Security Cipher
Additional Resources
Compilation of Resources Featuring Daily Bug Bounty Writeups
xss
sql injection
xxe
bug-bounty
recon
wordpress
ai
red-team
ctf
graphql
Lab
Title | Link | Author | Tags | Publication date |
---|---|---|---|---|
Same Username, Different Letters? Account Creation with Lookalike Usernames | https://strangerwhite.medium.com/same-username-different-letters-account-creation-with-lookalike-usernames-e370b2a7d5e3?source=rss------bug_bounty-5 | StrangeRwhite | bug-bounty-tips, bug-bounty, bug-bounty-writeup, hacking, writeup | 18-May-2025 |
Meta BBP — Stored XSS at Meta Careers | https://almuntadhar.medium.com/meta-bbp-stored-xss-at-meta-careers-c0bf074bddfa?source=rss------bug_bounty-5 | Muntadhar M. Ahmed | cybersecurity, security, bug-bounty, meta-bug-bounty, web-vulnerabilities | 18-May-2025 |
The Most Dangerous Bug I’ve Ever Found (And No One Was Looking) | https://infosecwriteups.com/the-most-dangerous-bug-ive-ever-found-and-no-one-was-looking-2e96e5079a01?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, infosec, cybersecurity, hacking, ai | 18-May-2025 |
How I Found a P1 Vulnerability That Allowed Full Account Takeover | https://medium.com/@hacker_space11/how-i-found-a-p1-vulnerability-that-allowed-full-account-takeover-e959fce8d882?source=rss------bug_bounty-5 | hacker_space11 | bug-bounty, bug-bounty-tips | 18-May-2025 |
️♂️Recon For New Bug bounty Hunters — Short Story | https://medium.com/@sudarshan.defcon/%EF%B8%8F-%EF%B8%8Frecon-for-new-bug-bounty-hunters-short-story-4f862a333e6d?source=rss------bug_bounty-5 | Sudarshan Patel | reconnaissance, bug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty | 18-May-2025 |
Quantifying Cyber Risk: Moving Beyond Heat Maps to Dollar Values | https://medium.com/@paritoshblogs/quantifying-cyber-risk-moving-beyond-heat-maps-to-dollar-values-b4ec44d92b1c?source=rss------bug_bounty-5 | Paritosh | bug-bounty, hacking, cybersecurity, information-security, information-technology | 18-May-2025 |
Redirect Roulette: How Poor OAuth Redirect Handling Gave Me Account Takeover | https://infosecwriteups.com/redirect-roulette-how-poor-oauth-redirect-handling-gave-me-account-takeover-8c21ca809e3a?source=rss------bug_bounty-5 | Iski | infosec, bug-bounty, hacking, money, cybersecurity | 18-May-2025 |
$200 Bounty: Sensitive information disclosure | https://medium.com/meetcyber/200-bounty-sensitive-information-disclosure-791799adb57b?source=rss------bug_bounty-5 | Monika sharma | bug-bounty, technology, hacking, cybersecurity, report | 18-May-2025 |
I Found more then 10+ bug in single program: A Warning to Fellow Bug Hunters | https://medium.com/@ravindrajatav0709/i-found-more-then-10-bug-in-single-program-a-warning-to-fellow-bug-hunters-7bc95b8ea860?source=rss------bug_bounty-5 | Ravindrajatav | bug-zero, cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 18-May-2025 |
How I Discovered Sensitive Data & Directory Exposure on an Indian Government Medical Institute… | https://medium.com/@adithyadhi007/how-i-discovered-sensitive-data-directory-exposure-on-an-indian-government-medical-institute-0d2fbbc5042e?source=rss------bug_bounty-5 | Adithya Raj | bug-bounty, cybersecurity, bugbounty-writeup | 18-May-2025 |
OWASP Pentest Series (2/12) | https://medium.com/@thezeeshankhan/owasp-pentest-series-2-12-cbbcb32f23ab?source=rss------bug_bounty-5 | TheZeeshanKhan | bug-bounty, penetration-testing, security | 18-May-2025 |
DOM XSS Exploitation via postMessage in an iframe | https://osintteam.blog/dom-xss-exploitation-via-postmessage-in-an-iframe-d50df8feac5b?source=rss------bug_bounty-5 | Bash Overflow | dom-xss-exploitation, postmessage-dom-xss, bug-bounty-tips, iframe-xss, bug-bounty | 18-May-2025 |
0 to First Bug: What I’d Do Differently If I Started Bug Bounty Today | https://infosecwriteups.com/0-to-first-bug-what-id-do-differently-if-i-started-bug-bounty-today-126494ba7e52?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, ai, cybersecurity, infosec, hacking | 17-May-2025 |
The Role of AI in Next-Gen Vulnerability Management | https://medium.com/@paritoshblogs/the-role-of-ai-in-next-gen-vulnerability-management-f2988ace3de5?source=rss------bug_bounty-5 | Paritosh | bug-bounty, vulnerability, hacking, cybersecurity, vulnerability-management | 17-May-2025 |
Hacking My Car, and probably yours— Security Flaws in Volkswagen’s App | https://loopsec.medium.com/hacking-my-car-and-probably-yours-security-flaws-in-volkswagens-app-24b34c47ba89?source=rss------bug_bounty-5 | LoopSec | vulnerability, ios, cybersecurity, bug-bounty, ethical-hacking | 17-May-2025 |
Reverse Engineering for Beginner | https://medium.com/@anandrishav2228/reverse-engineering-for-beginner-0bf9b20542f7?source=rss------bug_bounty-5 | Rishav anand | bug-bounty, hacking, reverse-engineering, beginner, cybersecurity | 17-May-2025 |
This One Tool Changed My Hacking Workflow: Meet Proxify | https://chintalatarakaram.medium.com/the-secret-weapon-of-ethical-hackers-mastering-proxify-e42d2f3ba0ca?source=rss------bug_bounty-5 | Chintala Taraka Ram | bug-bounty, writing, tools, https-proxy, hacking | 17-May-2025 |
From IDOR to Admin Door: The Bug That Opened Everything | https://medium.com/@dineshnarasimhan27/from-idor-to-admin-door-the-bug-that-opened-everything-9479b4185c05?source=rss------bug_bounty-5 | Dinesh Narasimhan | bug-bounty-tips, cybersecurity, bugbounty-writeup, bug-bounty, hacking | 17-May-2025 |
TryHackMe Light: Full Walkthrough & SQL Injection Exploit | https://medium.com/@aawart2005/tryhackme-light-full-walkthrough-sql-injection-exploit-1e25db316905?source=rss------bug_bounty-5 | Aawart | tryhackme, thm, sqlite, thm-writeup, bug-bounty | 17-May-2025 |
VAPT vs Bug Bounty: The Security Showdown Your Organization Needs to Know About | https://rootissh.in/vapt-vs-bug-bounty-the-security-showdown-your-organization-needs-to-know-about-fb555be0083f?source=rss------bug_bounty-5 | Atharva Deshmukh | cybersecurity, bug-bounty, pentesting, cybercrime, security | 17-May-2025 |
My First Bug Bounty: How I Earned $1,000 | https://medium.com/@kailasv678/my-first-bug-bounty-how-i-earned-1-000-4ae2bf36039d?source=rss------bug_bounty-5 | Kailasv | bug-bounty-writeup, cybersecurity, hacking, hackerone, bug-bounty | 17-May-2025 |
PDTM(Project Discovery Tool Manager) | https://medium.com/@aysbnd00/pdtm-project-discovery-tool-manager-770802ad0ce2?source=rss------bug_bounty-5 | icybnd | penetration-testing, enumeration, bug-bounty, vulnerability-scanning | 17-May-2025 |
How I Found the Most Weird Bug in the Bug Bounty Field — Is It Really Worth It… | https://medium.com/@mahdisalhi0500/how-i-found-the-most-weird-bug-in-the-bug-bounty-field-is-it-really-worth-it-d4b60c0352a8?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | cybersecurity, penetration-testing, information-security, bug-bounty, hacking | 17-May-2025 |
Wide Recon | https://medium.com/@rthunt3r/wide-recon-15ead790196f?source=rss------bug_bounty-5 | R T Hunter | hacker, red-teaming, bug-bounty, cybersecurity, bug-bounty-tips | 17-May-2025 |
$10,500 Bounty: A Grammarly Account Takeover Vector | https://infosecwriteups.com/10-500-bounty-a-grammarly-account-takeover-vector-974ef90fb00a?source=rss------bug_bounty-5 | Monika sharma | bug-bounty-tips, cybersecurity, technology, report, bug-bounty | 17-May-2025 |
$500 Bounty: A Referer Leak in Brave’s Private Tor Window | https://infosecwriteups.com/500-bounty-a-referer-leak-in-braves-private-tor-window-ee0c846203b5?source=rss------bug_bounty-5 | Monika sharma | technology, bug-bounty, cybersecurity, hacking, penetration-testing | 17-May-2025 |
Mastering Microservices: The Ultimate Guide | https://medium.com/@zoningxtr/mastering-microservices-the-ultimate-guide-2537811bb9d3?source=rss------bug_bounty-5 | Zoningxtr | microservices, web-development, penetration-testing, cybersecurity, bug-bounty | 17-May-2025 |
How I Found Stored HTML Injection in the Invite User Feature and Earned $300 | https://cybersecuritywriteups.com/how-i-found-stored-html-injection-in-the-invite-user-feature-and-earned-300-3f0d106a7960?source=rss------bug_bounty-5 | Whitehat | cybersecurity, hacking, bug-bounty-tips, bug-bounty, bugbounty-writeup | 17-May-2025 |
How I Took Admin Account via JWT Bypass | https://medium.com/@dharaniswaran.cs22/how-i-took-admin-account-via-jwt-bypass-5bed37a8e7ac?source=rss------bug_bounty-5 | Dharanis | vapt, json, vulnerability, bug-bounty, jwt-token | 17-May-2025 |
Token of Misfortune: How a Refresh Token Leak Let Me Regenerate Unlimited Sessions | https://infosecwriteups.com/token-of-misfortune-how-a-refresh-token-leak-let-me-regenerate-unlimited-sessions-bb6693751c85?source=rss------bug_bounty-5 | Iski | money, cybersecurity, bug-bounty, hacking, infosec | 17-May-2025 |
How I Discovered Critical Secrets in Docker Images by Scanning Every Tag and Architecture | https://medium.com/@Ghaazy/how-i-discovered-critical-secrets-in-docker-images-by-scanning-every-tag-and-architecture-3edbc10db0c1?source=rss------bug_bounty-5 | Ahmed Ghazy | cybersecurity, infosec, bug-bounty | 17-May-2025 |
Easy Bug That Falls Between P5 and P3: Find Broken Access Control & IDOR Using AutoReisze in Burp… | https://medium.com/@ahmedashrafshora/easy-bug-that-falls-between-p5-and-p3-find-broken-access-control-idor-using-autoreisze-in-burp-6f427852a788?source=rss------bug_bounty-5 | Ahmed Ashraf Shora | web-penetration-testing, bug-bounty, cybersecurity, autorize, hacking | 17-May-2025 |
Sharpening Command Injections to get Full RCE | https://infosecwriteups.com/sharpening-command-injections-to-get-full-rce-e4cf257d2c66?source=rss------bug_bounty-5 | Mostafa Alrefai | hacking, rce, cybersecurity, pentesting, bug-bounty | 17-May-2025 |
Bug Bounty desde Cero: De la Curiosidad al Primer Hallazgo | https://medium.com/@bertolanicami/bug-bounty-desde-cero-de-la-curiosidad-al-primer-hallazgo-6642e3944764?source=rss------bug_bounty-5 | Cami Bertolani | bug-bounty, hacking, bug-bounty-tips, cybersecurity, vulnerability | 17-May-2025 |
From 0 to $$$: Finding Rate Limit Bypasses Like a Pro | https://infosecwriteups.com/from-0-to-finding-rate-limit-bypasses-like-a-pro-6baf92b6acad?source=rss------bug_bounty-5 | BugBounty University | bug-bounty-tips, infosec, penetration-testing, cybersecurity, bug-bounty | 16-May-2025 |
Part-2️♂️Bug Bounty Secrets They Don’t Tell You: Tricks From 100+ Reported Bugs | https://infosecwriteups.com/part-2-%EF%B8%8F-%EF%B8%8Fbug-bounty-secrets-they-dont-tell-you-tricks-from-100-reported-bugs-46429520beb3?source=rss------bug_bounty-5 | Abhijeet Kumawat | infosec, cybersecurity, hacking, secrets, bug-bounty | 16-May-2025 |
Bug Bounty Burnout: When Serious Bugs Get Dismissed | https://medium.com/@vivekps143/bug-bounty-burnout-when-serious-bugs-get-dismissed-f22cf0f0f293?source=rss------bug_bounty-5 | Vivek PS | hacking, web-development, bug-bounty, programming, burnout | 16-May-2025 |
Port- 139,445 SMB Exploitation (Series:1/ [article:2]) | https://infosecwriteups.com/port-139-445-smb-exploitation-series-1-article-2-6769570eb0ef?source=rss------bug_bounty-5 | Mr Horbio | ethical-hacking, hacking, bug-bounty, penetration-testing, cybersecurity | 16-May-2025 |
$750 Bounty: From X-Forwarded-Host to Stored DOM XSS | https://osintteam.blog/750-bounty-from-x-forwarded-host-to-stored-dom-xss-de0785adfe05?source=rss------bug_bounty-5 | Monika sharma | penetration-testing, bug-bounty, hacking, cybersecurity, technology | 16-May-2025 |
️♂️ From Recon to Report: How I Approach Every Bug Bounty Target | https://osintteam.blog/%EF%B8%8F-%EF%B8%8F-from-recon-to-report-how-i-approach-every-bug-bounty-target-2663163148d5?source=rss------bug_bounty-5 | Vipul Sonule | osint, bug-bounty, cybersecurity, hacking, tech | 16-May-2025 |
How to escalate a SQL injection if there is a strict WAF? | https://medium.com/@bug_vs_me/how-to-escalate-a-sql-injection-if-there-is-a-strict-waf-2a7798bb769e?source=rss------bug_bounty-5 | Deepak | bug-bounty, waf-bypass, hacking, sql-injection, sql | 16-May-2025 |
$500 Bounty: Race Condition in Hacker101 CTF Group Join | https://infosecwriteups.com/500-bounty-race-condition-in-hacker101-ctf-group-join-d7e84651bc5f?source=rss------bug_bounty-5 | Monika sharma | report, technology, bug-bounty, penetration-testing, hacking | 16-May-2025 |
How a Simple Logic Flaw Led to a $3,250 Bounty | https://infosecwriteups.com/how-a-simple-logic-flaw-led-to-a-3-250-bounty-476d747bf57a?source=rss------bug_bounty-5 | Monika sharma | report, technology, cybersecurity, bug-bounty, penetration-testing | 16-May-2025 |
Race Condition Seru: Ngebobol Limit Cuma Modal Request Paralel | https://medium.com/@FufuFaf1/race-condition-seru-ngebobol-limit-cuma-modal-request-paralel-44f1da33e4fb?source=rss------bug_bounty-5 | FufuFafa | cybersecurity, bug-bounty-tips, hacking, bug-bounty-writeup, bug-bounty | 16-May-2025 |
Caching Trouble: The Public Cache That Leaked Private User Data | https://infosecwriteups.com/caching-trouble-the-public-cache-that-leaked-private-user-data-0d410af5cb4c?source=rss------bug_bounty-5 | Iski | cybersecurity, bug-bounty, infosec, hacking, money | 16-May-2025 |
From Guest to Admin: Chaining Pre-Account Takeover with Privilege Escalation | https://medium.com/@kroush333/from-guest-to-admin-chaining-pre-account-takeover-with-privilege-escalation-fe970e80cd25?source=rss------bug_bounty-5 | MahmoudKroush | bug-bounty, bug-bounty-tips, cybersecurity | 16-May-2025 |
Privilege Escalation via Response Manipulation | https://mrshan.medium.com/privilege-escalation-via-response-manipulation-efe66697bc98?source=rss------bug_bounty-5 | MR SHAN | bug-bounty-tips, response-manipulation, burpsuite, cybersecurity, bug-bounty | 16-May-2025 |
FullMounty (Easy) PwnTillDawn Walkthrough. | https://medium.com/@3L4CKCYBR/badger-easy-pwntilldawn-walkthrough-50670472cc33?source=rss------bug_bounty-5 | 3L4CKCYBR_ | technology, privilege-escalation, bug-bounty, cybersecurity, pwntilldawn | 16-May-2025 |
PII Leak via Email | https://medium.com/@hossam_hamada/pii-leak-via-email-3ff4eb5199d9?source=rss------bug_bounty-5 | Hossam Hamada | bug-bounty, bugbounty-tips, bugcrowd, hackerone, bugbounty-writeup | 16-May-2025 |
CTF | Brute Force Login Cuma Modal Terminal Gak Perlu UI! | https://inrexna.medium.com/ctf-brute-force-login-cuma-modal-terminal-gak-perlu-ui-ddd455c4bf66?source=rss------bug_bounty-5 | InREXnA | ethical-hacking, bug-bounty, cybersecurity, penetration-testing, ctf-writeup | 16-May-2025 |
How I almost made $1000 from XSS bypass attribute | https://medium.com/@0xRedFox29/how-i-almost-made-1000-from-xss-bypass-attribute-77d68f0bc33c?source=rss------bug_bounty-5 | kunx90 | bug-bounty-tips, cybersecurity, bug-bounty-writeup, bug-bounty, red-team-security | 16-May-2025 |
2fa, OTP bypass checklists 2025 | https://medium.com/@mohaned0101/2fa-otp-bypass-checklists-2025-4d45f92dbdaa?source=rss------bug_bounty-5 | mohaned alkhlot | otp-verification, 2fa-bypass, bug-bounty-tips, 2fa, bug-bounty | 16-May-2025 |
Open Redirect via Base64-Encoded state Parameter in OAuth Flow (returnTo field) | https://medium.com/@husseinelturkey/open-redirect-via-base64-encoded-state-parameter-in-oauth-flow-returnto-field-42a0319ef296?source=rss------bug_bounty-5 | Hussein Elturkey | bug-bounty-writeup, duplicate, open-redirect, bugcrowd, bug-bounty | 16-May-2025 |
Reflexiones sobre la creación de comunidades: El caso Bug Bounty Argentina y su réplica | https://medium.com/@yenoyow561/reflexiones-sobre-la-creaci%C3%B3n-de-comunidades-el-caso-bug-bounty-argentina-y-su-r%C3%A9plica-f7a6cf3c9cf1?source=rss------bug_bounty-5 | KRAQEN | cybersecurity, inclusion, plágio, ethical-hacking, bug-bounty | 16-May-2025 |
How I almost made $1000 from XSS bypass attribute | https://medium.com/@0xRedFox29/how-i-almost-made-1000-from-xss-bypass-attribute-77d68f0bc33c?source=rss------bug_bounty-5 | 0xRedFox29 | bug-bounty-tips, cybersecurity, bug-bounty-writeup, bug-bounty, red-team-security | 16-May-2025 |
☕Best Tool for Analyzing Java Files (90% of Hackers Don’t Know This) | https://infosecwriteups.com/best-tool-for-analyzing-java-files-90-of-hackers-dont-know-this-07a57d1477f9?source=rss------bug_bounty-5 | Abhijeet Kumawat | java, bug-bounty, infosec, hacking, cybersecurity | 15-May-2025 |
Hacking With No Tools: How to Break Web Apps Using Just Your Browser ️♂️ | https://infosecwriteups.com/hacking-with-no-tools-how-to-break-web-apps-using-just-your-browser-%EF%B8%8F-%EF%B8%8F-255861d3f623?source=rss------bug_bounty-5 | Vipul Sonule | infosec, hacking, cybersecurity, bug-bounty, tech | 15-May-2025 |
$3,000 Bounty: RCE in Burp Suite via Clickjacking | https://infosecwriteups.com/3-000-bounty-rce-in-burp-suite-via-clickjacking-3a3bac7cf431?source=rss------bug_bounty-5 | Monika sharma | bug-bounty, hacking, penetration-testing, cybersecurity, technology | 15-May-2025 |
Blog Title: Not Your File: How Misconfigured MIME Types Let Me Upload Evil Scripts | https://infosecwriteups.com/blog-title-not-your-file-how-misconfigured-mime-types-let-me-upload-evil-scripts-889efb18a7ce?source=rss------bug_bounty-5 | Iski | hacking, infosec, money, bug-bounty, cybersecurity | 15-May-2025 |
Bypassing OTP Verification via Response Manipulation: A Silent Threat | https://frostyxsec.medium.com/bypassing-otp-verification-via-response-manipulation-a-silent-threat-006dc2b6fa13?source=rss------bug_bounty-5 | Frostynxth | bug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 15-May-2025 |
CHAINING THE SCOPE | https://sijojohnson.medium.com/chaining-the-scope-0f6fcb9e7cf4?source=rss------bug_bounty-5 | Sijo Johnson | sensitive-data-exposure, easy-pii-leak, pii-data, wedohacks, bug-bounty | 15-May-2025 |
QA Mindset Shift: From Bug Hunters to User Whisperers | https://medium.com/@ivan.boklach/qa-mindset-shift-from-bug-hunters-to-user-whisperers-7e9dccff0fc4?source=rss------bug_bounty-5 | Ivan Boklach | bug-bounty, bugs, qa | 15-May-2025 |
Top Tools That Helped Me Earn $500 in 30 Days | https://infosecwriteups.com/top-tools-that-helped-me-earn-500-in-30-days-00123f09cd7a?source=rss------bug_bounty-5 | It4chis3c | bug-bounty, recon, secrets, hacking, information-security | 15-May-2025 |
The Gray Code: When Hackers Wrestle With Their Shadows | https://medium.com/meetcyber/the-gray-code-when-hackers-wrestle-with-their-shadows-0a2cb5b66e21?source=rss------bug_bounty-5 | Ahmad Javed | hacker, hacking, bug-bounty, cybersecurity, ethical-hacking | 15-May-2025 |
GitHub Dorking Brought Us the Bounty | https://medium.com/@nocley/github-dorking-brought-us-the-bounty-cd1c4675371e?source=rss------bug_bounty-5 | nocley | intigriti, bugbounty-tips, hacking, bug-bounty, bugbounty-writeup | 15-May-2025 |
Introducing SecureCrawl: The Intelligent Web Security Crawler | https://medium.com/@N0aziXss/introducing-securecrawl-the-intelligent-web-security-crawler-d258ec05edb8?source=rss------bug_bounty-5 | N0aziXss | ethical-hacking, cybersecurity, bug-bounty, python, web-security | 15-May-2025 |
Cybersecurity Training: Real-World Code Review Challenges on CodeVulnHunt | https://medium.com/@mithun_/cybersecurity-training-real-world-code-review-challenges-on-codevulnhunt-70a0a36e50bf?source=rss------bug_bounty-5 | Mithun | source-code, ctf, cybersecurity, infosec, bug-bounty | 15-May-2025 |
How Attackers Use Google Dorks to Discover Your Exposed Assets | https://medium.com/@tejprakashbk1996/how-attackers-use-google-dorks-to-discover-your-exposed-assets-026f367c21e4?source=rss------bug_bounty-5 | Tejprakash | google-dork, security, google-search, reconnaissance, bug-bounty | 15-May-2025 |
NoSQL Injection Detection — A hands-on Exploitation Walkthrough | https://infosecwriteups.com/nosql-injection-detection-a-hands-on-exploitation-walkthrough-03aaa19dab70?source=rss------bug_bounty-5 | Aditya Bhatt | nosql-injection, nosql, sql-injection, cybersecurity, bug-bounty | 15-May-2025 |
The “Unlimited Leave” Hack I Found at My College | https://medium.com/@swarnimbandekar/the-unlimited-leave-hack-i-found-at-my-college-4c772df5f8e4?source=rss------bug_bounty-5 | Swarnim Bandekar | ethical-hacking, bug-bounty, bug-bounty-tips, hacking, penetration-testing | 15-May-2025 |
Exploring GoBuster: A Powerful Tool For Directory and File Discovery | https://medium.com/@natarajanck2/exploring-gobuster-a-powerful-tool-for-directory-and-file-discovery-0009c500e158?source=rss------bug_bounty-5 | Natarajan C K | bug-bounty, gobuster, security, browsers, violation | 15-May-2025 |
Mi Carta de reconocimiento por la NASA: lo que no se ve detrás del logro | https://medium.com/@juanfelipeoz.rar/mi-carta-de-reconocimiento-por-la-nasa-lo-que-no-se-ve-detr%C3%A1s-del-logro-59c6cb59671c?source=rss------bug_bounty-5 | Juan Felipe Osorio Z | seguridad-informatica, ciberseguridad, hacking, bug-bounty, nasa | 15-May-2025 |
CVE-2025-4455: Local Privilege Escalation in Patch My PC Home Updater | https://sneharghya.medium.com/cve-2025-4455-local-privilege-escalation-in-patch-my-pc-home-updater-58f2c2041b46?source=rss------bug_bounty-5 | Sneharghya Roy | dll-hijacking, bug-bounty, cybersecurity | 15-May-2025 |
403 Bypass Techniques for Bug Bounty | https://medium.com/@silverxcyber/403-bypass-techniques-for-bug-bounty-dcd449733bec?source=rss------bug_bounty-5 | SilverXCyber | 403bypass, bug-bounty, 403-forbidden, bug-bounty-hunter, bug-bounty-writeup | 15-May-2025 |
Escalando Privilégios com a Determinação de um Shih Tzu | https://medium.com/@correa-sergio/escalando-privil%C3%A9gios-com-a-determina%C3%A7%C3%A3o-de-um-shih-tzu-9df40e8a482c?source=rss------bug_bounty-5 | Sérgio Corrêa | cybersecurity, ctf, segurança-da-informação, pentest, bug-bounty | 15-May-2025 |
What crime did humans commit to attract the punishment of bedbugs! | https://medium.com/@Purpledot_/what-crime-did-humans-commit-to-attract-the-punishment-of-bedbugs-5e77ee08aa6c?source=rss------bug_bounty-5 | Confidence | medium, problems, helping-others, bug-bounty, solutions | 15-May-2025 |
My First Year in Bug Bounty $$$ | https://infosecwriteups.com/my-first-year-in-bug-bounty-9c87e0b68ac4?source=rss------bug_bounty-5 | RivuDon | bug-bounty-writeup, bug-hunter, bug-bounty-tips, bug-bounty, bug-hunting | 14-May-2025 |
JWT Exploitation: How I Forged Tokens and Took Over Accounts | https://infosecwriteups.com/jwt-exploitation-how-i-forged-tokens-and-took-over-accounts-2e7ab1cf4df8?source=rss------bug_bounty-5 | Abhijeet Kumawat | infosec, bug-bounty, hacking, jwt, cybersecurity | 14-May-2025 |
Title: Filter Failure: From HTML Injection to Full-Blown XSS via Rich Text Editors | https://infosecwriteups.com/title-filter-failure-from-html-injection-to-full-blown-xss-via-rich-text-editors-af6809e248b4?source=rss------bug_bounty-5 | Iski | bug-bounty, money, cybersecurity, hacking, infosec | 14-May-2025 |
Ethical Hacking Guide: Penetration Testing Apache Tomcat (2025 Edition) | https://medium.com/@verylazytech/ethical-hacking-guide-penetration-testing-apache-tomcat-2025-edition-01dc367f070c?source=rss------bug_bounty-5 | Very Lazy Tech | penetration-testing, apache, tomcat, ethical-hacking, bug-bounty | 14-May-2025 |
IDOR: When One Tiny Change Exposes Everything | https://medium.com/@sachinpv2004/idor-when-one-tiny-change-exposes-everything-c54b6750d2fd?source=rss------bug_bounty-5 | SACHIN PV | pentesting, idor, bug-bounty, vulnerability, owasp | 14-May-2025 |
Ditch the Patchwork of Breach-Alert Tools: Monitor Every Credential Leak from One Place with… | https://medium.com/@alexandrevandammepro/ditch-the-patchwork-of-breach-alert-tools-monitor-every-credential-leak-from-one-place-with-0b7f6225ecf8?source=rss------bug_bounty-5 | Alexandre Vandamme | cyberattack, bug-bounty-tips, technology, bug-bounty, cybersecurity | 14-May-2025 |
About Me | https://0xsakibkhan.medium.com/about-me-673842903ff2?source=rss------bug_bounty-5 | Muhammad Shakib | hacking-tools, bug-bounty, ethical-hacking, red-team-tools, pentesting | 14-May-2025 |
End Recon Tool Overload: Centralise Enumeration & Scanning with SubDomainRadar.io | https://medium.com/@alexandrevandammepro/end-recon-tool-overload-centralise-enumeration-scanning-with-subdomainradar-io-ae387d97cc6c?source=rss------bug_bounty-5 | Alexandre Vandamme | hacking, bug-bounty, technology, cybersecurity, bug-bounty-tips | 14-May-2025 |
CTF Day(1) | https://medium.com/@ahmednarmer1/ctf-day-1-c213568b8321?source=rss------bug_bounty-5 | Ahmed Narmer | cybersecurity, bug-bounty, ctf, web-penetration-testing | 14-May-2025 |
Breaking In Through the Backdoor: Password Reset Gone Wrong | https://infosecwriteups.com/breaking-in-through-the-backdoor-password-reset-gone-wrong-6e5243c16a19?source=rss------bug_bounty-5 | Ehtesham Ul Haq | infosec, penetration-testing, bug-bounty, writeup, passwords | 14-May-2025 |
How Inconsistent Input Handling and Poor Email Validation Can Lead to Admin Access | https://infosecwriteups.com/how-inconsistent-input-handling-and-poor-email-validation-can-lead-to-admin-access-b64b25413b82?source=rss------bug_bounty-5 | Bash Overflow | bug-bounty, bypass-email-registration, bug-bounty-tips, lack-of-email-validation, email-logic-flaws | 14-May-2025 |
HackerNote(Medium)TryHackMe Walkthrough | https://medium.com/@blackcyb3r29/hackernote-medium-tryhackme-walkthrough-41a7080c5046?source=rss------bug_bounty-5 | 3L4CKCYBR_ | tryhackme, cybersecurity, bug-bounty, ctf-writeup, technology | 14-May-2025 |
The Crypto Wallet Vulnerability That Went Undetected for Over Six Years | https://medium.com/@john-s4d/the-crypto-wallet-vulnerability-that-went-undetected-for-over-six-years-36cd52cb600c?source=rss------bug_bounty-5 | John Sessford | crypto, solana-network, bug-bounty, cryptocurrency, cybersecurity | 14-May-2025 |
CTF Day(2) | https://medium.com/@ahmednarmer1/ctf-day-2-f405f7d0449d?source=rss------bug_bounty-5 | Ahmed Narmer | bug-bounty, ctf, cybersecurity, web-penetration-testing | 14-May-2025 |
Publishing your story with allbyhunter | https://allbyhunter.com/publishing-your-story-with-allbyhunter-a121696ff60d?source=rss------bug_bounty-5 | kerstan | startup, hacking, bug-bounty, prgramming, coding | 14-May-2025 |
$800 Bounty — Web Cache Deception in Shopify | https://medium.com/meetcyber/800-bounty-web-cache-deception-in-shopify-c8507c2d99e5?source=rss------bug_bounty-5 | Monika sharma | bug-bounty, bug-bounty-tips, technology, cybersecurity, penetration-testing | 14-May-2025 |
Bug Bounty Tips: From Zero to First Payout | https://medium.com/@appsecwarrior/bug-bounty-tips-from-zero-to-first-payout-6bd8c9df0c48?source=rss------bug_bounty-5 | appsecwarrior | security, bug-bounty, bug-bounty-tips, bug-bounty-writeup, penetration-testing | 14-May-2025 |
Ethical Hacking Learning Path | https://0xben.medium.com/ethical-hacking-learning-path-and-roadmap-5e3252f7c9de?source=rss------bug_bounty-5 | 0xBEN | ctf, bug-bounty, ethical-hacking, learning-path, penetration-testing | 14-May-2025 |
Breaking the Rules: Deleting Confirmed Organizations Through a Backend Flaw | https://medium.com/@cyberpro151/breaking-the-rules-deleting-confirmed-organizations-through-a-backend-flaw-525dc867841c?source=rss------bug_bounty-5 | cyberpro151 | cybersecurity, bug-bounty, penetration-testing, ethical-hacking, bug-bounty-tips | 14-May-2025 |
Researcher Yuvi — My Cybersecurity Journey at 16 | https://medium.com/@codewithyuvi/researcher-yuvi-my-cybersecurity-journey-at-16-e3dde09fba78?source=rss------bug_bounty-5 | Yuvraj Gupta | hall-of-fame, researcher-yuvi, ethical-hacking, bug-bounty, cybersecurity | 13-May-2025 |
Bypassing CSRF Protections | https://medium.com/@itamar.yochpaz/bypassing-csrf-protections-7db64f26b9e5?source=rss------bug_bounty-5 | Itamar Yochpaz | hacking, cybersecurity, application-security, bug-bounty, penetration-testing | 13-May-2025 |
$256 Bounty : XSS via Web Cache Poisoning in Discourse | https://infosecwriteups.com/256-bounty-xss-via-web-cache-poisoning-in-discourse-594d5961555e?source=rss------bug_bounty-5 | Monika sharma | bug-bounty, cybersecurity, penetration-testing, technology, hacking | 13-May-2025 |
How Hackers Bypass Login Pages with SQL, Logic Flaws, and Headers | https://infosecwriteups.com/how-hackers-bypass-login-pages-with-sql-logic-flaws-and-headers-567a5649e701?source=rss------bug_bounty-5 | Vipul Sonule | bug-bounty, cybersecurity, infosec, programming, hacking | 13-May-2025 |
Forget Me Not: How Broken Logout Functionality Let Me Ride Sessions Forever | https://infosecwriteups.com/forget-me-not-how-broken-logout-functionality-let-me-ride-sessions-forever-3435e6d98845?source=rss------bug_bounty-5 | Iski | cybersecurity, infosec, hacking, money, bug-bounty | 13-May-2025 |
The $1,000 Recon Trick: One Command That Changed My Hunting Game | https://infosecwriteups.com/the-1-000-recon-trick-one-command-that-changed-my-hunting-game-58527a7f6d7c?source=rss------bug_bounty-5 | Abhijeet Kumawat | tricks, hacking, vulnerability, recon, bug-bounty | 13-May-2025 |
Inside the Shadows: Why HTTP Smuggling Still Breaks the Web | https://medium.com/@es0557533/inside-the-shadows-why-http-smuggling-still-breaks-the-web-c81c69577fdd?source=rss------bug_bounty-5 | Isv | cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-writeup, https | 13-May-2025 |
The Human Firewall: Why Your Employees Are Both Your Greatest Vulnerability and Asset | https://infosecwriteups.com/the-human-firewall-why-your-employees-are-both-your-greatest-vulnerability-and-asset-76a93b879bae?source=rss------bug_bounty-5 | Paritosh | hacking, bug-bounty, firewall, cybersecurity, networking | 13-May-2025 |
Meet URLShort: The Ultimate URL Shortener, Fuzzer & Payload Injector for Bug Bounty Hunters &… | https://neerajsah.medium.com/meet-urlshort-the-ultimate-url-shortener-fuzzer-payload-injector-for-bug-bounty-hunters-9c631e83d492?source=rss------bug_bounty-5 | Neeraj Sah | bug-bounty, fuzzing, pentesting, hacking-tools, url-shorteners | 13-May-2025 |
Exploiting File Upload Vulnerabilities: What, Why & How | https://medium.com/@sachinpv2004/exploiting-file-upload-vulnerabilities-what-why-how-68e159aff82a?source=rss------bug_bounty-5 | SACHIN PV | owasp, bug-bounty, file-upload, pentesting, file-upload-vulnerability | 13-May-2025 |
How I Found a Way to Prolong Password Reset Code Expiry | https://infosecwriteups.com/how-i-found-a-way-to-prolong-password-reset-code-expiry-6214391023de?source=rss------bug_bounty-5 | Ehtesham Ul Haq | passwords, bug-bounty, hacking, penetration-testing, infosec | 13-May-2025 |
Web Cache | https://medium.com/@eddinesaad122/web-cache-6065a266ae95?source=rss------bug_bounty-5 | saad eddine | bug-bounty, web-development, technology, security, web | 13-May-2025 |
ASUS DriverHub Vulnerability Exposes Users to Remote Code Execution | https://wiretor.medium.com/asus-driverhub-vulnerability-exposes-users-to-remote-code-execution-1f924851eeac?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | usa, bug-bounty, hacking, malware, rce | 13-May-2025 |
Bug Bounty Roadmap 2025: The Complete Guide to Becoming a Professional Ethical Hacker | https://medium.com/@jiniyaasma8/bug-bounty-roadmap-2025-the-complete-guide-to-becoming-a-professional-ethical-hacker-a6ff0abc69ef?source=rss------bug_bounty-5 | Jiniyaasma | bug-bounty-tips, technology, resources, cybersecurity, bug-bounty | 13-May-2025 |
$$$ bounty via unique username bypass | https://medium.com/legionhunters/bounty-via-unique-username-bypass-26f2c76f5ee7?source=rss------bug_bounty-5 | cryptoshant | money, bug-bounty, bug-bounty-tips, cybersecurity, hacking | 13-May-2025 |
My Exceptional SSRF Finding | https://medium.com/@nocley/my-exceptional-ssrf-finding-73e8039e3a22?source=rss------bug_bounty-5 | nocley | readteam, pentest, tips-and-tricks, bug-bounty, ssrf | 13-May-2025 |
Upload Vulns | https://medium.com/@julius.grosserode.19/upload-vulns-3c139f507b28?source=rss------bug_bounty-5 | Julio | path-traversal, file-upload, bug-bounty, file-upload-vulnerability, bug-bounty-tips | 13-May-2025 |
Introducing DomainRecon: Your Advanced WHOIS & DNS Intelligence Tool | https://medium.com/@N0aziXss/introducing-domainrecon-your-advanced-whois-dns-intelligence-tool-9e2dc63ae774?source=rss------bug_bounty-5 | N0aziXss | ethical-hacking, python, bug-bounty, reconnaissance, cybersecurity | 13-May-2025 |
Template Report Bug Bounty (Bahasa Indonesia) | https://medium.com/@ikhlasul0507/template-report-bug-bounty-d3ad2f9d84ee?source=rss------bug_bounty-5 | Ikhlasul | xss-attack, bugs, bug-bounty, xs | 12-May-2025 |
$25,000 SSRF in HackerOne’s Analytics Reports | https://osintteam.blog/25-000-ssrf-in-hackerones-analytics-reports-b9a5b3aa3d6e?source=rss------bug_bounty-5 | Monika sharma | hacking, bug-bounty, cybersecurity, technology, penetration-testing | 12-May-2025 |
How I Earned $200 From a Simple EXIF Bug (Step by Step Guide, You Can Use Today) | https://infosecwriteups.com/how-i-earned-200-from-a-simple-exif-bug-step-by-step-guide-you-can-use-today-c71dc2d82389?source=rss------bug_bounty-5 | BugBounty University | osint, bug-bounty, infosec, exif, cybersecurity | 12-May-2025 |
How I Found SSTI in a Search Bar | https://infosecwriteups.com/how-i-found-ssti-in-a-search-bar-6fede0d3263c?source=rss------bug_bounty-5 | Umanhonlen Gabriel | hacking, bug-bounty, hacker, bug-bounty-tips | 12-May-2025 |
Breaking APIs: A Bug Hunter’s Guide | https://osintteam.blog/breaking-apis-a-bug-hunters-guide-ba20b7098364?source=rss------bug_bounty-5 | Aditya Bhatt | api-testing, bug-bounty, api, cybersecurity, bug-hunting | 12-May-2025 |
How I Exploited a Low-Level Logic Flaw to Manipulate Product Prices Using Burp Intruder | https://osintteam.blog/how-i-exploited-a-low-level-logic-flaw-to-manipulate-product-prices-using-burp-intruder-64143bee2322?source=rss------bug_bounty-5 | Bash Overflow | bug-bounty, exploit-logic-flaw, bypass-price-validation, logic-flaw-bug-bounty, bug-bounty-tips | 12-May-2025 |
This Red Teaming Tools can make you a pro Hacker. | https://medium.com/@anandrishav2228/this-red-teaming-tools-can-make-you-a-pro-hacker-69b5f60fd735?source=rss------bug_bounty-5 | Rishav anand | money, cybersecurity, red-team, bug-bounty, hacking | 12-May-2025 |
SSRF via PDF Generator? Yes, and It Led to EC2 Metadata Access | https://infosecwriteups.com/ssrf-via-pdf-generator-yes-and-it-led-to-ec2-metadata-access-39b8e5b41840?source=rss------bug_bounty-5 | Abhijeet Kumawat | infosec, hacking, ssrf, bug-bounty, ssrf-attack | 12-May-2025 |
The Psychology of Patch Fatigue: Why Teams Delay Fixes | https://medium.com/@paritoshblogs/the-psychology-of-patch-fatigue-why-teams-delay-fixes-eb4690cfb38e?source=rss------bug_bounty-5 | Paritosh | cybersecurity, vulnerability, vulnerability-management, hacking, bug-bounty | 12-May-2025 |
Top 5 Easiest Bugs for Beginners in Bug Bounty | https://infosecwriteups.com/top-5-easiest-bugs-for-beginners-in-bug-bounty-45dd81c49e03?source=rss------bug_bounty-5 | Vipul Sonule | hacking, bug-bounty, infosec, technology, cybersecurity | 12-May-2025 |
$10,000 Bounty: HackerOne Report Comments Leak via “Export as .zip” | https://infosecwriteups.com/10-000-bounty-hackerone-report-comments-leak-via-export-as-zip-a4aed8bd7409?source=rss------bug_bounty-5 | Monika sharma | penetration-testing, bug-bounty, technology, hacking, cybersecurity | 12-May-2025 |
SameSite? SameMess: How I Bypassed Cookie Protections to Hijack Sessions ️♂️ | https://infosecwriteups.com/samesite-samemess-how-i-bypassed-cookie-protections-to-hijack-sessions-%EF%B8%8F-%EF%B8%8F-20520f4be7ec?source=rss------bug_bounty-5 | Iski | bug-bounty, money, cybersecurity, hacking, infosec | 12-May-2025 |
How I Find Open Redirect Bugs Using Waybackurls, Gau & GF Tool | https://ch4ndan.medium.com/how-i-find-open-redirect-bugs-using-waybackurls-gau-gf-tool-64ac3dcb9aa0?source=rss------bug_bounty-5 | Ch4ndan das | bug-bounty, cybersecurity, bug-bounty-tips, cyber-security-awareness, bug-bounty-writeup | 12-May-2025 |
Intercept phone’s traffic in burp (using actual phone) | https://medium.com/@ozz0x/intercept-phones-traffic-in-burp-using-actual-phone-ca46317add92?source=rss------bug_bounty-5 | Ozz | api, mobile-pentesting, api-testing, mobile-bug-bounty, bug-bounty | 12-May-2025 |
Researcher Yuvi Teen Hacker to Hall of Fame: My Cybersecurity Journey at 16 | https://medium.com/@codewithyuvi/researcher-yuvi-teen-hacker-to-hall-of-fame-my-cybersecurity-journey-at-16-230efba091cb?source=rss------bug_bounty-5 | Yuvraj Gupta | youngest, cybersecurity, hacking, bug-bounty, yuvi | 12-May-2025 |
$12,000 RCE in GitLab: Arbitrary File Overwrite via Path Injection | https://medium.com/meetcyber/12-000-rce-in-gitlab-arbitrary-file-overwrite-via-path-injection-35443b6602df?source=rss------bug_bounty-5 | Monika sharma | cybersecurity, penetration-testing, technology, bug-bounty, hacking | 12-May-2025 |
iSCSI— Port 3260 — How to exploit? | https://medium.com/@verylazytech/iscsi-port-3260-how-to-exploit-c8402da9cefb?source=rss------bug_bounty-5 | Very Lazy Tech | ethical-hacking, iscsi, penetration-testing, oscp, bug-bounty | 12-May-2025 |
️ Top 25 Most Dangerous Software Weaknesses (CWE) | https://medium.com/@shamzen96/%EF%B8%8F-top-25-most-dangerous-software-weaknesses-cwe-91a3e4e58f42?source=rss------bug_bounty-5 | Shivam Raj | bug-bounty, cwe, cybersecurity | 12-May-2025 |
Researcher Yuvi — My Cybersecurity Journey at 16 | https://medium.com/@codewithyuvi/researcher-yuvi-teen-hacker-to-hall-of-fame-my-cybersecurity-journey-at-16-230efba091cb?source=rss------bug_bounty-5 | Yuvraj Gupta | youngest, cybersecurity, hacking, bug-bounty, yuvi | 12-May-2025 |
bWAPP HTML Injection CheatSheet — (WebApp Pentesting 1) | https://serkanbenol.medium.com/bwapp-html-injection-cheatsheet-webapp-pentesting-1-f6ae6719617a?source=rss------bug_bounty-5 | serkanbenol | bug-bounty-hunter, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 12-May-2025 |
The Ultimate IDOR Bug Bounty Methodology — Learn & Hunt Like a Pro (2025 Guide) | https://hackersatty.medium.com/the-ultimate-idor-bug-bounty-methodology-learn-hunt-like-a-pro-2025-guide-fd79e50fd7fe?source=rss------bug_bounty-5 | hackersatty | idor-vulnerability, bug-hunting, bug-bounty, bug-bounty-writeup, api | 12-May-2025 |
[Bug Bounty] How I Leaked Admin Metadata From a Low-Privileged Account — A Deep Dive into… | https://hackersatty.medium.com/bug-bounty-how-i-leaked-admin-metadata-from-a-low-privileged-account-a-deep-dive-into-23e0d699d792?source=rss------bug_bounty-5 | hackersatty | bug-bounty, idor, bug-bounty-writeup, javascript, api-endpoint | 12-May-2025 |
Master CRLF Injection: The Underrated Bug with Dangerous Potential | https://infosecwriteups.com/master-crlf-injection-the-underrated-bug-with-dangerous-potential-33bb0d62e031?source=rss------bug_bounty-5 | coffinxp | programming, hacking, bug-bounty, cybersecurity, technology | 12-May-2025 |
How I Found a Way to Submit LeetCode Premium Problems as a Free User | https://medium.com/@ShreyasMahajann/how-i-found-a-way-to-submit-leetcode-premium-problems-as-a-free-user-cb30668b976c?source=rss------bug_bounty-5 | Shreyas Mahajan | leetcode, hacking, cybersecurity, bug-bounty, coding | 12-May-2025 |
OSINT Writeups — MIST Cyber Drill 2025 | https://infosecwriteups.com/osint-writeups-mist-cyber-drill-2025-2d1e398a4672?source=rss------bug_bounty-5 | Mr Grey | ctf, osint, ctf-walkthrough, bug-bounty, ctf-writeup | 12-May-2025 |
Unauthenticated Cache Purging Vulnerability | https://00x.medium.com/unauthenticated-cache-purging-vulnerability-29f2641fcbb8?source=rss------bug_bounty-5 | 00xdata | bug-bounty-tips, bug-bounty | 12-May-2025 |
$1,120 Bounty: Clickjacking Vulnerability in Twitter Periscope | https://osintteam.blog/1-120-bounty-clickjacking-vulnerability-in-twitter-periscope-b46e8dfc8915?source=rss------bug_bounty-5 | Monika sharma | penetration-testing, bug-bounty, technology, cybersecurity, hacking | 12-May-2025 |
API Key Exposure in NASA GitHub Repository Leads to Unauthorized Access to Academic Data | https://infosecwriteups.com/api-key-exposure-in-nasa-github-repository-leads-to-unauthorized-access-to-academic-data-816bfb6ffede?source=rss------bug_bounty-5 | Abhijeet Kumawat | cybersecurity, infosec, bug-bounty, nasa, hacking | 11-May-2025 |
$16,000 Bounty: Stored XSS in GitLab | https://infosecwriteups.com/16-000-bounty-stored-xss-in-gitlab-a0f57e5c4245?source=rss------bug_bounty-5 | Monika sharma | hacking, penetration-testing, technology, bug-bounty, report | 11-May-2025 |
Confessions of a Bug Bounty Hunter: Tales from the Digital Jungle | https://bevijaygupta.medium.com/confessions-of-a-bug-bounty-hunter-tales-from-the-digital-jungle-892e188bc282?source=rss------bug_bounty-5 | Vijay Kumar Gupta | bug-bounty, bug-bounty-tips, bugs, confessions, digital | 11-May-2025 |
5 Places XSS Hides in Modern Bootstrap Apps (and How to Find Them) | https://medium.com/@killuaX/5-places-xss-hides-in-modern-bootstrap-apps-and-how-to-find-them-d22ec62c8359?source=rss------bug_bounty-5 | Abhiram | bootstrap, xss-vulnerability, web-security, bug-bounty, ethical-hacking | 11-May-2025 |
Bypass Fitur Ganti Email via Request API Langsung | https://medium.com/@FufuFaf1/bypass-fitur-ganti-email-via-request-api-langsung-fac831a8dc31?source=rss------bug_bounty-5 | FufuFafa | cybersecurity, cyber-security-awareness, bug-bounty, bug-bounty-writeup | 11-May-2025 |
Bug Bounty Race: Exploiting Race Conditions for Infinite Discounts | https://infosecwriteups.com/bug-bounty-race-exploiting-race-conditions-for-infinite-discounts-a2cb2f233804?source=rss------bug_bounty-5 | Aditya Bhatt | burpsuite, hacking, race-condition, cybersecurity, bug-bounty | 11-May-2025 |
APIs Hacking : Exploiting Race Condition 101 | https://iaraoz.medium.com/apis-hacking-exploiting-race-condition-101-e063ea5057cb?source=rss------bug_bounty-5 | Israel Aráoz Severiche | api, cybersecurity, bug-bounty, hacking, penetration-testing | 11-May-2025 |
MFA Update OTP Bypass | https://medium.com/@aburayhan01734_18069/mfa-update-otp-bypass-64e2cd1cbe86?source=rss------bug_bounty-5 | Md. Abu Rayhan | bypass, 2fa-bypass, mfa, bug-bounty, athentication | 11-May-2025 |
The “Unlimited Leave” Hack I Found at My College — And Why I Didn’t Use It | https://medium.com/@swarnimbandekar/vtop-idor-d73d42d206bc?source=rss------bug_bounty-5 | Swarnim Bandekar | bug-bounty-writeup, bug-bounty, hacking, penetration-testing, cybersecurity | 11-May-2025 |
Unauthorized Access to Meta’s Draft Profile Picture Frames: A Bug Bounty Breakdown | https://medium.com/@kamramehak445/unauthorized-access-to-metas-draft-profile-picture-frames-a-bug-bounty-breakdown-c46f592005dd?source=rss------bug_bounty-5 | Mehak kamra | cyber, meta, bug-bounty, cyberattack, cybersecurity | 11-May-2025 |
The Hidden Language: Exploiting GraphQL for Unauthorized Data Dump | https://infosecwriteups.com/the-hidden-language-exploiting-graphql-for-unauthorized-data-dump-8be49f30a005?source=rss------bug_bounty-5 | Iski | hacking, bug-bounty, infosec, money, cybersecurity | 11-May-2025 |
Red Team Concepts by Mr. David | https://medium.com/@darshannnaik1234/red-team-concepts-by-mr-david-5650776fd778?source=rss------bug_bounty-5 | Darshan Naresh Naik | active-directory, cybersecurity, bug-bounty, ethical-hacking, red-team | 11-May-2025 |
Authorization Bypass Through HTTP Response Manipulation | https://octayus.medium.com/authorization-bypass-through-http-response-manipulation-00e318a5b722?source=rss------bug_bounty-5 | OctaYus | bug-bounty-tips, bug-bounty, twitter, authentication, cybersecurity | 11-May-2025 |
Tracking App Data Changes with Git During Mobile App Security Review | https://medium.com/@arkadiy.litvinenko/tracking-app-data-changes-with-git-during-mobile-app-security-review-520af779dd49?source=rss------bug_bounty-5 | Arkadiy Litvinenko | application-security, bug-bounty, mobile-security, penetration-testing, information-security | 11-May-2025 |
More Than Broken Access: The Real Power of IDORs | https://medium.com/@xerox0x1/more-than-broken-access-the-real-power-of-idors-a50763e9ff8d?source=rss------bug_bounty-5 | XeRox01 | idor, bug-bounty, pentesting, web-security, infosec | 10-May-2025 |
Securing and Consuming APIs in the Cloud: A Complete Journey from Provider to Customer | https://medium.com/@zoningxtr/securing-and-consuming-apis-in-the-cloud-a-complete-journey-from-provider-to-customer-d7c0f736b84d?source=rss------bug_bounty-5 | Zoningxtr | web-development, bug-bounty, api, cybersecurity, penetration-testing | 10-May-2025 |
Hidden HackerOne & Bugcrowd Programs: How to Get Private Invites | https://infosecwriteups.com/hidden-hackerone-bugcrowd-programs-how-to-get-private-invites-74f8e8ce38c4?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, cybersecurity, bugcrowd, hackerone, infosec | 10-May-2025 |
How to Build an Internal Security Review Checklist Before Every Deployment ✅ | https://securrtech.medium.com/how-to-build-an-internal-security-review-checklist-before-every-deployment-2c84910293aa?source=rss------bug_bounty-5 | Securr - Web3 Security | smart-contract-security, web3-security, blockchain-security, bug-bounty, smart-contract-auditing | 10-May-2025 |
Core Banking System Architecture Explained: Layers, Components, and Security | https://medium.com/@zoningxtr/core-banking-system-architecture-explained-layers-components-and-security-72368ff7aed8?source=rss------bug_bounty-5 | Zoningxtr | bug-bounty, web-development, cybersecurity, penetration-testing, api | 10-May-2025 |
