in an Shopping Websitehttps://medium.com/@anonymousshetty2003/discovering-a-reflected-xss-vulnerability-in-an-shopping-website-d9ea72be73ef?source=rss------bug_bounty-5Anonymousshettybug-bounty, xss-vulnerability, ethical-hacking, cybersecurity03-Aug-2024
The first $100 from Bug Hunterhttps://medium.com/@osamamohamed21212121/the-first-100-from-bug-hunter-aaee9a0ac547?source=rss------bug_bounty-5Osamamohamedcybersecurity, security, vulnerability, bug-bounty, bus03-Aug-2024
How I Escalated N/A to High and Got Rewarded £££: Bug Hunting Journeyhttps://medium.com/@iamrizwanvp/how-i-escalated-n-a-to-medium-and-got-rewarded-bug-hunting-journey-c6e6097fe93c?source=rss------bug_bounty-5iamrizwanvpbug-bounty, penetration-testing, cybersecurity, bugbounty-writeup03-Aug-2024
From Fries to Flaws : My Journey into Web App Security (Part II)https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-ii-6127ecc7d93f?source=rss------bug_bounty-5OiQbug-bounty, web-application-security, cybersecurity, xss-vulnerability, bug-bounty-tips03-Aug-2024
Tips about bug bounty for complete begginershttps://medium.com/@mrkimia097/tips-about-bug-bounty-for-complete-begginers-0fa1c85594ad?source=rss------bug_bounty-5Mrkimiabug-bounty, hacker, bugbounty-tips03-Aug-2024
How I Escalated N/A to High and Got Rewarded $$$: Bug Hunting Journeyhttps://medium.com/@iamrizwanvp/how-i-escalated-n-a-to-medium-and-got-rewarded-bug-hunting-journey-c6e6097fe93c?source=rss------bug_bounty-5iamrizwanvpbug-bounty-tips, bug-bounty, penetration-testing, cybersecurity, bugbounty-writeup03-Aug-2024
#4. Bug Bounty Series: Exploiting Boolean-based SQL Injectionhttps://cyb3rmind.medium.com/4-bug-bounty-series-exploiting-boolean-based-sql-injection-3455d800892e?source=rss------bug_bounty-5Cyb3r M!ndspentesting, hacking, bug-bounty, sql-injection02-Aug-2024
Bounty Hunting — Complete Guide (Part-65)https://medium.com/@rafid19/bounty-hunting-complete-guide-part-65-885040ada45a?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, hacking, cybersecurity, ethical-hacking, bug-bounty02-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-64)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-64-aa6bc5c45197?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, hacking, skills, bug-bounty02-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-63)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-63-fdea83c2c38f?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, ethical-hacking, skills, hacking02-Aug-2024
Best youtube channels to learn bughunting and penetration testinghttps://medium.com/@sangamahesh650/best-youtube-channels-to-learn-bughunting-and-penetration-testing-eea2e78a202a?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, bug-bounty-writeup, bugbounty-tips, bug-bounty-tips, bug-bounty02-Aug-2024
Finding subdomains from googlehttps://medium.com/@sangamahesh650/finding-subdomains-from-google-7f370fe60ad1?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, bugbounting, bug-bounty, bug-bounty-tips, bug-bounty-writeup02-Aug-2024
Search engines for hackers and bughuntershttps://medium.com/@sangamahesh650/search-engines-for-hackers-and-bughunters-16139aa60752?source=rss------bug_bounty-5loyalonlytodaybugbounty-writeup, bug-bounty-tips, bug-bounty, hacking, penetration-testing02-Aug-2024
Finding more subdomainshttps://medium.com/@sangamahesh650/finding-more-subdomains-1f5221e79310?source=rss------bug_bounty-5loyalonlytodaybug-bounty, bugbounty-tips, bug-bounty-tips02-Aug-2024
Overview of API Penetration Testinghttps://medium.com/@aakashgupthagwapt/overview-of-api-penetration-testing-2065f6722f4e?source=rss------bug_bounty-5Aakashgupthapenetration-testing, api-penetration-testing, bug-bounty, cybersecurity, api02-Aug-2024
20.8 Lab: Developing a custom gadget chain for Java deserializationhttps://cyberw1ng.medium.com/20-8-lab-developing-a-custom-gadget-chain-for-java-deserialization-01b85e1e998a?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, hacking, bug-bounty, cybersecurity02-Aug-2024
I found RCE on Viber.https://medium.com/@deadoverflow/i-found-rce-on-viber-432cf9e17eb0?source=rss------bug_bounty-5Imad Husanoviccyber-security-awareness, programming, hacking, rce, bug-bounty02-Aug-2024
Email Verification Bypass Easy-P4https://medium.com/@Ajakcybersecurity/email-verification-bypass-easy-p4-70039d0b8fd9?source=rss------bug_bounty-5AjakCybersecuritytechnology, penetration-testing, bug-bounty, hacking, ethical-hacking02-Aug-2024
Client-Side XSS: The DOM-based Debacle (Cross Site Scripting)https://medium.com/@godsxfinger/client-side-xss-the-dom-based-debacle-cross-site-scripting-7a14904934d9?source=rss------bug_bounty-5Aadi (godsxfinger)xs, web-app-security, bug-bounty, cybersecurity, bug-bounty-tips01-Aug-2024
Serialization and Deserialization: Advanced Concepts and Best Practiceshttps://cyberw1ng.medium.com/serialization-and-deserialization-advanced-concepts-and-best-practices-c6562fce9e4b?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, penetration-testing, cybersecurity01-Aug-2024
Understanding Cross-Site Scripting (XSS)https://medium.com/@soheilvanaee.net/understanding-cross-site-scripting-xss-5610d02cc5c4?source=rss------bug_bounty-5Soheilvanaee Netbug-bounty, cybersecurity, web-hacking01-Aug-2024
First Bug Report: HTML Injection Vulnerability ️‍♂️https://medium.com/@youseftamereg/first-bug-report-html-injection-vulnerability-%EF%B8%8F-%EF%B8%8F-7a5e042d6548?source=rss------bug_bounty-5yousef tamerhtml-injection, writeup, bug-bounty01-Aug-2024
Wasabi Bucket Takeover | Bug Bountyhttps://mo9khu93r.medium.com/wasabi-bucket-takeover-bug-bounty-7520e8decde7?source=rss------bug_bounty-5mo9khu93rethical-hacking, cybersecurity, subdomain-takeover, bug-bounty31-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-62)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-62-4ff0fce045ca?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, skills, bug-bounty, hacking31-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-61)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-61-1c6514a2067b?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, cybersecurity, bug-bounty, skills, hacking31-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-60)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-60-76ea9ba1551c?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, bug-bounty, hacking, cybersecurity, ethical-hacking31-Jul-2024
Step-by-Step Guide On How to Find Your First Bug in Web Applicationshttps://medium.com/@shaikhminhaz1975/step-by-step-guide-on-how-to-find-your-first-bug-in-web-applications-0080f6a7f945?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, bug-bounty, vulnerability, information-disclosure, ethical-hacking31-Jul-2024
How To Find Your 1st Bug For Bug Bounty Hunters (Step by Step Guide) Guarantee Resulthttps://medium.com/@shaikhminhaz1975/step-by-step-guide-on-how-to-find-your-first-bug-in-web-applications-0080f6a7f945?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, bug-bounty, vulnerability, information-disclosure, ethical-hacking31-Jul-2024
SAML Authentication Bypass Leading to Admin Panel Accesshttps://medium.com/@0x_xnum/saml-authentication-bypass-leading-to-admin-panel-access-24f23812ed76?source=rss------bug_bounty-5Ahmed Tarekbug-bounty, saml, privilege-escalation, broken-access-control, authentication-bypass31-Jul-2024
Don’t know where to look for bugs ?? In Depth Recon Bug Bounty — Part 02https://omarora1603.medium.com/dont-know-where-to-look-for-bugs-in-depth-recon-bug-bounty-part-02-9d7c55e045aa?source=rss------bug_bounty-5Om Arorabug-bounty-writeup, hacking, bug-bounty, methodology, infosec31-Jul-2024
My Journey into Cybersecurity: Learning Bug Bounty from Scratchhttps://medium.com/@akashathare411/my-journey-into-cybersecurity-learning-bug-bounty-from-scratch-abc2b45f04c5?source=rss------bug_bounty-5Akash Atharelearning, cybersecurity, bug-bounty, iit, masters-degree31-Jul-2024
Serialization and Deserialization: An Essential Guidehttps://cyberw1ng.medium.com/serialization-and-deserialization-an-essential-guide-30552a9cf379?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, cybersecurity, penetration-testing31-Jul-2024
Hack and make money — Bug Bountyhttps://medium.com/@victoras.croitoru/hack-and-make-money-bug-bounty-d9db818eb33e?source=rss------bug_bounty-5viconline, ethical-hacking, hacking, money, bug-bounty31-Jul-2024
NgeSec Bebas #3 — How to Avoid N/A on Submissionshttps://muh-hidayat7799.medium.com/ngesec-bebas-3-how-to-avoid-n-a-on-submissions-9acf14ef7ba1?source=rss------bug_bounty-5Muhamad Hidayatmethodology, risk-management, bug-bounty, app-security, penetration-testing31-Jul-2024
Don’t know where to look for bugs ?? In Depth Recon Bug Bounty — Part 02https://infosecwriteups.com/dont-know-where-to-look-for-bugs-in-depth-recon-bug-bounty-part-02-9d7c55e045aa?source=rss------bug_bounty-5Om Arorabug-bounty-writeup, hacking, bug-bounty, methodology, infosec31-Jul-2024
Why bug bounty program should be a part of your security strategy — ET CISOhttps://nowitsanurag.medium.com/why-bug-bounty-program-should-be-a-part-of-your-security-strategy-et-ciso-ad5abf991292?source=rss------bug_bounty-5Anuragcybersecurity, bug-bounty, ransomware, vulnerability31-Jul-2024
Uncovering Sensitive Information: A Case Study on a Government Websitehttps://medium.com/@anonymousshetty2003/uncovering-sensitive-information-a-case-study-on-a-government-website-1f5ad0e158ec?source=rss------bug_bounty-5Anonymousshettyhacking, ethical-hacking, bug-bounty, wpscan, cybersecurity31-Jul-2024
Stored XSS: When Bad Code Happens to Good Websites (Cross Site Scripting)https://medium.com/@godsxfinger/stored-xss-when-bad-code-happens-to-good-websites-a5d6b4e629ca?source=rss------bug_bounty-5Aadi (godsxfinger)bug-bounty, cross-site-scripting, xs, web-app-security, cybersecurity31-Jul-2024
Reflected XSS: Navigating the Web’s Wild West (Cross-Site Scripting)https://medium.com/@godsxfinger/reflected-xss-navigating-the-webs-wild-west-cross-site-scripting-a1e092e58b73?source=rss------bug_bounty-5Aadi (godsxfinger)cybersecurity, cross-site-scripting, xs, bug-bounty, web-app-security31-Jul-2024
From Fries to Flaws : My Journey into Web App Security (Part I)https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-i-958c67c20771?source=rss------bug_bounty-5OiQweb-application-security, web-vulnerabilities, bug-bounty, bug-bounty-tips, cybersecurity31-Jul-2024
ICMTC Final CTF 2024 Web Hackig Challengeshttps://medium.com/@medohythem2019/icmtc-final-ctf-2024-web-hackig-challenges-5135cccf09ba?source=rss------bug_bounty-50xdragonbug-bounty, hacking, pentesting, ctf30-Jul-2024
LFI WITH PHPINFO TO RCEhttps://infosecwriteups.com/lfi-with-phpinfo-to-rce-78318f0dc9ce?source=rss------bug_bounty-5c0d3x27bug-bounty, hacking-tools, hacking, web-development, cybersecurity30-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-59)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-59-a0a4a25d7f97?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, cybersecurity, ethical-hacking, bug-bounty, skills30-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-58)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-58-f4102848b19d?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, bug-bounty, ethical-hacking, cybersecurity, skills30-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-57)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-57-1c470cccf094?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, bug-bounty, skills, hacking30-Jul-2024
Triple XSS in a Private Bug Bounty Program via a Hidden Parameterhttps://infosecwriteups.com/triple-xss-in-a-private-bug-bounty-program-via-a-hidden-parameter-b42d0263f56d?source=rss------bug_bounty-5Andreahacking, bug-bounty, xss-attack30-Jul-2024
Interesting Business Logic Error leads to Pre-Account Takeover via Verification bypass on GoogleVRPhttps://medium.com/@jerryhackgather/interesting-business-logic-error-leads-to-pre-account-takeover-via-verification-bypass-on-googlevrp-d362f9469e3d?source=rss------bug_bounty-5Jerry1319cybersecurity, bug-bounty-tips, bug-bounty, bugbounty-writeup30-Jul-2024
Cross-Site Scripting (XSS) Vulnerabilities:https://medium.com/@yassentaalab51/cross-site-scripting-xss-vulnerabilities-1397653cef7d?source=rss------bug_bounty-5Yassen Taalabowasp, web-vulnerabilities, bug-bounty, web-security, xss-attack30-Jul-2024
6 tips for finding security vulnerabilities with GitHub Code Search — Bug Bounty Tuesdayhttps://medium.com/@kerstan/6-tips-for-finding-security-vulnerabilities-with-github-code-search-bug-bounty-tuesday-d4035bc7e302?source=rss------bug_bounty-5kerstanhacking, bug-bounty, cybersecurity30-Jul-2024
Stealing First Party Access Token of Facebook Users: Meta Bug Bountyhttps://iamsaugat.medium.com/stealing-first-party-access-token-of-facebook-users-meta-bug-bounty-44b3b2e87d07?source=rss------bug_bounty-5Saugat Pokharelmeta, cybersecurity, facebook-bug-bounty, bug-bounty, hacking30-Jul-2024
第一次课程笔记整理https://medium.com/@starkxun5215/%E7%AC%AC%E4%B8%80%E6%AC%A1%E8%AF%BE%E7%A8%8B%E7%AC%94%E8%AE%B0%E6%95%B4%E7%90%86-52d34c91f3fc?source=rss------bug_bounty-5xun starkbug-bounty30-Jul-2024
Race Conditions Uncovered: A Practical Guidehttps://yaseenzubair.medium.com/race-conditions-uncovered-a-practical-guide-3cb69d73c946?source=rss------bug_bounty-5Yaseen Zubairweb-security, penetration-testing, bug-bounty, bug-bounty-tips, race-condition30-Jul-2024
Navigating the Dangers of Insecure Deserializationhttps://cyberw1ng.medium.com/navigating-the-dangers-of-insecure-deserialization-73254b5ed415?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, bug-bounty, hacking, careers30-Jul-2024
How I got my first valid bug on nasahttps://medium.com/@mrkimia097/how-i-got-my-first-valid-bug-on-nasa-bf5e95531f00?source=rss------bug_bounty-5Mrkimiabug-bounty30-Jul-2024
Top Google Dorks Explainedhttps://infosecwriteups.com/top-google-dorks-explained-ee6cac1673da?source=rss------bug_bounty-5Mike Takahashi (TakSec)information-security, seo, hacking, cybersecurity, bug-bounty30-Jul-2024
Exposing OTP Bypass Vulnerabilities: Step-by-Step Bug Bounty Case Studyhttps://b0mk35h.medium.com/exposing-otp-bypass-vulnerabilities-step-by-step-bug-bounty-case-study-0dc39dc543bd?source=rss------bug_bounty-5Pronay Biswaspenetration-testing, hacking, bug-bounty, vulnerability, cybersecurity29-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-56)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-56-5d2efa89b759?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, bug-bounty, ethical-hacking, cybersecurity, skills29-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-55)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-55-1032e6222b41?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, skills, bug-bounty, hacking29-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-54)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-54-8e83629a6942?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, hacking, ethical-hacking, skills, bug-bounty29-Jul-2024
Exploiting Open Redirection $1000https://medium.com/@mdnafeed3/how-about-exploiting-open-redirection-how-base64-encoding-can-uncover-hidden-vulnerabilities-cb5beb11b763?source=rss------bug_bounty-5H4cker-Nafeedcybersecurity, web3, infosec, hacking, bug-bounty29-Jul-2024
Insecure Deserialization Vulnerabilities: A Deep Dive into Risks and Mitigationshttps://cyberw1ng.medium.com/insecure-deserialization-vulnerabilities-a-deep-dive-into-risks-and-mitigations-5c37f297c763?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, bug-bounty, penetration-testing, hacking29-Jul-2024
Discovering and Exploiting an XSS Vulnerability in a Large Finance Websitehttps://medium.com/@anonymousshetty2003/discovering-and-exploiting-an-xss-vulnerability-in-a-large-finance-website-f125dbd6d984?source=rss------bug_bounty-5Anonymousshettyxss-vulnerability, cybersecurity, ethical-hacking, hacking, bug-bounty29-Jul-2024
Advanced scan with Bashhttps://mosec0.medium.com/advanced-scan-with-bash-52005537a63c?source=rss------bug_bounty-5Mohamed Alipentester, bug-bounty, new-security-tool29-Jul-2024
Uncovering Sensitive File Information: A Case Study in Web Securityhttps://medium.com/@anonymousshetty2003/uncovering-sensitive-file-information-a-case-study-in-web-security-f5d03f2c5cd4?source=rss------bug_bounty-5Anonymousshettysensitive-data, cybersecurity, ethical-hacking, bug-bounty, dorking29-Jul-2024
Kioptrix Level 2 Walkthroughhttps://erdemstar.medium.com/kioptrix-level-2-walkthrough-439c56f87c?source=rss------bug_bounty-5Erdemstarvulnerability, oscp-preparation, bug-bounty-tips, bug-bounty, oscp29-Jul-2024
JS Link Finder Burp Suite Extension Guidehttps://infosecwriteups.com/js-link-finder-burp-suite-extension-guide-e4809a6da268?source=rss------bug_bounty-5Mike Takahashi (TakSec)information-security, cybersecurity, hacking, bug-bounty, appsec29-Jul-2024
New Planshttps://medium.com/@nnface/new-plans-0b11cfa5495d?source=rss------bug_bounty-5NnFacebugs, bug-bounty, bug-bounty-writeup, hacker, hacking29-Jul-2024
Chain Reaction On Big Playerhttps://medium.com/@nnface/chain-reaction-on-big-player-4e331faf57b9?source=rss------bug_bounty-5NnFacebug-bounty, bug-bounty-tips, bugs, bugs-bunny, hacking29-Jul-2024
JavaScript: Hunting And Analyzing for Bug Bounty..https://hacktivistattacker.medium.com/javascript-hunting-and-analyzing-for-bug-bounty-a15416de32cd?source=rss------bug_bounty-5Hacktivist-Attackerbug-bounty, ethical-hacking, code-analysis, education, javascript28-Jul-2024
Hunting for Vulnerabilities that are ignored by most of the Bug Bounty Hunters — Part 2https://medium.com/@kshunya/hunting-for-vulnerabilities-that-are-ignored-by-most-of-the-bug-bounty-hunters-part-2-d2a51edaa8e8?source=rss------bug_bounty-5Vishal Barotpentesting, infosec, bug-bounty, penetration-testing, vapt28-Jul-2024
Hacking OWASP Juice Shop: Part 2 — Exposing Critical Vulnerabilities in the Payment Flowhttps://callgh0st.medium.com/hacking-owasp-juice-shop-part-2-exposing-critical-vulnerabilities-in-the-payment-flow-45630ed1633e?source=rss------bug_bounty-5callgh0stvulnerability, hacking, bug-bounty, payments, logic28-Jul-2024
Unveiling Hidden Git Repositories: A Deep Dive into the Git Source Code Disclosure Scannerhttps://maordayanofficial.medium.com/unveiling-hidden-git-repositories-a-deep-dive-into-the-git-source-code-disclosure-scanner-f704470de59a?source=rss------bug_bounty-5Maor Dayanthreat-hunting, vulnerability, white-hat-hacker, bug-bounty28-Jul-2024
How I bypass Safegurads of meta AI (Llama)https://medium.com/@jeetpal2007/how-i-bypass-safegurads-of-meta-ai-llama-d735b521da2b?source=rss------bug_bounty-5JEETPALllamas, bug-bounty, llm, bugbounty-tips, bugbounty-writeup28-Jul-2024
How to Fight Procrastination as a Bug Hunterhttps://medium.com/@Progsky/how-to-fight-procrastination-as-a-bug-hunter-48d0d280e572?source=rss------bug_bounty-5Progskybug-bounty, hacking, pentesting, penetration-testing, procrastination28-Jul-2024
Exploiting Insecure Deserialization Vulnerabilitieshttps://cyberw1ng.medium.com/exploiting-insecure-deserialization-vulnerabilities-cb9c586cd146?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, penetration-testing, hacking28-Jul-2024
Subdomain Takeoverhttps://medium.com/@mukkagopi50/subdomain-takeover-1de38466fdcc?source=rss------bug_bounty-5Gopi Mukkabug-bounty28-Jul-2024
Bypass Plan Restriction & Get 350$ Bountyhttps://infosecwriteups.com/bypass-plan-restriction-get-350-bounty-2df24f406462?source=rss------bug_bounty-5Abhi Sharmaprivilege-escalation, bug-bounty, programming, cybersecurity, access-control28-Jul-2024
Here are some common parameters to test for XSS (Cross-Site Scripting) vulnerabilities:https://medium.com/@BugHunterMan/here-are-some-common-parameters-to-test-for-xss-cross-site-scripting-vulnerabilities-fbe25f1968cc?source=rss------bug_bounty-5BugHUnterManbug-bounty, vulnerability28-Jul-2024
Hacking OWASP Juice Shop: Part 2 — Exposing Critical Vulnerabilities in the Payment Flowhttps://infosecwriteups.com/hacking-owasp-juice-shop-part-2-exposing-critical-vulnerabilities-in-the-payment-flow-45630ed1633e?source=rss------bug_bounty-5callgh0stvulnerability, hacking, bug-bounty, payments, logic28-Jul-2024
0-Click ATO Due to Weak Reset Password Tokens and Lack of Rate Limitinghttps://h0tak88r.medium.com/0-click-ato-due-to-weak-reset-password-tokens-and-lack-of-rate-limiting-b7fe20487a45?source=rss------bug_bounty-5sallamcybersecurity, ato, bug-bounty, account-takeover, bug-bounty-tips28-Jul-2024
how did i find leakage of information just by fuzzing?https://medium.com/@onader104/how-did-i-find-leakage-of-information-just-by-fuzzing-888d6ce6d8f7?source=rss------bug_bounty-5Omar Naderinfosec, bug-bounty, cybersecurity, bug-bounty-tips, info-sec-writeups28-Jul-2024
The Looming Threat: How an IDOR Vulnerability Could Have Exposed Millions of Merchants Details.https://medium.com/@cy3erbeast/the-looming-threat-how-an-idor-vulnerability-could-have-exposed-millions-of-merchants-details-f488725489a0?source=rss------bug_bounty-5Rahulbug-bounty-writeup, bug-bounty, idor-vulnerability, bug-bounty-tips, data-breach28-Jul-2024
Discovered Sensitive Data Exposure on Wati.com: A Case Study Using Sublist3r and DirBusterhttps://medium.com/@anonymousshetty2003/discovered-sensitive-data-exposure-on-wati-com-a-case-study-using-sublist3r-and-dirbuster-409a03f8f75d?source=rss------bug_bounty-5Anonymousshettybug-bounty, hacking, cybersecurity, ethical-hacking27-Jul-2024
Open Redirect Vulnerability in Microsoft Create Portalhttps://zeynalxan.medium.com/open-redirect-vulnerability-in-microsoft-create-portal-6654eb3e6b7a?source=rss------bug_bounty-5Zeynalxan Quliyevbug-bounty, microsoft-hack, open-redirect, bug-bounty-writeup, microsoft-open-redirect27-Jul-2024
How I found a Privilege Escalation bug in bug bounty.https://medium.com/@gitlime71/how-i-found-a-privilege-escalation-bug-in-bug-bounty-eff018f19020?source=rss------bug_bounty-5Raccoonhacking, bug-bounty, penetration-testing, pentesting, bug-bounty-tips27-Jul-2024
Jailbreak of Meta AI (Llama -3.1) revealing configuration detailshttps://medium.com/@kiranmaraju/jailbreak-of-meta-ai-llama-3-1-revealing-configuration-details-9f0759f5006a?source=rss------bug_bounty-5Kiran Marajullm, nlp, cybersecurity, bug-bounty, chatbots27-Jul-2024
Subdomain Takeoverhttps://medium.com/@ibnibrahim/subdomain-takeover-34bd662b5a7a?source=rss------bug_bounty-5TestUsercybersecurity, hacking, ethical-hacking, bug-bounty, information-security27-Jul-2024
Exploiting insecure deserialization vulnerabilitieshttps://cyberw1ng.medium.com/exploiting-insecure-deserialization-vulnerabilities-3595e4c24e2d?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, penetration-testing, cybersecurity, careers27-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-48)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-48-241d35293a81?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, cybersecurity, hacking, skills, bug-bounty26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-47)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-47-8d21d898cc97?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, skills, cybersecurity, ethical-hacking, hacking26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-46)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-46-e851213880f4?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, bug-bounty, ethical-hacking, hacking, cybersecurity26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-45)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-45-7a90d1667a7a?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, skills, ethical-hacking, bug-bounty, hacking26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-44)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-44-e4649fab9a0c?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking26-Jul-2024
30-day Time Limit: Swagshop Credit-Giving Activityhttps://medium.com/@security.tecno/30-day-time-limit-swagshop-credit-giving-activity-61454ef3757b?source=rss------bug_bounty-5TECNO Securitybug-bounty, security, bonus, hacker26-Jul-2024
SIMPLE IDEA IN 2FA BYPASS LEADS TO $$$$ & CRITICAL IMPACT !https://medium.com/@alderson.philip/simple-idea-in-2fa-bypass-leads-to-critical-impact-a98e7c6a4190?source=rss------bug_bounty-5Philip Aldersonhacker, bugs, bug-bounty, 2fa-bypass26-Jul-2024
Inside the Bug Bounty World: Challenges, Rewards, and Tips for Successhttps://medium.com/codex/inside-the-bug-bounty-world-challenges-rewards-and-tips-for-success-74ea37cbfd9c?source=rss------bug_bounty-5Security Lit Limitedbug-bounty, vulnerability, bug-bounty-tips, cybersecurity, penetration-testing26-Jul-2024
Quick Guide: API Penetration Testinghttps://medium.com/@miladkeivanfar/quick-guide-api-penetration-testing-496c2e356a2e?source=rss------bug_bounty-5Milad keivanfarpentesting, api-penetration-testing, bug-bounty, bug-bounty-tips, api-security26-Jul-2024
Solving an extremely difficult cryptography CTF pack: Level 1https://medium.com/@f3tch/day-1-of-solving-an-extremely-difficulty-level-cryptography-ctf-pack-level-1-b8b3d89a531c?source=rss------bug_bounty-5f3tchhacking, ctf-writeup, ctf, bug-bounty, cryptography26-Jul-2024
ElasticSearch Smash & Grabhttps://hogarth45.medium.com/elasticsearch-smash-grab-99cf36cdefbb?source=rss------bug_bounty-5Jesselasticsearch, hacking, bug-bounty26-Jul-2024
Pentesting vs. Bug Bounty: Understanding the Differences and Choosing the Right Approachhttps://ip-specialist.medium.com/pentesting-vs-bug-bounty-understanding-the-differences-and-choosing-the-right-approach-0af4e0569193?source=rss------bug_bounty-5IPSpecialistdifference, pentester, pentesting, bug-bounty, security26-Jul-2024
18.7 Lab: Clobbering DOM attributes to bypass HTML filtershttps://cyberw1ng.medium.com/18-7-lab-clobbering-dom-attributes-to-bypass-html-filters-d1af9a33ae41?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, penetration-testing, careers, hacking26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-49)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-49-2ef3a8eb3b4b?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, bug-bounty, cybersecurity, ethical-hacking, skills26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-53)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-53-bea2f5cf6a14?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, cybersecurity, hacking, ethical-hacking, bug-bounty26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-52)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-52-26b5cc12f0c2?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, bug-bounty26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-51)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-51-379ea39fb723?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, skills, cybersecurity, ethical-hacking, hacking26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-50)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-50-4a59a3c4f97b?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, skills, ethical-hacking, hacking26-Jul-2024
IDOR : Payment Fraud on GYM Membership websitehttps://uzet.medium.com/idor-payment-fraud-on-gym-membership-website-d4e67f07db57?source=rss------bug_bounty-5Timotius Benhurbug-bounty, pentesting, bug-bounty-writeup, bug-bounty-tips, cybersecurity25-Jul-2024
SQL Injection in 5 mins //Just because of CURIOSITY //https://larebsec.medium.com/sql-injection-in-5-mins-just-because-of-curiosity-56e186f6296d?source=rss------bug_bounty-5Larebsql-injection, hacking, cybersecurity, security, bug-bounty25-Jul-2024
Useful JavaScript functions & API’s to exploit XSS (Cross-Site Scripting)https://medium.com/@godsxfinger/useful-javascript-functions-apis-to-exploit-xss-cross-site-scripting-5d99a93d9899?source=rss------bug_bounty-5Aadi (godsxfinger)cross-site-scripting, xs, bug-bounty, cybersecurity25-Jul-2024
Bypassing OTP Verification in a Signup Pagehttps://medium.com/@rat010/bypassing-otp-verification-in-a-signup-page-13976f724017?source=rss------bug_bounty-5Kanhaiya Kumar Singhbug-bounty, web-application-security, web-app-testing, bug-hunting, bug-bounty-tips25-Jul-2024
18.6 Lab: Exploiting DOM clobbering to enable XSShttps://cyberw1ng.medium.com/18-6-lab-exploiting-dom-clobbering-to-enable-xss-640dd7c5fcf8?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing25-Jul-2024
The Importance of Cybersecurity in Today’s Digital Agehttps://medium.com/@erkankavas/the-importance-of-cybersecurity-in-todays-digital-age-8d5a61d47416?source=rss------bug_bounty-5Erkan Kavascybersecurity, bug-bounty, threat-intelligence25-Jul-2024
Automatiser la découverte des XSShttps://medium.com/@hazeprojecte/automatiser-la-d%C3%A9couverte-des-xss-9810f89172a4?source=rss------bug_bounty-5Itachix0fxss-attack, automatisation, bug-bounty-tips, bug-bounty25-Jul-2024
Automatiser la découverte des XSShttps://medium.com/@Itachi0xf/automatiser-la-d%C3%A9couverte-des-xss-9810f89172a4?source=rss------bug_bounty-5Itachix0fxss-attack, automatisation, bug-bounty-tips, bug-bounty25-Jul-2024
The Basic SQLmap Tutorial and SQLInjection | PortswiggerLab with SQLMaphttps://medium.com/@barsavak/the-basic-sqlmap-tutorial-and-sqlinjection-portswiggerlab-with-sqlmap-1bb0cdf086fb?source=rss------bug_bounty-5bariss30bug-bounty, test, sql-injection, web-vulnerabilities, tools24-Jul-2024
Bug Bounty basic for beginners & Types of bug bounty programshttps://systemweakness.com/bug-bounty-basic-for-beginners-types-of-bug-bounty-programs-e4a8dab68fcd?source=rss------bug_bounty-5Harsh Hatejbug-bounty, bug-bounty-program, kali-linux, bug-bounty-tips, bounty-program24-Jul-2024
14.30 Lab: Reflected XSS protected by CSP, with CSP bypasshttps://cyberw1ng.medium.com/14-30-lab-reflected-xss-protected-by-csp-with-csp-bypass-779c76173f7a?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, cybersecurity, careers, hacking24-Jul-2024
Android PenTesting Toolshttps://medium.com/@evilprince007/android-pentesting-tools-efd0685ffeb7?source=rss------bug_bounty-5Prathamesh Khatavkarandroid, bug-bounty, hacking, cybersecurity, mobile24-Jul-2024
