Security Cipher

Additional Resources

Compilation of Resources Featuring Daily Bug Bounty Writeups

xss
sql injection
xxe
bug-bounty
recon
wordpress
ai
red-team
ctf
graphql
Lab
TitleLinkAuthorTagsPublication date
Finding my First SQL Injection On HackerOnehttps://infosecwriteups.com/finding-my-first-sql-injection-on-hackerone-6a031ab5aa1c?source=rss------bug_bounty-5Aleksa Zatezalohackerone, sql-injection, bug-bounty, burpsuite, hacking19-Jan-2025
Unlimited XSS | This is the Dumbest Way to Find XSS Bughttps://medium.com/readers-club/unlimited-xss-this-is-the-dumbest-way-to-find-xss-bug-6ee92de5df38?source=rss------bug_bounty-5Abhijeet kumawatinfosec, xss-attack, money, bug-bounty, hacking19-Jan-2025
From Path Traversal to RCE: A $40,000 Bug Bounty Journeyhttps://medium.com/@ibtissamhammadi/from-path-traversal-to-rce-a-40-000-bug-bounty-journey-a8316994ab3d?source=rss------bug_bounty-5Ibtissam Hammadiinfosec, hacking-tutorial, remote-code-execution, bug-bounty, web-security19-Jan-2025
Monsif Hmouri: بين الأخلاقيات التقنية والنضال من أجل العدالةhttps://monsifhmouri.medium.com/monsif-hmouri-%D8%A8%D9%8A%D9%86-%D8%A7%D9%84%D8%A3%D8%AE%D9%84%D8%A7%D9%82%D9%8A%D8%A7%D8%AA-%D8%A7%D9%84%D8%AA%D9%82%D9%86%D9%8A%D8%A9-%D9%88%D8%A7%D9%84%D9%86%D8%B6%D8%A7%D9%84-%D9%85%D9%86-%D8%A3%D8%AC%D9%84-%D8%A7%D9%84%D8%B9%D8%AF%D8%A7%D9%84%D8%A9-dd651dada725?source=rss------bug_bounty-5MONSIF HMOURIbug-bounty, cybersecurity, palestinian-cause, digital-activism, ethical-hacking19-Jan-2025
Choosing Your First Program in Bug Bounties: A Beginner’s Guidehttps://it4chis3c.medium.com/choosing-your-first-program-in-bug-bounties-a-beginners-guide-6b27c58316da?source=rss------bug_bounty-5It4chis3cbug-bounty-writeup, bug-bounty-tips, secrets, roadmaps, bug-bounty19-Jan-2025
How i am Starting my Bug Hunting..?https://medium.com/@Charon19d/how-i-am-starting-my-bug-hunting-7a727e3dfb74?source=rss------bug_bounty-5Charon19dhacking, learning, cybersecurity, bug-bounty, bug-hunting19-Jan-2025
Command Injection for Beginners: From Detection to Exploitationhttps://medium.com/@HackerNasr/command-injection-for-beginners-from-detection-to-exploitation-8e7816dcb53d?source=rss------bug_bounty-5HackerNasrcyber-secuity, bug-bounty, information-security, security-research19-Jan-2025
How Did a Simple Path Traversal to RCE Bug Land Me $40K?https://medium.com/@ibtissamhammadi/how-did-a-simple-path-traversal-to-rce-bug-land-me-40k-e20aecb162b0?source=rss------bug_bounty-5Ibtissam Hammadicybersecurity, information-security, ethical-hacking, bug-bounty18-Jan-2025
The Road to CRTP Cert — Part 16https://medium.com/@dineshkumaar478/the-road-to-crtp-cert-part-16-edc129cf1277?source=rss------bug_bounty-5Dineshkumaar Rpentesting, hacking, cybersecurity, active-directory, bug-bounty18-Jan-2025
How to Stay Anonymous While Doing OSINThttps://medium.com/@paritoshblogs/how-to-stay-anonymous-while-doing-osint-519f607fa79d?source=rss------bug_bounty-5Paritoshthreat-intelligence, osint, hacking, bug-bounty, chatgpt18-Jan-2025
Bug Bounty | Privilege Escalation From Admin To Ownerhttps://medium.com/@yog_sahare/bug-bounty-privilege-escalation-from-admin-to-owner-90d86e2395e6?source=rss------bug_bounty-5Yog Saharebug-bounty, bug-bounty-writeup, privilege-escalation, vulnerability, idor-vulnerability18-Jan-2025
Google XSS Gamehttps://medium.com/@PhilopaterSh/google-xss-game-6dbd1c8b3eb8?source=rss------bug_bounty-5Philopater Shenoudagoogle-xss-game, xss-attack, xss-challenge, web-penetration-testing, bug-bounty18-Jan-2025
AI-Powered Recon: Unearthing PII from Non-English Fileshttps://bunny0417.medium.com/ai-powered-recon-unearthing-pii-from-non-english-files-4bf9e91e6b6b?source=rss------bug_bounty-5Aayush kumarbugbounty-writeup, infosec, bug-bounty-tips, bug-bounty, ai-security18-Jan-2025
This 200 Dorks cheats can change your life.https://medium.com/@anandrishav2228/this-200-dorks-cheats-can-change-your-life-13217162aba4?source=rss------bug_bounty-5Rishav anandhacking, bug-bounty, money, google-dork, cybersecurity18-Jan-2025
Threat Hunting Tool: Email Analyzerhttps://hackerassociate.medium.com/threat-hunting-tool-email-analyzer-19518c7d2645?source=rss------bug_bounty-5Harshad Shahinfosec, bug-bounty, cyberattack, threat-hunting, cybersecurity18-Jan-2025
WIFI Hacking , user and password hacking [How hackers get Password of any wifi network]https://medium.com/@hrofficial62/wifi-hacking-user-and-password-hacking-how-hackers-get-password-of-any-wifi-network-015ae6575bed?source=rss------bug_bounty-5Mr Horbiobug-bounty, hacking, wifi, cybersecurity, pentesting18-Jan-2025
Comprehensive Scripts for Red teaminghttps://saconychukwu.medium.com/comprehensive-scripts-for-red-teaming-72c3d2980369?source=rss------bug_bounty-5Sacony Chukwuhacking, cybersecurity, bug-bounty-writeup, bug-bounty, bug-bounty-tips18-Jan-2025
Basic Linux Commands Every Newbie Bug Bounty Hunter Should Knowhttps://bitpanic.medium.com/basic-linux-commands-every-newbie-bug-bounty-hunter-should-know-d990da113f1c?source=rss------bug_bounty-5Spectat0rguycybersecurity, bug-bounty-tips, bug-bounty, technology, programming18-Jan-2025
Unlocking the Doors: How I Took Over Accounts with a Single Flaw!https://medium.com/@omdubey170/unlocking-the-doors-how-i-took-over-accounts-with-a-single-flaw-239900ab5ee9?source=rss------bug_bounty-5Omdubeybug-bounty-tips, bug-bounty-writeup, bugs, cybersecurity, bug-bounty18-Jan-2025
Re-captcha token generating secret key leaking identified via way back machinehttps://medium.com/@swaroopvenkat828/re-captcha-token-generating-secret-key-leaking-identified-via-way-back-machine-8b7fc04e90f8?source=rss------bug_bounty-5swaroop 04|16bug-bounty, wayback-machine, bug-bounty-writeup, bugbounty-tips, sensitive-information18-Jan-2025
Master Bug Bounty Recon: Using GoWitness and Eyeballer to Uncover Juicy Subdomainshttps://medium.com/@hacker_might/master-bug-bounty-recon-using-gowitness-and-eyeballer-to-uncover-juicy-subdomains-c7f79a3f3d06?source=rss------bug_bounty-5hacker_mightrecon, bug-bounty-tips, tools, bug-bounty, reconnaissance18-Jan-2025
Game Real-Time Communication Is Vulnerability higher impact than XSS and ATOhttps://medium.com/@bylyblyblybly/game-real-time-communication-is-vulnerability-higher-impact-than-xss-and-ato-c3d6b9ba77e5?source=rss------bug_bounty-5Bylyblyblyblybug-bounty, gamehacking, android-bugs, cyper-security, android-security18-Jan-2025
Stored XSS to Admin in Unauthenticated-WordPresshttps://infosecwriteups.com/stored-xss-to-admin-in-unauthenticated-wordpress-cb76bae66623?source=rss------bug_bounty-5c0d3x27bug-bounty, javascript, cybersecurity, hacking, software-development18-Jan-2025
Tools Used by Bug Bounty Hunters: A Comprehensive Guidehttps://medium.com/@ajudeb55/tools-used-by-bug-bounty-hunters-a-comprehensive-guide-c5286a0da36a?source=rss------bug_bounty-5Aju Debcybersecurity, bug-bounty, hacking, programming, python18-Jan-2025
IDOR to Partial Access and ACCOUNT TAKEOVER in a Top 5 Cloud Storage Platformhttps://q19.medium.com/idor-to-partial-access-and-account-takeover-in-a-top-5-cloud-storage-platform-844707a2cc01?source=rss------bug_bounty-5Q19hacking, security, bug-bounty, vulnerability18-Jan-2025
Otelier Data Breach Exposes Info, Hotel Reservations of Millionshttps://medium.com/@wiretor/otelier-data-breach-exposes-info-hotel-reservations-of-millions-14e75e47e589?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, ai, malware, breach, bug-bounty18-Jan-2025
Malicious PyPi Package Steals Discord Auth Tokens from Developershttps://medium.com/@wiretor/malicious-pypi-package-steals-discord-auth-tokens-from-developers-2a6707bb84f7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ai, money, bug-bounty, python18-Jan-2025
Tool Overviewhttps://xss0r.medium.com/tool-overview-6c255fe7ec9b?source=rss------bug_bounty-5xss0rxss0, bug-bounty, xss0rrecon, recon18-Jan-2025
Find First Bug for Beginner Bounty Huntershttps://infosecwriteups.com/find-first-bug-for-beginner-bounty-hunters-533f2da9dab1?source=rss------bug_bounty-5Mr Horbiohacking, ethical-hacking, pentesting, bug-bounty, cybersecurity18-Jan-2025
WIFI Hacking , user and password hacking [How hackers get Password of any wifi network]https://infosecwriteups.com/wifi-hacking-user-and-password-hacking-how-hackers-get-password-of-any-wifi-network-015ae6575bed?source=rss------bug_bounty-5Mr Horbiobug-bounty, hacking, wifi, cybersecurity, pentesting18-Jan-2025
Zero Click Account Takeover — JWT Token Manipulation via Programs HackerOnehttps://medium.com/@HackerPlus/zero-click-account-takeover-jwt-token-manipulation-via-programs-hackerone-07da3868ada9?source=rss------bug_bounty-5HackerPlus+bugcrowd, js, hackerone, jwt, bug-bounty18-Jan-2025
Cross-Site Scripting (XSS) attackshttps://medium.com/@rishuraj2666/cross-site-scripting-xss-attacks-cbb84d7f912d?source=rss------bug_bounty-5Rishurajxss-vulnerability, cybersecurity, security-researchers, hacking, bug-bounty18-Jan-2025
S3Bucket Enumeration and Takeoverhttps://medium.com/@sahusujal.dev2004/s3bucket-enumeration-and-takeover-f1ff24ad8187?source=rss------bug_bounty-5Sujal Sahubug-bounty, s3-bucket, cybersecurity, information-disclosure, bucket-takeover18-Jan-2025
How I Discovered a Password Reset Vulnerability on a Web Applicationhttps://medium.com/@Dorking1/how-i-discovered-a-password-reset-vulnerability-on-a-web-application-14fe29f9499c?source=rss------bug_bounty-5Dorking1penetration-testing, bug-bounty, cybersecurity18-Jan-2025
Day 2 — Hacker101 MicroCMS v1 Flag 3 Write-Uphttps://medium.com/@devinmack39/hacker101-microcms-v1-flag-3-write-up-db82e442b922?source=rss------bug_bounty-5Devin McCullumappsec, learning, bug-bounty17-Jan-2025
Critical Vulnerability Alert: CVE-2025-22949 – Tenda AC9 Router Command Injectionhttps://medium.com/@muhammetalgan3547/critical-vulnerability-alert-cve-2025-22949-tenda-ac9-router-command-injection-3fe10252a835?source=rss------bug_bounty-5Muhammet ALGANbug-bounty, network-security, hacking, vulnerability, cybersecurity17-Jan-2025
Android Intent Redirection: A Hacker’s Gateway to Internal Componentshttps://medium.com/@0x3adly/android-intent-redirection-a-hackers-gateway-to-internal-components-ebe126bbb2e0?source=rss------bug_bounty-5Anas Eladly ( 0x3adly )cybersecurity, bug-bounty, mobile-security, penetration-testing, android17-Jan-2025
One More Easy Bug | HTML Injectionhttps://medium.com/@kumawatabhijeet2002/one-more-easy-bug-html-injection-4279fccabbc6?source=rss------bug_bounty-5Abhijeet kumawatinfosec, money, bug-bounty, hacking, bug-bounty-tips17-Jan-2025
One More Easy Bug | HTML Injectionhttps://cybersecuritywriteups.com/one-more-easy-bug-html-injection-4279fccabbc6?source=rss------bug_bounty-5Abhijeet kumawatinfosec, money, bug-bounty, hacking, bug-bounty-tips17-Jan-2025
Stored DOM-based XSS Vulnerability on VPSServer.comhttps://medium.com/@hasanfahad769/stored-dom-based-xss-vulnerability-on-vpsserver-com-f96980104e4b?source=rss------bug_bounty-5Fahad Hossainbug-bounty, cybersecurity, web-security-testing17-Jan-2025
Focusing on Expired Sessions to Uncover IDOR Vulnerabilitieshttps://medium.com/@alvinbijo_174/focusing-on-expired-sessions-to-uncover-idor-vulnerabilities-75f5055c7452?source=rss------bug_bounty-5session-xbugs, bug-bounty, bug-bounty-tips, bugbounting, bugbounty-writeup17-Jan-2025
Collected XSS Payloads ⛏✌️⬇️https://medium.com/@alvinbijo_174/collected-xss-payloads-%EF%B8%8F-%EF%B8%8F-da7df1be4bbb?source=rss------bug_bounty-5session-xhacking, bugbounty-tips, idor, bugbounty-writeup, bug-bounty17-Jan-2025
Privilege Escalation in 5 minutes: When you’re just one URL away from becoming the Boss…https://medium.com/@forte.social/privilege-escalation-in-5-minutes-when-youre-just-one-url-away-from-becoming-the-boss-32a1f0934a0b?source=rss------bug_bounty-5eSecFortebug-bounty, bugbounty-tips, hacking, privilege-escalation, web-app-security17-Jan-2025
Account Takeover: Trading OAuth Codes for fun and profithttps://medium.com/@sazouki/account-takeover-trading-oauth-codes-for-fun-and-profit-f65463e9a6c9?source=rss------bug_bounty-5Sazoukibugbounty-writeup, bug-bounty17-Jan-2025
Hacker101 MicroCMS v1 Flag 3 Write-Uphttps://medium.com/@devinmack39/hacker101-microcms-v1-flag-3-write-up-db82e442b922?source=rss------bug_bounty-5Devin McCullumappsec, learning, bug-bounty17-Jan-2025
Why You Should Start a Bug Bounty Program for Your Mobile Applicationshttps://medium.com/@hackrate/why-you-should-start-a-bug-bounty-program-for-your-mobile-applications-a476c3646978?source=rss------bug_bounty-5Levente Molnarcybersecurity, bug-bounty, ethical-hacking, bug-bounty-tips, hacking17-Jan-2025
XSS: Bypass CloudFront WAFhttps://medium.com/@n45ht/xss-bypass-cloudfront-waf-9d0c8a12dc33?source=rss------bug_bounty-5N45HTbug-bounty-writeup, cross-site-scripting, xs, bug-bounty-tips, bug-bounty17-Jan-2025
How I Hacked Hackers Accounthttps://0xshuvo.medium.com/how-i-hacked-hackers-account-d5409b095133?source=rss------bug_bounty-5Shuvo Kumar Sahabugbounty-writeup, idor, infose, bug-bounty, bugbounty-tips17-Jan-2025
Account Takeover via IDOR form JWT Programs HackerOne 2500$https://medium.com/@HackerPlus/account-takeover-via-idor-form-jwt-programs-hackerone-2500-0a378fe2c951?source=rss------bug_bounty-5HackerPlus+hackerone, hacker, bug-hunting, bugcrowd, bug-bounty17-Jan-2025
The rise of scammer bug bounty programs — and the reason I quit bug bounty hunting.https://medium.com/@brotheralameen/the-rise-of-scammer-bug-bounty-programs-and-the-reason-i-quit-bug-bounty-hunting-4cc661c92e09?source=rss------bug_bounty-5Alameen Karim Meralibugs, bug-bounty-writeup, bug-bounty, bug-bounty-tips, cybersecurity17-Jan-2025
Leaking PII at Scale: How Third Parties Can Unintentionally Put Your Data at Risk.https://medium.com/@omarahmed_13016/leaking-pii-at-scale-how-third-parties-can-unintentionally-put-your-data-at-risk-6101fcb3d5e0?source=rss------bug_bounty-5Omar Ahmedhacking, writeup, vulnerability, hackerone, bug-bounty17-Jan-2025
Web Directory Free Plugin <= 1.7.2: Unauthenticated LFI Exploit (CVE-2024-3673)https://bashoverflow.medium.com/web-directory-free-plugin-1-7-2-unauthenticated-lfi-exploit-cve-2024-3673-f3721f79477d?source=rss------bug_bounty-5Bash Overflowcve-2024-3673, unauthenticated-lfi, bug-bounty, bug-bounty-tips, exploiting-lfi17-Jan-2025
US Sanctions Chinese Firm and Hacker Behind Treasury and Telecom Hackshttps://medium.com/@wiretor/us-sanctions-chinese-firm-and-hacker-behind-treasury-and-telecom-hacks-c25cfb0ae32a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, money, ai, hacking, malware17-Jan-2025
US Cracks Down on North Korea’s IT Worker Army with New Sanctionshttps://medium.com/@wiretor/us-cracks-down-on-north-koreas-it-worker-army-with-new-sanctions-e95efd40850a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, north, malware, money, ai17-Jan-2025
W3 Total Cache Plugin Flaw Exposes Over 1 Million WordPress Sites to Attackshttps://medium.com/@wiretor/w3-total-cache-plugin-flaw-exposes-over-1-million-wordpress-sites-to-attacks-15e0b6ace4e0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, marketing, ai, malware, hacker17-Jan-2025
100 Free Tools To Supercharge Your Bug Bounty Journeyhttps://bitpanic.medium.com/100-free-tools-to-supercharge-your-bug-bounty-journey-747ffb5d4bef?source=rss------bug_bounty-5Spectat0rguycybersecurity, bug-bounty, bug-bounty-tips, programming, technology17-Jan-2025
Finding a easy p4 it can be worth 200$https://medium.com/infosecmatrix/finding-a-easy-p4-it-can-be-worth-200-5d65a9faad0b?source=rss------bug_bounty-5loyalonlytodayhacking, ethical-hacking, bugs, bug-bounty, cybersecurity16-Jan-2025
Day One — HACKER 101 MicroCMS v1 Flag 1 — CTFhttps://medium.com/@devinmack39/day-one-hacker-101-microcms-v1-flag-1-ctf-eb606905eea7?source=rss------bug_bounty-5Devin McCullumbug-bounty, web-app-security, learning-and-development, ctf-writeup, sql-injection16-Jan-2025
This is The Easiest Bug You Can Find✨https://cybersecuritywriteups.com/this-is-the-easiest-bug-you-can-find-feadc3ef95a5?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, hacking, infosec, easy16-Jan-2025
Capturing of Network Traffic Using Wireshark Toolhttps://mhmmuneef.medium.com/capturing-of-network-traffic-using-wireshark-tool-09a9926f18dd?source=rss------bug_bounty-5Mohammed Muneefnetworking, cybersecurity, technology, bug-bounty, hacking16-Jan-2025
Kicking Off 2025: Findings on U.S. Department of Energyhttps://cybersecuritywriteups.com/kicking-off-2025-findings-on-u-s-department-of-energy-a92149e43102?source=rss------bug_bounty-5Guru Prasad Pattanaik || TH3N00BH4CK3Rethical-hacking, bug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips16-Jan-2025
How to Tackle Vulnerable JavaScript Dependencies: Lessons from the Kerala Government Websitehttps://medium.com/@ashwin74/how-to-tackle-vulnerable-javascript-dependencies-lessons-from-the-kerala-government-website-220722709ac4?source=rss------bug_bounty-5ASHWIN KUMARbug-bounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity, javascript16-Jan-2025
Bug Bounty is live: Code breakers, welcome to Apillon!https://blog.apillon.io/bug-bounty-is-live-code-breakers-welcome-to-apillon-6dd4ff40fc82?source=rss------bug_bounty-5Apillonapillon-news, web3, bug-bounty, web3-development, rewards-programs16-Jan-2025
Cybersecurity with AI Roadmap in 2025https://medium.com/@anandrishav2228/cybersecurity-with-ai-roadmap-in-2025-25ced0372d5b?source=rss------bug_bounty-5Rishav anandroadmaps, hacking, ai, bug-bounty, cybersecurity16-Jan-2025
My first step into Bug Bountyhttps://medium.com/@n4itr0_07/my-first-step-into-bug-bounty-718d967e0576?source=rss------bug_bounty-5N4!TR0 07bug-bounty-writeup, sql-injection, bug-bounty-tips, security, bug-bounty16-Jan-2025
Hack The Box Curling Writeup:[Linux][Retired]https://medium.com/@vignesh6872610/hack-the-box-curling-writeup-linux-retired-7be2cc094707?source=rss------bug_bounty-5Vignesh Pbug-bounty-tips, hackthebox-writeup, retiredmachine, hackthebox, bug-bounty16-Jan-2025
CISA Adds Two New Actively Exploited Vulnerabilities to Known Exploited Vulnerabilities Cataloghttps://medium.com/@shalomo.social/cisa-adds-two-new-actively-exploited-vulnerabilities-to-known-exploited-vulnerabilities-catalog-023c1bd81754?source=rss------bug_bounty-5Shalomo Agarwarkarcybersecurity, data-science, business, programming, bug-bounty16-Jan-2025
Using Full potential of Virustotal for Bugbountyhttps://osintteam.blog/using-full-potential-of-virustotal-for-bugbounty-51d27750f588?source=rss------bug_bounty-5loyalonlytodayhacking, bug-bounty, bugs, ethical-hacking, cybersecurity16-Jan-2025
A Journey of Limited Path Traversal To RCE With $40,000 Bounty!https://medium.com/@HX007/a-journey-of-limited-path-traversal-to-rce-with-40-000-bounty-fc63c89576ea?source=rss------bug_bounty-5HX007programming, hacking, cybersecurity, security, bug-bounty16-Jan-2025
OTP BYPASS TECHNIQUE its My StOry [sweet and sour]https://medium.com/infosec-notes/otp-bypass-technique-its-my-story-sweet-and-sour-3e96b9eb63a0?source=rss------bug_bounty-5Mr Horbiopentesting, hacking, bug-bounty, cybersecurity, ethical-hacking16-Jan-2025
Java Script file analysis to find bugshttps://medium.com/@hrofficial62/java-script-file-analysis-to-find-bugs-1fb865fee83e?source=rss------bug_bounty-5Mr Horbioethical-hacking, pentesting, bug-bounty, hacking, cybersecurity16-Jan-2025
Bug Bounty Unlocked: Secrets, Strategies, and Mindset Hacks for Successhttps://it4chis3c.medium.com/bug-bounty-unlocked-secrets-strategies-and-mindset-hacks-for-success-e5d94a632220?source=rss------bug_bounty-5It4chis3cmindset, secrets, bug-bounty, bug-bounty-tips, bug-bounty-writeup16-Jan-2025
Bounty Hunters Take Note: How Leaked Zoom Links Can Unveil Security Flawshttps://bevijaygupta.medium.com/bounty-hunters-take-note-how-leaked-zoom-links-can-unveil-security-flaws-9f524423b5bc?source=rss------bug_bounty-5Vijay Kumar Guptazoom-meetings, securityflaw, bug-bounty, security, zoom16-Jan-2025
Hackers Leak Configs and VPN Credentials for 15,000 FortiGate Deviceshttps://medium.com/@wiretor/hackers-leak-configs-and-vpn-credentials-for-15-000-fortigate-devices-c9586b6e6051?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, money, vpn, hacker, bug-bounty16-Jan-2025
How to pass EMAPT examhttps://medium.com/@nomad8061/how-to-pass-emapt-exam-78bed982d061?source=rss------bug_bounty-5Ahmed Badryine, bug-bounty, bug-bounty-writeup, bug-bounty-tips, emapt16-Jan-2025
Exploring CORS Misconfiguration Vulnerabilities in Modern Applicationshttps://rootast.medium.com/exploring-cors-misconfiguration-vulnerabilities-in-modern-applications-def492a23e95?source=rss------bug_bounty-5Arash Shahbazicross-origin-resource, pentest, owasp-top-10, web-application-security, bug-bounty16-Jan-2025
The Top 8 Kali Linux Tools For 2025https://mhmmuneef.medium.com/the-top-8-kali-linux-tools-for-2025-d5904319b1d7?source=rss------bug_bounty-5Mohammed Muneefbug-bounty, technology, hacking, kali-linux, cybersecurity16-Jan-2025
What You Can Expect: A Personal Introduction and Blog Overviewhttps://medium.com/@T3chnocr4t/what-you-can-expect-a-personal-introduction-and-blog-overview-3a0a6cc984f6?source=rss------bug_bounty-5T3chnocr4tbug-bounty-writeup, writeup, bug-bounty-tips, cybersecurity, bug-bounty15-Jan-2025
Metasploit for Beginners — A Guide to the Powerful Exploitation Frameworkhttps://medium.com/@manishmshiva/metasploit-for-beginners-a-guide-to-the-powerful-exploitation-framework-a8b4245c8893?source=rss------bug_bounty-5Manish Shivanandhancybersecurity, bug-bounty, penetration-testing, metasploit, ethical-hacking15-Jan-2025
Hack with your mind! That’s enough?https://osintteam.blog/hack-with-your-mind-thats-enough-1c6b645d1384?source=rss------bug_bounty-5Abu Hurayrainfosec, ethical-hacking, cybersecurity, bug-bounty, hacking15-Jan-2025
NTLM Auth Disclosing Internal System Info via HTTP/2 to HTTP/1.1 Downgradehttps://medium.com/meetcyber/ntlm-auth-disclosing-internal-system-info-via-http-2-to-http-1-1-downgrade-603cc35c2dc4?source=rss------bug_bounty-5AbhirupKonwarpentesting, cybersecurity, bug-bounty, infosec, vulnerability15-Jan-2025
kya medium account jo suspend ho giya vo vapes aya ga .??https://medium.com/@subhash_9358/kya-medium-account-jo-suspend-ho-giya-vo-vapes-aya-ga-1d480676922e?source=rss------bug_bounty-5Schoudharybug-bounty, culture, cryptocurrency, business, artificial-intelligence15-Jan-2025
Bypassing Razer’s WAF for XSShttps://medium.com/@n45ht/bypassing-razers-waf-for-xss-afcaea744ab4?source=rss------bug_bounty-5N45HTbug-bounty-tips, bug-bounty-writeup, bug-bounty, xs, cross-site-scripting15-Jan-2025
My 2nd Bounty on the Same Company Again: ¥15,000 for a Medium Bughttps://medium.com/@dibyaranjanmohanta2806/my-2nd-bounty-on-the-same-company-again-15-000-for-a-medium-bug-e3dd70c0d40a?source=rss------bug_bounty-5Dibyaranjanmohantamoney, currency, reporting, bug-bounty, japan15-Jan-2025
Exploiting IDOR in a Support Portal Chatbothttps://infosecwriteups.com/exploiting-idor-in-a-support-portal-chatbot-f1d0617bace1?source=rss------bug_bounty-5Supun Halangoda (Suppa)bug-bounty, idor-vulnerability, bugbounty-tips, cybersecurity15-Jan-2025
EMC Mainnet Is Live! Join the Bug Bounty Blitz Program and Earn Rewards!https://medium.com/@EdgeMatrixChain/emc-mainnet-is-live-join-the-bug-bounty-blitz-program-and-earn-rewards-f309b16ee396?source=rss------bug_bounty-5EMC ( Edge Matrix Chain)ai, mainnet, depin, emc, bug-bounty15-Jan-2025
Stored XSS Found in Query Parameters of dhtmlxGrid.js on NASA.gov Subdomain (P3)https://medium.com/@aleenscode/stored-xss-found-in-query-parameters-of-dhtmlxgrid-js-on-nasa-gov-subdomain-p3-2b343fa5f045?source=rss------bug_bounty-5Aleenscodebug-bounty, hackerone, bugcrowd, cross-site-scripting, cybersecurity15-Jan-2025
User Enumeration: From Overlooked to Medium-Impact Bughttps://infosecwriteups.com/user-enumeration-from-overlooked-to-medium-impact-bug-48bbefa2ab3b?source=rss------bug_bounty-5callgh0stgenocide, bug-bounty, hacking, email, palestine15-Jan-2025
The Future of Bug Bounty and Penetration Testinghttps://medium.com/@hackrate/the-future-of-bug-bounty-and-penetration-testing-bce3f23cb095?source=rss------bug_bounty-5Levente Molnarbug-bounty, penetration-testing, ethical-hacking, hacking, cybersecurity15-Jan-2025
I found Reflected XSS on another university’s websitehttps://medium.com/@Bl4cky/hunting-reflected-xss-uncovering-vulnerabilities-on-university-websites-daa6c5ac790d?source=rss------bug_bounty-5Bl4ckyxss-attack, pentest, reflected-xss, bug-bounty15-Jan-2025
What Is Bug Bounty Hunting? A Complete Guidehttps://medium.com/@atnoforcybersecurity/what-is-bug-bounty-hunting-a-complete-guide-58f7019e5871?source=rss------bug_bounty-5ATNO For Cybersecurity | Hackingbug-bounty, hacking, network-security, cybersecurity15-Jan-2025
Allstate Faces Lawsuit for Tracking Drivers Without Permissionhttps://medium.com/@wiretor/allstate-faces-lawsuit-for-tracking-drivers-without-permission-e53b2cf5ed6b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, malware, money, hacker, bug-bounty15-Jan-2025
Web Cache Poisoning: Turning Speed into a Security Nightmarehttps://medium.com/@bughunt.bochi/web-cache-poisoning-turning-speed-into-a-security-nightmare-b2cde92e1036?source=rss------bug_bounty-5Bochixxcyber-security-awareness, ethical-hacking, vulnerability, bug-bounty, web-cache-poisoning15-Jan-2025
Zero Day Alert: Google OAuth Flaw Could Expose Abandoned Accountshttps://medium.com/@wiretor/zero-day-alert-google-oauth-flaw-could-expose-abandoned-accounts-40dbaa77260d?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, money, bug-bounty, zero-day, business15-Jan-2025
FBI Deletes Chinese PlugX Malware from Thousands of US Computershttps://medium.com/@wiretor/fbi-deletes-chinese-plugx-malware-from-thousands-of-us-computers-f212a3f27f14?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, ai, hacker, fbi, money15-Jan-2025
Basics of Bypassing Authentication Mechanismshttps://bitpanic.medium.com/cracking-the-code-how-hackers-bypass-authentication-mechanisms-efa9a09f41ea?source=rss------bug_bounty-5Spectat0rguybug-bounty, bug-bounty-tips, technology, cybersecurity, programming15-Jan-2025
How I Found and Reported a Critical Credential Stuffing Bug Worth $2000https://medium.com/@sc128496/how-i-found-and-reported-a-critical-credential-stuffing-bug-worth-2000-a76d3b4eebb2?source=rss------bug_bounty-5Sahil Choudharytechnology, information-security, hacking, cybersecurity, bug-bounty15-Jan-2025
how I found a Google map it’s worth 300$https://cybersecuritywriteups.com/how-i-found-a-google-map-its-worth-300-99da8061fc67?source=rss------bug_bounty-5loyalonlytodaycybersecurity, bug-bounty, ethical-hacking, hacking, bugs15-Jan-2025
Best Resources for Learning Cybersecurity: A Student’s Guidehttps://medium.com/@himzyoti.talukdar1234/best-resources-for-learning-cybersecurity-a-students-guide-002694679378?source=rss------bug_bounty-5Himjyoti talukdarpenetration-testing, ctf, infosec, bug-bounty, cybersecurity15-Jan-2025
How i found RXSS in href Attributehttps://medium.com/@mohaned0101/how-i-found-rxss-in-href-attribute-13a85e4e2c4d?source=rss------bug_bounty-5mohaned alkhlotxss-attack, bug-bounty, bug-bounty-tips, xss-vulnerability15-Jan-2025
Account Takeover in Mobile Apps: How to Exploit Vulnerabilitieshttps://medium.com/meetcyber/account-takeover-in-mobile-apps-how-to-exploit-vulnerabilities-dc1b55ef6891?source=rss------bug_bounty-5Erkan Kavasaccount-take-over, mobile-app-development, phishing, bug-bounty, cybersecurity15-Jan-2025
Tips to find Stored XSS [Bug_Bounty_Tips]https://medium.com/infosec-notes/tips-to-find-stored-xss-bug-bounty-tips-86cb62a529c8?source=rss------bug_bounty-5Mr Horbiobug-bounty, xss-attack, bugbounty-writeup, cybersecurity, pentesting14-Jan-2025
OWASP Top 10 Testing Guide V4 Checklisthttps://medium.com/@enigma_/owasp-top-10-testing-guide-v4-checklist-02448c971539?source=rss------bug_bounty-5enigma_owasp, oscp, infosec, cybersecurity, bug-bounty14-Jan-2025
The Road to CRTP Cert — Part 15https://medium.com/@dineshkumaar478/the-road-to-crtp-cert-part-15-d9ab41f827a4?source=rss------bug_bounty-5Dineshkumaar Rcybersecurity, bug-bounty, active-directory, hacking, offensive-security14-Jan-2025
OWASP Top 10 Testing Guide V4 Checklisthttps://infosecwriteups.com/owasp-top-10-testing-guide-v4-checklist-02448c971539?source=rss------bug_bounty-5enigma_owasp, oscp, infosec, cybersecurity, bug-bounty14-Jan-2025
Mobile Pentesting Toolshttps://hackerassociate.medium.com/mobile-pentesting-tools-479b797cd6a5?source=rss------bug_bounty-5Harshad Shahcybersecurity, infosec, pentesting, bug-bounty, mobile-app-development14-Jan-2025
From Zero to Bounty — My Journey as a Bug Hunterhttps://medium.com/@joaovmb15/from-zero-to-bounty-my-journey-as-a-bug-hunter-44d2bd63f657?source=rss------bug_bounty-50xJotavebug-hunter, bug-hunting, cybersecurity, bug-bounty14-Jan-2025
Nmap Cheat Sheet: Essential Commands and Advanced Techniques for Scanninghttps://medium.com/@verylazytech/nmap-cheat-sheet-essential-commands-and-advanced-techniques-for-scanning-2274e21654e0?source=rss------bug_bounty-5Very Lazy Techoscp, vulnerability, cybersecurity, nmap, bug-bounty14-Jan-2025
Reflected XSS protected by very strict CSP, with dangling markup attack (Port Swigger XSS Lab)https://medium.com/@hackllego/reflected-xss-protected-by-very-strict-csp-with-dangling-markup-attack-port-swigger-xss-lab-e8811c2e476d?source=rss------bug_bounty-5Hackllegobug-hunting, pentesting, bug-bounty, bug-bounty-tips, web-security14-Jan-2025
Simple Tips for Bug Bounty Beginners: Finding Open AWS S3 buckets, impact, and causeshttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-open-aws-s3-buckets-impact-and-causes-52f252bcddfa?source=rss------bug_bounty-5Anish Narayancybersecurity, bug-bounty-writeup, programming, bug-bounty-tips, bug-bounty14-Jan-2025
Improper Authentication in a famous Trading websitehttps://medium.com/@anonymousshetty2003/improper-authentication-in-a-famous-trading-website-0ffd27fb665e?source=rss------bug_bounty-5Anonymousshettybug-bounty, otp-bypass, cybersecurity, ethical-hacking, improper-access-control14-Jan-2025
How I found an account take over by session fixation (Bugbounty)https://medium.com/@leomsec/how-i-found-an-account-take-over-by-session-fixation-bugbounty-f2551f19be3e?source=rss------bug_bounty-5Leonardohacking, hacker, bug-bounty-tips, bug-bounty, web-hacking14-Jan-2025
Bug Bounty Programs: YES or NO?https://medium.com/@hackrate/bug-bounty-programs-yes-or-no-6b866eea8b01?source=rss------bug_bounty-5Levente Molnarethical-hacking, bug-bounty-tips, hacking, cybersecurity, bug-bounty14-Jan-2025
Day 4. The 100-Day Bug Bounty Challenge: Understanding SQL Injection Classic(In-band)https://mahhesshh.medium.com/day-4-the-100-day-bug-bounty-challenge-understanding-sql-injection-classic-in-band-2b8854d2e0e5?source=rss------bug_bounty-5Mahesh Dhakadhacking, sql-injection, bug-bounty, sqli, cybersecurity14-Jan-2025
7 Ways to Be Better at Bug Bounty Huntinghttps://bitpanic.medium.com/7-ways-to-be-better-at-bug-bounty-hunting-7eae956e500d?source=rss------bug_bounty-5Spectat0rguytechnology, bug-bounty-tips, programming, bug-bounty, cybersecurity14-Jan-2025
Improper Authentication in a famous Trading websitehttps://medium.com/@anonymousshetty2003/improper-authentication-in-a-famous-trading-website-0ffd27fb665e?source=rss------bug_bounty-5Anonymousshettybug-bounty, cybersecurity, ethical-hacking, improper-access-control, bug-bounty-tips14-Jan-2025
How to Use Wireshark: Comprehensive Tutorial + Tipshttps://mhmmuneef.medium.com/how-to-use-wireshark-comprehensive-tutorial-tips-24252ed2673d?source=rss------bug_bounty-5Mohammed Muneefbug-bounty, wireshark, cybersecurity, hacking, technology14-Jan-2025
Guía: instalación de VM + Kalihttps://medium.com/@mon.cybersec/gu%C3%ADa-instalaci%C3%B3n-de-vm-kali-fb7230a5263c?source=rss------bug_bounty-5Mon Workskali-linux, hacking, virtualbox, ciberseguridad, bug-bounty14-Jan-2025
The Definitive Guide to GitHub Recon: Lessons from Analyzing 100+ Reportshttps://medium.com/@iamakashce19010/the-definitive-guide-to-github-recon-lessons-from-analyzing-100-reports-bd5d4891a815?source=rss------bug_bounty-5Akashbug-bounty-tips, bug-bounty, bug-bounty-writeup14-Jan-2025
From Containers to Host: Privilege Escalation Techniques in Dockerhttps://medium.com/@kankojoseph4/from-containers-to-host-privilege-escalation-techniques-in-docker-487fe2124b8e?source=rss------bug_bounty-5Joseph "Sk4r1” KANKObug-bounty, cybersecurity, hacking, ethical-hacking, docker13-Jan-2025
Hire a hackerhttps://medium.com/@carl19722401/hire-a-hack-c54710808c3c?source=rss------bug_bounty-5Dimitris Nicholascybersecurity, hire-a-hacker, find-a-hacker, bug-bounty, ethical-hacking13-Jan-2025
Stored CSRF via Uploaded HTML File in User Account Document Sectionhttps://medium.com/@dee.gholase/stored-csrf-via-uploaded-html-file-in-user-account-document-section-dbe98e9184a3?source=rss------bug_bounty-5Digvijay Gholasebug-bounty-tips, bug-bounty, infosec, bug-bounty-writeup, cybersecurity13-Jan-2025
JavaScript Reconhttps://anontriager.medium.com/javascript-recon-efd981a85cfc?source=rss------bug_bounty-5Anonymous Traigerjobs, cybersecurity, hacker, programming, bug-bounty13-Jan-2025
Diving in Android Securityhttps://anontriager.medium.com/diving-in-android-security-a93f017b16f0?source=rss------bug_bounty-5Anonymous Traigerjobs, hacking, troubleshooting, cybersecurity, bug-bounty13-Jan-2025
Emerging Cyber Threats: The Latest Trends in Ransomware, Phishing, and APTshttps://medium.com/@paritoshblogs/emerging-cyber-threats-the-latest-trends-in-ransomware-phishing-and-apts-e3393f6410bc?source=rss------bug_bounty-5Paritoshcybersecurity, ransomware, threat-intelligence, hacking, bug-bounty13-Jan-2025
How I got my name on WHO’s Hall of Famehttps://infosecwriteups.com/how-i-got-my-name-on-whos-hall-of-fame-060d57662b16?source=rss------bug_bounty-5RivuDonbug-bounty, bug-bounty-tips, cybersecurity, hall-of-fame, infosec13-Jan-2025
Stored CSRF via Uploaded HTML File in User Account Document Sectionhttps://jxycybersec.medium.com/stored-csrf-via-uploaded-html-file-in-user-account-document-section-dbe98e9184a3?source=rss------bug_bounty-5Digvijay Gholasebug-bounty-tips, bug-bounty, infosec, bug-bounty-writeup, cybersecurity13-Jan-2025
Remember, the key is to stay motivated at every step.https://medium.com/@rhonnysharma783/linkedin-linkedin-com-in-rhonny-99f682300332?source=rss------bug_bounty-5Rhonnysharmabug-zero, bug-bounty, bug-bounty-tips, bugs, bug-bounty-writeup13-Jan-2025
Breaking into Jenkins for funhttps://medium.com/@24bkdoor/breaking-into-jenkins-for-fun-7070496521eb?source=rss------bug_bounty-524BkDoorcybersecurity, jenkins, hacking, web-development, bug-bounty13-Jan-2025
Crack the Code — Part 2https://it4chis3c.medium.com/crack-the-code-part-2-aeaa5055251e?source=rss------bug_bounty-5It4chis3cbug-bounty, roadmap-to-success, bug-bounty-writeup, bug-bounty-tips, roadmaps13-Jan-2025
MASS HUNTING TO FIND XSS(CROSS SITE SCRIPTING)https://medium.com/h7w/mass-hunting-to-find-xss-cross-site-scripting-fd8218822dca?source=rss------bug_bounty-5loyalonlytodaycross-site-scripting, xss-attack, hacking, bugs, bug-bounty13-Jan-2025
Does Your Company Need a Bug Bounty Program?https://medium.com/@hackrate/does-your-company-need-a-bug-bounty-program-22d8dc5c1e7f?source=rss------bug_bounty-5Levente Molnarethical-hacking, bug-bounty-tips, hacking, bug-bounty, cybersecurity13-Jan-2025
This is How I Turned an Informative Bug into a Valid $500 Bughttps://infosecwriteups.com/this-is-how-i-turned-an-informative-bug-into-a-valid-500-bug-174ffeb94737?source=rss------bug_bounty-5Shubham Bhamarefacebook-bug-bounty, bug-bounty-tips, cybersecurity, bug-bounty, infosec13-Jan-2025
Building Your Own Bug Bounty Lab: A Hands-On Guide with Metasploit and Morehttps://myselfakash20.medium.com/building-your-own-bug-bounty-lab-a-hands-on-guide-with-metasploit-and-more-9595a71fc4c6?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, bug-bounty, cybersecurity, technology, bug-bounty-writeup13-Jan-2025
Critical Vulnerability Discovered: CVE-2025–22567https://medium.com/@wiretor/critical-vulnerability-discovered-cve-2025-22567-b0e4d9d852c1?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, hacker, xss-attack, hacking13-Jan-2025
Top Hacking Tools and Skills You Need to Learn in 2025https://medium.com/@verylazytech/top-hacking-tools-and-skills-you-need-to-learn-in-2025-70cb90650c0f?source=rss------bug_bounty-5Very Lazy Techcybersecurity, hacking, bug-bounty, 2025, linux13-Jan-2025
I Changed Someone’s Profile Picture… And They Had No Idea!!https://infosecwriteups.com/i-changed-someones-profile-picture-and-they-had-no-idea-a1dc621d12c4?source=rss------bug_bounty-5Krishnadev P Melevilabug-bounty, cybersecurity, infosec, pentesting, burp13-Jan-2025
Bug Bounty Kültürü Neden Önemlidir?https://medium.com/@omermertkaya/bug-bounty-k%C3%BClt%C3%BCr%C3%BC-neden-%C3%B6nemlidir-cdb126ede8cb?source=rss------bug_bounty-5Ömer Mert KAYAsecurity-awareness, cybersecurity, bug-bounty, vulnerability-management, proactive-security13-Jan-2025
How to Make Nmap Recognize New Serviceshttps://mhmmuneef.medium.com/how-to-make-nmap-recognize-new-services-af44e6f9c20e?source=rss------bug_bounty-5Mohammed Muneefcybersecurity, technology, networking, bug-bounty13-Jan-2025
Building Your Own Bug Bounty Lab: A Hands-On Guide with Metasploit and Morehttps://infosecwriteups.com/building-your-own-bug-bounty-lab-a-hands-on-guide-with-metasploit-and-more-9595a71fc4c6?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, bug-bounty, cybersecurity, technology, bug-bounty-writeup13-Jan-2025
How To Bypass CSRF Defenses With XSShttps://medium.com/@dante.falls/how-to-bypass-csrf-defenses-with-xss-44a124b7646a?source=rss------bug_bounty-5Dante Fallsinformation-security, web-security, cybersecurity, bug-bounty13-Jan-2025
Get Your First Bug Bounty with Burp Suite’s Match and Replace Featurehttps://medium.com/@mahdisalhi0500/get-your-first-bug-bounty-with-burp-suites-match-and-replace-feature-7a32f81a3cb0?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, penetration-testing, cybersecurity, bug-bounty-tips, bug-bounty13-Jan-2025
Methodology for Detecting IDOR Vulnerabilityhttps://medium.com/@dogxxx10/methodology-for-detecting-idor-vulnerability-1590b14d45a9?source=rss------bug_bounty-5Dogx0xbug-bounty-writeup, web-hacking, bug-bounty-tips, hacking, bug-bounty13-Jan-2025
Bug Bounty vs VDP: Building Effective Security Programs with Hacker Collaborationhttps://medium.com/@dzianisskliar29/bug-bounty-vs-vdp-building-effective-security-programs-with-hacker-collaboration-0a7db1b3f2df?source=rss------bug_bounty-5Dzianis Skliarhackerone, bugcrowd, intigriti, bug-bounty, attack-surface-management13-Jan-2025
Security Session #1https://medium.com/@mon.cybersec/security-session-1-9457a0f5bd27?source=rss------bug_bounty-5Mon Worksbug-bounty, pentesting, ciberseguridad, cybersecurity, hacking13-Jan-2025
The Ultimate IDOR Testing Checklisthttps://medium.com/@muhammetalgan3547/the-ultimate-idor-testing-checklist-ba4a7c094def?source=rss------bug_bounty-5Muhammet ALGANcybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty12-Jan-2025
How i Hacked into NASA & got Hall-Of-Fame, Acknowledgement -2025https://medium.com/@securityinsights/how-i-hacked-into-nasa-got-hall-of-fame-acknowledgement-2025-d22815f09e29?source=rss------bug_bounty-5Mehboob Khanhacking, cybersecurity, nasa, ethical-hacking, bug-bounty12-Jan-2025
How to find my first bounty $$$$$https://systemweakness.com/how-to-find-my-first-bounty-68ba0022dcf0?source=rss------bug_bounty-5Mr Horbiopentesting, cybersecurity, hacking, ethical-hacking, bug-bounty12-Jan-2025
How I Found This Crazy PII Data Leak Worth 500$https://medium.com/@sc128496/how-i-found-this-crazy-pii-data-leak-worth-500-e39d6dd19133?source=rss------bug_bounty-5Sahil Choudharyoutside-the-box, think-different, cybersecurity, reconnaissance, bug-bounty12-Jan-2025
The Road to CRTP Cert — Part 14https://medium.com/@dineshkumaar478/the-road-to-crtp-cert-part-14-b7f9cb8bd87f?source=rss------bug_bounty-5Dineshkumaar Rinfosec, vapt, penetration-testing, red-team, bug-bounty12-Jan-2025
Server-Side Vulnerabilities | #5 File Upload Vulnerabilitieshttps://medium.com/@agapehearts/server-side-vulnerabilities-5-file-upload-vulnerabilities-7f5f68688cc7?source=rss------bug_bounty-5Agape HearTsvulnerability, bug-bounty, ethical-hacking, portswigger, bugs12-Jan-2025
10 Best Bug Bounty Platforms to Earn Money Onlinehttps://hackreveals.medium.com/10-best-bug-bounty-platforms-to-earn-money-online-e5b83767ac20?source=rss------bug_bounty-5Prakash Tiwaribug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-program, osint12-Jan-2025
How I Got Access to Over 60,000 Traders’ Datahttps://0xglss.medium.com/how-i-got-access-to-over-60-000-traders-data-b6043b2363c3?source=rss------bug_bounty-50xglssadmin-panel, account-takeover, xss-attack, bug-bounty, penetration-testing12-Jan-2025
hunting #2https://medium.com/@dark_zone/hunting-2-f06b275adf5c?source=rss------bug_bounty-5darkzonebug-bounty12-Jan-2025
Day 3. The 100-Day Bug Bounty Challenge: Understanding DOM-Based XSS (Cross-Site Scripting)https://mahhesshh.medium.com/day-2-the-100-day-bug-bounty-challenge-understanding-dom-based-xss-cross-site-scripting-96b2bf92a7f0?source=rss------bug_bounty-5Mahesh Dhakadxss-attack, cybersecurity, dom-xss, bug-bounty, cross-site-scripting12-Jan-2025
nform“SOCMINT: The Digital Crystal Ball of Cybersecurity and Beyond”https://medium.com/@paritoshblogs/nform-socmint-the-digital-crystal-ball-of-cybersecurity-and-beyond-1dfddad6193b?source=rss------bug_bounty-5Paritoshhacking, socmint, information-technology, bug-bounty, cybersecurity12-Jan-2025
How To Get free burpsuite professionalhttps://cybersecuritywriteups.com/how-to-get-free-burpsuite-professional-f124ebaf529d?source=rss------bug_bounty-5loyalonlytodaybug-bounty, hacking, burpsuite, penetration-testing, cybersecurity12-Jan-2025
Unmasking a Captcha Bypass Vulnerability: Step-by-Step Walkthroughhttps://medium.com/@vishalsharma445500/unmasking-a-captcha-bypass-vulnerability-step-by-step-walkthrough-6131519a3788?source=rss------bug_bounty-5Vishal Sharmacybersecurity, ethical-hacking, vulnerability, penetration-testing, bug-bounty12-Jan-2025
IDOR & UUIDs to leak PIIhttps://medium.com/@CANITEY/idor-uuids-to-leak-pii-7675130ab784?source=rss------bug_bounty-5CANITEYidor, cybersecurity, bug-bounty-tips, bug-bounty-writeup, bug-bounty12-Jan-2025
How Improper cache storage lead to Make me $$$https://medium.com/@test123cybertest/how-improper-cache-storage-lead-to-make-me-4de4c003b376?source=rss------bug_bounty-5praveenarsh0xx0bug-bounty, tips-and-tricks, cybersecurity, ethical-hacking, penetration-testing12-Jan-2025
Logic Bugs in Payment Gatewayhttps://bitpanic.medium.com/logic-bugs-in-payment-gateway-25d5d48068c4?source=rss------bug_bounty-5Spectat0rguytechnology, cybersecurity, bug-bounty-tips, programming, bug-bounty12-Jan-2025
A Simple Bug to Get Started in Bug Bountyhttps://medium.com/infosecmatrix/a-simple-bug-to-get-started-in-bug-bounty-599121c1b997?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, hacking, bugs, pentesting12-Jan-2025
How i found Broken Access Controlhttps://medium.com/@gitlime71/how-i-found-broken-access-control-c3377d3df60e?source=rss------bug_bounty-5Raccoonbug-bounty, pentesting, bug-bounty-tips, bug-bounty-writeup, penetration-testing12-Jan-2025
The State of Web3 Security in 2024https://medium.com/coinmonks/the-state-of-web3-security-in-2024-f3713fbe9e04?source=rss------bug_bounty-5Raidersbug-bounty, web3, blockchain, hacking, security12-Jan-2025
The Art of Note-Taking in Bug Bounty Huntinghttps://medium.com/@mahdisalhi0500/the-art-of-note-taking-in-bug-bounty-hunting-9b28876316e3?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, information-security, penetration-testing, bug-bounty, bug-bounty-tips12-Jan-2025
Portswigger Web Security Academy : File path traversal, simple case walkthroughhttps://medium.com/@Kinqdathacker/portswigger-web-security-academy-file-path-traversal-simple-case-walkthrough-d04418d04b76?source=rss------bug_bounty-5Kinqdathackerpath-traversal, web-security, hacking, web-app-security, bug-bounty12-Jan-2025
Server-side vulnerabilities | #4 Server-Side Request Forgeryhttps://medium.com/@agapehearts/server-side-vulnerabilities-4-server-side-request-forgery-71b7c525eadc?source=rss------bug_bounty-5Agape HearTsservers, bug-bounty, ethical-hacking, cybersecurity, bugs11-Jan-2025
Crawling for Emails In Websites  — OSINT Methodologyhttps://osintteam.blog/crawling-for-emails-in-websites-osint-methodology-602e2b274c6e?source=rss------bug_bounty-5Jason Jacobs, MSc.osint, bug-bounty, cybersecurity11-Jan-2025
LFI Bug can help you make $500 and more.(Noob-Advance)https://medium.com/@anandrishav2228/lfi-bug-can-help-you-make-500-and-more-noob-advance-be001cb2d152?source=rss------bug_bounty-5Rishav anandcybersecurity, money, bug-bounty, hacking, lfi11-Jan-2025
How to Hack Single Page Applications (SPAs): Modern Techniqueshttps://medium.com/@bootstrapsecurity/how-to-hack-single-page-applications-spas-modern-techniques-4f69c020b0ff?source=rss------bug_bounty-5BootstrapSecuritybug-bounty-tips, hacking, bug-bounty, api, ethical-hacking11-Jan-2025
Understanding Large Language Models (LLMs): The Power of AI in Text Generationhttps://medium.com/@paritoshblogs/understanding-large-language-models-llms-the-power-of-ai-in-text-generation-dce8c1ddeb7b?source=rss------bug_bounty-5Paritoshchatgpt, llm, ai, hacking, bug-bounty11-Jan-2025
From Innocent Messages to Total Takeover: How I Hacked a Professional Network!https://medium.com/@lordofheaven1234/from-innocent-messages-to-total-takeover-how-i-hacked-a-professional-network-2033537d5d6a?source=rss------bug_bounty-5Lord Heavenblind-xss, bug-bounty, hacking, account-takeover11-Jan-2025
GOT 700$ BOUNTY BY Store XSS VULNERABILITYhttps://medium.com/@hrofficial62/got-700-bounty-by-store-xss-vulnerability-bc48f2e31e46?source=rss------bug_bounty-5Mr Horbiobug-bounty-tips, ethical-hacking, cybersecurity, bug-bounty, xss-attack11-Jan-2025
Microsoft ADFS Reconhttps://medium.com/meetcyber/microsoft-adfs-recon-e56fcace8551?source=rss------bug_bounty-5AbhirupKonwarcybersecurity, infosec, bug-bounty, penetration-testing, bug-bounty-tips11-Jan-2025
Breaking Vercel’s Clone URL with a Simple XSS Exploithttps://medium.com/@n45ht/breaking-vercels-clone-url-with-a-simple-xss-exploit-8f55b21f32eb?source=rss------bug_bounty-5N45HTbug-bounty, hacking, bug-bounty-writeup, cross-site-scripting, xs11-Jan-2025
Telefónica Confirms Internal Ticketing System Breach After Data Leakhttps://medium.com/@wiretor/telef%C3%B3nica-confirms-internal-ticketing-system-breach-after-data-leak-6067f759f65d?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, money, malware, bug-bounty, ai11-Jan-2025
The Subdomain They Forgot — How I Chained Bugs for a $1,000 Bountyhttps://myselfakash20.medium.com/the-subdomain-they-forgot-how-i-chained-bugs-for-a-1-000-bounty-094d89758489?source=rss------bug_bounty-5Akash Ghoshbug-bounty, cybersecurity, bug-bounty-tips, technology, bug-bounty-writeup11-Jan-2025
Secure Code Review Assessment for Javascript (Full Stack NextJS)https://medium.com/@0xNayelx/secure-code-review-assessment-for-javascript-full-stack-nextjs-59651da6fb24?source=rss------bug_bounty-50xNayelsource-code, ctf-writeup, pentesting, bug-bounty, offensive-security11-Jan-2025
Exposing the Weak Points: Vulnerabilities in REST APIshttps://bitpanic.medium.com/exposing-the-weak-points-vulnerabilities-in-rest-apis-8e4acb4861b0?source=rss------bug_bounty-5Spectat0rguyprogramming, bug-bounty-tips, cybersecurity, technology, bug-bounty11-Jan-2025
Crack the Code: Your Bug Bounty Hunting Journey Starts Herehttps://it4chis3c.medium.com/crack-the-code-your-bug-bounty-hunting-journey-starts-here-e61701f8cb36?source=rss------bug_bounty-5It4chis3cbug-bounty-tips, bug-bounty-writeup, bug-bounty, tryhackme, hackthebox11-Jan-2025
Critical IDOR Vulnerability: Unauthorized Users Can Modify Company’s PayPal Emailhttps://medium.com/@mahdisalhi0500/critical-idor-vulnerability-unauthorized-users-can-modify-companys-paypal-email-92bf24ae19df?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, bug-bounty, bug-bounty-tips, ethical-hacking, pentesting11-Jan-2025
EXIF Metadata-Based XSS Attacks: A Web Security Researchhttps://medium.com/@enesonder001/exif-metadata-based-xss-attacks-a-web-security-research-e88c7ea7b69b?source=rss------bug_bounty-5enes önderbugs, bug-bounty-tips, xss-attack, xss-vulnerability, bug-bounty11-Jan-2025
GOT 700$ BOUNTY BY Store XSS VULNERABILITYhttps://systemweakness.com/got-700-bounty-by-store-xss-vulnerability-bc48f2e31e46?source=rss------bug_bounty-5Mr Horbiobug-bounty-tips, ethical-hacking, cybersecurity, bug-bounty, xss-attack11-Jan-2025
Day 08: My Bug Bounty Challenge … 0–100k without knowledge in one year!https://medium.com/@dogxxx10/day-08-my-bug-bounty-challenge-0-100k-without-knowledge-in-one-year-70422a5cd7eb?source=rss------bug_bounty-5Dogx0xhacking, bug-bounty-writeup, bug-bounty, bug-bounty-tips, hacking-training10-Jan-2025
Finding a easy p3https://medium.com/h7w/finding-a-easy-p3-a16186613391?source=rss------bug_bounty-5loyalonlytodaybug-bounty, ethical-hacking, cybersecurity, hacking, penetration-testing10-Jan-2025
30+ Standard Linux Commands for Beginner or Intermediate Usershttps://medium.com/@BetterBy0x01/30-standard-linux-commands-for-beginner-or-intermediate-users-eacae976d92c?source=rss------bug_bounty-5Ashutosh Singh Patelcommand-line, linux, hacking, bug-bounty, security10-Jan-2025
Server-side vulnerabilities | #3 AUTHENTICATIONhttps://medium.com/@agapehearts/server-side-vulnerabilities-3-authentication-ff80ac2efdb4?source=rss------bug_bounty-5Agape HearTsbugs, bug-bounty, ethical-hacking, authentication, web-applications10-Jan-2025
The Road to CRTP Cert — Part 13https://medium.com/@dineshkumaar478/the-road-to-crtp-cert-part-13-8d14193f660f?source=rss------bug_bounty-5Dineshkumaar Ractive-directory, hacking, cybersecurity, security, bug-bounty10-Jan-2025
Mastering HTTP Request Smuggling: Bypassing Firewalls and Filtershttps://medium.com/@bootstrapsecurity/mastering-http-request-smuggling-bypassing-firewalls-and-filters-a3d69bcbe4d9?source=rss------bug_bounty-5BootstrapSecurityhacking, ethical-hacking, bug-bounty-tips, api, bug-bounty10-Jan-2025
How I got CERT-EU Hall of Famehttps://cybersecuritywriteups.com/how-i-got-cert-eu-hall-of-fame-e65b3e72510b?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, bug-bounty, pentesting, bug-bounty-writeup, cybersecurity10-Jan-2025
PoC — Vulnérabilité Cache Varnish PURGE DDoS by @GupS3Chttps://medium.com/@GupS3C/poc-vuln%C3%A9rabilit%C3%A9-cache-varnish-purge-ddos-by-gups3c-9ce181fe7fca?source=rss------bug_bounty-5GupS3Cbug-bounty, bug-bounty-writeup, varnish-cache, bug-hunt, pentesting10-Jan-2025
Web Application Pentesting Roadmaphttps://medium.com/@codingbolt.in/web-application-pentesting-roadmap-4013e89b963b?source=rss------bug_bounty-5codingboltpentesting, web-pen-testing, bug-bounty, penetration-testing, bug-hunting10-Jan-2025
Finding Hidden Subdomains with OSINT Toolshttps://infosecwriteups.com/finding-hidden-subdomains-with-osint-tools-ad7e411587ee?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, technology, cybersecurity, careers10-Jan-2025
From Directory Traversal to Full Account Takeover: A Researcher’s Journeyhttps://medium.com/@sulmanfarooq531/from-directory-traversal-to-full-account-takeover-a-researchers-journey-150044cbf109?source=rss------bug_bounty-5Sulman Farooq Sdirectory-traversal, cybersecurity, path-traversal, bug-bounty, account-takeover10-Jan-2025
Missing Rate Limit on Several Endpoints $1300https://ehteshamulhaq198.medium.com/missing-rate-limit-on-several-endpoints-1300-60f37e16be6b?source=rss------bug_bounty-5Ehtesham Ul Haqtechnology, hacking, infosec, cybersecurity, bug-bounty10-Jan-2025
My Worst Informative Report //false positive Bughttps://medium.com/@0xoroot/my-worst-informative-report-false-positive-bug-6117039012cb?source=rss------bug_bounty-50xorootbug-bounty-tips, programming, hacking, bug-bounty, bounty-program10-Jan-2025
how i found the “Insufficient Authorization in Password Change Endpoint” vulnerability ?https://doordiefordream.medium.com/how-i-found-the-insufficient-authorization-in-password-change-endpoint-vulnerability-1f0e943daeea?source=rss------bug_bounty-5Bug hunter baluhacking, bug-bounty, cybersecurity, ethical-hacking, vulnerability10-Jan-2025
MirrorFace Hackers Targeting Japanese Government & Politicians Since 2019https://medium.com/@wiretor/mirrorface-hackers-targeting-japanese-government-politicians-since-2019-080121705345?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, ai, malware, hacking, bug-bounty10-Jan-2025
Data Breach Alert: BayMark Health Services Targeted by Ransomware Attackhttps://medium.com/@wiretor/data-breach-alert-baymark-health-services-targeted-by-ransomware-attack-5c4cf81d8e79?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, hacking, money, ai10-Jan-2025
How to Identify Overlooked Bugs in Android Applications: A Bug Bounty Hunter’s Guidehttps://bitpanic.medium.com/how-to-identify-overlooked-bugs-in-android-applications-a-bug-bounty-hunters-guide-5c194ed283a4?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, bug-bounty, technology, programming, cybersecurity10-Jan-2025
A New Bug Hunting Story: Open Redirection Vulnerabilityhttps://medium.com/meetcyber/a-new-bug-hunting-story-open-redirection-vulnerability-33a1b6374f88?source=rss------bug_bounty-5Erkan Kavasbug-bounty, open-redirection, bug-bounty-writeup, bug-bounty-tips, cybersecurity10-Jan-2025
Behind the Scenes: How I Discovered Flaws in a Rewards and Recognition Portalhttps://medium.com/@niraj1mahajan/behind-the-scenes-how-i-discovered-flaws-in-a-rewards-and-recognition-portal-27948a75c4d4?source=rss------bug_bounty-5Niraj Mahajanbug-bounty, idor, broken-access-control, hacking, cybersecurity10-Jan-2025
Race Condition to Bypass Rate-Limiting: A new technique made by Nillsxhttps://infosecwriteups.com/race-condition-to-bypass-rate-limiting-a-new-technique-made-by-nillsx-6a60f41dbae6?source=rss------bug_bounty-5Nillsxbug-bounty, ethical-hacking, race-condition, bug-bounty-writeup, rate-limit10-Jan-2025
Revisiting a Simple SQL Injection Methodologyhttps://infosecwriteups.com/revisiting-a-simple-sql-injection-methodology-ecd42634a21e?source=rss------bug_bounty-5Jason Jacobs, MSc.bug-bounty, ethical-hacking, cybersecurity, penetration-testing10-Jan-2025
Day 09: My Bug Bounty Challenge … 0–100k without knowledge in one year!https://medium.com/@dogxxx10/day-09-my-bug-bounty-challenge-0-100k-without-knowledge-in-one-year-220c7c6bb0cf?source=rss------bug_bounty-5Dogx0xhacking, hackthebox, bug-bounty-writeup, bug-bounty-tips, bug-bounty10-Jan-2025
Telegram Leaks PII, doesn’t care.https://medium.com/@hacktheplanet/telegram-leaks-pii-doesnt-care-c75465be1cc2?source=rss------bug_bounty-5sirhaxalothacking, telegram, bug-bounty, security09-Jan-2025
Discovering Hidden Subdomains: Tools, Techniqueshttps://medium.com/@bootstrapsecurity/discovering-hidden-subdomains-tools-techniques-7c874c4f5966?source=rss------bug_bounty-5BootstrapSecurityhacking, api, bug-bounty, ethical-hacking, bug-bounty-tips09-Jan-2025
The following content is purely fictional written with the intent to motivate the reader.https://medium.com/@personaldevelop100/the-following-content-is-purely-fictional-written-with-the-intent-to-motivate-the-reader-6b23c19d70d8?source=rss------bug_bounty-5Personal_huntbug-bounty, motivation, bug-hunting09-Jan-2025
Finding subdomains using goole dorking.https://medium.com/infosecmatrix/finding-subdomains-using-goole-dorking-4d6966e70637?source=rss------bug_bounty-5loyalonlytodaydorking, penetration-testing, bug-bounty, hacking, cybersecurity09-Jan-2025
Hack. Earn. Secure the Future: Bug Bounties in 2025https://sagarjethi.medium.com/hack-earn-secure-the-future-bug-bounties-in-2025-0e2d05fcb364?source=rss------bug_bounty-5Sagar Jethihackathons, earn, bug-bounty, smart-contract-auditing, blockchain-developer09-Jan-2025
NTLM Authentication Disclosure Vulnerability Reporthttps://medium.com/@dasmanish6176/ntlm-authentication-disclosure-vulnerability-report-b47029c2e491?source=rss------bug_bounty-5Dasmanishvapt, web-app-security, active-directory, ethical-hacking, bug-bounty09-Jan-2025
How I get 7 open redirect and 7 XSS in public program!https://medium.com/@mohamed.yasser442200/how-i-get-7-open-redirect-and-7-xss-in-public-program-7518a3f26b49?source=rss------bug_bounty-5Spider4bug-bounty, security, bug-bounty-tips, xss-attack, bug-bounty-writeup09-Jan-2025
From Exploit to Payday-Chaining Stored XSS in PDF Upload to Full AccountTakeover via Email change…https://medium.com/@meljith6355484/from-exploit-to-payday-chaining-stored-xss-in-pdf-upload-to-full-accounttakeover-via-email-change-d36e855e0575?source=rss------bug_bounty-5Meljith Pereirahacking, ethical-hacking, xss-attack, bugcrowd, bug-bounty09-Jan-2025
Unlock the Ultimate Resource Hub for Security Researchershttps://infosecwriteups.com/unlock-the-ultimate-resource-hub-for-security-researchers-9fa52bbff1ff?source=rss------bug_bounty-5JEETPALbug-bounty-hunter, bug-bounty, bugbounty-writeup, cybersecurity, bugbounty-tips09-Jan-2025
Exposing Sensitive Data: A Wake-Up Call for Nokia's Securityhttps://medium.com/@gourisankara357/exposing-sensitive-data-a-wake-up-call-for-nokias-security-c5ba75fddd22?source=rss------bug_bounty-5Gouri Sankar Ainfo-sec-writeups, bug-bounty, infosec-write-ups, cybersecurity, bugs09-Jan-2025
Biggest Misconceptions About Bug Bounty Programs (From a Company Perspective)https://medium.com/@hackrate/biggest-misconceptions-about-bug-bounty-programs-from-a-company-perspective-42481997d40d?source=rss------bug_bounty-5Levente Molnarcybersecurity, bug-bounty-tips, bug-bounty, hacking, ethical-hacking09-Jan-2025
Critical [9.8] SQL Injection in a Major Indonesian Web Hosting Platformhttps://medium.com/@n45ht/critical-9-8-sql-injection-in-a-major-indonesian-web-hosting-platform-8bda5d2913d3?source=rss------bug_bounty-5N45HTbug-bounty-writeup, bug-bounty, vulnerability, sql-injection, hacking09-Jan-2025
Hacking made easy with XSSIFYhttps://aravind07.medium.com/hacking-made-easy-with-xssify-9637890cd33b?source=rss------bug_bounty-5Gnana Aravind Khacking, security, xss-attack, cybersecurity, bug-bounty09-Jan-2025
Stay Ahead of Cyber Threats, Top Websites for Real-Time Updates and Insightshttps://medium.com/@b.mythili123/stay-ahead-of-cyber-threats-top-websites-for-real-time-updates-and-insights-57a1b384cdfa?source=rss------bug_bounty-5Hello Lovehackthebox, tryhackme, cybersecurity, bug-bounty, hacking09-Jan-2025
Top 10 Overlooked Business Logic Flaws in Web Applicationshttps://bitpanic.medium.com/top-10-overlooked-business-logic-flaws-in-web-applications-6745d42f3786?source=rss------bug_bounty-5Spectat0rguybug-bounty, technology, cybersecurity, bug-bounty-tips, programming09-Jan-2025
From N/A to $$$: A Simple Python Script Led to Application-Level DoShttps://hashimamin.medium.com/from-n-a-to-a-simple-python-script-led-to-application-level-dos-83a65f75b7dc?source=rss------bug_bounty-5Hashim Aminbug-bounty, privilege-escalation, infosec, cybersecurity, pentesting09-Jan-2025
Urgent: Patch SonicWall SSLVPN Vulnerability Nowhttps://medium.com/@wiretor/urgent-patch-sonicwall-sslvpn-vulnerability-now-385713cdfa2f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, hacking, money, sonicwall09-Jan-2025
The Great FAQ Collection About Bug Bountyhttps://medium.com/@hackrate/the-great-faq-collection-about-bug-bounty-87421d970ddd?source=rss------bug_bounty-5Levente Molnarhacking, bug-bounty-tips, bug-bounty, cybersecurity, ethical-hacking09-Jan-2025
What Is Cross Site Scripting (XSS)?https://medium.com/@dante.falls/what-is-cross-site-scripting-xss-d74b19920d8e?source=rss------bug_bounty-5Dante Fallsinformation-security, bug-bounty, web-security, cybersecurity, xss-attack09-Jan-2025
How I Discovered a Delete CSRF Vulnerabilityhttps://medium.com/@Ursula-/how-i-discovered-a-delete-csrf-vulnerability-a46d4bc2e700?source=rss------bug_bounty-5Fatma Mustafabug-hunting, bug-bounty, bug-bounty-writeup09-Jan-2025
Threat Hunting with MITRE ATT&CK: A Proactive Approach to Cyber Defencehttps://medium.com/@paritoshblogs/threat-hunting-with-mitre-att-ck-a-proactive-approach-to-cyber-defence-a84945f61bda?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, cybersecurity, mitre-attck, threat-hunting08-Jan-2025
A Beginner’s Guide to Pentesting GraphQL APIshttps://medium.com/@suprajabaskaran8/a-beginners-guide-to-pentesting-graphql-apis-395fa1878f6a?source=rss------bug_bounty-5Suprajabaskarangraphql, cybersecurity, bug-bounty, bugbounty-writeup, hacking08-Jan-2025
First bounty — Second Order Stored XSS on club.paris2024.orghttps://medium.com/@swaroopvenkat828/first-bounty-second-order-stored-xss-on-club-paris2024-org-9a3ad7fe7c7f?source=rss------bug_bounty-5swaroop 04|16bug-bounty-tips, bug-bounty, bug-bounty-writeup08-Jan-2025
Weird JavaScript fileshttps://medium.com/@dsmodi484/weird-javascript-files-7e6e7296e914?source=rss------bug_bounty-5cryptoshanthacking, cybersecurity, javascript, bug-bounty, tips08-Jan-2025
File Upload Vulnerabilities: Techniques and Payloadshttps://medium.com/@bootstrapsecurity/file-upload-vulnerabilities-techniques-and-payloads-b0bdf97eb298?source=rss------bug_bounty-5BootstrapSecurityhacking, ethical-hacking, bug-bounty-tips, bug-bounty, api08-Jan-2025
ChatGPT for Bug Bounty Hunters: Custom Payloads, Automated Scripts, and Morehttps://medium.com/@kumawatabhijeet2002/chatgpt-for-bug-bounty-hunters-custom-payloads-automated-scripts-and-more-8a15690c3fa5?source=rss------bug_bounty-5Abhijeet kumawatinfosec, chatgpt, hacking, bug-bounty, bug-bounty-tips08-Jan-2025
A Beginner’s Guide to Pentesting GraphQL APIshttps://infosecwriteups.com/a-beginners-guide-to-pentesting-graphql-apis-395fa1878f6a?source=rss------bug_bounty-5Suprajabaskarangraphql, cybersecurity, bug-bounty, bugbounty-writeup, hacking08-Jan-2025
POC — WordPress File Upload plugin, in the wfu_file_downloader.phphttps://medium.com/@verylazytech/poc-wordpress-file-upload-plugin-in-the-wfu-file-downloader-php-57a173ab9e90?source=rss------bug_bounty-5Very Lazy Techwordpress-plugins, cve-2024-9047, cybersecurity, bug-bounty, hacking08-Jan-2025
Day 0. The 100-Day Bug Bounty Challenge: Sharing 100 Vulnerabilities in 100 Dayshttps://medium.com/@mahhesshh/day-0-the-100-day-bug-bounty-challenge-sharing-100-vulnerabilities-in-100-days-17308f82d741?source=rss------bug_bounty-5Mahesh Dhakadcybersecurity, bug-bounty, hacking, vulnerability, 100daychallenge08-Jan-2025
How a YouTube Video Led Me to $650: My Host Header Injection Adventurehttps://medium.com/@trffnsec/how-a-youtube-video-led-me-to-650-my-host-header-injection-adventure-696fd82b2886?source=rss------bug_bounty-5TrffnSecethical-hacking, cybersecurity, bug-bounty, website-testing08-Jan-2025
The Rate Limit bypass which almost killed my brainhttps://siratsami71.medium.com/this-rate-limit-bypass-which-almost-killed-my-brain-1905749a5f4d?source=rss------bug_bounty-5Sirat Sami (analyz3r)brute-force, hackerone, bug-bounty08-Jan-2025
Automate-XSS Five-In-One Toolhttps://medium.com/@saket590/automate-xss-five-in-one-tool-95a947545b2c?source=rss------bug_bounty-5Dr. Saket Acharyabug-bounty, hacking, xss-vulnerability, xss-attack, xss-bypass08-Jan-2025
Day 0. The 100-Day Bug Bounty Challenge: Sharing 100 Vulnerabilities in 100 Dayshttps://mahhesshh.medium.com/day-0-the-100-day-bug-bounty-challenge-sharing-100-vulnerabilities-in-100-days-17308f82d741?source=rss------bug_bounty-5Mahesh Dhakadcybersecurity, bug-bounty, hacking, vulnerability, 100daychallenge08-Jan-2025
Weird JavaScript fileshttps://infosecwriteups.com/weird-javascript-files-7e6e7296e914?source=rss------bug_bounty-5cryptoshanthacking, cybersecurity, javascript, bug-bounty, tips08-Jan-2025
Leaky Response, Easy Takeover!https://medium.com/@tanyago/leaky-response-easy-takeover-25367c18f0dc?source=rss------bug_bounty-5Tanya Goyalbug-bounty, bug-bounty-tips, bug-bounty-writeup08-Jan-2025
Why Companies Should Adopt a Bug Bounty Programhttps://medium.com/@hackrate/why-companies-should-adopt-a-bug-bounty-program-cd4e1a492989?source=rss------bug_bounty-5Levente Molnarbug-bounty, hacking, cybersecurity, ethical-hacking, bug-bounty-tips08-Jan-2025
How I Ethically Hacked the Indian Army for the Second Timehttps://cybersecuritywriteups.com/how-i-ethically-hacked-the-indian-army-for-the-second-time-edf6ec4495f8?source=rss------bug_bounty-5Guru Prasad Pattanaik || TH3N00BH4CK3Rcybersecurity, bug-bounty-writeup, ethical-hacking, bug-bounty-tips, bug-bounty08-Jan-2025
Blind OS Command Injection with Output Redirectionhttps://osintteam.blog/blind-os-command-injection-with-output-redirection-1d08c3793ff1?source=rss------bug_bounty-5The Cybersec Cafécybersecurity, bug-bounty, penetration-testing, bug-bounty-tips, information-security08-Jan-2025
No Session Expiry after log-out, attacker can reuse the old cookieshttps://mknayek101.medium.com/no-session-expiry-after-log-out-attacker-can-reuse-the-old-cookies-b90a4a45032d?source=rss------bug_bounty-5MkNayekpenetration-testing, cybersecurity, bug-bounty-tips, bug-bounty, pentesting08-Jan-2025
Disclosure of any bpost.be username via emailhttps://mknayek101.medium.com/disclosure-of-any-bpost-be-username-via-email-afde00aff7d9?source=rss------bug_bounty-5MkNayekpenetration-testing, pentesting, bug-bounty-tips, bug-bounty, cybersecurity08-Jan-2025
User information disclosed via API endpointhttps://mknayek101.medium.com/user-information-disclosed-via-api-endpoint-80a1b82e3f3a?source=rss------bug_bounty-5MkNayekpenetration-testing, web-hacking, pentesting, bug-bounty-tips, bug-bounty08-Jan-2025
AI Security Insights from HackerOne’s 8th Annual Security Reporthttps://medium.com/ai-security-hub/ai-security-insights-from-hackerones-8th-annual-security-report-f775473c1226?source=rss------bug_bounty-5Tal Eliyahuhackerone, bug-bounty, hacking, cybersecurity, artificial-intelligence08-Jan-2025
PowerSchool Hacked: 18K Customers and 60M Students’ Privacy Compromisedhttps://medium.com/@wiretor/powerschool-hacked-18k-customers-and-60m-students-privacy-compromised-e418e3ed8ccc?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, ai, malware, powerschool, bug-bounty08-Jan-2025
UN Aviation Agency Hit by Cyberattack: 42K Recruitment Records Stolenhttps://medium.com/@wiretor/un-aviation-agency-hit-by-cyberattack-42k-recruitment-records-stolen-6a51c8817d7f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, bug-bounty, un, ai, malware08-Jan-2025
Green Bay Packers Pro Shop Breach: Over 8,500 Credit Cards Stolen!https://medium.com/@wiretor/green-bay-packers-pro-shop-breach-over-8-500-credit-cards-stolen-e99ea97bf154?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, green-bay, ai, malware, bug-bounty08-Jan-2025