Beyond Patch Tuesday: Managing Vulnerabilities in Real-Time | https://medium.com/@paritoshblogs/beyond-patch-tuesday-managing-vulnerabilities-in-real-time-63dbfa6ac92f?source=rss------bug_bounty-5 | Paritosh | cybersecurity, patch-tuesday, vulnerability, vulnerability-management, bug-bounty | 10-May-2025 |
Blind XXE Attacks via Out-of-Band Interaction Using Burp Collaborator | https://bashoverflow.medium.com/blind-xxe-attacks-via-out-of-band-interaction-using-burp-collaborator-af0abd7c7d25?source=rss------bug_bounty-5 | Bash Overflow | xxe-injection, bug-bounty, blind-xxe-vulnerability, out-of-band-xxe-attack, bug-bounty-tips | 10-May-2025 |
️♂️ The Unwanted Guest: How Misconfigured Firebase Gave Me All the Data | https://medium.com/@iski/%EF%B8%8F-%EF%B8%8F-the-unwanted-guest-how-misconfigured-firebase-gave-me-all-the-data-80e0e23b7250?source=rss------bug_bounty-5 | Iski | bug-bounty, money, hacking, infosec, cybersecurity | 10-May-2025 |
Introduction to Web Applications | https://medium.com/@fatimahasan022/introduction-to-web-applications-3567db23580a?source=rss------bug_bounty-5 | Fatimahasan | penetration-testing, web-attack, bug-bounty, web-development, web-design | 10-May-2025 |
Inside the Enemy Lines: How a Simple IDOR Unmasked a Major Malware Campaign | https://medium.com/@red.whisperer/inside-the-enemy-lines-how-a-simple-idor-unmasked-a-major-malware-campaign-4d61c2293cf6?source=rss------bug_bounty-5 | Chux | bug-bounty, hacking, malware, technology, cybersecurity | 10-May-2025 |
The Vulnerability Management Playbook for Lean Security Teams | https://medium.com/@paritoshblogs/the-vulnerability-management-playbook-for-lean-security-teams-f253be8a0c85?source=rss------bug_bounty-5 | Paritosh | playbook, bug-bounty, cybersecurity, hacking, vulnerability-management | 10-May-2025 |
How I Earned 100 euros in 4 Hours as a Beginner Bug Bounty Hunter | https://medium.com/@nn.nkp007/how-i-earned-100-euros-in-4-hours-as-a-beginner-bug-bounty-hunter-623530ba8bf5?source=rss------bug_bounty-5 | Niranjan Prajapati | intigriti, ethical-hacking, earn-money-online, earn-money, bug-bounty | 10-May-2025 |
$12,000 Bounty: From Path Traversal to Remote Code Execution on GitLab | https://medium.com/meetcyber/12-000-bounty-from-path-traversal-to-remote-code-execution-on-gitlab-eab315e346c3?source=rss------bug_bounty-5 | Monika sharma | report, technology, penetration-testing, bug-bounty, hacking | 10-May-2025 |
LockBit Ransomware Gang Hacked: Internal Data & Victim Chats Leaked | https://wiretor.medium.com/lockbit-ransomware-gang-hacked-internal-data-victim-chats-leaked-05b1adc7e123?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, hacking, money, ai, malware | 10-May-2025 |
Inside the Enemy Lines: How a Simple IDOR Unmasked a Major Malware Campaign | https://infosecwriteups.com/inside-the-enemy-lines-how-a-simple-idor-unmasked-a-major-malware-campaign-4d61c2293cf6?source=rss------bug_bounty-5 | Chux | bug-bounty, hacking, malware, technology, cybersecurity | 10-May-2025 |
Making Your First $1,000 in Bug Bounties: A Practical Roadmap for Aspiring Hackers | https://medium.com/@maxwellcross/making-your-first-1-000-in-bug-bounties-a-practical-roadmap-for-aspiring-hackers-0b74a89c76a9?source=rss------bug_bounty-5 | Maxwell Cross | hacking, bug-bounty, programming, coding | 10-May-2025 |
HTML Injection | https://medium.com/@fatimahasan022/html-injection-33a2ba6d7562?source=rss------bug_bounty-5 | Fatimahasan | bug-bounty, html-injection, ethical-hacking, hackthebox, penetration-testing | 10-May-2025 |
$9,400 Bounty: XSS in Shopify’s Jamf Pro via Exposed Swagger UI | https://osintteam.blog/9-400-bounty-xss-in-shopifys-jamf-pro-via-exposed-swagger-ui-7b029a4be766?source=rss------bug_bounty-5 | Monika sharma | bug-bounty, hacking, technology, cybersecurity, penetration-testing | 10-May-2025 |
Improve your cybersecurity skills | https://medium.com/@loyalonlytoday/improve-your-cybersecurity-skills-5cdb31d40a4f?source=rss------bug_bounty-5 | loyalonlytoday | ctf, bug-bounty, penetration-testing, hacking, cybersecurity | 09-May-2025 |
XSS Explained: A Complete Guide to Cross-Site Scripting with Practical Examples | https://medium.com/@mazene432/xss-explained-a-complete-guide-to-cross-site-scripting-with-practical-examples-80453349b35f?source=rss------bug_bounty-5 | Mazen Elsayed | vulnerability-assessment, cybersecurity, bug-bounty, web-penetration-testing, penetration-testing | 09-May-2025 |
️Recon Automation Like a Pro: My 5-Stage System to Catch More Bugs | https://infosecwriteups.com/%EF%B8%8Frecon-automation-like-a-pro-my-5-stage-system-to-catch-more-bugs-4fff7b7c4726?source=rss------bug_bounty-5 | Abhijeet Kumawat | recon, hacking, cybersecurity, bug-bounty, infosec | 09-May-2025 |
JS File Reconnaissance In Web Hacking | https://medium.com/@SysSecureLabs/js-file-reconnaissance-in-web-hacking-436215909594?source=rss------bug_bounty-5 | SysSecureLabs | bug-bounty, bounties, reconnaissance, files-j, recon | 09-May-2025 |
$50,000 Bounty: GitHub Access Token | https://infosecwriteups.com/50-000-bounty-github-access-token-c29cb6f00182?source=rss------bug_bounty-5 | Monika sharma | technology, penetration-testing, report, hacking, bug-bounty | 09-May-2025 |
$840 Bounty: How I Stole OAuth Tokens from Twitter | https://infosecwriteups.com/840-bounty-how-i-stole-oauth-tokens-from-twitter-733f82857eda?source=rss------bug_bounty-5 | Monika sharma | bug-bounty, penetration-testing, cybersecurity, technology, hacking | 09-May-2025 |
OttoKit WordPress Plugin Hacked: How 100K+ Sites Fell Prey to Sneaky Exploits ️♂️ | https://ismailtasdelen.medium.com/ottokit-wordpress-plugin-hacked-how-100k-sites-fell-prey-to-sneaky-exploits-%EF%B8%8F-%EF%B8%8F-3c8ddac468e8?source=rss------bug_bounty-5 | Ismail Tasdelen | cyberattack, web-security, bug-bounty, wordpress, vulnerability | 09-May-2025 |
Security Vulnerability in Hidden Parameters: IDOR Attack on Mighty App Payment Page | https://medium.com/@security.tecno/security-vulnerability-in-hidden-parameters-idor-attack-on-mighty-app-payment-page-e01ea2f2dc48?source=rss------bug_bounty-5 | TECNO Security | bug-bounty, bugs, security, apps, hacking | 09-May-2025 |
CSP? More Like Can’t Stop Payloads — Bypassing CSP to XSS Like a Pro | https://infosecwriteups.com/csp-more-like-cant-stop-payloads-bypassing-csp-to-xss-like-a-pro-90d27c2c3a40?source=rss------bug_bounty-5 | Iski | money, cybersecurity, bug-bounty, infosec, hacking | 09-May-2025 |
Web Application Hacking: Where do I Even Start? | https://systemweakness.com/web-application-hacking-where-do-i-even-start-a1e05c240936?source=rss------bug_bounty-5 | Regan Temudo | bug-bounty, cybersecurity, web-application-security, advice, how-to | 09-May-2025 |
HyperScanner [HxScanner] v1.4: A Fast, Beautiful HTTP & CORS Scanner for Modern Hackers | https://neerajsah.medium.com/hyperscanner-hxscanner-v1-4-a-fast-beautiful-http-cors-scanner-for-modern-hackers-749b36e2d947?source=rss------bug_bounty-5 | Neeraj Sah | go-programming, cybersecurity, bug-bounty, hacking, open-source | 09-May-2025 |
Mastering Rate Limit Bypass Techniques | https://infosecwriteups.com/mastering-rate-limit-bypass-techniques-fff9499b0f42?source=rss------bug_bounty-5 | coffinxp | penetration-testing, hacking, bug-bounty, technology, cybersecurity | 09-May-2025 |
Squid — Port 3128 — How to exploit? | https://medium.com/@verylazytech/squid-port-3128-how-to-exploit-4cc4adcff83a?source=rss------bug_bounty-5 | Very Lazy Tech | penetration-testing, oscp, bug-bounty, ethical-hacking, exploit | 09-May-2025 |
$15,000 Bounty: Found a Critical Vulnerability in Snapchat | https://medium.com/meetcyber/15-000-bounty-found-a-critical-vulnerability-in-snapchat-377176a0f0eb?source=rss------bug_bounty-5 | Monika sharma | technology, report, bug-bounty, penetration-testing, hacking | 09-May-2025 |
Mastering 403 Bypasses | https://medium.com/@XEyeSecurity/mastering-403-bypasses-cf6d1919404e?source=rss------bug_bounty-5 | Cybersectoworld | bug-bounty, bug-bounty-tips | 09-May-2025 |
⚔️ How I Hijacked Password Reset Links with One Sneaky Header Injection | https://root-geek.medium.com/%EF%B8%8F-how-i-hijacked-password-reset-links-with-one-sneaky-header-injection-47a0db51bfd9?source=rss------bug_bounty-5 | ASC Lages | bug-bounty-writeup, account-take-over, bug-bounty | 09-May-2025 |
Shifting Left with Vulnerability Management: Security as Code | https://medium.com/@paritoshblogs/shifting-left-with-vulnerability-management-security-as-code-353c206db2de?source=rss------bug_bounty-5 | Paritosh | bug-bounty, vulnerability, vulnerability-management, programming, cybersecurity | 08-May-2025 |
No Auth, No Problem: The API Vulnerability That Led to Full Account Takeover | https://akr3ch.medium.com/no-auth-no-problem-the-api-vulnerability-that-led-to-full-account-takeover-199c6d7e7fa7?source=rss------bug_bounty-5 | akr3ch | bug-bounty, bug-bounty-tips, hackerone, account-takeover, cybersecurity | 08-May-2025 |
Bug Hunting in JS Files: Tricks, Tools, and Real-World POCs | https://infosecwriteups.com/bug-hunting-in-js-files-tricks-tools-and-real-world-pocs-70406e3eb72e?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, vulnerability, json-web-token, json, cybersecurity | 08-May-2025 |
A Guide to SQL Injection Attacks: Hackers Don’t Want You to Know This! | https://infosecwriteups.com/a-guide-to-sql-injection-attacks-hackers-dont-want-you-to-know-this-a9837f711f6b?source=rss------bug_bounty-5 | Dhanush N | information-security, bug-bounty, hacking, sql-injection, cybersecurity | 08-May-2025 |
Tool Review — TraceWeb.io Extension | https://infosecwriteups.com/tool-review-traceweb-io-extension-5fdf79396e21?source=rss------bug_bounty-5 | ne555 | bug-bounty, infosec, browser-extension, hacking | 08-May-2025 |
$100 Bounty: How a Spoofed Email Could Change Any Username on HackerOne | https://infosecwriteups.com/100-bounty-how-a-spoofed-email-could-change-any-username-on-hackerone-8efd98ab44f5?source=rss------bug_bounty-5 | Monika sharma | bug-bounty, hacking, penetration-testing, technology, cybersecurity | 08-May-2025 |
How to Escalate The Payload On The Infected Machine. | https://medium.com/meetcyber/how-to-escalate-the-payload-on-the-infected-machine-1d1beaa560ef?source=rss------bug_bounty-5 | NnFace | hacking, bug-bounty, meterpreter, ethical-hacking, metasploit | 08-May-2025 |
⚔️ Unsafe Eval = Unlimited Control: How a JS Sink Let Me Run Anything | https://infosecwriteups.com/%EF%B8%8F-unsafe-eval-unlimited-control-how-a-js-sink-let-me-run-anything-60794929a295?source=rss------bug_bounty-5 | Iski | bug-bounty, infosec, hacking, cybersecurity, money | 08-May-2025 |
From Zero to Recon: Your First ASN-Based Scanning Workflow | https://brutsecurity.medium.com/from-zero-to-recon-your-first-asn-based-scanning-workflow-b08c88709410?source=rss------bug_bounty-5 | Saumadip Mandal | bug-bounty, nasa, bug-bounty-tips, cybersecurity | 08-May-2025 |
Complete Guide to Nuclei Vulnerability Scanner | https://medium.com/@sksingh887378barat/complete-guide-to-nuclei-vulnerability-scanner-cc67658d30ad?source=rss------bug_bounty-5 | shubham kumar | bug-bounty-tips, nuclei-template, vulnerability-assessment, cybersecurity, bug-bounty | 08-May-2025 |
How I Found PII on BBP, Open Door to Sensitive PDFs — But Got a Duplicate | https://frostyxsec.medium.com/how-i-found-pii-on-bbp-open-door-to-sensitive-pdfs-but-got-a-duplicate-643fa0092e36?source=rss------bug_bounty-5 | Frostynxth | bug-bounty-tips, bug-bounty-hunter, bug-bounty-write-up, bug-bounty | 08-May-2025 |
How I Deleted Any User’s Account— No Interaction Needed | https://ehteshamulhaq198.medium.com/how-i-deleted-any-users-account-no-interaction-needed-faae0442ff4f?source=rss------bug_bounty-5 | Ehtesham Ul Haq | penetration-testing, infosec, ethical-hacking, bug-bounty, writeup | 08-May-2025 |
智能合约漏洞:区块链世界的隐秘威胁 | https://chartrand.medium.com/%E6%99%BA%E8%83%BD%E5%90%88%E7%BA%A6%E6%BC%8F%E6%B4%9E-%E5%8C%BA%E5%9D%97%E9%93%BE%E4%B8%96%E7%95%8C%E7%9A%84%E9%9A%90%E7%A7%98%E5%A8%81%E8%83%81-d53a3dd495cb?source=rss------bug_bounty-5 | Mckayla Chartrand | web3, smart-contracts, bug-bounty, security, bugbounty-tips | 08-May-2025 |
Exposing a Simple Bug That Crashed an Organization’s Forum | https://0xmatrix.medium.com/exposing-a-simple-bug-that-crashed-an-organizations-forum-8ac532157d6a?source=rss------bug_bounty-5 | Mo2men Elmady | hacking, bug-bounty, penetration-testing, bugs, bug-bounty-tips | 08-May-2025 |
$700 Bounty from a 2-Year-Old Secret — Found with iScan.today | https://medium.com/@arshadkazmi42/700-bounty-from-a-2-year-old-secret-found-with-iscan-today-87fb07eb5f53?source=rss------bug_bounty-5 | Arshad Kazmi | iscantoday, hackerone, bug-bounty, github | 08-May-2025 |
Exposing Shadow APIs: The Hidden Attack Surface in Modern Web Apps | https://medium.com/@tejprakashbk1996/exposing-shadow-apis-the-hidden-attack-surface-in-modern-web-apps-6fd1af0ec4e9?source=rss------bug_bounty-5 | tezp | owasp, api, api-documentation, swagger, bug-bounty | 08-May-2025 |
From Open Redirect to Full Account Takeover: Exploiting OAuth Misconfiguration | https://z00x.medium.com/from-open-redirect-to-full-account-takeover-exploiting-oauth-misconfiguration-35b0d215cf02?source=rss------bug_bounty-5 | z00x | oauth, bug-bounty, open-redirect, account-takeover, cybersecurity | 08-May-2025 |
The Story Behind 4 Vulnerabilities in a Single Target | https://medium.com/@mahmoudelsadey56/the-story-behind-4-vulnerabilities-in-a-single-target-11f89224d585?source=rss------bug_bounty-5 | Mahmoud elsadey | bug-bounty-tips, bug-bounty, business-logic-bug, bug-bounty-writeup, race-condition | 08-May-2025 |
How I Got a Free Order by Bypassing Login — My First Real-World Bug | https://medium.com/@moh2005rr/how-i-got-a-free-order-by-bypassing-login-my-first-real-world-bug-38798b79a9d7?source=rss------bug_bounty-5 | Moh2005rr | ethical-hacking, web-security, bug-bounty, cybersecurity, burpsuite | 08-May-2025 |
$5000 Bounty: Critical Stored XSS | https://osintteam.blog/5000-bounty-critical-stored-xss-e93c1730eccc?source=rss------bug_bounty-5 | Monika sharma | technology, hacking, penetration-testing, report, bug-bounty | 08-May-2025 |
Mastering Host Header Injection: Techniques, Payloads and Real-World Scenarios | https://osintteam.blog/mastering-host-header-injection-techniques-payloads-and-real-world-scenarios-e00c9e1f85cd?source=rss------bug_bounty-5 | coffinxp | hacking, cybersecurity, technology, penetration-testing, bug-bounty | 08-May-2025 |
$500 Bounty: Parameter Pollution in HackerOne’s | https://osintteam.blog/500-bounty-parameter-pollution-in-hackerones-976bb0a3caae?source=rss------bug_bounty-5 | Monika sharma | hacking, technology, penetration-testing, bug-bounty, report | 08-May-2025 |
A list of tools to find CORS(Cross-Origin Resource Sharing) | https://medium.com/@loyalonlytoday/a-list-of-tools-to-find-cors-cross-origin-resource-sharing-37f4c5ead5a1?source=rss------bug_bounty-5 | loyalonlytoday | penetration-testing, cors, hacking, bug-bounty, cybersecurity | 07-May-2025 |
Why CVSS Scores Alone Aren’t Enough in Vulnerability Management | https://medium.com/@paritoshblogs/why-cvss-scores-alone-arent-enough-in-vulnerability-management-219e8efad30e?source=rss------bug_bounty-5 | Paritosh | vulnerability, cybersecurity, information-technology, bug-bounty, hacking | 07-May-2025 |
Hacking the Frontend Logic: Exploiting JavaScript Business Flaws | https://infosecwriteups.com/hacking-the-frontend-logic-exploiting-javascript-business-flaws-b6600fafd8a4?source=rss------bug_bounty-5 | Vipul Sonule | cybersecurity, hacking, infosec, programming, bug-bounty | 07-May-2025 |
$2,900 Bounty: Public S3 Bucket Exposure in Shopify | https://infosecwriteups.com/2-900-bounty-public-s3-bucket-exposure-in-shopify-05b14bbf6dad?source=rss------bug_bounty-5 | Monika sharma | cybersecurity, hacking, bug-bounty, technology, report | 07-May-2025 |
How to setup a Monthly Free VPS for Bug Hunting | https://infosecwriteups.com/how-to-setup-a-monthly-free-vps-for-bug-hunting-d41d0fa3ed6c?source=rss------bug_bounty-5 | Mostafa Alrefai | bug-bounty, github, cybersecurity, penetration-testing, hacking | 07-May-2025 |
JS Recon To HTML Injection | https://medium.com/legionhunters/js-recon-to-html-injection-4cdca8fd88cf?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | information-technology, bug-bounty, programming, coding, hacking | 07-May-2025 |
“ Mastering Bug Bounty Recon: Tools & Techniques to Uncover Vulnerabilities ” | https://medium.com/@devillegiondevils/mastering-bug-bounty-recon-tools-techniques-to-uncover-vulnerabilities-6db1bbfef248?source=rss------bug_bounty-5 | Hex00 | bug-bounty-writeup, recon, bug-bounty, bug-bounty-tips, subdomains-enumeration | 07-May-2025 |
️♂️ Unlisted but Not Unseen: How I Found the Admin Panel in a JavaScript Comment | https://infosecwriteups.com/%EF%B8%8F-%EF%B8%8F-unlisted-but-not-unseen-how-i-found-the-admin-panel-in-a-javascript-comment-f34af758b4c8?source=rss------bug_bounty-5 | Iski | hacking, cybersecurity, bug-bounty, infosec, money | 07-May-2025 |
Exploring the Bug Bounty Program: A Gateway to Ethical Hacking and Cybersecurity Careers | https://medium.com/@narayanananand480/exploring-the-bug-bounty-program-a-gateway-to-ethical-hacking-and-cybersecurity-careers-34649bc79690?source=rss------bug_bounty-5 | Anand Narayanan | cybersecurity, bug-bounty-tips, cyber-security-courses, bug-bounty, ethical-hacking | 07-May-2025 |
How a JavaScript File Led Me to an Open Redirect Vulnerability | https://systemweakness.com/how-a-javascript-file-led-me-to-an-open-redirect-vulnerability-eefce51303b2?source=rss------bug_bounty-5 | Shafayat Ahmed Alif | bug-bounty, bug-bounty-tips, bug-bounty-writeup, open-redirect, cybersecurity | 07-May-2025 |
SubNotifier | https://medium.com/@eliyevnahid0404/subnotifier-b8a8f2671819?source=rss------bug_bounty-5 | Nahid Əliyev | pentesting, cybersecurity, bug-bounty | 07-May-2025 |
Unveiling Critical Weaknesses: A Rigorous Penetration Test of a Web Application | https://medium.com/@tusharpuri6/unveiling-critical-weaknesses-a-rigorous-penetration-test-of-a-web-application-3b60cef532e6?source=rss------bug_bounty-5 | Tusharpuri | penetration-testing, bug-bounty, application-security, infosec, offensive-security | 07-May-2025 |
From Cross-Subdomain Cookie Reuse to Becoming Super Admin: An Exploit Chain Walkthrough | https://medium.com/@cyberpro151/from-cross-subdomain-cookie-reuse-to-becoming-super-admin-an-exploit-chain-walkthrough-32527caa2a11?source=rss------bug_bounty-5 | cyberpro151 | hacking, bug-bounty-tips, penetration-testing, bug-bounty, bug-bounty-writeup | 07-May-2025 |
Docker — Port 2375,2376 — How to exploit? | https://medium.com/@verylazytech/docker-port-2375-2376-how-to-exploit-8faa8d70a7ab?source=rss------bug_bounty-5 | Very Lazy Tech | ethical-hacking, bug-bounty, docker, exploit, penetration-testing | 07-May-2025 |
Discovering a Blind XSS Vulnerability in the Platform | https://medium.com/@Saeiez/discovering-a-blind-xss-vulnerability-in-the-platform-1fa45a6621db?source=rss------bug_bounty-5 | Saeiez | bug-bounty-tips, web3, ai, bug-bounty, pentesting | 07-May-2025 |
Compress-a-thon — Web Exploitation — Pentathon 2025 | https://medium.com/@dassomnath/compress-a-thon-web-exploitation-pentathon-2025-fea9adf9fa6b?source=rss------bug_bounty-5 | Somnath Das | web-hacking, pentathon-2025-writeup, web, hacking, bug-bounty | 07-May-2025 |
Discovering a Blind XSS Vulnerability in the Platform AI | https://medium.com/@Saeiez/discovering-a-blind-xss-vulnerability-in-the-platform-1fa45a6621db?source=rss------bug_bounty-5 | Saeiez | bug-bounty-tips, web3, ai, bug-bounty, pentesting | 07-May-2025 |
OttoKit WordPress Plugin Exploit Hackers Create Rogue Admin Account | https://wiretor.medium.com/ottokit-wordpress-plugin-exploit-hackers-create-rogue-admin-account-7e654c49e719?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, malware, rce, hacking, ai | 07-May-2025 |
Unmasking Robots.txt: What Web Crawlers Hide and relates OSINT | https://osintteam.blog/everything-about-robots-txt-file-3815dddfbfce?source=rss------bug_bounty-5 | 127.0.0.1 | cybersecurity, robotstxt, osint, site-crawlers, bug-bounty | 07-May-2025 |
Shift Left Testing | https://medium.com/@rashid.alakbarov/shift-left-testing-a9293d520eaa?source=rss------bug_bounty-5 | Rashid Alakbarov | qa, bug-bounty, software-testing, developer | 06-May-2025 |
Undeleted Secrets: Uncovering an IDOR Vulnerability in “Recently Deleted” Items | https://medium.com/@0x1di0t/undeleted-secrets-uncovering-an-idor-vulnerability-in-recently-deleted-items-6d35db221008?source=rss------bug_bounty-5 | Wahid Najim | idor-vulnerability, bug-bounty, soft-deletion, idor | 06-May-2025 |
Mastering Runtime Hooking with Frida — Real-World Challenges (Part 3) | https://medium.com/@ch3tanbug/mastering-runtime-hooking-with-frida-real-world-challenges-part-3-b70a62ed4395?source=rss------bug_bounty-5 | CH3TAN | bug-bounty, reverse-engineering, jadx, mobile-security, cybersecurity | 06-May-2025 |
Query Confusion: How HTTP Parameter Pollution Made the App Spill Secrets | https://infosecwriteups.com/query-confusion-how-http-parameter-pollution-made-the-app-spill-secrets-55b09a1bc98b?source=rss------bug_bounty-5 | Iski | cybersecurity, infosec, bug-bounty, money, hacking | 06-May-2025 |
$2000 Bounty: Stored XSS in GitLab | https://infosecwriteups.com/2000-bounty-stored-xss-in-gitlab-c71b2d7a3c21?source=rss------bug_bounty-5 | Monika sharma | hacking, penetration-testing, technology, bug-bounty, report | 06-May-2025 |
How Hackers Exploit CORS Misconfigurations | https://infosecwriteups.com/how-hackers-exploit-cors-misconfigurations-35a6c5d7e0c8?source=rss------bug_bounty-5 | Vipul Sonule | infosec, programming, bug-bounty, cybersecurity, hacking | 06-May-2025 |
OAuth Integration Hijack via Predictable state Parameter | https://kariiem.medium.com/oauth-integration-hijack-via-predictable-state-parameter-facdae83e6b6?source=rss------bug_bounty-5 | Kariiem Gamal | oauth, csrf, bug-bounty, penetration-testing | 06-May-2025 |
Email Enumeration melalui Endpoint POST /api/passwordReset/?h= | https://medium.com/@FufuFaf1/email-enumeration-melalui-endpoint-post-api-passwordreset-h-80c4aa7d0159?source=rss------bug_bounty-5 | FufuFafa | cybersecurity, bug-bounty-writeup, bugcrowd, bug-bounty, hunting | 06-May-2025 |
A list of checklists for bug hunters and penetration testers | https://medium.com/@loyalonlytoday/a-list-of-checklists-for-bug-hunters-and-penetration-testers-d94d711375bd?source=rss------bug_bounty-5 | loyalonlytoday | cybersecurity, checklist, penetration-testing, hacking, bug-bounty | 06-May-2025 |
How I Found Critical Flaws in a Medical SOAP API | https://medium.com/illumination/how-i-found-critical-flaws-in-a-medical-soap-api-382233398015?source=rss------bug_bounty-5 | om kumar | cybersecurity, technology, illumination, bug-bounty, software-engineering | 06-May-2025 |
H@cking Hospital For Mass PII Leak | https://medium.com/meetcyber/h-cking-hospital-for-mass-pii-leak-85c3d89db434?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | information-technology, cybersecurity, bug-bounty-writeup, hacking, bug-bounty | 06-May-2025 |
The Hidden Dangers of Misconfigured Cloud Storage | https://medium.com/meetcyber/the-hidden-dangers-of-misconfigured-cloud-storage-c9debc08f506?source=rss------bug_bounty-5 | Erkan Kavas | cybersecurity, cloud-security, pentest, bug-bounty, cloud-storage | 06-May-2025 |
I Found Bugs in 50+ Paid Bug Bounty Programs | https://medium.com/@mehrabopi33500/i-found-bugs-in-50-paid-bug-bounty-programs-5fcf88dbc761?source=rss------bug_bounty-5 | Mehrabopi | bug-bounty, bug-bounty-writeup, bug-bounty-tips, cybersecurity, bugcrowd | 06-May-2025 |
NFS Service — Port 2049 — How to exploit? | https://medium.com/@verylazytech/nfs-service-port-2049-how-to-exploit-d70875fbaeff?source=rss------bug_bounty-5 | Very Lazy Tech | oscp, nfs-server, exploit, penetration-testing, bug-bounty | 06-May-2025 |
Accidental Hacker: How I Found a Critical Data Leak Bug with Just a Few Clicks | https://zetzer.medium.com/accidental-hacker-how-i-found-a-critical-data-leak-bug-with-just-a-few-clicks-3cabd1f97aee?source=rss------bug_bounty-5 | Zeta | penetration-testing, bug-zero, cybersecurity, bug-bounty-writeup, bug-bounty | 06-May-2025 |
A Must-Have Tool for Bug Hunters: Find Open Redirect Vulnerabilities on Linux | https://infosecwriteups.com/a-must-have-tool-for-bug-hunters-find-open-redirect-vulnerabilities-on-linux-21ad0c7d148e?source=rss------bug_bounty-5 | Elie Attieh | cyber-security-awareness, cybersecurity, bug-bounty, pentesting, ethical-hacking | 06-May-2025 |
IDOR Allows Unauthorized Access to Other Users’ Personal Data | https://brbr0s.medium.com/idor-allows-unauthorized-access-to-other-users-personal-data-8f73486cbab0?source=rss------bug_bounty-5 | brbr0s | idor, bug-bounty-writeup, bug-bounty, bug-bounty-tips | 06-May-2025 |
How I Built a One-Click Vulnerability Report Generator with Python | https://elcazad0r.medium.com/how-i-built-a-one-click-vulnerability-report-generator-with-python-e61d87983d7b?source=rss------bug_bounty-5 | EL_Cazad0r | bug-bounty, penetration-testing-tools, github, cybersecurity, bug-bounty-tips | 06-May-2025 |
FOFA Dorking for Bug Hunters | https://medium.com/legionhunters/fofa-dorking-for-bug-hunters-a35c80bbab6e?source=rss------bug_bounty-5 | AbhirupKonwar | osint, bug-bounty, ethical-hacking, pentesting, bug-bounty-tips | 06-May-2025 |
️♂️ I Reported a Security Flaw, They Silently Patched It… and Ghosted Me. | https://medium.com/@rolextital/%EF%B8%8F-%EF%B8%8F-i-reported-a-security-flaw-they-silently-patched-it-and-ghosted-me-03f0a02a696b?source=rss------bug_bounty-5 | Rolextital | bug-bounty, cybersecurity, vulnerability, ethical-hacking, hacker | 06-May-2025 |
️ How I Earned $150 by Exploiting an XML-RPC SSRF in a WordPress Site | https://medium.com/@sauravkrish59/%EF%B8%8F-how-i-earned-150-by-exploiting-an-xml-rpc-ssrf-in-a-wordpress-site-51037eb58252?source=rss------bug_bounty-5 | @Sauravkrish | hacking, ethical-hacking, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 06-May-2025 |
The Ultimate Guide to API Security Testing — Cheat sheet 2025 — Part2 | https://t4144t.medium.com/the-ultimate-guide-to-api-security-testing-cheat-sheet-2025-part2-a7d8a69710ff?source=rss------bug_bounty-5 | Mohamed Talaat Saada (@t4144t) | bug-bounty-writeup, bug-bounty, bug-bounty-tips, application-security, penetration-testing | 06-May-2025 |
WordPress Security Posture: More Fragile Than You Think | https://medium.com/@reuvenel5/wordpress-security-posture-more-fragile-than-you-think-15497115b435?source=rss------bug_bounty-5 | AZ | wordpress, cybersecurity, bugs, application-security, bug-bounty | 06-May-2025 |
Revisiting the Past, Hacking the Future | https://ghostman01.medium.com/invalid-bug-c3cae222858c?source=rss------bug_bounty-5 | SIDDHANT SHUKLA | bug-bounty, cybersecurity, programming, hacking, technology | 06-May-2025 |
Revisiting the Past, Hacking the Future | https://infosecwriteups.com/invalid-bug-c3cae222858c?source=rss------bug_bounty-5 | SIDDHANT SHUKLA | bug-bounty, cybersecurity, programming, hacking, technology | 06-May-2025 |
Stop Wasting Time: Build a CTI Collection Plan That Actually Works! | https://medium.com/@paritoshblogs/stop-wasting-time-build-a-cti-collection-plan-that-actually-works-6edb5181a383?source=rss------bug_bounty-5 | Paritosh | hacking, cyber-threat-intelligence, bug-bounty, cybersecurity, threat-hunting | 05-May-2025 |
Snapdroid: One-Click Android PoC Capture for Bug Bounty Hunters & Pentesters | https://medium.com/@dr34mb0y/snapdroid-one-click-android-poc-capture-for-bug-bounty-hunters-pentesters-2f7a44bf5582?source=rss------bug_bounty-5 | Sid Joshi | android-pentest, android-pentesting, snapdroid, android, bug-bounty | 05-May-2025 |
Easy Framework based Bugs Series is soon… | https://medium.com/@nyany032/easy-framework-based-bugs-series-is-soon-fb8f29e21be0?source=rss------bug_bounty-5 | Shir0E | pentesting, bug-bounty-tips, cybersecurity, bug-bounty-writeup, bug-bounty | 05-May-2025 |
Google Dorking: How to Uncover Hidden Vulnerabilities in Penetration Testing ️♂️ | https://medium.com/@vivekbhatt2002/google-dorking-how-to-uncover-hidden-vulnerabilities-in-penetration-testing-%EF%B8%8F-%EF%B8%8F-2a3386522e79?source=rss------bug_bounty-5 | YoungerSibling | bug-bounty, ethical-hacking, google-dorking, osint, ethical-hacking-tips | 05-May-2025 |
Clickjacked to the Core: Turning UI into a Trapdoor | https://infosecwriteups.com/clickjacked-to-the-core-turning-ui-into-a-trapdoor-a196dde6997b?source=rss------bug_bounty-5 | Iski | money, infosec, bug-bounty, cybersecurity, hacking | 05-May-2025 |
Bypassing Regex Validations to Achieve RCE: A Wild Bug Story | https://infosecwriteups.com/bypassing-regex-validations-to-achieve-rce-a-wild-bug-story-4c523f69b9f8?source=rss------bug_bounty-5 | Abhijeet Kumawat | infosec, rce, bug-bounty, cybersecurity, hacking | 05-May-2025 |
$750 Bounty: Sensitive Data Exposure | https://infosecwriteups.com/750-bounty-sensitive-data-exposure-c944e626c733?source=rss------bug_bounty-5 | Monika sharma | technology, bug-bounty, hacking, penetration-testing, report | 05-May-2025 |
Cross-Site Request Forgery (CSRF) Made Easy: A Beginner’s Perspective | https://medium.com/@natarajanck2/cross-site-request-forgery-csrf-made-easy-a-beginners-perspective-037b4ba6d62a?source=rss------bug_bounty-5 | Natarajan C K | bug-bounty, hacking, exploitation, it-security, csrf-attack | 05-May-2025 |
une XSS simple sur la page de login CVE-2024–48410 | https://medium.com/@Itachi0xf/une-xss-simple-sur-la-page-de-login-cve-2024-48410-65435f4a0f84?source=rss------bug_bounty-5 | Itachix0f | cve, xss-attack, bug-bounty | 05-May-2025 |
Subdomain Takeover: My $450 Win & How You Can Do It Too | https://ehteshamulhaq198.medium.com/subdomain-takeover-my-450-win-how-you-can-do-it-too-3337ca0513b6?source=rss------bug_bounty-5 | Ehtesham Ul Haq | writeup, subdomain, penetration-testing, bug-bounty, bug-bounty-tips | 05-May-2025 |
I found Open Redirect on US Government website | https://medium.com/@0xpedrop/i-found-open-redirect-on-us-government-website-60a2d1d1e049?source=rss------bug_bounty-5 | 0xPedrop | bug-bounty-writeup, bug-bounty | 05-May-2025 |
The Unseen Battle: Why Modern Cybersecurity Demands Proactive Defense and Zero Trust | https://medium.com/@hemran314/the-unseen-battle-why-modern-cybersecurity-demands-proactive-defense-and-zero-trust-0f63ec875784?source=rss------bug_bounty-5 | e0xsecops | artificial-intelligence, cybersecurity, blockchain, bug-bounty, information-technology | 05-May-2025 |
Bug Bounty : Se confronter au réel, apprendre à encaisser ️♂️ | https://medium.com/@rcottignies/bug-bounty-se-confronter-au-r%C3%A9el-apprendre-%C3%A0-encaisser-%EF%B8%8F-%EF%B8%8F-87376b539175?source=rss------bug_bounty-5 | Rebecca Cottignies | pentest, security, bug-bounty, cybersecurity | 05-May-2025 |
Compaq HP Insight Manager — Port 2301, 2381 — How to exploit | https://medium.com/@verylazytech/compaq-hp-insight-manager-port-2301-2381-how-to-exploit-337f1175d2f8?source=rss------bug_bounty-5 | Very Lazy Tech | ethical-hacking, bug-bounty, oscp, hp, exploit | 05-May-2025 |
Here we go , 2 bugs in the same program | https://medium.com/@0xjoex/here-we-go-2-bugs-in-same-program-0cb99b42a1f4?source=rss------bug_bounty-5 | Youssef Hany | writeup, broken-access-control, bug-bounty, ssti, security | 05-May-2025 |
$500 Bounty for Reflected XSS on HackerOne | https://osintteam.blog/500-bounty-for-reflected-xss-on-hackerone-29c13793bc91?source=rss------bug_bounty-5 | Monika sharma | bug-bounty, report, penetration-testing, cybersecurity, technology | 05-May-2025 |
Hacker’s Recon Guide: Tools & Tricks to Map Any Target | https://osintteam.blog/hackers-recon-guide-tools-tricks-to-map-any-target-f1e97d7bfdb6?source=rss------bug_bounty-5 | Vipul Sonule | technology, hacking, cybersecurity, osint, bug-bounty | 05-May-2025 |
The Ultimate Guide to API Security Testing — Cheat sheet 2025 Edition | https://t4144t.medium.com/the-ultimate-guide-to-api-security-testing-cheat-sheet-2025-edition-b64fd3d158dd?source=rss------bug_bounty-5 | Mohamed Talaat Saada (@t4144t) | penetration-testing, bug-bounty-writeup, bug-bounty-tips, owasp-top-10, bug-bounty | 05-May-2025 |
How I Found an Host Header Injection Vulnerability Easily In (Mars)$ | https://zuksh.medium.com/how-i-found-an-host-header-injection-vulnerability-easily-in-mars-2a56a1c942c3?source=rss------bug_bounty-5 | Zuksh | penetration-testing, infosec, bug-bounty, cybersecurity, host-header-injection | 04-May-2025 |
Mastering Boundary Value Analysis: Guide to Uncovering Hidden Bugs | https://medium.com/@sajith-dilshan/mastering-boundary-value-analysis-guide-to-uncovering-hidden-bugs-4eb58b43899b?source=rss------bug_bounty-5 | sajith dilshan | software-testing, boundary-value-analysis, qa, qa-testing, bug-bounty | 04-May-2025 |
$505 Bounty: Denial of Service Vulnerability | https://osintteam.blog/505-bounty-denial-of-service-vulnerability-bd6daef5fe8a?source=rss------bug_bounty-5 | Monika sharma | report, hacking, technology, bug-bounty, cybersecurity | 04-May-2025 |
Using VirusTotal Graphs and Retro Hunt for IOC Discovery | https://medium.com/@paritoshblogs/using-virustotal-graphs-and-retro-hunt-for-ioc-discovery-d1c4b4e209b4?source=rss------bug_bounty-5 | Paritosh | cybersecurity, information-technology, hacking, security, bug-bounty | 04-May-2025 |
Bypassing 2FA in a Public Bug Bounty Program: A $6000 Journey | https://mokhansec.medium.com/bypassing-2fa-in-a-public-bug-bounty-program-a-6000-journey-bae8a5418461?source=rss------bug_bounty-5 | Mohsin khan | bug-bounty-tips, cybersecurity, bugs, bug-bounty, bug-bounty-writeup | 04-May-2025 |
Mastering Event Handlers in JavaScript and HTML: The Complete Guide with Examples | https://medium.com/@zoningxtr/mastering-event-handlers-in-javascript-and-html-the-complete-guide-with-examples-60ef2c4d025b?source=rss------bug_bounty-5 | Zoningxtr | html, javascript, penetration-testing, bug-bounty, coding | 04-May-2025 |
WordPress User Enumeration via author-sitemap.xml on Payapps.com | https://medium.com/@regan_temudo/wordpress-user-enumeration-via-author-sitemap-xml-on-payapps-com-5ffad0ca1cc2?source=rss------bug_bounty-5 | Regan Temudo | wordpress-security, cybersecurity, information-security, bug-bounty, ethical-hacking | 04-May-2025 |
$800 Bounty: Account Takeover in Shopify | https://infosecwriteups.com/800-bounty-account-takeover-in-shopify-f4394ee37975?source=rss------bug_bounty-5 | Monika sharma | bug-bounty, technology, penetration-testing, report, cybersecurity | 04-May-2025 |
$3750 Bounty: Account Creation with Invalid Email Addresses | https://infosecwriteups.com/3750-bounty-account-creation-with-invalid-email-addresses-aca169eddcc7?source=rss------bug_bounty-5 | Monika sharma | technology, bug-bounty, hacking, cybersecurity, report | 04-May-2025 |
Modest Payouts, Major Payoff: 4 IDORs That Netted $12K | https://infosecwriteups.com/modest-payouts-major-payoff-4-idors-that-netted-12k-64f4ab6754c0?source=rss------bug_bounty-5 | Ashutosh Dutta | bug-bounty, cybersecurity, bugcrowd, hackerone, infosec | 04-May-2025 |
Subdomain Surfing to Server Secrets — How I Took Over a Forgotten Subdomain | https://infosecwriteups.com/subdomain-surfing-to-server-secrets-how-i-took-over-a-forgotten-subdomain-4e9b1147f880?source=rss------bug_bounty-5 | Iski | hacking, servers, cybersecurity, bug-bounty, money | 04-May-2025 |
The Ultimate Guide to Email Input Field Vulnerability Testing | https://infosecwriteups.com/the-ultimate-guide-to-email-input-field-vulnerability-testing-18f96fc42251?source=rss------bug_bounty-5 | coffinxp | technology, bug-bounty-tips, penetration-testing, hacking, bug-bounty | 04-May-2025 |
Mastering Bug Bounties with Burp Suite: A Comprehensive Guide to Web Security | https://medium.com/@benjaminmillerdev/mastering-bug-bounties-with-burp-suite-a-comprehensive-guide-to-web-security-bb63a03e6511?source=rss------bug_bounty-5 | Benjaminmillerdev | hacking-for-defense, hacking, bugbounty-writeup, bug-bounty | 04-May-2025 |
Mastering Nikto: Advanced Bug Bounty Hunting Techniques” by Benjamin Miller. | https://medium.com/@benjaminmillerdev/mastering-nikto-advanced-bug-bounty-hunting-techniques-by-benjamin-miller-62d2bc441e6a?source=rss------bug_bounty-5 | Benjaminmillerdev | nikto, bug-bounty, hacker | 04-May-2025 |
Beautiful open redirect on Google.com | https://biswajeetray7.medium.com/beautiful-open-redirect-on-google-com-752c98a80b7d?source=rss------bug_bounty-5 | Biswajeet Ray | bug-bounty, open-redirect, vulnerability, bounty-hunter, bugbounty-writeup | 04-May-2025 |
MQTT (Message Queuing Telemetry Transport) — Port 1883 — How to exploit? | https://medium.com/@verylazytech/mqtt-message-queuing-telemetry-transport-port-1883-how-to-exploit-3ee2f6510bf4?source=rss------bug_bounty-5 | Very Lazy Tech | oscp, exploit, ethical-hacking, bug-bounty, mqtt | 04-May-2025 |
CLOUD OSINT | https://medium.com/@rr-1k/cloud-osint-0e259c256008?source=rss------bug_bounty-5 | rr-1k | bug-bounty, infosec, osint, osint-tool, tools | 04-May-2025 |
How I Found My Favorite Bug in a Top Bug Bounty Program | https://medium.com/@mahdisalhi0500/how-i-found-my-favorite-bug-in-a-top-bug-bounty-program-bbeb36e898f8?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | infosec, hacking, cybersecurity, information-technology, bug-bounty | 04-May-2025 |
Understanding Server Side Template Injection (SSTI) | https://medium.com/@natarajanck2/understanding-server-side-template-injection-ssti-1cb0465dd46d?source=rss------bug_bounty-5 | Natarajan C K | security, bugs, ssti-exploitation, it-security, bug-bounty | 04-May-2025 |
Best Bug Bounty Programs to Kickstart Your Bug Bounty Journey | https://ismailtasdelen.medium.com/best-bug-bounty-programs-to-kickstart-your-bug-bounty-journey-4673d1192389?source=rss------bug_bounty-5 | Ismail Tasdelen | bug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-program, bug-bounty-tips | 04-May-2025 |
SQLi in .gov.in Exposed Millions of Aadhaar, Bank Data and Personal Data | https://medium.com/@pkhuyar/sqli-in-gov-in-exposed-millions-of-aadhaar-bank-data-and-personal-data-0bde62a649aa?source=rss------bug_bounty-5 | Prashant kamkar | bug-bounty-writeup, bug-bounty, cybersecurity, cyber-security-awareness, information-security | 04-May-2025 |
$750 Bounty: Two-factor Authentication | https://osintteam.blog/750-bounty-two-factor-authentication-5241a45e7fc1?source=rss------bug_bounty-5 | Monika sharma | hacking, technology, report, cybersecurity, bug-bounty | 03-May-2025 |
IDOR Attacks Made Simple: How Hackers Access Unauthorized Data | https://infosecwriteups.com/idor-attacks-made-simple-how-hackers-access-unauthorized-data-ca1158d18190?source=rss------bug_bounty-5 | Vipul Sonule | bug-bounty, hacking, technology, cybersecurity, programming | 03-May-2025 |
$4,323 Bounty Alert | https://infosecwriteups.com/4-323-bounty-alert-4af6e66bb8c1?source=rss------bug_bounty-5 | Monika sharma | hacking, bug-bounty, cybersecurity, report, technology | 03-May-2025 |
Breaking in Unpardoned. | https://medium.com/h7w/breaking-in-unpardoned-02f64d4f412e?source=rss------bug_bounty-5 | NnFace | cybersecurity, hacking, bug-bounty, metasploit, ethical-hacking | 03-May-2025 |
Bugged by Backup Files: How .zip and .bak Gave Me the Source Code | https://infosecwriteups.com/bugged-by-backup-files-how-zip-and-bak-gave-me-the-source-code-872a376b0b2b?source=rss------bug_bounty-5 | Iski | infosec, cybersecurity, bug-bounty, hacking, money | 03-May-2025 |
How I Found Internal Dashboards Using Google Dorks + OSINT | https://infosecwriteups.com/how-i-found-internal-dashboards-using-google-dorks-osint-5f2c9515fcd6?source=rss------bug_bounty-5 | Abhijeet Kumawat | cybersecurity, google-dork, ai, bug-bounty, osint | 03-May-2025 |
Information Disclosure Vulnerability Writeup HackerOne | https://medium.com/meetcyber/information-disclosure-vulnerability-writeup-hackerone-be7fbe7e7893?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty-tips, hackerone, pentesting, bug-bounty, bug-bounty-writeup | 03-May-2025 |
PPTP- Point-to-Point Tunneling Protocol — Port 1723 — How to exploit? | https://medium.com/@verylazytech/pptp-point-to-point-tunneling-protocol-port-1723-how-to-exploit-8d36438849c5?source=rss------bug_bounty-5 | Very Lazy Tech | ethical-hacking, oscp, bug-bounty, exploit, pptp | 03-May-2025 |
From Curiosity to Duplicated: How I Found a Critical Account Takeover Bug | https://medium.com/@Hamzawy-1/from-curiosity-to-duplicated-how-i-found-a-critical-account-takeover-bug-8e43bd035ab0?source=rss------bug_bounty-5 | Hamza Ahmed Youssef | writeup, bug-bounty | 03-May-2025 |
Finding more subdomains(part 4) | https://medium.com/@loyalonlytoday/finding-more-subdomains-part-4-a9bdde09f052?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, hacking, bug-bounty-tips, penetration-testing, cybersecurity | 02-May-2025 |
Missed Horizontal Privilege Escalation in a Bug Bounty Program! | https://spider7.medium.com/missed-horizontal-privilege-escalation-in-a-bug-bounty-program-d7134b2ffa01?source=rss------bug_bounty-5 | Zeta | bug-bounty-writeup, bug-bounty, bug-hunting, bug-bounty-tips, hackerone | 02-May-2025 |
$300 Bounty: SSRF to Cloud Metadata | https://infosecwriteups.com/300-bounty-ssrf-to-cloud-metadata-4c6a7dda9818?source=rss------bug_bounty-5 | Monika sharma | hacking, cybersecurity, technology, report, bug-bounty | 02-May-2025 |
️♂️ Subdomain Enumeration Automation for Bug Bounty: Save Time, Hack Smart! | https://medium.com/@shadyfarouk1986/%EF%B8%8F-%EF%B8%8F-subdomain-enumeration-automation-for-bug-bounty-save-time-hack-smart-dd5d97eba1dc?source=rss------bug_bounty-5 | Shady Farouk | bug-bounty, hacker, bounty-program, hacker-news, hackerone | 02-May-2025 |
$400 Bounty: OAuth Token Theft in One Click | https://osintteam.blog/400-bounty-oauth-token-theft-in-one-click-4eb29b16d6dc?source=rss------bug_bounty-5 | Monika sharma | technology, hacking, cybersecurity, bug-bounty, report | 02-May-2025 |
From File Upload to Credential Theft: My $1,000 Bounty Journey with Stored XSS | https://osintteam.blog/from-file-upload-to-credential-theft-my-1-000-bounty-journey-with-stored-xss-76d70ac53817?source=rss------bug_bounty-5 | Krish_cyber | xss-attack, infosec-write-ups, ethical-hacking, osint, bug-bounty | 02-May-2025 |
The Ultimate Guide to 403 Forbidden Bypass (2025 Edition) | https://osintteam.blog/the-ultimate-guide-to-403-forbidden-bypass-2025-edition-1b2e852e503e?source=rss------bug_bounty-5 | coffinxp | programming, bug-bounty, technology, bug-bounty-tips, hacking | 02-May-2025 |
Web Security & Bug Bounty: Learn Penetration Testing — Chapter 1 | https://medium.com/@rikisg2/web-security-bug-bounty-learn-penetration-testing-chapter-1-51af5f98bc59?source=rss------bug_bounty-5 | Riki SatyaGraha | bug-bounty, cybersecurity, web-security, ethical-hacking, penetration-testing | 02-May-2025 |
Persistence via Registry — How Attackers Abuse the Windows Registry | https://medium.com/@paritoshblogs/persistence-via-registry-how-attackers-abuse-the-windows-registry-186be2587c20?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-technology, cybersecurity, information-security, hacking | 02-May-2025 |
Payloads in Plain Sight: How Open Redirect + JavaScript Led to Full Account Takeover | https://infosecwriteups.com/payloads-in-plain-sight-how-open-redirect-javascript-led-to-full-account-takeover-a7ae1c359679?source=rss------bug_bounty-5 | Iski | cybersecurity, hacking, money, infosec, bug-bounty | 02-May-2025 |
My First Paid Bug Bounty: A Hidden Gallery & A Lesson in Misconfiguration 🙂 | https://medium.com/@gnaitikg/my-first-paid-bug-bounty-a-hidden-gallery-a-lesson-in-misconfiguration-3efefe71c8cf?source=rss------bug_bounty-5 | Naitik Gupta | ethical-hacking, bug-bounty, cybersecurity, naitikgupta | 02-May-2025 |
Privilege Escalation to Super Admin via Mass Assessment in a Multi-Tenant Laravel App | https://medium.com/@rahulms_71093/privilege-escalation-to-super-admin-via-mass-assessment-in-a-multi-tenant-laravel-app-526d1309de73?source=rss------bug_bounty-5 | Rahul M S | cybersecurity, bug-bounty, penetration-testing, access-control | 02-May-2025 |
The Ultimate Web Application Hacking Checklist (2025 Edition) | https://medium.com/@ZishanAdThandar/the-ultimate-web-application-hacking-checklist-2025-edition-eea1a0a23977?source=rss------bug_bounty-5 | ZishanAdThandar | ethical-hacking, web-application-security, bug-bounty, penetration-testing, cybersecurity | 02-May-2025 |
Breaking OTPs in the Real World: How Design Flaws Led to Full Account Takeover | https://medium.com/@Arioex/breaking-otps-in-the-real-world-how-design-flaws-led-to-full-account-takeover-46a09f95eaba?source=rss------bug_bounty-5 | Huntsman | bug-bounty, bug-bounty-writeup, hackerone, hacking, bug-bounty-tips | 02-May-2025 |
How I Built the Ultimate Web Hacking Checklist — And Why It’s Helping Bug Bounty Hunters Win More | https://medium.com/@ZishanAdThandar/how-i-built-the-ultimate-web-hacking-checklist-and-why-its-helping-bug-bounty-hunters-win-more-d6ef0cb8dc4b?source=rss------bug_bounty-5 | ZishanAdThandar | bug-bounty, bug-bounty-tips, red-team, cybersecurity, web-app-pentesting | 02-May-2025 |