Hacking Moodle Apps Via External Functionshttps://medium.com/@dub-flow/hacking-moodle-apps-via-external-functions-1fc88a6d697c?source=rss------bug_bounty-5Florian Walterpenetration-testing, moodle, ethical-hacking, cybersecurity, bug-bounty24-Jul-2024
Accelerating Cybersecurity Learning with Speed Reading and Memory Traininghttps://medium.com/@enigma_/accelerating-cybersecurity-learning-with-speed-reading-and-memory-training-97305b666660?source=rss------bug_bounty-5enigmabug-bounty, memory-improvement, ethical-hacking, speed-reading, cybersecurity24-Jul-2024
How Almost Sacrificing a University Group Project led to a Microsoft Bug Bountyhttps://medium.com/@pyrus369/how-almost-sacrificing-a-university-group-project-led-to-a-microsoft-bug-bounty-9801e0f8f006?source=rss------bug_bounty-5Pyrusmicrosoft, cybersecurity, web-security, bug-bounty, infosec23-Jul-2024
How Almost Sacrificing a University Group Project led to a Microsoft Bug Bountyhttps://medium.com/@ericdesquivel3/how-almost-sacrificing-a-university-group-project-led-to-a-microsoft-bug-bounty-7e1b4eaabe22?source=rss------bug_bounty-5Eric Esquivelbug-bounty, web-app-security23-Jul-2024
Unmasking Keystroke Secrets: How Hackers Exploit Your Keyboard — A Deep Dive into…https://systemweakness.com/unmasking-keystroke-secrets-how-hackers-exploit-your-keyboard-a-deep-dive-into-5bdb1bbabb25?source=rss------bug_bounty-5Khaleel Khaninfosec, bug-bounty, python, hacking, cybersecurity23-Jul-2024
Preparing Your VPS for Bug Bounty Operations: A Complete Guidehttps://medium.com/@adityasingh4180/preparing-your-vps-for-bug-bounty-operations-a-complete-guide-f55c30331df0?source=rss------bug_bounty-5Security Empirecybersecurity, vps, bugcrowd, automation-testing, bug-bounty23-Jul-2024
5 Tips For Writing Bug Bounty Reports — Bug Bounty Tuesdayhttps://medium.com/@kerstan/5-tips-for-writing-bug-bounty-reports-bug-bounty-tuesday-0c5ed937a657?source=rss------bug_bounty-5kerstanhacking, bug-bounty, cybersecurity23-Jul-2024
Complex Attack Types: Sample Scenarios 48https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-48-410ddcb3010e?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, bug-bounty, cyberattack, cybersecurity, penetration-testing23-Jul-2024
Top 10 XSS Payloadshttps://rodoassis.medium.com/top-10-xss-payloads-e4774a43e285?source=rss------bug_bounty-5Rodolfo Assis (Brute)xss-vulnerability, xss-attack, web-security, bug-bounty, web-hacking23-Jul-2024
How i created my first XSS tool:-XSS-Pro #BugBountyhttps://medium.com/@mithun_/how-i-created-my-first-xss-tool-xss-pro-bugbounty-982a16079baf?source=rss------bug_bounty-5Mithunxss-vulnerability, xss-attack, pentesting, bug-bounty, automation23-Jul-2024
I made a big mistake…https://medium.com/@deadoverflow/i-made-a-big-mistake-a3e2dac4138c?source=rss------bug_bounty-5Imad Husanovicbug-bounty, cybsersecurity, bug-bounty-tips, hacking, programming23-Jul-2024
How to start Bug Huntinghttps://medium.com/@hackerhyaato/how-to-start-bug-hunting-73ce283db5ac?source=rss------bug_bounty-5Hackerhyaatohow-to-start-bug-hunting, bug-bounty, bug-hunting, bugbounty-tips, how-to-start-bug-bounty23-Jul-2024
What is CSP (content security policy)?https://cyberw1ng.medium.com/what-is-csp-content-security-policy-cb3580832442?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, bug-bounty, hacking23-Jul-2024
How to Install websocat on linux (Debian / Ubuntu)https://medium.com/@brianokinyi/how-to-install-websocat-on-linux-debian-ubuntu-85893655355e?source=rss------bug_bounty-5Brian Okinyiwebsocket, bug-bounty, linux, pentesting22-Jul-2024
Case Studies: High-Profile Vulnerabilities Discovered Through Bug Bounty Programshttps://medium.com/@paritoshblogs/case-studies-high-profile-vulnerabilities-discovered-through-bug-bounty-programs-2a063561f733?source=rss------bug_bounty-5Paritoshinformation-technology, hacking, bug-bounty, cybersecurity, information-security22-Jul-2024
OverTheWire — Bandit27https://medium.com/@evilprince007/overthewire-bandit27-465df4274d80?source=rss------bug_bounty-5Prathamesh Khatavkarhacking, cybersecurity, bug-bounty22-Jul-2024
TapSwap Clone Script Your Gateway to a Lucrative Tap-to-Earn Game !!!https://medium.com/@peterkester96/tapswap-clone-script-your-gateway-to-a-lucrative-tap-to-earn-game-68a589821305?source=rss------bug_bounty-5Peterkesterplayers, bug-bounty, telegram, profit, reflections22-Jul-2024
Burp Suite Made Easy: A Step-By-Step Tutorial (Part 1 of 2)https://medium.com/@trixiahorner/burp-suite-made-easy-a-step-by-step-tutorial-part-1-of-2-451695ce84b1?source=rss------bug_bounty-5Trixia Hornertryhackme, ethical-hacking, cybersecurity, penetration-testing, bug-bounty22-Jul-2024
14.28 Lab: Reflected XSS in a JavaScript URL with some characters blockedhttps://cyberw1ng.medium.com/14-28-lab-reflected-xss-in-a-javascript-url-with-some-characters-blocked-db67819d5aa6?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, cybersecurity, penetration-testing22-Jul-2024
What is IDOR (along with IDOR Attack Method)https://medium.com/@errorfiathck/what-is-idor-along-with-idor-attack-method-e183b28e8546?source=rss------bug_bounty-5Errorfiathckvulnerability, hacking, bug-bounty, idor, idor-vulnerability22-Jul-2024
The First Bug bounty forum !https://elb4rt0.medium.com/the-first-bug-bounty-forum-ba0399fb70c0?source=rss------bug_bounty-5Elb4rt0bug-bounty-hunter, bug-bounty-tips, bugs, bug-bounty, bug-bounty-writeup22-Jul-2024
First €200 bug that started my Bug Bounty Careerhttps://medium.com/@sugamdangal52/first-200-bug-that-started-my-bug-bounty-career-c11a871e116f?source=rss------bug_bounty-5Sugam Dangalbug-bounty-hunter, bug-bounty, bug-bounty-tips, bugs, bug-bounty-writeup22-Jul-2024
My Encounter with an Admin Panel in a Gas Agency Websitehttps://medium.com/@parthh_rana/my-encounter-with-an-admin-panel-in-a-gas-agency-website-72ded4fa4345?source=rss------bug_bounty-5Parth Ranalaravel, admin-panel, cybersecurity, bug-bounty, directory-listing22-Jul-2024
HACKERONE IS A SCAMhttps://medium.com/@proseizala/hackerone-is-a-scam-1623a5030284?source=rss------bug_bounty-5Proseizalacybersecurity, hackerone, hacker, bug-bounty22-Jul-2024
Complex Attack Types: Sample Scenarios 47https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-47-c0314c0e0b02?source=rss------bug_bounty-5Baris Dincerpenetration-testing, freedomofinternet, bug-bounty, cyberattack, cybersecurity22-Jul-2024
Discovering Account Takeover Vulnerability Through Source Map Analysishttps://medium.com/@eduardinholuiz691/discovering-account-takeover-vulnerability-through-source-map-analysis-0cd4038cbc04?source=rss------bug_bounty-5Daniel Silvavulnerability, bug-bounty, bug-bounty-writeup, reconnaissance22-Jul-2024
Discovering Account Takeover Vulnerability Through Source Map Analysishttps://medium.com/@danielsilva691/discovering-account-takeover-vulnerability-through-source-map-analysis-0cd4038cbc04?source=rss------bug_bounty-5Daniel Silvavulnerability, bug-bounty, bug-bounty-writeup, reconnaissance22-Jul-2024
CVE-2024–40725 and CVE-2024–40898: Critical Vulnerabilities in Apache HTTP Serverhttps://infosecwriteups.com/cve-2024-40725-and-cve-2024-40898-critical-vulnerabilities-in-apache-http-server-d292084255dc?source=rss------bug_bounty-5ElNiakapache, cybersecurity, https, bug-bounty, vulnerability21-Jul-2024
TryHackMe — NahamStore — Walkthroughhttps://medium.com/@nayanjyoti16/tryhackme-nahamstore-walkthrough-d4ecfe586c96?source=rss------bug_bounty-5Nayanjyoti Kumartryhackme, hacking, web, nahamstore, bug-bounty21-Jul-2024
How I bypassed payment in one of the popular mobile apk and got free subsciptionhttps://medium.com/@deepk007/how-i-bypassed-payment-in-one-of-the-popular-mobile-apk-and-got-free-subsciption-46e94f61c089?source=rss------bug_bounty-5DEepbug-bounty, bug-bounty-tips, ethical-hacking, red-team, cybersecurity21-Jul-2024
Community Building in Bug Bounties: The Power of Networking and Collaborationhttps://sarthakbhingare15.medium.com/community-building-in-bug-bounties-the-power-of-networking-and-collaboration-6adcdea4435b?source=rss------bug_bounty-5Sarthak Bhingarecommunity, improve, bug-bounty-tips, bug-bounty, tips21-Jul-2024
14.27 Lab: Reflected XSS with event handlers and href attributes blockedhttps://cyberw1ng.medium.com/14-27-lab-reflected-xss-with-event-handlers-and-href-attributes-blocked-d2f9871fc8a8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, penetration-testing, careers, bug-bounty21-Jul-2024
How To Setup Private Interactsh Serverhttps://medium.com/@learntheshell/how-to-setup-private-interactsh-server-016c344a10b3?source=rss------bug_bounty-5LearnTheShellbug-bounty, bug-bounty-tips, cybersecurity, linux21-Jul-2024
Advanced XXE Injectionhttps://medium.com/illumination/advanced-xxe-injection-fb269f281a40?source=rss------bug_bounty-5Quintius Walkerpoetry, poetry-writing, poetry-on-medium, illumination, bug-bounty21-Jul-2024
BSOD error due to crowdstrike.https://gaya3-r.medium.com/bsod-error-due-to-crowdstrike-d675c348d09e?source=rss------bug_bounty-5gayatri rbug-bounty, crowdstrike, crowdstrike-outage, bsod-error, information-security21-Jul-2024
Email verification bypass due to race condition.https://medium.com/@mohamed.yasser442200/email-verification-bypass-due-to-race-condition-8e4492313208?source=rss------bug_bounty-5Spider4race-condition, red-team, bug-bounty, security, pentesting21-Jul-2024
Community Building in Bug Bounties: The Power of Networking and Collaborationhttps://sarthakbhingare15.medium.com/community-building-in-bug-bounties-the-power-of-networking-and-collaboration-6adcdea4435b?source=rss------bug_bounty-5Sarthak Raju Bhingarecommunity, improve, bug-bounty-tips, bug-bounty, tips21-Jul-2024
Uncovering a Critical Vulnerability: Unauthorized Access to Sensitive Datahttps://medium.com/@anonymousshetty2003/uncovering-a-critical-vulnerability-unauthorized-access-to-sensitive-data-024182daa127?source=rss------bug_bounty-5Anonymousshettypenetration-testing, bug-bounty, dorking, cybersecurity, ethical-hacking20-Jul-2024
Discovering a High-Severity Bug in a Major Mobile Distribution Companyhttps://medium.com/@anonymousshetty2003/discovering-a-high-severity-bug-in-a-major-mobile-distribution-company-3fdb2a0f1987?source=rss------bug_bounty-5Anonymousshettycybersecurity, ethical-hacking, bug-bounty20-Jul-2024
How I was able to escalate my privileges and Bypass 403 Forbiddenhttps://medium.com/@momen_besher/how-i-was-able-to-escalate-my-privileges-and-bypass-403-forbidden-17b8aea4cba6?source=rss------bug_bounty-5steve55555cybersecurity, bug-bounty, bug-bounty-tips20-Jul-2024
Kali Linux: Starting Out with Bug Bounty Huntinghttps://medium.com/@nimrashahidktk3/kali-linux-starting-out-with-bug-bounty-hunting-d7a0150645bd?source=rss------bug_bounty-5Nimra Shahidpenetration-testing, cybersecurity, kali-linux, bug-bounty20-Jul-2024
14.26 Lab: Reflected XSS with AngularJS sandbox escape and CSPhttps://cyberw1ng.medium.com/14-26-lab-reflected-xss-with-angularjs-sandbox-escape-and-csp-b98791b2a5a6?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, penetration-testing, bug-bounty, hacking20-Jul-2024
Complex Attack Types: Sample Scenarios 46https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-46-a6707ef9e910?source=rss------bug_bounty-5Baris Dincerpenetration-testing, cyberattack, bug-bounty, freedomofinternet, cybersecurity20-Jul-2024
The Type of Bug That We Can’t Seehttps://medium.com/illumination/the-type-of-bug-that-we-cant-see-82ff07cdcd71?source=rss------bug_bounty-5Quintius Walkercreative-writing, poetry-on-medium, poetry, bug-bounty, illumination20-Jul-2024
This is how i escalated self XSS with CSRFhttps://medium.com/@pvnk24/this-is-how-i-escalated-self-xss-with-csrf-80113ab3080e?source=rss------bug_bounty-5Pavan Kcybersecurity, bug-bounty, penetration-testing, security, pentesting20-Jul-2024
Basic Pentesting 1 Walkthroughhttps://erdemstar.medium.com/basic-pentesting-1-walkthrough-4e447a2ac35d?source=rss------bug_bounty-5Erdemstaroscp-preparation, oscp, bug-bounty, application-security, penetration-testing20-Jul-2024
Discovering an XML File Upload Vulnerability Lead to SSRF: My Bug Hunting Journeyhttps://javroot.medium.com/discovering-an-xml-file-upload-vulnerability-lead-to-ssrf-my-bug-hunting-journey-8e1bac89f60f?source=rss------bug_bounty-5Javrootxml, bug-bounty, vulnerability, cybersecurity, bug-bounty-tips20-Jul-2024
The Type of Bug That We Can’t Seehttps://medium.com/@The_StarHack3r/the-type-of-bug-that-we-cant-see-82ff07cdcd71?source=rss------bug_bounty-5Quintius Walkercreative-writing, poetry-on-medium, poetry, bug-bounty, illumination20-Jul-2024
14.25 Lab: Reflected XSS with AngularJS sandbox escape without stringshttps://cyberw1ng.medium.com/14-25-lab-reflected-xss-with-angularjs-sandbox-escape-without-strings-6ffac9f6bdf4?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, cybersecurity, careers19-Jul-2024
Subdomain Takeover on hatenablog.com (はてなブログ)https://medium.com/@daichiharada/subdomain-takeover-hatenablog-2cb3576bf881?source=rss------bug_bounty-5Daichi Haradasubdomain-takeover, security, bug-bounty19-Jul-2024
1000$ IDOR : Unauthorized Project Inclusion in Expensehttps://medium.com/@a13h1/1000-idor-unauthorized-project-inclusion-in-expense-b9ce08b28c71?source=rss------bug_bounty-5Abhi Sharmacybersecurity, idor, bug-bounty, broken-access-control, information-security19-Jul-2024
Information Disclosure that made me $2000 in under 5 minuteshttps://medium.com/@sugamdangal52/information-disclosure-that-made-me-2000-in-under-5-minutes-63e1ce00ca07?source=rss------bug_bounty-5Sugam Dangalinformation-disclosure, bug-bounty-writeup, bug-bounty, bug-bounty-tips19-Jul-2024
Common Technique To Exploit File Upload Vulnerabilityhttps://medium.com/@p00dl3/common-technique-to-exploit-file-upload-vulnerability-bf84beed7207?source=rss------bug_bounty-5p00dl3cybersecurity, bug-bounty, file-upload19-Jul-2024
Complete Cybersecurity Roadmap 2024 (Part-1)https://osintteam.blog/complete-cybersecurity-roadmap-2024-part-1-c69986288f16?source=rss------bug_bounty-5LogicTechcybersecurity, osint, bug-bounty, hacking, roadmaps19-Jul-2024
Hello …..https://medium.com/@rutujasoundale693/hello-4a42a834d006?source=rss------bug_bounty-5Rutujasoundalecybersecurity, bug-bounty19-Jul-2024
Complex Attack Types: Sample Scenarios 45https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-45-17057d9de6dd?source=rss------bug_bounty-5Baris Dincercybersecurity, bug-bounty, penetration-testing, freedomofinternet, cyberattack19-Jul-2024
Não Experimente a Tela Azul da Microsoft(BUG?)https://medium.com/@liviaxavier200317/n%C3%A3o-experimente-a-tela-azul-da-microsoft-bug-9f631ea24c8d?source=rss------bug_bounty-5Livia Xaviercrowdstrike, cibernéticos, bug-bounty, microsoft, bugs19-Jul-2024
Specialized Bug Sweeps for Unique Environmentshttps://medium.com/@siddiquiasad2299/specialized-bug-sweeps-for-unique-environments-43a1ea56930c?source=rss------bug_bounty-5Asad Siddiquibug-detection, tscm, bug-bounty, bug-sweep19-Jul-2024
Kursus Cyber Security Di Linuxhackingidhttps://medium.com/@linuxhackingid_official/kursus-cyber-security-di-linuxhackingid-dc4e52760661?source=rss------bug_bounty-5Linuxhackingidhacker, bug-bounty, cybersecurity, linuxhackingid, hacking18-Jul-2024
Top 50+ XSS Bug Bounty Writeups | Cross-Site Scripting(XSS) Attacks Reportshttps://medium.com/@proseizala/top-50-xss-bug-bounty-writeups-cross-site-scripting-xss-attacks-reports-700332ed6c87?source=rss------bug_bounty-5Proseizalahacker, hacking, bug-bounty, cybersecurity18-Jul-2024
Sub Domains Finder Toolshttps://medium.com/@proseizala/sub-domains-finder-tools-fefa2b44bb34?source=rss------bug_bounty-5Proseizalabug-bounty, cybersecurity, hacker18-Jul-2024
13.5 Lab: Exploiting server-side parameter pollution in a REST URLhttps://cyberw1ng.medium.com/13-5-lab-exploiting-server-side-parameter-pollution-in-a-rest-url-a1876056a5f6?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, bug-bounty, hacking, cybersecurity18-Jul-2024
Critical Logic Flaw Allows Overwrite of Any User Accounthttps://medium.com/@elcapitano7x/critical-logic-flaw-allows-overwrite-of-any-user-account-015b102e1da7?source=rss------bug_bounty-5Elcapitanobug-bounty, bug-bounty-tips, hackerone, bugbounty-writeup, hacking18-Jul-2024
How I Found and Bypassed a Spring Boot Actuator Information Disclosure Bughttps://cametom006.medium.com/how-i-found-and-bypassed-a-spring-boot-actuator-information-disclosure-bug-c4930b740a50?source=rss------bug_bounty-5Fahad Faisalbug-bounty18-Jul-2024
Summary Of The Basics of Web Hacking, PRT 2https://medium.com/@zghzwbcn/summary-of-the-basics-of-web-hacking-prt-2-e3d7bdbf902d?source=rss------bug_bounty-5Henrietta Awosoberekonbug-bounty, technology, cybersecurity, web-development, web-vulnerabilities18-Jul-2024
IDOR at the Get Payment Data Endpoint Leads to Personal Identifiable Information (PII) Disclosurehttps://medium.com/@blackarazi/idor-at-the-get-payment-data-endpoint-leads-to-personal-identifiable-information-pii-disclosure-7956c57058af?source=rss------bug_bounty-5Azhari Harahapapi-security, broken-access-control, application-security, bug-bounty-writeup, bug-bounty17-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-43)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-43-0699b919a514?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, hacking, cybersecurity, skills, bug-bounty17-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-42)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-42-4cb955de4cc7?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, bug-bounty, skills, hacking, cybersecurity17-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-41)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-41-7b2b5aed416c?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, cybersecurity, skills, bug-bounty, ethical-hacking17-Jul-2024
Why does you all guys think that you really need Python for hackinghttps://systemweakness.com/why-does-you-all-guys-think-that-you-really-need-python-for-hacking-b50b65238401?source=rss------bug_bounty-5Imran Niazprogramming-languages, penetration-testing, cybersecurity, data-science, bug-bounty17-Jul-2024
Temenos Transact Vulnerable to Reflected XSS (CVE-2022–38322)https://qotoz.medium.com/temenos-transact-vulnerable-to-reflected-xss-cve-2022-38322-7b1e2f681db1?source=rss------bug_bounty-5ِAshraf Harbcve, bug-bounty, penetration-testing, temenos17-Jul-2024
Bypassing Account Suspension Using Anonymous Posting | Facebook Bug Bountyhttps://ph-hitachi.medium.com/bypassing-account-suspension-using-anonymous-posting-facebook-bug-bounty-b204433c98d1?source=rss------bug_bounty-5Ph.Hitachibug-bounty, facebook-bug-bounty, bypass-restriction17-Jul-2024
Practical Bug Bounty — TCM Academy | Module 6https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-6-9cab8d004034?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamiethical-hacking, bug-bounty, cybersecurity, appsec, fuzzing17-Jul-2024
Default Credentials Leads to $1200 Bounty Reward (Quest NetVault CVE-2017–17417)https://medium.com/@tester333/default-credentials-leads-to-1200-bounty-reward-quest-netvault-cve-2017-17417-b34c6e0e7a86?source=rss------bug_bounty-5Testercybersecurity, bug-bounty-tips, bug-bounty, penetration-testing, ethical-hacking17-Jul-2024
The WordPress bug very few know about.https://osintteam.blog/the-wordpress-bug-very-few-know-about-1bf16ee4a2a6?source=rss------bug_bounty-5an0nbilwordpress, programming, vulnerability, web-development, bug-bounty17-Jul-2024
Exploiting Server-Side Parameter Pollution in a REST URLhttps://cyberw1ng.medium.com/exploiting-server-side-parameter-pollution-in-a-rest-url-0d52d4261c86?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, hacking, cybersecurity, bug-bounty17-Jul-2024
How Easily I Found My First P2 on Bugcrowdhttps://medium.com/@hashimamin/how-easily-i-found-my-first-p2-on-bugcrowd-ed827a79a50c?source=rss------bug_bounty-5Hashim Amincsrf, recon, csrf-bypass, bug-bounty-tips, bug-bounty17-Jul-2024
OS CTFhttps://medium.com/@Shaybaa/os-ctf-27cc9a8ab0cc?source=rss------bug_bounty-5Shaybaabug-bounty, web-security, idor-vulnerability17-Jul-2024
Hacker Himselfhttps://medium.com/@nnface/hacker-himself-01d4978e189c?source=rss------bug_bounty-5NnFacebugbounty-writeup, bug-bounty, hacking, cybersecurity, bug-bounty-tips17-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-40)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-40-f1b43fb596ae?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, cybersecurity, skills, ethical-hacking, bug-bounty16-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-39)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-39-740c7ada54ea?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, bug-bounty, cybersecurity, ethical-hacking, skills16-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-38)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-38-fa2ceb6f8bbd?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, cybersecurity, hacking, skills16-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-37)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-37-20111980eaa5?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, ethical-hacking, hacking, bug-bounty, cybersecurity16-Jul-2024
Exploiting CVE-2024–22274: A Deep Dive into VMware vCenter Server Vulnerabilities and Defense…https://systemweakness.com/exploiting-cve-2024-22274-a-deep-dive-into-vmware-vcenter-server-vulnerabilities-and-defense-5d79b44ed215?source=rss------bug_bounty-5Khaleel Khaninfosec, cybersecurity, ethical-hacking, hacking, bug-bounty16-Jul-2024
Complex Attack Types: Sample Scenarios 44https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-44-83d2bc9b2d7d?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, information-technology, cybersecurity, bug-bounty, cyberattack16-Jul-2024
How Use 6 Step To Find Ssrf — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-use-6-step-to-find-ssrf-bug-bounty-tuesday-acc44d806c08?source=rss------bug_bounty-5kerstancybersecurity, hacking, bug-bounty16-Jul-2024
API Recon and Testing for Bug Bountyhttps://cyberw1ng.medium.com/api-recon-and-testing-for-bug-bounty-3969d1f90f5c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, penetration-testing, cybersecurity16-Jul-2024
Intro to Debugging Java Web Servers Without Source Code For Security Researchershttps://infosecwriteups.com/intro-to-debugging-java-web-servers-without-source-code-for-security-researchers-80ff00de4753?source=rss------bug_bounty-5Jayateertha Guruprasadbug-bounty, pentesting, cybersecurity, java, infosec16-Jul-2024
Reflected XSS via Base64-encoded on My college website.https://uzet.medium.com/reflected-xss-via-base64-encoded-on-my-college-website-2df9755b1856?source=rss------bug_bounty-5Timotius Benhurpenetration-testing, pentesting, bug-bounty, bug-hunting, bug-bounty-tips15-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-36)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-36-a8fd178e9b07?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, cybersecurity, hacking, bug-bounty, skills15-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-35)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-35-adbfa228814a?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, ethical-hacking, skills, hacking15-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-34)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-34-73069fab6ff6?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, bug-bounty, hacking, skills15-Jul-2024
My First Bounty: A story of a Blind SQL Injectionhttps://medium.com/@adebayosec/my-first-bounty-a-story-of-a-blind-sql-injection-69d9ad6716b6?source=rss------bug_bounty-5Victorioussql-injection, penetration-testing, cybersecurity, bug-bounty, burpsuite15-Jul-2024
CVE-2024–23692: A Critical Vulnerability in Rejetto HTTP File Serverhttps://infosecwriteups.com/cve-2024-23692-a-critical-vulnerability-in-rejetto-http-file-server-1df322a2e688?source=rss------bug_bounty-5ElNiakbug-bounty, python, cybersecurity, system, ssti15-Jul-2024
My First Bounty: A story of a Blind SQL Injectionhttps://medium.com/@adebayosec/my-first-bounty-a-story-of-a-blind-sql-injection-69d9ad6716b6?source=rss------bug_bounty-5Torioussql-injection, penetration-testing, cybersecurity, bug-bounty, burpsuite15-Jul-2024
Echidnahttps://medium.com/@Progsky/echidna-b9e454de096b?source=rss------bug_bounty-5Progskyhacking-tools, pentesting, penetration-testing, bug-bounty, blockchain15-Jul-2024
Complex Attack Types: Sample Scenarios 43https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-43-39deed779c6c?source=rss------bug_bounty-5Baris Dincerpenetration-testing, cyberattack, freedomofinternet, bug-bounty, cybersecurity15-Jul-2024
Understanding White Hat Hacking: The Guardians of Cybersecurityhttps://medium.com/@cosmiczoomies/understanding-white-hat-hacking-the-guardians-of-cybersecurity-87200caf5820?source=rss------bug_bounty-5GalaxyGoosecybersecurity, hacking, white-hat-hacker, bug-bounty, penetration-testing15-Jul-2024
11.9 Lab: Exploiting XXE to retrieve data by repurposing a local DTDhttps://cyberw1ng.medium.com/11-9-lab-exploiting-xxe-to-retrieve-data-by-repurposing-a-local-dtd-30f4098a7789?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, hacking, cybersecurity, bug-bounty15-Jul-2024
XSS Türleri için Test Case Yazmahttps://medium.com/@tugbaglsn/xss-t%C3%BCrleri-i%C3%A7in-test-case-yazma-1832eb0a27f9?source=rss------bug_bounty-5Tuğba Gülşencybersecurity, xss-attack, xss-vulnerability, bug-bounty15-Jul-2024
How to Easily Earn a $200 Bountyhttps://medium.com/@xiaodongsec/how-to-easily-earn-a-200-bounty-6e27eaaec13f?source=rss------bug_bounty-5Mu1berrybugcrowd, hacker, bug-bounty, money, vulnerability14-Jul-2024
Review: AppSec Pentesting eXpert (CAPenX) from The SecOps Grouphttps://medium.com/@p0lyxena/review-appsec-pentesting-expert-capenx-from-the-secops-group-eb5674e4bf8d?source=rss------bug_bounty-5Fuleki Ioanbug-bounty, penetration-testing, certification, cybersecurity, capenx14-Jul-2024
Detection Engineering: A Comprehensive Overviewhttps://medium.com/@paritoshblogs/detection-engineering-a-comprehensive-overview-92fc01973ce7?source=rss------bug_bounty-5Paritoshdetection-engineering, information-technology, cybersecurity, hacking, bug-bounty14-Jul-2024
Hunting for Firebase Enums in Android Applicationhttps://medium.com/@tanish.saxena26/hunting-for-firebase-enums-in-android-application-42b79e9b76f8?source=rss------bug_bounty-5Tanish Saxenacloud, bug-bounty, firebase, android, gcp14-Jul-2024
My First Critical Vulnerabilityhttps://medium.com/@0xchoudhary/my-first-critical-vulnerability-fd83a81f70b3?source=rss------bug_bounty-5Sushil Choudharybugbounty-writeup, bug-hunting, bug-bounty-tips, hackerone, bug-bounty14-Jul-2024
How I Can Get P1 Nasa easily — Dorkinghttps://0xc4thack.medium.com/how-i-can-get-p1-nasa-easily-dorking-c9c4a4cee251?source=rss------bug_bounty-50xc4tpentesting, nasa-vdp, pentest-web, bug-bounty, dorking14-Jul-2024
New York Flankees Room TryHackMe Walkthroughhttps://matsecurity.medium.com/new-york-flankees-room-tryhackme-walkthrough-ef6862c781f1?source=rss------bug_bounty-5MatSecctf-writeup, tryhackme-writeup, bug-bounty, tryhackme, tryhackme-walkthrough14-Jul-2024
The easiest admin panel bypasshttps://medium.com/@paraskhorwal9/the-easiest-admin-panel-bypass-4b6fb4d7d1ea?source=rss------bug_bounty-5Paraskhorwalbug-bounty, penetration-testing, admin-panel14-Jul-2024
Complex Attack Types: Sample Scenarios 42https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-42-d0a11c84cc73?source=rss------bug_bounty-5Baris Dincercyberattack, freedomofinternet, bug-bounty, penetration-testing, cybersecurity14-Jul-2024
New York Flankees TryHackMe Room Walkthrough: Step-by-Step Youtube Guidehttps://matsecurity.medium.com/new-york-flankees-room-tryhackme-walkthrough-ef6862c781f1?source=rss------bug_bounty-5MatSecctf-writeup, tryhackme-writeup, bug-bounty, tryhackme, tryhackme-walkthrough14-Jul-2024
Automate Subdomain Monitoringhttps://medium.com/@Aftab700/automate-subdomain-monitoring-171338c66dd5?source=rss------bug_bounty-5Aftab Samabug-bounty, monitoring, infosec, automation, hacking14-Jul-2024
What is XML external entity (XXE) injectionhttps://cyberw1ng.medium.com/what-is-xml-external-entity-xxe-injection-8914620c2d24?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, penetration-testing, careers14-Jul-2024
Escaping the Citrix Sandbox — Understanding Citrix Breakouthttps://medium.com/@suprajabaskaran8/escaping-the-citrix-sandbox-understanding-citrix-breakout-80320a3d44af?source=rss------bug_bounty-5Suprajabaskaranbug-bounty-tips, hacking, bug-bounty, pentesting, penetration-testing14-Jul-2024
Vulnerable WordPress June 2024 (Turkish delight)https://medium.com/@onhexgroup/vulnerable-wordpress-june-2024-turkish-delight-96cae8ef8161?source=rss------bug_bounty-5Onhexgroupbug-bounty, infosec, web-security, information-security, wordpress14-Jul-2024
Escaping the Citrix Sandbox — Understanding Citrix Breakouthttps://infosecwriteups.com/escaping-the-citrix-sandbox-understanding-citrix-breakout-80320a3d44af?source=rss------bug_bounty-5Suprajabaskaranbug-bounty-tips, hacking, bug-bounty, pentesting, penetration-testing14-Jul-2024
Airplane TryHackMe Room Walkthrough | MatSec Youtubehttps://matsecurity.medium.com/airplane-tryhackme-room-walkthrough-matsec-youtube-7fca40406a20?source=rss------bug_bounty-5MatSectryhackme-walkthrough, bug-bounty, tryhackme-writeup, tryhackme, ctf-writeup13-Jul-2024
10.7 Lab: SSRF with whitelist-based input filterhttps://cyberw1ng.medium.com/10-7-lab-ssrf-with-whitelist-based-input-filter-36db84b1a13d?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, hacking, cybersecurity, bug-bounty13-Jul-2024
Securing Crypto Company: Addressing Web 2.0 Vulnerabilitieshttps://metanetwebhostingsecurity.medium.com/securing-crypto-company-addressing-web-2-0-vulnerabilities-209bd7fc3d85?source=rss------bug_bounty-5metanetwebhosting securitycryptocurrency, cybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty13-Jul-2024