CISA Alerts: Critical Oracle WebLogic & Mitel Vulnerabilities Exploited!https://medium.com/@wiretor/cisa-alerts-critical-oracle-weblogic-mitel-vulnerabilities-exploited-136f227dcfb0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, programming, malware, business, bug-bounty08-Jan-2025
Breaking Barriers: Understanding and Mastering WAF Bypass Techniqueshttps://bitpanic.medium.com/breaking-barriers-understanding-and-mastering-waf-bypass-techniques-2277150d2574?source=rss------bug_bounty-5Spectat0rguycybersecurity, bug-bounty, technology, programming, bug-bounty-tips08-Jan-2025
Day 07: My Bug Bounty Challenge … 0–100k without knowledge in one year!https://medium.com/@dogxxx10/day-07-my-bug-bounty-challenge-0-100k-without-knowledge-in-one-year-cc5eff18ae10?source=rss------bug_bounty-5Dogx0xbug-bounty-writeup, bug-bounty, web-hacking, hacking, bug-bounty-tips08-Jan-2025
Detect Open Redirect Vulnerabilities with RedirXploithttps://angixblack.medium.com/detect-open-redirect-vulnerabilities-with-redirxploit-946ac287846f?source=rss------bug_bounty-5Angix blackbugs, open-redirect, tools, bug-bounty, bug-bounty-tips07-Jan-2025
How i found ssti injection (Server-side template injection)on yeswehack platform in public programhttps://medium.com/@ravindrajatav0709/how-i-found-ssti-injection-server-side-template-injection-on-yeswehack-platform-in-public-program-bfde6a89f477?source=rss------bug_bounty-5Ravindrajatavbug-bounty, bugbounty-writeup, bug-bounty-tips, bugs, cybersecurity07-Jan-2025
Getting Started with Bug Bounty Hunting in 2025: A Real World Guidehttps://medium.com/@hackbynight/getting-started-with-bug-bounty-hunting-in-2025-a-real-world-guide-051a3fb36376?source=rss------bug_bounty-5hackbynightbug-bounty-tips, bug-bounty, cybersecurity, information-security, hacking07-Jan-2025
Server-Side Template Injection (SSTI): Advanced Exploitation Techniqueshttps://medium.com/@bootstrapsecurity/server-side-template-injection-ssti-advanced-exploitation-techniques-2d8ccdf6270f?source=rss------bug_bounty-5BootstrapSecurityethical-hacking, bug-bounty-tips, bug-bounty, api, hacking07-Jan-2025
Finding more subdomainshttps://medium.com/@loyalonlytoday/finding-more-subdomains-8b1abb32f3e5?source=rss------bug_bounty-5loyalonlytodayreconnaissance, hacking, bug-bounty-tips, cybersecurity, bug-bounty07-Jan-2025
Burp Suite + Form Deletion = Admin Storage Nightmarehttps://infosecwriteups.com/burp-suite-form-deletion-admin-storage-nightmare-240618a8c983?source=rss------bug_bounty-5callgh0sthumanity, hacking, gaza, genocide, bug-bounty07-Jan-2025
Web Application Penetration Testing Checklisthttps://saconychukwu.medium.com/web-application-penetration-testing-checklist-3da7d3be8f1a?source=rss------bug_bounty-5Sacony Chukwubug-bounty-tips, hacking, bug-bounty, bug-bounty-writeup, cybersecurity07-Jan-2025
Automated Penetration Testing: A Guide to Domain Collectionhttps://medium.com/@security.tecno/automated-penetration-testing-a-guide-to-domain-collection-a79df50d74a0?source=rss------bug_bounty-5TECNO Securityweb, hacking, bug-bounty, security07-Jan-2025
Hack The Box UpDown[Retired][Linux]https://medium.com/@vignesh6872610/hack-the-box-updown-retired-linux-5e0a9f6ec84e?source=rss------bug_bounty-5Vignesh Phtb-writeup, hackthebox-walkthrough, retiredmachine, bug-bounty, linux07-Jan-2025
P4 Bugs and POC | Part-9https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-9-16b5a8ffb52d?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, bug-bounty-tips, hacking, infosec, money07-Jan-2025
bug-bounty Rate Limit vulnerabilityhttps://medium.com/@eslamatef396/bug-bounty-rate-limit-vulnerability-cb81481456bc?source=rss------bug_bounty-5UnStoppableweb-penetration-testing, rate-limiting, bug-bounty07-Jan-2025
CVE-2024–12033: A Critical WordPress Vulnerability in Jupiter X Corehttps://medium.com/@wiretor/cve-2024-12033-a-critical-wordpress-vulnerability-in-jupiter-x-core-38ac3380b909?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, wordpress, malware, rce, cve07-Jan-2025
CVE-2024–12532: Vulnerability in BWD Elementor Addons Pluginhttps://medium.com/@wiretor/cve-2024-12532-vulnerability-in-bwd-elementor-addons-plugin-da1a34bd2f99?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, malware, wordpress, hacking, bug-bounty07-Jan-2025
CVE-2024–12711: Vulnerability in RSVP and Event Management Pluginhttps://medium.com/@wiretor/cve-2024-12711-vulnerability-in-rsvp-and-event-management-plugin-2a0b374807e1?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, malware, ai, bug-bounty, hacking07-Jan-2025
Critical Infrastructure Ransomware Attack Tracker Surpasses 2,000 Incidents!https://medium.com/@wiretor/critical-infrastructure-ransomware-attack-tracker-surpasses-2-000-incidents-431f5531a2af?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, bug-bounty, hacking, business, malware07-Jan-2025
Bug Bounty Hunting Prerequisiteshttps://it4chis3c.medium.com/bug-bounty-hunting-prerequisites-964560919547?source=rss------bug_bounty-5It4chis3croadmaps, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-hunting07-Jan-2025
The Most Groundbreaking Bug Bounty Discoveries That Changed Cybersecurity Foreverhttps://medium.com/@hackrate/the-most-groundbreaking-bug-bounty-discoveries-that-changed-cybersecurity-forever-a2a39e7e10af?source=rss------bug_bounty-5Levente Molnarhacking, bug-bounty, bug-bounty-tips, ethical-hacking, cybersecurity07-Jan-2025
Beginners Introduction To Server Side Request Forgeryhttps://bitpanic.medium.com/beginners-introduction-to-server-side-request-forgery-85c3a35eb726?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, programming, bug-bounty, cybersecurity, technology07-Jan-2025
My Journey to Finding Two XSS Vulnerabilities on a Bug Bounty Websitehttps://medium.com/@mickaelbenlolo/my-journey-to-finding-two-xss-vulnerabilities-on-a-bug-bounty-website-b6a1e38425df?source=rss------bug_bounty-5Mickael Benlolopenetration-testing, xss-vulnerability, cybersecurity, bug-bounty07-Jan-2025
Humorous XSS Vulnerabilities in a Movie Websitehttps://medium.com/meetcyber/humorous-xss-vulnerabilities-in-a-movie-website-3600d7828661?source=rss------bug_bounty-5Erkan Kavasxss-vulnerability, cybersecurity, xss-challenge, xss-attack, bug-bounty07-Jan-2025
Day 06: My Bug Bounty Challenge ... 0–100k without knowledge in one year!https://medium.com/@dogxxx10/day-06-my-bug-bounty-challenge-0-100k-without-knowledge-in-one-year-5ed71536fd89?source=rss------bug_bounty-5Dogx0xbug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty, web-hacking07-Jan-2025
P4 Bugs and POC | Part 7https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-7-a379f057ba96?source=rss------bug_bounty-5Abhijeet kumawathacking, bug-bounty, infosec, bug-bounty-tips, money06-Jan-2025
Day 27 of 30 Day — 30 Vulnerabilities | Server-Side Template Injection (SSTI)https://it4chis3c.medium.com/day-27-of-30-day-30-vulnerabilities-server-side-template-injection-ssti-12f933587800?source=rss------bug_bounty-5It4chis3cbug-bounty, 30dayswritingchallenge, ssti, bug-bounty-tips, bug-bounty-writeup06-Jan-2025
From oos — getting bounty Improper Access Control to create an commentor account on the application.https://medium.com/@swaroopvenkat828/from-oos-getting-bounty-improper-access-control-to-create-an-commentor-account-on-the-application-027b517928bb?source=rss------bug_bounty-5swaroop 04|16bug-bounty-tips, bugbounty-writeup, bug-bounty06-Jan-2025
Bypassing API Authentication: Exploiting Token Reuse and Expiryhttps://medium.com/@bootstrapsecurity/bypassing-api-authentication-exploiting-token-reuse-and-expiry-0432e7689659?source=rss------bug_bounty-5BootstrapSecuritybug-bounty, api, bug-bounty-tips, ethical-hacking, hacking06-Jan-2025
Missing SPF BUG HUNTINGhttps://medium.com/@cybertips96/missing-spf-bug-hunting-121294c9572e?source=rss------bug_bounty-5Cybertipsbug-bounty06-Jan-2025
How I Found PII at NASA Using Google Dorkinghttps://medium.com/@salaheddine_kalada/how-i-found-pii-at-nasa-using-google-dorking-6447a89decc7?source=rss------bug_bounty-5Salaheddine KALADAbug-bounty-tips, bug-bounty-writeup, bug-bounty-program, bug-bounty, bug-bounty-hunter06-Jan-2025
How I Got My First Critical Bug ## Easy Bughttps://medium.com/@0xoroot/how-i-got-my-first-critical-bug-easy-bug-fb5d1631bcd4?source=rss------bug_bounty-50xorootcritical-thinking, bug-bounty, penetration-testing, hacking, bugs06-Jan-2025
How I Was Able to Block Any Usernamehttps://infosecwriteups.com/how-i-was-able-to-block-any-username-5707a1fbd25c?source=rss------bug_bounty-5JEETPALbug-bounty-tips, cybersecurity, bug-bounty-writeup, business-logic-flaw, bug-bounty06-Jan-2025
Chrome Extension Hacked: - A Wake-Up Call for Users.https://medium.com/@forte.social/chrome-extension-hacked-a-wake-up-call-for-users-c0c8de0281aa?source=rss------bug_bounty-5eSecFortebug-bounty-tips, cybersecurity, chrome-extension, bug-bounty, hacking06-Jan-2025
The Evolution of Bug Bounties: A Decade of Digital Vigilancehttps://medium.com/@hackrate/the-evolution-of-bug-bounties-a-decade-of-digital-vigilance-99b1e86421b0?source=rss------bug_bounty-5Levente Molnarethical-hacking, hacking, bug-bounty-tips, bug-bounty, cybersecurity06-Jan-2025
How IBM Helped Me Get Private Invites on Hacker1https://medium.com/@oxab/how-ibm-helped-me-get-private-invites-on-hacker1-ffbe3c1b26d3?source=rss------bug_bounty-5Oxabbugbounting, bug-bounty-tips, bug-bounty, bug-bounty-writeup06-Jan-2025
Introduction to My Bug Bounty Hunting Serieshttps://it4chis3c.medium.com/introduction-to-my-bug-bounty-hunting-series-79a68dcb07a6?source=rss------bug_bounty-5It4chis3cbug-hunting, bug-bounty, bug-bounty-writeup, web-security, bug-bounty-tips06-Jan-2025
Comprehensive Command and Control Tools for Red Teaming Operationshttps://saconychukwu.medium.com/comprehensive-command-and-control-tools-for-red-teaming-operations-23e458d830c0?source=rss------bug_bounty-5Sacony Chukwubug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, ethical-hacking06-Jan-2025
Advanced C# Offensive Frameworks for Red Team Operationshttps://saconychukwu.medium.com/advanced-c-offensive-frameworks-for-red-team-operations-a001cac7e10f?source=rss------bug_bounty-5Sacony Chukwuethical-hacking, bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips06-Jan-2025
Exploiting Session Hijacking Vulnerability: My Bug Bounty Experiencehttps://medium.com/@mickaelbenlolo/exploiting-session-hijacking-vulnerability-my-bug-bounty-experience-659706a24a93?source=rss------bug_bounty-5Mickael Benlolobug-bounty, session-hijacking, penetration-testing, cybersecurity06-Jan-2025
Chasing Bugs, Finding Purpose: My Journey to the First Bounty!https://medium.com/@he4dr0/chasing-bugs-finding-purpose-my-journey-to-the-first-bounty-cf610c0f023e?source=rss------bug_bounty-5he4dr0bug-bounty, hackerone, security-research, information-disclosure, journey06-Jan-2025
How I Found My First Bughttps://medium.com/@dibyaranjanmohanta2806/i-found-my-first-bug-52e20e37b429?source=rss------bug_bounty-5Dibyaranjanmohantabugs, my-first-bug, bug-bounty, bug-bounty-tips, bug-bounty-writeup06-Jan-2025
Eagerbee Backdoor Targets Middle Eastern Government Orgs & ISPshttps://medium.com/@wiretor/eagerbee-backdoor-targets-middle-eastern-government-orgs-isps-e0246bb044c4?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbackdoor, bug-bounty, business, malware, ai06-Jan-2025
Cryptocurrency Wallet Drainers Stole $500 Million in 2024https://medium.com/@wiretor/cryptocurrency-wallet-drainers-stole-500-million-in-2024-7e1da1edb1b7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, malware, crypto, bug-bounty, ai06-Jan-2025
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tipshttps://mhmmuneef.medium.com/thn-weekly-recap-top-cybersecurity-threats-tools-and-tips-b11776bb3c7b?source=rss------bug_bounty-5Mohammed Muneeftechnology, cybersecurity, bug-bounty, cybercrime, hacking06-Jan-2025
Breaking News: Chinese Hackers Breach U.S. Telecom Networks!https://medium.com/@wiretor/breaking-news-chinese-hackers-breach-u-s-telecom-networks-be8249641716?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, cve, ai, malware06-Jan-2025
A List Of Default Admin Panel Passwords to Boost Your Bug Bountyhttps://bitpanic.medium.com/a-list-of-default-admin-panel-passwords-to-boost-your-bug-bounty-67af4c4f45b2?source=rss------bug_bounty-5Spectat0rguycybersecurity, programming, bug-bounty, technology, bug-bounty-tips06-Jan-2025
HR Admin Account Takeover: Chaining Stored XSS and IDOR in a Human Resource Apphttps://medium.com/@abdullah12987654/hr-admin-account-takeover-chaining-stored-xss-and-idor-in-a-human-resource-app-9718c9e77d34?source=rss------bug_bounty-5Abdullahcyebrsecurity, offensive-security, bug-bounty, ethical-hacking, hacking06-Jan-2025
Bug Bounty — How I Found an XSS Vulnerability Through a “Change Email” Option!https://medium.com/@mickaelbenlolo/bug-bounty-how-i-found-an-xss-vulnerability-through-a-change-email-option-3ed57ba2d11f?source=rss------bug_bounty-5Mickael Benloloxss-vulnerability, penetration-testing, bug-bounty, cybersecurity06-Jan-2025
How I Found My First Bug (RXSS)https://medium.com/@a0xtrojan/how-i-found-my-first-bug-rxss-2ac44e94d628?source=rss------bug_bounty-5A0X_Trojantips-and-tricks, xss-attack, bug-bounty, penetration-testing, web-app-security06-Jan-2025
Hidden Dangers of XSS Vulnerabilities — Real Casehttps://medium.com/meetcyber/hidden-dangers-of-xss-vulnerabilities-real-case-22177daa6fc8?source=rss------bug_bounty-5Erkan Kavasxss-bypass, cybersecurity, xss-attack, bug-bounty, xss-vulnerability06-Jan-2025
Day 0 — 05 : M y Bug Bounty Challenge 0–100k without knowledge in one year!https://medium.com/@dogxxx10/day-0-05-m-y-bug-bounty-challenge-0-100k-without-knowledge-in-one-year-94f090fdf54a?source=rss------bug_bounty-5Dogxxxbug-bounty-writeup, hacking, bug-bounty, bug-bounty-tips, web-hacking06-Jan-2025
P4 Bugs and POC | Part-8https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-8-2b4ed878c53a?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, bug-bounty-tips, infosec, hacking06-Jan-2025
How I Exposed IDOR and Path Traversal Vulnerabilities in a Parking Portalhttps://medium.com/@br3ss/how-i-exposed-idor-and-path-traversal-vulnerabilities-in-a-parking-portal-0ae8e4940306?source=rss------bug_bounty-5Br3ssidor, cybersecurity, hacking, path-traversal, bug-bounty06-Jan-2025
P4 Bugs and POC | Part-8https://infosecwriteups.com/p4-bugs-and-poc-part-8-2b4ed878c53a?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, bug-bounty-tips, infosec, hacking06-Jan-2025
My First Bug Report in Microsoft Windows Task Managerhttps://medium.com/@abdullah.farwees/my-first-bug-report-in-microsoft-windows-task-manager-726972722e50?source=rss------bug_bounty-5Abdullah Farwees - Video Audio Software Engineermicrosoft-bug, microsoft-bug-bounty, bug-bounty-tips, bugs, bug-bounty05-Jan-2025
From Recon to Exploitation: 100 Linux Commands Every Pentester Must Knowhttps://medium.com/@rundcodehero/from-recon-to-exploitation-100-linux-commands-every-pentester-must-know-e8f118226de6?source=rss------bug_bounty-5Randi Adhityas Saputrabug-bounty, linux-tutorial, cybersecurity, command-line, penetration-testing05-Jan-2025
Exploiting CORS Misconfigurations: A Bug Bounty Case Studyhttps://medium.com/@mickaelbenlolo/exploiting-cors-misconfigurations-a-bug-bounty-case-study-8e85a868c3c8?source=rss------bug_bounty-5Mickael Benlolobug-bounty, cybersecurity, entry-level, pentesting05-Jan-2025
Frontrunning Vulnerability: What It Is, How to Exploit, Prevent, and Mitigate Ithttps://infosecwriteups.com/frontrunning-vulnerability-what-it-is-how-to-exploit-prevent-and-mitigate-it-19149db077bd?source=rss------bug_bounty-5JEETPALcybersecurity, front-running, web3, bugbounty-writeup, bug-bounty05-Jan-2025
Peering into the Shadows: How an Empty Domain Led to a Full-Blown Exploitation Chainhttps://medium.com/@tusharpuri6/peering-into-the-shadows-how-an-empty-domain-led-to-a-full-blown-exploitation-chain-b06219d92d0e?source=rss------bug_bounty-5Tusharpuribug-bounty, penetration-testing, application-security, offensive-security, infosec05-Jan-2025
Easy P4: Cloudflare Bypass, Origin IP Found (Part 1)https://sudosuraj.medium.com/easy-p4-cloudflare-bypass-origin-ip-found-part-1-685d27e73dd0?source=rss------bug_bounty-5sudosurajhackerone, bug-bounty, sudosuraj, bug-bounty-writeup, info-sec-writeups05-Jan-2025
Comprehensive Reconnaissance Tools for Red Teaming and OSINT Operationshttps://saconychukwu.medium.com/comprehensive-reconnaissance-tools-for-red-teaming-and-osint-operations-17b06b698548?source=rss------bug_bounty-5Sacony Chukwupenetration-testing, bug-bounty, hacking05-Jan-2025
Comprehensive Phishing Tools for Red Teaming and Delivery Tacticshttps://saconychukwu.medium.com/comprehensive-phishing-tools-for-red-teaming-and-delivery-tactics-cf30c615ab24?source=rss------bug_bounty-5Sacony Chukwuethical-hacking, penetration-testing, hacking, bug-bounty05-Jan-2025
Bug Bounty — Finding and Exploiting a Cookie Security Flaw: A Deep Dive into PHPSESSID and Missing…https://medium.com/@mickaelbenlolo/bug-bounty-finding-and-exploiting-a-cookie-security-flaw-a-deep-dive-into-phpsessid-and-missing-3aca0db6c1cd?source=rss------bug_bounty-5Mickael Benlolopenetration-testing, bug-bounty, cybersecurity, entry-level05-Jan-2025
Discovering SQLi Vulnerabilities Through Deeper Analysishttps://medium.com/@erkankavas/discovering-sqli-vulnerabilities-through-deeper-analysis-4e305dfbc181?source=rss------bug_bounty-5Erkan Kavascybersecurity, bug-bounty-tips, bug-bounty-writeup, sqli, bug-bounty05-Jan-2025
How I was able to Sign Up at one of the Company Panels ? P3 $$$https://19whoami19.medium.com/how-i-was-able-to-sign-up-at-one-of-the-company-panels-p3-c824d76e36e9?source=rss------bug_bounty-5WHO AM I ?cybersecurity, bug-bounty, pentesting, broken-access-control05-Jan-2025
Finding and Reporting an XSS Vulnerability: My Bug Bounty Journeyhttps://medium.com/@mickaelbenlolo/finding-and-reporting-an-xss-vulnerability-my-bug-bounty-journey-0bc4a4609d34?source=rss------bug_bounty-5Mickael Benloloentry-level, xss-vulnerability, cybersecurity, penetration-testing, bug-bounty05-Jan-2025
Strategies to Maximize Your Earnings on Bug Bounty Platformshttps://bitpanic.medium.com/strategies-to-maximize-your-earnings-on-bug-bounty-platforms-6053aaf0a781?source=rss------bug_bounty-5Spectat0rguycybersecurity, information-technology, technology, bug-bounty, bug-bounty-tips05-Jan-2025
CVE-2025–0224: Provision-ISR SH-4050A-2 Server.js Information Disclosurehttps://medium.com/@wiretor/cve-2025-0224-provision-isr-sh-4050a-2-server-js-information-disclosure-42df13998a66?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicescve, ai, bug-bounty, malware, business05-Jan-2025
CVE-2025–0226: Information Disclosure Vulnerability in Tsinghua Unigroup Electronic Archives…https://medium.com/@wiretor/cve-2025-0226-information-disclosure-vulnerability-in-tsinghua-unigroup-electronic-archives-cf44084fc78c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, malware, ai, business05-Jan-2025
Account Deletion Flaw Exposes Chats, Researcher Gets $1,000 (5/30DAYS)https://medium.com/@zerodaystories/account-deletion-flaw-exposes-chats-researcher-gets-1-000-5-30days-d51245c30c65?source=rss------bug_bounty-50day storiestechnology, bug-bounty, penetration-testing, hacking, cybersecurity05-Jan-2025
Bug Bounty Goldmine: The Wildest Cybersecurity Discoverieshttps://medium.com/@hackrate/bug-bounty-goldmine-the-wildest-cybersecurity-discoveries-bb6d1be478dd?source=rss------bug_bounty-5Levente Molnarethical-hacking, bug-bounty-tips, bug-bounty, hacking, cybersecurity05-Jan-2025
Top 8 Bug Bounty Platforms in 2025https://hackers-guild-blog.medium.com/top-8-bug-bounty-platforms-in-2025-84a1f6b7b226?source=rss------bug_bounty-5Hackers Guildbug-bounty, hacking, osint, hacker, bug-bounty-program05-Jan-2025
Brute Force Attack (Owaspbwa Lab, Hydra Tool)https://medium.com/@BetterBy0x01/brute-force-attack-owaspbwa-lab-hydra-tool-f3cd947f86bb?source=rss------bug_bounty-5Ashutosh Singh Patelbug-bounty, hacking, security, attack, owasp04-Jan-2025
Besides bXSShttps://wanderication.medium.com/besides-bxss-681f3d97cda9?source=rss------bug_bounty-5Jay Wanderybug-bounty, xss-attack04-Jan-2025
Account TakeOver | Abusing the Application logic flaw in the reset password functionalityhttps://wanderication.medium.com/account-takeover-abusing-the-application-logic-flaw-in-the-reset-password-functionality-1b0a92caafca?source=rss------bug_bounty-5Jay Wanderyaccount-takeover-attacks, bug-bounty04-Jan-2025
Account Takeover via Facebook Oauthhttps://anontriager.medium.com/account-takeover-via-facebook-oauth-cd1f6219f7dd?source=rss------bug_bounty-5Anonymous Traigerbug-bounty, programming, jobs, hacker, cybersecurity04-Jan-2025
Top 15 Vulnerable Web Applications and Websites for Ethical Hacking Practicehttps://saconychukwu.medium.com/top-15-vulnerable-web-applications-and-websites-for-ethical-hacking-practice-d2062e5bc383?source=rss------bug_bounty-5Sacony Chukwupentesting, bug-bounty, hacking04-Jan-2025
Boost Cybersecurity with Bug Bounty Programshttps://medium.com/@ramanidhaval11/boost-cybersecurity-with-bug-bounty-programs-26498ce74226?source=rss------bug_bounty-5Er Dhaval Ramanicybersecurity, bug-bounty, cyber-security-awareness, bugbounty-writeup04-Jan-2025
How I Discovered an Email Disclosure Vulnerabilityhttps://infosecwriteups.com/how-i-discovered-an-email-disclosure-vulnerability-bf798d3f3228?source=rss------bug_bounty-5JEETPALbug-bounty-writeup, cybersecurity, bug-bounty, bugbounty-tips04-Jan-2025
Bug Bash: 11 Creeping Critters Every QA Tester Must Squash!https://medium.com/@divyarajsinhdev/bug-bash-11-creeping-critters-every-qa-tester-must-squash-31d4da2f7805?source=rss------bug_bounty-5Divyarajsinh Dodiabug-bounty, software-testing, qa, automation, software-development04-Jan-2025
List of Top Bug Bounty Platforms for 2025https://medium.com/@hackrate/list-of-top-bug-bounty-platforms-for-2025-a13d86290a14?source=rss------bug_bounty-5Levente Molnarpenetration-testing, ethical-hacking, cybersecurity, bug-bounty, hacking04-Jan-2025
The Power of Swagger UI Docs-Broken access controlhttps://medium.com/@hamdiyasin135/the-power-of-swagger-ui-docs-broken-access-control-a3b57fb035bd?source=rss------bug_bounty-5yassin hamdiaccess-control, hackerone, bug-bounty04-Jan-2025
P4 Bugs and PoC | Part 4https://infosecwriteups.com/p4-bugs-and-poc-part-4-c65113b489b0?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, bug-bounty-tips, infosec, hacking04-Jan-2025
Microsoft Vulnerability Exploitation — [IDOR] — Unbinding of Any Microsoft Account’s Recovery Emailhttps://medium.com/@iamjamehas/microsoft-vulnerability-exploitation-idor-unbinding-of-any-microsoft-accounts-recovery-email-0f6dcf50820e?source=rss------bug_bounty-5jamehadvzero-day, red-team, exploits-zero-day, microsoft, bug-bounty04-Jan-2025
API Fuzzing for Bug Bounty: Unlock the Secrets of Vulnerable APIshttps://bevijaygupta.medium.com/api-fuzzing-for-bug-bounty-unlock-the-secrets-of-vulnerable-apis-d8b297280caa?source=rss------bug_bounty-5Vijay Kumar Guptaapi, fuzzing, vulnerability, bug-bounty, api-vulnerabilities04-Jan-2025
Bad Tenable Plugin Updates Take Down Nessus Agents Worldwidehttps://medium.com/@wiretor/bad-tenable-plugin-updates-take-down-nessus-agents-worldwide-baf7c48c34a3?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, xss-attack, ai, malware, bug-bounty04-Jan-2025
New Android Malware Alert: FireScam Targets RuStore Users!https://medium.com/@wiretor/new-android-malware-alert-firescam-targets-rustore-users-b5de983bd805?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, rce, ai, bug-bounty, xss-attack04-Jan-2025
Find XSS Vulnerabilities in Minuteshttps://medium.com/@phirojshah20/find-xss-vulnerabilities-in-minutes-912d02d2b848?source=rss------bug_bounty-5Phirojshahbugs, bug-bounty, bug-bounty-tips, xss-vulnerability, cybersecurity04-Jan-2025
Detecting GraphQL Injection: Tools and Techniques for Security Testershttps://bitpanic.medium.com/detecting-graphql-injection-tools-and-techniques-for-security-testers-f3742d0388aa?source=rss------bug_bounty-5Spectat0rguytechnology, programming, bug-bounty-tips, bug-bounty, cybersecurity04-Jan-2025
How I Found P1 Vulnerability Using Google Dorkhttps://h0x1d.medium.com/how-i-found-a-p1-vulnerability-using-google-dork-33ac0250df89?source=rss------bug_bounty-5Hamed Mohamed - h0x1dbug-bounty, bug-bounty-writeup, bug-bounty-tips04-Jan-2025
My First Year in Bug Bountyhttps://cyxbugs.medium.com/my-first-year-in-bug-bounty-42f39a42fc7f?source=rss------bug_bounty-5Cyxbug-bounty-tips, cybersecurity, hacking, bug-bounty04-Jan-2025
Nikto : VulnerabilityScanner COMMANDShttps://jawstar.medium.com/nikto-vulnerabilityscanner-commands-578b76344097?source=rss------bug_bounty-5Jawstarpenetration-testing, technology, cybersecurity, bug-bounty, nikto04-Jan-2025
P4 Bugs and POC | Part 5https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-5-556962ec83f7?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, infosec, hacking, bug-bounty-tips04-Jan-2025
What Is Cross Site Request Forgery?https://medium.com/@dante.falls/what-is-cross-site-request-forgery-a52a48562f58?source=rss------bug_bounty-5Dante Fallscybersecurity, information-security, web-security, bug-bounty04-Jan-2025
Detecting GraphQL Injection: Tools and Techniques for Security Testershttps://medium.com/infosecmatrix/detecting-graphql-injection-tools-and-techniques-for-security-testers-f3742d0388aa?source=rss------bug_bounty-5Spectat0rguytechnology, programming, bug-bounty-tips, bug-bounty, cybersecurity04-Jan-2025
SQL Injection: A Beginner’s Guide PART 1https://medium.com/@hamzamabdulrhman/sql-injection-a-beginners-guide-part-1-0bdb41ec8609?source=rss------bug_bounty-5Hamza M. Abdulrhmanbug-bounty, sql-injection, hacking, sql, sql-server03-Jan-2025
How My Journey Started as a Bug Bounty Hunterhttps://virpalsinh.medium.com/how-my-journey-started-as-a-bug-bounty-hunter-67641b57d01f?source=rss------bug_bounty-5virpalsinhinformation-security, cybersecurity, careers, ethical-hacking, bug-bounty03-Jan-2025
What is an Advanced Persistent Threat (APT)?https://ritikshrivas.medium.com/what-is-an-advanced-persistent-threat-apt-bbf9bb366e2d?source=rss------bug_bounty-5Ritik Shrivasbug-bounty, information-security, vulnerability, cybersecurity, information-technology03-Jan-2025
P4 Bugs and POC | Part 1https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-1-0dab3517bbe9?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, infosec, hacking, bug-bounty-tips03-Jan-2025
How I Uncovered an LFI in 15 Seconds: The Tale of a Curious Hacker and an Unprepared Serverhttps://medium.com/@shyamfdo82/how-i-uncovered-an-lfi-in-15-seconds-the-tale-of-a-curious-hacker-and-an-unprepared-server-e49925452007?source=rss------bug_bounty-5Shyamfdocybersecurity, red-team, hacking, penetration-testing, bug-bounty03-Jan-2025
Use SQL-Map at its best.https://medium.com/@anandrishav2228/use-sql-map-at-its-best-64180f9ad279?source=rss------bug_bounty-5Rishav anandhacker, money, cybersecurity, bug-bounty, sql03-Jan-2025
Bug Bounty Methodology Version 2025https://medium.com/@techinsights5/bug-bounty-methodology-version-2025-4cb701838658?source=rss------bug_bounty-5TechInsightsbug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup, bug-bounty-methodology03-Jan-2025
PDF.js Arbitrary JavaScript Code Execution (CVE-2024-4367)https://infosecwriteups.com/pdf-js-arbitrary-javascript-code-execution-cve-2024-4367-be4a64f877df?source=rss------bug_bounty-5coffinxpcve, bug-bounty-tips, bug-bounty, bug-bounty-writeup, pdf03-Jan-2025
What is a Hacker?https://hackers-guild-blog.medium.com/what-is-a-hacker-c957e390855b?source=rss------bug_bounty-5Hackers Guildbounty-program, osint, cybersecurity, hacking, bug-bounty03-Jan-2025
Here’s 24 web-application hacking tools:https://saconychukwu.medium.com/heres-24-web-application-hacking-tools-17369f7f5097?source=rss------bug_bounty-5Sacony Chukwubug-bounty03-Jan-2025
My First RCE Vulnerabilityhttps://medium.com/@RekoJR/my-first-rce-vulnerability-636cdc9f2dab?source=rss------bug_bounty-5Reko !bug-bounty, bug-bounty-writeup03-Jan-2025
PDF.js Arbitrary JavaScript Code Execution (CVE-2024-4367)https://infosecwriteups.com/pdf-js-arbitrary-javascript-code-execution-cve-2024-4367-be4a64f877df?source=rss------bug_bounty-5coffinxpbug-bounty-tips, bug-bounty, bug-bounty-writeup, technology, xss-attack03-Jan-2025
How to Start Penetration Testing: Tools, Techniques, and Tips.https://cybersaurabh.medium.com/how-to-start-penetration-testing-tools-techniques-and-tips-bfbf09a0130a?source=rss------bug_bounty-5The Saurabh Palpenetration-testing, bug-bounty-writeup, bug-bounty, ethical-hacking, hacking03-Jan-2025
Free Labs to Practice XSShttps://medium.com/@MaMad4Ever/free-labs-to-practice-xss-08b11016ba05?source=rss------bug_bounty-5MaMadxss-attack, xss-vulnerability, penetration-testing, xss-challenge, bug-bounty03-Jan-2025
The Ultimate Guide to Top Bug Bounty Platforms in 2025https://medium.com/@hackrate/the-ultimate-guide-to-top-bug-bounty-platforms-in-2025-b6d6c3442188?source=rss------bug_bounty-5Levente Molnarbug-bounty, ethical-hacking, cybersecurity, hacking, penetration-testing03-Jan-2025
MFA Bypass Exposed: A C Flaw in Two-Factor Authenticationhttps://medium.com/@swaroopvenkat828/mfa-bypass-exposed-a-c-flaw-in-two-factor-authentication-6e126b1cfbd0?source=rss------bug_bounty-5swaroop 04mfa, bug-bounty, mfa-bypass, 2025, bugbounty-writeup03-Jan-2025
Siri Privacy Crisis: Apple Faces $95 Million Settlement for Secret Recordings!https://medium.com/@wiretor/siri-privacy-crisis-apple-faces-95-million-settlement-for-secret-recordings-32472ca8e705?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, business, apple, siri, ai03-Jan-2025
€10B Cybersecurity Giant Denies Space Bears Ransomware Breach Claimshttps://medium.com/@wiretor/10b-cybersecurity-giant-denies-space-bears-ransomware-breach-claims-464a80206f57?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, ai, business, malware03-Jan-2025
Hackers’ New Trick — DoubleClickjacking Hijacks Your Accounts Without a Tracehttps://medium.com/@wiretor/hackers-new-trick-doubleclickjacking-hijacks-your-accounts-without-a-trace-d812ec920ac8?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, malware, hacker, bug-bounty, ai03-Jan-2025
Over 3 Million Mail Servers Exposed: Time to Encrypt!https://medium.com/@wiretor/over-3-million-mail-servers-exposed-time-to-encrypt-1c1065932c89?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, ai, malware, bug-bounty, hacking03-Jan-2025
Improper Access Control in APIs Earns $3,900 Bounty(4/30 DAYS)https://medium.com/@zerodaystories/improper-access-control-in-apis-earns-3-900-bounty-4-30-days-5a8668695b84?source=rss------bug_bounty-50day storiespenetration-testing, bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips03-Jan-2025
Time based user enumeration [identitytoolkit.googleapis.com]https://medium.com/bug-bounty/time-based-user-enumeration-identitytoolkit-googleapis-com-72b2710b380a?source=rss------bug_bounty-5Philippe Delteiluser-enumeration, google-api, bug-bounty03-Jan-2025
P4 Bugs and PoC | Part 2https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-2-0842039eddf3?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, infosec, bug-bounty, money, hacking03-Jan-2025
PicoCTF Writeups — dont-use-client-sidehttps://medium.com/@sobatistacyber/picoctf-writeups-dont-use-client-side-1cda7ae1cc87?source=rss------bug_bounty-5SoBatistactf, bug-bounty, picoctf, hacking, penetration-testing03-Jan-2025
Mastering 403 Bypass Techniques: A Penetration Tester’s Guidehttps://bitpanic.medium.com/mastering-403-bypass-techniques-a-penetration-testers-guide-f3a1cb16b9a3?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, cybersecurity, technology, programming, bug-bounty03-Jan-2025
Python libraries every Hacker should knowhttps://infosecwriteups.com/python-libraries-every-hacker-should-know-97fb5dae2efd?source=rss------bug_bounty-5Abhishek pawarhacking, programming, cybersecurity, python, bug-bounty03-Jan-2025
#ERROR!https://medium.com/@cybertips96/-d6a3961c1fdd?source=rss------bug_bounty-5Cybertipsbug-bounty03-Jan-2025
Vulnerability Testing Techniqueshttps://medium.com/@phirojshah20/vulnerability-testing-techniques-b9498fefd4b3?source=rss------bug_bounty-5Phirojshahbug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty, bugs03-Jan-2025
P4 Bugs and PoC | Part 3https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-3-8ca9776c87bc?source=rss------bug_bounty-5Abhijeet kumawatinfosec, hacking, bug-bounty-tips, bug-bounty, money03-Jan-2025
TOP 10 VULNERABILITIES IN CYBER SECURITYhttps://medium.com/@saiganesh18062003/top-10-vulnerabilities-in-cyber-security-337bb7a28760?source=rss------bug_bounty-5Levi Ackermansecurity, cybersecurity, technology, bug-bounty, security-services03-Jan-2025
Be Aware Of It, Hacker! How To Keep Yourself Off Dangerous Triggers During Hacking Story!https://medium.com/@nnface/be-aware-of-it-hacker-how-to-keep-yourself-off-dangerous-triggers-during-hacking-story-b4e0962c05a7?source=rss------bug_bounty-5NnFacescammer-alert, cybersecurity, bug-bounty, scam, hacking03-Jan-2025
How I Found an Open AWS S3 Bucket and Used It to Take Over a Subdomainhttps://medium.com/@bochamekh21/how-i-found-an-open-aws-s3-bucket-and-used-it-to-take-over-a-subdomain-75736e90c945?source=rss------bug_bounty-5Boubker Chamekhsubdomain-takeover, bug-bounty, hacking, hackerone, bug-bounty-writeup03-Jan-2025
P4 Bugs and PoC | Part 3https://infosecwriteups.com/p4-bugs-and-poc-part-3-8ca9776c87bc?source=rss------bug_bounty-5Abhijeet kumawatinfosec, hacking, bug-bounty-tips, bug-bounty, money03-Jan-2025
Security Misconfiguration (Tryhackme)https://medium.com/@BetterBy0x01/security-misconfiguration-tryhackme-9c763a743a71?source=rss------bug_bounty-5Ashutosh Singh Pateltryhackme-writeup, tryhackme, hacking, security, bug-bounty02-Jan-2025
Zero Click Account Takeoverhttps://anontriager.medium.com/zero-click-account-takeover-7f8bdcda2236?source=rss------bug_bounty-5Anonymous Traigerrewards, bug-bounty, programing, hacking, cybersecurity02-Jan-2025
hunting #1https://medium.com/@dark_zone/hunting-1-ee308e923359?source=rss------bug_bounty-5darkzonebug-bounty02-Jan-2025
A Recon Tool That Uses AI to Predict Subdomainshttps://medium.com/@kumawatabhijeet2002/a-recon-tool-that-uses-ai-to-predict-subdomains-73a41aaa774d?source=rss------bug_bounty-5Abhijeet kumawatai, bug-bounty, infosec, hacking, recon02-Jan-2025
Code Analysis can help you make $200-$500 (C,C++,Node and general codes)https://medium.com/@anandrishav2228/code-analysis-can-help-you-make-200-500-c-c-node-and-general-codes-cb7752617931?source=rss------bug_bounty-5Rishav anandmoney, programming, cybersecurity, bug-bounty, code02-Jan-2025
WP-CRON Leading to a Complete Denial of Service (DoS) for Bank ‘X’https://cybersecuritywriteups.com/wp-cron-leading-to-a-complete-denial-of-service-dos-for-bank-x-82de725dfa4f?source=rss------bug_bounty-5Guru Prasad Pattanaikethical-hacking, cyber-security-awareness, cyberattack, bug-bounty, cybersecurity02-Jan-2025
【Activities Guide】A detailed overview of the TECNO Security Response Center’s security incentive…https://medium.com/@security.tecno/activities-guide-a-detailed-overview-of-the-tecno-security-response-centers-security-incentive-6e43effd8d37?source=rss------bug_bounty-5TECNO Securitybug-bounty, hacking, security, activity02-Jan-2025
How to Build a Cloud Security Monitoring Dashboard !https://medium.com/@paritoshblogs/how-to-build-a-cloud-security-monitoring-dashboard-81951b57613f?source=rss------bug_bounty-5Paritoshcloud-security, bug-bounty, hacking, cybersecurity, cloud02-Jan-2025
Google Dorks Checklist for Bug Bounty — Bug Bounty Thursdayhttps://medium.com/@kerstan/google-dorks-checklist-for-bug-bounty-bug-bounty-thursday-ab5ccadb91b2?source=rss------bug_bounty-5kerstancybersecurity, bug-bounty, hacking02-Jan-2025
Zendesk Access Token Disclosed in a JavaScript File Allowing Ticket Accesshttps://medium.com/@aloneh1/zendesk-access-token-disclosed-in-a-javascript-file-allowing-ticket-access-cfc5ba637dde?source=rss------bug_bounty-5Anzilbug-bounty, vapt, cybersecurity, bug-bounty-writeup02-Jan-2025
Finding Hidden API-Keys & How to Use themhttps://medium.com/@sumitcfe/finding-hidden-api-keys-how-to-use-them-9c8a187d922b?source=rss------bug_bounty-5Sumit Jainvulnerability, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bugs02-Jan-2025
US Arrests Army Soldier Over AT&T, Verizon Hacking | Linked to Presidential Call Log Leakshttps://medium.com/@wiretor/us-arrests-army-soldier-over-at-t-verizon-hacking-linked-to-presidential-call-log-leaks-25897c6b4e0b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacker, bug-bounty, malware, ai, business02-Jan-2025
Rhode Islanders’ Data Breach: Protect Yourself from Cyberattacks Today!https://medium.com/@wiretor/rhode-islanders-data-breach-protect-yourself-from-cyberattacks-today-1c0f4f79b40b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, business, bug-bounty, hacking, ai02-Jan-2025
Election Interference Exposed: Iranian and Russian Cyber Tactics in the Spotlighthttps://medium.com/@wiretor/election-interference-exposed-iranian-and-russian-cyber-tactics-in-the-spotlight-3e9059006021?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, hacking, business, ai, bug-bounty02-Jan-2025
Three Russian-German Nationals Charged with Spying for Russiahttps://medium.com/@wiretor/three-russian-german-nationals-charged-with-spying-for-russia-838f9b0d39d4?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ransomware, hacking, secret-service, bug-bounty02-Jan-2025
postMessage XSShttps://medium.com/@rootast/postmessage-xss-f5402c9e219c?source=rss------bug_bounty-5Arash Shahbazijavascript, api, xss-attack, bug-bounty, postmessage02-Jan-2025
WP-CRON Leading to a Complete Denial of Service (DoS) for Bank ‘X’https://cybersecuritywriteups.com/wp-cron-leading-to-a-complete-denial-of-service-dos-for-bank-x-82de725dfa4f?source=rss------bug_bounty-5Guru Prasad Pattanaik || TH3N00BH4CK3Rethical-hacking, cyber-security-awareness, cyberattack, bug-bounty, cybersecurity02-Jan-2025
A Guide to MITRE ATT&CK Cloud Matrices: Simplified with Exampleshttps://medium.com/@paritoshblogs/a-guide-to-mitre-att-ck-cloud-matrices-simplified-with-examples-2f6588b9ac0e?source=rss------bug_bounty-5Paritoshcloud, bug-bounty, hacking, cloud-computing, cybersecurity01-Jan-2025
Refer Friends, Win Credit Rewards!https://medium.com/@security.tecno/refer-friends-win-credit-rewards-574795eeb6a9?source=rss------bug_bounty-5TECNO Securitybug-bounty, hacker, rewards, security01-Jan-2025
Bug Bounty Journey in 2024https://medium.com/@suganthankumaralingam/bug-bounty-journey-in-2024-e4f23874f991?source=rss------bug_bounty-5Suganthankumaralingambug-bounty-writeup, bug-zero, hackerone, bug-bounty-tips, bug-bounty01-Jan-2025
Bypassing Email verification through HTTP response interceptionhttps://callgh0st.medium.com/bypassing-email-verification-through-http-response-interception-7644a907899a?source=rss------bug_bounty-5callgh0stemail, bug-bounty, gaza, hacking, support01-Jan-2025
Win the Race | Exploiting Race Condition Vulnerabilityhttps://medium.com/codingninjablogs/win-the-race-exploiting-race-condition-vulnerability-21ba7297f039?source=rss------bug_bounty-5#$ubh@nk@rinfosec, bug-bounty, web-security, race-condition, hacking01-Jan-2025
My first 100 Days with Bug Bounties.https://medium.com/@rootplinix/my-first-100-days-with-bug-bounties-7c4f69f73d3d?source=rss------bug_bounty-5Abu Hurayrabug-bounty, infosec, vulnerability, cybersecurity, hacking01-Jan-2025
Bypassing Email verification through HTTP response interceptionhttps://infosecwriteups.com/bypassing-email-verification-through-http-response-interception-7644a907899a?source=rss------bug_bounty-5callgh0stemail, bug-bounty, gaza, hacking, support01-Jan-2025
Understanding DNS for Bug Bounty Huntinghttps://medium.com/@mastergojo122/understanding-dns-for-bug-bounty-hunting-428ec422aac6?source=rss------bug_bounty-5Wahid Najimdns-servers, dns, bug-bounty, bug-bounty-writeup01-Jan-2025
Advanced Enumeration Techniqueshttps://medium.com/@phirojshah20/advanced-enumeration-techniques-45cbeb429231?source=rss------bug_bounty-5Phirojshahbugs, cybersecurity, bug-bounty, bug-bounty-tips01-Jan-2025
Discovery and Probing Toolshttps://medium.com/@phirojshah20/discovery-and-probing-tools-5bb0a594b5d2?source=rss------bug_bounty-5Phirojshahbug-bounty-tips, cybersecurity, bug-bounty01-Jan-2025
Bug Bounty Hunting Methodology 2025https://medium.com/@phirojshah20/bug-bounty-hunting-methodology-2025-797bf8ae4c27?source=rss------bug_bounty-5Phirojshahbug-bounty, bug-hunting, reconnaissance, cybersecurity, bugs01-Jan-2025
CVE-2024–56803: Ghostty Vulnerability Allows Command Injectionhttps://medium.com/@wiretor/cve-2024-56803-ghostty-vulnerability-allows-command-injection-23e41eb1e8ad?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, ai, bug-bounty, business, malware01-Jan-2025
Uncover Hidden Web Paths with Recursive Dirbustinghttps://bitpanic.medium.com/uncover-hidden-web-paths-with-recursive-dirbusting-6befea8ab485?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, technology, bug-bounty, cybersecurity, programming01-Jan-2025
Over 3.1 Million Fake Stars on GitHub: A Threat to Trust & Security ️https://medium.com/@wiretor/over-3-1-million-fake-stars-on-github-a-threat-to-trust-security-%EF%B8%8F-f6af3a43224d?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, bug-bounty, malware, hacking, business01-Jan-2025
This Simple GraphQL SSRF Bug Earned Me $3,000 (3/30 DAYS)https://medium.com/@zerodaystories/this-simple-graphql-ssrf-bug-earned-me-3-000-3-30-days-9bd13e2c2f9d?source=rss------bug_bounty-50day storiesbug-bounty, penetration-testing, bug-bounty-writeup, cybersecurity, bug-bounty-tips01-Jan-2025
Dive into Go: A Full Guide for Penetration Testers, Bounty Hunters, and Developershttps://medium.com/@v1xtron/dive-into-go-a-full-guide-for-penetration-testers-bounty-hunters-and-developers-5cc013d3f5c6?source=rss------bug_bounty-5v1xtrongo, learn-to-code, programming-languages, bug-bounty01-Jan-2025
Welcome to our first article on this account!https://medium.com/@Dorking1/welcome-to-our-first-article-on-this-account-f7eb4049b768?source=rss------bug_bounty-5Dorking1bug-bounty, penetration-testing, cybersecurity01-Jan-2025
This Simple GraphQL SSRF Bug Earned $3,000 (3/30 DAYS)https://medium.com/@zerodaystories/this-simple-graphql-ssrf-bug-earned-me-3-000-3-30-days-9bd13e2c2f9d?source=rss------bug_bounty-50day storiesbug-bounty, penetration-testing, bug-bounty-writeup, cybersecurity, bug-bounty-tips01-Jan-2025
File upload bypass — Fuzz magic bytes / Mime types with ffufhttps://medium.com/@opabravo/file-upload-bypass-fuzz-magic-bytes-mime-types-with-ffuf-b218171533d4?source=rss------bug_bounty-5Fate Walkerffuf, fuzzing, penetration-testing, file-upload-vulnerability, bug-bounty31-Dec-2024
From Hidden Parameter to Account Takeoverhttps://medium.com/@radwan0x/from-hidden-parameter-to-account-takeover-e6905f35d93a?source=rss------bug_bounty-5Mohamed Radwanbug-bounty, csrf-attack, bug-bounty-tips31-Dec-2024
Vertical Privilege Escalation from Manager to Owner: A Bug Bounty Storyhttps://medium.com/@swaroopvenkat828/vertical-privilege-escalation-from-manager-to-owner-a-bug-bounty-story-7a039eb0b938?source=rss------bug_bounty-5swaroop 04privilege-escalation, bug-bounty-tips, bug-bounty31-Dec-2024
Sensitive Data Exposure (Tryhackme)https://medium.com/@BetterBy0x01/sensitive-data-exposure-tryhackme-111ed71542af?source=rss------bug_bounty-5Ashutosh Singh Patelsecurity, data, tryhackme, hacking, bug-bounty31-Dec-2024
Mastering XSS in a single read!https://anontriager.medium.com/mastering-xss-in-a-single-read-40bc850427bd?source=rss------bug_bounty-5Anonymous Traigerbug-bounty, hacker, programming, cybersecurity, jobs31-Dec-2024
Mastering 403 Forbidden Bypass Techniques Part-2✨https://medium.com/@kumawatabhijeet2002/mastering-403-forbidden-bypass-techniques-part-2-658af618d5b0?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, 403-forbidden, hacking, infosec, bug-bounty31-Dec-2024
How I Discovered Exposed .env Files on a Subdomain of a Popular Exam Proctoring Websitehttps://medium.com/@anonymousshetty2003/how-i-discovered-exposed-env-files-on-a-subdomain-of-a-popular-exam-proctoring-website-50f1847a9e59?source=rss------bug_bounty-5Anonymousshettyinformation-disclosure, hacking, bug-bounty, cybersecurity, bug-bounty-tips31-Dec-2024
How I Discovered a Leaked cAdvisor Panel Dashboard on a Websitehttps://medium.com/@anonymousshetty2003/how-i-discovered-a-leaked-cadvisor-panel-dashboard-on-a-website-1f097b526b3e?source=rss------bug_bounty-5Anonymousshettycybersecurity, shodan, hacking, bug-bounty, bug-hunting31-Dec-2024
API Pentesting: Unrestricted Resource Consumptionhttps://devilwrites.medium.com/api-pentesting-unrestricted-resource-consumption-2692bf368575?source=rss------bug_bounty-5hackerdevilapi, api-penetration-testing, owasp, api-security, bug-bounty31-Dec-2024
Advanced Analysis: XSS Vulnerability in an AI-Powered Chatbot Servicehttps://medium.com/@MianHammadx0root/advanced-analysis-xss-vulnerability-in-an-ai-powered-chatbot-service-53212f545624?source=rss------bug_bounty-5Mian Hammadxss-attack, cybersecurity, ai-chat-bot, ai, bug-bounty31-Dec-2024
How I Discovered an 8.2 Severity bug on hackerone for Account Takeover via HTML Injectionhttps://medium.com/@ravindrajatav0709/how-i-discovered-an-8-2-severity-bug-on-hackerone-for-account-takeover-via-html-injection-3e5b0ec32cc9?source=rss------bug_bounty-5Ravindrajatavbugs, bug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty31-Dec-2024
My First Year in Bug Bounty Huntinghttps://0xshuvo.medium.com/my-first-year-in-bug-bounty-hunting-2b5c2cb9c205?source=rss------bug_bounty-5Shuvo Kumar Sahabug-bounty-hunter, bug-bounty-writeup, bug-bounty, bug-bounty-tips, infosec31-Dec-2024
OTP Bypass Leads to $2000 (2/30 DAYS)https://medium.com/@zerodaystories/otp-bypass-leads-to-2000-2-30-days-7845b2580e7e?source=rss------bug_bounty-50day storiesbug-bounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity, penetration-testing31-Dec-2024
2024 Bug Bounty Achievementshttps://medium.com/readers-club/2024-bug-bounty-achievements-15c5195031d3?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, cybersecurity, failure, growth-mindset, never-give-up31-Dec-2024
How was I able to lock any user’s account?https://zerocode-ph.medium.com/how-was-i-able-to-lock-any-users-account-4303ff175a04?source=rss------bug_bounty-5Syd Ricafort (0cod3)bug-bounty31-Dec-2024
The Struggles of Manual Security Testers in an Automation-Heavy Bug Bounty Erahttps://mixbanana.medium.com/the-struggles-of-manual-security-testers-in-an-automation-heavy-bug-bounty-era-22cccf32fc13?source=rss------bug_bounty-5MixBananapenetration-testing, security, bug-bounty, cybersecurity31-Dec-2024
U.S. Treasury Breached via Remote Support Platform: Lessons for Cybersecurity Professionalshttps://medium.com/@wiretor/u-s-treasury-breached-via-remote-support-platform-lessons-for-cybersecurity-professionals-bd25d69ee856?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, bug-bounty, ai, xss-attack, hacker31-Dec-2024
Session Hijacking Vulnerability in Password Reset Flow Leading to Cross-Account Accesshttps://medium.com/@iPsalmy/session-hijacking-vulnerability-in-password-reset-flow-leading-to-cross-account-access-4823d88e680a?source=rss------bug_bounty-5iPsalmypenetration-testing, cybersecurity, application-security, information-security, bug-bounty31-Dec-2024
My story of hacking Dutch Government | by Chinmaya Ranahttps://chinmayarana.medium.com/my-story-of-hacking-dutch-government-by-chinmaya-rana-b54ea26c92dd?source=rss------bug_bounty-5Chinmaya Ranahacking, readteam, bug-bounty, cybersecurity, web-security31-Dec-2024
Unleashing My Recon Weapon: A Custom Bash Tool for Bug Bountyhttps://medium.com/@kumawatabhijeet2002/unleashing-my-recon-weapon-a-custom-bash-tool-for-bug-bounty-d946b5f26dd9?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, bug-bounty-tips, recon, hacking, infosec31-Dec-2024
This is a writeup of how can I get critical $$$$ bounty from PII Disclosure - Broken Accesshttps://medium.com/@0xNayelx/this-is-a-writeup-of-how-can-i-get-critical-bounty-from-pii-disclosure-broken-access-7a113e5dc50c?source=rss------bug_bounty-50xNayelbug-bounty-writeup, ctf-writeup, cybersecurity, bug-bounty-tips, bug-bounty31-Dec-2024
SQLi Time-Based Blind Finding Methodshttps://medium.com/@erkankavas/sqli-time-based-blind-finding-methods-cdef02de2d0e?source=rss------bug_bounty-5Erkan Kavassqli, ethical-hacking, bug-bounty, bug-bounty-tips, hacking31-Dec-2024
Old School Out-of-Band (OOB) SQL Injection Manual Approachhttps://anontuttuvenus.medium.com/old-school-out-of-band-oob-sql-injection-manual-approach-cc50b81c5984?source=rss------bug_bounty-5Anon Tuttu Venuswebapplicationpentest, sql-injection, bug-bounty, owasp-top-10, sqli31-Dec-2024
Alhamdulillah ❤️https://medium.com/@momenrezkk90/alhamdulillah-%EF%B8%8F-4c8ba456bec1?source=rss------bug_bounty-5MOAMEN REZKbug-bounty, cybersecurity, penetration-testing, bugs, red-team31-Dec-2024
Mastering Wfuzz: Uncover Hidden Web Vulnerabilitiesehttps://medium.com/@kumawatabhijeet2002/mastering-wfuzz-uncover-hidden-web-vulnerabilitiese-351cbbef18d6?source=rss------bug_bounty-5Abhijeet kumawathacking, bug-bounty-tips, bug-bounty, infosec, medium30-Dec-2024
Sql Injection Vulnerability via Registration Formhttps://medium.com/@kevstrs_/sql-injection-vulnerability-via-registration-form-ccaf7bbddd0b?source=rss------bug_bounty-5kevstrs_sql-injection, bug-bounty, injection, pentesting30-Dec-2024
How I was able to delete a production backend server in my first finding.https://gr3yg05t.medium.com/how-i-was-able-to-delete-a-production-backend-server-in-my-first-finding-5dcce8aa093c?source=rss------bug_bounty-5Mr Greybug-bounty, bug-bounty-tips, info-sec-writeups, infosec, bug-bounty-writeup30-Dec-2024
Triaging an LFI Vulnerability Reporthttps://anontriager.medium.com/triaging-an-lfi-vulnerability-report-ad9a33016f0c?source=rss------bug_bounty-5Anonymous Traigerjobs, programming, money, bug-bounty, cybersecurity30-Dec-2024
US Healthcare Providers May Be Hit With New Cybersecurity Ruleshttps://mhmmuneef.medium.com/us-healthcare-providers-may-be-hit-with-new-cybersecurity-rules-61aa2655ea79?source=rss------bug_bounty-5Mohammed Muneefhealthcare-technology, cybersecurity-awareness, news, bug-bounty, technology30-Dec-2024
️‍♂️ Enhancing Bug Bounty Programs in an AI-Driven Markethttps://infosecwriteups.com/%EF%B8%8F-%EF%B8%8F-enhancing-bug-bounty-programs-in-an-ai-driven-market-e512b0b2766a?source=rss------bug_bounty-5Tal Eliyahubug-bounty, genai, artificial-intelligence, security, cybersecurity30-Dec-2024
DNS Tunneling to Bypass Firewall.https://medium.com/@anandrishav2228/dns-tunneling-to-bypass-firewall-ab5e9d91bd7b?source=rss------bug_bounty-5Rishav anandfirewall, bug-bounty, money, hacking, cybersecurity30-Dec-2024
When APIs Can’t Keep Up: How I Exploited Misconfigured Rate Limits to Crash the Partyhttps://myselfakash20.medium.com/when-apis-cant-keep-up-how-i-exploited-misconfigured-rate-limits-to-crash-the-party-e5be48d4cacd?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, bug-bounty, bug-bounty-writeup, technology, cybersecurity30-Dec-2024
Exploiting SQLi to Query Database Version on MySQL and Microsofthttps://osintteam.blog/exploiting-sqli-to-query-database-version-on-mysql-and-microsoft-8d38a3ec42b4?source=rss------bug_bounty-5The Cybersec Cafésql-injection, cybersecurity, information-security, penetration-testing, bug-bounty30-Dec-2024
Server-side vulnerabilities | #1 PATH TRAVERSALhttps://medium.com/@agapehearts/server-side-vulnerabilities-1-path-traversal-5df782acb60d?source=rss------bug_bounty-5Agape HearTsethical-hacking, portswigger, servers, cybersecurity, bug-bounty30-Dec-2024
CSRF Enable 2FA allow User Lose Access to Their Account.https://anjarwilujeng.medium.com/csrf-enable-2fa-allow-user-lose-access-to-their-account-331eaed89d25?source=rss------bug_bounty-5AWesomebug-bounty, bug-bounty-writeup, csrf30-Dec-2024
Hacker Nedir ve Türleri Nelerdir?https://medium.com/@gzmpyrz99/hacker-nedir-ve-t%C3%BCrleri-nelerdir-abff0e616fbf?source=rss------bug_bounty-5Gizem Poyrazblue-team, hacker, red-team, scriptkkiddie, bug-bounty30-Dec-2024
When APIs Can’t Keep Up: How I Exploited Misconfigured Rate Limits to Crash the Partyhttps://infosecwriteups.com/when-apis-cant-keep-up-how-i-exploited-misconfigured-rate-limits-to-crash-the-party-e5be48d4cacd?source=rss------bug_bounty-5Akash Ghoshbug-bounty, hacking, programming, technology, cybersecurity30-Dec-2024
Weirdest access control vulnerability I have ever found…https://siratsami71.medium.com/weirdest-access-control-vulnerability-i-have-ever-found-b3ea97019fad?source=rss------bug_bounty-5Sirat Sami (analyz3r)hackerone, security, pentesting, bug-bounty30-Dec-2024
What Bug Bounty Hunters Don’t Tell You.https://medium.com/@padhyepushkar/what-bug-bounty-hunters-dont-tell-you-78969ca0916a?source=rss------bug_bounty-5Pushkar Padhyebug-bounty, bug-bounty-writeup, bug-bounty-tips, blogging, knowledge30-Dec-2024
Unauthorized Account Deletion via Email Spoofinghttps://medium.com/@Salmansaifeldin/unauthorized-account-deletion-via-email-spoofing-dbfccad287c7?source=rss------bug_bounty-5Salman SaifEl-Dinbug-bounty-tips, cybersecurity, bug-bounty30-Dec-2024
Unlocking Secrets: How to Create Your Own Wordlist for Hidden Directories and Endpoints ✨https://medium.com/@kumawatabhijeet2002/unlocking-secrets-how-to-create-your-own-wordlist-for-hidden-directories-and-endpoints-9d78539857b3?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, hacking, bug-bounty, medium, infosec30-Dec-2024
Bug Bounty Insights: 10 Key Findings - Email Verification Flaws - Part 4https://medium.com/@maakthon/bug-bounty-insights-10-key-findings-email-verification-flaws-part-4-49412c461450?source=rss------bug_bounty-5Mahmoud Abd Alkarimbug-bounty-tips, security-research, bug-bounty, cybersecurity, broken-access-control30-Dec-2024
Delete any comment without admin privilegehttps://medium.com/@a.essam0_o/delete-any-comment-without-admin-privilege-d5af9105ed9d?source=rss------bug_bounty-5A.Essamattack, bug-bounty, web, hacking, pentesting30-Dec-2024
PortSwigger — Authenticationhttps://medium.com/@rzashirinov38/portswigger-authentication-e3760f4d1411?source=rss------bug_bounty-5Rza Shirinovportswigger, authentication, web, bug-bounty, login30-Dec-2024
Hidden Gems: Simple Exploits Overlooked by Most Bug Huntershttps://bitpanic.medium.com/hidden-gems-simple-exploits-overlooked-by-most-bug-hunters-3113cc1db4b8?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, bug-bounty, technology, cybersecurity, programming30-Dec-2024
Apache MINA CVE-2024–52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serializationhttps://medium.com/@wiretor/apache-mina-cve-2024-52046-cvss-10-0-flaw-enables-rce-via-unsafe-serialization-1d042d0ad53e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesxss-attack, malware, hacking, bug-bounty, apache-mina30-Dec-2024
Outdated D-Link Routers Under Siege: Botnets Exploit Vulnerabilitieshttps://medium.com/@wiretor/outdated-d-link-routers-under-siege-botnets-exploit-vulnerabilities-24fa380d9e2e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, ai, xss-attack, hacking30-Dec-2024
US Cracks Down on Foreign Exploitation of Personal Informationhttps://medium.com/@wiretor/us-cracks-down-on-foreign-exploitation-of-personal-information-1c57dd844750?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, usa, bug-bounty, hacker, xss-attack30-Dec-2024
Telecom Giants Secure Networks After Salt Typhoon Espionage Scandalhttps://medium.com/@wiretor/telecom-giants-secure-networks-after-salt-typhoon-espionage-scandal-106159c959ba?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesxss-attack, bug-bounty, malware, ai, hacking30-Dec-2024
Useful Extensions for Bug Bounty Huntinghttps://medium.com/@phirojshah20/useful-extensions-for-bug-bounty-hunting-0a1f4e32344c?source=rss------bug_bounty-5Phirojshahcybersecurity, bug-bounty, bugs, bug-bounty-tips, extension30-Dec-2024
How to Find Origin IP of any Website Behind a WAFhttps://infosecwriteups.com/how-to-find-origin-ip-of-any-website-behind-a-waf-c85095156ef7?source=rss------bug_bounty-5coffinxpbug-bounty-tips, waf-bypass, bug-bounty, technology, recon30-Dec-2024
Mastering the Art of Bug Bounty Hunting: A Step-by-Step Guidehttps://medium.com/@kumawatabhijeet2002/mastering-the-art-of-bug-bounty-hunting-a-step-by-step-guide-8eaabfe1cbf6?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, infosec, hacking, free, bug-bounty-tips30-Dec-2024
Discovered 30 BOLA + IDOR vulnerabilities in a single subdomain (BBP).https://im4x.medium.com/discovered-30-bola-idor-vulnerabilities-in-a-single-subdomain-bbp-a382e4554e71?source=rss------bug_bounty-5Ahmed Najehhacking, bug-bounty, hackerone30-Dec-2024
How I Took Over Millions of Instagram Accounts Using SQL Injection Method & Takeover via Filtering…https://pwn0sec.medium.com/how-i-took-over-millions-of-instagram-accounts-using-sql-injection-method-takeover-via-filtering-cd858d486a54?source=rss------bug_bounty-5PwnOsec Research Groupsindonesian, bug-bounty, pemerintah-indonesia, bug-bounty-tips30-Dec-2024
Breaking app’s logic workflow to decrease the payments’ amountshttps://medium.com/@bag0zathev2/breaking-apps-logic-workflow-to-decrease-the-payments-amounts-9c9f44efe23d?source=rss------bug_bounty-5Fares Walid (SirBugs)cybersecurity, bug-bounty, bug-hunting, payment-gateway, payments29-Dec-2024
Command Injection (Tryhackme and Owaspbwa)https://medium.com/@BetterBy0x01/command-injection-tryhackme-and-owaspbwa-6765b324c99d?source=rss------bug_bounty-5Ashutosh Singh Patelcommand-injection, security, bug-hunting, hacking, bug-bounty29-Dec-2024
how i found the parameter tempering vulnerability?https://doordiefordream.medium.com/how-i-found-the-parameter-tempering-vulnerability-09c4ea5f9675?source=rss------bug_bounty-5Bug hunter balubug-bounty, hacking, cybersecurity, ethical-hacking, web329-Dec-2024
Cross-Domain Referrer Leakage (Bug Bounty)https://anontriager.medium.com/cross-domain-referrer-leakage-bug-bounty-5c7fb967883d?source=rss------bug_bounty-5Anonymous Traigerbug-bounty, cybersecurity, bug-bounty-tips, jobs, bug-bounty-writeup29-Dec-2024
How to find SSRF, Bypass Cloudflare, and extract AWS metadatahttps://anontriager.medium.com/how-to-find-ssrf-bypass-cloudflare-and-extract-aws-metadata-46d1ee6d1857?source=rss------bug_bounty-5Anonymous Traigercybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty, jobs29-Dec-2024
Uncovering Race Conditions in Endpoint API Key Generationhttps://anjarwilujeng.medium.com/uncovering-race-conditions-in-endpoint-api-key-generation-dec3abf31a83?source=rss------bug_bounty-5AWesomerace-condition, bug-bounty-writeup, bug-bounty29-Dec-2024
HTB Write-Up: Retrieving the Flag via cURL | 使用 cURL 提取 Flaghttps://medium.com/@lixinlovestudy/htb-write-up-retrieving-the-flag-via-curl-%E4%BD%BF%E7%94%A8-curl-%E6%8F%90%E5%8F%96-flag-5987084868bb?source=rss------bug_bounty-5Lixin Zhanghackthebox, writeup, bug-bounty29-Dec-2024
Complete Guide to SQL Injection Detection: A Security Researcher’s Handbookhttps://medium.com/@phirojshah20/complete-guide-to-sql-injection-detection-a-security-researchers-handbook-c3b25d40bdb6?source=rss------bug_bounty-5Phirojshahcybersecurity, bug-bounty, sql, sql-injection, bugs29-Dec-2024
Apk Bug Boundy Guidehttps://medium.com/@adithyakrishnav001/apk-bug-boundy-guide-7968d04baf7e?source=rss------bug_bounty-5Adithyakrishna Vhacking, android, bug-bounty, apk, aad129-Dec-2024
Crack the Code: A Beginner’s Blueprint to Cybersecurity Successhttps://medium.com/@divyesh.jagad/crack-the-code-a-beginners-blueprint-to-cybersecurity-success-6aa6546a89bd?source=rss------bug_bounty-5Divyesh Jagadinfosec, cybersecurity, bug-bounty, beginner, income29-Dec-2024
Hunting Hidden Gems: Bug Bounties in the Code of JavaScripthttps://medium.com/@loayahmed686/hunting-hidden-gems-bug-bounties-in-the-code-of-javascript-f369a6617204?source=rss------bug_bounty-5r00tcode-review, bug-bounty-tips, bug-bounty29-Dec-2024
BEST AUTOMATED TOOLS THAT YOU NEED TO KNOW NOW ?????https://jawstar.medium.com/best-automated-tools-that-you-need-to-know-now-f7c883f0487c?source=rss------bug_bounty-5Jawstarautomation-testing, automation, penetration-testing, vulnerability, bug-bounty29-Dec-2024
OWASP Top 10 2025: What to Expecthttps://infosecwriteups.com/owasp-top-10-2025-what-to-expect-22b8ede0c428?source=rss------bug_bounty-5Aditya Sawantpenetration-testing, bug-bounty, information-security, owasp, cybersecurity29-Dec-2024
Brazilian Hacker Charged with Extorting $3.2M in Bitcoin After Breaching 300,000 Accountshttps://medium.com/@wiretor/brazilian-hacker-charged-with-extorting-3-2m-in-bitcoin-after-breaching-300-000-accounts-22a888c20177?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesxss-attack, ai, business, bug-bounty, malware29-Dec-2024
Ruijie Networks’ Cloud Platform Vulnerabilities Could Expose 50,000 Devices to Remote Attackshttps://medium.com/@wiretor/ruijie-networks-cloud-platform-vulnerabilities-could-expose-50-000-devices-to-remote-attacks-0c71e3e230b0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacker, bug-bounty, ai, business, malware29-Dec-2024
Critical Alert: CVE-2024–12356 Command Injection Vulnerability in BeyondTrust RS & PRAhttps://medium.com/@wiretor/critical-alert-cve-2024-12356-command-injection-vulnerability-in-beyondtrust-rs-pra-6e8df2f63471?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, ai, bus, malware29-Dec-2024
Hackers Target ZAGG Customers in Third-Party Breach: Credit Card Data Exposedhttps://medium.com/@wiretor/hackers-target-zagg-customers-in-third-party-breach-credit-card-data-exposed-8d2ac0f66ba2?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, business, bug-bounty, malware, hacker29-Dec-2024
Mastering DIRB: Your Guide to Uncovering Hidden Web Directorieshttps://medium.com/@kumawatabhijeet2002/mastering-dirb-your-guide-to-uncovering-hidden-web-directories-d336f6dafa36?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, hacking, infosec, free, bug-bounty-tips29-Dec-2024
Every Flask app hides a story—be the one to uncover ithttps://bitpanic.medium.com/every-flask-app-hides-a-story-be-the-one-to-uncover-it-32f2942f7927?source=rss------bug_bounty-5Spectat0rguyinformation-security, cybersecurity, technology, bug-bounty, bug-bounty-tips29-Dec-2024
How I Unsubscribed 100+ Emails Including CEO*CTO*CISO* Etc Of The Company With Out User Interactionhttps://medium.com/@alexandermr289/how-i-unsubscribed-100-emails-including-ceo-cto-ciso-etc-of-the-company-with-out-user-interaction-f6d78320ddaf?source=rss------bug_bounty-5Mr_alexanderosint, cybersecurity, medium, bug-bounty, darkweb29-Dec-2024
HTML Injectionhttps://medium.com/@mastergojo122/html-injection-b6f4151c7d6a?source=rss------bug_bounty-5Wahid Najimhtml-injection, bug-bounty-writeup, cybersecurity, bug-bounty29-Dec-2024
403/401 Bypass Methods + Bash Automation + Your Support 😉https://anontriager.medium.com/403-401-bypass-methods-bash-automation-your-support-5468b93599fd?source=rss------bug_bounty-5Anonymous Traigerbug-bounty, cybersecurity, bugbounty-tips, bug-bounty-writeup28-Dec-2024
The Bug Bounty Reconnaissance Framework (BBRF)https://anontriager.medium.com/the-bug-bounty-reconnaissance-framework-bbrf-9e6d5d814551?source=rss------bug_bounty-5Anonymous Traigerbug-bounty, cybersecurity, bugbounty-tips, bug-bounty-writeup28-Dec-2024
You can find hardcoded API-Key, Secret, Token Etc…https://anontriager.medium.com/you-can-find-hardcoded-api-key-secret-token-etc-d27130c481a8?source=rss------bug_bounty-5Anonymous Traigercybersecurity, bugbounty-poc, bug-bounty, bugbounting, bug-bounty-tips28-Dec-2024
Exploiting Weak Password Change Mechanisms: Real-World Scenarioshttps://medium.com/@alvinbijo_174/exploiting-weak-password-change-mechanisms-real-world-scenarios-84394158e9d8?source=rss------bug_bounty-5session-xbug-bounty-tips, bug-bounty28-Dec-2024
IDOR Flaw Leads to $1160 Bounty (1/30 DAYS)https://medium.com/@zerodaystories/idor-flaw-leads-to-1160-bounty-1-30-days-406cd288bebb?source=rss------bug_bounty-50day storiesbug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-writeup, penetration-testing28-Dec-2024
How I was able to delete MFA of any user without Authenticationhttps://medium.com/@sharp488/how-i-was-able-to-delete-mfa-of-any-user-without-authentication-814904b506a2?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty-writeup, information-security, bug-bounty-hunter, bug-bounty-tips, bug-bounty28-Dec-2024
Bug Hunting Methodology: A Comprehensive Guidehttps://medium.com/@phirojshah20/bug-hunting-methodology-a-comprehensive-guide-619978852f89?source=rss------bug_bounty-5Phirojshahrecon, reconnaissance, bug-bounty, bug-bounty-tips, cybersecurity28-Dec-2024
Best Cyber Security tools You Must Know before 2024 ENDShttps://medium.com/meetcyber/best-cyber-security-tools-you-must-know-before-2024-ends-c207bd6ba0cd?source=rss------bug_bounty-5Abhishek pawarbug-bounty, hacking, news, cybersecurity, ethical-hacking28-Dec-2024
Default Credentials Put 15,000+ Four-Faith Routers at Riskhttps://medium.com/@wiretor/default-credentials-put-15-000-four-faith-routers-at-risk-65d235b23cfe?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacker, malware, business, bug-bounty, ai28-Dec-2024
✈️ Japan Airlines Hit by Cyberattack: A Wake-Up Call for Aviation Cybersecurity! ✈️https://medium.com/@wiretor/%EF%B8%8F-japan-airlines-hit-by-cyberattack-a-wake-up-call-for-aviation-cybersecurity-%EF%B8%8F-dfddcafa3d34?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, xss-attack, hacking, japan, bug-bounty28-Dec-2024
Volkswagen Leak Reveals 800,000 Cars’ Data: Precision Geo-Locations Exposed!https://medium.com/@wiretor/volkswagen-leak-reveals-800-000-cars-data-precision-geo-locations-exposed-80acc7587581?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ai, bug-bounty, hacking, business28-Dec-2024
Chinese Hackers Target U.S. Telecoms: What You Need to Knowhttps://medium.com/@wiretor/chinese-hackers-target-u-s-telecoms-what-you-need-to-know-4637ca456eeb?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, malware, ai, business28-Dec-2024
Mastering Gobuster: Unveiling Hidden Paths in Web Applicationshttps://medium.com/@kumawatabhijeet2002/mastering-gobuster-unveiling-hidden-paths-in-web-applications-2c7b6bb2fb1d?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, bug-bounty-tips, hidden, hacking, infosec28-Dec-2024
Admin Hunter: Fast and Efficient Admin Panel Discoveryhttps://medium.com/@rootspaghetti/admin-hunter-fast-and-efficient-admin-panel-discovery-6461e818942c?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, bug-bounty28-Dec-2024