Insecure Direct Object Reference (IDOR) in a Government Portal | https://medium.com/@dharaniswaran.cs22/insecure-direct-object-reference-idor-in-a-government-portal-c83c0c638577?source=rss------bug_bounty-5 | Dharanis | web-pen-testing, bug-bounty, burpsuite, idor, government | 02-May-2025 |
$1000 Bounty: Account Takeover via Host Header Injection in Password Reset Flow | https://ehteshamulhaq198.medium.com/1000-bounty-account-takeover-via-host-header-injection-in-password-reset-flow-dc0cdb2d972b?source=rss------bug_bounty-5 | Ehtesham Ul Haq | penetration-testing, bug-bounty, infosec, injection, bug-bounty-tips | 02-May-2025 |
Exploiting File Inclusion: From Dot-Dot-Slash to RCE using PHP Sessions, Log Poisoning, and… | https://infosecwriteups.com/exploiting-file-inclusion-from-dot-dot-slash-to-rce-using-php-sessions-log-poisoning-and-4db1bdf8ad77?source=rss------bug_bounty-5 | Bash Overflow | bug-bounty-tips, lfi-to-rce, local-file-inclusion, bypass-lfi-filters, bug-bounty | 02-May-2025 |
Important tool for Pentesters & Bug hunters | https://medium.com/@loyalonlytoday/important-tool-for-pentesters-bug-hunters-ea33ab1269b6?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, bug-bounty-tips, ethical-hacking, penetration-testing, cybersecurity | 01-May-2025 |
$1000 Bounty: XSS in Phabricator’s Editor | https://osintteam.blog/1000-bounty-xss-in-phabricators-editor-97fa74b24633?source=rss------bug_bounty-5 | Monika sharma | hacking, technology, bug-bounty, report, penetration-testing | 01-May-2025 |
Session Reuse After Logout: Vulnerability Report on Improper Session Invalidation | https://medium.com/@FufuFaf1/session-reuse-after-logout-vulnerability-report-on-improper-session-invalidation-3e6a8d3d1707?source=rss------bug_bounty-5 | FufuFafa | bug-bounty, cybersecurity, bugbounty-tips | 01-May-2025 |
SSRF PAYLOADS [ HARVEST CRITICAL FILES AND CREDENTIAL | https://medium.com/@rr-1k/ssrf-payloads-harvest-critical-files-and-credential-261e5b2beda4?source=rss------bug_bounty-5 | rr-1k | infosec, bug-bounty-writeup, bug-bounty, bug-bounty-tips, ssrf | 01-May-2025 |
Techniques Implemented last month as a Bug Hunter | https://cybersecuritywriteups.com/techniques-implemented-last-month-as-a-bug-hunter-f0e6af9cb12e?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty-writeup, bug-bounty-tips, vulnerability-management, bug-bounty, pentesting | 01-May-2025 |
Bypassing Email Verification to Hijack Any Account — No User Interaction Needed | https://medium.com/@Tanvir0x1/bypassing-email-verification-to-hijack-any-account-no-user-interaction-needed-58539b18f36a?source=rss------bug_bounty-5 | Tanvir Ahmed | bug-bounty, ethical-hacking, bounty-program, cybersecurity | 01-May-2025 |
Crack Windows Password [Ethical Hacking Article] | https://infosecwriteups.com/crack-windows-password-ethical-hacking-article-cb3f0593fe58?source=rss------bug_bounty-5 | Mr Horbio | penetration-testing, bug-bounty, cybersecurity, hacking, ethical-hacking | 01-May-2025 |
Lab: Finding and exploiting an unused API endpoint | https://infosecwriteups.com/lab-finding-and-exploiting-an-unused-api-endpoint-79fa6744f21e?source=rss------bug_bounty-5 | Mukilan Baskaran | bug-bounty, api, cybersecurity, security, ethical-hacking | 01-May-2025 |
$500 Bounty: Hijacking HackerOne via window.opener | https://infosecwriteups.com/500-bounty-hijacking-hackerone-via-window-opener-e16700108e12?source=rss------bug_bounty-5 | Monika sharma | bug-bounty, technology, penetration-testing, hacking, report | 01-May-2025 |
How I bypassed an IP block… without changing my IP? | https://infosecwriteups.com/how-i-bypassed-an-ip-block-without-changing-my-ip-e8082a43957b?source=rss------bug_bounty-5 | phoenixcatalan | hacking, ethical-hacking, pentesting, portswigger, bug-bounty | 01-May-2025 |
From JS File to Jackpot: How I Found API Keys and Secrets Hidden in Production Code | https://infosecwriteups.com/from-js-file-to-jackpot-how-i-found-api-keys-and-secrets-hidden-in-production-code-87af8750b751?source=rss------bug_bounty-5 | Iski | bug-bounty, cybersecurity, hacking, infosec, money | 01-May-2025 |
The Secrets Behind Subdomain Takeovers Nobody Shares | https://infosecwriteups.com/the-secrets-behind-subdomain-takeovers-nobody-shares-ba6b5d7bf258?source=rss------bug_bounty-5 | Abhijeet Kumawat | hacking, cybersecurity, secrets, bug-bounty, subdomain | 01-May-2025 |
Shodan: The Search Engine That Exposes Hidden Cameras, Open Doors, and Everything Left Unsecured on… | https://osintteam.blog/shodan-the-search-engine-that-exposes-hidden-cameras-open-doors-and-everything-left-unsecured-on-b76dcc3041ac?source=rss------bug_bounty-5 | Gokuleswaran B | bug-bounty-writeup, pentesting, shodan, bug-bounty, bug-bounty-tips | 01-May-2025 |
$1000+ Passive Recon Strategy You’re Not Using (Yet) | https://it4chis3c.medium.com/1000-passive-recon-strategy-youre-not-using-yet-164f5b1e6231?source=rss------bug_bounty-5 | It4chis3c | hacking, subdomains-enumeration, subdomain, earnings, bug-bounty | 01-May-2025 |
How I Used Cloudflare’s Health Checks to Bypass Their WAF Rules | https://medium.com/@melege/how-i-used-cloudflares-health-checks-to-bypass-their-waf-rules-75a8a55adcc6?source=rss------bug_bounty-5 | Ahmed AbdElmaqsoud | responsible-disclosure, security-research, cloudflare, bug-bounty, cybersecurity | 01-May-2025 |
Pentesting Oracle TNS Listeners on Default Ports 1521–1529: Techniques, Tools & Remediation | https://medium.com/@verylazytech/pentesting-oracle-tns-listeners-on-default-ports-1521-1529-techniques-tools-remediation-1a11b1413b0d?source=rss------bug_bounty-5 | Very Lazy Tech | ethical-hacking, bug-bounty, tns, oscp, penetration-testing | 01-May-2025 |
API Hacking on Mercedes-Benz | https://infosecwriteups.com/mercedes-benz-hacking-f36605954d5f?source=rss------bug_bounty-5 | SIDDHANT SHUKLA | bug-bounty, infosec, cybersecurity, programming, hacking | 01-May-2025 |
$1000+ Passive Recon Strategy You’re Not Using (Yet) | https://infosecwriteups.com/1000-passive-recon-strategy-youre-not-using-yet-164f5b1e6231?source=rss------bug_bounty-5 | It4chis3c | hacking, subdomains-enumeration, subdomain, earnings, bug-bounty | 01-May-2025 |
How to hunt for (P1, P2) Blind XSS | https://the7th.medium.com/how-to-hunt-for-p1-p2-blind-xss-87e027acd85b?source=rss------bug_bounty-5 | Mostafa Alrefai | pentesting, web-security, xss-attack, hacking, bug-bounty | 01-May-2025 |
Mastering Runtime Hooking with Frida — Real-World Challenges Explained (Part 2) | https://medium.com/@ch3tanbug/mastering-runtime-hooking-with-frida-real-world-challenges-explained-part-2-2520d7b1e10c?source=rss------bug_bounty-5 | CH3TAN | reverse-engineering, android-pentesting, hackerone, frida, bug-bounty | 01-May-2025 |
Review of Security Research Articles: April 2025 | https://medium.com/meetcyber/review-of-security-research-articles-april-2025-976925d6d181?source=rss------bug_bounty-5 | Lukasz Wierzbicki | automation, bug-bounty, pentesting, productivity, review | 01-May-2025 |
How I Found a $5K Bug in JavaScript — A Bug Bounty Story | https://krishna-cyber.medium.com/how-i-found-a-5k-bug-in-javascript-a-bug-bounty-story-dba44140efab?source=rss------bug_bounty-5 | Krish_cyber | bug-bounty, ethical-hacking, javascript, osint, infosec-write-ups | 01-May-2025 |
JSRecon 101: Unearthing Hidden Secrets in JavaScript Files for Bug Bounty Success ️♂️ | https://krishna-cyber.medium.com/jsrecon-101-unearthing-hidden-secrets-in-javascript-files-for-bug-bounty-success-%EF%B8%8F-%EF%B8%8F-0ee75778da59?source=rss------bug_bounty-5 | Krish_cyber | ethical-hacking, info-sec-writeups, java, osint, bug-bounty | 01-May-2025 |
Need guidance in bug bounty | https://medium.com/@shahin3541/need-guidance-in-bug-bounty-a5171d591dec?source=rss------bug_bounty-5 | Shahin | bug-bounty-hunter, bug-bounty-tips, bug-hunting, bug-bounty, bug-bounty-program | 01-May-2025 |
Find secrets in JS files(bug bounty) | https://medium.com/@loyalonlytoday/find-secrets-in-js-files-bug-bounty-587e29025682?source=rss------bug_bounty-5 | loyalonlytoday | cybersecurity, penetration-testing, bug-bounty-tips, hacking, bug-bounty | 30-Apr-2025 |
Port Scanning Speed Test: RustScan vs Naabu | https://medium.com/fmisec/rustscan-vs-naabu-9d7cfbd18424?source=rss------bug_bounty-5 | Patar Isac Pardomuan | network-security, cybersecurity, penetration-testing, red-team, bug-bounty | 30-Apr-2025 |
One OTP to Rule Them All: How I Replayed a Single Response and Logged in Forever on target.com | https://medium.com/@choudharinayan05/one-otp-to-rule-them-all-how-i-replayed-a-single-response-and-logged-in-forever-on-target-com-f58e58261607?source=rss------bug_bounty-5 | Nayan Choudhary | cybersecurity, bug-bounty, bug-bounty-tips, ethical-hacking, bug-bounty-writeup | 30-Apr-2025 |
How I Found Bugs on Adobe | https://infosecwriteups.com/how-i-found-bugs-on-adobe-16cedb79e830?source=rss------bug_bounty-5 | RivuDon | ethical-hacking, bug-bounty-tips, bug-bounty, infosec, bug-bounty-writeup | 30-Apr-2025 |
How to Detect Credential Dumping Tools like Mimikatz & LaZagne on Endpoints | https://medium.com/@paritoshblogs/how-to-detect-credential-dumping-tools-like-mimikatz-lazagne-on-endpoints-c914ec745e40?source=rss------bug_bounty-5 | Paritosh | mimikatz, bug-bounty, cybersecurity, hacking, information-technology | 30-Apr-2025 |
$500 Bug Bounty:Open Redirection via OAuth on Shopify | https://infosecwriteups.com/500-bug-bounty-open-redirection-via-oauth-on-shopify-4159387482f9?source=rss------bug_bounty-5 | Monika sharma | technology, hacking, bug-bounty, penetration-testing, cybersecurity | 30-Apr-2025 |
Starting out Bug Bounty as a Beginner | https://medium.com/@bharathi200412/starting-out-bug-bounty-as-a-beginner-12df44ccedcb?source=rss------bug_bounty-5 | hackerhaishayad | bug-bounty, burpsuite, tools | 30-Apr-2025 |
Understanding Supply Chain Attacks | https://medium.com/meetcyber/understanding-supply-chain-attacks-19f97e8116cb?source=rss------bug_bounty-5 | Erkan Kavas | bug-bounty, cybersecurity, attack-surface, mitre-attack, mitre-attack-framework | 30-Apr-2025 |
DOM-inated! How a Tiny JS Sink Turned Into Critical XSS | https://medium.com/@iski/dom-inated-how-a-tiny-js-sink-turned-into-critical-xss-a9a1dbe97df2?source=rss------bug_bounty-5 | Iski | infosec, cybersecurity, hacking, bug-bounty, money | 30-Apr-2025 |
Caught an IDOR Vulnerability on a Private Program — Earned a Bounty | https://cybersecuritywriteups.com/caught-an-idor-vulnerability-on-a-private-program-earned-a-bounty-a99d3ac6602b?source=rss------bug_bounty-5 | Whitehat | cybersecurity, bug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips | 30-Apr-2025 |
LLM-powered Agent for Automated Google Dorking | https://medium.com/@yee-yore/llm-powered-agent-for-automated-google-dorking-dcb14d609dc2?source=rss------bug_bounty-5 | yee-yore | agentic-ai, bug-bounty, google, osint, large-language-models | 30-Apr-2025 |
Join WING CODE: The Free Telegram Hub for Cybersecurity Learners | https://medium.com/@wingcode/join-wing-code-the-free-telegram-hub-for-cybersecurity-learners-6e8638f29bd1?source=rss------bug_bounty-5 | Wing Code | bug-bounty, cyber-security-training, learn-cybersecurity, soc, cyber | 30-Apr-2025 |
Cybersecurity eBook Collection for Aspiring Hackers and Analysts — Curated by @VeryLazyTech | https://medium.com/@verylazytech/cybersecurity-ebook-collection-for-aspiring-hackers-and-analysts-curated-by-verylazytech-87dee170b9fb?source=rss------bug_bounty-5 | Very Lazy Tech | exploitation, bug-bounty, hacker, ethical-hacking, penetration-testing | 30-Apr-2025 |
Mastering RCE: How I Exploit Remote Code Execution Bugs Like a Pro | https://infosecwriteups.com/mastering-rce-how-i-exploit-remote-code-execution-bugs-like-a-pro-ddcc816552bf?source=rss------bug_bounty-5 | Abhijeet Kumawat | cybersecurity, rce, infosec, hacking, bug-bounty | 30-Apr-2025 |
CORS InspectorCORS Inspector | https://medium.com/@lukas.simunovic/cors-inspectorcors-inspector-b536fd5449c4?source=rss------bug_bounty-5 | Lukas Simunovic | bug-bounty-tips, hacking, bug-bounty, vulnerability, cybersecurity | 30-Apr-2025 |
Understanding User Input Security: Bypasses, Techniques, and Real Examples | https://medium.com/@mr45atwork.247/understanding-user-input-security-bypasses-techniques-and-real-examples-dade12f36653?source=rss------bug_bounty-5 | Mr. Lucifer | cybersecurity, ethical-hacking, xss-vulnerability, bug-bounty, penetration-testing | 30-Apr-2025 |
Key Security Components in Android & Security Metrics: The Foundation of App Security | https://justdvnsh.medium.com/key-security-components-in-android-security-metrics-the-foundation-of-app-security-e82eb5ce77de?source=rss------bug_bounty-5 | Divyansh Dwivedi | bug-bounty, android, hacking, research-and-development, security | 30-Apr-2025 |
From Internal IP Discovery to Full Database Dump | https://medium.com/@dotHatab/from-internal-ip-discovery-to-full-database-dump-96fbd85dbc7a?source=rss------bug_bounty-5 | dotHatab | data-breach, information-disclosure, web-application-security, haveibeenpwned, bug-bounty | 30-Apr-2025 |
When Does URL Encoding Happen? | https://medium.com/@zoningxtr/when-does-url-encoding-happen-a5ff6e88c59f?source=rss------bug_bounty-5 | Zoningxtr | python-programming, bug-bounty, web-development, javascript, html | 30-Apr-2025 |
Complete Guide: URL Encoding Trigger Cases with Detailed Explanations and Examples | https://medium.com/@zoningxtr/complete-guide-url-encoding-trigger-cases-with-detailed-explanations-and-examples-0fe80eb6be90?source=rss------bug_bounty-5 | Zoningxtr | html, javascript, web-development, bug-bounty, django | 30-Apr-2025 |
April Make Me Happy (Bug Bounty Hunting) | https://0xshuvo.medium.com/april-make-me-happy-bug-bounty-hunting-2af3fcf15746?source=rss------bug_bounty-5 | Shuvo Kumar Saha | recon, infosec, bugbounty-tips, bug-bounty, dorking | 30-Apr-2025 |
Vulnerabilities You Can Find in a Payment Gateway | https://medium.com/@sherlock297/vulnerabilities-you-can-find-in-a-payment-gateway-338b944b0f61?source=rss------bug_bounty-5 | Ravindra Dagale | payments, information-technology, bug-bounty, cybersecurity, vulnerability | 30-Apr-2025 |
From Out-of-Scope to Critical: How I Earned 2500$ by Breaking the Rules | https://medium.com/@arrasgotcha/from-out-of-scope-to-critical-how-i-earned-2500-by-breaking-the-rules-e8165ec5ef37?source=rss------bug_bounty-5 | Gotcha1G | bug-bounty, cybersecurity, development, hacking, programming | 30-Apr-2025 |
IDOR : Ketika URL Bisa Jadi Kunci untuk Bobol Data Orang lain | https://medium.com/@zakyputra628/idor-ketika-url-bisa-jadi-kunci-untuk-bobol-data-orang-lain-7b68073f56d0?source=rss------bug_bounty-5 | Zaky Putra Pratama | cybersecurity, bug-bounty, hacking, indonesia, web-security | 30-Apr-2025 |
How I Found My First Bug: IDOR Vulnerability & Got a $$$ Bounty! | https://medium.com/@zephyrus18/how-i-found-my-first-bug-idor-vulnerability-got-a-500-bounty-d11b983e1460?source=rss------bug_bounty-5 | Zephyrus | cybercrime, bug-bounty, cybersecurity, bugs, cyber-security-awareness | 30-Apr-2025 |
From Internal IP Discovery to Full Database Dump | https://medium.com/@drhatab/from-internal-ip-discovery-to-full-database-dump-6fbbac0ff822?source=rss------bug_bounty-5 | Mustafa Hatab | web-app-pentesting, web-app-security, pentesting, bug-bounty, sensitive-data | 30-Apr-2025 |
Hacking Workspace for Fun & Profit: Part II | https://0xh7ml.medium.com/hacking-workspace-for-fun-profit-part-ii-de9cd3cc9755?source=rss------bug_bounty-5 | Md Saikat | broken-access-control, info-sec-writeups, idor, bug-bounty-writeup, bug-bounty | 30-Apr-2025 |
How I Earned $1700 from Stripe Bug Bounties | https://medium.com/@Rinkesh_Patidar/how-i-earned-1700-from-stripe-bug-bounties-28173e8b0a56?source=rss------bug_bounty-5 | Rinkesh Patidar | report, stripe, hackerone-report, bug-bounty, bugs | 30-Apr-2025 |
MCP Prompt Injection: The AI Hack That Cuts Both Ways ️ | https://ismailtasdelen.medium.com/mcp-prompt-injection-the-ai-hack-that-cuts-both-ways-%EF%B8%8F-f340de123451?source=rss------bug_bounty-5 | Ismail Tasdelen | artificial-intelligence, appsec, application-security, bug-bounty, email-security | 30-Apr-2025 |
How I Simply Bypassed a 400 Bad Request and Escalated My Access from Member to Owner | https://abumaryamrahmat.medium.com/%D8%A8%D8%B3%D9%85-%D8%A7%D9%84%D9%84%D9%87-%D8%A7%D9%84%D8%B1%D8%AD%D9%85%D9%86-%D8%A7%D9%84%D8%B1%D8%AD%D9%8A%D9%85-7e837698fe4b?source=rss------bug_bounty-5 | Abu Maryam Rahmat | penetration-testing, bug-bounty-writeup, bug-bounty, bug-bounty-tips, hackerone | 30-Apr-2025 |
$500,000 to Catch STON.fi Bugs?! Let’s Get Hunting, STONfiers! | https://medium.com/@savesjustice/500-000-to-catch-ston-fi-bugs-lets-get-hunting-stonfiers-8e3c2ba6ad55?source=rss------bug_bounty-5 | MADEOFBLU | rewards, stonfi, bug-bounty, cryptocurrency, defi | 29-Apr-2025 |
Find .JS files of your bug bounty target(JS FILES RECON) | https://medium.com/@loyalonlytoday/find-js-files-of-your-bug-bounty-target-js-files-recon-306c3b169bae?source=rss------bug_bounty-5 | loyalonlytoday | penetration-testing, cybersecurity, ethical-hacking, bug-bounty, bug-bounty-tips | 29-Apr-2025 |
$100 Password Reset Flaw | https://osintteam.blog/100-password-reset-flaw-7827effebca2?source=rss------bug_bounty-5 | Monika sharma | hacking, cybersecurity, bug-bounty, penetration-testing, technology | 29-Apr-2025 |
Password Recovery? More Like Account Delivery Host Header Injection Madness | https://medium.com/@loayahmed686/password-recovery-more-like-account-delivery-host-header-injection-madness-b0d0eb3a3b6d?source=rss------bug_bounty-5 | r00t | bug-bounty-writeup, bug-bounty-tips, bug-bounty, infosec | 29-Apr-2025 |
How can i find a Jenkins dashboard and ended up with Reverse Shell on shodan | https://medium.com/@fakechan443/how-can-i-find-a-jenkins-dashboard-and-ended-up-with-reverse-shell-with-shodan-31fcfb8db8b4?source=rss------bug_bounty-5 | Fakhri Abbas Ailatat | jenkins-pipeline, ethical-hacking, bug-bounty, bug-bounty-writeup, shodan | 29-Apr-2025 |
Shadow Copy Forensics: Detecting and Investigating VSS Tampering | https://medium.com/@paritoshblogs/shadow-copy-forensics-detecting-and-investigating-vss-tampering-17c5bf555230?source=rss------bug_bounty-5 | Paritosh | hacking, detection, cybersecurity, bug-bounty, forensics | 29-Apr-2025 |
SyncVault Bug Bounty Challenge | https://medium.com/@syncvault/syncvault-bug-bounty-challenge-bfd466be173c?source=rss------bug_bounty-5 | SyncVault | syncvault, airdrop, devsecops, bug-bounty, web3 | 29-Apr-2025 |
️ The ULTIMATE Web App Hacking Checklist for Bug Bounty Hunters | https://redxcybersec.medium.com/%EF%B8%8F-the-ultimate-web-app-hacking-checklist-for-bug-bounty-hunters-a495b436ab6f?source=rss------bug_bounty-5 | REDx Cybersec | bug-bounty, web-security, pentesting, cybersecurity, ethical-hacking | 29-Apr-2025 |
GraphQL API hacking Series for Bug Hunters Part 02 | https://medium.com/@lancersiromony/graphql-api-hacking-series-for-bug-hunters-part-02-837e0bc3be06?source=rss------bug_bounty-5 | IronGhost | graphql-tools, api, bug-bounty, hacking, graphql | 29-Apr-2025 |
What Recruiters Look for in a Cybersecurity Resume in 2025 | https://infosecwriteups.com/what-recruiters-look-for-in-a-cybersecurity-resume-in-2025-dcc81fa3154e?source=rss------bug_bounty-5 | Abhijeet Kumawat | hacking, cybersecurity, bug-bounty, resume, jobs | 29-Apr-2025 |
$140 Bounty: Full Path Disclosure on ads.twitter.com | https://infosecwriteups.com/140-bounty-full-path-disclosure-on-ads-twitter-com-bdedd140ac27?source=rss------bug_bounty-5 | Monika sharma | bug-bounty, hacking, technology, penetration-testing, cybersecurity | 29-Apr-2025 |
How Hackers Try to Bypass 403 Forbidden Pages | https://infosecwriteups.com/how-hackers-try-to-bypass-403-forbidden-pages-239c3f51a674?source=rss------bug_bounty-5 | Vipul Sonule | cybersecurity, bug-bounty, hacking, tech, infosec | 29-Apr-2025 |
Not Just a Ping: How SSRF Opened the Gateway to Internal Secrets | https://infosecwriteups.com/not-just-a-ping-how-ssrf-opened-the-gateway-to-internal-secrets-d18eeccd4745?source=rss------bug_bounty-5 | Iski | mone, bug-bounty, cybersecurity, infose, hacking | 29-Apr-2025 |
️HTML Encoding Real Cases in deep | https://medium.com/@zoningxtr/%EF%B8%8Fhtml-encoding-real-cases-in-deep-23945237edc6?source=rss------bug_bounty-5 | Zoningxtr | web-development, bug-bounty, javascript, penetration-testing, html | 29-Apr-2025 |
What Happens When You Request a Web Page? | https://medium.com/@zoningxtr/what-happens-when-you-request-a-web-page-5e382e05d89f?source=rss------bug_bounty-5 | Zoningxtr | javascript, penetration-testing, bug-bounty, html, web-development | 29-Apr-2025 |
What is HTML Safe Character Encoding? | https://medium.com/@zoningxtr/what-is-html-safe-character-encoding-54a687fa8949?source=rss------bug_bounty-5 | Zoningxtr | penetration-testing, javascript, cybersecurity, bug-bounty, html | 29-Apr-2025 |
subdomain-scanner200OK | https://medium.com/@lukas.simunovic/subdomain-scanner200ok-fcd762413e07?source=rss------bug_bounty-5 | Lukas Simunovic | hacking-tools, hacking, bug-bounty | 29-Apr-2025 |
Bug bounty program STON.fi: $500,000 in rewards | https://medium.com/@aqkiler/bug-bounty-program-ston-fi-500-000-in-rewards-c03c1b90c24d?source=rss------bug_bounty-5 | aqkiler | stonfi, dex, bug-bounty, ston | 29-Apr-2025 |
Bug Bounty программа STON.fi: $500,000 в наградах | https://medium.com/@aqkiler/bug-bounty-%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D0%B0-ston-fi-500-000-%D0%B2-%D0%BD%D0%B0%D0%B3%D1%80%D0%B0%D0%B4%D0%B0%D1%85-ca3da312326d?source=rss------bug_bounty-5 | aqkiler | dex, bug-bounty, ston, stonfi | 29-Apr-2025 |
Exploiting SQLi for Total Clients Control in Enterprise Application | https://medium.com/@es0557533/exploiting-sqli-for-total-clients-control-in-enterprise-application-e940acf34aa6?source=rss------bug_bounty-5 | Isv | sql-injection, cybersecurity, bug-bounty, bug-bounty-writeup, bug-bounty-tips | 29-Apr-2025 |
1 Click Account Takeover | XSS | CORS Misconfiguration | JWT Forgery | https://infosecwriteups.com/1-click-account-takeover-xss-cors-misconfiguration-jwt-forgery-0cf73a28e236?source=rss------bug_bounty-5 | Raymond Van Wart | xss-attack, bug-bounty, jwt, cybersecurity, account-takeover | 29-Apr-2025 |
$450 Bounty: Stole Facebook OAuth Access Tokens via Phabricator | https://osintteam.blog/450-bounty-stole-facebook-oauth-access-tokens-via-phabricator-4c4468268302?source=rss------bug_bounty-5 | Monika sharma | penetration-testing, cybersecurity, hacking, technology, bug-bounty | 29-Apr-2025 |
From Logs to ATO | How I Hacked IBM | https://cylent.net/from-logs-to-ato-how-i-hacked-ibm-52552d95dacf?source=rss------bug_bounty-5 | Mohamed Talaat Saada (@t4144t) | penetration-testing, bug-bounty, application-security, bug-bounty-writeup, bug-bounty-tips | 29-Apr-2025 |
I Have a Hacking Gig For YOU, Hack Them and Get Paid | https://muhammadola.medium.com/i-have-a-hacking-gig-for-you-hack-them-and-get-paid-2cddf6442492?source=rss------bug_bounty-5 | Muhammad | ethical-hacking, stonfi, bug-bounty, ton, dex | 29-Apr-2025 |
️HTML Encoding Real Cases in deep | https://medium.com/@zoningxtr/%EF%B8%8Fhtml-encoding-real-cases-in-deep-23945237edc6?source=rss------bug_bounty-5 | Zoningxtr | web-development, bug-bounty, javascript, xss-attack, penetration-testing | 29-Apr-2025 |
Unlock Bounties by Simply Reading: A Smart Way to Earn | https://infosecwriteups.com/unlock-bounties-by-simply-reading-a-smart-way-to-earn-63a1cb410450?source=rss------bug_bounty-5 | Reju Kole | bug-bounty-writeup, cyber-security-training, bug-bounty, cybersecurity, bug-bounty-tips | 29-Apr-2025 |
Mastering Runtime Hooking with Frida — Real-World Challenges Explained (Part -1) | https://medium.com/@ch3tanbug/mastering-runtime-hooking-with-frida-real-world-challenges-explained-part-1-17a7f57ea87b?source=rss------bug_bounty-5 | CH3TAN | bug-bounty, cybersecurity, reverse-engineering, frida, android-pentesting | 29-Apr-2025 |
JS-URL-Endpoint-Harvester | https://medium.com/@lukas.simunovic/js-url-endpoint-harvester-5885d3a69ef6?source=rss------bug_bounty-5 | Lukas Simunovic | hacking-tools, bug-bounty, scanning-tool, hacking, automation-tools | 29-Apr-2025 |
How I Made $12k in 48 Hours — By Recovering ‘Deleted’ Files | https://medium.com/@ibtissamhammadi/how-i-made-12k-in-48-hours-by-recovering-deleted-files-57bf7289ab9e?source=rss------bug_bounty-5 | Ibtissam Hammadi | bug-bounty, passive-income, hacking, github, cybersecurity | 28-Apr-2025 |
Hunting Suspicious DLL Side-Loading Activity | https://medium.com/@paritoshblogs/hunting-suspicious-dll-side-loading-activity-5d919f018ac6?source=rss------bug_bounty-5 | Paritosh | dll-sideloading, bug-bounty, hacking, hunting, cybersecurity | 28-Apr-2025 |
$500 XSS Payload in Slack | https://osintteam.blog/500-xss-payload-in-slack-0b99de50f4df?source=rss------bug_bounty-5 | Monika sharma | penetration-testing, cybersecurity, technology, bug-bounty, hacking | 28-Apr-2025 |
☁️How to Setup a Custom Subdomain on xss.ht — A Complete Hacker's Guide | https://infosecwriteups.com/%EF%B8%8Fhow-to-setup-a-custom-subdomain-on-xss-ht-a-complete-hackers-guide-a0018704c391?source=rss------bug_bounty-5 | Abhijeet Kumawat | vulnerability, hacking, xss-attack, bug-bounty, cybersecurity | 28-Apr-2025 |
How I Found a Broken Access Control That Exposed Interview Answers? | https://osintteam.blog/how-i-found-a-broken-access-control-vulnerability-that-exposed-interview-answers-e353128f6883?source=rss------bug_bounty-5 | Sri Shavin Kumar | ethical-hacking, hall-of-fame, cybersecurity, bug-bounty, bug-bounty-writeup | 28-Apr-2025 |
How i Access The Deleted Files of Someone in Google Drive | Bug Bounty | https://ph-hitachi.medium.com/how-i-access-the-deleted-files-of-someone-in-google-drive-bug-bounty-eac134df1de4?source=rss------bug_bounty-5 | Ph.Hitachi | google-vrp, google-drive, bug-bounty, hackerone, broken-access-control | 28-Apr-2025 |
How to Master Subdomain Takeovers in 2025 | https://infosecwriteups.com/how-to-master-subdomain-takeovers-in-2025-023f9f4817af?source=rss------bug_bounty-5 | Vipul Sonule | hacking, infosec, bug-bounty, tech, bug-bounty-tips | 28-Apr-2025 |
$500 Bounty: For a Simple Open Redirect | https://infosecwriteups.com/500-bounty-for-a-simple-open-redirect-a34051071a5c?source=rss------bug_bounty-5 | Monika sharma | technology, penetration-testing, hacking, cybersecurity, bug-bounty | 28-Apr-2025 |
How I Earned $8947 bounty for Remote Code Execution via a Hijacked GitHub Module | https://nvk0x.medium.com/how-i-earned-8947-bounty-for-remote-code-execution-via-a-hijacked-github-module-91c4a4b63255?source=rss------bug_bounty-5 | Naveen kumawat | bug-bounty-tips, hackerone, bug-bounty, bugbounty-writeup, hacking | 28-Apr-2025 |
JWT, Meet Me Outside: How I Decoded, Re-Signed, and Owned the App | https://infosecwriteups.com/jwt-meet-me-outside-how-i-decoded-re-signed-and-owned-the-app-95791eabcf5d?source=rss------bug_bounty-5 | Iski | infosec, hacking, cybersecurity, mone, bug-bounty | 28-Apr-2025 |
GraphQL API hacking Series for bug hunters 01 | https://medium.com/@lancersiromony/graphql-api-hacking-series-for-bug-hunters-01-4db602685d16?source=rss------bug_bounty-5 | IronGhost | apihacking, hacking-tools, bug-bounty, graphql, hacking | 28-Apr-2025 |
POC — CVE-2025–29306 FOXCMS /images/index.html Code Execution Vulnerability | https://medium.com/@verylazytech/poc-cve-2025-29306-foxcms-images-index-html-code-execution-vulnerability-0c4db3905fd0?source=rss------bug_bounty-5 | Very Lazy Tech | cve-2025-29306, rce, hacking, foxcms, bug-bounty | 28-Apr-2025 |
GraphQL API hacking Series for Bug Hunters Part 01 | https://medium.com/@lancersiromony/graphql-api-hacking-series-for-bug-hunters-01-4db602685d16?source=rss------bug_bounty-5 | IronGhost | apihacking, hacking-tools, bug-bounty, graphql, hacking | 28-Apr-2025 |
Exploiting a Referer Header for Open Redirect | https://ehteshamulhaq198.medium.com/exploiting-a-referer-header-for-open-redirect-ee2baa4a45b5?source=rss------bug_bounty-5 | Ehtesham Ul Haq | penetration-testing, open-redirect, infosec, rewards, bug-bounty | 28-Apr-2025 |
The $2500 bug: Remote Code Execution via Supply Chain Attack | https://nvk0x.medium.com/the-2500-bug-remote-code-execution-via-supply-chain-attack-3beb07ac1a4c?source=rss------bug_bounty-5 | Naveen kumawat | bug-bounty-writeup, hackerone, bug-bounty, bug-bounty-tips, hacking | 28-Apr-2025 |
Simple Tips for Bug Bounty Beginners: Content Spoofing via HTML Injection | https://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-content-spoofing-via-html-injection-a0ae7c39a89a?source=rss------bug_bounty-5 | Anish Narayan | offensive-security, cybersecurity, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 28-Apr-2025 |
The OSINT Blueprint: Elevate Your Investigation Skills to Extraordinary Levels | https://4swolf.medium.com/the-osint-blueprint-elevate-your-investigation-skills-to-extraordinary-levels-0e7f7c832b9d?source=rss------bug_bounty-5 | wulf | hacking-tools, bug-bounty, hackerone, osint, hacker | 28-Apr-2025 |
# Walkthrough: VulnHub Machine — Ted 1 (Full Root Access) | https://medium.com/@ghostcat1337/walkthrough-vulnhub-machine-ted-1-full-root-access-12b19f4dc036?source=rss------bug_bounty-5 | ghostcat | penetration-testing, infosec, cybersecurity, bug-bounty, ctf-writeup | 28-Apr-2025 |
I Hijacked Accounts in 10 Minutes (IDOR Bug) | https://medium.com/@ibtissamhammadi/i-hijacked-accounts-in-10-minutes-idor-bug-b44ae8e53dfa?source=rss------bug_bounty-5 | Ibtissam Hammadi | infosec, bug-bounty, hacking, cybersecurity, hackerone | 28-Apr-2025 |
Day 13: Visible error-based SQL injection — Zero to Hero Blind Injection — Portswigger | https://arayofhope7.medium.com/day-13-visible-error-based-sql-injection-zero-to-hero-blind-injection-portswigger-3da2241a1672?source=rss------bug_bounty-5 | RayofHope | penetration-testing, web-penetration-testing, ethical-hacking, bug-bounty, cybersecurity | 28-Apr-2025 |
VeriSource Data Breach Impacts 4 Million People | https://wiretor.medium.com/verisource-data-breach-impacts-4-million-people-fe05cce5aac4?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | usa, malware, xss-attack, bug-bounty, ai | 28-Apr-2025 |
How Breaches Start: Breaking Down 5 Real Vulnerabilities ️♂️ | https://ismailtasdelen.medium.com/how-breaches-start-breaking-down-5-real-vulnerabilities-%EF%B8%8F-%EF%B8%8F-8b1a032b0335?source=rss------bug_bounty-5 | Ismail Tasdelen | vulnerability, application-security, bug-bounty-writeup, bug-bounty-tips, bug-bounty | 28-Apr-2025 |
Google Cloud Account Takeover via URL Parsing Confusion | https://weirdmachine.medium.com/google-cloud-account-takeover-via-url-parsing-confusion-c5e47389b7c7?source=rss------bug_bounty-5 | Mohamed Benchikh | account-take-over, bugbounty-writeup, bug-bounty, google-cloud-platform | 28-Apr-2025 |
Road to SSRF : PDF generation and filter bypass on ASP.net application | https://medium.com/@supr4s.other/road-to-ssrf-pdf-generation-and-filter-bypass-on-asp-net-application-dd3aa91c0fed?source=rss------bug_bounty-5 | Supr4s | bug-bounty, ssrf-attack | 28-Apr-2025 |
How You Can Earn Up to $100,000 with STON.fi Bug Bounty Program | https://medium.com/@vlad2566/how-you-can-earn-up-to-100-000-with-ston-fi-bug-bounty-program-18861e0285e5?source=rss------bug_bounty-5 | CRYPTANUA | ton, stonfi, bug-bounty | 28-Apr-2025 |
WolfVision Cynap Smart Presentation Device Vulnerability Discovered: Anonymous Access Risk at… | https://medium.com/@hacker_might/wolfvision-cynap-smart-presentation-device-vulnerability-discovered-anonymous-access-risk-at-4a5ed41a9f06?source=rss------bug_bounty-5 | hacker_might | bug-bounty-writeup, bug-bounty, cyber-security-awareness, iot, iot-security | 28-Apr-2025 |
Detecting Hidden Scheduled Tasks & At Jobs Created by Malware | https://medium.com/@paritoshblogs/detecting-hidden-scheduled-tasks-at-jobs-created-by-malware-c9038d5d4544?source=rss------bug_bounty-5 | Paritosh | malware, bug-bounty, malware-analysis, hacking, cybersecurity | 27-Apr-2025 |
How to Turn Cybersecurity Into a Full-Time Income (My Blueprint) | https://infosecwriteups.com/how-to-turn-cybersecurity-into-a-full-time-income-my-blueprint-f4d70cb01f73?source=rss------bug_bounty-5 | Abhijeet Kumawat | careers, bug-bounty, infosec, cybersecurity, hacking | 27-Apr-2025 |
How I Found The Unauthorized account manipulation? | https://doordiefordream.medium.com/how-i-found-the-unauthorized-account-manipulation-3f3312360751?source=rss------bug_bounty-5 | DOD cyber solutions | cybersecurity, bug-bounty, ethical-hacking, technology, vulnerability | 27-Apr-2025 |
Attacking Web Applications with FFuF | https://medium.com/@yashpawar1199/attacking-web-applications-with-ffuf-63673231452e?source=rss------bug_bounty-5 | Yash Pawar @HackersParadise | fuzzing, web-attack, bug-bounty-writeup, ffuf, bug-bounty | 27-Apr-2025 |
Understanding XSS (Cross-Site Scripting) | https://medium.com/@parthchheda777/understanding-xss-cross-site-scripting-4cfbcc7bab2e?source=rss------bug_bounty-5 | Parthchheda | learning, xss-attack, cybersecurity, bug-bounty | 27-Apr-2025 |
My Journey from last 85 days of Learning Pentesting | https://medium.com/@gobbledy/my-journey-from-last-85-days-of-learning-pentesting-71fe9bad7e71?source=rss------bug_bounty-5 | gobbledy | pentesting, bug-bounty, information-security, cybersecurity | 27-Apr-2025 |
“Account Takeovers Made Easy: Critical JWT Exposure via Archived URLs” | https://medium.com/@choudharinayan05/account-takeovers-made-easy-critical-jwt-exposure-via-archived-urls-1b7380c62943?source=rss------bug_bounty-5 | Comp_Nayan Choudhary | bug-bounty, cybersecurity, ethical-hacking, bug-bounty-writeup | 27-Apr-2025 |
The Future of Bug Bounties: What Ethical Hackers Need to Know! | https://medium.com/@cybertalents/the-future-of-bug-bounties-what-ethical-hackers-need-to-know-2a5fba3213b9?source=rss------bug_bounty-5 | CyberTalents | cybersecurity, ethical-hacking, careers, cyber-security-awareness, bug-bounty | 27-Apr-2025 |
Understanding CSRF (Cross Site Request Forgery) | https://medium.com/@parthchheda777/understanding-csrf-cross-site-request-forgery-08d0ea732026?source=rss------bug_bounty-5 | Parthchheda | csrf, csrf-token, learning, bug-bounty, cybersecurity | 27-Apr-2025 |
Dalam dunia ethical hacking dan penetration testing, penguasaan sistem operasi Linux menjadi kunci… | https://medium.com/@ahmadcybr21/dalam-dunia-ethical-hacking-dan-penetration-testing-penguasaan-sistem-operasi-linux-menjadi-kunci-f05308396791?source=rss------bug_bounty-5 | Ahmadcybr | hacker, cybersecurity, whitehat, bug-bounty, linux | 27-Apr-2025 |
Login? Who Needs That? Bypassing OAuth Like a Lazy Hacker on Sunday ☀️ | https://infosecwriteups.com/login-who-needs-that-bypassing-oauth-like-a-lazy-hacker-on-sunday-%EF%B8%8F-76802cc8025d?source=rss------bug_bounty-5 | Iski | cybersecurity, bug-bounty, infosec, money, hacking | 27-Apr-2025 |
a simple watch tower (: | https://medium.com/@cryptoboot123/a-simple-watch-tower-19467f0bee49?source=rss------bug_bounty-5 | Cryptoboot | bug-bounty, bug-bounty-writeup, watchtower, bug-bounty-tips | 27-Apr-2025 |
POC — Remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code… | https://medium.com/@verylazytech/poc-remote-and-unauthenticated-attacker-can-send-crafted-http-requests-to-execute-arbitrary-code-4b591d45ff4f?source=rss------bug_bounty-5 | Very Lazy Tech | bug-bounty, cve-2025-3248, exploit, rce, hacking | 27-Apr-2025 |
Manual Testing for Privilege Escalation and Broken Access Control My (Methodology) | https://medium.com/@kroush333/manual-testing-for-privilege-escalation-and-broken-access-control-my-methodology-a3b9f41b82a2?source=rss------bug_bounty-5 | MahmoudKroush | bug-bounty-tips, bug-bounty, cybersecurity, penetration-testing, bug-bounty-writeup | 27-Apr-2025 |
Hacking APIs: Attackers exploiting SSRF | https://iaraoz.medium.com/hacking-apis-attackers-exploiting-ssrf-57624d575987?source=rss------bug_bounty-5 | Israel Aráoz Severiche | cybersecurity, bug-bounty, api, owasp | 27-Apr-2025 |
Vaulting over a .innerHTML sink in a Locked-Down CSP | https://infosecwriteups.com/vaulting-over-a-innerhtml-sink-in-a-locked-down-csp-a628be8ba9dc?source=rss------bug_bounty-5 | SMHTahsin33 | dom-xss, csp, innerhtml, xss-attack, bug-bounty | 27-Apr-2025 |
The World Needs More Cyber Warriors: Here’s Why You Should Join Cybersecurity Today | https://medium.com/@uday7981047612/the-world-needs-more-cyber-warriors-heres-why-you-should-join-cybersecurity-today-323a5a4c7485?source=rss------bug_bounty-5 | Uday Venkat | penetration-testing, bug-bounty, ethical-hacking, cybersecurity, networking | 27-Apr-2025 |
From Discovery to Patch: Critical DOM XSS & Open Redirect in Toyota’s Parts Portal | https://medium.com/@N0aziXss/from-discovery-to-patch-critical-dom-xss-open-redirect-in-toyotas-parts-portal-e36383fa1aa1?source=rss------bug_bounty-5 | N0aziXss | web-security, bug-bounty, ethical-hacking, open-redirect, dom-xss | 27-Apr-2025 |
Privilege Escalation via IDOR and ACL Bypass in a SaaS Application | https://kumarmohank889.medium.com/privilege-escalation-via-idor-and-acl-bypass-in-a-saas-application-e079bcd2cc4a?source=rss------bug_bounty-5 | Mohan Kumar N | bug-bounty-tips, hacking, cybersecurity, ethical-hacking, bug-bounty | 27-Apr-2025 |
Bypassing Access control through OPTIONS Request + Method Smuggling: A Hacker One Finding | https://ayushkr12.medium.com/smuggling-my-way-past-frontend-filters-a-fun-find-on-hackerone-4424dad3a16e?source=rss------bug_bounty-5 | Ayush Kumar | pentesting, bug-bounty, hacking, access-control | 27-Apr-2025 |
Millions of Records Exposed via SQL Injection in a Tamil Nadu Government Portal | https://medium.com/@dharineeshj2/millions-of-records-exposed-via-sql-injection-in-a-tamil-nadu-government-portal-0981d3827ed2?source=rss------bug_bounty-5 | Hack-Bat | bug-bounty, hacking, cybersecurity, pentesting, ethical-hacking | 26-Apr-2025 |
Microsoft Is Paying Up to $30,000 for AI Security Flaws | https://medium.com/@Cyber-AppSec/microsoft-is-paying-up-to-30-000-for-ai-security-flaws-d4f1fec247d6?source=rss------bug_bounty-5 | Cyber-AppSec | information-security, cybersecurity, ai, bug-bounty, microsoft | 26-Apr-2025 |
⏱️ There were no visible errors, no hints… only the server’s hesitation told me the truth. | https://infosecwriteups.com/%EF%B8%8F-there-were-no-visible-errors-no-hints-only-the-servers-hesitation-told-me-the-truth-7b4987f10444?source=rss------bug_bounty-5 | phoenixcatalan | pentesting, bug-bounty, portswigger, ethical-hacking, hacking | 26-Apr-2025 |
Path Traversal Attack: How I Accessed Admin Secrets | https://infosecwriteups.com/path-traversal-attack-how-i-accessed-admin-secrets-fa5de1865031?source=rss------bug_bounty-5 | Vipul Sonule | hacking, bug-bounty, cybersecurity, bug-bounty-tips, infosec | 26-Apr-2025 |
Symbolic Execution vs Traditional Static Analysis in Smart Contract Security | https://securrtech.medium.com/symbolic-execution-vs-traditional-static-analysis-in-smart-contract-security-97a9289bbd48?source=rss------bug_bounty-5 | Securr - Web3 Security | bug-bounty, smart-contract-security, smart-contract-auditing, blockchain-security, web3-security | 26-Apr-2025 |
How I Catch XSS Bugs That Most Hunters Miss | https://infosecwriteups.com/how-i-catch-xss-bugs-that-most-hunters-miss-7f226d3a1dea?source=rss------bug_bounty-5 | Abhijeet Kumawat | infosec, vulnerability, hacking, xss-attack, bug-bounty | 26-Apr-2025 |
Misconfiguration on MinIO S3 Bucket (Similar to AWS S3 Misconfig) | https://frostyxsec.medium.com/misconfiguration-on-minio-s3-bucket-similar-to-aws-s3-misconfig-a6754d29d011?source=rss------bug_bounty-5 | Frostyxsec | bug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup | 26-Apr-2025 |
OAuth Desync Chain: From Smuggling to Session Hijack Without Credentials | https://medium.com/@m3681371/oauth-desync-chain-from-smuggling-to-session-hijack-without-credentials-3959cedaf579?source=rss------bug_bounty-5 | m6r001 | http2, research, oauth, bug-bounty, web-security | 26-Apr-2025 |
Breaking the Hierarchy: How I Bypassed Role Restrictions to Become Owner | https://medium.com/meetcyber/breaking-the-hierarchy-how-i-bypassed-role-restrictions-to-become-owner-2635e1e33d85?source=rss------bug_bounty-5 | Fuzzyy Duck | info-sec-writeups, web-application-security, cybersecurity, bug-bounty, hacking | 26-Apr-2025 |
How I Bypassed Authentication on a Funded Fashion Site — And Took Over an Account | https://medium.com/@rolextital/how-i-bypassed-authentication-on-a-funded-fashion-site-and-took-over-an-account-8b8a9189fb4a?source=rss------bug_bounty-5 | Rolextital | bug-bounty, web-application-security, cybersecurity, ethical-hacking, authentication-bypass | 26-Apr-2025 |
The Hidden Param That Opened the Vault: A Dirty Param Tampering Tale | https://infosecwriteups.com/the-hidden-param-that-opened-the-vault-a-dirty-param-tampering-tale-52bfac3539fd?source=rss------bug_bounty-5 | Iski | hacking, money, infosec, bug-bounty, cybersecurity | 26-Apr-2025 |
Waiting for admin approve , I don’t think so ! | https://medium.com/@abdallahehab_31039/waiting-for-admin-approve-i-dont-think-so-195a042f913e?source=rss------bug_bounty-5 | Abdallah Ehab | ethical-hacking, hunting, bug-bounty, response-manipulation | 26-Apr-2025 |
What if finding a simple bug could earn you $75,000? | https://medium.com/@ndaawesome/what-if-finding-a-simple-bug-could-earn-you-75-000-de582f83cbb2?source=rss------bug_bounty-5 | Awesome Ndaboms | crypto, bug-bounty, devops, defi, ton | 26-Apr-2025 |
How I Bypassed a WAF & Found My First XSS Bug | https://medium.com/@ibtissamhammadi/how-i-bypassed-a-waf-found-my-first-xss-bug-22429d7a3655?source=rss------bug_bounty-5 | Ibtissam Hammadi | bug-bounty, waf-bypass, xss-attack, cybersecurity, hacking | 26-Apr-2025 |
Breaking File Upload Security: Finding Hidden XSS | https://medium.com/@es0557533/breaking-file-upload-security-finding-hidden-xss-cfc6e38bcee3?source=rss------bug_bounty-5 | Isv | bug-bounty-writeup, bug-bounty, xss-attack, bug-bounty-tips, xss-bypass | 26-Apr-2025 |
Top 10 Beginner Setup Problems in HTB and Bug Bounty (and How to Fix Them Fast) | https://medium.com/@verylazytech/top-10-beginner-setup-problems-in-htb-and-bug-bounty-and-how-to-fix-them-fast-1f9a278415ea?source=rss------bug_bounty-5 | Very Lazy Tech | tryhackme, bug-bounty, htb, penetration-testing | 26-Apr-2025 |
Cybersecurity Roadmap for Beginners in 2025: Avoid These Common Mistakes on Your Learning Journey | https://infosecwriteups.com/cybersecurity-roadmap-for-beginners-in-2025-avoid-these-common-mistakes-on-your-learning-journey-7e8701bb1827?source=rss------bug_bounty-5 | Mr Horbio | bug-bounty, penetration-testing, cybersecurity, ethical-hacking, roadmaps | 26-Apr-2025 |
Day 3 — Setting Up My Android Pentesting Lab | https://medium.com/@muhammedshemil25/day-3-setting-up-my-android-pentesting-lab-8a0f71de091c?source=rss------bug_bounty-5 | Muhammed.shemil | android-pentesting, ethical-hacking, mobile-security, ctf, bug-bounty | 26-Apr-2025 |
My First P1 | https://callgh0st.medium.com/my-first-p1-ae9d09c02927?source=rss------bug_bounty-5 | callgh0st | genocide, github, hacking, bug-bounty, recon | 26-Apr-2025 |
XSS Vulnerability in One of the Top 10 Universities in India | https://mushirsyed.medium.com/xss-vulnerability-on-one-of-the-top-10-universities-in-india-a2088fd31ef5?source=rss------bug_bounty-5 | Syed Mushir | bug-bounty-tips, bug-bounty, bugs, xss-vulnerability, xss-attack | 26-Apr-2025 |
How I Chained Template Injections Across Pages to Trigger Reflected XSS | https://medium.com/@zoningxtr/how-i-chained-template-injections-across-pages-to-trigger-reflected-xss-5d4ef68efac5?source=rss------bug_bounty-5 | Zoningxtr | cybersecurity, javascript, bug-bounty, penetration-testing, web-development | 26-Apr-2025 |
WooCommerce Admins Targeted by Fake Security Patches That Hijack Sites | https://wiretor.medium.com/woocommerce-admins-targeted-by-fake-security-patches-that-hijack-sites-7bf1832f2963?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, usa, xss-attack, ai, bug-bounty | 26-Apr-2025 |
Subdomain Takeover on VDP | https://medium.com/@vasubhan/subdomain-takeover-on-vdp-32cac749bf16?source=rss------bug_bounty-5 | Vasu Bhan | writeup, security-research, vdp, bug-bounty | 26-Apr-2025 |
How I Found phpinfo Exposure In telkomsigma.co.id | https://firdausmuhammadismail.medium.com/how-i-found-phpinfo-in-telkomsigma-co-id-49c89a1b0404?source=rss------bug_bounty-5 | Firdaus Muhammad Ismail | bug-bounty-tips, bug-bounty, vulnerability, bug-bounty-writeup, sensitive-data | 25-Apr-2025 |
How i found a RXSS by webpack | https://medium.com/@yubanbanz/how-i-found-a-rxss-by-webpack-7e2217a3976d?source=rss------bug_bounty-5 | yubanban | security, xss-attack, bug-bounty | 25-Apr-2025 |
How to Find Hidden HackerOne & Bugcrowd Programs | https://medium.com/@ibtissamhammadi/how-to-find-hidden-hackerone-bugcrowd-programs-0149457cf048?source=rss------bug_bounty-5 | Ibtissam Hammadi | osint, hackerone, hacking, cybersecurity, bug-bounty | 25-Apr-2025 |