Linux Exploitation: Stack Smashinghttps://medium.com/@boogsta/linux-exploitation-stack-smashing-70c1bf6c13d2?source=rss------bug_bounty-5Boogstahacking, cybersecurity, bug-bounty, cyber, hacker13-Jul-2024
My First Bug: Gitingore exposure combined with 403 bypasshttps://medium.com/@nnface/my-first-bug-gitingore-exposure-combined-with-403-bypass-5db750e211ff?source=rss------bug_bounty-5NnFacebug-bounty, bug-bounty-tips, cybersecurity, hacking, low-hanging-fruit13-Jul-2024
Here is the story of how i found Stored XSS on a targethttps://medium.com/@pvnk24/here-is-the-story-of-how-i-found-stored-xss-on-a-target-7baaeed76765?source=rss------bug_bounty-5Pavan Kpenetration-testing, bug-bounty, pentesting, hacking, ethical-hacking13-Jul-2024
Complex Attack Types: Sample Scenarios 41https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-41-48e4f10a07ef?source=rss------bug_bounty-5Baris Dincerpenetration-testing, freedomofinternet, information-security, bug-bounty, cybersecurity13-Jul-2024
Email Update Restricted Bypasshttps://medium.com/@mahfujwhh/email-update-restricted-bypass-f6af935da67e?source=rss------bug_bounty-5mahfujwhhcybersecurity, bug-bounty13-Jul-2024
Credential stuffing in bug bountieshttps://bunny0417.medium.com/credential-stuffing-in-bug-bounties-d51b8e321135?source=rss------bug_bounty-5Aayush kumarcredential-stuffing, leaked-passwords, bug-bounty, darkweb, bugbounty-writeup12-Jul-2024
Can bug bounty be a full time career?https://medium.com/@shwetapapnai783/can-bug-bounty-be-a-full-time-career-5606f1ddd440?source=rss------bug_bounty-5Shweta Papnaisecurity, cybersecurity, technology, money, bug-bounty12-Jul-2024
The Hidden Pitfalls of Bug Bounties on Indian Government Sites: My First Experiencehttps://medium.com/@rolextital/the-hidden-pitfalls-of-bug-bounties-on-indian-government-sites-my-first-experience-9204312a8325?source=rss------bug_bounty-5Rolextitalhacking, bug-bounty, govt, idor12-Jul-2024
Firmware Analysis: Hands-on Guidehttps://hackerassociate.medium.com/firmware-analysis-hands-on-guide-19913a5166ca?source=rss------bug_bounty-5Harshad Shahbug-bounty, infosec, cybersecurity, hacking, iot12-Jul-2024
DΞX Points Festhttps://d3xxyz.medium.com/d%CE%BEx-points-fest-e39019566b3f?source=rss------bug_bounty-5DΞXairdrop, bounty-program, bug-bounty12-Jul-2024
Windows privilege escalation: Abusing npm’s design patterns to escalate your permissionshttps://medium.com/@demonia/windows-privilege-escalation-abusing-npms-design-patterns-to-escalate-your-permissions-da0ac6c96d72?source=rss------bug_bounty-5Mohammed Diefcybersecurity, npm, bug-bounty, windows, privilege-escalation12-Jul-2024
VULNERABILITY RESEARCHhttps://medium.com/@workwithsane/vulnerability-research-896c0ba07a57?source=rss------bug_bounty-5Sanebug-bounty, cybersecurity, bug-bounty-tips12-Jul-2024
My First Bug!!!Stored Cross Site Scripting(XSS)https://medium.com/@shahariarwalid/my-first-bug-stored-cross-site-scripting-xss-d84051ee4e86?source=rss------bug_bounty-5Shahariar Aminbug-bounty, xss-vulnerability, stored-xss12-Jul-2024
File Upload se kuch hatke : File Inclusion aur Path Traversal Vulnerabiliteshttps://medium.com/@yashprajapati791/file-upload-se-kuch-hatke-file-inclusion-aur-path-traversal-vulnerabilites-d10e16be0d7a?source=rss------bug_bounty-5Yash Virendra Prajapatipenetration-testing, bug-bounty, file-inclusion, vulnerability, file-upload12-Jul-2024
How i got Bug -XSShttps://medium.com/@basxth/how-i-got-bug-xss-8eec781ab58b?source=rss------bug_bounty-5Mohammed Basith K Bbug-bounty, xss-attack, google-dorking, xss-bypass, cybersecurity12-Jul-2024
Master Bug Bounty Hunting with Top Recon Toolshttps://medium.com/@labcodetech/master-bug-bounty-hunting-with-top-recon-tools-83516a4bcc54?source=rss------bug_bounty-5Codetech Labvulnerability, recon, bug-bounty, penetration-testing12-Jul-2024
NewLine Character Cause DoS: Folder & File Deletion Flawhttps://medium.com/@a13h1/newline-character-cause-dos-folder-file-deletion-flaw-8bec3079ed85?source=rss------bug_bounty-5Abhi Sharmacybersecurity, bug-bounty, programming, denial-of-service, infosec12-Jul-2024
10.6 Lab: Blind SSRF with Shellshock Exploitationhttps://cyberw1ng.medium.com/10-6-lab-blind-ssrf-with-shellshock-exploitation-a13e25b27dbc?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, cybersecurity, bug-bounty, penetration-testing12-Jul-2024
Setting up a private Burp Collaborator Serverhttps://medium.com/@AstroKrypTech/setting-up-a-private-burp-collaborator-server-71c55ff85815?source=rss------bug_bounty-5AstroKrypTechweb-application-security, bug-bounty-tips, bug-bounty12-Jul-2024
Git Gone Wrong: Application Compromise via Exposed .git Directoryhttps://medium.com/@cybersekler/git-gone-wrong-application-compromise-via-exposed-git-directory-392806b23435?source=rss------bug_bounty-5Cyber Seklerpenetration-testing, hacking, application-security, bug-bounty12-Jul-2024
RECON IS IMPORTANT !!! In Depth Recon Methodology Bug Bounty Part 01https://omarora1603.medium.com/recon-is-important-in-depth-recon-methodology-bug-bounty-part-01-2b69c3b168fe?source=rss------bug_bounty-5Om Aroramethodology, infosec, hacking, bug-bounty, bug-bounty-tips12-Jul-2024
NewLine Character Cause DoS: Folder & File Deletion Flawhttps://infosecwriteups.com/newline-character-cause-dos-folder-file-deletion-flaw-8bec3079ed85?source=rss------bug_bounty-5Abhi Sharmacybersecurity, bug-bounty, programming, denial-of-service, infosec12-Jul-2024
RECON IS IMPORTANT !!! In Depth Recon Methodology Bug Bounty Part 01https://infosecwriteups.com/recon-is-important-in-depth-recon-methodology-bug-bounty-part-01-2b69c3b168fe?source=rss------bug_bounty-5Om Aroramethodology, infosec, hacking, bug-bounty, bug-bounty-tips12-Jul-2024
How I Make Two SQL Injections Exploitable under the Magic Restricts in WordPresshttps://medium.com/@zpbrent/how-i-make-two-sql-injections-exploitable-under-the-magic-restricts-in-wordpress-817cd60dc80a?source=rss------bug_bounty-5Peng Zhouwordpress-plugins, wordpress, infosec, bug-bounty, web-security12-Jul-2024
آسیب پذیری های Jira را برطرف کنیدhttps://medium.com/@pardis.cloud/%D8%A2%D8%B3%DB%8C%D8%A8-%D9%BE%D8%B0%DB%8C%D8%B1%DB%8C-%D9%87%D8%A7%DB%8C-jira-%D8%B1%D8%A7-%D8%A8%D8%B1%D8%B7%D8%B1%D9%81-%DA%A9%D9%86%DB%8C%D8%AF-b28879e65c2e?source=rss------bug_bounty-5PardisCo Professional Tech Teamآسیبپذیری, bug-bounty, سرور, jira11-Jul-2024
How I Can Still See Your Image on Facebook After You Deleted It | Meta | BugBounty | 2024https://prathapilango.medium.com/how-i-can-still-see-your-image-on-facebook-after-you-deleted-it-meta-bugbounty-2024-3fa63022c4fc?source=rss------bug_bounty-5Prathapilangocybersecurity, meta, bug-bounty, bugbounty-writeup11-Jul-2024
Host Header Injectionhttps://medium.com/@nareshkumar76191/host-header-injection-bd6ffdafe1c0?source=rss------bug_bounty-5Nareshkumarred-team, hacker, bounty-program, bug-bounty, bug-bounty-tips11-Jul-2024
Admin panel Bypassed Just by reading “support team quotes”https://medium.com/@Ajakcybersecurity/admin-panel-bypassed-just-by-reading-support-team-quotes-5462538ea3a4?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, hacking, penetration-testing, ethical-hacking, cybersecurity11-Jul-2024
Cross-Account Profile Picture Deletion via CSRF Token Bypass paid me 500$.https://mustafa2.medium.com/cross-account-profile-picture-deletion-via-csrf-token-bypass-paid-me-500-60d5f4529a7b?source=rss------bug_bounty-5Hajusbug-bounty-tips, csrf-bypass, bug-bounty11-Jul-2024
A Revolutionary Bug Bounty Platform: Zero-Knowledge Proofs in Web3https://medium.com/@JohnnyTime/a-revolutionary-bug-bounty-platform-zero-knowledge-proofs-in-web3-5e9aaa536084?source=rss------bug_bounty-5Johnny Timebug-bounty, web3, bug-hunting, rewards, smart-contracts11-Jul-2024
Building an Ethical Hacking Playground at Homehttps://l00pinfinity.medium.com/building-an-ethical-hacking-playground-at-home-98439af54a78?source=rss------bug_bounty-5Collins K. Boitnetwork, hacking, security-analysts, ethical-hacking, bug-bounty11-Jul-2024
9.6 Lab: Partial construction race conditionshttps://cyberw1ng.medium.com/9-6-lab-partial-construction-race-conditions-303bfc70b5f8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, penetration-testing, bug-bounty, careers11-Jul-2024
Practical Bug Bounty — TCM Academy | Module 5https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-5-508b7fad93f1?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamiinformation-security, appsec, cybersecurity, bug-bounty, penetration-testing11-Jul-2024
Disclose the email address and phone number of chinese business resellerhttps://gtm0x01.medium.com/disclose-the-email-address-and-phone-number-of-chinese-business-reseller-f882978b8733?source=rss------bug_bounty-5Gtm Mänôzbug-bounty-writeup, facebook, hacking, bug-bounty, facebook-bug-bounty11-Jul-2024
XSS Zafiyetleri Test Casehttps://medium.com/@beyzatekinli/xss-t%C3%BCrleri-test-case-18f91987fb63?source=rss------bug_bounty-5Beyzanur Tekinligallipoli, xss-vulnerability, bug-bounty, xss-attack, xss-challenge11-Jul-2024
Abusing CORS for an XSS on Flickrhttps://medium.com/@proseizala/abusing-cors-for-an-xss-on-flickr-a820e3f28083?source=rss------bug_bounty-5Proseizalabug-bounty, hacker, cybersecurity, bug-bounty-tips11-Jul-2024
No Way Out: Enforced and Inescapable Organizational Membershiphttps://0xmatrix.medium.com/no-way-out-enforced-and-inescapable-organizational-membership-a2247caa1790?source=rss------bug_bounty-5Mo2men Elmadyhacking, bug-bounty, cybersecurity, penetration-testing11-Jul-2024
Complex Attack Types: Sample Scenarios 40https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-40-117efeaeaf61?source=rss------bug_bounty-5Baris Dincercybersecurity, penetration-testing, bug-bounty, information-technology, freedomofinternet11-Jul-2024
No Way Out: Enforced and Inescapable Organizational Membershiphttps://0xmatrix.medium.com/no-way-out-enforced-and-inescapable-organizational-membership-125ae7f52d61?source=rss------bug_bounty-5Mo2men Elmadybug-bounty, hacking, penetration-testing, cybersecurity11-Jul-2024
Reconnaissance Basichttps://medium.com/@ronyhassan091101/reconnaissance-basic-bf292dc3b705?source=rss------bug_bounty-5M. Mahmudul Hassanbug-bounty11-Jul-2024
Cracking the Code: A Walkthrough of the W1seGuy Room on TryHackMehttps://matsecurity.medium.com/cracking-the-code-a-walkthrough-of-the-w1seguy-room-on-tryhackme-678673298429?source=rss------bug_bounty-5MatSeccybersecurity, bug-bounty, tryhackme-walkthrough, ethical-hacking, cryptography11-Jul-2024
Bypass CSRF Protectionhttps://medium.com/@dr4040x00/bypass-csrf-protection-707b81c04149?source=rss------bug_bounty-5Ahmed Mohamedcsrf-attack, xss-vulnerability, bug-bounty, csrf, xss-attack11-Jul-2024
Tryhackme W1seGuy Room Walkthrough | MatSec Youtubehttps://matsecurity.medium.com/cracking-the-code-a-walkthrough-of-the-w1seguy-room-on-tryhackme-678673298429?source=rss------bug_bounty-5MatSeccybersecurity, bug-bounty, tryhackme-walkthrough, ethical-hacking, cryptography11-Jul-2024
Bug Bounty Hunting 101: A Comprehensive Guide for Beginnershttps://cyberw1ng.medium.com/bug-bounty-hunting-101-a-comprehensive-guide-for-beginners-41fa78ff0bbd?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, cybersecurity, careers10-Jul-2024
Magix Bug Bounty: magix.com (RCE, SQLi) and xara.com (LFI, XSS)https://medium.com/@proseizala/magix-bug-bounty-magix-com-rce-sqli-and-xara-com-lfi-xss-c4e8492bbf3e?source=rss------bug_bounty-5Proseizalabug-bounty-tips, hackerone, cybersecurity, bug-bounty, hacking10-Jul-2024
Rate Limit Bypass $150https://medium.com/@mr_ayyan/rate-limit-bypass-150-d4fecc05d31b?source=rss------bug_bounty-5Mrayyanirfanrewards, rate-limit, bug-bounty, bugs, hunting10-Jul-2024
The most important HTTP security headershttps://medium.com/@ronyhassan091101/the-most-important-http-security-headers-be4238f181d7?source=rss------bug_bounty-5M. Mahmudul Hassanbug-bounty10-Jul-2024
Complex Attack Types: Sample Scenarios 39https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-39-5ed408a9075d?source=rss------bug_bounty-5Baris Dincerbug-bounty, information-security, penetration-testing, cybersecurity, freedomofinternet10-Jul-2024
Bug Bounty Program for Gluon on Ergohttps://news.stability.nexus/bug-bounty-program-for-gluon-on-ergo-0ca233ce2d9a?source=rss------bug_bounty-5Zahnentfernercrypto, cryptocurrency, stable-coin, blockchain, bug-bounty10-Jul-2024
Host Header Poisoning Vulnerability: A Critical Web Security Flawhttps://zierax.medium.com/host-header-poisoning-vulnerability-a-critical-web-security-flaw-1c2991177e8c?source=rss------bug_bounty-5Zieraxpenetration-testing, cybersecurity, bug-bounty, hacking, vulnerability10-Jul-2024
The Ultimate Guide to Finding and Escalating XSS Bugshttps://medium.com/@proseizala/the-ultimate-guide-to-finding-and-escalating-xss-bugs-22894ef03fc4?source=rss------bug_bounty-5Proseizalabug-bounty-tips, hacker, cybersecurity, bug-bounty, hacking10-Jul-2024
My First Bug Bountyhttps://vikasrai11.medium.com/my-first-bug-bounty-975c47b3f5b5?source=rss------bug_bounty-5Vikas Raiethical-hacking, security, vulnerability, hacking, bug-bounty10-Jul-2024
Exploiting IDOR Vulnerability in PostgRESThttps://aminudin.medium.com/exploiting-idor-vulnerability-in-postgrest-ba0e980032b7?source=rss------bug_bounty-5Aminudinbugs, bug-bounty-tips, writeup, bug-bounty10-Jul-2024
HackerOne 2FA Bypass Vulnerability Exposed!https://medium.com/@lucas.verdan/hackerone-2fa-bypass-vulnerability-exposed-f41f61d6e7be?source=rss------bug_bounty-5Lucas Verdancybersecurity, cyber-attack-prevention, hackerone, bug-bounty-tips, bug-bounty09-Jul-2024
Detecting and exploiting limit overrun race conditions with Burp Repeaterhttps://cyberw1ng.medium.com/detecting-and-exploiting-limit-overrun-race-conditions-with-burp-repeater-43c26128642d?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, bug-bounty, cybersecurity, hacking09-Jul-2024
Airbnb — When Bypassing JSON Encoding, XSS Filter, WAF, CSP, and Auditor turns into Eight…https://medium.com/@proseizala/airbnb-when-bypassing-json-encoding-xss-filter-waf-csp-and-auditor-turns-into-eight-92a004f1cbe8?source=rss------bug_bounty-5Proseizalahacker, bug-bounty-tips, cybersecurity, bug-bounty09-Jul-2024
XSS TÜRLERİ TEST CASEhttps://medium.com/@aarda418/xss-t%C3%BCrleri%CC%87-test-case-a4ab5849100f?source=rss------bug_bounty-5Arda Aslanxss-attack, bug-bounty, xss-vulnerability09-Jul-2024
Become a Digital Detective: Earn Dollars by Testing Apps and Websiteshttps://medium.com/@wnaim11/become-a-digital-detective-earn-dollars-by-testing-apps-and-websites-00a45433d3e8?source=rss------bug_bounty-5The EmpowHERtech Collectivetesting, software-testing, bugs, crowdtesting, bug-bounty09-Jul-2024
Complex Attack Types: Sample Scenarios 38https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-38-10e2ee4d4316?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, threat-intelligence, cybersecurity, penetration-testing, bug-bounty09-Jul-2024
Nmap Cheat Sheet For Penetration Testing.https://medium.com/@umarhere4u/nmap-cheat-sheet-for-penetration-testing-70b555b91285?source=rss------bug_bounty-5Mohammad Umar Kachiethical-hacking, penetration-testing, nmap, hacking, bug-bounty09-Jul-2024
Account Takeover via Weak Reset Token Entropyhttps://medium.com/@majix_de/account-takeover-via-weak-reset-token-entropy-c475268daae6?source=rss------bug_bounty-5Majixprogramming, penetration-testing, bugbounty-writeup, bug-bounty, python09-Jul-2024
Subdomain Enumerationhttps://medium.com/@ronyhassan091101/subdomain-enumeration-4370bac688e1?source=rss------bug_bounty-5M. Mahmudul Hassanbug-bounty09-Jul-2024
10 tips and questions to help you find secondary context bugs — Bug Bounty Tuesdayhttps://medium.com/@kerstan/10-tips-and-questions-to-help-you-find-secondary-context-bugs-bug-bounty-tuesday-b8b3f9173522?source=rss------bug_bounty-5kerstanhacking, bug-bounty, cybersecurity09-Jul-2024
What Is The Attacks On Session Layer!https://medium.com/@reemmoslem34/what-is-the-attacks-on-session-layer-d3ac90d9c4cb?source=rss------bug_bounty-5Rem Khalidcybersecurity, malware, bug-bounty, programming, security09-Jul-2024
What Is The Attacks On Presentation Layer !https://medium.com/@reemmoslem34/what-is-the-attacks-on-presentation-layer-d98cbde4005b?source=rss------bug_bounty-5Rem Khalidprogramming, security, cybersecurity, malware, bug-bounty09-Jul-2024
What Is The Attacks On Application Layer!https://medium.com/@reemmoslem34/%D8%B7%D9%8A%D8%A8-%D8%AA%D8%B9%D8%A7%D9%84%D9%88%D8%A7-%D8%A3%D8%AE%D8%AA%D8%B5%D8%B1-%D8%A7%D9%84%D8%AD%D9%88%D8%A7%D8%B1-6e6617528bba?source=rss------bug_bounty-5Rem Khalidsecurity, bug-bounty, cybersecurity, malware, programming09-Jul-2024
Unearthing Hidden Assets: The Power of Active DNS Brute Forcing in Subdomain Discoveryhttps://bunny0417.medium.com/unearthing-hidden-assets-the-power-of-active-dns-brute-forcing-in-subdomain-discovery-44ec7f1250d4?source=rss------bug_bounty-5Aayush kumarsubdomains-enumeration, infosec, dns-brute-forcing, bug-bounty-tips, bug-bounty09-Jul-2024
Bypassing Admin Authentication Website Kampushttps://uzet.medium.com/bypassing-admin-authentication-website-kampus-b59bc43b6c98?source=rss------bug_bounty-5Timotius Benhurbug-bounty-tips, penetration-testing, bug-hunting, programming, bug-bounty08-Jul-2024
Revolutionizing Content Issue Detection with CiBI: A Game-Changer in Automationhttps://argotriwidodo.medium.com/revolutionizing-content-issue-detection-with-cibi-a-game-changer-in-automation-1e0f0b6e8ce9?source=rss------bug_bounty-5Argo triwidodoqa, bug-bounty, ai, automation08-Jul-2024
Web3 Development: Key Security Considerationshttps://securrtech.medium.com/web3-development-key-security-considerations-5358015e767a?source=rss------bug_bounty-5Securrblockchain, security, securr, web3, bug-bounty08-Jul-2024
Discovering a Sigma SQLi Vulnerability in Explore CMS 1.0https://soltanali0.medium.com/discovering-a-sigma-sqli-vulnerability-in-explore-cms-1-0-f68599f0e5dd?source=rss------bug_bounty-5soltanali0sqli, programming, bug-bounty-tips, bug-bounty, hackerone08-Jul-2024
PII Disclosure on NASAhttps://medium.com/@psychomong/pii-disclosure-on-nasa-667a96d3c31c?source=rss------bug_bounty-5psychomongbugs, sensitive, hacker, bug-bounty, pii08-Jul-2024
Last week in tech 4th editionhttps://medium.com/@azefox/last-week-in-tech-4th-edition-ec091e853fd3?source=rss------bug_bounty-5Azefoxtech, cybersecurity, infosec, cloud, bug-bounty08-Jul-2024
Ctrl + U to Bounty: How I Found Sensitive Info in the Source Codehttps://rofes1337.medium.com/ctrl-u-to-bounty-how-i-found-sensitive-info-in-the-source-code-e583528ee2fe?source=rss------bug_bounty-5Yousef Muhammedelkhirbug-bounty-writeup, hackerone, bug-bounty, information-disclosure, bugbounty-poc08-Jul-2024
Complex Attack Types: Sample Scenarios 37https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-37-2cd4d68b23f6?source=rss------bug_bounty-5Baris Dincerbug-bounty, freedomofinternet, penetration-testing, information-security, cybersecurity08-Jul-2024
Burpsuite SQL Injection Lab 4(Uhttps://medium.com/@paradoxicalThief/burpsuite-sql-injection-lab-4-u-065f1592531f?source=rss------bug_bounty-5The Cyber Guybug-bounty, ctf, web-security, infosec, ethical-hacking08-Jul-2024
Partial construction race conditionshttps://cyberw1ng.medium.com/partial-construction-race-conditions-007c478c53af?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, bug-bounty, hacking, careers08-Jul-2024
Disguising Malicious Files to Look Like Normal EXE or PDFshttps://osintteam.blog/disguising-malicious-files-to-look-like-normal-exe-or-pdfs-d785e116e989?source=rss------bug_bounty-5Meerabellhacking, osint-tool, bug-bounty, cybersecurity, microsoft08-Jul-2024
IDOR in Multinational Retail Company Leading to Unauthorized Access and Modificationshttps://medium.com/@kamalinux/idor-in-multinational-retail-company-leading-to-unauthorized-access-and-modifications-e36f8ea9e859?source=rss------bug_bounty-5Kamalbug-bounty, application-security, cybersecurity, penetration-testing, web-security08-Jul-2024
Zero to OSWE: Navigating the Journey with HTBhttps://adipsharif.medium.com/zero-to-oswe-navigating-the-journey-with-htb-b1972b99a646?source=rss------bug_bounty-5ADIPbug-bounty, penetration-testing, bug-bounty-tips, infosec-write-ups, infosec08-Jul-2024
The world’s most expensive insect… weighs 5 grams and costs 75 lakhs, know why people are crazy…https://medium.com/@blogy.bub/the-worlds-most-expensive-insect-weighs-5-grams-and-costs-75-lakhs-know-why-people-are-crazy-ce77bc2d8204?source=rss------bug_bounty-5Blogy Hubbug-bounty, health, news, news-articles, bugs08-Jul-2024
Find XSS on the Fly ( Full guide )https://medium.com/@zack0x01_/find-xss-on-the-fly-full-guide-300f07fb86ae?source=rss------bug_bounty-5zack0x01hacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty, bugbounty-poc08-Jul-2024
Escalating XSS in PhantomJS Image Rendering to SSRF/Local-File Readhttps://medium.com/@proseizala/escalating-xss-in-phantomjs-image-rendering-to-ssrf-local-file-read-9e11e94c480a?source=rss------bug_bounty-5Proseizalabug-bounty, bug-bounty-tips, hacking, cybersecurity08-Jul-2024
CVE-2024–34750 Apache Tomcat DoS vulnerability in HTTP/2 connectorhttps://medium.com/@proseizala/cve-2024-34750-apache-tomcat-dos-vulnerability-in-http-2-connector-54033187cd4b?source=rss------bug_bounty-5Proseizalacybersecurity, bugs, hacking, bug-bounty08-Jul-2024
I found an email verification bypasshttps://medium.com/@pvnk24/i-found-an-email-verification-bypass-982b00864366?source=rss------bug_bounty-5Pavan Kethical-hacking, security, web-security, penetration-testing, bug-bounty07-Jul-2024
Demystifying HTTP Parameters for beginnershttps://medium.com/@mrunoriginal/demystifying-http-parameters-for-beginners-219d5c65499e?source=rss------bug_bounty-5mrunoriginalinformation-security, web-application-security, web-application-hacking, bug-bounty, cybersecurity07-Jul-2024
Everything About CISM: Your Comprehensive Guide to the Certified Information Security Manager…https://medium.com/@mazharshadab292/everything-about-cism-your-comprehensive-guide-to-the-certified-information-security-manager-3d57969a066d?source=rss------bug_bounty-5Shadab Mazharcertification, cybersecurity, hacking, bug-bounty07-Jul-2024
Practical Bug Bounty — TCM Academy | Module 1https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-1-17dadeda56a0?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamiinformation-security, tcm-security, bug-bounty, cybersecurity, ethical-hacking07-Jul-2024
Exposing Sensitive Data: A Journey into CDN Path Traversal Vulnerabilitieshttps://medium.com/@sulmanfarooq531/exposing-sensitive-data-a-journey-into-cdn-path-traversal-vulnerabilities-fec1c7917a86?source=rss------bug_bounty-5Sulman Farooq Sbug-bounty, cybersecurity, hacking, path-traversal, cdn07-Jul-2024
Hunting the Hunters: Exposing the Fake SBI YONO APKhttps://medium.com/@tirqwork1/hunting-the-hunters-exposing-the-fake-sbi-yono-apk-0dd979aad23f?source=rss------bug_bounty-5ARoyinformation-security, cybersecurity, bug-bounty, scammer-exposed, info-sec-writeups07-Jul-2024
Using ChatGPT for Bug Bounty and finding vulnerabilitieshttps://medium.com/@siratsami71/using-chatgpt-for-bug-bounty-and-finding-vulnerabilities-4a04de771a68?source=rss------bug_bounty-5Sirat Sami (analyz3r)hacker, chatgpt, bug-bounty, cybersecurity07-Jul-2024
Cracking the Runner: A Step-by-Step Guide to Hacking a Medium-Level Machine on Hack The Boxhttps://medium.com/@niranjanshinde2325/cracking-the-runner-a-step-by-step-guide-to-hacking-a-medium-level-machine-on-hack-the-box-ae6f55ca01bd?source=rss------bug_bounty-5Niranjanethical-hacking, hack-the-box-writeup, bug-bounty, penetration-testing, cybersecurity07-Jul-2024
8.6 Lab: Web shell upload via race conditionhttps://cyberw1ng.medium.com/8-6-lab-web-shell-upload-via-race-condition-1870707752d3?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, penetration-testing, cybersecurity07-Jul-2024
Avoid ‘OR 1=1’ while doing SQL Injection, Why?https://medium.com/@aaftaba.k47/avoid-or-1-1-while-doing-sql-injection-why-5e7cc0716ef3?source=rss------bug_bounty-5Aaftab A. Kadavaikarcybersecurity-awareness, bug-bounty, sql-injection, web-penetration-testing07-Jul-2024
How i got Cross-site Scripting (XSS)Reflected Using an unknown techniquehttps://medium.com/@0xmekky/how-i-got-cross-site-scripting-xss-reflected-using-an-unknown-technique-ca4984827465?source=rss------bug_bounty-5abdelrahem mekkyxss-vulnerability, xss-attack, bug-bounty07-Jul-2024
Race Conditions Attacks To limit bypasshttps://sharmajijvs.medium.com/race-conditions-attacks-to-limit-bypass-c9dee647145b?source=rss------bug_bounty-5Jay Sharmabug-report, bug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup07-Jul-2024
Complex Attack Types: Sample Scenarios 36https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-36-c648fd8d55bd?source=rss------bug_bounty-5Baris Dincerthreat-intelligence, penetration-testing, freedomofinternet, cybersecurity, bug-bounty07-Jul-2024
404 Not Found to Google cloud service account credentials disclosure!https://kumarmohank889.medium.com/404-not-found-to-google-cloud-service-account-credentials-disclosure-3b5f64e80fd5?source=rss------bug_bounty-5Mohan Kumar Nbug-bounty-tips, bug-bounty, infosec-write-ups, hacking, security-research07-Jul-2024
Bug Hunter? If only…https://medium.com/@ded3y3/bug-hunter-if-only-5fabca6cffb7?source=rss------bug_bounty-5cr00k3d3y3cybersecurity, bug-bounty, life07-Jul-2024
Stored XSS in PDF Viewerhttps://medium.com/@osamaavvan/stored-xss-in-pdf-viewer-9cc5b955de2b?source=rss------bug_bounty-5Osama Avvanbug-bounty, cybersecurity, pdf, xss-attack06-Jul-2024
Understanding and Preventing Server-Side Request Forgery (SSRF)https://medium.com/@ashhadali2019/understanding-and-preventing-server-side-request-forgery-ssrf-15d939dc9529?source=rss------bug_bounty-5Ashhadalissrf, bug-bounty, web, cybersecurity06-Jul-2024
MerlinChain Partners with BugRap, Launches $200,000 Bug Bounty to Enhance BTC Ecosystem Securityhttps://medium.com/@BugRap_Team/merlinchain-partners-with-bugrap-launches-200-000-bug-bounty-to-enhance-btc-ecosystem-security-17ef71444914?source=rss------bug_bounty-5BugRap Teamcrypto, security, web3, btc, bug-bounty06-Jul-2024
A Simple 2FA Bypasshttps://infosecwriteups.com/a-simple-2fa-bypass-43c8af9006ec?source=rss------bug_bounty-5hackerdevilbug-bounty, hacking, bug-bounty-tips, bug-bounty-writeup, penetration-testing06-Jul-2024
Complex Attack Types: Sample Scenarios 35https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-35-bc24cffb5f95?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, cybersecurity, information-technology, bug-bounty, penetration-testing06-Jul-2024
From Long-Term Hacking to Instant Rewards: Finding SQLi in 3 Minutes Worth $3125https://medium.com/@gguzelkokar.mdbf15/from-long-term-hacking-to-instant-rewards-finding-sqli-in-3-minutes-worth-3125-ac36c6e950bf?source=rss------bug_bounty-5Gökhan Güzelkokarsql, hacking, bug-bounty, hackerone, sql-injection06-Jul-2024
$500 for Cracking Invitation Code For Unauthorized Access & Account Takeoverhttps://medium.com/@a13h1/500-for-cracking-invitation-code-for-unauthorized-access-account-takeover-558c663fb947?source=rss------bug_bounty-5Abhi Sharmarate-limiting, bug-bounty, account-takeover, base64, cybersecurity06-Jul-2024
Rate Limit Bypass Due to Cryptographic Weaknesshttps://javroot.medium.com/rate-limit-bypass-due-to-cryptographic-weakness-2cdb3a112bba?source=rss------bug_bounty-5Javrootsecurity-token, bug-bounty, web, cryptography, research06-Jul-2024
Exploiting flawed validation of file uploadshttps://cyberw1ng.medium.com/exploiting-flawed-validation-of-file-uploads-8a089992e3a1?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, penetration-testing06-Jul-2024
Identifying, ChronosCodeFail, a Critical Bug in the Dayforce Clock Systemhttps://medium.com/@quantumsquint/identifying-chronoscodefail-a-critical-bug-in-the-dayforce-clock-system-58cb98c00d32?source=rss------bug_bounty-5Quantum Squint Research Dept.developer-tools, penetration-testing, bug-bounty, regression-analysis, cybersecurity06-Jul-2024
Penjelasan Wifi Deauth Attack dan Demonstrasinyahttps://hack4funacademy.medium.com/penjelasan-wifi-deauth-attack-dan-demonstrasinya-1cecaca53915?source=rss------bug_bounty-5Hack4Fun Academyethical-hacking, wifi, cybersecurity, hacking, bug-bounty05-Jul-2024
BountyDork: Your Ultimate Automatic Dorking Testing Companion For Bug Bountyhttps://infosecwriteups.com/bountydork-your-ultimate-automatic-dorking-testing-companion-for-bug-bounty-b2bd41cb7344?source=rss------bug_bounty-5ElNiakgoogle-dork, python, bug-bounty, cybersecurity, technology05-Jul-2024
How to Install Bwapp in Virtualboxhttps://medium.com/@bhardwajshekhar/how-to-install-bwapp-in-virtualbox-6bf7f1ba9a0f?source=rss------bug_bounty-5Shekhar Bhardwajowasp-top-10, bwapp, pentesting, bug-bounty05-Jul-2024
How I Found Critical Bugs :: SQL Injection → Compromised 10+ Govt. website’s Whole Databases !!https://medium.com/@p.ra.dee.p_0xx01/how-i-found-critical-bugs-sql-injection-compromised-10-govt-websites-whole-databases-ad55899ff5db?source=rss------bug_bounty-5Professor0xx01cybersecurity, bug-bounty, offensive-security, penetration-testing, vdp05-Jul-2024
How to Find Subdomains Using Various Tools and Methodshttps://medium.com/@j0k3r01/how-to-find-subdomains-using-various-tools-and-methods-583a7311c897?source=rss------bug_bounty-5J0k3Rsubdomains-enumeration, recon, penetration-testing, bug-bounty, osint05-Jul-2024
Complex Attack Types: Sample Scenarios 34https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-34-48d60e2bb0fb?source=rss------bug_bounty-5Baris Dincerthreat-intelligence, penetration-testing, bug-bounty, cybersecurity, freedomofinternet05-Jul-2024
Everything About OSCP: A Comprehensive Guidehttps://medium.com/@mazharshadab292/everything-about-oscp-a-comprehensive-guide-36794d325e67?source=rss------bug_bounty-5Shadab Mazharhacking, bug-bounty, certification, programming05-Jul-2024