Logic Flaw: Turning an Invitation Function into a Revenue Blockerhttps://gr3yg05t.medium.com/logic-flaw-turning-an-invitation-function-into-a-revenue-blocker-b4523dc46dde?source=rss------bug_bounty-5Mr Greybug-bounty-writeup, bug-bounty-tips, bug-bounty, business-logic-flaw, infosec27-Dec-2024
Most commonly found Vulnerabilities in Web Applications.https://medium.com/paktolus-engineering/most-commonly-found-vulnerabilities-in-web-applications-01dfb54530e2?source=rss------bug_bounty-5Jay Shankarpenetration-testing, web-vulnerabilities, bug-bounty-writeup, bug-bounty, vapt-services27-Dec-2024
Logic Flaw: Using Invitation Function to Block Other Accountshttps://gr3yg05t.medium.com/logic-flaw-turning-an-invitation-function-into-a-revenue-blocker-b4523dc46dde?source=rss------bug_bounty-5Mr Greybug-bounty-writeup, bug-bounty-tips, bug-bounty, business-logic-flaw, infosec27-Dec-2024
Cookie Replayhttps://vikasrai11.medium.com/cookie-replay-e379800e40b2?source=rss------bug_bounty-5Vikas Raipenetration-testing, bug-bounty, vulnerability, security-token, cybersecurity27-Dec-2024
How i accidentally found a 1-click account takeover bughttps://infosecwriteups.com/how-i-accidentally-found-a-1-click-account-takeover-bug-dd27a512dd22?source=rss------bug_bounty-5callgh0staccount-takeover, transparency, gaza, bug-bounty, hacking27-Dec-2024
Is 2025 the Year to Begin Bug Bounty Hunting? Here’s What you need to Know ..https://medium.com/@techinsights5/is-2025-the-year-to-begin-bug-bounty-hunting-heres-what-you-need-to-know-3e61bcf14a4b?source=rss------bug_bounty-5TechInsightsethical-hacking, bug-bounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity27-Dec-2024
AdsPower「安全众测计划」后,What’s Next?https://medium.com/@AdsPowerHK/adspower-%E5%AE%89%E5%85%A8%E4%BC%97%E6%B5%8B%E8%AE%A1%E5%88%92-%E5%90%8E-whats-next-01a612937c93?source=rss------bug_bounty-5AdsPower 指紋瀏覽器bug-bounty, 指纹浏览器, adspower27-Dec-2024
The WAF Gambit: How I Bypassed a Client’s Web Application Firewall and Exposed a Vulnerabilityhttps://medium.com/@GHOSTWIELD/the-waf-gambit-how-i-bypassed-a-clients-web-application-firewall-and-exposed-a-vulnerability-d8f47452429a?source=rss------bug_bounty-5GhostWieldcybersecurity, money, hacking, trends, bug-bounty27-Dec-2024
Game Hacking: Exploiting Executables and Librarieshttps://medium.com/@k3r0/game-hacking-exploiting-executables-and-libraries-27c1b144732a?source=rss------bug_bounty-5Kyrillos nadyhacking, android, bug-bounty, penetration-testing, games27-Dec-2024
Bug Bounty Hunting Using Android: A Mobile Hacker’s Toolkithttps://bitpanic.medium.com/bug-bounty-hunting-using-android-a-mobile-hackers-toolkit-195ea39cccd6?source=rss------bug_bounty-5Spectat0rguyinformation-security, bug-bounty, technology, bug-bounty-tips, cybersecurity27-Dec-2024
Hackers Exploit CVE-2024–3393 to Disable Palo Alto Networks Firewallshttps://medium.com/@wiretor/hackers-exploit-cve-2024-3393-to-disable-palo-alto-networks-firewalls-00e89bb60c11?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, xss-attack, malware, hacking27-Dec-2024
Beware of ‘OtterCookie’ Malware: Devs Targeted with Fake Job Offers!https://medium.com/@wiretor/beware-of-ottercookie-malware-devs-targeted-with-fake-job-offers-01367c51f639?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, malware, bug-bounty, hacking, ai27-Dec-2024
Chrome Extensions Hijacked: Protect Your Data Now!https://medium.com/@wiretor/chrome-extensions-hijacked-protect-your-data-now-8bd0e43d8473?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesxs, hacking, malware, bug-bounty, ai27-Dec-2024
Mastering FFUF: The Ultimate Fuzzing Toolkithttps://medium.com/@kumawatabhijeet2002/mastering-ffuf-the-ultimate-fuzzing-toolkit-e16a85416c5c?source=rss------bug_bounty-5Abhijeet kumawathacking, bug-bounty, bug-bounty-tips, infosec, medium27-Dec-2024
BPP [$750]Arbitrary File Upload Vulnerability To Remote Code Execution (RCE) Outside the Platform.https://aryasec.medium.com/bpp-750-arbitrary-file-upload-vulnerability-to-remote-code-execution-rce-outside-the-platform-9093b51d044d?source=rss------bug_bounty-5Tengku Arya Saputrarce-vulnerability, penetration-testing, bug-bounty, rce, bug-bounty-writeup27-Dec-2024
Must-Have Browser Extensions for Bug Bounty Huntershttps://aiwolfie.medium.com/must-have-browser-extensions-for-bug-bounty-hunters-58edff558912?source=rss------bug_bounty-5AIwolfiebug-bounty, bug-bounty-tips, hacking, ethical-hacking, bug-bounty-writeup27-Dec-2024
Bug Chain: pre-auth takeover to permanent access.https://gr3yg05t.medium.com/bug-chain-pre-auth-takeover-to-permanent-access-4d92829ed816?source=rss------bug_bounty-5Mr Greybug-bounty-tips, bug-bounty, infosec, bug-bounty-writeup, business-logic-flaw27-Dec-2024
Bug Bounty Hunting Using Android: A Mobile Hacker’s Toolkithttps://medium.com/infosecmatrix/bug-bounty-hunting-using-android-a-mobile-hackers-toolkit-195ea39cccd6?source=rss------bug_bounty-5Spectat0rguyinformation-security, bug-bounty, technology, bug-bounty-tips, cybersecurity27-Dec-2024
Uncovering Amazon S3 Bucket Vulnerabilities: A Comprehensive Guide for Ethical Hackershttps://medium.com/@kumawatabhijeet2002/uncovering-amazon-s3-bucket-vulnerabilities-a-comprehensive-guide-for-ethical-hackers-124790bf9e62?source=rss------bug_bounty-5Abhijeet kumawats3, amazon, hacking, bug-bounty-tips, bug-bounty26-Dec-2024
How i Found WCP To DoS Attack Worth of $$$https://medium.com/@RekoJR/how-i-found-wcp-to-dos-attack-worth-of-f1a14553be82?source=rss------bug_bounty-5Reko !bug-bounty-tips, cache, bug-bounty26-Dec-2024
My Second Year into Bug Bounties — From Google Dorks to Manual Huntinghttps://medium.com/@vedantroy/my-second-year-into-bug-bounties-from-google-dorks-to-manual-hunting-ea8f80dc5b21?source=rss------bug_bounty-5Vedant Roybugbounty-writeup, cybersecurity, bugs, bug-bounty, bug-bounty-tips26-Dec-2024
Find XSS Vulnerabilities in Just 2 Minuteshttps://coffinxp.medium.com/find-xss-vulnerabilities-in-just-2-minutes-d14b63d000b1?source=rss------bug_bounty-5coffinxpxss-attack, hacking, automation, bug-bounty-tips, bug-bounty26-Dec-2024
Uncovering Amazon S3 Bucket Vulnerabilities: A Comprehensive Guide for Ethical Hackershttps://medium.com/infosecmatrix/uncovering-amazon-s3-bucket-vulnerabilities-a-comprehensive-guide-for-ethical-hackers-124790bf9e62?source=rss------bug_bounty-5Abhijeet kumawats3, amazon, hacking, bug-bounty-tips, bug-bounty26-Dec-2024
Easy Bounties: JavaScript (JS) File Analysishttps://aditya-narayan.medium.com/easy-bounties-javascript-js-file-analysis-72ba5eb44822?source=rss------bug_bounty-5Aditya Narayanbug-bounty-writeup, cybersecurity, writers-on-medium, bug-bounty-tips, bug-bounty26-Dec-2024
Stuxnet: The Virus That Shook the Worldhttps://medium.com/@zerodaystories/stuxnet-the-virus-that-shook-the-world-27e7f1349c8f?source=rss------bug_bounty-50day storiestechnology, science, bug-bounty, cybersecurity, hacking26-Dec-2024
Unauthenticated RCE Bug Bounty POC | Private Bug Bounty Program | CVE-2020–11798https://pwn0sec.medium.com/unauthenticated-rce-bug-bounty-poc-private-bug-bounty-program-cve-2020-11798-dbbb626b9fdb?source=rss------bug_bounty-5PwnOsec Research Groupsferari, bug-bounty-tips, bug-bounty26-Dec-2024
Access Granted !https://vikasrai11.medium.com/access-granted-5f4747775247?source=rss------bug_bounty-5Vikas Raibug-bounty, cybersecurity, acces, vulnerability26-Dec-2024
Traditional Pentest vs. Bug Bounty Program: The Pros, The Cons, and How to Do It Righthttps://medium.com/@hackrate/traditional-pentest-vs-bug-bounty-program-the-pros-the-cons-and-how-to-do-it-right-f2d8beff40bf?source=rss------bug_bounty-5Levente Molnarpenetration-testing, ethical-hacking, hacking, cybersecurity, bug-bounty26-Dec-2024
Apache Traffic Control Vulnerability Let Attackers Inject Malicious SQL Commandshttps://mhmmuneef.medium.com/apache-traffic-control-vulnerability-let-attackers-inject-malicious-sql-commands-66188cbcd84d?source=rss------bug_bounty-5Mohammed Muneefhacking, bug-bounty, information-security, technology, cybersecurity26-Dec-2024
Critical SQL Injection Vulnerability in Apache Traffic Controlhttps://medium.com/@wiretor/critical-sql-injection-vulnerability-in-apache-traffic-control-a28cedca8b93?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, malware, xss-attack, bug-bounty, ai26-Dec-2024
IBM AIX Vulnerability: Attackers Can Trigger DoS Conditionhttps://medium.com/@wiretor/ibm-aix-vulnerability-attackers-can-trigger-dos-condition-5a5532a8ba66?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, hacker, xss-attack, malware26-Dec-2024
Find Secrets in Hidden Directories Using Fuzzing ️https://medium.com/@kumawatabhijeet2002/find-secrets-in-hidden-directories-using-fuzzing-%EF%B8%8F-21a9a96c3246?source=rss------bug_bounty-5Abhijeet kumawatfuzzing, infosec, bug-bounty, hacking, bounty-program26-Dec-2024
How I found an IDOR on Achmeahttps://medium.com/@nayeems3c/how-i-found-idor-on-achmea-cf9ce4b7d908?source=rss------bug_bounty-5Nayeem Islambug-bounty, idor, penetration-testing, bug-bounty-writeup, web-security26-Dec-2024
Earn up to $30,000 by just thinking like a pro hacker while pentesting.https://medium.com/@anandrishav2228/earn-up-to-30-000-by-just-thinking-like-a-pro-hacker-while-pentesting-da8e5984ccb9?source=rss------bug_bounty-5Rishav anandbug-bounty, hacker, money, penetration-testing, cybersecurity26-Dec-2024
Fuzzing with AFL++https://medium.com/@arohablue/introduction-to-fuzzing-with-afl-42d37ea78386?source=rss------bug_bounty-5Aroha bluebug-bounty, afl, fuzzing, kali, security26-Dec-2024
XSS Via SVG File Uploadhttps://abhishekgk.medium.com/xss-via-svg-file-upload-5c30af809107?source=rss------bug_bounty-5Abhishekgkbug-bounty, file-upload-vulnerability, bug-bounty-tips, xss-attack, bug-bounty-writeup26-Dec-2024
Interesting Technique to Enumerate Table Names in MySQL 8.xhttps://j3x.medium.com/interesting-technique-to-enumerate-table-names-in-mysql-8-x-668857d43186?source=rss------bug_bounty-5Amdjed Zerrouguibug-bounty, cybersecurity, hacking, penetration-testing26-Dec-2024
Bug Critical Flaw: Default Password to Super Admin!https://medium.com/@firdansp/bug-critical-flaw-default-password-to-super-admin-ef20c4214231?source=rss------bug_bounty-50verRidabugs, cybersecurity, bug-bounty, bug-bounty-tips, hacker25-Dec-2024
Business logic: I can order anything from your account without paying for ithttps://gr3yg05t.medium.com/business-logic-i-can-order-anything-from-your-account-without-paying-for-it-86ef070e01dd?source=rss------bug_bounty-5Mr Greyinfosec, bug-bounty, business-logic-flaw, infosec-write-ups, bug-bounty-writeup25-Dec-2024
My First Encounter with Stored XSS ️‍♂️https://infosecwriteups.com/my-first-encounter-with-stored-xss-%EF%B8%8F-%EF%B8%8F-88e167582b7e?source=rss------bug_bounty-5cryptoshantcybersecurity, bug-bounty, hacking, stored-xss, success25-Dec-2024
How I accidentally found an IDOR bug in Google slides and rewarded $3,133.70https://medium.com/@atikqur007/how-i-accidentally-found-an-idor-bug-in-google-slides-and-rewarded-3-133-70-96866fac3af1?source=rss------bug_bounty-5Atikqur Rahmanbugbounty-writeup, cybersecurity, bug-bounty, google, pentesting25-Dec-2024
Escalating a duplicate Access Control bug to hijack Google Calendar Accounts for a €300 Bountyhttps://medium.com/@saltify/escalating-a-duplicate-access-control-bug-to-hijack-google-calendar-accounts-for-a-300-bounty-a5358cfc868f?source=rss------bug_bounty-5saltifyinfosec, bug-bounty, ethical-hacking, cybersecurity25-Dec-2024
API Pentesting: Broken Object Property Level Authorizationhttps://devilwrites.medium.com/api-pentesting-broken-object-property-level-authorization-21d65939ad24?source=rss------bug_bounty-5hackerdevilapi-security, api, owasp, penetration-testing, bug-bounty25-Dec-2024
Autentic Platform Launches Bug Bounty Program to Strengthen Securityhttps://autentic.medium.com/autentic-platform-launches-bug-bounty-program-to-strengthen-security-0aaad03b4a6e?source=rss------bug_bounty-5Autentic RWAautentic, bug-bounty25-Dec-2024
10 of the biggest cybersecurity stories of 2024https://mhmmuneef.medium.com/10-of-the-biggest-cybersecurity-stories-of-2024-45037b13530f?source=rss------bug_bounty-5Mohammed Muneefnews, medium, bug-bounty, technology, hacker25-Dec-2024
10 Burp Suite Extensions you must have in your arsenalhttps://bitpanic.medium.com/10-burp-suite-extensions-you-must-have-in-your-arsenal-a3ce81fefb05?source=rss------bug_bounty-5Spectat0rguybug-bounty, technology, infosec, cybersecurity, bug-bounty-tips25-Dec-2024
Cross-Site Scripting (XSS): Techniques, Bypasses, and Detectionhttps://medium.com/@rootast/cross-site-scripting-xss-techniques-bypasses-and-detection-927af5a55d02?source=rss------bug_bounty-5Arash shahbazixss-attack, javascript, hacker, methodology, bug-bounty25-Dec-2024
How Would I Start Cybersecurity If I Knew This? A 1-Year Roadmap for 2025https://medium.com/@afilalbadr2/how-would-i-start-cybersecurity-if-i-knew-this-a-1-year-roadmap-for-2025-c069ba183dc0?source=rss------bug_bounty-5Afilalbadrjob-preparation, active-directory-attack, hacking, bug-bounty, penetration-testing25-Dec-2024
The Ultimate Checklist for Detecting IDOR and Broken Access Control Vulnerabilitieshttps://thexssrat.medium.com/the-ultimate-checklist-for-detecting-idor-and-broken-access-control-vulnerabilities-b1585dd4e999?source=rss------bug_bounty-5Thexssrathacking, bug-bounty, hacker, broken-access-control, bug-bounty-tips25-Dec-2024
How Would I Start Cybersecurity If I Knew This? A 1-Year Roadmap for 2025https://medium.com/@GHOSTWIELD/how-would-i-start-cybersecurity-if-i-knew-this-a-1-year-roadmap-for-2025-c069ba183dc0?source=rss------bug_bounty-5GhostWieldjob-preparation, active-directory-attack, hacking, bug-bounty, penetration-testing25-Dec-2024
Website Enumeration and Information Gathering [Part 2]https://medium.com/@BetterBy0x01/website-enumeration-and-information-gathering-part-2-3588cf9e0529?source=rss------bug_bounty-5Ashutosh Singh Patelsecurity, bug-bounty, hacking, bug-bounty-tips24-Dec-2024
How I Test for Open Redirecthttps://osintteam.blog/how-i-test-for-open-redirect-271cd0d0ae55?source=rss------bug_bounty-5Cybersec with Hemmarsbug-bounty, cybersecurity, technology, open-redirect, bug-bounty-writeup24-Dec-2024
Find Bug in 10 Minutes: Critical SQL File Leak Reveals Sensitive Datahttps://medium.com/@firdansp/find-bug-in-10-minutes-critical-sql-file-leak-reveals-sensitive-data-84e48fece4bb?source=rss------bug_bounty-50verRidabug-bounty-tips, bug-bounty, bugs, cybersecurity, writeup24-Dec-2024
Important Windows Events Every SOC Analyst Should Knowhttps://medium.com/@paritoshblogs/important-windows-events-every-soc-analyst-should-know-ed91bce15ed2?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, chatgpt, cybersecurity, hacking24-Dec-2024
Rickdiculouslyeasy 1 — VulnHub Write-uphttps://medium.com/@aminouji23/rickdiculouslyeasy-1-vulnhub-write-up-eb59e824baa7?source=rss------bug_bounty-5Aminoujivulnhub, bug-bounty, ctf-writeup, penetration-testing, cybersecurity24-Dec-2024
Bug Bounty Journey — Valid Report Part 2https://medium.com/@0xF3r4t/bug-bounty-journey-valid-report-part-2-0f3a075e2a65?source=rss------bug_bounty-50xF3r4twaybackurls, bug-bounty-writeup, bug-bounty24-Dec-2024
Bug Bounty Journey — Valid Report 1https://medium.com/@0xF3r4t/bug-bounty-journey-valid-report-1-ffc38d6799a4?source=rss------bug_bounty-50xF3r4tdirsearch, bug-bounty, vdp24-Dec-2024
Penetration Testing Tools — The Basicshttps://medium.com/@iamshafayat/penetration-testing-tools-the-basics-46367acc653e?source=rss------bug_bounty-5Shafayat Ahmed Alifpentest, cybersecurity, bug-bounty, pentest-tools, penetration-testing24-Dec-2024
500$ Secrets: Uncovering Critical Vulnerabilities with Advanced JavaScript Analysishttps://hackersatty.medium.com/500-secrets-uncovering-critical-vulnerabilities-with-advanced-javascript-analysis-ab9a970dc8e8?source=rss------bug_bounty-5hackersattymedium, bug-bounty, javascript, hackerone, bug-bounty-tips24-Dec-2024
A Seemingly Harmless Bug That Could Cost a Company Millionshttps://bitpanic.medium.com/a-seemingly-harmless-bug-that-could-cost-a-company-millions-aeada3a31bae?source=rss------bug_bounty-5Spectat0rguycybersecurity, technology, programming, bug-bounty, bug-bounty-tips24-Dec-2024
Why 2025 Will Be the Year of Bug Bountyhttps://medium.com/@hackrate/why-2025-will-be-the-year-of-bug-bounty-9811e3987e78?source=rss------bug_bounty-5Levente Molnarpenetration-testing, cybersecurity, ethical-hacking, hacking, bug-bounty24-Dec-2024
RISE OF 0-DAYhttps://medium.com/@zerodaystories/rise-of-0-day-cd35fe1c8e62?source=rss------bug_bounty-50day storiespenetration-testing, hacker, technology, bug-bounty, hacking24-Dec-2024
Seven Critical Vulnerabilities Found in Premium WPLMS WordPress Pluginshttps://medium.com/@wiretor/seven-critical-vulnerabilities-found-in-premium-wplms-wordpress-plugins-c3ce57c55bae?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, xss-attack, bug-bounty, hacking, ai24-Dec-2024
New Glutton Malware Exploits Popular PHP Frameworkshttps://medium.com/@wiretor/new-glutton-malware-exploits-popular-php-frameworks-2a5914f89407?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, ai, malware, hacking, bug-bounty24-Dec-2024
Advent of Cyber 2024 [ Day 24 ] Writeup with Answers | TryHackMe Walkthroughhttps://medium.com/infosecmatrix/advent-of-cyber-2024-day-24-writeup-with-answers-tryhackme-walkthrough-18393b422649?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, tryhackme, hacking, careers24-Dec-2024
From Broken Access Control to First Bountyhttps://infosecwriteups.com/from-broken-access-control-to-first-bounty-01712b1dab53?source=rss------bug_bounty-5callgh0stgaza, bug-bounty, palestine, hacking, access-control24-Dec-2024
Received an Appreciation Letter from NASAhttps://medium.com/@kumawatabhijeet2002/received-an-appreciation-letter-from-nasa-927c3d1ae828?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, nasa, appreciation, xss-attack, infosec24-Dec-2024
A Seemingly Harmless Bug That Could Cost a Company Millionshttps://medium.com/infosecmatrix/a-seemingly-harmless-bug-that-could-cost-a-company-millions-aeada3a31bae?source=rss------bug_bounty-5Spectat0rguycybersecurity, technology, programming, bug-bounty, bug-bounty-tips24-Dec-2024
Breaking Through the Limits: How I Bypassed Rate-Limiting with IP and Username Rotationhttps://medium.com/@abdelrahhmanhisham/breaking-through-the-limits-how-i-bypassed-rate-limiting-with-ip-and-username-rotation-d8de230aec2a?source=rss------bug_bounty-5Abdelrahhmanhishambug-bounty-tips, bug-bounty, rate-limit, exploit, rate-limit-bypass23-Dec-2024
How I Discovered Private Programs and New Programs Set to Launch on HackerOnehttps://medium.com/@hossam_hamada/how-i-discovered-private-programs-and-new-programs-set-to-launch-on-hackerone-a85117a70d7b?source=rss------bug_bounty-5Hossam Hamadahacking, bugbounty-writeup, hackerone, bug-bounty, bugbounty-tips23-Dec-2024
Website Enumeration & Information Gathering [Part 1]https://medium.com/@BetterBy0x01/website-enumeration-information-gathering-part-1-8392422178da?source=rss------bug_bounty-5Ashutosh Singh Patelbug-hunting, enumeration, bug-bounty, information-gathering23-Dec-2024
Website Leak (gov): Sensitive Credentials and API Keys Exposedhttps://medium.com/@firdansp/website-leak-gov-sensitive-credentials-and-api-keys-exposed-44b2ebbebb7b?source=rss------bug_bounty-50verRidabug-bounty, bug-bounty-tips, cybersecurity, bugs, red-team23-Dec-2024
PROTOTYPE POLLUTION VULNERABILITYhttps://medium.com/@0xpedrop/prototype-pollution-vulnerability-f62e1c59a3fd?source=rss------bug_bounty-5Pedro Paulo D.bug-bounty-tips, cybersecurity, bug-bounty23-Dec-2024
Google Dorks to Find Bug Bounty Programshttps://medium.com/infosecmatrix/google-dorks-to-find-bug-bounty-programs-003a80375d13?source=rss------bug_bounty-5Abhijeet kumawathacking, google, dorks, infosec, bug-bounty23-Dec-2024
Shield Your Enterprise: Tackling Cyber Threats Head-Onhttps://medium.com/@paritoshblogs/shield-your-enterprise-tackling-cyber-threats-head-on-fd26be10c366?source=rss------bug_bounty-5Paritoshai, hacking, cybersecurity, information-technology, bug-bounty23-Dec-2024
Bash Scripting: Guide for Security & Bug Bounty Huntershttps://infosecwriteups.com/bash-scripting-guide-for-security-bug-bounty-hunters-cybersecurity-d07794c33412?source=rss------bug_bounty-5Mukilan Baskaransecurity-researchers, bug-bounty, cybersecurity, information-security, penetration-testing23-Dec-2024
POC — CVE-2024–50623- Cleo Unrestricted file upload and downloadhttps://medium.com/@verylazytech/poc-cve-2024-50623-cleo-unrestricted-file-upload-and-download-382afa5a15db?source=rss------bug_bounty-5Very Lazy Techunrestricted-file-upload, vulnerability, exploit, bug-bounty, cve-2024-5062323-Dec-2024
Bug Bounty Pemula Kusus Peretasan Aplikasi Webhttps://medium.com/@mansorihack/bug-bounty-pemula-kusus-peretasan-aplikasi-web-cb7e8ea75f75?source=rss------bug_bounty-5Mansorihackbug-bounty, cybersecurity, readteam23-Dec-2024
How I Found an XSS Bug That Made Websites Scream “Alert!”https://aiwolfie.medium.com/how-i-found-an-xss-bug-that-made-websites-scream-alert-1b6f9eebcf14?source=rss------bug_bounty-5AIwolfiepentesting, xss-attack, ethical-hacking, bug-bounty, hacking23-Dec-2024
Exploiting Password Reset Link After Email Changehttps://medium.com/@0xboody/exploiting-password-reset-link-after-email-change-17fe2babc01e?source=rss------bug_bounty-5Abdelrahman Sayedbug-bounty-writeup, bug-bounty, bug-bounty-tips, penetration-testing23-Dec-2024
Blazing-Fast Recon & Vulnerability Scanning with SubDomainRadar.iohttps://medium.com/@alexandrevandammepro/blazing-fast-recon-vulnerability-scanning-with-subdomainradar-io-701baef23ff2?source=rss------bug_bounty-5Alexandre Vandammebug-bounty, cybersecurity, vulnerability, bug-bounty-tips, bounty-program23-Dec-2024
Stop Data Breaches in Their Tracks with LeakRadar.iohttps://medium.com/@alexandrevandammepro/stop-data-breaches-in-their-tracks-with-leakradar-io-cc3c4b887c14?source=rss------bug_bounty-5Alexandre Vandammebug-bounty, data, bug-bounty-writeup, bug-bounty-tips, cybersecurity23-Dec-2024
Dutch DPA Fines Netflix €4.75 Million for GDPR Violationshttps://medium.com/@wiretor/dutch-dpa-fines-netflix-4-75-million-for-gdpr-violations-d2ad59170118?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, malware, ai, business23-Dec-2024
North Korean Hackers Steal $1.3 Billion in Crypto in 2024https://medium.com/@wiretor/north-korean-hackers-steal-1-3-billion-in-crypto-in-2024-d53c409930df?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, malware23-Dec-2024
Italy Fines OpenAI €15 Million for ChatGPT GDPR Violationshttps://medium.com/@wiretor/italy-fines-openai-15-million-for-chatgpt-gdpr-violations-42a93c87a4fe?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, ai, business, hacking23-Dec-2024
[$$$ Bug Bounty Write Up] SSRF in OAuth Implementation of a Client Applicationhttps://medium.com/@ahmedfadel6162/bug-bounty-write-up-ssrf-in-oauth-implementation-of-a-client-application-57ba02539e20?source=rss------bug_bounty-5Ahmed Fadelbug-bounty, penetration-testing, cybersecurity, hacking23-Dec-2024
This Is How I Bypassed The Most Critical Security Check!https://medium.com/@mdnafeed3/this-is-how-i-bypassed-the-most-critical-security-check-00e9ba525ebc?source=rss------bug_bounty-5H4cker-Nafeedbug-bounty, bug-bounty-tips, cybersecurity, hacking, technology23-Dec-2024
EWPTX Examination Structure and Contenthttps://medium.com/@vishalsuwalkab/ewptx-examination-structure-and-content-577d81379c39?source=rss------bug_bounty-5Vishalsuwalkabcybersecurity, ewptx, ejpt, ine, bug-bounty23-Dec-2024
How Technology Can Enhance Information Security in Organizationshttps://medium.com/@bi___ya/how-technology-can-enhance-information-security-in-organizations-9b0ce5029472?source=rss------bug_bounty-5biyainformation-security, bug-bounty, company, hacking, business23-Dec-2024
Bug Bounty Isn’t Always Fair: A Researcher’s Perspectivehttps://medium.com/@ph4nt0mbyt3/bug-bounty-isnt-always-fair-a-researcher-s-perspective-be0a62b9f0eb?source=rss------bug_bounty-5ph4nt0mbyt3bug-bounty23-Dec-2024
How to Make Money with WebSocket: 10 Vulnerabilities You Should Be Aware Ofhttps://im4x.medium.com/what-is-wss-fa2476eeddc1?source=rss------bug_bounty-5Ahmed Najehbug-bounty, hacker, hackerone, websocket, wss23-Dec-2024
EWPTX Examination Structure and Content Part(2)https://medium.com/@vishalsuwalkab/ewptx-examination-structure-and-content-577d81379c39?source=rss------bug_bounty-5Vishalsuwalkabcybersecurity, ewptx, ejpt, ine, bug-bounty23-Dec-2024
Very Basic Beginner Bug Bounty Methodology: Practical Tips and Techniques for Web Appshttps://thexssrat.medium.com/very-basic-beginner-bug-bounty-methodology-practical-tips-and-techniques-for-web-apps-3cf9104e7f50?source=rss------bug_bounty-5Thexssrathacks, hacking, bug-bounty-tips, bug-bounty23-Dec-2024
100 CLI Flags and Tricks Every Bug Bounty Hunter Should Knowhttps://thexssrat.medium.com/100-cli-flags-and-tricks-every-bug-bounty-hunter-should-know-959813992077?source=rss------bug_bounty-5Thexssrathacks, hacking, cli, bug-bounty-tips, bug-bounty23-Dec-2024
Reflected XSS bypass WAF & Page notfoundhttps://kresec.medium.com/reflected-xss-bypass-waf-page-notfound-e149db1ee6c4?source=rss------bug_bounty-5KreSecxss-attack, security, bug-bounty22-Dec-2024
Automate MAC Address Change on Arch Linux at Boothttps://theexploitlab.medium.com/automate-mac-address-change-on-arch-linux-at-boot-893f6ccdb1b4?source=rss------bug_bounty-5The Exploit Labbug-bounty, bugs, macchanger, cybersecurity22-Dec-2024
Different terms, same services across providers (AWS, Azure, GCP)https://medium.com/@RaunakGupta1922/different-terms-same-services-across-providers-aws-azure-gcp-2337af0640db?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitgcp, azure, bug-bounty, aws, devops22-Dec-2024
API pentesting: Broken Authenticationhttps://infosecwriteups.com/api-pentesting-broken-authentication-987658c691c0?source=rss------bug_bounty-5hackerdevilpenetration-testing, owasp, bug-bounty, api-security, api22-Dec-2024
Top 7 Cybersecurity Certificates in 2025https://osintteam.blog/top-7-cybersecurity-certificates-in-2025-26228b661f1d?source=rss------bug_bounty-5Tahir Ayoubtechnology, ai, ethical-hacking, bug-bounty, cybersecurity22-Dec-2024
Day 24 of 30 Days — 30 Vulnerabilities | Web Cache Poisoninghttps://it4chis3c.medium.com/day-24-of-30-days-30-vulnerabilities-web-cache-poisoning-790697f073da?source=rss------bug_bounty-5It4chis3c30dayswritingchallenge, bug-bounty-tips, bug-bounty, web-cache-poisoning22-Dec-2024
Unveiling default Security Flaws with the defaulty Nmap Scripthttps://medium.com/@defaulty.io/unveiling-default-security-flaws-with-the-defaulty-nmap-script-800d97654a15?source=rss------bug_bounty-5Defaulty.iohacking, bug-bounty, compliance, pentesting, cybersecurity22-Dec-2024
Bug Bounty Hunting With Burp Suite (Intercept, Repeater & Intruder)https://medium.com/@BetterBy0x01/bug-bounty-hunting-with-burp-suite-intercept-repeater-intruder-cdcb3e3966bf?source=rss------bug_bounty-5Ashutosh Singh Patelbug-hunting, burpsuite, bug-bounty, proxy22-Dec-2024
10 Minutes to Finding Your First Open Redirect Bughttps://medium.com/@k4r7h1kn/10-minutes-to-finding-your-first-open-redirect-bug-68f764d6b5d3?source=rss------bug_bounty-5Karthikeyancybersecurity, bug-bounty-tips, bug-bounty, hacking, open-redirect22-Dec-2024
How to Enable HTTPS Using a Free SSL Certificate from Certbothttps://medium.com/@awsdevops183/how-to-enable-https-using-a-free-ssl-certificate-from-certbot-99b71f808b1e?source=rss------bug_bounty-5Madhukar Reddysecurity, bug-bounty, tls, amazon-web-services, devops22-Dec-2024
open redirect GET — Basedhttps://medium.com/@zpx15266/open-redirect-get-based-bc86e62c3af2?source=rss------bug_bounty-5ramzey elsayed mohamedcve, bug-bounty, bug-bounty-writeup, bugs, penetration-testing22-Dec-2024
SSRF Burpsuite Extensionhttps://hackerassociate.medium.com/ssrf-burpsuite-extension-b494d4e70b28?source=rss------bug_bounty-5Harshad Shahhacking, infosec, bug-bounty, cybersecurity, penetration-testing22-Dec-2024
Chasing P3 Bug: My Hunt for Vulnerabilities in the ‘Wishlists’ Functionality and Its Resultshttps://medium.com/@nebty/chasing-p3-bug-my-hunt-for-vulnerabilities-in-the-wishlists-functionality-and-its-results-86b6e79b9274?source=rss------bug_bounty-5Nebtycybersecurity, bug-bounty-tips, idor, ethical-hacking, bug-bounty22-Dec-2024
So, You want a strong bug bounty methodology?https://medium.com/@shaheen101sec/so-you-want-a-strong-bug-bounty-methodology-57fdef27cad6?source=rss------bug_bounty-5Shaheen101secbug-bounty-writeup, cybersecurity, bug-bounty, pentesting, bug-bounty-tips22-Dec-2024
Exposed‼️ How a Simple Bug Uncovered a Default Credential Data Leak on Indonesia Governmenthttps://medium.com/@firdansp/exposed-how-a-simple-bug-uncovered-a-default-credential-data-leak-on-indonesia-government-ba73f2175e81?source=rss------bug_bounty-50verRidadata-leak, bugs, cybersecurity, bug-bounty, bug-bounty-tips22-Dec-2024
How I Found My First Bug Using Shodanhttps://medium.com/@bughunt.bochi/how-i-found-my-first-bug-using-shodan-3d8826a7655b?source=rss------bug_bounty-5Bochixxbug-bounty, bug-bounty-writeup, pentesting, ethical-hacking22-Dec-2024
SSRF Burpsuite Extensionhttps://medium.com/offensive-black-hat-hacking-security/ssrf-burpsuite-extension-b494d4e70b28?source=rss------bug_bounty-5Harshad Shahhacking, infosec, bug-bounty, cybersecurity, penetration-testing22-Dec-2024
The Top 2 Strategies for Finding Your First XSS Vulnerability — Part 2https://medium.com/@halfcircassian/the-top-2-strategies-for-finding-your-first-xss-vulnerability-part-2-8bae7b49cc6d?source=rss------bug_bounty-5Sıla Özerencybersecurity, web-application-security, bug-bounty, xss-attack, dom-manipulation22-Dec-2024
Payment Bypass Guide for Bug Bounty | 69 case studieshttps://medium.com/@illoyscizceneghposter/payment-bypass-guide-for-bug-bounty-69-case-studies-15379b4f76fa?source=rss------bug_bounty-5Illoy Scizceneghposterbug-bounty, bug-bounty-tips, cybersecurity21-Dec-2024
The Bounty Hunters: Bug Bounty Programshttps://medium.com/@investigator515/the-bounty-hunters-bug-bounty-programs-8dcd24d5bafa?source=rss------bug_bounty-5Investigator515hacking, technology, information-security, bug-bounty, cybersecurity21-Dec-2024
How I Exploited an OTP Bypass Vulnerability on a Cryptocurrency Platformhttps://medium.com/@anonymous512/how-i-exploited-an-otp-bypass-vulnerability-on-a-cryptocurrency-platform-2a817b02b3ea?source=rss------bug_bounty-5Wafa Abbasaccount-hacking, bug-bounty, authentication-bypass, otp-bypass, vulnerability21-Dec-2024
Mastering 403 Forbidden Bypass Techniques ✨https://medium.com/@kumawatabhijeet2002/mastering-403-forbidden-bypass-techniques-4ab1482afe49?source=rss------bug_bounty-5Abhijeet kumawatbounty-program, infosec, 403-forbidden, hacking, bug-bounty21-Dec-2024
Kali Linux 2024.4: 14 New Tools to Supercharge Your Penetration Testing Arsenalhttps://bitpanic.medium.com/kali-linux-2024-4-14-new-tools-to-supercharge-your-penetration-testing-arsenal-543ff8370091?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, technology, cybersecurity, programming, bug-bounty21-Dec-2024
Understanding Tycoon 2FA Phishing: A New Era of Security Threatshttps://medium.com/@paritoshblogs/understanding-tycoon-2fa-phishing-a-new-era-of-security-threats-19fb14dc83a5?source=rss------bug_bounty-5Paritoshcybersecurity, information-technology, hacking, tycoon-phshing, bug-bounty21-Dec-2024
Malicious Rspack & Vant Packages Exploited Using Stolen NPM Tokenshttps://medium.com/@wiretor/malicious-rspack-vant-packages-exploited-using-stolen-npm-tokens-0b69df1512fd?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ai, business, hacking, bug-bounty21-Dec-2024
FlowerStorm: The New Microsoft Phishing Threat Filling the Void Left by Rockstar2FAhttps://medium.com/@wiretor/flowerstorm-the-new-microsoft-phishing-threat-filling-the-void-left-by-rockstar2fa-578144a14487?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, bug-bounty, microsoft, hacking, malware21-Dec-2024
LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damageshttps://medium.com/@wiretor/lockbit-developer-rostislav-panev-charged-for-billions-in-global-ransomware-damages-bee0bfc4c9b9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, malware, bug-bounty, business, ai21-Dec-2024
Kali Linux 2024.4: 14 New Tools to Supercharge Your Penetration Testing Arsenalhttps://medium.com/infosecmatrix/kali-linux-2024-4-14-new-tools-to-supercharge-your-penetration-testing-arsenal-543ff8370091?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, technology, cybersecurity, programming, bug-bounty21-Dec-2024
Mastering 403 Forbidden Bypass Techniques ✨https://medium.com/infosecmatrix/mastering-403-forbidden-bypass-techniques-4ab1482afe49?source=rss------bug_bounty-5Abhijeet kumawatbounty-program, infosec, 403-forbidden, hacking, bug-bounty21-Dec-2024
Blind XXE with OOB Interaction via XML Parameter Entitieshttps://osintteam.blog/blind-xxe-with-oob-interaction-via-xml-parameter-entities-97244bf2b85e?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafécybersecurity, bug-bounty-tips, information-security, bug-bounty, pentesting20-Dec-2024
CSRF On Delete Profile: High Severity(7.1) HackerOnehttps://medium.com/@josuofficial327/csrf-on-delete-profile-high-severity-7-1-hackerone-33bdb598ef67?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty-writeup, bug-bounty, ethical-hacking, bug-bounty-program, cybersecurity20-Dec-2024
Part-2 | Deep Recon Methodology for Bug Bounty Huntershttps://medium.com/@kumawatabhijeet2002/part-2-deep-recon-methodology-for-bug-bounty-hunters-644077ee41d4?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-writeup, infosec, bugs, bug-bounty, hacking20-Dec-2024
The Most Easiest OTP Bypass Vulnerability I’ve Found: A Critical Flaw in Session Managementhttps://medium.com/@ajay.kumar.695632/the-most-easiest-otp-bypass-vulnerability-ive-found-a-critical-flaw-in-session-management-09b1555dbf9e?source=rss------bug_bounty-5Ajay Kumarbug-hunting, bug-bounty, bug-bounty-tips, bugs, bug-bounty-writeup20-Dec-2024
The Secret World of Hackers: A Beginner’s Guide to Understanding Cyber Attackshttps://medium.com/@paritoshblogs/the-secret-world-of-hackers-a-beginners-guide-to-understanding-cyber-attacks-81377a0b477e?source=rss------bug_bounty-5Paritoshai, information-technology, cybersecurity, bug-bounty, hacking20-Dec-2024
Utilizing machine learning to collect more subdomains using subwizhttps://medium.com/@demonia/utilizing-machine-learning-to-collect-more-subdomains-using-subwiz-2d65cec1ee80?source=rss------bug_bounty-5Mohammed Diefbug-bounty, recon, cybersecurity, reconnaissance, bug-bounty-tips20-Dec-2024
Information Disclosure On Password cancel Endpointhttps://medium.com/@regan_temudo/information-disclosure-on-password-cancel-endpoint-4b6f43cc5fd7?source=rss------bug_bounty-5Regan Temudocybersecurity, information-disclosure, bug-bounty, ethical-hacking, csrf20-Dec-2024
OSI Model Explanationhttps://medium.com/@hossennaim547/osi-model-explanation-09259ce7a5af?source=rss------bug_bounty-5naimHOSSENbug-bounty, hacking, osi-model, cybersecurity20-Dec-2024
Simple ATO in private program.https://medium.com/@oXnoOneXo/simple-ato-in-private-program-890cd1485675?source=rss------bug_bounty-5oXnoOneXobug-bounty-tips, bug-bounty-writeup, bug-bounty20-Dec-2024
From Comments to Command Execution: How an E-Book Platform Gave Me RCEhttps://imooaaz.medium.com/from-comments-to-command-execution-how-an-e-book-platform-gave-me-rce-f27a079ca584?source=rss------bug_bounty-5Moaaz Afifibug-bounty, penetration-testing, cybersecurity, rce-vulnerability, xss-attack20-Dec-2024
Unlocking Web Security: A Deep Dive into the OWASP Top 10https://medium.com/@rootast/unlocking-web-security-a-deep-dive-into-the-owasp-top-10-d669199277bd?source=rss------bug_bounty-5Arash shahbazicybersecurity, students, owasp-top-10, bug-bounty, university20-Dec-2024
Discover All Paths in Next.js Websiteshttps://rhashibur75.medium.com/discover-all-paths-in-next-js-websites-43e319b24be9?source=rss------bug_bounty-5Kazi Hashibur Rahmanbug-bounty, bug-bounty-tips, bug-bounty-writeup, nextjs, penetration-testing20-Dec-2024
Ascension Data Breach: 5.6M Health Records Stolen by Black Basta Ransomwarehttps://medium.com/@wiretor/ascension-data-breach-5-6m-health-records-stolen-by-black-basta-ransomware-a8d2f7ba6856?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, business, malware, ai20-Dec-2024
Android Malware on Amazon Appstore Disguised as Health Apphttps://medium.com/@wiretor/android-malware-on-amazon-appstore-disguised-as-health-app-3cda80dfc856?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, ai, hacking, malware20-Dec-2024
SQL Injection via ORDER BY Parameterhttps://medium.com/@mfthylmaz/sql-injection-via-order-by-parameter-a7cb7d04017f?source=rss------bug_bounty-5mfthylmazsql-injection, bug-bounty, web-security, hacking20-Dec-2024
Essential Stuff For Your First Hacking Trip. Hacking Gadgets #2 “Assortment For The Little Hacker”https://medium.com/h7w/essential-stuff-for-your-first-hacking-trip-hacking-gadgets-2-assortment-for-the-little-hacker-e886dba68a11?source=rss------bug_bounty-5NnFacehacking, trip, technology, bug-bounty, cybersecurity19-Dec-2024
No Rate Limit Vulnerability on a US Government Websitehttps://medium.com/@kumawatabhijeet2002/no-rate-limit-vulnerability-on-a-us-government-website-ae47402b663d?source=rss------bug_bounty-5Abhijeet kumawatinfosec, bug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty19-Dec-2024
How I Got $1000 AWS Credits and Maximized Its Potentialhttps://medium.com/@awsdevops183/how-i-got-1000-aws-credits-and-maximized-its-potential-e08650930171?source=rss------bug_bounty-5Madhukar Reddyaws, devops, python, cybersecurity, bug-bounty19-Dec-2024
The Day I Found a Cross-Site Scripting (XSS) Vulnerability in a Bug Bounty Programhttps://medium.com/@awsdevops183/the-day-i-found-a-cross-site-scripting-xss-vulnerability-in-a-bug-bounty-program-4edec6f09bed?source=rss------bug_bounty-5Madhukar Reddycybersecurity, bug-bounty, devsecops, cross-site-scripting19-Dec-2024
First Google Chrome v8 JIT bug bounty before Christmas .https://vxrl.medium.com/first-google-chrome-v8-jit-bug-bounty-before-christmas-1338fb2c8255?source=rss------bug_bounty-5VXRLgoogle, v8, chromium, psvr, bug-bounty19-Dec-2024
Exploiting a Rate Limiting Bug in the Chat Section of a Health Application (got me $200)https://medium.com/@awsdevops183/exploiting-a-rate-limiting-bug-in-the-chat-section-of-a-health-application-got-me-200-a06ca465707f?source=rss------bug_bounty-5Madhukar Reddydevsecops, cybersecurity, information-technology, bug-bounty, burpsuite19-Dec-2024
POC — CVE-2024–9935 — PDF Generator Addon for Elementor Page Builder <= 1.7.5https://medium.com/@verylazytech/poc-cve-2024-9935-pdf-generator-addon-for-elementor-page-builder-1-7-5-2c3436b95fb1?source=rss------bug_bounty-5Very Lazy Techbug-bounty, arbitrary-file-download, cybersecurity, lfi, cve-2024-993519-Dec-2024
The Day I Found a Cross-Site Scripting (XSS) Vulnerability in a Bug Bounty Program ( $411)https://medium.com/@awsdevops183/the-day-i-found-a-cross-site-scripting-xss-vulnerability-in-a-bug-bounty-program-4edec6f09bed?source=rss------bug_bounty-5Madhukar Reddycybersecurity, bug-bounty, devsecops, cross-site-scripting19-Dec-2024
How I Bypassed View-Only Mode with a Simple Trick ( duplicate bug ‍ )https://medium.com/@mahdisalhi0500/how-i-bypassed-view-only-mode-with-a-simple-trick-duplicate-bug-92e1ec91a8d7?source=rss------bug_bounty-5CaptinSHArky(Mahdi)security, information-security, bug-bounty, penetration-testing, infosec19-Dec-2024
How i Found X-Forwarded Header Injection — Server Be Like, ‘Ab Toh Trust Issues Ho Rahe Hain!’https://aiwolfie.medium.com/how-i-found-x-forwarded-header-injection-server-be-like-ab-toh-trust-issues-ho-rahe-hain-220e100332a3?source=rss------bug_bounty-5AIwolfiecybersecurity, bug-bounty, servers, ethical-hacking, host-header-injection19-Dec-2024
Subdomain Takeover guides, methodology and exploit POCshttps://aditya-narayan.medium.com/subdomain-takeover-guides-methodology-and-exploit-pocs-9f5dd632c175?source=rss------bug_bounty-5Aditya Narayanbug-bounty-writeup, subdomain-takeover, bug-bounty-tips, reconnaissance, bug-bounty19-Dec-2024
Installing Xposed Framework for Enhanced Penetration Testing (SSLunpinning)https://medium.com/@sumith.ec12/installing-xposed-framework-for-enhanced-penetration-testing-sslunpinning-d50fbb2354c6?source=rss------bug_bounty-5sumith p vbug-bounty, vapt, pentesting, security-testing, ssl-pinning-bypass19-Dec-2024
HTML Injection to Mass Phishinghttps://infosecwriteups.com/html-injection-to-mass-phishing-5701d495cdc2?source=rss------bug_bounty-5Bharat Singhphishing, bug-bounty, cybersecurity, penetration-testing, bug-bounty-writeup19-Dec-2024
Zero-Click Account Takeover Through Response Manipulationhttps://medium.com/@abdullayman04/zero-click-account-takeover-through-response-manipulation-ee786a7a06dd?source=rss------bug_bounty-5Abdullah Aymancybersecurity, bug-bounty, account-takeover, penetration-testing19-Dec-2024
How I Found an Authentication Bypass Vulnerability in the Password Change Processhttps://medium.com/@ajay.kumar.695632/how-i-found-an-authentication-bypass-vulnerability-in-the-password-change-process-160359fae1bc?source=rss------bug_bounty-5Ajay Kumarbugs, bug-bounty-writeup, bug-bounty-tips, bug-bounty, bug-hunting19-Dec-2024
HACKING NASA TO GET APPRECIATION LETTERhttps://medium.com/@click2jit/hacking-nasa-to-get-appreciation-letter-a6ff93a3bcbc?source=rss------bug_bounty-5Prasenjit Malakarcybersecurity, bug-bounty, ethical-hacking, programming, xss-attack19-Dec-2024
Interpol Replaces “Pig Butchering” with “Romance Baiting” to Protect Victimshttps://medium.com/@wiretor/interpol-replaces-pig-butchering-with-romance-baiting-to-protect-victims-4c702d62adaa?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, ai, bug-bounty, malware, hacker19-Dec-2024
Beginners Guide for Exploiting Race Conditionshttps://bitpanic.medium.com/beginners-guide-for-exploiting-race-conditions-ab73c843b44a?source=rss------bug_bounty-5Spectat0rguybug-bounty, programming, cybersecurity, bug-bounty-tips, technology19-Dec-2024
“Do Your Best, and Let Allah Do the Rest” led me to a Privilege Escalation Bughttps://medium.com/@mrasg/do-your-best-and-let-allah-do-the-rest-leads-me-to-privilege-escalation-bug-60a3c028c802?source=rss------bug_bounty-5Ahmed Samir Ghallabpentesting, penetration-testing, bug-bounty, bug-bounty-tips, bug-bounty-writeup19-Dec-2024
Successfully Gained Full Admin Access and Changed the Password Through Token Manipulation ⚔️https://medium.com/@momenrezkk90/successfully-gained-full-admin-access-and-changed-the-password-through-token-manipulation-%EF%B8%8F-fe91fc0d9a0f?source=rss------bug_bounty-5Momenrezkpenetration-testing, bug-bounty, cybersecurity18-Dec-2024
Easiest P1 $$$$$!https://medium.com/@mrsingh10978/easiest-p1-702990960a50?source=rss------bug_bounty-5Anonymous Traigerbug-bounty-program, bug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips18-Dec-2024
Mobile Application Bounty Practice: SQL Injection Principles, Vulnerability Discovery and…https://medium.com/@security.tecno/mobile-application-bounty-practice-sql-injection-principles-vulnerability-discovery-and-3921ad2e6998?source=rss------bug_bounty-5TECNO Securityhacking, security, sql, bug-bounty18-Dec-2024
FROM STRUGGLES TO SUCCESS: MY JOURNEY TO THE NASA HALL OF FAMEhttps://rootxabit.medium.com/from-struggles-to-success-my-journey-to-the-nasa-hall-of-fame-38700dd6303a?source=rss------bug_bounty-5sudo-xabitinfo-sec-writeups, bugcrowd, bug-bounty, hacked, nasa18-Dec-2024
Admin Panel Access via Default Credentialshttps://infosecwriteups.com/admin-panel-access-via-default-credentials-215b92b030bb?source=rss------bug_bounty-5cryptoshantbug-bounty-tips, pentesting, bug-bounty, hall-of-fame, hacking18-Dec-2024
Rate Limit Bypass Using Response Manipulation.https://aman0.medium.com/rate-limit-bypass-using-response-manipulation-dcce19aff7ef?source=rss------bug_bounty-5Aman Hweb3, bug-bounty, infosec, bug-bounty-tips, penetration-testing18-Dec-2024
$150 Easy HTML Injection Vulnerabilityhttps://medium.com/@kumawatabhijeet2002/150-easy-html-injection-vulnerability-5c176b5d07fa?source=rss------bug_bounty-5Abhijeet kumawathacking, bounty-program, infosec, bug-bounty, bug-bounty-tips18-Dec-2024
What is Passive Reconnaissance? ️‍♂️https://theexploitlab.medium.com/what-is-passive-reconnaissance-%EF%B8%8F-%EF%B8%8F-4de8a9ce5003?source=rss------bug_bounty-5The Exploit Labhacking, bugs, bug-bounty, bug-bounty-tips18-Dec-2024
How to Use Enum4linux for SMB Enumeration in Kali Linuxhttps://theexploitlab.medium.com/how-to-use-enum4linux-for-smb-enumeration-in-kali-linux-d96e27f9391d?source=rss------bug_bounty-5The Exploit Labbug-bounty, smb, bug-bounty-tips, bugs18-Dec-2024
How to Use Corsy for CORS Misconfiguration Scanninghttps://theexploitlab.medium.com/how-to-use-corsy-for-cors-misconfiguration-scanning-7ba7b22ee9d5?source=rss------bug_bounty-5The Exploit Labcors, hacking, bug-bounty, bug-bounty-tips18-Dec-2024
Useful Wordlists for Bug Bounty Huntershttps://medium.com/@iamshafayat/useful-wordlists-for-bug-bounty-hunters-09f9b3cd2344?source=rss------bug_bounty-5Shafayat Ahmed Alifbug-bounty, cybersecurity, penetration-testing, bug-bounty-tips, bug-bounty-writeup18-Dec-2024
Step-by-Step Guide to Building Secure Web Applications with OWASP Top 10https://medium.com/@dhatchu9715/step-by-step-guide-to-building-secure-web-applications-with-owasp-top-10-7c603dda58f3?source=rss------bug_bounty-5Dhatchuowasp, bug-bounty, hacking, networking, cybersecurity18-Dec-2024
Bug Bounty Findings: 10 Major Vulnerabilities Exposed in Cloverleaf’s Application - BAC in GraphQL…https://medium.com/@maakthon/bug-bounty-findings-10-major-vulnerabilities-exposed-in-cloverleafs-application-bac-in-graphql-0ae1ee0eb4d5?source=rss------bug_bounty-5Mahmoud Abd Alkarimcybersecurity, bug-bounty, broken-access-control, bug-bounty-writeup, security-research18-Dec-2024
The Dark Side of Shodanhttps://yasinspace.medium.com/the-dark-side-of-shodan-2d9b422e28a8?source=rss------bug_bounty-5Yasinred-team, hacking, bug-bounty, shodan, bug-bounty-tips18-Dec-2024
This 200$ Gadget Can Hack Anythinghttps://osintteam.blog/this-200-gadget-can-hack-anything-c482888871e3?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, cybersecurity, technology, cybercrime, hacking18-Dec-2024
Best python scripts for cybersecurity analysthttps://medium.com/@paritoshblogs/best-python-scripts-for-cybersecurity-analyst-d5ebc91b4cdb?source=rss------bug_bounty-5Paritoshinformation-technology, cybersecurity, hacking, bug-bounty, python18-Dec-2024
Turning a Known Issue into €100 Bounty: My Bug Bounty Breakthrough✨https://medium.com/@anmolv77654/turning-a-known-issue-into-a-100-bounty-my-bug-bounty-breakthrough-3bd89c281ea9?source=rss------bug_bounty-5AnmolSecSavvyweb-security, cybersecurity, bug-bounty, ethical-hacking, bug-bounty-tips18-Dec-2024
$750 Domain Hijacking Vulnerabilityhttps://1-day.medium.com/750-domain-hijacking-vulnerability-f6e4b4445711?source=rss------bug_bounty-51daybug-bounty, information-security, penetration-testing, ethical-hacking, bug-bounty-tips18-Dec-2024
Meta Hit with $264M Fine! Irish DPC Takes a Stand on Facebook Data Breachhttps://medium.com/@wiretor/meta-hit-with-264m-fine-irish-dpc-takes-a-stand-on-facebook-data-breach-60cb69abe3df?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, ai, business, malware18-Dec-2024
Beware of New Ledger Phishing Attack: Protect Your Crypto Wallet!https://medium.com/@wiretor/beware-of-new-ledger-phishing-attack-protect-your-crypto-wallet-a048705d2b58?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, ai, hacking, business18-Dec-2024
CVE-2024–54385 | WordPress Pluginhttps://medium.com/@malvinval/cve-2024-54385-wordpress-plugin-7ff0f8e5ad1d?source=rss------bug_bounty-5Malvin Valeriancve, hacking, cybersecurity, bug-bounty, wordpress17-Dec-2024
200$ DLL Hijacking Attackhttps://cybersecuritywriteups.com/200-dll-hijacking-attack-fdb4fd46fea9?source=rss------bug_bounty-5AbhirupKonwarcybersecurity, penetration-testing, bug-bounty, bug-bounty-writeup, bug-bounty-tips17-Dec-2024
OSINT AND DORKING TOOLShttps://medium.com/@reazatih/osint-and-dorking-tools-67dc970d049d?source=rss------bug_bounty-5Re@Zaosint, hacking, dorks, bug-bounty17-Dec-2024
Utilizing MITRE ATT&CK Framework: Examples and Practical Applicationshttps://medium.com/@paritoshblogs/utilizing-mitre-att-ck-framework-examples-and-practical-applications-0c4ea468ad53?source=rss------bug_bounty-5Paritoshmitre-attck, hacking, threat-intelligence, bug-bounty, cybersecurity17-Dec-2024
Open Redirect to XSS: Chaining Vulnerabilities for Maximum Impacthttps://medium.com/@iPsalmy/open-redirect-to-xss-chaining-vulnerabilities-for-maximum-impact-36ae8dd9f198?source=rss------bug_bounty-5iPsalmyweb-application-security, bug-bounty, xss-attack17-Dec-2024
API Keys Attack: How to Find and Exploit Secrets in Web Applicationshttps://medium.com/@bootstrapsecurity/api-keys-attack-how-to-find-and-exploit-secrets-in-web-applications-1896d75d716b?source=rss------bug_bounty-5BootstrapSecurityethical-hacking, bug-bounty, api, hacking, hacking-team17-Dec-2024
Top 9 Books to Master Bug Hunting and Penetration Testinghttps://osintteam.blog/top-9-books-to-master-bug-hunting-and-penetration-testing-c40039b330bb?source=rss------bug_bounty-5Bicitro Biswashacking, cybersecurity, bug-bounty, books, penetration-testing17-Dec-2024
Exposing Facebook’s Hidden Goldmine: Creators’ Private Data at Riskhttps://gtm0x01.medium.com/exposing-facebooks-hidden-goldmine-creators-private-data-at-risk-01317f3f0031?source=rss------bug_bounty-5Gtm Mänôzgraphql, hacking, facebook, infosec, bug-bounty17-Dec-2024
SubScanX: A Powerful Recon Tool for Bug Bounty and Pentestinghttps://medium.com/@rootspaghetti/subscanx-a-powerful-recon-tool-for-bug-bounty-and-pentesting-ed229128a661?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, bug-bounty17-Dec-2024
Documenting Bug Bounty Journey and Current Approachhttps://aditya-narayan.medium.com/documenting-bug-bounty-journey-and-current-approach-334db57e857e?source=rss------bug_bounty-5Aditya Narayanbug-bounty-tips, writeup, hacker, bug-bounty, cybersecurity17-Dec-2024
How I got Appreciation Letters for finding bugs.https://infosecwriteups.com/how-i-got-appreciation-letters-for-finding-bugs-e935f42e2f71?source=rss------bug_bounty-5Rivek Raj Tamang ( RivuDon )hacking, cybersecurity, ethical-hacking, bug-bounty, bug-bounty-tips17-Dec-2024
How I Broke the Speed Limit: A Bug Bounty Tale of Bypassing Rate Limitinghttps://infosecwriteups.com/how-i-broke-the-speed-limit-a-bug-bounty-tale-of-bypassing-rate-limiting-29a1ec4e8681?source=rss------bug_bounty-5Akash Ghoshbug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, technology17-Dec-2024
6 AI Tools Used by Hackers 2025https://ai.plainenglish.io/6-ai-tools-used-by-hackers-2025-dfdda79cf51f?source=rss------bug_bounty-5Tahir Ayoubchatgpt, hacking, ai, cybersecurity, bug-bounty17-Dec-2024
403 Bypass changing http method onlyhttps://rahman0x01.medium.com/403-bypass-changing-http-method-only-f0a32b43a3c8?source=rss------bug_bounty-5rahman0x01hunting, ethical-hacking, bug-bounty17-Dec-2024
Cybersecurity Alert: Texas Tech University System Data Breach Impacts 1.4 Million Patients!https://medium.com/@wiretor/cybersecurity-alert-texas-tech-university-system-data-breach-impacts-1-4-million-patients-caceb8096be9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, ai, hacking, business17-Dec-2024
FBI ALERT: HiatusRAT Malware Attacks Targeting Web Cameras & DVRs!https://medium.com/@wiretor/fbi-alert-hiatusrat-malware-attacks-targeting-web-cameras-dvrs-37f2eeb2bd01?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, business, hacking, fbi, malware17-Dec-2024
Easy 100$ in public Hackerone program under 3 minuteshttps://medium.com/@loayahmed686/easy-100-in-public-hackerone-program-under-3-minutes-69b20e185d3b?source=rss------bug_bounty-5r00tbug-bounty17-Dec-2024
Uncovering Vulnerabilities Through Swagger UI Directory Enumerationhttps://hackersatty.medium.com/uncovering-vulnerabilities-through-swagger-ui-directory-enumeration-49e6b43558cd?source=rss------bug_bounty-5hackersattycybersecurity, javascript, vulnerability, bug-bounty, swagger17-Dec-2024
Top 5 Ways to Hack APIs and find good bugshttps://medium.com/@sreedeep200/top-5-ways-to-hack-apis-and-find-good-bugs-dfd4a7bbb623?source=rss------bug_bounty-5Sreedeep cvcybersecurity, hacking, api, security, bug-bounty17-Dec-2024
Exploiting Access Control Misconfiguration: Privilege Escalation via Improper PATCH Method…https://medium.com/@momenrezkk90/exploiting-access-control-misconfiguration-privilege-escalation-via-improper-patch-method-b653bb92ada6?source=rss------bug_bounty-5Momenrezkbug-bounty, privilege-escalation, cybersecurity, penetration-testing17-Dec-2024
HTB University CTF 2024 Web challenges writeup: Armaxis[very easy]https://medium.com/@0xNayelx/htb-university-ctf-2024-web-challenges-writeup-armaxis-very-easy-404ac9f101b8?source=rss------bug_bounty-50xNayelsecurity, web-security, htb, ctf, bug-bounty16-Dec-2024
HTB University CTF 2024 Web challenges writeup: Breaking Bank[easy]https://medium.com/@0xNayelx/htb-university-ctf-2024-web-challenges-writeup-breaking-bank-easy-1c3064092abc?source=rss------bug_bounty-50xNayelwriteup, htb, bug-bounty, ctf, security16-Dec-2024
Advanced Google Dorking | Part14https://systemweakness.com/advanced-google-dorking-part14-79b21e11ae25?source=rss------bug_bounty-5AbhirupKonwarpenetration-testing, cybersecurity, ethical-hacking, bug-bounty, bug-bounty-tips16-Dec-2024
How I Got 200 euro bounty?https://doordiefordream.medium.com/how-i-got-200-euro-bounty-03bcce712a51?source=rss------bug_bounty-5Bug hunter baluhacking, vulnerability, ethical-hacking, bug-bounty, cybersecurity16-Dec-2024
Master the Art of Cyber Defense: Top Open-Source Tools for Threat Intelligence!https://medium.com/@paritoshblogs/master-the-art-of-cyber-defense-top-open-source-tools-for-threat-intelligence-7c575e69b853?source=rss------bug_bounty-5Paritoshcybersecurity, hacking, bug-bounty, information-technology, threat-intelligence16-Dec-2024
How I Discovered SSTI Vulnerability in Just 5 Minutes | $300 Bountyhttps://medium.com/@kumawatabhijeet2002/how-i-discovered-ssti-vulnerability-in-just-5-minutes-f7ac31f3f6b0?source=rss------bug_bounty-5Abhijeet kumawatinfose, hacking, bug-bounty-tips, bug-bounty, penetration-testing16-Dec-2024
Unmasking a Privacy Oversight: A Deep Dive into Persistent User Datahttps://medium.com/@najeebkm010/unmasking-a-privacy-oversight-a-deep-dive-into-persistent-user-data-5ee433397021?source=rss------bug_bounty-5Najeebkmbug-bounty, information-disclosure, cyber, security16-Dec-2024
RCE in 2 Universitieshttps://osintteam.blog/rce-in-2-universities-d2f13a2a2afb?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, cybersecurity, cyberattack, penetration-testing, bug-bounty-tips16-Dec-2024
Ethical Dilemmas in Using AI for Security Testing and Bug Bountieshttps://pointlessai.medium.com/ethical-dilemmas-in-using-ai-for-security-testing-and-bug-bounties-ad6d75e6fab7?source=rss------bug_bounty-5PointlessAI Mediumchatgpt, bug-bounty, bugbounty-writeup, ai16-Dec-2024
My Bug Hunting Methodology: Reconhttps://gentilsecurity.medium.com/my-bug-hunting-methodology-recon-cbc6821708d8?source=rss------bug_bounty-5GenTiLreconnaissance, cybersecurity, hacking, bug-hunting, bug-bounty16-Dec-2024
How to Hack JSON Web Tokens (JWT): Weak Implementations for Critical Vulnerabilitieshttps://medium.com/@bootstrapsecurity/how-to-hack-json-web-tokens-jwt-weak-implementations-for-critical-vulnerabilities-75462988cb11?source=rss------bug_bounty-5BootstrapSecurityethical-hacking, cybersecurity, jwt-token, bug-bounty, bug-bounty-tips16-Dec-2024
A Beginner's guide for Starting Web3 Bug Bountyhttps://bitpanic.medium.com/how-to-start-web3-bug-bounty-30f7f968ae11?source=rss------bug_bounty-5Spectat0rguybug-bounty, cybersecurity, web3, bug-bounty-tips, technology16-Dec-2024
My Bug Hunting Methodology: Recon | by ahmedhamdy0xhttps://gentilsecurity.medium.com/my-bug-hunting-methodology-recon-cbc6821708d8?source=rss------bug_bounty-5GenTiLreconnaissance, cybersecurity, hacking, bug-hunting, bug-bounty16-Dec-2024
2FA Testing Tips for Bug Bounty Huntershttps://bevijaygupta.medium.com/2fa-testing-tips-for-bug-bounty-hunters-d6d77322e1b4?source=rss------bug_bounty-5Vijay Guptabug-bounty, bug-bounty-tips, 2fa-authentication, bugs, 2fa16-Dec-2024
How I Discovered a High-Severity Vulnerability on Discord (and got rewarded)https://mirzebaba.medium.com/how-i-discovered-a-high-severity-vulnerability-on-discord-and-got-rewarded-bb327902fbb9?source=rss------bug_bounty-5Mirzəbabavulnerabilit, discord, ethical-hacking, cybersecurity, bug-bounty16-Dec-2024
Clop Ransomware Gang Behind Major Cleo Data Breachhttps://medium.com/@wiretor/clop-ransomware-gang-behind-major-cleo-data-breach-421b729bafde?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, ai, hacking, business16-Dec-2024
ConnectOnCall Breach Exposes 900K+ Records! Don’t Be Next — Get Wire Tor Protection Todayhttps://medium.com/@wiretor/connectoncall-breach-exposes-900k-records-dont-be-next-get-wire-tor-protection-today-d4dd7de3570d?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, malware, ai, business16-Dec-2024
Winnti Hackers Strike Again: New ‘Glutton’ Backdoor Exposed!https://medium.com/@wiretor/winnti-hackers-strike-again-new-glutton-backdoor-exposed-5cd7bbb0faf0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, business, hacking, malware, ai16-Dec-2024
[Hacking Scope] Exposure for tons of secret documentshttps://medium.com/@nagashygaballah/hacking-scope-exposure-for-tons-of-secret-documents-5ba5c3906600?source=rss------bug_bounty-5111xNagashybug-bounty, penetration-testing, hacking16-Dec-2024
Traditional Penetration Testing vs. Bug Bounty Programshttps://medium.com/@hackrate/traditional-penetration-testing-vs-bug-bounty-programs-bb792a4d0d3f?source=rss------bug_bounty-5Levente Molnarethical-hacking, penetration-testing, bug-bounty, hacking, cybersecurity16-Dec-2024
From Minor Glitches to Major Wins: How I Chained CSRF and IDOR for a Critical Exploithttps://osintteam.blog/from-minor-glitches-to-major-wins-how-i-chained-csrf-and-idor-for-a-critical-exploit-0b110170cd9c?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, programming, cybersecurity, technology, bug-bounty16-Dec-2024
Searching web security lessons?https://medium.com/@l1ttlewing/searching-web-security-lessons-8a4dbefd0d04?source=rss------bug_bounty-5littlewinginfosec, cybersecurity, bug-bounty, information-security, web-security16-Dec-2024
Wordlists Every Pentester Must Have !!https://theartificialthinker.medium.com/wordlists-every-pentester-must-have-7ad4c1e46ce5?source=rss------bug_bounty-5Abhishek pawarethical-hacking, hacker, tech, pentest, bug-bounty16-Dec-2024
JWT Auth Gone Wild: The Unexpected Twist!https://medium.com/@ProwlSec/jwt-auth-gone-wild-the-unexpected-twist-a0b2ed943225?source=rss------bug_bounty-5ProwlSecjwt, bugs, bug-bounty, hacking, pentesting15-Dec-2024
What are Low Hanging Bugs? | Easy way to find them️‍♂️https://medium.com/@kumawatabhijeet2002/what-are-low-hanging-bugs-easy-way-to-find-them-%EF%B8%8F-%EF%B8%8F-399b37b354b7?source=rss------bug_bounty-5Abhijeet kumawathacking, bug-bounty-tips, infose, bugs, bug-bounty15-Dec-2024
MSSQL (Microsoft SQL Server) — Port 1433https://medium.com/@verylazytech/mssql-microsoft-sql-server-port-1433-bc26d0bbdca9?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, mssql, oscp, bug-bounty, cybersecurity15-Dec-2024
Automotive Penetration Testing Checklisthttps://infosecwriteups.com/automotive-penetration-testing-checklist-8bbe83091c47?source=rss------bug_bounty-5Ajay Naikpenetration-testing, cybersecurity, information-technology, information-security, bug-bounty15-Dec-2024
SQL Injection Vulnerability on a Security Awareness website: From Database Dump to cPanel Accesshttps://medium.com/@anonymousshetty2003/sql-injection-vulnerability-on-a-security-awareness-website-from-database-dump-to-cpanel-access-4bb3645eef07?source=rss------bug_bounty-5Anonymousshettybug-bounty, sql-injection, cybersecurity, ethical-hacking15-Dec-2024
How i found a Email Spoofing vulnerability to perform Phishing Attackshttps://medium.com/@anonymousshetty2003/how-i-found-a-email-spoofing-vulnerability-to-perform-phishing-attacks-00ec2cc934bb?source=rss------bug_bounty-5Anonymousshettyemail-spoofing, cybersecurity, bug-bounty, ethical-hacking15-Dec-2024
ShadowJS: JavaScript File Discovery Toolhttps://medium.com/@rootspaghetti/shadowjs-javascript-file-discovery-tool-1ede2f3172b6?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, bug-bounty15-Dec-2024
Ultimate Django Vulnerability Checklisthttps://bitpanic.medium.com/ultimate-django-vulnerability-checklist-ceb7f428c45f?source=rss------bug_bounty-5Spectat0rguytechnology, cybersecurity, python, bug-bounty, bug-bounty-tips15-Dec-2024
LKQ Hacked: Cyberattack Disrupts Canadian Unit Operations and Exposes Company Datahttps://medium.com/@wiretor/lkq-hacked-cyberattack-disrupts-canadian-unit-operations-and-exposes-company-data-7db6b9763011?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, xs, bug-bounty, lkq, hacking15-Dec-2024
Russia Blocks Viber: Latest Move to Censor Communicationshttps://medium.com/@wiretor/russia-blocks-viber-latest-move-to-censor-communications-9dce4d823d67?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesrussia, malware, viber, hacking, bug-bounty15-Dec-2024
JavaScript BugBounty Methodhttps://medium.com/@cc1a2bb/javascript-bugbounty-method-5b789bfa7f44?source=rss------bug_bounty-5cc1a2bhacking, cybersecurity, javascript, bug-bounty, bug-bounty-tips15-Dec-2024
Cybersecurity Roadmap 2025https://hackerassociate.medium.com/cybersecurity-roadmap-2025-f7ad9d4ac49c?source=rss------bug_bounty-5Harshad Shahcybersecurity, infosec, bug-bounty, penetration-testing, hacking14-Dec-2024
Simplifying Reconnaissance: Building a Custom Bug Hunting Discord Bothttps://medium.com/@najeebkm010/simplifying-reconnaissance-building-a-custom-bug-hunting-discord-bot-6792ab4249bf?source=rss------bug_bounty-5Najeebkmbug-bounty-tool, bug-bounty, cybersecurity14-Dec-2024
How I Discovered a $7,000 Critical Vulnerability: IDOR to BAC to Account Takeoverhttps://medium.com/@najeebkm010/how-i-discovered-a-7-000-critical-vulnerability-idor-to-bac-to-account-takeover-0c195eae2ed2?source=rss------bug_bounty-5Najeebkmbug-bounty-writeup, bug-bounty14-Dec-2024
10 day with Me | OWASP Top 10 | Day -1: Broken Access Controlhttps://infyra.medium.com/10-day-with-me-owasp-top-10-day-1-broken-access-control-e75572ce157e?source=rss------bug_bounty-5Md. EMTIAZ AHMEDbroken-access-control, owasp, owasp-top-10, bug-bounty, cybersecurity14-Dec-2024
Exploiting API Rate Limiting: Bypassing Restrictionshttps://medium.com/@bootstrapsecurity/exploiting-api-rate-limiting-bypassing-restrictions-c89a1bd61aee?source=rss------bug_bounty-5BootstrapSecurityapi-security, development, rate-limiting, hacking, bug-bounty14-Dec-2024
How I Found a Broken Link Hijacking Vulnerability in 2 Minutes | $250 Bountyhttps://medium.com/@kumawatabhijeet2002/how-i-found-a-broken-link-hijacking-vulnerability-in-2-minutes-250-bounty-0d991eb9c61b?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, bugs, infosec, broken-link-hijacking, hacking14-Dec-2024
My First Critical Bug: Exposing 3.5 Lakh+ PII! ️https://infosecwriteups.com/my-first-critical-bug-exposing-3-5-lakh-pii-%EF%B8%8F-fbad616ddbea?source=rss------bug_bounty-5cryptoshanthacking, bug-bounty-tips, penetration-testing, cybersecurity, bug-bounty14-Dec-2024
Git Information Leak: How to Exploit an Exposed .git Repository on a Web Serverhttps://medium.com/@burhankhansodhar/git-information-leak-how-to-exploit-an-exposed-git-repository-on-a-web-server-ac190ae18928?source=rss------bug_bounty-5Itz Burhan Khanpenetration-testing, web-server, directory-listing, bug-bounty, git14-Dec-2024
Are you looking for an Intigriti alternative?https://medium.com/@hackrate/are-you-looking-for-an-intigriti-alternative-4128a25888ed?source=rss------bug_bounty-5Levente Molnarcybersecurity, bug-bounty, hacking, ethical-hacking, penetration-testing14-Dec-2024
Dubai Police Identity Used in Sophisticated UAE Mobile Scamshttps://medium.com/@wiretor/dubai-police-identity-used-in-sophisticated-uae-mobile-scams-36b9d149db17?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, malware, hacking, ai, bug-bounty14-Dec-2024
Using Platform Profiles to send Fake in Information: A Security Risk Good logic bughttps://medium.com/@mahdisalhi0500/using-platform-profiles-to-send-fake-in-information-a-security-risk-good-logic-bug-0510d73802b8?source=rss------bug_bounty-5CaptinSHArky(Mahdi)penetration-testing, cybersecurity, bug-bounty-tips, bug-bounty, security14-Dec-2024
P4 bug’s and their POC steps | Part 9https://osintteam.blog/p4-bugs-and-their-poc-steps-part-9-c1f873227917?source=rss------bug_bounty-5socalledhackerinfosec, bug-bounty, bug-bounty-tips, cybersecurity, hacking14-Dec-2024
Reflected XSS on Gaming Blog Websitehttps://medium.com/@enigma_/reflected-xss-on-gaming-blog-website-edc448d613a3?source=rss------bug_bounty-5enigma_writeup, bug-bounty-writeup, hackin, penetration-testing, bug-bounty13-Dec-2024
Introducing ShodanSpider v2: Your Ultimate Free Tool for CVE Searching and Shodan Data Analysis…https://shubhamrooter.medium.com/introducing-shodanspider-v2-your-ultimate-free-tool-for-cve-searching-and-shodan-data-analysis-ba7c7b3097b0?source=rss------bug_bounty-5Shubham Tiwaricybersecurity, shodanspider, bug-bounty, redteam-tool, pentesting13-Dec-2024
#ERROR!https://medium.com/meetcyber/hidden-ace-up-hackers-sleeve-hacking-gadgets-1-phone-on-a-simmy-8b3d3cd540cf?source=rss------bug_bounty-5NnFacecybersecurity, hacking, termux, kali-linux, bug-bounty13-Dec-2024
Deep Recon Methodology for Bug Bounty Hunters | Part-1https://medium.com/@kumawatabhijeet2002/deep-recon-methodology-for-bug-bounty-hunters-part-1-54bdac09dcf4?source=rss------bug_bounty-5Abhijeet kumawatinfosec, bug-bounty, methodology, bug-bounty-tips13-Dec-2024
Critical Unauthorized Access to Admin Pages via Vulnerable Endpointshttps://hackersatty.medium.com/critical-unauthorized-access-to-admin-pages-via-vulnerable-endpoints-e8799b3f7f69?source=rss------bug_bounty-5hackersattyadmin-panel, javascript, bug-bounty, hackerone, hackersatty13-Dec-2024
Third Party Services Takeover using Oauth Misconfigurationhttps://infosecwriteups.com/third-party-services-takeover-using-oauth-misconfiguration-8888a0c1ad86?source=rss------bug_bounty-5Ronak Patelinformation-security, cybersecurity, ethical-hacking, bug-bounty13-Dec-2024