Hunting Fileless Malware on Windows Systems | https://medium.com/@paritoshblogs/hunting-fileless-malware-on-windows-systems-2243d81b1e2d?source=rss------bug_bounty-5 | Paritosh | malware, hacking, bug-bounty, fileless-malware, cybersecurity | 25-Apr-2025 |
Most Pro Hacker Adviced Beginners To Start with on VDP Program I Taked This Advice and After Three… | https://medium.com/@youssefmohamed_84205/most-pro-hacker-adviced-beginners-to-start-with-on-vdp-program-i-taked-this-advice-and-after-three-bbc216680b6f?source=rss------bug_bounty-5 | Youssef Mohamed | bug-bounty-tips, bug-bounty, bug-bounty-writeup, bugs, cybersecurity | 25-Apr-2025 |
From Casual Curiosity to Crucial Findings: vibe pentesting uncovers serious vulnerabilities in… | https://medium.com/@kushjain0107/from-casual-curiosity-to-crucial-findings-vibe-pentesting-uncovers-serious-vulnerabilities-in-7c032383d227?source=rss------bug_bounty-5 | Kushal Jain | bug-bounty, bug-hunting, appsec, cybsersecurity, ethical-hacking | 25-Apr-2025 |
The Fastest Way to Learn Web Hacking in 2025 (With Free Resources) | https://infosecwriteups.com/the-fastest-way-to-learn-web-hacking-in-2025-with-free-resources-88c8e74a3889?source=rss------bug_bounty-5 | Abhijeet Kumawat | chatgpt, cybersecurity, ai, hacking, bug-bounty | 25-Apr-2025 |
Earn your First $5000 Bug-Bounty. | https://medium.com/@anandrishav2228/earn-your-first-5000-bug-bounty-c49495337ef0?source=rss------bug_bounty-5 | Rishav anand | active-directory, bug-bounty, cybersecurity, hacker, money | 25-Apr-2025 |
Secret Sauce in Robots.txt — How I Found Hidden Admin Panels and Debug URLs | https://infosecwriteups.com/secret-sauce-in-robots-txt-how-i-found-hidden-admin-panels-and-debug-urls-b7e8a11ea36f?source=rss------bug_bounty-5 | Iski | bug-bounty, hacking, cybersecurity, money, infosec | 25-Apr-2025 |
10 Free Tools Every Beginner Bug Bounty Hunter Should Know (2025 Edition) | https://medium.com/@aashifm/10-free-tools-every-beginner-bug-bounty-hunter-should-know-2025-edition-571ce494d907?source=rss------bug_bounty-5 | 127.0.0.1 | bug-bounty, tools, burpsuite, exploitation, cybersecurity | 25-Apr-2025 |
$500,000 Up for Grabs: STON.fi Launches a High-Stakes Bug Bounty Program on TON | https://medium.com/@lygophilea/500-000-up-for-grabs-ston-fi-launches-a-high-stakes-bug-bounty-program-on-ton-6a5a5b5b967f?source=rss------bug_bounty-5 | Lygoph_writes | defi, bug-bounty, cryptocurrency, hacking, web3 | 25-Apr-2025 |
Mastering Linux Privilege Escalation: Part 3 — Advanced Exploits, NFS, and Real-World Strategy | https://medium.com/@verylazytech/mastering-linux-privilege-escalation-part-3-advanced-exploits-nfs-and-real-world-strategy-0ba8198f03dc?source=rss------bug_bounty-5 | Very Lazy Tech | bug-bounty, oscp-preparation, hacking, oscp, privilege-escalation | 25-Apr-2025 |
Understanding Template Engines & Server-Side Template Injection (SSTI) | https://medium.com/@yashpawar1199/understanding-template-engines-server-side-template-injection-ssti-81ecf2fefc19?source=rss------bug_bounty-5 | Yash Pawar @HackersParadise | ssti-exploitation, penetration-testing, bug-bounty, ssti, web-hacking | 25-Apr-2025 |
Web App Reconnaissance Like a Spy ️♂️: Tools & Techniques for 2025 | https://medium.com/@vipulsonule71/web-app-reconnaissance-like-a-spy-%EF%B8%8F-%EF%B8%8F-tools-techniques-for-2025-072032e31adf?source=rss------bug_bounty-5 | Vipul Sonule | bug-bounty-tips, bug-bounty, hacking, infosec, cybersecurity | 25-Apr-2025 |
#ERROR! | https://medium.com/@zoningxtr/what-is-javascript-and-why-hackers-love-it-b6135b3d089e?source=rss------bug_bounty-5 | Zoningxtr | penetration-testing, web-development, cybersecurity, bug-bounty, javascript | 25-Apr-2025 |
Red Team Recruitment Test | https://medium.com/@alirezamokhtari82/red-team-recruitment-test-899059166128?source=rss------bug_bounty-5 | Alireza Mokhtari | bug-bounty, red-team, hacking | 25-Apr-2025 |
$5,000 Bounty: How iScan.today Helped Me Find a Verified GitHub Token with Org-Wide Write Access | https://medium.com/@arshadkazmi42/5-000-bounty-how-iscan-today-helped-me-find-a-verified-github-token-with-org-wide-write-access-615e999a0219?source=rss------bug_bounty-5 | Arshad Kazmi | bounties, github-token, iscan, bug-bounty, hackerone-report | 25-Apr-2025 |
Before Code Runs: Understanding the JavaScript Execution Environment | https://medium.com/@zoningxtr/before-code-runs-understanding-the-javascript-execution-environment-fe79047926af?source=rss------bug_bounty-5 | Zoningxtr | bug-bounty, cybersecurity, penetration-testing, javascript, code-review | 25-Apr-2025 |
Mastering HTTPS Traffic Interception in Flutter Using Burp Suite | https://hatemmohamedabdallah.medium.com/mastering-https-traffic-interception-in-flutter-using-burp-suite-13c02b968bf4?source=rss------bug_bounty-5 | Hatem Mohamed Abdallah | bug-bounty-writeup, mobile-security, bug-bounty, flutter, android-security | 25-Apr-2025 |
Hidden Entrances: Where javascript: URLs Are Still Allowed | https://medium.com/@zoningxtr/hidden-entrances-where-javascript-urls-are-still-allowed-a52842c6aee6?source=rss------bug_bounty-5 | Zoningxtr | bug-bounty, web-development, penetration-testing, javascript, cybersecurity | 25-Apr-2025 |
Burp Suite’s Latest Arsenal: AI Power, Smarter Scanning, and Workflow Wizard | https://bitpanic.medium.com/burp-suites-latest-arsenal-ai-power-smarter-scanning-and-workflow-wizard-42d54edf283f?source=rss------bug_bounty-5 | Spectat0rguy | technology, programming, bug-bounty, bug-bounty-tips, cybersecurity | 25-Apr-2025 |
OOP in Programming | https://medium.com/@migo.ee0/oop-in-programming-bc0ca618db63?source=rss------bug_bounty-5 | Migo ee | oop, cyebrsecurity, programming, pentesting, bug-bounty | 25-Apr-2025 |
Next.js Middleware Vulnerability: How CVE-2025–29927 Enables Authorization Bypass | https://medium.com/@nitinsgavane/next-js-middleware-vulnerability-how-cve-2025-29927-enables-authorization-bypass-1e0293d10e24?source=rss------bug_bounty-5 | Nitin Gavhane | middleware-vulnerability, authorization-bypass, nextjs, cve-2025-29927, bug-bounty | 25-Apr-2025 |
From 403 Forbidden to PII Exposure: How I Escalated a Low-Severity Bug to a High P2 | https://medium.com/@arrasgotcha/from-403-forbidden-to-pii-exposure-how-i-escalated-a-low-severity-bug-to-a-high-p2-915a9b814ce6?source=rss------bug_bounty-5 | Gotcha1G | web, hackerone, hacking, development, bug-bounty | 25-Apr-2025 |
Null Byte Injection Attack | https://medium.com/@adhamhashem2024/null-byte-injection-attack-a01de121e376?source=rss------bug_bounty-5 | Adham Hashem | vulnerability, penetration-testing, bug-bounty, cybersecurity, attack | 25-Apr-2025 |
We share a pool of $500k in the Bug Bounty event | https://medium.com/@kiyotosage/we-share-a-pool-of-500k-in-the-bug-bounty-event-3adf9e9cce0b?source=rss------bug_bounty-5 | Kiyot0Sage | stonfi, bug-bounty, crypto | 25-Apr-2025 |
Делим пул 500к$ в ивенте Bug Bounty | https://medium.com/@kiyotosage/%D0%B4%D0%B5%D0%BB%D0%B8%D0%BC-%D0%BF%D1%83%D0%BB-500%D0%BA-%D0%B2-%D0%B8%D0%B2%D0%B5%D0%BD%D1%82%D0%B5-bug-bounty-b48eabc3407c?source=rss------bug_bounty-5 | Kiyot0Sage | stonfi, crypto, bug-bounty | 25-Apr-2025 |
A list of search engines for OSINT investigators and ethical hackers(PART 2) | https://medium.com/@loyalonlytoday/a-list-of-search-engines-for-osint-investigators-and-ethical-hackers-part-2-1dd7b3d54b6f?source=rss------bug_bounty-5 | loyalonlytoday | cybersecurity, search-engines, hacking, bug-bounty, tips | 24-Apr-2025 |
Hijacking Trust: The Parallels Between Use-After-Free and Insecure Deserialization | https://medium.com/@MasoudAbdaal/hijacking-trust-the-parallels-between-use-after-free-and-insecure-deserialization-a12c587a2987?source=rss------bug_bounty-5 | Masoud Abdaal | exploit, insecure-deserialization, bug-bounty, c-programming, heap-memory | 24-Apr-2025 |
Arjun: The Ultimate Parameter Discovery Tool For Bug Hunters | https://medium.com/@lancersiromony/arjun-the-ultimate-parameter-discovery-tool-for-bug-hunters-6ead8aaf295b?source=rss------bug_bounty-5 | IronGhost | bug-bounty, querystring, hacking, arjun, fuzzing | 24-Apr-2025 |
Bug Bounty: failure experience records | https://medium.com/@smilemil/bug-bounty-failure-experience-records-62e928efd54a?source=rss------bug_bounty-5 | smilemil | bug-bounty | 24-Apr-2025 |
I Used AI to Write a Payload… And It Worked (Sort of) | https://infosecwriteups.com/i-used-ai-to-write-a-payload-and-it-worked-sort-of-55b6860d8be9?source=rss------bug_bounty-5 | Abhijeet Kumawat | cybersecurity, ai, hacking, chatgpt, bug-bounty | 24-Apr-2025 |
From 0 to Hacker Hero | https://medium.com/@omkumar.coder/from-0-to-hacker-hero-e9b8b8c0d1af?source=rss------bug_bounty-5 | om kumar | bug-bounty, cybersecurity, hacking, penetration-testing, ctf | 24-Apr-2025 |
Hostile Host Headers: How I Hijacked the App with One Sneaky Header | https://medium.com/@iski/hostile-host-headers-how-i-hijacked-the-app-with-one-sneaky-header-42c7dd82d2bc?source=rss------bug_bounty-5 | Iski | cybersecurity, money, infosec, hacking, bug-bounty | 24-Apr-2025 |
Mastering Linux Privilege Escalation: Part 2 — Cron, Sudo, Kernel, and PATH Exploits | https://medium.com/@verylazytech/mastering-linux-privilege-escalation-part-2-cron-sudo-kernel-and-path-exploits-ace9404ecfec?source=rss------bug_bounty-5 | Very Lazy Tech | oscp, oscp-preparation, ethical-hacking, privilege-escalation, bug-bounty | 24-Apr-2025 |
Hostile Host Headers: How I Hijacked the App with One Sneaky Header | https://infosecwriteups.com/hostile-host-headers-how-i-hijacked-the-app-with-one-sneaky-header-42c7dd82d2bc?source=rss------bug_bounty-5 | Iski | cybersecurity, money, infosec, hacking, bug-bounty | 24-Apr-2025 |
How I’m Learning Web3.0(Blockchain) Bug Bounties from Scratch And Sharing Everything. | https://nitin-nitingutte-gutte.medium.com/how-im-learning-web3-blockchain-bug-bounties-from-scratch-and-sharing-everything-d8cf248121b4?source=rss------bug_bounty-5 | Nitin Gutte | solidity, blockchain, web3, bug-bounty, smart-contracts | 24-Apr-2025 |
Bypassed the Invite Flow, Gained Admin Access | https://medium.com/@yassentaalab51/bypassed-the-invite-flow-gained-admin-access-d37347d57468?source=rss------bug_bounty-5 | Killua | web-security, bug-bounty-tips, penetration-testing, broken-access-control, bug-bounty | 24-Apr-2025 |
How I Bypassed Template Escaping and Triggered a Reflected XSS Popup | https://medium.com/@zoningxtr/how-i-bypassed-template-escaping-and-triggered-a-reflected-xss-popup-9567d45fd31c?source=rss------bug_bounty-5 | Zoningxtr | cybersecurity, bug-bounty, penetration-testing, web-development, javascript | 24-Apr-2025 |
Bug Hunting for Real: Tools, Tactics, and Truths No One Talks About | https://ehteshamulhaq198.medium.com/bug-hunting-for-real-tools-tactics-and-truths-no-one-talks-about-661f6786d5b3?source=rss------bug_bounty-5 | Ehtesham Ul Haq | writeup, bug-bounty, reconnaissance, rewards, penetration-testing | 24-Apr-2025 |
Insecure Direct Object Reference (IDOR) in a Government Portal | https://akashxak.medium.com/insecure-direct-object-reference-idor-in-a-government-portal-973758a23473?source=rss------bug_bounty-5 | Akash kumar K | ethical-hacking, cert-in, idor-vulnerability, cybersecurity, bug-bounty | 24-Apr-2025 |
How I Reported My First Vulnerability | https://medium.com/@0x004sec/how-i-reported-my-first-vulnerability-b4504ed77ec5?source=rss------bug_bounty-5 | 0x004sec | bug-bounty-tips, bug-bounty-writeup, xss-vulnerability, hackerone, bug-bounty | 24-Apr-2025 |
Found a bug? Get rewarded! | https://medium.com/@roma_k90/found-a-bug-get-rewarded-94a922aa8ff9?source=rss------bug_bounty-5 | Roma | bug-bounty, ton, stonfi, ecosystem, money | 24-Apr-2025 |
Нашёл баг — получил награду! | https://medium.com/@roma_k90/%D0%BD%D0%B0%D1%88%D1%91%D0%BB-%D0%B1%D0%B0%D0%B3-%D0%BF%D0%BE%D0%BB%D1%83%D1%87%D0%B8%D0%BB-%D0%BD%D0%B0%D0%B3%D1%80%D0%B0%D0%B4%D1%83-e936631f5e02?source=rss------bug_bounty-5 | Roma | news, money, smart-contracts, bug-bounty, stonfi | 24-Apr-2025 |
Broken Access Control - Unauthorized users able to add customer | https://medium.com/@MrPlufy/broken-access-control-unauthorized-users-able-to-add-customer-fd8176343650?source=rss------bug_bounty-5 | Ahmad Tazkiarni Ramadhan | bug-bounty, cybersecurity, penetration-testing, bug-hunting, broken-access-control | 24-Apr-2025 |
Inject, Exploit, Repeat: Real-World Adventures in XSS | https://medium.com/@es0557533/inject-exploit-repeat-real-world-adventures-in-xss-a8fd8f7066c8?source=rss------bug_bounty-5 | Isv | bug-bounty-tips, xss-attack, bug-bounty, cybersecurity, bug-bounty-writeup | 24-Apr-2025 |
A list of search engines for OSINT investigators and ethical hackers(PART 1) | https://medium.com/@loyalonlytoday/a-list-of-search-engines-for-osint-investigators-and-ethical-hackers-part-1-4b035cfc271a?source=rss------bug_bounty-5 | loyalonlytoday | cybersecurity, bug-bounty, hacking, osint, search-engines | 23-Apr-2025 |
No rate limit | https://medium.com/@eng.mahmoudbughunter/no-rate-limit-dbb663690fe6?source=rss------bug_bounty-5 | mahmoud farag | penetration-testing, bug-bounty, hunting | 23-Apr-2025 |
#ERROR! | https://medium.com/@zoningxtr/%EF%B8%8Fxss-prevention-101-why-using-value-keeps-your-javascript-secure-52d9e062ca13?source=rss------bug_bounty-5 | Zoningxtr | javascript, bug-bounty, penetration-testing, web-development, xss-attack | 23-Apr-2025 |
How I Found Multiple Bugs On Dell Using Reconnaissance (OSINT) | https://medium.com/@root0x30/how-i-found-multiple-bugs-on-dell-using-reconnaissance-osint-b71e06fa9031?source=rss------bug_bounty-5 | Mohit_Negi | dell, reconnaissance, osint, bug-bounty, red-team | 23-Apr-2025 |
Securing HTML Forms Against XSS: A Practical Guide with DOM Methods, Safe JavaScript, and… | https://medium.com/@zoningxtr/securing-html-forms-against-xss-a-practical-guide-with-dom-methods-safe-javascript-and-74596ebc9064?source=rss------bug_bounty-5 | Zoningxtr | web-development, bug-bounty, javascript, html, penetration-testing | 23-Apr-2025 |
FOFA Recon for Hidden HackerOne & Bugcrowd Programs | https://medium.com/meetcyber/fofa-recon-for-hidden-hackerone-bugcrowd-programs-e285610bf8a5?source=rss------bug_bounty-5 | AbhirupKonwar | osint, bug-bounty-tips, infosec, bug-bounty-program, bug-bounty | 23-Apr-2025 |
❌ Top 10 Mistakes Beginners Make in Bug Bounty — Avoid These! | https://infosecwriteups.com/top-10-mistakes-beginners-make-in-bug-bounty-avoid-these-5140f8a5b22b?source=rss------bug_bounty-5 | Abhijeet Kumawat | hacking, bug-bounty, infosec, cybersecurity, ai | 23-Apr-2025 |
Account Takeover via Email Verification Logic Flaw | https://medium.com/@rolextital/account-takeover-via-email-verification-logic-flaw-a8755f2bc08f?source=rss------bug_bounty-5 | Rolextital | account-takeover, ethical-hacking, web-application-security, cybersecurity, bug-bounty | 23-Apr-2025 |
Stored + Reflected XSS on Live Website! | https://medium.com/@Nextk/my-journey-from-being-sad-to-getting-a-xss-c0c6a59161f2?source=rss------bug_bounty-5 | Nextk | waf-detection, bug-bounty, filter-detection, xss-vulnerability, easy | 23-Apr-2025 |
Ultimate Bug Bounty Roadmap 2025 — From Zero to Pro | https://mrblogger.medium.com/ultimate-bug-bounty-roadmap-2025-from-zero-to-pro-51373869a243?source=rss------bug_bounty-5 | Mr Blogger | ethical-hacking, cybersecurity, bug-bounty, books, bug-bounty-2025 | 23-Apr-2025 |
Mastering Linux Privilege Escalation: Part 1 — The Fundamentals | https://medium.com/@verylazytech/mastering-linux-privilege-escalation-part-1-the-fundamentals-01e662e86b1b?source=rss------bug_bounty-5 | Very Lazy Tech | privilege-escalation, ethical-hacking, oscp, oscp-preparation, bug-bounty | 23-Apr-2025 |
How to Find Your First Business Logic Vulnerability in a Bug Bounty Program | Step-by-Step Guide |… | https://medium.com/@shaikhminhaz1975/how-to-find-your-first-business-logic-vulnerability-in-a-bug-bounty-program-step-by-step-guide-17a6f9785c93?source=rss------bug_bounty-5 | Shaikh Minhaz | vulnerability, cybersecurity, ethical-hacking, penetration-testing, bug-bounty | 23-Apr-2025 |
The Hidden Recon Routines That Don’t Show Up in Anyone’s Toolkit | https://myselfakash20.medium.com/the-hidden-recon-routines-that-dont-show-up-in-anyone-s-toolkit-0612511c8cc2?source=rss------bug_bounty-5 | Akash Ghosh | mindset, bug-bounty, cybersecurity, technology, bug-bounty-tips | 23-Apr-2025 |
How to Create a Botnet Using One Tool: A Proof of Concept for Educational Purposes Aspiring… | https://infosecwriteups.com/how-to-create-a-botnet-using-one-tool-a-proof-of-concept-for-educational-purposes-aspiring-d5e7f3d6e10f?source=rss------bug_bounty-5 | Elie Attieh | bug-hunter, bug-bounty, penetration-testing, cybersecurity, botnet | 23-Apr-2025 |
Exposing SMTP Misconfigurations: STARTTLS and Self-Signed Certs | https://mrdineshpathro.medium.com/exposing-smtp-misconfigurations-starttls-and-self-signed-certs-01e5ff9a3367?source=rss------bug_bounty-5 | Dinesh Pathro | bug-zero, bugs, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 23-Apr-2025 |
Understanding CVEs and CVSS | https://medium.com/@sherlock297/understanding-cves-and-cvss-4f778f144aaa?source=rss------bug_bounty-5 | Ravindra Dagale | vulnerability, cvss, cve, cybersecurity, bug-bounty | 23-Apr-2025 |
Burp, Bounce, and Break: How Web Cache Poisoning Let Me Control the App | https://infosecwriteups.com/burp-bounce-and-break-how-web-cache-poisoning-let-me-control-the-app-be173528ff8a?source=rss------bug_bounty-5 | Iski | infosec, cybersecurity, money, bug-bounty, hacking | 23-Apr-2025 |
BB01 - Advanced Recon: Taking Your Subdomain Discovery to the Next Level | https://r4gh4v.medium.com/bb01-advanced-recon-taking-your-subdomain-discovery-to-the-next-level-0d2538d1f3a9?source=rss------bug_bounty-5 | r4gh4v | subdomains-enumeration, reconnaissance, hacker, bug-bounty, hackerone | 23-Apr-2025 |
How I Was Able to Make $50 Using Only My Mobile Phone Through Information Disclosure By Google… | https://medium.com/@xhacking_z/how-i-was-able-to-make-50-using-only-my-mobile-phone-through-information-disclosure-by-google-a332a5a6e030?source=rss------bug_bounty-5 | Omar | my-first-bounty, bug-bounty, google-dorking, hackerone | 23-Apr-2025 |
Michael Yonesi shares his Top 5 Cybersecurity Tips You Can’t Afford to Ignore | https://medium.com/@michael.yonesi/michael-yonesi-shares-his-top-5-cybersecurity-tips-you-cant-afford-to-ignore-5efc5e677ea7?source=rss------bug_bounty-5 | Michael Younsi | hacking, cybersecurity, bug-bounty, security | 23-Apr-2025 |
Ethically hacking Android phones with Phonesploit | https://medium.com/@zishanfiroz/ethically-hacking-android-phones-with-phonesploit-b95924d50c89?source=rss------bug_bounty-5 | Md Zishan Firoz | cybersecurity, technology, hacking, bug-bounty | 23-Apr-2025 |
Bug Bounty Recon: CIDR, ASN & Subdomain Enumeration Guide | https://sinhaamrit.medium.com/bug-bounty-recon-cidr-asn-subdomain-enumeration-guide-25c447af9c40?source=rss------bug_bounty-5 | Amrit Sinha | hacking, cybersecurity, tools, bug-bounty, networking | 23-Apr-2025 |
Unauthorized Users Could Disclose Information and Execute GraphQL Operations After Permission… | https://medium.com/@blackarazi/unauthorized-users-could-disclose-information-and-execute-graphql-operations-after-permission-961094edf7c8?source=rss------bug_bounty-5 | Azhari Harahap | bug-bounty-writeup, websocket, application-security, bug-bounty, graphql | 23-Apr-2025 |
One Root Cause, Many Faces: The 6 Silent CSRF That Got Buried | https://medium.com/@hamdiyasin135/one-root-cause-many-faces-the-6-silent-csrf-that-got-buried-2dec4472744a?source=rss------bug_bounty-5 | yassin hamdi | bug-bounty, csrf, hacking, cybersecurity | 23-Apr-2025 |
$12,000 Bounty Won: Uncovering GitLab’s Hidden Data Leak Flaw | https://osintteam.blog/12-000-bounty-won-uncovering-gitlabs-hidden-data-leak-flaw-d623b6b3cff1?source=rss------bug_bounty-5 | Monika sharma | report, hacking, bug-bounty, technology, penetration-testing | 23-Apr-2025 |
Directory Bruteforcing Techniques: Find Hidden Treasures in Websites ️ | https://medium.com/@vipulsonule71/directory-bruteforcing-techniques-find-hidden-treasures-in-websites-%EF%B8%8F-c11f2f14a7d3?source=rss------bug_bounty-5 | Vipul Sonule | hacking, cybersecurity, tech, bug-bounty, bug-bounty-tips | 23-Apr-2025 |
Bypassing Modern WAFs: Techniques That Still Work ️ | https://medium.com/@vipulsonule71/bypassing-modern-wafs-techniques-that-still-work-%EF%B8%8F-35a6aec5f90f?source=rss------bug_bounty-5 | Vipul Sonule | bug-bounty-tips, bug-bounty, penetration-testing, hacking, cybersecurity | 23-Apr-2025 |
How Android Works (And Why It Actually Matters If You Wanna Hack It) | https://medium.com/@muhammedshemil25/how-android-works-and-why-it-actually-matters-if-you-wanna-hack-it-d74ded88bac1?source=rss------bug_bounty-5 | Muhammed.shemil | mobile-security, ctf, bug-bounty, android-security, cybersecurity | 23-Apr-2025 |
BB01 — Advanced Recon: Taking Your Subdomain Discovery to the Next Level | https://r4gh4v.medium.com/bb01-advanced-recon-taking-your-subdomain-discovery-to-the-next-level-0d2538d1f3a9?source=rss------bug_bounty-5 | r4gh4v | subdomains-enumeration, reconnaissance, hacker, bug-bounty, hackerone | 23-Apr-2025 |
Phishing-Style Link Reflected on Microsoft Azure Portal — Not XSS, But Still Tricky | https://medium.com/@melege/phishing-style-link-reflected-on-microsoft-azure-portal-not-xss-but-still-tricky-559bde6f8252?source=rss------bug_bounty-5 | Ahmed AbdElmaqsoud | bug-bounty, security, azure, ux-design, phishing | 23-Apr-2025 |
CSRF Vulnerability in EchoStar Company | https://medium.com/@youssefmohamed_84205/csrf-vulnerability-in-echostar-company-ffecbc6edc24?source=rss------bug_bounty-5 | Youssef Mohamed | bug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty | 23-Apr-2025 |
️ How I Emulated a Real XSS Vulnerability with Just an | https://medium.com/@zoningxtr/%EF%B8%8F-how-i-emulated-a-real-xss-vulnerability-with-just-an-img-tag-a-practical-guide-to-7fb69d4ec46f?source=rss------bug_bounty-5 | Zoningxtr | penetration-testing, xss-attack, web-development, javascript, bug-bounty | 23-Apr-2025 |
learning how systems fall apart | https://medium.com/@orxxin/learning-how-systems-fall-apart-b7fd9e42bbb7?source=rss------bug_bounty-5 | or//in | bug-bounty, penetration-testing, learning, infosec | 23-Apr-2025 |
One Root Cause, Many Faces: The 6 Silent CSRF That Got Buried | https://hamdiyasin135.medium.com/one-root-cause-many-faces-the-6-silent-csrf-that-got-buried-2dec4472744a?source=rss------bug_bounty-5 | yassin hamdi | bug-bounty, csrf, hacking, cybersecurity | 23-Apr-2025 |
When System Information is Revealed Unknowingly!! | https://spider7.medium.com/silent-leaks-ketika-informasi-sistem-dibuka-tanpa-disadari-1b1343d7a1ae?source=rss------bug_bounty-5 | N/A | poc, bug-bounty, hacker, bug-bounty-tips | 22-Apr-2025 |
How to Start Bug Bounty in 2025 (No Experience, No Problem) | https://infosecwriteups.com/how-to-start-bug-bounty-in-2025-no-experience-no-problem-89adc68da592?source=rss------bug_bounty-5 | Abhijeet Kumawat | cybersecurity, hacking, 2025, infosec, bug-bounty | 22-Apr-2025 |
Spotting Beaconing Behaviour in Windows Systems: Analysing Timing Patterns in Network Connections | https://medium.com/@paritoshblogs/spotting-beaconing-behaviour-in-windows-systems-analysing-timing-patterns-in-network-connections-b41d187b346e?source=rss------bug_bounty-5 | Paritosh | network, beaconing, hacking, cybersecurity, bug-bounty | 22-Apr-2025 |
How Did I Hack a Website Just by Reading Its JavaScript | https://medium.com/developersglobal/how-did-i-hack-a-website-just-by-reading-its-javascript-809f5f755e3d?source=rss------bug_bounty-5 | Ibtissam Hammadi | hacking, stored-xss, web-security, bug-bounty, javascript | 22-Apr-2025 |
Why JWTs Valid After Logout: A Pentester’s Guide to Testing and Securing Tokens | https://medium.com/@dr34mb0y/why-jwts-valid-after-logout-a-pentesters-guide-to-testing-and-securing-tokens-6fb232fe57d9?source=rss------bug_bounty-5 | Sid Joshi | web-security, secure-coding, pentesting, bug-bounty, jwt-exploitation | 22-Apr-2025 |
Why I’m Diving Into Android Pentesting in 2025 | https://medium.com/@muhammedshemil25/why-im-diving-into-android-pentesting-in-2025-c9c78c4f57ac?source=rss------bug_bounty-5 | Muhammed.shemil | android-pentesting, bug-bounty, ctf, mobile-security, ethical-hacking | 22-Apr-2025 |
404 to 0wnage: How a Broken Link Led Me to Admin Panel Access | https://infosecwriteups.com/404-to-0wnage-how-a-broken-link-led-me-to-admin-panel-access-2b58e1fffaa3?source=rss------bug_bounty-5 | Iski | infosec, bug-bounty, money, hacking, cybersecurity | 22-Apr-2025 |
Privilege Escalation using Client-Side Path Traversal | https://aboalezz1.medium.com/privilege-escalation-using-client-side-path-traversal-e1d0762a966d?source=rss------bug_bounty-5 | Mohamed AboAlezz | cybersecurity, bugbounty-writeup, bug-bounty, ethical-hacking, bug-bounty-tips | 22-Apr-2025 |
Why You’re Not Finding Bugs Yet — And How I’m Fixing It | https://medium.com/@k4r7h1kn/why-youre-not-finding-bugs-yet-and-how-i-m-fixing-it-072a84e4fcf4?source=rss------bug_bounty-5 | Karthikeyan | bug-zero, bugs, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 22-Apr-2025 |
NTP — Port 123/UDP — How to exploit? | https://medium.com/@verylazytech/ntp-port-123-udp-how-to-exploit-051e82cdde08?source=rss------bug_bounty-5 | Very Lazy Tech | ethical-hacking, bug-bounty, penetration-testing, exploit, ntp | 22-Apr-2025 |
Crack Into Cybersecurity: A Beginner’s Roadmap Powered by AI | https://medium.com/@aashish21/crack-into-cybersecurity-a-beginners-roadmap-powered-by-ai-f5dc949595a6?source=rss------bug_bounty-5 | Aashish Baweja | bug-bounty, hacking, artificial-intelligence, cybersecurity | 22-Apr-2025 |
Why Did This Simple Bug Pay $5K in 24 Hours | https://medium.com/@ibtissamhammadi/why-did-this-simple-bug-pay-5k-in-24-hours-cc35a761ae12?source=rss------bug_bounty-5 | Ibtissam Hammadi | programming, bug-bounty, technology, cybersecurity, hacking | 22-Apr-2025 |
Security Vulnerabilities in Autonomous AI Agents | https://fdzdev.medium.com/security-vulnerabilities-in-autonomous-ai-agents-26f905b2dc36?source=rss------bug_bounty-5 | Facundo Fernandez | bug-bounty, artificial-intelligence, ai-agent, cybersecurity, machine-learning | 22-Apr-2025 |
CVE-2023-40723: Sensitive Information Disclosure in FortiSIEM via Crafted API Requests | https://medium.com/@knowingly_majesty_tortoise_414/cve-yyyy-xxxx-sensitive-information-disclosure-in-fortisiem-via-crafted-api-requests-10e2519fd90c?source=rss------bug_bounty-5 | Lance Yeaw | bug-bounty, security-research, security, fortinet, hacking | 22-Apr-2025 |
Sensitive Data Exposure + Public Recon = Instant Account Takeover | https://medium.com/@GERRR4Y/sensitive-data-exposure-public-recon-instant-account-takeover-97c2ae752720?source=rss------bug_bounty-5 | Aya Ayman(GERR4Y) | bug-bounty, ato, osint | 22-Apr-2025 |
From Curiosity to Report: My First Bug on a Live E-commerce Site | https://vux06.medium.com/from-curiosity-to-report-my-first-bug-on-a-live-e-commerce-site-dfa2dc46cd88?source=rss------bug_bounty-5 | Vux06 | bug-bounty, xss-attack, sql-injection, hacking, html-injection | 22-Apr-2025 |
How I made $64k from deleted files — a bug bounty story | https://medium.com/@sharon.brizinov/how-i-made-64k-from-deleted-files-a-bug-bounty-story-c5bd3a6f5f9b?source=rss------bug_bounty-5 | Sharon Brizinov | github, hacking, bug-bounty, security | 22-Apr-2025 |
Broken Logic, Free Features: A Deep Dive into Access Control Failures | https://medium.com/@es0557533/broken-logic-free-features-a-deep-dive-into-access-control-failures-7b5db28f0060?source=rss------bug_bounty-5 | Isv | bugbounty-writeup, bug-bounty, broken-access-control, bug-bounty-tips | 22-Apr-2025 |
Day 12 Blind SQL injection with conditional errors — Zero to Hero Blind Injection — Portswigger | https://arayofhope7.medium.com/day-12-blind-sql-injection-with-conditional-errors-zero-to-hero-blind-injection-portswigger-e94f9e3977a5?source=rss------bug_bounty-5 | RayofHope | ethical-hacking, bug-bounty, cybersecurity, web-penetration-testing, penetration-testing | 22-Apr-2025 |
CVE-2023-40723: Agent2Shellv2 | https://medium.com/@knowingly_majesty_tortoise_414/cve-yyyy-xxxx-sensitive-information-disclosure-in-fortisiem-via-crafted-api-requests-10e2519fd90c?source=rss------bug_bounty-5 | Lance Yeaw | bug-bounty, security-research, security, fortinet, hacking | 22-Apr-2025 |
Bypass Verification Code in Reset Password Endpoint | https://firdausmuhammadismail.medium.com/bypass-verification-code-in-reset-password-endpoint-91c2fa97e27b?source=rss------bug_bounty-5 | Firdaus Muhammad Ismail | bypass, verification, bug-bounty-tips, bug-bounty, vulnerability | 21-Apr-2025 |
Automated Shodan Recon (bug bounty) | https://medium.com/@loyalonlytoday/automated-shodan-recon-bug-bounty-776489cf8b6c?source=rss------bug_bounty-5 | loyalonlytoday | penetration-testing, automation, cybersecurity, hacking, bug-bounty | 21-Apr-2025 |
I Clicked a Random Button in Google Slides — Then Google Paid Me $2,240 | https://infosecwriteups.com/i-clicked-a-random-button-in-google-slides-then-google-paid-me-2-240-22e1c0ca0535?source=rss------bug_bounty-5 | Ibtissam Hammadi | google, technology, google-hacking, bug-bounty, cybersecurity | 21-Apr-2025 |
The Tools I Use for Bug Bounty Hunting? | https://devprogramming.medium.com/the-tools-i-use-for-bug-bounty-hunting-5e544af7df44?source=rss------bug_bounty-5 | DevProgramming | cybersecurity, ethical-hacking, bug-bounty, infosec, hacking | 21-Apr-2025 |
How I Found a Facebook IDOR Bug in 15 Minutes (And How You Can Too) | https://medium.com/@ibtissamhammadi/how-i-found-a-facebook-idor-bug-in-15-minutes-and-how-you-can-too-3ca4c6378b7c?source=rss------bug_bounty-5 | Ibtissam Hammadi | ethical-hacking, cybersecurity, idor, facebook-security, bug-bounty | 21-Apr-2025 |
[Vulnerability Campaign] Protect TECNO devices | https://medium.com/@security.tecno/vulnerability-campaign-protect-tecno-devices-070e2324175a?source=rss------bug_bounty-5 | TECNO Security | bug-bounty, hacking, security, report | 21-Apr-2025 |
Authentication Bypass Using Logic Flaws — Real Example + Fixes | https://infosecwriteups.com/authentication-bypass-using-logic-flaws-real-example-fixes-f80f66587b2c?source=rss------bug_bounty-5 | Abhijeet Kumawat | hacker, ai, cybersecurity, infosec, bug-bounty | 21-Apr-2025 |
️ Hacking and Securing Kubernetes: A Deep Dive into Cluster Security | https://infosecwriteups.com/%EF%B8%8F-hacking-and-securing-kubernetes-a-deep-dive-into-cluster-security-f84436f6544a?source=rss------bug_bounty-5 | Ajay Naik | cybersecurity, bug-bounty, kubernetes, penetration-testing, information-security | 21-Apr-2025 |
Stored XSS Led to OAuth App Credential Theft and Info Disclosure | https://ehteshamulhaq198.medium.com/stored-xss-led-to-oauth-app-credential-theft-and-info-disclosure-85545fca3948?source=rss------bug_bounty-5 | Ehtesham Ul Haq | xss-attack, bug-bounty-tips, bug-bounty, penetration-testing, infosec | 21-Apr-2025 |
✅ JWT Security Testing Test Cases | https://infosecwriteups.com/jwt-security-testing-test-cases-80db5ba4e8a1?source=rss------bug_bounty-5 | Ajay Naik | jwt, penetration-testing, cybersecurity, bug-bounty, information-security | 21-Apr-2025 |
$1,200 Bounty — IDOR via Phantom API and Parameter Manipulation | https://medium.com/@cadeeper/1-200-bounty-idor-via-phantom-api-and-parameter-manipulation-1f9a9d84f467?source=rss------bug_bounty-5 | Invik | pentesting, cybersecurity, bug-bounty, hacking, bug-bounty-writeup | 21-Apr-2025 |
️ The JSON Backdoor: How I Exploited Insecure Deserialization for RCE | https://infosecwriteups.com/%EF%B8%8F-the-json-backdoor-how-i-exploited-insecure-deserialization-for-rce-1d8aa4130564?source=rss------bug_bounty-5 | Iski | hacking, money, infosec, cybersecurity, bug-bounty | 21-Apr-2025 |
Find first Bug [Simple But Critical Bug] That gives you a lot of Bounty | https://medium.com/@hrofficial62/find-first-bug-simple-but-critical-bug-that-gives-you-a-lot-of-bounty-93b4107ffd82?source=rss------bug_bounty-5 | Mr Horbio | bug-bounty, hacking, cybersecurity, ethical-hacking, penetration-testing | 21-Apr-2025 |
Hunting in the labyrinth: Your edge lies in understanding business contex | https://medium.com/@luthierc/hunting-in-the-labyrinth-your-edge-lies-in-understanding-business-contex-bebeced6dca2?source=rss------bug_bounty-5 | Luthierc | technology, cybersecurity, bug-bounty, owasp, business | 21-Apr-2025 |
Open Redirect Vulnerabilities: How Small Bugs Lead to Big Rewards | https://medium.com/@vipulsonule71/open-redirect-vulnerabilities-how-small-bugs-lead-to-big-rewards-8d925553dabd?source=rss------bug_bounty-5 | Vipul Sonule | cybersecurity, hacking-tools, hacking, bug-bounty-tips, bug-bounty | 21-Apr-2025 |
️ Breaking the Chain of Command: A Critical Team Management DoS via Role Update Abuse | https://medium.com/@nhlimon37/%EF%B8%8F-breaking-the-chain-of-command-a-critical-team-management-dos-via-role-update-abuse-94c1188629b9?source=rss------bug_bounty-5 | NH Limon ️ | bug-bounty | 21-Apr-2025 |
How I Changed Other Users’ Names on a data integration platform’s team management system as an… | https://medium.com/@nhlimon37/how-i-changed-other-users-names-on-a-data-integration-platform-s-team-management-system-as-an-6a47cb98d0e1?source=rss------bug_bounty-5 | NH Limon ️ | bug-bounty | 21-Apr-2025 |
Web Shells: The Hidden Backdoors Lurking in Your Server | https://medium.com/@zrhmz12/web-shells-the-hidden-backdoors-lurking-in-your-server-3ccd3ca8e736?source=rss------bug_bounty-5 | Zrhmz | file-upload-vulnerability, penetration-testing, webshell, bug-bounty, vulnerability | 21-Apr-2025 |
The Blank Page That Hid a Bug | https://infosecwriteups.com/when-a-blank-page-that-hid-a-bug-c0214390d68c?source=rss------bug_bounty-5 | SIDDHANT SHUKLA | hacking, bug-bounty, programming, cybersecurity, vulnerability | 21-Apr-2025 |
Next.js CVE-2025–29927 hackinghub walkthrough | https://medium.com/@abhishek-ji/next-js-cve-2025-29927-hackinghub-walkthrough-f7893cdd90c4?source=rss------bug_bounty-5 | Abhishek Gupta | cybersecurity, bug-bounty-tips, bug-bounty, nextjs, web-development | 21-Apr-2025 |
Stop Paying for Dozens of Subdomain Tools and Do All Your Enumeration and Recon in One Place | https://medium.com/@alexandrevandammepro/stop-paying-for-dozens-of-subdomain-tools-and-do-all-your-enumeration-and-recon-in-one-place-19412c592375?source=rss------bug_bounty-5 | Alexandre Vandamme | bugbounty-tips, technology, bug-bounty, cybersecurity, infosec | 21-Apr-2025 |
That One Time a Forgotten Endpoint Earned Me $$$$$ | https://medium.com/@dhirenkumar/that-one-time-a-forgotten-endpoint-earned-me-5367838d3ea8?source=rss------bug_bounty-5 | pradhan | infosec, cybersecurity, hacking, bug-bounty, writeup | 20-Apr-2025 |
MOBSF Installation Guide 2025 Apple Silicons MACS | https://medium.com/offensive-black-hat-hacking-security/mobsf-installation-guide-2025-apple-silicons-macs-0f4718f15004?source=rss------bug_bounty-5 | Harshad Shah | cybersecurity, bug-bounty, mobile, mobile-apps, penetration-testing | 20-Apr-2025 |
Finding a Password Bypass on Instagram in less than 3 days | https://medium.com/@hacktheplanet/finding-a-password-bypass-on-instagram-in-less-than-3-days-b84569c242ce?source=rss------bug_bounty-5 | SirHaxAlot | instagram, sirhaxalot, bug-bounty, ethical-hacking | 20-Apr-2025 |
The $12,000 Redirect, a Misconfigured URL | https://medium.com/@dhirenkumar/the-12-000-redirect-a-misconfigured-url-f27cba89b622?source=rss------bug_bounty-5 | pradhan | bug-bounty, hacking, cybersecurity, infosec, writeup | 20-Apr-2025 |
The Critical Role of Information Security Across the Software Development Lifecycle (SDLC) | https://medium.com/@rezauditore/the-critical-role-of-information-security-across-the-software-development-lifecycle-sdlc-1e69fc1f59b6?source=rss------bug_bounty-5 | rezauditore | programming, hacking, bug-bounty, sdlc, software-development | 20-Apr-2025 |
Chaining Bugs Like a Hacker: IDOR to Account Takeover in 10 Minutes | https://infosecwriteups.com/chaining-bugs-like-a-hacker-idor-to-account-takeover-in-10-minutes-db0cba198007?source=rss------bug_bounty-5 | Abhijeet Kumawat | infosec, hacking, bug-bounty, ai, cybersecurity | 20-Apr-2025 |
Get a Free Ubuntu VPS Forever for Your Projects with Superfast Internet | https://r4gh4v.medium.com/get-a-free-ubuntu-vps-forever-for-your-projects-with-superfast-internet-06259b8777f1?source=rss------bug_bounty-5 | r4gh4v | linux, bug-bounty, vps-hosting, hacking, vps | 20-Apr-2025 |
$1000 Bounty Won: The Amazing Win | https://infosecwriteups.com/1000-bounty-won-the-amazing-win-22da06954089?source=rss------bug_bounty-5 | Monika sharma | hacking, bug-bounty, bug-bounty-tips, report, technology | 20-Apr-2025 |
Winning Swags and Hall of Fame for Finding bugs. | https://infosecwriteups.com/winning-swags-and-hall-of-fame-for-finding-bugs-7402555fefe3?source=rss------bug_bounty-5 | RivuDon | bug-bounty-hunter, bug-bounty-writeup, bug-bounty-tips, bug-bounty | 20-Apr-2025 |
How I Hijacked OAuth Tokens Through a Parallel Auth Flow Race Condition — $8500 P1 Bug Bounty | https://infosecwriteups.com/how-i-hijacked-oauth-tokens-through-a-parallel-auth-flow-race-condition-8500-p1-bug-bounty-7af1cccc4d4c?source=rss------bug_bounty-5 | Anmol Singh Yadav | bug-bounty, hacking, bug-bounty-writeup, bug-bounty-tips | 20-Apr-2025 |
The Brain Left Unlocked: Public etcd and the Risks Beneath Kubernetes | https://medium.com/@nijina7/the-brain-left-unlocked-public-etcd-and-the-risks-beneath-kubernetes-3e6dd122a9c5?source=rss------bug_bounty-5 | Nijin K | bug-bounty-tips, bug-bounty, etcd, hacking, ethical-hacking | 20-Apr-2025 |
Email Verification Bypass via Sign in with Google | https://xsametyigit.medium.com/email-verification-bypass-via-sign-in-with-google-a273827c4968?source=rss------bug_bounty-5 | Samet Yiğit | bug-bounty-tips, bug-bounty, ödülavcılığı, bug-bounty-writeup | 20-Apr-2025 |
Nothing changed… except for one detail. And that was enough to hack | https://medium.com/@phoenixcatalan/nothing-changed-except-for-one-detail-and-that-was-enough-to-hack-791f0f8bc8cb?source=rss------bug_bounty-5 | phoenixcatalan | bug-bounty-tips, bug-bounty, portswigger, hacking, ethical-hacking | 20-Apr-2025 |
Tricking system to delete any user account: from informative to 4000$ HIGH Bounty | https://entropydrifter.medium.com/tricking-system-to-delete-any-user-account-from-informative-to-4000-high-bounty-245944d4eaa9?source=rss------bug_bounty-5 | Abdullah Ahmed aka entropydrifter | bug-bounty, hackerone, bug-bounty-tips, bug-bounty-writeup | 20-Apr-2025 |
How a Smart Bug Hunter Found a Big Security Hole in MTN Group | https://osintteam.blog/how-a-smart-bug-hunter-found-a-big-security-hole-in-mtn-group-64d661124f51?source=rss------bug_bounty-5 | Monika sharma | bug-bounty, report, hacking, technology, bug-bounty-tips | 20-Apr-2025 |
How a Stupid Public Link Opened a Massive Data Exposure (Real Case | https://medium.com/@Nigga_Hitam/how-a-stupid-public-link-opened-a-massive-data-exposure-real-case-1b1f75846f6c?source=rss------bug_bounty-5 | Nigga_hitam | cybersecurity, bug-bounty | 20-Apr-2025 |
picoCTF Web Exploitation: picobrowser | https://medium.com/@Kamal_S/picoctf-web-exploitation-picobrowser-ce806dfedd2f?source=rss------bug_bounty-5 | Kamal S | bug-bounty, picoctf, ctf, security-testing, picobrowser | 20-Apr-2025 |
MSRPC — Port 135, 539 — How to exploit? | https://medium.com/@verylazytech/msrpc-port-135-539-how-to-exploit-1e14a8b8006b?source=rss------bug_bounty-5 | Very Lazy Tech | msrpc, penetration-testing, ethical-hacking, hacking, bug-bounty | 20-Apr-2025 |
Lab: Exploiting an API endpoint using documentation | https://mukibas37.medium.com/lab-exploiting-an-api-endpoint-using-documentation-0a74ce7b7118?source=rss------bug_bounty-5 | Mukilan Baskaran | hacking, bug-bounty, security, ethical-hacking, cybersecurity | 20-Apr-2025 |
Escalating Impact: Full Account Takeover in Microsoft via XSS in Login Flow | https://melotover.medium.com/escalating-impact-full-account-takeover-in-microsoft-via-xss-in-login-flow-f160fa79b008?source=rss------bug_bounty-5 | Asem Eleraky | account-takeover, cybersecurity, cross-site-scripting, xss-attack, bug-bounty | 20-Apr-2025 |
️ Rate Limiting: The Unsung Guardian of Web Applications | https://medium.com/@sachinpv2004/%EF%B8%8F-rate-limiting-the-unsung-guardian-of-web-applications-37a52a96a320?source=rss------bug_bounty-5 | SACHIN PV | cybersecurity, bug-bounty, red-team, pentesting, rate-limiting | 20-Apr-2025 |
HTTP Parameter Pollution: The Dirty Little Secret That Gave Me Full Backend Access ️ | https://infosecwriteups.com/http-parameter-pollution-the-dirty-little-secret-that-gave-me-full-backend-access-%EF%B8%8F-f7777c569648?source=rss------bug_bounty-5 | Iski | cybersecurity, bug-bounty, money, infosec, hacking | 20-Apr-2025 |
Lab: Exploiting an API endpoint using documentation | https://infosecwriteups.com/lab-exploiting-an-api-endpoint-using-documentation-0a74ce7b7118?source=rss------bug_bounty-5 | Mukilan Baskaran | hacking, bug-bounty, security, ethical-hacking, cybersecurity | 20-Apr-2025 |
Cyber Kalki Nexus Subdomain WebScanner Pro The Ultimate Free Web Subdomain Discovery Tool for… | https://medium.com/@krivadna/cyber-kalki-nexus-subdomain-webscanner-pro-the-ultimate-free-web-subdomain-discovery-tool-for-3d59d7f645a2?source=rss------bug_bounty-5 | Krivadna | infosec, bug-bounty, bugbounty-writeup, subdomains-enumeration, cybersecurity | 20-Apr-2025 |
Mastering Logic Bugs: A Checklist for Bug Hunters — Part 4 (tips from Pro hunters) | https://medium.com/@mahdisalhi0500/mastering-logic-bugs-a-checklist-for-bug-hunters-part-4-tips-from-pro-hunters-b098618c67ca?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | bug-bounty, penetration-testing, information-security, cybersecurity, hacking | 20-Apr-2025 |
A list of good wordlists for bug bounty hunters | https://medium.com/@loyalonlytoday/a-list-of-good-wordlists-for-bug-bounty-hunters-7a6562df2aba?source=rss------bug_bounty-5 | loyalonlytoday | cybersecurity, penetration-testing, wordlist, ethical-hacking, bug-bounty | 19-Apr-2025 |
Exposed Secrets in JavaScript Files | https://medium.com/@Abhijeet_kumawat_/exposed-secrets-in-javascript-files-430a76834952?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, hacking, cybersecurity, javascript, ai | 19-Apr-2025 |
Buy Any Product for Free via Price Tampering | https://medium.com/@shyam.sam0704/buy-any-product-for-free-via-price-tampering-75326ff7a767?source=rss------bug_bounty-5 | Shyam | vulnerability-assessment, bug-hunting, bug-bounty, burpsuite, price-tampering | 19-Apr-2025 |
Reflected XSS using Bookmark | https://infosecwriteups.com/reflected-xss-using-bookmark-937cf27c5725?source=rss------bug_bounty-5 | cryptoshant | journey, hacking, cybersecurity, samsung, bug-bounty | 19-Apr-2025 |
Exposed Secrets in JavaScript Files | https://infosecwriteups.com/exposed-secrets-in-javascript-files-430a76834952?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, hacking, cybersecurity, javascript, ai | 19-Apr-2025 |
What Is a JavaScript Attribute? | https://medium.com/@zoningxtr/what-is-a-javascript-attribute-e6b4e5b6317c?source=rss------bug_bounty-5 | Zoningxtr | html, javascript, bug-bounty, penetration-testing, cybersecurity | 19-Apr-2025 |
Programming Language for Ethical Hacking | https://infosecwriteups.com/programming-language-for-ethical-hacking-67eb8b211759?source=rss------bug_bounty-5 | Mr Horbio | hacking, programming, bug-bounty, ethical-hacking, cybersecurity | 19-Apr-2025 |
Understanding Session Cookies and Authentication Tokens | https://medium.com/@sachinpv2004/understanding-session-cookies-and-authentication-tokens-452bd4cc332a?source=rss------bug_bounty-5 | SACHIN PV | bug-bounty, hacking, pentesting, cybersecurity, sessions | 19-Apr-2025 |
Hidden in Plain Sight: How Sitemap.xml Gave Me Access to Gold | https://medium.com/@iski/hidden-in-plain-sight-how-sitemap-xml-gave-me-access-to-gold-101fc0e0bf1e?source=rss------bug_bounty-5 | Iski | infosec, money, hacking, cybersecurity, bug-bounty | 19-Apr-2025 |
How I Registered the Same Username Twice — No Tools Needed | https://strangerwhite.medium.com/how-i-registered-the-same-username-twice-no-tools-needed-284f3b46d82a?source=rss------bug_bounty-5 | StrangeRwhite | bug-bounty-writeup, infosec, hacking, bug-bounty-tips, bug-bounty | 19-Apr-2025 |
How to detect and exploit OS Command injection | https://medium.com/@evyeveline1/how-to-detect-and-exploit-os-command-injection-a5d4d2423ead?source=rss------bug_bounty-5 | Evyeveline | bug-bounty, os-command-injection, web-hacking, ethical-hacking, web-vulnerabilities | 19-Apr-2025 |
Business Logic Flaw worth $1250 | https://vijetareigns.medium.com/business-logic-flaw-worth-1250-35efcd1b9af9?source=rss------bug_bounty-5 | the_unlucky_guy | hacking, bug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-writeup | 19-Apr-2025 |
When “One‑Time” Isn’t One‑Time: How a Simple OTP bypass gave me Platform-Wide Account Takeover | https://medium.com/@ali.mezar/when-one-time-isnt-one-time-how-a-simple-otp-bypass-gave-me-platform-wide-account-takeover-0554bbd39dbc?source=rss------bug_bounty-5 | Ali Mezar | web-security, rate-limiting, account-takeover, bug-bounty, otp-bypass | 19-Apr-2025 |