Penggunaan Tools Steghide, ExifTool dan Uji Coba Automation Scanner Bug Bounty (Dalfox)https://medium.com/@anggitaniaaurien/penggunaan-tools-steghide-exiftool-dan-uji-coba-automation-scanner-bug-bounty-dalfox-4fbe93e83eb3?source=rss------bug_bounty-5Anggitania Aurienbug-bounty, exiftool, xs, steghide, kxss05-Jul-2024
The PDF Trojan Horse: Leveraging HTML Injection for SSRF and Internal Resource Accesshttps://uchihamrx.medium.com/the-pdf-trojan-horse-leveraging-html-injection-for-ssrf-and-internal-resource-access-fbf69efcb33d?source=rss------bug_bounty-5Abdelrhman Amincybersecurity, web-penetration-testing, penetration-testing, bug-bounty, bug-bounty-tips05-Jul-2024
Unlocking the Power of Nmap: Your Ultimate Guide to Network Scanninghttps://medium.com/@josuofficial327/unlocking-the-power-of-nmap-your-ultimate-guide-to-network-scanning-3cb66fe66d75?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuhacking, cybersecurity, bug-bounty, penetration-testing, linux05-Jul-2024
2.14 Lab: 2FA bypass using a brute-force attackhttps://cyberw1ng.medium.com/2-14-lab-2fa-bypass-using-a-brute-force-attack-ad74afd23fcd?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, penetration-testing, hacking05-Jul-2024
A Big Gmail Flaw: Sending Hidden Viruses in Gmail.https://medium.com/@azanulrana/a-big-gmail-flaw-sending-hidden-viruses-in-gmail-09b52dd891e9?source=rss------bug_bounty-50xazanulinfosec-write-ups, infosec, hackerone, bug-bounty05-Jul-2024
How I Found Critical Bugs :: SQL Injection → Compromised 10+ Govt. website’s Whole Databases !!https://medium.com/@p.ra.dee.p_0xx01/how-i-found-critical-bugs-sql-injection-compromised-10-govt-websites-whole-databases-ad55899ff5db?source=rss------bug_bounty-5Professor.0xx01cybersecurity, bug-bounty, offensive-security, penetration-testing, vdp05-Jul-2024
How to Use Google Dorks to Access Online Camerashttps://medium.com/@mirabelle.dib/how-to-use-google-dorks-to-access-online-cameras-251e83106f6b?source=rss------bug_bounty-5Meerabellinformation-security, cybersecurity, bug-bounty, hacking, google-dork05-Jul-2024
Nuclei Kullanımıhttps://medium.com/@sabriacun552/nuclei-kullan%C4%B1m%C4%B1-7038742dc53e?source=rss------bug_bounty-5Sabriacunvulnerability-scanning, cybersecurity, bug-bounty, penetration-testing05-Jul-2024
SSRF Vulnerability in HiTranslate: A Technical Breakdownhttps://medium.com/@security.tecno/ssrf-vulnerability-in-hitranslate-a-technical-breakdown-a5f517467a5b?source=rss------bug_bounty-5TECNO Securityhacking, security, bug-bounty, apps04-Jul-2024
Mastering Bug Bounty with Professor: Strategies for Successhttps://bughuntar.medium.com/mastering-bug-bounty-with-professor-strategies-for-success-436fac3c7e28?source=rss------bug_bounty-5Professor the Huntercybersecurity, professorthehunter, bug-bounty, bug-bounty-tips, bughuntar04-Jul-2024
Google launches $250,000 bug bounty, this time targeting KVM, a virtual machine elementhttps://medium.com/@tothe21century/google-launches-250-000-bug-bounty-this-time-targeting-kvm-a-virtual-machine-element-d73cfbd63243?source=rss------bug_bounty-5RICH CHOIbug-bounty04-Jul-2024
How I Found an IDOR Vulnerability in a Public Program on HackerOnehttps://medium.com/@muhammadfurqanoffical/how-i-found-an-idor-vulnerability-in-a-public-program-on-hackerone-44c6724b0292?source=rss------bug_bounty-5Muhammad Furqanbug-bounty-writeup, infosec-write-ups, bug-bounty, idor, hackerone04-Jul-2024
Apa itu XSS dan Bagaimana cara saya menemukan puluhan XSS Vulnerabilityhttps://hack4funacademy.medium.com/apa-itu-xss-dan-bagaimana-cara-saya-menemukan-puluhan-xss-vulnerability-46fba9491bba?source=rss------bug_bounty-5Hack4Fun Academyvulnerability, xss-attack, hacking, cybersecurity, bug-bounty04-Jul-2024
Understanding Request Smuggling: A Hidden Web Vulnerability (K-Edition)https://medium.com/@friendly_/understanding-request-smuggling-a-hidden-web-vulnerability-k-edition-6ffab38d5aa1?source=rss------bug_bounty-5Friendlyhacking, bug-bounty, bugbounty-writeup, bug-bounty-tips04-Jul-2024
How I Used Keylogger XSS to Capture Credentials Leading to ATOhttps://medium.com/@yyaminn/how-i-used-keylogger-xss-to-capture-credentials-leading-to-ato-06593e7a0798?source=rss------bug_bounty-5yyaminncybersecurity, bug-bounty, xss-attack, bugbounty-writeup, infosec04-Jul-2024
HACKBAR: A BROWSER EXTENSION FOR WEB SECURITY TESTINGhttps://medium.com/@Progsky/hackbar-a-browser-extension-for-web-security-testing-461b97d1a9e9?source=rss------bug_bounty-5Progskyhacking, bug-bounty, pentesting, penetration-testing, web-security04-Jul-2024
How I earned $500 bounty for privilege escalation vulnerability !!https://kumarmohank889.medium.com/how-i-earned-500-bounty-for-privilege-escalation-vulnerability-c42977abcc52?source=rss------bug_bounty-5Mohan Kumar Nhacking, bug-bounty, security, bug-bounty-tips, security-research04-Jul-2024
2.13 Lab: Broken brute-force protection, multiple credentials per requesthttps://cyberw1ng.medium.com/2-13-lab-broken-brute-force-protection-multiple-credentials-per-request-1beb6a85b12c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, hacking, bug-bounty, penetration-testing04-Jul-2024
Tools For Beginner Bug Hunter, Penetration Tester or Web Security Engineerhttps://medium.com/@a5adujjaman/tools-for-beginner-bug-hunter-penetration-tester-or-web-security-engineer-a5510748fc5a?source=rss------bug_bounty-5Asadujjaman Asifweb-security, penetration-testing, security, bug-bounty, hacking04-Jul-2024
0 star rating got me 40 EUR. MY first bug I got paid for.https://medium.com/@siyamhassan.main/0-star-rating-got-me-40-eur-my-first-bug-i-got-paid-for-18417f76a707?source=rss------bug_bounty-52004siyam_hassanbug-bounty, bunty04-Jul-2024
IDOR to change other’s Account Namehttps://codingninjablogs.tech/idor-to-change-others-account-name-43ddf7cfe429?source=rss------bug_bounty-5#$ubh@nk@ridor, hacking, bug-bounty, infosec, web-security04-Jul-2024
The Problem With Bug Bountieshttps://kf106.medium.com/the-problem-with-bug-bounties-0c5d956411d8?source=rss------bug_bounty-5Keir Finlow-Batesbug-bounty, bug-bounty-program, hacking, computer-security, cryptocurrency04-Jul-2024
Mass Hunting XSS vulnerabilitieshttps://systemweakness.com/mass-hunting-xss-vulnerabilities-8d4785968727?source=rss------bug_bounty-5Imran Niazcross-site-scripting, bug-bounty-hunter, bug-bounty, bug-bounty-tips, xss-vulnerability04-Jul-2024
0 star rating got me 40 EUR. MY first bug I got paid for.https://medium.com/@siyamhassan.main/0-star-rating-got-me-40-eur-my-first-bug-i-got-paid-for-18417f76a707?source=rss------bug_bounty-5Clasherbug-bounty, bunty04-Jul-2024
IDOR vulnerability allow attacker to make a checkout order on behalf of other usershttps://medium.com/@omarataallah98/idor-vulnerability-allow-attacker-to-make-an-order-checkout-on-behalf-other-users-accounts-2bdc4c7b8eca?source=rss------bug_bounty-5Omarataallahsecurity-testing, hacking, bug-bounty, hacks, idor-vulnerability03-Jul-2024
How to find wildcard bug bounty assets owned by a company.https://medium.com/@tom.sh/how-to-find-wildcard-bug-bounty-assets-owned-by-a-company-991db585a554?source=rss------bug_bounty-5Tombug-bounty, recon, reconnaissance, cybersecurity, hacking03-Jul-2024
26.1 Lab: Exploiting LLM APIs with excessive agencyhttps://cyberw1ng.medium.com/26-1-lab-exploiting-llm-apis-with-excessive-agency-bb94aa506893?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, hacking, cybersecurity, penetration-testing03-Jul-2024
Complex Attack Types: Sample Scenarios 32https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-32-7c47b8e5d139?source=rss------bug_bounty-5Baris Dincercybersecurity, bug-bounty, threat-intelligence, penetration-testing, freedomofinternet03-Jul-2024
Mobile App Testing with Android Studio & Fridahttps://medium.com/@jaylinscorner/mobile-app-testing-with-android-studio-frida-b65484121ba6?source=rss------bug_bounty-5Jaylin Nelsonbug-bounty, penetration-testing, cybersecurity, mobile-app-testing, frida03-Jul-2024
Blind OS Command Injection with time delays from Theory to Practical POChttps://medium.com/@dhruvsingh0203/hola-hackers-im-dhruv-singh-a-cybersecurity-enthusiast-passionate-about-exploring-the-depths-834a9d140115?source=rss------bug_bounty-5Dhruv Singhethical-hacking, command-injection, bug-bounty, hacking03-Jul-2024
IDOR vulnerability allow attacker to make a checkout order on behalf of other usershttps://medium.com/@Bug_Bounty/idor-vulnerability-allow-attacker-to-make-a-checkout-order-on-behalf-of-other-users-397b16ece8fc?source=rss------bug_bounty-5Bug Bountybug-bounty, bountytips, togetherwehitharder, idor03-Jul-2024
Meta MFA bypass security bug was turned down, calling it a feature! What do you think?https://medium.com/@kannnannmk/meta-mfa-bypass-security-bug-was-turned-down-calling-it-a-feature-what-do-you-think-9663e7c5a65e?source=rss------bug_bounty-5Neelamegha Kannan Sbug-bounty-tips, bug-bounty, cybersecurity, penetration-testing, meta03-Jul-2024
Aylık Özet Haziran 2024: Incognitee Hata Ödülü Lansmanı, Polkadot Hazine Teklifi ve Daha Fazlasıhttps://medium.com/@integriteetr/ayl%C4%B1k-%C3%B6zet-haziran-2024-incognitee-hata-%C3%B6d%C3%BCl%C3%BC-lansman%C4%B1-polkadot-hazine-teklifi-ve-daha-fazlas%C4%B1-22beabdf77aa?source=rss------bug_bounty-5Integriteetrintegritee, bug-bounty, blockchain, polkadot, wrap-up03-Jul-2024
PortSwigger LABs- SQL Injectionhttps://medium.com/@1dnz/lab-sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-ec0d03f83574?source=rss------bug_bounty-5H-ACK-inghacks, portswigger-lab, bug-bounty, hacking03-Jul-2024
A story of a nice SSRF vulnerability.https://medium.com/@oXnoOneXo/a-story-of-a-nice-ssrf-vulnerability-51e16ff6a33f?source=rss------bug_bounty-5oXnoOneXohackerone, bug-bounty, ssrf03-Jul-2024
#IBRAHIMXSS TOOL RELEASEhttps://ibrahimxss.medium.com/ibrahimxss-tool-release-97ba90fc3419?source=rss------bug_bounty-5#IbrahimXSSxss-challenge, xss-bypass, xss-attack, xss-vulnerability, bug-bounty03-Jul-2024
How I Discovered Authentication Bypass That Blocks Users from Accessing the Website ?https://sayedv2.medium.com/how-i-discovered-authentication-bypass-that-blocks-users-from-accessing-the-website-93140fa180ac?source=rss------bug_bounty-5Mohamed Sayedbug-bounty-writeup, bug-bounty-tips, hackerone, authentication, bug-bounty03-Jul-2024
Bypassing Input Validation $0 - $1000https://medium.com/@mdnafeed3/bypassing-input-validation-0-1000-799682d547ba?source=rss------bug_bounty-5H4cker-Nafeedtechnology, infosec, cybersecurity, bug-bounty02-Jul-2024
Understanding Admin Login Bypass: A Critical Security Discussionhttps://farrosfr.medium.com/understanding-admin-login-bypass-a-critical-security-discussion-2641e54e60fd?source=rss------bug_bounty-5Mochammad Farros Fatchur Rojiphp, programming, bug-bounty, web, cybersecurity02-Jul-2024
Do Hackers Really Need Coding Skills? Let’s Understand . . .https://d3athcod3.medium.com/do-hackers-really-need-coding-skills-lets-understand-51e60e16c978?source=rss------bug_bounty-5D3athCod3technology, hacking, cybersecurity, bug-bounty, computer-science02-Jul-2024
18.4 Lab: Arbitrary object injection in PHPhttps://cyberw1ng.medium.com/18-4-lab-arbitrary-object-injection-in-php-30a164de4595?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, hacking, cybersecurity02-Jul-2024
Secret phishing bug google dont want you to knowhttps://medium.com/@eyaalgabay/secret-phishing-bug-google-dont-want-you-to-know-4d6d7616fa3f?source=rss------bug_bounty-5Eyaalgabayweb-hacking, bug-bounty, hacking, cybersecurity, unicode02-Jul-2024
LendingOwl introduces Bug Bounty Program.https://medium.com/@valeriecameron70/lendingowl-introduces-bug-bounty-program-739910791826?source=rss------bug_bounty-5Valerie Cameronlending, fintech, p2p, bug-bounty, news-articles02-Jul-2024
How I found IDOR in NASAhttps://infosecwriteups.com/how-i-found-idor-in-nasa-4186a03455b4?source=rss------bug_bounty-5Eslam Omarhacking, bug-bounty, bug-bounty-tips, nasa02-Jul-2024
AT&T Bug Bounty Program Scopehttps://medium.com/@imusabkhan/at-t-bug-bounty-program-scope-ae256fbf1bf9?source=rss------bug_bounty-5Mohammad Musab Khanbug-bounty, ethical-hacking, att, writeup, hackerone02-Jul-2024
Monthly Wrap-Up June 2024: Incognitee Bug Bounty Launch, Polkadot Treasury Proposal & Morehttps://medium.com/integritee/monthly-wrap-up-june-2024-incognitee-bug-bounty-launch-polkadot-treasury-proposal-more-c3623df413d4?source=rss------bug_bounty-5Integritee Networkbug-bounty, integritee, polkadot, wrap-up, blockchain02-Jul-2024
How to Find Your First CVE: A Guide for Aspiring Security Researchershttps://medium.com/@khammassilouay21/how-to-find-your-first-cve-a-guide-for-aspiring-security-researchers-c1e5eb9e819a?source=rss------bug_bounty-5Khammassilouaycve, web-security, bug-bounty, cybersecurity02-Jul-2024
Self XSS + Login CSRF + OAuth = Account Takeoverhttps://medium.com/@l_s_/self-xss-login-csrf-oauth-account-takeover-6357f3395b49?source=rss------bug_bounty-5LSbug-bounty, xss-attack, oauth, csrf, hacking02-Jul-2024
INFORMATION DISCLOSURE THROUGH AN ORGANIZATION’S NETWORKhttps://hackhive.medium.com/information-disclosure-through-an-organizations-network-1f4e0bac1c55?source=rss------bug_bounty-5HackHivebug-bounty, pentesting, vulnerability-assessment, information-security, information-disclosure02-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-33)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-33-31e20416b7aa?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, cybersecurity, hacking, ethical-hacking, bug-bounty02-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-32)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-32-044ea32fd931?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, hacking, skills, cybersecurity, bug-bounty02-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-31)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-31-401155afb539?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, skills, hacking, bug-bounty, ethical-hacking02-Jul-2024
File upload to RCE — Bug Bounty Tuesdayhttps://medium.com/@kerstan/file-upload-to-rce-bug-bounty-tuesday-f8dda0ed4077?source=rss------bug_bounty-5kerstanhacking, cybersecurity, bug-bounty02-Jul-2024
The Dark Side of Contact Forms: How I Identified 7 CVEs in WordPress Pluginshttps://dropn0w.medium.com/the-dark-side-of-contact-forms-how-i-identified-7-cves-in-wordpress-plugins-30f6111dfebf?source=rss------bug_bounty-5dropbug-bounty, hacking, information-security, wordpress, cybersecurity02-Jul-2024
How to Find Your First CVE: A Guide for Aspiring Security Researchershttps://systemweakness.com/how-to-find-your-first-cve-a-guide-for-aspiring-security-researchers-c1e5eb9e819a?source=rss------bug_bounty-5Khammassilouaycve, web-security, bug-bounty, cybersecurity02-Jul-2024
How to Use Google Dorks to Find Vulnerabilitieshttps://medium.com/@meerabell/how-to-use-google-dorks-to-find-vulnerabilities-da782f05826e?source=rss------bug_bounty-5Meerabellhacking, information-security, bug-bounty, google-dork, cybersecurity02-Jul-2024
Exploiting Response Manipulation for Account Takeoverhttps://medium.com/@sdarmwal17/exploiting-response-manipulation-for-account-takeover-b19ce1494109?source=rss------bug_bounty-5Shubham Darmwalotp-bypass, cybersecurity, account-takeover, bug-bounty, response-manipulation02-Jul-2024
Complex Attack Types: Sample Scenarios 31https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-31-b4f0ee2f90ac?source=rss------bug_bounty-5Baris Dincerbug-bounty, cybersecurity, active-directory, penetration-testing, freedomofinternet02-Jul-2024
How to Use Google Dorks to Find Vulnerabilitieshttps://medium.com/@mirabelle.dib/how-to-use-google-dorks-to-find-vulnerabilities-da782f05826e?source=rss------bug_bounty-5Meerabellhacking, information-security, bug-bounty, google-dork, cybersecurity02-Jul-2024
Effective XSS methodology : The true way to hunt XSShttps://xdead4f.medium.com/effective-xss-methodology-the-true-way-to-hunt-xss-4f4d740035cc?source=rss------bug_bounty-50xdead4fxss-attack, bug-hunting, bug-bounty, cybersecurity01-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-29)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-29-d5e656812d96?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, cybersecurity, bug-bounty, hacking, skills01-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-28)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-28-ae3cb3e93960?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, bug-bounty, cyber-security-awareness, ethical-hacking, hacking01-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-27)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-27-f5c03938d8fb?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cyber-security-awareness, ethical-hacking, hacking, bug-bounty-tips01-Jul-2024
Understanding and Mitigating Smart Contract Vulnerabilitieshttps://securrtech.medium.com/understanding-and-mitigating-smart-contract-vulnerabilities-291b7fe168f2?source=rss------bug_bounty-5Securrvulnerability, bug-bounty, cybersecurity, securr, smart-contracts01-Jul-2024
18.3 Using application functionality to exploit insecure deserializationhttps://cyberw1ng.medium.com/18-3-using-application-functionality-to-exploit-insecure-deserialization-d6f18fe4811c?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, penetration-testing, bug-bounty, careers01-Jul-2024
Phishing or What?? How I Got Access to the Internal Email of a Companyhttps://infosecwriteups.com/phishing-or-what-how-i-got-access-to-the-internal-email-of-a-company-a098fb08728?source=rss------bug_bounty-5whit3ros3infosec, ethical-hacking, hacking, bug-bounty, bug-bounty-tips01-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-30)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-30-e3519045da6d?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, skills, cybersecurity, bug-bounty, hacking01-Jul-2024
Unmasking the Danger: Open Redirection via Referer Headerhttps://medium.com/@sulmanfarooq531/unmasking-the-danger-open-redirection-via-referer-header-a527ab4e7be1?source=rss------bug_bounty-5Sulman Farooq Scybersecurity, bug-bounty, hacking, open-redirect01-Jul-2024
How I Found CVE-2019-9826 on one of famous crypto company. $$$$https://medium.com/@a7madhacck/how-i-found-cve-2019-9826-on-one-of-famous-crypto-company-f23d9ba69861?source=rss------bug_bounty-5Ahmad Yussefbug-bounty-writeup, cybersecurity, bug-bounty-tips, hacking, bug-bounty01-Jul-2024
3 Easy cash via cachehttps://medium.com/@mohamed0xmuslim/3-easy-cash-via-cache-99d600565ac5?source=rss------bug_bounty-5Muhammad_Mostafabug-bounty01-Jul-2024
Story of a 1000$ Open Redirecthttps://infosecwriteups.com/story-of-a-1000-open-redirect-1405fb8a0e7a?source=rss------bug_bounty-5Debangshu Kunducybersecurity, medium, bug-bounty, hacking, technology01-Jul-2024
‍Hacking Hidden Gems: Content Discovery with Webseekhttps://medium.com/@hackertam1/hacking-hidden-gems-content-discovery-with-webseek-cf5a00c97d72?source=rss------bug_bounty-5Tahir Mujawarcybersecurity, bug-bounty, recon, ethical-hacking, penetration-testing01-Jul-2024
How I found Bug on NASAhttps://medium.com/@psychomong/how-i-found-bug-on-nasa-b2408e14aa17?source=rss------bug_bounty-5psychomongbug-bounty, real-world-bug-hunting, nasa, hacking, hacker01-Jul-2024
My 60 Days Journey To Find My First Bughttps://medium.com/@binarysleuth247/my-60-days-journey-to-find-my-first-bug-59a2e676fda8?source=rss------bug_bounty-5binarysleuth247bug-bounty01-Jul-2024
VPS -Virtual Private Server-https://medium.com/@haticezkmnl/vps-virtual-private-server-f37ffab2f3f1?source=rss------bug_bounty-5Hatice Zehra Kamanlıservers, website, bug-bounty, public, vps01-Jul-2024
THM — Blog walkthroughhttps://medium.com/@riickyrick/thm-blog-walkthrough-21f2844eafda?source=rss------bug_bounty-5Riickythm, bug-bounty, metasploit, wordpress, writeup01-Jul-2024
Mengumpulkan javascript file pada suatu websites untuk menemukan information disclosurehttps://hack4funacademy.medium.com/mengumpulkan-javascript-file-pada-suatu-websites-untuk-menemukan-information-disclosure-8126fcccd77d?source=rss------bug_bounty-5Hack4Fun Academypentesting, cybersecurity, bug-bounty, bug-bounty-tips, hacking30-Jun-2024
XSS Deep Learning and Test Case Preparationhttps://medium.com/@barsavak/xss-deep-learning-and-test-case-preparation-3f796a7ad5ed?source=rss------bug_bounty-5bariss30bug-bounty-tips, bug-bounty, xss-vulnerability30-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-26)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-26-49760a380496?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program, bug-bounty30-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-25)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-25-25328dcc629f?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty-writeup, bug-bounty-program, bug-bounty, bug-bounty-tips30-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-24)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-24-17e137c514ed?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty-program, bug-bounty-tips, bug-bounty, bug-bounty-writeup30-Jun-2024
The Only Methodology you need to Know to earn $$$$ in Bug Bounty in your First Dayhttps://xdead4f.medium.com/the-only-methodology-you-need-to-know-to-earn-in-bug-bounty-in-your-first-day-e8a361c89eb5?source=rss------bug_bounty-50xdead4fbug-bounty, side-hustle, bug-bounty-methodology30-Jun-2024
Guide to Using ffufhttps://medium.com/@learntheshell/guide-to-using-ffuf-74824770076b?source=rss------bug_bounty-5LearnTheShellbug-bounty, cybersecurity, fuzzing, hacking, linux30-Jun-2024
Bug Report from Product Testing https://hng.tech/https://medium.com/@teslimahsalahudeen/bug-report-from-product-testing-https-hng-tech-98e290fe3c0e?source=rss------bug_bounty-5CyberGoodness^product-testing, bug-bounty, security30-Jun-2024
XSS TEST CASE TASKhttps://medium.com/@avar.talha08/xss-test-case-task-7a4bfd5b223a?source=rss------bug_bounty-5Talha Acarbug-bounty-writeup, bug-bounty, php30-Jun-2024
Cisco Finesse Remote File Inclusion (CVE-2024–20405)https://0x3zzat.medium.com/cisco-finesse-remote-file-inclusion-cve-2024-20405-7947c3327e0c?source=rss------bug_bounty-5Abd El Rahman Ezzatcve, penetration-testing, bug-bounty, cve-2024-20405, cisco30-Jun-2024
Cisco Finesse Server Side Request Forgery (CVE-2024–20404)https://0x3zzat.medium.com/cisco-finesse-server-side-request-forgery-cve-2024-20404-5d74b449a4a2?source=rss------bug_bounty-5Abd El Rahman Ezzatcve-2024-20404, penetration-testing, cve, cisco, bug-bounty30-Jun-2024
18.2 Modifying Serialized Data Typeshttps://cyberw1ng.medium.com/18-2-modifying-serialized-data-types-726426fb3350?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, cybersecurity, bug-bounty, penetration-testing30-Jun-2024
XSS 101: XSS Nedir ?https://medium.com/@kormorphus/xss-101-xss-nedir-15b04f7e4269?source=rss------bug_bounty-5Kormorphusbug-bounty, cybersecurity, xss-attack30-Jun-2024
How to use Cheat Engine on Opera Gxhttps://medium.com/@MrRipperoni/how-to-use-cheat-engine-on-opera-gx-ea6b121f0301?source=rss------bug_bounty-5Mr.Ripperoniprogramming, bug-bounty, hacking, gamehacking, hacking-tools30-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-23)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-23-9f3497d279f1?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-program, bug-bounty29-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-22)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-22-8edd54306b83?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty-program, bug-bounty-hunter, bug-bounty-writeup, bug-bounty29-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-21)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-21-e008298773da?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-program29-Jun-2024
XSS TEST CASEhttps://medium.com/@aarda418/xss-test-case-6158aad30604?source=rss------bug_bounty-5Arda Aslanbug-bounty-tips, xss-vulnerability, bug-bounty29-Jun-2024
14.9 Lab: CSRF where token is tied to non-session cookiehttps://cyberw1ng.medium.com/14-9-lab-csrf-where-token-is-tied-to-non-session-cookie-926338db4ba7?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, hacking, cybersecurity, bug-bounty29-Jun-2024
Using AI to hunt for XSS.https://medium.com/@deadoverflow/using-ai-to-hunt-for-xss-e04ba8d32ba8?source=rss------bug_bounty-5Imad Husanoviccybersecurity, ethical-hacking, bug-bounty-tips, bug-bounty, hacking29-Jun-2024
XSS TEST CASEhttps://medium.com/@mehmetfarisacar/xss-test-case-199e0bec59a6?source=rss------bug_bounty-5Mehmet Faris Acarbug-bounty, xss-vulnerability, bug-bounty-tips29-Jun-2024
LEARNING PROCESS module from HTB بالعربيhttps://medium.com/@am3002297/learning-process-module-from-htb-%D8%A8%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A-37675b8144b0?source=rss------bug_bounty-530obdcybersecurity, bug-bounty29-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-19)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-19-7dfd1bd2d1ba?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-program28-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-18)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-18-5179747f60c3?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-program28-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-20)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-20-a60e30106e0c?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips28-Jun-2024
Race Condition Vulnerability to bypass email confirmationhttps://medium.com/@siratsami71/race-condition-vulnerability-to-bypass-email-confirmation-2af8d916fe61?source=rss------bug_bounty-5Sirat Sami (analyz3r)hacking, bug-bounty, cybersecurity28-Jun-2024
XSS Zafiyeti Hakkında:https://medium.com/@hhuseyinuyar17/xss-zafiyeti-hakk%C4%B1nda-98b5849d4700?source=rss------bug_bounty-5Hhuseyinuyarreflected-xss, xss-attack, dom-xss, stored-xss, bug-bounty28-Jun-2024
An Easy RACE CONDITION Bug That Made Me Famehttps://medium.com/@hashimamin/an-easy-race-condition-bug-that-made-me-fame-97d6921ae7f4?source=rss------bug_bounty-5Hashim Aminvulnerability, race-condition, infosec, bugbounty-writeup, bug-bounty28-Jun-2024
Why is programming so important in bug bounty?https://medium.com/@deadoverflow/why-is-programming-so-important-in-bug-bounty-b7d7889ae026?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, cybersecurity, programming, bug-bounty, hacking28-Jun-2024
HTML Injection — HTB labhttps://zhunter12.medium.com/html-injection-htb-lab-cd7bdcd8fd93?source=rss------bug_bounty-5Oscar Romerohtb-academy, htb, html-injection, cybersecurity, bug-bounty28-Jun-2024
14.8 Lab: CSRF where token is duplicated in cookiehttps://cyberw1ng.medium.com/14-8-lab-csrf-where-token-is-duplicated-in-cookie-d688fd0ac2ac?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, cybersecurity, bug-bounty, careers28-Jun-2024
0-click Account Takeover (ATO) via Google Authenticationhttps://medium.com/@elcapitano7x/0-click-account-takeover-ato-via-google-authentication-b63a01a80a03?source=rss------bug_bounty-5Elcapitanobug-bounty-tips, hackerone, bug-bounty-writeup, account-takeover, bug-bounty28-Jun-2024
[Bounty Weekend] Phone Verification Bypass With Business Logic Vulnerabilityhttps://medium.com/@rifqihz/bounty-weekend-phone-verification-bypass-with-business-logic-vulnerability-1b2844b93d5a?source=rss------bug_bounty-5Rifqi Hilmy Zhafranthackerone, writeup, bug-bounty28-Jun-2024
Writeup: Discovering and Exploiting XSS Vulnerabilities — My First Bug Hunting Rewardhttps://medium.com/@heyrm/writeup-discovering-and-exploiting-xss-vulnerabilities-my-first-bug-hunting-reward-0dfb0ebfd6aa?source=rss------bug_bounty-5heyrmbug-bounty-writeup, cybersecurity, bug-bounty, xss-attack, bug-hunting27-Jun-2024
Writeup: Menemukan dan Mengeksploitasi Kerentanan XSS — Reward Bug Hunting Pertamakuhttps://medium.com/@heyrm/writeup-menemukan-dan-mengeksploitasi-kerentanan-xss-reward-bug-hunting-pertamaku-cbf76c9eaf65?source=rss------bug_bounty-5heyrmxss-vulnerability, bug-bounty, cybersecurity, xss-attack, bug-hunting27-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-17)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-17-8d38292448cf?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty-program, bug-bounty-writeup, bug-bounty-tips, bug-bounty27-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-16)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-16-aacc2aab0f71?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty, bug-bounty-program, bug-bounty-hunter, bug-bounty-writeup27-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-15)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-15-2cd3a0188386?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, bug-bounty-writeup, bug-bounty-program, bug-bounty-tips, bug-bounty-hunter27-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-14)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-14-985969cf2f17?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-program, bug-bounty-tips27-Jun-2024
Hunting Bugs for RE Hunter 350https://vijetareigns.medium.com/hunting-bugs-for-re-hunter-350-81338c4ebf20?source=rss------bug_bounty-5the_unlucky_guybug-bounty, bug-bounty-tips, bug-bounty-writeup, bugbounty-writeup, cybersecurity27-Jun-2024
Malicious Document Analysis: Emotet Case Ihttps://medium.com/@brsdncr/malicious-document-analysis-emotet-case-i-4a5f1ca8c565?source=rss------bug_bounty-5Baris Dincercybersecurity, threat-intelligence, penetration-testing, bug-bounty, freedomofinternet27-Jun-2024
IDORs Never Disappoint Me— Hacking Into Online Bookings ($$$$)https://aravind07.medium.com/idors-never-disappoint-me-hacking-into-online-bookings-5b2f34e1af25?source=rss------bug_bounty-5Gnana Aravind Kcybersecurity, penetration-testing, infosec, hacking, bug-bounty27-Jun-2024
How I was able to steal cookies via stored XSShttps://medium.com/@xnum.1/how-i-was-able-to-steal-cookies-via-stored-xss-c7f172fe114c?source=rss------bug_bounty-5Ahmed Tarekstored-xss, xss-attack, bug-bounty, cookies, javascript27-Jun-2024