Idor Is Easy ! You may Don’t know ! The Longest PrivEsc I’ve ever faced on Public BBPhttps://medium.com/@Ahmex000/idor-is-easy-you-may-dont-know-the-longest-privesc-i-ve-ever-faced-on-public-bbp-1bf67cd699d8?source=rss------bug_bounty-5Ahmex000bug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-hunting, bugbounty-writeup13-Dec-2024
How I Found and Fixed XSS on a Website: A Bug Hunter’s Talehttps://medium.com/@mayankmalaviya3/how-i-found-and-fixed-xss-on-a-website-a-bug-hunters-tale-bc7351043928?source=rss------bug_bounty-5Mayank Malaviya (Aiwolfie)hacking, bug-bounty, security, xss-attack, vulnerability13-Dec-2024
429 Bypasser Extension Guidehttps://medium.com/@raxomara/429-bypasser-extension-guide-1d4f86b7d630?source=rss------bug_bounty-5Raxomaracybersecurity, 429-bypasser, rate-limit-bypass, bug-bounty, bug-bounty-tips13-Dec-2024
Make Penetration Testing Sexy Againhttps://medium.com/@hackrate/make-penetration-testing-sexy-again-with-hackgate-51c556944c0b?source=rss------bug_bounty-5Levente Molnarethical-hacking, bug-bounty, cybersecurity, penetration-testing, hacking13-Dec-2024
The Growing Threat of Identity Attacks in Cybersecurityhttps://medium.com/@paritoshblogs/the-growing-threat-of-identity-attacks-in-cybersecurity-5e847cf4ab6d?source=rss------bug_bounty-5Paritoshinformation-technology, hacking, cybersecurity, identity, bug-bounty13-Dec-2024
Bug Bounty Training Programhttps://bevijaygupta.medium.com/bug-bounty-training-program-78c927572385?source=rss------bug_bounty-5Vijay Guptabug-bounty-writeup, bug-bounty, bug-bounty-tips, bugs, bug-zero13-Dec-2024
A Beginner’s Guide to Testing for Server-Side Request Forgery (SSRF)https://medium.com/@mcooter/a-beginners-guide-to-testing-for-server-side-request-forgery-ssrf-9a4b5e16fdd2?source=rss------bug_bounty-5Michael Cooterbug-bounty, ssrf, oswa, web-application-security, hacking13-Dec-2024
Android vs iOS Security Introhttps://medium.com/@in3tinct/android-vs-ios-security-intro-4a9b5ecc65cf?source=rss------bug_bounty-5Vaibhavsecurity, android, bug-bounty, ios, mobile-app-development13-Dec-2024
Bug Bounty Findings: 10 Major Vulnerabilities Exposed in Cloverleaf’s Application — IDOR — Part 2https://medium.com/@maakthon/bug-bounty-findings-10-major-vulnerabilities-exposed-in-cloverleafs-application-idor-part-2-932746b6b445?source=rss------bug_bounty-5Mahmoud Abd Alkarimsecurity-research, web-application-security, cybersecurity, bug-bounty, bug-bounty-writeup13-Dec-2024
APIS are so easy to exploithttps://medium.com/@momen_besher/apis-are-so-easy-to-exploit-80bf65941e28?source=rss------bug_bounty-5steve55555api, vulnerability, bug-bounty-tips, cybersecurity, bug-bounty13-Dec-2024
【Award-winning Survey】About Security Vulnerability Submission Functionhttps://medium.com/@security.tecno/award-winning-survey-about-security-vulnerability-submission-function-c3113e2baec0?source=rss------bug_bounty-5TECNO Securityrewards, bugs, surveys, hacking, bug-bounty12-Dec-2024
[Bugbounty]SQLI — Data Exfiltration via DNShttps://medium.com/@kauenavarro/bugbounty-sqli-data-exfiltration-via-dns-3e68ece08205?source=rss------bug_bounty-5Kauê Navarrohacking, sqli, bug-hunter, bug-bounty, bugcrowd12-Dec-2024
How I Bypassed Email Confirmation: A Playful Journey into the World of Bug Huntinghttps://medium.com/@mrasg/how-i-bypassed-email-confirmation-a-playful-journey-into-the-world-of-bug-hunting-30f72d6c2fb6?source=rss------bug_bounty-5Ahmed Samir Ghallabpentesting, bug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty12-Dec-2024
Measuring the Success of Bug Bounty Programs: Outdated vs. Modern Approacheshttps://medium.com/@hackrate/measuring-the-success-of-bug-bounty-programs-outdated-vs-modern-approaches-9cf87655092b?source=rss------bug_bounty-5Levente Molnarethical-hacking, penetration-testing, cybersecurity, hacking, bug-bounty12-Dec-2024
How I hacked Universityhttps://medium.com/@Wantet/how-i-hacked-university-76097e703cb5?source=rss------bug_bounty-5Wantetpenetration-testing, university, bug-bounty, hacking12-Dec-2024
How to Find and Identify Race Condition Vulnerabilities as a Penetration Testerhttps://cyberw1ng.medium.com/how-to-find-and-identify-race-condition-vulnerabilities-as-a-penetration-tester-9d9ecce6ed56?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, careers, technology12-Dec-2024
Bug Bounty Findings: 10 Major Vulnerabilities Exposed in Cloverleaf’s Application - Open Redirect …https://medium.com/@maakthon/bug-bounty-findings-10-major-vulnerabilities-exposed-in-cloverleafs-web-application-part-1-95f659ff7d0a?source=rss------bug_bounty-5Mahmoud Abd Alkarimweb-application-security, cybersecurity, bug-bounty-writeup, bug-bounty, security-research12-Dec-2024
Account Takeover using SSO Loginshttps://rikeshbaniya.medium.com/account-takeover-using-sso-logins-fa35f28a358b?source=rss------bug_bounty-5Rikesh Baniyabugcrowd, bug-bounty-writeup, bug-bounty-tips, hackerone, bug-bounty12-Dec-2024
Hack The Box Academy — File Inclusion — Skills Assessmenthttps://medium.com/@d4nglz17/hack-the-box-academy-file-inclusion-skills-assessment-1ca0283a9a06?source=rss------bug_bounty-5Danglzhackthebox, penetration-testing, bug-bounty-writeup, bug-bounty, information-security12-Dec-2024
Identity & Access Alert: Microsoft MFA Bypassed via AuthQuake Attack!https://medium.com/@wiretor/identity-access-alert-microsoft-mfa-bypassed-via-authquake-attack-fc57043fe39a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, microsoft, bug-bounty, ai, business12-Dec-2024
Critical Alert: Hackers Exploit Hunk Companion WordPress Plugin!https://medium.com/@wiretor/critical-alert-hackers-exploit-hunk-companion-wordpress-plugin-50fcf5834f84?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, wordpress, hacking, bug-bounty, malware12-Dec-2024
€XXX bounty for 2FA disabled without password and OTP by response manipulationhttps://osintteam.blog/xxx-bounty-for-2fa-disabled-without-password-and-otp-by-response-manipulation-499ba5234a4f?source=rss------bug_bounty-5socalledhackerhacking, bug-bounty, infosec, cybersecurity, bug-bounty-tips12-Dec-2024
“Bypasseando controles en un POS” (Un poco de humo… del bueno)https://medium.com/@andresbe.be/bypasseando-controles-en-un-pos-un-poco-de-humo-del-bueno-b18b6ecbc775?source=rss------bug_bounty-5Andres Barrosobypass-restriction, point-of-sale-device, bug-bounty12-Dec-2024
How a Race Condition Became an Account Takeover Vulnerabilityhttps://medium.com/@mrasg/how-a-race-condition-became-an-account-takeover-vulnerability-756f14990f38?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty-writeup, bug-bounty-tips, security, pentesting, bug-bounty12-Dec-2024
“Bypasseando controles en un POS”https://medium.com/@andresbe.be/bypasseando-controles-en-un-pos-un-poco-de-humo-del-bueno-b18b6ecbc775?source=rss------bug_bounty-5Andres Barrosobypass-restriction, point-of-sale-device, bug-bounty12-Dec-2024
Exposed Git Directory P1 Bughttps://medium.com/@abhirupkonwar04/exposed-git-directory-p1-bug-5fd272a62f51?source=rss------bug_bounty-5AbhirupKonwarvulnerability-management, pentesting, bug-bounty-tips, bug-bounty, bug-bounty-writeup11-Dec-2024
We Faced a Brute Force Attack — Here’s What Saved Us!https://medium.com/@paritoshblogs/we-faced-a-brute-force-attack-heres-what-saved-us-1d33547eca61?source=rss------bug_bounty-5Paritoshinformation-technology, hacking, cybersecurity, bug-bounty, brute-force11-Dec-2024
Exposed Git Directory P1 Bughttps://systemweakness.com/exposed-git-directory-p1-bug-5fd272a62f51?source=rss------bug_bounty-5AbhirupKonwarvulnerability-management, pentesting, bug-bounty-tips, bug-bounty, bug-bounty-writeup11-Dec-2024
Email Flooding Without Knowing Victim Email Via CSRFhttps://0xshuvo.medium.com/email-flooding-without-knowing-victim-email-via-csrf-8de8bf5de3a3?source=rss------bug_bounty-5Shuvo Kumar Sahaemail-flooding, csrf, bug-bounty, bugbounty-writeup, bug-bounty-tips11-Dec-2024
How I Earned My First $100 in a Bug Bounty Program (And How You Can Too!)https://medium.com/@divyesh.jagad/how-i-earned-my-first-100-in-a-bug-bounty-program-and-how-you-can-too-57b58b37226a?source=rss------bug_bounty-5Divyesh Jagadpassive-income, data-security, bug-bounty, ethical-hacking, cybersecurity11-Dec-2024
Easy SQLI in just 30 minuteshttps://medium.com/@mohammed01550038865/easy-sqli-in-just-30-minutes-0296038bb473?source=rss------bug_bounty-5Muhammed Mubarakbug-bounty, hackerone, sql-injection, bugcrowd, writing-tips11-Dec-2024
IDOR leads to leak private user’s datahttps://medium.com/@banertheinrich/idor-leads-to-leak-private-users-data-3a2b59f58826?source=rss------bug_bounty-5Adham Heinrichidor, bug-bounty, idor-vulnerability, cybersecurity, penetration-testing11-Dec-2024
Hackrate PTaaS Powered by HackGATE: Redefining Penetration Testinghttps://medium.com/@hackrate/hackrate-ptaas-powered-by-hackgate-redefining-penetration-testing-cb91c07ecc8f?source=rss------bug_bounty-5Levente Molnarpenetration-testing, bug-bounty, ethical-hacking, cybersecurity, hacking11-Dec-2024
Data Breach: 446K Patients & Employees Affected at Center for Vein Restorationhttps://medium.com/@wiretor/data-breach-446k-patients-employees-affected-at-center-for-vein-restoration-a75cf6fc1a5e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, bug-bounty, hacking, malware, business11-Dec-2024
Urgent Warning: Ivanti CSA Flaw Exposes Admin Controls to Hackers!https://medium.com/@wiretor/urgent-warning-ivanti-csa-flaw-exposes-admin-controls-to-hackers-d6937ede4389?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, ivanti, ransomware, business11-Dec-2024
Critical WPForms Flaw Exposes 6M Sites to Unauthorized Stripe Refundshttps://medium.com/@wiretor/critical-wpforms-flaw-exposes-6m-sites-to-unauthorized-stripe-refunds-da9f48a7bfd0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, wpforms, business, malware11-Dec-2024
How I Secured The Indian Army?https://cybersecuritywriteups.com/how-i-secured-the-indian-army-9a80ba399202?source=rss------bug_bounty-5Guru Prasad Pattanaikbug-bounty-tips, cybersecurity, ethical-hacking, bug-bounty-writeup, bug-bounty11-Dec-2024
Mastering JavaScript, Can It Make You an XSS Bug Hunter?https://rendiero.medium.com/mastering-javascript-can-it-make-you-an-xss-bug-hunter-a0f0aaba0c6f?source=rss------bug_bounty-5Rendierohacking, penetration-testing, bug-bounty, xss-attack, javascript10-Dec-2024
Email and home address disclosure using unauthenticated API endpoint worth $500https://vijetareigns.medium.com/email-and-home-address-disclosure-using-unauthenticated-api-endpoint-worth-500-4a497ff0678c?source=rss------bug_bounty-5the_unlucky_guycybersecurity, bug-bounty, application-security, bug-bounty-writeup, bug-bounty-tips10-Dec-2024
Investigating a Linux Machine Security Breach Without Tools!https://medium.com/@paritoshblogs/investigating-a-linux-machine-security-breach-without-tools-464e14bdeab0?source=rss------bug_bounty-5Paritoshhacking, information-technology, linux, bug-bounty, cybersecurity10-Dec-2024
$500 Bypassing Cloudflare WAF to Achieve XSShttps://medium.com/@kumawatabhijeet2002/500-bypassing-cloudflare-waf-to-achieve-xss-f3b9c4acb702?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, xss-vulnerability, bug-bounty-writeup, bug-bounty-tips, bugs10-Dec-2024
HackerOne 香港汇丰接收赏金https://medium.com/@dem0ns/hackerone-%E9%A6%99%E6%B8%AF%E6%B1%87%E4%B8%B0%E6%8E%A5%E6%94%B6%E8%B5%8F%E9%87%91-353356389bc9?source=rss------bug_bounty-5猫猫虫hsbc, h1, bug-bounty, hackerone, 挖洞10-Dec-2024
One way hackers stole API keys, Passwords, Tokens and Secrets.https://osintteam.blog/one-way-hackers-stole-api-keys-passwords-tokens-and-secrets-4e731435bbd4?source=rss------bug_bounty-5Pwndec0c0programming, bug-bounty, cybersecurity, hacking, web-development10-Dec-2024
Zoho QEngine: Arbitrary File Readhttps://infosecwriteups.com/zoho-qengine-arbitrary-file-read-08df3d1e167e?source=rss------bug_bounty-5Jayateertha Guruprasadhacking, cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup10-Dec-2024
NASA P2 Google Dorkinghttps://medium.com/@srinathkk99/nasa-p3-google-dorking-f7bd4b56d395?source=rss------bug_bounty-5Srinath K Kcybersecurity, bug-bounty, nasa, vulnerability, appreciation10-Dec-2024
The Ultimate Guide to Starting a Bug Bounty Program: A Company’s Perspectivehttps://medium.com/@hackrate/the-ultimate-guide-to-starting-a-bug-bounty-program-a-companys-perspective-4feebb585ac4?source=rss------bug_bounty-5Levente Molnarethical-hacking, hacking, penetration-testing, cybersecurity, bug-bounty10-Dec-2024
I Found 7 Log4j (RCE) in a Single Program!https://medium.com/@rootplinix/i-found-7-log4j-rce-in-a-single-program-5afb7d02dd06?source=rss------bug_bounty-5Abu Hurayrabug-bounty-tips, cybersecurity, bug-bounty-writeup, log4shell, bug-bounty10-Dec-2024
Must-Have Hacking Extensions For Bugbounty Huntershttps://medium.com/@The_scratch/must-have-hacking-extensions-for-bugbounty-hunters-5de4c56c6963?source=rss------bug_bounty-5Scratchreconnaissance, bug-bounty, cybersecurity, hacking, bug-bounty-tips10-Dec-2024
Naabu: A Fast and Efficient Port Scanning Toolhttps://medium.com/@rootspaghetti/naabu-a-fast-and-efficient-port-scanning-tool-a5f8a4cf0641?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, hacking, bug-bounty10-Dec-2024
OAuth Account Hijacking via redirect_urihttps://osintteam.blog/oauth-account-hijacking-via-redirect-uri-ae8ca7a66930?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafébug-bounty, pentesting, bug-bounty-tips, information-security, cybersecurity10-Dec-2024
How i bypassed 403 forbidden (private method)https://medium.com/@reazatih/how-i-bypassed-403-forbidden-private-method-fc066c11f90f?source=rss------bug_bounty-5Re@Zacybersecurity, bug-bounty, penetration-testing, 403-forbidden, hacking10-Dec-2024
$50M Crypto Heist Linked to North Korean Hackers in Radiant Capital Attackhttps://medium.com/@wiretor/50m-crypto-heist-linked-to-north-korean-hackers-in-radiant-capital-attack-71be5b6515d7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, ai, crypto, bug-bounty, malware10-Dec-2024
Chinese Cyber Attack Targets European IT Firms Using Visual Studio Code for Supply-Chain…https://medium.com/@wiretor/chinese-cyber-attack-targets-european-it-firms-using-visual-studio-code-for-supply-chain-761a472b00b2?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, ai, bug-bounty, malware, hacking10-Dec-2024
Romanian Energy Supplier Electrica Hit by Ransomware Attack ⚡https://medium.com/@wiretor/romanian-energy-supplier-electrica-hit-by-ransomware-attack-8e1b3d8e453d?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, hacking, malware, romania, bug-bounty10-Dec-2024
OpenWrt Sys upgrade Flaw: Hackers Can Push Malicious Firmware Imageshttps://medium.com/@wiretor/openwrt-sys-upgrade-flaw-hackers-can-push-malicious-firmware-images-088a0d23a1b0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, openwrt, business, bug-bounty, hacking10-Dec-2024
Mastering Bug Bounty Recon: Essential Techniques for Ethical Hackershttps://medium.com/@verylazytech/mastering-bug-bounty-recon-essential-techniques-for-ethical-hackers-549c5b472975?source=rss------bug_bounty-5Very Lazy Techsubdomain-enumeration, bug-bounty, github-recon, ethical-hacking, bug-bounty-techniques10-Dec-2024
How I Bypassed OTP Like a Devil, Leading to Full Account Takeoverhttps://infosecwriteups.com/how-i-bypassed-otp-like-a-devil-leading-to-full-account-takeover-7bb7a673f7a0?source=rss------bug_bounty-5Ranjanaccount-takeover, bug-bounty, ethical-hacking, otp-bypass, hacking10-Dec-2024
How I Earned Over 100 Points on HackerOne with Email Spoofing.https://j0nasdias.medium.com/how-i-earned-over-100-points-on-hackerone-with-email-spoofing-1ae0c4bc6aba?source=rss------bug_bounty-5Jonas Dias Rebelopentest, vulnerability, email-spoofing, hackerone, bug-bounty10-Dec-2024
NASA P3 Google Dorkinghttps://cybersecuritywriteups.com/nasa-p3-google-dorking-6779970b6f03?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-writeup, cybersecurity, bug-bounty-tips, pentesting, bug-bounty09-Dec-2024
Vote Manipulation & Debug Exposure, Another Interesting Finding…https://medium.com/@josuofficial327/vote-manipulation-debug-exposure-another-interesting-finding-ec31f8cb939c?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuprogramming, bug-bounty-tips, penetration-testing, cybersecurity, bug-bounty09-Dec-2024
How I Exploited Amazon Cognito Misconfigurations to Access Confidential S3 Datahttps://1-day.medium.com/how-i-exploited-amazon-cognito-misconfigurations-to-access-confidential-s3-data-badb62cabfab?source=rss------bug_bounty-51daybug-bounty-writeup, writeup, pentesting, bug-bounty, aws09-Dec-2024
From Couch to Cloud: Bug Hunting Made Easy!https://udayshelke17-40981.medium.com/from-couch-to-cloud-bug-hunting-made-easy-993039c8208b?source=rss------bug_bounty-5sudo udayhacking, bug-bounty, cybersecurity, cloud-security, bug-bounty-tips09-Dec-2024
How I Earned $$$ | Open Redirectionhttps://medium.com/@A0X-Y0S3TRX/how-i-earned-open-redirection-c26e191dbff2?source=rss------bug_bounty-5A0X-Y0S3TRXbug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-program09-Dec-2024
The List of Top Penetration Testing as a Service (PTaaS) Platforms for 2024https://medium.com/@hackrate/the-list-of-top-penetration-testing-as-a-service-ptaas-platforms-for-2024-e04969614042?source=rss------bug_bounty-5Levente Molnarethical-hacking, cybersecurity, bug-bounty, hacking, penetration-testing09-Dec-2024
How I Exploited Amazon Cognito Misconfigurations to Access Confidential S3 Datahttps://awstip.com/how-i-exploited-amazon-cognito-misconfigurations-to-access-confidential-s3-data-badb62cabfab?source=rss------bug_bounty-51daybug-bounty-writeup, writeup, pentesting, bug-bounty, aws09-Dec-2024
VPS for Hackers: Top Picks for Bug Bounty and Cloud Pentesters Enthusiasts 2025https://hackerassociate.medium.com/vps-for-hackers-top-picks-for-bug-bounty-and-cloud-pentesters-enthusiasts-2025-195b17eea9f7?source=rss------bug_bounty-5Harshad Shahcybersecurity, bug-bounty, penetration-testing, infosec, vps09-Dec-2024
Exposed Prometheus Server Endpointhttps://osintteam.blog/exposed-prometheus-server-endpoint-cfb8e82e441b?source=rss------bug_bounty-5AbhirupKonwarpentesting, bug-bounty, bug-bounty-writeup, vulnerability-management, bug-bounty-tips09-Dec-2024
2.9 Billion Records Compromised in NPD Breach: The Largest Data Leak Ever!https://medium.com/@wiretor/2-9-billion-records-compromised-in-npd-breach-the-largest-data-leak-ever-9edaa25d362c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, ransomware, bug-bounty, breach, malware09-Dec-2024
One Phishing Hit Leads to Massive Breach: 11K Children’s Data Exposedhttps://medium.com/@wiretor/one-phishing-hit-leads-to-massive-breach-11k-childrens-data-exposed-f8bb80abc574?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesphising, business, malware, bug-bounty, hacking09-Dec-2024
Eight Suspected Phishers Arrested in Belgium, Netherlands for Multi-Million Euro Fraud Schemehttps://medium.com/@wiretor/eight-suspected-phishers-arrested-in-belgium-netherlands-for-multi-million-euro-fraud-scheme-2df2e53d1fe3?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, phishing, business, malware, scam09-Dec-2024
How to Earn Money with Bug Bounties and Other Platformshttps://medium.com/@tuteja_lovish/how-to-earn-money-with-bug-bounties-and-other-platforms-6a248db1a94d?source=rss------bug_bounty-5Lovish Kumarsecurity-token, bugs, bug-bounty, security, bounties09-Dec-2024
QR Codes Bypass Browser Isolation for Malicious C2 Communication ️https://medium.com/@wiretor/qr-codes-bypass-browser-isolation-for-malicious-c2-communication-%EF%B8%8F-6dddc201d532?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, hacking, business, bug-bounty, qr-code09-Dec-2024
Server Security Misconfiguration: Misconfigured DNS — High-Impact Subdomain Takeover (P2)https://medium.com/@mathewskuruvila32/server-security-misconfiguration-misconfigured-dns-high-impact-subdomain-takeover-p2-cb9e7ccadf2d?source=rss------bug_bounty-5Mathews kuruvilavulnerability, hacking, ethical-hacking, web-app-development, bug-bounty09-Dec-2024
The HackerOne-Wayback Machine Saga: An Unofficial Vulnerability or Just Public Oversight?https://huntrai.medium.com/the-hackerone-wayback-machine-saga-an-unofficial-vulnerability-or-just-public-oversight-22c1fb0112bb?source=rss------bug_bounty-5Aditya sunnybug-bounty, bugs, hacking09-Dec-2024
How I Discovered a Critical Vulnerability in WhatsApp’s Admin Systemhttps://huntrai.medium.com/how-i-discovered-a-critical-vulnerability-in-whatsapps-admin-system-ce0a3f2bbcb2?source=rss------bug_bounty-5Aditya sunnyinfosec, bug-bounty, hackerone, hacking, bugs09-Dec-2024
1-Click Account Takeover (ATO) via CORS Misconfigurationhttps://medium.com/@mohammed01550038865/1-click-account-takeover-ato-via-cors-misconfiguration-64dc26d24917?source=rss------bug_bounty-5Muhammed Mubarakhackerone, bugcrowd, bug-bounty-tips, ato, bug-bounty09-Dec-2024
From Dev to Disaster: My Hilarious First Attempt at Bug Bounties with Burp Suite Prohttps://medium.com/@zero_4583/from-dev-to-disaster-my-hilarious-first-attempt-at-bug-bounties-with-burp-suite-pro-20fddd3ad295?source=rss------bug_bounty-5Nathan Vincentbug-bounty, burpsuite, appsec, penetration-testing08-Dec-2024
Misconfigurations That Paid Me Big: How I Exploited Them (And How You Can Stop Me)https://systemweakness.com/misconfigurations-that-paid-me-big-how-i-exploited-them-and-how-you-can-stop-me-788a5375aa3c?source=rss------bug_bounty-5Akash Ghoshtechnology, bug-bounty, cybersecurity, bug-bounty-writeup, programming08-Dec-2024
$400 Bounty in 10 sechttps://systemweakness.com/400-bounty-in-10-sec-14d26c2976ec?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-writeup, pentesting, bug-bounty-tips, cybersecurity, bug-bounty08-Dec-2024
Critical Authentication Bypass & Account Takeover via Attacker’s MFA Codehttps://medium.com/@sharp488/critical-authentication-bypass-account-takeover-via-attackers-mfa-code-fadf36fe6e34?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty, information-technology, bug-bounty-writeup, bug-bounty-tips, information-security08-Dec-2024
WhiteLevel Error Page / Spring Boot Actuators Huntinghttps://0xshuvo.medium.com/whitelevel-error-page-spring-boot-actuators-hunting-b0290c4ccdbd?source=rss------bug_bounty-5Shuvo Kumar Sahabug-bounty-writeup, bug-bounty, infosec, bug-hunting, exploit08-Dec-2024
The Dark Side of AI: Inside PyTorch’s Unpatched Vulnerabilitieshttps://medium.com/@piyushbhor22/the-dark-side-of-ai-inside-pytorchs-unpatched-vulnerabilities-0d8ce74fc9b5?source=rss------bug_bounty-5Pi - The Kernel Panicmachine-learning, pytorch, zero-day, exploits-zero-day, bug-bounty08-Dec-2024
All About Pentesting & Securing Checkouts and Transactionshttps://infosecwriteups.com/all-about-pentesting-securing-checkouts-and-transactions-f7bb1de4fd7b?source=rss------bug_bounty-5Xcheaterbug-bounty, appsec, payment-gateway08-Dec-2024
Exploiting PHP Insecure Deserializationhttps://medium.com/@mayank_prajapati/exploiting-php-insecure-deserialization-2e301557f12f?source=rss------bug_bounty-5Mayank Kumar Prajapatibug-bounty, cybersecurity, red-team, ethical-hacking, penetration-testing08-Dec-2024
$200 Recon Bug Bountyhttps://medium.com/infosecmatrix/200-recon-bug-bounty-3538566b94dc?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, pentesting, bug-bounty-writeup, ethical-hacking, bug-bounty08-Dec-2024
The Ultimate Guide to Starting a Penetration Testing as a Service (PTaaS) Project for Your Companyhttps://medium.com/@hackrate/the-ultimate-guide-to-starting-a-penetration-testing-as-a-service-ptaas-project-for-your-company-5d7919eed353?source=rss------bug_bounty-5Levente Molnarbug-bounty, hacking, penetration-testing, ethical-hacking, cybersecurity08-Dec-2024
PoC: Bypass Input with SQL Injection to Gaining Information in SMK Maarif Terpadu Cicalengka and…https://medium.com/@baracarlo/poc-bypass-input-with-sql-injection-to-gaining-information-in-smk-maarif-terpadu-cicalengka-and-51d56cfbbd60?source=rss------bug_bounty-5Baradikasql-injection, cybersecurity, bug-hunting, bug-bounty08-Dec-2024
How I Found Info disclosure vulnerability?https://doordiefordream.medium.com/how-i-found-info-disclosure-vulnerability-32fa9e9b9a45?source=rss------bug_bounty-5Bug hunter baluethical-hacking, hacking, cybersecurity, bug-bounty, web308-Dec-2024
Russia’s ‘BlueAlpha’ APT Hides in Cloudflare Tunnelshttps://medium.com/@wiretor/russias-bluealpha-apt-hides-in-cloudflare-tunnels-7d7372615241?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, malware, business, russia08-Dec-2024
Top 5 Must-Read Books to Master Web Penetration Testing (Beginners & Beyond)https://medium.com/@verylazytech/top-5-must-read-books-to-master-web-penetration-testing-beginners-beyond-9bf99651445f?source=rss------bug_bounty-5Very Lazy Techhacking, bug-bounty, penetration-testing, web-development, web-penetration-testing08-Dec-2024
How I Found a Critical Vulnerability and Earned $4,000 in Bug Bounty Huntinghttps://medium.com/@zack0x01_/how-i-found-a-critical-vulnerability-and-earned-4-000-in-bug-bounty-hunting-2ce4a1227fdc?source=rss------bug_bounty-5zack0x01idor, cybersecurity, bug-bounty, hacking08-Dec-2024
Mastering Git Conflicts: A Developer’s Guide to Seamless Merges ️⚡https://rajuhemanth456.medium.com/mastering-git-conflicts-a-developers-guide-to-seamless-merges-%EF%B8%8F-19718b819da0?source=rss------bug_bounty-5Hemanth Rajubug-bounty, coding, software-development, interview, github08-Dec-2024
Privilege Escalation via Impersonation Features featurehttps://medium.com/@0x_xnum/privilege-escalation-via-impersonation-features-feature-c49cf3a3dc03?source=rss------bug_bounty-5Ahmed Tarekprivilege-escalation, hacking, bug-bounty-tips, bug-bounty, pentesting08-Dec-2024
Mastering Internet Scanning: How to Use ZMap and Censys for Ethical Hacking — Part 1https://systemweakness.com/mastering-internet-scanning-how-to-use-zmap-and-censys-for-ethical-hacking-part-1-2ca54401e2e0?source=rss------bug_bounty-5hacker_mightreconnaissance, recon, ip-security, zmap, bug-bounty08-Dec-2024
Unlocking Cybersecurity with Censys: A Guide to Ethical Hacking, Bug Bounties, and Pentesting —…https://systemweakness.com/unlocking-cybersecurity-with-censys-a-guide-to-ethical-hacking-bug-bounties-and-pentesting-4e1c6e4358c3?source=rss------bug_bounty-5hacker_mightfun, bug-bounty, recon, censys, osint08-Dec-2024
Mastering Subdomain Visualization: Using Aquatone for Effective Reconnaissanchttps://medium.com/@kalkumbe7745/mastering-subdomain-visualization-using-aquatone-for-effective-reconnaissanc-6409c7846c2c?source=rss------bug_bounty-5Rutvik Kalkumbeethical-hacking, cybersecurity, bug-bounty, security, aquatone08-Dec-2024
How I Test for Cross-Site Scriptinghttps://osintteam.blog/how-i-test-for-cross-site-scripting-9262de5e949d?source=rss------bug_bounty-5Cybersec with Hemmarswriting, technology, cybersecurity, bug-bounty08-Dec-2024
My First Bounty of ₹₹₹https://osintteam.blog/my-first-bounty-of-37c2d40cbdd9?source=rss------bug_bounty-5cryptoshantpassword-reset, bug-bounty, journey, cybersecurity, hacking07-Dec-2024
From Low Privileges to Owner Rights: A Wild Journey Through an ATO Vulnerabilityhttps://medium.com/@mrasg/from-low-privileges-to-owner-rights-a-wild-journey-through-an-ato-vulnerability-cb21c468634c?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty-tips, bug-bounty-writeup, cybersecurity, hacking, bug-bounty07-Dec-2024
P3 Bug in Few Minuteshttps://medium.com/meetcyber/p3-bug-in-few-minutes-006f57913f71?source=rss------bug_bounty-5AbhirupKonwarpentesting, cybersecurity, bug-bounty, infosec, bug-bounty-tips07-Dec-2024
How I Found an ATO Vulnerability in Stripe Program in an Overlooked Cornerhttps://medium.com/@mrasg/how-i-found-an-ato-vulnerability-in-stripe-program-in-an-overlooked-corner-dce7d2cdaaf9?source=rss------bug_bounty-5Ahmed Samir Ghallabsecurity, bug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty07-Dec-2024
How to Make a Clickjacking Vulnerability Scanner with Pythonhttps://infosecwriteups.com/how-to-make-a-clickjacking-vulnerability-scanner-with-python-a53f48e70b58?source=rss------bug_bounty-5Muhammad Abdullahipython, cybersecurity, bug-bounty, hacking, python-programming07-Dec-2024
Beyond signUP OR resetPassword || Send , Confirm AND Setting !https://medium.com/@0xAwali/beyond-signup-or-resetpassword-send-confirm-and-setting-d153f3ab6e17?source=rss------bug_bounty-5Mahmoud M. Awaliweb-security, bug-bounty07-Dec-2024
5 Ways I Got RCE’s In the Wildhttps://medium.com/@red.whisperer/5-ways-i-got-rces-99a78901ba33?source=rss------bug_bounty-5Chuxcybersecurity, hacking, bug-bounty, technology, programming07-Dec-2024
Code Flaws and Consequences: The Bug That Exposed PIIhttps://medium.com/@CANITEY/code-flaws-and-consequences-the-bug-that-exposed-pii-3de5251e1484?source=rss------bug_bounty-5CANITEYpenetration-testing, bugbounty-writeup, pentesting, cybersecurity, bug-bounty07-Dec-2024
When One Isn’t Enough: Multiple SQL Injections Found in 1 VDPhttps://osintteam.blog/when-one-isnt-enough-multiple-sql-injections-found-in-1-vdp-f45de0b4c674?source=rss------bug_bounty-5#$ubh@nk@rhackerone, infosec, sql-injection, bug-bounty, web-security07-Dec-2024
Ransomware Breach Exposes 310K Patient Records at Anna Jaques Hospitalhttps://medium.com/@wiretor/ransomware-breach-exposes-310k-patient-records-at-anna-jaques-hospital-8548c120ad63?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, hacking, bug-bounty, business, malware07-Dec-2024
Ultralytics AI Supply Chain Breach: Cryptominer Infects Thousands!https://medium.com/@wiretor/ultralytics-ai-supply-chain-breach-cryptominer-infects-thousands-5a0d82d1c32e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmachine-learning, hacking, bug-bounty, malware, ai07-Dec-2024
New Windows Zero-Day Alert: NTLM Credentials at Risk!https://medium.com/@wiretor/new-windows-zero-day-alert-ntlm-credentials-at-risk-ad6256807d0c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, bug-bounty-tips, windows, hacking07-Dec-2024
Police Shut Down Manson Cybercrime Market & Arrest Key Suspects!https://medium.com/@wiretor/police-shut-down-manson-cybercrime-market-arrest-key-suspects-29bdcbaae6cf?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, bus, bug-bounty, malware, manson07-Dec-2024
11 Must-Read Blogs to Understand IDORhttps://saminbinh.medium.com/11-best-blogs-to-learn-idor-7769511d5e05?source=rss------bug_bounty-5SAMIN BIN HUMAYUNinformation-technology, cybersecurity, bug-bounty, idor, idor-vulnerability07-Dec-2024
How I discovered my first CVEhttps://medium.com/@zumiyumi/how-i-discovered-my-first-cve-7b1e2987326c?source=rss------bug_bounty-5Zumi Yumibug-bounty, xss-attack, cve, code-review, cybersecurity07-Dec-2024
Hackers Aren’t Built by Tools — They Build the Toolshttps://shuvonsec.medium.com/hackers-arent-built-by-tools-they-build-the-tools-6581f38dbb34?source=rss------bug_bounty-5Shariar Shahnawaz Shuvonhacking, bug-bounty, information-security, cybersecurity, bug-bounty-tips07-Dec-2024
Why Are You Not Identifying Bugs in Website 2025https://osintteam.blog/why-are-you-not-identifying-bugs-in-website-2025-8ff218815b7d?source=rss------bug_bounty-5Tahir Ayoubhacking, cyber-security-awareness, bug-bounty-tips, bug-bounty, hackathons06-Dec-2024
How I Found 3x XSS in 6 Seconds! Without Automated Toolshttps://medium.com/@embossdotar/how-i-found-3x-xss-in-6-seconds-without-automated-tools-b0c852dea66f?source=rss------bug_bounty-5embossdotarcybersecurity-awareness, hacking, bug-bounty, cybersecurity, ethical-hacking06-Dec-2024
10 RXSS on HackerOne VDPshttps://medium.com/infosecmatrix/10-rxss-on-hackerone-vdps-5162d3ee42af?source=rss------bug_bounty-5AbhirupKonwarinfosec, cybersecurity, xss-attack, bug-bounty, pentesting06-Dec-2024
From Newbie to Pro: My Journey to a $3,000 Bug Bountyhttps://myselfakash20.medium.com/from-newbie-to-pro-my-journey-to-a-3-000-bug-bounty-61abe935e3db?source=rss------bug_bounty-5Akash Ghoshtechnology, bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips06-Dec-2024
The Art of Pwning Okta For Profit and Funhttps://whoisshuvam.medium.com/the-art-of-pwning-okta-for-profit-and-fun-075dedbc4715?source=rss------bug_bounty-5Suvam Adhikaribug-bounty-tips, cybersecurity, info-sec-writeups, bug-bounty, hackerone06-Dec-2024
“The Hidden GPS Threat: Unstripped Metadata on Redacted.com led 5K Rubel in bounties” ️‍♂️https://infosecwriteups.com/the-hidden-gps-threat-unstripped-metadata-on-redacted-com-led-5k-rubel-in-bounties-%EF%B8%8F-%EF%B8%8F-fd044d2031b6?source=rss------bug_bounty-5JEETPALbug-bounty, bug-bounty-writeup, exif-data, cybersecurity, bugbounty-tips06-Dec-2024
10 Essential Tips for Bug Bounty Beginners: A Fun, Practical, and Slightly Cheeky Guide to Kicking…https://medium.com/@mrasg/10-essential-tips-for-bug-bounty-beginners-a-fun-practical-and-slightly-cheeky-guide-to-kicking-c7da8a9b1b31?source=rss------bug_bounty-5Ahmed Samir Ghallabhacking, cybersecurity, penetration-testing, bug-bounty, bug-bounty-tips06-Dec-2024
Atrium Health Data Breach Impacts 585,000 People: Why Healthcare Cybersecurity Needs Immediate…https://medium.com/@wiretor/atrium-health-data-breach-impacts-585-000-people-why-healthcare-cybersecurity-needs-immediate-38a479e96e39?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, marketing, business, malware06-Dec-2024
️ BREAKING: U.S. Arrests Scattered Spider Suspect Behind Telecom Hacks & Phishing Scams ️https://medium.com/@wiretor/%EF%B8%8F-breaking-u-s-arrests-scattered-spider-suspect-behind-telecom-hacks-phishing-scams-%EF%B8%8F-cd44ea215b09?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, business, ransomware, malware, hacking06-Dec-2024
Now let’s set Frida For SSL Pinning Bypass.https://aman0.medium.com/now-lets-set-frida-for-ssl-pinning-bypass-9ee8ae11b7b5?source=rss------bug_bounty-5Aman Hpenetration-testing, bug-bounty, mobile-app-development, infosec, hacking06-Dec-2024
List of Top Bug Bounty Platforms for 2024https://medium.com/@hackrate/list-of-top-bug-bounty-platforms-for-2024-fc31553c2e78?source=rss------bug_bounty-5Levente Molnarpenetration-testing, cybersecurity, vulnerability, bug-bounty, ethical-hacking06-Dec-2024
Path Traversal Vulnerabilities in Web Applications: Understanding CVE-2024–9935 and How to Protect…https://chintalatarakaram.medium.com/path-traversal-vulnerabilities-in-web-applications-understanding-cve-2024-9935-and-how-to-protect-40de3cca8ac8?source=rss------bug_bounty-5Chintala Taraka Ramvulnerability, bug-bounty, python, education, web-development06-Dec-2024
How I Found 3x XSS in 6 Seconds! Without Automated Toolshttps://medium.com/meetcyber/how-i-found-3x-xss-in-6-seconds-without-automated-tools-b0c852dea66f?source=rss------bug_bounty-5embossdotarcybersecurity-awareness, hacking, bug-bounty, cybersecurity, ethical-hacking06-Dec-2024
A01: Broken Access Control and A05: Security Misconfiguration Leads to Unauthenticated Access to…https://medium.com/@enigma_/a01-broken-access-control-and-a05-security-misconfiguration-leads-to-unauthenticated-access-to-0897e3bec491?source=rss------bug_bounty-5enigmacybersecurity, bug-bounty, vulnerability, penetration-testing, ethical-hacking06-Dec-2024
How I Turned a Low-Hanging Fruit Bug Into Mass Unauthorized Deletion of Invited Membershttps://medium.com/@ahmedsamirghallab/how-i-turned-a-low-hanging-fruit-bug-into-mass-unauthorized-deletion-of-invited-members-6f195deffe11?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty, bug-bounty-tips, bug-bounty-writeup, hacking, penetration-testing05-Dec-2024
How To Find Sensitive Log Files Easily..https://medium.com/@josuofficial327/how-to-find-sensitive-log-files-easily-1dd14bb5f221?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuethical-hacking, vulnerability, bug-bounty-tips, bug-bounty-writeup, bug-bounty05-Dec-2024
Mission: Exploit – Advanced Bug Bounty Techniques Inspired by James Bondhttps://bitpanic.medium.com/mission-exploit-advanced-bug-bounty-techniques-inspired-by-james-bond-a891ee3d0ef9?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, bug-bounty, cybersecurity, programming, technology05-Dec-2024
How I Achieved a Full Account Takeover Through Information Disclosurehttps://medium.com/@ahmedsamirghallab/how-i-achieved-a-full-account-takeover-through-information-disclosure-16c6f697b76e?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty-tips, penetration-testing, bug-bounty-writeup, bug-bounty, cybersecurity05-Dec-2024
How Note-Taking and Hacktivity Analysis Led to Privilege Escalationhttps://medium.com/@ahmedsamirghallab/how-note-taking-and-hacktivity-analysis-led-to-privilege-escalation-627aaf3bbd84?source=rss------bug_bounty-5Ahmed Samir Ghallabpentesting, bug-bounty-tips, bug-bounty-writeup, security, bug-bounty05-Dec-2024
Unveiling the Unseen: A Journey from Simple Recon Using Shodan to Leaking AWS Secretshttps://medium.com/@security.tecno/unveiling-the-unseen-a-journey-from-simple-recon-using-shodan-to-leaking-aws-secrets-bc7bed1ad16f?source=rss------bug_bounty-5TECNO Securityhacking, security, writing, bug-bounty05-Dec-2024
How Note-Taking and Hacktivity Analysis Led to Privilege Escalationhttps://medium.com/@mrasg/how-note-taking-and-hacktivity-analysis-led-to-privilege-escalation-627aaf3bbd84?source=rss------bug_bounty-5Ahmed Samir Ghallabpentesting, bug-bounty-tips, bug-bounty-writeup, security, bug-bounty05-Dec-2024
How I Achieved a Full Account Takeover Through Information Disclosurehttps://medium.com/@mrasg/how-i-achieved-a-full-account-takeover-through-information-disclosure-16c6f697b76e?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty-tips, penetration-testing, bug-bounty-writeup, bug-bounty, cybersecurity05-Dec-2024
How I Turned a Low-Hanging Fruit Bug Into Mass Unauthorized Deletion of Invited Membershttps://medium.com/@mrasg/how-i-turned-a-low-hanging-fruit-bug-into-mass-unauthorized-deletion-of-invited-members-6f195deffe11?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty, bug-bounty-tips, bug-bounty-writeup, hacking, penetration-testing05-Dec-2024
How Two Hardcoded Credentials Led To Payment System Takeover, Exposed 20,000 Credit Cards & Enabled…https://medium.com/@Berserker1337/how-two-hardcoded-credentials-led-to-payment-system-takeover-exposed-20-000-credit-cards-enabled-04b0ac232786?source=rss------bug_bounty-5Berserkerbug-hunting, bug-bounty, writeup, cybersecurity, web-security05-Dec-2024
Fix “Failed to load BApp” Burp Suite Extensions!https://medium.com/@d3vilz50n/fix-failed-to-load-bapp-burp-suite-extensions-923efa10659d?source=rss------bug_bounty-5d3vilz50nhacking-tools, hacking, fix, bug-bounty, burpsuite05-Dec-2024
How I Earned My First Bug Bounty: A Beginner’s Storyhttps://medium.com/@kingstar75114/how-i-earned-my-first-bug-bounty-a-beginners-story-58e8a3023cc6?source=rss------bug_bounty-5TehanG07bugs, bug-hunting, bug-bounty-tips, bug-bounty, bug-hunter05-Dec-2024
Correct Innerstanding + Overstandinghttps://medium.com/@onelovemafia/correct-innerstanding-overstanding-8d3cfd9baa7d?source=rss------bug_bounty-5OneLoveMafiadeep-learning, mysticism, bug-bounty, game-development, zen05-Dec-2024
Earn $10,000 XSS in Android Apps Scratch to Advance.https://medium.com/@anandrishav2228/earn-10-000-xss-in-android-apps-scratch-to-advance-cb3aa6c2b98f?source=rss------bug_bounty-5Rishav anandhacking, bug-bounty, cybersecurity, xss-attack, money05-Dec-2024
AZEx Testnet Campaign is LIVEhttps://medium.com/@AZEX.io/azex-testnet-campaign-is-live-ac553c18af8a?source=rss------bug_bounty-5AZEXberachain, bug-bounty, testnet, dois, azex05-Dec-2024
How I Exploited Passkey to Gain Unauthorized Access and TakeOver Invited Accountshttps://medium.com/@mrasg/how-i-exploited-passkey-to-gain-unauthorized-access-and-takeover-invited-accounts-b8b4547ffe70?source=rss------bug_bounty-5Ahmed Samir Ghallabpenetration-testing, pentesting, bug-bounty-tips, bug-bounty-writeup, bug-bounty05-Dec-2024
How I Broke Into My Dev Friend’s Website in Less Than 24 Hourhttps://infosecwriteups.com/how-i-broke-into-my-dev-friends-website-in-less-than-24-hour-6fdb31ad65a1?source=rss------bug_bounty-5sM0ky4hacking, bug-bounty, cyberattack, cybersecurity, bug-bounty-writeup05-Dec-2024
The Story of How I Hacked an International University in Indonesiahttps://infosecwriteups.com/the-story-of-how-i-hacked-an-international-university-in-indonesia-ec819a8c8fc0?source=rss------bug_bounty-5JCbug-bounty-tips, infosec, cybersecurity, bug-bounty-writeup, bug-bounty05-Dec-2024
Penetration Testing on Steroids: Revolutionizing Ethical Hacking with Hackrate and HackGATEhttps://medium.com/@hackrate/penetration-testing-on-steroids-revolutionizing-ethical-hacking-with-hackrate-and-hackgate-7edaf7244075?source=rss------bug_bounty-5Levente Molnarcybersecurity, penetration-testing, ethical-hacking, cybersecurity-news, bug-bounty05-Dec-2024
Practical Bug Bounty — TCM Academy | Report writing, Bypass, Best Programs.https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-report-writing-bypass-best-programs-710516804f53?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamipenetration-testing, cybersecurity, ethical-hacking, web-penetration-testing, bug-bounty05-Dec-2024
Chinese Hackers Salt Typhoon Breach Global Telecom Networkshttps://medium.com/@wiretor/chinese-hackers-salt-typhoon-breach-global-telecom-networks-00b40e0ce07e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicestelecom, bug-bounty, business, hacking, networking05-Dec-2024
New DroidBot Malware Targets 77 Banking & Crypto Apps!https://medium.com/@wiretor/new-droidbot-malware-targets-77-banking-crypto-apps-1b5105a66625?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbots, hacking, bug-bounty, business, malware05-Dec-2024
UK Cracks Down on Russian Money Laundering Networkshttps://medium.com/@wiretor/uk-cracks-down-on-russian-money-laundering-networks-4dfae89f9000?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, uk, business, malware, bug-bounty05-Dec-2024
⚠️ Critical Zero-Day Uncovered: Mitel MiCollab Wide Open to Attackers! ⚠️https://medium.com/@wiretor/%EF%B8%8F-critical-zero-day-uncovered-mitel-micollab-wide-open-to-attackers-%EF%B8%8F-cdc36da3552e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, zero-day, business, programming05-Dec-2024
Bug Huntinghttps://medium.com/meetcyber/bug-hunting-ff366260d8df?source=rss------bug_bounty-5Nazrul Islam Ranabug-hunting, platform, hacker, xx, bug-bounty05-Dec-2024
From Frustration to Exploitation: How a Link Shortener Helped Me Bypass WAFhttps://imooaaz.medium.com/from-frustration-to-exploitation-how-a-link-shortener-helped-me-bypass-waf-03724dca1592?source=rss------bug_bounty-5Moaaz Afifibug-bounty, bugs, bug-bounty-tips, bug-bounty-writeup, cybersecurity05-Dec-2024
How I Climbed to #1 Hackerhttps://medium.com/@CipherHawk/how-i-climbed-to-1-hacker-ffb52e2799c3?source=rss------bug_bounty-5CipherHawknetworking, bug-bounty-tips, cybersecurity, hacking, bug-bounty04-Dec-2024
Modern Security Vulnerabilities: Lessons from Recent Breacheshttps://medium.com/@SakshifromKushoAI/modern-security-vulnerabilities-lessons-from-recent-breaches-b925a6928bbf?source=rss------bug_bounty-5Sakshi from KushoAIsecure-coding, cybersecurity, bug-bounty, app-security, data-breach04-Dec-2024
Path Traversal, bypass file extension validation with null byteshttps://medium.com/@sulthanyluthfi/path-traversal-bypass-file-extension-validation-with-null-bytes-0cedc4fb53f5?source=rss------bug_bounty-5Luthfi Sulthanycybersecurity, bug-bounty, burpsuite, penetration-testing, path-traversal04-Dec-2024
Firebase URL Exploitation: Taking Over Android Databases Like a Pro!https://infosecwriteups.com/firebase-url-exploitation-taking-over-android-databases-like-a-pro-79a00844496d?source=rss------bug_bounty-5JEETPALbug-bounty, android, cybersecurirty, bug-bounty-tips, bugbountywriteup04-Dec-2024
How to Bypass Firewalls and IDS on Filtered Ports: The Ultimate Step-by-Step Guide to Advanced…https://medium.com/@shaikhminhaz1975/how-to-bypass-firewalls-and-ids-on-filtered-ports-the-ultimate-step-by-step-guide-to-advanced-9cb238d66450?source=rss------bug_bounty-5Shaikh Minhazfirewall, step-by-step-guide, cybersecurity, bug-bounty, penetration-testing04-Dec-2024
Critical RCE Vulnerability in Veeam Service Provider Console — Update Now! ️https://medium.com/@wiretor/critical-rce-vulnerability-in-veeam-service-provider-console-update-now-%EF%B8%8F-1e147e98458b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, hacking, rce, business04-Dec-2024
Critical RCE Flaw Discovered in WhatsUp Gold (CVE-2024–8785) — Update Immediately! ️https://medium.com/@wiretor/critical-rce-flaw-discovered-in-whatsup-gold-cve-2024-8785-update-immediately-%EF%B8%8F-8b6e69c183ab?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, bug-bounty, ransomware, malware, rce04-Dec-2024
Backdoor Discovered in Solana’s Web3.js npm Library: Crypto Wallets at Riskhttps://medium.com/@wiretor/backdoor-discovered-in-solanas-web3-js-npm-library-crypto-wallets-at-risk-605bcb02a292?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, solana-network, business, malware, bug-bounty04-Dec-2024
CORS Implementation & Various Headers, CORS series (Part 2)https://medium.com/@vipulparveenjain/cors-implementation-various-headers-cors-series-part-2-895a04ef481d?source=rss------bug_bounty-5Vipul Jainbug-bounty, cors-vulnerability, cross-origin-resource, web-security, hacking04-Dec-2024
Bug Bounty Methodology Checklist for Web Applications (B2B Apps)https://thexssrat.medium.com/bug-bounty-methodology-checklist-for-web-applications-b2b-apps-b876a20236d0?source=rss------bug_bounty-5Thexssratbug-bounty-tips, hacker, bug-bounty, hacks, hacking04-Dec-2024
My Experience at the 2024 FIRST & AfricaCERT Symposium: A CyberGirl’s Perspective- Part Finalhttps://medium.com/@.rai/my-experience-at-the-2024-first-africacert-symposium-a-cybergirls-perspective-part-final-b190349785b4?source=rss------bug_bounty-5Gamuchiraiforensics, osint, bug-bounty, open-source, digital-marketing04-Dec-2024
SQL injection UNION attack, finding a column containing texthttps://medium.com/@Laxious8848/sql-injection-union-attack-finding-a-column-containing-text-10a0e36cc062?source=rss------bug_bounty-5Laxioussql-injection, web-penetration-testing, union-based-sql-injection, bug-bounty, web-pen-testing04-Dec-2024
Why Penetration Testing as a Service (PTaaS) Outperforms Traditional Pentest Providershttps://medium.com/@hackrate/why-penetration-testing-as-a-service-ptaas-outperforms-traditional-pentest-providers-7b1e6b0a6d0a?source=rss------bug_bounty-5Levente Molnarcybersecurity, ethical-hacking, bug-bounty, penetration-testing03-Dec-2024
Bug Bounty Tips Series: 10 Ways To Find HTTP Host Header Injection Vulnerabilityhttps://medium.com/@alishoaib5929/bug-bounty-tips-series-10-ways-to-find-http-host-header-injection-vulnerability-1ad56c9dddd2?source=rss------bug_bounty-5Shoaib Aliweb-hacking, bug-bounty, bug-bounty-writeup, bug-bounty-tips, web-security03-Dec-2024
The Art of Blind Command Injection: Unlocking Internal Secretshttps://medium.com/@yogeshbhandage/the-art-of-blind-command-injection-unlocking-internal-secrets-917daa755463?source=rss------bug_bounty-5Yogesh Bhandagebug-bounty, bug-bounty-tips, hacking, penetration-testing, command-injection03-Dec-2024
20 Bug Bounty CrowdSourced Platformshttps://systemweakness.com/20-bug-bounty-crowdsourced-platforms-a4c486c85671?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, pentesting, infosec, ethical-hacking, bug-bounty03-Dec-2024
Practical Bug Bounty — TCM Academy | Other Common Vulnerabilitieshttps://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-other-common-vulnerabilities-433dc6b1b3bc?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamipenetration-testing, ethical-hacking, bug-bounty, cybersecurity, tcm-academy03-Dec-2024
Story Of 15 Vulnerabilities in one public BBP !https://medium.com/@Ahmex000/story-of-15-vulnerabilities-in-one-buplic-bbp-561e68213991?source=rss------bug_bounty-5Ahmex000bug-bounty-hunter, bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips03-Dec-2024
Critical Bug: Deny Sign-In & Steal Sensitive Info on Behalf of Victimshttps://infosecwriteups.com/critical-bug-deny-sign-in-steal-sensitive-info-on-behalf-of-victims-cad4ced9227d?source=rss------bug_bounty-5JEETPALcybersecurity, bugbounty-tips, auth-bypass, bug-bounty, bug-bounty-writeup03-Dec-2024
Ensuring Comprehensive Ethical Hacking with Penetration Testing as a Servicehttps://medium.com/@hackrate/ensuring-comprehensive-ethical-hacking-with-penetration-testing-as-a-service-9b67734f46cd?source=rss------bug_bounty-5Levente Molnarethical-hacking, penetration-testing, bug-bounty, cybersecurity03-Dec-2024
Tricky & Simple EXIF protection Bypasshttps://saurabhsanmane.medium.com/tricky-simple-exif-protection-bypass-5d0babd908f3?source=rss------bug_bounty-5Saurabh sanmanebug-bounty, information-disclosure, vulnerability, ethical-hacking, cybersecurity03-Dec-2024
Exploring Lightning Bounties: The Intersection of Open-Source and Bitcoinhttps://medium.com/@mabramo11/exploring-lightning-bounties-the-intersection-of-open-source-and-bitcoin-8555c6403310?source=rss------bug_bounty-5Mike Abramobug-bounty, lightning-bounties, open-source, bitcoin, lightning-network03-Dec-2024
Cisco Warns of Attacks Exploiting Decade-Old ASA Vulnerabilityhttps://medium.com/@wiretor/cisco-warns-of-attacks-exploiting-decade-old-asa-vulnerability-11462bd60f7b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesprogramming, business, hacking, bug-bounty, cisco03-Dec-2024
Energy Sector Contractor ENGlobal Targeted in Ransomware Attackhttps://medium.com/@wiretor/energy-sector-contractor-englobal-targeted-in-ransomware-attack-a56112b119d3?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, energy, business, bug-bounty, malware03-Dec-2024
Docker/Kubernetes (K8s)Penetration Testing Checklisthttps://infosecwriteups.com/docker-kubernetes-k8s-penetration-testing-checklist-4d0a13c38495?source=rss------bug_bounty-5Ajay Naikpenetration-testing, bug-bounty, docker, kubernetes, cybersecurity03-Dec-2024
How to Create an Android Payload in Just 1 Minute | Ethical Hackinghttps://bjamali.medium.com/how-to-create-an-android-payload-in-just-1-minute-ethical-hacking-bc109b368909?source=rss------bug_bounty-5Babar Ali Jamalipenetration-testing, ethical-hacking, android, bug-bounty, cybersecurity03-Dec-2024
Crack the Code: Earn Up to $500K in InceptionLRT’s Bug Bounty Programhttps://medium.com/@InceptionLRT/crack-the-code-earn-up-to-500k-in-inceptionlrts-bug-bounty-program-3b5d2feb6ed6?source=rss------bug_bounty-5InceptionLRTcrypto, restaking, bug-bounty, defi, ethereum03-Dec-2024
What is Cybersecurityhttps://twanstcodes.medium.com/what-is-cybersecurity-52e71fe7dfa2?source=rss------bug_bounty-5Twana Muhammedit, programming, cybersecurity, bug-bounty03-Dec-2024
Mastering Bug Bounty Hunting with White Rabbit Neo AIhttps://medium.com/@curiouskhanna/mastering-bug-bounty-hunting-with-white-rabbit-neo-ai-452a3bc3adce?source=rss------bug_bounty-5Shubham Khannahackerone, bug-bounty, ai, security-researchers03-Dec-2024
Python — Program Security Headershttps://medium.com/@ibnu.rusdianto55/python-program-security-headers-966786261d5f?source=rss------bug_bounty-5Ibnu Rusdiantopython, bug-bounty, security-header, indonesia, keamanan-siber03-Dec-2024
How I got access to Credentials easilyhttps://medium.com/infosecmatrix/how-i-got-access-to-credentials-easily-00ced4ba15bd?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, cybersecurity, ethical-hacking, google-dork, pentest02-Dec-2024
How to Master Advanced Threat Huntinghttps://medium.com/@paritoshblogs/how-to-master-advanced-threat-hunting-bcfb9d1e159c?source=rss------bug_bounty-5Paritoshcybersecurity, threat-hunting, hacking, ai, bug-bounty02-Dec-2024
CTFLearn Series| Challenge 96 : Forensics 101 — Walkthroughhttps://medium.com/@rishikeshkhot26/ctflearn-series-challenge-96-forensics-101-walkthrough-13100d9f45fb?source=rss------bug_bounty-5Rishikesh_Khothacking, forensics, bug-bounty, capture-the-flag, cybersecurity02-Dec-2024
Some Easiest P4 Bugshttps://icecream23.medium.com/some-easiest-p4-bugs-561cd710a7e1?source=rss------bug_bounty-5Aman Bhuiyanethical-hacking, bugbounty-tips, bug-bounty, p4-bugs, bug-hunter02-Dec-2024
All UPI IDs in India have Predictable Patterns that allow the disclosure of mail IDs!https://infosecwriteups.com/all-upi-ids-in-india-have-predictable-patterns-that-allow-the-disclosure-of-mail-ids-eede37a35758?source=rss------bug_bounty-5JEETPALupi, cybersecurity, bugbounty-tips, bug-bounty, bug-bounty-writeup02-Dec-2024
Command Injection: Mastering Exploitation Techniques with a Comprehensive Cheatsheethttps://medium.com/@verylazytech/command-injection-mastering-exploitation-techniques-with-a-comprehensive-cheatsheet-6f549fee46b8?source=rss------bug_bounty-5Very Lazy Techethical-hacking, command-injection, cybersecurity, bug-bounty, oscp02-Dec-2024
$3 Billion Crypto Exchange XT Allegedly Hackedhttps://medium.com/@wiretor/3-billion-crypto-exchange-xt-allegedly-hacked-c560c9572168?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicescrypto, xt, malware, bug-bounty, ransomeware02-Dec-2024
Hackers Steal $17 Million from Uganda’s Central Bankhttps://medium.com/@wiretor/hackers-steal-17-million-from-ugandas-central-bank-533dcbabbeff?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacked, ransomeware, bug-bounty, bank-hacked, malware02-Dec-2024
Small Bugs, Big Bounties: A Hacker’s Guide to Quick Winshttps://myselfakash20.medium.com/small-bugs-big-bounties-a-hackers-guide-to-quick-wins-46a75dbc3573?source=rss------bug_bounty-5Akash Ghoshprogramming, technology, bug-bounty, bug-bounty-tips, cybersecurity02-Dec-2024
Critical Vulnerability Discovered in Zabbix Network Monitoring Toolhttps://medium.com/@wiretor/critical-vulnerability-discovered-in-zabbix-network-monitoring-tool-df358293a1a9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomeware, malware, bug-bounty, zabbix, hacking02-Dec-2024
From File Upload To LFI: A Journey To Exploitationhttps://medium.com/@red.whisperer/from-file-upload-to-lfi-a-journey-to-exploitation-02ab5e1a7d0a?source=rss------bug_bounty-5Chuxbug-bounty, cybersecurity, hacking, ethical-hacking, infosec02-Dec-2024
Small Bugs, Big Bounties: A Hacker’s Guide to Quick Winshttps://infosecwriteups.com/small-bugs-big-bounties-a-hackers-guide-to-quick-wins-46a75dbc3573?source=rss------bug_bounty-5Akash Ghoshprogramming, hacking, technology, bug-bounty, cybersecurity02-Dec-2024
Unpacking an IDOR-Based Exploit in International Shipping (70 Million+ PII Data Breach)https://medium.com/@susapr/unpacking-an-idor-based-exploit-in-international-shipping-70-million-pii-data-breach-8c29cf33347d?source=rss------bug_bounty-5susaprbug-bounty-writeup, cybersecurity, data-breach, information-technology, bug-bounty02-Dec-2024
How I got my first Hall of Fame - Bug Bountyhttps://medium.com/@pranavrp77/how-i-got-my-first-hall-of-fame-bug-bounty-d296637e37dd?source=rss------bug_bounty-5Pranav Patilbug-bounty, hacking, bug-bounty-writeup, bug-bounty-tips, cybersecurity02-Dec-2024
Command Injection: Mastering Exploitation Techniques with a Comprehensive Cheatsheethttps://systemweakness.com/command-injection-mastering-exploitation-techniques-with-a-comprehensive-cheatsheet-6f549fee46b8?source=rss------bug_bounty-5Very Lazy Techethical-hacking, command-injection, cybersecurity, bug-bounty, oscp02-Dec-2024
Understanding the Scope: Navigating Website Pentesting and Bug Bounty Targetshttps://medium.com/@zero_4583/understanding-the-scope-navigating-website-pentesting-and-bug-bounty-targets-a6ab701df932?source=rss------bug_bounty-5Nathan Vincentappsec, bug-bounty, pentesting, scopes01-Dec-2024
Critical Account Takeover (MFA + Auth Bypass) due to Cookie Misconfigurationhttps://medium.com/@sharp488/critical-account-takeover-mfa-auth-bypass-due-to-cookie-misconfiguration-3ca7d1672f9d?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty, hackerone, information-security, bug-bounty-writeup, bug-bounty-tips01-Dec-2024
Week 4: A Drive to Recharge and Reconnecthttps://mokhansec.medium.com/week-4-a-drive-to-recharge-and-reconnect-4d0f8b7258d0?source=rss------bug_bounty-5Mohsin khanbug-bounty-writeup, bug-bounty-tips, bugs, cybersecurity, bug-bounty01-Dec-2024
From Minor Bug to Major DoS: My Journey with Web Cache Poisoninghttps://crunkcode.medium.com/from-minor-bug-to-major-dos-my-journey-with-web-cache-poisoning-4b721e5358f4?source=rss------bug_bounty-5Ayushkrweb-exploitation, web-cache-poisoning, bug-bounty, pentesting01-Dec-2024
Exploiting Facebook Ads: $2100 Bug Bounty for Role Management DoShttps://infosecwriteups.com/exploiting-facebook-ads-2100-bug-bounty-for-role-management-dos-afe09c1ecbb0?source=rss------bug_bounty-5Kiril Krivoguzfacebook, cybersecurity, hacking, information-security, bug-bounty01-Dec-2024
Smart Contract Funds Lost Due to Missing Address Validation: $80M in Danger!https://medium.com/@jeetpal2007/smart-contract-funds-lost-due-to-missing-address-validation-80m-in-danger-a4ec7d823a3f?source=rss------bug_bounty-5JEETPALsmartcontract-audit, cybsersecurity, zeroaddress, web3, bug-bounty01-Dec-2024
How I Discovered an API Security Issue: My First Bug Bounty Bloghttps://hackersatty.medium.com/how-i-discovered-an-api-security-issue-my-first-bug-bounty-blog-7deec48453ff?source=rss------bug_bounty-5hackersattybug-bounty, hackersatty, bug-bounty-writeup, swagger-ui, api-security01-Dec-2024
Hack IOT devices to earn $100–$200 in an hour.https://medium.com/@anandrishav2228/hack-iot-devices-to-earn-100-200-in-an-hour-f211a54e87f3?source=rss------bug_bounty-5Rishav anandcybersecurity, penetration-testing, money, bug-bounty, iot01-Dec-2024
Ketika Validasi MIME Type Tak Cukup: Perbaikan Aman untuk Upload Filehttps://medium.com/@ferizco/ketika-validasi-mime-type-tak-cukup-perbaikan-aman-untuk-upload-file-4df4ac6ec0ff?source=rss------bug_bounty-5Ferizcobug-bounty, security, cybersecurity, web-development, php01-Dec-2024
Firmware Penetration Testing Checklisthttps://infosecwriteups.com/firmware-penetration-testing-checklist-9d5e70388371?source=rss------bug_bounty-5Ajay Naikpenetration-testing, security, information-technology, bug-bounty, cybersecurity01-Dec-2024
Basics of SQL Injectionhttps://medium.com/@mayank_prajapati/basics-of-sql-injection-88ab0e57588b?source=rss------bug_bounty-5Mayank Kumar Prajapatipenetration-testing, vulnerability, hacking, bug-bounty-tips, bug-bounty01-Dec-2024
Why I Failed This November: A Clown’s Reflection on Failurehttps://jackhavoltrey.medium.com/why-i-failed-this-november-a-clowns-reflection-on-failure-3223fec4451e?source=rss------bug_bounty-5Jack Havoltreybug-bounty-tips, bug-bounty01-Dec-2024
Execution of a clickjacking attack on Gemini (Google’s AI-powered assistant) - which I recently…https://systemweakness.com/execution-of-a-clickjacking-attack-on-gemini-googles-ai-powered-assistant-which-i-recently-45e60a98316a?source=rss------bug_bounty-5NIKHIL KUMAR GANDLApenetration-testing, cybersecurity, bug-bounty, application-security, information-security01-Dec-2024
From Minor Bug to Major DoS: My Journey with Web Cache Poisoninghttps://ayushkr12.medium.com/from-minor-bug-to-major-dos-my-journey-with-web-cache-poisoning-4b721e5358f4?source=rss------bug_bounty-5Ayushkrweb-exploitation, web-cache-poisoning, bug-bounty, pentesting01-Dec-2024
Russia Arrests Cybercriminal Wazawaka Tied to Ransomware Gangshttps://medium.com/@wiretor/russia-arrests-cybercriminal-wazawaka-tied-to-ransomware-gangs-9354c557f1d5?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, hacking, wazawaka, malware, bug-bounty01-Dec-2024
SpyLoan Android Malware Installed Over 8 Million Times on Google Play!https://medium.com/@wiretor/spyloan-android-malware-installed-over-8-million-times-on-google-play-d0331b3c762e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, hacking, ransomeware, bug-bounty, spyloan01-Dec-2024
picoCTF Web Exploitation: Unminifyhttps://medium.com/@Kamal_S/picoctf-web-exploitation-unminify-6dd45341b7f5?source=rss------bug_bounty-5Kamal Sowasp, unminify, ctf, bug-bounty, picoctf01-Dec-2024
Exploring Alternatives to Cobalt: Why Hackrate Stands Outhttps://medium.com/@hackrate/exploring-alternatives-to-cobalt-why-hackrate-stands-out-67473c1e74e6?source=rss------bug_bounty-5Levente Molnarcybersecurity, bug-bounty, ethical-hacking, penetration-testing01-Dec-2024
Web Shell Upload via Extension Blacklist Bypass — File Upload Vulnerabilityhttps://medium.com/@rcxsecurity/web-shell-upload-via-extension-blacklist-bypass-file-upload-vulnerability-f98ee877aff1?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafécybersecurity, hacking, information-security, bug-bounty, pentesting01-Dec-2024
The Ultimate Guide to Top Pentest-as-a-Service Providers in 2024https://medium.com/@hackrate/the-ultimate-guide-to-top-pentest-as-a-service-providers-in-2024-f03b0408b0a5?source=rss------bug_bounty-5Levente Molnarethical-hacking, cybersecurity, penetration-testing, bug-bounty, hacking01-Dec-2024
SQL injection UNION attack, determining the number of columns returned by the queryhttps://medium.com/@Laxious8848/sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-4792d89ad93f?source=rss------bug_bounty-5Laxioussql-injection, web-pen-testing, web-penetration-testing, bug-bounty, union-based-sql-injection01-Dec-2024
Out of Scope, Out of Mind? Thehttps://medium.com/@talatumsolutions/out-of-scope-out-of-mind-the-0e5f558c43ba?source=rss------bug_bounty-5Talatum-solutionstalatum, hacking, cyber-security-solutions, pentesting, bug-bounty30-Nov-2024
Turn Cybersecurity Tricks Into Cash: Here’s How You Can Start Todayhttps://medium.com/@divyesh.jagad/turn-cybersecurity-tricks-into-cash-heres-how-you-can-start-today-9ccfff1ee0f4?source=rss------bug_bounty-5Divyesh Jagadtrending, bug-bounty, freelancing, infosec, remote-working30-Nov-2024
Privilege Escalation via Role Persistence Vulnerabilityhttps://medium.com/@aalgohary950/privilege-escalation-via-role-persistence-vulnerability-0c22a002d6ff?source=rss------bug_bounty-5C1pher_1hacking, penetration-testing, bug-bounty, access-control, privilege-escalation30-Nov-2024
Discovery of Xss / Html Injection by analyzing target source codehttps://medium.com/@gheeX/discovery-of-xss-html-injection-by-analyzing-target-source-code-0bc7a96c3ca4?source=rss------bug_bounty-5Ghee1337vulnerability, bug-bounty-writeup, bug-bounty-tips, xss-attack, bug-bounty30-Nov-2024
Delete Account Functionality Helped Me Earn $250https://vijetareigns.medium.com/delete-account-functionality-helped-me-earn-250-21baa23c4034?source=rss------bug_bounty-5the_unlucky_guybug-bounty-tips, bug-bounty, bug-bounty-writeup, application-security, cybersecurity30-Nov-2024
Marianas Web — The Danger Part of the Internet!https://medium.com/@TahirAyoub/marianas-web-the-danger-part-of-the-internet-be69e3118e3d?source=rss------bug_bounty-5Tahir Ayoubcybersecurity, darkweb, bug-bounty, deep-web, hacking30-Nov-2024
A massive security breach at Andrew Tate’s platform The Real World has exposed the personal…https://medium.com/@wiretor/a-massive-security-breach-at-andrew-tates-platform-the-real-world-has-exposed-the-personal-576892ffca1c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, malware, expose, andrew-tate30-Nov-2024
5 Side Hustles For Ethical Hackershttps://medium.com/@red.whisperer/5-side-hustles-for-ethical-hackers-8f3e0ca983ed?source=rss------bug_bounty-5Chuxethical-hacking, cybersecurity, hacking, bug-bounty, side-hustle30-Nov-2024
The Ultimate Guide to Top Ethical Hacking Platforms in 2024https://medium.com/@hackrate/the-ultimate-guide-to-top-ethical-hacking-platforms-in-2024-adcfc808caea?source=rss------bug_bounty-5Hackratebug-bounty, cybersecurity, ethical-hacking, penetration-testing30-Nov-2024
⚠️ Microsoft Hacking Warning 450 Million Windows Users Must Now Act! ️https://medium.com/@wiretor/%EF%B8%8F-microsoft-hacking-warning-450-million-windows-users-must-now-act-%EF%B8%8F-a7be6255a338?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, windows, ransomeware, breached, bug-bounty30-Nov-2024
Russian Script Kiddie Builds Massive DDoS Botnethttps://medium.com/@wiretor/russian-script-kiddie-builds-massive-ddos-botnet-bac1b6c57e9f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, programming, hacking, russian30-Nov-2024
P4 bug’s and their POC steps | Part 8https://osintteam.blog/p4-bugs-and-their-poc-steps-part-8-910ee6ba5710?source=rss------bug_bounty-5socalledhackercybersecurity, infosec, bug-bounty, hacking, bug-bounty-tips30-Nov-2024
X(twitter) & my first real bughttps://medium.com/@elkhawaga1900/x-twitter-my-first-real-bug-7c7d26bef48f?source=rss------bug_bounty-5sponge2003bug-bounty, duplicate30-Nov-2024
The Ultimate Guide to Top Ethical Hacking Platforms in 2024https://medium.com/@hackrate/the-ultimate-guide-to-top-ethical-hacking-platforms-in-2024-adcfc808caea?source=rss------bug_bounty-5Levente Molnarbug-bounty, cybersecurity, ethical-hacking, penetration-testing30-Nov-2024
The Ultimate Guide to Top Bug Bounty Platforms in 2024https://medium.com/@hackrate/the-ultimate-guide-to-top-bug-bounty-platforms-in-2024-08f53b117063?source=rss------bug_bounty-5Hackrateethical-hacking, cybersecurity, penetration-testing, bug-bounty29-Nov-2024
The Ultimate Guide to Top Bug Bounty Platforms in 2024: Why Hackrate Stands Outhttps://medium.com/@hackrate/the-ultimate-guide-to-top-bug-bounty-platforms-in-2024-why-hackrate-stands-out-d402c86c407b?source=rss------bug_bounty-5Hackratepenetration-testing, bug-bounty, ethical-hacking, cybersecurity29-Nov-2024
Exploring Alternatives to HackerOne: Why Hackrate Stands Outhttps://medium.com/@hackrate/exploring-alternatives-to-hackerone-why-hackrate-stands-out-894092aec0aa?source=rss------bug_bounty-5Hackrateethical-hacking, penetration-testing, cybersecurity, bug-bounty, hacking29-Nov-2024
How To Become Up-To-Date Hacker? 8 Gold Points To Stay Informed During Lifetime-Hacking Storyhttps://osintteam.blog/how-to-become-up-to-date-hacker-8-gold-points-to-stay-informed-during-lifetime-hacking-story-2e95f33c5d6f?source=rss------bug_bounty-5NnFacebug-bounty, cybersecurity, kali-linux, hacking, technology29-Nov-2024
Advanced Google Dorking | Part7https://systemweakness.com/advanced-google-dorking-part7-a8df43d00743?source=rss------bug_bounty-5AbhirupKonwarinfosec, pentesting, ethical-hacking, cybersecurity, bug-bounty29-Nov-2024
Email Verification Bypass Vulnerability: A Critical Flaw Exploitedhttps://medium.com/@muralidharan1530/email-verification-bypass-vulnerability-a-critical-flaw-exploited-1d7a316b2514?source=rss------bug_bounty-5Murali Dharanbounties, bug-bounty-writeup, bug-bounty, bugs, bug-bounty-tips29-Nov-2024
POC — CVE-2024–21534 Jsonpath-plus vulnerable to Remote Code Execution (RCE) due to improper input…https://medium.com/@verylazytech/poc-cve-2024-21534-jsonpath-plus-vulnerable-to-remote-code-execution-rce-due-to-improper-input-a466ae69aa92?source=rss------bug_bounty-5Very Lazy Techcybersecurity, cve, exploit, cve-2024-21534, bug-bounty29-Nov-2024
hackthebox-Administrator-walkthroughhttps://medium.com/@ryuzakiryuga31/hackthebox-administrator-walkthrough-217d01374d00?source=rss------bug_bounty-5R09shbug-bounty, hackthebox, network-security, network-penetration-test, system-administration29-Nov-2024