SQL injection UNION attack, retrieving multiple values in a single column — PortSwigger | https://arayofhope7.medium.com/sql-injection-union-attack-retrieving-multiple-values-in-a-single-column-portswigger-65d850e9cc8e?source=rss------bug_bounty-5 | RayofHope | cybersecurity, ethical-hacking, web-penetration-testing, penetration-testing, bug-bounty | 19-Apr-2025 |
HTML Tags and Their JavaScript-Interactive Attributes ✨ | https://medium.com/@zoningxtr/html-tags-and-their-javascript-interactive-attributes-7534e7de0cb1?source=rss------bug_bounty-5 | Zoningxtr | html, penetration-testing, cybersecurity, bug-bounty, javascript | 19-Apr-2025 |
NetBios — Port 137,138,139 — How to exploit? | https://medium.com/@verylazytech/netbios-port-137-138-139-how-to-exploit-4c0f81af3b94?source=rss------bug_bounty-5 | Very Lazy Tech | bug-bounty, netbios, hacking, ethical-hacking, penetration-testing | 19-Apr-2025 |
From Curiosity to Shell phpinfo() | https://medium.com/@dhirenkumar/from-curiosity-to-shell-phpinfo-fa7a7b7e5d22?source=rss------bug_bounty-5 | pradhan | cybersecurity, bug-bounty, tips, infosec, hacking | 19-Apr-2025 |
How I Passed the eJPT Certification: Complete Journey | https://medium.com/@vipulsonule71/how-i-passed-the-ejpt-certification-complete-journey-a0d3a1206c06?source=rss------bug_bounty-5 | Vipul Sonule | tech, cybersecurity, bug-bounty, hacking, medium | 19-Apr-2025 |
“How I Found a Privilege Escalation Bug by Accident and Earned $830” | https://medium.com/@saddamzzz65/how-i-found-a-privilege-escalation-bug-by-accident-and-earned-830-af15a35dc3d8?source=rss------bug_bounty-5 | Saddamzzz | ethical-hacking, bug-bounty, cybersecurity, web-security, infosec | 19-Apr-2025 |
Android Application Analysis: Tools, Techniques and Tips | https://medium.com/@mayank_prajapati/android-application-analysis-tools-techniques-and-tips-435dcf144c9c?source=rss------bug_bounty-5 | Mayank Kumar Prajapati | cybersecurity, penetration-testing, ethical-hacking, bug-bounty, android | 19-Apr-2025 |
UI Says No to Email Change, Backend Says ‘Sure, Why Not?’” | https://medium.com/@a0xtrojan/ui-says-no-to-email-change-backend-says-sure-why-not-cff45b3cfe3c?source=rss------bug_bounty-5 | A0X_Trojan | bug-bounty, bussiness-logic-error, penetration-testing, medium, hackerone | 19-Apr-2025 |
Blind SQL injection with conditional responses — Zero to Hero Blind Injection — Portswigger | https://arayofhope7.medium.com/blind-sql-injection-with-conditional-responses-zero-to-hero-blind-injection-portswigger-dad0cab48d57?source=rss------bug_bounty-5 | RayofHope | ethical-hacking, bug-bounty, web-penetration-testing, cybersecurity, penetration-testing | 19-Apr-2025 |
All about Multi-factor Authentication | https://hassanjawaid.medium.com/all-about-multi-factor-authentication-a131d6c20bf5?source=rss------bug_bounty-5 | Hassan Jawaid | bug-bounty-writeup, bug-bounty | 19-Apr-2025 |
Aswan CTF Web challenges: Yaoguai Bank | https://medium.com/@karim.engmohamed/aswan-ctf-web-challenges-yaoguai-bank-606d6dd6dd27?source=rss------bug_bounty-5 | Karim Mohamed | ctf, web, ctf-writeup, ctf-walkthrough, bug-bounty | 18-Apr-2025 |
The Hidden Dangers of an Exposed .env File | https://medium.com/@dharineeshj2/the-hidden-dangers-of-an-exposed-env-file-80532158c6f0?source=rss------bug_bounty-5 | Hack-Bat | bug-bounty, penetration-testing, hacking, cybersecurity, red-team | 18-Apr-2025 |
Burp Suite Beyond Basics: Hidden Features That Save Time and Find More Bugs | https://infosecwriteups.com/burp-suite-beyond-basics-hidden-features-that-save-time-and-find-more-bugs-19f15bb3bcc3?source=rss------bug_bounty-5 | Abhijeet Kumawat | secrets, bug-bounty, cybersecurity, burpsuite, hacking | 18-Apr-2025 |
How I Earned $300 from a Single Rate Limiting Vulnerability — Twice! | https://medium.com/@whitehat29/how-i-earned-300-from-a-single-rate-limiting-vulnerability-twice-224b4be29fd0?source=rss------bug_bounty-5 | Whitehat | bug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty, cybersecurity | 18-Apr-2025 |
What Bugs you can find as a Beginner | https://medium.com/@aashifm/what-bugs-you-can-find-as-a-beginner-e016b5d535d4?source=rss------bug_bounty-5 | 127.0.0.1 | cybersecurity, idor, bug-bounty, open-redirect, bugs | 18-Apr-2025 |
Hours of Recon, One Vulnerable Parameter, and Boom — SQL Injection Found. | https://hiddendom.medium.com/hours-of-recon-one-vulnerable-parameter-and-boom-sql-injection-found-e7f2bb74d423?source=rss------bug_bounty-5 | Gokuleswaran B | bug-bounty-tips, bug-bounty-writeup, sql-injection-attack, sql-injection, bug-bounty | 18-Apr-2025 |
Bypassing Like a Pro: How I Fooled the WAF and Made It Pay | https://infosecwriteups.com/bypassing-like-a-pro-how-i-fooled-the-waf-and-made-it-pay-e433193e1d9d?source=rss------bug_bounty-5 | Iski | money, cybersecurity, bug-bounty, hacking, infosec | 18-Apr-2025 |
Recon Search Assistant | https://medium.com/@bobby.S/recon-search-assistant-d8506fdc8484?source=rss------bug_bounty-5 | 0xBobby | bug-bounty-tips, bug-bounty-writeup, bug-bounty, penetration-testing, google-dork | 18-Apr-2025 |
Checking for SSL Medium Strength Cipher Suites Supported | https://medium.com/@toon.commander/checking-for-ssl-medium-strength-cipher-suites-supported-2a27b1c021c2?source=rss------bug_bounty-5 | Jormungandr | pentest, vulnerability, exploit, bug-bounty | 18-Apr-2025 |
WAF Bypass Masterclass: Using SQLMap with Proxychains and Tamper Scripts Against Cloudflare &… | https://infosecwriteups.com/waf-bypass-masterclass-using-sqlmap-with-proxychains-and-tamper-scripts-against-cloudflare-9d46b36bae94?source=rss------bug_bounty-5 | coffinxp | cybersecurity, hacking, bug-bounty, programming, technology | 18-Apr-2025 |
Automating GraphQL Bug Bounty Hunting with GrapeQL | https://infosecwriteups.com/automating-graphql-bug-bounty-hunting-with-grapeql-e1e874f11c7c?source=rss------bug_bounty-5 | Aleksa Zatezalo | software-development, bug-bounty, graphql, hacking, github | 18-Apr-2025 |
Rethinking Deserialization Attacks: Chaining Cloudpickle with Pandas & NumPy | https://medium.com/@kerkroups/rethinking-deserialization-attacks-chaining-cloudpickle-with-pandas-numpy-cadebb52b69f?source=rss------bug_bounty-5 | Kerkroups | cybersecurity, application-security, bug-bounty, penetration-testing | 18-Apr-2025 |
Click Jacking Impact Privilage Escalation | https://firdausmuhammadismail.medium.com/click-jacking-impact-privilage-escalation-585918563f52?source=rss------bug_bounty-5 | Firdaus Muhammad Ismail | bug-bounty-writeup, clickjacking, vulnerability, bug-bounty, poc | 18-Apr-2025 |
SMB — Port 139 445 — How to exploit? | https://medium.com/@verylazytech/smb-port-139-445-how-to-exploit-8a1580797bc0?source=rss------bug_bounty-5 | Very Lazy Tech | ethical-hacking, smb, penetration-testing, port-445, bug-bounty | 18-Apr-2025 |
Earn Money by Discovering Bugs | https://medium.com/@2000anujsharma/earn-money-by-discovering-bugs-b434b95ac2b7?source=rss------bug_bounty-5 | Let's code | infosec, cybersecurity, ethical-hacking, makemoney-online, bug-bounty | 18-Apr-2025 |
Secret to find bugs in five minutes. Juicy reality. | https://medium.com/@riazrabia/secret-to-find-bugs-in-five-minutes-juicy-reality-c7ed63cf26a8?source=rss------bug_bounty-5 | Rabia Riaz | easy-bugs, bug-bounty-writeup, bug-bounty-tips, bug-bounty, bug-in-5-minutes | 18-Apr-2025 |
Light CTF Write-up: A Deep Dive into SQLite Injection and Enumeration | https://medium.com/@shxdowz/light-ctf-write-up-a-deep-dive-into-sqlite-injection-and-enumeration-f0253a63171d?source=rss------bug_bounty-5 | Shxdowz | tryhackme-walkthrough, bug-bounty, tryhackme, sql-injection, writeup | 18-Apr-2025 |
I need your support | https://medium.com/@t79877005/i-need-your-support-02984632fd9b?source=rss------bug_bounty-5 | Rester Test | chrome, bug-bounty, software-testing, bugs | 18-Apr-2025 |
Pre-Account Takeover: The Account Hack You Never Saw Coming | https://medium.com/@sachinpv2004/pre-account-takeover-the-account-hack-you-never-saw-coming-25eb518b34f1?source=rss------bug_bounty-5 | SACHIN PV | cybersecurity, bug-bounty, account-takeover, pentesting, security | 18-Apr-2025 |
Why You Shouldn’t Share Your Dreams With Everyone — SOCIAL EXPERIMENT | https://medium.com/@ph4nt0mbyt3/why-you-shouldnt-share-your-dreams-with-everyone-social-experiment-e7aae670ab02?source=rss------bug_bounty-5 | ph4nt0mbyt3 | bug-bounty, motivation | 18-Apr-2025 |
How to Find Hidden APIs and Abuse Them in Web Apps | https://medium.com/@vipulsonule71/how-to-find-hidden-apis-and-abuse-them-in-web-apps-42bd8cd91552?source=rss------bug_bounty-5 | Vipul Sonule | bug-bounty, technology, hacking, ethical-hacking, cybersecurity | 18-Apr-2025 |
⚠️ CVE-2025-24054: Actively Exploited Vulnerability Stealing NTLM Credentials – What You Need to… | https://chintalatarakaram.medium.com/%EF%B8%8F-cve-2025-24054-actively-exploited-vulnerability-stealing-ntlm-credentials-what-you-need-to-631ac46f45e3?source=rss------bug_bounty-5 | Chintala Taraka Ram | bug-bounty-writeup, bug-bounty, hacking, cybersecurity, bug-bounty-tips | 18-Apr-2025 |
Header-Fusion | https://medium.com/@bineeg/header-fusion-3c11da41582e?source=rss------bug_bounty-5 | bineeg | idor-vulnerability, infosec, bug-bounty, hacking-tools | 18-Apr-2025 |
Race condtion & Logic Bug lead to Pre-ATO | https://medium.com/@yassentaalab51/race-condtion-logic-bug-lead-to-pre-ato-4fb85dfb4bcc?source=rss------bug_bounty-5 | Killua | owasp, bug-bounty, penetration-testing, race-condition, bug-bounty-tips | 18-Apr-2025 |
F5 BIGIP PROMO CODES- UDEMY | https://medium.com/@deepdive4learn/f5-bigip-promo-codes-udemy-6ed8534d230d?source=rss------bug_bounty-5 | DeepDive4learn | bug-bounty, web-development, cybersecurity, python-programming, udemy | 18-Apr-2025 |
The One Parameter That Changed Everything /api/v1 | https://medium.com/@dhirenkumar/the-one-parameter-that-changed-everything-api-v1-2747e3b83f84?source=rss------bug_bounty-5 | Dhiren Kumar Pradhan | hacking, bug-bounty, infosec, cybersecurity | 17-Apr-2025 |
Detecting Credential Dumping with Windows Built-In Tools | https://medium.com/@paritoshblogs/detecting-credential-dumping-with-windows-built-in-tools-b51b8eb6f8ca?source=rss------bug_bounty-5 | Paritosh | bug-bounty, cybersecurity, credentials, information-technology, hacking | 17-Apr-2025 |
Slow HTTP Denial of Service Attack Pada Subdomain kawasaki.co.id | https://medium.com/@ricoandreas19/slow-http-denial-of-service-attack-pada-subdomain-kawasaki-co-id-7dca9a319057?source=rss------bug_bounty-5 | Rico Andreas | bug-bounty, denial-of-service-attack, slow-loris, kawasaki-indonesia | 17-Apr-2025 |
☠️The Ultimate Subdomain Enumeration Guide: Tools, Tricks, and Hidden Secrets | https://infosecwriteups.com/%EF%B8%8Fthe-ultimate-subdomain-enumeration-guide-tools-tricks-and-hidden-secrets-bbae13df9a83?source=rss------bug_bounty-5 | Abhijeet Kumawat | subdomains-enumeration, infosec, bug-bounty, hacking, cybersecurity | 17-Apr-2025 |
Secret tricks to get hidden information in Bug Bounty | https://infosecwriteups.com/secret-tricks-to-get-hidden-information-in-bug-bounty-107f3e055c4d?source=rss------bug_bounty-5 | Mr Horbio | hacking, github, cybersecurity, penetration-testing, bug-bounty | 17-Apr-2025 |
Hacking and Securing Docker Containers: A Deep Dive into Common Vulnerabilities and Test Cases | https://infosecwriteups.com/hacking-and-securing-docker-containers-a-deep-dive-into-common-vulnerabilities-and-test-cases-e40f2eee58f2?source=rss------bug_bounty-5 | Ajay Naik | docker, bug-bounty, penetration-testing, information-security, cybersecurity | 17-Apr-2025 |
From CSS to AWS: How a Stylesheet Reference Leaked Cloud Secrets ☁️ | https://medium.com/@iski/from-css-to-aws-how-a-stylesheet-reference-leaked-cloud-secrets-%EF%B8%8F-c55e5048777e?source=rss------bug_bounty-5 | Iski | money, bug-bounty, infosec, hacking, cybersecurity | 17-Apr-2025 |
️♂️ “I Didn’t Plan to Find a P1… But My Script Had Other Plans ” | https://infosecwriteups.com/%EF%B8%8F-%EF%B8%8F-i-didnt-plan-to-find-a-p1-but-my-script-had-other-plans-77691a46985b?source=rss------bug_bounty-5 | Lord Heaven | s3-bucket, infosecurity, s3, infosec, bug-bounty | 17-Apr-2025 |
OSINT Like a Spy: Tools and Techniques for Online Investigations ️♂️ | https://medium.com/@vipulsonule71/osint-like-a-spy-tools-and-techniques-for-online-investigations-%EF%B8%8F-%EF%B8%8F-79571a765ddb?source=rss------bug_bounty-5 | Vipul Sonule | cybersecurity, technology, bug-bounty, ethical-hacking, hacking | 17-Apr-2025 |
The Rise of Cloud Hacking: What Every Developer Should Know | https://medium.com/write-a-catalyst/the-rise-of-cloud-hacking-what-every-developer-should-know-e99efe9d8e3c?source=rss------bug_bounty-5 | Monika sharma | bug-bounty, ai, hacking, cloud, technology | 17-Apr-2025 |
Understanding All HTTP Response Codes & How to Bypass Them! | https://medium.com/@gouravrathod8788/understanding-all-http-response-codes-how-to-bypass-them-677b784f8232?source=rss------bug_bounty-5 | Gourav Singh Rajput | https, security, red-team, cybersecurity, bug-bounty | 17-Apr-2025 |
2FA Bypass: A Case of Insecure Implementation | https://ehteshamulhaq198.medium.com/2fa-bypass-a-case-of-insecure-implementation-8b9e44f3d68c?source=rss------bug_bounty-5 | Ehtesham Ul Haq | 2fa-authentication, ethical-hacking, bug-bounty, penetration-testing, infosec | 17-Apr-2025 |
From Betting Addiction to Ethical Hacking: How I Discovered a Security Loophole in a Popular… | https://medium.com/@pazzoamani/from-betting-addiction-to-ethical-hacking-how-i-discovered-a-security-loophole-in-a-popular-159720067f1d?source=rss------bug_bounty-5 | AMANI Patrick | cybersecurity, cybersecurity-awareness, offensive-security, bug-bounty | 17-Apr-2025 |
How I Earned $3,245 in Bug Bounties(My First 90 Days) | https://medium.com/@ibtissamhammadi/how-i-earned-3-245-in-bug-bounties-my-first-90-days-d4b8e397280d?source=rss------bug_bounty-5 | Ibtissam Hammadi | make-money-online, cybersecurity, payu, bug-bounty, hacking | 17-Apr-2025 |
Data Disclosed: A Look into Real-World Incidents | https://medium.com/@sachinpv2004/data-disclosed-a-look-into-real-world-incidents-acc00a02a89c?source=rss------bug_bounty-5 | SACHIN PV | bug-bounty, pentesting, information-disclosure, cybersecurity | 17-Apr-2025 |
MASTER IN BASH WITH ONE VIDEO | https://infosecwriteups.com/master-in-bash-with-one-video-5c77dbe3341d?source=rss------bug_bounty-5 | Mr Horbio | penetration-testing, cybersecurity, ethical-hacking, bug-bounty, bash | 17-Apr-2025 |
SUID Exploitation [Privilege Escalation] Tutorial | EJPT Exam | https://infosecwriteups.com/suid-exploitation-privilege-escalation-tutorial-ejpt-exam-e446f340ba3f?source=rss------bug_bounty-5 | Mr Horbio | penetration-testing, ethical-hacking, bug-bounty, hacker, cybersecurity | 17-Apr-2025 |
How I Took Over Accounts by Disabling 2FA Without Even Logging In | P1 — Critical | https://medium.com/@nebty/how-i-took-over-accounts-by-disabling-2fa-without-even-logging-in-p1-critical-a50f109e2ed4?source=rss------bug_bounty-5 | Nebty | cybersecurity, vulnerability, authentication, bug-bounty, 2fa | 17-Apr-2025 |
How to Find Hidden SQL Injection Points During Recon | https://medium.com/@vipulsonule71/how-to-find-hidden-sql-injection-points-during-recon-3f015328fdef?source=rss------bug_bounty-5 | Vipul Sonule | hacking, cybersecurity, penetration-testing, tech, bug-bounty | 17-Apr-2025 |
Metasploit Basics For PenTester & Bug Bounty Hunters ⚡ | https://medium.com/@0b1d1/metasploit-basics-for-pentester-bug-bounty-hunters-72facfc9cdd1?source=rss------bug_bounty-5 | 0b1d1 | bug-bounty-writeup, bug-bounty, bug-bounty-tips, meterpreter, metasploit | 17-Apr-2025 |
Powerful One-Liner commands for Ethical Hacking & Bug Hunting | https://medium.com/@BugRey/powerful-one-liner-commands-for-ethical-hacking-bug-hunting-dd33fd2aaa09?source=rss------bug_bounty-5 | ./Rey~ | ethical-hacking, cybersecurity, bug-bounty, bug-bounty-tips | 17-Apr-2025 |
200$ by Tricking a Global Music App with One Line of Code | https://myselfakash20.medium.com/200-by-tricking-a-global-music-app-with-one-line-of-code-de2f4ab3cd4a?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty-tips, technology, cybersecurity, bug-bounty, ethical-hacking | 17-Apr-2025 |
Top 15 Unique Extensions for Programmers: Part(3) | https://osintteam.blog/top-15-unique-extensions-for-programmers-part-3-1009695a1199?source=rss------bug_bounty-5 | Monika sharma | hacking, programming, technology, bug-bounty, extension | 17-Apr-2025 |
They Used Tools I Used Logic 0-Click Account Takeover Without Breaking a Sweat | https://medium.com/@loayahmed686/they-used-tools-i-used-logic-0-click-account-takeover-without-breaking-a-sweat-fd57c078dc82?source=rss------bug_bounty-5 | r00t | bug-bounty, infosec, cybersecurity, bugbounty-tips, bugbounty-writeup | 17-Apr-2025 |
The 50-Day Security Marathon: How I Helped Ford Patch a Critical XSS Vulnerability | https://medium.com/@N0aziXss/the-50-day-security-marathon-how-i-helped-ford-patch-a-critical-xss-vulnerability-fc6c012f40b5?source=rss------bug_bounty-5 | N0aziXss | xss-vulnerability, enterprise-security, responsible-disclosure, web-security, bug-bounty | 17-Apr-2025 |
CVE-2025–29927 Authorization bypass vulnerability identified in Next.js. | https://shauryasharma05.medium.com/cve-2025-29927-authorization-bypass-vulnerability-identified-in-next-js-9f46812c7826?source=rss------bug_bounty-5 | Shaurya Sharma | hacking, nextjs, cybersecurity, cve, bug-bounty | 17-Apr-2025 |
How I got a Zero-Click Account Takeover Bounty — Using Nothing But Logic | https://itsahmedatef.medium.com/how-i-got-a-zero-click-account-takeover-bounty-using-nothing-but-logic-11a3ae151376?source=rss------bug_bounty-5 | Ahmed Atef | cybersecurity, infosec, bug-bounty-writeup, account-takeover, bug-bounty | 17-Apr-2025 |
How I Discovered CVE-2025–3568: From XSS to Admin Account Takeover | https://medium.com/@sneharghyaroy/how-i-discovered-cve-2025-3568-from-xss-to-admin-account-takeover-6dabfcc7a320?source=rss------bug_bounty-5 | Sneharghya Roy | bug-bounty, educational, cybersecurity, ethical-hacking | 17-Apr-2025 |
“Analyzing Browser Artifacts During an Incident” : Cache, history, and login data in Chrome, Edge… | https://medium.com/@paritoshblogs/analyzing-browser-artifacts-during-an-incident-cache-history-and-login-data-in-chrome-edge-47ee1a7ce2a3?source=rss------bug_bounty-5 | Paritosh | hacking, bug-bounty, cybersecurity, incident-response, information-technology | 16-Apr-2025 |
An ultimate information-gathering tool for bug bounty hunters, Osint investigators, and pen testers. | https://medium.com/@loyalonlytoday/an-ultimate-information-gathering-tool-for-bug-bounty-hunters-osint-investigators-and-pen-testers-70b8944746f6?source=rss------bug_bounty-5 | loyalonlytoday | hacking, bug-bounty, programming, penetration-testing, cybersecurity | 16-Apr-2025 |
How a Software Engineer Earned $40,000 Through Bug Bounty Programs (In His Spare Time) | https://medium.com/@cadeeper/how-a-software-engineer-earned-40-000-through-bug-bounty-programs-in-his-spare-time-a9e1834a02c9?source=rss------bug_bounty-5 | Invik | bug-bounty, security, cybersecurity, development, software-development | 16-Apr-2025 |
How I Earned My First Bug Bounty and What It Taught Me About Ethical Hacking | https://medium.com/@dhirenkumar/how-i-earned-my-first-bug-bounty-and-what-it-taught-me-about-ethical-hacking-f3687e212d0a?source=rss------bug_bounty-5 | Dhiren Kumar Pradhan | hacking, bug-bounty, cybersecurity | 16-Apr-2025 |
️ Blind XSS Attack in Production: My Favorite Exploit with a Delayed Surprise | https://infosecwriteups.com/%EF%B8%8F-blind-xss-attack-in-production-my-favorite-exploit-with-a-delayed-surprise-3f7f13427ee4?source=rss------bug_bounty-5 | Abhijeet Kumawat | xss-attack, secrets, bug-bounty, hacking, cybersecurity | 16-Apr-2025 |
From ‘Error 404’ to ‘Cha-Ching! BugBounty | https://medium.com/@xlr44444/from-error-404-to-cha-ching-bugbounty-18d3b839019b?source=rss------bug_bounty-5 | Blekhate | bug-bounty-writeup, bug-bounty, bug-bounty-tips, pentesting, cybersecurity | 16-Apr-2025 |
Email Verification Bypass during Account Creation | Insecure Design | https://raymondv.medium.com/email-verification-bypass-during-account-creation-insecure-design-09122979577f?source=rss------bug_bounty-5 | Raymond Van Wart | insecure-design, cybersecurity, firebase, bug-bounty | 16-Apr-2025 |
Bypassing Content-Type Restrictions to Upload Web Shells | https://medium.com/@nevershareemail/bypassing-content-type-restrictions-to-upload-web-shells-d10fd45fa10b?source=rss------bug_bounty-5 | Sumit Tiwari | cybersecurity, web-app-security, bug-bounty, web-app-pentesting, bug-bounty-tips | 16-Apr-2025 |
My First High-Impact Bug: Unauthenticated Unsubscribe via Token Manipulation (IDOR + PII… | https://medium.com/@sauravkrish59/my-first-high-impact-bug-unauthenticated-unsubscribe-via-token-manipulation-idor-pii-872d1004a9bc?source=rss------bug_bounty-5 | @Sauravkrish | bug-bounty-writeup, bug-bounty, bug-bounty-tips, cybersecurity | 16-Apr-2025 |
Apache Roller’s Got a Major Bug — and It’s No April Fool’s Joke! | https://medium.com/@thecyberghost/apache-rollers-got-a-major-bug-and-it-s-no-april-fool-s-joke-d445fd81d8c4?source=rss------bug_bounty-5 | The Cyber Ghost | cybersecurity, bug-bounty, cyber, cyber-security-awareness, bugs | 16-Apr-2025 |
How Race Condition Worth Me $1000 On YesWeHack | https://medium.com/@manan_sanghvi/how-race-condition-worth-me-1000-on-yeswehack-f90be39ecb2b?source=rss------bug_bounty-5 | Manan Sanghvi | penetration-testing, ethical-hacking, race-condition, hacking, bug-bounty | 16-Apr-2025 |
How I discovered a hidden user thanks to server responses ? | https://medium.com/@phoenixcatalan/how-i-discovered-a-hidden-user-thanks-to-server-responses-b65e198f4e73?source=rss------bug_bounty-5 | phoenixcatalan | ethical-hacking, hacking, pentesting, portswigger, bug-bounty | 16-Apr-2025 |
Impostor Admin: Token Edition | https://medium.com/@tanyago/impostor-admin-token-edition-dfcd1f5643b0?source=rss------bug_bounty-5 | Tanya Goyal | bug-bounty, bugbounty-writeup, bug-bounty-tips, bug-bounty-program | 16-Apr-2025 |
️♂️ Bug Bounty Secrets They Don’t Tell You: Tricks From 100+ Reported Bugs | https://medium.com/@vipulsonule71/%EF%B8%8F-%EF%B8%8F-bug-bounty-secrets-they-dont-tell-you-tricks-from-100-reported-bugs-2fa23c613f1b?source=rss------bug_bounty-5 | Vipul Sonule | bug-bounty, ethical-hacking, hacking, tech, cybersecurity | 16-Apr-2025 |
♂️ Bypassing 403/401: All the Tricks Hackers Use | https://medium.com/@vipulsonule71/%EF%B8%8F-bypassing-403-401-all-the-tricks-hackers-use-6600b005289e?source=rss------bug_bounty-5 | Vipul Sonule | cybersecurity, hacking, penetration-testing, bug-bounty, tech | 16-Apr-2025 |
How I Hacked RemoteBinge’s GIF Upload Filter | https://medium.com/@worm_401/how-i-hacked-remotebinges-gif-upload-filter-5218cd45124b?source=rss------bug_bounty-5 | Worm_403 | hacking, ctf-writeup, web-security, file-upload-vulnerability, bug-bounty | 16-Apr-2025 |
Day 2: Best Free Ways to Learn Ethical Hacking by Doing! | https://medium.com/@omkumar.coder/day-2-best-free-ways-to-learn-ethical-hacking-by-doing-d59617552336?source=rss------bug_bounty-5 | om kumar | technology, bug-bounty, software-engineering, cybersecurity, hacking | 16-Apr-2025 |
How to Bypass 503 Errors Like a Pro! ✨ | https://medium.com/@gouravrathod8788/how-to-bypass-503-errors-like-a-pro-10f0c110a162?source=rss------bug_bounty-5 | Gourav Singh Rajput | pentesting, 503errorbypass, bypass, cybersecurity, bug-bounty | 16-Apr-2025 |
Bug Bounty Google Dorks | https://medium.com/@shamzen96/bug-bounty-google-dorks-3af9c763de61?source=rss------bug_bounty-5 | Shivam Raj | bug-bounty, dorks, pentesting, hacking, cybersecurity | 16-Apr-2025 |
The Hidden Threat in Your XML: Understanding XXE Attacks | https://medium.com/@es0557533/the-hidden-threat-in-your-xml-understanding-xxe-attacks-0d7f91bb5749?source=rss------bug_bounty-5 | Isv | bug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-writeup | 16-Apr-2025 |
IMAP — Port 143, 993 — How to exploit? | https://medium.com/@verylazytech/imap-port-143-993-how-to-exploit-3bc8778916cd?source=rss------bug_bounty-5 | Very Lazy Tech | penetration-testing, exploit, ethical-hacking, imap, bug-bounty | 16-Apr-2025 |
IRC — Ports 194,6667,6660–7000 — How to exploit? | https://medium.com/@verylazytech/irc-ports-194-6667-6660-7000-how-to-exploit-5ecac016b853?source=rss------bug_bounty-5 | Very Lazy Tech | ethical-hacking, bug-bounty, irc, penetration-testing, exploit | 15-Apr-2025 |
Why Most PoCs Fail: The Invisible Wall Called SSP | https://medium.com/@pch.neurodive.fuk060/why-most-pocs-fail-the-invisible-wall-called-ssp-06c489ebfdba?source=rss------bug_bounty-5 | IRORI | web-security, cybersecurity, ctf, infosec, bug-bounty | 15-Apr-2025 |
BugBounty Directory | https://medium.com/@abhishekY495/bugbounty-directory-35609687204c?source=rss------bug_bounty-5 | Abhishek | hacker, bug-bounty-tips, bug-bounty, bug-bounty-writeup, hackerone | 15-Apr-2025 |
How I Built a Recon Flow Out of Rage and Spite | https://myselfakash20.medium.com/how-i-built-a-recon-flow-out-of-rage-and-spite-18ddd367149e?source=rss------bug_bounty-5 | Akash Ghosh | hacking, bug-bounty, technology, bug-bounty-tips, cybersecurity | 15-Apr-2025 |
How I Exploited Rate Limiting to Access Admin Features (Real Case Study) | https://infosecwriteups.com/how-i-exploited-rate-limiting-to-access-admin-features-real-case-study-fe25cb965a0a?source=rss------bug_bounty-5 | Abhijeet Kumawat | secrets, bug-bounty, cybersecurity, infosec, hacking | 15-Apr-2025 |
“How to Find Hidden API Endpoints and Secrets in JavaScript Files for Bug Bounties & Web App… | https://hackersatty.medium.com/how-to-find-hidden-api-endpoints-and-secrets-in-javascript-files-for-bug-bounties-web-app-f4ea92d16954?source=rss------bug_bounty-5 | hackersatty | api-endpoint, bug-bounty-writeup, javascript, bug-bounty, secrets | 15-Apr-2025 |
Mastering Business Logic Price Manipulation in Bug Bounty Programs | https://frostyxsec.medium.com/mastering-business-logic-price-manipulation-in-bug-bounty-programs-4d3ac14d9837?source=rss------bug_bounty-5 | Frostyxsec | bug-hunting, bug-bounty-tips, bug-bounty, bugbounty-writeup, bug-bounty-hunter | 15-Apr-2025 |
How Telegram’s Bot API Enables Real-Time 2FA Theft and Account Takeover | https://medium.com/@princep49036142/how-telegrams-bot-api-enables-real-time-2fa-theft-and-account-takeover-fa438ce9a9e0?source=rss------bug_bounty-5 | Prince Philip | telegram, hacker, bug-bounty, bug-bounty-writeup, ui | 15-Apr-2025 |
Cracking JWT: When the ‘None’ Algorithm Opens the Authentication Gate | https://medium.com/@arrheniuspaelongan09/cracking-jwt-when-the-none-algorithm-opens-the-authentication-gate-5bafa942c9a5?source=rss------bug_bounty-5 | Arrhenius Paelongan | bug-bounty, cybersecurity, hacking, penetration-testing, red-team | 15-Apr-2025 |
I Broke Into /etc/passwd Using a Null Byte and It Was Stupid Easy #HackerVibes | https://medium.com/@RootPwned/i-broke-into-etc-passwd-using-a-null-byte-and-it-was-stupid-easy-hackervibes-54a4e86e985c?source=rss------bug_bounty-5 | Sumanth Yerranagula | ctf, web-application-security, ethical-hacking, cybersecurity, bug-bounty | 15-Apr-2025 |
Red Team Tactics vs Blue Team Defenses: Real-World Scenarios | https://medium.com/@paritoshblogs/red-team-tactics-vs-blue-team-defenses-real-world-scenarios-d8a935b9e100?source=rss------bug_bounty-5 | Paritosh | hacking, red-team, blue-team, bug-bounty, cybersecurity | 15-Apr-2025 |
Breaking Into HackDonalds: XXE + Middleware Abuse (CTF Writeup) | https://medium.com/@cipher01x/breaking-into-hackdonalds-xxe-middleware-abuse-ctf-writeup-fa33c6bad5d8?source=rss------bug_bounty-5 | bretsadlea | hacking, bug-bounty, cybersecurity, hacking-tools, ctf-writeup | 15-Apr-2025 |
Breaking the Invite: 3 Easy-to-Find Vulnerabilities in invite users function | https://medium.com/@basetm307/breaking-the-invite-3-easy-to-find-vulnerabilities-in-invite-users-function-735c3b75d130?source=rss------bug_bounty-5 | 3baset | bug-bounty, broken-access-control, bug-bounty-tips, privilege, idor | 15-Apr-2025 |
Hi, I’m Modather Ahmed, a penetration tester at Buguard and a part-time bug bounty hunter. | https://medium.com/@modtheramohamed/hi-im-modather-ahmed-a-penetration-tester-at-buguard-and-a-part-time-bug-bounty-hunter-fb79a2229281?source=rss------bug_bounty-5 | Modther A Mohamed | bug-bounty | 15-Apr-2025 |
How a Curious Curl and a Ghost Domain Got Me into the Dutch Government’s Hall of Fame | https://medium.com/@cyberhrsh/how-a-curious-curl-and-a-ghost-domain-got-me-into-the-dutch-governments-hall-of-fame-bf1537f4a737?source=rss------bug_bounty-5 | Harsh kothari | hall-of-fame, bug-bounty, cybersecurity, hacker | 15-Apr-2025 |
Exposing Sensitive Data: How I Found a Critical NASA P1 Vulnerability in Publicly Accessible… | https://medium.com/@sivasankardas/exposing-sensitive-data-how-i-found-a-critical-nasa-p1-vulnerability-in-publicly-accessible-57a00a9bccb9?source=rss------bug_bounty-5 | Sivasankar Das | cybersecurity, vulnerability-research, hallof-fame, bug-bounty, nasa | 15-Apr-2025 |
From Zero Bugs to Many: My Journey into Web Pentesting and Bug Bounties | https://medium.com/@omkumar.coder/from-zero-bugs-to-many-my-journey-into-web-pentesting-and-bug-bounties-883f516a507c?source=rss------bug_bounty-5 | om kumar | cybersecurity, hacking, web-development, bug-bounty, technology | 15-Apr-2025 |
Breaking Into HackDonalds: XXE + Middleware Abuse (CTF Writeup) | https://medium.com/@cipher01x/breaking-into-hackdonalds-xxe-middleware-abuse-ctf-writeup-5e67fadbb1bd?source=rss------bug_bounty-5 | bretsadlea | bug-bounty, hacking, ciberseguridad, ctf-writeup | 15-Apr-2025 |
Hidden Directories and Files : How Dirb, Dirsearch, and Gobuster Find the Unseen | https://medium.com/@vipulsonule71/hidden-directories-and-files-how-dirb-dirsearch-and-gobuster-find-the-unseen-27182b2f88f6?source=rss------bug_bounty-5 | Vipul Sonule | ai, cybersecurity, hacking, penetration-testing, bug-bounty | 15-Apr-2025 |
9 Criticals in a Row — Mind Hacking on HackerOne | https://medium.com/@rootplinix/9-criticals-in-a-row-mind-hacking-on-hackerone-b627d1688d69?source=rss------bug_bounty-5 | Abu Hurayra | infosec, cybersecurity, hacking, pentesting, bug-bounty | 15-Apr-2025 |
Web Socket Security | https://cybertoucan.medium.com/web-socket-security-8095fd0f8981?source=rss------bug_bounty-5 | cybertoucan | websocket, bug-bounty, cybersecurity, pentesting, application-security | 15-Apr-2025 |
Google Dorking for Ethical Hacking: A Beginner’s Guide to Finding Your First Bug | https://just-merwan.medium.com/google-dorking-for-ethical-hacking-a-beginners-guide-to-finding-your-first-bug-213ff2fffd1a?source=rss------bug_bounty-5 | Merwansky | cybersecurity, google, hacking, tutorial, bug-bounty | 15-Apr-2025 |
SNMP — Ports 161, 162, 10161, and 10162/UDP — How to exploit? | https://medium.com/@verylazytech/snmp-ports-161-162-10161-and-10162-udp-how-to-exploit-a9044f1eeb72?source=rss------bug_bounty-5 | Very Lazy Tech | penetration-testing, bug-bounty, ethical-hacking, exploit, snmp | 15-Apr-2025 |
Top 15 Browser Extensions For Bug Bounty Hunter 2025: Part(2) | https://osintteam.blog/top-15-browser-extensions-for-bug-bounty-hunter-2025-part-2-c2a4e525de21?source=rss------bug_bounty-5 | Monika sharma | technology, hacking, bug-bounty, extension, osint | 15-Apr-2025 |
CSRF Exploit Leading to Account Takeover (ATO) | https://medium.com/@magdy_ali/csrf-exploit-leading-to-account-takeover-ato-e1e89f73cb4c?source=rss------bug_bounty-5 | Magdy Ali | bug-bounty, csrf, account-takeover | 15-Apr-2025 |
Burp Suite AI: Smarter Scanning Powered by Machine Intelligence | https://cylent.medium.com/burp-suite-ai-smarter-scanning-powered-by-machine-intelligence-7462bb1da5dc?source=rss------bug_bounty-5 | Mohamed Talaat (@cylent) | application-security, bug-bounty, burp-suite-professional, bug-hunting, penetration-testing | 15-Apr-2025 |
Check Point Firewall — Port 264 — How to exploit? | https://medium.com/@verylazytech/check-point-firewall-port-264-how-to-exploit-10453634fb26?source=rss------bug_bounty-5 | Very Lazy Tech | ethical-hacking, port-264, penetration-testing, check-point-firewall, bug-bounty | 14-Apr-2025 |
How I Earned $800 in 10 Minutes with an IDOR Vulnerability — Just by Going the Extra Mile | https://medium.com/@cadeeper/how-i-earned-800-in-10-minutes-with-an-idor-vulnerability-just-by-going-the-extra-mile-b8208bec852f?source=rss------bug_bounty-5 | Inv | info-sec-writeups, penetration-testing, bug-bounty, cybersecurity, hacker | 14-Apr-2025 |
SQL Injection Leads to $$$ Bounty: How I Found a Critical Bug | https://medium.com/@arrheniuspaelongan09/sql-injection-leads-to-bounty-how-i-found-a-critical-bug-cbacc35a2f19?source=rss------bug_bounty-5 | Qchad | bug-bounty, hacking, penetration-testing, red-team, cybersecurity | 14-Apr-2025 |
Uncovering Hidden APIs: How One Forgotten Endpoint Made Me $500 | https://infosecwriteups.com/uncovering-hidden-apis-how-one-forgotten-endpoint-made-me-500-424e6388c406?source=rss------bug_bounty-5 | Abhijeet Kumawat | cybersecurity, secrets, bug-bounty, infosec, hacking | 14-Apr-2025 |
Understanding CVE-2025–29927: Next.js Security Vulnerability | https://medium.com/@dasmanish6176/understanding-cve-2025-29927-next-js-security-vulnerability-6a6e20a7bcb0?source=rss------bug_bounty-5 | Dasmanish | bug-bounty, nextjs, security, ethical-hacking, burpsuite | 14-Apr-2025 |
From Admin to Ghost: Post-Removal Access Control Bypass in Team Management Functionality | https://medium.com/@nhlimon37/from-admin-to-ghost-post-removal-access-control-bypass-in-team-management-functionality-155e3d7faf0d?source=rss------bug_bounty-5 | NH Limon ️ | bug-bounty-writeup, bug-bounty | 14-Apr-2025 |
From “Buck Bounty?” to My First Real Bug Bounty | https://medium.com/@bgsswqyh/from-buck-bounty-to-my-first-real-bug-bounty-7490f1907541?source=rss------bug_bounty-5 | Kailaas | bug-bounty-writeup, bug-bounty-tips, bug-bounty, cybersecurity | 14-Apr-2025 |
SQL injection UNION attack, retrieving data from other tables — Portswigger | https://arayofhope7.medium.com/sql-injection-union-attack-retrieving-data-from-other-tables-portswigger-ab892f5a9527?source=rss------bug_bounty-5 | RayofHope | web-penetration-testing, bug-bounty, ethical-hacking, penetration-testing, cybersecurity | 14-Apr-2025 |
SQL Injection Leads to $$$ Bounty: How I Found a Critical Bug | https://medium.com/@arrheniuspaelongan09/sql-injection-leads-to-bounty-how-i-found-a-critical-bug-cbacc35a2f19?source=rss------bug_bounty-5 | Arrhenius Paelongan | bug-bounty, hacking, penetration-testing, red-team, cybersecurity | 14-Apr-2025 |
Beyond the Payload: Why Understanding Vulnerabilities Matters More Than Exploiting Them | https://revengermojo.medium.com/beyond-the-payload-why-understanding-vulnerabilities-matters-more-than-exploiting-them-72061821f88b?source=rss------bug_bounty-5 | RevengerMojo | hackermindset, revengermojo, application-security, chaining-vulnerabilities, bug-bounty | 14-Apr-2025 |
I Hacked a Website With Just ../../../etc/passwd | https://medium.com/@RootPwned/i-hacked-a-website-with-just-etc-passwd-79fc0d592b4e?source=rss------bug_bounty-5 | Sumanth Yerranagula | ctf, web-security, bug-bounty, cybersecurity, ethical-hacking | 14-Apr-2025 |
Exposed Session Tokens via Misconfigured Endpoint | https://ehteshamulhaq198.medium.com/exposed-session-tokens-via-misconfigured-endpoint-c6676b79476e?source=rss------bug_bounty-5 | Ehtesham Ul Haq | infosec, bug-bounty-writeup, penetration-testing, bug-bounty, session-hijacking | 14-Apr-2025 |
LFI in the Shadows: A Bug Bounty Private Program Walkthrough | https://medium.com/@AhmedSamy-X/lfi-in-the-shadows-a-bug-bounty-private-program-walkthrough-a76024d1314f?source=rss------bug_bounty-5 | Ahmedsamy | information-security, cybersecurity, hacking, penetration-testing, bug-bounty | 14-Apr-2025 |
Click, Recon, Jackpot! ️♂️ How a Subdomain Led Me to an S3 Treasure Trove | https://infosecwriteups.com/click-recon-jackpot-%EF%B8%8F-%EF%B8%8F-how-a-subdomain-led-me-to-an-s3-treasure-trove-2f65c3a80010?source=rss------bug_bounty-5 | Iski | money, bug-bounty, hacking, infosec, cybersecurity | 14-Apr-2025 |
iOS-Pentesting-101: Jail Breaking iOS 16.7.x+ on iPhone 8/X | https://sudosuraj.medium.com/ios-pentesting-101-jail-breaking-ios-16-7-x-on-iphone-8-x-e9d62c529d38?source=rss------bug_bounty-5 | sudosuraj | ios-bug-bounty, sudosuraj, bug-bounty-tips, bug-bounty, mobile-security | 14-Apr-2025 |
Account Takeover Based on Deep Understanding of the Target | https://medium.com/@Maverick0o0/account-takeover-based-on-deep-understanding-of-the-target-9c02b8af88fa?source=rss------bug_bounty-5 | Erfan Tavakoli | bug-bounty-writeup, writeup, cybersecurity, bug-bounty-tips, bug-bounty | 14-Apr-2025 |
Hunting eval() XSS: How I Scored a $10K Bounty from Uber | https://osintteam.blog/hunting-eval-xss-how-i-scored-a-10k-bounty-from-uber-c77aaf93574a?source=rss------bug_bounty-5 | Krish_cyber | osint, bug-bounty, infosec-write-ups, ethical-hacking, xss-attack | 14-Apr-2025 |
Google Gemini iOS Vulnerability: Public Link Sharing Silently Leaks Entire Conversations | https://medium.com/@warisjeet31/google-gemini-ios-vulnerability-public-link-sharing-silently-leaks-entire-conversations-e1f80cbea25c?source=rss------bug_bounty-5 | sin99xx | bug-bounty, bug-bounty-tips, bug-bounty-writeup, cyber-security-awareness, cybersecurity | 14-Apr-2025 |
Bug Bounty | Istifadəçi hesablarının oğurlanmasına səbəb ola biləcək bir boşluq tapdım (Account… | https://zeynalxan.medium.com/bug-bounty-istifad%C9%99%C3%A7i-hesablar%C4%B1n%C4%B1n-o%C4%9Furlanmas%C4%B1na-s%C9%99b%C9%99b-ola-bil%C9%99c%C9%99k-bir-bo%C5%9Fluq-tapd%C4%B1m-account-2693a2aa2520?source=rss------bug_bounty-5 | Zeynalxan Quliyev | bug-bounty-writeup, bug-bounty, ato, account-takeover, hacker | 14-Apr-2025 |
Outsmarting the Crowd: 7 Unconventional Strategies to Dominate Bug Bounty Programs | https://cybersecuritywriteups.com/outsmarting-the-crowd-7-unconventional-strategies-to-dominate-bug-bounty-programs-e5432e5fddd2?source=rss------bug_bounty-5 | Krish_cyber | bug-bounty, info-sec-writeups, osint, ethical-hacking, bug-bounty-writeup | 14-Apr-2025 |
HOW I GOT RCE BY THIS ‘ Single quotation Mark | https://medium.com/@amerghaith07/how-i-got-rce-by-this-single-quotation-mark-3a81be69a0d2?source=rss------bug_bounty-5 | Amerghaith | ethical-hacking, cybersecurity, sql-injection, bug-bounty, rce-vulnerability | 14-Apr-2025 |
Crafting Engaging Web Application Challenges for Your College CTF | https://medium.com/@shashank_d_s/crafting-engaging-web-application-challenges-for-your-college-ctf-b712e10b9ed6?source=rss------bug_bounty-5 | D4rkHxnd | capture-the-flag, penetration-testing, cybersecurity, bug-bounty, ctf | 14-Apr-2025 |
Are You Safe? The Terrifying Truth Behind Silent Attacks | https://medium.com/@Zo0L/are-you-safe-the-terrifying-truth-behind-silent-attacks-544d63139019?source=rss------bug_bounty-5 | Abdallah Mohammed | behind-the-shadow, cybersecurity, ethical-hacking, bug-bounty, penetration-testing | 14-Apr-2025 |
Attacking Common Services (skill assessment→Easy Level) Hack The Box Writeup/Walkthrough by… | https://medium.com/@prarabdhsrivastava1403/attacking-common-services-skill-assessment-easy-level-hack-the-box-writeup-walkthrough-by-40cb4ae57d70?source=rss------bug_bounty-5 | Prarabdh Srivastava | infosec, hackthebox, ctf-walkthrough, penetration-testing, bug-bounty | 14-Apr-2025 |
Udemy Promo OFFER | https://medium.com/@deepdive4learn/udemy-promo-offer-bbf015f60c6a?source=rss------bug_bounty-5 | DeepDive4learn | penetration-testing, cisco-certifications, promo-code, cybersecurity, bug-bounty | 14-Apr-2025 |
Stored XSS — Escalated from High to Critical | https://medium.com/@YourFinalSin/stored-xss-escalated-from-high-to-critical-079b5ab44444?source=rss------bug_bounty-5 | 3NVZ | xss-attack, bug-bounty-tips, bug-bounty, xss-vulnerability, bug-bounty-writeup | 13-Apr-2025 |
SQL injection UNION attack, finding a column containing text | https://arayofhope7.medium.com/sql-injection-union-attack-finding-a-column-containing-text-8bb9f92b6430?source=rss------bug_bounty-5 | RayofHope | web-penetration-testing, penetration-testing, ethical-hacking, cybersecurity, bug-bounty | 13-Apr-2025 |
Spynote, BadBazaar & Moonshine: The Malware Mafia That’s Eyeing Your Phone | https://medium.com/@thecyberghost/spynote-badbazaar-moonshine-the-malware-mafia-thats-eyeing-your-phone-6b98eafb1af7?source=rss------bug_bounty-5 | The Cyber Ghost | malware, bug-bounty, bug-bounty-writeup, virus, cyber-security-awareness | 13-Apr-2025 |
One Random Recon, One Real Bounty: The Paytm Story | https://ghostman01.medium.com/ghost-paytm-xss-bounty-4f5efe6a643b?source=rss------bug_bounty-5 | SIDDHANT SHUKLA | bug-bounty, cybersecurity, programming, hacking, vulnerability | 13-Apr-2025 |
Advanced Windows Event Log Hunting for Threat Detection | https://medium.com/@paritoshblogs/advanced-windows-event-log-hunting-for-threat-detection-5ae8f259d5e2?source=rss------bug_bounty-5 | Paritosh | hacking, bug-bounty, windows, cybersecurity, threat-intelligence | 13-Apr-2025 |
How I Found a Bug in a Government Website (And Got Recognized for It) ️) | https://infosecwriteups.com/how-i-found-a-bug-in-a-government-website-and-got-recognized-for-it-%EF%B8%8F-2f057a99f458?source=rss------bug_bounty-5 | Abhijeet Kumawat | hacking, bug-bounty, cybersecurity, infosec, secrets | 13-Apr-2025 |
Tricky waf bypass for reflected XSS write up | https://medium.com/@sonahri501/not-so-cool-reflectd-xss-write-up-88da44cdc8c4?source=rss------bug_bounty-5 | Sonahri | waf-bypass, bug-bounty, cross-site-scripting | 13-Apr-2025 |
⚡️Oops, They Logged It! Turning LFI into Remote Shell Like a Pro ⚔️ | https://medium.com/@iski/%EF%B8%8Foops-they-logged-it-turning-lfi-into-remote-shell-like-a-pro-%EF%B8%8F-272e81c5315f?source=rss------bug_bounty-5 | Iski | money, bug-bounty-tips, hacking, bug-bounty, cybersecurity | 13-Apr-2025 |
BURPSUITE EXTENSIONS FOR SECURITY ASSESSMENTS: ENHANCED WEB APPLICATION TESTING ️ | https://medium.com/@0b1d1/burpsuite-extensions-for-security-assessments-enhanced-web-application-testing-%EF%B8%8F-922d2002bf0d?source=rss------bug_bounty-5 | 0b1d1 | burp-suite-pro, pentesting, bug-bounty-tips, bug-bounty, pentesting-lab | 13-Apr-2025 |
Hackers Love These Info Disclosure Bugs | CVE, APIs, Buckets, 404s & More! | https://medium.com/@spector-sec/hackers-love-these-info-disclosure-bugs-cve-apis-buckets-404s-more-a8b2f7103bb0?source=rss------bug_bounty-5 | spector-sec | cybersecurity, hacking, informatonal-disclosure, bug-bounty | 13-Apr-2025 |
One Random Recon, One Real Bounty: The Paytm Story | https://infosecwriteups.com/ghost-paytm-xss-bounty-4f5efe6a643b?source=rss------bug_bounty-5 | SIDDHANT SHUKLA | bug-bounty, cybersecurity, programming, hacking, vulnerability | 13-Apr-2025 |
How Burp Suite AI Makes Vulnerability Testing Easy and Fast | https://infosecwriteups.com/how-burp-suite-ai-makes-vulnerability-testing-easy-and-fast-03b6ca0ca6e5?source=rss------bug_bounty-5 | Monika sharma | technology, bug-bounty, ai, burpsuite, penetration-testing | 13-Apr-2025 |
JavaScript All Important Browser Functions | https://medium.com/@zoningxtr/javascript-all-important-browser-functions-f40423714ebb?source=rss------bug_bounty-5 | Zoningxtr | penetration-testing, javascript, web-development, cybersecurity, bug-bounty | 13-Apr-2025 |
Bypass no rate limit & get Application-Level DDoS Vulnerability | https://frostyxsec.medium.com/bypass-no-rate-limit-get-application-level-ddos-vulnerability-bb4bae99f3a4?source=rss------bug_bounty-5 | Frostyxsec | bug-bounty, bug-hunting, bug-bounty-tips, cybersecurity, bug-bounty-writeup | 13-Apr-2025 |
Bypass File Attachment Restrictions in Google Groups via Email Posting | Bug Bounty | https://ph-hitachi.medium.com/bypass-file-attachment-restrictions-in-google-groups-via-email-posting-bug-bounty-5d96fe39e46d?source=rss------bug_bounty-5 | Ph.Hitachi | bug-bounty, permissionsbypass, google-vrp, google-groups, broken-access-control | 13-Apr-2025 |
1-CLick OAuth Token Hijacking via Google Apps Script – A Design Flaw Ignored? | Bug Bounty | https://ph-hitachi.medium.com/1-click-oauth-token-hijacking-via-google-apps-script-a-design-flaw-ignored-bug-bounty-02c6997254ff?source=rss------bug_bounty-5 | Ph.Hitachi | hackerone, bug-bounty, google-vrp, google, google-app-script | 13-Apr-2025 |
$10,000 worth GitHub Access Tokens | Secret Search Operators | https://infosecwriteups.com/10-000-worth-github-access-tokens-secret-search-operators-c67b09062a38?source=rss------bug_bounty-5 | It4chis3c | hidden, github, bug-bounty, secrets, access-token | 13-Apr-2025 |
From Threats to Allies: Empower Moroccan Cyber Talent | https://medium.com/@ryadserkouh/from-threats-to-allies-empower-moroccan-cyber-talent-49d0dd07d06a?source=rss------bug_bounty-5 | Ryad Serkouh | bug-bounty, cybersecurity, morocco | 13-Apr-2025 |
How to Perform Triage on a Compromised Windows Machine | https://medium.com/@paritoshblogs/how-to-perform-triage-on-a-compromised-windows-machine-a358edfefd4b?source=rss------bug_bounty-5 | Paritosh | cybersecurity, triage, hacking, windows, bug-bounty | 13-Apr-2025 |