14.7 Lab: CSRF where token is not tied to user sessionhttps://cyberw1ng.medium.com/14-7-lab-csrf-where-token-is-not-tied-to-user-session-841faddd036a?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, bug-bounty, careers, hacking27-Jun-2024
XSS Test Cases Preperationhttps://medium.com/@NadirSensoy/xss-test-cases-preperation-566e34ff94fb?source=rss------bug_bounty-5Nadir Sensoybug-bounty-tips, bug-bounty, xss-vulnerability27-Jun-2024
Front End y Back End: Lab HTB Exposición de Datos Sensibleshttps://zhunter12.medium.com/front-end-y-back-end-lab-htb-exposici%C3%B3n-de-datos-sensibles-a21431c08d9d?source=rss------bug_bounty-5Oscar Romerocybersecurity, frontend, sensitive-data-exposure, htb-academy, bug-bounty27-Jun-2024
How I was able to steal cookies via stored XSShttps://medium.com/@0x_xnum/how-i-was-able-to-steal-cookies-via-stored-xss-c7f172fe114c?source=rss------bug_bounty-5Ahmed Tarekstored-xss, xss-attack, bug-bounty, cookies, javascript27-Jun-2024
How long did it take me to find my first bug?https://medium.com/@deadoverflow/how-long-did-it-take-me-to-find-my-first-bug-969699fa9080?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, hacking, cybersecurity, bug-bounty, programming27-Jun-2024
ICMTC CTF 2024 (Web Exploitation)https://0x0anas.medium.com/icmtc-ctf-2024-web-exploitation-57998a15107b?source=rss------bug_bounty-5Anas Ibrahimctf, icmtc-ctf, pentesting, bug-bounty27-Jun-2024
IDORs Never Disappoint Me — Hacking Into Online Bookings ($$$$)https://aravind07.medium.com/idors-never-disappoint-me-hacking-into-online-bookings-5b2f34e1af25?source=rss------bug_bounty-5Gnana Aravind Kcybersecurity, penetration-testing, infosec, hacking, bug-bounty27-Jun-2024
Checklist for Forgot Password functionalityhttps://infosecwriteups.com/checklist-for-forgot-password-functionality-3f61c34a15eb?source=rss------bug_bounty-5Suprajabaskaranpenetration-testing, passwords, bug-bounty, bug-bounty-tips, pentesting26-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-13)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-13-b7bc7fa2123b?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty-program, bug-bounty, bug-bounty-tips, bug-bounty-writeup26-Jun-2024
Basic Cyber Security Course First Dayhttps://mrunknown124154.medium.com/basic-cyber-security-course-first-day-c6ad0cb7d907?source=rss------bug_bounty-5Mr Abdullahcyber-security-awareness, ethical-hacking, bug-bounty, cybersecurity26-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-12)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-12-4b892dc13d9f?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty-program, bug-bounty-tips, bug-bounty-writeup, bug-bounty26-Jun-2024
XSS: Demonstrating Impact Without Credentialshttps://infosecwriteups.com/xss-demonstrating-impact-without-credentials-db7fff38792a?source=rss------bug_bounty-5Shlok Kxss-attack, vulnerability, infosec, bug-bounty, cross-site-scripting26-Jun-2024
Penetration Testing with Termux: A Newbie’s Success Storyhttps://medium.com/@yp400215/penetration-testing-with-termux-a-newbies-success-story-649e3393a311?source=rss------bug_bounty-5Yash Pawarbug-bounty, penetration-testing, idor-vulnerability26-Jun-2024
Come backhttps://medium.com/@anonymous19999/come-back-802e211927f6?source=rss------bug_bounty-5Anonymouslife, love, bug-bounty, comeback26-Jun-2024
Learn Android Penetration Testing Skill with This Vulnerable APKhttps://medium.com/@phyowathone/learn-android-penetration-testing-skill-with-this-vulnerable-apk-94d9300a11c4?source=rss------bug_bounty-5Phyo WaThone Winandroid-pentesting, android-security, application-security, android-bug-bounty, bug-bounty26-Jun-2024
How I found XSS and open redirect in Kamiapp.com accidentallyhttps://medium.com/@alimuhammadsecured/how-i-found-xss-and-open-redirect-in-kamiapp-com-accidentally-364ef7db939d?source=rss------bug_bounty-5Alimuhammadsecuredxss-attack, cybersecurity, hacking, bug-bounty26-Jun-2024
Complex Attack Types: Sample Scenarios 26https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-26-9b05b2b26815?source=rss------bug_bounty-5Baris Dincerbug-bounty, penetration-testing, freedomofinternet, cybersecurity, information-security26-Jun-2024
Unveiling the Secrets of Server-Side Template Injection (SSTI) in Flask and Jinja2https://medium.com/@baraiprince0111/unveiling-the-secrets-of-server-side-template-injection-ssti-in-flask-and-jinja2-25c57ab3199f?source=rss------bug_bounty-5Baraiprincectf, hacking, cybersecurity, trends, bug-bounty26-Jun-2024
Unveiling OAuth Vulnerabilities: Exploring Account Access Without Email Verificationhttps://medium.com/@sulmanfarooq531/unveiling-oauth-vulnerabilities-exploring-account-access-without-email-verification-d36762361df7?source=rss------bug_bounty-5Sulman Farooq Sbug-bounty, cybersecurity, oauth, hacking, oauth226-Jun-2024
How i’ve found : ( IDOR + XSS ) = all USERS account takeover 🙂 ?https://medium.com/@zack0x01_/how-ive-found-idor-xss-all-users-account-takeover-a49d59cf5108?source=rss------bug_bounty-5zack0x01bugbounty-tips, bug-bounty, bugbounty-poc, hacking, bugbounty-writeup26-Jun-2024
VRP [IDOR] Menghapus dan Melihat Data Korbanhttps://medium.com/@anvilleofficial/vrp-idor-menghapus-dan-melihat-data-korban-a9e1f8978798?source=rss------bug_bounty-5barridor, bug-bounty26-Jun-2024
How I compromised 1500 accounts/month with no technical skillhttps://theclemvp.medium.com/how-i-compromised-1500-accounts-month-with-no-technical-skill-6a83ecd5c8eb?source=rss------bug_bounty-5Clémentcybersecurity, pentesting, penetration-testing, hacking, bug-bounty26-Jun-2024
14.6 Lab: CSRF Vulnerability where token validation depends on request methodhttps://cyberw1ng.medium.com/14-6-lab-csrf-vulnerability-where-token-validation-depends-on-request-method-78f2a2c33173?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity26-Jun-2024
OTP Bypass through Response Manipulationhttps://medium.com/@xnum.1/otp-bypass-through-response-manipulation-905bc70e5ff4?source=rss------bug_bounty-5Ahmed Tarekauthentication-bypass, authentication, bug-bounty, otp-verification, otp-bypass26-Jun-2024
Explotando Vulnerabilidades de Validación de Entrada en un Workflow de Compras — Web Sec Academyhttps://zhunter12.medium.com/explotando-vulnerabilidades-de-validaci%C3%B3n-de-entrada-en-un-workflow-de-compras-web-sec-academy-a1e3265c46b8?source=rss------bug_bounty-5Oscar Romerociberseguridad, portswigger-lab, bug-bounty, business-logic-flaw, burpsuite26-Jun-2024
Understanding Web Security Concepts: A Comprehensive Guidehttps://medium.com/@cybe3king/understanding-web-security-concepts-a-comprehensive-guide-61ced70c3337?source=rss------bug_bounty-5Cybe3kingbug-bounty, cybersecurity, penetration-testing, web-security, ethical-hacking26-Jun-2024
Securing Your Home Network: Final Stepshttps://medium.com/@jessemridley/securing-your-home-network-final-steps-676b1d7c3787?source=rss------bug_bounty-5Jesse Ridleybug-bounty, network-security, hackathons, freelancing, cybersecurity25-Jun-2024
13.31 Lab: Exploiting XSS to perform CSRFhttps://cyberw1ng.medium.com/13-31-lab-exploiting-xss-to-perform-csrf-0fffd6243312?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, bug-bounty, hacking, cybersecurity25-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-10)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-10-466f0806866b?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, bug-bounty-writeup, bug-bounty-program, bug-bounty-tips, bug-bounty-hunter25-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-9)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-9-f76dc4218c1c?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty, bug-bounty-program, bug-bounty-writeup, bug-bounty-tips25-Jun-2024
#3. Bug Bounty Series: OTP Verification Bypasshttps://cyb3rmind.medium.com/3-bug-bounty-series-otp-verification-bypass-468526b76720?source=rss------bug_bounty-5Cyb3r M!ndsbug-bounty, otp-bypass, hacking, bug-bounty-tips, pentesting25-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-11)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-11-f5009818fb39?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty, bug-bounty-start-up, bug-bounty-tips, bug-bounty-hunting25-Jun-2024
The Role of Ethical Hackers in Web3 Securityhttps://securrtech.medium.com/the-role-of-ethical-hackers-in-web3-security-e858b516b43d?source=rss------bug_bounty-5Securrblockchain, bug-bounty, web3bugbounty, web3-security, web325-Jun-2024
“Onerror” Ne Demek ?https://medium.com/@beratkolay37/onerror-ne-demek-bb751f8e6a1b?source=rss------bug_bounty-5Berat K.kali-linux, html, bug-bounty, onerror, javascript25-Jun-2024
#3. Bug Bounty Series: OTP Verification bypass leads to unauthorized booking appointmenthttps://cyb3rmind.medium.com/3-bug-bounty-series-otp-verification-bypass-468526b76720?source=rss------bug_bounty-5Cyb3r M!ndsbug-bounty, otp-bypass, hacking, bug-bounty-tips, pentesting25-Jun-2024
ZDay Olarak Bulduğum PostMessage XSS Zafiyetinin Analizihttps://grolar.medium.com/zday-olarak-buldu%C4%9Fum-postmessage-xss-zafiyetinin-analizi-4c81471e32e5?source=rss------bug_bounty-5Grolarbug-bounty-writeup, dom-xss, bug-bounty, xss-vulnerability, web-security25-Jun-2024
Testing SolarWinds Serv-U Path Directory Transversal Vulnerability (CVE-2024–28995)https://noorhomaid.medium.com/testing-solarwinds-serv-u-path-directory-transversal-vulnerability-cve-2024-28995-d80e60d31a8d?source=rss------bug_bounty-5NoorHomaidcybersecurity, cve, penetration-testing, bug-bounty, solarwinds-hack25-Jun-2024
The one where I owned a customer service platformhttps://medium.com/@un1tycyb3r/the-one-where-i-owned-a-customer-service-platform-2fd4cff11b28?source=rss------bug_bounty-5Un1tycyb3rbug-bounty25-Jun-2024
Find Sensitive Data’s using via network analysis make me 250$https://medium.com/@test123cybertest/find-sensitive-datas-using-via-network-analysis-make-me-250-a0b23b0cb03b?source=rss------bug_bounty-5praveenarsh0xx0pentesting, bug-bounty, cybersecurity, bug-bounty-tips25-Jun-2024
How I Found a Vulnerability in Paytm and Received a Bountyhttps://mufazmi.medium.com/how-i-found-a-vulnerability-in-paytm-and-received-a-bounty-d580ea14e9a8?source=rss------bug_bounty-5Umair Farooqui ✪paytm-bug-bounty, mufazmi, bug-bounty, umair-farooqui, paytm-bug25-Jun-2024
Hackathon CTF VulnHub | Writeup | Walkthroughhttps://shamsulmehmood.medium.com/hackathon-ctf-vulnhub-writeup-walkthrough-aa36adedc49e?source=rss------bug_bounty-5SHAMS UL MEHMOODvulnerability, cybersecurity, ai, hacker, bug-bounty25-Jun-2024
My First Bug Hunting Experience: A Journey from Disappointment to Successhttps://b0mk35h.medium.com/my-first-bug-hunting-experience-a-journey-from-disappointment-to-success-ae92c222a0d0?source=rss------bug_bounty-5Pronay Biswasbug-bounty, ethical-hacking, cybersecurity, web-security, cyberattack24-Jun-2024
Unseen Dangers: How Cloud Misconfigurations Could Be Your Company’s Biggest Threathttps://medium.com/@paritoshblogs/unseen-dangers-how-cloud-misconfigurations-could-be-your-companys-biggest-threat-c1ed86b10093?source=rss------bug_bounty-5Paritoshcloud-computing, cybersecurity, hacking, bug-bounty, cloud24-Jun-2024
Roadmap to Becoming a Professional Penetration Tester with Estimated Learning Timehttps://medium.com/@cuncis/roadmap-to-becoming-a-professional-penetration-tester-with-estimated-learning-time-d352bdd43fbe?source=rss------bug_bounty-5Cunciscybersecurity, penetration-test, bug-bounty, penetration-testing, hacker24-Jun-2024
Understanding Cybersecurity: Exploits, CVEs, and Morehttps://systemweakness.com/understanding-cybersecurity-exploits-cves-and-more-59b41bf679dc?source=rss------bug_bounty-5Khaleel Khancybersecurity, bug-bounty, hacking, infosec, ethical-hacking24-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-6)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-6-2ad674553fa0?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-writeup, bug-bounty-tips, bug-bounty, bug-bounty-program, bug-bounty-hunter24-Jun-2024
CVE Seeker — Unveiling Cyber Threats: From Assets to Vulnerability Insightshttps://anmolksachan.medium.com/cve-seeker-unveiling-cyber-threats-from-assets-to-vulnerability-insights-b4b485a7aefb?source=rss------bug_bounty-5Anmol K Sachanrecon, shodan, asm, bug-bounty, attack-surface-management24-Jun-2024
13.30 Lab: Exploiting cross-site scripting to capture passwordshttps://cyberw1ng.medium.com/13-30-lab-exploiting-cross-site-scripting-to-capture-passwords-bd3714035b4a?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, penetration-testing, careers, cybersecurity24-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-8)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-8-3d5a833a4842?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty, bug-bounty-program, bug-bounty-hunter, bug-bounty-writeup24-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-7)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-7-6a8786ecb6f4?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup24-Jun-2024
OTP Bypass through Session Manipulationhttps://medium.com/@n4if/otp-bypass-through-session-manipulation-d73deceaa42f?source=rss------bug_bounty-50xNAiFpenetration-testing, bug-bounty, computer-science, cybersecurity24-Jun-2024
Insecure Direct Object Reference (IDOR) Walkthrough — VulnLab by Yavuzlarhttps://medium.com/@muhammadriva/insecure-direct-object-reference-idor-walkthrough-vulnlab-by-yavuzlar-3d16ce3f5345?source=rss------bug_bounty-5Muhammad Riva Fanzury Scybersecurity, bug-bounty, ethical-hacking, penetration-testing, idor-vulnerability24-Jun-2024
Cross Site Scripting (XSS) Walkthrough — VulnLab XSS by Yavuzlarhttps://medium.com/@muhammadriva/cross-site-scripting-xss-walkthrough-vulnlab-xss-by-yavuzlar-149d14ab2d6b?source=rss------bug_bounty-5Muhammad Riva Fanzury Scross-site-scripting, bug-bounty, cybersecurity, penetration-testing, ethical-hacking24-Jun-2024
OAuth CSRF: Exploiting the Authorization Code Flow for Account Takeoverhttps://medium.com/@cyberpro151/oauth-csrf-exploiting-the-authorization-code-flow-for-account-takeover-f67cee914d39?source=rss------bug_bounty-5cyberpro151web-security, account-takeover, bug-bounty, appsec, hacking24-Jun-2024
Bypassing Reset Password ATO (Account takeover) through JavaScript Breakpointshttps://medium.com/@asaad0x/bypassing-reset-password-ato-account-takeover-through-javascript-breakpoints-e71187ad7171?source=rss------bug_bounty-5Ahmad Asaadaccount-takeover, bug-bounty, penetration-testing, cybersecurity, infosec24-Jun-2024
Poodle Haney Bug Bountyhttps://medium.com/@haneypoodle/poodle-haney-bug-bounty-1b0a10a03689?source=rss------bug_bounty-5Poodle Haneymemecoins, haney, bug-bounty, poodle-haney24-Jun-2024
Tutorial Install Burpsuite Beginnerhttps://medium.com/@muhammadriva/tutorial-install-burpsuite-beginner-927375c22f94?source=rss------bug_bounty-5Muhammad Riva Fanzury Sbug-bounty, penetration-testing, cybersecurity, junior-pentester, burpsuite24-Jun-2024
Unrestricted File Upload Walkthrough — VulnLab by Yavuzlarhttps://medium.com/@muhammadriva/unrestricted-file-upload-walkthrough-vulnlab-by-yavuzlar-76854ebafe84?source=rss------bug_bounty-5Muhammad Riva Fanzury Spenetration-testing, bug-bounty, remote-code-execution, cybersecurity, backdoor24-Jun-2024
Bypassing Reset Password ATO (Account takeover) through JavaScript Breakpointshttps://read.martiandefense.llc/bypassing-reset-password-ato-account-takeover-through-javascript-breakpoints-e71187ad7171?source=rss------bug_bounty-5Ahmad Asaadaccount-takeover, bug-bounty, penetration-testing, cybersecurity, infosec24-Jun-2024
Next.js and cache poisoning: a quest for the black holehttps://medium.com/@zhero_/next-js-and-cache-poisoning-a-quest-for-the-black-hole-1ae634170a1e?source=rss------bug_bounty-5Rachid.Ahacking, bug-bounty, nextjs, web-security, javascript24-Jun-2024
Bug Bounty Programs: How Outsourcing Can Help Your Project — Sinhala Translationhttps://medium.com/@integriteesrilanka/bug-bounty-programs-how-outsourcing-can-help-your-project-sinhala-translation-0a40a97e58c7?source=rss------bug_bounty-5Integritee Sri Lankabug-bounty, immunefi, blockchain24-Jun-2024
OTP Bypass through Session Manipulationhttps://medium.com/@n4if/otp-bypass-through-session-manipulation-d73deceaa42f?source=rss------bug_bounty-50xn4ifpenetration-testing, bug-bounty, computer-science, cybersecurity24-Jun-2024
How i got easy multiple RXSShttps://medium.com/@0xmekky/how-i-got-easy-multiple-rxss-dd3a6bc521dd?source=rss------bug_bounty-5abdelrahem mekkyxss-attack, penetration-testing, reflected-xss, web-app-security, bug-bounty23-Jun-2024
Complex Attack Types: Sample Scenarios 23https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-23-c0079166f4d9?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, threat-intelligence, cybersecurity, penetration-testing, bug-bounty23-Jun-2024
13.29 Exploiting cross-site scripting to steal cookieshttps://cyberw1ng.medium.com/13-29-exploiting-cross-site-scripting-to-steal-cookies-21c7d5851ea3?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, penetration-testing, cybersecurity, bug-bounty23-Jun-2024
Duplicate P1 in public programhttps://medium.com/@mohamed.yasser442200/duplicate-p1-in-public-program-aa9ade8f61c3?source=rss------bug_bounty-5Spider4pentesting, bug-bounty-tips, authentication, hacking, bug-bounty23-Jun-2024
New 100$ Bug in My Methodology!https://medium.com/@rewmcode/new-100-bug-in-my-methodology-60d99f0dafe2?source=rss------bug_bounty-5Ali Rembug-bounty-tips, hacking, hacker, bug-bounty23-Jun-2024
Chaining bugs for Account Takeoverhttps://medium.com/@hbenja47/chaining-bugs-for-account-takeover-0b90a2d952af?source=rss------bug_bounty-5Benja (bronxi)hacking, bug-bounty23-Jun-2024
Guide to Using httpxhttps://medium.com/@learntheshell/guide-to-using-httpx-a542cbdc4ed4?source=rss------bug_bounty-5LearnTheShellcybersecurity, httpx, bug-bounty, linux, hacking22-Jun-2024
The Ultimate Shodan Search Guide for Cybersecurity Analystshttps://systemweakness.com/the-ultimate-shodan-search-guide-for-cybersecurity-analysts-283f17f56182?source=rss------bug_bounty-5Khaleel Khanhacking, cybersecurity, infosec, bug-bounty, cheatsheet22-Jun-2024
How I Found a Simple IDOR Bug That Exposed Sensitive Datahttps://medium.com/@dra0x0/how-i-found-a-simple-idor-bug-that-exposed-sensitive-data-36e6e9b508db?source=rss------bug_bounty-5dra0x0application-security, ethical-hacking, cybersecurity, software-testing, bug-bounty22-Jun-2024
How I found a .env file and can access the whole server of mysqlhttps://medium.com/@jeetpal2007/how-i-found-a-env-file-and-can-access-the-whole-server-of-mysql-a21af69cbd12?source=rss------bug_bounty-5JEETPALbug-bounty-tips, bug-bounty, cybersecurity, bugbounty-writeup, env-file22-Jun-2024
Practical Threat Hunting Using Known IOC IPshttps://medium.com/@paritoshblogs/practical-threat-hunting-using-known-ioc-ips-26a4eab0b616?source=rss------bug_bounty-5Paritoshcybersecurity, incident-response, bug-bounty, ransomware, threat-hunting22-Jun-2024
CVE-2024–28999 SolarWinds Race Conditionhttps://medium.com/@0xSphinx/cve-2024-28999-solarwinds-race-condition-62e175339b46?source=rss------bug_bounty-50xSphinxcybersecurity, bug-bounty, hacking, cyber-security-awareness, security22-Jun-2024
13.28 Lab: Reflected XSS into a template literal with angle brackets, single, double quotes…https://cyberw1ng.medium.com/13-28-lab-reflected-xss-into-a-template-literal-with-angle-brackets-single-double-quotes-45602869f45f?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, penetration-testing, cybersecurity22-Jun-2024
Found Bugs, Got paid, Stayed poor: Making a Living with Bug Bountieshttps://slava-moskvin.medium.com/found-bugs-got-paid-stayed-poor-making-a-living-with-bug-bounties-04ba1fbbab73?source=rss------bug_bounty-5Path Cybersec [Slava Moskvin]pentesting, reverse-engineering, cybersecurity, bug-bounty, offensive-security22-Jun-2024
Update on DNS problem with Lubuntu 24.04https://ariedwikusuma9.medium.com/update-on-dns-problem-with-lubuntu-24-04-5c48a903026f?source=rss------bug_bounty-5Ariekusumalinux, lubuntu, ubuntu, wireguard, bug-bounty21-Jun-2024
Bypassing iCloud Web Access Restrictionhttps://ltsirkov.medium.com/bypassing-icloud-web-access-restriction-30cdf12b979c?source=rss------bug_bounty-5Lyubomir Tsirkovbug-bounty, bug-bounty-tips, bugbounty-writeup, cybersecurity21-Jun-2024
How I Found 3 Bugs in a Single Dayhttps://medium.com/@dsmodi484/how-i-found-3-bugs-in-a-single-day-a690e2abd4fb?source=rss------bug_bounty-5Dishant Modioffensive-security, vapt, idor, bugs, bug-bounty21-Jun-2024
Dork Like a Pro: Exploiting Google for Bug Bounty Winshttps://medium.com/@RaunakGupta1922/dork-like-a-pro-exploiting-google-for-bug-bounty-wins-fd2612d7fde3?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitgoogle-dork, bug-bounty, vulnerability, hacking, cyber-security-awareness21-Jun-2024
Complex Attack Types: Sample Scenarios 22https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-22-f720da3d9dc3?source=rss------bug_bounty-5Baris Dincerinformation-technology, penetration-testing, bug-bounty, cybersecurity, freedomofinternet21-Jun-2024
Broken Access Control on an E-commerce website allows attackers to lengthen trial planhttps://medium.com/@p00dl3/broken-access-control-on-an-e-commerce-website-allows-attackers-to-lengthen-trial-plan-e59f5976bca3?source=rss------bug_bounty-5p00dl3cybersecurity, bug-bounty21-Jun-2024
Say Goodbye to Pesky Bugs: Top Bug Zappers for Perfect Family Gatheringshttps://medium.com/@seng4k2/say-goodbye-to-pesky-bugs-top-bug-zappers-for-perfect-family-gatherings-b23f405ac0c5?source=rss------bug_bounty-5Kear Sengmosquito, insects, bugs, bug-bounty, pest-control21-Jun-2024
13.27 Lab: Reflected XSS into a JavaScript string with a single quote and backslash-escapedhttps://cyberw1ng.medium.com/13-27-lab-reflected-xss-into-a-javascript-string-with-a-single-quote-and-backslash-escaped-2fbc757feb1a?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, bug-bounty, careers, cybersecurity21-Jun-2024
Exploring Web Infrastructure: Tools and Techniques for Effective Reconhttps://medium.com/@Kaizen2977/exploring-web-infrastructure-tools-and-techniques-for-effective-recon-11907b7ec938?source=rss------bug_bounty-5kapil Chotaliabug-bounty, penetration-testing, dns, email, cybersecurity21-Jun-2024
Quick & Easy $100 Bug That You Can Find In 5 minuteshttps://levelup.gitconnected.com/quick-easy-100-bug-that-you-can-find-in-5-minutes-aeb4b16745d9?source=rss------bug_bounty-5Hamza Avvanethical-hacking, bug-bounty, cybersecurity, earn-money-online, api21-Jun-2024
Best Practices for Securing Your Decentralized Applicationhttps://securrtech.medium.com/best-practices-for-securing-your-decentralized-application-d049a9ec547d?source=rss------bug_bounty-5Securrblockchain, web3, security, securr, bug-bounty21-Jun-2024
Everything About EC-Council CEHhttps://medium.com/@mazharshadab292/everything-about-ec-council-ceh-fb47b0392104?source=rss------bug_bounty-5Shadab Mazharhacking, social-media, computer-science, cybersecurity, bug-bounty21-Jun-2024
If youre looking for thorough and professional penetration testing services, youve come to the…https://medium.com/@kafim3137/if-youre-looking-for-thorough-and-professional-penetration-testing-services-youve-come-to-the-ea3d1129b61f?source=rss------bug_bounty-5Farhadbug-bounty, penetration-test, vulnerability, vulnerability-assessment, penetration-testing21-Jun-2024
Part 1- Everything You Need to Know About Browser Security Policies — SOP, CORS.https://medium.com/@vikramroot/part-1-everything-you-need-to-know-about-browser-security-policies-sop-cors-3eb025fd3ab8?source=rss------bug_bounty-5vikram naidubugbounty-writeup, penetration-testing, application-security, cybersecurity, bug-bounty21-Jun-2024
Part 2- Everything You Need to Know About Browser Security Policies — CSP, Cookie Attributes, etc.https://medium.com/@vikramroot/part-2-everything-you-need-to-know-about-browser-security-policies-csp-cookie-attributes-etc-3ea98f737b3a?source=rss------bug_bounty-5vikram naidupenetration-testing, bug-bounty, product-security, cybersecurity, application-security21-Jun-2024
Microsoft Subdomain XSS Report — Publishedhttps://ibrahimxss.medium.com/microsoft-subdomain-xss-report-published-3e4f54eea93c?source=rss------bug_bounty-5#IbrahimXSSxss-attack, xss-bypass, bug-bounty, microsoft, xss-vulnerability21-Jun-2024
Discovering an XSS Vulnerability on Vue.js 2.6.10 WebApphttps://ibrahimxss.medium.com/discovering-an-xss-vulnerability-on-vue-js-2-6-10-webapp-e6c0cc88e840?source=rss------bug_bounty-5#IbrahimXSSxss-attack, bug-bounty, xss-bypass, hacking, xss-vulnerability21-Jun-2024
Being Better at Burphttps://medium.com/@fat_zombi/being-better-at-burp-b9585186aa08?source=rss------bug_bounty-5Fatzombiappsec, bug-bounty, proxy, burpsuite20-Jun-2024
OWASP Top 10 SQL Injection Vulnerabilityhttps://medium.com/@Joshua_sk/owasp-top-10-sql-injection-vulnerability-97168af8978e?source=rss------bug_bounty-5Joshua_skvulnerability, web-hacking, bug-bounty, sql-injection, owasp-top-1020-Jun-2024
Kraken Crypto Exchange Hit by $3 Million Theft Exploiting Zero-Day Flawhttps://medium.com/@malikijlal/kraken-crypto-exchange-hit-by-3-million-theft-exploiting-zero-day-flaw-6f218c3aef57?source=rss------bug_bounty-5Malik Ijlalbug-bounty, cryptocurrency, cybersecurity, hacking, kraken20-Jun-2024
Getting Into Cybersecurity: A Roadmaphttps://medium.com/@majix_de/getting-into-cybersecurity-a71cde8a57b3?source=rss------bug_bounty-5Majixcybersecurity-tips, bug-bounty, infoseccareer, ethical-hacking, hack-to-learn20-Jun-2024
Untold story of Zomato XSShttps://medium.com/@info_4040/untold-story-of-zomato-xss-148c91d2faec?source=rss------bug_bounty-5Bug Detector'sxss-vulnerability, bug-bounty, bug-bounty-tips, penetration-testing, xss-attack20-Jun-2024
TryHackMe SQLMap Roomhttps://medium.com/@Joshua_sk/tryhackme-sqlmap-room-06fd30f8a0b1?source=rss------bug_bounty-5Joshua_sktryhackme, cybersecurity, sqlmap, bug-bounty, sql-injection20-Jun-2024
Kraken Faces Extortion Attempt After $3M Bug Exploithttps://medium.com/@whalecrypto/kraken-faces-extortion-attempt-after-3m-bug-exploit-f086f479a4f1?source=rss------bug_bounty-5Crypto Whale Mediumkraken, crypto-hack, blockchain-security, cryptoextortion, bug-bounty20-Jun-2024
Complex Attack Types: Sample Scenarios 21https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-21-e65a13b96002?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, threat-intelligence, bug-bounty, penetration-testing, cybersecurity20-Jun-2024
OAuth Misconfiguration: Preemptive Account Registration Exploitationhttps://mmnahian.medium.com/oauth-misconfiguration-preemptive-account-registration-exploitation-407be50d6037?source=rss------bug_bounty-5mmnahianbug-bounty, information-security, bug-bounty-tips, sso, oauth20-Jun-2024
What is prototype pollution?https://cyberw1ng.medium.com/what-is-prototype-pollution-76694f0db76a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing20-Jun-2024
Very damn vulnerable government site 2.0https://medium.com/@bl4cksku11/very-damn-vulnerable-government-site-2-0-cf9535cbdb4e?source=rss------bug_bounty-5Bl4cksku11vulnerability, bug-bounty, research, hacking, red-team20-Jun-2024
IF YOU DON.T HAVE money, SELL YOUR CROSS SITE SCRIPTINGhttps://medium.com/@1daytosee/if-you-don-t-have-money-sell-your-cross-site-scripting-dc4b6bdd046f?source=rss------bug_bounty-51day2seexss-attack, bug-bounty, pentesting, selling, hacking20-Jun-2024
Inside the Kraken $3M Hack: What Happened?https://medium.com/@cryptopiannews/inside-the-kraken-3m-hack-what-happened-4a0af98c498e?source=rss------bug_bounty-5Cryptopiannewsbug-bounty, kraken, kraken-3m-hack, cryptopiannews, crypto-hack20-Jun-2024
How Static Analysis Uncovers Hidden Malware Threats !https://medium.com/@paritoshblogs/how-static-analysis-uncovers-hidden-malware-threats-7c62d132f7f8?source=rss------bug_bounty-5Paritoshcybersecurity, malware, bug-bounty, static-malware-analysis, hacking19-Jun-2024
Analyzing a Major Web3 Vulnerability and Its Resolutionhttps://securrtech.medium.com/analyzing-a-major-web3-vulnerability-and-its-resolution-69955d55a0f6?source=rss------bug_bounty-5Securrblockchain, bug-bounty, web3, security, securr19-Jun-2024
29.9 Lab: Remote code execution via server-side prototype pollutionhttps://cyberw1ng.medium.com/29-9-lab-remote-code-execution-via-server-side-prototype-pollution-d5c98bfe3e73?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, cybersecurity, penetration-testing19-Jun-2024
Code Execution Vulnerability in Behave: A Deep Divehttps://medium.com/@piyushbhor22/code-execution-vulnerability-in-behave-a-deep-dive-b8c7431a71f9?source=rss------bug_bounty-5Pisecurity-research, bug-bounty, code-review, cybersecurity, vulnerability-research19-Jun-2024
Mastering Bug Bounty: Tips and Strategies for Successhttps://medium.com/@whitehatcyber404/mastering-bug-bounty-tips-and-strategies-for-success-df27b24f2009?source=rss------bug_bounty-5Cyber_catzbug-bounty-writeup, bugbounty-writeup, bug-bounty-tips, bug-bounty, bugbounty-tips19-Jun-2024
Complex Attack Types: Sample Scenarios 19https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-19-2a39b7806616?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, cybersecurity, bug-bounty, information-technology, penetration-testing19-Jun-2024
The Best Resources for Cybersecurity Pros and Bug Bounty Huntershttps://medium.com/@turvsec/the-best-resources-for-cybersecurity-pros-and-bug-bounty-hunters-f674c2abebb2?source=rss------bug_bounty-5TurvSecpentesting, infosec, bug-bounty, cybersecurity19-Jun-2024
Unlocking the Future of Web Security with the #IBRAHIMXSS Toolhttps://ibrahimxss.medium.com/unlocking-the-future-of-web-security-with-the-ibrahimxss-tool-a33843cdc259?source=rss------bug_bounty-5#IbrahimXSSxss-vulnerability, bug-bounty, xss-attack, hacking, xss-bypass19-Jun-2024
A Place for Cybersecurity and Bug Bounty Content Creators to Shinehttps://medium.com/@turvsec/a-place-for-cybersecurity-and-bug-bounty-content-creators-to-shine-fa0096ce2559?source=rss------bug_bounty-5TurvSecbug-bounty, cybersecurity, infosec19-Jun-2024