Google Dorking Made Simpler with GFUhttps://medium.com/@sheryx00/google-dorking-made-simpler-with-gfu-20c67c5c8fc4?source=rss------bug_bounty-5Sheryx00google-dork, open-source, bug-bounty, pentesting, bug-bounty-tips29-Nov-2024
Authentication Bypass Vulnerability 🙂https://aman0.medium.com/authentication-bypass-vulnerability-a7b8fff3361f?source=rss------bug_bounty-5Aman Hauthentication-bypass, vulnerability, penetration-testing, bug-bounty-tips, bug-bounty29-Nov-2024
Exploring Alternatives to Bugcrowd: Why Hackrate Stands Outhttps://medium.com/@hackrate/exploring-alternatives-to-bugcrowd-why-hackrate-stands-out-8d54235f62d1?source=rss------bug_bounty-5Hackratebug-bounty, cybersecurity, penetration-testing, ethical-hacking29-Nov-2024
The Ultimate Bug Bounty Roadmap Zero to Prohttps://medium.com/@adinesh02/the-ultimate-bug-bounty-roadmap-zero-to-pro-56440ac4cef2?source=rss------bug_bounty-5DINESH Atechnology, tech, bug-bounty, hacking, cybersecurity29-Nov-2024
Phishing-as-a-Service (PhaaS): “Rockstar 2FA” Targets Microsoft 365 with AiTM Attackshttps://medium.com/@wiretor/phishing-as-a-service-phaas-rockstar-2fa-targets-microsoft-365-with-aitm-attacks-572617422ea5?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, xs, phaa, american-dream, hacking29-Nov-2024
Critical Flaw in ProjectSend Under Active Exploitation — Protect Your Servers!https://medium.com/@wiretor/critical-flaw-in-projectsend-under-active-exploitation-protect-your-servers-c0903ab96a68?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesxs, malware, bug-bounty, hacking, pentest29-Nov-2024
Unmasking Open Redirect Vulnerabilities: A Real-World Discoveryhttps://medium.com/@360Security/unmasking-open-redirect-vulnerabilities-a-real-world-discovery-348081e5d03e?source=rss------bug_bounty-5Anand Patelpenetration-testing, vapt, bug-bounty, web-security, cybersecurity29-Nov-2024
Hacking AI — Understanding LLM Attacks and Prompt Injectionshttps://medium.com/@anmol.sh/hacking-ai-understanding-llm-attacks-and-prompt-injections-9354f26a8353?source=rss------bug_bounty-5Anmol Shahai, hacking, penetration-testing, artificial-intelligence, bug-bounty29-Nov-2024
Website’s for fake mobile numbers and sms services.https://osintteam.blog/websites-for-fake-mobile-numbers-and-sms-services-9057442ef82b?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, bug-bounty-tips, tips, hacking28-Nov-2024
30 Best Hacking Promptshttps://medium.com/@TahirAyoub/30-best-hacking-prompts-0c10ee61edf4?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, hacking, chatgpt, cybersecurity, ai28-Nov-2024
The More Confident You Are About Your Testing, The Bigger the Bug You Missedhttps://manishsaini74.medium.com/the-more-confident-you-are-about-your-testing-the-bigger-the-bug-you-missed-189fe169c005?source=rss------bug_bounty-5Manish Sainibug-bounty, test-automation, software-engineering, software-testing, quality-assurance28-Nov-2024
8 Shocking Ways to Protect Your Identity Onlinehttps://medium.com/@paritoshblogs/8-shocking-ways-to-protect-your-identity-online-fe13ad3b92e1?source=rss------bug_bounty-5Paritoshai, identity, hacking, cybersecurity, bug-bounty28-Nov-2024
Finding Low-Hanging Bugs: A Practical Guide with Commandshttps://medium.com/@ayansheikh45689/finding-low-hanging-bugs-a-practical-guide-with-commands-d6fb9159857d?source=rss------bug_bounty-5Ayanpenetration-testing, bug-finding, bug-bounty, ethical-hacking, cybersecurity28-Nov-2024
Finding more subdomains.(part 2)https://infosecwriteups.com/finding-more-subdomains-part-2-1850ead4dd92?source=rss------bug_bounty-5loyalonlytodaybug-bounty, penetration-testing, reconnaissance, cybersecurity, hacking28-Nov-2024
JWTs: A Comedy of Errors and Exploitshttps://jackhavoltrey.medium.com/jwts-a-comedy-of-errors-and-exploits-81d1fb25d24d?source=rss------bug_bounty-5Jack Havoltreybug-bounty, authentication, bug-bounty-tips, jwt, web-development28-Nov-2024
Bug Bounty Chronicles: Exploiting the PUT Method for Remote Code Execution (RCE)https://medium.com/@pawarpushpak36/bug-bounty-chronicles-exploiting-the-put-method-for-remote-code-execution-rce-c2782bea61da?source=rss------bug_bounty-5Pawarpushpakbug-zero, remote-code-execution, bug-bounty-tips, bug-bounty, infosec28-Nov-2024
The Art of Account Take Over #1: Chaining XSS and non-HttpOnly Session Cookiehttps://xdead4f.medium.com/the-art-of-account-take-over-1-chaining-xss-and-non-httponly-session-cookie-8e474bc83e5c?source=rss------bug_bounty-50xdead4fxs, penetration-testing, bug-bounty, cybersecurity28-Nov-2024
How to find Access control vulnerabilities useful Tips PART (1)☢https://medium.com/@mahmodziad40/how-to-find-access-control-vulnerabilities-useful-tips-part-1-56ca1a9c60ce?source=rss------bug_bounty-5httpzuzportswigger, penetration-testing, access-control, bug-bounty-tips, bug-bounty28-Nov-2024
UK Hospital Network Hit by Cyberattack, Procedures Postponedhttps://medium.com/@wiretor/uk-hospital-network-hit-by-cyberattack-procedures-postponed-3b9622eec715?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, malware, cyberattack, uk-hospital-attack, bug-bounty28-Nov-2024
T-Mobile Detects Network Intrusion Attempts from Wireline Providerhttps://medium.com/@wiretor/t-mobile-detects-network-intrusion-attempts-from-wireline-provider-ee7fab1a7eac?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, xs, t-mobile, hacking28-Nov-2024
Malicious npm Library @0xengine/xmlrpc Steals Data and Mines Cryptocurrencyhttps://medium.com/@wiretor/malicious-npm-library-0xengine-xmlrpc-steals-data-and-mines-cryptocurrency-50171f172ef7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, xs, bug-bounty, malware, ransomeware28-Nov-2024
Exploiting CSRF and OTP Reuse: How Weak Token Management Enables Password Reset Attacks, Leading…https://medium.com/@iPsalmy/exploiting-csrf-and-otp-reuse-how-weak-token-management-enables-password-reset-attacks-leading-to-c2f6b914f398?source=rss------bug_bounty-5iPsalmybug-bounty, infosec, web-application-security, api-security, cybersecurity28-Nov-2024
#HappyThanksgiving from Wire Tor!https://medium.com/@wiretor/happythanksgiving-from-wire-tor-5a655498f35f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, happy-thanksgiving, happy-thanksgiving-day, malware28-Nov-2024
Private IP Disclosure in Bug Bounty Programs: Understanding the Risk and Rewardhttps://medium.com/@shamzen96/private-ip-disclosure-in-bug-bounty-programs-understanding-the-risk-and-reward-6441aa866db0?source=rss------bug_bounty-5Shivam Rajbug-bounty, bug-bounty-tips27-Nov-2024
The P2 Bug You Could Miss Without Reading the Documentationhttps://mokhansec.medium.com/the-p2-bug-you-could-miss-without-reading-the-documentation-b0eacc3b7587?source=rss------bug_bounty-5Mohsin khancybersecurity, bugs, bug-bounty-tips, bug-bounty-writeup, bug-bounty27-Nov-2024
Easy Way To Root Your Virtual Device 🙂https://aman0.medium.com/easy-way-to-root-your-virtual-device-9d1a2aa99ea1?source=rss------bug_bounty-5Aman Hpenetration-testing, mobile-app-development, root-android-phone, bug-bounty, app-security-testing27-Nov-2024
Install MassDNS in Linuxhttps://medium.com/@mohamdaminporsalari/install-massdns-in-linux-4a5937829972?source=rss------bug_bounty-5MaMadbug-bounty, dns, massdns, pentesting, bug-bounty-tool27-Nov-2024
How I Turned NASA’s Search Bar into a Phishing Gatewayhttps://systemweakness.com/how-i-turned-nasas-search-bar-into-a-phishing-gateway-697de30859b0?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, cybersecurity, technology, bug-bounty, programming27-Nov-2024
0-Click ATO: How I Can Take Over Every Account on the Websitehttps://medium.com/@aesmail034/0-click-ato-how-i-can-take-over-every-account-on-the-website-9a69c9afb57c?source=rss------bug_bounty-5Ahmed Esmailhackerone, bug-bounty, cybersecurity, account-takeover27-Nov-2024
Race Condition Exploit Enables Free Plan Users to Access Premium Featureshttps://medium.com/@rawansa3ed2002/race-condition-exploit-enables-free-plan-users-to-access-premium-features-9619d0fa0a53?source=rss------bug_bounty-5Rawansaedbug-bounty, race-condition, hackerone, penetration-testing, cybersecurity27-Nov-2024
System Hacking Techniquehttps://medium.com/@TahirAyoub/system-hacking-technique-ac376bd3f0ef?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, hacking-tools, cybersecurity, hacking, computer-security27-Nov-2024
Install MassDNS in Linuxhttps://medium.com/@MaMad4Ever/install-massdns-in-linux-4a5937829972?source=rss------bug_bounty-5MaMadbug-bounty, dns, massdns, pentesting, bug-bounty-tool27-Nov-2024
Introducing JSNinja: Your Ultimate JavaScript Bug Hunting Companion ️‍♂️https://medium.com/@vikas0vks/introducing-jsninja-your-ultimate-javascript-bug-hunting-companion-%EF%B8%8F-%EF%B8%8F-bee1fcc4bd75?source=rss------bug_bounty-5Vikasinformation-security, bug-bounty-tips, bug-bounty27-Nov-2024
SMB Enumeration and Exploitation: Master Ports 139 and 445 for Penetration Testinghttps://medium.com/@verylazytech/smb-enumeration-and-exploitation-master-ports-139-and-445-for-penetration-testing-ddca90a384c5?source=rss------bug_bounty-5Very Lazy Techbug-bounty, oscp, smb, hacking, cybersecurity27-Nov-2024
Understanding Ethical Hacking: The Key to Cybersecurityhttps://medium.com/@harshkatiyar5556/understanding-ethical-hacking-the-key-to-cybersecurity-454c6671c5f9?source=rss------bug_bounty-5Harsh Katiyarweb3, mind-hacking-techniques, ethical-hacking, cybersecurity, bug-bounty27-Nov-2024
How to Find DNS Rebinding Vulnerabilities in Bug Bounty Huntinghttps://dineshpathro9.medium.com/how-to-find-dns-rebinding-vulnerabilities-in-bug-bounty-hunting-3323da71f5ee?source=rss------bug_bounty-5Hunterbugs, bug-bounty-tips, bug-bounty, bug-zero27-Nov-2024
0-Click ATO: How I Can Take Over Every Account on the Websitehttps://som3a.medium.com/0-click-ato-how-i-can-take-over-every-account-on-the-website-9a69c9afb57c?source=rss------bug_bounty-5Ahmed Esmailhackerone, bug-bounty, cybersecurity, account-takeover27-Nov-2024
IDOR Allows an Admin to Add SuperAdmin (Which is not allowed)https://medium.com/@mrro0o0tt/idor-allows-an-admin-to-add-superadmin-which-is-not-allowed-239fcc82ff69?source=rss------bug_bounty-5Whoamiidor-vulnerability, bug-bounty, broken-access-control, business-logic-bug, bug-bounty-tips27-Nov-2024
Researchers Unveil “Bootkitty” — The First UEFI Bootkit Targeting Linux Kernels!https://medium.com/@wiretor/researchers-unveil-bootkitty-the-first-uefi-bootkit-targeting-linux-kernels-30ff7b7c6819?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceszero-day, cve, bug-bounty, malware, bootkitty27-Nov-2024
Interpol Arrests 1,000+ in Massive ‘Operation Serengeti’ Anti-Cybercrime Crackdownhttps://medium.com/@wiretor/interpol-arrests-1-000-in-massive-operation-serengeti-anti-cybercrime-crackdown-45ffa24e6f4a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, xss-attack, interpol, hacking, bug-bounty27-Nov-2024
New NachoVPN Attack: Rogue VPN Servers Installing Malicious Updates ️https://medium.com/@wiretor/new-nachovpn-attack-rogue-vpn-servers-installing-malicious-updates-%EF%B8%8F-262c85645850?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, vpn, malware, bug-bounty, programming27-Nov-2024
JS Review and Abuse GraphQL Result 10xBAC + Admin Panel ATOhttps://medium.com/@0xbugatti/js-review-and-abuse-graphql-result-10xbac-admin-panel-ato-0f013fe471ea?source=rss------bug_bounty-50xbugattiowasp-top-10, bug-bounty, bugbounty-writeup, web-app-security, bugbounty-tips27-Nov-2024
How I abled to get users/admins PII Disclosurehttps://medium.com/@a7madhacck/how-i-abled-to-get-users-admins-pii-disclosure-6c02fef82c11?source=rss------bug_bounty-5Ahmad Yusseftechnology, hackerone, bug-bounty-writeup, cybersecurity, bug-bounty27-Nov-2024
Automating the Setup of a Bug Bounty Toolkithttps://dineshpathro9.medium.com/automating-the-setup-of-a-bug-bounty-toolkit-05b3e589eb84?source=rss------bug_bounty-5hunterbug-bounty, bug-bounty-tips, bugs, hacking26-Nov-2024
VOIP Penetration Testing Checklisthttps://infosecwriteups.com/voip-penetration-testing-checklist-890bb4e09bac?source=rss------bug_bounty-5Ajay Naiksecurity, information-technology, penetration-testing, cybersecurity, bug-bounty26-Nov-2024
Find Website Vulnerabilities with One Hacking Toolhttps://medium.com/@TahirAyoub/find-website-vulnerabilities-with-one-hacking-tool-0008a908c6fd?source=rss------bug_bounty-5Tahir Ayoubcybersecurity, bug-bounty-tips, bug-bounty, hacking, tools26-Nov-2024
Bugbounty Hunting: The First Step After Finding Your Targethttps://dineshpathro9.medium.com/bugbounty-hunting-the-first-step-after-finding-your-target-998267eeeb28?source=rss------bug_bounty-5Hunterbug-bounty-tips, bug-bounty, bug-zero, bugs26-Nov-2024
Challenges and Pitfalls of Automating Bug Bounty Submissions with AIhttps://pointlessai.medium.com/challenges-and-pitfalls-of-automating-bug-bounty-submissions-with-ai-adb06ab0d2c6?source=rss------bug_bounty-5PointlessAI Mediumai, bug-bounty, cybersecurity, chatgpt, vulnerability-management26-Nov-2024
IBM Fixes RCE Vulnerabilities in Data Virtualization Manager and Security SOARhttps://medium.com/@wiretor/ibm-fixes-rce-vulnerabilities-in-data-virtualization-manager-and-security-soar-dfbc178710f5?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, rce, bug-bounty, malware, ibm26-Nov-2024
Firefox and Windows Zero-Days Exploited by Russian RomCom Hackers: A Cybersecurity Wake-Up Call!https://medium.com/@wiretor/firefox-and-windows-zero-days-exploited-by-russian-romcom-hackers-a-cybersecurity-wake-up-call-a8029dacd27b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, malware, windows-hacking, bug-bounty, firefox-hacked26-Nov-2024
Critical Vulnerabilities Discovered in Popular Anti-Spam Plugin for WordPress ️https://medium.com/@wiretor/critical-vulnerabilities-discovered-in-popular-anti-spam-plugin-for-wordpress-%EF%B8%8F-353b3a727d7e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacked, malware, wordpress, ransomware, bug-bounty26-Nov-2024
Find Website Vulnerabilities with One Hacking Toolhttps://blog.cubed.run/find-website-vulnerabilities-with-one-hacking-tool-0008a908c6fd?source=rss------bug_bounty-5Tahir Ayoubcybersecurity, bug-bounty-tips, bug-bounty, hacking, tools26-Nov-2024
How I Hacked NASAhttps://vikram1337.medium.com/how-i-hacked-nasa-74f4ada6e90c?source=rss------bug_bounty-5Vikramwriteup, pentesting, bug-bounty, nasa26-Nov-2024
race condition on BBPhttps://medium.com/@mohanad9837/race-condition-on-bbp-7294e8582ade?source=rss------bug_bounty-5mohanedbug-bounty, race-condition25-Nov-2024
Why Subdomain Enumeration ?https://ahmed-rezk.medium.com/why-subdomain-enumeration-3e4570dd9aba?source=rss------bug_bounty-5Ahmed Rezkcybersecurity, red-teaming, bug-bounty-tips, pentesting, bug-bounty25-Nov-2024
Privilege Escalation in Collaborative Platforms — BugBountyhttps://medium.com/@Zero-Ray/privilege-escalation-in-collaborative-platforms-bugbounty-e1e240384b43?source=rss------bug_bounty-5Mahmoud Fawzyprivilege-escalation, bug-bounty, bug-bounty-hunter, bugcrowd, bug-bounty-writeup25-Nov-2024
HOW I FOUND MY FIRST XSS BUGhttps://medium.com/@Zeroo_sec/how-i-found-my-first-xss-bug-553225548d29?source=rss------bug_bounty-5Ranjanethical-hacking, hacking, bug-bounty, bug-bounty-tips25-Nov-2024
Google Dorks for Bug Bounty: The Ultimate Guidehttps://medium.com/@verylazytech/google-dorks-for-bug-bounty-the-ultimate-guide-e7611b533aee?source=rss------bug_bounty-5Very Lazy Techethical-hacking, google-dork, google-hacking, penetration-testing, bug-bounty25-Nov-2024
Google dorking the right way.https://osintteam.blog/google-dorking-the-right-way-27b0eeb31212?source=rss------bug_bounty-5an0nbilbug-bounty-tips, bug-bounty, programming, ethical-hacking, cybersecurity25-Nov-2024
Microlise Data Breach Confirmed: SafePay Ransomware Group Claims Responsibility ️https://medium.com/@wiretor/microlise-data-breach-confirmed-safepay-ransomware-group-claims-responsibility-%EF%B8%8F-035e36e25afc?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesusa, ransomeware, bug-bounty, malware, xs25-Nov-2024
Bangkok Busts High-Tech SMS Scam Operationhttps://medium.com/@wiretor/bangkok-busts-high-tech-sms-scam-operation-e13909a2625f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, bug-bounty, hacking, malware, xxe25-Nov-2024
Finastra Data Breach: What Financial Institutions Need to Know ️https://medium.com/@wiretor/finastra-data-breach-what-financial-institutions-need-to-know-%EF%B8%8F-df9e960c90c7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, pentest, hacking, xs25-Nov-2024
SSRF To Internal Data Access Via PDF Print Featurehttps://bishal0x01.medium.com/ssrf-to-internal-data-access-via-pdf-print-feature-b8e6a912844a?source=rss------bug_bounty-5Bishal Shresthassrf, bug-bounty, information-security25-Nov-2024
Bug Bounty Tips and Trickshttps://bevijaygupta.medium.com/bug-bounty-tips-and-tricks-7b25317c8e7e?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bug-zero, bug-bounty-writeup, bugs, bug-bounty25-Nov-2024
Google Dorks for Bug Bounty: The Ultimate Guidehttps://systemweakness.com/google-dorks-for-bug-bounty-the-ultimate-guide-e7611b533aee?source=rss------bug_bounty-5Very Lazy Techethical-hacking, google-dork, google-hacking, penetration-testing, bug-bounty25-Nov-2024
here is how I got my first bounty $$$https://medium.com/@mohanad9837/here-is-how-i-got-my-first-bounty-78c18da7feeb?source=rss------bug_bounty-5mohanedxss-vulnerability, xss-bypass, bug-bounty, xss-attack25-Nov-2024
GitTrash: Digging Deep into Git Repositories for Hidden Treasureshttps://medium.com/@sheryx00/gittrash-digging-deep-into-git-repositories-for-hidden-treasures-dfa6b3ff9251?source=rss------bug_bounty-5Sheryx00pentesting, bug-bounty, open-source, git24-Nov-2024
SSRF(Server-Side Request Forgery)https://medium.com/@mukkagopi50/ssrf-server-side-request-forgery-50329b7e39fb?source=rss------bug_bounty-5Gopi Mukkavapt, ssrf, ssrf-attack, vulnerability-assessment, bug-bounty24-Nov-2024
Mastering Web Application Pentesting Part — IIhttps://infosecwriteups.com/mastering-web-application-pentesting-part-ii-f02898bf48e3?source=rss------bug_bounty-5Mukilan Baskaranweb-security, infosec, bug-bounty, cybersecurity, computer-security24-Nov-2024
Week 3: When the Drive to Work Fadeshttps://mokhansec.medium.com/week-3-when-the-drive-to-work-fades-3e94a89559c0?source=rss------bug_bounty-5Mohsin khanbug-bounty-writeup, bugs, bug-bounty-tips, bug-bounty, cybersecurity24-Nov-2024
Hacking WordPress: Where to Begin?https://0x4a6f76616e.medium.com/hacking-wordpress-where-to-begin-60179dc403d9?source=rss------bug_bounty-5Jovanbug-bounty, hacking, pentesting, vulnerability, wordpress24-Nov-2024
7 Steps guide to CNAME Subdomain Takeoverhttps://bitpanic.medium.com/7-steps-guide-to-cname-subdomain-takeover-f10eebd7e952?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, cybersecurity, information-security, bug-bounty24-Nov-2024
Cyberattack at French Hospital Exposes Health Data of 750,000 Patientshttps://medium.com/@wiretor/cyberattack-at-french-hospital-exposes-health-data-of-750-000-patients-01b8f62893d1?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicespentest, hacking, xs, malware, bug-bounty24-Nov-2024
Microsoft Disrupts ONNX Phishing-as-a-Service Operation ️https://medium.com/@wiretor/microsoft-disrupts-onnx-phishing-as-a-service-operation-%EF%B8%8F-a1b5535f5d9a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, malware, xs, bug-bounty, pentest24-Nov-2024
Microsoft Tests Third-Party Passkey Support in Windows 11: A Passwordless Futurehttps://medium.com/@wiretor/microsoft-tests-third-party-passkey-support-in-windows-11-a-passwordless-future-92a5fe28571a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmicrosoft, pentest, bug-bounty, hacking, xs24-Nov-2024
Hackers Exploit Avast Anti-Rootkit Driver to Disable Security Defenseshttps://medium.com/@wiretor/hackers-exploit-avast-anti-rootkit-driver-to-disable-security-defenses-13df8a3c313e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, ransomware, bug-bounty, malware, xss-attack24-Nov-2024
How I got 50euro bounty?https://doordiefordream.medium.com/how-i-got-50euro-bounty-71dcf4c6e335?source=rss------bug_bounty-5Bug hunter baluhtml, cybersecurity, technology, vulnerability, bug-bounty24-Nov-2024
Recon. Useful Tips for Bug Bounty — PART 1https://medium.com/@dzchalevich/recon-useful-tips-for-bug-bounty-part-1-0defee9bc7cf?source=rss------bug_bounty-5theroo@tttweb-security, bug-bounty-tips, bug-bounty, penetration-testing, recon24-Nov-2024
Happy hunting!https://medium.com/@hacker_33169/happy-hunting-eae0a858b540?source=rss------bug_bounty-5B3ntl3ycybersecurity, bug-bounty, penetration-testing24-Nov-2024
Beginner’s Guide to Ethical Hacking: What I Learned from My First Bug Bountyhttps://medium.com/@yarmuhammadnizamani556/beginners-guide-to-ethical-hacking-what-i-learned-from-my-first-bug-bounty-724a9f97f38b?source=rss------bug_bounty-5Curious Mindethical-hacking, cybersecurity, bug-bounty24-Nov-2024
Android Pentesting can make you $500/day.https://medium.com/@anandrishav2228/android-pentesting-can-make-you-500-day-818158f9b43d?source=rss------bug_bounty-5Rishav anandcybersecurity, android, hacking, money, bug-bounty24-Nov-2024
How I do my recon and end up finding hidden assets and vulnerabilities before anyone else Pt.2https://medium.com/@demonia/how-i-do-my-recon-and-end-up-finding-hidden-assets-and-vulnerabilities-before-anyone-else-pt-2-2c8dd13d6c19?source=rss------bug_bounty-5Mohammed Diefcybersecurity, information-security, bug-bounty, hackerone, recon24-Nov-2024
IDOR is NOT only on the IDhttps://medium.com/@mshulkhan/idor-is-not-only-on-the-id-8e94b5cc193e?source=rss------bug_bounty-5M Shulkhangoogle-bug, bug-bounty, hacking, hackerkamp150, sysbraykr24-Nov-2024
My Bug Bounty Hunting Methodologyhttps://cybersechemmars.medium.com/my-bug-bounty-hunting-methodology-51ac0a891978?source=rss------bug_bounty-5Cybersec with Hemmarscybersecurity, writing, bug-bounty, bug-bounty-writeup24-Nov-2024
TryHackMe | NoSQLi Walkthroughhttps://medium.com/@k3r0/tryhackme-nosqli-walkthrough-155c6380f5b3?source=rss------bug_bounty-5Kyrillos nadypenetration-testing, bug-bounty, nosql, web-penetration-testing, hacking24-Nov-2024
Bug House Exterminator in Wilton: Your Ultimate Guide to a Pest-Free Homehttps://medium.com/@muhammadmohsinsiddique46/bug-house-exterminator-in-wilton-your-ultimate-guide-to-a-pest-free-home-47d56773c394?source=rss------bug_bounty-5Muhammadmohsinsiddiquebed-bug-extermination, bug-bounty, wilton, bugs23-Nov-2024
7 Main Sins Of A Hacker, What To Stay Away From During Hacking Story?https://medium.com/h7w/7-main-sins-of-a-hacker-what-to-stay-away-from-during-hacking-story-115d749952e2?source=rss------bug_bounty-5NnFacefaith, hacking, bug-bounty, cybersecurity, kali-linux23-Nov-2024
HTML INJECTION- My Second Major Bountyhttps://medium.com/@josuofficial327/html-injection-my-second-major-bounty-cb7c3b32ce60?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuowasp-top-10, bug-bounty-tips, cybersecurity, penetration-testing, bug-bounty23-Nov-2024
Building a Bug Bounty Journey: Exploring Web Security with a Custom CMShttps://medium.com/@zero_4583/building-a-bug-bounty-journey-exploring-web-security-with-a-custom-cms-06dffc81e969?source=rss------bug_bounty-5Nathan Vincentphp, appsec, cms-development, bug-bounty23-Nov-2024
Why Bug Bounty Is Just for You 🙂https://infosecwriteups.com/why-bug-bounty-is-just-for-you-61541deb62b8?source=rss------bug_bounty-5Satyam Pathaniabug-bounty, money, cybersecurity, infosec, technology23-Nov-2024
Disallowed but Discoverable: The Hacker’s robots.txt Playbookhttps://myselfakash20.medium.com/disallowed-but-discoverable-the-hackers-robots-txt-playbook-73dca570f23e?source=rss------bug_bounty-5Akash Ghoshbug-bounty, cybersecurity, technology, programming, bug-bounty-writeup23-Nov-2024
Vulnerable WordPress October 2024 (Zahhak Castle)https://medium.com/@onhexgroup/vulnerable-wordpress-october-2024-zahhak-castle-fb7da609b5e1?source=rss------bug_bounty-5Onhexgroupinformation-security, infosec, cybersecurity, bug-bounty, wordpress23-Nov-2024
North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedInhttps://medium.com/@wiretor/north-korean-hackers-steal-10m-with-ai-driven-scams-and-malware-on-linkedin-25daddc61809?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, malware, ai, programming23-Nov-2024
Over 2,000 Palo Alto Firewalls Hacked Using Recently Patched Bugshttps://medium.com/@wiretor/over-2-000-palo-alto-firewalls-hacked-using-recently-patched-bugs-ccc83ef8b4d6?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, hacking, hacked, xss-attack23-Nov-2024
Chinese Hackers Target Linux with WolfsBane Malwarehttps://medium.com/@wiretor/chinese-hackers-target-linux-with-wolfsbane-malware-c4a313c0e63f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceschinese, linux, hacking, malware, bug-bounty23-Nov-2024
Cyber Alert: APT28 Hackers Breach US Firm with Innovative “Nearest Neighbor Attack”https://medium.com/@wiretor/cyber-alert-apt28-hackers-breach-us-firm-with-innovative-nearest-neighbor-attack-9245d88841d8?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, apt-28, hacking, xss-attack23-Nov-2024
Ubuntu Users Alert: Decade-Old Needrestart Flaws Expose Root Privilege Riskshttps://medium.com/@wiretor/ubuntu-users-alert-decade-old-needrestart-flaws-expose-root-privilege-risks-a504f5d2b949?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesusa, ubuntu, penetration-testing, bug-bounty, malware23-Nov-2024
Step into my Professional Life(:Finding my first Bug:)https://medium.com/@anshjain722/step-into-my-professional-life-finding-my-first-bug-e8175b1d9601?source=rss------bug_bounty-5Ansh Jaincybersecurity, xss-vulnerability, vulnerability, bugs, bug-bounty23-Nov-2024
Methods to bypass 403 & 401https://infosecwriteups.com/methods-to-bypass-403-401-38df4cec069e?source=rss------bug_bounty-5Dishant Modipenetration-testing, cybersecurity, bug-bounty-tips, bug-bounty, hacking23-Nov-2024
How I Discovered an Email Change Vulnerability Leading to Pre-Account Takeover | p2https://medium.com/@dhananjay_00/how-i-discovered-an-email-change-vulnerability-leading-to-pre-account-takeover-p2-7e76e0002eef?source=rss------bug_bounty-5Dhananjay Pathakbug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty, hacking23-Nov-2024
Why I Switched from Cloud to Local Password Managementhttps://expectme.medium.com/why-i-switched-from-cloud-to-local-password-management-2b79448495dc?source=rss------bug_bounty-5Mamoud Eidbug-bounty, privacy, cybersecurity23-Nov-2024
Bug Bounty Beginner’s Roadmap-02https://medium.com/@sheikh.mohammad.adil.71/bug-bounty-beginners-roadmap-02-3236f15df715?source=rss------bug_bounty-5SHEIKH MOHAMMAD ADILroadmaps, ethical-hacking, bounty-program, bug-bounty23-Nov-2024
My OSWA Experiencehttps://medium.com/@zumyumi/my-oswa-experience-eaa4e94d1797?source=rss------bug_bounty-5Zumi Yumioswe, oscp, web, oswa, bug-bounty23-Nov-2024
️‍♂️ Bug Bounty Beginner’s Roadmap-01https://medium.com/@sheikh.mohammad.adil.71/%EF%B8%8F-%EF%B8%8F-ultimate-bug-bounty-roadmap-ee81e805ad6b?source=rss------bug_bounty-5SHEIKH MOHAMMAD ADILbug-bounty, ethical-hacking, hackerone, cybersecurity, roadmaps23-Nov-2024
File path traversal, validation of file extension with null byte bypasshttps://medium.com/@Laxious8848/file-path-traversal-validation-of-file-extension-with-null-byte-bypass-6625f4a4fbec?source=rss------bug_bounty-5Laxiousweb-penetration-testing, lfi, lfi-vulnerability, bug-bounty, web-pen-testing22-Nov-2024
File path traversal, validation of start of pathhttps://medium.com/@Laxious8848/file-path-traversal-validation-of-start-of-path-063e8995a55d?source=rss------bug_bounty-5Laxiouslfi, web-penetration-testing, web-pen-testing, lfi-vulnerability, bug-bounty22-Nov-2024
Ghost Tap Exploits NFC Payments for Fraudhttps://medium.com/@wiretor/ghost-tap-exploits-nfc-payments-for-fraud-dc2a263ff603?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ransomware, hacking, programming, bug-bounty22-Nov-2024
Oracle Agile PLM Vulnerability Exploited in the Wild: Protect Your Data!https://medium.com/@wiretor/oracle-agile-plm-vulnerability-exploited-in-the-wild-protect-your-data-129f8d9ac922?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, ransomware, malware, pentest, hacking22-Nov-2024
File path traversal, traversal sequences stripped with superfluous URL-decodehttps://medium.com/@Laxious8848/file-path-traversal-traversal-sequences-stripped-with-superfluous-url-decode-0b303cfe5b69?source=rss------bug_bounty-5Laxiousweb-penetration-testing, web-pen-testing, bug-bounty, lfi-vulnerability, lfi22-Nov-2024
Resolving the “externally-managed-environment” Error in Pythonhttps://medium.com/@prathameshbagul/resolving-the-externally-managed-environment-error-in-python-b91650d45946?source=rss------bug_bounty-5Prathbug-bounty, python, pentesting, kali-linux, cybersecurity22-Nov-2024
ShodanSpider: A Powerful Tool for Cybersecurity Researchhttps://shubhamrooter.medium.com/shodanspider-a-powerful-tool-for-cybersecurity-research-02eac3ed75e2?source=rss------bug_bounty-5Shubham Tiwaribug-bounty, security-analytics, vapt, shodan, bug-hunting22-Nov-2024
My Journey Finding Bugs on NASAhttps://cybersecuritywriteups.com/my-journey-finding-bugs-on-nasa-a2296d142b0a?source=rss------bug_bounty-5Shridhar Rajaputbug-bounty-writeup, inspiration, cybersecurity, bug-bounty, information-technology22-Nov-2024
Why Bug Bounty Could Be a Career for You 🙂https://osintteam.blog/why-bug-bounty-could-be-a-career-for-you-17b6b7b66e16?source=rss------bug_bounty-5Satyam Pathaniamoney, technology, cybersecurity, bug-bounty, infosec22-Nov-2024
Unveiling a Critical Bug in One of the World’s Largest Banks: My Barclays Storyhttps://cybersecuritywriteups.com/unveiling-a-critical-bug-in-one-of-the-worlds-largest-banks-my-barclays-story-34a9fb5f5140?source=rss------bug_bounty-5Guru Prasad Pattanaikbug-bounty-tips, bug-bounty, cybersecurity, bug-bounty-writeup, ethical-hacking22-Nov-2024
The $900 Bug: My Journey Through SSRF and LFI Exploitshttps://myselfakash20.medium.com/the-900-bug-my-journey-through-ssrf-and-lfi-exploits-222feb276deb?source=rss------bug_bounty-5Akash Ghoshprogramming, technology, cybersecurity, hacking, bug-bounty22-Nov-2024
IDOR Checklist 2025https://medium.com/@mohanad9837/idor-checklist-2025-443575a389d4?source=rss------bug_bounty-5mohanedidor, bug-bounty, idor-vulnerability22-Nov-2024
Finding and Exploiting open SMB service [bug bounty write-up].https://medium.com/@sugamdangal52/finding-and-exploiting-open-smb-service-bug-bounty-write-up-492d72cd2fa3?source=rss------bug_bounty-5Sugam Dangalethical-hacking, bug-bounty, bug-hunting, hacking, bug-bounty-writeup22-Nov-2024
Forbidden Bypass Cloudflare Zero Trust — English Versionhttps://medium.com/@j0hnZ3RA/forbidden-bypass-cloudflare-zero-trust-english-version-436efff4a548?source=rss------bug_bounty-5j0hnZ3RAbug-bounty, red-team, pentesting, security22-Nov-2024
Forbidden Bypass Cloudflare Zero Trusthttps://medium.com/@j0hnZ3RA/forbidden-bypass-cloudflare-zero-trust-6bcc7ad464ee?source=rss------bug_bounty-5j0hnZ3RAsecurity, pentesting, bypass, red-team, bug-bounty22-Nov-2024
They Ignored My Bug Report but Fixed It Silently: My Experience with Enhancvhttps://medium.com/@0xw01f/they-ignored-my-bug-report-but-fixed-it-silently-my-experience-with-enhancv-a8ffe5e3e790?source=rss------bug_bounty-5w01fcybersecurity, bug-bounty, vulnerability, responsibility, ethics22-Nov-2024
HTML encode ilə XSS və HTML İnjection hücumlarının qarşısının alınmasıhttps://medium.com/@rootelvin/html-encode-il%C9%99-xss-v%C9%99-html-i%CC%87njection-h%C3%BCcumlar%C4%B1n%C4%B1n-qar%C5%9F%C4%B1s%C4%B1n%C4%B1n-al%C4%B1nmas%C4%B1-01e21dfe11b5?source=rss------bug_bounty-5Elvin Nuruyevappsec-testing, web-pentesting, cyber-security-solutions, secure-coding, bug-bounty22-Nov-2024
captainX404https://medium.com/@captainX404/captainx404-b41a7f1e3ff3?source=rss------bug_bounty-5captainX404bug-bounty22-Nov-2024
Reconnaissance on archive URLshttps://medium.com/@mayank_prajapati/reconnaissance-on-archive-urls-4125ce7544ed?source=rss------bug_bounty-5Mayank Kumar Prajapatibug-bounty-tips, cybersecurity, bugs, bug-bounty, hacking22-Nov-2024
HTML encode ilə XSS və HTML İnjection hücumlarının qarşısının alınmasıhttps://elvinnuruyev.medium.com/html-encode-il%C9%99-xss-v%C9%99-html-i%CC%87njection-h%C3%BCcumlar%C4%B1n%C4%B1n-qar%C5%9F%C4%B1s%C4%B1n%C4%B1n-al%C4%B1nmas%C4%B1-01e21dfe11b5?source=rss------bug_bounty-5Elvin Nuruyevappsec-testing, web-pentesting, cyber-security-solutions, secure-coding, bug-bounty22-Nov-2024
Cloud Hacking : flaws.cloud level 1 walkthroughhttps://medium.com/@Kinqdathacker/cloud-hacking-flaws-cloud-level-1-walkthrough-9f966da07e82?source=rss------bug_bounty-5Kinqdathackerctf-writeup, cloud-security, bug-bounty, s3-bucket, hacking22-Nov-2024
How i finded a p4 as per bugcrowd.https://osintteam.blog/how-i-finded-a-p4-as-per-bugcrowd-c7c72718583a?source=rss------bug_bounty-5loyalonlytodayhacking, tips, bugs, bug-bounty, cybersecurity21-Nov-2024
Master My Skill Student got highest bounty of $5000 by Vikrant Sharmahttps://medium.com/@mastermyskill/master-my-skill-student-got-highest-bounty-of-5000-by-vikrant-sharma-287a9b46522e?source=rss------bug_bounty-5Master My Skillbug-bounty21-Nov-2024
Unlock the $4 Million Bounty: Join Microsoft’s Zero Day Quest!https://byteshiva.medium.com/unlock-the-4-million-bounty-join-microsofts-zero-day-quest-87c6e50c1010?source=rss------bug_bounty-5Sivainfosec, cybersecurity, microsoftzerodayquest, hacking, bug-bounty21-Nov-2024
Unique XSS Earned Me a $$$ Bountyhttps://wgetkb.medium.com/unique-xss-earned-me-a-bounty-b7156c36fd32?source=rss------bug_bounty-5Prasad KBbounty-program, xss-vulnerability, infosec, bug-bounty, security21-Nov-2024
Insecure direct object referenceshttps://medium.com/@Laxious8848/insecure-direct-object-references-2ce01fa76018?source=rss------bug_bounty-5Laxiousweb-pen-testing, idor, idor-vulnerability, webapplicationpentest, bug-bounty21-Nov-2024
HTB — Learn the basics of Penetration Testing: Meowhttps://medium.com/@febrywiji12/htb-learn-the-basics-of-penetration-testing-meow-6158f97c3c6e?source=rss------bug_bounty-5Sheperd01telnet, hackthebox, ctf, bug-bounty, tutorial21-Nov-2024
How to Find Open Redirect Vulnerabilities: A Comprehensive Guidehttps://medium.com/@rupaitanudas/how-to-find-open-redirect-vulnerabilities-a-comprehensive-guide-e2b6e8c965c6?source=rss------bug_bounty-5Rupaitanudasopen-redirect, bug-bounty, web-application-security21-Nov-2024
BugBoard: The Ultimate Dashboard for Bug Huntershttps://medium.com/@abhinavsingwal/bugboard-the-ultimate-dashboard-for-bug-hunters-1fc7177117bb?source=rss------bug_bounty-5Abhinavsingwalbug-bounty, hacking, hacker, bugboard, hacking-tools21-Nov-2024
Introduction to CORS-Cross-origin resource sharing & SOP-Same Origin Policy, CORS series (Part 1)https://medium.com/@vipulparveenjain/introduction-to-cors-cross-origin-resource-sharing-sop-same-origin-policy-cors-series-part-1-149ad6f77cf6?source=rss------bug_bounty-5Vipul Jainhacking, bug-bounty, web-security-testing, cors-vulnerability, cross-origin-resource21-Nov-2024
Antivirus Evasion for Beginners: A Step-by-Step Guide to Bypassing AV for Penetration Testershttps://medium.com/@verylazytech/antivirus-evasion-for-beginners-a-step-by-step-guide-to-bypassing-av-for-penetration-testers-e600de35be20?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, bug-bounty, antivirus-evasion, bypassing-av, hacking21-Nov-2024
How I Hacked a Website While Dancinghttps://medium.com/@shaikhminhaz1975/how-i-hacked-a-website-while-dancing-22c3e1cd3431?source=rss------bug_bounty-5Shaikh Minhazhacking, cybersecurity, how-to, ethical-hacking, bug-bounty21-Nov-2024
BugBoard: The Ultimate Dashboard for Bug Huntershttps://medium.com/@abhinavsingwal/bugboard-the-ultimate-dashboard-for-bug-hunters-1fc7177117bb?source=rss------bug_bounty-5Abhinav Singwalbug-bounty, hacking, hacker, bugboard, hacking-tools21-Nov-2024
Bypass Email Verification in Mozillahttps://0d-amr.medium.com/bypass-email-verification-in-mozilla-2ab45ac36c42?source=rss------bug_bounty-5Amrbug-bounty-tips, cybersecurity, ethical-hacking, penetration-testing, bug-bounty21-Nov-2024
Mastering Web Application Pentesting with TryhackMehttps://infosecwriteups.com/mastering-web-application-pentesting-with-tryhackme-24257ef182c5?source=rss------bug_bounty-5Mukilan Baskarantryhackme, cybersecurity, bug-bounty, tryhackme-walkthrough, infosec21-Nov-2024
PART 2: THE NEXT CHAPTER IN MY NASA BUG HUNTING JOURNEYhttps://rootxabit.medium.com/part-2-the-next-chapter-in-my-nasa-bug-hunting-journey-1d6338c5f017?source=rss------bug_bounty-5sudo-xabithacking-nasa, bug-bounty, india, tips, nasa21-Nov-2024
File path traversal, simple casehttps://medium.com/@Laxious8848/file-path-traversal-simple-case-d0dd8c493981?source=rss------bug_bounty-5Laxiouslfi, webapplicationpentest, lfi-vulnerability, bug-bounty, web-pen-testing21-Nov-2024
File path traversal, traversal sequences stripped non-recursivelyhttps://medium.com/@Laxious8848/file-path-traversal-traversal-sequences-stripped-non-recursively-647780ace38e?source=rss------bug_bounty-5Laxiousweb-penetration-testing, web-pen-testing, lfi, bug-bounty, lfi-vulnerability21-Nov-2024
File path traversal, traversal sequences blocked with absolute path bypasshttps://medium.com/@Laxious8848/file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass-b909ad161fa2?source=rss------bug_bounty-5Laxiousbug-bounty, web-pentesting, web-penetration-testing, lfi-vulnerability, lfi21-Nov-2024
HTB — Learn the basics of Penetration Testing: Meowhttps://medium.com/@febrywiji/htb-learn-the-basics-of-penetration-testing-meow-6158f97c3c6e?source=rss------bug_bounty-5Sheperd01telnet, hackthebox, ctf, bug-bounty, tutorial21-Nov-2024
Worth 10000$ Cracking the Price Barrier: Exploiting Price Tampering on an E-Commerce Websitehttps://medium.com/@kumawatabhijeet2002/worth-10000-cracking-the-price-barrier-exploiting-price-tampering-on-an-e-commerce-website-19e3f82f52aa?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, bug-bounty-writeup, bug-bounty-tips, bugs20-Nov-2024
How I was able to Take over a Subdomain and got Hall of Famehttps://rivudon.medium.com/how-i-was-able-to-take-over-a-subdomain-and-got-hall-of-fame-aca4aaca761b?source=rss------bug_bounty-5Rivek Raj Tamang ( RivuDon )subdomain-takeover, ethical-hacking, bug-bounty-tips, bug-hunting, bug-bounty20-Nov-2024
Web vulnerability bounty rules updatehttps://medium.com/@security.tecno/web-vulnerability-bounty-rules-update-20bcf6f6e3da?source=rss------bug_bounty-5TECNO Securityhacking, web, security, bug-bounty20-Nov-2024
Bypassing Password Reuse Restriction A Security Flaw.https://aman0.medium.com/bypassing-password-reuse-restriction-a-security-flaw-1bf2210d9bbd?source=rss------bug_bounty-5Aman Hbug-bounty-writeup, vulnerability, information-security, penetration-testing, bug-bounty20-Nov-2024
The $2,200 ATO Most Bug Hunters Overlooked by Closing Intruder Too Soonhttps://mokhansec.medium.com/the-2-200-ato-most-bug-hunters-overlooked-by-closing-intruder-too-soon-505f21d56732?source=rss------bug_bounty-5Mohsin khancybersecurity, bug-bounty, bug-bounty-writeup, bugs, bug-bounty-tips20-Nov-2024
Reflected Cross-Site Scripting (XSS) via POST request:https://ak-rizk.medium.com/reflected-cross-site-scripting-xss-via-post-request-f0d54ee84f99?source=rss------bug_bounty-5A-RIZKxss-attack, web-hacking, pentesting, bug-bounty20-Nov-2024
How Hidden 3xXSS got revealedhttps://medium.com/@0xbugatti/how-hidden-3xxss-got-revealed-b42f041d36f6?source=rss------bug_bounty-50xbugattibug-bounty, bug-bounty-writeup, web-app-security, web-app-pentesting, bug-bounty-tips20-Nov-2024
How I Earned $650 Using Just Recon: A Bug Hunter’s Success Storyhttps://myselfakash20.medium.com/how-i-earned-650-using-just-recon-a-bug-hunters-success-story-4d78788e46a5?source=rss------bug_bounty-5Akash Ghoshbug-bounty, programming, penetration-testing, cybersecurity, technology20-Nov-2024
Swiss Army Knife of Top Bug Huntershttps://bitpanic.medium.com/swiss-army-knife-of-top-bug-hunters-dd1bf237c513?source=rss------bug_bounty-5Spectat0rguyinformation-security, bug-bounty-tips, cybersecurity, cyber-security-awareness, bug-bounty20-Nov-2024
Honey, did you leave the APIs open again?https://medium.com/@l_s_/honey-you-left-the-apis-open-again-c382a3a2d917?source=rss------bug_bounty-5LShacking, api, bug-bounty, cybersecurity, bug-bounty-writeup20-Nov-2024
Introduction to Bug Bountyhttps://medium.com/@hakoje3813/introduction-to-bug-bounty-5461825079ad?source=rss------bug_bounty-5Hackeraidp, bug-bounty20-Nov-2024
How to Start in the Masochistic World of Bug Bounty — what nobody told you before.https://j0nasdias.medium.com/how-to-start-in-the-masochistic-world-of-bug-bounty-what-nobody-told-you-before-22b789933cdd?source=rss------bug_bounty-5Jonas Dias Rebelointigriti, hackerone, xs, pentest, bug-bounty20-Nov-2024
GhostFilter: Automating URL Filtering for Smarter Bug Huntinghttps://osintteam.blog/ghostfilter-automating-url-filtering-for-smarter-bug-hunting-d779d8fc844f?source=rss------bug_bounty-5SIDDHANT SHUKLAhacking, bug-bounty-tips, bug-bounty, ctf, cybersecurity20-Nov-2024
Importance of Shodan in Bug Hunting: Your Ultimate Guide to Finding Hidden Gemshttps://osintteam.blog/importance-of-shodan-in-bug-hunting-your-ultimate-guide-to-finding-hidden-gems-45cf87201d11?source=rss------bug_bounty-5Akash Ghoshbug-bounty, bug-bounty-writeup, bug-bounty-tips, cybersecurity, infosec19-Nov-2024
Finding subdomains those are hidden in cloud.https://osintteam.blog/finding-subdomains-those-are-hidden-in-cloud-f0c13d3d80ea?source=rss------bug_bounty-5loyalonlytodaybug-bounty, bugs, tips, cybersecurity, hacking19-Nov-2024
【Vulnerability Campaign】Earn Your Thanksgiving Bonus Rebatehttps://medium.com/@security.tecno/vulnerability-campaign-earn-your-thanksgiving-bonus-rebate-95847ac8b144?source=rss------bug_bounty-5TECNO Securityhacking, security, bonus, bug-bounty19-Nov-2024
OTP Bypass — Weak brute-force protectionhttps://medium.com/@Jitheshjithu/otp-bypass-weak-brute-force-protection-42c3f6b7899d?source=rss------bug_bounty-5Jitheshbug-bounty-tips, brute-force, bug-bounty, otp-bypass, burpsuite19-Nov-2024
How a CSRF Vulnerability Can Be Exploited to Target Email Accounts — A Practical Walkthroughhttps://medium.com/@muhammedgalal66/how-a-csrf-vulnerability-can-be-exploited-to-target-email-accounts-a-practical-walkthrough-60e6c2eac31f?source=rss------bug_bounty-5Dg0x6bug-bounty, bounty-program, bug-hunting, csrf, hunting19-Nov-2024
The Easiest $$$ I Made from a Business Logic Vulnerabilityhttps://medium.com/@0xsussy/the-easiest-i-made-from-a-business-logic-vulnerability-5c11a31ca455?source=rss------bug_bounty-5Hamza Khaledbugbounty-writeup, bugbounty-poc, bug-bounty, bugbounty-tips19-Nov-2024
Enumeração de subdomínios através da homepagehttps://medium.com/@sarkis093/enumera%C3%A7%C3%A3o-de-subdom%C3%ADnios-atrav%C3%A9s-da-homepage-971d7aa341bf?source=rss------bug_bounty-5sarkis093shell, pentesting, red-team, osint, bug-bounty19-Nov-2024
From User to Admin: The Art of Privilege Escalationhttps://bootcampsecurity.medium.com/from-user-to-admin-the-art-of-privilege-escalation-b80a4cd1e89b?source=rss------bug_bounty-5Garv Katariacybersecurity, privilege-escalation, ethical-hacking, bug-bounty-tips, bug-bounty19-Nov-2024
Common Security Risks in Browser Extensionshttps://medium.com/@Parag_Bagul/common-security-risks-in-browser-extensions-e61422499f7c?source=rss------bug_bounty-5ParagBagulbrowser-extension, web-browser-extension, cybersecurity, bug-bounty, extension-development19-Nov-2024
Exploiting Business Logic Flaws in e-commerce platformshttps://medium.com/@Pentestforge/exploiting-business-logic-flaws-in-e-commerce-platforms-c3042a240c4a?source=rss------bug_bounty-5Joel I Patrickethical-hacking, bug-bounty, cybersecurity, web-exploitation, hacking19-Nov-2024
Unlock Bug Bounty Brilliance: The Ultimate Guide to Browser Extensions That Supercharge Your…https://osintteam.blog/unlock-bug-bounty-brilliance-the-ultimate-guide-to-browser-extensions-that-supercharge-your-fbb323e29dc0?source=rss------bug_bounty-5Akash Ghoshbug-bounty, bug-bounty-tips, extension, bug-bounty-writeup, cybersecurity19-Nov-2024
Critical Remote Code Execution (RCE) Bug in VMware vCenter Server Now Exploited in Active…https://medium.com/@wiretor/critical-remote-code-execution-rce-bug-in-vmware-vcenter-server-now-exploited-in-active-a03c8fe37d02?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesprogramming, hacking, pentesting, bug-bounty, malware19-Nov-2024
Maxar Data Breach: U.S. Space Tech Giant Compromisedhttps://medium.com/@wiretor/maxar-data-breach-u-s-space-tech-giant-compromised-391640982117?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, pentest, programming, malware, bug-bounty19-Nov-2024
Chinese Hackers Exploit Fortinet VPN Zero-Day to Steal Credentialshttps://medium.com/@wiretor/chinese-hackers-exploit-fortinet-vpn-zero-day-to-steal-credentials-b10232aaabef?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, hacking, bug-bounty, progamming, malware19-Nov-2024
How I Uncovered an Unsubscribe Exploit While Checking My Internship Applicationshttps://expl0it32.medium.com/how-i-uncovered-an-unsubscribe-exploit-while-checking-my-internship-applications-9661aacad8f9?source=rss------bug_bounty-5eXpl0it_32hacking, cybersecurity, idor, bug-report, bug-bounty19-Nov-2024
HOW I FOUND A BUG IN NASAhttps://rootxabit.medium.com/how-i-found-a-bug-in-nasa-f76800eaf3b9?source=rss------bug_bounty-5sudo-xabitbug-bounty, hacking, hall-of-fame, nasa, vdp19-Nov-2024
Bug bounty hunting : Profitable Pursuit or Time Trap?https://medium.com/@Arsenelupin12/bug-bounty-hunting-profitable-pursuit-or-time-trap-a99ecb11358f?source=rss------bug_bounty-5Lupinbug-bounty, bug-bounty-tips, hackthebox, cybersecurity, hacking19-Nov-2024
SQL injection vulnerability in where clause allowing retrieval of hidden datahttps://medium.com/@Laxious8848/sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-c6ca0c949382?source=rss------bug_bounty-5Laxiouspenetration-testing, bug-bounty, webapplicationpentest, error-based-sql-injection, sql-injection19-Nov-2024
BUG BOUNTY HUNTINGhttps://medium.com/@muazutopclass/bug-bounty-hunting-0536a314d4e4?source=rss------bug_bounty-5Mu'azu S. Ahmedcybersecurity, money, bug-bounty, techie-delight, freelancing19-Nov-2024
Easy admin Access By Gaming with JSONhttps://medium.com/@0xbugatti/easy-admin-access-by-gaming-with-json-5ec5313e2236?source=rss------bug_bounty-50xbugattibug-bounty, web-security, penetration-testing, bug-bounty-tips, bug-bounty-writeup19-Nov-2024
Bug bounty hunting : Profitable Pursuit or Time Trap?https://medium.com/@Arsenelupin12/bug-bounty-hunting-profitable-pursuit-or-time-trap-a99ecb11358f?source=rss------bug_bounty-5Wasted Resourcesbug-bounty, bug-bounty-tips, hackthebox, cybersecurity, hacking19-Nov-2024
Hackers’ Cache Hotlisthttps://medium.com/h7w/hackers-cache-hotlist-5649742c35b1?source=rss------bug_bounty-5Lukasz Wierzbickibug-bounty, pentesting, hacking, articles, security18-Nov-2024
How SubDomainRadar.io Simplifies Your Recon Workflowhttps://medium.com/@alexandrevandammepro/how-subdomainradar-io-simplifies-your-recon-workflow-173e4061ceb3?source=rss------bug_bounty-5Alexandre Vandammeinfosec, cyberattack, bug-bounty, hacking, cybersecurity18-Nov-2024
File Upload - Upload. Intercept. Exploit.https://p4n7h3rx.medium.com/file-upload-upload-intercept-exploit-b5aa18cb8e9d?source=rss------bug_bounty-5p4n7h3rxbug-bounty, pentesting, pentest, bug-bounty-tips, hacking18-Nov-2024
BioCorp CTFhttps://ghostman01.medium.com/biocorp-ctf-99a072260842?source=rss------bug_bounty-5SIDDHANT SHUKLActf, web-hacking, bug-bounty, cybersecurity, hacking18-Nov-2024
M4 — Insufficient Input/Output Validationhttps://medium.com/@tamires.scruz/m4-insufficient-input-output-validation-fccc6cfc2561?source=rss------bug_bounty-5Tamy Angelcybersecurity, android, pentesting, bug-bounty, vulnerability18-Nov-2024
From Novice to Pro: My Journey to Earning Through Bug Bounty Huntinghttps://myselfakash20.medium.com/from-novice-to-pro-my-journey-to-earning-through-bug-bounty-hunting-3f123d19c39a?source=rss------bug_bounty-5Akash Ghoshbug-bounty-writeup, ethical-hacking, bug-bounty, cybersecurity, bug-bounty-tips18-Nov-2024
Automating XXE Exploitation: A Write-Up on Intigriti CTF 2024 BioCorp Challengehttps://osintteam.blog/biocorp-ctf-99a072260842?source=rss------bug_bounty-5SIDDHANT SHUKLActf, web-hacking, bug-bounty, cybersecurity, hacking18-Nov-2024
How I Hacked an Entire Company’s IT Infrastructure by Uncovering a Critical Bug Through Effective…https://medium.com/@0xbedo/how-i-hacked-an-entire-companys-it-infrastructure-by-uncovering-a-critical-bug-through-effective-8322d4d763a8?source=rss------bug_bounty-50xbedobug-bounty, aem, pentesting, cybersecurity, security18-Nov-2024
Top 9 Books on Cyber Securityhttps://medium.com/@bicitrobiswas/top-9-books-on-cyber-security-e3984ec1e48b?source=rss------bug_bounty-5Bicitro Biswascybersecurity, hacking, programming, bug-bounty, students18-Nov-2024
How I Found an IDOR Vulnerability in a Local News App and What You Can Learn From Ithttps://medium.com/@sulmanfarooq531/how-i-found-an-idor-vulnerability-in-a-local-news-app-and-what-you-can-learn-from-it-0b02a2ab91d5?source=rss------bug_bounty-5Sulman Farooq Scybersecurity, bug-bounty, idor-vulnerability, idor18-Nov-2024
How to Use Proxy for Bug Huntinghttps://medium.com/@Progsky/how-to-use-proxy-for-bug-hunting-64e08cb33cc1?source=rss------bug_bounty-5Progskybug-hunting, ethical-hacking, ethical-hacking-tools, bug-bounty, cybersecurity18-Nov-2024
AI vs. Human: Why Bug Bounty Hunting Still Needs Human Intuitionhttps://pointlessai.medium.com/ai-vs-human-why-bug-bounty-hunting-still-needs-human-intuition-40b6e023c184?source=rss------bug_bounty-5PointlessAIbug-bounty-tips, ai, bug-bounty, chatgpt, vulnerability-management18-Nov-2024
Data Breaches Demand Proactive Security: AnnieMac Hack Impacts 171,000 Individuals ️https://medium.com/@wiretor/data-breaches-demand-proactive-security-anniemac-hack-impacts-171-000-individuals-%EF%B8%8F-27a46bece7d2?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesanniemac-hacked, bug-bounty, data-breach, programming, hacked18-Nov-2024
Phishing Emails Using SVG Attachments: A Growing Threathttps://medium.com/@wiretor/phishing-emails-using-svg-attachments-a-growing-threat-c531fe9d3806?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, phising, hacking, email18-Nov-2024
How to Start a Career in Cybersecurity: A Step-by-Step Guide for Beginnershttps://medium.com/@griffin_dev.il/how-to-start-a-career-in-cybersecurity-a-step-by-step-guide-for-beginners-77a5457aa6e7?source=rss------bug_bounty-5GriFfin_Dev.iLethical-hacking, cybersecurity, cyber-security-awareness, bug-bounty, careers18-Nov-2024
B-Huntershttps://medium.com/@ebraamemil/b-hunters-a5b53aa9df42?source=rss------bug_bounty-5Ebraam Emilbug-bounty-tips, framework, bug-bounty18-Nov-2024
2FA simple bypasshttps://medium.com/@kcaaditya976/2fa-simple-bypass-1eb82080b914?source=rss------bug_bounty-5Laxiousbug-bounty, web-application-security, web-penetration-testing, mfa-bypass, web-pentesting18-Nov-2024
CTF Walkthrough: Grayboardhttps://medium.com/@nehalrajesh10/ctf-walkthrough-grayboard-c5955fff6410?source=rss------bug_bounty-5Nehal Pillaictf, bug-bounty, ctf-walkthrough18-Nov-2024
Breaking into Bug Bounties: A Guide to Hunting Business Logic and BAC Vulnerabilities in B2B…https://thexssrat.medium.com/breaking-into-bug-bounties-a-guide-to-hunting-business-logic-and-bac-vulnerabilities-in-b2b-58a8f4a89711?source=rss------bug_bounty-5Thexssratidor-vulnerability, penetration-testing, bug-bounty, hacking, hacker18-Nov-2024
2FA simple bypasshttps://medium.com/@Laxious8848/2fa-simple-bypass-1eb82080b914?source=rss------bug_bounty-5Laxiousbug-bounty, web-application-security, web-penetration-testing, mfa-bypass, web-pentesting18-Nov-2024
Vietnamese Hackers Unleash PXA Stealer: Targeting Sensitive Data Across Europe and Asiahttps://medium.com/@wiretor/vietnamese-hackers-unleash-pxa-stealer-targeting-sensitive-data-across-europe-and-asia-2d0723c11ff1?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ransomeware, xss-attack, hacking, bug-bounty17-Nov-2024
DEEPDATA Malware Exploits Fortinet Flaw to Steal VPN Credentialshttps://medium.com/@wiretor/deepdata-malware-exploits-fortinet-flaw-to-steal-vpn-credentials-2605280c2e8c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomeware, xss-attack, bug-bounty, hacking, malware17-Nov-2024
Botnet Exploits GeoVision Zero-Day to Install Mirai Malwarehttps://medium.com/@wiretor/botnet-exploits-geovision-zero-day-to-install-mirai-malware-98ce1622dc21?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, bug-bounty, usa, malware, hacking17-Nov-2024
Comprehensive Guide to Exploitation Techniques for Bug Bounty Hunters: From Beginner to Advancedhttps://myselfakash20.medium.com/comprehensive-guide-to-exploitation-techniques-for-bug-bounty-hunters-from-beginner-to-advanced-b32001326b9e?source=rss------bug_bounty-5Akash Ghoshbug-bounty-writeup, exploitation, bug-bounty-tips, cybersecurity, bug-bounty17-Nov-2024
The $300 Journey from RFI to RCE that Changed Everythinghttps://medium.com/@dhabaleshward/the-300-journey-from-rfi-to-rce-that-changed-everything-2b4c00c05da0?source=rss------bug_bounty-5Dhabaleshwar Daspenetration-testing, bug-bounty, vulnerability, ethical-hacking, cybersecurity17-Nov-2024
How I Found open-redirect vulnerability using virus total?https://doordiefordream.medium.com/how-i-found-open-redirect-using-virus-total-460d721b9596?source=rss------bug_bounty-5balu bandibug-bounty-tips, ethical-hacking, bug-bounty, cybersecurity, vulnerability17-Nov-2024
Week 2: Hard Work Transforms into a 5-Digit Paydayhttps://mokhansec.medium.com/week-2-hard-work-transforms-into-a-5-digit-payday-8087819bccd9?source=rss------bug_bounty-5Mohsin khanbug-bounty-tips, bugs, cybersecurity, bug-bounty, bug-bounty-writeup17-Nov-2024
Exposing Open Redirect Vulnerabilities: JavaScript File Analysis in HTTP History Burp Suitehttps://medium.com/@gheeX/exposing-open-redirect-vulnerabilities-javascript-file-analysis-in-http-history-burp-suite-c64bd1c93c54?source=rss------bug_bounty-5Ghee1337bug-bounty-writeup, javascript, vulnerability, bug-bounty-tips, bug-bounty17-Nov-2024
XSS in Registration Form: A Bug Bounty Successhttps://medium.com/@ziadsakr/xss-in-registration-form-a-bug-bounty-success-6fb9450b0e66?source=rss------bug_bounty-5Ziad Sakrxss-bypass, xss-vulnerability, bug-bounty, xss-attack, firewall17-Nov-2024
8 Advanced Techniques For Novice Bug Bounty Huntershttps://bitpanic.medium.com/8-advanced-techniques-for-novice-bug-bounty-hunters-ab6110185e55?source=rss------bug_bounty-5Spectat0rguycybersecurity, information-security, cyber-security-awareness, bug-bounty, bug-bounty-tips17-Nov-2024
SQL injection vulnerability allowing login bypasshttps://medium.com/@kcaaditya976/sql-injection-vulnerability-allowing-login-bypass-1e9f7bd45adf?source=rss------bug_bounty-5Laxioussql, web-penetration-testing, web-pentesting, bug-bounty, sql-injection17-Nov-2024
Bug bounty Cheatsheethttps://medium.com/@shardulsawant67/bug-bounty-cheatsheet-b87d3250bc2e?source=rss------bug_bounty-5Shardul Sawantbug-bounty, bug-bounty-cheatsheet, web-penetration-testing, hacking, website-hacking17-Nov-2024
API Hacktics: Unveiling Vulnerabilities in Modern Web APIshttps://myselfakash20.medium.com/api-hacktics-unveiling-vulnerabilities-in-modern-web-apis-e41cc09a2b9d?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, cybersecurity, bug-bounty-writeup, bugs, bug-bounty17-Nov-2024
How to Find P4 Vulnerabilities and Information Disclosure Bugs | Step-by-Step Guide to All Key…https://medium.com/@shaikhminhaz1975/how-to-find-p4-vulnerabilities-and-information-disclosure-bugs-step-by-step-guide-to-all-key-6ba8fc84c882?source=rss------bug_bounty-5Shaikh Minhazpenetration-testing, how-to-find-bug, information-disclosure, ethical-hacking, bug-bounty17-Nov-2024
Hunting for Default Credentials: A Deeper Dive into the Toolkithttps://medium.com/@defaulty.io/hunting-for-default-credentials-a-deeper-dive-into-the-toolkit-2b3edde86f01?source=rss------bug_bounty-5Defaulty.iocybersecurity, information-security, hacking, bug-bounty, penetration-testing17-Nov-2024
FB OAuth Misconfigurationhttps://xsametyigit.medium.com/fb-oauth-misconfiguration-d6c2f5d067d8?source=rss------bug_bounty-5Samet Yiğitbug-bounty-writeup, bug-bounty-tips, bug-bounty17-Nov-2024
OWASP Top 10–2021 Tryhackme Writeuphttps://infosecwriteups.com/owasp-top-10-2021-tryhackme-writeup-56f2a04c895e?source=rss------bug_bounty-5Mukilan Baskarancybersecurity, bug-bounty, infosec, information-security, web-security17-Nov-2024
DOM XSS in document.write sink using source location.searchhttps://medium.com/@kcaaditya976/dom-xss-in-document-write-sink-using-source-location-search-cc0ba7b461c2?source=rss------bug_bounty-5Laxiousxss-attack, web-pen-testing, dom-xss, bug-bounty, xss-vulnerability17-Nov-2024
Who needs credentials, when you have the phone number…?https://medium.com/@thelazypentester/who-needs-credentials-when-you-have-the-phone-number-fc0c8f51b87e?source=rss------bug_bounty-5Jobsonidor, bug-bounty, hacking, cybersecurity, sensitive-information17-Nov-2024
API Hacktics: Unveiling Vulnerabilities in Modern Web APIshttps://osintteam.blog/api-hacktics-unveiling-vulnerabilities-in-modern-web-apis-e41cc09a2b9d?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, cybersecurity, bug-bounty-writeup, bugs, bug-bounty17-Nov-2024
Lemons: A Bug Bounty Analogyhttps://medium.com/@lixipluv/lemons-a-bug-bounty-analogy-ef427f514b2a?source=rss------bug_bounty-5Lixipluvlemon, introduction, bug-bounty16-Nov-2024
Race condition — can cause a flood of forgotten password verification SMS requestshttps://medium.com/@viperblitzz/race-condition-can-cause-a-flood-of-forgotten-password-verification-sms-requests-1775a375653d?source=rss------bug_bounty-5Viperblitzzbug-bounty-tips, bug-hunting, bug-bounty16-Nov-2024
Chaining CSRF and an Open-Redirect leads to sensitive information disclosurehttps://medium.com/@rvanwart_49640/chaining-csrf-and-an-open-redirect-leads-to-sensitive-information-disclosure-5915b24bc53b?source=rss------bug_bounty-5Raymond Van Wartbug-bounty, cybersecurity, web-application-security16-Nov-2024
Heroku Subdomain Takeoverhttps://xsametyigit.medium.com/heroku-subdomain-takeover-39b9f1ce7c4c?source=rss------bug_bounty-5Samet Yiğitbug-bounty-writeup, bug-bounty, subdomain-takeover, bug-bounty-tips16-Nov-2024
Secret OSINT Tricks to Dig Up Hidden Info Online!https://medium.com/@paritoshblogs/secret-osint-tricks-to-dig-up-hidden-info-online-5401ffdd9c89?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, osint, cybersecurity, information-technology16-Nov-2024
Chaining CSRF and an Open-Redirect leads to sensitive information disclosurehttps://raymondv.medium.com/chaining-csrf-and-an-open-redirect-leads-to-sensitive-information-disclosure-5915b24bc53b?source=rss------bug_bounty-5Raymond Van Wartbug-bounty, cybersecurity, web-application-security16-Nov-2024
How I Helped Secure Millions of Users’ Medical Reports — Bug Bounty!https://kumarmohank889.medium.com/how-i-helped-secure-millions-of-users-medical-reports-bug-bounty-bccf61a8ecee?source=rss------bug_bounty-5Mohan Kumar Ncybersecurity, hacking, bug-bounty-tips, ethical-hacking, bug-bounty16-Nov-2024
Mastering Recon for Bug Hunters, Part 4: Advanced Strategies & Real-World Exampleshttps://myselfakash20.medium.com/mastering-recon-for-bug-hunters-part-4-advanced-strategies-real-world-examples-5de1a7aa7f84?source=rss------bug_bounty-5Akash Ghoshbugs, bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips16-Nov-2024
Account takover via forget passwordhttps://medium.com/@amirreza.marzban/account-takover-via-forget-password-4ec6514f29ee?source=rss------bug_bounty-5AmirReza Marzbanbug-bounty, bug-bounty-writeup, hacking, account-takeover, bug-bounty-hunter16-Nov-2024
Account takover of an online casinohttps://bug-abdelilah.medium.com/account-takover-of-an-online-casino-e13987835266?source=rss------bug_bounty-5abdelilahbug-bounty, xss-attack, penetration-testing, cybersecurity, account-takeover16-Nov-2024
How Did I Get My First Collaboration Bounty Of $1000?https://medium.com/@pguru978/how-did-i-get-my-first-collaboration-bounty-of-1000-dc64ec02a6c7?source=rss------bug_bounty-5Guru Prasad Pattanaikbug-bounty, bug-bounty-writeup, ethical-hacking, cybersecurity, bug-bounty-tips16-Nov-2024
Exploiting Android Activities with Drozer: A Step-by-Step Guidehttps://medium.com/@ayushkumar12021987/exploiting-android-activities-with-drozer-a-step-by-step-guide-ebc9b564758d?source=rss------bug_bounty-5Ayush Kumarbug-bounty, pentesting, android, bug-bounty-writeup, security16-Nov-2024
How I Turned a Low Blind SSRF Into a Critical Vulnerability With Strategic Impact Escalationhttps://medium.com/@DrakenKun/how-i-turned-a-low-blind-ssrf-into-a-critical-vulnerability-with-strategic-impact-escalation-536505cc4352?source=rss------bug_bounty-5DrakenKunweb-security, pentesting, bug-bounty, ssrf, cybersecurity16-Nov-2024
Sensitive Data Exposure in a Moodle Config Filehttps://medium.com/@mrcix/sensitive-data-exposure-in-a-moodle-config-file-648ca3d54676?source=rss------bug_bounty-5mrci0x1bug-bounty, information-security, web-security16-Nov-2024
These Two Tools Helped Me Earn $40K in Bountieshttps://medium.com/@alwalxed/these-two-tools-helped-me-earn-40k-in-bounties-8c688b9deccd?source=rss------bug_bounty-5Awaosint, cybersecurity, bug-bounty, golang, tools16-Nov-2024
Bypass of Username Policy: Breaking the Rules with a Simple Trickhttps://medium.com/@mrcix/bypass-of-username-policy-breaking-the-rules-with-a-simple-trick-fcf7ce97925c?source=rss------bug_bounty-5mrci0x1bug-bounty-tips, penetration-testing, bug-bounty-writeup, web-security, bug-bounty16-Nov-2024
How Did I Get My First Collaboration Bounty Of $1000?https://cybersecuritywriteups.com/how-did-i-get-my-first-collaboration-bounty-of-1000-dc64ec02a6c7?source=rss------bug_bounty-5Guru Prasad Pattanaikbug-bounty, bug-bounty-writeup, ethical-hacking, cybersecurity, bug-bounty-tips16-Nov-2024
$500 Bounty for Account Takeover on European Bug Bounty Platformhttps://0vulns.medium.com/500-bounty-for-account-takeover-on-european-bug-bounty-platform-cd5af3edb1ec?source=rss------bug_bounty-50vulnscybersecurity, bug-bounty15-Nov-2024
HOW I HACKED BILLION ANDROID USERS SOCIAL AND 3rd PARTY ACCOUNT | A STORY ABOUT 5000$ BUG |…https://medium.com/@karthithehacker/how-i-hacked-billion-android-users-social-and-3rd-party-account-a-story-about-5000-bug-54d8b6ce75df?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, bugbounty-writeup15-Nov-2024
NahamStore CTF Çözümü: Web Güvenlik Açıklarıyla Bug Bounty Pratiğihttps://berkkahya0.medium.com/nahamstore-ctf-%C3%A7%C3%B6z%C3%BCm%C3%BC-web-g%C3%BCvenlik-a%C3%A7%C4%B1klar%C4%B1yla-bug-bounty-prati%C4%9Fi-a1b3d7133329?source=rss------bug_bounty-5Berk Kahyabug-bounty, tryhackme, nahamstore, ctf-writeup, cybersecurity15-Nov-2024
Simple RXSS di website insight.kontan.co.idhttps://medium.com/@0xRedFox29/simple-rxss-di-website-insight-kontan-co-id-cfb39dd64a3a?source=rss------bug_bounty-5kunx90bug-bounty-tips, bug-bounty15-Nov-2024
TAKEOVERhttps://medium.com/@mukkagopi50/takeover-16aa79977e6b?source=rss------bug_bounty-5Gopi Mukkaaccount-takeover-attacks, vulnerability, bug-bounty, takeovers15-Nov-2024
Server-Side Request Forgery (SSRF)https://medium.com/@mukkagopi50/server-side-request-forgery-ssrf-80d168fd82f7?source=rss------bug_bounty-5Gopi Mukkabug-bounty, vulnerability, ssrf15-Nov-2024
How to Test for DNS Zone Transfer Attackshttps://dineshpathro9.medium.com/how-to-test-for-dns-zone-transfer-attacks-bf7c604bb28a?source=rss------bug_bounty-5hunterbug-bounty, bug-bounty-writeup, hacking, bugs, bug-bounty-tips15-Nov-2024
How I Exploited a Vulnerability to Change a User’s Backup Email Address (Easy P1 vulnerability)https://medium.com/@hasap134/how-i-exploited-a-vulnerability-to-change-a-users-backup-email-address-easy-p1-vulnerability-f854041f8e91?source=rss------bug_bounty-5Beescocybersecurity, vulnerability, bug-bounty, bug-bounty-tips, bugs15-Nov-2024
Earn $5000 After Learning How to Bypass the Rate Limiting for API Bug Hunting .https://medium.com/@anandrishav2228/earn-5000-after-learning-how-to-bypass-the-rate-limiting-for-api-bug-hunting-89dc40289120?source=rss------bug_bounty-5Rishav anandapi, money, cybersecurity, bug-bounty, hacking-tools15-Nov-2024
TALE OF A VULNERABILITY WHICH LEADS TO ACCOUNT TAKEOVER OF GOVERNMENT ANDROID APPLICATIONhttps://medium.com/@karthithehacker/tale-of-a-vulnerability-which-leads-to-account-takeover-of-government-android-application-6f47a57b8cfb?source=rss------bug_bounty-5Karthikeyan.Vvapt, bug-bounty, android15-Nov-2024
Easy $20,160 bug from hackeronehttps://medium.com/@loaymorad11/easy-20-160-bug-from-hackerone-aeac67ce3e81?source=rss------bug_bounty-5Loaymoradcybersecurity, penetration-testing, bug-bounty, hackerone, bugbounty-writeup15-Nov-2024
How did I found Account Takeover Vulnerability on takeuforward.orghttps://rajukani100.medium.com/how-did-i-found-account-takeover-vulnerability-on-takeuforward-org-735630b4167c?source=rss------bug_bounty-5Raj Ukanihacking, cyber-security-awareness, bug-bounty, bug-bounty-writeup, developer15-Nov-2024
Today How to get $500 Bounty on HackerOne — P3https://medium.com/@bugbounty_learners/today-how-to-get-500-bounty-on-hackerone-p3-345fa44f76a3?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-writeup, bugs, bug-bounty-tips, software-development, bug-bounty15-Nov-2024
My first bountyhttps://medium.com/@josuofficial327/my-first-bounty-fdddb7ef5611?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binupenetration-testing, ethical-hacking, bug-bounty-writeup, bug-bounty, bug-bounty-tips15-Nov-2024
These books will help to learn bug bounty & penetration testing and ethical hacking. Part 1 .https://osintteam.blog/these-books-will-help-to-learn-bug-bounty-penetration-testing-and-ethical-hacking-part-1-635781cd3aaa?source=rss------bug_bounty-5loyalonlytodaytips, books, hacking, bug-bounty, cybersecurity15-Nov-2024
Known Brands, Government Domains, and More Hijacked via Sitting Ducks Attacks!https://medium.com/@wiretor/known-brands-government-domains-and-more-hijacked-via-sitting-ducks-attacks-fddd61bd6105?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesusa, hacking, ransomware, malware, bug-bounty15-Nov-2024
New Glove Infostealer Malware Bypasses Chrome’s Cookie Encryption: A Growing Threathttps://medium.com/@wiretor/new-glove-infostealer-malware-bypasses-chromes-cookie-encryption-a-growing-threat-e4377ef1f2a7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, programming, hacking15-Nov-2024