Bypass rate limit & get Application-Level DDoS Vulnerability | https://frostyxsec.medium.com/bypass-no-rate-limit-get-application-level-ddos-vulnerability-bb4bae99f3a4?source=rss------bug_bounty-5 | Frostyxsec | bug-bounty, bug-hunting, bug-bounty-tips, cybersecurity, bug-bounty-writeup | 13-Apr-2025 |
Effective tool for bug hunters | https://medium.com/@loyalonlytoday/effective-tool-for-bug-hunters-7544a430617d?source=rss------bug_bounty-5 | loyalonlytoday | programming, bug-bounty, cybersecurity, hacking, bug-bounty-tips | 12-Apr-2025 |
A tool that will find secrets, endpoints, and API keys from a list of URLs(Bug Bounty Hunting) | https://medium.com/@loyalonlytoday/a-tool-that-will-find-secrets-endpoints-and-api-keys-from-a-list-of-urls-bug-bounty-hunting-ccaec4babfe1?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty-tips, ethical-hacking, bug-bounty, osint, cybersecurity | 12-Apr-2025 |
This Was My First Account Takeover Without Any Tool: A Remarkable Experience | https://medium.com/@dineshnarasimhan27/this-was-my-first-account-takeover-without-any-tool-a-remarkable-experience-1a224d8efb73?source=rss------bug_bounty-5 | Dinesh Narasimhan | cybersecuirty, webapplicationpentest, account-take-over, penetration-testing, bug-bounty | 12-Apr-2025 |
Subdomain takeover | https://medium.com/@parthchheda777/subdomain-takeover-6642736285fc?source=rss------bug_bounty-5 | Parthchheda | infosec, pentesting, subdomain-takeover, cybersecurity, bug-bounty | 12-Apr-2025 |
SQL injection UNION attack, determining the number of columns returned by the query | https://arayofhope7.medium.com/sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-01321d3953cb?source=rss------bug_bounty-5 | RayofHope | ethical-hacking, penetration-testing, web-penetration-testing, cybersecurity, bug-bounty | 12-Apr-2025 |
Static vs Dynamic Analysis: A Web3 Security Perspective | https://securrtech.medium.com/static-vs-dynamic-analysis-a-web3-security-perspective-e0c11bbdde99?source=rss------bug_bounty-5 | Securr - Web3 Security | bug-bounty, web3-security, blockchain-security, smart-contract-security, smart-contract-auditing | 12-Apr-2025 |
Exposing a Critical Data Leak: My Experience in NASA’s Vulnerability Disclosure Program | https://medium.com/@sivasankardas/exposing-a-critical-data-leak-my-experience-in-nasas-vulnerability-disclosure-program-7ab0ced1ba86?source=rss------bug_bounty-5 | Sivasankardas | vulnerability-disclosure, bug-bounty, critical-vulnerabilities, nasa-vdp, data-security | 12-Apr-2025 |
How I Got Access to Other Person’s Chat History and Chat Environment! | https://hiddendom.medium.com/how-i-got-access-to-other-persons-chat-history-and-chat-environment-f333cc29f3df?source=rss------bug_bounty-5 | Gokuleswaran B | penetration-testing, vapt, bug-bounty-writeup, bug-bounty, bug-bounty-tips | 12-Apr-2025 |
️♂️ Bug Bounty Secrets They Don’t Tell You: Tricks From 100+ Reported Bugs | https://infosecwriteups.com/%EF%B8%8F-%EF%B8%8F-bug-bounty-secrets-they-dont-tell-you-tricks-from-100-reported-bugs-603e4a6bb84f?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, ai, hacking, cybersecurity, secrets | 12-Apr-2025 |
️ Mastering Nmap: From Recon to Automation in Enterprise Security | https://medium.com/@zoningxtr/%EF%B8%8F-mastering-nmap-from-recon-to-automation-in-enterprise-security-69f6e3a81096?source=rss------bug_bounty-5 | Zoningxtr | linux, penetration-testing, nmap, bug-bounty, cybersecurity | 12-Apr-2025 |
Why I’m Blogging My Cybersecurity Journey (And Why You Should Too) | https://medium.com/@shewagbhai1333/why-im-blogging-my-cybersecurity-journey-and-why-you-should-too-cacfee96f931?source=rss------bug_bounty-5 | Shewagbhai | pentesting, bug-bounty, web, blogging, community | 12-Apr-2025 |
Facebook allows malicious script execution in post,comments and direct messages( rejected bug… | https://medium.com/@krivadna/facebook-allows-malicious-script-execution-in-post-comments-and-direct-messages-rejected-bug-807ad30e1401?source=rss------bug_bounty-5 | Krivadna | info-sec-writeups, infosec-write-ups, bugbounty-writeup, bug-bounty, cybersecurity | 12-Apr-2025 |
I Built a Portfolio Website That’s (Almost) Unhackable — Here’s How | https://medium.com/@afnaan2180/i-built-a-portfolio-website-thats-almost-unhackable-here-is-how-33351d7d56f7?source=rss------bug_bounty-5 | Mohammed Afnaan Ahmed | infosec, bug-bounty, cybersecurity, ethical-hacking, web-development | 12-Apr-2025 |
Secrets in JavaScript : Finding API Keys and Endpoints Like a Bug Bounty Hunter | https://medium.com/@vipulsonule71/secrets-in-javascript-finding-api-keys-and-endpoints-like-a-bug-bounty-hunter-613c66412baa?source=rss------bug_bounty-5 | Vipul Sonule | cybersecurity, ethical-hacking, hacking, penetration-testing, bug-bounty | 12-Apr-2025 |
️ Detecting Ransomware Pre-Execution with Windows Logs & Sysmon | https://medium.com/@paritoshblogs/%EF%B8%8F-detecting-ransomware-pre-execution-with-windows-logs-sysmon-2e34dac2ee97?source=rss------bug_bounty-5 | Paritosh | ransomware, bug-bounty, windows, hacking, cybersecurity | 12-Apr-2025 |
Exposing a Critical Data Leak: My Experience in NASA’s Vulnerability Disclosure Program | https://medium.com/@sivasankardas/exposing-a-critical-data-leak-my-experience-in-nasas-vulnerability-disclosure-program-7ab0ced1ba86?source=rss------bug_bounty-5 | Sivasankar Das | vulnerability-disclosure, bug-bounty, critical-vulnerabilities, nasa-vdp, data-security | 12-Apr-2025 |
Recon Zen: Hacking With Nothing But Vibes and DevTools | https://myselfakash20.medium.com/recon-zen-hacking-with-nothing-but-vibes-and-devtools-d809ee497d69?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty-tips, hacking, technology, cybersecurity, bug-bounty | 12-Apr-2025 |
Understanding DOM-based XSS | https://medium.com/@evyeveline1/understanding-dom-based-xss-70ea74401e7b?source=rss------bug_bounty-5 | Evyeveline | web-hacking, red-team, dom-based-xss, xss-vulnerability, bug-bounty | 12-Apr-2025 |
Found 3 IDOR Vulnerabilities in the Same Target! | https://medium.com/@mahmoudelsadey56/found-3-idor-vulnerabilities-in-the-same-target-bc79c1c33376?source=rss------bug_bounty-5 | Mahmoud elsadey | web-penetration-testing, bug-bounty-writeup, bug-bounty, penetration-testing | 12-Apr-2025 |
LDAP — Ports 389, 636, 3268, 3269 — How to exploit? | https://medium.com/@verylazytech/ldap-ports-389-636-3268-3269-how-to-exploit-48af0aaac0ae?source=rss------bug_bounty-5 | Very Lazy Tech | ldap, penetration-testing, bug-bounty, ethical-hacking, hacking | 12-Apr-2025 |
How I Found a Reflected XSS Bug in 45 Minutes Using ChatGPT — and Earned $800 | https://theindiannetwork.medium.com/how-i-found-a-reflected-xss-bug-in-45-minutes-using-chatgpt-and-earned-800-bc700c4baea8?source=rss------bug_bounty-5 | TheIndianNetwork | chatgpt, bug-bounty-tips, bug-bounty-writeup, bug-bounty, xss-attack | 11-Apr-2025 |
A few online tools to find subdomains easily(bug bounty hunting) | https://medium.com/@loyalonlytoday/a-few-online-tools-to-find-subdomains-easily-bug-bounty-hunting-64b15b2c2dcf?source=rss------bug_bounty-5 | loyalonlytoday | subdomains-enumeration, hacking, tips, cybersecurity, bug-bounty | 11-Apr-2025 |
How I Earned $1,000 by Exploiting a Hidden Subdomain and Chaining a CORS Misconfiguration with IDOR | https://theindiannetwork.medium.com/how-i-earned-1-000-by-exploiting-a-hidden-subdomain-and-chaining-a-cors-misconfiguration-with-idor-1dc83adf927c?source=rss------bug_bounty-5 | TheIndianNetwork | bug-bounty, idor, subdomain, bug-bounty-writeup, bug-bounty-tips | 11-Apr-2025 |
OTP BYPASS METHODOLOGIES | https://infosecwriteups.com/otp-bypass-methodologies-3ed951d1eb12?source=rss------bug_bounty-5 | Canonminibeast | hacking, bug-bounty, bug-bounty-writeup, bug-bounty-tips, otp-verification | 11-Apr-2025 |
How I Pick a Good Bug Bounty Program and Earn $$$ | https://medium.com/@YourFinalSin/how-i-pick-a-good-bug-bounty-program-and-earn-dc7610bff549?source=rss------bug_bounty-5 | 3NVZ | bug-bounty, bug-bounty-tips, hackerone, bugcrowd, bug-bounty-writeup | 11-Apr-2025 |
SQL injection attack, listing the database contents on Oracle — Portswigger | https://arayofhope7.medium.com/sql-injection-attack-listing-the-database-contents-on-oracle-portswigger-501f25bda8fd?source=rss------bug_bounty-5 | RayofHope | bug-bounty, ethical-hacking, penetration-testing, web-penetration-testing, cyber-security-training | 11-Apr-2025 |
I Made $5,382 in 30 Days Hunting Bugs | https://infosecwriteups.com/i-made-5-382-in-30-days-hunting-bugs-ba770a5d895a?source=rss------bug_bounty-5 | Ibtissam Hammadi | technology, hacking, bug-bounty, cybersecurity, make-money-online | 11-Apr-2025 |
How I Bypassed YouTube Video Ads Using API Manipulation — My Google VRP Discovery (Video PoC… | https://muneebalamkhan.medium.com/how-i-bypassed-youtube-video-ads-using-api-manipulation-my-google-vrp-discovery-video-poc-9eaf91f23596?source=rss------bug_bounty-5 | Muneeb Alam Khan | youtube-hacks-and-tricks, cybersecurity, bug-bounty, google-hacking, api-security-testing | 11-Apr-2025 |
Oops. Team Closed it as NA | https://infosecwriteups.com/oops-team-closed-it-as-na-547d6b20a5d7?source=rss------bug_bounty-5 | callgh0st | gaza, mindset, bug-bounty, genocide, hacking | 11-Apr-2025 |
(Ⅱ)【Report Review】2024 OWASP Mobile Top 10 Risks | https://medium.com/@security.tecno/%E2%85%B1-report-review-2024-owasp-mobile-top-10-risks-216b6cf6b2e3?source=rss------bug_bounty-5 | TECNO Security | application, hacking, bug-bounty, security, owasp | 11-Apr-2025 |
SSRF para RCE: Como transformei um pequeno inseto em um grande salário | https://medium.com/@miltonslutonadio/ssrf-para-rce-como-transformei-um-pequeno-inseto-em-um-grande-sal%C3%A1rio-e33c53bdb712?source=rss------bug_bounty-5 | Milton Lutonadio | cybersecurity, bounty-program, red-team, bug-bounty, web-applications | 11-Apr-2025 |
I Used Shodan to Find Unprotected WordPress Sites — It Was Too Easy | https://medium.com/@nathans_web/i-used-shodan-to-find-unprotected-wordpress-sites-it-was-too-easy-94dfb9308570?source=rss------bug_bounty-5 | Gandolf | infosec, shodan, bug-bounty, cybersecurity, hacking | 11-Apr-2025 |
5 Web Vulnerabilities That Paid Me the Most (And How to Find Them!) | https://infosecwriteups.com/5-web-vulnerabilities-that-paid-me-the-most-and-how-to-find-them-42f3f922740d?source=rss------bug_bounty-5 | Abhijeet Kumawat | hacking, vulnerability, cybersecurity, ai, bug-bounty | 11-Apr-2025 |
Using Blind XSS to steal session cookies and log in as a different user | https://medium.com/@evyeveline1/using-blind-xss-to-steal-session-cookies-and-log-in-as-a-different-user-937cce53d829?source=rss------bug_bounty-5 | Evyeveline | xss-vulnerability, bug-bounty, web-hacking, xss-attack, ethical-hacking | 11-Apr-2025 |
Security Lessons from TVM’s RPC Design | https://medium.com/@kerkroups/security-lessons-from-tvms-rpc-design-3cfc4b5c8e82?source=rss------bug_bounty-5 | Kerkroups | application-security, bug-bounty, cybersecurity | 11-Apr-2025 |
Bearer Tokens, Broken Trust, and GitHub Classroom’s Flawed Design | https://vanshal.medium.com/bearer-tokens-broken-trust-and-github-classrooms-flawed-design-8d616adb7ee5?source=rss------bug_bounty-5 | Vanshal Gaur | bug-bounty, cybersecurity, github, education-technology, information-security | 11-Apr-2025 |
⏰ Mastering Cron: Automate Like a Pro in Linux and Enterprise IT | https://medium.com/@zoningxtr/mastering-cron-automate-like-a-pro-in-linux-and-enterprise-it-6a5f5694a749?source=rss------bug_bounty-5 | Zoningxtr | automation, linux, penetration-testing, cybersecurity, bug-bounty | 11-Apr-2025 |
A Hacker’s Instinct: The Power You Unlock When You Stop Looking and Start Seeing | https://myselfakash20.medium.com/a-hackers-instinct-the-power-you-unlock-when-you-stop-looking-and-start-seeing-2715865e13f7?source=rss------bug_bounty-5 | Akash Ghosh | cybersecurity, bug-bounty-tips, infosec, technology, bug-bounty | 11-Apr-2025 |
Mastering Google Dorking for Bug Bounty Hunters: Secrets the Pros Use! | https://cybersecuritywriteups.com/mastering-google-dorking-for-bug-bounty-hunters-secrets-the-pros-use-5798df19f343?source=rss------bug_bounty-5 | Krish_cyber | osint, cybersecurity, bug-bounty, hacking, google-dorking | 11-Apr-2025 |
Unlocking Hidden Paths: Web Fuzzing with FFUF | https://medium.com/@regan_temudo/unlocking-hidden-paths-web-fuzzing-with-ffuf-9f81381bd9e3?source=rss------bug_bounty-5 | Regan Temudo | ctf, cybersecurity, penetration-testing, ethical-hacking, bug-bounty | 11-Apr-2025 |
hiii bug bounty hunters | https://krishna-cyber.medium.com/hiii-bug-bounty-hunters-65dec8625cd4?source=rss------bug_bounty-5 | Krish_cyber | cybersecurity, artificial-intelligence, coding, software-development, bug-bounty | 11-Apr-2025 |
Tittle: | https://medium.com/@muhammedelkesht404/tittle-a9218e507b1a?source=rss------bug_bounty-5 | 0xAdam | bug-bounty, bug-bounty-tips, bugs | 11-Apr-2025 |
IPsec/IKE VPN — Port 500/UDP — How to exploit? | https://medium.com/@verylazytech/ipsec-ike-vpn-port-500-udp-how-to-exploit-dd240223757d?source=rss------bug_bounty-5 | Very Lazy Tech | hacking, ethical-hacking, bug-bounty, penetration-testing, ipsec | 11-Apr-2025 |
Custom Headers: The Sneaky Trick Every Hacker Should Know | https://medium.com/@RoBoHackermann/custom-headers-the-sneaky-trick-every-hacker-should-know-a685246cc3d0?source=rss------bug_bounty-5 | Rohit Suresh Borate | cybersecurity, penetration-testing, vapt, bug-bounty, web-penetration-testing | 11-Apr-2025 |
Mastering Reflected XSS with Nuclei: From Zero to $1,500 Bounty! | https://krishna-cyber.medium.com/mastering-reflected-xss-with-nuclei-from-zero-to-1-500-bounty-eb5115a1aaf0?source=rss------bug_bounty-5 | Krish_cyber | osint, cybersecurity, bug-bounty, xss-attack, ethical-hacking | 11-Apr-2025 |
️ From Curious Clicks to Cyber Pro: How to Start a Career in Ethical Hacking & Cybersecurity | https://osintteam.blog/hiii-bug-bounty-hunters-65dec8625cd4?source=rss------bug_bounty-5 | Krish_cyber | cybersecurity, artificial-intelligence, coding, software-development, bug-bounty | 11-Apr-2025 |
A must-use tool for subdomain enumeration. | https://medium.com/@loyalonlytoday/a-must-use-tool-for-subdomain-enumeration-12d49bf1a02f?source=rss------bug_bounty-5 | loyalonlytoday | cybersecurity, bug-bounty, ethical-hacking, tips, bug-bounty-tips | 10-Apr-2025 |
How I Found a WordPress Database Setup via Shodan (HackerOne) | https://enterlectury.medium.com/how-i-found-a-wordpress-database-setup-via-shodan-hackerone-a5de583e2fb4?source=rss------bug_bounty-5 | Enterlectury | cybersecurity, bug-bounty-tips, web-security, bug-bounty-writeup, bug-bounty | 10-Apr-2025 |
Cryptography great cheat-sheet for CTF’s | https://medium.com/@anandrishav2228/cryptography-great-cheat-sheet-for-ctfs-d2ada754b319?source=rss------bug_bounty-5 | Rishav anand | bug-bounty, crypto, cybersecurity, ctf, hacking | 10-Apr-2025 |
Stop XSS in React Before Hackers Win | https://rendiero.medium.com/stop-xss-in-react-before-hackers-win-8c2908492c01?source=rss------bug_bounty-5 | Rendiero | vulnerability, bug-bounty, hacking, react, xss-attack | 10-Apr-2025 |
Critical XXE Vulnerability Found in an Indian Government Website | https://medium.com/@dharineeshj2/critical-xxe-vulnerability-found-in-an-indian-government-website-0ae7ffae8fd9?source=rss------bug_bounty-5 | Hack-Bat | pentesting, red-team, bug-bounty, cybersecurity, hacking | 10-Apr-2025 |
SQL injection attack, listing the database contents on non-Oracle databases — Portswigg | https://arayofhope7.medium.com/sql-injection-attack-listing-the-database-contents-on-non-oracle-databases-portswigg-42fae517cc6e?source=rss------bug_bounty-5 | RayofHope | bug-bounty, penetration-testing, web-penetration-testing, cyber-security-training, ethical-hacking | 10-Apr-2025 |
CloudFlare Rate Limit Bypass — OTP Bruteforce using probabilistics leads to ATO | https://medium.com/@ph4nt0mbyt3/cloudflare-rate-limit-bypass-otp-bruteforce-using-probabilistics-leads-to-ato-511c9f3475cd?source=rss------bug_bounty-5 | ph4nt0mbyt3 | bugbounty-writeup, information-security, pentest, bug-bounty | 10-Apr-2025 |
The $1,000 Bug: How I Discovered a Critical Security Flaw (Step-by-Step Guide) | https://infosecwriteups.com/the-1-000-bug-how-i-discovered-a-critical-security-flaw-step-by-step-guide-89808934e622?source=rss------bug_bounty-5 | Abhijeet Kumawat | cybersecurity, hacking, bounty-program, bug-bounty, ai | 10-Apr-2025 |
From self XSS to RCE in Ruby on rails | https://handball10.medium.com/from-self-xss-to-rce-in-ruby-on-rails-1f9f2d33c1cb?source=rss------bug_bounty-5 | handball10 | bug-bounty, remote-code-execution, ruby-on-rails, xss-attack | 10-Apr-2025 |
️♂️ Identifying C2 Channels: From DNS Tunnelling to HTTPS Beacons | https://medium.com/@paritoshblogs/%EF%B8%8F-%EF%B8%8F-identifying-c2-channels-from-dns-tunnelling-to-https-beacons-6563c3d2ed5b?source=rss------bug_bounty-5 | Paritosh | command-and-control, hacking, cybersecurity, bug-bounty, dns | 10-Apr-2025 |
Clickjacking Attack | https://medium.com/@Maleesha.Rathnayaka/clickjacking-attack-b771b0771499?source=rss------bug_bounty-5 | Maleesha Rathnayaka | web-security, infosec, clickjacking, bug-bounty, cybersecurity | 10-Apr-2025 |
The Financial Fiasco of JavaScript Paywalls | https://medium.com/@cybercitizen.tech/the-financial-fiasco-of-javascript-paywalls-7de0b406dd8f?source=rss------bug_bounty-5 | CyberCitizen | paywall, bug-bounty, web-development, javascript, cybersecurity | 10-Apr-2025 |
(Ⅰ)【Report Review】2024 OWASP Mobile Top 10 Risks | https://medium.com/@security.tecno/%E2%85%B0-report-review-2024-owasp-mobile-top-10-risks-0a3df63284bc?source=rss------bug_bounty-5 | TECNO Security | owasp, hacking, security, bug-bounty | 10-Apr-2025 |
Bug Bounty Recon Starter Pack: Tools, Coffee, Existential Crisis | https://myselfakash20.medium.com/bug-bounty-recon-starter-pack-tools-coffee-existential-crisis-8ca172820ede?source=rss------bug_bounty-5 | Akash Ghosh | hacking, cybersecurity, technology, bug-bounty, bug-bounty-tips | 10-Apr-2025 |
From Markup to Database: A Comprehensive, Line-by-Line Walkthrough of HTML, JS & PHP with SQL | https://medium.com/@zoningxtr/from-markup-to-database-a-comprehensive-line-by-line-walkthrough-of-html-js-php-with-sql-d8ba5c00b720?source=rss------bug_bounty-5 | Zoningxtr | penetration-testing, bug-bounty, cybersecurity, javascript, html | 10-Apr-2025 |
Top 10 Underrated Tools in a Pentester’s Arsenal (2025 Edition) | https://medium.com/@gasmask/top-10-underrated-tools-in-a-pentesters-arsenal-2025-edition-568568e5418f?source=rss------bug_bounty-5 | gasmask | cybersecurity, penetration-testing, bug-bounty, web-application-security, beginner | 10-Apr-2025 |
A tool that will find secrets, endpoints, and API keys from a list of URLs(Bug Bounty Hunting) | https://medium.com/@loyalonlytoday/a-tool-that-will-find-secrets-endpoints-and-api-keys-from-a-list-of-urls-bug-bounty-hunting-6b57fbbbf374?source=rss------bug_bounty-5 | loyalonlytoday | cybersecurity, bug-bounty, bug-bounty-tips, ethical-hacking, tips | 10-Apr-2025 |
Rexec — Port 512 — How to exploit? | https://medium.com/@verylazytech/rexec-port-512-how-to-exploit-138f9eb2d59f?source=rss------bug_bounty-5 | Very Lazy Tech | penetration-testing, hacking, ethical-hacking, port-512, bug-bounty | 10-Apr-2025 |
How My Life Went from SSRF to LFI (and Why That’s Not a Metaphor) | https://infosecwriteups.com/how-my-life-went-from-ssrf-to-lfi-and-why-thats-not-a-metaphor-a2d97297e10b?source=rss------bug_bounty-5 | Iski | cybersecurity, bug-bounty, infosec, hacking, money | 10-Apr-2025 |
Turning 403 into 200: Bypassing Filters with Base64 to Trigger XSS | https://medium.com/@EL_cazad0r/turning-403-into-200-bypassing-filters-with-base64-to-trigger-xss-adbf5f817d85?source=rss------bug_bounty-5 | EL_Cazad0r | bug-bounty-tips, bug-bounty, bug-bounty-writeup, ethical-hacking | 10-Apr-2025 |
Modbus — Port 502 — How to exploit? | https://medium.com/@verylazytech/modbus-port-502-how-to-exploit-96b7923741ce?source=rss------bug_bounty-5 | Very Lazy Tech | port-502, modbus, bug-bounty, penetration-testing, hacking | 10-Apr-2025 |
$500-$10k worth Path Traversal | Advanced Methodology | https://infosecwriteups.com/500-10k-worth-path-traversal-advanced-methodology-dd80c18c5539?source=rss------bug_bounty-5 | It4chis3c | bug-bounty, secrets, hacking, path-traversal, file-reading | 10-Apr-2025 |
The OWASP Methodology for Web Application Penetration Testing | https://cyberw1ng.medium.com/the-owasp-methodology-for-web-application-penetration-testing-de23c07ed4bf?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, bug-bounty, owasp, cybersecurity | 10-Apr-2025 |
The OWASP Methodology for Web Application Penetration Testing | https://osintteam.blog/the-owasp-methodology-for-web-application-penetration-testing-de23c07ed4bf?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, bug-bounty, owasp, cybersecurity | 10-Apr-2025 |
Bug Bounty Journey — Valid Report Part 5 | https://medium.com/@0xF3r4t/bug-bounty-journey-valid-report-part-5-7c203bbff96b?source=rss------bug_bounty-5 | 0xF3r4t | misconfiguration, bug-bounty, email-verification-bypass, aws-cognito, vdp | 09-Apr-2025 |
Account Manipulation Lead to Anonymous Account existence | https://medium.com/@ziademad1923/account-manipulation-lead-to-anonymous-account-existence-211c1ff390a6?source=rss------bug_bounty-5 | Ziademad | bug-bounty, account-take-over, bug-bounty-writeup | 09-Apr-2025 |
SQL injection attack, querying the database type and version on MySQL and Microsoft | https://arayofhope7.medium.com/sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft-85081e7eef71?source=rss------bug_bounty-5 | RayofHope | bug-bounty, penetration-testing, web-penetration-testing, cyber-security-awareness, ethical-hacking | 09-Apr-2025 |
OWASP Top 10 Manual Testing | https://medium.com/@shamzen96/owasp-top-10-manual-testing-caf675448569?source=rss------bug_bounty-5 | Shivam Raj | testing, cybersecurity, hacking, bug-bounty, owasp-top-10 | 09-Apr-2025 |
This is how i use browser to fetch JS endpoints for good paying bugs | https://infosecwriteups.com/this-is-how-i-use-browser-to-fetch-js-endpoints-for-good-paying-bugs-6bd91563f7bf?source=rss------bug_bounty-5 | Canonminibeast | hacking-tools, bug-bounty-tips, cybersecurity, bug-bounty-writeup, bug-bounty | 09-Apr-2025 |
Google Patches Two Actively Exploited Android Vulnerabilities — Here’s What You Need to Know | https://medium.com/@Cyber-AppSec/google-patches-two-actively-exploited-android-vulnerabilities-heres-what-you-need-to-know-7350b60e5803?source=rss------bug_bounty-5 | Cyber-AppSec | bug-bounty, cybersecurity, cybercrime, cybersecurity-awareness, information-security | 09-Apr-2025 |
I Bypassed 2FA Using an Old Secret Key — Here’s How I Earned $500 | https://medium.com/@whitehat29/i-bypassed-2fa-using-an-old-secret-key-heres-how-i-earned-500-cd92c9158f1a?source=rss------bug_bounty-5 | Whitehat | bug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, hacking | 09-Apr-2025 |
️♂️ How Hackers Use Subdomain Takeover for Full Domain Control | https://medium.com/@vipulsonule71/%EF%B8%8F-%EF%B8%8F-how-hackers-use-subdomain-takeover-for-full-domain-control-c620b100c928?source=rss------bug_bounty-5 | Vipul Sonule | cybersecurity, writing, hacking, bug-bounty, bug-bounty-tips | 09-Apr-2025 |
⏳ The 3-Minute Bug: How I Found a Critical Vulnerability Without a Single Tool | https://infosecwriteups.com/the-3-minute-bug-how-i-found-a-critical-vulnerability-without-a-single-tool-750a7b2913e8?source=rss------bug_bounty-5 | Abhijeet Kumawat | ai, bug-bounty, infosec, cybersecurity, hacking | 09-Apr-2025 |
Token Tampering leads to change the user details | https://levi4.medium.com/token-tampering-leads-to-change-the-user-details-7bf8b5754bde?source=rss------bug_bounty-5 | Levi Ackerman | bug-bounty, cybersecurity, networking, vulnerability, ethical-hacking | 09-Apr-2025 |
️♂️ Hacker’s Recon Guide: How to Fingerprint Any Website Like a Pro | https://medium.com/@vipulsonule71/%EF%B8%8F-%EF%B8%8F-hackers-recon-guide-how-to-fingerprint-any-website-like-a-pro-9166f23dd4eb?source=rss------bug_bounty-5 | Vipul Sonule | bug-bounty, bug-bounty-tips, hacking, cybersecurity, penetration-testing | 09-Apr-2025 |
A useful tool for bug hunters | https://medium.com/@loyalonlytoday/a-useful-tool-for-bug-hunters-6d22ba356f08?source=rss------bug_bounty-5 | loyalonlytoday | ethical-hacking, tips, bug-bounty, tools, cybersecurity | 09-Apr-2025 |
5 Quick Wins: Exploit These Vulnerabilities for Huge Bug Bounty Paydays | https://smartscanner.medium.com/5-quick-wins-exploit-these-vulnerabilities-for-huge-bug-bounty-paydays-90ad106bbe10?source=rss------bug_bounty-5 | SmartScanner | cyber-secutity, bounty-program, bounty-hunter, bug-bounty-tips, bug-bounty | 09-Apr-2025 |
How a ₹1 Gift Card Hack Cost ₹50 Lakh (PVRCinemas): Why Bug Bounty Programs Are a Business… | https://osintteam.blog/how-a-1-gift-card-cost-50-lakh-pvrcinemas-why-bug-bounty-programs-are-a-business-essential-c57d50f8a95b?source=rss------bug_bounty-5 | Vivek PS | ethical-hacking, bug-bounty, programming, artificial-intelligence, cybersecurity | 09-Apr-2025 |
Chasing Bounties: Sometimes You Find Them, Sometimes They Find You | https://medium.com/@Ellatora/chasing-bounties-sometimes-you-find-them-sometimes-they-find-you-2db172282dfc?source=rss------bug_bounty-5 | Ellatora | osint, bug-bounty, friendship, cybersecurity, cyberjourney | 09-Apr-2025 |
From Broken Code to SQL Showdown: How I Found Critical Blind Injection | https://infosecwriteups.com/from-broken-code-to-sql-showdown-how-i-found-critical-blind-injection-9ae06e5e7010?source=rss------bug_bounty-5 | Iski | hacking, bug-bounty-tips, money, bug-bounty, cybersecurity | 09-Apr-2025 |
Privilege escalation worth — $$$ | https://medium.com/@zildaxx/privilege-escalation-worth-e8cd18fc6cb7?source=rss------bug_bounty-5 | zildaxx | bug-bounty, bug-bounty-tips | 09-Apr-2025 |
Stored HTML Injection — Email Invite Manipulation | https://ehteshamulhaq198.medium.com/stored-html-injection-email-invite-manipulation-63022e21d5db?source=rss------bug_bounty-5 | Ehtesham Ul Haq | infosec, penetration-testing, bug-bounty, bug-bounty-writeup, html | 09-Apr-2025 |
The $1,000,000 Bug: How I Spent 3 Months on a Single Target and Found the Most Critical Chain of My… | https://theindiannetwork.medium.com/the-1-000-000-bug-how-i-spent-3-months-on-a-single-target-and-found-the-most-critical-chain-of-my-5827cd7dc866?source=rss------bug_bounty-5 | TheIndianNetwork | bug-bounty-tips, jwt-token, bug-bounty, bug-bounty-writeup, jwt | 09-Apr-2025 |
How I Bypassed 2FA Twice on the Same Target | https://medium.com/@georgeughh/how-i-bypassed-2fa-twice-on-the-same-target-198c08954e82?source=rss------bug_bounty-5 | georgeughh | business-logic-bug, ethical-hacking, bug-bounty, cybersecurity | 09-Apr-2025 |
Cross-Site Scripting (XSS) Attack Identifying And Testing | https://medium.com/@Maleesha.Rathnayaka/cross-site-scripting-xss-attack-identifying-and-testing-07dc5437e1c4?source=rss------bug_bounty-5 | Maleesha Rathnayaka | xss-vulnerability, web-security, infosec, cybersecurity, bug-bounty | 09-Apr-2025 |
A Silent Account Takeover That Didn’t Make It — But Still Matters | https://medium.com/@unionx24/a-silent-account-takeover-that-didnt-make-it-but-still-matters-5b189b5f1d2e?source=rss------bug_bounty-5 | unionx24 | bug-bounty, hackerone, cybersecurity, writeup | 09-Apr-2025 |
Uncommon Headers That Bypass Everything (Almost): Bug Bounty Edition — 2025 | https://medium.com/@gasmask/uncommon-headers-that-bypass-everything-almost-bug-bounty-edition-2025-9d2ea65b2076?source=rss------bug_bounty-5 | gasmask | web-application-security, penetration-testing, cybersecurity, beginner, bug-bounty | 09-Apr-2025 |
Ingress-NGINX Under Siege: A Deep Dive into CVE-2025–1974 and Cluster Security | https://fr3ak-hacks.medium.com/ingress-nginx-under-siege-a-deep-dive-into-cve-2025-1974-and-cluster-security-a11744cb76d3?source=rss------bug_bounty-5 | Anindya Sankar Roy | nginx-ingress, web-hacking, wiz, bug-bounty, rce | 09-Apr-2025 |
Blind XSS: A Tale of Curiosity | https://medium.com/@negan0/blind-xss-a-tale-of-curiosity-501d47c0256c?source=rss------bug_bounty-5 | negan0 | xs, api-sec, blind-xss, self-xss, bug-bounty | 09-Apr-2025 |
Critical Security Flaw Discovered in LSG IPL Team’s Website: Wallet Manipulation Vulnerability | https://medium.com/@deepak7903800/critical-security-flaw-discovered-in-lsg-ipl-teams-website-wallet-manipulation-vulnerability-21c485c6e36f?source=rss------bug_bounty-5 | Deepak kumar | ipl, hacking, bug-bounty, information-security, cybersecurity | 09-Apr-2025 |
Finding Exposed Sensitive API Keys in JS Files — A Hacker’s Guide ️♂️ | https://medium.com/@vipulsonule71/finding-exposed-sensitive-api-keys-in-js-files-a-hackers-guide-%EF%B8%8F-%EF%B8%8F-50809fe2c52a?source=rss------bug_bounty-5 | Vipul Sonule | bug-bounty-tips, hacking, bug-bounty, ethical-hacking, cybersecurity | 09-Apr-2025 |
Part 2: Advanced JS Extraction & Analysis Automation for Bug Bounty Recon | https://cyberw1ng.medium.com/part-2-advanced-js-extraction-analysis-automation-for-bug-bounty-recon-5535e5e04463?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | programming, cybersecurity, automation, bug-bounty, javascript | 09-Apr-2025 |
HTML for Deep Understanding | https://medium.com/@zoningxtr/html-for-deep-understanding-da69c8204e55?source=rss------bug_bounty-5 | Zoningxtr | javascript, penetration-testing, web-development, html, bug-bounty | 09-Apr-2025 |
$100-$1000 Worth Subdomain Takeover | Easy Bounty Methodology | https://infosecwriteups.com/100-1000-worth-subdomain-takeover-easy-bounty-methodology-6daf9beacb31?source=rss------bug_bounty-5 | It4chis3c | secrets, subdomain-takeover, reconnaissance, bug-bounty, hidden | 09-Apr-2025 |
Part 2: Advanced JS Extraction & Analysis Automation for Bug Bounty Recon | https://osintteam.blog/part-2-advanced-js-extraction-analysis-automation-for-bug-bounty-recon-5535e5e04463?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | programming, cybersecurity, automation, bug-bounty, javascript | 09-Apr-2025 |
HTTP Status Codes: Overlooked Clues in Bug Bounty | https://medium.com/@cadeeper/http-status-codes-overlooked-clues-in-bug-bounty-f5b0efd556fc?source=rss------bug_bounty-5 | Inv | pentesting, cybersecurity, bug-bounty, vulnerability, web-security | 08-Apr-2025 |
SQL injection attack, querying the database type and version on Oracle — PortSwigger | https://arayofhope7.medium.com/sql-injection-attack-querying-the-database-type-and-version-on-oracle-portswigger-904487db7d3d?source=rss------bug_bounty-5 | RayofHope | web-penetration-testing, vapt, bug-bounty, cyber-security-training, penetration-testing | 08-Apr-2025 |
A Beginner's Guide to Bug Bounties. | https://medium.com/@richard_wachara/a-beginners-guide-to-bug-bounties-f710b10ae188?source=rss------bug_bounty-5 | RicOnTech | hackathons, bugs, bug-bounty, ethical-hacking, hacking | 08-Apr-2025 |
Living off the Land Binaries (LOLBins): How Attackers Use Built-In Tools Against You | https://medium.com/@paritoshblogs/living-off-the-land-binaries-lolbins-how-attackers-use-built-in-tools-against-you-24c0cb91ba20?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-technology, hacking, lolbin, cybersecurity | 08-Apr-2025 |
AI vs. Hackers: Can AI Help in Bug Bounty or Is It Just a Hype? | https://infosecwriteups.com/ai-vs-hackers-can-ai-help-in-bug-bounty-or-is-it-just-a-hype-04ce56b454d6?source=rss------bug_bounty-5 | Abhijeet Kumawat | hacker, ai, cybersecurity, hacking, bug-bounty | 08-Apr-2025 |
How Hackers Find Social Accounts & Passwords | https://medium.com/@vipulsonule71/how-hackers-find-social-accounts-passwords-1156e14e2faf?source=rss------bug_bounty-5 | Vipul Sonule | technology, ethical-hacking, hacking, bug-bounty, cybersecurity | 08-Apr-2025 |
Helpful website to find bug bounty and VDP programs | https://medium.com/meetcyber/helpful-website-to-find-bug-bounty-and-vdp-programs-eef63aca3b04?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty-tips, cybersecurity, bug-bounty-program, bug-bounty, bug-bounty-hunter | 08-Apr-2025 |
From Recon to RCE: How AI and a cup of Boost Helped Me Turn SQLi into a Command Injection Jackpot… | https://infosecwriteups.com/from-recon-to-rce-how-ai-and-a-cup-of-boost-helped-me-turn-sqli-into-a-command-injection-jackpot-1f62dc829956?source=rss------bug_bounty-5 | Iski | cybersecurity, hacking, infosec, bug-bounty, bug-bounty-tips | 08-Apr-2025 |
Rlogin — Port 513 — How to exploit? | https://medium.com/@verylazytech/rlogin-port-513-how-to-exploit-276acd0e30b6?source=rss------bug_bounty-5 | Very Lazy Tech | oscp, hacking, penetration-testing, bug-bounty, ethical-hacking | 08-Apr-2025 |
Unique MFA / Email Verification Bypass | Bug Bounty Methodology | https://progprnv.medium.com/unique-mfa-email-verification-bypass-bug-bounty-methodology-6f4c2d4c4c36?source=rss------bug_bounty-5 | progprnv | bypass, methodology, cybersecurity, bug-bounty, bug-bounty-tips | 08-Apr-2025 |
No Program, No Permission — Still Got a Bounty for Doing the Right Thing | https://medium.com/@Arioex/no-program-no-permission-still-got-a-bounty-for-doing-the-right-thing-eeb084c9bf88?source=rss------bug_bounty-5 | Huntsman | bug-bounty, cybersecurity, vulnerability, bug-bounty-tips, hacking | 08-Apr-2025 |
Hosting a Successful CTF event at Your College on a LAN or Using the Cloud. | https://medium.com/@shashank_d_s/hosting-a-successful-ctf-event-at-your-college-on-a-lan-or-using-the-cloud-767da16c92af?source=rss------bug_bounty-5 | D4rkHxnd | cybersecurity, penetration-testing, bug-bounty, ctf, capture-the-flag | 08-Apr-2025 |
Top 5 Social Engineering Attacks and How Hackers Trick Humans | https://medium.com/@vipulsonule71/top-5-social-engineering-attacks-and-how-hackers-trick-humans-ff8651f9e6a7?source=rss------bug_bounty-5 | Vipul Sonule | hacking, ethical-hacking, bug-bounty, cybersecurity, ai | 08-Apr-2025 |
IDOR in Avatar Selection Allows Unauthorized Access to Premium Avatars | https://mmnahian.medium.com/idor-in-avatar-selection-allows-unauthorized-access-to-premium-avatars-57ab276d2b6e?source=rss------bug_bounty-5 | mmnahian | penetration-testing, bug-bounty, web-app-security, infosec, bug-bounty-tips | 08-Apr-2025 |
Automate JavaScript (JS) Extraction for Bug Bounty Recon | https://cyberw1ng.medium.com/automate-javascript-js-extraction-for-bug-bounty-recon-6faab744d22e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | osint, cybersecurity, bug-bounty, programming, careers | 08-Apr-2025 |
My First Valid Bug in Hacker One (VDP)Programs Using Google Dorking | https://medium.com/@es0557533/my-first-valid-bug-in-hacker-one-vdp-programs-using-google-dorking-913926fb8489?source=rss------bug_bounty-5 | Isv | bug-zero, bugbounty-writeup, bug-bounty, google-dorking, bug-bounty-tips | 08-Apr-2025 |
This is how i use browser to fetch JS endpoints for good paying bugs | https://osintteam.blog/this-is-how-i-use-browser-to-fetch-js-endpoints-for-good-paying-bugs-3ca824e20aa5?source=rss------bug_bounty-5 | Canonminibeast | bug-bounty-writeup, cybersecurity, bug-bounty, hacking-tools, bug-bounty-tips | 08-Apr-2025 |
Automate JavaScript (JS) Extraction for Bug Bounty Recon | https://osintteam.blog/automate-javascript-js-extraction-for-bug-bounty-recon-6faab744d22e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | osint, cybersecurity, bug-bounty, programming, careers | 08-Apr-2025 |
CVE-2025–31420: wpForo <= 2.4.2 — Authenticated Privilege Escalation | https://revan-ar.medium.com/cve-2025-31420-wpforo-2-4-2-authenticated-privilege-escalation-99b1aa7498b6?source=rss------bug_bounty-5 | Revan A | bug-bounty, penetration-testing, wordpress-plugins, vulnerability, privilege-escalation | 07-Apr-2025 |
My Cyber Security Bug Bounty Side Hustle Paid Off My Mortgage | https://medium.com/@swaroop.sy/my-cyber-security-bug-bounty-side-hustle-paid-off-my-mortgage-c7b31ad74219?source=rss------bug_bounty-5 | Swaroop Yermalkar | pentesting, cybersecurity, bug-bounty, informaiton-security | 07-Apr-2025 |
BUG BOUNTY FRAUD : The Dark Side of Bug Bounty: From Rewards to Punishment | https://medium.com/@krivadna_87390/bug-bounty-fraud-the-dark-side-of-bug-bounty-from-rewards-to-punishment-a2b671ec64b6?source=rss------bug_bounty-5 | Krivadna | cybersecurity, bug-bounty, info-sec-writeups, freelancing, bugbounty-writeup | 07-Apr-2025 |
Exploiting Unconventional Open Redirects by Manipulating URL Parsing | https://medium.com/@itamar.yochpaz/exploiting-unconventional-open-redirects-by-manipulating-url-parsing-9e3eee575d31?source=rss------bug_bounty-5 | Itamar Yochpaz | hacking, ethical-hacking, bug-bounty, cybersecurity, penetration-testing | 07-Apr-2025 |
Hackers’ Hidden Playground: Exploiting Underrated Web Vulnerabilities Like a Pro | https://infosecwriteups.com/hackers-hidden-playground-exploiting-underrated-web-vulnerabilities-like-a-pro-e62ce0887ee7?source=rss------bug_bounty-5 | Abhijeet Kumawat | cybersecurity, hacker, hacking, bug-bounty, ai | 07-Apr-2025 |
AI Jailbreak walkthrough. | https://medium.com/@anandrishav2228/ai-jailbreak-walkthrough-4be9229a8e53?source=rss------bug_bounty-5 | Rishav anand | cybersecurity, hacking, bug-bounty, ai, money | 07-Apr-2025 |
#Bugbountyfraud Reddit Triaged report on Hackerone for banned URL Bypass I Clearly Proved was… | https://medium.com/@krivadna_87390/bugbountyfraud-reddit-triaged-report-on-hackerone-for-banned-url-bypass-i-clearly-proved-was-0a0aff79578d?source=rss------bug_bounty-5 | Krivadna | info-sec-writeups, infosec, bug-bounty, bugbounty-writeup, cybersecurity | 07-Apr-2025 |
Unmasking GraphQL: Your Next Bug Bounty Goldmine — The Deep Dive ️♂️ | https://medium.com/@shaikrief2/unmasking-graphql-your-next-bug-bounty-goldmine-the-deep-dive-%EF%B8%8F-%EF%B8%8F-759b732ddcd1?source=rss------bug_bounty-5 | Shxikrf | bug-bounty, api-security, graphql, cybersecurity, web-security | 07-Apr-2025 |
Non-English Dorks to Find Bug Bounty & VDP Programs | https://cybersecuritywriteups.com/non-english-dorks-to-find-bug-bounty-vdp-programs-d799f0a5161c?source=rss------bug_bounty-5 | AbhirupKonwar | osint, bug-bounty-tips, bug-bounty, ethical-hacking, pentesting | 07-Apr-2025 |
How AI Helped Me Turn a Sneaky SQL Param into a Full-Blown RFI Madness | https://infosecwriteups.com/how-ai-helped-me-turn-a-sneaky-sql-param-into-a-full-blown-rfi-madness-31837311f6bd?source=rss------bug_bounty-5 | Iski | bug-bounty, hacking, bug-bounty-tips, cybersecurity, infosec | 07-Apr-2025 |
When Google Dorking becomes the ultimate Game Changer to Find a Bug on the Indian Government | https://osintteam.blog/when-google-dorking-becomes-the-ultimate-game-changer-to-find-a-bug-on-the-indian-government-f1ec94642c84?source=rss------bug_bounty-5 | Gokuleswaran B | bug-bounty, google-dork, bug-bounty-tips, osint, dorking | 07-Apr-2025 |
The ultimate offensive security learning bundle - a combined review of Hack The Box Academy’s CPTS… | https://pyth0nk1d.medium.com/the-ultimate-offensive-security-learning-bundle-a-combined-review-of-hack-the-box-academys-cpts-d9883d766770?source=rss------bug_bounty-5 | David Prieto Montero | bug-bounty, offensive-security, certification, hackthebox, penetration-testing | 07-Apr-2025 |
Rsh — Port 514 — How to exploit? | https://medium.com/@verylazytech/rsh-port-514-how-to-exploit-025554369230?source=rss------bug_bounty-5 | Very Lazy Tech | oscp, bug-bounty, penetration-testing, rsh, ethical-hacking | 07-Apr-2025 |
IDOR Exposed: How a Simple ID Can Leak Millions of Records | https://infosecwriteups.com/idor-exposed-how-a-simple-id-can-leak-millions-of-records-890d9f200d0a?source=rss------bug_bounty-5 | Elie Attieh | pentesting, bug-bounty, cybersecurity, bug-bounty-tips, penetration-testing | 07-Apr-2025 |
Line Printer Daemon (LPD) — Port 515 — How to exploit? | https://medium.com/@verylazytech/line-printer-daemon-lpd-port-515-how-to-exploit-841142039707?source=rss------bug_bounty-5 | Very Lazy Tech | ethical-hacking, oscp, hacking, penetration-testing, bug-bounty | 07-Apr-2025 |
Hacking JavaScript files to get the Sensitive Data | https://anishkashukla.medium.com/hacking-javascript-files-to-get-the-sensitive-data-2526416a8afd?source=rss------bug_bounty-5 | Anishka Shukla | cybersecurity, infosec, bug-bounty, bug-bounty-tips, penetration-testing | 07-Apr-2025 |
HackingHub — Prison Hack Senaryosu | https://aliekberkara.medium.com/hackinghub-prison-hack-senaryosu-e80bc482933f?source=rss------bug_bounty-5 | Ali Ekber KARA | prison, cybersecurity, bug-bounty, discovery, hacking | 07-Apr-2025 |
How I Stumbled Into an SQLi at 2 AM (Instead of Doing My Job) | https://medium.com/@ramshath1999/how-i-stumbled-into-an-sqli-at-2-am-instead-of-doing-my-job-4506135dea3a?source=rss------bug_bounty-5 | Ramshath | hacking, bug-bounty, sql-injection, cybersecurity | 07-Apr-2025 |
How I Found Sensitive Information using Github Dorks in Bug Bounties — Part 3 | https://mukibas37.medium.com/how-i-found-sensitive-information-using-github-dorks-in-bug-bounties-part-3-750f62908508?source=rss------bug_bounty-5 | Mukilan Baskaran | cybersecurity, bug-bounty, code-review, code, github | 07-Apr-2025 |
Exposing a Major Data Leak in UPPCL: How Anyone Could Access Consumer PII | https://medium.com/@siddharth_1/exposing-a-major-data-leak-in-uppcl-how-anyone-could-access-consumer-pii-c65c10099db5?source=rss------bug_bounty-5 | Siddharth | bugs, bug-bounty, security, bug-bounty-tips | 07-Apr-2025 |
Automating Google Dorking with Python | https://cyberw1ng.medium.com/automating-google-dorking-with-python-fcd8601fe1f0?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, programming, cybersecurity, technology, careers | 07-Apr-2025 |
How AI Helped Me to Bypass 403 — Forbidden | https://infosecwriteups.com/how-ai-helped-me-to-bypass-403-forbidden-06becd32b999?source=rss------bug_bounty-5 | It4chis3c | bug-bounty, hacking, ai, artificial-intelligence, secrets | 07-Apr-2025 |
Passive URL gathering tool for bug hunters | https://medium.com/@loyalonlytoday/passive-url-gathering-tool-for-bug-hunters-75d7385217a5?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, cybersecurity, penetration-testing, ethical-hacking, bug-bounty-tips | 06-Apr-2025 |
Oracle Data Breach: Exploitation of CVE-2021-35587 in Oracle Access Manager | https://medium.com/@ajeemshaik7/oracle-data-breach-exploitation-of-cve-2021-35587-in-oracle-access-manager-6584bd2d3de5?source=rss------bug_bounty-5 | Calix Sharp | technology, bug-bounty-tips, cybersecurity, future, bug-bounty | 06-Apr-2025 |
Can AI Hack Websites? Testing the Limits of ChatGPT and Cybersecurity | https://infosecwriteups.com/can-ai-hack-websites-testing-the-limits-of-chatgpt-and-cybersecurity-4e2bc9635bea?source=rss------bug_bounty-5 | Abhijeet Kumawat | hacking, bug-bounty, ai, cybersecurity, chatgpt | 06-Apr-2025 |
Remix and React Router Vulnerability CVE-2025–31137 -$$$$ BOUNTY | https://infosecwriteups.com/remix-and-react-router-vulnerability-cve-2025-31137-bounty-c0c716f44888?source=rss------bug_bounty-5 | Ajay Naik | penetration-testing, information-security, bug-bounty, cybersecurity, cyberattack | 06-Apr-2025 |
Error Messages From Hell: 25 Cryptic Warnings That Left Developers in Tears | https://medium.com/@coders.stop/error-messages-from-hell-25-cryptic-warnings-that-left-developers-in-tears-a87c0c8f2082?source=rss------bug_bounty-5 | Coders Stop | bug-bounty, software-development, programming, error-message, error-handling | 06-Apr-2025 |
Apple Filing Protocol (AFP) — PORT 548 — How to exploit? | https://medium.com/@verylazytech/apple-filing-protocol-afp-port-548-how-to-exploit-eb4dbb3804f7?source=rss------bug_bounty-5 | Very Lazy Tech | ethical-hacking, bug-bounty, penetration-testing, port-548, hacking | 06-Apr-2025 |
how i found the broken access control vulnerability? | https://doordiefordream.medium.com/how-i-found-the-broken-access-control-vulnerability-5ad1b3083c6d?source=rss------bug_bounty-5 | DOD cyber solutions | technology, cybersecurity, security, ethical-hacking, bug-bounty | 06-Apr-2025 |
Bountymine: The Cleanest Cybersecurity Guide that You Shouldn’t Miss | https://medium.com/developersglobal/bountymine-the-cleanest-cybersecurity-guide-that-you-shouldnt-miss-6f18a36451da?source=rss------bug_bounty-5 | Gopalakrishnan | bug-bounty-tips, bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-hunting | 06-Apr-2025 |
Another Day, Another ₹500 reward: The Not-So-Fancy Reality of Bug Hunting | https://osintteam.blog/another-day-another-500-reward-the-not-so-fancy-reality-of-bug-hunting-545b5ce4c512?source=rss------bug_bounty-5 | Vivek PS | programming, web-development, hacking, bug-bounty, ethical-hacking | 06-Apr-2025 |
SQL injection vulnerability allowing login bypass — Post Method | https://arayofhope7.medium.com/sql-injection-vulnerability-allowing-login-bypass-post-method-9d219a201de7?source=rss------bug_bounty-5 | RayofHope | cyber-security-training, web-penetration-testing, penetration-testing, vapt, bug-bounty | 06-Apr-2025 |
block chain introduction | https://doordiefordream.medium.com/block-chain-introduction-d0e1806d9c02?source=rss------bug_bounty-5 | DOD cyber solutions | cybersecurity, bug-bounty, web3, bitcoin, blockchain | 06-Apr-2025 |