Complex Attack Types: Sample Scenarios 20https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-20-f2f9e8f6725e?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, cybersecurity, penetration-testing, bug-bounty, information-technology19-Jun-2024
Mastering Bug Bounty: Tips and Strategies for Successhttps://medium.com/@cyber_catz/mastering-bug-bounty-tips-and-strategies-for-success-df27b24f2009?source=rss------bug_bounty-5cyber_catzbug-bounty-writeup, bugbounty-writeup, bug-bounty-tips, bug-bounty, bugbounty-tips19-Jun-2024
Web App Sec RECON — Black Box Foundations and TTPshttps://medium.com/@meshcode/web-app-sec-recon-black-box-foundations-and-ttps-4bf095b7c004?source=rss------bug_bounty-5Mateusz (meshcode)recon, stealth, web-app-security, infosec, bug-bounty19-Jun-2024
IDOR on HackerOne Embedded Submission Formhttps://medium.com/pinoywhitehat/idor-on-hackerone-embedded-submission-form-9e59c6f044b3?source=rss------bug_bounty-5Japz Divinohacking, pinoywhitehat, infosec, bug-bounty19-Jun-2024
Kraken’s $3 Million Bug Bounty Breach: Ethical Dilemmas and Security Challengeshttps://medium.com/@MiamiCryptoCom/krakens-3-million-bug-bounty-breach-ethical-dilemmas-and-security-challenges-cc459b015fd8?source=rss------bug_bounty-5Miami Cryptocryptocurrency-security, kraken, ethical-hacking, bug-bounty19-Jun-2024
Web App Sec RECON — Black Box Foundations and TTPshttps://medium.com/cyberpower-telenoia/web-app-sec-recon-black-box-foundations-and-ttps-4bf095b7c004?source=rss------bug_bounty-5Mateusz (meshcode)recon, stealth, web-app-security, infosec, bug-bounty19-Jun-2024
Web App Sec RECON — Black Box Foundations and TTPshttps://medium.com/cyberpower-telenoia/web-app-sec-recon-black-box-foundations-and-ttps-4bf095b7c004?source=rss------bug_bounty-5Matty K.recon, stealth, web-app-security, infosec, bug-bounty19-Jun-2024
Unmasking the Invisible Threat: The Ultimate Guide to Malware Analysishttps://medium.com/@paritoshblogs/unmasking-the-invisible-threat-the-ultimate-guide-to-malware-analysis-d287c4d74e7d?source=rss------bug_bounty-5Paritoshmalware-analysis, cybersecurity, information-technology, malware, bug-bounty18-Jun-2024
A Comprehensive Guide to Android App Pentesting for Bug Bounty Hunterhttps://medium.com/@pankajkryadav1/a-comprehensive-guide-to-android-app-pentesting-for-bug-bounty-hunter-ada51e521814?source=rss------bug_bounty-5Pankaj kr Yadavmethodology, bug-bounty, android-pentesting, bug-bounty-tips18-Jun-2024
Exploring the DAO Hack: Lessons Learned for Web3 Securityhttps://securrtech.medium.com/exploring-the-dao-hack-lessons-learned-for-web3-security-08d23984af79?source=rss------bug_bounty-5Securrdao, securr, web3, bug-bounty, web3-security18-Jun-2024
Subdomains Enumeration: Tools, Techniques, and Tipshttps://medium.com/@Kaizen2977/subdomains-enumeration-tools-techniques-and-tips-4d43ea31dc0f?source=rss------bug_bounty-5kapil Chotaliainfosec, penetration-testing, bug-bounty, subdomain, enumeration18-Jun-2024
Intentions HackTheBox Walkthroughhttps://d3athcod3.medium.com/intentions-hackthebox-walkthrough-ad2eb053e224?source=rss------bug_bounty-5D3athCod3cybersecurity, ethical-hacking, development, bug-bounty, hackthebox18-Jun-2024
How I got started in Cyber Security | Getting my first job and How you can too..https://captain-pool.medium.com/how-i-got-started-in-cyber-security-getting-my-first-job-and-how-you-can-too-dc52da614d6d?source=rss------bug_bounty-5Captain Poolweb-app-security, hackthebox, cybersecurity, bug-bounty, hacking18-Jun-2024
Server Access: Admin Panel and RFU Bypasshttps://zvitox.medium.com/server-access-admin-panel-and-rfu-bypass-45af32057a2d?source=rss------bug_bounty-5Mohammad Sadra Naderireport, tips, security, bug-bounty, hacking18-Jun-2024
How ChatGPT Turned Me into a Hackerhttps://medium.com/@jonathanmondaut/how-chatgpt-turned-me-into-a-hacker-7469d5b43026?source=rss------bug_bounty-5Jonathan Mondautbug-bounty, openai, large-language-models, hacking, learning18-Jun-2024
Day 22 of our #CyberQuest1095 Day Challengehttps://d3athcod3.medium.com/day-22-of-our-cyberquest1095-day-challenge-c993ded22604?source=rss------bug_bounty-5D3athCod3bug-bounty, development, cybersecurity, hacking, challenge18-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-5)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-5-efb95db2210b?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-bounty-hunter18-Jun-2024
Bug Bounty Hunting — Complete Guide (Part -4)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-4-00e815fa8026?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty18-Jun-2024
29.8 Lab: Bypassing flawed input filters for server-side prototype pollutionhttps://cyberw1ng.medium.com/29-8-lab-bypassing-flawed-input-filters-for-server-side-prototype-pollution-fa379f811a06?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, careers, bug-bounty, penetration-testing18-Jun-2024
Server Access: Admin Panel and RFU Bypasshttps://zvitox.medium.com/server-access-admin-panel-and-rfu-bypass-45af32057a2d?source=rss------bug_bounty-5Mohammad Sadra Naderi (ZVitoX)report, tips, security, bug-bounty, hacking18-Jun-2024
A Learning Journey: Attempting to Turn a WordPress Theme CVE into a PoChttps://medium.com/@motoko_ayanami/a-learning-journey-attempting-to-turn-a-wordpress-theme-cve-into-a-poc-225cde954493?source=rss------bug_bounty-5Motoko Ayanamiwordpress, wpscan, hacking, bug-bounty18-Jun-2024
Demystifying Bug Bounty Hunting: A Deep Dive into Cybersecurity's Hidden Gemhttps://medium.com/@biswalsandeep594/demystifying-bug-bounty-hunting-a-deep-dive-into-cybersecuritys-hidden-gem-d8ad2d2d7fcb?source=rss------bug_bounty-5Sandeep priyadarshi Biswalbug-bounty, hacking, cryptocurrency, software-engineering, cybersecurity18-Jun-2024
Guide to Using Nucleihttps://medium.com/@learntheshell/guide-to-using-nuclei-9c37869be30e?source=rss------bug_bounty-5LearnTheShellbug-bounty, linux, vulnerability-scanning, cybersecurity18-Jun-2024
Brand-new prototype pollution gadget in MongoDB leading to RCEhttps://medium.com/@vuusale/brand-new-prototype-pollution-gadget-in-mongodb-leading-to-rce-8c5e0087c15e?source=rss------bug_bounty-5Vuusalecybersecurity, vulnerability, bug-bounty, npm17-Jun-2024
Breaking into the VIP Club: A Tale of Parameter Tampering Exploitshttps://systemweakness.com/breaking-into-the-vip-club-a-tale-of-parameter-tampering-exploits-83df7b6b9691?source=rss------bug_bounty-5Jody ritongaweb, bug-bounty, hacking, bugs, bug-bounty-tips17-Jun-2024
Understanding Web3 Bug Bounties: How They Enhance Blockchain Securityhttps://securrtech.medium.com/understanding-web3-bug-bounties-how-they-enhance-blockchain-security-ac9e8361d7cf?source=rss------bug_bounty-5Securrweb3, bug-bounty, hacker, web3bugbounty, security17-Jun-2024
Hunting for Origin IP: A Beginner’s Guidehttps://medium.com/@pruthu.raut/hunting-for-origin-ip-a-beginners-guide-70235f3dd415?source=rss------bug_bounty-5PRUTHU RAUTcyber-security-awareness, bug-bounty, cybersecurity, bug-bounty-tips, bug-hunting17-Jun-2024
29.7 Lab: Detecting server-side prototype pollution without polluted property reflectionhttps://cyberw1ng.medium.com/29-7-lab-detecting-server-side-prototype-pollution-without-polluted-property-reflection-50e36dbe2629?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, bug-bounty, penetration-testing, careers17-Jun-2024
OSINT FOR BUG HUNTERhttps://medium.com/@Progsky/osint-for-bug-hunter-4ae5c700a13a?source=rss------bug_bounty-5Progskyosint, hacking, bug-bounty17-Jun-2024
Cross-Site Scripting via Web Cache Poisoning and WAF bypasshttps://ltsirkov.medium.com/cross-site-scripting-via-web-cache-poisoning-and-waf-bypass-6cb3412d9e11?source=rss------bug_bounty-5Lyubomir Tsirkovbug-bounty, bug-bounty-tips17-Jun-2024
Naabuhttps://medium.com/@roymemory2018/naabu-21c5438e05ae?source=rss------bug_bounty-5Audity Memory Roynaabu, port-scanner, kali-tools, bug-bounty, penetration-testing17-Jun-2024
0xhashimRESETriddle: Vulnerable Web Applicationhttps://medium.com/@hashimamin/0xhashimresetriddle-4f3270411800?source=rss------bug_bounty-5Hashim Aminvulnerability-management, bug-bounty, vulnerability, portswigger, cybersecurity17-Jun-2024
Brand-new prototype pollution gadget in MongoDB leading to RCEhttps://systemweakness.com/brand-new-prototype-pollution-gadget-in-mongodb-leading-to-rce-8c5e0087c15e?source=rss------bug_bounty-5Vuusalecybersecurity, vulnerability, bug-bounty, npm17-Jun-2024
29.6 Lab: Privilege escalation via server-side prototype pollutionhttps://cyberw1ng.medium.com/29-6-lab-privilege-escalation-via-server-side-prototype-pollution-4895762ce7d6?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, penetration-testing, careers, hacking16-Jun-2024
Broken Link Hijackinghttps://medium.com/@saeidmicro/broken-link-hijacking-8ff4808a6cd2?source=rss------bug_bounty-5Saeid Khaterbroken-link-hijacking, bug-bounty, cybersecurity16-Jun-2024
Bug Zero — This month in CyberSecurity (June 1–15)https://blog.bugzero.io/bug-zero-this-month-in-cybersecurity-june-1-15-51c4d918b5ae?source=rss------bug_bounty-5Akila Maithripalacybersecurity, bug-zero, newsletter, bug-bounty16-Jun-2024
Mastering Unauthenticated XSS Detection: Best Burp Suite Configurations for XSS Huntinghttps://medium.com/@mayank_prajapati/mastering-unauthenticated-xss-detection-best-burp-suite-configurations-for-xss-hunting-523d78ecfda8?source=rss------bug_bounty-5Mayank Kumar Prajapatibug-bounty, xss-attack, hunting, hacking, penetration-testing16-Jun-2024
Introducing r3conwhal3: Your Go-To Recon Automation Frameworkhttps://ibrahimtahaistikbal.medium.com/introducing-r3conwhal3-your-go-to-recon-automation-framework-c8840f3a4e0b?source=rss------bug_bounty-5İbrahim Taha İstikbalbug-bounty, security-tool, bug-bounty-tool, penetration-testing, reconnaissance16-Jun-2024
Direct access to admin dashboard via leaked credentialshttps://medium.com/@saeidmicro/direct-access-to-admin-dashboard-via-leaked-credentials-d1ed9bd18edb?source=rss------bug_bounty-5Saeid Khaterbug-bounty, cybersecurity16-Jun-2024
Complex Attack Types: Sample Scenarios 17https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-17-b73b1854ddbd?source=rss------bug_bounty-5Baris Dincercybersecurity, bug-bounty, threat-intelligence, freedomofinternet, penetration-testing16-Jun-2024
Hacking (not only) for Moneyhttps://medium.com/@guce/hacking-not-only-for-money-e71d72ab8c55?source=rss------bug_bounty-5gu cecybersecurity, bug-bounty, bug-bounty-program, vulnerability-assessment16-Jun-2024
Day 20 of Our #CyberQuest1095 Day Challengehttps://d3athcod3.medium.com/day-20-of-our-cyberquest1095-day-challenge-680fbd060cb5?source=rss------bug_bounty-5D3athCod3cybersecurity, challenge, penetration-testing, hacker, bug-bounty16-Jun-2024
Enumeração de subdomínios de diferentes fonteshttps://medium.com/@souzaw/enumera%C3%A7%C3%A3o-de-subdom%C3%ADnios-de-diferentes-fontes-9c67f5bc59e3?source=rss------bug_bounty-5Wagner Souzashell, bug-bounty, pentest, osint16-Jun-2024
Complex Attack Types: Sample Scenarios 18https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-18-efaf527942ba?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, bug-bounty, penetration-testing, information-technology, cybersecurity16-Jun-2024
Secrets in the Wild: Uncovering Hidden Threatshttps://medium.com/@dzianisskliar29/secrets-in-the-wild-uncovering-hidden-threats-9b26bf180d0c?source=rss------bug_bounty-5Dzianis Skliarbug-bounty, cybersecurity, threat-intelligence, penetration-testing16-Jun-2024
Top 10 Search Engines Every Cybersecurity Professional Should Knowhttps://ikhaleelkhan.medium.com/top-10-search-engines-every-cybersecurity-professional-should-know-ad92a80ce5e6?source=rss------bug_bounty-5Khaleel Khanbug-bounty, ethical-hacking, hacking, cybersecurity, infosec15-Jun-2024
[Bounty Weekend] View Any User Design With Simple Path Traversal IDORhttps://medium.com/@rifqihz/bounty-weekend-view-any-user-design-with-simple-path-traversal-idor-5fe0f59f56a6?source=rss------bug_bounty-5Rifqi Hilmy Zhafranthackerone, bug-bounty, broken-access-control15-Jun-2024
[Bounty Weekend] Possible Code Execution With Integration Script Tamperinghttps://medium.com/@rifqihz/bounty-weekend-possible-code-execution-with-integration-script-tampering-f38691e99d4b?source=rss------bug_bounty-5Rifqi Hilmy Zhafranthackerone, bug-bounty, cloud15-Jun-2024
Unveiling the Secret World of Google Dorks: How Hackers Use These Search Tricks to Access Your…https://systemweakness.com/unveiling-the-secret-world-of-google-dorks-how-hackers-use-these-search-tricks-to-access-your-117c53c05705?source=rss------bug_bounty-5Khaleel Khancybersecurity, bug-bounty, infosec, hacking, google15-Jun-2024
Top 10 Search Engines Every Cybersecurity Professional Should Knowhttps://medium.com/the-shaco/top-10-search-engines-every-cybersecurity-professional-should-know-ad92a80ce5e6?source=rss------bug_bounty-5Khaleel Khanbug-bounty, ethical-hacking, hacking, cybersecurity, infosec15-Jun-2024
29.5 Lab: Client-side prototype pollution in third-party librarieshttps://cyberw1ng.medium.com/29-5-lab-client-side-prototype-pollution-in-third-party-libraries-e767b8352862?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, careers, cybersecurity, bug-bounty15-Jun-2024
Intelligence HackTheBox Walkthrough | Active Directoryhttps://d3athcod3.medium.com/intelligence-hackthebox-walkthrough-active-directory-d9cb695201ce?source=rss------bug_bounty-5D3athCod3computer-science, bug-bounty, cybersecurity, hackthebox, hacking15-Jun-2024
Desvendando uma Vulnerabilidade no Single Sign-On do Facebook: Minha Jornada e Recompensa de $3.000https://medium.com/@patrick-mns/desvendando-uma-vulnerabilidade-no-single-sign-on-do-facebook-minha-jornada-e-recompensa-de-3-000-9c1bcd2a9f4d?source=rss------bug_bounty-5Patrick Manoelhackerone, meta, facebook, hacker, bug-bounty15-Jun-2024
Complex Attack Types: Sample Scenarios 16https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-16-2424fcc0af62?source=rss------bug_bounty-5Baris Dincerbug-bounty, information-technology, freedomofinternet, cybersecurity, penetration-testing15-Jun-2024
How I hacked a marriage database: tale of IDORhttps://medium.com/@alimuhammadsecured/how-i-hacked-a-marriage-database-tale-of-idor-b4f951d23aa6?source=rss------bug_bounty-5Alimuhammadsecuredweb-app-security, bug-bounty, penetration-testing, cybersecurity14-Jun-2024
Postmortem a HTTP Requesthttps://medium.com/@RaunakGupta1922/postmortem-a-http-request-9599bb9d994b?source=rss------bug_bounty-5Raunak Gupta Aka Biscuithacking, burpsuite, http-request, web, bug-bounty14-Jun-2024
Bug Bounty Hunting — Complete Guide (Part — 3)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-3-141b7bfa6ed6?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-program14-Jun-2024
Complex Attack Types: Sample Scenarios 15https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-15-44899075e8fd?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, penetration-testing, information-technology, bug-bounty, cybersecurity14-Jun-2024
How I Discovered a Critical Vulnerability in a Message Tracking Systemhttps://adarshkrduaby.medium.com/how-i-discovered-a-critical-vulnerability-in-a-message-tracking-system-590b3518dcb8?source=rss------bug_bounty-5Adarsh Kumarhacking, bug-report, programming, bug-hunting, bug-bounty14-Jun-2024
29.4 Lab: DOM XSS via an alternative prototype pollution vectorhttps://cyberw1ng.medium.com/29-4-lab-dom-xss-via-an-alternative-prototype-pollution-vector-6ad80e62c8c8?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, cybersecurity, penetration-testing14-Jun-2024
Discovering Critical Security Vulnerabilities: My Journey into Microsoft’s Release Plans Subdomainhttps://ibrahimxss.medium.com/discovering-critical-security-vulnerabilities-my-journey-into-microsofts-release-plans-subdomain-c47621b2da2d?source=rss------bug_bounty-5#IbrahimXSShtml-injection, microsoft, xss-attack, bug-bounty, stored-xss14-Jun-2024
How i discovered my first CVEhttps://1-day.medium.com/how-i-discovered-my-first-cve-3692fab374ab?source=rss------bug_bounty-51daybug-bounty, bug-bounty-tips, cve, bug-hunting, ethical-hacking14-Jun-2024
Bug bounty: managing disappointment, avoiding burnout and consistent growthhttps://medium.com/@un1tycyb3r/bug-bounty-managing-disappointment-avoiding-burnout-and-consistent-growth-df1e6195ca4e?source=rss------bug_bounty-5Un1tycyb3rbug-bounty14-Jun-2024
Discovering a Reflected XSS Vulnerability: My Journey into Microsoft’s Xbox.comhttps://ibrahimxss.medium.com/discovering-a-reflected-xss-vulnerability-my-journey-into-microsofts-xbox-com-d607751be100?source=rss------bug_bounty-5#IbrahimXSSbug-bounty, xss-attack, microsoft, xss-vulnerability, xbox14-Jun-2024
Discovering 10 XSS Vulnerabilities: My Journey into Microsoft’s Support Platformshttps://ibrahimxss.medium.com/discovering-10-xss-vulnerabilities-my-journey-into-microsofts-support-platforms-b19c4e520c90?source=rss------bug_bounty-5#IbrahimXSSxss-attack, xss-filter-bypass, microsoft, bug-bounty, xss-vulnerability14-Jun-2024
Discovering Critical Security Vulnerabilities: My Journey into Microsoft’s Tech Community Portalhttps://ibrahimxss.medium.com/discovering-critical-security-vulnerabilities-my-journey-into-microsofts-tech-community-portal-068505cd4316?source=rss------bug_bounty-5#IbrahimXSSxss-attack, microsoft, bug-bounty, xss-bypass, xss-vulnerability14-Jun-2024
Discovering Critical Security Vulnerabilities: My Journey into Microsoft’s Power Apps Portalhttps://ibrahimxss.medium.com/discovering-critical-security-vulnerabilities-my-journey-into-microsofts-power-apps-portal-86e28311448e?source=rss------bug_bounty-5#IbrahimXSSxss-attack, xss-vulnerability, bug-bounty, microsoft, xss-filter-bypass14-Jun-2024
Discovering a Reflected XSS Filter Bypass: My Journey into Microsoft’s Support UAT Subdomainhttps://ibrahimxss.medium.com/discovering-a-reflected-xss-filter-bypass-my-journey-into-microsofts-support-uat-subdomain-f9be22d8d795?source=rss------bug_bounty-5#IbrahimXSSmicrosoft, xss-vulnerability, filter-bypass, xss-bypass, bug-bounty14-Jun-2024
Discovering a CRLF Injection Vulnerability: My Journey into the MSRC Blog Websitehttps://ibrahimxss.medium.com/discovering-a-crlf-injection-vulnerability-my-journey-into-the-msrc-blog-website-5285169adddb?source=rss------bug_bounty-5#IbrahimXSSbug-bounty, microsoft, xss-attack, crlf-injection14-Jun-2024
Discovering a Critical Security Vulnerability: My Journey into Microsoft’s Lists Subdomainhttps://ibrahimxss.medium.com/discovering-a-critical-security-vulnerability-my-journey-into-microsofts-lists-subdomain-f3e95ce68929?source=rss------bug_bounty-5#IbrahimXSSbug-bounty, xss-bypass, microsoft, xss-attack, xss-vulnerability14-Jun-2024
List of Easy P4 $$$$https://medium.com/@anonymoustriager/list-of-easy-p4-85ffb9d493ed?source=rss------bug_bounty-5Anonymous Triagerhacking, bugbounty-tips, easy-money, bugbounty-writeup, bug-bounty13-Jun-2024
ICMTC CTF 2023 — International Competition of the Military Technical Collegehttps://0xm4r5h4l.medium.com/icmtc-ctf-2023-international-competition-of-the-military-technical-college-65788f3c01a0?source=rss------bug_bounty-50xM4r5h4lctf-writeup, bug-bounty, ctf, ctf-walkthrough, cybersecurity13-Jun-2024
The Best Games for Practicing Game Hackinghttps://medium.com/@MrRipperoni/the-best-games-for-practicing-game-hacking-baba13493db8?source=rss------bug_bounty-5Mr.Ripperonibug-bounty, reverse-engineering, hacking, gamehacking, coding13-Jun-2024
Path Traversal and RCE in Online Compilershttps://medium.com/@amal_n47h/path-traversal-and-rce-in-online-compilers-454a446effca?source=rss------bug_bounty-5Amal Nathrce, online-compiler, bug-bounty, path-traversal, vulnerability13-Jun-2024
Hacking Using Shodanhttps://medium.com/@umarhere4u/hacking-using-shodan-3c4d46df81df?source=rss------bug_bounty-5Mohammad Umar Kachishodan, cybersecurity, bug-bounty, tips, search-engine-optimizati13-Jun-2024
Understanding and Mitigating Cross-Site Request Forgery (CSRF)https://medium.com/technology-hits/understanding-and-mitigating-cross-site-request-forgery-csrf-399d26627e60?source=rss------bug_bounty-5Yeu Lind Yeoweb-security, csrf, cybersecurity-awareness, bug-bounty, hacker13-Jun-2024
Stealing credentials using XSS (xss on login page) Your password my password .https://medium.com/@brutal_panda/stealing-credentials-using-xss-xss-on-login-page-your-password-my-password-059354240801?source=rss------bug_bounty-5Eliezer Binyambug-bounty13-Jun-2024
Interview with Georgi Krastenov: Diving Deep into Web3 Securityhttps://web3-bug-bounty-platform.medium.com/interview-with-georgi-krastenov-diving-deep-into-web3-security-f6fae1f290f1?source=rss------bug_bounty-5Bug Bounty Platformsecurity-audit, web3, bug-bounty, cybersecurity13-Jun-2024
Finding the newest and top-rated cybersecurity tools and content.https://medium.com/@turvsec/finding-the-newest-and-top-rated-cybersecurity-tools-and-content-a06c9cb54e41?source=rss------bug_bounty-5TurvSecpentesting, bug-bounty, cybersecurity, infosec13-Jun-2024
Direct SSRF Leads to Exposing GitHub Codespaces Sensitive Metadata Instance on Azure Cloudhttps://ph-hitachi.medium.com/direct-ssrf-leads-to-exposing-github-codespaces-sensitive-metadata-instance-on-azure-cloud-eb8ac4f076b1?source=rss------bug_bounty-5Ph.Hitachissrf, bug-bounty, tips-and-tricks, metadata13-Jun-2024
Hata Ödül Programları: Dış Kaynak Kullanımı Projenize Nasıl Yardımcı Olabilir?https://medium.com/@integriteetr/hata-%C3%B6d%C3%BCl-programlar%C4%B1-d%C4%B1%C5%9F-kaynak-kullan%C4%B1m%C4%B1-projenize-nas%C4%B1l-yard%C4%B1mc%C4%B1-olabilir-9e55995ec74a?source=rss------bug_bounty-5Integriteetrbug-bounty, immunefi, blockchain13-Jun-2024
29.3 Lab: Client-side prototype pollution via flawed sanitizationhttps://cyberw1ng.medium.com/29-3-lab-client-side-prototype-pollution-via-flawed-sanitization-ce78a48758fa?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, careers, bug-bounty, hacking13-Jun-2024
Breaking Business Logic — Part: 42–4= 2https://thehemdeep.medium.com/breaking-business-logic-part-42-4-2-d8509ef70436?source=rss------bug_bounty-5Hemdeep Gamitweb-penetration-testing, web-security-testing, web-security, bug-bounty13-Jun-2024
You Won’t Believe What We Found Using Shodan!https://medium.com/@paritoshblogs/you-wont-believe-what-we-found-using-shodan-e796e13417a3?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, information-security, hacking, shodan12-Jun-2024
Using Shodan to Find and Exploit FTP Servers with Anonymous Access: A Step-by-Step Guidehttps://systemweakness.com/using-shodan-to-find-and-exploit-ftp-servers-with-anonymous-access-a-step-by-step-guide-86a5b6e72f75?source=rss------bug_bounty-5Khaleel Khanethical-hacking, pentesting, hacking, bug-bounty, ctf-writeup12-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-2)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-2-ef65d69de157?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-tips12-Jun-2024
Hacking the Imaginary: A Journey to Discovering a Blind SSRFhttps://medium.com/@kandar.souvik6/hacking-the-imaginary-a-journey-to-discovering-a-blind-ssrf-657aac60d8d0?source=rss------bug_bounty-5hacker_mightpenetration-testing, server-side-request, ssrf, bug-bounty, imaginaries12-Jun-2024
Securing 10,000+ Restaurants’ Customer PII Datahttps://infosecwriteups.com/securing-10-000-restaurants-customer-pii-data-60013c9b44dc?source=rss------bug_bounty-5Renganathanit-solutions, information-technology, bug-bounty, cybersecurity, bug-bounty-tips12-Jun-2024
29.2 Lab: DOM XSS via client-side prototype pollutionhttps://cyberw1ng.medium.com/29-2-lab-dom-xss-via-client-side-prototype-pollution-ebee89f58933?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, hacking, bug-bounty, penetration-testing12-Jun-2024
ExtPenPy: Accelerate Your Reconnaissance Phase with Easehttps://medium.com/@maliktawfiq12/extpenpy-accelerate-your-reconnaissance-phase-with-ease-e79a164d4f68?source=rss------bug_bounty-5Maliktawfiqcybersecurity, penetration-testing, bug-bounty-tips, bug-bounty, external-pentest12-Jun-2024
Securing 10,000+ Restaurants’ Customer PII Datahttps://renganathanofficial.medium.com/securing-10-000-restaurants-customer-pii-data-60013c9b44dc?source=rss------bug_bounty-5Renganathanit-solutions, information-technology, bug-bounty, cybersecurity, bug-bounty-tips12-Jun-2024
How I get an easy Blind SSRF by just reading writeupshttps://medium.com/@mohamed0xmuslim/how-i-get-an-easy-blind-ssrf-by-just-reading-writeups-a5459bbdf96d?source=rss------bug_bounty-5Muhammad_Mostafabug-bounty, bugbounty-writeup, bug-bounty-tips12-Jun-2024
HackerOne’s Double Standards: A Security Researcher’s Nightmarehttps://medium.com/@redworld/hackerones-double-standards-a-security-researcher-s-nightmare-642be91ca64b?source=rss------bug_bounty-5Redcybersecurity, bug-bounty, hackerone, scam-alert, scam11-Jun-2024
Account Takeover (ATO) Checklisthttps://medium.com/@anonymoustriager/account-takeover-ato-checklist-f67d2543b01f?source=rss------bug_bounty-5Anonymous Triagerbug-bounty-program, bug-bounty-writeup, bugbounty-tips, bugbounty-poc, bug-bounty11-Jun-2024
BBB #2 — Introducing Daneelhttps://medium.com/@JakobTheDev/bbb-2-introducing-daneel-69a391294654?source=rss------bug_bounty-5Jakob Penningtonsoftware-development, bug-bounty11-Jun-2024
How I found OpenHAB Automation Panels Accessible Without Authenticationhttps://medium.com/@jeetpal2007/how-i-found-openhab-automation-panels-accessible-without-authentication-d9edbb3280fd?source=rss------bug_bounty-5JEETPALbug-bounty-writeup, bug-bounty, authentication-bypass, bugbounty-tips, openhab-panel11-Jun-2024
How to exploit CVE-2024–24919 path traversalhttps://medium.com/@jeetpal2007/how-to-exploit-cve-2024-24919-path-traversal-5493c50d2581?source=rss------bug_bounty-5JEETPALbug-bounty, bug-bounty-writeup, bug-bounty-tips, path-traversal, cve-2024-2491911-Jun-2024
Forensic Investigation Operations — Basic Linux File System Analysishttps://medium.com/@brsdncr/forensic-investigation-operations-basic-linux-file-system-analysis-52025d7b2ec2?source=rss------bug_bounty-5Baris Dincerforensics, penetration-testing, bug-bounty, freedomofinternet, cybersecurity11-Jun-2024
1250 $ For 3 Stored XSS AND PII Disclosure , Let’s See How FIS Scammed Me AND Bugcrowd Covered It…https://medium.com/@0xAwali/1250-for-3-stored-xss-and-pii-disclosure-lets-see-how-fis-scammed-me-and-bugcrowd-covered-it-8561d9ce57b5?source=rss------bug_bounty-5Mahmoud M. Awalibug-bounty11-Jun-2024
Explaining the OWASP ZAP Proxy & Burp Suite tool in one video in just one hourhttps://gentilsecurity.medium.com/explaining-the-owasp-zap-proxy-burp-suite-tool-in-one-video-in-just-one-hour-537bd7801134?source=rss------bug_bounty-5GenTiLowaspzap, automation-testing, burpsuite, penetration-testing, bug-bounty11-Jun-2024
شرح اداة OWASP ZAP Proxy & Burp Suite في فيديو واحد في ساعة واحدة فقطhttps://gentilsecurity.medium.com/%D8%B4%D8%B1%D8%AD-%D8%A7%D8%AF%D8%A7%D8%A9-owasp-zap-proxy-burp-suite-%D9%81%D9%8A-%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%88%D8%A7%D8%AD%D8%AF-%D9%81%D9%8A-%D8%B3%D8%A7%D8%B9%D8%A9-%D9%88%D8%A7%D8%AD%D8%AF%D8%A9-%D9%81%D9%82%D8%B7-4e4c5e1142bf?source=rss------bug_bounty-5GenTiLowaspzap, automation-testing, bug-bounty, penetration-testing, burpsuite11-Jun-2024
29.1 Lab: Client-side prototype pollution via browser APIshttps://cyberw1ng.medium.com/29-1-lab-client-side-prototype-pollution-via-browser-apis-642e91b8159d?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, penetration-testing, cybersecurity11-Jun-2024
Uncovering Hidden Web Content with ffufhttps://medium.com/@umang.gulati19/uncovering-hidden-web-content-with-ffuf-55d29b21e627?source=rss------bug_bounty-5Math and Codecybersecurity, bug-bounty, webfuzzing, web-security, infosec11-Jun-2024
OWASP Mobile Top 10 for Android Penetration Testing and Checklisthttps://medium.com/@phyowathone/owasp-mobile-top-10-52987725a12c?source=rss------bug_bounty-5Phyo WaThone Winbug-bounty, bug-bounty-tips, androidhacking, android-security, android-pentesting-series11-Jun-2024
Understand the world of Bug Bountyhttps://medium.com/@hydd3n.sec/understand-the-world-of-bug-bounty-595c99b6782d?source=rss------bug_bounty-5Hydd3nmindset, bug-bounty, infosec, goals10-Jun-2024
Automation Tool for Easy P4https://medium.com/@anonymoustriager/automation-tool-for-easy-p4-c159bcae0cf2?source=rss------bug_bounty-5Anonymous Triagerbugbounty-tips, bug-bounty-program, hacking, bug-bounty, bugbounty-writeup10-Jun-2024
28.5 Lab: Server-side template injection with information disclosure via user-supplied objectshttps://cyberw1ng.medium.com/28-5-lab-server-side-template-injection-with-information-disclosure-via-user-supplied-objects-bbb18def43e1?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, careers, penetration-testing10-Jun-2024
Communication and Network Securityhttps://medium.com/@paritoshblogs/communication-and-network-security-bb6c5558aa51?source=rss------bug_bounty-5Paritoshcybersecurity, communication, bug-bounty, network-security, hacking10-Jun-2024
Top 10 Cybersecurity Vulnerabilities and it’s Mitigation Methodshttps://securrtech.medium.com/top-10-cybersecurity-vulnerabilities-and-its-mitigation-methods-0a5d75aceb34?source=rss------bug_bounty-5Securrbug-bounty, cybersecurity, xss-attack, hacking, vulnerability10-Jun-2024
Become a White Hat: Your Guide to Learning Ethical Hackinghttps://medium.com/@itsamanyadav/become-a-white-hat-your-guide-to-learning-ethical-hacking-022842c49eec?source=rss------bug_bounty-5Its Aman Yadavhacker, cybersecurity, hacking, learn-ethical-hacking, bug-bounty10-Jun-2024
Why Bad Reviews Can Kill Your Softwarehttps://medium.com/@joseph_52850/why-bad-reviews-can-kill-your-software-928f4af30a53?source=rss------bug_bounty-5Joseph Lacsamanasoftware-testing, software-development, bug-bounty, software-company, software-engineering10-Jun-2024