Critical Plugin Flaw Exposed 4 Million WordPress Websites to Takeoverhttps://medium.com/@wiretor/critical-plugin-flaw-exposed-4-million-wordpress-websites-to-takeover-7cf7b5984ab4?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesprogramming, ransomware, malware, bug-bounty, wordpress15-Nov-2024
CSRF leads to delete accounthttps://xsametyigit.medium.com/csrf-leads-to-delete-account-711dde21af1e?source=rss------bug_bounty-5Samet Yiğitbug-bounty-tips, bugbounty-writeup, bug-bounty15-Nov-2024
How I Got Access to an Admin Portal by Response Manipulationhttps://medium.com/@anonymousshetty2003/how-i-got-access-to-an-admin-portal-by-response-manipulation-d2abeec7ce58?source=rss------bug_bounty-5Anonymousshettycybersecurity, bug-bounty, bug-bounty-writeup, bug-bounty-tips, ethical-hacking15-Nov-2024
3 reflected XSS in one programhttps://xsametyigit.medium.com/3-reflected-xss-in-one-program-c50469c6d522?source=rss------bug_bounty-5Samet Yiğitbug-bounty-writeup, bug-bounty, bug-bounty-tips15-Nov-2024
New Script — Leakix CLI by VECERThttps://medium.com/@vecert/new-script-leakix-cli-by-vecert-68abbf35d08d?source=rss------bug_bounty-5VECERTpentesting, leakix, osint, bug-bounty15-Nov-2024
2 good tools for subdomain enumration.https://osintteam.blog/2-good-tools-for-subdomain-enumration-ca3ee36fbf81?source=rss------bug_bounty-5loyalonlytodaytips, hacking, bug-bounty, subdomains-enumeration, cybersecurity14-Nov-2024
Beginner's guide for Input Data Validation Checklisthttps://bitpanic.medium.com/beginners-guide-for-input-data-validation-checklist-2f9d5ef4a341?source=rss------bug_bounty-5Spectat0rguycybersecurity, information-technology, bug-bounty, cyber-security-awareness, bug-bounty-tips14-Nov-2024
Critical File Upload Vulnerabilities: Exploits and Mitigation Strategieshttps://medium.com/@security.tecno/critical-file-upload-vulnerabilities-exploits-and-mitigation-strategies-90230e8a31bf?source=rss------bug_bounty-5TECNO Securityblog, scurity, bug-bounty, hacking14-Nov-2024
Is HackerOne Support Service Degrading?https://medium.com/@abdulparkar/is-hackerone-support-service-degrading-cbfa6adc1027?source=rss------bug_bounty-5Abdul Rehman Parkarprogramming, hackerone, cybersecurity, ethical-hacking, bug-bounty14-Nov-2024
ISRO: YouTube Broken Link Hijackhttps://infosecwriteups.com/isro-youtube-broken-link-hijack-304a92001b47?source=rss------bug_bounty-5Dishant Modibug-bounty, bug-bounty-tips, broken-link, hall-of-fame, vulnerability14-Nov-2024
Helpful Resources for Bug Huntershttps://medium.com/meetcyber/helpful-resources-for-bug-hunters-53dbe011cdd4?source=rss------bug_bounty-5AbhirupKonwarethical-hacking, bug-bounty-tips, bug-bounty, pentesting, hacking14-Nov-2024
How i hacked NASA (WARNING: Dad Jokes)https://medium.com/@rootplinix/how-i-hacked-nasa-warning-dad-jokes-7424faec5790?source=rss------bug_bounty-5Abu Hurayrahacking, cybersecurity-awareness, bug-bounty, cybersecurity, bug-bounty-tips14-Nov-2024
Finding Security Design Flaw in a FAANG to later be ghosted by Recruiter: A funny Talehttps://medium.com/bug-bounty-hunting/finding-security-design-flaw-in-a-faang-to-later-be-ghosted-by-recruiter-a-funny-tale-73e73fb0d6aa?source=rss------bug_bounty-5Ronnie Josephgoogle, netflix, bug-bounty, cybersecurity, meta14-Nov-2024
AI in Bug Bounty Hunting: A Step-by-Step Tutorial for Beginnershttps://prakash888kpk.medium.com/ai-in-bug-bounty-hunting-a-step-by-step-tutorial-for-beginners-673e24aed66c?source=rss------bug_bounty-5Lets Unlearnmachine-learning, bug-bounty, bug-bounty-tips, ai, bug-bounty-writeup14-Nov-2024
How I Uncovered an SSRF Vulnerability in a Private HackerOne Programhttps://medium.com/@josuofficial327/how-i-uncovered-an-ssrf-vulnerability-in-a-private-hackerone-program-4c3146b414ff?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuethical-hacking, bugbounty-writeup, bug-bounty-tips, bug-bounty, bug-bounty-writeup14-Nov-2024
Basics of Stored XSS and Demohttps://medium.com/@kcaaditya976/basics-of-stored-xss-and-demo-d410714a77c0?source=rss------bug_bounty-5Laxiousbug-bounty, cybersecurity, bug-bounty-hunting, xss-attack, stored-xss14-Nov-2024
Bug Report: Broken Access Control in Google Photoshttps://medium.com/@abhinavsingwal/bug-report-broken-access-control-in-google-photos-d9c10ca8c472?source=rss------bug_bounty-5Abhinavsingwalgoogle-vulnerability, bug-bounty, google-bug-report, bug-report, google-photos-bug14-Nov-2024
My Journey to Drugs Hall of Fame in just 10 minuteshttps://medium.com/@bugbounty_learners/my-journey-to-drugs-hall-of-fame-in-just-10-minutes-dcd03240e42a?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-tips, bug-bounty-writeup, bugs, web-development, bug-bounty14-Nov-2024
Mastering Reconnaissance Part 3: Unleashing Advanced Exploitation and Post-Recon Tacticshttps://myselfakash20.medium.com/mastering-reconnaissance-part-3-unleashing-advanced-exploitation-and-post-recon-tactics-b81369678040?source=rss------bug_bounty-5Akash Ghoshcybersecurity, bug-bounty-tips, bug-bounty-writeup, bugbounty-writeup, bug-bounty14-Nov-2024
CISA & FBI Confirm China Hacked Telecom Providers for Spying: What Does This Mean for Your…https://medium.com/@wiretor/cisa-fbi-confirm-china-hacked-telecom-providers-for-spying-what-does-this-mean-for-your-f523b2459c75?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, pentest, bug-bounty, malware, ransomeware14-Nov-2024
Idaho Man Sentenced to 10 Years for Hacking, Data Theft, and Extortionhttps://medium.com/@wiretor/idaho-man-sentenced-to-10-years-for-hacking-data-theft-and-extortion-003b243e419f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesprogramming, malware, bug-bounty, zero-day, hacking14-Nov-2024
Windows Zero-Day Exploited by Russia Triggered With File Drag-and-Drop, Delete Actionshttps://medium.com/@wiretor/windows-zero-day-exploited-by-russia-triggered-with-file-drag-and-drop-delete-actions-0dd82469e486?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, usa, hacking, bug-bounty, ransomware14-Nov-2024
Storm-1811’s Quick-Assist phishing could have been worsehttps://mrsheepsheep.medium.com/storm-1811s-quick-assist-phishing-could-have-been-worse-fd84e04b0daa?source=rss------bug_bounty-5Alexandre Souleaucybersecurity, xss-attack, bug-bounty, microsoft14-Nov-2024
Server-Side Request Forgery $(SSRF)$ allows internal ports scanninghttps://medium.com/h7w/server-side-request-forgery-ssrf-allows-internal-ports-scanning-ef7edf6534b7?source=rss------bug_bounty-5socalledhackerhacking, infosec, cybersecurity, bug-bounty-tips, bug-bounty14-Nov-2024
Bypass Rate-Limit via X-Forwarded-Forhttps://medium.com/@null.x.b1ty/bypass-rate-limit-via-x-forwarded-for-ea26c7a25a90?source=rss------bug_bounty-5Snoop-doghackerone, bug-bounty14-Nov-2024
How i Finded a easy dom xss.https://infosecwriteups.com/how-i-finded-a-easy-dom-xss-6499afc21b5d?source=rss------bug_bounty-5loyalonlytodaybug-bounty, tips, hacking, xss-attack, cybersecurity14-Nov-2024
SQL Injection: How I Secured Personal Information (PII) of 1.1M Job Seekershttps://infosecwriteups.com/sql-injection-how-i-secured-personal-information-pii-of-1-1m-job-seekers-7f7c55d11fbc?source=rss------bug_bounty-5brutexploitercybersecurity, software-engineering, bug-bounty, technology, programming14-Nov-2024
Exposing a Data Leak Vulnerability: My Journey to Discoveryhttps://infosecwriteups.com/exposing-a-data-leak-vulnerability-my-journey-to-discovery-d7222b48d81c?source=rss------bug_bounty-5Abhishek Bhujangsecurity, hacking, bug-hunting, ethical-hacking, bug-bounty14-Nov-2024
Discovering My First Vulnerability in a Few Minuteshttps://medium.com/@jagdishdammala/discovering-my-first-vulnerability-in-a-few-minutes-6bbc9419cbfc?source=rss------bug_bounty-5Jagdish Dammalabug-bounty14-Nov-2024
Account Takeover: How I Gained Access to Any User Account Through a Simple Registration Flawhttps://0d-amr.medium.com/account-takeover-how-i-gained-access-to-any-user-account-through-a-simple-registration-flaw-96f9f6bdc0ae?source=rss------bug_bounty-5Amrctf, pentesting, hacking, bug-bounty, security14-Nov-2024
Exploiting SSTI Vulnerability on an E-commerce Website: A Professional Walkthroughhttps://medium.com/@MianHammadx0root/exploiting-ssti-vulnerability-on-an-e-commerce-website-a-professional-walkthrough-6cc95afb2b38?source=rss------bug_bounty-5Mian Hammadbug-bounty, server-side, server-security, penetration-testing, ssti13-Nov-2024
How I Found an SQL Injection in coupon codehttps://medium.com/@gheeX/how-i-found-an-sql-injection-in-coupon-code-f31d6eb1a720?source=rss------bug_bounty-5Ghee1337bug-bounty, infosec, bug-bounty-tips, sql-injection, bug-bounty-writeup13-Nov-2024
Breaking In with Guest: My First Bug Bountyhttps://ghostman01.medium.com/guest-admin-a7c70aa10ddb?source=rss------bug_bounty-5SIDDHANT SHUKLAhacking, bug-bounty, bug-bounty-writeup, cybersecurity, bug-hunting13-Nov-2024
Introducing Loxs: The Ultimate Multi-Vulnerability Scanner for Web Applicationshttps://anishalx.medium.com/introducing-loxs-the-ultimate-multi-vulnerability-scanner-for-web-applications-907ed2b2004b?source=rss------bug_bounty-5Anish alxhacking-tools, python, pentesting, hacking, bug-bounty13-Nov-2024
1500$ Open Reduction Bug: Performed Restricted Actions in login pagehttps://medium.com/@bugbounty_learners/1500-open-reduction-bug-performed-restricted-actions-in-login-page-4194359c1fc2?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-writeup, bug-bounty-tips, web-development, bug-bounty, open-redirect13-Nov-2024
Blind XSS Bug Hunting Methodologyhttps://osintteam.blog/blind-xss-bug-hunting-methodology-b997c37a9620?source=rss------bug_bounty-5AbhirupKonwarpentesting, cybersecurity, ethical-hacking, xss-attack, bug-bounty13-Nov-2024
A Deep Dive into Nmap Scripts for Web Application Testinghttps://systemweakness.com/a-deep-dive-into-nmap-scripts-for-web-application-testing-6a9b3a06995e?source=rss------bug_bounty-5Khaleel Khanhacking, nmap, infosec, bug-bounty, cybersecurity13-Nov-2024
SQL Injection UNION Attack, Retrieving Data from Other Tableshttps://medium.com/@marduk.i.am/sql-injection-union-attack-retrieving-data-from-other-tables-38f471813c57?source=rss------bug_bounty-5Marduk I Ambug-bounty, information-security, sql-injection, portswigger-lab, sqli13-Nov-2024
Easy Bug: How I Uncovered and Re-Exploited a Resolved Vulnerability from a Disclosed Reporthttps://medium.com/@cvjvqmmsm/easy-bug-how-i-uncovered-and-re-exploited-a-resolved-vulnerability-from-a-disclosed-report-ab2211a98b7b?source=rss------bug_bounty-5Barbarossabug-bounty, bugbounty-writeup13-Nov-2024
Common Mistakes in Coding: How to Avoid Themhttps://medium.com/@kharodawalam/common-mistakes-in-coding-how-to-avoid-them-9e5c881b0473?source=rss------bug_bounty-5Mohammed Kharodawalamistakes-to-avoid, bug-bounty, data-structure-algorithm, programming, software-development13-Nov-2024
Mobile Application Penetration Testing Checklisthttps://infosecwriteups.com/mobile-application-penetration-testing-checklist-460deadf3d9f?source=rss------bug_bounty-5Ajay Naikinformation-security, penetration-testing, information-technology, cybersecurity, bug-bounty13-Nov-2024
5 Golden Tips to Land Your First Job in Offensive Securityhttps://medium.com/@eran25670/5-golden-tips-to-land-your-first-job-in-offensive-security-e960b4215dc7?source=rss------bug_bounty-5Erancybersecurity, offensive-security, penetration-testing, bug-bounty-tips, bug-bounty13-Nov-2024
clickjacking: definição, impactos, mecanismo e prevençãohttps://medium.com/@Poystick/clickjacking-defini%C3%A7%C3%A3o-impactos-mecanismo-e-preven%C3%A7%C3%A3o-46e05a89614b?source=rss------bug_bounty-5Tarcísio Luchesihacking, bug-bounty, programação12-Nov-2024
Mastering Reconnaissance Part 2: Advanced Scanning, Content Discovery, and Automation for Bug…https://myselfakash20.medium.com/mastering-reconnaissance-part-2-advanced-scanning-content-discovery-and-automation-for-bug-8903a7c190a6?source=rss------bug_bounty-5Akash Ghoshbugbounty-writeup, bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips12-Nov-2024
Your Guide to Web Reconnaissance: Mastering the Art of Information Gatheringhttps://medium.com/@secinfinitylabs/your-guide-to-web-reconnaissance-mastering-the-art-of-information-gathering-32dfee5f2deb?source=rss------bug_bounty-5Secinfinity Labsinformation-gathering, information-security, penetration-testing, bug-bounty-tips, bug-bounty12-Nov-2024
Top 10 Threat Actors of 2024https://medium.com/@alexandermr289/top-10-threat-actors-of-2024-4ac605357291?source=rss------bug_bounty-5Mr_alexanderosint, cybersecurity, bug-bounty, news, medium12-Nov-2024
Become a Writer for Cybersecurity Write-ups!https://cybersecuritywriteups.com/become-a-writer-for-cybersecurity-write-ups-3f1e780323a8?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, bugbounty-writeup12-Nov-2024
Showing Impact is Your friend (500$+500$ bounties)https://medium.com/@noureldin1042/showing-impact-is-your-friend-500-500-bounties-2ed87f3a64b7?source=rss------bug_bounty-5Noureldin(0x_5wf)programming-languages, bug-bounty, bug-bounty-tips, programming, bug-bounty-writeup12-Nov-2024
Exploring docker-compose.yaml leads to sensitive disclosurehttps://medium.com/@raituzki/exploring-docker-compose-yaml-leads-to-sensitive-disclosure-1feaa3d3317f?source=rss------bug_bounty-5Muhamad Raidinoor Pashahacking, bug-bounty-tips, docker, yaml, bug-bounty12-Nov-2024
How I hacked 100 hackershttps://corneacristian.medium.com/how-i-hacked-100-hackers-5c3c313e8a1a?source=rss------bug_bounty-5Cristian Corneabug-bounty, intelligence, hacking, cybersecurity, penetration-testing12-Nov-2024
Bug Bounty | Here’s Why Your Way To Success Doesn’t Lie In Learninghttps://medium.com/@sM0ky4/bug-bounty-heres-why-your-way-to-success-doesn-t-lie-in-learning-bc72d4000b88?source=rss------bug_bounty-5sM0ky4cybersecurity, bug-bounty-tips, bug-bounty, time-management12-Nov-2024
How Can You Be Sure That Ethical Hackers Are TRULY Ethical?https://medium.com/@hackrate/how-can-you-be-sure-that-ethical-hackers-are-truly-ethical-17ee0fcc6058?source=rss------bug_bounty-5Hackratebug-bounty, ethical-hacking, hacking, penetration-testing, cybersecurity12-Nov-2024
HTTP Desync Attack (Request Smuggling) - Mass Account Takeoverhttps://medium.com/@bugbounty_learners/http-desync-attack-request-smuggling-mass-account-takeover-0292fcc8c4a4?source=rss------bug_bounty-5bugbounty_learnersbug-bounty, web-development, bug-bounty-tips, bug-bounty-writeup, bugs12-Nov-2024
Complete Guide to Securing Web Applications on Ports 80 and 443https://medium.com/@verylazytech/complete-guide-to-securing-web-applications-on-ports-80-and-443-a123def0b82c?source=rss------bug_bounty-5Very Lazy Techowasp-top-10, web-application-security, bug-bounty, penetration-testing, web-security12-Nov-2024
Advanced Techniques for Bypassing Web Filters: A Practical Guide to Identifying and Exploiting XSS…https://thexssrat.medium.com/advanced-techniques-for-bypassing-web-filters-a-practical-guide-to-identifying-and-exploiting-xss-f6cadeedf9ca?source=rss------bug_bounty-5Thexssrathacks, bug-bounty, penetration-testing, xss-attack, hacking12-Nov-2024
M3 — Insecure Authentication/Authorizationhttps://medium.com/@tamires.scruz/m3-insecure-authentication-authorization-cedf6e94d1ce?source=rss------bug_bounty-5Tamy Angelbug-bounty, owasp, pentesting, android, cybersecurity12-Nov-2024
SHODAN Cheat Sheet — A Comprehensive Guide to Shodan: The Search Engine for Hackershttps://medium.com/@iamshafayat/shodan-cheat-sheet-a-comprehensive-guide-to-shodan-the-search-engine-for-hackers-451b403f328f?source=rss------bug_bounty-5Shafayat Ahmed Alifcheatsheet, shodan, cybersecurity, ethical-hacking, bug-bounty12-Nov-2024
Exploiting Server-Side Template Injection (SSTI) with a Custom Exploit: PortSwigger Lab Walkthroughhttps://medium.com/@0xA4zOo0/exploiting-server-side-template-injection-ssti-with-a-custom-exploit-portswigger-lab-walkthrough-a661d5c47001?source=rss------bug_bounty-5A Z Obug-bounty, ssti, hacking12-Nov-2024
Complete Guide to pentesting Web Applications on Ports 80 and 443https://medium.com/@verylazytech/complete-guide-to-securing-web-applications-on-ports-80-and-443-a123def0b82c?source=rss------bug_bounty-5Very Lazy Techowasp-top-10, web-application-security, bug-bounty, penetration-testing, web-security12-Nov-2024
How I Hijacked an Abandoned Twitter Account and Why Broken Link Hijacking Mattershttps://medium.com/@anonymousshetty2003/how-i-hijacked-an-abandoned-twitter-account-and-why-broken-link-hijacking-matters-0128e0f562c8?source=rss------bug_bounty-5Anonymousshettyethical-hacking, broken-link-hijacking, cybersecurity, bug-bounty12-Nov-2024
How AI is Making Bug Bounties More Accessible for New Hackershttps://pointlessai.medium.com/how-ai-is-making-bug-bounties-more-accessible-for-new-hackers-726f9a058eac?source=rss------bug_bounty-5PointlessAIbug-bounty-tips, ai, bug-bounty, vulnerability-management12-Nov-2024
How I Discovered a Private Key Leak on a Company’s Subdomainhttps://medium.com/@anonymousshetty2003/how-i-discovered-a-private-key-leak-on-a-companys-subdomain-929100e7a561?source=rss------bug_bounty-5Anonymousshettybug-bounty, cybersecurity, ethical-hacking12-Nov-2024
Top Cybersecurity Tools Every Professional Should Knowhttps://medium.com/@paritoshblogs/top-cybersecurity-tools-every-professional-should-know-0aff34558518?source=rss------bug_bounty-5Paritoshinformation-security, chatgpt, bug-bounty, cybersecurity, hacking12-Nov-2024
North Korean Hackers Use Flutter Apps to Evade macOS Securityhttps://medium.com/@wiretor/north-korean-hackers-use-flutter-apps-to-evade-macos-security-e22221dd9696?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicespentesting, malware, bug-bounty, ransomware, hacking12-Nov-2024
Massive Data Breach Affects Millions of Hot Topic Customershttps://medium.com/@wiretor/massive-data-breach-affects-millions-of-hot-topic-customers-b03fe562e0f7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicespentesting, malware, bug-bounty, ransomware12-Nov-2024
Form I-9 Compliance Data Breach Impacts Over 190,000 Peoplehttps://medium.com/@wiretor/form-i-9-compliance-data-breach-impacts-over-190-000-people-adee0a89694c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, malware, hacking, bug-bounty, pentesting12-Nov-2024
Finding more infromation about a email using a osint tool.https://osintteam.blog/finding-more-infromation-about-a-email-using-a-osint-tool-d557a0579414?source=rss------bug_bounty-5loyalonlytodaycybersecurity, osint, bug-bounty, hacking, osint-investigation12-Nov-2024
️‍♂️Recon For New Bug bounty Hunters — Short Storyhttps://sud-defcon.medium.com/%EF%B8%8F-%EF%B8%8Frecon-for-new-bug-bounty-hunters-short-story-2992e780fbbb?source=rss------bug_bounty-5Sudarshan Patelreconnaissance, bug-bounty-tips, bug-bounty, recon, bug-bounty-writeup12-Nov-2024
Hacking Knowledge Around The Corner. From Where To Learn Hacking Skills?https://medium.com/meetcyber/hacking-knowledge-around-the-corner-c2a48214d052?source=rss------bug_bounty-5NnFacecybersecurity, kali-linux, bug-bounty, hacking, knowledge12-Nov-2024
Volt Typhoon Botnet Rebuilds After FBI Crackdownhttps://medium.com/@wiretor/volt-typhoon-botnet-rebuilds-after-fbi-crackdown-e23a74459ff6?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, programming, malware, ransomeware, bug-bounty12-Nov-2024
Extract full photos/videos database from any locked Google Pixel phonehttps://medium.com/@rus1r105/extract-full-photos-videos-database-from-any-locked-google-pixel-phone-be6da35ad93d?source=rss------bug_bounty-5rus1r105cybersecurity, android, google-vrp, bug-bounty, writeup11-Nov-2024
How I Found an HTML Injection in Email Vulnerability on Samsung, Leading to a $$$$ Paydayhttps://cybersecuritywriteups.com/how-an-html-injection-vulnerability-in-samsung-emails-led-to-a-payday-3dcfccc12a36?source=rss------bug_bounty-5Taha Diwanbug-bounty, cybersecurity, ethical-hacking, penetration-testing, web-penetration-testing11-Nov-2024
[2024 Thanksgiving] Security Technology Research Writing Activityhttps://medium.com/@security.tecno/2024-thanksgiving-security-technology-research-writing-activity-325e4b0fd9c8?source=rss------bug_bounty-5TECNO Securitywriting, research, bug-bounty, security11-Nov-2024
Hacking Active Directory and Earn upto $30,000.https://medium.com/@anandrishav2228/hacking-active-directory-and-earn-upto-30-000-9561858a3c8f?source=rss------bug_bounty-5Rishav anandbug-bounty, active-directory, money, hacking, cybersecurity11-Nov-2024
Recon JavaScript Files with Rarely Encountered Techniqueshttps://zucki.medium.com/recon-javascript-files-with-rarely-encountered-techniques-5882a3ad1955?source=rss------bug_bounty-5Marzuckibug-bounty, automation, recon, automation-testing, javascript11-Nov-2024
#Task 20 - HTTP Request Sumgling — Basics & Types -> Only for Bignershttps://medium.com/@bugbounty_learners/task-1-http-request-sumgling-basics-types-only-for-bigners-2157461dca3e?source=rss------bug_bounty-5bugbounty_learnerscybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty, web-development11-Nov-2024
GetSimpleCMS CSRF | Parol Dəyişdirmə Funksiyasında Tapdığım CSRF boşluğuhttps://zeynalxan.medium.com/getsimplecms-csrf-parol-d%C9%99yi%C5%9Fdirm%C9%99-funksiyas%C4%B1nda-tapd%C4%B1%C4%9F%C4%B1m-csrf-bo%C5%9Flu%C4%9Fu-8786c125453e?source=rss------bug_bounty-5Zeynalxan Quliyevcsrf-attack, csrf, ato, bug-bounty, cybersecurity11-Nov-2024
PRE-ACCOUNT TAKEOVER through Oauth misconfiguration on a mailing websitehttps://infosecwriteups.com/pre-account-takeover-through-misconfigured-oauth-on-a-mailing-website-b906a5c118e9?source=rss------bug_bounty-5Harishcybersecurity, ethical-hacking, cyber-security-awareness, bug-bounty-tips, bug-bounty11-Nov-2024
Jumping into Bug Bounty Automationhttps://bitpanic.medium.com/jumping-into-bug-bounty-automation-4739abdb6d15?source=rss------bug_bounty-5Spectat0rguyinformation-security, cybersecurity, bug-bounty, information-technology, infosec11-Nov-2024
Won’t Fix Vulnerabilities in Google Colabhttps://0xjin.medium.com/wont-fix-vulnerabilities-in-google-colab-fcd3b6581746?source=rss------bug_bounty-50xJinbug-bounty, bug-bounty-writeup, google, bug-bounty-tips11-Nov-2024
Exposing the Dark Side of Google Dorks: How I Extracted Millions of Emails.https://pwndecoco.medium.com/exposing-the-dark-side-of-google-dorks-how-i-extracted-millions-of-emails-0fe0f7f6db8b?source=rss------bug_bounty-5Pwndec0c0hacking, cybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty11-Nov-2024
Server-Side Template Injection in an Unknown Language with a Documented Exploit — SSTI…https://medium.com/@rcxsecurity/server-side-template-injection-in-an-unknown-language-with-a-documented-exploit-ssti-de01a069b946?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Caféhacking, information-security, pentesting, bug-bounty, cybersecurity11-Nov-2024
P4 bug’s and their POC steps | Part 7 | $Easy Money$https://medium.com/h7w/p4-bugs-and-their-poc-steps-part-7-easy-money-d7cb9270f539?source=rss------bug_bounty-5socalledhackerinfosec, hacking, cybersecurity, bug-bounty-tips, bug-bounty11-Nov-2024
How I Found a Critical 9.8 Bug — Directory Listing leads to Critical P1 Exposure of PII and morehttps://medium.com/@enigma_/how-i-found-a-critical-9-8-9c4d14d82e20?source=rss------bug_bounty-5enigmaowasp, bug-bounty, directory-listing, ethical-hacking, hacker10-Nov-2024
Addressing OWASP Top 10 Vulnerabilities: Why You Need Wire Tor’s Pentesting Serviceshttps://medium.com/@wiretor/addressing-owasp-top-10-vulnerabilities-why-you-need-wire-tors-pentesting-services-5d2f374c3f22?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbreached, hacking, usa, bug-bounty, malware10-Nov-2024
How I was able to inject my malicious link in Email Confirmation Link ( Link Injection / Open…https://infosecwriteups.com/how-i-able-to-inject-my-malicious-link-in-email-confirmation-link-link-injection-open-redirect-dbf95075f89c?source=rss------bug_bounty-5Abdul Rehman Parkarcybersecurity, bug-bounty-writeup, infosec-write-ups, ethical-hacking, bug-bounty10-Nov-2024
Mastering Reconnaissance: The Ultimate Guide for Bug Hunters (Part 1)https://myselfakash20.medium.com/mastering-reconnaissance-the-ultimate-guide-for-bug-hunters-part-1-b91a2367ee65?source=rss------bug_bounty-5Akash Ghoshbug-bounty-writeup, bug-bounty, bug-bounty-tips, recon, bugbounty-writeup10-Nov-2024
Week 1: Documenting My Journey as a Full-Time Bug Hunterhttps://mokhansec.medium.com/week-1-documenting-my-journey-as-a-full-time-bug-hunter-fbe1bbefeb79?source=rss------bug_bounty-5Mohsin khanbugs, bug-bounty-tips, bug-bounty-writeup, bug-bounty10-Nov-2024
From P5(Informational)to Medium(P3) : How I was able to achieve it it in Dept of Defense VDP?https://medium.com/@tirqwork1/from-p5-informational-to-medium-p3-how-i-was-able-to-achieve-it-it-in-dept-of-defense-vdp-76e5eda28b5a?source=rss------bug_bounty-5ARoyus-dept-of-defense, data-protection, hackerone, bug-bounty, cybersecurity10-Nov-2024
From System Administrator to Bug Bounty Hunter: A Journey into Web Securityhttps://medium.com/@zero_4583/from-system-administrator-to-bug-bounty-hunter-a-journey-into-web-security-9b37bb52dde2?source=rss------bug_bounty-5Nathan Vincentapp-security, learning-to-code-journey, bug-bounty, secure-coding10-Nov-2024
How I was able to inject malicious link in Email Confirmation Link ( Link Injection / Open…https://cybersecuritywriteups.com/how-i-able-to-inject-my-malicious-link-in-email-confirmation-link-link-injection-open-redirect-dbf95075f89c?source=rss------bug_bounty-5Abdul Rehman Parkarcybersecurity, bug-bounty-writeup, infosec-write-ups, ethical-hacking, bug-bounty10-Nov-2024
How a Unique Combination Opened the Door to an IDORhttps://infosecwriteups.com/how-a-unique-combination-opened-the-door-to-an-idor-f44a3efe51e8?source=rss------bug_bounty-5Supun Halangoda (Suppa)cybersecurity, bug-bounty-writeup, bug-bounty-tips, secure-coding, bug-bounty10-Nov-2024
POC — CVE-2024–10914 Command Injection Vulnerability in `name` parameter for D-Link NAShttps://medium.com/@verylazytech/poc-cve-2024-10914-command-injection-vulnerability-in-name-parameter-for-d-link-nas-194e70f68120?source=rss------bug_bounty-5Very Lazy Techcommand-injection, cybersecurity, cve-2024-10914, bug-bounty, remote-code-execution10-Nov-2024
CRLF Injection Zero to Masterhttps://medium.com/@bugbounty_learners/crlf-injection-zero-to-master-17a93afc33a3?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-tips, bug-bounty-writeup, bug-bounty, software-development, web-development10-Nov-2024
Possible subdomain takeovers gives me 1000 dollarshttps://medium.com/lucky-vulnerabilities/possible-subdomain-takeovers-gives-me-1000-dollars-9f3ad682ddce?source=rss------bug_bounty-5Lucky Vulnerabilitiesbug-bounty, bug-bounty-tips, bug-hunting, updates, news10-Nov-2024
HackTheBox: Information Gatheringhttps://medium.com/@rodripadisec/hackthebox-information-gathering-7af3526f13f5?source=rss------bug_bounty-5pad1ryoshireconnaissance, web3, hackthebox-academy, hackthebox, bug-bounty10-Nov-2024
Understanding Common Windows Commands and How Threat Actors Use Them:https://medium.com/@wtrentond/understanding-common-windows-commands-and-how-threat-actors-use-them-34298408e163?source=rss------bug_bounty-5Trent Wtech, cybersecurity, microsoft, bug-bounty, technology10-Nov-2024
Double Race Condition : Breaking Ruleshttps://sayedv2.medium.com/double-race-condition-breaking-rules-88850372afb8?source=rss------bug_bounty-5Mohamed Sayedcybersecurity, bugbounty-writeup, race-condition, bugbounty-tips, bug-bounty10-Nov-2024
Ethical Hacking — How It Helps Prevent Cyber Attackshttps://medium.com/@RocketMeUpCybersecurity/ethical-hacking-how-it-helps-prevent-cyber-attacks-41d3d791c7c9?source=rss------bug_bounty-5RocketMe Up Cybersecurityethical-hacking, bug-bounty, cyberattack, penetration-testing, vulnerability-assessment10-Nov-2024
Hackers Evade Detection with New ZIP File Concatenation Technique!https://medium.com/@wiretor/hackers-evade-detection-with-new-zip-file-concatenation-technique-3bd29544f96e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransom, bug-bounty, hacking, pentesting, malware10-Nov-2024
HackTheBox: Information Gatheringhttps://pad1ryoshi.medium.com/hackthebox-information-gathering-7af3526f13f5?source=rss------bug_bounty-5pad1ryoshireconnaissance, web3, hackthebox-academy, hackthebox, bug-bounty10-Nov-2024
30 Books To Learn H@ackinghttps://osintteam.blog/30-books-to-learn-h-acking-2911c57f148c?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitprogramming, bug-bounty, books, technology, hacking10-Nov-2024
Understanding Common Windows Commands and How Threat Actors Use Them:https://medium.com/@wtrentond/understanding-common-windows-commands-and-how-threat-actors-use-them-34298408e163?source=rss------bug_bounty-5Trent Wtech, artificial-intelligence, cybersecurity, bug-bounty, technology10-Nov-2024
Possible subdomain takeovers gives me 1000 dollarshttps://medium.com/lucky-vulnerabilities/possible-subdomain-takeovers-gives-me-1000-dollars-9f3ad682ddce?source=rss------bug_bounty-5Lucky Vulnerabilitiesbug-bounty, bug-bounty-tips, bug-hunting, updates, news10-Nov-2024
BugBounty — Mastering the Basics (along with Resources)[Part-3]https://medium.com/@iabhipathak/bugbounty-mastering-the-basics-along-with-resources-part-3-1619f6854e20?source=rss------bug_bounty-5Abhinav Pathaksecurity, privacy, cybersecurity, hacking, bug-bounty09-Nov-2024
Analyzing JavaScript Files for Retrieving Admin Credentialshttps://medium.com/@abdullah12987654/analyzing-javascript-files-for-retrieving-admin-credentials-0c6f25ff507a?source=rss------bug_bounty-5Abdullahweb-vulnerabilities, pentesting, cyber-security-services, hacking, bug-bounty09-Nov-2024
IDOR and Excessive Data Exposure in Mobile Application — The Tale of an IDOR # 02https://medium.com/@abdullah12987654/idor-and-excessive-data-exposure-in-mobile-application-9bab953ea2b6?source=rss------bug_bounty-5Abdullahbug-bounty, idor-vulnerability, hacking, cyber-security-services, pentesting09-Nov-2024
Username restrictions bypass on Hackerone programhttps://medium.com/@bugbounty_learners/username-restrictions-bypass-on-hackerone-program-61f4c8ff8b44?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-writeup, bug-bounty, bug-zero, bug-bounty-tips, bugs09-Nov-2024
API Security Penetration Testing Checklisthttps://infosecwriteups.com/api-security-testing-penetration-testing-checklist-bb2969906ec1?source=rss------bug_bounty-5Ajay Naikinfosec, information-security, information-technology, bug-bounty, cybersecurity09-Nov-2024
how i found 3 open redirect bugs on hackerone public program?https://doordiefordream.medium.com/how-i-found-3-open-redirect-bugs-on-hackerone-public-program-d6f75850996b?source=rss------bug_bounty-5balu bandiethical-hacking, hacking, cybersecurity, vulnerability, bug-bounty09-Nov-2024
How I Accidentally Found a ‘Cache Magic Trick’ — aka Unauthenticated PURGE on Varnish (Hold My…https://medium.com/@mayankmalaviya3/how-i-accidentally-found-a-cache-magic-trick-aka-unauthenticated-purge-on-varnish-hold-my-5e13e5056618?source=rss------bug_bounty-5Mayank Malaviya (Aiwolfie)bug-bounty, unauthenticated-purge, penetration-testing, security, unauthenticated09-Nov-2024
“Hack Smarter, Not Harder: Google Dorks for Fast Bug Hunting and Recon”https://myselfakash20.medium.com/hack-smarter-not-harder-google-dorks-for-fast-bug-hunting-and-recon-3029a4004cfd?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, bugs, bug-bounty, bug-bounty-writeup09-Nov-2024
John the Ripper in Cybersecurityhttps://infosecwriteups.com/john-the-ripper-in-cybersecurity-46c8f5c3a99f?source=rss------bug_bounty-5Ajay Naikcybersecurity-training, cybersecurity, bug-bounty, information-technology, penetration-testing09-Nov-2024
Predicting Cyber Threats: Can We Use Threat Intelligence to Forecast Attacks Like Weather?https://medium.com/@paritoshblogs/predicting-cyber-threats-can-we-use-threat-intelligence-to-forecast-attacks-like-weather-4f57175b25ec?source=rss------bug_bounty-5Paritoshinformation-technology, bug-bounty, hacking, threat-intelligence, cybersecurity09-Nov-2024
Critical Vulnerabilities in Aruba Access Points: What You Need to Know!https://medium.com/@wiretor/critical-vulnerabilities-in-aruba-access-points-what-you-need-to-know-7053d6349bf1?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicespentesting, malware, bug-bounty, ransomware, hacking09-Nov-2024
D-Link Exposes 60,000+ NAS Devices to Unpatched Critical Flawhttps://medium.com/@wiretor/d-link-exposes-60-000-nas-devices-to-unpatched-critical-flaw-c06b62cf67e9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, hacking, xss-attack, malware, bug-bounty09-Nov-2024
Critical Veeam RCE Vulnerability Exploited in New Frag Ransomware Attackshttps://medium.com/@wiretor/critical-veeam-rce-vulnerability-exploited-in-new-frag-ransomware-attacks-ae75d32f6bb0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, malware, ransomware, xss-attack09-Nov-2024
Palo Alto Networks Warns of Potential PAN-OS RCE Vulnerability! ️https://medium.com/@wiretor/palo-alto-networks-warns-of-potential-pan-os-rce-vulnerability-%EF%B8%8F-148d8b8da5a9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, xss-attack, malware, hacking, ransomware09-Nov-2024
How to Integrate Artificial Intelligence in Bug Bounty?https://bitpanic.medium.com/how-to-integrate-artificial-intelligence-in-bug-bounty-fab592ae6c80?source=rss------bug_bounty-5Spectat0rguybug-bounty, cybersecurity, ai, penetration-testing09-Nov-2024
My Obsidian Setuphttps://cybersechemmars.medium.com/my-obsidian-setup-b3e96516feaa?source=rss------bug_bounty-5Cybersec with Hemmarsnotetaking, cybersecurity, notes, bug-bounty, obsidian09-Nov-2024
Broken Authentication: Full Methodology for Identifying and Exploiting Vulnerabilitieshttps://dineshpathro9.medium.com/broken-authentication-full-methodology-for-identifying-and-exploiting-vulnerabilities-63a55c3d4399?source=rss------bug_bounty-5hunterbug-zero, bug-bounty, bugs, bug-bounty-tips, bug-bounty-writeup09-Nov-2024
Advanced Techniques for CSRF (Cross-Site Request Forgery) Attacks: A Full Methodology Guidehttps://dineshpathro9.medium.com/advanced-techniques-for-csrf-cross-site-request-forgery-attacks-a-full-methodology-guide-8db29faecc01?source=rss------bug_bounty-5hunterbug-bounty-tips, csrf, bug-zero, bugs, bug-bounty09-Nov-2024
CVE-2023–27350 : PaperCut Tryhackme Write uphttps://jawstar.medium.com/cve-2023-27350-papercut-tryhackme-write-up-2237fe48d3a7?source=rss------bug_bounty-5Jawstartechnology, bug-bounty, tryhackme, software-development, cybersecurity09-Nov-2024
Escalating RXSS with HttpOnly SameSite Session Cookieshttps://medium.com/@dhakatedeep909/escalating-rxss-with-httponly-samesite-session-cookies-a1ba3b9e50c1?source=rss------bug_bounty-5Deep Dhakate AKA intrud3rcybersecurity, hacking, bug-bounty09-Nov-2024
RCE by finding secret hidden files via Encryption and hashinghttps://medium.com/@karim.engmohamed/%D8%A7%D9%84%D8%B3%D9%84%D8%A7%D9%85-%D8%B9%D9%84%D9%8A%D9%83%D9%85-e37717c23cfd?source=rss------bug_bounty-5Karim Mohamedhacker, cybersecurity, hackerone, bug-bounty, bug-bounty-tips09-Nov-2024
Fast Setup Mobile Apps Pentest With Burpsuite And memuhttps://zucki.medium.com/fast-setup-mobile-apps-pentest-with-burpsuite-and-memu-567d661b6bb9?source=rss------bug_bounty-5Marzuckiandroid-pentesting, android, pentesting, mobile-apps, bug-bounty08-Nov-2024
Why is recon so very important? API key exposure by only reconhttps://medium.com/@karim.engmohamed/why-is-recon-so-very-important-api-key-exposure-by-only-recon-f8aff4ab1ac3?source=rss------bug_bounty-5Karim Mohamedcybersecurity, hacking, bug-bounty-tips, bug-bounty, bug-bounty-writeup08-Nov-2024
Advanced Google Dorking Techniques for Bug Bounty Hunting: Finding Responsible Disclosure Programs…https://dineshpathro9.medium.com/advanced-google-dorking-techniques-for-bug-bounty-hunting-finding-responsible-disclosure-programs-5a00a0d9d0e9?source=rss------bug_bounty-5DiNeSh_PaThRobug-bounty, bugbounty-writeup, web-app-security, dorks, bug-bounty-tips08-Nov-2024
Metasploit Guide :- Main weapon of Hackershttps://medium.com/@anandrishav2228/metasploit-guide-main-weapon-of-hackers-a791e72df686?source=rss------bug_bounty-5Rishav anandmetasploit, cybersecurity, money, hacker, bug-bounty08-Nov-2024
SQL Injection UNION Attack, Finding a Column Containing Texthttps://medium.com/@marduk.i.am/sql-injection-union-attack-finding-a-column-containing-text-ee28ff48eb30?source=rss------bug_bounty-5Marduk I Amsqli, portswigger-lab, bug-bounty, infosec, sql-injection08-Nov-2024
What to Do After Choosing a Bug Bounty Target? Part 2 | Bug Bounty Guidehttps://medium.com/@js8971105/what-to-do-after-choosing-a-bug-bounty-target-part-2-bug-bounty-guide-811affb17572?source=rss------bug_bounty-5cyberghostinfo-sec-writeups, ethical-hacking, reconnaissance-techniques, bug-bounty, cybersecurity08-Nov-2024
CyberDef Dokumentasi | Time-Based Blind SQLIhttps://hack4funacademy.medium.com/cyberdef-dokumentasi-time-based-blind-sqli-7db756ddf2ad?source=rss------bug_bounty-5Hack4Fun Academybug-bounty, hacking, cybersecurity08-Nov-2024
Finding My First Bug: The Power of Understanding Website Logic ‍♀️https://medium.com/@mahdisalhi0500/finding-my-first-bug-the-power-of-understanding-website-logic-%EF%B8%8F-4197dd08cf29?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, bug-bounty, bug-bounty-tips, ethical-hacking, information-security08-Nov-2024
How to Get Started in Web App Bug Bounty: Practical Steps to Keep You Motivated! ️‍♂️https://medium.com/@soorajv910/how-to-get-started-in-web-app-bug-bounty-practical-steps-to-keep-you-motivated-%EF%B8%8F-%EF%B8%8F-c6c1507c84fd?source=rss------bug_bounty-5sooraj vhacking, bug-bounty, bugcrowd, bug-bounty-tips, hackerone08-Nov-2024
How i earned easy$$$ by deleting user comments on any posthttps://medium.com/thedeephub/how-i-earned-easy-by-deleting-user-comments-on-any-post-c2e226f2157a?source=rss------bug_bounty-5Le_Merdienpentesting, cybersecurity, bug-bounty, penetration-testing, hacker08-Nov-2024
“XSS ve Context Örnekleri”https://medium.com/@sgzldmrc/xss-ve-context-%C3%B6rnekleri-6ba2bc976c1f?source=rss------bug_bounty-5Serdar Güzeldemircixss-attack, bug-bounty, cyber-security-awareness, xss-bypass08-Nov-2024
How to Prepare for the OSEP Roadmap — A Comprehensive Guide for Cybersecurity Professionalshttps://medium.com/@verylazytech/how-to-prepare-for-the-osep-roadmap-a-comprehensive-guide-for-cybersecurity-professionals-f3fecede5919?source=rss------bug_bounty-5Very Lazy Techhacking, ethical-hacking, bug-bounty, osep, cybersecurity08-Nov-2024
20 Open Redirect Bugs in Few Minuteshttps://systemweakness.com/20-open-redirect-bugs-in-few-minutes-c9fdabf75642?source=rss------bug_bounty-5AbhirupKonwarpentesting, bug-bounty, bug-bounty-tips, cybersecurity, vulnerability08-Nov-2024
Web App Fingerprinting in 9 Stepshttps://bitpanic.medium.com/web-app-fingerprinting-in-9-steps-5b86615b56f7?source=rss------bug_bounty-5Spectat0rguybug-bounty, cybersecurity, bugbounty-tips08-Nov-2024
Email HTML injection with a simple tiphttps://medium.com/@mohamed.yasser442200/email-html-injection-with-a-simple-tip-aeab346fbefc?source=rss------bug_bounty-5Spider4bug-bounty, hunting, bugcrowd, cybersecurity, pentesting08-Nov-2024
Unpatched Vulnerabilities in Mazda Infotainment Systems Pose Serious Security Riskshttps://medium.com/@wiretor/unpatched-vulnerabilities-in-mazda-infotainment-systems-pose-serious-security-risks-b634ae8883d8?source=rss------bug_bounty-5WIRE TORbug-bounty, malware, ransomware, hacking, pentesting08-Nov-2024
Texas Oilfield Supplier Newpark Resources Hit by Ransomware Attackhttps://medium.com/@wiretor/texas-oilfield-supplier-newpark-resources-hit-by-ransomware-attack-fc374aa6b8dc?source=rss------bug_bounty-5WIRE TORbug-bounty, ransomware, pentesting, malware, hacking08-Nov-2024
Malwarebytes Acquires AzireVPN to Enhance Privacy and Security Offeringshttps://medium.com/@wiretor/malwarebytes-acquires-azirevpn-to-enhance-privacy-and-security-offerings-194b3bf42554?source=rss------bug_bounty-5WIRE TORbug-bounty, ransomware, hacking, pentesting, malware08-Nov-2024
Hackers Leveraging Winos4.0: A Growing Threat in Post-Exploitation Attackshttps://medium.com/@wiretor/hackers-leveraging-winos4-0-a-growing-threat-in-post-exploitation-attacks-e830dac3766b?source=rss------bug_bounty-5WIRE TORmalware, hacking, ransomware, bug-bounty, xss-attack08-Nov-2024
A Comprehensive Toolkit for Web Penetration Testing and Bug Huntinghttps://dineshpathro9.medium.com/a-comprehensive-toolkit-for-web-penetration-testing-and-bug-hunting-21a7b01d722f?source=rss------bug_bounty-5DiNeSh_PaThRobug-bounty, bug-zero, hacking, bug-bounty-tips, web-app-security08-Nov-2024
Top Search Engines for Pentestershttps://osintteam.blog/top-search-engines-for-pentesters-6fa90ffb6aa0?source=rss------bug_bounty-5D.Haddadcybersecurity, bug-bounty, penetration-testing, hacking-tools, osint08-Nov-2024
Unpatched Vulnerabilities in Mazda Infotainment Systems Pose Serious Security Riskshttps://medium.com/@wiretor/unpatched-vulnerabilities-in-mazda-infotainment-systems-pose-serious-security-risks-b634ae8883d8?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, ransomware, hacking, pentesting08-Nov-2024
Texas Oilfield Supplier Newpark Resources Hit by Ransomware Attackhttps://medium.com/@wiretor/texas-oilfield-supplier-newpark-resources-hit-by-ransomware-attack-fc374aa6b8dc?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, ransomware, pentesting, malware, hacking08-Nov-2024
Malwarebytes Acquires AzireVPN to Enhance Privacy and Security Offeringshttps://medium.com/@wiretor/malwarebytes-acquires-azirevpn-to-enhance-privacy-and-security-offerings-194b3bf42554?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, ransomware, hacking, pentesting, malware08-Nov-2024
Hackers Leveraging Winos4.0: A Growing Threat in Post-Exploitation Attackshttps://medium.com/@wiretor/hackers-leveraging-winos4-0-a-growing-threat-in-post-exploitation-attacks-e830dac3766b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, hacking, ransomware, bug-bounty, xss-attack08-Nov-2024
Google Dorking in Bug Hunting: Uncovering Hidden Vulnerabilitieshttps://myselfakash20.medium.com/google-dorking-in-bug-hunting-uncovering-hidden-vulnerabilities-aebe773f73be?source=rss------bug_bounty-5Akash Ghoshbug-bounty, bug-bounty-writeup, dorking, bugs, bug-bounty-tips07-Nov-2024
My first acknowledgement from Government NCIIPC India (A unit of NTRO) of my bug Bounty journey…https://medium.com/@subhajit_taki77/my-first-acknowledgement-from-government-nciipc-india-a-unit-of-ntro-of-my-bug-bounty-journey-fda6637766f9?source=rss------bug_bounty-5Subhajit_Taki77cybersecurity, bug-bounty, acknowledgement, nciipc07-Nov-2024
Bypass Rich Text Editors lead to Stored XSS - $500 Rewardshttps://medium.com/@bugbounty_learners/bypass-rich-text-editors-lead-to-stored-xss-500-rewards-077e22eba20f?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-writeup, bug-bounty, bugs, bug-bounty-tips07-Nov-2024
Why Bug Bounty Failures Occur — Key Insights for Successhttps://r3dw4n4hm3d.medium.com/why-bug-bounty-failures-occur-key-insights-for-success-2813349c5e1a?source=rss------bug_bounty-5R3DW4N 4HM3Dbug-bounty, vulnerabilityresearch, cybersecurity, ethical-hacking07-Nov-2024
Exploring the OWASP API Security Top 10: A Guide to Securing Your APIshttps://medium.com/@ad.abhi0013/exploring-the-owasp-api-security-top-10-a-guide-to-securing-your-apis-5ee4456cb9c3?source=rss------bug_bounty-5Abhishek Adhikaribug-bounty, owasp-api-security-top-10, api07-Nov-2024
Account Takeover for Google SSO Usershttps://7odamoo.medium.com/account-takeover-for-google-sso-users-b50f99b49f0d?source=rss------bug_bounty-5Mahmoud Hamedbug-bounty, pentesting07-Nov-2024
From an Out-of-Scope Bug to Unlocking Lifetime Premium Accounts in Mozillahttps://0d-amr.medium.com/from-an-out-of-scope-bug-to-unlocking-lifetime-premium-accounts-in-mozilla-fe96371d814c?source=rss------bug_bounty-5Amrctf, bug-bounty, penetration-testing, cyber-secuity07-Nov-2024
Exposing hidden DOS techniques laying in plain sight.https://medium.com/@omarahmed_13016/exposing-hidden-dos-techniques-laying-in-plain-sight-29965ab1d53b?source=rss------bug_bounty-5Omar Ahmedhacking, vulnerability, bug-bounty-writeup, bug-bounty, bug-bounty-tips07-Nov-2024
No Rate Limiting — Bughttps://medium.com/@Jitheshjithu/no-rate-limiting-bug-7107cfc5d175?source=rss------bug_bounty-5Jitheshbug-bounty-writeup, no-rate-limit, bugs, bug-bounty, bug-bounty-tips07-Nov-2024
Canada Orders TikTok to Close Canadian Operations Amid Growing Security Concernshttps://medium.com/@wiretor/canada-orders-tiktok-to-close-canadian-operations-amid-growing-security-concerns-45b40c461986?source=rss------bug_bounty-5WIRE TORhacking, xss-attack, malware, bug-bounty, pentesting07-Nov-2024
SteelFox Malware Hits Hard: Protect Your System This Black Friday & Cyber Monday with 50% Off…https://medium.com/@wiretor/steelfox-malware-hits-hard-protect-your-system-this-black-friday-cyber-monday-with-50-off-d96831583b9e?source=rss------bug_bounty-5WIRE TORhacking, breached, bug-bounty, malware, usa07-Nov-2024
How to Find CSRF Vulnerabilities Using Kali Linux: A Full Methodologyhttps://dineshpathro9.medium.com/how-to-find-csrf-vulnerabilities-using-kali-linux-a-full-methodology-070a21aee0b5?source=rss------bug_bounty-5DiNeSh_PaThRobug-bounty-tips, bug-bounty, hacking, csrf, bugbounty-writeup07-Nov-2024
North Korean Hackers Target macOS Users with Fake Crypto PDFshttps://medium.com/@wiretor/north-korean-hackers-target-macos-users-with-fake-crypto-pdfs-d6d93c347dfe?source=rss------bug_bounty-5WIRE TORusa, pentesting, malware, hacking, bug-bounty07-Nov-2024
Uygulamalarla XSS’e Gerçekçi Bir Yaklaşımhttps://medium.com/@sgzldmrc/uygulamalarla-xsse-ger%C3%A7ek%C3%A7i-bir-yakla%C5%9F%C4%B1m-a3e82ae0be3a?source=rss------bug_bounty-5Serdar Güzeldemircixss-attack, bug-bounty, xss-vulnerability, web-app-security, cross-site-scripting07-Nov-2024
OAuth Misconfiguration Pre-Account Takeoverhttps://medium.com/h7w/oauth-misconfiguration-pre-account-takeover-535beb8d1987?source=rss------bug_bounty-5socalledhackerinfosec, hacking, bug-bounty-tips, cybersecurity, bug-bounty07-Nov-2024
China-Aligned MirrorFace Hackers Target EU Diplomats with World Expo 2025 Baithttps://medium.com/@wiretor/china-aligned-mirrorface-hackers-target-eu-diplomats-with-world-expo-2025-bait-a289ad3ec600?source=rss------bug_bounty-5WIRE TORbug-bounty, hacking, malware, usa, xss-attack07-Nov-2024
How To Automate Your Broad Scope Reconhttps://thexssrat.medium.com/how-to-automate-your-broad-scope-recon-a4ff998dea0e?source=rss------bug_bounty-5Thexssratbug-bounty-writeup, hacks, bug-bounty-tips, hacking, bug-bounty07-Nov-2024
Understanding Broken Access Control (BAC): A Comprehensive Guidehttps://thexssrat.medium.com/understanding-broken-access-control-bac-a-comprehensive-guide-c0e325c43b04?source=rss------bug_bounty-5Thexssrathacking, broken-access-control, hacker, hacks, bug-bounty07-Nov-2024
Developers Don’t Care About Securityhttps://medium.com/@krishanthan2022.4.4/developers-dont-care-about-security-e4814ecc4907?source=rss------bug_bounty-5R.Krishanthanbug-bounty, web-security, penetration-testing, vulnerability, development06-Nov-2024
Stored HTML Injection to Stored Url Redirectionhttps://medium.com/@abdullah12987654/stored-html-injection-to-stored-url-redirection-40a1c8452f12?source=rss------bug_bounty-5Abdullahhtml-injection, url-redirection, hacking, bug-bounty, pentesting06-Nov-2024
FUZZING That Leads to Internal Source Code!https://medium.com/@rootplinix/fuzzing-that-leads-to-internal-source-code-ef992143c015?source=rss------bug_bounty-5Abu Hurayrainfosec, cybersecurity, bug-bounty, hacking06-Nov-2024
OAuth Under Siege: The Dangers of Account Impersonationhttps://medium.com/@ProwlSec/oauth-under-siege-the-dangers-of-account-impersonation-df0e780f1c4f?source=rss------bug_bounty-5ProwlSechacking, tips, account-takeover, bug-bounty, bug-hunting06-Nov-2024
How I Earned $350 Exploiting Clickjacking Vulnerability to Trigger XSS Attackhttps://medium.com/@abdulparkar/how-i-earned-350-exploiting-clickjacking-vulnerability-to-trigger-xss-attack-23b3216ca640?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking, ethical-hacking06-Nov-2024
SQL Injection UNION Attack, Determining the Number of Columns Returned by the Queryhttps://medium.com/@marduk.i.am/sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-a740b76989fe?source=rss------bug_bounty-5Marduk I Amportswigger-lab, bug-bounty, sql-injection, sqli, information-security06-Nov-2024
XSS Restction bypass on Hackerone programhttps://medium.com/@bugbounty_learners/xss-restction-bypass-on-hackerone-program-a7b37636425d?source=rss------bug_bounty-5bugbounty_learnersbug-bounty, pentesting, bugs, bug-bounty-tips, cybersecurity06-Nov-2024
A Step-by-Step Guide to the Bug Hunting Process: From Reconnaissance to Reportinghttps://myselfakash20.medium.com/a-step-by-step-guide-to-the-bug-hunting-process-from-reconnaissance-to-reporting-9991b06314b8?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, bugbounty-writeup, bug-bounty-writeup, bug-hunting, bug-bounty06-Nov-2024
Mastering Bug Hunting: A Beginner’s Guide to Effective Methodologieshttps://medium.com/@secinfinitylabs/mastering-bug-hunting-a-beginners-guide-to-effective-methodologies-fc7491625645?source=rss------bug_bounty-5Secinfinity Labsbug-hunting, infosecurity, cybersecurity, bug-bounty-tips, bug-bounty06-Nov-2024
Bug Hunting Reconhttps://medium.com/@prajwalpatil453/bug-hunting-recon-840455f4d71a?source=rss------bug_bounty-5Anonstrkbug-bounty, reconnaissance, bug-bounty-tips, methodology06-Nov-2024
Manipulated All Files on Server of a HackerOne Targethttps://systemweakness.com/manipulated-all-files-on-server-of-a-hackerone-target-7b60a6dad117?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, pentesting, bug-bounty-tips, infosec, cybersecurity06-Nov-2024
My First and easiest Bug i have foundhttps://aboalezz1.medium.com/my-first-and-easiest-bug-i-have-found-3b7daee5d2f9?source=rss------bug_bounty-5Mohamed AboAlezzweb-hacking, bug-hunting, bug-bounty, bug-bounty-writeup, bug-bounty-tips06-Nov-2024
Understanding Types of Privileged Accounts and Their Security Riskshttps://bitpanic.medium.com/understanding-types-of-privileged-accounts-and-their-security-risks-935605f2232c?source=rss------bug_bounty-5Bit Paniccybersecurity, bugbounty-writeup, bug-bounty06-Nov-2024
All About JWT Vulnerabilitieshttps://medium.com/@0x_xnum/all-about-jwt-vulnerabilities-ef7314c4dd02?source=rss------bug_bounty-5Ahmed Tarekjwt-exploitation, bugbounty-writeup, bug-bounty, authentication, hacking06-Nov-2024
Most Commonly Used Tools in Bug Bountyhttps://medium.com/@halildeniz313/most-commonly-used-tools-in-bug-bounty-4603382ecee3?source=rss------bug_bounty-5Halildenizweb-security, cyber-security-awareness, bug-bounty-tips, cybersecurity, bug-bounty06-Nov-2024
An IDOR and Auth Bypass That Led to Mass Account Takeover — KSFEhttps://1-day.medium.com/an-idor-and-auth-bypass-that-led-to-mass-account-takeover-ksfe-db04cec8d730?source=rss------bug_bounty-51daybug-bounty-writeup, hacking, bug-bounty, penetration-testing, writeup06-Nov-2024
⚠️ Cyberattack Causes Statewide Outage in Washington Courtshttps://medium.com/@wiretor/%EF%B8%8F-cyberattack-causes-statewide-outage-in-washington-courts-cb9bcd6264a4?source=rss------bug_bounty-5WIRE TORxss-attack, malware, usa, hacking, bug-bounty06-Nov-2024
Nokia Breached by IntelBroker: Source Code Allegedly Stolenhttps://medium.com/@wiretor/nokia-breached-by-intelbroker-source-code-allegedly-stolen-a1fa5b62a10a?source=rss------bug_bounty-5WIRE TORmalware, hacked, bug-bounty, hacking, xss-attack06-Nov-2024
INTERPOL Disrupts Over 22,000 Malicious Servers in Global Crackdown on Cybercrimehttps://medium.com/@wiretor/interpol-disrupts-over-22-000-malicious-servers-in-global-crackdown-on-cybercrime-9f4e2840dc6e?source=rss------bug_bounty-5WIRE TORbug-bounty, pentesting, malware, xss-attack, hacking06-Nov-2024
Microchip Technology Reports $21.4 Million Loss From Ransomware Attackhttps://medium.com/@wiretor/microchip-technology-reports-21-4-million-loss-from-ransomware-attack-a123d2609b91?source=rss------bug_bounty-5WIRE TORbug-bounty, malware, trump, usa, hacking06-Nov-2024
Bypassing Promo Code Validation via Response Manipulation Enabled the Creation of a Business…https://anas0x1.medium.com/bypassing-promo-code-validation-via-response-manipulation-enabled-the-creation-of-a-business-3f926b19c0bb?source=rss------bug_bounty-5Anas Ibrahimpenetration-testing, bug-bounty-tips, bug-bounty-writeup, bug-bounty06-Nov-2024
IDOR Vulnerability Allowed the Deletion of Any User from an Administrator Account.https://anas0x1.medium.com/idor-vulnerability-allowed-the-deletion-of-any-user-from-an-administrator-account-da64e79ce1b0?source=rss------bug_bounty-5Anas Ibrahimbug-bounty, bug-bounty-tips, bug-bounty-writeup, penetration-testing, idor06-Nov-2024
Behind the Scenes: How I Hacked one of the largest Amusement Park in the Philippines.https://medium.com/hacking101/behind-the-scenes-how-i-hacked-one-of-the-largest-amusement-park-in-the-philippines-be38566ed563?source=rss------bug_bounty-5Pwndec0c0bug-bounty-tips, bug-bounty-writeup, penetration-testing, bug-bounty, hacking06-Nov-2024
Essential Bug Hunting Tools for Beginners: Start Your Journey in Cybersecurityhttps://myselfakash20.medium.com/essential-bug-hunting-tools-for-beginners-start-your-journey-in-cybersecurity-ea51e1f26068?source=rss------bug_bounty-5Akash Ghoshbugbounty-writeup, bug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty05-Nov-2024
How I Got Paid for an Out-of-Scope Vulnerabilityhttps://medium.com/@abdulparkar/how-i-got-paid-for-an-out-of-scope-vulnerability-4e51eb93db5c?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips, infosec-write-ups05-Nov-2024
Remote Code Execution (RCE): An In-Depth Guide with practicalhttps://medium.com/@anandrishav2228/remote-code-execution-rce-an-in-depth-guide-with-practical-7082a7e17e97?source=rss------bug_bounty-5Rishav anandcybersecurity, money, ai, hacker, bug-bounty05-Nov-2024
IDOR Leading To Improper Access Controlhttps://medium.com/@shadykhaled2002/idor-leading-to-improper-access-control-c3999aa28fc4?source=rss------bug_bounty-5Le_Merdiencybersecurity, bug-bounty, pentesting, penetration-testing05-Nov-2024
Alert: Reflected XSS Detectedhttps://osintteam.blog/alert-reflected-xss-detected-57850c34a61e?source=rss------bug_bounty-5Dishant Modixss-attack, penetration-testing, bug-bounty-tips, bug-bounty, cybersecurity05-Nov-2024
Lesser-Known Tools for Web Bug Bounty Huntinghttps://medium.com/@halildeniz313/lesser-known-tools-for-web-bug-bounty-hunting-e10a95fa25bd?source=rss------bug_bounty-5Halildenizweb-security, cyber-security-awareness, bug-bounty-tips, bug-bounty, cybersecurity05-Nov-2024
Vulnerabilities Weaponizing — Cross-site Scripting (XSS)https://medium.com/@aufzayed/vulnerabilities-weaponizing-cross-site-scripting-xss-608a4f45321c?source=rss------bug_bounty-5Abdelrhman Zayedexploit-development, red-teaming, penetration-testing, cybersecurity, bug-bounty05-Nov-2024
€50 bounty — Long String DOS Attack Bug and POC Stepshttps://medium.com/h7w/50-bounty-long-string-dos-attack-bug-and-poc-steps-eaa8a5777263?source=rss------bug_bounty-5socalledhackercybersecurity, infosec, bug-bounty, bug-bounty-tips, hacking05-Nov-2024
Zero-Day FOMO: The Fear of Missing Out on the Next Big Exploithttps://medium.com/@paritoshblogs/zero-day-fomo-the-fear-of-missing-out-on-the-next-big-exploit-d3b42d35323c?source=rss------bug_bounty-5Paritoshzero-day, vulnerability, cybersecurity, hacking, bug-bounty05-Nov-2024
SIP OPTIONS Abuse And Flood Vulnerability (exploit Voip)https://medium.com/@zpx15266/sip-options-abuse-and-flood-vulnerability-exploit-voip-b9bc030909ae?source=rss------bug_bounty-5ramzey elsayed mohamedbug-bounty-writeup, penetration-testing, bug-bounty, bug-bounty-tips, bugs05-Nov-2024
How I Got Paid for an Out-of-Scope Vulnerability $$$https://medium.com/@abdulparkar/how-i-got-paid-for-an-out-of-scope-vulnerability-4e51eb93db5c?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips, infosec-write-ups05-Nov-2024
Tips to Avoid Duplicates or N/A Reports in Bug Bounty Programshttps://bitpanic.medium.com/tips-to-avoid-duplicates-or-n-a-reports-in-bug-bounty-programs-a067a4e54d5e?source=rss------bug_bounty-5Bit Paniccybersecurity, bug-bounty05-Nov-2024
55 YouTube Channels to Learn HACKING!!!!!https://osintteam.blog/55-youtube-channels-to-learn-hacking-b5167d3125d9?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitbug-bounty, hacking, technology, programming, cybersecurity05-Nov-2024
How I found my first bug!https://medium.com/@karim.engmohamed/how-i-found-my-first-bug-b1f21046deb7?source=rss------bug_bounty-5Karim Mohamedpython, bug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty05-Nov-2024
Unleashing the Bug Hunter Within: A Curated Toolkit and Proven Processhttps://pwndecoco.medium.com/unleashing-the-bug-hunter-within-a-curated-toolkit-and-proven-process-fb2f89c7f1f0?source=rss------bug_bounty-5Pwndec0c0programming, cybersecurity, penetration-testing, bug-bounty, hacking05-Nov-2024
Google Fixes Dangerous Android Exploitshttps://medium.com/@wiretor/google-fixes-dangerous-android-exploits-6e6be3465e6c?source=rss------bug_bounty-5WIRE TORusa, hacking, breached, malware, bug-bounty05-Nov-2024
Easy logic bug that leaks the email for every userhttps://medium.com/@banertheinrich/easy-logic-bug-that-leaks-the-email-for-every-user-ef2d9d0cf088?source=rss------bug_bounty-5Adham Heinrichbug-bounty, cybersecurity, hackerone, bug-bounty-tips, bug-bounty-writeup04-Nov-2024
Panduan “Bug Bounty Programs pada Aplikasi Laravel” berdasarkan kerangka yang telah disusun:https://medium.com/@_azwar/panduan-bug-bounty-programs-pada-aplikasi-laravel-berdasarkan-kerangka-yang-telah-disusun-7cc3b230397c?source=rss------bug_bounty-5azwarlaravel, bug-bounty04-Nov-2024
Cloud flare bypass leads to Account Takeover via Password Reset Poisoninghttps://medium.com/@abdulparkar/cloud-flare-bypass-leads-to-account-takeover-via-password-reset-poisoning-ba349d784b97?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty, ethical-hacking, bug-bounty-writeup, cybersecurity, bug-bounty-tips04-Nov-2024
How to Find the Best Resources for Learning Bug Bounty and Cybersecurity |PRO Tiphttps://medium.com/@shaikhminhaz1975/how-to-find-the-best-resources-for-learning-bug-bounty-and-cybersecurity-pro-tip-d5e915e82539?source=rss------bug_bounty-5Shaikh Minhazpenetration-testing, best, cybersecurity, bug-bounty, ethical-hacking04-Nov-2024
Vibe Yo’Tribehttps://medium.com/@onelovemafia/vibe-yotribe-3d8a0c098ee2?source=rss------bug_bounty-5OneLoveMafiaclimate-change, machine-learning, bug-bounty, blockchain, philosophy04-Nov-2024
How to Configure Proxies in Browser for Bug-Bountyhttps://medium.com/@anandrishav2228/how-to-configure-proxies-in-browser-for-bug-bounty-c175c5513e1a?source=rss------bug_bounty-5Rishav anandvpn, proxy, cybersecurity, money, bug-bounty04-Nov-2024
Bypass the Blocked IP address while Pentesting.https://medium.com/@anandrishav2228/bypass-the-blocked-ip-address-while-pentesting-c4c02a8dc14d?source=rss------bug_bounty-5Rishav anandmoney, cybersecurity, bug-bounty, ip-address, hacking04-Nov-2024
bugbountytraining靶场(四)https://medium.com/@starkxun5215/bugbountytraining%E9%9D%B6%E5%9C%BA-%E5%9B%9B-378fa157f500?source=rss------bug_bounty-5xun starkbug-bounty04-Nov-2024
Breaking the Rules: How a Race Condition Allowed Me to Bypass the Limitshttps://medium.com/@manibharathi.b/breaking-the-rules-how-a-race-condition-allowed-me-to-bypass-the-limits-by-mani-d6840746a04e?source=rss------bug_bounty-5Mani Bharathi Bbug-bounty-tips, bug-bounty, cybersecurity, vulnerability, bug-bounty-writeup04-Nov-2024
Account takeover for $3000https://sushantdhopat.medium.com/account-takeover-for-3000-722ee6f5fbde?source=rss------bug_bounty-5sushantdhopatbug-bounty, infosec04-Nov-2024
Exploit exposed zendesk API Token for $1000https://sushantdhopat.medium.com/exploit-exposed-zendesk-api-token-for-1000-847966489070?source=rss------bug_bounty-5sushantdhopatinfosec, bug-bounty, information-security04-Nov-2024
IDOR leading to broken functionalityhttps://medium.com/@shadykhaled2002/idor-leading-to-broken-functionality-3b464213fa76?source=rss------bug_bounty-5Le_Merdienpenetration-testing, cybersecurity, pentesting, bug-bounty04-Nov-2024
The OAuth Oversight: When Configuration Errors Turn into Account Hijackshttps://medium.com/@nightcoders0/the-oauth-oversight-when-configuration-errors-turn-into-account-hijacks-5ed1f9c83d16?source=rss------bug_bounty-5Nightcoderspentesting, hacking, bug-bounty, bug-bounty-tips, bug-bounty-writeup04-Nov-2024
How I Found a €100 Bug at DCU: From “Not Applicable” to Cashing In!https://medium.com/@trffnsec/how-i-found-a-100-bug-at-dcu-from-not-applicable-to-cashing-in-2e58699a8faa?source=rss------bug_bounty-5TrffnSecbugbounty-writeup, hacking, bug-bounty-tips, ethical-hacking, bug-bounty04-Nov-2024
Essential One-Liner Commands for Bug Bounty Hunters and Pentestershttps://infosecwriteups.com/essential-one-liner-commands-for-bug-bounty-hunters-and-pentesters-7648ec305c66?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, automation, cybersecurity04-Nov-2024
How I Found HTML Injection?https://medium.com/@gitlime71/how-i-found-html-injection-bdbbf2861d95?source=rss------bug_bounty-5Raccoonbug-bounty, penetration-testing, bug-bounty-writeup04-Nov-2024
Columbus Ransomware Attack: Data of 500,000 Stolenhttps://medium.com/@wiretor/columbus-ransomware-attack-data-of-500-000-stolen-93076d58689c?source=rss------bug_bounty-5WIRE TORmalware, pentesting, usa, pentest, bug-bounty04-Nov-2024
Unveiling the “Pygmy Goat” Malware: A New Threat in Cybersecurityhttps://medium.com/@wiretor/unveiling-the-pygmy-goat-malware-a-new-threat-in-cybersecurity-aaeb360f9497?source=rss------bug_bounty-5WIRE TORbug-bounty, hacking, usa, malware, pentesting04-Nov-2024
Meet “Interlock” Ransomware — A New Threat Targeting FreeBSD Servershttps://medium.com/@wiretor/meet-interlock-ransomware-a-new-threat-targeting-freebsd-servers-4be6ba312c62?source=rss------bug_bounty-5WIRE TORhacking, malware, pentesting, bug-bounty, usa04-Nov-2024
Introducing SubdomainRadar.io:https://medium.com/@alexandrevandammepro/introducing-subdomainradar-io-727d765445f2?source=rss------bug_bounty-5Alexandre Vandammebug-bounty, vulnerability, bug-bounty-tips, osint, security04-Nov-2024
Essential One-Liner Commands for Bug Bounty Hunters and Pentestershttps://systemweakness.com/essential-one-liner-commands-for-bug-bounty-hunters-and-pentesters-7648ec305c66?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, automation, cybersecurity04-Nov-2024
ExploiterX — Vulnerability Scanner Toolhttps://anishalx.medium.com/exploiterx-vulnerability-scanner-tool-bc1796e278a1?source=rss------bug_bounty-5Anishweb3, python, bug-bounty, penetration-testing, hacking03-Nov-2024
Must-Have Tools for Cybersecurity Researchers: A Complete Installation Guidehttps://myselfakash20.medium.com/must-have-tools-for-cybersecurity-researchers-a-complete-installation-guide-5738022e535f?source=rss------bug_bounty-5Akash Ghoshcybersecurity, tools, bug-bounty, recon, reconnaissance03-Nov-2024
AcquiFinder | a tool to grab acquisitions of a company by Crunchbasehttps://medium.com/@AmmarxLe0x/acquifinder-a-tool-to-grab-acquisitions-of-a-company-by-crunchbase-6315db784813?source=rss------bug_bounty-5xLe0xbug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program, bug-bounty03-Nov-2024
“Keyed In” Compromising an entire organization through their APIhttps://medium.com/@s1renhead/keyed-in-compromising-an-entire-organization-through-their-api-2ed6cb54eec5?source=rss------bug_bounty-5S1renheadbug-bounty-writeup, bug-bounty, hacking, bug-bounty-tips03-Nov-2024
[Hacking impact] Acees admin panelhttps://medium.com/@nagashygaballah/hacking-impact-acees-admin-panel-a4326a36e208?source=rss------bug_bounty-5111xNagashyhacker, hackerone, hacking, bug-bounty, security03-Nov-2024
How I Discovered RXSS Bug on Microsoft subdomain !!!https://medium.com/@sayantichy/how-i-discovered-rxss-bug-on-microsoft-subdomain-21082191ad10?source=rss------bug_bounty-5Sayanti Chowdhuryxss-vulnerability, bug-bounty, xss-attack, first-bug, reflected-xss03-Nov-2024
Getting Back on the Cybersecurity Write-Ups: Return to Mediumhttps://mukibas37.medium.com/getting-back-on-the-cybersecurity-write-ups-return-to-medium-1ac51c9edde9?source=rss------bug_bounty-5Mukilan Baskarancybersecurity, infosec, back-to-writing, ctf, bug-bounty03-Nov-2024
A Comprehensive Guide to SQL Injection: Types, Hunting Methods, and Toolshttps://medium.com/@n4itr0_07/a-comprehensive-guide-to-sql-injection-types-hunting-methods-and-tools-8d716dd34355?source=rss------bug_bounty-5N4!TR0 07sql-injection, bug-bounty, bug-bounty-tips, bugbounty-writeup, cybersecurity03-Nov-2024
IDOR Exploit: Gaining Unauthorized Control Over Users’ Shopping Basketshttps://0xmatrix.medium.com/idor-exploit-gaining-unauthorized-control-over-users-shopping-baskets-122650091cf5?source=rss------bug_bounty-5Mo2men Elmadybug-bounty, hacking, idor, penetration-testing, bugs03-Nov-2024
Dstat.cc DDoS Site Seized & Two Suspects Arrested in Germanyhttps://medium.com/@wiretor/dstat-cc-ddos-site-seized-two-suspects-arrested-in-germany-c8d44187b181?source=rss------bug_bounty-5WIRE TORbug-bounty, malware, hacking, pentesting, usa03-Nov-2024
CRA Breach Exposed: Over 62,000 Taxpayer Accounts Compromised!https://medium.com/@wiretor/cra-breach-exposed-over-62-000-taxpayer-accounts-compromised-62bc0cf3cb9a?source=rss------bug_bounty-5WIRE TORmalware, bug-bounty, hacking, pentesting, usa03-Nov-2024
FBI Arrests Suspect in SEC Account Hack: What This Means for Cybersecurityhttps://medium.com/@wiretor/fbi-arrests-suspect-in-sec-account-hack-what-this-means-for-cybersecurity-735d8dd72512?source=rss------bug_bounty-5WIRE TORhacking, usa, bug-bounty, pentesting, malware03-Nov-2024
Becoming a Web Security Specialist: Essential Insights and a Roadmaphttps://medium.com/@halildeniz313/becoming-a-web-security-specialist-essential-insights-and-a-roadmap-91032925d1aa?source=rss------bug_bounty-5Halildenizcyber-security-awareness, bug-bounty, cybersecurity, web-security, ethical-hacking03-Nov-2024
Time Based SQL Injection Bug Hunting Methodologyhttps://medium.com/@abhirupkonwar04/time-based-sql-injection-bug-hunting-methodology-be485de5ab9e?source=rss------bug_bounty-5AbhirupKonwarethical-hacking, bug-bounty, cybersecurity, sql-injection, pentesting02-Nov-2024
Time Based SQL Injection Bug Hunting Methodologyhttps://osintteam.blog/time-based-sql-injection-bug-hunting-methodology-be485de5ab9e?source=rss------bug_bounty-5AbhirupKonwarethical-hacking, bug-bounty, cybersecurity, sql-injection, pentesting02-Nov-2024
Simple Tips for Bug Bounty Beginners: Escalating to XSS (XSS Series Part — 2)https://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-escalating-to-xss-xss-series-part-2-1d6b75ecf942?source=rss------bug_bounty-5Anish Narayantechnology, programming, cybersecurity, bug-bounty-writeup, bug-bounty02-Nov-2024