JavaScript Built-in Functions | https://medium.com/@zoningxtr/javascript-built-in-functions-7a4070ca592a?source=rss------bug_bounty-5 | Zoningxtr | bug-bounty, javascript, penetration-testing, javascript-development, cybersecurity | 06-Apr-2025 |
JavaScript Jump Start Series. | https://medium.com/@zoningxtr/javascript-jump-start-series-4bf380051fac?source=rss------bug_bounty-5 | Zoningxtr | javascript, javascript-tips, penetration-testing, bug-bounty, cybersecurity | 06-Apr-2025 |
How Hackers Exploit CVE-2025–29927 in Next.js Like a Pro | https://infosecwriteups.com/how-hackers-exploit-cve-2025-29927-in-next-js-like-a-pro-9997f48ed7ce?source=rss------bug_bounty-5 | coffinxp | bug-bounty-tips, cybersecurity, bug-bounty, technology, nextjs | 06-Apr-2025 |
How to become a BugBounty Hunter in 2025. Detailed Roadmap !! | https://medium.com/@0026rsb/how-to-become-a-bugbounty-hunter-in-2025-detailed-roadmap-084f1233ef8b?source=rss------bug_bounty-5 | Rupesh_rs | roadmaps, career-in-cybersecurity, bug-bounty | 06-Apr-2025 |
“One Click, No Consent” — How I Unsubscribed Any User from [target.com] Without Logging In | https://cybersecuritywriteups.com/one-click-no-consent-how-i-unsubscribed-any-user-from-target-com-without-logging-in-ef4897f73158?source=rss------bug_bounty-5 | Guru Prasad Pattanaik | bug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips, ethical-hacking | 06-Apr-2025 |
RECON GHOST: The 83% Faster Recon Tool That Almost Broke Me | https://mfaizananwar.medium.com/recon-ghost-the-83-faster-recon-tool-that-almost-broke-me-eb78a7b267c4?source=rss------bug_bounty-5 | Muhammad Faizan Anwar | bug-bounty, offensive-security, cybersecurity, nmap, penetration-testing | 06-Apr-2025 |
How to Gather PII From Websites Using Python | https://cyberw1ng.medium.com/how-to-gather-pii-from-websites-using-python-949d36cd8a06?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, technology, programming, bug-bounty, careers | 06-Apr-2025 |
Duty Free: A White-Hat Forum with a Shadowed Past | https://medium.com/@vasekpentester/duty-free-a-white-hat-forum-with-a-shadowed-past-5cc92ca1c3e7?source=rss------bug_bounty-5 | vasek | ethical-hacking, hacking, penetration-testing, bug-bounty, hacker | 06-Apr-2025 |
Duty Free как зарождался новый форум для белых хакеров | https://medium.com/@vasekpentester/duty-free-%D0%BA%D0%B0%D0%BA-%D0%B7%D0%B0%D1%80%D0%BE%D0%B6%D0%B4%D0%B0%D0%BB%D1%81%D1%8F-%D0%BD%D0%BE%D0%B2%D1%8B%D0%B9-%D1%84%D0%BE%D1%80%D1%83%D0%BC-%D0%B4%D0%BB%D1%8F-%D0%B1%D0%B5%D0%BB%D1%8B%D1%85-%D1%85%D0%B0%D0%BA%D0%B5%D1%80%D0%BE%D0%B2-55a0e83a1564?source=rss------bug_bounty-5 | vasek | pentesting, bug-bounty, exploit, hacking, forum | 06-Apr-2025 |
How to become a BugBounty Hunter in 2025. Detailed Roadmap !! | https://medium.com/@RsHack3r/how-to-become-a-bugbounty-hunter-in-2025-detailed-roadmap-084f1233ef8b?source=rss------bug_bounty-5 | Rupesh_rs | roadmaps, career-in-cybersecurity, bug-bounty | 06-Apr-2025 |
100 Google Dorks for Low-Hanging Bug Hunting — Hunt Like a Pro | https://osintteam.blog/100-google-dorks-for-low-hanging-bug-hunting-hunt-like-a-pro-be0a4c29e557?source=rss------bug_bounty-5 | Adarsh Pandey | osint, cybersecurity, bug-bounty, google, dorks | 05-Apr-2025 |
Uncover Hidden Bugs | https://osintteam.blog/uncover-hidden-bugs-851603d187dd?source=rss------bug_bounty-5 | Monika sharma | penetration-testing, bug-bounty, bug-bounty-tips, technology, hacking | 05-Apr-2025 |
A list of tools that will help to find XSS(cross-site scripting ) vulnerability. | https://medium.com/@loyalonlytoday/a-list-of-tools-that-will-help-to-find-xss-cross-site-scripting-vulnerability-037dfe279f51?source=rss------bug_bounty-5 | loyalonlytoday | xss-attack, tools, cybersecurity, xss-vulnerability, bug-bounty | 05-Apr-2025 |
The story of Conti: part 1 | https://medium.com/@jakboubmostefa/the-story-of-conti-part-1-c1285a89696f?source=rss------bug_bounty-5 | Mostefa Jakboub | cybersecurity, ransomeware, malware, c-plus-plus-language, bug-bounty | 05-Apr-2025 |
JWT Vulnerabilities: How Misconfigurations Can Lead to Authentication Bypass | https://bitpanic.medium.com/jwt-vulnerabilities-how-misconfigurations-can-lead-to-authentication-bypass-96d520194b6d?source=rss------bug_bounty-5 | Spectat0rguy | ai-generated-content, technology, programming, bug-bounty, cybersecurity | 05-Apr-2025 |
We Did Everything Right… and Still Got Exploited: What Went Wrong? ‼️ | https://securrtech.medium.com/we-did-everything-right-and-still-got-exploited-what-went-wrong-%EF%B8%8F-79b7cb973008?source=rss------bug_bounty-5 | Securr - Web3 Security | web3-security, bug-bounty, smart-contract-security, smart-contract-auditing, blockchain-security | 05-Apr-2025 |
️ SSRF to RCE: How I Turned a Small Bug Into a Big Paycheck | https://infosecwriteups.com/%EF%B8%8F-ssrf-to-rce-how-i-turned-a-small-bug-into-a-big-paycheck-574b6b889d2a?source=rss------bug_bounty-5 | Abhijeet Kumawat | hacking, ssrf, rce, bug-bounty, cybersecurity | 05-Apr-2025 |
RTSP — Port 554, 8554 — How to exploit? | https://medium.com/@verylazytech/rtsp-port-554-8554-how-to-exploit-674df4aca649?source=rss------bug_bounty-5 | Very Lazy Tech | hacking, bug-bounty, port-554, ethical-hacking, penetration-testing | 05-Apr-2025 |
Day 29 — CSRF Bypass Using Domain Confusion Leads To Account Takeover (ATO) | https://medium.com/@danielbelay/day-29-csrf-bypass-using-domain-confusion-leads-to-account-takeover-ato-bfd27b975e80?source=rss------bug_bounty-5 | dani3l | bug-bounty, ato, account-takeover, cybersecurity | 05-Apr-2025 |
Open Bug Bounty — Your XSS Gym | https://osintteam.blog/open-bug-bounty-your-xss-gym-75fed886d2c0?source=rss------bug_bounty-5 | RivuDon | openbugbounty, xss-attack, bug-bounty-writeup, bug-bounty, bug-bounty-tips | 05-Apr-2025 |
SQL injection vulnerability in WHERE clause allowing retrieval of hidden data — PortSwigger | https://arayofhope7.medium.com/sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-portswigger-12342def10ec?source=rss------bug_bounty-5 | RayofHope | penetration-testing, cyber-security-courses, sql-injection, bug-bounty, vapt | 05-Apr-2025 |
Scroll, Find, Boom! How I Tripped Over a Bounty in Just 3 Lines of Code | https://myselfakash20.medium.com/scroll-find-boom-how-i-tripped-over-a-bounty-in-just-3-lines-of-code-18806bafd56c?source=rss------bug_bounty-5 | Akash Ghosh | ethical-hacking, infosec, cybersecurity, bug-bounty, bug-bounty-tips | 05-Apr-2025 |
How to Bypass Phone Number Validation for Unlimited Free Trials | https://medium.com/@Youseef/how-to-bypass-phone-number-validation-for-unlimited-free-trials-98d8bf2f0955?source=rss------bug_bounty-5 | Yousseff | bug-bounty, web-penetration-testing, penetration-testing, hackerone, bug-hunting | 05-Apr-2025 |
How I Bypassed Xiaomi’s Rate Limit with Just a Few Extra Slashes /// | https://infosecxsalman.medium.com/how-i-bypassed-xiaomis-rate-limit-with-just-a-few-extra-slashes-425b00ded794?source=rss------bug_bounty-5 | Salman | bug-bounty, hackerone, security, bug-bounty-writeup, rate-limit-bypass | 05-Apr-2025 |
CORS Misconfiguration: Bug Bounty Tips to Find and Exploit These Vulnerabilities | https://frostyxsec.medium.com/cors-misconfiguration-bug-bounty-tips-to-find-and-exploit-these-vulnerabilities-4856d0a954af?source=rss------bug_bounty-5 | Frostyxsec | bug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-hunting, bug-bouty-tips | 05-Apr-2025 |
The AI paradox in bug bounty: Increased efficiency or noise saturation? | https://medium.com/@ce.barquet/the-ai-paradox-in-bug-bounty-increased-efficiency-or-noise-saturation-4aab10d94979?source=rss------bug_bounty-5 | Luthierc | cybersecurity, artificial-intelligence, bug-bounty, ai, technology | 05-Apr-2025 |
Bypassing OTP Verification | https://medium.com/@Youseef/bypassing-otp-verification-412978abb332?source=rss------bug_bounty-5 | Yousseff | bug-bounty, cybersecurity, business-logic-flaw, web-penetration-testing | 05-Apr-2025 |
$150 IDOR️♂️ — How I Added My Own Dishes to a Restaurant Menu | https://medium.com/@yahiasherif/150-idor-%EF%B8%8F-%EF%B8%8F-how-i-added-my-own-dishes-to-a-restaurant-menu-399dce077878?source=rss------bug_bounty-5 | Yahia Sherif | bug-bounty-writeup, bug-bounty, idor, pentesting, broken-access-control | 05-Apr-2025 |
campaign monitor takeover | https://aarnavsaboo.medium.com/campaign-monitor-takeover-5cd796c3fe67?source=rss------bug_bounty-5 | Aarnav Saboo | pentesting, networking, cybersecurity, ethical-hacking, bug-bounty | 05-Apr-2025 |
When APIs Trust Too Much: Chat Impersonation through Broken Auth [Bug bounty write-up] — Kullai 🙂 | https://kullaisec.medium.com/when-apis-trust-too-much-chat-impersonation-through-broken-auth-bug-bounty-write-up-kullai-943abecaa34d?source=rss------bug_bounty-5 | Kullai | bugbounty-writeup, pentesting, bug-bounty, cybersecurity, hacking | 05-Apr-2025 |
From Nap to P4: A Chilled Evening Bug Hunt | https://medium.com/@gourisankara357/from-nap-to-p4-a-chilled-evening-bug-hunt-e3478f20022f?source=rss------bug_bounty-5 | Gouri Sankar A | bugcrowd, bug-bounty, infosec-write-ups, bug-hunting | 05-Apr-2025 |
Master Recon P-1: 15+ Ways of Subdomain Scraping Techniques | My 2 Years of Bug Hunting Experience | https://medium.com/@janpreet4340/master-recon-p-1-15-ways-of-subdomain-scraping-techniques-my-2-years-of-bug-hunting-experience-c9455a30b520?source=rss------bug_bounty-5 | Janpreet Singh | bug-bounty, penetration-testing, subdomains-enumeration, recon, best | 05-Apr-2025 |
Hacking a File Path Traversal Vulnerability: How I Retrieved /etc/passwd & Solved the Lab | https://medium.com/@sumanth1962/hacking-a-file-path-traversal-vulnerability-how-i-retrieved-etc-passwd-solved-the-lab-4e9e1a2f8aa2?source=rss------bug_bounty-5 | Sumanth Yerranagula | cybersecurity, bug-bounty, ethical-hacking, ctf-writeup, ctf | 05-Apr-2025 |
How i found XSS and chained it with CSRF | https://medium.com/@alshormanmomen681/how-i-found-xss-and-chained-it-with-csrf-b99bc589ad5b?source=rss------bug_bounty-5 | Alshormanmomen | csrf, hacking, bug-bounty, bounties, xss-attack | 05-Apr-2025 |
Bypassing WAFs in 2025: New Techniques and Evasion Tactics | https://medium.com/@gasmask/bypassing-wafs-in-2025-new-techniques-and-evasion-tactics-fdb3508e6b46?source=rss------bug_bounty-5 | gasmask | cybersecurity, web-application-security, beginner, penetration-testing, bug-bounty | 05-Apr-2025 |
How I got 324$ for a PII disclosure | https://aarnavsaboo.medium.com/324-pii-disclosure-89e6b384fab7?source=rss------bug_bounty-5 | Aarnav Saboo | vulnerability, penetration-testing, bug-bounty, hacking, cybersecurity | 05-Apr-2025 |
HackTheBox: Stocker — Bypass a Logins con Inyecciones NoSQL y Escalada de Privilegios en Node.js | https://medium.com/@zsodex/hackthebox-stocker-bypass-a-logins-con-inyecciones-nosql-y-escalada-de-privilegios-en-node-js-d0b2666149f3?source=rss------bug_bounty-5 | zSodex | cybersecurity, bug-bounty, hackthebox-writeup, penetration-testing | 05-Apr-2025 |
Introduction to OWASP Mobile Top 10 for Android | https://cyberw1ng.medium.com/introduction-to-owasp-mobile-top-10-for-android-3be718c566f8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | technology, programming, bug-bounty, owasp, cybersecurity | 05-Apr-2025 |
Google Rate Limit Bypass: Triggering Infinite Spam Requests | https://medium.com/@AhmedSamy-X/google-rate-limit-bypass-triggering-infinite-spam-requests-c360019b9c7f?source=rss------bug_bounty-5 | Ahmedsamy | ethical-hacking, bug-bounty, cybersecurity, google-hacking, information-technology | 04-Apr-2025 |
A tool that will help to analyze security headers of your target domains. | https://medium.com/@loyalonlytoday/a-tool-that-will-help-to-analyze-security-headers-of-your-target-domains-86aa06a3fa5c?source=rss------bug_bounty-5 | loyalonlytoday | hacking, cybersecurity, penetration-testing, bug-bounty, programming | 04-Apr-2025 |
How I Tricked a Server (with AI) Into Leaking Its Secrets | https://infosecwriteups.com/how-i-tricked-a-server-with-ai-into-leaking-its-secrets-bb18be82b81d?source=rss------bug_bounty-5 | Iski | hacking, cybersecurity, infosec, money, bug-bounty | 04-Apr-2025 |
IPMI — Port 623/UDP/TCP — How to exploit? | https://medium.com/@verylazytech/ipmi-port-623-udp-tcp-how-to-exploit-4655ec015a0b?source=rss------bug_bounty-5 | Very Lazy Tech | hacking, penetration-testing, bug-bounty, port-623, ipmi | 04-Apr-2025 |
The Hidden XSS: A Bug Hidden in the Mist | https://ghostman01.medium.com/the-hidden-xss-a-bug-hidden-in-the-mist-907d6cc55322?source=rss------bug_bounty-5 | SIDDHANT SHUKLA | hacking, bug-bounty, cybersecurity, ethical-hacking, hacker | 04-Apr-2025 |
Creativity Over Commands: Why Hacking is 80% Mindset, 20% Tools | https://myselfakash20.medium.com/creativity-over-commands-why-hacking-is-80-mindset-20-tools-517c9ed75046?source=rss------bug_bounty-5 | Akash Ghosh | hacking, cybersecurity, bug-bounty-tips, technology, bug-bounty | 04-Apr-2025 |
The Simple P3: Not a Joke | https://infosecwriteups.com/the-simple-p3-not-a-joke-58d957aceb63?source=rss------bug_bounty-5 | callgh0st | test, hacking, genocide, bug-bounty, bug-bounty-tips | 04-Apr-2025 |
Automation vs. Manual Hacking: Which One Wins in Bug Bounty? | https://medium.com/@Abhijeet_kumawat_/automation-vs-manual-hacking-which-one-wins-in-bug-bounty-1b7826452c69?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, hacking, infosec, cybersecurity, ai | 04-Apr-2025 |
Automation vs. Manual Hacking: Which One Wins in Bug Bounty? | https://infosecwriteups.com/automation-vs-manual-hacking-which-one-wins-in-bug-bounty-1b7826452c69?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, hacking, infosec, cybersecurity, ai | 04-Apr-2025 |
Race Condition - Eating Rate Limits for Account Takeover | https://shahjerry33.medium.com/race-condition-eating-rate-limits-for-account-takeover-ff44b6dc8798?source=rss------bug_bounty-5 | Jerry Shah (Jerry) | infosec, vulnerability, cybersecurity, pentesting, bug-bounty | 04-Apr-2025 |
Extract all Bug Bounty programs | https://osintteam.blog/extract-all-bug-bounty-programs-df37ebd86530?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty-tips, bug-bounty, ethical-hacking, pentesting, penetration-testing | 04-Apr-2025 |
How to Hackers hack CCTV | https://infosecwriteups.com/how-to-hackers-hack-cctv-a55b03a4ddf8?source=rss------bug_bounty-5 | Mr Horbio | hacking, cctv, ethical-hacking, bug-bounty, cybersecurity | 04-Apr-2025 |
Creativity Over Commands: Why Hacking is 80% Mindset, 20% Tools | https://infosecwriteups.com/creativity-over-commands-why-hacking-is-80-mindset-20-tools-517c9ed75046?source=rss------bug_bounty-5 | Akash Ghosh | hacking, infosec, cybersecurity, technology, bug-bounty | 04-Apr-2025 |
$150 IDOR️♂️ — How I Added My Own Dishes to a Restaurant Menu | https://medium.com/@yahiasherif/150-idor-%EF%B8%8F-%EF%B8%8F-how-i-added-my-own-dishes-to-a-restaurant-menu-a0b4a78c1d8a?source=rss------bug_bounty-5 | Yahia Sherif | bug-bounty-writeup, bug-bounty, broken-access-control, idor, pentesting | 04-Apr-2025 |
The Biggest Password Leaks in History: Lessons from Millions of Stolen Accounts | https://medium.com/@vipulsonule71/the-biggest-password-leaks-in-history-lessons-from-millions-of-stolen-accounts-30e1b9d519b3?source=rss------bug_bounty-5 | Vipul Sonule | hacking, cybersecurity, ethical-hacking, bug-bounty, penetration-testing | 04-Apr-2025 |
Google Classroom IDOR: Mute Anyone, Even the Owner… But Ignored | https://v0ltex.medium.com/google-classroom-idor-mute-anyone-even-the-owner-but-ignored-58def4627507?source=rss------bug_bounty-5 | Abdo Rabea (VolteX) | bug-bounty, broken-access-control, google-vrp, idor, writeup | 04-Apr-2025 |
Introduction to OWASP Top 10 API Vulnerability | https://cyberw1ng.medium.com/introduction-to-owasp-top-10-api-vulnerability-43a239e782b7?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | api, bug-bounty, programming, cybersecurity, careers | 04-Apr-2025 |
Mastering Logic Bugs: A Checklist for Bug Hunters — Part 3: Account Takeover (ATO ) | https://medium.com/@mahdisalhi0500/mastering-logic-bugs-a-checklist-for-bug-hunters-part-3-account-takeover-ato-7af98ce87aa3?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | infosec, bug-bounty, hacking, information-security, penetration-testing | 04-Apr-2025 |
Guide to Identifying and Exploiting TOCTOU Race Conditions in Web Applications | https://fdzdev.medium.com/guide-to-identifying-and-exploiting-toctou-race-conditions-in-web-applications-c5f233e32b7f?source=rss------bug_bounty-5 | Facundo Fernandez | penetration-testing, ethical-hacking, cybersecurity, hacking, bug-bounty | 04-Apr-2025 |
Unauthenticated Admin Profile Disclosure via GraphQL IDOR — A Real-World Bug Bounty Find. | https://medium.com/@yasser0hamoda1/unauthenticated-admin-profile-disclosure-via-graphql-idor-a-real-world-bug-bounty-find-f8647eae5237?source=rss------bug_bounty-5 | Yasser Hamoda | hacking, cybersecurity, bug-bounty, infosec, programming | 03-Apr-2025 |
Mobile Application Bounty Practice: SQL Injection Principles, Vulnerability Discovery and… | https://medium.com/@cadeeper/mobile-application-bounty-practice-sql-injection-principles-vulnerability-discovery-and-cd3e77ef380b?source=rss------bug_bounty-5 | Inv | cybersecurity, penetration-testing, bug-bounty, web-development, hacking | 03-Apr-2025 |
How I Found a CSRF Vulnerability Leading to Account Takeover ($2,000 Bounty) | https://medium.com/@nareshkandula54/how-i-found-a-csrf-vulnerability-leading-to-account-takeover-2-000-bounty-3dc408f2f134?source=rss------bug_bounty-5 | Naresh Kandula | bug-bounty-writeup, csrf-attack, csrf-protection, bug-bounty, bugbounty-writeup | 03-Apr-2025 |
Reverse Engineering a Browser Extension Led Me to a Dangerous Exploit! ($25,000 Bounty) | https://theindiannetwork.medium.com/reverse-engineering-a-browser-extension-led-me-to-a-dangerous-exploit-25-000-bounty-c7dda4601753?source=rss------bug_bounty-5 | TheIndianNetwork | exploitation, reverse-engineering, bug-bounty, bug-bounty-tips | 03-Apr-2025 |
React Router and the Remix’ed path | https://medium.com/@zhero_/react-router-and-the-remixed-path-daa48d6bd6a9?source=rss------bug_bounty-5 | Rachid.A | hacking, bug-bounty, react, javascript, vulnerability | 03-Apr-2025 |
How to Get GraphQL Introspection via WebSocket | https://medium.com/@blackarazi/how-to-get-graphql-introspection-via-websocket-5a1cf23e7bfc?source=rss------bug_bounty-5 | Azhari Harahap | application-security, graphql, api-security, bug-bounty, websocket | 03-Apr-2025 |
Advanced File Upload Techniques Worth $1000-$5000 | https://infosecwriteups.com/advanced-file-upload-techniques-worth-1000-5000-66ad72a124bb?source=rss------bug_bounty-5 | Abhijeet Kumawat | file-upload-vulnerability, hacking, bug-bounty, infosec, cybersecurity | 03-Apr-2025 |
Web Security Bug Bounty Write-Up: Bypassing Authentication via Logical Flaw | https://medium.com/@MGtrix/web-security-bug-bounty-write-up-bypassing-authentication-via-logical-flaw-40fb70e861ea?source=rss------bug_bounty-5 | Meysam Kheiri Koedlar | ctf-writeup, bug-bounty, penetration-testing, cybersecurity, web-security | 03-Apr-2025 |
Internet Printing Protocol (IPP) — Port 631 — How to exploit? | https://medium.com/@verylazytech/internet-printing-protocol-ipp-port-631-how-to-exploit-d234cf91487e?source=rss------bug_bounty-5 | Very Lazy Tech | hacking, penetration-testing, ethical-hacking, port-631, bug-bounty | 03-Apr-2025 |
0-Click Account Takeover on Any Website: A Hacker’s Worst Nightmare ⚡️ | https://medium.com/@vipulsonule71/0-click-account-takeover-on-any-website-a-hackers-worst-nightmare-%EF%B8%8F-b11cefdb3d57?source=rss------bug_bounty-5 | Vipul Sonule | ai, hacking, bug-bounty, cybersecurity, penetration-testing | 03-Apr-2025 |
Bypassing Email Verification | https://ehteshamulhaq198.medium.com/bypassing-email-verification-299d94230724?source=rss------bug_bounty-5 | Ehtesham Ul Haq | pentesting, writeup, email-verification, bug-bounty-tips, bug-bounty | 03-Apr-2025 |
From Bug Report to HOF: My first valid bug triage from NASA VDP | https://medium.com/@nani.yashwanth12/from-bug-report-to-hof-my-first-valid-bug-triage-from-nasa-vdp-36a8a1c65072?source=rss------bug_bounty-5 | Yashwanth | security, cybersecurity, bugcrowd, bug-bounty-writeup, bug-bounty | 03-Apr-2025 |
Privilege Escalation using SUDO || Exploit SUDO Misconfiguration | https://medium.com/@hrofficial62/privilege-escalation-using-sudo-exploit-sudo-misconfiguration-f647313c2d72?source=rss------bug_bounty-5 | Mr Horbio | cybersecurity, pentesting, hacking, bug-bounty, ethical-hacking | 03-Apr-2025 |
Hacking Workspace for Fun & Profit: Part I | https://0xh7ml.medium.com/hacking-workspace-for-fun-profit-part-i-cd28467ea5c6?source=rss------bug_bounty-5 | Md Saikat | bug-bounty-writeup, bug-bounty, infosec | 03-Apr-2025 |
Don’t Miss Any Authentication Layer: Bypassing Password Verification for Unauthorized Account… | https://hackersatty.medium.com/dont-miss-any-authentication-layer-bypassing-password-verification-for-unauthorized-account-46113106828b?source=rss------bug_bounty-5 | hackersatty | medium, bug-bounty-writeup, bug-bounty, idor, access-control | 03-Apr-2025 |
How I Hacked The Chattisgarh High Court Government Portal | https://medium.com/@digvijaysunil/how-i-hacked-the-chattisgarh-high-court-government-portal-3c26f56186fe?source=rss------bug_bounty-5 | digvijaysunil | cybersecurity, vulnerability, ethical-hacking, hacking, bug-bounty | 03-Apr-2025 |
From “Not Reproducible” to Recognition: Reflected XSS on NASA | https://medium.com/@dikstha1409/from-not-reproducible-to-recognition-reflected-xss-on-nasa-1bc008d1d459?source=rss------bug_bounty-5 | Dikshya Shrestha | nasa, bug-bounty-writeup, xss-attack, bug-bounty, recognition | 03-Apr-2025 |
Failed XSS? CRLF to the Rescue | https://anontuttuvenus.medium.com/failed-xss-crlf-to-the-rescue-5febfc03b809?source=rss------bug_bounty-5 | Anon Tuttu Venus | bug-bounty-writeup, penetration-testing, xss-attack, crlf-injection, bug-bounty | 03-Apr-2025 |
Email Content Html Injection | https://medium.com/@gadashov/email-content-html-injection-9f3132ed4056?source=rss------bug_bounty-5 | gadashov | bug-hunting, bug-bounty, injection, penetration-testing, html-injection | 03-Apr-2025 |
Developers Mistake Leads to Bountiesss$$$… | https://infosecwriteups.com/developers-mistake-leads-to-bountiesss-088cf2c2ce51?source=rss------bug_bounty-5 | It4chis3c | bug-bounty-tips, bug-bounty, secrets, bug-bounty-writeup, mistakes | 03-Apr-2025 |
Same OTP for Email & Phone? Yep, That’s a Bug! | https://strangerwhite.medium.com/same-otp-for-email-phone-yep-thats-a-bug-f346668bece6?source=rss------bug_bounty-5 | StrangeRwhite | cybersecurity, otp-bypass, information-technology, hacking, bug-bounty | 03-Apr-2025 |
Silent Sabotage: Exploiting Stored XSS in a Chat Feature | https://medium.com/@youssefhussein212103168/silent-sabotage-exploiting-stored-xss-in-a-chat-feature-71108606b10b?source=rss------bug_bounty-5 | Youssefhussein | penetration-testing, xss-attack, stored-xss, bug-bounty, cybersecurity | 03-Apr-2025 |
How I Turned a 403 Forbidden Into a Goldmine | https://infosecwriteups.com/how-i-turned-a-403-forbidden-into-a-goldmine-738cdf1407aa?source=rss------bug_bounty-5 | Iski | money, bug-bounty-tips, bug-bounty, hacking, cybersecurity | 03-Apr-2025 |
Bug bounty: It’s not competition, it’s constant evolution | https://medium.com/@ce.barquet/bug-bounty-its-not-competition-it-s-constant-evolution-ffa674462689?source=rss------bug_bounty-5 | Luthierc | bug-bounty, cybersecurity, vulnerability, technology | 03-Apr-2025 |
JWT Token Manipulation: Explotando Vulnerabilidades en la Autenticación Web | https://medium.com/@zsodex/jwt-token-manipulation-explotando-vulnerabilidades-en-la-autenticaci%C3%B3n-web-7f416c1db6b6?source=rss------bug_bounty-5 | zSodex | cybersecurity, pentesting, hacking, bug-bounty, hackthebox | 03-Apr-2025 |
How I Uncovered a Sneaky DOM XSS Bug in a Popular Social Media Platform — And Scored a $4,000 Bug… | https://theindiannetwork.medium.com/how-i-uncovered-a-sneaky-dom-xss-bug-in-a-popular-social-media-platform-and-scored-a-4-000-bug-892c7a9f3694?source=rss------bug_bounty-5 | TheIndianNetwork | dom, dom-xss, bug-bounty, bug-bounty-tips, xss-attack | 02-Apr-2025 |
Price Tampering Vulnerability in the Supreme Court of India | https://medium.com/@deepak7903800/price-tampering-vulnerability-in-the-supreme-court-of-india-4bd3046b2bb9?source=rss------bug_bounty-5 | Deepak kumar | bug-bounty, info-sec-writeups, cybersecurity, hacking, information-security | 02-Apr-2025 |
You Say Premium Features? Well, Not Anymore | https://medium.com/@ahmed_salem/you-say-premium-features-well-not-anymore-e15d5afc14c9?source=rss------bug_bounty-5 | Ahmed Salem | cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 02-Apr-2025 |
Reverse Shell Commands and How to Detect Them | https://medium.com/@paritoshblogs/reverse-shell-commands-and-how-to-detect-them-084884150776?source=rss------bug_bounty-5 | Paritosh | bug-bounty, reverse-shell, information-technology, hacking, reverse-proxy | 02-Apr-2025 |
Web Security Vulnerabilities Every Pentester Should Know : | https://medium.com/@shamzen96/web-security-vulnerabilities-every-pentester-should-know-742f1e0fda42?source=rss------bug_bounty-5 | Shivam Raj | cybersecurity, bug-bounty, penetration-testing, ethical-hacking, web3 | 02-Apr-2025 |
5 Critical AWS Vulnerabilities You’re Responsible For (And How to Fix Them) | https://medium.com/@Cyber-AppSec/5-critical-aws-vulnerabilities-youre-responsible-for-and-how-to-fix-them-f7500c3e41fb?source=rss------bug_bounty-5 | Cyber-AppSec | aws, cyber-security-awareness, aws-security, bug-bounty, information-security | 02-Apr-2025 |
How This Simple Account Takeover Gave Me 800 EUR | https://medium.com/@dineshnarasimhan27/how-this-simple-account-takeover-gave-me-800-eur-7d88a2d13a56?source=rss------bug_bounty-5 | Dinesh Narasimhan | bug-bounty-tips, account-takeover, bug-bounty-writeup, bug-bounty, hackerone | 02-Apr-2025 |
How I Discovered a Critical Store XSS Vulnerability and Earned a $7,000 Bounty — My Struggle… | https://theindiannetwork.medium.com/how-i-discovered-a-critical-store-xss-vulnerability-and-earned-a-7-000-bounty-my-struggle-38d67b6f8ec8?source=rss------bug_bounty-5 | TheIndianNetwork | bug-bounty-tips, xss-attack, bug-bounty, xss-vulnerability, stored-xss | 02-Apr-2025 |
How I Found an SMTP Injection Bug & Earned $800 in Just 30 Minutes! | https://theindiannetwork.medium.com/ehow-i-found-an-smtp-injection-bug-earned-800-in-just-30-minutes-562f7e3b9a4a?source=rss------bug_bounty-5 | TheIndianNetwork | smtp-injection, bug-bounty, email-spoofing, bug-bounty-tips, smtp | 02-Apr-2025 |
How I Stumbled Upon a $5$$$ Data Leak — Just by Googling! | https://medium.com/@iski/how-i-stumbled-upon-a-5-data-leak-just-by-googling-99acd54fa7ac?source=rss------bug_bounty-5 | Iski | bug-bounty, money, bug-bounty-tips, hacking, cybersecurity | 02-Apr-2025 |
Zero to Pro The Ultimate Guide to CDX API for Your Bug Bounty Recon Journey: Let’s talk about the… | https://myselfakash20.medium.com/zero-to-pro-the-ultimate-guide-to-cdx-api-for-your-bug-bounty-recon-journey-lets-talk-about-the-353946e67872?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty-writeup, cybersecurity, technology, bug-bounty, bug-bounty-tips | 02-Apr-2025 |
My First NASA Bug Hunt — A Learning Experience! | https://medium.com/@warang.harmit/my-first-nasa-bug-hunt-a-learning-experience-9177b2eac0b0?source=rss------bug_bounty-5 | Harmit Warang (hwrng0x) | cybersecurity, ethical-hacking, infosec, bug-bounty, nasa | 02-Apr-2025 |
Earn Bounty by just Reading. | https://medium.com/@anandrishav2228/earn-bounty-by-just-reading-dffda7e4744f?source=rss------bug_bounty-5 | Rishav anand | cybersecurity, bug-bounty, hacking, ai, money | 02-Apr-2025 |
How to Find Your First Bug | https://infosecwriteups.com/how-to-find-your-first-bug-52f3d57cd63e?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, infosec, hacking, cybersecurity, ai | 02-Apr-2025 |
Bug Bounty Tips: Mastering XML-RPC Exploits Like a Pro | https://frostyxsec.medium.com/bug-bounty-hunters-mastering-xml-rpc-exploits-like-a-pro-8c9fa4c003cc?source=rss------bug_bounty-5 | Frostyxsec | bug-hunting, bug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 02-Apr-2025 |
Unlocking My First Bug Bounty: The Power of XSS Exploits Revealed! | https://medium.com/@rajeevmaurya82/unlocking-my-first-bug-bounty-the-power-of-xss-exploits-revealed-cbaa0ce98cc3?source=rss------bug_bounty-5 | Rajeevmaurya | bug-bounty-tips, bug-bounty, cybersecurity, xss-attack, bug-bounty-writeup | 02-Apr-2025 |
How I Bypassed an API Security Check | https://medium.com/@iamshafayat/how-i-bypassed-an-api-security-check-db99fbd8551d?source=rss------bug_bounty-5 | Shafayat Ahmed Alif | bug-bounty-writeup, cybersecurity, hacking, bug-bounty, bug-bounty-tips | 02-Apr-2025 |
8 Powerful Account Takeover (ATO) Methods and How to Exploit Them | https://medium.com/@verylazytech/8-powerful-account-takeover-ato-methods-and-how-to-exploit-them-4bafa2bdb0d0?source=rss------bug_bounty-5 | Very Lazy Tech | penetration-testing, hacking, bug-bounty, oscp, ethical-hacking | 02-Apr-2025 |
$25,000 Bounty just for sensitive information disclosure | https://infosecwriteups.com/25-000-bounty-just-for-sensitive-information-disclosure-c4f6c5a81795?source=rss------bug_bounty-5 | Mr Horbio | pentesting, hacking, cybersecurity, hackerone, bug-bounty | 02-Apr-2025 |
My Experience Reporting an XSS Vulnerability on Shein to HackerOne | https://medium.com/@24bkdoor/my-experience-reporting-an-xss-vulnerability-on-shein-to-hackerone-f482279a5e19?source=rss------bug_bounty-5 | 24BkDoor | bug-bounty, ethical-hacking, web, web-security, cybersecurity | 02-Apr-2025 |
“Hacking the Hackers!” — Saving the HackerOne from Data Breach | https://medium.com/@avinash_/hacking-the-hackers-saving-the-hackerone-from-data-breach-75e313fa4898?source=rss------bug_bounty-5 | Avinash Kumar | bug-bounty, bug-bounty-writeup, bug-bounty-tips, hackerone, hacking | 02-Apr-2025 |
Detecting and Blocking a Stealthy Adware: BJCAUpdate.exe Case Study | https://medium.com/@muhammetalgan3547/detecting-and-blocking-a-stealthy-adware-bjcaupdate-exe-case-study-d5cee8d7f248?source=rss------bug_bounty-5 | Muhammet ALGAN | hacking, cybersecurity, malware, bug-bounty | 02-Apr-2025 |
How i do recon | https://osintteam.blog/how-i-do-recon-d24bea0ff421?source=rss------bug_bounty-5 | Canonminibeast | hacking, bug-bounty-tips, bug-bounty-writeup, bug-bounty, reconnaissance | 02-Apr-2025 |
Cómo un Bug Bounty de $5,000 Puede Nacer de una Lectura Arbitraria de Archivos en Jenkins | https://medium.com/@zsodex/explotaci%C3%B3n-de-jenkins-lectura-arbitraria-de-archivos-y-escalada-de-privilegios-00197146678e?source=rss------bug_bounty-5 | zSodex | jenkins, bug-bounty, oscp-preparation, hackthebox, penetration-testing | 02-Apr-2025 |
How to Get Into Cybersecurity With No Experience? The Ultimate Beginner’s Guide (2025) | https://medium.com/@noahlott/how-to-get-into-cybersecurity-with-no-experience-the-ultimate-beginners-guide-2025-43b938d6d31b?source=rss------bug_bounty-5 | Noah Lott | bug-bounty, pentesting, beginners-guide, how-to, cybersecurity | 02-Apr-2025 |
Understanding HTTP Headers: A Bug Bounty Hunter’s Guide to Hidden Secrets️ | https://medium.com/@kazixabbir/understanding-http-headers-a-bug-bounty-hunters-guide-to-hidden-secrets-%EF%B8%8F-f52c5b297668?source=rss------bug_bounty-5 | Kazi Sabbir | web-security, bug-bounty, cybersecurity, ethical-hacking, web-development | 02-Apr-2025 |
Overprivileged API and Remote Code Execution (RCE) | https://medium.com/@rkvb/overprivileged-api-and-remote-code-execution-rce-0fa5e52b022d?source=rss------bug_bounty-5 | RkVb | infosec, bug-bounty-writeup, cybersecurity, bug-bounty, hacking | 02-Apr-2025 |
In-Depth Explanation of Each TCP Flag | https://medium.com/@zoningxtr/in-depth-explanation-of-each-tcp-flag-622d589b60e4?source=rss------bug_bounty-5 | Zoningxtr | pentesting, bug-bounty, tcp, ai, cybersecurity | 02-Apr-2025 |
The “Oops, I Own Your Account” Password Reset Bug | https://medium.com/@dineshkumar_56604/the-oops-i-own-your-account-password-reset-bug-8d7d5fea980a?source=rss------bug_bounty-5 | Dinesh Kumar | ethical-hacking, cybersecurity, bug-bounty | 02-Apr-2025 |
2FA Bypass By Response Manipulation | https://medium.com/@FuzzyyDuck/2fa-bypass-by-response-manipulation-f599c2e3341f?source=rss------bug_bounty-5 | Fuzzyy Duck | bug-bounty, bug-bounty-writeup, authentication-bypass, 2fa-authentication, 2fa-bypass | 01-Apr-2025 |
Best Tools for Bug Bounty Hunters: A Professional Guide | https://theindiannetwork.medium.com/best-tools-for-bug-bounty-hunters-a-professional-guide-b939335f4b9d?source=rss------bug_bounty-5 | TheIndianNetwork | hacking-tools, bug-bounty, bug-bounty-tips, hacker, bug-bounty-writeup | 01-Apr-2025 |
PATH HIJACKING TECHNIQUE THAT HELPS IN PRIVILEGE ESCALATION | https://infosecwriteups.com/path-hijacking-technique-that-helps-in-privilege-escalation-b2e12207ea7a?source=rss------bug_bounty-5 | Mr Horbio | bug-bounty, cybersecurity, pentesting, hacking, ethical-hacking | 01-Apr-2025 |
dKargo Warehouse Testnet Bug Bounty Program | https://medium.com/dkargo-eng/dkargo-warehouse-testnet-bug-bounty-program-9d70de4d2e7f?source=rss------bug_bounty-5 | dKargo | bug-bounty, announcements, testnet, dkargo, warehouse | 01-Apr-2025 |
API Recon via Google Dorking | https://medium.com/developersglobal/api-recon-via-google-dorking-5e72203dccc3?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty-tips, pentesting, cybersecurity, bug-bounty, api-testing | 01-Apr-2025 |
Never leave any API endpoint request unchecked during login or sign-up! | https://hiddendom.medium.com/never-leave-any-api-endpoint-request-unchecked-during-login-or-sign-up-2df8230de2ca?source=rss------bug_bounty-5 | Gokuleswaran B | bug-bounty-writeup, bug-bounty-tips, publications-on-medium, bug-bounty, indian-post-office | 01-Apr-2025 |
Practical SQL Injection Exploitation Cheat Sheet | https://medium.com/@verylazytech/practical-sql-injection-exploitation-cheat-sheet-75c75548f281?source=rss------bug_bounty-5 | Very Lazy Tech | sql-injection, ethical-hacking, hacking, bug-bounty, penetration-testing | 01-Apr-2025 |
A to Z বাগ বাউন্টি গাইড (HackerOne & Bugcrowd) | https://medium.com/@INTELEON404/a-to-z-%E0%A6%AC%E0%A6%BE%E0%A6%97-%E0%A6%AC%E0%A6%BE%E0%A6%89%E0%A6%A8%E0%A7%8D%E0%A6%9F%E0%A6%BF-%E0%A6%97%E0%A6%BE%E0%A6%87%E0%A6%A1-hackerone-bugcrowd-e31e9eb8c8a4?source=rss------bug_bounty-5 | SHEIKH MOHAMMAD ADIL | bugcrowd, hackerone, bug-bounty, roadmaps, bug-hunting | 01-Apr-2025 |
Find open directories in your bug bounty&pentesting targets. | https://medium.com/@loyalonlytoday/find-open-directories-in-your-bug-bounty-pentesting-targets-d8b96f13760f?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty-tips, bug-bounty, penetration-testing, hacking, cybersecurity | 01-Apr-2025 |
How My Name Crashed a Welcome Party: SSI to RCE Surprise! with $$$$ | https://medium.com/@iski/how-my-name-crashed-a-welcome-party-ssi-to-rce-surprise-with-f9b8a05ad138?source=rss------bug_bounty-5 | Iski | hacking, bug-bounty-tips, bug-bounty, money, cybersecurity | 01-Apr-2025 |
2FA Bypass Using a Simple trick | https://medium.com/@FuzzyyDuck/2fa-bypass-by-response-manipulation-f599c2e3341f?source=rss------bug_bounty-5 | Fuzzyy Duck | bug-bounty, bug-bounty-writeup, authentication-bypass, 2fa-authentication, 2fa-bypass | 01-Apr-2025 |
The Road to CRTP Cert - Part 30 | https://medium.com/@dineshkumaar478/the-road-to-crtp-cert-part-30-7f87ad387a35?source=rss------bug_bounty-5 | Dineshkumaar R | offensive-security, cybersecurity, hacking, bug-bounty, hackerone | 01-Apr-2025 |
How I Hacked the Voting System: A Deep Dive into Firebase and Firestore Security Vulnerabilities | https://medium.com/@anonymoussaid27/how-i-hacked-the-voting-system-a-deep-dive-into-firebase-and-firestore-security-vulnerabilities-f12227d1888b?source=rss------bug_bounty-5 | Anonymous27 | hacking, cybersecurity, penetration-testing, bug-bounty, firestore-database | 01-Apr-2025 |
Top 10 SSRF (Server-Side Request Forgery) Payloads That Work | https://medium.com/@vipulsonule71/top-10-ssrf-server-side-request-forgery-payloads-that-work-74fe68b381fa?source=rss------bug_bounty-5 | Vipul Sonule | ai, technology, bug-bounty, cybersecurity, hacking | 01-Apr-2025 |
You need to stop making this mistake in Bug Bounty! | https://medium.com/@deadoverflow/you-need-to-stop-making-this-mistake-in-bug-bounty-924725c66e68?source=rss------bug_bounty-5 | Imad Husanovic | programming, cybersecurity, hacking, bug-bounty, bug-bounty-tips | 01-Apr-2025 |
Easy $300: Template Injection | https://infosecwriteups.com/easy-300-template-injection-2ea1fc32cf07?source=rss------bug_bounty-5 | Abhijeet Kumawat | infosec, bug-bounty, template-injection, hacking, cybersecurity | 01-Apr-2025 |
How to Find API Keys Leaked in Public Repositories | https://medium.com/@vipulsonule71/how-to-find-api-keys-leaked-in-public-repositories-d5bfd29dedd9?source=rss------bug_bounty-5 | Vipul Sonule | ai, bug-bounty, hacking, penetration-testing, cybersecurity | 01-Apr-2025 |
Advanced Google Dorking | Part 18 | https://osintteam.blog/advanced-google-dorking-part-18-c96469860e01?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty, bug-bounty-tips, pentesting, ethical-hacking, cybersecurity | 01-Apr-2025 |
Business Logic Error Leads to Unauthorized Privilege Downgrade of Report Owner | https://som3a.medium.com/business-logic-error-leads-to-unauthorized-privilege-downgrade-of-report-owner-d34fcb43e0f3?source=rss------bug_bounty-5 | 0xSOM3A | bug-bounty, pentesting, bug-bounty-tips, cybersecurity, business-logic-bug | 01-Apr-2025 |
Never leave any API endpoint request unchecked during login or sign-up! | https://systemweakness.com/never-leave-any-api-endpoint-request-unchecked-during-login-or-sign-up-2df8230de2ca?source=rss------bug_bounty-5 | Gokuleswaran B | bug-bounty-writeup, bug-bounty-tips, publications-on-medium, bug-bounty, indian-post-office | 01-Apr-2025 |
IDOR Vulnerability in Payment Gateway Exposing User Order Details | https://medium.com/@Oiluminado_x86/idor-vulnerability-in-payment-gateway-exposing-user-order-details-d96d8e9453b8?source=rss------bug_bounty-5 | O iluminado_x86 | bug-bounty, cybersecurity, hacking, bug-bounty-tips | 31-Mar-2025 |
How I Hacked the IRCTC eCatering Portal | https://medium.com/@deepak7903800/how-i-hacked-the-irctc-ecatering-portal-e25aeb074b7e?source=rss------bug_bounty-5 | Deepak kumar | information-security, bug-bounty, ctf, hacking, cybersecurity | 31-Mar-2025 |
Next.js Middleware Authentication Bypass (CVE-2025–29927): Exploitation, Impact, and Mitigation | https://medium.com/@prashunbaral/next-js-middleware-authentication-bypass-cve-2025-29927-exploitation-impact-and-mitigation-2810f6f76bd9?source=rss------bug_bounty-5 | Prashun Baral | bug-bounty, cve-2025-29927, nextjs, vulnerability, cybersecurity | 31-Mar-2025 |
Advanced Fuzzing to find entry points to serious bugs! | https://aarnavsaboo.medium.com/fuzz-yo-67c26b24c7a0?source=rss------bug_bounty-5 | Aarnav Saboo | networking, bug-bounty, cybersecurity, vulnerability, ethical-hacking | 31-Mar-2025 |
AI-Powered SaaS Security: The Key to Protecting an Expanding Attack Surface | https://medium.com/@Cyber-AppSec/ai-powered-saas-security-the-key-to-protecting-an-expanding-attack-surface-9d3e4a34364d?source=rss------bug_bounty-5 | Cyber-AppSec | bug-bounty, bug-bounty-tips, application-security, information-technology, information-security | 31-Mar-2025 |
How I Made $9,000 in One Month from Bug Bounty | https://eulex.medium.com/how-i-made-9-000-in-one-month-from-bug-bounty-9403147b4d07?source=rss------bug_bounty-5 | Milad Safdari (Eulex) | bug-bounty, bug-bounty-tips, vulnerability, hacking, security-research | 31-Mar-2025 |
How I Accidentally Became the Sherlock Holmes of RCE! and made $$$ | https://medium.com/@iski/how-i-accidentally-became-the-sherlock-holmes-of-rce-and-made-b8857eefeecb?source=rss------bug_bounty-5 | Iski | hacking, infosec, cybersecurity, bug-bounty, money | 31-Mar-2025 |
Why is this the ultimate SQL injection tool out there in the market | https://medium.com/@gasmask/sqlmap-on-steroids-unleashing-sql-injection-b4602eefd4a3?source=rss------bug_bounty-5 | gasmask | hacking, linux, sqlmap, bug-bounty, penetration-testing | 31-Mar-2025 |
Never Underestimate Any API Key Leak. This is why I Got a Hall of Fame from “Your Dost” | https://hiddendom.medium.com/never-underestimate-any-api-key-leak-this-is-why-i-got-a-hall-of-fame-from-your-dost-25ef5a32dc7e?source=rss------bug_bounty-5 | Gokuleswaran B | penetration-testing, bug-bounty, bug-bounty-writeup, bug-bounty-tips, firebase | 31-Mar-2025 |
Bug Bounty Tips: Exploiting .git File Disclosure for Fun & Profit | https://frostyxsec.medium.com/bug-bounty-tips-exploiting-git-file-disclosure-for-fun-profit-5a85e82e580c?source=rss------bug_bounty-5 | Frostyxsec | bug-hunting, bug-bounty-tips, bug-bounty, cybersecurity, bug-hunter | 31-Mar-2025 |
From LFI to RCE: How I Turned a File Read into Shell Access | https://medium.com/@sujeetkamblesrk/from-lfi-to-rce-how-i-turned-a-file-read-into-shell-access-073ec2e5501e?source=rss------bug_bounty-5 | Sujeetkamblesrk | cybersecurity, bug-bounty | 31-Mar-2025 |
The Ultimate Roadmap to Becoming a Bug Bounty Hunter | https://medium.com/@aashifm/the-ultimate-roadmap-to-becoming-a-bug-bounty-hunter-7d4e0cedf5fd?source=rss------bug_bounty-5 | 127.0.0.1 | roadmaps, bug-bounty, bugs, vulnerability, tools | 31-Mar-2025 |
Bug Bounty Automation: Save Time with These Smart Hacking Scripts — @verylazytech | https://medium.com/@verylazytech/bug-bounty-automation-save-time-with-these-smart-hacking-scripts-verylazytech-5b42f6602636?source=rss------bug_bounty-5 | Very Lazy Tech | ethical-hacking, subdomain, penetration-testing, bug-bounty, hacking | 31-Mar-2025 |
DorkMine — Unleash the Power of Google Dorking Like Never Before! | https://gktomic.medium.com/dorkmine-unleash-the-power-of-google-dorking-like-never-before-0eca2f05e111?source=rss------bug_bounty-5 | Gopalakrishnan | cybersecurity, google-dorking, bug-bounty-writeup, bug-bounty, bug-bounty-tips | 31-Mar-2025 |
How I Accidentally Became the Sherlock Holmes of RCE! and made $$$ | https://infosecwriteups.com/how-i-accidentally-became-the-sherlock-holmes-of-rce-and-made-b8857eefeecb?source=rss------bug_bounty-5 | Iski | hacking, infosec, cybersecurity, bug-bounty, money | 31-Mar-2025 |
I Went on the Dark Web and Instantly Regretted It | https://medium.com/@vipulsonule71/i-went-on-the-dark-web-and-instantly-regretted-it-3fffd0583f03?source=rss------bug_bounty-5 | Vipul Sonule | tech, cybersecurity, darkweb, hacking, bug-bounty | 31-Mar-2025 |
How I Hacked My School Website (And Reported It!) | https://medium.com/@jithendhriyen/how-i-hacked-my-school-website-and-reported-it-ce5882b0f17a?source=rss------bug_bounty-5 | jithendhriyen | vulnerability, sql-injection, bug-bounty, information-security, hacking | 31-Mar-2025 |
ClatScope: The Ultimate OSINT Tool for Bug Bounty Hunters & Cyber Sleuths! | https://medium.com/@pentesterclubpvtltd/clatscope-the-ultimate-osint-tool-for-bug-bounty-hunters-cyber-sleuths-7a1ea4dbbb65?source=rss------bug_bounty-5 | Pentester Club | cybersecurity, ctf, bug-bounty, osint, hacking | 31-Mar-2025 |
Eyes OSINT: The Ultimate Bug Bounty Tool for Hackers & Cyber Sleuths! | https://medium.com/@pentesterclubpvtltd/eyes-osint-the-ultimate-bug-bounty-tool-for-hackers-cyber-sleuths-4bcd8c89b428?source=rss------bug_bounty-5 | Pentester Club | bug-bounty, hacking, osint, cybersecurity, ctf | 31-Mar-2025 |
Master NFS Enumeration with RPCScan & SuperEnum | Ultimate Bug Bounty & Pentesting Guide! | https://medium.com/@pentesterclubpvtltd/master-nfs-enumeration-with-rpcscan-superenum-ultimate-bug-bounty-pentesting-guide-aa4da7cf077c?source=rss------bug_bounty-5 | Pentester Club | cybersecurity, hacking, bug-bounty, ctf, massage-therapy | 31-Mar-2025 |
I Found a Critical Bug in JWT Authentication and Earned $10,000 — Here’s How You Can Too! | https://theindiannetwork.medium.com/i-found-a-critical-bug-in-jwt-authentication-and-earned-10-000-heres-how-you-can-too-8cec94913727?source=rss------bug_bounty-5 | TheIndianNetwork | jwt, bug-bounty, jwt-token, bug-bounty-tips, auth-bypass | 31-Mar-2025 |
My First Bug Bounty Success: Earning $500 by Uncovering a DoS Vulnerability | https://medium.com/@entit_y/my-first-bug-bounty-success-earning-500-by-uncovering-a-dos-vulnerability-f0456eb72576?source=rss------bug_bounty-5 | Entit_y | bug-bounty-writeup, web-hacking, cybersecurity, bug-bounty, bug-bounty-tips | 31-Mar-2025 |
Understanding Length Extension Attacks | https://medium.com/@mark-r/understanding-length-extension-attacks-855084c0170d?source=rss------bug_bounty-5 | Mark Roy | ctf-writeup, ctf, ctf-walkthrough, bug-bounty, penetration-testing | 30-Mar-2025 |
Unauthorized Therapist Association Vulnerability | https://medium.com/@EL_cazad0r/unauthorized-therapist-association-vulnerability-bd2979914af1?source=rss------bug_bounty-5 | EL_Cazad0r | bug-bounty-writeup, bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips | 30-Mar-2025 |