I reported Zero-Day (CVE-2024–24919) … and got informative.https://systemweakness.com/i-reported-zero-day-cve-2024-24919-and-got-informative-25409fac9765?source=rss------bug_bounty-5Sumedh Dawadicve-2024-24919, recon, hacking, zero-day-vulnerability, bug-bounty10-Jun-2024
POC — CVE-2024–4956 -Unauthenticated Path Traversalhttps://medium.com/@verylazytech/poc-cve-2024-4956-unauthenticated-path-traversal-f24b1a595e0e?source=rss------bug_bounty-5Very Lazy Techhacking, bug-bounty, cve-2023-4966, vulnerability, cybersecurity10-Jun-2024
Bug Bounty Programs: How Outsourcing Can Help Your Projecthttps://medium.com/integritee/bug-bounty-programs-how-outsourcing-can-help-your-project-644539de575a?source=rss------bug_bounty-5Integritee Networkblockchain, bug-bounty, immunefi10-Jun-2024
How I Found My First Bug Through Simple Fuzzinghttps://medium.com/@hashimamin/how-i-found-my-first-bug-through-simple-fuzzing-c7d694a59a6b?source=rss------bug_bounty-5Hashim Aminbugbounty-writeup, bug-bounty-tips, bugcrowd, bug-bounty, infosec10-Jun-2024
Bug Bounty Hunting — Complete Guide (Part -1)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-1-21a87e35fdfa?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, bug-bounty, hacking09-Jun-2024
How to Identify Vulnerable Hikvision Devices (IoT) to CVE-2017–7921https://blog.bugzero.io/how-to-identify-vulnerable-hikvision-devices-iot-to-cve-2017-7921-88b294645687?source=rss------bug_bounty-5Kawya De Silvahikvison-cameras, security-alert, cybersecurity, bug-zero, bug-bounty09-Jun-2024
How to Become a Hacker in 2024: A Comprehensive Guidehttps://medium.com/@itsamanyadav/how-to-become-a-hacker-in-2024-a-comprehensive-guide-9bae6cfa6b15?source=rss------bug_bounty-5Its Aman Yadavbug-bounty, become-a-hacker, hacker-in-2024, how-to-be-a-hacker, hacking-courses09-Jun-2024
Discovering a vulnerability in HackerOnehttps://medium.com/@loaymorad11/discovering-a-vulnerability-in-hackerone-00bbfc438d90?source=rss------bug_bounty-5Loaymoradpenetration-testing, hackerone, bug-bounty, cybersecurity09-Jun-2024
Advanced Exploitation Techniques for Bug Bounty: Beyond the Basicshttps://medium.com/@verylazytech/advanced-exploitation-techniques-for-bug-bounty-beyond-the-basics-2ee9cbc12773?source=rss------bug_bounty-5Very Lazy Techcyber, hacking, cybersecurity, bug-bounty, exploit09-Jun-2024
28.4 Lab: Server-side template injection in an unknown language with a documented exploithttps://cyberw1ng.medium.com/28-4-lab-server-side-template-injection-in-an-unknown-language-with-a-documented-exploit-df988ccf6277?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, penetration-testing, cybersecurity, bug-bounty09-Jun-2024
Complex Attack Types: Sample Scenarios 13https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-13-8a5008c396db?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, bug-bounty, cybersecurity, threat-intelligence, penetration-testing09-Jun-2024
STRIPE API-Key Disclosure to Bountyhttps://starlox.medium.com/stripe-api-key-disclosure-to-bounty-239d069f2455?source=rss------bug_bounty-5#$ubh@nk@rbug-bounty, hacking, infosec, bug-hunting, information-disclosure09-Jun-2024
HOW I HACKED NASA?https://infosecwriteups.com/how-i-hacked-nasa-0715b6b5d7b8?source=rss------bug_bounty-5Krishnadev P Melevilabug-bounty, hallof-fame, vdp, cybersecurity, nasa09-Jun-2024
Day 13 of Our #CyberQuest1095 Challenge — Rust, Hack The Box, and Active Directory Adventures!https://d3athcod3.medium.com/day-13-of-our-cyberquest1095-challenge-rust-hack-the-box-and-active-directory-adventures-442cd2c48f41?source=rss------bug_bounty-5D3athCod3bug-bounty, challenge, hacking, cybersecurity, cyberquest109509-Jun-2024
Walk-Through of Bepractical.tech lab #4https://medium.com/@ross.jubert/walk-through-of-bepractical-tech-lab-4-bd4a96dc56bd?source=rss------bug_bounty-5Ross Jubertbug-bounty, red-team, account-takeover, ethical-hacking, account-takeover-attacks09-Jun-2024
The Ultimate Guide to Chaining Bugs: How I Found a Reverse Shell in a Bug Bounty Programhttps://b0mk35h.medium.com/the-ultimate-guide-to-chaining-bugs-how-i-found-a-reverse-shell-in-a-bug-bounty-program-9dca54c20674?source=rss------bug_bounty-5Pronay Biswasethical-hacking, hunting, bug-bounty, cyberse, xss-attack09-Jun-2024
How to preform recon in Bug Bounty?https://systemweakness.com/how-to-preform-recon-in-bug-bounty-8d37a1fd262f?source=rss------bug_bounty-5Imad Husanovicprogramming, cybersecurity, hacking, bug-bounty-tips, bug-bounty09-Jun-2024
ʟᴀɴᴢᴀᴍɪᴇɴᴛᴏ ɪɴᴄᴇɴᴛɪᴠᴀᴅᴏ ᴅᴇ ᴛᴇsᴛɴᴇᴛhttps://medium.com/@Tallomania/%CA%9F%E1%B4%80%C9%B4%E1%B4%A2%E1%B4%80%E1%B4%8D%C9%AA%E1%B4%87%C9%B4%E1%B4%9B%E1%B4%8F-%C9%AA%C9%B4%E1%B4%84%E1%B4%87%C9%B4%E1%B4%9B%C9%AA%E1%B4%A0%E1%B4%80%E1%B4%85%E1%B4%8F-%E1%B4%85%E1%B4%87-%E1%B4%9B%E1%B4%87s%E1%B4%9B%C9%B4%E1%B4%87%E1%B4%9B-df0c7d1e77cd?source=rss------bug_bounty-5Ay Zedrewards, testnet, bug-bounty, ai09-Jun-2024
[Bounty Weekend] Disable Any Customer Ability To Create Service Account With Business Logic…https://medium.com/@rifqihz/bounty-weekend-disable-any-customer-ability-to-create-service-account-with-business-logic-b83baa893b4d?source=rss------bug_bounty-5Rifqi Hilmy Zhafrantbug-bounty-tips, penetration-testing, hackerone, bug-bounty08-Jun-2024
[Bounty Weekend] CTF Level XSS in a Real-World Applicationhttps://medium.com/@rifqihz/bounty-weekend-ctf-level-xss-in-a-real-world-application-7a9278bc7018?source=rss------bug_bounty-5Rifqi Hilmy Zhafranthackerone, penetration-testing, bug-bounty-tips, bug-bounty08-Jun-2024
How to Find Bugs and Get Bucks: 2024 Editionhttps://medium.com/@itsamanyadav/how-to-find-bugs-and-get-bucks-2024-edition-776c5b098b3e?source=rss------bug_bounty-5Its Aman Yadavbug-bounty, how-to-find-bug, 2024, how-to-be-a-hacker, hacking08-Jun-2024
Capturing Android App Traffic via Wireshark - Android Pentestinghttps://medium.com/@phyowathone/capturing-android-app-traffic-via-wireshark-android-pentesting-d0ee1539089f?source=rss------bug_bounty-5Phyo WaThone Wincybersecurity, android-pentesting, bug-bounty-hunting, pentesting, bug-bounty08-Jun-2024
28.3 Lab: Server-side template injection using documentationhttps://cyberw1ng.medium.com/28-3-lab-server-side-template-injection-using-documentation-3e8f761b0ca8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, penetration-testing08-Jun-2024
Day 12 of Our #CyberQuest1095 Day Challengehttps://d3athcod3.medium.com/day-12-of-our-cyberquest1095-day-challenge-977225c7ce97?source=rss------bug_bounty-5D3athCod3cyberquest1095, security, cybersecurity, hacking, bug-bounty08-Jun-2024
Abusing auto mail responders to access internal workplaceshttps://rikeshbaniya.medium.com/abusing-auto-mail-responders-to-access-internal-workplaces-04fcc8ba2c99?source=rss------bug_bounty-5Rikesh Baniyabounties, pentest, hackerone, bounty-reward, bug-bounty08-Jun-2024
POV HTB Writeuphttps://medium.com/@damaidec/pov-htb-writeup-becf386c6dc0?source=rss------bug_bounty-5Damaidechacking, ethical-hacking, bug-bounty, hackthebox, ctf-writeup08-Jun-2024
Super Blind SQL Injection- $20000 bounty | Thousands of targets still vulnerablehttps://medium.com/@pranshux0x/super-blind-sql-injection-20000-bounty-thousands-of-targets-still-vulnerable-f9b013765448?source=rss------bug_bounty-5priyanshu shakyabug-bounty08-Jun-2024
Create Your Own Public-Private Key Pair in Just 5 Minutes! (Cybersecurity)https://medium.com/@paritoshblogs/create-your-own-public-private-key-pair-in-just-5-minutes-cybersecurity-535038665ad9?source=rss------bug_bounty-5Paritoshhacking, keys, cryptography, cybersecurity, bug-bounty08-Jun-2024
Vulnerable WordPress May 2024 (Leylan)https://medium.com/@onhexgroup/vulnerable-wordpress-may-2024-leylan-bd429d56d300?source=rss------bug_bounty-5Onhexgroupwordpress-security, infosec, wordpress, bug-bounty, web-security08-Jun-2024
Cracking the Code: How Cryptography Safeguards Your Digital Worldhttps://medium.com/@paritoshblogs/cracking-the-code-how-cryptography-safeguards-your-digital-world-c1c1887c84ae?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, cryptography, hacking, cybersecurity07-Jun-2024
I got my First Bounty $$$ after three years of hard workhttps://medium.com/@mr_ayyan/i-got-my-first-bounty-after-three-years-of-hard-work-856c43bbb6c1?source=rss------bug_bounty-5Mrayyanirfanbounty-program, rewards-programs, vulnerability, bug-bounty, first-bounty07-Jun-2024
JS for Bug Bounties 2.0 Extreme Edition 2024https://kongsec.medium.com/js-for-bug-bounties-2-0-extreme-edition-2024-f167fa48276a?source=rss------bug_bounty-5Kongsecrecon, bugcrowd, hackerone, javascript, bug-bounty07-Jun-2024
28.2 Lab: Basic server-side template injection (code context)https://cyberw1ng.medium.com/28-2-lab-basic-server-side-template-injection-code-context-2a927ed117e6?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, penetration-testing, hacking07-Jun-2024
Simulating a Ransomware Attack with Caldera.https://medium.com/@josh.beck2006/simulating-a-ransomware-attack-with-caldera-3d77d0cb95d2?source=rss------bug_bounty-5Josh Beckcybersecurity, penetration-testing, ctf, bug-bounty07-Jun-2024
Hacking Porn and Dating sites — a Theme Based Bugbounty Huntinghttps://medium.com/@nithissh/hacking-porn-and-dating-sites-a-theme-based-bugbounty-hunting-d024b8137bc7?source=rss------bug_bounty-5Nithisshbugbounty-writeup, research, bug-bounty07-Jun-2024
Complex Attack Types: Sample Scenarios 12https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-12-0d93a70ee8f4?source=rss------bug_bounty-5Baris Dincercybersecurity, freedomofinternet, bug-bounty, penetration-testing, threat-intelligence07-Jun-2024
Another Easy P4 you miss!!!https://medium.com/@anonymoustriager/another-easy-p4-you-miss-dcadf65adbcb?source=rss------bug_bounty-5Anonymous Triagerbugbounty-poc, bugs, bug-bounty, bug-bounty-tips, bug-bounty-hunter06-Jun-2024
Unlock Any PC Remotely with Just an Image: The Ultimate VNC Hack!https://medium.com/@paritoshblogs/unlock-any-pc-remotely-with-just-an-image-the-ultimate-vnc-hack-a92b22637094?source=rss------bug_bounty-5Paritoshcybersecurity, remote-working, hacking, vnc, bug-bounty06-Jun-2024
The only recon methodology you need.https://an0nbil.medium.com/the-only-recon-methodology-you-need-cf6c3aff1af1?source=rss------bug_bounty-5an0nbilethical-hacking, bug-bounty, bug-bounty-tips, reconnaissance, programming06-Jun-2024
Decimal x Securrhttps://decimalchain.medium.com/decimal-x-securr-96114c277d70?source=rss------bug_bounty-5DecimalChainbug-bounty, decimal, securr06-Jun-2024
Scope Sentry is a tool with functions such as asset mapping…https://medium.com/@Autumn52/scope-sentry-is-a-tool-with-functions-such-as-asset-mapping-fe0af70ace0a?source=rss------bug_bounty-5Autumnhacker, hackathons, bug-bounty, tools, bug-bounty-tips06-Jun-2024
Securing the Future: Understanding Vulnerabilities in Large Language Modelshttps://medium.com/@tusharsaini484/securing-the-future-understanding-vulnerabilities-in-large-language-models-13bbfeac95cf?source=rss------bug_bounty-5Tushar Sainiblog, artificial-intelligence, bug-bounty, large-language-models, cybersecurity06-Jun-2024
Bug bounty — Cybersecurity subcontractor exposes business data to other customershttps://theclemvp.medium.com/bug-bounty-cybersecurity-subcontractor-exposes-business-data-to-other-customers-d8e1a011ff4b?source=rss------bug_bounty-5Clémentcybersecurity, bug-bounty06-Jun-2024
28.1 Lab: Basic Server-side template injectionhttps://cyberw1ng.medium.com/28-1-lab-basic-server-side-template-injection-0744f96c74b8?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, careers, penetration-testing06-Jun-2024
Understanding Cybersecurity : Keeping Our Digital World Safehttps://adnancodestech.medium.com/understanding-cybersecurity-keeping-our-digital-world-safe-1abdd2876a7c?source=rss------bug_bounty-5Cryptifycybersecurity, penetration-testing, bug-bounty-tips, bug-bounty, pentesting06-Jun-2024
Getting started with Bug Bountyhttps://securrtech.medium.com/getting-started-with-bug-bounty-8fd72650184f?source=rss------bug_bounty-5Securrweb3, cybersecurity, ai, bug-bounty, learn06-Jun-2024
Discovering a Critical Vulnerability in application : The Journey of an Accidental Adminhttps://adarshkrduaby.medium.com/discovering-a-critical-vulnerability-in-application-the-journey-of-an-accidental-admin-1aebe9d31e09?source=rss------bug_bounty-5Adarsh Kumarbug-zero, cyber-security-research, critical-vulnerabilities, securityflaw, bug-bounty06-Jun-2024
Stored XSS to Account Takeover (AWS Cognito)https://medium.com/@majix_de/stored-xss-to-account-takeover-aws-cognito-c5f76f04befe?source=rss------bug_bounty-5Majixcybersecurity, account-takeover, pentest, bug-bounty, cognito06-Jun-2024
Easy Latest Critical Severity?https://medium.com/@anonymoustriager/easy-latest-critical-severity-fc9413d57d80?source=rss------bug_bounty-5Anonymous Triagerhacking, bug-bounty, bug-bounty-tips, bugbounty-writeup, bug-bounty-program05-Jun-2024
Active Directory Red Teaming: A Comprehensive Guidehttps://medium.com/@paritoshblogs/active-directory-red-teaming-a-comprehensive-guide-06b1f008d0d4?source=rss------bug_bounty-5Paritoshbug-bounty, cybersecurity, hacking, information-technology, active-directory05-Jun-2024
EMPIRE CTF: LUPINONE VulnHub Walkthrough | Writeuphttps://shamsulmehmood.medium.com/empire-ctf-lupinone-vulnhub-walkthrough-writeup-bea8558ea03b?source=rss------bug_bounty-5SHAMS UL MEHMOODbug-bounty, pentesting, cybersecurity, machine-learning, hacking05-Jun-2024
Master Bug Bounty Hunting: Your Comprehensive Bug Bounty Course in Hindihttps://medium.com/@marketing_94387/master-bug-bounty-hunting-your-comprehensive-bug-bounty-course-in-hindi-ab990527f9b0?source=rss------bug_bounty-5Skilcamponline-learning-platform, bug-bounty-tips, skilcamp, bug-bounty05-Jun-2024
27.5 Lab: DOM-based cookie manipulationhttps://cyberw1ng.medium.com/27-5-lab-dom-based-cookie-manipulation-b939af57ef06?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, careers, hacking05-Jun-2024
SmartAuditor.AI and new ChatGPT bot for auditshttps://medium.com/@bugbountydegen/smartauditor-ai-and-new-chatgpt-bot-for-audits-a8361ec7f52d?source=rss------bug_bounty-5Bug Bounty Degenopenai, smart-contracts, bug-bounty, cybersecurity, chatgpt05-Jun-2024
CVE-2024–4358 Critical Flaw Found in Progress Telerik Report Serverhttps://medium.com/@arafatx90n/cve-2024-4358-critical-flaw-found-in-progress-telerik-report-server-0f379f844819?source=rss------bug_bounty-5ARAFATethical-hacking, bug-bounty, cybersecurity05-Jun-2024
Insecure Firebase Unauthorized Write Access on Crypto Exchange Bug Bountyhttps://scr1pty.medium.com/insecure-firebase-unauthorized-write-access-on-crypto-exchange-bug-bounty-9e9187b627b1?source=rss------bug_bounty-5Scr1ptypenetration-testing, bug-bounty-tips, crypto, bug-bounty, security05-Jun-2024
Another Easy P4?https://medium.com/@anonymoustriager/another-easy-p4-ceaa67ef7e52?source=rss------bug_bounty-5Anonymous Triagerbugbounty-writeup, bug-bounty-tips, bug-bounty-program, cybersecurity, bug-bounty05-Jun-2024
CVE-2024–4956: UNAUTHENTICATED PATH TRAVERSAL IN NEXUS REPOSITORY MANAGER 3https://codewithvamp.medium.com/cve-2024-4956-unauthenticated-path-traversal-in-nexus-repository-manager-3-b4e811ad7e37?source=rss------bug_bounty-5Vaibhav Kumar Srivastavabug-bounty, cve, coding, hacking, cybersecurity05-Jun-2024
Easiest P4?https://medium.com/@anonymoustriager/easiest-p4-feb9e9302562?source=rss------bug_bounty-5Anonymous Triagerbug-bounty-tips, hacking, swag, bounty-program, bug-bounty04-Jun-2024
My report on using lubuntu 24.04https://ariedwikusuma9.medium.com/my-report-on-using-lubuntu-24-04-3040bbdb9bab?source=rss------bug_bounty-5Ariekusumabug-bounty, ubuntu, wireguard, lubuntu, linux04-Jun-2024
The Chronicle Protocol Bug Bounty is Livehttps://medium.com/@ChronicleProtocol/the-chronicle-protocol-bug-bounty-is-live-05b5332e6c76?source=rss------bug_bounty-5Chronicle Protocoloracle, bug-bounty, blockchain, cantina, chronicle-protocol04-Jun-2024
Hacking Android Apps: A Comprehensive Guidehttps://medium.com/@roguepayload/hacking-android-apps-a-comprehensive-guide-9905c075021f?source=rss------bug_bounty-5Rogue Payloadhacking, bug-bounty-tips, pentesting, android, bug-bounty04-Jun-2024
27.4 Lab: DOM-based open redirectionhttps://cyberw1ng.medium.com/27-4-lab-dom-based-open-redirection-e00e760c9046?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, hacking, penetration-testing, bug-bounty04-Jun-2024
How We Got $$$$$ For a Blind Stored XSS To ATOhttps://medium.com/@shari7a0x/how-we-got-for-a-blind-stored-xss-to-ato-2e9b939055ec?source=rss------bug_bounty-5Shari7a0xbugs, hackerone, bug-bounty-tips, bug-bounty, xss-attack04-Jun-2024
Exposing Login Page Vulnerabilities with Time-Based SQL Injectionhttps://medium.com/@sachinkewat809/exposing-login-page-vulnerabilities-with-time-based-sql-injection-694a04911e93?source=rss------bug_bounty-5Sachin kewatbug-bounty-tips, cybersecurity, penetration-testing, bug-bounty, security03-Jun-2024
How I Got My First €€€€ Bountyhttps://machiavellli.medium.com/how-i-got-my-first-bounty-65ad8a1763de?source=rss------bug_bounty-5Machiavellicybersecurity, bug-bounty, information-security03-Jun-2024
Earning Your First $1000 as a Cybersecurity Researcher, Hacker, or Hunterhttps://securrtech.medium.com/earning-your-first-1000-as-a-cybersecurity-researcher-hacker-or-hunter-8532bcaa48b6?source=rss------bug_bounty-5Securrdollar, cyber-security-awareness, earn, bug-bounty, web-development03-Jun-2024
My First Finding Bug on a Bugcrowd BBPhttps://medium.com/@bhuiyanaman71/my-first-bug-on-a-bbp-fdd512307284?source=rss------bug_bounty-5Aman Bhuiyanxss-vulnerability, bug-bounty, hacking, injection03-Jun-2024
27.2 Lab: DOM XSS using web messages and JSON.parsehttps://cyberw1ng.medium.com/27-2-lab-dom-xss-using-web-messages-and-json-parse-79dbe4290efb?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, hacking, bug-bounty, careers03-Jun-2024
Hack and Pay Later: Bypassing Online Payment Methodhttps://medium.com/@tirqwork1/hack-and-pay-later-bypassing-online-payment-method-8b366e0dc7ee?source=rss------bug_bounty-5ARoybug-bounty, cybersecurity, bugbounty-writeup, payment-gateway, infosec03-Jun-2024
27.3 Lab: DOM XSS using web messages and JSON.parsehttps://cyberw1ng.medium.com/27-2-lab-dom-xss-using-web-messages-and-json-parse-79dbe4290efb?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, hacking, bug-bounty, careers03-Jun-2024
UPI Recon | Scammed on Instagram /Telegram?https://medium.com/@anonymoustriager/upi-recon-scammed-on-instagram-telegram-3713f9dd77cd?source=rss------bug_bounty-5Anonymous Triagerhacker, telegram, recon, cybersecurity, bug-bounty02-Jun-2024
Bug Zero — 2 Weeks in Cybersecurity (May 15–31)https://blog.bugzero.io/bug-zero-2-weeks-in-cybersecurity-may-15-31-dbc07d60dfe5?source=rss------bug_bounty-5Akila Maithripalabug-zero, sri-lanka, cybersecurity, bug-bounty02-Jun-2024
BBB #1 — Back Hackinghttps://medium.com/@JakobTheDev/bbb-1-back-hacking-acafd03d7d4e?source=rss------bug_bounty-5Jakob Penningtonbug-bounty, application-security, hacking02-Jun-2024
27.2 Lab: DOM XSS using web messages and a JavaScript URLhttps://cyberw1ng.medium.com/27-2-lab-dom-xss-using-web-messages-and-a-javascript-url-3d29822c295d?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing02-Jun-2024
A simple IDOR worth $400.https://el-cezeri.medium.com/a-simple-idor-worth-400-65663937a5f4?source=rss------bug_bounty-5Samet Yiğitbugbounty-tips, bug-bounty, ödülavcılığı02-Jun-2024
Mastering Sway-Analyzerhttps://medium.com/@angelos404/mastering-sway-analyzer-27379d7903db?source=rss------bug_bounty-5angelos404smart-contracts, web3, blockchain, bug-bounty, sway02-Jun-2024
Easy $$$$ Bounty for leaked token in java script urlhttps://medium.com/@eslammonex/easy-bounty-for-leaked-token-in-java-script-url-5491cf567328?source=rss------bug_bounty-5EslamMonexbug-bounty02-Jun-2024
How To Escalate P5 Email HTML Injection to P4.https://medium.com/@Ajakcybersecurity/how-to-escalate-p5-email-html-injection-to-p4-19a61a85a76b?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, hacking, penetration-testing, cybersecurity, technology02-Jun-2024
شرح اللاب بطريقة سهلة ومبسطة لفهم نوع ال Reflected XSS into HTML context with nothing encodedhttps://gentilsecurity.medium.com/%D8%B4%D8%B1%D8%AD-%D8%A7%D9%84%D9%84%D8%A7%D8%A8-%D8%A8%D8%B7%D8%B1%D9%8A%D9%82%D8%A9-%D8%B3%D9%87%D9%84%D8%A9-%D9%88%D9%85%D8%A8%D8%B3%D8%B7%D8%A9-%D9%84%D9%81%D9%87%D9%85-%D9%86%D9%88%D8%B9-%D8%A7%D9%84-reflected-xss-into-html-context-with-nothing-encoded-9dde8cf2baa3?source=rss------bug_bounty-5GenTiLowasp, web-development, penetration-testing, cybersecurity, bug-bounty01-Jun-2024
ماذا تعرف عن ثغرة XSS? (Cross-Site Script)https://gentilsecurity.medium.com/%D9%85%D8%A7%D8%B0%D8%A7-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%86-%D8%AB%D8%BA%D8%B1%D8%A9-xss-cross-site-script-d45ecf75b0a6?source=rss------bug_bounty-5GenTiLxss-attack, bug-bounty, vulnerability, technology, hacking01-Jun-2024
كيفية استخدام أداة ParamSpider — لبرنامج الجوائز الأمنية (Bug Bounty)https://gentilsecurity.medium.com/%D9%83%D9%8A%D9%81%D9%8A%D8%A9-%D8%A7%D8%B3%D8%AA%D8%AE%D8%AF%D8%A7%D9%85-%D8%A3%D8%AF%D8%A7%D8%A9-paramspider-%D9%84%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D8%A7%D9%84%D8%AC%D9%88%D8%A7%D8%A6%D8%B2-%D8%A7%D9%84%D8%A3%D9%85%D9%86%D9%8A%D8%A9-bug-bounty-c1361d476c4a?source=rss------bug_bounty-5GenTiLparamspider, penetration-testing, bug-bounty, web-development, penetration-testing-tools01-Jun-2024
هل مازلت محتار في الاختلاف بين Reflected XSS و DOM XSS؟ اليوم ستحسم المسألة بكل ثقةhttps://gentilsecurity.medium.com/%D9%87%D9%84-%D9%85%D8%A7%D8%B2%D9%84%D8%AA-%D9%85%D8%AD%D8%AA%D8%A7%D8%B1-%D9%81%D9%8A-%D8%A7%D9%84%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81-%D8%A8%D9%8A%D9%86-reflected-xss-%D9%88-dom-xss-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%B3%D8%AA%D8%AD%D8%B3%D9%85-%D8%A7%D9%84%D9%85%D8%B3%D8%A3%D9%84%D8%A9-%D8%A8%D9%83%D9%84-%D8%AB%D9%82%D8%A9-c4224d126056?source=rss------bug_bounty-5GenTiLreflected-xss, hacking, dom-xss, web-penetration-testing, bug-bounty01-Jun-2024
MY FIRST BUG !https://medium.com/@amjadkhan_72632/my-first-bug-8d52edf256c7?source=rss------bug_bounty-5Amjad Khancybersecurity, bug-bounty01-Jun-2024
SQLi, SSRF And Code Secrets — All In Onehttps://medium.com/@red.whisperer/sqli-ssrf-and-code-secrets-all-in-one-a387c734c84f?source=rss------bug_bounty-5Chuxsecurity, hacking, cybersecurity, infosec, bug-bounty01-Jun-2024
Are you still confused about the difference between Reflected XSS and DOM XSS?https://gentilsecurity.medium.com/are-you-still-confused-about-the-difference-between-reflected-xss-and-dom-xss-45715d0fe37b?source=rss------bug_bounty-5GenTiLdom-xss, hacking, bug-bounty, web-penetration-testing, reflected-xss01-Jun-2024
Chaining NOSQLi and XSS to Take Over a Server — HackTheBox Stocker Walkthroughhttps://medium.com/@The_Hiker/chaining-nosqli-and-xss-to-take-over-a-server-hackthebox-stocker-walkthrough-e549bf3f8bbf?source=rss------bug_bounty-5TheHikerhackthebox, hackthebox-writeup, web-exploitation, hacking, bug-bounty01-Jun-2024
Unveiling the Sneaky CSV Injection: VDP vs. Objective-Based Offensive Tacticshttps://abawazeeer.medium.com/unveiling-the-sneaky-csv-injection-vdp-vs-objective-based-offensive-tactics-208b22b8bba1?source=rss------bug_bounty-5AliBawazeEervulnerability-disclosure, bug-bounty, vulnerability-assessment, owasp-top-10, application-security01-Jun-2024
cy27.1 Lab: DOM XSS using web messageshttps://cyberw1ng.medium.com/cy27-1-lab-dom-xss-using-web-messages-5c2346edc08b?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, hacking, careers, cybersecurity01-Jun-2024
Use FFUF to bypass Burp Suite’s Intruder attacks delay!!!https://hackermater.medium.com/use-ffuf-to-bypass-burp-suite-intruder-attacks-delay-c5087c912741?source=rss------bug_bounty-5hackermaterbug-bounty-writeup, burpsuite, hacking, bug-bounty-tips, bug-bounty01-Jun-2024
90 Days Cybersecurity Learning Challengehttps://medium.com/@unknow.com/90-days-cybersecurity-learning-challenge-81e1777b31f5?source=rss------bug_bounty-5Cyber_hunterbug-bounty, careers, cybersecurity01-Jun-2024
Attacking Web Applications with Ffuf | Skills Assessment — Walkthroughhttps://medium.com/@Mx0o14/attacking-web-applications-with-ffuf-skills-assessment-walkthrough-5af4160fe75b?source=rss------bug_bounty-5Mohamed Ashrafhackthebox, bug-bounty, cybersecurity, hacking31-May-2024
The Planets CTF | Earth CTF | Vulnhub | WriteUp | Walkthroughhttps://shamsulmehmood.medium.com/the-planets-ctf-earth-ctf-vulnhub-writeup-walkthrough-38d13c16643c?source=rss------bug_bounty-5SHAMS UL MEHMOODhacking, cybersecurity, bug-bounty, bugs, cybercrime31-May-2024
Pattern Scanning Intro (For Game Hacking)https://medium.com/@MrRipperoni/pattern-scanning-intro-for-game-hacking-b13401b562fb?source=rss------bug_bounty-5Mr.Ripperonicoding, reverse-engineering, games, bug-bounty, hacking31-May-2024
How i get XSS & HTMLi with FUFFhttps://kiraadx.medium.com/how-i-get-xss-htmli-with-fuff-0c8a4b094636?source=rss------bug_bounty-5KiRaaDxbug-bounty, cybersecurity, bug-bounty-tips31-May-2024
OSCP Reviewhttps://medium.com/@nosignalrightnow/oscp-review-3a9568bf9c5d?source=rss------bug_bounty-5cowabungabug-bounty, offensive-security, penetration-testing, oscp, cybersecurity31-May-2024
26.3 Lab: Indirect prompt injectionhttps://cyberw1ng.medium.com/26-3-lab-indirect-prompt-injection-27d35f2e0e90?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, careers, cybersecurity, bug-bounty31-May-2024
CVE-2024–24919: Zero-Day Vulnerability leads to unauthorized Information Disclosure in Checkpointhttps://codewithvamp.medium.com/cve-2024-24919-zero-day-vulnerability-leads-to-unauthorized-information-disclosure-in-checkpoint-97873b47d160?source=rss------bug_bounty-5Vaibhav Kumar Srivastavacomputer-science, hacking, bug-bounty, cybersecurity, cve31-May-2024
How I Found a Vulnerability in Apple: A Journey of Discovery and Impacthttps://medium.com/@husnainsuleman/how-i-found-a-vulnerability-in-apple-a-journey-of-discovery-and-impact-0e55f14eef75?source=rss------bug_bounty-5Husnain Sulemanbug-bounty, storytelling, security, cybersecurity, apple31-May-2024
IDOR Exploit: A Tale of Account Takeoverhttps://danial1337.medium.com/idor-exploit-a-tale-of-account-takeover-51ab2c47c246?source=rss------bug_bounty-5Muhammad Danialpenetration-testing, hacking, cybersecurity, web-security, bug-bounty31-May-2024
Advanced Web Cache Poisoninghttps://medium.com/@majix_de/advanced-web-cache-poisoning-e6e17d5290ce?source=rss------bug_bounty-5Majixweb-cache-poisoning, penetration-testing, hacking, bug-bounty, pentesting31-May-2024
Creative Steps | Reflected XSS into HTML context with nothing encodedhttps://gentilsecurity.medium.com/creative-steps-reflected-xss-into-html-context-with-nothing-encoded-0a30d4f2dc24?source=rss------bug_bounty-5GenTiLcybersecurity, bug-bounty, owasp, penetration-testing, web-development30-May-2024
Exported Activity In Android Application Allowing Access to Payments Informationhttps://medium.com/@mohanad.hussam23/exported-activity-in-android-application-allowing-access-to-payments-information-166dfee5008e?source=rss------bug_bounty-5Muhanad Israiwihacking, bugs, penetration-testing, bug-bounty, androidhacking30-May-2024
Static Testing of iOS Applicationshttps://sandeepvi.medium.com/static-testing-of-ios-applications-cb09bd8f2927?source=rss------bug_bounty-5Sandeep Vishwakarmahacking, bug-bounty, ios, static-code-analysis30-May-2024
Secrets of Data Security : Trendy Tools and Tips You Can’t Ignore!https://medium.com/@paritoshblogs/secrets-of-data-security-trendy-tools-and-tips-you-cant-ignore-a5d72eb7eedf?source=rss------bug_bounty-5Paritoshdata-security, hacking, cybersecurity, bug-bounty, security30-May-2024
Exciting Announcement: We’re Collaborating with Aptron to Boost Web3 Security!https://securrtech.medium.com/exciting-announcement-were-collaborating-with-aptron-to-boost-web3-security-4f58726c3ae0?source=rss------bug_bounty-5Securrweb3, ai, web3-security, bug-bounty, blockchain30-May-2024
Enhancing Cybersecurity: Lessons from a Critical XSS Vulnerability in DMRC’s Websitehttps://hackerhalt.medium.com/enhancing-cybersecurity-lessons-from-a-critical-xss-vulnerability-in-dmrcs-website-a0e39aeb0318?source=rss------bug_bounty-5Hacker Halt Livehacker, hacking, bug-bounty, security, cybersecurity30-May-2024
Application Level DoS - The Lagging Nightmarehttps://shahjerry33.medium.com/application-level-dos-the-lagging-nightmare-d3332f2ade86?source=rss------bug_bounty-5Jerry Shah (Jerry)pentesting, cybersecurity, bug-bounty, infosec, vulnerability30-May-2024
26.2 Lab: Exploiting vulnerabilities in LLM APIshttps://cyberw1ng.medium.com/26-2-lab-exploiting-vulnerabilities-in-llm-apis-83150b4cdf98?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, careers, hacking, bug-bounty30-May-2024
WAF as a weapon and DOS as a bullethttps://medium.com/@zhero_/waf-as-a-weapon-and-dos-as-a-bullet-46acad12a9b6?source=rss------bug_bounty-5Rachid.Ainfosec, bug-bounty, firewall, hacking, cybersecurity30-May-2024
Low hanging fruit in real website: Cookie invalidation.https://medium.com/@siyamhassan.main/low-hanging-fruit-in-real-website-cookie-invalidation-bd24556dc673?source=rss------bug_bounty-52004siyam_hassanauthentication, session-invalidation, bug-bounty30-May-2024
Buy Multiple Translink Travel Ticket for the Price of One.https://medium.com/@aswinmanikandan/buy-multiple-translink-travel-ticket-for-the-price-of-one-82014216c510?source=rss------bug_bounty-5Aswin Manikandanbug-bounty, bug-bounty-tips30-May-2024
(1)بالمصري Bug Bounty Bootcamp ملخصhttps://medium.com/@am3002297/1-%D8%A8%D8%A7%D9%84%D9%85%D8%B5%D8%B1%D9%8A-bug-bounty-bootcamp-%D9%85%D9%84%D8%AE%D8%B5-8cdf2bf4e108?source=rss------bug_bounty-530obdbug-bounty-hunter, tech-bootcamp, bug-bounty, infosec, information-security30-May-2024
Microsoft IIS Server Shortnames & Tilde Magichttps://retkoussa.medium.com/microsoft-iis-server-shortnames-tilde-magic-64df65d26450?source=rss------bug_bounty-5Firas Al-Koussahacking, bug-bounty, penetration-testing, cybersecurity, penetration-testing-tools30-May-2024