Breaking Into Information Security as a Fresher: A Guide to Starting Your Journeyhttps://medium.com/@nitinbasera11/breaking-into-information-security-as-a-fresher-a-guide-to-starting-your-journey-caa253c0f5ae?source=rss------bug_bounty-5Nitinbaserabug-bounty, security, cybersecurity, web-app-security, infosec02-Nov-2024
My Journey as a Bug Bounty Hunter and Web3 Enthusiast: Tips for Beginnershttps://medium.com/@veerendravamshi/my-journey-as-a-bug-bounty-hunter-and-web3-enthusiast-tips-for-beginners-50aa0bfbfc78?source=rss------bug_bounty-5Veerendra Vamshiblockchain, bug-bounty, web3, cryptocurrency, defi02-Nov-2024
Hacking For Free. Dodging Paying For Hacking Knowledge System | Primary Hacking School #9https://medium.com/@nnface/hacking-for-free-dodging-paying-for-hacking-knowledge-system-primary-hacking-school-9-c86f6dd3752c?source=rss------bug_bounty-5NnFacehacking, cybersecurity, kali-linux, money, bug-bounty02-Nov-2024
Microsoft Acknowledges Outlook Freezing Issue and Offers Workaroundshttps://medium.com/@wiretor/microsoft-acknowledges-outlook-freezing-issue-and-offers-workarounds-52fa28e41f13?source=rss------bug_bounty-5WIRE TORhacking, ransomware, malware, pentesting, bug-bounty02-Nov-2024
Account Takeover Via Google Auth Misconfigurationhttps://medium.com/@abdulparkar/account-takeover-via-google-auth-misconfiguration-af4a59dd82e7?source=rss------bug_bounty-5Abdul Rehman Parkarethical-hacking, bug-bounty-tips, hacking, bug-bounty, bug-bounty-writeup02-Nov-2024
bugbountytraining靶场(三)https://medium.com/@starkxun5215/bugbountytraining%E9%9D%B6%E5%9C%BA-%E4%B8%89-dfe55be3123f?source=rss------bug_bounty-5xun starkbug-bounty01-Nov-2024
Hard Server-Side Request Forgery (SSRF) A bypass method to RCE and Port Scanhttps://medium.com/@sarvour/hard-server-side-request-forgery-ssrf-a-bypass-method-to-rce-and-port-scan-61adf085d62a?source=rss------bug_bounty-5sarvourpentesting, security, rce, bug-bounty, writeup01-Nov-2024
Template Engines Injection 101https://medium.com/@0xAwali/template-engines-injection-101-4f2fe59e5756?source=rss------bug_bounty-5Mahmoud M. Awalibug-bounty, hacking01-Nov-2024
Web Application Basics — Tryhackme Walkthroughhttps://medium.com/@TRedEye/web-application-basics-tryhackme-walkthrough-ee6a0cf2f1f6?source=rss------bug_bounty-5TRedEyecybersecurity, hacking, bug-bounty, website, tryhackme01-Nov-2024
Configuring Burp Suite with Firefox (Step-by-Step)https://harshbardhanx.medium.com/configuring-burp-suite-with-firefox-step-by-step-40f56a706546?source=rss------bug_bounty-5Harsh Bardhanbug-bounty, cybersecurity, bug-bounty-writeup, burpsuite, bug-bounty-tips01-Nov-2024
Hackers Target Critical Zero-Day Vulnerabilities in PTZ Camerashttps://medium.com/@wiretor/hackers-target-critical-zero-day-vulnerabilities-in-ptz-cameras-d2d5023d329d?source=rss------bug_bounty-5WIRE TORpentest, zero-day, malware, bug-bounty, ransomware01-Nov-2024
qBittorrent Security Flaw Fixed After 14 Years Upgrade Now!https://medium.com/@wiretor/qbittorrent-security-flaw-fixed-after-14-years-upgrade-now-bfa491d214bb?source=rss------bug_bounty-5WIRE TORxss-attack, bug-bounty, hacking, malware, pentesting01-Nov-2024
New LightSpy Spyware Version Targets iPhones with Advanced Surveillance Tacticshttps://medium.com/@wiretor/new-lightspy-spyware-version-targets-iphones-with-advanced-surveillance-tactics-154f8887cd42?source=rss------bug_bounty-5WIRE TORhacking, apple, xss-attack, bug-bounty, malware01-Nov-2024
The Pen-Tester’s Muse: Writing Exploits into Earnings on Mediumhttps://medium.com/illumination/the-pen-testers-muse-writing-exploits-into-earnings-on-medium-a739abaab422?source=rss------bug_bounty-5Quintius Walkerbug-bounty, cybersecurity, poetry, creativity, poetry-on-medium01-Nov-2024
Reasons for Failure in Bug Bounty Programs and the Path to Successhttps://medium.com/@halildeniz313/reasons-for-failure-in-bug-bounty-programs-and-the-path-to-success-af19917f4be9?source=rss------bug_bounty-5Halildenizbug-bounty-tips, cybersecurity, bug-bounty, pentesting, ethical-hacking01-Nov-2024
bugbountytraining靶场(二)https://medium.com/@starkxun5215/bugbountytraining%E9%9D%B6%E5%9C%BA-%E4%BA%8C-669c3ac29651?source=rss------bug_bounty-5xun starkbug-bounty31-Oct-2024
How HTML injection can help to make $1000.https://medium.com/@anandrishav2228/how-html-injection-can-help-to-make-1000-531c6f7b6672?source=rss------bug_bounty-5Rishav anandhtml, ai, bug-bounty, money, cybersecurity31-Oct-2024
HOW I FOUND CVE-2023–35813?https://doordiefordream.medium.com/how-i-found-cve-2023-35813-c239c2f03192?source=rss------bug_bounty-5balu bandicve, ethical-hacking, bug-bounty, cybersecurity, writing31-Oct-2024
OAuth Account Takeover (ATO) Vulnerability via Email Manipulationhttps://medium.com/@muhammedgalal66/oauth-account-takeover-ato-vulnerability-via-email-manipulation-94e0e942bcb8?source=rss------bug_bounty-5Dg0x6account-takeover-attacks, account-takeover, bug-bounty-tips, hackerone, bug-bounty31-Oct-2024
SSRF to Internal Port Scanning on Self-Hosted Platformhttps://infosecwriteups.com/ssrf-to-internal-port-scanning-on-self-hosted-platform-05a17a461eed?source=rss------bug_bounty-5JEETPALssrf, bugbounty-tips, bug-bounty, bug-bounty-writeup, cybersecurity31-Oct-2024
7 Real-Life Bug Bounties That Made Headlines: Lessons You Can’t Afford to Miss!https://medium.com/@qaafqasim/7-real-life-bug-bounties-that-made-headlines-lessons-you-cant-afford-to-miss-4b812b2caafa?source=rss------bug_bounty-5Qasim Mahmood Khalidcyber-security-awareness, bug-bounty-writeup, bug-bounty, ethical-hacking, cybersecurity31-Oct-2024
Responsible Discovery, Irresponsible Response: The Cost of Punishing Security Researchershttps://khalifayakub.medium.com/responsible-discovery-irresponsible-response-the-cost-of-punishing-security-researchers-8bbb15f66ab7?source=rss------bug_bounty-5Mohammed Yakub Khalifaethics, cybersecurity-awareness, cybersecurity, bug-bounty, ethical-hacking31-Oct-2024
0-Click ATO Via reset password weird scenariohttps://medium.com/@mos693570/0-click-ato-via-reset-password-weird-scenario-9afa4a88e413?source=rss------bug_bounty-5Mo Salahbug-bounty31-Oct-2024
Could a Simple IDOR Vulnerability in Facebook Affects the Outcome of US Elections?https://medium.com/@bazzounbassem/could-a-simple-idor-vulnerability-in-facebook-affects-the-outcome-of-us-elections-c17bc5e12e30?source=rss------bug_bounty-5Bassem M Bazzounethical-hacking, bug-bounty, us-election-2024, cybersecurity31-Oct-2024
How One Accidental Find Led to Full App Security Testinghttps://medium.com/@hasirhamdan77/how-one-accidental-find-led-to-full-app-security-testing-ea1c317174cb?source=rss------bug_bounty-5Hasirhamdanjwt-exploitation, application-security, bug-bounty, mobile-security, hacking31-Oct-2024
Comprehensive Bug Bounty Hunting Methodology (2024 Edition)https://xalgord.medium.com/comprehensive-bug-bounty-hunting-checklist-2024-edition-4abb3a9cbe66?source=rss------bug_bounty-5Krishna Kaushalcybersecurity, bug-bounty-tips, bug-bounty, hacking, reconnaissance31-Oct-2024
Tale of Zendesk 0 day and a potential 25K $ bountyhttps://rikeshbaniya.medium.com/tale-of-zendesk-0-day-and-a-potential-25k-bounty-61bcf9c5dc06?source=rss------bug_bounty-5Rikesh Baniyabug-bounty-writeup, bug-bounty-tips, hackerone, security-research, bug-bounty31-Oct-2024
XML Upload Challenge: Breaking Boundaries with External Entitieshttps://medium.com/@josh.beck2006/xml-upload-challenge-breaking-boundaries-with-external-entities-79677649485f?source=rss------bug_bounty-5Josh Beckcybersecurity, ctf-writeup, bug-bounty31-Oct-2024
Hunting for IDOR and BAC Vulnerabilities in B2B Applications with Burp Suite’s Authorize Extensionhttps://thexssrat.medium.com/hunting-for-idor-and-bac-vulnerabilities-in-b2b-applications-with-burp-suites-authorize-extension-597877b53d94?source=rss------bug_bounty-5Thexssratidor, broken-access-control, bug-bounty, bug-bounty-tips, burpsuite31-Oct-2024
LottieFiles Hacked: A Cautionary Tale for the Crypto Community!https://medium.com/@wiretor/lottiefiles-hacked-a-cautionary-tale-for-the-crypto-community-8cc3b6cf9148?source=rss------bug_bounty-5WIRE TORmalware, xss-attack, hacking, usa, bug-bounty31-Oct-2024
Protecting E-Commerce: Understanding the Phish n’ Ships Campaignhttps://medium.com/@wiretor/protecting-e-commerce-understanding-the-phish-n-ships-campaign-619cc4f3d150?source=rss------bug_bounty-5WIRE TORmalware, hacking, usa, bug-bounty, xss-attack31-Oct-2024
Ex-Disney Employee Charged with Hacking: A Cautionary Tale!https://medium.com/@wiretor/ex-disney-employee-charged-with-hacking-a-cautionary-tale-d9174351fd7c?source=rss------bug_bounty-5WIRE TORmalware, bug-bounty, xss-attack, usa, hacking31-Oct-2024
File Transfer Cheatsheet: Windows and Linuxhttps://medium.com/@verylazytech/file-transfer-cheatsheet-windows-and-linux-1e36ec9a22ac?source=rss------bug_bounty-5Very Lazy Techfile-transfer, bug-bounty, post-exploitation, exfiltration, cybersecurity30-Oct-2024
Hacking your first OAuth on the Web application: Account takeover using Redirect and State…https://medium.com/@security.tecno/hacking-your-first-oauth-on-the-web-application-account-takeover-using-redirect-and-state-5e857c7b1d43?source=rss------bug_bounty-5TECNO Securityresearch-reports, hacking, bug-bounty, security30-Oct-2024
Discovered a Unique Email Verification Bypasshttps://mo9khu93r.medium.com/discovered-a-unique-email-verification-bypass-47bb1e955a13?source=rss------bug_bounty-5mo9khu93rpenetration-testing, email-verification, hacking, cybersecurity, bug-bounty30-Oct-2024
Apple $1,000,000 Bounty: Zero-Click Exploit Achieves Kernel Execution and PAC Bypass on Latest iOS…https://medium.com/@vintaconnect/apple-1-000-000-bounty-zero-click-exploit-achieves-kernel-execution-and-pac-bypass-on-latest-ios-7cdf35ff8bc6?source=rss------bug_bounty-5VintaConnectapple, apple-bug-bounty, ios, kernel, bug-bounty30-Oct-2024
CVE-2024–27954 — WordPress Automatic Plugin < 3.92.1 — Arbitrary File Download and SSRFhttps://infosecwriteups.com/cve-2024-27954-wordpress-automatic-plugin-3-92-1-arbitrary-file-download-and-ssrf-34f2e938db54?source=rss------bug_bounty-5Ajay Naikbug-bounty, penetration-testing, wordpress, cybersecurity, bug-bounty-hunter30-Oct-2024
$200-$10,000 for Command Injection Bug .https://medium.com/@anandrishav2228/200-10-000-for-command-injection-bug-2279041f3478?source=rss------bug_bounty-5Rishav anandhacking, cybersecurity, bug-bounty, money, command-injection30-Oct-2024
My First Remote Code Execution (RCE)https://medium.com/@prasenjitkantipaul/my-first-remote-code-execution-rce-ea9c3e32943f?source=rss------bug_bounty-5Prasenjit Kanti Paulbug-bounty, bug-bounty-tips, bug-bounty-hunter, rce, bug-bounty-writeup30-Oct-2024
CVE-2024–4577 — PHP CGI Argument Injection Remote Code Executionhttps://infosecwriteups.com/cve-2024-4577-php-cgi-argument-injection-remote-code-execution-294ed4758e4f?source=rss------bug_bounty-5Ajay Naikmedium, penetration-testing, bug-bounty, cybersecurity, information-technology30-Oct-2024
A Guide to Burp Suite for Ethical Hackershttps://medium.com/@codingbolt.in/a-guide-to-burp-suite-for-ethical-hackers-e1b985470547?source=rss------bug_bounty-5codingboltpenetration-testing, cybersecurity, bug-bounty, burpsuite, ethical-hacking30-Oct-2024
Multi-Step Process with No Access Control on One Step — Access Control Vulnerabilityhttps://medium.com/@rcxsecurity/multi-step-process-with-no-access-control-on-one-step-access-control-vulnerability-599aee989521?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafépentesting, cybersecurity, penetration-testing, information-security, bug-bounty30-Oct-2024
Chaining Four Vulnerabilities Leading to Account Takeoverhttps://medium.com/@jke3595/chaining-four-vulnerabilities-leading-to-account-takeover-664f18508600?source=rss------bug_bounty-5Joel I Patrickbounty-program, ethical-hacking, security, bug-bounty, cybersecurity30-Oct-2024
Predictable Initial Passwords vulnerabilityhttps://medium.com/@istibaroudissou/predictable-initial-passwords-vulnerability-3292322bfdd4?source=rss------bug_bounty-5Istibarou DISSOUvulnerability, bug-bounty, pentesting30-Oct-2024
Lets Get into the Real field.https://harshbardhanx.medium.com/lets-get-into-the-real-field-b2c9278d0b63?source=rss------bug_bounty-5Harsh Bardhanbug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty-hunter30-Oct-2024
Email Spoofinghttps://medium.com/@hacragon/email-spoofing-1a81728f92b3?source=rss------bug_bounty-5Subin Kumardmarc-record, email-spoofing, bug-bounty30-Oct-2024
Exposed Git Configs Lead to 15,000 Stolen Cloud Credentials: The WireTor Solutionhttps://medium.com/@wiretor/exposed-git-configs-lead-to-15-000-stolen-cloud-credentials-the-wiretor-solution-d6de23eaca26?source=rss------bug_bounty-5WIRE TORmalware, election2024, usa, bug-bounty, pentesting30-Oct-2024
WIRE TOR — The Ethical Hacking Serviceshttps://medium.com/@wiretor/wire-tor-the-ethical-hacking-services-bac69e4fa28a?source=rss------bug_bounty-5WIRE TORbug-bounty, pentesting, malware, xss-attack, hacking30-Oct-2024
Protect Yourself from Election Scams: Insights from WireTorhttps://medium.com/@wiretor/protect-yourself-from-election-scams-insights-from-wiretor-1e118e682f76?source=rss------bug_bounty-5WIRE TORbug-bounty, pentesting, xss-attack, hacking, malware30-Oct-2024
Spooktacular Halloween Sale: 50% Off!https://medium.com/@wiretor/spooktacular-halloween-sale-50-off-f1967438dac0?source=rss------bug_bounty-5WIRE TORpentesting, bug-bounty, usa, hacking, halloween30-Oct-2024
Automating Bug Bounty Hunts with Bash: A Beginner-Friendly Guidehttps://pwndecoco.medium.com/automating-bug-bounty-hunts-with-bash-a-beginner-friendly-guide-3fc2b3d7f341?source=rss------bug_bounty-5Pwndec0c0hacking, bug-bounty-tips, penetration-testing, bug-bounty, cybersecurity30-Oct-2024
Full Account Takeover at One of the Largest E-Commerce Companieshttps://m0uka.medium.com/full-account-takeover-at-one-of-the-largest-e-commerce-companies-8cf416e9dc7e?source=rss------bug_bounty-5m0ukahackerone, hacking, bug-bounty, bugcrowd, security-research29-Oct-2024
Account Linked Domains Takeoverhttps://medium.com/@ph4nt0mbyt3/account-linked-domains-takeover-852cab92e018?source=rss------bug_bounty-5ph4nt0mbyt3pentesting, bug-bounty, pentest29-Oct-2024
How to find Information Disclouser in any WebTech or Mobile App. and Earn upto $500-$2000https://medium.com/@anandrishav2228/how-to-find-information-disclouser-in-any-webtech-or-mobile-app-and-earn-upto-500-2000-7bda67bbe754?source=rss------bug_bounty-5Rishav anandcybersecurity, money, api, bug-bounty, hacker29-Oct-2024
From Study Stress to Critical Account Takeover: How a Gym Break and a Little Curiosity Uncovered a…https://medium.com/@CipherHawk/from-study-stress-to-critical-account-takeover-how-a-gym-break-and-a-little-curiosity-uncovered-a-d15cfc2e142b?source=rss------bug_bounty-5CipherHawkbug-bounty, hackerone, hacking, yeswehack, bugbounty-tips29-Oct-2024
How I get Open Redirect Vulnerability in BBP ?https://medium.com/@keroayman77/how-i-get-open-redirect-vulnerability-in-bbp-6006e5a34602?source=rss------bug_bounty-5Kerolos Aymanbug-bounty-writeup, bug-bounty29-Oct-2024
Web cache poisoning explainedhttps://medium.com/@ad.abhi0013/web-cache-poisoning-explained-f3ddc4bfbf94?source=rss------bug_bounty-5Abhishek Adhikaricybersecurity, web-cache-poisoning, bug-bounty29-Oct-2024
Find Open Redirect in Just 2 min - $1000https://medium.com/@mdnafeed3/find-open-redirect-in-just-2-min-1000-c527bb3e65fb?source=rss------bug_bounty-5H4cker-Nafeedcybersecurity, bug-bounty, bug-bounty-tips29-Oct-2024
How can SQL injection, CSRF, and XSS attacks be prevented in Golang — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-can-sql-injection-csrf-and-xss-attacks-be-prevented-in-golang-bug-bounty-tuesday-2f857b2e4b53?source=rss------bug_bounty-5kerstangolang, coding, cybersecurity, hacking, bug-bounty29-Oct-2024
How I Started My Bug Bounty Journey…!!!https://harshbardhanx.medium.com/how-i-started-my-bug-bounty-journey-1b9683fa6252?source=rss------bug_bounty-5Harsh Bardhanbug-hunting, bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips29-Oct-2024
My step by step process on how I do Bug Bounty Hunting: From finding targets to Submission of the…https://pwndecoco.medium.com/my-step-by-step-process-on-how-i-do-bug-bounty-hunting-from-finding-targets-to-submission-of-the-c3ad5d4b07ad?source=rss------bug_bounty-5Pwndec0c0penetration-testing, bug-bounty, cybersecurity, bug-bounty-writeup, hacking29-Oct-2024
How do SSL Scanners Workhttps://medium.com/@serhatcck/how-do-ssl-scanners-work-b4977308e981?source=rss------bug_bounty-5Serhat ÇİÇEKcryptography, application-security, bug-bounty, hacking, pentesting29-Oct-2024
Data Breach Affects 800,000 Citizens in Italyhttps://medium.com/@wiretor/data-breach-affects-800-000-citizens-in-italy-1f977df0cab6?source=rss------bug_bounty-5WIRE TORbug-bounty, malware, italian, pentesting, hacking29-Oct-2024
Massive PSAUX Ransomware Attack Targets 22,000 CyberPanel Instances!https://medium.com/@wiretor/massive-psaux-ransomware-attack-targets-22-000-cyberpanel-instances-2925859c759c?source=rss------bug_bounty-5WIRE TORhacking, bug-bounty, usa, malware, cybersecurity29-Oct-2024
WIRE TOR — The Ethical Hacking Serviceshttps://medium.com/@wiretor/wire-tor-the-ethical-hacking-services-47ef9ecf7471?source=rss------bug_bounty-5WIRE TORhacking, bug-bounty, malware, usa, pentesting29-Oct-2024
Payment Bypass via API Request to Activate Premium Plan on Private Bug Bounty Programhttps://medium.com/@sharp488/payment-bypass-via-api-request-to-activate-premium-plan-on-private-bug-bounty-program-bbd7fc91ef99?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty, information-technology, bug-bounty-tips, bugs, information-security28-Oct-2024
How to find a Race-condition Bug and make $1300https://medium.com/@anandrishav2228/how-to-find-a-race-condition-bug-and-make-1300-66d7e14040e9?source=rss------bug_bounty-5Rishav anandrace-condition, hacker, bug-bounty, cybersecurity, money28-Oct-2024
$150,000 Evmos Vulnerability Through Reading Documentationhttps://medium.com/@jjordanjjordan/150-000-evmos-vulnerability-through-reading-documentation-d26328590a7a?source=rss------bug_bounty-5jayjonah.ethbug-bounty, crypto, web3, ethereum, blockchain28-Oct-2024
Blind Cross Site Scripting in License Applicationhttps://medium.com/@abdullah12987654/blind-cross-site-scripting-in-license-application-aa865c0e0496?source=rss------bug_bounty-5Abdullahpenetration-testing, cross-site-scripting, xss-vulnerability, hacking, bug-bounty28-Oct-2024
HTTP Request Smuggling: From Needs More Info to Confirmed Impact!https://medium.com/@rezauditore/http-request-smuggling-from-needs-more-info-to-confirmed-impact-9b36349355ca?source=rss------bug_bounty-5rezauditorebug-bounty, http-request, peace, lgbtq, hacking28-Oct-2024
Best AI Tool to Learn Hacking 2025https://medium.com/@TahirAyoub/best-ai-tool-to-learn-hacking-2025-e30b11c551c8?source=rss------bug_bounty-5Tahir Ayoubai, cybersecurity, artificial-intelligence, bug-bounty, hacking28-Oct-2024
Easy 400$ Bounty on Hackerone Public BBPhttps://medium.com/@kaforybory/easy-400-bounty-on-hackerone-public-bbp-b7a9aa2d6767?source=rss------bug_bounty-5Hassan Makkicybersecurity, infosec, bug-bounty-tips, penetration-testing, bug-bounty28-Oct-2024
Exposing a Data Leak Vulnerability: My Journey to Discoveryhttps://infosecwriteups.com/exposing-a-data-leak-vulnerability-my-journey-to-discovery-7be93ce2c5b0?source=rss------bug_bounty-5Abhishek Bhujangethical-hacking, security, bug-bounty, bug-hunting, hacking28-Oct-2024
Ethical Hacking and Bug Bounty Programs —  Harnessing Hackers for Goodhttps://medium.com/@RocketMeUpCybersecurity/ethical-hacking-and-bug-bounty-programs-harnessing-hackers-for-good-ac8417374af0?source=rss------bug_bounty-5RocketMe Up Cybersecuritysecurity-testing, vulnerability-assessment, white-hat-hacker, ethical-hacking, bug-bounty28-Oct-2024
My first bug bountyhttps://medium.com/@zatikyan.sevada/my-first-bug-bounty-5dc382b7cd50?source=rss------bug_bounty-5Zatikyan Sevadacybersecurity, information-disclosure, bug-bounty, hacking-tools28-Oct-2024
Portswigger Lab: Reflected XSS in a JavaScript URL with some characters blockedhttps://medium.com/@iamdeusx/portswigger-lab-reflected-xss-in-a-javascript-url-with-some-characters-blocked-fa15ae95d90e?source=rss------bug_bounty-5DeusXbug-bounty, portswigger, cybersecurity, ctf28-Oct-2024
LLM Pentest Services at Wire Tor️https://medium.com/@wiretor/llm-pentest-services-at-wire-tor-%EF%B8%8F-e2617eb98a89?source=rss------bug_bounty-5WIRE TORcybersecurity, malware, hacking, usa, bug-bounty28-Oct-2024
Breaking Down My Bug Bounty Find: Exploiting EC-Council’s iClass Platformhttps://medium.com/@salaheddine_kalada/breaking-down-my-bug-bounty-find-exploiting-ec-councils-iclass-platform-68bd9a6c8460?source=rss------bug_bounty-5Salaheddine KALADAresponsible-disclosure, ethical-hacking, bug-bounty-writeup, bug-bounty, cybersecurity28-Oct-2024
How I Leveraged HTML Injection to Create an Account Using Someone Else’s Emailhttps://infosecwriteups.com/how-i-leveraged-html-injection-to-create-an-account-using-someone-elses-email-b80f83ab9465?source=rss------bug_bounty-5Devanshcybersecurity, html-injection, bug-bounty, information-security27-Oct-2024
Use Burp Suite Community version like a professional version Save upto $449https://medium.com/@anandrishav2228/use-burp-suite-community-version-like-a-professional-version-2225e9d0404f?source=rss------bug_bounty-5Rishav anandburpsuite, hacking, bug-bounty, money, cybersecurity27-Oct-2024
My Roadmap and the Tools I plan to use to aid my journey.https://cybersechemmars.medium.com/my-roadmap-and-the-tools-i-plan-to-use-to-aid-my-journey-4f720504fce6?source=rss------bug_bounty-5Cybersec with Hemmarsbug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips27-Oct-2024
Unauthorized Privilege Escalation: Gaining Command Line Access on Unpermitted Company Devices $$$$https://sp1der0x.medium.com/unauthorized-privilege-escalation-gaining-command-line-access-on-unpermitted-company-devices-1a67e55f1b63?source=rss------bug_bounty-5Spiderhacking, business-logic, privilege-escalation, access-control, bug-bounty27-Oct-2024
Bypassing File Upload Defenses: My Journey from Simple Bypass to Near RCEhttps://medium.com/@dsmodi484/bypassing-file-upload-defenses-my-journey-from-simple-bypass-to-near-rce-ffbd23400efa?source=rss------bug_bounty-5Dishant Modibug-bounty, vulnerability, file-upload, methodology, rce27-Oct-2024
How to find bugs in Microsoft iis page.https://infosecwriteups.com/how-to-find-bugs-in-microsoft-iis-page-ef336a229abc?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, cybersecurity, hacking, tips, bug-bounty27-Oct-2024
How I Leveraged HTML Injection to Create an Account Using Someone Else’s Emailhttps://infosecwriteups.com/how-i-leveraged-html-injection-to-create-an-account-using-someone-elses-email-b80f83ab9465?source=rss------bug_bounty-5Devansh Doshicybersecurity, html-injection, bug-bounty, information-security27-Oct-2024
Fog & Akira Ransomware Exploit SonicWall VPN: Is Your Network Safe?https://medium.com/@wiretor/fog-akira-ransomware-exploit-sonicwall-vpn-is-your-network-safe-81da77b75cae?source=rss------bug_bounty-5WIRE TORpentesting, hacking, cybersecurity, usa, bug-bounty27-Oct-2024
China-Backed Cyber Attack: Donald Trump and JD Vance Targeted!https://medium.com/@wiretor/china-backed-cyber-attack-donald-trump-and-jd-vance-targeted-004518c60c89?source=rss------bug_bounty-5WIRE TORmalware, bug-bounty, usa, hacking, cybersecurity27-Oct-2024
Unauthorized Privilege Escalation: Gaining Command Line Access on Unpermitted Company Devices $$$$https://sp1der0x.medium.com/unauthorized-privilege-escalation-gaining-command-line-access-on-unpermitted-company-devices-1a67e55f1b63?source=rss------bug_bounty-5Sp1der0xhacking, business-logic, privilege-escalation, access-control, bug-bounty27-Oct-2024
Firefox&Chrome extensions for bugbounty hunters.(PART 2)https://osintteam.blog/firefox-chrome-extensions-for-bugbounty-hunters-part-2-c3febcb6e64b?source=rss------bug_bounty-5loyalonlytodaytips, hacking, penetration-testing, cybersecurity, bug-bounty26-Oct-2024
Free vps for hacking and bug bounty hunting.https://osintteam.blog/free-vps-for-hacking-and-bug-bounty-hunting-921d1dda71ce?source=rss------bug_bounty-5loyalonlytodaybug-bounty, hacking, tips-and-tricks, vps, cybersecurity26-Oct-2024
Bug Bounty with AI in Real-Time: The Future of Cybersecurityhttps://prakash888kpk.medium.com/bug-bounty-with-ai-in-real-time-the-future-of-cybersecurity-b3f783c7f0de?source=rss------bug_bounty-5Lets Unlearntips-and-tricks, ai, bug-bounty26-Oct-2024
Find CSRF and get a bounty of $900 Quicklyhttps://medium.com/@anandrishav2228/find-csrf-and-get-a-bounty-of-900-quickly-a9c3bf311dfb?source=rss------bug_bounty-5Rishav anandmoney, bug-bounty, cybersecurity, hacker, ai26-Oct-2024
One idea Uncovers Authentication Bypass & Session management flawhttps://medium.com/@CipherHawk/one-idea-uncovers-authentication-bypass-session-management-flaw-2e1536f5c52d?source=rss------bug_bounty-5CipherHawkbug-bounty, hackerone, vulnerability, bugcrowd, hacking26-Oct-2024
How to Handle Burnout as a Bug Bounty Hunter: Step-by-Step Guidehttps://bevijaygupta.medium.com/how-to-handle-burnout-as-a-bug-bounty-hunter-step-by-step-guide-173bdc11386d?source=rss------bug_bounty-5Vijay Guptaburnout, bug-bounty-writeup, bug-bounty, bugs, bug-bounty-tips26-Oct-2024
Curious Case of a Feedback Linkhttps://medium.com/@thelazypentester/curious-case-of-a-feedback-link-0b1f5b208df0?source=rss------bug_bounty-5Jobsonsensitive-information, bug-bounty, cybersecurity, hacking, burpsuite26-Oct-2024
Bug Hunting Methodologyhttps://medium.com/@prajwalpatil453/bug-hunting-methodology-0780e74958be?source=rss------bug_bounty-5Anonstrkcybersecurity, bug-bounty-tips, bug-bounty, methodology, bug-hunting26-Oct-2024
500$ Idor vulnerability.https://medium.com/@noureldin1042/500-idor-vulnerability-dfc5d6f31119?source=rss------bug_bounty-5Noureldin(0x_5wf)programming, hacking, bug-bounty, bug-bounty-writeup, bug-bounty-tips26-Oct-2024
INICON: A One-Stop Recon Tool for Bug Bounty Huntershttps://medium.com/@jwalanth/inicon-a-one-stop-recon-tool-for-bug-bounty-hunters-8e1dcfa90a6c?source=rss------bug_bounty-5Kira61(Jwalanth)cybersecurity, python, pentesting, reconnaissance, bug-bounty26-Oct-2024
How I Discovered an Easy 2FA Vulnerability on Logitechhttps://medium.com/@dhananjay_00/how-i-discovered-an-easy-2fa-vulnerability-on-logitech-ff0d07178b04?source=rss------bug_bounty-5Dhananjay Pathakbug-bounty-tips, bug-bounty, bugbounty-writeup, hackerone, hacking26-Oct-2024
Dependency Confusion Unleashed: How One Misconfiguration Can Compromise an Entire Systemhttps://medium.com/@omargamal4em/dependency-confusion-unleashed-how-one-misconfiguration-can-compromise-an-entire-system-e0df2a26c341?source=rss------bug_bounty-5omar gamalbug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-tips26-Oct-2024
AIO Web App Pentesting Checklisthttps://cristivlad.medium.com/aio-web-app-pentesting-checklist-afe277d735dd?source=rss------bug_bounty-5Cristi Vladcybersecurity, bug-bounty, infosec, penetration-testing, pentesting26-Oct-2024
Apple Paying Big Bucks for Security Flaws: Your Chance to Cash In!https://medium.com/@v55232352/apple-paying-big-bucks-for-security-flaws-your-chance-to-cash-in-edb0f4f5ad21?source=rss------bug_bounty-5Patrick Hoovercyber-security-services, bug-bounty, apple-security-update26-Oct-2024
SQL Injections and the cute $2000 bountyhttps://medium.com/@nireshpandian19/sql-injections-and-the-cute-2000-bounty-2d18441ee0e3?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty, bug-bounty-writeup, idor-vulnerability, bug-bounty-tips, sql-injection26-Oct-2024
Bind Shells: A Practical Guidehttps://medium.com/@learntheshell/bind-shells-a-practical-guide-9c00b3d7ad74?source=rss------bug_bounty-5LearnTheShellcybersecurity, bug-bounty, pentesting, bind-shell, bug-bounty-tips26-Oct-2024
Cronjobs for hackers (bugbounty article)https://medium.com/@bag0zathev2/cronjobs-for-hackers-bugbounty-article-7d51588d0fd5?source=rss------bug_bounty-5Fares Walid (SirBugs)cybersecurity, bugbounty-tips, cronjob, bug-bounty, hacking26-Oct-2024
BugBounty — Mastering the Basics (along with Resources)[Part-1]https://medium.com/@iabhipathak/bugbounty-mastering-the-basics-along-with-resources-part-1-47d30eb3d19a?source=rss------bug_bounty-5Abhinav Pathakbug-bounty, cybersecurity, security, ethical-hacking, hacking26-Oct-2024
DVWA : Brute Force Vulnerability Solution (Low & Medium Security Level)https://medium.com/@Kamal_S/dvwa-brute-force-vulnerability-solution-low-medium-security-level-9c01eadf3720?source=rss------bug_bounty-5Kamal Sdvwa, burpsuite, brute-force, owasp, bug-bounty26-Oct-2024
New Cisco ASA and FTD Features: Blocking VPN Brute-Force Password Attacks!https://medium.com/@wiretor/new-cisco-asa-and-ftd-features-blocking-vpn-brute-force-password-attacks-c9065ef3ccfd?source=rss------bug_bounty-5WIRE TORpresidential-election-usa, cybersecurity, usa, bug-bounty, hacking26-Oct-2024
New Windows Driver Signature Bypass Enables Rootkit Installs!https://medium.com/@wiretor/new-windows-driver-signature-bypass-enables-rootkit-installs-42d64a4e973a?source=rss------bug_bounty-5WIRE TORbug-bounty, cybersecurity, networking, hacking, malware26-Oct-2024
Black Basta Ransomware Targets Teams: Stay Vigilant!https://medium.com/@wiretor/black-basta-ransomware-targets-teams-stay-vigilant-a76d8550003c?source=rss------bug_bounty-5WIRE TORhacking, cybersecurity, malware, xss-attack, bug-bounty26-Oct-2024
Hunting for Open Redirect Vulnerabilities: A Beginner to Expert Guidehttps://medium.com/@360Security/hunting-for-open-redirect-vulnerabilities-a-beginner-to-expert-guide-c33dd1ac1875?source=rss------bug_bounty-5360 Securityweb-security, penetration-testing, vulnerability, cybersecurity, bug-bounty26-Oct-2024
Red Hat SSO 7.6 Host Header Injection Vulnerabilityhttps://medium.com/@mark.roy.1337/exploiting-and-securing-red-hat-sso-7-6-host-header-injection-vulnerability-654424f6889a?source=rss------bug_bounty-5Mark R.vulnerability, bug-bounty, cybersecurity25-Oct-2024
TECNO Security Year-End Reward Sprint Preview: Grand Prizes Await You!https://medium.com/@security.tecno/tecno-security-year-end-reward-sprint-preview-grand-prizes-await-you-7dec791e12ce?source=rss------bug_bounty-5TECNO Securitybug-bounty, hacking, bonus, security25-Oct-2024
How I Bypassed Rate Limit on Loginhttps://mo9khu93r.medium.com/how-i-bypassed-rate-limit-on-login-b600b15158ef?source=rss------bug_bounty-5mo9khu93rbug-bounty, hacking, cybersecurity, pentesting, rate-limit-bypass25-Oct-2024
Remote Code Execution - Rage of Race Condition on Gen AIhttps://shahjerry33.medium.com/remote-code-execution-rage-of-race-condition-on-gen-ai-6f4cbc1a0e62?source=rss------bug_bounty-5Jerry Shah (Jerry)cybersecurity, penetration-testing, infosec, vulnerability, bug-bounty25-Oct-2024
Bug punya severity & priorityhttps://ilhamday.medium.com/bug-punya-severity-priority-5552885eebd6?source=rss------bug_bounty-5Ilham Ferrytesting, bug-bounty, qa, quality-assurance, software-development25-Oct-2024
Red Hat SSO 7.6 Host Header Injection Vulnerabilityhttps://medium.com/@mark-r/exploiting-and-securing-red-hat-sso-7-6-host-header-injection-vulnerability-654424f6889a?source=rss------bug_bounty-5Mark R.vulnerability, bug-bounty, cybersecurity25-Oct-2024
Advance AI Test Cases For Penetration Testinghttps://infosecwriteups.com/advance-ai-testcases-for-penetration-testing-d61b2196311d?source=rss------bug_bounty-5Ajay Naikinformation-technology, cyberattack, cybersecurity, bug-bounty, ai25-Oct-2024
Exploiting BAC: Unlimited Likes in Comment Sectionshttps://medium.com/@RaunakGupta1922/exploiting-bac-unlimited-likes-in-comment-sections-64f173b951fe?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitbug-bounty-tips, cybersecurity, programming, bug-bounty, technology25-Oct-2024
Information Disclosure in Top 500 Company through Source Codehttps://medium.com/@anonymousshetty2003/information-disclosure-in-top-500-company-through-source-code-fe91a7806acc?source=rss------bug_bounty-5Anonymousshettybug-bounty, cybersecurity, hacking, information-disclosure, security25-Oct-2024
WordPress Penetration Testing: A Hacker’s Playbookhttps://systemweakness.com/wordpress-penetration-testing-a-hackers-playbook-bb97b8a009b1?source=rss------bug_bounty-5Ahmed Makawipenetration-testing, ethical-hacking, wordpress, bug-bounty25-Oct-2024
How to install WhatWeb & usage samples.https://pwndecoco.medium.com/how-to-install-whatweb-usage-samples-8b735fc4d645?source=rss------bug_bounty-5Pwndec0c0penetration-testing, whatweb, bug-bounty, cybersecurity, linux25-Oct-2024
My step by step process on how I do Bug Bounty Hunting: From finding targets to Submission of the…https://pwndecoco.medium.com/my-step-by-step-process-on-how-i-do-bug-bounty-program-from-finding-targets-to-submission-of-the-d25939b2a1b3?source=rss------bug_bounty-5Pwndec0c0bug-bounty-tips, bug-bounty-writeup, bug-bounty, penetration-testing, cybersecurity25-Oct-2024
Uncovering Vulnerabilities: My Discovery of Hashed Passwords on a Dutch Government Websitehttps://medium.com/@anonymousshetty2003/uncovering-vulnerabilities-my-discovery-of-hashed-passwords-on-a-dutch-government-website-f30969e6ebbc?source=rss------bug_bounty-5Anonymousshettycybersecurity, security, bug-bounty, hacking, information-disclosure25-Oct-2024
Finding Cross-Site Scripting (XSS) vulnerabilities in Bug bounty programhttps://medium.com/@curiouskhanna/finding-cross-site-scripting-xss-vulnerabilities-in-bug-bounty-program-2a40bef4c8d7?source=rss------bug_bounty-5Shubham Khannacybersecurity, earn-money-online, research, bug-bounty25-Oct-2024
Cracking JWT Tokens: A Path to Identifying Bugs and Earn upto $700https://medium.com/@anandrishav2228/cracking-jwt-tokens-a-path-to-identifying-bugs-and-earn-upto-700-4028bcdcbebf?source=rss------bug_bounty-5Rishav anandbug-bounty, hacking, money, token, cybersecurity24-Oct-2024
50€ Rabbit Hole — Plain as Cake Bugshttps://medium.com/@rootplinix/50-rabbit-hole-plain-as-cake-bugs-e3e0940f93ce?source=rss------bug_bounty-5Abu Hurayrabug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips, cybersecurity24-Oct-2024
IDOR+Privilege Escalation+No Rate Limit+Business Logic into a Single Vulnerabilityhttps://medium.com/@hossam_hamada/idor-privilege-escalation-no-rate-limit-business-logic-into-a-single-vulnerability-1e6acc9a3884?source=rss------bug_bounty-5Hossam Hamadahackerone, idor, bug-bounty, privilege-escalation, business-logic24-Oct-2024
Bug Bounty Burnout: Stay Motivated and Mentally Stronghttps://bevijaygupta.medium.com/bug-bounty-burnout-stay-motivated-and-mentally-strong-9408b92fa6c8?source=rss------bug_bounty-5Vijay Guptamentally-strong, bug-bounty, motivation, bug-bounty-tips, bugs24-Oct-2024
Critical Threat for WordPress Developers and Users, if You are Using a General Password to login…https://medium.com/@a5adujjaman/critical-threat-for-wordpress-developers-and-users-if-you-are-using-a-general-password-to-login-359ff16fcc45?source=rss------bug_bounty-5Asadujjaman Asifsecurity, two-factor-authentication, bug-bounty, wordpress, wordpress-security24-Oct-2024
Web3 BBP Journal: Oct.24, 2024https://medium.com/@harryfyx/web3-bbp-journal-oct-24-2024-d3c7083ac416?source=rss------bug_bounty-5hhhkbbug-bounty24-Oct-2024
Bugcrowd Triage is Terriblehttps://medium.com/@cybersecnoneed/bugcrowd-triage-is-terrible-97065059aaff?source=rss------bug_bounty-5Cybersecnoneedbug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-program24-Oct-2024
Unreleased function leads to 150$ bountyhttps://medium.com/@noureldin1042/unreleased-function-leads-to-150-bounty-c8521e3e3ba8?source=rss------bug_bounty-5Noureldin(0x_5wf)bug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-hunting, programming24-Oct-2024
How I Accessed Microsoft’s ServiceNow — Exposing ALL Microsoft Employee emails, Chat Support…https://medium.com/@moblig/how-i-accessed-microsofts-servicenow-exposing-all-microsoft-employee-emails-chat-support-5f8d535eb63b?source=rss------bug_bounty-5Mobligbug-bounty, cybersecurity, microsoft, news24-Oct-2024
Seprate Active and Dead Subdomains part 4https://osintteam.blog/seprate-active-and-dead-subdomains-part-4-18f092dc8423?source=rss------bug_bounty-5Mr Abdullahbugbounty-writeup, subdomains-enumeration, hacking, bug-bounty, web-hacking24-Oct-2024
Smart recon to PWN the panelhttps://ro0od.medium.com/smart-recon-to-pwn-the-panel-a23b0b9466bb?source=rss------bug_bounty-5roodhacking, bug-bounty, hackerone, writeup, bug-bounty-tips24-Oct-2024
Penalized for Responsible Disclosurehttps://geochen.medium.com/penalized-for-responsible-disclosure-e36b3f57dc8a?source=rss------bug_bounty-5George Chenbig-four, hacking, bug-bounty, cybersecurity, responsible-disclosure24-Oct-2024
Bug Bounty with AI: Enhancing Cybersecurity Through Artificial Intelligencehttps://prakash888kpk.medium.com/bug-bounty-with-ai-enhancing-cybersecurity-through-artificial-intelligence-fc679204b800?source=rss------bug_bounty-5Lets Unlearnai-tools, bug-bounty, ai, bugs, bounties24-Oct-2024
Cheat Sheet : Utilisation de Nuclei pour les Tests de Sécurité et bhttps://medium.com/@Itachi0xf/cheat-sheet-utilisation-de-nuclei-pour-les-tests-de-s%C3%A9curit%C3%A9-et-b-e4d9d57aff32?source=rss------bug_bounty-5Itachix0fhacking, cheatsheet, learning, bug-bounty24-Oct-2024
Das CRUD-Prinziphttps://medium.com/@rainer_zufall111/das-crud-prinzip-786530d1a302?source=rss------bug_bounty-5R4In3RZuf4LLcybersecurity, hacking, bug-bounty, api24-Oct-2024
How i found exposed db creds on .gov sitehttps://medium.com/@jenroots/how-i-found-exposed-db-creds-on-gov-site-24588d9eb9c8?source=rss------bug_bounty-5Jenrootsbug-bounty-tips, information-security, penetration-testing, bugs, bug-bounty24-Oct-2024
Second Strike: Uncovering a GraphQL IDOR That Let Me Delete Anyones Posthttps://dukrov.medium.com/second-strike-uncovering-a-graphql-idor-that-let-me-delete-anyones-post-7c6fefd71db7?source=rss------bug_bounty-5͏ ͏Dukrovbug-bounty, hackerone, cybersecurity, bugbounty-tips, hacking24-Oct-2024
How to Handle Burnout as a Bug Bounty Hunter: Step By Step guidehttps://medium.com/@shaikhminhaz1975/how-to-handle-burnout-as-a-bug-bounty-hunter-step-by-step-guide-c83b06c4fc1f?source=rss------bug_bounty-5Shaikh Minhazburnout-prevention, stress-management, cybersecurity, stress, bug-bounty23-Oct-2024
How to Find CVEs, Report Them, and Leverage Them for Career Growth and Bounties of $$$$$.https://medium.com/@anandrishav2228/how-to-find-cves-report-them-and-leverage-them-for-career-growth-and-bounties-of-3b62538c64d1?source=rss------bug_bounty-5Rishav anandai, money, cybersecurity, cve, bug-bounty23-Oct-2024
One Payload for Bugbounty(X$$)!https://pwndecoco.medium.com/one-payload-for-bugbounty-x-ace7dfd4859d?source=rss------bug_bounty-5Pwndec0c0penetration-testing, bugbounty-tips, bug-bounty, hacking, bugbounty-writeup23-Oct-2024
Hacking Tools That You Need To Learnhttps://aircorridor.medium.com/hacking-tools-that-you-need-to-learn-2d8ebb8b47aa?source=rss------bug_bounty-5Aircorridorbug-bounty, cybersecurity, linux, tools, hacking23-Oct-2024
Improper Access Control — Generic: How I Gained Full Control Over an Admin Panelhttps://medium.com/@rezauditore/improper-access-control-generic-how-i-gained-full-control-over-an-admin-panel-c82587a1a09f?source=rss------bug_bounty-5rezauditorebug-bounty, lgbtq, appsec, ethical-hacking, api23-Oct-2024
How I Discovered Sensitive App_ID and App_Key Disclosure in a JavaScript File and Earned $150https://medium.com/@dhananjay_00/how-i-discovered-sensitive-app-id-and-app-key-disclosure-in-a-javascript-file-and-earned-150-ad3fb7f942bc?source=rss------bug_bounty-5Dhananjay Pathakpenetration-testing, cybersecurity, hacking, bug-bounty, hackerone23-Oct-2024
Understanding SMTP User Enumeration via MX Record Attackshttps://hackerhalt.medium.com/smtp-user-enumeration-mx-record-4e5761d52e57?source=rss------bug_bounty-5Hacker Haltpentesting, bugcrowd, bug-bounty, hackerone23-Oct-2024
Entering The Dark Web And Explaining The Art Of Deep Anonymity | Primary Hacking School #8https://medium.com/@nnface/entering-the-dark-web-and-explaining-the-art-of-deep-anonymity-primary-hacking-school-8-20239706e4fc?source=rss------bug_bounty-5NnFacedarkweb, web, hacking, kali-linux, bug-bounty23-Oct-2024
Eyeglass Adventures: From Typos to Admin Access — A Hacker’s Talehttps://medium.com/@khode4li/eyeglass-adventures-from-typos-to-admin-access-a-hackers-tale-0a3149acd6e9?source=rss------bug_bounty-5Khod4lisecurity, mass-assignment, bug-bounty, broken-access-control, vulnerability23-Oct-2024
Stored XSS Critical or NOT?https://medium.com/@mrro0o0tt/stored-xss-critical-or-not-da9eb9b19029?source=rss------bug_bounty-5Whoamibug-bounty-hunter, bug-bounty-tips, bug-bounty, hacking, bug-bounty-writeup23-Oct-2024
Requisições Web  —  Tudo que você deve saber para começar em cybersegurançahttps://medium.com/@malwarilia/requisi%C3%A7%C3%B5es-web-tudo-que-voc%C3%AA-deve-saber-para-come%C3%A7ar-em-cyberseguran%C3%A7a-ef01a89b250c?source=rss------bug_bounty-5Marília Rochabug-bounty-tips, pentesting, cybersecurity, infosec, bug-bounty22-Oct-2024
Bug Bounty Methodology for SQL Injection with Waybash URLshttps://pwn0sec.medium.com/bug-bounty-methodology-for-sql-injection-with-waybash-urls-d1d13d0ebdaa?source=rss------bug_bounty-5Imhunterandbug-bounty-tips, waybash, sql-injection, bug-bounty-writeup, bug-bounty22-Oct-2024
Oracle SQL Injection | Database Reconhttps://systemweakness.com/oracle-sql-injection-database-recon-0c384d4a085a?source=rss------bug_bounty-5AbhirupKonwarcybersecurity, sql-injection, bug-bounty, pentesting, bug-bounty-tips22-Oct-2024
Forget password OTP flaw lead to Account Takeover.https://medium.com/@bughunt789/forget-password-otp-flaw-lead-to-account-takeover-b3f2b847952b?source=rss------bug_bounty-5BUG HUNTERbug-bounty, bug-bounty-writeup, response-manipulation, account-takeover, account-takeover-attacks22-Oct-2024
How I Hacked Over 150k PII on a Programhttps://medium.com/@rootplinix/how-i-hacked-over-150k-pii-on-a-program-f58b8b141d4a?source=rss------bug_bounty-5Abu Hurayrapii-data, infosec, hackerone, bug-bounty-tips, bug-bounty22-Oct-2024
SQL Injection Attack, Listing the Database Contents on Oraclehttps://medium.com/@marduk.i.am/sql-injection-attack-listing-the-database-contents-on-oracle-3be23e33a43d?source=rss------bug_bounty-5Marduk I Amsqli, information-security, sql-injection, portswigger-lab, bug-bounty22-Oct-2024
Discovery of Reflected XSS Vulnerability on a Global Car Website #2https://medium.com/@gg20205959/discovery-of-reflected-xss-vulnerability-on-a-global-car-website-2-ddfc7ba9f67d?source=rss------bug_bounty-5VulnSniperxss-attack, xss-vulnerability, bug-bounty, penetration-testing22-Oct-2024
LLM Penetration Testing Checklisthttps://infosecwriteups.com/llm-penetration-testing-checklist-87eda0ce2991?source=rss------bug_bounty-5Ajay Naikinformation-technology, information-security, penetration-testing, cybersecurity, bug-bounty22-Oct-2024
Security Flaw in Styra’s OPA Exposes NTLM Hashes to Remote Attackershttps://medium.com/@wiretor/security-flaw-in-styras-opa-exposes-ntlm-hashes-to-remote-attackers-f4c9ce201de8?source=rss------bug_bounty-5WIRE TORpenetration-testing, hacking, bug-bounty, cybersecurity, usa22-Oct-2024
Shodan Secrets | Hack Hidden Files Easilyhttps://osintteam.blog/shodan-secrets-hack-hidden-files-easily-94de007def73?source=rss------bug_bounty-5AbhirupKonwarcybersecurity, bug-hunting, shodan, bug-bounty, pentesting22-Oct-2024
Hunting Broken Object Level Authorizationhttps://blackhawkk.medium.com/hunting-broken-object-level-authorization-9b499fc0f327?source=rss------bug_bounty-5Tanmay Bhattacharjeebug-bounty, api-sec, owasp22-Oct-2024
Single endpoint leads to two bounties!(400$)https://medium.com/@noureldin1042/single-endpoint-leads-to-two-bounties-400-7dd96cf601c7?source=rss------bug_bounty-5Noureldin(0x_5wf)bug-bounty, bug-hunting, bug-bounty-writeup, hackerone, bug-bounty-tips22-Oct-2024
Breaking Boundaries: Discovering Session Invalidation Failures in User Roleshttps://medium.com/@hawkeye69669/breaking-boundaries-discovering-session-invalidation-failures-in-user-roles-84711777f9f2?source=rss------bug_bounty-5Hawkeyebug-bounty-tips, bug-bounty, infosec-write-ups, bug-bounty-writeup, infosec22-Oct-2024
Google Warns of Samsung Zero-Day Exploited in the Wildhttps://medium.com/@wiretor/google-warns-of-samsung-zero-day-exploited-in-the-wild-fb98c84b3e06?source=rss------bug_bounty-5WIRE TORusa, cybersecurity, hacking, bug-bounty, malware22-Oct-2024
Critical Vulnerabilities Expose mbNET.mini and Helmholz Industrial Routers to Attackshttps://medium.com/@wiretor/critical-vulnerabilities-expose-mbnet-mini-and-helmholz-industrial-routers-to-attacks-feac904b23b5?source=rss------bug_bounty-5WIRE TORusa, hacking, bug-bounty, cybersecurity, pentesting22-Oct-2024
Ransomware Alert: Cicada3301 Emerges as Successor to BlackCathttps://medium.com/@wiretor/ransomware-alert-cicada3301-emerges-as-successor-to-blackcat-e0e468472e08?source=rss------bug_bounty-5WIRE TORpentesting, bug-bounty, cybersecurity, usa, hacking22-Oct-2024
How i tricked Crypto Trading Site into sending Dangerous email to it’s Usershttps://medium.com/@Rahulkrishnan_R_Panicker/how-i-tricked-crypto-trading-site-into-sending-dangerous-email-to-its-users-a11a972c470f?source=rss------bug_bounty-5Rahulkrishnan R Panickerbug-bounty, bug-bounty-tips, bug-bounty-writeup, pentesting, security21-Oct-2024
Oops, Nykaa! How I Almost Ordered ₹1 Lakh Worth of Makeup (Without Even Logging In!)https://medium.com/@lungfu-chingchung/oops-nykaa-how-i-almost-ordered-1-lakh-worth-of-makeup-without-even-logging-in-f10679e0d8c9?source=rss------bug_bounty-5LungFulearning, firstwriteup, mastmaula, security, bug-bounty21-Oct-2024
Another Dark Reality of Bug Huntinghttps://bevijaygupta.medium.com/another-dark-reality-of-bug-hunting-0c8fa62e9867?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, dark-reality, bug-bounty, bugs, bug-zero21-Oct-2024
How to Use nslookup from Beginner to Advanced: A Comprehensive Guidehttps://medium.com/@anandrishav2228/how-to-use-nslookup-from-beginner-to-advanced-a-comprehensive-guide-846ad93955e4?source=rss------bug_bounty-5Rishav anandmoney, cybersecurity, hacker, bug-bounty, dns21-Oct-2024
How I Found and Reported a High Severity Stored XSS Vulnerability in the UK Ministry of Defence: A…https://medium.com/@sagarjondhle/how-i-found-and-reported-a-critical-stored-xss-vulnerability-in-the-uk-ministry-of-defence-a-bug-e44497befaa8?source=rss------bug_bounty-5IronPurushbug-bounty, cybersecurity, information-technology, education21-Oct-2024
Hacking LLMNR and NBT-NShttps://medium.com/@nishcyber22/hacking-llmnr-and-nbt-ns-3187458ee89d?source=rss------bug_bounty-50xn1shpenetration-testing, hacking, cybersecurity, windows-hacking, bug-bounty21-Oct-2024
HTTP para Pentesters: Tudo que você precisa saberhttps://medium.com/@malwarilia/introdu%C3%A7%C3%A3o-ao-http-para-pentesters-tudo-que-voc%C3%AA-precisa-saber-f3cce97d42e9?source=rss------bug_bounty-5Marília Rochaoffensive-security, segurança-da-informação, cybersecurity, bug-bounty, pentes21-Oct-2024
What’s Session Managementhttps://medium.com/@vishalsahu1604/whats-session-management-306c08a9afcf?source=rss------bug_bounty-5Vishal Sahoobug-bounty, cybersecurity, website-traffic, website, website-development21-Oct-2024
Unlocking Cybersecurity with Censys: A Guide to Ethical Hacking, Bug Bounties, and Pentesting —…https://medium.com/@vulnlabresearcher/unlocking-cybersecurity-with-censys-a-guide-to-ethical-hacking-bug-bounties-and-pentesting-f4c29e89ac54?source=rss------bug_bounty-5VulnResearcherpassive-network-scanning, internet-scanning-tools, censys-tutorial, bug-bounty, ethical-hacking21-Oct-2024
CSRF-ATTACK-PREVENTION-GUIDEhttps://osintteam.blog/csrf-attack-prevention-guide-3afe8791af6d?source=rss------bug_bounty-5Asad Mohsincyber-security-awareness, cybersecuirty, cyber-attack-prevention, bug-bounty, csrf21-Oct-2024
How No rate limiting got me 150$ in 5 minutes.https://medium.com/@noureldin1042/how-no-rate-limiting-got-me-150-in-5-minutes-e0abbec48f35?source=rss------bug_bounty-5Noureldin(0x_5wf)bug-bounty, bounty-hunter, penetration-testing, bounty-program, bug-hunting21-Oct-2024
How i found 22 LFI in the same program using automation trickshttps://medium.com/@zomasec/how-i-found-22-lfi-in-the-same-program-using-automation-tricks-3ea303d24f4a?source=rss------bug_bounty-5Hazem El-Sayedbug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips, web-security21-Oct-2024
My First $100 Bounty: Exploiting IDOR Vulnerability in Account Sectionhttps://medium.com/@tinu7494/my-first-100-bounty-exploiting-idor-vulnerability-in-account-section-fc81d28dbed9?source=rss------bug_bounty-5Whitehatbug-bounty, penetration-testing, bug-bounty-tips, hacking, cybersecurity21-Oct-2024
How Sensitive Information Disclosure Can Lead to Account Takeoverhttps://medium.com/@D2Cy/how-sensitive-information-disclosure-can-lead-to-account-takeover-vulnerabilities-4d18d2a3711d?source=rss------bug_bounty-5Devanshinformation-security, bug-bounty, idor, account-takeover21-Oct-2024
Mastering Arsenal (How to Use the Nuclei Tool Effectively)https://medium.com/@bitthr3at/mastering-arsenal-how-to-use-the-nuclei-tool-effectively-5ff976dfaeb0?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)nucleus, scanning, bug-bounty, pentest, tools21-Oct-2024
Microsoft Blocks Windows 11 24H2 on Select ASUS Models: A Cautionary Tale for Usershttps://medium.com/@wiretor/microsoft-blocks-windows-11-24h2-on-select-asus-models-a-cautionary-tale-for-users-5fc3314e0cfa?source=rss------bug_bounty-5WIRE TORcybersecurity, bug-bounty, pentest, usa, hacking21-Oct-2024
Cisco Takes DevHub Portal Offline Following Hacker Leak of Sensitive Datahttps://medium.com/@wiretor/cisco-takes-devhub-portal-offline-following-hacker-leak-of-sensitive-data-b6ca5cffe3c3?source=rss------bug_bounty-5WIRE TORpentesting, hacking, usa, bug-bounty, cybersecurity21-Oct-2024
Massive WordPress Breach: Over 6,000 Sites Hacked by Infostealing Malware Plugins! ️https://medium.com/@wiretor/massive-wordpress-breach-over-6-000-sites-hacked-by-infostealing-malware-plugins-%EF%B8%8F-2a4cb7e80d0c?source=rss------bug_bounty-5WIRE TORpentest, usa, pentesting, bug-bounty, cybersecurity21-Oct-2024
North Korean Hackers Exploit Microsoft Zero-Day: APT37’s “Code-on-Toast” Attack Uncoveredhttps://medium.com/@wiretor/north-korean-hackers-exploit-microsoft-zero-day-apt37s-code-on-toast-attack-uncovered-c10af50cf040?source=rss------bug_bounty-5WIRE TORcybersecurity, usa, bug-bounty, hacking, malware21-Oct-2024
My Bug Hunting Journey Beginshttps://medium.com/@ahmsyhmi/my-bug-hunting-journey-begins-c75c291ffe9c?source=rss------bug_bounty-5Ahmad Syahmibug-bounty-tips, bug-bounty, cybersecurity, bug-bounty-hunter, bug-hunting20-Oct-2024
How i got 300euro bounty?https://doordiefordream.medium.com/how-i-got-300euro-bounty-5e25f0a212de?source=rss------bug_bounty-5balu bandiethical-hacking, hacking, bug-bounty, writeup, cybersecurity20-Oct-2024
How I Found My First P1 Bug ??https://medium.com/@prajwalpatil453/how-i-found-my-first-p1-bug-705b6ba5e3e2?source=rss------bug_bounty-5Anonstrkbug-bounty-tips, cybersecurity, tips-and-tricks, vdp, bug-bounty20-Oct-2024
How Much Does Penetration Testing Cost?https://securitylit.medium.com/how-much-does-penetration-testing-cost-945fdb94e973?source=rss------bug_bounty-5Security Lit Limitedit-security, penetration-testing, pentesting, services, bug-bounty20-Oct-2024
Is CISSP Certification Still Worth It in 2025? Find Out Why You Should Consider It!https://securitylit.medium.com/is-cissp-certification-still-worth-it-in-2025-find-out-why-you-should-consider-it-dda36a443f80?source=rss------bug_bounty-5Security Lit Limitedpenetration-testing, it-security, bug-bounty, cybersecurity20-Oct-2024
Bypassing Email Uniqueness Check: A Logic Flaw Disrupting Password Recoveryhttps://medium.com/@0xoroot/bypassing-email-uniqueness-check-a-logic-flaw-disrupting-password-recovery-95464c95b664?source=rss------bug_bounty-50xorootbug-bounty-tips, broken-access-control, hacking, bug-bounty, hackerone20-Oct-2024
Mastering SQLMap Tool for Effective SQL Injection Testinghttps://medium.com/@prasanna.acharya/mastering-sqlmap-tool-for-effective-sql-injection-testing-38911178d3f6?source=rss------bug_bounty-5Prasanna Acharyasqlmap, sql-injection, bug-bounty-tips, web-penetration-testing, bug-bounty20-Oct-2024
Mastering Internet Scanning: How to Use ZMap and Censys for Ethical Hacking — Part 1https://medium.com/@vulnlabresearcher/mastering-internet-scanning-how-to-use-zmap-and-censys-for-ethical-hacking-part-1-9d05feb7a382?source=rss------bug_bounty-5VulnResearcherbug-bounty, ethical-hacking, network-scanning, cybersecurity, zmap-tutorial20-Oct-2024
Hack Application Pattern Lockhttps://medium.com/@k3r0/hack-application-pattern-lock-5ade6b8128dc?source=rss------bug_bounty-5Kyrillos nadybug-bounty, pentesting, hacking, mobi̇le, android20-Oct-2024
Bug Bounty Roadmap for Beginner’shttps://medium.com/@kumawatabhijeet2002/bug-bounty-roadmap-for-beginners-de747ab39036?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, hacking, bugbounty-writeup, bug-bounty-tips20-Oct-2024
The Deceptive Dance of Self-XSS: How to Protect Yourself from Your Own Browserhttps://medium.com/@mrutunjayasenapati0/the-deceptive-dance-of-self-xss-how-to-protect-yourself-from-your-own-browser-303ffe642073?source=rss------bug_bounty-5Mrutunjaya Senapatixss-attack, bug-bounty, vulnerability, bugs, hacking20-Oct-2024
My Adventure in Bug Bounty: Sharing My Very First Successful Discoveryhttps://medium.com/@prateek.baghela/my-adventure-in-bug-bounty-sharing-my-very-first-successful-discovery-526124148107?source=rss------bug_bounty-5Prateek Baghelacybersecurity, hacking, ethical-hacking, bug-bounty20-Oct-2024
My first SQLi vulnerabilityhttps://medium.com/@rimed.software/my-first-sqli-vulnerability-f1eaab78eadf?source=rss------bug_bounty-5muhammed demirowasp-top-10, bug-bounty, bug-bounty-writeup, sqli, cybersecurity20-Oct-2024
Halloween Special Offer: 25% Off All Cybersecurity Services!https://medium.com/@wiretor/halloween-special-offer-25-off-all-cybersecurity-services-01ff60356d66?source=rss------bug_bounty-5WIRE TORhacking, bug-bounty, halloween, cybersecurity, usa20-Oct-2024
Finally I got My First Bounty | From Self Hosted Programhttps://medium.com/@the.air.cyborg/finally-i-got-my-first-bounty-from-self-hosted-program-71ffe09473c4?source=rss------bug_bounty-5the_air_cyborgclickjacking, bugbounty-writeup, bug-bounty, bugbounty-tips, clickbait20-Oct-2024
Mastering Nmap Firewall Evasion Techniques: A Detailed Guidehttps://medium.com/@anandrishav2228/mastering-nmap-firewall-evasion-techniques-a-detailed-guide-f5d5b9f00587?source=rss------bug_bounty-5Rishav anandfirewall, bug-bounty, nmap, cybersecurity, money20-Oct-2024
How to Start Hacking: A Comprehensive Guide to Ethical Hacking and Penetration Testing for…https://medium.com/@verylazytech/how-to-start-hacking-a-comprehensive-guide-to-ethical-hacking-and-penetration-testing-for-db6e3fcd63ea?source=rss------bug_bounty-5Very Lazy Techbug-bounty, books, how-to-start-hacking, penetration-testing, cybersecurity20-Oct-2024
Superior Tool Untuk Melakukan Google Dorking Dalam Mencari Kerentanan Websitehttps://medium.com/@bimosp56/superior-tool-untuk-melakukan-google-dorking-dalam-mencari-kerentanan-website-ec7719b05a5b?source=rss------bug_bounty-5Bimo Salasa Putrabug-bounty, bigbountyrecon, vulnerability-assessment, google-dorking, vulnerability20-Oct-2024
FINDING A DOS BUG(STEP BY STEP).https://osintteam.blog/finding-a-dos-bug-step-by-step-5f13d361dc90?source=rss------bug_bounty-5loyalonlytodayhacking, penetration-testing, bug-bounty-tips, cybersecurity, bug-bounty20-Oct-2024
$$$ Bounty for PII disclosure through APIhttps://osintteam.blog/bounty-for-pii-disclosure-through-api-71b660bc984b?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitcybersecurity, hacking, bug-bounty, ethical-hacking, technology20-Oct-2024
Security Misconfigurations in Docker Containers: My $500 Win!https://osintteam.blog/security-misconfigurations-in-docker-containers-my-500-win-241af85882b2?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitethical-hacking, hacking, bug-bounty, cybersecurity, technology20-Oct-2024
Exploiting Auth0 Misconfigurations: A Case Study on Account Linking Vulnerabilitieshttps://medium.com/@iknowhatodo/exploiting-auth0-misconfigurations-a-case-study-on-account-linking-vulnerabilities-76fb6b9703f8?source=rss------bug_bounty-5Hossam Ahmedsecurity, penetration-testing, bug-bounty, information-security20-Oct-2024
What are Cookies? and How Attackers Take Privilege of Cookieshttps://medium.com/@vishalsahu1604/what-are-cookies-and-how-attackers-take-privilege-of-cookies-a016145c5fff?source=rss------bug_bounty-5Vishal Sahoowebsite-development, bug-bounty, technology, cybersecurity, website20-Oct-2024
How I could steal Telegram OTPs using SMS relayshttps://medium.com/@cyberletmewin/how-i-could-steal-telegram-otps-using-sms-relays-4672769c98e3?source=rss------bug_bounty-5Abdelkhalek Beraoud (letmewin)telegram, information-security, mobile-network, cybersecurity, bug-bounty20-Oct-2024
VDP vs CVD vs Bug Bountyhttps://medium.com/@ali.abdollahi/vdp-vs-cvd-vs-bug-bounty-bc2402038e4f?source=rss------bug_bounty-5Ali Abdollahicybersecurity, security, information-security, vulnerability, bug-bounty20-Oct-2024
Hackers Exploit Roundcube Webmail Vulnerability to Steal Login Credentialshttps://medium.com/@wiretor/hackers-exploit-roundcube-webmail-vulnerability-to-steal-login-credentials-6b2761a7dd81?source=rss------bug_bounty-5WIRE TORhacking, pentest, usa, cybersecurity, bug-bounty20-Oct-2024
Hackers Exploit Redbox Kiosks: A Wake-Up Call for Digital Securityhttps://medium.com/@wiretor/hackers-exploit-redbox-kiosks-a-wake-up-call-for-digital-security-1d19e18f3a80?source=rss------bug_bounty-5WIRE TORhacking, usa, cybersecurity, malware, bug-bounty20-Oct-2024
How to Find XSS in Real-Life Bug Bounty Targetshttps://medium.com/@rupaitanudas/how-to-find-xss-in-real-life-bug-bounty-targets-319177706ad8?source=rss------bug_bounty-5Rupaitanudasxss-attack, bug-bounty, tips-and-tricks20-Oct-2024
Internet Archive Breached Again: Urgent Call for Enhanced Cybersecurityhttps://medium.com/@wiretor/internet-archive-breached-again-urgent-call-for-enhanced-cybersecurity-4cb161fc5408?source=rss------bug_bounty-5WIRE TORcybersecurity, bug-bounty, usa, malware, hacking20-Oct-2024
how did I lose $5000?https://medium.com/@mr.matrex00.7/how-did-i-lose-5000-6bf4a5c7cbf7?source=rss------bug_bounty-5Mr Matrexhackthebox, tryhackme, bug-bounty, bug-bounty-tips, bug-bounty-writeup20-Oct-2024
Unveiling Hidden Vulnerabilities: A Journey into E-Commerce Securityhttps://medium.com/@CipherHawk/unveiling-hidden-vulnerabilities-a-journey-into-e-commerce-security-db7993b788cc?source=rss------bug_bounty-5CipherHawkbug-bounty-tips, bug-bounty, bugcrowd, cybersecurity, hackerone20-Oct-2024
VDP vs CVD vs Bug Bountyhttps://systemweakness.com/vdp-vs-cvd-vs-bug-bounty-bc2402038e4f?source=rss------bug_bounty-5Ali Abdollahicybersecurity, security, information-security, vulnerability, bug-bounty20-Oct-2024
How I Found My First Easy P3 Vulnerability in HackerOne Bug Bounty‍https://medium.com/@aryan9868/how-i-found-my-first-easy-p3-vulnerability-in-hackerone-bug-bounty-f9227942c6c0?source=rss------bug_bounty-5h4ck3rrawatbugs, bug-bounty-tips, bugbounty-writeup, hackerone, bug-bounty19-Oct-2024
Google Dorking Queries to find vulnurable targetshttps://medium.com/@kanishk.k1410/google-dorkingqueries-to-find-vulnurable-targets-89ee672b6996?source=rss------bug_bounty-5Kanishk Kumargoogle-dorking, hacking, technology, bug-bounty, offensive-security19-Oct-2024
How a NoSQL Injection Attack Helped Me Earn $500: A Step-by-Step Guidehttps://medium.com/@anandrishav2228/how-a-nosql-injection-attack-helped-me-earn-500-a-step-by-step-guide-51370a95bb93?source=rss------bug_bounty-5Rishav anandbug-bounty, ai, money, nosql, cybersecurity19-Oct-2024
A Comprehensive Guide to API Fuzzing: Strengthen Your API Securityhttps://medium.com/@Code_With_Ssn/a-comprehensive-guide-to-api-fuzzing-strengthen-your-api-security-5c00aac974b0?source=rss------bug_bounty-5N4!TR0 07api-fuzzing, api, bug-bounty, bug-bounty-writeup, reconnaissance19-Oct-2024
From JavaScript Analysis To UUID Pattern Exploration Revealed a Critical IDOR!https://medium.com/@ozomarzu/from-javascript-analysis-to-uuid-pattern-exploration-revealed-a-critical-idor-5c526451e7ec?source=rss------bug_bounty-5CyberOzbug-bounty-tips, js, idor, bug-bounty-writeup, bug-bounty19-Oct-2024
Password Brute-Forcing: The Cybersecurity Game Show You Didn’t Sign Up Forhttps://medium.com/@mrutunjayasenapati0/password-brute-forcing-the-cybersecurity-game-show-you-didnt-sign-up-for-c03052aedeeb?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, vulnerability, bug-bounty, passwords, bugs19-Oct-2024
How I Uncovered a Hidden XSS Vulnerability in a Global Car Websitehttps://medium.com/@gg20205959/how-i-uncovered-a-hidden-xss-vulnerability-in-a-global-car-website-1e0b86a86a7a?source=rss------bug_bounty-5VulnSniperxss-attack, xss-vulnerability, hacking, alerts, bug-bounty19-Oct-2024
How I Uncovered a High-Severity Vulnerability Using a Single HTTP Headerhttps://medium.com/@ahmeedhisham2019/how-i-uncovered-a-high-severity-vulnerability-using-a-single-http-header-bf678a2775dc?source=rss------bug_bounty-5CipherHawkcybersecurity, ethical-hacking, hackerone, bug-bounty-tips, bug-bounty19-Oct-2024
SubdomainRadar.io — The best Subdomain Finder And Port Scannerhttps://medium.com/@alexandrevandammepro/subdomainradar-io-the-best-subdomain-finder-and-port-scanner-a5390b5fee67?source=rss------bug_bounty-5Alexandre Vandammesubdomains-enumeration, osint, bug-bounty, infose, cybersecurity19-Oct-2024
How I am starting my Bug Bounty Hunting Journeyhttps://cybersechemmars.medium.com/how-i-am-starting-my-bug-bounty-hunting-journey-6d807a367d80?source=rss------bug_bounty-5Cybersec with Hemmarsbug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, cybersecurity19-Oct-2024
Get easy $50,000 bugbounty hunting from hackerone programhttps://medium.com/@loaymorad11/get-easy-50-000-bugbounty-hunting-from-hackerone-program-e5a119d2af0c?source=rss------bug_bounty-5Loaymoradhackerone, writeup, information-disclosure, cybersecurity, bug-bounty19-Oct-2024
Attack on Zendeskhttps://medium.com/@skirkanna/attack-on-zendesk-6f4f3adf3458?source=rss------bug_bounty-5Anna Skirko (unknown_feature)bug-bounty, apple, zendesk, supply-chain, slack19-Oct-2024
How I Uncovered a High-Severity Vulnerability Using a Single HTTP Headerhttps://medium.com/@CipherHawk/how-i-uncovered-a-high-severity-vulnerability-using-a-single-http-header-bf678a2775dc?source=rss------bug_bounty-5CipherHawkcybersecurity, ethical-hacking, hackerone, bug-bounty-tips, bug-bounty19-Oct-2024
How I Found a Subdomain Takeover Bug and Earned a $500 Bountyhttps://medium.com/@D2Cy/how-i-found-a-subdomain-takeover-bug-and-earned-a-500-bounty-0edc139fe994?source=rss------bug_bounty-5D2Cyinformation-security, bug-bounty, bug-bounty-writeup, cybersecurity, subdomain-takeover19-Oct-2024
XSShttps://medium.com/@cyberviperx/xss-f5daee1b9e95?source=rss------bug_bounty-5Majd abuleilxss-vulnerability, bug-bounty, cybersecurity, hacking, xss-attack19-Oct-2024
6 BEST Hacking Books for Learning Cybersecurityhttps://medium.com/illumination/6-best-hacking-books-for-learning-cybersecurity-bbe0e9bdf0ae?source=rss------bug_bounty-5Tahir Ayoubpenetration-testing, bug-bounty, hacking, cybersecurity, ethical-hacking19-Oct-2024
Alabama Man Arrested for SEC Social Media Hack That Caused Bitcoin Price Spikehttps://medium.com/@wiretor/alabama-man-arrested-for-sec-social-media-hack-that-caused-bitcoin-price-spike-eebee5fe0a88?source=rss------bug_bounty-5WIRE TORinformation-technology, cybersecurity, malware, xss-attack, bug-bounty19-Oct-2024
Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Varianthttps://medium.com/@wiretor/russian-romcom-attacks-target-ukrainian-government-with-new-singlecamper-rat-variant-89d740937358?source=rss------bug_bounty-5WIRE TORcybersecurity, xss-attack, hacking, bug-bounty, usa19-Oct-2024
Attention WordPress Users! Critical Jetpack Vulnerability Fixed!https://medium.com/@wiretor/attention-wordpress-users-critical-jetpack-vulnerability-fixed-f52d455499fe?source=rss------bug_bounty-5WIRE TORbug-bounty, usa, sqli, malware, hacking19-Oct-2024
How I Found a Subdomain Takeover Bug and Earned a $500 Bountyhttps://medium.com/@D2Cy/how-i-found-a-subdomain-takeover-bug-and-earned-a-500-bounty-0edc139fe994?source=rss------bug_bounty-5Devanshinformation-security, bug-bounty, bug-bounty-writeup, cybersecurity, subdomain-takeover19-Oct-2024
2FA Bypass via OAuth Linkinghttps://medium.com/@sharp488/2fa-bypass-via-oauth-linking-c8a640519ae8?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty-tips, bug-bounty, hacking, information-security, information-technology18-Oct-2024
Stored XSS & Privilege Escalation in Profile Field -Private Programhttps://cyb3rc4t.medium.com/stored-xss-privilege-escalation-in-profile-field-private-program-2bdde55e34b2?source=rss------bug_bounty-5CYB3RC4Tinfosec, bugbounty-writeup, bug-bounty, security, privilege-escalation18-Oct-2024
Managing and Modifying URLs in SubScope for Bug Bounty Programs: A Comprehensive Guidehttps://medium.com/@hunthubspace/managing-and-modifying-urls-in-subscope-for-bug-bounty-programs-a-comprehensive-guide-667df5ed07ab?source=rss------bug_bounty-5hunThubautomation, bug-bounty, penetration-testing, cybersecurity, bug-bounty-tips18-Oct-2024
I found this Bug in just 5 min. Only and Earn $300.https://medium.com/@anandrishav2228/i-found-this-bug-in-just-5-min-only-and-earn-300-6b57528a7291?source=rss------bug_bounty-5Rishav anandcors, bug-bounty, cybersecurity, money, vulnerability18-Oct-2024
Exploiting Session Fixation via Stored XSS and Cookie Jar Overflow Attackhttps://akashc99.medium.com/exploiting-session-fixation-via-stored-xss-and-cookie-jar-overflow-attack-7cf8d60e1f9e?source=rss------bug_bounty-5Akash ccybersecurity, web-app-security, bug-bounty, bug-hunter, hacking18-Oct-2024
A Security Researcher’s Journey: Uncovering an Account Takeover Vulnerabilityhttps://medium.com/@cybershree/a-security-researchers-journey-uncovering-an-account-takeover-vulnerability-624763bd4ecd?source=rss------bug_bounty-5Shridhar Rajaputcybersecurity, security, bug-bounty-tips, vulnerability, bug-bounty18-Oct-2024
The Harsh Reality of Bug Bounty Hunting Bugcrowdhttps://medium.com/@cybershree/the-harsh-reality-of-bug-bounty-hunting-on-bugcrowd-aac3b29e9f43?source=rss------bug_bounty-5Shridhar Rajaputbugcrowd, cybersecurity, bugbounty-writeup, bugs, bug-bounty18-Oct-2024
Exploring Session Hijacking: How Attackers Compromise Web Sessionshttps://medium.com/@mrutunjayasenapati0/exploring-session-hijacking-how-attackers-compromise-web-sessions-6a1c78e6c718?source=rss------bug_bounty-5Mrutunjaya Senapativulnerability, bug-bounty, sessions, bug-bounty-tips, hacking18-Oct-2024
IDOR: User Information Disclosurehttps://systemweakness.com/idor-user-information-disclosure-7c6951a55a7a?source=rss------bug_bounty-5Aswin Thambi Panikulangaracybersecurity, bug-bounty, hacking, bug-bounty-tips, bugbounty-writeup18-Oct-2024
How Do Hackers Crack ANY Softwarehttps://medium.com/@TahirAyoub/how-do-hackers-crack-any-software-8e8e201bb169?source=rss------bug_bounty-5Tahir Ayoubhacking, bug-bounty, cybersecurity, medium, pentesting18-Oct-2024
Business logic vulnerability : Permanent Comments lockhttps://sayedv2.medium.com/business-logic-vulnerability-permanent-comments-lock-f118087967ba?source=rss------bug_bounty-5Mohamed Sayedsecurity, bug-bounty, cybersecurity, business-logic, infosec18-Oct-2024
How I Earned $150 for Reporting a Simple Parameter Bughttps://medium.com/@janmaciejewski07/how-i-earned-150-for-reporting-a-simple-parameter-bug-90734441dcd5?source=rss------bug_bounty-5Jan Maciejewskiprogramming, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-program18-Oct-2024
Easy P3 Bug: A Spoofing Vulnerabilityhttps://medium.com/@cybershree/easy-p3-bug-a-spoofing-vulnerability-ca73a62b6f48?source=rss------bug_bounty-5Shridhar Rajaputcybersecurity, penetration-testing, bug-bounty, linkedin, information-technology18-Oct-2024
Easy P4 Bug #2: Account Deletion Lacks Password Verificationhttps://medium.com/@cybershree/p4-bug-2-account-deletion-lacks-password-verification-a8633a00c9fc?source=rss------bug_bounty-5Shridhar Rajaputcybersecurity, bugs, security-research, bug-bounty, information-technology18-Oct-2024
Easy P4 Bug : Failure to Invalidate Sessions Post Password Changehttps://medium.com/@cybershree/easy-p4-bug-failure-to-invalidate-sessions-post-password-change-56a3aee9e8cc?source=rss------bug_bounty-5Shridhar Rajaputcybersecurity, bug-bounty, information-technology, hackerone, ethical-hacking18-Oct-2024
The Harsh Reality of Bug Bounty Hunting on Bugcrowdhttps://medium.com/@cybershree/the-harsh-reality-of-bug-bounty-hunting-on-bugcrowd-aac3b29e9f43?source=rss------bug_bounty-5Shridhar Rajaputbugcrowd, cybersecurity, bugbounty-writeup, bugs, bug-bounty18-Oct-2024
Microsoft Unveils macOS Vulnerability: A Deep Dive into the HM Surf Flaw ️https://medium.com/@wiretor/microsoft-unveils-macos-vulnerability-a-deep-dive-into-the-hm-surf-flaw-%EF%B8%8F-1bb8b77b2a63?source=rss------bug_bounty-5WIRE TORcybersecurity, cve, bug-bounty, hacking, zero-day18-Oct-2024
Hong Kong Crime Ring Swindles Victims Out of $46M Using Deepfakeshttps://medium.com/@wiretor/hong-kong-crime-ring-swindles-victims-out-of-46m-using-deepfakes-9dc8cb713248?source=rss------bug_bounty-5WIRE TORhacking, usa, shell, sql, bug-bounty18-Oct-2024
Omni Family Health Impacts 470,000 Individualshttps://medium.com/@wiretor/omni-family-health-impacts-470-000-individuals-d20a82cd0ac8?source=rss------bug_bounty-5WIRE TORusa, sql, rce, bug-bounty, hacking18-Oct-2024
Another Dark Reality of Bug Huntinghttps://medium.com/@akashmotkar001/another-dark-reality-of-bug-hunting-6539c60dac31?source=rss------bug_bounty-5Akashmotkarethical-hacking, hacking, bug-bounty, bugs, cybersecurity18-Oct-2024
How Do Hackers Crack ANY Softwarehttps://medium.com/h7w/how-do-hackers-crack-any-software-8e8e201bb169?source=rss------bug_bounty-5Tahir Ayoubhacking, bug-bounty, cybersecurity, medium, pentesting18-Oct-2024
Bug Bounty Tools that make you Rich and Independent and Help earn upto $100–$50,000https://medium.com/@anandrishav2228/bug-bounty-tools-that-make-you-rich-and-independent-and-help-earn-upto-100-50-000-eddc92485bae?source=rss------bug_bounty-5Rishav anandhacking, tools, bug-bounty, money, cybersecurity17-Oct-2024
Bug Bounty Millionaires: Are You Missing Out on Easy Money?https://medium.com/@paritoshblogs/bug-bounty-millionaires-are-you-missing-out-on-easy-money-e5b10a9e2cc1?source=rss------bug_bounty-5Paritoshinformation-technology, cybersecurity, money, bug-bounty, hacking17-Oct-2024
Electron JS Application Penetration Testinghttps://medium.com/@ajaynaikhack/electron-js-application-penetration-testing-b0809af324f6?source=rss------bug_bounty-5Ajay Naikcybersecurity, bug-bounty, information-security, electronjs, penetration-testing17-Oct-2024
How to Find XSS in Bug Bounty Programs: A Step-by-Step Guide with Source Code Exampleshttps://medium.com/@shaikhminhaz1975/how-to-find-xss-in-bug-bounty-programs-a-step-by-step-guide-with-source-code-examples-804e4b8a225d?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, step-by-step-guide, penetration-testing, xss-attack, bug-bounty17-Oct-2024
Your approach to finding XSS would change after you read thishttps://medium.com/@nireshpandian19/your-approach-to-finding-xss-would-change-after-you-read-this-8292fcafefc1?source=rss------bug_bounty-5JAI NIRESH Jidor-vulnerability, bug-bounty, cybersecurity, bug-bounty-writeup, idor17-Oct-2024
Electron JS Application Penetration Testinghttps://infosecwriteups.com/electron-js-application-penetration-testing-b0809af324f6?source=rss------bug_bounty-5Ajay Naikcybersecurity, bug-bounty, information-security, electronjs, penetration-testing17-Oct-2024
E-commerce website vulnerability bounty practice sharing(II)https://medium.com/@security.tecno/e-commerce-website-vulnerability-bounty-practice-sharing-ii-739d47705908?source=rss------bug_bounty-5TECNO Securitysecurity, hacking, bonus, bug-bounty17-Oct-2024
IDOR lead to Restriction Bypass!!https://kumarmohank889.medium.com/idor-lead-to-restriction-bypass-7f42d593ffd4?source=rss------bug_bounty-5Mohan Kumar Nbug-bounty-tips, bug-bounty, bug-bounty-writeup, cybersecurity, hacking17-Oct-2024
Over 7 Million WooCommerce Sites Affected by a Simple HTML Injection: CVE-2024–9944 Analysishttps://dropn0w.medium.com/over-7-million-woocommerce-sites-affected-by-a-simple-html-injection-cve-2024-9944-analysis-ce81c918c39a?source=rss------bug_bounty-5dropcve, cybersecurity, bug-bounty, woocommerce, wordpress17-Oct-2024
Advanced IDOR Exploitation: Discovering Hidden Vulnerabilities Through Delayed Object Creationhttps://medium.com/@ashfquejahan5/advanced-idor-exploitation-discovering-hidden-vulnerabilities-through-delayed-object-creation-beb9da9e036f?source=rss------bug_bounty-5jahanajbug-bounty, idor, web17-Oct-2024
Unmasking Server-Side Request Forgery (SSRF): How Attackers Exploit Internal Systemshttps://medium.com/@mrutunjayasenapati0/unmasking-server-side-request-forgery-ssrf-how-attackers-exploit-internal-systems-286b5b71a46a?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, vulnerability, ethical-hacking, hacking, ssrf-attack17-Oct-2024
Bug Bounty — IDOR lead to Restriction Bypass!!https://kumarmohank889.medium.com/idor-lead-to-restriction-bypass-7f42d593ffd4?source=rss------bug_bounty-5Mohan Kumar Nbug-bounty-tips, bug-bounty, bug-bounty-writeup, cybersecurity, hacking17-Oct-2024
Maximizing Web3 Security with Bug Bounty Program Datahttps://securrtech.medium.com/maximizing-web3-security-with-bug-bounty-program-data-1434315dbcdb?source=rss------bug_bounty-5Securrweb3-security, blockchain-technology, bug-bounty, smart-contract-auditing, web317-Oct-2024
Walkthrough for the Appointment Machine — Hack The Box (HTB) Challengehttps://medium.com/@jessemridley/walkthrough-for-the-appointment-machine-hack-the-box-htb-challenge-b228fe34e2f5?source=rss------bug_bounty-5Jesse Ridleyethical-hacking, cybersecurity, bug-bounty, technology, penetration-testing17-Oct-2024
FROM OUT OF SCOPE TO ACCEPTEDhttps://medium.com/@nightcoders0/from-out-of-scope-to-accepted-4f52e626b734?source=rss------bug_bounty-5Nightcodersbugs, bug-bounty-writeup, ethical-hacking, bug-bounty, bug-bounty-tips17-Oct-2024
Hack The Box Challenge: Day 4 — Knowledge Check Walkthroughhttps://medium.com/@jessemridley/hack-the-box-challenge-day-4-knowledge-check-walkthrough-ce22f62d0854?source=rss------bug_bounty-5Jesse Ridleycybersecurity, freelancing, technology, bug-bounty, hacking17-Oct-2024
Payload Pursuit: XSS Challengehttps://medium.com/@josh.beck2006/payload-pursuit-xss-challenge-40105e34379c?source=rss------bug_bounty-5Josh Beckcybersecurity, ctf-writeup, bug-bounty, ctf17-Oct-2024
ACCESS MEDIUM PAID BLOGS FOR YOUR RESEARCH IN BUG BOUNTYhttps://medium.com/@anonymousshetty2003/access-medium-paid-blogs-for-your-research-in-bug-bounty-b19395d20e0b?source=rss------bug_bounty-5Anonymousshettycybersecurity, hacking, ethical-hacking, bug-bounty17-Oct-2024
$600 Bug Bounty: How I Poked Microservices and Got Paid!https://osintteam.blog/600-bug-bounty-how-i-poked-microservices-and-got-paid-9e1bbe0f45e8?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitvulnerability, programming, cybersecurity, bug-bounty, penetration-testing17-Oct-2024
Breaking News: Sudan Brothers Charged in DDoS Attack Service Disruption!https://medium.com/@wiretor/breaking-news-sudan-brothers-charged-in-ddos-attack-service-disruption-856290eb0dfb?source=rss------bug_bounty-5WIRE TORusa, virus, bug-bounty, hacking, trojan17-Oct-2024
Vulnerability Discovered in Kubernetes Image Builder!https://medium.com/@wiretor/vulnerability-discovered-in-kubernetes-image-builder-5846cf32cb80?source=rss------bug_bounty-5WIRE TORbug-bounty, usa, hacking, europe, virus17-Oct-2024
Use Case: Bypassing In-App Purchase By Payment Client-Side Validationhttps://secfathy0x1.medium.com/use-case-bypassing-in-app-purchase-by-payment-client-side-validation-e87e2c775a9c?source=rss------bug_bounty-5Mohamed K. Fathybug-bounty-writeup, hacking, bug-bounty, android, cybersecurity17-Oct-2024
I Can Crash Anyone’s Instagram Post - Zero Day-Permanent DoS | Meta | BugBounty | 2024https://prathapilango.medium.com/i-can-crash-anyones-instagram-post-zero-day-permanent-dos-meta-bugbounty-2024-a2e50ac15caf?source=rss------bug_bounty-5Prathapilangocyebrsecurity, bug-bounty, bug-bounty-writeup, meta-bug-bounty, info-sec-writeups17-Oct-2024
Admin Panel Takeover Using a Leaky JS Filehttps://medium.com/@RaunakGupta1922/admin-panel-takeover-using-a-leaky-js-file-dc41fac0f86d?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitjavascript, programming, technology, bug-bounty, cybersecurity16-Oct-2024
How I Deleted Users from the Database on Private Bug Bounty Programhttps://medium.com/@sharp488/how-i-deleted-users-from-the-database-on-private-bug-bounty-program-f1939e83dd6f?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbugs, bug-bounty, information-technology, information-security, bug-bounty-tips16-Oct-2024
Birdie Flies in to Save the Day: Our Custom Bug Tracking Tool for Android & iOS Appshttps://engineering.probo.in/birdie-flies-in-to-save-the-day-our-custom-bug-tracking-tool-for-android-ios-apps-3834ab2bc434?source=rss------bug_bounty-5Probocoding, app-development, engineering, bug-bounty, prediction-markets16-Oct-2024
How Website Workhttps://medium.com/@Joshua_su/how-website-work-3df5e4e93a61?source=rss------bug_bounty-5Joshua Suksakorncurl, cybersecurity, website, bug-bounty16-Oct-2024
How to Find API Bugs and Earn Big with Bug Bounties upto $20,000https://medium.com/@anandrishav2228/how-to-find-api-bugs-and-earn-big-with-bug-bounties-upto-20-000-12358743fcf9?source=rss------bug_bounty-5Rishav anandmoney, api, bug-bounty, hacker, cybersecurity16-Oct-2024
Admin Panel Takeover Using a Leaky JS Filehttps://osintteam.blog/admin-panel-takeover-using-a-leaky-js-file-dc41fac0f86d?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitjavascript, programming, technology, bug-bounty, cybersecurity16-Oct-2024
Quantity Manipulation Allows Purchases at Reduced Priceshttps://medium.com/@abdelrahman0x01/quantity-manipulation-allows-purchases-at-reduced-prices-d2e998b82a02?source=rss------bug_bounty-5Abdelrahman0x01bug-bounty, information-security, cybersecurity, penetration-testing, cyberattack16-Oct-2024
How I do my recon and end up finding hidden assets and vulnerabilities before anyone else Pt.1https://medium.com/@demonia/how-i-do-my-recon-and-end-up-finding-hidden-assets-and-vulnerabilities-before-anyone-else-pt-1-30777f987c93?source=rss------bug_bounty-5Mohammed Diefreconnaissance, bug-bounty, hacking, bug-bounty-tips, cybersecurity16-Oct-2024
Cracking the HTB Cap Box: A Step-by-Step Walkthroughhttps://medium.com/@vignesh6872610/cracking-the-htb-cap-box-a-step-by-step-walkthrough-0b08a4fff3f9?source=rss------bug_bounty-5Vignesh Pcap, hackthebox, retiredmachine, bug-bounty-tips, bug-bounty16-Oct-2024
How to Earn money online using Cybersecurity knowledgehttps://medium.com/@rashad.desk/how-to-earn-money-online-using-cybersecurity-knowledge-ece1078969f4?source=rss------bug_bounty-5Rashadul Islamfreelancing, cybersecurity, earn-money-online, bug-bounty16-Oct-2024
Unauthorized SQL Injection: Turning ‘No Entry’ Signs into Dollar Signs!https://medium.com/@Xt3sY/unauthorized-sql-injection-turning-no-entry-signs-into-dollar-signs-80dcf1168dbd?source=rss------bug_bounty-5Pushkar Bhagatbug-bounty, hacking, hackerone, bugcrowd, hacker16-Oct-2024
Hidden Reflected XSS via Android Application in VDPhttps://cyb3rc4t.medium.com/hidden-reflected-xss-via-android-application-in-vdp-68f4210196f1?source=rss------bug_bounty-5CYB3RC4Tbug-bounty-tips, security, infosec, android-pentesting, bug-bounty16-Oct-2024
Insecure direct object referenceshttps://medium.com/@codingbolt.in/insecure-direct-object-references-8daea91886f4?source=rss------bug_bounty-5codingboltbug-bounty, ethical-hacking, idor, cybersecurity, owasp16-Oct-2024
User ID controlled by request parameter with password disclosurehttps://medium.com/@codingbolt.in/user-id-controlled-by-request-parameter-with-password-disclosure-98e4f9ebe167?source=rss------bug_bounty-5codingboltethical-hacking, owasp, owasp-top-10, bug-bounty, cybersecurity16-Oct-2024
User ID controlled by request parameter with data leakage in redirecthttps://medium.com/@codingbolt.in/user-id-controlled-by-request-parameter-with-data-leakage-in-redirect-65b571611c7b?source=rss------bug_bounty-5codingboltcybersecurity, ethical-hacking, owasp-top-10, owasp, bug-bounty16-Oct-2024
User ID controlled by request parameter, with unpredictable user IDshttps://medium.com/@codingbolt.in/user-id-controlled-by-request-parameter-with-unpredictable-user-ids-b9e12542330d?source=rss------bug_bounty-5codingboltcybersecurity, bug-bounty, owasp-top-10, ethical-hacking, owasp16-Oct-2024
User ID controlled by request parameterhttps://medium.com/@codingbolt.in/user-id-controlled-by-request-parameter-7a0bb3006f68?source=rss------bug_bounty-5codingboltcybersecurity, owasp, owasp-top-10, bug-bounty, ethical-hacking16-Oct-2024
User role can be modified in user profilehttps://medium.com/@codingbolt.in/user-role-can-be-modified-in-user-profile-eb1a28631358?source=rss------bug_bounty-5codingboltcybersecurity, bug-bounty, owasp-top-10, owasp, ethical-hacking16-Oct-2024
Exposing Vulnerabilities: The Power of Google Dorking in Cybersecurity Part-2https://medium.com/@abhilov/exposing-vulnerabilities-the-power-of-google-dorking-in-cybersecurity-part-2-90dbf2e68ded?source=rss------bug_bounty-5Abhilov Guptabug-bounty, dorking, google, cybersecurity, hacking16-Oct-2024
HOW I FIND XXS REFLECTED IN 5 SEChttps://medium.com/@mr.matrex00.7/xxxs-reflected-in-external-programme-1d234bd3b3c3?source=rss------bug_bounty-5Mr Matrexxss-attack, xss-vulnerability, hunter, bug-bounty16-Oct-2024
WAF Bypass — Parameter Poisoninghttps://medium.com/@unrealdenis2020/waf-bypass-parameter-poisoning-21ad6e0db83c?source=rss------bug_bounty-5E1nZwaf, bugbounty-writeup, waf-bypass, parameter-poisoning, bug-bounty16-Oct-2024
Hidden Reflected XSS via Android Application in VDPhttps://cyb3rc4t.medium.com/hidden-reflected-xss-via-android-application-in-vdp-68f4210196f1?source=rss------bug_bounty-5CYB3RC4Tbug-bounty-tips, cybersecurity, infosec, bug-bounty, hackerone16-Oct-2024
Zero-Hero Hacker By Reading. Top 5 Books Designed For Hackers | Primary Hacking School #7https://medium.com/@nnface/zero-hero-hacker-by-reading-top-5-books-designed-for-hackers-primary-hacking-school-7-559618b200b3?source=rss------bug_bounty-5NnFacecybersecurity, linux, hacking, bug-bounty, kali-linux16-Oct-2024
How Google Dorking Helps me to Earn more than $2,000 in Bug Bounty.https://medium.com/@anandrishav2228/how-google-dorking-helps-me-to-earn-more-than-2-000-in-bug-bounty-b2ac959b3905?source=rss------bug_bounty-5Rishav anandcybersecurity, google, bug-bounty, money, advanced15-Oct-2024
5 Cybersecurity Projects You Can Build This Weekend (with Python)https://medium.com/@paritoshblogs/5-cybersecurity-projects-you-can-build-this-weekend-with-python-74bf03c3ba5d?source=rss------bug_bounty-5Paritoshbug-bounty, python, coding, cybersecurity, hacking15-Oct-2024
Perform a Command Injection Attack in Large Language Models (LLMs)https://medium.com/@360Security/perform-a-command-injection-attack-in-large-language-models-llms-86cd7db5e528?source=rss------bug_bounty-5360 Securitypenetration-testing, llm, cybersecurity, bug-bounty, ai15-Oct-2024
Sensitive Information Disclosure (Critical Finding)https://medium.com/@bughunt789/sensitive-information-disclosure-critical-finding-8fcbd7fe1704?source=rss------bug_bounty-5BUG HUNTERbắc, bug-bounty, sensitive-information, idor15-Oct-2024
Best AI Tool Used by Hacker 2025https://medium.com/@TahirAyoub/best-ai-tool-used-by-hacker-2025-715ab6ac8843?source=rss------bug_bounty-5Tahir Ayoubai, hacking, cybersecurity, ethical-hacking, bug-bounty15-Oct-2024
Google Dorks for Bug Bounty | Find Sensitive Informationhttps://medium.com/@shardulsawant67/google-dorks-for-bug-bounty-find-sensitive-information-6ed3e165bc02?source=rss------bug_bounty-5Shardul Sawantenumeration, hacking, google-dork, google-hacking, bug-bounty15-Oct-2024
The 50 Ultimate Fuzzing Guide for Bug Bounty Hunters: Mastering FUZZINGhttps://medium.com/@pankajkryadav1/the-50-ultimate-fuzzing-guide-for-bug-bounty-hunters-mastering-fuzzing-9f70e5474dc5?source=rss------bug_bounty-5Pankaj kr Yadavbug-bounty-tips, bug-bounty, fuzzing, web-security, ethical-hacking15-Oct-2024
How I got Account Take Over in a Bug Bounty Programhttps://hiroki-sawada.medium.com/how-i-got-account-take-over-in-a-bug-bounty-program-df3412c46274?source=rss------bug_bounty-5Hiroki Sawadabugcrowd, xss-attack, account-takeover, bug-bounty, hackerone15-Oct-2024
Mass Account Takeover via simple IDOR and funny OTP Bypasshttps://medium.com/@manibharathi.b/mass-account-takeover-via-simple-idor-and-funny-otp-bypass-23c12979e92d?source=rss------bug_bounty-5Mani Bharathi Bbug-bounty, hacker, cybersecurity, ethical-hacking, bug-bounty-tips15-Oct-2024
Insufficient Workflow Validationhttps://medium.com/@rcxsecurity/insufficient-workflow-validation-795d90f881dc?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafepenetration-testing, cybersecurity, hacking, information-security, bug-bounty15-Oct-2024
How I Discovered My First Bug: Worth $150 for Information Exposure Through Debug Logs (CWE-215)https://medium.com/@rupaitanudas/how-i-discovered-my-first-bug-worth-150-for-information-exposure-through-debug-logs-cwe-215-6a66dd10b21b?source=rss------bug_bounty-5Rupaitanudasyeswehack, hacking, ethical-hacking, hackerone, bug-bounty15-Oct-2024
How I Accessed an Admin Panel Without Touching the Keyboardhttps://medium.com/@ranjanyadav2003/how-i-accessed-an-admin-panel-without-touching-the-keyboard-43ad45a06f8d?source=rss------bug_bounty-5Ranjan_Yadavbug-bounty, hacking, cybersecurity, web-security, programming15-Oct-2024
How I Accidentally Deleted My Medium Account While Hacking Medium (Oops)https://medium.com/@vivekps143/how-i-accidentally-deleted-my-medium-account-while-hacking-medium-oops-82aa44c6bc69?source=rss------bug_bounty-5Vivek PSbug-hunter, bloging, automation, developer, bug-bounty15-Oct-2024
Peeling Back the Layers: Exploring Critical Security Flaws in Chatbot Systemshttps://medium.com/@tusharpuri6/peeling-back-the-layers-exploring-critical-security-flaws-in-chatbot-systems-940e14d62ac6?source=rss------bug_bounty-5Tusharpuriinfosec, bug-bounty, application-security, penetration-testing, offensive-security15-Oct-2024
Attacking organisations with big scope: Part 2https://medium.com/@sabirasdev/attacking-organisations-with-big-scope-part-2-6a0ee0387551?source=rss------bug_bounty-5S A B I Rcybersecurity, cyberattack, reconnaissance, bug-bounty, dorking15-Oct-2024
Best AI Tool Used by Hacker 2025https://infosecwriteups.com/best-ai-tool-used-by-hacker-2025-715ab6ac8843?source=rss------bug_bounty-5Tahir Ayoubai, hacking, cybersecurity, ethical-hacking, bug-bounty15-Oct-2024
How I Accessed an Admin Panel Without Touching the Keyboardhttps://medium.com/@ranjanyadav2003/how-i-accessed-an-admin-panel-without-touching-the-keyboard-43ad45a06f8d?source=rss------bug_bounty-5Ranjanbug-bounty, hacking, cybersecurity, web-security, programming15-Oct-2024
OAuth: A Backdoor in Disguise — a $7500 Study Casehttps://xdead4f.medium.com/oauth-a-backdoor-in-disguise-a-7500-study-case-3383a4012295?source=rss------bug_bounty-50xdead4fcyber-sec, security-reseach, cybersecurity, bug-bounty, cyber-security-writeup14-Oct-2024
Web3 BBP journal:https://medium.com/@harryfyx/web3-bbp-journal-777d830f35d0?source=rss------bug_bounty-5hhhkbweb3, bug-bounty14-Oct-2024
Passively Found Secrets in Javascript File on a Private Bug Bounty Programhttps://medium.com/@sharp488/passively-found-secrets-in-javascript-file-on-a-private-bug-bounty-program-36eb29c2a35c?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty, bug-bounty-tips, burpsuite-extension, burpsuite, bug-bounty-writeup14-Oct-2024
Bug bounty programs pada aplikasi Laravel memungkinkan penemuan celah keamanan (vulnerabilities)…https://medium.com/@_azwar/bug-bounty-programs-pada-aplikasi-laravel-memungkinkan-penemuan-celah-keamanan-vulnerabilities-7db40b405794?source=rss------bug_bounty-5azwarbug-bounty, vulnerability, laravel14-Oct-2024
ColdRoot Malwarehttps://medium.com/@reemmoslem34/coldroot-malware-de44cf04e319?source=rss------bug_bounty-5Rem Khalidbug-bounty, cyberattack, cybersecurity, hacking, malware14-Oct-2024
Zerologon Exploithttps://medium.com/@reemmoslem34/zerologon-exploit-ce83a5a8ef3b?source=rss------bug_bounty-5Rem Khalidbug-bounty, hacking, malware, cybersecurity, cyberattack14-Oct-2024
List of the Best Free Labs to Start Learning Cybersecurity on TryHackMehttps://medium.com/@malwarilia/list-of-the-best-free-labs-to-start-learning-cybersecurity-on-tryhackme-b94c1803c496?source=rss------bug_bounty-5Marília Rochabug-bounty, information-security, cybersecurity, pentest, cyberattack14-Oct-2024
Finding XSS Vulnerabilities and earn upto $200-$10,000 easily .https://medium.com/@anandrishav2228/finding-xss-vulnerabilities-and-earn-upto-200-10-000-easily-0aab2c725882?source=rss------bug_bounty-5Rishav anandcompany, xss-attack, bug-bounty, cybersecurity, money14-Oct-2024
Bug on ParrotCTFhttps://infosecwriteups.com/bug-on-parrotctf-e64424b0d043?source=rss------bug_bounty-5SIDHARTH PANDAparrotctf, bug-bounty, extention, hacking14-Oct-2024
TERGET WEBSITE RECON PROCESShttps://medium.com/@MdAktarujaman.ehp/terget-website-recon-process-d8e38649782e?source=rss------bug_bounty-5Md Aktarujjamanbug-bounty, hacking, penetration-testing, target, website14-Oct-2024
GraphQL Hacking 101: Finding and Exploiting APIs for Fun and Profithttps://medium.com/@v1xtron/graphql-hacking-101-finding-and-exploiting-apis-for-fun-and-profit-af34b5ea15f3?source=rss------bug_bounty-5v1xtrongraphql, reconnaissance, bug-bounty-tips, bug-bounty, penetration-testing14-Oct-2024
Attacking organisation with big scope: Part 1https://medium.com/@sabirasdev/attacking-organisation-with-big-scope-part-1-631fdc00e973?source=rss------bug_bounty-5S A B I Rcyber-security-awareness, reconnaissance, cybersecurity, bug-bounty14-Oct-2024
10 Habits to Become A PRO Hacker!https://medium.com/@TahirAyoub/10-habits-to-become-a-pro-hacker-3c826b650192?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, habits, hacking, cybersecurity, ethical-hacking14-Oct-2024
JWT Authentication Bypass leads to Admin Control Panelhttps://infosecwriteups.com/jwt-authentication-bypass-leads-to-admin-control-panel-dfa6efcdcbf5?source=rss------bug_bounty-5Hohkybug-bounty, bug-bounty-writeup, account-takeover, jwt-token, hacking14-Oct-2024
❤Bug Bounty tool List❤https://medium.com/@shardulsawant67/bug-bounty-tool-list-fee6620c0048?source=rss------bug_bounty-5Shardul Sawantbug-bounty-tool, website-hosting, bug-bounty, bug-bounty-tips, web-enumeration14-Oct-2024
Social media account hijacking — VDPhttps://medium.com/@embossdotar/social-media-account-hijacking-vdp-fa674b25af44?source=rss------bug_bounty-5embossdotarcybersecurity, bug-bounty, it-security, vulnerability, hacking14-Oct-2024
Exposing 100,000 User Data : Massive API Bug Exposinghttps://medium.com/@360Security/exposing-100-000-user-data-massive-api-bug-exposing-037b56cfe98d?source=rss------bug_bounty-5360 Securitycybersecurity, bug-bounty, penetration-testing, information-security, api-security14-Oct-2024
10 Habits to Become A PRO Hacker!https://osintteam.blog/10-habits-to-become-a-pro-hacker-3c826b650192?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, habits, hacking, cybersecurity, ethical-hacking14-Oct-2024
Blind SSRF Vulnerabilityhttps://medium.com/@guravtushar231/blind-ssrf-vulnerability-97d2f1decfe6?source=rss------bug_bounty-5Tushar_infosecbug-bounty, cybersecurity, ethical-hacking, ssrf, hacking14-Oct-2024
Pokémon Developer Game Freak Hacked: 2,600 Employees’ Data Leaked!https://medium.com/@wiretor/pok%C3%A9mon-developer-game-freak-hacked-2-600-employees-data-leaked-9e00ad9b3b0e?source=rss------bug_bounty-5WIRE TORvirus, pentest, malware, bug-bounty, hacking14-Oct-2024
10 Habits to Become A PRO Hacker!https://infosecwriteups.com/10-habits-to-become-a-pro-hacker-3c826b650192?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, habits, hacking, cybersecurity, ethical-hacking14-Oct-2024
0dSSRF | Automate Finding SSRF & External Service Interactions & Open Redirectshttps://kariiem.medium.com/0dssrf-automate-finding-ssrf-external-service-interactions-open-redirects-944be6770a02?source=rss------bug_bounty-5Kariiem Gamalbug-bounty, bug-bounty-tips, ssrf, web-pen-testing, pentesting14-Oct-2024
P4 bug’s and their POC steps | Part 6https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-6-8e3aa981673a?source=rss------bug_bounty-5socalledhackerbugs, infosec, web-security, bug-bounty, cybersecurity14-Oct-2024
IDOR chained with JWT token cracking leads to edit, view and deletion of 160000 user accounts.https://aswinthambipanik07.medium.com/idor-chained-with-jwt-token-cracking-leads-to-edit-view-and-deletion-of-160000-user-accounts-65e65e6dc1f1?source=rss------bug_bounty-5Aswin Thambi Panikulangarabug-bounty, bug-bounty-tips, jwt, hacking, cybersecurity13-Oct-2024
No Rate Limit on Forgot Password: Leading to Email Flooding or mail bombinghttps://medium.com/@mrutunjayasenapati0/no-rate-limit-on-forgot-password-leading-to-email-flooding-or-mail-bombing-c68d842d6eaf?source=rss------bug_bounty-5Mrutunjaya Senapaticybersecurity, linux, hunting, bug-bounty, hacking13-Oct-2024
How I got Time Based SQL Injection in an Old Public Bug Bounty Programhttps://medium.com/@kshunya/how-i-got-time-based-sql-injection-in-an-old-public-bug-bounty-program-f6260cd4e75e?source=rss------bug_bounty-5Vishal Barotethical-hacking, bug-bounty, vapt, cybersecurity, penetration-testing13-Oct-2024
IDOR : Step by Step guide to Account Takeover of Any Userhttps://medium.com/@360Security/idor-step-by-step-guide-to-account-takeover-of-any-user-cb90bbcfd0fc?source=rss------bug_bounty-5360 Securityinformation-security, cybersecurity, bug-bounty, penetration-testing, vulnerability13-Oct-2024
Recon Nədir və Niyə Əhəmiyyətlidir? : Zəifliklərin Aşkar Edilməsi və Etik Hakerlik (Bölüm 2)https://zeynalxan.medium.com/recon-n%C9%99dir-v%C9%99-niy%C9%99-%C9%99h%C9%99miyy%C9%99tlidir-z%C9%99iflikl%C9%99rin-a%C5%9Fkar-edilm%C9%99si-v%C9%99-etik-hakerlik-b%C3%B6l%C3%BCm-2-c4b554db0c8e?source=rss------bug_bounty-5Zeynalxan Quliyevrecon, recon-nece-edilir, bug-bounty-tips, recon-nədir, bug-bounty13-Oct-2024
⚠️ How to crash a PC Forever ⚠️https://medium.com/@emailrajdeepmishra/%EF%B8%8F-how-to-crash-a-pc-forever-%EF%B8%8F-09aa122c1844?source=rss------bug_bounty-5RAJDEEP MISHRAbug-bounty, cybersecurity, ethical-hacking, crash, bugs13-Oct-2024
Breaking the Game: Score Manipulation and Leaderboard Takeoverhttps://aminudin.medium.com/breaking-the-game-score-manipulation-and-leaderboard-takeover-b3ab16d02060?source=rss------bug_bounty-5Aminudinbug-bounty-tips, bug-bounty-writeup, bugs, bug-bounty13-Oct-2024
A Deep Dive into Subdomain Management Using SubScopehttps://medium.com/@hunthubspace/a-deep-dive-into-subdomain-management-using-subscope-43f8653b4593?source=rss------bug_bounty-5hunThubpenetration-testing, bug-bounty, bug-bounty-tips, cybersecurity, automation13-Oct-2024
Bypassing Location Restrictions on a Android App Using Fridahttps://medium.com/@omdubey170/hello-pentester-07209d5d8d42?source=rss------bug_bounty-5Omdubeyandroid, bug-bounty, android-pentesting, hacking, cybersecurity13-Oct-2024
The Great Photo Heist: IDOR Vulnerability Strikes Againhttps://rofes1337.medium.com/the-great-photo-heist-idor-vulnerability-strikes-again-6ed9a47c8c74?source=rss------bug_bounty-5Yousef Muhammedelkhirhackerone, bug-bounty, poc, idor-vulnerability, idor-poc13-Oct-2024
Creating a Honeypot: A Practical Guide to Understanding Cybersecurity Threatshttps://medium.com/@paritoshblogs/creating-a-honeypot-a-practical-guide-to-understanding-cybersecurity-threats-9d2e63e90892?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, cybersecurity, hacking, honeypot13-Oct-2024
“The Biggest Mistake Holding You Back in Bug Bounty Hunting: Why You’re Not Making Progress”https://medium.com/@mahdisalhi0500/the-biggest-mistake-holding-you-back-in-bug-bounty-hunting-why-youre-not-making-progress-1475eef8f04b?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, hacking, ethical-hacking, cybersecurity, bug-bounty13-Oct-2024
Cracking WordPress Security with WPScan: A Bug Bounty Hunter’s Journey ️️‍♂️https://medium.com/@gouravrathod8788/cracking-wordpress-security-with-wpscan-a-bug-bounty-hunters-journey-%EF%B8%8F-%EF%B8%8F-%EF%B8%8F-c9389c94cc6b?source=rss------bug_bounty-5Gourav Singh Rajputcybersecurity, bug-bounty, bug-bounty-tips, wordpress13-Oct-2024
From simple recon to PWN wordpress admin panel writeuphttps://ro0od.medium.com/from-simple-recon-to-pwn-wordpress-admin-panel-writeup-622156a1c9b2?source=rss------bug_bounty-5roodbug-bounty, writeup, infosec-write-ups, infosec13-Oct-2024
How to create a custom daemon using shell scriptshttps://medium.com/@mysticraganork66/how-to-create-a-custom-daemon-using-shell-scripts-ce27c13657d1?source=rss------bug_bounty-50verlo0kedhacking, cybersecurity, writeup, daemon, bug-bounty13-Oct-2024
Unleashing the Power of Kali Linux Daemonshttps://systemweakness.com/unleashing-the-power-of-kali-linux-daemons-c19133db43ec?source=rss------bug_bounty-50verlo0kedbug-bounty, penetration-testing, docker, hacking, cybersecurity13-Oct-2024
Cache Deception | 450$https://medium.com/@0x_karim/cache-deception-450-a02cd655b33f?source=rss------bug_bounty-50xkarimbug-bounty, bug-bounty-tips, hacking, web-security, bugs13-Oct-2024
OAuth Misconfiguration: How I Hijacked Accounts with 0 Clicks and Got Paid!https://osintteam.blog/oauth-misconfiguration-how-i-hijacked-accounts-with-0-clicks-and-got-paid-df8f7a20b438?source=rss------bug_bounty-5Raunak Gupta Aka Biscuittechnology, programming, cybersecurity, bug-bounty, javascript13-Oct-2024
Open Redirect to XSS to Account Takeover to $$$$https://osintteam.blog/open-redirect-to-xss-to-account-takeover-to-de8739f9a4f0?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitjavascript, technology, programming, cybersecurity, bug-bounty13-Oct-2024
UNION Tabanlı SQL Injectionhttps://medium.com/@kenes7667/union-tabanl%C4%B1-sql-injection-bcc023156b64?source=rss------bug_bounty-5EnessKoçbug-bounty, sql-injection12-Oct-2024
Automation in Cyber Defence: The Future of Securing Digital Frontiershttps://medium.com/@paritoshblogs/automation-in-cyber-defence-the-future-of-securing-digital-frontiers-992fa1ceb552?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, coding, cybersecurity, automation12-Oct-2024
Clickjacking Is Worth Reporting Nowadays? | Removing all confusion on Clickjacking bugs.https://medium.com/@the.air.cyborg/clickjacking-is-worth-reporting-nowadays-removing-all-confusion-on-clickjacking-bugs-a1c77fc4e5b8?source=rss------bug_bounty-5the_air_cyborgclickjacking, bug-bounty-tips, bugbounty-writeup, bug-bounty, vulnerability12-Oct-2024
Port Scanning Essentials for Bug Bounty Researchershttps://bevijaygupta.medium.com/port-scanning-essentials-for-bug-bounty-researchers-de52c6aa7b8a?source=rss------bug_bounty-5Vijay Guptabug-bounty, port-scanning, bounty-program, bugs, bug-bounty-tips12-Oct-2024
Cracking ATO via Email HTML Injectionhttps://medium.com/@dsmodi484/cracking-ato-via-email-html-injection-edd19c8e1b8f?source=rss------bug_bounty-5Dishant Modiemail, injection, vulnerability, html, bug-bounty12-Oct-2024
How I Discovered Account Takeover (ATO) via Cross-Site Scripting (XSS)https://osintteam.blog/how-i-discovered-account-takeover-ato-via-cross-site-scripting-xss-34698ee54009?source=rss------bug_bounty-5JEETPALato, bug-bounty-tips, xss-attack, bug-bounty, bug-bounty-writeup12-Oct-2024
Understanding Server-Side Request Forgery (SSRF): A Critical Web Vulnerabilityhttps://medium.com/@mrutunjayasenapati0/understanding-server-side-request-forgery-ssrf-a-critical-web-vulnerability-11a7ee2d87f7?source=rss------bug_bounty-5Mrutunjaya Senapatiowasp, vulnerability, hacking, ssrf, bug-bounty12-Oct-2024
Cybersecurity Breach Forces Calgary Public Library to Shut Down All Locations ️https://medium.com/@wiretor/cybersecurity-breach-forces-calgary-public-library-to-shut-down-all-locations-%EF%B8%8F-f1c0921f40e8?source=rss------bug_bounty-5WIRE TORhacked, bug-bounty, hacker, data, breach12-Oct-2024
Unlocking Some Effective Information Gathering Methodologieshttps://medium.com/@prasanna.acharya/unlocking-some-effective-information-gathering-methodologies-1f67787019d1?source=rss------bug_bounty-5Prasanna Acharyabug-bounty, web-security, bug-bounty-tips, information-gathering, web-penetration-testing12-Oct-2024
From NA to P1, How i was able to get access to a Bank Admin Panelhttps://medium.com/@yousefmoh15/from-na-to-p1-how-i-was-able-to-get-access-to-a-bank-admin-panel-52e5f9ef7ef5?source=rss------bug_bounty-5Yousef Mohamedhacking, bug-bounty, wordpress, bugcrowd12-Oct-2024
Uncovering Path Traversal Vulnerabilities Through Host Monitoringhttps://mchklt.medium.com/uncovering-path-traversal-vulnerabilities-through-host-monitoring-c8abb65f48f5?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAautomation, ethical-hacking, penetration-testing, bug-bounty-hunter, bug-bounty12-Oct-2024
Uncovering Path Traversal Through Host Monitoringhttps://mchklt.medium.com/uncovering-path-traversal-vulnerabilities-through-host-monitoring-c8abb65f48f5?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAautomation, ethical-hacking, penetration-testing, bug-bounty-hunter, bug-bounty12-Oct-2024
Effective Port Scanning for Finding Vulnerabilities in Bug Bountieshttps://bevijaygupta.medium.com/effective-port-scanning-for-finding-vulnerabilities-in-bug-bounties-0c16871a7e0b?source=rss------bug_bounty-5Vijay Guptabug-bounty, bugs, bug-bounty-tips, vulnerability, port-scanning11-Oct-2024
Bug Hunting Recon Methodology | Part2 | LegionHunterhttps://osintteam.blog/bug-hunting-recon-methodology-part2-legionhunter-4bb925e3e1bf?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, pentesting, infosec, cybersecurity, bug-bounty-tips11-Oct-2024
How to Find SQL Vulnerabilities in Web Applications and Websites and Earn up to $500—$10,000https://medium.com/@anandrishav2228/how-to-find-sql-vulnerabilities-in-web-applications-and-websites-and-earn-up-to-500-10-000-f0935e9d4892?source=rss------bug_bounty-5Rishav anandbug-bounty, money, ai, cybersecurity, india11-Oct-2024
How I Made $6,200 in a Single Bug Bounty Using SubdomainRadar.iohttps://medium.com/@alexandrevandammepro/how-i-made-6-200-in-a-single-bug-bounty-using-subdomainradar-io-a557f2baae0b?source=rss------bug_bounty-5Alexandre Vandammepentesting, cybersecurity, osint, bug-bounty, bug-bounty-tips11-Oct-2024
How I Got $250 with a Weak Signup Flowhttps://infosecwriteups.com/how-i-got-250-with-a-weak-signup-flow-3d87d34059fa?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitbug-bounty, technology, programming, cybersecurity11-Oct-2024
Hacking Documentaries and Movies for Bug Bounty Huntershttps://medium.com/cyberscribers-exploring-cybersecurity/hacking-documentaries-and-movies-for-bug-bounty-hunters-92e02b6ab264?source=rss------bug_bounty-5Tahir Ayoubcybersecurity, documentary, hacking, security, bug-bounty11-Oct-2024
CVE-2024–0195 Improper Control of Generation of Code (‘Code Injection’)https://infosecwriteups.com/cve-2024-0195-improper-control-of-generation-of-code-code-injection-c292836e03ec?source=rss------bug_bounty-5Ajay Naikvulnerability, bugs, bug-bounty, cyber-security-awareness, cybersecurity11-Oct-2024
Introduction to Netcathttps://medium.com/@Code_With_Ssn/introduction-to-netcat-af57e11ee756?source=rss------bug_bounty-5N4!TR0 07bug-bounty-writeup, bug-bounty-tips, netcat, bug-bounty, cybersecurity11-Oct-2024
One Cookie Paid Me $500 in under a minutehttps://medium.com/@nireshpandian19/one-cookie-paid-me-500-in-under-a-minute-8a9fb1a034ae?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty-tips, cybersecurity, programming, technology, bug-bounty11-Oct-2024
Lenfi Successfully Concludes Its Bug Bounty Programhttps://medium.com/@lenfi/lenfi-successfully-concludes-its-bug-bounty-program-e317df3967b2?source=rss------bug_bounty-5Lenfidefi, bug-bounty, cardano, project-catalyst, lenfi11-Oct-2024
File Path Traversal Sequences Stripped Non-Recursivelyhttps://medium.com/@rcxsecurity/file-path-traversal-sequences-stripped-non-recursively-6d8a6a2d92d4?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafeinformation-security, cybersecurity, red-team, penetration-testing, bug-bounty11-Oct-2024
Understanding Security Logging and Monitoring Failures: A Crucial Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-security-logging-and-monitoring-failures-a-crucial-vulnerability-in-web-security-d63a7b42062e?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, vulnerability, bugs, bug-bounty, owasp11-Oct-2024
How I discovered 2FA bypass leading to potential ATO lead funds loss in a web3https://medium.com/@jeetpal2007/how-i-discovered-2fa-bypass-leading-to-potential-ato-lead-funds-loss-in-a-web3-dc19f5588fbd?source=rss------bug_bounty-5JEETPALcybersecurity, bug-bounty, bugbounty-writeup, ato, web311-Oct-2024
How I discovered 2FA bypass leading to potential ATO lead funds loss in a web3https://medium.com/h7w/how-i-discovered-2fa-bypass-leading-to-potential-ato-lead-funds-loss-in-a-web3-e498ce26b29e?source=rss------bug_bounty-5JEETPALbug-bounty, bugbounty-writeup, ato, web3, cybersecurity11-Oct-2024
Broken Access Control Vulnerability in an Order Management Systemhttps://medium.com/@omdubey170/broken-access-control-vulnerability-in-an-order-management-system-8a1097b03926?source=rss------bug_bounty-5Omdubeybug-bounty, infosec, hacking, cybersecurity, vulnerability11-Oct-2024
Effective Domain Management for Bug Bounty Programs Using SubScopehttps://medium.com/@hunthubspace/effective-domain-management-for-bug-bounty-programs-using-subscope-f74b7a0db428?source=rss------bug_bounty-5hunThubprogramming, penetration-testing, automation, bug-bounty, bug-bounty-tips11-Oct-2024
Endpoint confusion lead to 2FA bypasshttps://medium.com/@mohamed0xmuslim/endpoint-confusion-lead-to-2fa-bypass-67015dbb4c70?source=rss------bug_bounty-5Muhammad_Mostafabug-bounty-hunter, bug-bounty, bug-bounty-writeup, penetration-testing, bug-bounty-tips11-Oct-2024
CVE-2024-44000 - WordPress Debug Log Exposure Leading to Session Cookie Hijackinghttps://infosecwriteups.com/cve-2024-44000-wordpress-debug-log-exposure-leading-to-session-cookie-hijacking-afcfada02c44?source=rss------bug_bounty-5Ajay Naikvulnerability, vulnerability-management, penetration-testing, cybersecurity, bug-bounty11-Oct-2024
Bypass WAF & Grab a $200 Bug Bounty!https://osintteam.blog/bypass-waf-grab-a-200-bug-bounty-4442621cd90a?source=rss------bug_bounty-5Raunak Gupta Aka Biscuittechnology, bug-bounty, cybersecurity, javascript, programming11-Oct-2024
Firefox&Chrome extensions for bugbounty hunters.https://osintteam.blog/firefox-chrome-extensions-for-bugbounty-hunters-4006707ee87b?source=rss------bug_bounty-5loyalonlytodaycybersecurity, hacking, penetration-testing, bug-bounty, tips11-Oct-2024
Bypass WAF & Grab a $300 Bug Bounty!https://osintteam.blog/bypass-waf-grab-a-200-bug-bounty-4442621cd90a?source=rss------bug_bounty-5Raunak Gupta Aka Biscuittechnology, bug-bounty, cybersecurity, javascript, programming11-Oct-2024
Unlocking the Potential of OSINT: Shaping the Future of Intelligence in Our Data-Driven Worldhttps://medium.com/@narayanadasbalaji2004/unlocking-the-potential-of-osint-shaping-the-future-of-intelligence-in-our-data-driven-world-b0cda62d6bb5?source=rss------bug_bounty-5Narayanadas Balajihacking, osint, cybersecurity, bugbounty-tips, bug-bounty10-Oct-2024
Streamlining Your Bug Bounty Projects: Adding and Managing Programs via SubScopehttps://medium.com/@hunthubspace/streamlining-your-bug-bounty-projects-adding-and-managing-programs-via-subscope-e394acfdf711?source=rss------bug_bounty-5hunThubautomation, bug-bounty-tips, bug-bounty, penetration-testing, cybersecurity10-Oct-2024
How I Earned $250 for Reporting a simple Bug To CodaPaymentshttps://medium.com/@aligoodluck427/how-i-earned-250-for-reporting-a-simple-bug-to-codapayments-b8f1be275138?source=rss------bug_bounty-5Aligoodluckbugbounty-tips, bug-bounty, bugbounty-automation, bugbounty-writeup, bugbounty-poc10-Oct-2024
First Bug, Big Win: How a $100 IDOR Bug Kicked-off My Bug Bounty Journeyhttps://dukrov.medium.com/first-bug-big-win-how-a-100-idor-bug-kicked-off-my-bug-bounty-journey-69e2e7179477?source=rss------bug_bounty-5͏ ͏Dukrovhackerone, bugbounty-tips, hacking, cybersecurity, bug-bounty10-Oct-2024
How i got my first Letter of Appreciation + Hall of Famehttps://rivudon.medium.com/how-i-got-my-first-letter-of-appreciation-hall-of-fame-a3c0079e60ef?source=rss------bug_bounty-5Rivek Raj Tamang ( RivuDon )bug-bounty-tips, bug-bounty, infosec, information-security, cybersecurity10-Oct-2024
Critical IDOR Vulnerability leads to PII leakagehttps://snc0pe.medium.com/critical-idor-vulnerability-leads-to-pii-leakage-684795ede850?source=rss------bug_bounty-5Snc0pebug-bounty, web-app-security, idor10-Oct-2024
How to Use ChatGPT Effectively for Bug Bounty Huntinghttps://medium.com/@anandrishav2228/how-to-use-chatgpt-effectively-for-bug-bounty-hunting-47ff0762139e?source=rss------bug_bounty-5Rishav anandchatgpt, money, ai, bug-bounty, cybersecurity10-Oct-2024
The Truth About Bug Bounty Hunting.https://medium.com/@thebughunttribe/the-truth-about-bug-bounty-hunting-597e54acd2a0?source=rss------bug_bounty-5The Hunt Tribebug-bounty-hunter, bug-bounty, bugs, bugbounty-tips, bugbounty-writeup10-Oct-2024
Forced OAuth Profile Linking Lead to Account Takeoverhttps://medium.com/@0xtal3at/forced-oauth-profile-linking-lead-to-account-takeover-954114158818?source=rss------bug_bounty-50Xtal3atbug-bounty, bugbounty-writeup, cybersecurity10-Oct-2024
Understanding Software and Data Integrity Failures: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-software-and-data-integrity-failures-a-critical-vulnerability-in-web-security-9d3f96f20bb9?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, bugs, bug-bounty, vulnerability, owasp10-Oct-2024
Bypassing Multiple Checks on Android Applications: A Security Researcher’s Experiencehttps://medium.com/@sc128496/bypassing-multiple-checks-on-android-applications-a-security-researchers-experience-2ec1a3005b60?source=rss------bug_bounty-5Sahil Choudharyandroid, pentesting, bug-bounty, cybersecurity, reverse-engineering10-Oct-2024
How i found my first open redirecthttps://medium.com/@yagomartins30/how-i-found-my-first-open-redirect-cd9ca60d307d?source=rss------bug_bounty-5Yago Martinshacking, bug-bounty, programming, writeup, pentesting10-Oct-2024
Top 10 Cybersecurity Tools Every Business Should Use in 2024https://cyberconsultingcompany.medium.com/top-10-cybersecurity-tools-every-business-should-use-in-2024-f7b93c208722?source=rss------bug_bounty-5Cyber Consulting Companycyber, cyber-security-awareness, cyber-security-solutions, bug-bounty, cyber-security-services09-Oct-2024
Unlock Unlimited Access to ChatGPT-4: A Step-by-Step Guide to Using Images and Files Without Limitshttps://medium.com/@shaikhminhaz1975/unlock-unlimited-access-to-chatgpt-4-a-step-by-step-guide-to-using-images-and-files-without-limits-0f1db3ca57d8?source=rss------bug_bounty-5Shaikh Minhazbug-bounty, gpt-4, cybersecurity, free, chatgpt09-Oct-2024
Bug Hunting Recon Methodology | Part1 | LegionHunterhttps://systemweakness.com/bug-hunting-recon-methodology-part1-legionhunter-975b7bbe3231?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, pentesting, bug-hunting, legionhunter, bug-bounty-tips09-Oct-2024
Port Scanning Demystified for Bug Bounty Successhttps://bevijaygupta.medium.com/port-scanning-demystified-for-bug-bounty-success-a820c2c632cd?source=rss------bug_bounty-5Vijay Guptaport-scanning, bug-bounty-tips, bugs, bug-zero, bug-bounty09-Oct-2024
E-commerce website vulnerability bounty practice sharing: Pre-Authentication takeover, API security…https://medium.com/@security.tecno/e-commerce-website-vulnerability-bounty-practice-sharing-pre-authentication-takeover-api-security-b27b51edfaff?source=rss------bug_bounty-5TECNO Securityhacking, web, security, bug-bounty09-Oct-2024
How I Found SSRF in 5 minuteshttps://medium.com/@gguzelkokar.mdbf15/how-i-found-ssrf-in-5-minutes-a3a58e3d53e1?source=rss------bug_bounty-5Gökhan Güzelkokarbug-bounty, web-security, application-security, hacking, ssrf09-Oct-2024
Curated List of Awesome Hacker Search Engines for Penetration Testing and Cybersecurity…https://osintteam.blog/curated-list-of-awesome-hacker-search-engines-for-penetration-testing-and-cybersecurity-9f0b9cb63a1d?source=rss------bug_bounty-5Ajay Naikvulnerability, information-security, cybersecurity, bug-bounty, bug-bounty-tips09-Oct-2024
How to Start Your Hacking Journey and Choose the Right Role in Cybersecurityhttps://medium.com/@harshkatiyar5556/how-to-start-your-hacking-journey-and-choose-the-right-role-in-cybersecurity-9eff1ec5e7f2?source=rss------bug_bounty-5Harsh Katiyarethical-hacking, bug-bounty, careers, penetration-testing, cybersecurity09-Oct-2024
My Active Subdomain Enumeration Techniquehttps://mr-abdullah.medium.com/my-active-subdomain-enumeration-technique-57a508343fc4?source=rss------bug_bounty-5Mr Abdullahbug-bounty, web-hacking, enumeration, hacking, information09-Oct-2024
SSRF via Flawed Request Parsinghttps://medium.com/@rcxsecurity/ssrf-via-flawed-request-parsing-7b32a119f047?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafepenetration-testing, information-security, hacking, cybersecurity, bug-bounty09-Oct-2024
Understanding Identification and Authentication Failures: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-identification-and-authentication-failures-a-critical-vulnerability-in-web-security-88a4bcbcc783?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, bugs, vulnerability, hacking, owasp09-Oct-2024
Understanding Vulnerable and Outdated Components: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-vulnerable-and-outdated-components-a-critical-vulnerability-in-web-security-f8a9a9ae0b10?source=rss------bug_bounty-5Mrutunjaya Senapatiowasp, hacking, bug-bounty, vulnerability, bugs09-Oct-2024
No Easy P1s on the fly if your site runs WP or Drupalhttps://medium.com/@nireshpandian19/no-easy-p1s-on-the-fly-if-your-site-runs-wp-or-drupal-a7700650f86b?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty, wordpress, bug-bounty-writeup, ethical-hacking, idor09-Oct-2024
Finding a no ratelimit bug on invite teammate page.https://osintteam.blog/finding-a-no-ratelimit-bug-on-invite-teammate-page-02c97e845b00?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, cybersecurity, bug-bounty, tips, hacking09-Oct-2024
Easy P1s on the fly if your site runs WP or Drupalhttps://medium.com/@nireshpandian19/no-easy-p1s-on-the-fly-if-your-site-runs-wp-or-drupal-a7700650f86b?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty, wordpress, bug-bounty-writeup, ethical-hacking, idor09-Oct-2024
Race Condition leads to Cache Poisoning ?!https://ltidi.medium.com/race-condition-leads-to-cache-poisoning-77bdfb9483fd?source=rss------bug_bounty-5LTiDiweb-cache-poisoning, bug-bounty08-Oct-2024
Unlocking Hidden Vulnerabilities: How to Automate Your Bug Bounty Game with GitHub Actionshttps://theshaco.com/unlocking-hidden-vulnerabilities-how-to-automate-your-bug-bounty-game-with-github-actions-3f6c9501fe64?source=rss------bug_bounty-5Khaleel Khanhacking, bug-bounty, bug-bounty-tips, cybersecurity, infosec08-Oct-2024
From Ports to Payouts: Scanning Strategies for Bug Bountieshttps://bevijaygupta.medium.com/from-ports-to-payouts-scanning-strategies-for-bug-bounties-a2861077a0d8?source=rss------bug_bounty-5Vijay Guptascanning, bug-bounty-tips, bug-bounty, payouts, ports08-Oct-2024
How I Discovered an Email Verification Bypasshttps://mo9khu93r.medium.com/how-i-discovered-an-email-verification-bypass-e487270a61d3?source=rss------bug_bounty-5mo9khu93rvulnerability, hacking, bug-bounty, cybersecurity, pentesting08-Oct-2024
Understanding and Detecting XSS Vulnerabilities: A Complete Guidehttps://medium.com/@anandrishav2228/understanding-and-detecting-xss-vulnerabilities-a-complete-guide-4d3a85e4bed0?source=rss------bug_bounty-5Rishav anandai, bug-bounty, testing, cybersecurity, money08-Oct-2024
A quick P2 vulnerability, just like that !https://medium.com/@nireshpandian19/a-quick-p2-vulnerability-just-like-that-5fc4f25f3b09?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty, hackerone, bug-bounty-writeup, idor, ethical-hacking08-Oct-2024
Methods to Bypass Captchas: A Deep Dive into Common Techniqueshttps://medium.com/@dasmanish6176/methods-to-bypass-captchas-a-deep-dive-into-common-techniques-309006f28923?source=rss------bug_bounty-5Dasmanishbug-bounty, ethical-hacking, vapt, captcha08-Oct-2024
How i found endpoints from reading hacker-one reportshttps://medium.com/@anonymousshetty2003/how-i-found-endpoints-from-reading-hacker-one-reports-20cfd6f0f62c?source=rss------bug_bounty-5Anonymousshettycybersecurity, hacking, dorking, bug-bounty08-Oct-2024
Blind XSS Practical Guide — Bug Bounty Tuesdayhttps://medium.com/@kerstan/blind-xss-practical-guide-bug-bounty-tuesday-3126bd52fae6?source=rss------bug_bounty-5kerstanhacking, cybersecurity, bug-bounty08-Oct-2024
ironCTF 2024 Writeuphttps://medium.com/@pphreak313/ironctf-2024-writeup-782f41854341?source=rss------bug_bounty-5Shlok Kctf-writeup, cybersecurity, bug-bounty, ctf08-Oct-2024
From 401 — Unauthorized Access to 3000 $ Bounty from Microsoft.https://medium.com/@bashir69emceeaka5/from-401-unauthorized-access-to-3000-bounty-from-microsoft-53b086379a08?source=rss------bug_bounty-5Bashir Mohammedred-team, microsoft, bug-bounty, bugbounty-writeup, security08-Oct-2024
How I Hacked an Admin Panel in Just 2 Minuteshttps://medium.com/@ranjanyadav2003/how-i-hacked-an-admin-panel-in-just-2-minutes-19d145820ee7?source=rss------bug_bounty-5Ranjan_Yadavbug-bounty, cybersecurity08-Oct-2024
CVE-2024–25600: WordPress Bricks Builder Remote Code Execution Vulnerability -$$$$ BOUNTYhttps://infosecwriteups.com/cve-2024-25600-wordpress-bricks-builder-remote-code-execution-vulnerability-bounty-997d488fd54e?source=rss------bug_bounty-5Ajay Naikbug-bounty, cyberattack, rewards, cybersecurity, information-technology08-Oct-2024
Exploiting NoSQL operator injection to extract unknown fieldshttps://medium.com/@codingbolt.in/exploiting-nosql-operator-injection-to-extract-unknown-fields-b0d58bea9bbe?source=rss------bug_bounty-5codingboltcybersecurity, bug-bounty, nosql-injection, nosql, ethical-hacking08-Oct-2024
Exploiting NoSQL injection to extract datahttps://medium.com/@codingbolt.in/exploiting-nosql-injection-to-extract-data-70fea37ed111?source=rss------bug_bounty-5codingboltethical-hacking, nosql-injection, cybersecurity, nosql, bug-bounty08-Oct-2024
Exploiting NoSQL operator injection to bypass authenticationhttps://medium.com/@codingbolt.in/exploiting-nosql-operator-injection-to-bypass-authentication-9239353b9424?source=rss------bug_bounty-5codingboltethical-hacking, nosql-injection, bug-bounty, cybersecurity, nosql08-Oct-2024
How Disabling 2FA Could End with a Bug?https://7odamoo.medium.com/hacking-hackerone-how-disabling-2fa-could-end-with-a-bug-b637c154ce06?source=rss------bug_bounty-5Mahmoud Hamedbug-bounty, pentesting08-Oct-2024
Breaking into the Shoutcast Server of a Multimedia Companyhttps://medium.com/@anonymousshetty2003/breaking-into-the-shoutcast-server-of-a-multimedia-company-e13dae3b17a3?source=rss------bug_bounty-5Anonymousshettycybersecurity, hacking, bug-bounty, vapt, wapt08-Oct-2024
Understanding Security Misconfiguration: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-security-misconfiguration-a-critical-vulnerability-in-web-security-4c87a5de4937?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, owasp, bug-bounty, server-misconfiguration, vulnerability08-Oct-2024
Account Takeover via Hidden Parameters in BBPhttps://cyb3rc4t.medium.com/account-takeover-via-hidden-parameters-in-bbp-f65ce42ca96f?source=rss------bug_bounty-5CYB3RC4Tbounty-program, bug-bounty, infosec, account-takeover, hackerone8-Oct-2024
Using ‘Waymore’ to Uncover Archived Treasures and Customer Datahttps://sl4x0.medium.com/using-waymore-to-uncover-archived-treasures-and-customer-data-a969474447a7?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)bugcrowd, hackerone, web-security, pentesting, bug-bounty8-Oct-2024
How I got a 5000 $ Bounty from Microsofthttps://medium.com/@bashir69emceeaka5/how-i-got-a-5000-bounty-from-microsoft-fb2e27fd40f7?source=rss------bug_bounty-5Bashir Mohammedred-team, bug-bounty-tips, security, bug-bounty-writeup, bug-bounty8-Oct-2024
How I got a 5000 $ Bounty from Microsofthttps://medium.com/@bashir69emceeaka5/how-i-got-a-5000-bounty-from-microsoft-fb2e27fd40f7?source=rss------bug_bounty-5Bashir Mohamedred-team, bug-bounty-tips, security, bug-bounty-writeup, bug-bounty08-Oct-2024
From 401 — Unauthorized Access to 3000 $ Bounty from Microsoft.https://medium.com/@bashir69emceeaka5/from-401-unauthorized-access-to-3000-bounty-from-microsoft-53b086379a08?source=rss------bug_bounty-5Bashir Mohamedred-team, microsoft, bug-bounty, bugbounty-writeup, security08-Oct-2024
HOW TO INSTALL GO IN KALILINUX.https://osintteam.blog/how-to-install-go-in-kalilinux-95924b5e9cde?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, hacking, go, tips08-Oct-2024
Top 10 BurpSuite Extensions Every Bug Bounty Hunter Needshttps://osintteam.blog/top-10-burpsuite-extensions-every-bug-bounty-hunter-needs-67b6fddf612b?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitprogramming, ethical-hacking, hacking, burpsuite, bug-bounty08-Oct-2024
Asset discovery with favicon hash.https://osintteam.blog/asset-discovery-with-favicon-hash-515d1c8a85cd?source=rss------bug_bounty-5loyalonlytodayhacking, tips, bug-bounty-tips, cybersecurity, bug-bounty07-Oct-2024
Finding a easy p4 as per bugcrowd vrthttps://osintteam.blog/finding-a-easy-p4-as-per-bugcrowd-vrt-3e5c132f28d0?source=rss------bug_bounty-5loyalonlytodaybugs, tips, bug-bounty, cybersecurity, hacking07-Oct-2024
Bug Bounty VS Motivationhttps://osintteam.blog/bug-bounty-vs-motivation-27c3c37f2c28?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitprogramming, motivation, hacking, cybersecurity, bug-bounty07-Oct-2024
Subdomain Enumeration | BBOT ✅>= Subfinder + Sublist3r + Assetfinder + Amass ❌https://medium.com/@kumawatabhijeet2002/subdomain-enumeration-bbot-subfinder-sublist3r-assetfinder-amass-e4880cf4ab5b?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, subdomain-takeover, subdomain-enumeration, bug-bounty, bug-bounty-writeup07-Oct-2024
Scanning Kerentanan Website zero.webappsecurity.comhttps://medium.com/@bimosp56/scanning-kerentanan-website-zero-webappsecurity-com-ce1d10f730b7?source=rss------bug_bounty-5Bimo Salasa Putracybersecurity, scanning, bug-bounty, vulnerabili, pentesting07-Oct-2024
Chinese Hackers Breach US Court Wiretap Systemhttps://medium.com/@wiretor/chinese-hackers-breach-us-court-wiretap-system-b7181fbe93b2?source=rss------bug_bounty-5WIRE TORcybersecurity, bug-bounty, hacking, pentesting, xss-attack07-Oct-2024
How a Simple Bug Could Have Taken Down Your Instagram Tagshttps://medium.com/@kiril.krivogyz/how-a-simple-bug-could-have-taken-down-your-instagram-tags-d3247e931c9d?source=rss------bug_bounty-5Kiril Krivogyzbug-bounty, bug-bounty-tips, bug-bounty-writeup, hacking, instagram07-Oct-2024
Accidental Exposure of Private GraphQL Fieldshttps://medium.com/@codingbolt.in/accidental-exposure-of-private-graphql-fields-729b3fb99471?source=rss------bug_bounty-5codingboltapi, bug-bounty, graphql, cybersecurity, api-penetration-testing07-Oct-2024
Exploiting server-side parameter pollution in a REST URLhttps://medium.com/@codingbolt.in/exploiting-server-side-parameter-pollution-in-a-rest-url-2ed599aafdbc?source=rss------bug_bounty-5codingboltcybersecurity, bugs, api-penetration-testing, api-testing, bug-bounty07-Oct-2024
Exploiting a mass assignment vulnerabilityhttps://medium.com/@codingbolt.in/exploiting-a-mass-assignment-vulnerability-07dd9e598302?source=rss------bug_bounty-5codingboltapi-testing, api-penetration-testing, bug-bounty, apihacking, cybersecurity07-Oct-2024
Finding and Exploiting an Unused API Endpointhttps://medium.com/@codingbolt.in/finding-and-exploiting-an-unused-api-endpoint-0a79f47f38f1?source=rss------bug_bounty-5codingboltbugs, cybersecurity, bug-bounty, api-penetration-testing, api-testing07-Oct-2024
Introducing Bug Bounty Program For Thorn Protocolhttps://thornprotocol.medium.com/introducing-bug-bounty-program-for-thorn-protocol-4d7a89d898e0?source=rss------bug_bounty-5Thorn Protocolbug-bounty07-Oct-2024
xmlrpc.php allows SSRF!https://take0verx0.medium.com/xmlrpc-php-allows-ssrf-5357049d43e9?source=rss------bug_bounty-5Shahariar Aminbug-bounty, cybersecurity, bug-bounty-tips07-Oct-2024
cURL for API Testing & Automation: Advanced Commands for Penetration Testers and Developershttps://theshaco.com/curl-for-api-testing-automation-advanced-commands-for-penetration-testers-and-developers-67b2ce7d8f4f?source=rss------bug_bounty-5Khaleel Khanhacking, infosec, kali-linux, cybersecurity, bug-bounty07-Oct-2024
Finding a Hidden GraphQL Endpointhttps://medium.com/@codingbolt.in/finding-a-hidden-graphql-endpoint-56001ab29f85?source=rss------bug_bounty-5codingboltgraphql, api, api-testing, cybersecurity, bug-bounty07-Oct-2024
How I Got my First Bounty €€ ?https://medium.com/@muralidharan1530/how-i-got-my-first-bounty-776e8487f9a0?source=rss------bug_bounty-5Murali Dharanbug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs07-Oct-2024
Finding DOM XSS via File Uploadhttps://medium.com/@0Xdarsh/finding-dom-xss-via-file-upload-2a533a97cfaa?source=rss------bug_bounty-50Xdarshpentesting, web-penetration-testing, bug-hunting, bug-bounty07-Oct-2024
My 2nd bounty : Referer-based access control + Response manipulationhttps://medium.com/@adebayosec/my-2nd-bounty-referer-based-access-control-response-manipulation-2ab7f54d083f?source=rss------bug_bounty-5Toriouspenetration-testing, broken-access-control, hacking, bug-bounty, cybersecurity07-Oct-2024
Bypassing GraphQL brute force protectionshttps://medium.com/@codingbolt.in/bypassing-graphql-brute-force-protections-5cce7b3657c8?source=rss------bug_bounty-5codingboltapi, api-testing, cybersecurity, bug-bounty, graphql07-Oct-2024
First Bug report as a beginner in Bug Bountyhttps://blue3dot.medium.com/first-bug-report-as-a-beginner-in-bug-bounty-367e406cd960?source=rss------bug_bounty-5Manikanta Ginfo-sec-writeups, hackerone, cybersecurity, bug-bounty07-Oct-2024
How I found Cache Deception in a private bug bounty program.https://medium.com/@mos693570/how-i-found-cache-deception-in-a-private-bug-bounty-program-0e3056d15858?source=rss------bug_bounty-5Mo Salahweb-cache-deception, bug-bounty07-Oct-2024
IDOR Attack Slips Through the Cracks: Vulnerability Scanners Miss Critical Security Flaw!https://medium.com/@Aman-Gupta.cse/idor-attack-slips-through-the-cracks-vulnerability-scanners-miss-critical-security-flaw-c0061ea8c122?source=rss------bug_bounty-5Aman Guptabug-bounty, news, idor-vulnerability, cybersecurity, automation07-Oct-2024
tool to generate xss payloads.https://medium.com/h7w/tool-to-generate-xss-payloads-09bf1e519121?source=rss------bug_bounty-5loyalonlytodayhacking, bug-bounty-tips, cybersecurity, bug-bounty, xss-attack07-Oct-2024
5 Most Usefull Programming Language For Hackers | Primary Hacking School #6https://medium.com/@nnface/5-most-usefull-programming-language-for-hackers-primary-hacking-school-6-21b5979f0fe6?source=rss------bug_bounty-5NnFaceprogramming, kali-linux, cybersecurity, bug-bounty, hacking07-Oct-2024
How i get to find no rate limit bug worth $300https://medium.com/@sreejihkn43073/how-i-get-to-find-no-rate-limit-bug-worth-300-5036b0abbc7f?source=rss------bug_bounty-5Sreejihknbugcrowd, cybersecurity, bug-bounty, no-rate-limit, bug-bounty-tips06-Oct-2024
What To Do After Installing Kali #2? | Primary Hacking School #5https://medium.com/@nnface/what-to-do-after-installing-kali-2-primary-hacking-school-5-e9a4a8272dfa?source=rss------bug_bounty-5NnFacecybersecurity, hacking, kali-linux, bug-bounty, linux06-Oct-2024
Enhancing Vulnerability Detection: Leveraging Shodan and ChatGPT for Efficient CIDR Scanninghttps://medium.com/@malzureedi/enhancing-vulnerability-detection-leveraging-shodan-and-chatgpt-for-efficient-cidr-scanning-48970d4b94fa?source=rss------bug_bounty-5Malzureedired-team, bug-bounty-tips, cybersecurity, penetration-testing, bug-bounty06-Oct-2024
Exploiting server-side parameter pollution in a query stringhttps://medium.com/@codingbolt.in/exploiting-server-side-parameter-pollution-in-a-query-string-38768943c6ca?source=rss------bug_bounty-5codingboltbug-bounty-tips, bug-bounty, api-security, cybersecurity, bug-bounty-writeup06-Oct-2024
I Studied 100+ SSRF Reports, and Here’s What I Learnedhttps://infosecwriteups.com/i-studied-100-ssrf-reports-and-heres-what-i-learned-1654c72ee2df?source=rss------bug_bounty-5Aditya Sawantbug-bounty, cybersecurity, penetration-testing, appsec, bug-bounty-tips06-Oct-2024
Exploiting an API endpoint using documentationhttps://medium.com/@codingbolt.in/exploiting-an-api-endpoint-using-documentation-d07d3cedfddc?source=rss------bug_bounty-5codingboltbug-bounty, api-penetration-testing, cybersecurity, bug-bounty-tips, api-testing06-Oct-2024
High-Risk Vulnerabilities in Apache HTTP Server’s mod_proxy Encoding Problem Allow Authentication…https://infosecwriteups.com/high-risk-vulnerabilities-in-apache-http-servers-mod-proxy-encoding-problem-allow-authentication-cbe8d422738d?source=rss------bug_bounty-5Ajay Naikcybersecurity, cyberattack, bug-bounty, vulnerability, bug-bounty-tips06-Oct-2024
Understanding Insecure Design: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-insecure-design-a-critical-vulnerability-in-web-security-1185e989ba0c?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, vulnerability, insecure-design, owasp, hacking06-Oct-2024
How i found the rxss on hackerone vdp program?https://doordiefordream.medium.com/how-i-found-the-rxss-on-hackerone-vdp-program-c14530481c90?source=rss------bug_bounty-5balu bandiethical-hacking, cybersecurity, bug-bounty, xss-attack, bugs06-Oct-2024
How I Secured the Data of 15 Million Consumers: Uncovering Critical Vulnerabilities in Gujarat’s…https://medium.com/@yashprajapati791/how-i-secured-the-data-of-15-million-consumers-uncovering-critical-vulnerabilities-in-gujarats-6dc453323851?source=rss------bug_bounty-5Yash Virendra Prajapatiresponsible-disclosure, bug-bounty, unauthorized-access, trending, ethical-hacking06-Oct-2024
Conditional Error Blind SQLi — Real World vs. Portswigger Labshttps://medium.com/@rodriguezjorgex/conditional-error-blind-sqli-real-world-vs-portswigger-labs-75d8eaee8c13?source=rss------bug_bounty-5Rodriguezjorgexsql-injection, bug-bounty, hacking06-Oct-2024
Race Condition , Allows creation of unlimited projects, bypassing free-tier limits.https://dark0x.medium.com/race-condition-allows-creation-of-unlimited-projects-bypassing-free-tier-limits-109dd91c6783?source=rss------bug_bounty-5Mahmoud Hatem (0xDark)sybersecurity, bugs, bug-bounty, hacking, bug-bounty-writeup06-Oct-2024
Network Penetration Testing: A Comprehensive Guide to Securing Your Infrastructurehttps://systemweakness.com/network-penetration-testing-a-comprehensive-guide-to-securing-your-infrastructure-64ce44712dd2?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, technology, bug-bounty, hacking, careers06-Oct-2024
Why I Quit Bug Bounty Hunting 🙁https://infosecwriteups.com/why-i-quit-bug-bounty-hunting-95e81c907a6f?source=rss------bug_bounty-5Satyam Pathaniabug-bounty, technology, hacking, cybersecurity, information-technology06-Oct-2024
Critical Vulnerabilities in porte_plume plugin to Remote Exploits -$$$$ Bounty -CVE-2024–7954https://infosecwriteups.com/critical-vulnerabilities-in-porte-plume-plugin-to-remote-exploits-bounty-cve-2024-7954-3dbee45134ac?source=rss------bug_bounty-5Ajay Naikbug-bounty, rewards, information-security, cybersecurity, penetration-testing06-Oct-2024
Finding a easy bug in profile picture field.https://infosecwriteups.com/finding-a-easy-bug-in-profile-picture-field-a9b5f853a5bf?source=rss------bug_bounty-5loyalonlytodaycybersecurity, bug-bounty, bug-bounty-tips, hacking, penetration-testing06-Oct-2024
Unrestricted File Upload in AWS S3 Buckethttps://infosecwriteups.com/unrestricted-file-upload-in-aws-s3-bucket-2a764a3965f4?source=rss------bug_bounty-5mo9khu93rpentesting, aws, bug-bounty, hacking, cybersecurity06-Oct-2024
Understanding XSS Vulnerability For Beginners: A Deep Dive into Web Security Riskshttps://medium.com/@error.not.known.404/understanding-xss-vulnerability-a-deep-dive-into-web-security-risks-189276a2d695?source=rss------bug_bounty-5Errorhacking, bug-bounty, ethical-hacking, security, bug-bounty-tips06-Oct-2024
Write-Up — Telegram Anonymous Chat Hack Bothttps://medium.com/@EroHac