How I Found My First Bug in My Bug Bounty Journeyhttps://medium.com/@HuseyinAdgzl/how-i-found-my-first-bug-in-bug-bounty-journey-49a318874ed8?source=rss------bug_bounty-5Hüseyin Adiguzelbug-bounty-tips, bug-bounty, api, security, bugs30-May-2024
A Beautiful Bug: Interesting URL scheme bypass + Race Condition.https://medium.com/@Nightbloodz/a-beautiful-bug-interesting-url-scheme-bypass-race-condition-61109771a250?source=rss------bug_bounty-5Alvaro Baladacybersecurity, xss-attack, bug-bounty-tips, bug-bounty-writeup, bug-bounty30-May-2024
Understanding Fileless Malware: How It Works and Real-World Exampleshttps://medium.com/@paritoshblogs/understanding-fileless-malware-how-it-works-and-real-world-examples-76085c99543d?source=rss------bug_bounty-5Paritoshhacking, bug-bounty, fileless-malware, malware, cybersecurity29-May-2024
An interesting Bug that I found in Android Mobile Applicationhttps://medium.com/@jooelsaka/an-interesting-bug-that-i-found-in-android-mobile-application-becf25c8c4d8?source=rss------bug_bounty-5dnelsakasecurity, pentesting, mobile-security, android, bug-bounty29-May-2024
Subdomain takeover via AWS s3 buckethttps://infosecwriteups.com/subdomain-takeover-via-aws-s3-bucket-9c54b1b71c46?source=rss------bug_bounty-5Bikram kharalvulnerability, subdomain-takeover, bug-bounty, penetration-testing, hacking29-May-2024
Unauthenticated Cache Purge, Really a Bug?https://medium.com/@anonymoustriager/unauthenticated-cache-purge-really-a-bug-1da44d6fbfd9?source=rss------bug_bounty-5Anonymous Triagerhacker, bug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup29-May-2024
Bypassing Discord marked links filterhttps://nickguitar.medium.com/bypassing-discord-marked-links-filter-88bcd7946f2a?source=rss------bug_bounty-5Nickguitarhacking, bug-bounty, bypass, discord, pentest29-May-2024
Bug Bounty Automationshttps://medium.com/@michellepantelouris/bug-bounty-automations-65f4a4dd6121?source=rss------bug_bounty-5Michelle Pantelourisbug-bounty, cybersecurity, penetration-testing29-May-2024
Building tech profile of a companyhttps://netlas.medium.com/building-tech-profile-of-a-company-f2145dedad31?source=rss------bug_bounty-5Netlas.ioreconnaissance, cybersecurity, osint, penetration-testing, bug-bounty29-May-2024
Content Discovery: Directories, Files And Links Enumeration:https://hacktivistattacker.medium.com/content-discovery-directories-files-and-links-enumeration-38e407b8ff0a?source=rss------bug_bounty-5Hacktivist-Attackercontent-discovery, bug-bounty, web-penetration-testing, reconnaissance-bug-bounty, educação29-May-2024
Bug Bounty Tips and Tricks: Improve Your Success Ratehttps://medium.com/@verylazytech/bug-bounty-tips-and-tricks-improve-your-success-rate-37fa7941d05f?source=rss------bug_bounty-5Very Lazy Techbug-bounty, hacking, bug-bounty-program, cyber, cybersecurity29-May-2024
S3 bucket enumeration simplified.https://secureitmania.medium.com/s3-bucket-enumeration-simplified-80bdcdf581d7?source=rss------bug_bounty-5secureITmaniahacking, cloud-services, devops, bug-bounty, it-security29-May-2024
Agent Sudo Walkthroughhttps://medium.com/@anubhavbali2004/agent-sudo-walkthrough-0a2954d2bb7e?source=rss------bug_bounty-5Anubhav Balictf-walkthrough, ctf-writeup, bug-bounty, ctf, cybersecurity29-May-2024
Mastering Burp Suite for Web Application Security Testinghttps://medium.com/@zerodayfreak/mastering-burp-suite-for-web-application-security-testing-9ac8919f89a8?source=rss------bug_bounty-5ZeroDay Freakbug-bounty, infosec, burpsuite, web-hacking, penetration-testing29-May-2024
The Easiest Vulnerability to Find and How to bypass the WAFhttps://medium.com/@probza261/the-easiest-vulnerability-to-find-and-how-to-bypass-the-waf-3dbcc422aa7e?source=rss------bug_bounty-5OctaYusbug-bounty, infosec, web-security29-May-2024
[Low]Unintended Feature: Exploiting an “Invisible” Delete Function for Temporary Premium Accesshttps://r4v3n0r.medium.com/low-unintended-feature-exploiting-an-invisible-delete-function-for-temporary-premium-access-909812add8eb?source=rss------bug_bounty-5Fabian Cruzweb-application-security, cybersecurity, idor, bug-bounty, information-security29-May-2024
What do you know about XSS? (Cross-Site Script)https://gentilsecurity.medium.com/what-do-you-know-about-xss-cross-site-script-fa050d37be1c?source=rss------bug_bounty-5GenTiLbug-bounty, vulnerability, hacking, technology, xss-attack28-May-2024
Hacking NASA: Critical SSRF + Subdomain Takeover + XSShttps://nickguitar.medium.com/hacking-nasa-critical-ssrf-subdomain-takeover-xss-699be0ce3c06?source=rss------bug_bounty-5Nickguitarpentesting, bug-bounty, hacking, web-application-security, writeup28-May-2024
Bug Bounty In 2024https://medium.com/@Code_With_Ssn/bug-bounty-in-2024-54b1f0c3fe75?source=rss------bug_bounty-5Salik Seraj Naikcybersecurity, bug-bounty, software-development, blockchain, data-science28-May-2024
8 Different Ways to Bypass SSL Pinning in iOS Applicationshttps://medium.com/@vaishalinagori112/8-different-ways-to-bypass-ssl-pinning-in-ios-applications-427dfcbe8bf7?source=rss------bug_bounty-5Vaishali Nagoribug-bounty, vapt-services, hacking, ciso, ssl-pinning-bypass28-May-2024
Talkpal — vulnerability disclosurehttps://karol-mazurek.medium.com/talkpal-vulnerability-disclosure-70b18d14772f?source=rss------bug_bounty-5Karol Mazurekcybersecurity, bug-bounty, information-technology, penetration-testing, information-security28-May-2024
Cross-Site Script _XSS_ Extract Herehttps://gentilsecurity.medium.com/cross-site-script-xss-extract-here-d76053546fe3?source=rss------bug_bounty-5GenTiLtechnology, bug-bounty, ethical-hacking, cybersecurity, web-development28-May-2024
RCE Exploitation via Report Upload + Leveraging MachineKeys to Forge ASPXAUTH Cookies to privesc…https://medium.com/@ph4nt0mbyt3/rce-exploitation-via-report-upload-leveraging-machinekeys-to-forge-aspxauth-cookies-to-privesc-50d38991da2e?source=rss------bug_bounty-5ph4nt0mbyt3pentesting, hacking, bug-bounty, cookies, aspnetcore28-May-2024
PENTESTING DAY — 01https://medium.com/@workwithsane/pentesting-day-01-7eba23231870?source=rss------bug_bounty-5Saneoffensive-security, pentesting, bug-bounty, defensive-security, ethical-hacking28-May-2024
A Whistledown Exclusive: Netflix’s Journey to One Million in Bug Bounty and Beyondhttps://netflixtechblog.medium.com/a-whistledown-exclusive-netflixs-journey-to-one-million-in-bug-bounty-and-beyond-9087ffebc3e1?source=rss------bug_bounty-5Netflix Technology Blogvulnerability-management, application-security, cybersecurity, bug-bounty28-May-2024
25.8 Lab: Web cache poisoning via a fat GET requesthttps://cyberw1ng.medium.com/25-8-lab-web-cache-poisoning-via-a-fat-get-request-ee8a42d01868?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, penetration-testing, cybersecurity28-May-2024
Self-XSS via filename + CSRF on contact us ‘multipart/data’ formhttps://mchklt.medium.com/self-xss-via-filename-csrf-on-contact-us-multipart-data-form-f852dd539547?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAcyberattack, tips, bug-bounty, cybersecurity, hacking28-May-2024
PENTESTING INTRODUCTIONhttps://medium.com/@workwithsane/pentesting-day-01-7eba23231870?source=rss------bug_bounty-5Saneoffensive-security, pentesting, bug-bounty, defensive-security, ethical-hacking28-May-2024
Best Packet Sniffers For Reverse Engineering Game Servershttps://medium.com/@MrRipperoni/best-packet-sniffers-for-reverse-engineering-game-servers-c09987c46b33?source=rss------bug_bounty-5Mr.Ripperonigames, bug-bounty, hacking, penetration-testing, reverse-engineering28-May-2024
25.9 Lab: URL normalization in Web Cache Poisioninghttps://cyberw1ng.medium.com/25-9-lab-url-normalization-in-web-cache-poisioning-9a4b72e10a5e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, hacking, bug-bounty28-May-2024
شمارع خاله اردبیل شماره خاله رامسرشماره خاله یزدشماره خاله نورآباد09333709804https://medium.com/@xgxtccbj/%D8%B4%D9%85%D8%A7%D8%B1%D8%B9-%D8%AE%D8%A7%D9%84%D9%87-%D8%A7%D8%B1%D8%AF%D8%A8%DB%8C%D9%84-%D8%B4%D9%85%D8%A7%D8%B1%D9%87-%D8%AE%D8%A7%D9%84%D9%87-%D8%B1%D8%A7%D9%85%D8%B3%D8%B1%D8%B4%D9%85%D8%A7%D8%B1%D9%87-%D8%AE%D8%A7%D9%84%D9%87-%DB%8C%D8%B2%D8%AF%D8%B4%D9%85%D8%A7%D8%B1%D9%87-%D8%AE%D8%A7%D9%84%D9%87-%D9%86%D9%88%D8%B1%D8%A2%D8%A8%D8%A7%D8%AF09333709804-045d16786c2a?source=rss------bug_bounty-5فاطمهbug-bounty, vjosa, cj, cjng, bybit-event28-May-2024
25.7 Lab: Parameter cloaking in Web Cache Poisoninghttps://cyberw1ng.medium.com/25-7-lab-parameter-cloaking-in-web-cache-poisoning-ee64feeb01c1?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, bug-bounty, careers, penetration-testing27-May-2024
Earning with Exploits: The Bug Bounty Journeyhttps://deepseng.medium.com/earning-with-exploits-the-bug-bounty-journey-9d864743c011?source=rss------bug_bounty-5Deep SenGuptacybersecurity, appsec, information-security, careers, bug-bounty27-May-2024
How To Stay Ahead of 99% Of Bug Bounty Huntershttps://infosecwriteups.com/how-to-stay-ahead-of-99-of-bug-bounty-hunters-a51fb3fc2ecb?source=rss------bug_bounty-5Om Aroramethodology, infosec, hacking, bug-bounty-tips, bug-bounty27-May-2024
The bugs: List of weird vulnerabilitieshttps://noobsixt9.medium.com/the-bugs-list-of-weird-vulnerabilities-6bc98fc5c1cc?source=rss------bug_bounty-5Rajan Kshedalwriteup, bug-bounty, bug-bounty-writeup, bug-bounty-tips, information-security27-May-2024
How I got my first US Dollar bountyhttps://medium.com/@deepk007/how-i-got-my-first-us-dollar-bounty-4df50ee82fc6?source=rss------bug_bounty-5DEepcybersecurity, bug-bounty, red-team, ethical-hacking, vulnerability27-May-2024
25.6 Lab: Web cache poisoning via an unkeyed query parameterhttps://cyberw1ng.medium.com/25-6-lab-web-cache-poisoning-via-an-unkeyed-query-parameter-ca2544560b5e?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, careers, bug-bounty, hacking26-May-2024
Embarking on the Bug Bounty Journeyhttps://medium.com/@verylazytech/embarking-on-the-bug-bounty-journey-e199897617a5?source=rss------bug_bounty-5Very Lazy Techbug-bounty, technology, programming, cybersecurity, cyber26-May-2024
Kokurate journey in Cyber Securityhttps://kokurate.medium.com/kokurate-journey-in-cyber-security-633e546eb175?source=rss------bug_bounty-5Kokuratebug-bounty, blue-team, journey, cybersecurity, red-team26-May-2024
Network Penetration Testing: A Comprehensive Guidehttps://medium.com/@paritoshblogs/network-penetration-testing-a-comprehensive-guide-1ba8fcb7c570?source=rss------bug_bounty-5Paritoshpentesting, networking, ai, cybersecurity, bug-bounty26-May-2024
Open Redirect via login pagehttps://medium.com/@saeidmicro/open-redirect-via-login-page-fe144f279da8?source=rss------bug_bounty-5Saeid Khaterbug-bounty, open-redirect, cybersecurity26-May-2024
My Journey in Cyber Securityhttps://kokurate.medium.com/kokurate-journey-in-cyber-security-633e546eb175?source=rss------bug_bounty-5Kokuratebug-bounty, blue-team, journey, cybersecurity, red-team26-May-2024
### Uncovering a Critical Security Bug: Email Duplication in Password Reset Mechanismhttps://medium.com/@siyamhassan.main/uncovering-a-critical-security-bug-email-duplication-in-password-reset-mechanism-44eed804203f?source=rss------bug_bounty-52004siyam_hassanbug-bounty, password-reset, authentication26-May-2024
### Discovering an OTP Reuse Vulnerability: My First Bug Reporthttps://medium.com/@siyamhassan.main/discovering-an-otp-reuse-vulnerability-my-first-bug-report-1a4c555113ab?source=rss------bug_bounty-52004siyam_hassanauthentication, otp-verification, bug-bounty26-May-2024
HTTP Headershttps://medium.com/@Zephyr_Night/http-headers-958a5d73ffd6?source=rss------bug_bounty-5Anshu(Zephyr_Night)bug-bounty, http-protocol, http-headers, http-authentication26-May-2024
WordPress application vulnerable to DoS attack via wp-cron.phphttps://medium.com/@saeidmicro/wordpress-application-vulnerable-to-dos-attack-via-wp-cron-php-da521e854fe5?source=rss------bug_bounty-5Saeid Khaterbug-bounty, dos-attack, cybersecurity26-May-2024
❇️ Web Hack Tool ❇️https://medium.com/@logicTech/%EF%B8%8F-web-hack-tool-%EF%B8%8F-0123843704ed?source=rss------bug_bounty-5LogicTechbug-bounty-tips, github, tools, hacking, bug-bounty26-May-2024
Insecure Account Removalhttps://medium.com/@saeidmicro/insecure-account-removal-867357ad9a08?source=rss------bug_bounty-5Saeid Khaterbug-bounty, cybersecurity26-May-2024
How I Got IDOR lead to PII In Login Pagehttps://medium.com/@shari7a0x/how-i-got-idor-lead-to-pii-in-login-page-12135f661c77?source=rss------bug_bounty-5Shari7a0xbugs, hacker, idor-vulnerability, bugcrowd, bug-bounty26-May-2024
How I Found 2 IDORS on My Phone and Made $1,500https://medium.com/@zack0x01_/how-i-found-2-idors-on-my-phone-and-made-1-500-8b088f5b28db?source=rss------bug_bounty-5zack0x01bug-bounty, cyber, idor, bug-bounty-tips, hacking26-May-2024
Session invalidation after updating e-mail.https://medium.com/@siyamhassan.main/session-invalidation-after-updating-e-mail-f03c8bb1fb0c?source=rss------bug_bounty-52004siyam_hassanbug-bounty, session-invalidation, help26-May-2024
All About API Security Pentestinghttps://infosecwriteups.com/all-about-api-security-pentesting-60dba50e2766?source=rss------bug_bounty-5Xcheaterapi-security, owasp-api-security-top-10, bug-bounty, pentesting, api-security-testing26-May-2024
JNDI Injection — Attack Flowhttps://medium.com/@prajeet67/jndi-injection-attack-flow-2061e792fef3?source=rss------bug_bounty-5Pradeep Kumarweb-penetration-testing, pentest, bug-bounty, java, jndi25-May-2024
CSRF Vulnerabilities: How to Exploit and Defend Against Attackshttps://xamiron.medium.com/csrf-vulnerabilities-how-to-exploit-and-defend-against-attacks-ca06e0fc0bf0?source=rss------bug_bounty-5Sabuj Kumar Modakpenetration-testing, burpsuite, csrf-attack, bug-bounty, web-app-pentesting25-May-2024
Outlook Hijacked: A Step-by-Step Recovery and Investigationhttps://raoshaab.medium.com/outlook-hijacked-a-step-by-step-recovery-and-investigation-02ea09136301?source=rss------bug_bounty-5Devender Raobug-bounty, phishing, hacking, cybersecurity, microsoft25-May-2024
Unauthenticated IDOR in Employee Login Exposes PII to more than 100K Usershttps://amrkadry7.medium.com/unauthenticated-idor-in-employee-login-exposes-pii-to-more-than-100k-users-830fa8121b33?source=rss------bug_bounty-5Amrcybersecurity, bug-bounty25-May-2024
How I Hacked India Today Subscription for 2 yearshttps://anudeep-vysyaraju.medium.com/how-i-hacked-india-today-subscription-for-2-years-4e49701fa7c8?source=rss------bug_bounty-5Anudeep Vysyarajucybersecurity, penetration-testing, ethical-hacking, hacking, bug-bounty25-May-2024
HOW HACKERS USE REVERSE ENGINEERINGhttps://medium.com/@Progsky/how-hackers-use-reverse-engineering-7f8940e2108a?source=rss------bug_bounty-5Progskybug-bounty, hacking, reverse-engineering25-May-2024
HTB PDFy Challengehttps://medium.com/@Pdaysec/htb-pdfy-challenge-490e678bd521?source=rss------bug_bounty-5Erfancybersecurity, htb, bug-bounty, challenge, htb-writeup25-May-2024
Uncovering the Hidden Vulnerability: How I Found an Authentication Bypass on Shopify’s Exchange…https://medium.com/@niraj1mahajan/uncovering-the-hidden-vulnerability-how-i-found-an-authentication-bypass-on-shopifys-exchange-cc2729ea31a9?source=rss------bug_bounty-5Niraj Mahajanbug-bounty, account-takeover, ato, authentication-bypass, bug-bounty-tips25-May-2024
Prototype Pollution: The Hidden Danger in JavaScripthttps://medium.com/@mayank_prajapati/prototype-pollution-the-hidden-danger-in-javascript-c8b17002e8da?source=rss------bug_bounty-5Mayank Kumar Prajapatihacking, bug-bounty, security, web, pentesting25-May-2024
Bypassing WAFs: The Art of Payload Obfuscationhttps://systemweakness.com/bypassing-wafs-the-art-of-payload-obfuscation-d4093c110713?source=rss------bug_bounty-5David Eduardo Karpinskiweb3, bug-bounty, firewall, cybersecurity, hacking25-May-2024
JavaScript Prototype Pollution Attack: A Simplified Guidehttps://medium.com/@dodir.sec/javascript-prototype-pollution-attack-a-simplified-guide-c3b4ba8a6441?source=rss------bug_bounty-5dodirbug-bounty, penetration-testing, web, javascript, cybersecurity25-May-2024
How i got xss in unusual wayhttps://medium.com/@cvjvqmmsm/how-i-got-xss-in-unusual-way-7c4f2d8dfaf6?source=rss------bug_bounty-5Barbarossaxss-attack, bug-bounty25-May-2024
HTB-PDFyhttps://medium.com/@Pdaysec/htb-pdfy-challenge-490e678bd521?source=rss------bug_bounty-5Erfancybersecurity, htb, bug-bounty, challenge, htb-writeup25-May-2024
Logic Bug | Forget password link not expiring after email changehttps://medium.com/@saeidmicro/logic-bug-forget-password-link-not-expiring-after-email-change-4edc6f2dce22?source=rss------bug_bounty-5Saeid Khatercybersecurity, bug-bounty24-May-2024
How to Use ParamSpider Tool — For Bug Bountyhttps://gentilsecurity.medium.com/how-to-use-paramspider-tool-for-bug-bounty-2cfb3e4c402c?source=rss------bug_bounty-5GenTiLpenetration-testing, automation-tools, parameter, paramspider, bug-bounty24-May-2024
Analyzing JavaScript Files To Find Bugshttps://medium.com/@hrofficial62/analyzing-javascript-files-to-find-bugs-7b277d1df435?source=rss------bug_bounty-5Mr Horbiohacking, bug-bounty-tips, cybersecurity, programming, bug-bounty24-May-2024
Bypassing 403 Protection To Get Admin Accesshttps://medium.com/@hrofficial62/bypassing-403-protection-to-get-admin-access-fe5b8888a935?source=rss------bug_bounty-5Mr Horbiobug-bounty, 403-forbidden, bug-bounty-tips, hacking24-May-2024
Bug Bounty Tutorial : Login Bypass Techniquehttps://medium.com/@hrofficial62/bug-bounty-tutorial-login-bypass-technique-ec4801b505c2?source=rss------bug_bounty-5Mr Horbiobugs, penetration-testing, hacking, bug-bounty, cybersecurity24-May-2024
How to Earn Bug Bounty as a Professional Bug hunterhttps://medium.com/@hrofficial62/how-to-earn-bug-bounty-as-a-professional-bug-hunter-cf11c1d16add?source=rss------bug_bounty-5Mr Horbioearn-money-online, cybersecurity, ethical-hacking, bugs, bug-bounty24-May-2024
How to Find First Bug (For Beginners)https://medium.com/@hrofficial62/how-to-find-first-bug-for-beginners-677ef726df2e?source=rss------bug_bounty-5Mr Horbiopython, cybersecurity, bug-bounty, hacking, programming24-May-2024
How to learn Hacking From 0 to Herohttps://medium.com/@hrofficial62/how-to-learn-hacking-from-0-to-hero-b7a13a72d035?source=rss------bug_bounty-5Mr Horbiohacking, horbio, programming, bug-bounty, cybersecurity24-May-2024
How to extract Google Chrome Saved Passwordhttps://medium.com/@hrofficial62/how-to-extract-google-chrome-saved-password-b6d6db825f36?source=rss------bug_bounty-5Mr Horbioethical-hacking, hacking, bug-bounty, passwords, cyber24-May-2024
Referrer-based access control Bug Bounty Tipshttps://medium.com/@hrofficial62/referrer-based-access-control-bug-bounty-tips-16112ae530cc?source=rss------bug_bounty-5Mr Horbiohacking, programming, hacker, cybersecurity, bug-bounty24-May-2024
Python Libraries for Hackershttps://medium.com/@hrofficial62/python-libraries-for-hackers-52a64f54131c?source=rss------bug_bounty-5Mr Horbiohacking, python-programming, python, bug-bounty, cybersecurity24-May-2024
Easy Bug | PHP info page disclosurehttps://medium.com/@saeidmicro/easy-bug-php-info-page-disclosure-d062dbc66a0e?source=rss------bug_bounty-5Saeid Khatercybersecurity, bug-bounty24-May-2024
Logic Bug: Easy Privilege Escalationhttps://medium.com/@saeidmicro/logic-bug-easy-privilege-escalation-7d3878816395?source=rss------bug_bounty-5Saeid Khatercybersecurity, bug-bounty, privilege-escalation24-May-2024
Logic Bug: Easy Privilege Escalationhttps://medium.com/@saeidmicro/logic-bug-easy-privilege-escalation-d12be8946e36?source=rss------bug_bounty-5Saeid Khaterbug-bounty, privilege-escalation, cybersecurity24-May-2024
Easy Bug | Email HTML Injectionhttps://medium.com/@saeidmicro/easy-bug-email-html-injection-8d15e1db69e0?source=rss------bug_bounty-5Saeid Khatercybersecurity, html-injection, bug-bounty24-May-2024
How to get your first $500 from an XSS vulnerabilityhttps://gentilsecurity.medium.com/how-to-get-your-first-500-from-an-xss-vulnerability-2c3800490e7a?source=rss------bug_bounty-5GenTiLmake-money-online, technology, xss-vulnerability, bug-bounty, xss-attack24-May-2024
[Bug Report] Medium Bug 3 dhttps://minerofideas.medium.com/bug-report-medium-bug-3-d-851c28f844cb?source=rss------bug_bounty-5Miner Of Ideaspython, medium, bug-bounty, medium-brasil, bugs24-May-2024
Using BBRF for tracking Javascript fileshttps://medium.com/@michal.lubicz/using-bbrf-for-tracking-javascript-files-76901a03939f?source=rss------bug_bounty-5Michał Lubiczbug-bounty-tips, bug-bounty, cybersecurity, pentesting24-May-2024
Busting CSRF: The Hidden Dangers of JSON Exploitedhttps://medium.com/@hack3dby0mar/busting-csrf-the-hidden-dangers-of-json-exploited-fd4aeb4cf47e?source=rss------bug_bounty-5Omar Essam (hack3dby0mar)web-security, bug-bounty, cybersecurity24-May-2024
25.4 Lab: Targeted web cache poisoning using an unknown headerhttps://cyberw1ng.medium.com/25-4-lab-targeted-web-cache-poisoning-using-an-unknown-header-18d261dcbf7a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, hacking, bug-bounty, cybersecurity24-May-2024
Exciting Announcement: We’re Collaborating with DAOPeople to Boost Web3 Securityhttps://securrtech.medium.com/exciting-announcement-were-collaborating-with-daopeople-to-boost-web3-security-0e4b70699385?source=rss------bug_bounty-5Securrbug-bounty, web3, web3-security, dao, blockchain24-May-2024
Flipping a ‘False’ to ‘True’: The Google Bug That Paid Offhttps://medium.com/@hellother18/flipping-a-false-to-true-the-google-bug-that-paid-off-c9c3b11944fb?source=rss------bug_bounty-5Manthan_ mahalepenetration-testing, bugbounty-tips, bug-bounty, cybersecurity, hacker24-May-2024
Session fixation | Cookie injection leading to ATO Write-Uphttps://infosecwriteups.com/session-fixation-cookie-injection-leading-to-ato-write-up-98e29d2851b9?source=rss------bug_bounty-5rAmpancisthacking, account-takeover, cybersecurity, bugbounty-writeup, bug-bounty24-May-2024
Top Tools Every Bug Bounty Hunter Should Usehttps://medium.com/@verylazytech/top-tools-every-bug-bounty-hunter-should-use-7ebec61a0f76?source=rss------bug_bounty-5Very Lazy Techbug-bounty, bug-bounty-tips, cyber, cybersecurity24-May-2024
Tips & Tricks To Get Hall of Fame In NASAhttps://medium.com/@Ajakcybersecurity/tips-tricks-to-get-hall-of-fame-in-nasa-53819d8221d3?source=rss------bug_bounty-5AjakCybersecurityhacking, ethical-hacking, bug-bounty, cybersecurity, penetration-testing24-May-2024
25.5 Lab: Web cache poisoning via an unkeyed query stringhttps://cyberw1ng.medium.com/25-5-lab-web-cache-poisoning-via-an-unkeyed-query-string-c264fccb80d0?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, cybersecurity, careers24-May-2024
Always Test Default Credentials on Bug Bounty even if it’s 2024https://scr1pty.medium.com/always-test-default-credentials-on-bug-bounty-even-if-its-2024-75e511e4ad7c?source=rss------bug_bounty-5Scr1ptyethical-hacking, hacking, bug-bounty, security, bug-bounty-tips23-May-2024
HTML Injectionhttps://medium.com/@0xchoudhary/html-injection-cc6f8e3a09f8?source=rss------bug_bounty-5Sushil Choudharybug-bounty-tips, hackerone, cybersecurity, bug-hunting, bug-bounty23-May-2024
25.3 Lab: Web cache poisoning with multiple headershttps://cyberw1ng.medium.com/25-3-lab-web-cache-poisoning-with-multiple-headers-65e4e83ace3a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing23-May-2024
Unlocked Secrets: How Leaked Credentials Fuel Bug Bountieshttps://medium.com/@cyberpro151/unlocked-secrets-how-leaked-credentials-fuel-bug-bounties-fe5032caf5f4?source=rss------bug_bounty-5cyberpro151admin-panel, infosec, breach, bug-bounty, hacking23-May-2024
Aleo Bug Bounty Programhttps://daonft.medium.com/aleo-bug-bounty-program-97a7fda9ceed?source=rss------bug_bounty-5Bogdanbug-bounty, web3, aleo23-May-2024
CSRF leading to Account Takeoverhttps://medium.com/@katmaca2014/csrf-leading-to-account-takeover-abb32bae0ba5?source=rss------bug_bounty-5Kaan Atmacabug-bounty, penetration-testing, pentesting, cybersecurity, hacking23-May-2024
Exploiting XML Injection to Establish Unauthorized SSH Connectionhttps://medium.com/@katmaca2014/exploiting-xml-injection-to-establish-unauthorized-ssh-connection-7c9bbc50a4d4?source=rss------bug_bounty-5Kaan Atmacahacking, coding, bug-bounty, penetration-testing, pentesting23-May-2024
How I Found Multiple XSS Vulnerabilities.https://medium.com/@helalmm71/how-i-found-multiple-xss-vulnerabilities-34bf8655f4e7?source=rss------bug_bounty-5MD Helalvulnerability, penetration-testing, cybersecurity, bug-bounty, ctf23-May-2024
How I use to find vulnerabilities like XSS,sqli using mixture of 3 simple toolshttps://medium.com/@sreejihkn43073/how-i-use-to-find-vulnerabilities-like-xss-sqli-using-mixture-of-3-simple-tools-5108068646d2?source=rss------bug_bounty-5Sreejihknxss-vulnerability, cybersecurity-training, bug-bounty, github, tools23-May-2024
Ink Finance Arbitrum Testnet Bug Bounty Hunthttps://inkfinance.medium.com/ink-finance-arbitrum-testnet-bug-bounty-hunt-85ca215118fa?source=rss------bug_bounty-5Ink Financedao, defi, testnet, arbitrum, bug-bounty23-May-2024
Chrome 125 Update Resolves High-Severities Bugs Reported by External Researchershttps://medium.com/@elnjasi/chrome-125-update-resolves-high-severities-bugs-reported-by-external-researchers-74be654feb3a?source=rss------bug_bounty-5eL Njas!™bug-bounty, vulnerbaility, google23-May-2024
Easy Bug: No Rate Limiting on Form which Triggers Emailshttps://medium.com/@saeidmicro/easy-bug-no-rate-limiting-on-form-which-triggers-emails-4cecb5dd80a8?source=rss------bug_bounty-5Saeid Khatercybersecurity, bug-bounty23-May-2024
First Swag from HackerRankhttps://codingninjablogs.tech/first-swag-from-hackerrank-df55cb2605b5?source=rss------bug_bounty-5#$ubh@nk@rhacking, swag, ethical-hacking, security, bug-bounty23-May-2024
Ink Finance Arbitrum Testnet User Experience & Bug Bounty Hunthttps://inkfinance.medium.com/ink-finance-arbitrum-testnet-bug-bounty-hunt-85ca215118fa?source=rss------bug_bounty-5Ink Financedao, defi, testnet, arbitrum, bug-bounty23-May-2024
Second Factor Authentication (2FA) Bypass in Private BBPhttps://medium.com/@saeidmicro/second-factor-authentication-2fa-bypass-in-private-bbp-325017cd187e?source=rss------bug_bounty-5Saeid Khaterbug-bounty, cybersecurity23-May-2024
Logic Bug | Old Session Does Not Expires After Password Changehttps://medium.com/@saeidmicro/logic-bug-old-session-does-not-expires-after-password-change-cd1fca05c33e?source=rss------bug_bounty-5Saeid Khaterbug-bounty, cybersecurity23-May-2024
Second bug on VDP programhttps://medium.com/@devMRT/second-bug-on-vdp-program-f1c4e67a3e42?source=rss------bug_bounty-5devMRTbugbounty-writeup, bug-bounty-tips, bug-bounty23-May-2024
Advanced Web Application Scanning Step-by-Step Guidehttps://0xm4r5h4l.medium.com/advanced-web-application-scanning-step-by-step-guide-4d59dff9c491?source=rss------bug_bounty-50xM4r5h4lhacking, web-penetration-testing, cybersecurity, bug-bounty, web-scanner22-May-2024
How I Found XSS in Swagger-UI Leading to Account Takeover on Bug Bountyhttps://scr1pty.medium.com/how-i-found-xss-in-swagger-ui-leading-to-account-takeover-on-bug-bounty-8d419c6b95d5?source=rss------bug_bounty-5Scr1ptybug-bounty, ethical-hacking, penetration-testing, bug-bounty-tips, it22-May-2024
Time-Based Google OAuth Account Takeover: Adventures in Bug Bountieshttps://medium.com/@iamrizwanvp/time-based-google-oauth-account-takeover-my-bug-bounty-journey-a0f534227bc6?source=rss------bug_bounty-5RIZWANbug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup, bugs22-May-2024
Silk Central : Bug Tracking Tutorialhttps://medium.com/@niranjanky14/silk-central-bug-tracking-tutorial-781e4a6550c6?source=rss------bug_bounty-5Nine Pages Of My Lifetesting, software-development, bug-bounty, silk, app-development22-May-2024
Open-Redirect Through HTTP Parameter Pollutionhttps://medium.com/@davidkarpinski1/open-redirect-through-http-parameter-pollution-ce5a3be7c78e?source=rss------bug_bounty-5David Eduardo Karpinskiweb3, bug-bounty, hacking, cybersecurity, pollution22-May-2024
Exciting Announcement: Our New Collaboration with jumboBlockchain to Enhance Web3 Security!https://securrtech.medium.com/exciting-announcement-our-new-collaboration-with-jumboblockchain-to-enhance-web3-security-fe0489ca2524?source=rss------bug_bounty-5Securrbug-bounty, layer-1, blockchain, web3-security, web322-May-2024
Swagger-UI XSS Leading to Account Takeover on Crypto Exchangehttps://scr1pty.medium.com/how-i-found-xss-in-swagger-ui-leading-to-account-takeover-on-bug-bounty-8d419c6b95d5?source=rss------bug_bounty-5Scr1ptybug-bounty, ethical-hacking, penetration-testing, bug-bounty-tips, it22-May-2024
25.2 Lab: Web cache poisoning with an unkeyed cookiehttps://cyberw1ng.medium.com/25-2-lab-web-cache-poisoning-with-an-unkeyed-cookie-3f4884ee1105?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, penetration-testing, careers, cybersecurity22-May-2024
SubActive: Cracking the Digital Codehttps://medium.com/@tamhacker1/subactive-cracking-the-digital-code-447769fdb6e2?source=rss------bug_bounty-5Tahir Mujawarbugbounty-writeup, hacker, hacking, cybersecurity, bug-bounty22-May-2024
Best tool to find subdomainshttps://medium.com/@sreejihkn43073/best-tool-to-find-subdomains-170ad5d6e034?source=rss------bug_bounty-5Sreejihknbug-bounty, subdomain, cybersecurity, cyber-security-awareness, pentesting22-May-2024
Top Network Hacking Techniques Familiar with Every Bug-Bounty Hunterhttps://medium.com/@logicTech/top-network-hacking-techniques-familiar-with-every-bug-bounty-hunter-a01d7319cadc?source=rss------bug_bounty-5LogicTechhacking, network-security, bug-bounty, bug-bounty-tips, bugs22-May-2024
Pentesting: AI: WEB 1 | Privilege Escalation Attack | Python Reverse Shell | Vulnerabilities | SQL…https://shamsulmehmood.medium.com/pentesting-ai-web-1-privilege-escalation-attack-python-reverse-shell-vulnerabilities-sql-7f9994a42ec1?source=rss------bug_bounty-5SHAMS UL MEHMOODai, cybersecurity, bugs, bug-bounty, ctf-writeup21-May-2024
Hackers Online Tools in 2024