The Dark Side of Bug Bounty: From Rewards to Punishment | https://medium.com/@krivadna_87390/the-dark-side-of-bug-bounty-from-rewards-to-punishment-544a1a6f526e?source=rss------bug_bounty-5 | Krivadna | penetration-testing, infosec-write-ups, bug-bounty, bugbounty-writeup, cybersecurity | 30-Mar-2025 |
This Tool Helped me to find ORIGIN IP(Automated way) | https://infosecwriteups.com/this-tool-helped-me-to-find-origin-ip-automated-way-9a95632d65fe?source=rss------bug_bounty-5 | Canonminibeast | bug-bounty, cloudflare, ip, cybersecurity, hacking | 30-Mar-2025 |
Recently, I explored an efficient Small Scope Recon approach! | https://medium.com/@parthchheda777/recently-i-explored-an-efficient-small-scope-recon-approach-3c46a3bc549e?source=rss------bug_bounty-5 | Parthchheda | penetration-testing, cybersecurity, bug-bounty | 30-Mar-2025 |
Medium and Large Scope Recon | https://medium.com/@parthchheda777/medium-and-large-scope-recon-8fb8dd9eab15?source=rss------bug_bounty-5 | Parthchheda | cybersecurity, osint, penetration-testing, bug-bounty | 30-Mar-2025 |
How I Discovered an Account Takeover Vulnerability (And Earned $300!) | https://cybertamarin.medium.com/how-i-discovered-an-account-takeover-vulnerability-and-earned-300-063432bf8e1c?source=rss------bug_bounty-5 | Cyber Tamarin | ethical-hacking, bug-bounty, web-security, cybersecurity | 30-Mar-2025 |
How I Made $2000 from an Easy Bug | https://infosecwriteups.com/how-i-made-2000-from-an-easy-bug-a05f48e6c7c2?source=rss------bug_bounty-5 | Abhijeet Kumawat | infosec, hacking, cybersecurity, bug-bounty, money | 30-Mar-2025 |
Unlock Exclusive Discounts on My Udemy Courses! | https://medium.com/@deepdive4learn/unlock-exclusive-discounts-on-my-udemy-courses-829d1635a2f1?source=rss------bug_bounty-5 | DeepDive4learn | web-development, penetration-testing, bug-bounty, cybersecurity, aws-certification | 30-Mar-2025 |
The $1.7 Billion Blind Spot: How Web2 Flaws Are Wrecking Web3 Projects from the Inside | https://fr3ak-hacks.medium.com/the-1-7-billion-blind-spot-how-web2-flaws-are-wrecking-web3-projects-from-the-inside-bf03bbf1ef81?source=rss------bug_bounty-5 | Anindya Sankar Roy | web3-security, bug-bounty, web3, web3bugbounty, cryptocurrency | 30-Mar-2025 |
How I Found a Payment Tampering Bug and Almost Paid Zero Dollars! | https://infosecwriteups.com/how-i-found-a-payment-tampering-bug-and-almost-paid-zero-dollars-0933297f77f0?source=rss------bug_bounty-5 | Iski | bug-bounty, infosec, money, cybersecurity, hacking | 30-Mar-2025 |
Privilege Escalation via Registration Feature Writeup | https://medium.com/@malvinval/privilege-escalation-via-registration-feature-writeup-3f02c66b2391?source=rss------bug_bounty-5 | Malvin Valerian | ethical-hacking, cyber-security-awareness, bug-bounty, bug-bounty-writeup | 30-Mar-2025 |
Find Subdomains Like a Pro! | https://medium.com/@dharineeshj2/find-subdomains-like-a-pro-df2c169ce153?source=rss------bug_bounty-5 | Hack-Bat | bug-bounty, security, penetration-testing, hacking, cybersecurity | 30-Mar-2025 |
NoSQL Injection: How to Exploit, Identify, and Prevent (Step-by-Step Guide) | https://medium.com/@verylazytech/nosql-injection-how-to-exploit-identify-and-prevent-step-by-step-guide-a6c8b7ab60d6?source=rss------bug_bounty-5 | Very Lazy Tech | penetration-testing, nosql, exploit, ethical-hacking, bug-bounty | 30-Mar-2025 |
How to Find P4 Bugs Easily ️♂️ | https://medium.com/@vipulsonule71/how-to-find-p4-bugs-easily-%EF%B8%8F-%EF%B8%8F-e2b35416b82d?source=rss------bug_bounty-5 | Vipul Sonule | hacking, ethical-hacking, bug-bounty, penetration-testing, bug-bounty-tips | 30-Mar-2025 |
Cybersecurity in the Age of Remote Work: Protecting Your Workforce | https://medium.com/@nomitvyas.suncity/cybersecurity-in-the-age-of-remote-work-protecting-your-workforce-2220310aa4df?source=rss------bug_bounty-5 | Nomit Vyas | hacking, cybersecurity, news, bug-bounty, politics | 30-Mar-2025 |
How I Uncovered Sensitive Data in a Public Config File and Injected Fake Logs | https://medium.com/@iamshafayat/how-i-uncovered-sensitive-data-in-a-public-config-file-and-injected-fake-logs-46496eb18f50?source=rss------bug_bounty-5 | Shafayat Ahmed Alif | bug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup, bug-bounty-methodology | 30-Mar-2025 |
How I Bypassed 2 layers 2FA on a B2B Site,an awesome experience! | https://take0verx0.medium.com/how-i-bypassed-2fa-on-a-b2b-site-and-earned-a-critical-bug-bounty-ea4ff9e4094b?source=rss------bug_bounty-5 | Shahariar Amin | bug-bounty-tips, bug-bounty | 30-Mar-2025 |
Eldoria Realms — HackTheBox — Cyber Apocalypse 2025 | https://medium.com/@dassomnath/eldoria-realms-hackthebox-cyber-apocalypse-2025-ecde31783ec9?source=rss------bug_bounty-5 | Somnath Das | hacking, web, bug-bounty, ctf, ctf-writeup | 30-Mar-2025 |
Bug Bounty Hunter’s Nightmare: The Dark Secrets No One Talks About! ⚠️ | https://theindiannetwork.medium.com/bug-bounty-hunters-nightmare-the-dark-secrets-no-one-talks-about-%EF%B8%8F-f20971abcbee?source=rss------bug_bounty-5 | TheIndianNetwork | bug-bounty, bugs, bug-bounty-writeup, bug-bounty-tips, bug-zero | 30-Mar-2025 |
I Bypassed Admin Panel & Stole Data in Minutes! Easility Worth $7500 (Real-World Exploit) | https://theindiannetwork.medium.com/i-bypassed-admin-panel-stole-data-in-minutes-easility-worth-7500-real-world-exploit-da9b23fcdb4a?source=rss------bug_bounty-5 | TheIndianNetwork | bug-bounty-tips, bug-bounty-writeup, bug-bounty, broken-access-control, idor | 30-Mar-2025 |
Will AI Steal My Job as a Bug Hunter? The Truth About ChatGPT & Cybersecurity | https://medium.com/dare-to-be-better/will-ai-steal-my-job-as-a-bug-hunter-the-truth-about-chatgpt-cybersecurity-48897ec03ace?source=rss------bug_bounty-5 | Ahmad Javed | ai, cybersecurity, chatgpt, bug-bounty, tech-trends | 29-Mar-2025 |
150,000 Websites Hijacked by JavaScript Injection: How Hackers Are Promoting Chinese Gambling Sites | https://medium.com/@Cyber-AppSec/150-000-websites-hijacked-by-javascript-injection-how-hackers-are-promoting-chinese-gambling-sites-0e1e8eb2b990?source=rss------bug_bounty-5 | Cyber-AppSec | bug-bounty, information-technology, cybercrime, cyber-security-awareness, cybersecurity | 29-Mar-2025 |
Bug Hunting & Automation | https://medium.com/h7w/bug-hunting-automation-a284c3ff1967?source=rss------bug_bounty-5 | Monika sharma | penetration-testing, technology, tech, bug-bounty, bug-bounty-tips | 29-Mar-2025 |
Bug Bounty Tips: Subdomain Takeover — Explanation, Steps & Mitigation | https://frostyxsec.medium.com/bug-bounty-tips-subdomain-takeover-explanation-steps-mitigation-d5be0ea7f8b1?source=rss------bug_bounty-5 | Frostyxsec | bug-hunting, bug-bounty, cybersecurity, bug-bounty-tips, bug-hunter | 29-Mar-2025 |
Access Control in Smart Contracts: Why It’s Non-Negotiable | https://securrtech.medium.com/access-control-in-smart-contracts-why-its-non-negotiable-79af14523f28?source=rss------bug_bounty-5 | Securr - Web3 Security | blockchain-security, bug-bounty, smart-contract-security, smart-contract-auditing, web3-security | 29-Mar-2025 |
Why You Need Your Own Recon Strategy in Bug Bounty (And Why Copy-Pasting Won’t Make You Rich ) | https://myselfakash20.medium.com/why-you-need-your-own-recon-strategy-in-bug-bounty-and-why-copy-pasting-wont-make-you-rich-faccc53b3d87?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty-writeup, technology, bug-bounty, cybersecurity, bug-bounty-tips | 29-Mar-2025 |
How to Make Bug Bounty Easy? | https://infosecwriteups.com/how-to-make-bug-bounty-easy-f2164a69048c?source=rss------bug_bounty-5 | Abhijeet Kumawat | infosec, money, hacking, bug-bounty, cybersecurity | 29-Mar-2025 |
The “Immortal” Password Reset Link: A Bug Hunter’s Delight | https://medium.com/@garvsanwariya60/the-immortal-password-reset-link-a-bug-hunters-delight-f3233066b8c9?source=rss------bug_bounty-5 | Garvsanwariya | web-hacking, hacking, bug-bounty-tips, cyber-security-solutions, bug-bounty | 29-Mar-2025 |
Javascript Recon for Bug Bounty & Pentesting | https://medium.com/meetcyber/javascript-recon-for-bug-bounty-pentesting-3b22617007ec?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty-tips, bug-bounty, pentesting, cybersecurity, ethical-hacking | 29-Mar-2025 |
Building the Ultimate Docker-Based Bug Bounty Machine: Part 3 — GUI Frontend & Advanced… | https://medium.com/@WillFromSwiss/building-the-ultimate-docker-based-bug-bounty-machine-part-3-gui-frontend-advanced-4348d33fa0e5?source=rss------bug_bounty-5 | WillFromSwiss | hacking, bug-bounty, docker, metasploit, pentesting | 29-Mar-2025 |
Building the Ultimate Docker-Based Bug Bounty Machine: Part 2 — Workflows & Automation | https://medium.com/@WillFromSwiss/building-the-ultimate-docker-based-bug-bounty-machine-part-2-workflows-automation-9beff4a8b55d?source=rss------bug_bounty-5 | WillFromSwiss | docker, hacking-tools, bug-bounty, hacking, pentesting | 29-Mar-2025 |
Building the Ultimate Docker-Based Bug Bounty Machine: Part 1 — Setup & Installation | https://medium.com/@WillFromSwiss/building-the-ultimate-docker-based-bug-bounty-machine-part-1-setup-installation-fe829bde99a6?source=rss------bug_bounty-5 | WillFromSwiss | hacking, automation-testing, pentesting, docker, bug-bounty | 29-Mar-2025 |
Mastering Web Pentesting with Nuclei: From Installation to Advanced Techniques | https://medium.com/@WillFromSwiss/mastering-web-pentesting-with-nuclei-from-installation-to-advanced-techniques-8c0d734078ee?source=rss------bug_bounty-5 | WillFromSwiss | hacking, pentesting, nucleus, bug-bounty, cybersecurity | 29-Mar-2025 |
Mastering F5 GTM (BIG-IP DNS): Advanced Traffic Management & Global Load Balancing! | https://medium.com/@deepdive4learn/mastering-f5-gtm-big-ip-dns-advanced-traffic-management-global-load-balancing-36267066359a?source=rss------bug_bounty-5 | DeepDive4learn | cybersecurity, bug-bounty, load-balancing, dns, networking | 29-Mar-2025 |
Master F5 BIG-IP — Limited-Time Promo Codes Inside! | https://medium.com/@deepdive4learn/master-f5-big-ip-limited-time-promo-codes-inside-178c0360f925?source=rss------bug_bounty-5 | DeepDive4learn | cybersecurity, web-development, penetration-testing, bug-bounty, aws | 29-Mar-2025 |
I Built the Ultimate Docker-Based Bug Bounty Machine That Transformed My Workflow | https://medium.com/@WillFromSwiss/i-built-the-ultimate-docker-based-bug-bounty-machine-that-transformed-my-workflow-47a3bf651895?source=rss------bug_bounty-5 | WillFromSwiss | docker, pentesting, bug-bounty, cybersecurity, hacking | 29-Mar-2025 |
What Happens on Next.js? | https://cubeesecgroup.medium.com/what-happens-on-next-js-c1e8e6b2161b?source=rss------bug_bounty-5 | CUBeeSEC Securities | cve-2025-29927, bug-bounty, nextjs, vulnerability-assessment, penetration-testing | 29-Mar-2025 |
When Amazon Gave Me Free Storage (But I Gave It Back) | https://medium.com/@iski/when-amazon-gave-me-free-storage-but-i-gave-it-back-9734c058cd05?source=rss------bug_bounty-5 | Iski | cybersecurity, bug-bounty, s3-bucket, bug-bounty-tips, aws | 29-Mar-2025 |
Biggest Information Disclosure Bug I Found Today — Easily Worth $800+ in Bug Bounty! | https://theindiannetwork.medium.com/biggest-information-disclosure-bug-i-found-today-easily-worth-800-in-bug-bounty-e2d5bcfb1569?source=rss------bug_bounty-5 | TheIndianNetwork | information-technology, bug-bounty, information-disclosure, information-security, bug-bounty-tips | 29-Mar-2025 |
I Found Cache Poisoning & Earned $500 in Just a Few Minutes! | https://theindiannetwork.medium.com/i-found-cache-poisoning-earned-500-in-just-a-few-minutes-78337a437d55?source=rss------bug_bounty-5 | TheIndianNetwork | cache, cache-poisoning, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 29-Mar-2025 |
I Found Host Header Injection & Got a Quick $1,000 Bounty! (Full Guide) | https://theindiannetwork.medium.com/i-found-host-header-injection-got-a-quick-1-000-bounty-full-guide-0573ea19ab19?source=rss------bug_bounty-5 | TheIndianNetwork | host-header, bug-bounty-writeup, bug-bounty-tips, host-header-injection, bug-bounty | 29-Mar-2025 |
Reflected XSS via X-Forwarded-For Header on https://api.target.com/ip | https://medium.com/@ugs20b126_cic.rajesh/reflected-xss-via-x-forwarded-for-header-on-https-api-target-com-ip-96642a4a49ed?source=rss------bug_bounty-5 | Rajesh Sagar | infosec, bug-bounty, xss-vulnerability | 29-Mar-2025 |
A Next.js vulnerability lets attackers bypass middleware using trailing slashes and URL encoding. | https://cubeesecgroup.medium.com/what-happens-on-next-js-c1e8e6b2161b?source=rss------bug_bounty-5 | CUBeeSEC Securities | cve-2025-29927, bug-bounty, nextjs, vulnerability-assessment, penetration-testing | 29-Mar-2025 |
Top 5 Websites for Information Gathering — Part 1 | https://cyberw1ng.medium.com/top-5-websites-for-information-gathering-part-1-90b36746f5b5?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, bug-bounty, programming, technology | 29-Mar-2025 |
Mastering Logic Bugs: A Checklist for Bug Hunters PART 2 { IDOR } | https://medium.com/@mahdisalhi0500/mastering-logic-bugs-a-checklist-for-bug-hunters-part-2-idor-6f411e90509d?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | bug-bounty, cybersecurity, hacking, penetration-testing, infosec | 29-Mar-2025 |
“No Good Deed Goes Unnoticed? Not in Cybersecurity.” : An unlucky hacker’s Story | https://medium.com/@nijina7/no-good-deed-goes-unnoticed-not-in-cybersecurity-an-unlucky-hackers-story-3ebbb74e5b9e?source=rss------bug_bounty-5 | Nijin K | cybersecurity, hacking, bugs, bug-bounty-writeup, bug-bounty | 29-Mar-2025 |
When Amazon Gave Me Free Storage (But I Gave It Back) | https://awstip.com/when-amazon-gave-me-free-storage-but-i-gave-it-back-9734c058cd05?source=rss------bug_bounty-5 | Iski | cybersecurity, bug-bounty, s3-bucket, bug-bounty-tips, aws | 29-Mar-2025 |
Finding Information Disclosure Bugs Like a Pro | https://osintteam.blog/finding-information-disclosure-bugs-like-a-pro-19f9840d3f63?source=rss------bug_bounty-5 | Monika sharma | penetration-testing, hacking, bug-bounty, bug-bounty-tips, technology | 28-Mar-2025 |
Understanding Web Request Methods and Responses | https://medium.com/@aashifm/understanding-web-request-methods-and-responses-4a7abc8e1cba?source=rss------bug_bounty-5 | 127.0.0.1 | http-request, http-response, cybersecurity, web-penetration-testing, bug-bounty | 28-Mar-2025 |
Earn $1000: Account Takeover by This Methodology | https://infosecwriteups.com/earn-1000-account-takeover-by-this-methodology-cc1cbf6d9eae?source=rss------bug_bounty-5 | Abhijeet Kumawat | aot, cybersecurity, hacking, bug-bounty, infosec | 28-Mar-2025 |
Practical OSINT Commands for Cyber Investigations | https://medium.com/@paritoshblogs/practical-osint-commands-for-cyber-investigations-3e6b039b4b4b?source=rss------bug_bounty-5 | Paritosh | osint, information-technology, threat-intelligence, cybersecurity, bug-bounty | 28-Mar-2025 |
DOM-Based Cross-Site Scripting (XSS) | https://medium.com/@anandrishav2228/dom-based-cross-site-scripting-xss-828c223a80f3?source=rss------bug_bounty-5 | Rishav anand | money, hacking, infosec, bug-bounty, cybersecurity | 28-Mar-2025 |
How I Found an Unauthorized RCE Bug in an Amazon EC2 Instance Using Censys | https://medium.com/@swarooppatil3125/how-i-found-an-unauthorized-rce-bug-in-an-amazon-ec2-instance-using-censys-82c8bac79467?source=rss------bug_bounty-5 | Swarooppatil | cybersecurity, money, bug-bounty, code, remote-code-execution | 28-Mar-2025 |
How to Find Hidden API Endpoints That Lead to Critical Bugs | https://medium.com/@vipulsonule71/how-to-find-hidden-api-endpoints-that-lead-to-critical-bugs-054310629e64?source=rss------bug_bounty-5 | Vipul Sonule | penetration-testing, hacking, bug-bounty, ai, cybersecurity | 28-Mar-2025 |
OSINT Secrets: How Hackers and Investigators Uncover Hidden Information | https://osintteam.blog/osint-secrets-how-hackers-and-investigators-uncover-hidden-information-5303ee570cc6?source=rss------bug_bounty-5 | Elie Attieh | penetration-testing, open-source-intelligence, cybersecurity, osint, bug-bounty | 28-Mar-2025 |
CVE-2025-31080 WordPress HTML Forms Plugin <= 1.5.1 Vulnerable to Cross-Site Scripting (XSS) | https://abhinav-porwal.medium.com/cve-2025-31080-wordpress-html-forms-plugin-1-5-1-vulnerable-to-cross-site-scripting-xss-ae6ec99b7dd3?source=rss------bug_bounty-5 | Abhinav Porwal | ethical-hacking, bug-bounty, hacking, information-security, infosec | 28-Mar-2025 |
Is Bug Bounty Easy? | https://infosecwriteups.com/is-bug-bounty-easy-f1ae04ceb8e6?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, infosecurity, cybersecurity, hacking | 28-Mar-2025 |
Critical Wallet Connection Bug Found on OpenSea Deals | https://medium.com/@emrahcoban_84107/critical-wallet-connection-bug-found-on-opensea-deals-55f071c26288?source=rss------bug_bounty-5 | Emrah Çoban | web3, github, qa, bug-bounty, metamask | 28-Mar-2025 |
I Found HTTP Request Smuggling & Got a Huge Bug Bounty! (Full Exploit Guide) | https://theindiannetwork.medium.com/i-found-http-request-smuggling-got-a-huge-bug-bounty-full-exploit-guide-1ac855ee1695?source=rss------bug_bounty-5 | TheIndianNetwork | bug-bounty-tips, http-request-smuggling, bug-bounty, http-request, bug-bounty-writeup | 28-Mar-2025 |
I Found Remote Code Execution in a Cookie & Earned $5000! (Full Exploit Guide) | https://theindiannetwork.medium.com/i-found-remote-code-execution-in-a-cookie-earned-5000-full-exploit-guide-d2e07d5b253c?source=rss------bug_bounty-5 | TheIndianNetwork | rce-vulnerability, bug-bounty, remote-code-execution, rce, bug-bounty-tips | 28-Mar-2025 |
The Ultimate SSRF Testing Guide: Unleash the Hidden Web Secrets (2025) | https://theindiannetwork.medium.com/the-ultimate-ssrf-testing-guide-unleash-the-hidden-web-secrets-2025-8c151068cedf?source=rss------bug_bounty-5 | TheIndianNetwork | ssrf-attack, bug-bounty-writeup, bug-bounty, ssrf, bug-bounty-tips | 28-Mar-2025 |
How A Null Character Was Used to Bypass Payments | https://medium.com/@diogo.gouveia2/how-a-null-character-was-used-to-bypass-payments-7b417932dede?source=rss------bug_bounty-5 | Diogo Gouveia | pentesting, bug-bounty-writeup, cybersecurity, bug-bounty, penetration-testing | 28-Mar-2025 |
A Great tool for bug bounty hunters and Osint investigators. | https://medium.com/@loyalonlytoday/a-great-tool-for-bug-bounty-hunters-and-osint-investigators-4e8c88d92f3a?source=rss------bug_bounty-5 | loyalonlytoday | cybersecurity, bug-bounty, investigation, osint, awareness | 28-Mar-2025 |
My First Bug Report: Logical Flaw in Task Completion Allows Unauthorized Coin Increment via Request… | https://medium.com/@jaga08official/my-first-bug-report-logical-flaw-in-task-completion-allows-unauthorized-coin-increment-via-request-ab63fe7259b7?source=rss------bug_bounty-5 | Jaga | bug-hunting, bug-bounty, vulnerability-disclosure, ethical-hacking, cybersecurity | 28-Mar-2025 |
The Naked-Eye Bug Hunt: Finding Flaws Without a Single Tool | https://strangerwhite.medium.com/the-naked-eye-bug-hunt-finding-flaws-without-a-single-tool-bc4b448cefaf?source=rss------bug_bounty-5 | StrangeRwhite | hacking, bug-bounty-tips, cybersecurity, writeup, bug-bounty | 28-Mar-2025 |
Bug Bounty Hunting — Complete Guide (Part-125) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-125-e1adee54884d?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, cybersecurity, ethical-hacking, bug-bounty-tips, hacking | 28-Mar-2025 |
Risk Management in Cybersecurity: Assessing Probability vs. Impact | https://medium.com/@deepdive4learn/risk-management-in-cybersecurity-assessing-probability-vs-impact-46ea0016c083?source=rss------bug_bounty-5 | DeepDive4learn | api, web-development, penetration-testing, cybersecurity, bug-bounty | 28-Mar-2025 |
Why SAST is a Must-Have Skill for AppSec Professionals! | https://sahildari.medium.com/why-sast-is-a-must-have-skill-for-appsec-professionals-014cc40f98fc?source=rss------bug_bounty-5 | Sahil Dari | bug-bounty, cybersecurity, appsec, sast | 28-Mar-2025 |
The Zombie Bug — Critical CVE 2025 Story | https://0xparth.medium.com/the-zombie-bug-critical-cve-2025-story-6cccb20ee8f5?source=rss------bug_bounty-5 | Parth Shukla | vulnerability, ai, bug-bounty, cybersecurity, technology | 28-Mar-2025 |
This Tool Helped me to find ORIGIN IP(Automated way) | https://medium.com/@canonminibeast/this-tool-helped-me-to-find-origin-ip-automated-way-d3eb76da3487?source=rss------bug_bounty-5 | Canonminibeast | hacking, cybersecurity, bug-bounty, hacking-tools, web-pen-testing | 28-Mar-2025 |
Static Application Security Testing SAST Series: Part 1 | https://sahildari.medium.com/sast-series-part-1-a7cf18df0022?source=rss------bug_bounty-5 | Sahil Dari | cybersecurity, appsec, sast, path-manipulation, bug-bounty | 28-Mar-2025 |
How To Deal With Open Ports & Nmap Like a Pro? | https://medium.com/@nnface/how-to-deal-with-open-ports-nmap-like-a-pro-6126ef0d9339?source=rss------bug_bounty-5 | NnFace | cybersecurity, hacking, nmap, bug-bounty, kali-linux | 28-Mar-2025 |
Part 3: Advanced Techniques & Use Cases of Nuclei for Bug Bounty | https://cyberw1ng.medium.com/part-3-advanced-techniques-use-cases-of-nuclei-for-bug-bounty-1fb810800b8c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | programming, technology, cybersecurity, careers, bug-bounty | 28-Mar-2025 |
How I Found a $10,000 Typo: A Beginner’s Guide to Bug Bounty Hunting | https://medium.com/meetcyber/how-i-found-a-10-000-typo-a-beginners-guide-to-bug-bounty-hunting-4550f5af21fa?source=rss------bug_bounty-5 | Ahmad Javed | tech-career, ethical-hacking, bug-bounty, cybersecurity, learn-to-code | 28-Mar-2025 |
️Insecure Direct Object Reference (IDOR) — Unauthorized Account Access | https://medium.com/@Oiluminado_x86/%EF%B8%8Finsecure-direct-object-reference-idor-unauthorized-account-access-dd4018b98fa9?source=rss------bug_bounty-5 | O iluminado_x86 | idor-vulnerability, bug-bounty-tips, privilege-escalation, bug-bounty, cybersecurity | 28-Mar-2025 |
How AI is Changing the Bug Bounty Landscape (And Why Hackers Aren’t Mad About It) | https://cybersecuritywriteups.com/how-ai-is-changing-the-bug-bounty-landscape-and-why-hackers-arent-mad-about-it-34e2936cf640?source=rss------bug_bounty-5 | Ahmad Javed | cybersecurity, bug-bounty, ai, ethical-hacking, penetration-testing | 27-Mar-2025 |
Information Disclosure leads To Unauthorized Access (easy github dork) | https://medium.com/@Oiluminado_x86/information-disclosure-leads-to-unauthorized-access-easy-github-dork-7fb94821d30c?source=rss------bug_bounty-5 | O iluminado_x86 | bug-bounty, information-disclosure, hacking, penetration-testing | 27-Mar-2025 |
From 0 to 100K: How Gamification is Turning Bug Hunting into a Crypto-Style Grind | https://medium.com/meetcyber/from-0-to-100k-how-gamification-is-turning-bug-hunting-into-a-crypto-style-grind-253e30b7e828?source=rss------bug_bounty-5 | Ahmad Javed | cybersecurity, ethical-hacking, penetration-testing, pentesting, bug-bounty | 27-Mar-2025 |
How I Made $1,000 in a Day Exposing a Critical Vulnerability | https://medium.com/@ibtissamhammadi/how-i-made-1-000-in-a-day-exposing-a-critical-vulnerability-3742ac0e58df?source=rss------bug_bounty-5 | Ibtissam Hammadi | passive-income, ethical-hacking, makemoney-online, bug-bounty, cybersecurity | 27-Mar-2025 |
How to Choose the Right Bug Bounty Programs as a Beginner | https://osintteam.blog/how-to-choose-the-right-bug-bounty-programs-as-a-beginner-3cdfdd86b0c3?source=rss------bug_bounty-5 | Vivek PS | bug-bounty, programming, hacking, web-development, cybersecurity | 27-Mar-2025 |
How I Found a CSRF Vulnerability in Profile Picture Deletion | https://medium.com/@EL_cazad0r/how-i-found-a-csrf-vulnerability-in-profile-picture-deletion-b95bf8e6d579?source=rss------bug_bounty-5 | EL_Cazad0r | bug-bounty-writeup, bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips | 27-Mar-2025 |
Facebook Reels Post Audience Privacy Misconfiguration : Meta Bug Bounty (3000 USD) | https://zerocode-ph.medium.com/facebook-reels-post-audience-privacy-misconfiguration-meta-bug-bounty-3000-usd-805e39ab7948?source=rss------bug_bounty-5 | Syd Ricafort (0cod3) | facebook-bug-bounty, meta-bug-bounty, bug-bounty | 27-Mar-2025 |
HackTheBox Certified Bug Bounty Hunter Study Notes & Guide | https://motasemhamdan.medium.com/hackthebox-certified-bug-bounty-hunter-study-notes-guide-d05360f200dd?source=rss------bug_bounty-5 | Motasem Hamdan | infosec, bug-bounty, cybersecurity, hacking, hackthebox | 27-Mar-2025 |
Automate Open Redirection and XSS Testing with URL Auto Opener | https://medium.com/@GrayWhite/automate-open-redirection-and-xss-testing-with-url-auto-opener-61af38087c54?source=rss------bug_bounty-5 | CrookSec | xss-hunting, cybersecurity, open-redirection, url-testing, bug-bounty | 27-Mar-2025 |
Debugging PostgreSQL Installation on macOS | https://funnymous43.medium.com/debugging-postgresql-installation-on-macos-a49d2aa343a0?source=rss------bug_bounty-5 | hipster' Santos | postgresql, backend, python, bug-bounty, database | 27-Mar-2025 |
Mastering Hydra: The Ultimate Brute-Force Cheatsheet for Ethical Hackers | https://medium.com/@cybrpunked/mastering-hydra-tool-the-biggest-cheatsheet-you-will-ever-need-7a050110a802?source=rss------bug_bounty-5 | Cybrpunked | infosec, bug-bounty, cybersecurity, hacking, pentesting | 27-Mar-2025 |
The Ultimate XSS Scanner & Parameter Analysis Tool for Bug Hunters | https://medium.com/cyberscribers-exploring-cybersecurity/the-ultimate-xss-scanner-parameter-analysis-tool-for-bug-hunters-3c37111ac267?source=rss------bug_bounty-5 | Elie Attieh | cybersecurity, bug-hunting, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 27-Mar-2025 |
How I Hacked Medium (And Medium Hacked Me Back) | https://osintteam.blog/how-i-hacked-medium-and-medium-hacked-me-back-c34d48f9199a?source=rss------bug_bounty-5 | Vivek PS | cybersecurity, bug-bounty, web-development, hacking, programming | 27-Mar-2025 |
HostTracer: A Powerful Tool for DNS and Hosting Reconnaissance | https://medium.com/@GrayWhite/hosttracer-a-powerful-tool-for-dns-and-hosting-reconnaissance-e2f78ca525b4?source=rss------bug_bounty-5 | CrookSec | reconnaissance, whois, bug-bounty, dns-lookup, hosting | 27-Mar-2025 |
RCE Via File upload And How To Fix It | https://medium.com/@snpxblack2006/rce-via-file-upload-and-how-to-fix-it-b2f39e745c27?source=rss------bug_bounty-5 | everythingBlackkk | cybersecurity, hacking, bug-bounty, php, web-development | 27-Mar-2025 |
How I found 4 vulnerabilities in only 1 day? | https://systemweakness.com/how-i-found-4-vulnerabilities-in-only-1-day-473a870b583a?source=rss------bug_bounty-5 | Imad Husanovic | ethical-hacking, bug-bounty-tips, bug-bounty, cybersecurity, programming | 27-Mar-2025 |
Hidden Backdoors in Web Apps: How Hackers Exploit Them ✨ | https://medium.com/@vipulsonule71/hidden-backdoors-in-web-apps-how-hackers-exploit-them-6f99c0abd918?source=rss------bug_bounty-5 | Vipul Sonule | hackthebox, tryhackme, hacking, writing, bug-bounty | 27-Mar-2025 |
No Risk? Think Again — The DoS Twist That Led to $$$ | https://medium.com/@0xNayelx/no-risk-think-again-the-dos-twist-that-led-to-0152d6cc1327?source=rss------bug_bounty-5 | 0xNayel | ctf, bug-bounty-tips, pentesting, bug-bounty-writeup, bug-bounty | 27-Mar-2025 |
Bug Bounty Hunting — Complete Guide (Part-124) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-124-5dcab5e4c9a1?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, bug-bounty-tips, hacking, bug-bounty, ethical-hacking | 27-Mar-2025 |
Advanced Techniques & Use Cases of Nuclei for Bug Bounty | https://cyberw1ng.medium.com/advanced-techniques-use-cases-of-nuclei-for-bug-bounty-22be32c09d1b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | technology, careers, bug-bounty, programming, cybersecurity | 27-Mar-2025 |
Account Takeover via Leaked Email Verification Token | https://medium.com/@kalvik/account-takeover-via-leaked-email-verification-token-2612fef3e2d4?source=rss------bug_bounty-5 | Vikash Maurya | account-takeover, bug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking | 27-Mar-2025 |
From Blind XSS to Full Server Takeover | https://medium.com/@0xnuy/from-blind-xss-to-full-server-takeover-0f63ead701ab?source=rss------bug_bounty-5 | Nuy | penetration-testing, rce, bug-bounty-writeup, bug-bounty, web-vulnerabilities | 26-Mar-2025 |
Domain and Subdomain Enumeration: A Practical Guide for Effective Reconnaissance | https://osintteam.blog/domain-and-subdomain-enumeration-a-practical-guide-for-effective-reconnaissance-9660c40f4e37?source=rss------bug_bounty-5 | Dzianis Skliar | osint, bug-bounty, reconnaissance, bug-bounty-tips, subdomains-enumeration | 26-Mar-2025 |
Stealing Money at the Speed of Light: Exploiting Race Conditions for Financial Fraud in… | https://myselfakash20.medium.com/stealing-money-at-the-speed-of-light-exploiting-race-conditions-for-financial-fraud-in-a14c2086f5c0?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty, programming, bug-bounty-tips, technology, cybersecurity | 26-Mar-2025 |
Top 10 Vulnerabilities Every Bug Hunter Should Exploit in 2025 | https://medium.com/@vipulsonule71/top-10-vulnerabilities-every-bug-hunter-should-exploit-in-2025-df28045f6fca?source=rss------bug_bounty-5 | Vipul Sonule | hacking, ethical-hacking, penetration-testing, cybersecurity, bug-bounty | 26-Mar-2025 |
How SSRF Leads to RCE in a .NET Application | https://medium.com/@0xUN7H1NK4BLE/how-ssrf-leads-to-rce-in-a-net-application-ee1b13812245?source=rss------bug_bounty-5 | 0xUN7H1NK4BLE | rce-vulnerability, ssrf, bug-bounty, lfi, web-exploitation | 26-Mar-2025 |
(Ⅱ) Android Identity Authentication: A Game of Cat and Mouse between Developers and “Hackers” | https://medium.com/@security.tecno/%E2%85%B1-android-identity-authentication-a-game-of-cat-and-mouse-between-developers-and-hackers-b1b1789453b0?source=rss------bug_bounty-5 | TECNO Security | security, hacking, android, development, bug-bounty | 26-Mar-2025 |
500s for $560: How I Turned Twitter into My Cash Piñata | https://stevenfloresca.medium.com/500s-for-560-how-i-turned-twitter-into-my-cash-pi%C3%B1ata-3054e5fd66d0?source=rss------bug_bounty-5 | Steven Floresca | twitter, security, information-security, bug-bounty-tips, bug-bounty | 26-Mar-2025 |
How Hackers Abuse XML-RPC to Launch Bruteforce and DDoS Attacks | https://infosecwriteups.com/how-hackers-abuse-xml-rpc-to-launch-bruteforce-and-ddos-attacks-40be5b310960?source=rss------bug_bounty-5 | coffinxp | hacking, wordpress, bug-bounty, penetration-testing, bug-bounty-tips | 26-Mar-2025 |
I Asked for 200 OK, Apache Gave Me Its Diary Instead | https://medium.com/@iski/i-asked-for-200-ok-apache-gave-me-its-diary-instead-6e5b114a6f46?source=rss------bug_bounty-5 | Iski | bug-bounty, injective, servers, apache, bug-bounty-tips | 26-Mar-2025 |
Advanced Thick Client Penetration Testing: Techniques, Methodologies, and Execution (Part 2)… | https://infosecwriteups.com/advanced-thick-client-penetration-testing-techniques-methodologies-and-execution-part-2-db5738997535?source=rss------bug_bounty-5 | Ajay Naik | thick-client-security, cybersecurity, information-security, bug-bounty, penetration-testing | 26-Mar-2025 |
Bug Bounty Tips: How to Find Hidden API Keys in JavaScript Files Like a Pro! | https://frostyxsec.medium.com/bug-bounty-tips-how-to-find-hidden-api-keys-in-javascript-files-like-a-pro-6797a31f9cf8?source=rss------bug_bounty-5 | Frostyxsec | bug-bounty-tips, bug-bounty, bug-hunting, penetration-testing, cybersecurity | 26-Mar-2025 |
This easy attack can give you $2000 . | https://medium.com/@anandrishav2228/this-easy-attack-can-give-you-2000-86e236b5caa5?source=rss------bug_bounty-5 | Rishav anand | cybersecurity, money, servers, hacker, bug-bounty | 26-Mar-2025 |
How I Found My First P1 in a Bug Bounty Program | https://cyxbugs.medium.com/how-i-found-my-first-p1-in-a-bug-bounty-program-a82e6c8cea46?source=rss------bug_bounty-5 | Cyx | bug-bounty-writeup, cybersecurity, bug-bounty, pentesting | 26-Mar-2025 |
Bug Bounty 101 | https://meravytes.medium.com/bug-bounty-101-3e5ca050134f?source=rss------bug_bounty-5 | Meravytes | meravytes, bug-bounty, cybersecurity, ethical-hacking | 26-Mar-2025 |
Rate Limit Bypass in Password Reset Functionality | https://medium.com/@FuzzyyDuck/rate-limit-bypass-in-password-reset-functionality-bf4b997c9bae?source=rss------bug_bounty-5 | Fuzzyy Duck | bug-bounty, rate-limit-bypass, bug-bounty-writeup, race-condition-exploit, vulnerability | 26-Mar-2025 |
The Sweetest Hack: How a ₹100 Cake Discount Gave Me a Panic Attack | https://osintteam.blog/the-sweetest-hack-how-a-100-cake-discount-gave-me-a-panic-attack-85eaf62f7cf8?source=rss------bug_bounty-5 | Vivek PS | web-development, bug-bounty, hacking, programming, cybersecurity | 26-Mar-2025 |
Finding subdomains from SSL certificates | https://medium.com/@loyalonlytoday/finding-subdomains-from-ssl-certificates-6d879a41d5d3?source=rss------bug_bounty-5 | loyalonlytoday | reconnaissance, ethical-hacking, subdomains-enumeration, cybersecurity, bug-bounty | 26-Mar-2025 |
Windows Exploitation: Beginner’s Guide to Buffer Overflow (Old OSCP-Level) | https://medium.com/@verylazytech/windows-exploitation-beginners-guide-to-buffer-overflow-old-oscp-level-de07b653f287?source=rss------bug_bounty-5 | Very Lazy Tech | bug-bounty, buffer-overflow, oscp, cybersecurity, penetration-testing | 26-Mar-2025 |
JWT (JSON Web Token) Security Risks: Common Vulnerabilities and Exploits Every Bug Hunter Should… | https://infosecwriteups.com/jwt-json-web-token-security-risks-common-vulnerabilities-and-exploits-every-bug-hunter-should-d3fa4182a329?source=rss------bug_bounty-5 | Elie Attieh | jwt, cybersecurity, pentesting, bug-bounty, bug-hunting | 26-Mar-2025 |
Understanding and Testing for Content Security Policy (CSP) | https://medium.com/@MutexSec/understanding-and-testing-for-content-security-policy-csp-ab01c74a9a1f?source=rss------bug_bounty-5 | Exhaustedmutex | bug-bounty-tips, red-team, pentesting, bug-bounty, penetration-testing | 26-Mar-2025 |
AI Safety Bug Bounty 101 | https://pointlessai.medium.com/ai-safety-bug-bounty-101-50f78c88781b?source=rss------bug_bounty-5 | PointlessAI Blog | ai-alignment-and-safety, ai-safety, bug-bounty, ai, bug-bounty-hunter | 26-Mar-2025 |
How to Pay High Bounty in Bug Hunting | https://medium.com/@vipulsonule71/how-to-pay-high-bounty-in-bug-hunting-38691343f3bc?source=rss------bug_bounty-5 | Vipul Sonule | technology, penetration-testing, ethical-hacking, hacking, bug-bounty | 26-Mar-2025 |
Bug Bounty Hunting — Complete Guide (Part-123) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-123-bb98d1457663?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, ethical-hacking, bug-bounty, hacking, bug-bounty-tips | 26-Mar-2025 |
Zero Trust: Why Your Office Needs a Nightclub Bouncer | https://medium.com/the-shortform/zero-trust-why-your-office-needs-a-nightclub-bouncer-b21afd41aad0?source=rss------bug_bounty-5 | Ahmad Javed | hacker, hacking, zero-trust, bug-bounty, cybersecurity | 26-Mar-2025 |
web cache deception on vdp program | https://medium.com/@Dorking1/web-cache-deception-on-private-program-eab62d869866?source=rss------bug_bounty-5 | Doorking | bug-bounty-writeup, penetration-testing, bug-bounty | 26-Mar-2025 |
Advanced Techniques to Bypass Restricted shell | Privilege Escalation Tutorial | https://systemweakness.com/advanced-techniques-to-bypass-restricted-shell-privilege-escalation-tutorial-a02015ebaf49?source=rss------bug_bounty-5 | Mr Horbio | cybersecurity, bug-bounty, ethical-hacking, penetration-testing, hacking | 26-Mar-2025 |
Zero to Hero in bug bounty by ‘Vibe Coding’ | https://medium.com/@nsteckercs/zero-to-hero-in-bug-bounty-by-vibe-coding-b74efc9a1259?source=rss------bug_bounty-5 | Zaxie | bug-bounty, technology, education, cybersecurity, hacking | 26-Mar-2025 |
The Power of Nuclei for Bug Bounty Hunting | https://cyberw1ng.medium.com/the-power-of-nuclei-for-bug-bounty-hunting-ded98a8a47a7?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, technology, bug-bounty, programming | 26-Mar-2025 |
Manipulating Response: A Deep Dive into Exploitation => $650 | https://ehteshamulhaq198.medium.com/manipulating-responses-a-deep-dive-into-exploitation-650-bf5933efe202?source=rss------bug_bounty-5 | Ehtesham Ul Haq | bug-bounty, penetration-testing, infosec, writeup, cybersecurity | 26-Mar-2025 |
Inayat hussain chohan (Security Researcher’s journey ) | https://inayathussain.medium.com/inayat-hussain-chohan-security-researchers-journey-1bf0499e27d9?source=rss------bug_bounty-5 | Inayat Hussain | penetration-testing, ethical-hacking, bug-bounty, cybersecurity, information-technology | 26-Mar-2025 |
Private Keys vs Seed Phrases: What You Need to Know | https://medium.com/@itsamanyadav/private-keys-vs-seed-phrases-what-you-need-to-know-71fc6bb70cc4?source=rss------bug_bounty-5 | Its Aman Yadav | bug-bounty, secuirty, seed-phrase, private-key, web3-security-audit | 25-Mar-2025 |
Discovering publicly exposed data in AWS S3 and Google Cloud Storage | https://kkamalesh117.medium.com/discovering-publicly-exposed-data-in-aws-s3-and-google-cloud-storage-5f9583807e7d?source=rss------bug_bounty-5 | Kamalesh D | hacker, bug-bounty, aws, google, cybersecurity | 25-Mar-2025 |
AI vs. Bug Hunters: How ChatGPT is Rewriting the Rules of Vulnerability Discovery | https://medium.com/meetcyber/ai-vs-bug-hunters-how-chatgpt-is-rewriting-the-rules-of-vulnerability-discovery-6eae02514f6c?source=rss------bug_bounty-5 | Ahmad Javed | bug-bounty-ai, bug-bounty, future-of-hacking, cybersecurity, penetration-testing | 25-Mar-2025 |
The Dark Side of Bug Bounty Hunting: Frustrations No One Talks About | https://osintteam.blog/the-dark-side-of-bug-bounty-hunting-frustrations-no-one-talks-about-ad1b502a5815?source=rss------bug_bounty-5 | Vivek PS | web-development, bug-bounty, cybersecurity, programming, hacking | 25-Mar-2025 |
Uncovering a Hidden Logic Flow-A Deep Dive into Exploitation! | https://medium.com/@AhmedSamy-X/uncovering-a-hidden-logic-flow-a-deep-dive-into-exploitation-824e1dec12cc?source=rss------bug_bounty-5 | Ahmedsamy | cybersecurity, web-exploitation, bug-bounty, penetration-testing, information-security | 25-Mar-2025 |
Introduction to Bug Bounty Programs: How to Legally Get Paid for Hacking (Yes, Really!) | https://medium.com/@theautobot/introduction-to-bug-bounty-programs-how-to-legally-get-paid-for-hacking-yes-really-bfbfd84b2933?source=rss------bug_bounty-5 | theAutoBot | bugs, bug-bounty, bug-bounty-writeup, hacking-for-defense, bug-bounty-tips | 25-Mar-2025 |
One-Click Account Hijacking on TikTok | https://infosecwriteups.com/one-click-account-hijacking-on-tiktok-b0d211288abe?source=rss------bug_bounty-5 | Abhijeet Kumawat | hacking, tik-tok, bug-bounty, cybersecurity, infosec | 25-Mar-2025 |
Hacking APIs :SQL Injection Attack | https://iaraoz.medium.com/hacking-apis-sql-injection-attack-7c13a7b1f6fb?source=rss------bug_bounty-5 | Israel Aráoz Severiche | bug-bounty, cybersecurity, api-development, owasp, hacking | 25-Mar-2025 |
Hacking APIs: Authentication Attack | https://iaraoz.medium.com/hacking-apis-authentication-attack-100623725721?source=rss------bug_bounty-5 | Israel Aráoz Severiche | hacking, api, cybersecurity, bug-bounty, apps | 25-Mar-2025 |
Top Bug Bounty Platforms Every Ethical Hacker Should Know | https://medium.com/@dasmanish6176/top-bug-bounty-platforms-every-ethical-hacker-should-know-9fc5d736fa1d?source=rss------bug_bounty-5 | Dasmanish | ethical-hacking, infosec, bug-bounty | 25-Mar-2025 |
Which Cybersecurity Course Should I Take? A Comprehensive Guide | https://medium.com/@verylazytech/which-cybersecurity-course-should-i-take-a-comprehensive-guide-fd5d64786efc?source=rss------bug_bounty-5 | Very Lazy Tech | ethical-hacking, osep, bug-bounty, penetration-testing, oscp | 25-Mar-2025 |
Advanced Techniques for Finding and Exploiting Outdated Software | https://medium.com/@shadyfarouk1986/advanced-techniques-for-finding-and-exploiting-outdated-software-f85f8862e514?source=rss------bug_bounty-5 | Shady Farouk | hacking-training, bug-bounty, pentesting, ethical-hacking, bounty-program | 25-Mar-2025 |
Finding JavaScript Files on Websites Using Automation | https://cyberw1ng.medium.com/finding-javascript-files-on-websites-using-automation-f8b8e03e3d66?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, bug-bounty, programming, technology | 25-Mar-2025 |
Bypass Restricted shell | Privilege Escalation Techniques [EJpt exam] | https://infosecwriteups.com/bypass-restricted-shell-privilege-escalation-techniques-ejpt-exam-cfe1eb470db9?source=rss------bug_bounty-5 | Mr Horbio | ethical-hacking, bug-bounty, pentesting, cybersecurity, hacking | 25-Mar-2025 |
OS Command | https://medium.com/@520hazem/os-command-c1b7364ddd63?source=rss------bug_bounty-5 | Hazem | portswigger-lab, pentesting, pentester, bug-bounty, os-command-injection | 25-Mar-2025 |
Networking Basics for Ethical Hackers | https://medium.com/@akashfalaskar/networking-basics-for-ethical-hackers-99816dc1a2b2?source=rss------bug_bounty-5 | Akash Falaskar | cybersecurity, red-team, bug-bounty, ethical-hacking, networking | 25-Mar-2025 |
Bypassing AppLock Pattern via Shared Preferences Analysis | https://medium.com/@youssefhussein212103168/bypassing-applock-pattern-via-shared-preferences-analysis-7bf1bb631dd3?source=rss------bug_bounty-5 | Youssefhussein | security, bug-bounty, cybersecurity, android, penetration-testing | 25-Mar-2025 |
I Want YOU, Hacker To Read This story… | https://medium.com/@nnface/i-want-you-hacker-to-read-this-story-2d16079d6e36?source=rss------bug_bounty-5 | NnFace | bug-bounty, ethical-hacking, hacking, writing, cybersecurity | 25-Mar-2025 |
Authentication | https://medium.com/@520hazem/authentication-ac63cf7ed785?source=rss------bug_bounty-5 | Hazem | bug-bounty, portswigger-lab, authentication, pentester, pentesting | 24-Mar-2025 |
How to Find Hidden API Endpoints That Lead to Critical Bugs | https://bitpanic.medium.com/how-to-find-hidden-api-endpoints-that-lead-to-critical-bugs-97a38ca40efe?source=rss------bug_bounty-5 | Spectat0rguy | technology, bug-bounty, programming, ai-generated-content, cybersecurity | 24-Mar-2025 |
Think You’re Ready for Real-World Hacking? Think Again | https://medium.com/@timsuxwales/think-youre-ready-for-real-world-hacking-think-again-1565c6bb27ed?source=rss------bug_bounty-5 | Timsux Wales | cybersecurity, bug-bounty, penetration-testing, infosec, hacking | 24-Mar-2025 |
Metasploit Framework Commands for Penetration Testing | https://medium.com/@paritoshblogs/metasploit-framework-commands-for-penetration-testing-505ef6063698?source=rss------bug_bounty-5 | Paritosh | metasploit, information-security, bug-bounty, cybersecurity, hacking | 24-Mar-2025 |
How I Found a Major Security Flaw in a Popular Platform… And They Ignored It. | https://medium.com/@rakshitshetty59/how-i-found-a-major-security-flaw-in-a-popular-platform-and-they-ignored-it-dd569ce694ce?source=rss------bug_bounty-5 | Rakshitshetty | ethical-hacking, cybersecurity, bug-bounty, web-vulnerabilities, sql-injection | 24-Mar-2025 |
Account Take-over Via Password Reset Poisoning | https://medium.com/@umd04843/account-take-over-via-password-reset-poisoning-e2a8a2f8a642?source=rss------bug_bounty-5 | Mohamed Usman | bug-bounty, cybersecurity, bug-bounty-tips, vapt, bug-bounty-writeup | 24-Mar-2025 |
How I Made $100,000 Discovering a Kernel Vulnerability! (With Exploit Code) | https://theindiannetwork.medium.com/how-i-made-100-000-discovering-a-kernel-vulnerability-with-exploit-code-695f4ff18a78?source=rss------bug_bounty-5 | TheIndianNetwork | bug-bounty-tips, kernel, zero-day, bug-bounty, karnel-exploit | 24-Mar-2025 |
SSRF Advanced Methodology✨ | https://infosecwriteups.com/ssrf-advanced-methodology-9583fdf2ae3c?source=rss------bug_bounty-5 | Abhijeet Kumawat | hacking, bug-bounty, methodology, ssrf, infosec | 24-Mar-2025 |
Exploiting JavaScript Execution in PDFs & How to Prevent It | https://frostyxsec.medium.com/exploiting-javascript-execution-in-pdfs-how-to-prevent-it-9e30cf3fe3ef?source=rss------bug_bounty-5 | Frostyxsec | bug-bounty, bug-hunting, web-security, cybersecurity, vulnerability | 24-Mar-2025 |
(Ⅰ) Android Identity Authentication: A Game of Cat and Mouse between Developers and “Hackers” | https://medium.com/@security.tecno/%E2%85%B0-android-identity-authentication-a-game-of-cat-and-mouse-between-developers-and-hackers-73eda7a36253?source=rss------bug_bounty-5 | TECNO Security | hacking, bug-bounty, blog, developer, android | 24-Mar-2025 |
The story of XSS that leads to ATO | https://sahandami.medium.com/the-story-of-xss-that-leads-to-ato-edf23f55a47e?source=rss------bug_bounty-5 | SahandAmi | ato, account-takeover, csrf-token, bug-bounty, xs | 24-Mar-2025 |
From Zero to First Bug Bounty: A Step-by-Step Guide That Anyone Can Follow! | https://osintteam.blog/from-zero-to-first-bug-bounty-a-step-by-step-guide-that-anyone-can-follow-247657eec2d7?source=rss------bug_bounty-5 | Vivek PS | bug-bounty, web-development, hacking, cybersecurity, programming | 24-Mar-2025 |
Advanced Thick Client Penetration Testing — Techniques, Methodologies, and Execution -PART -1… | https://infosecwriteups.com/advanced-thick-client-penetration-testing-techniques-methodologies-and-execution-part-1-c49c7bdb1d0b?source=rss------bug_bounty-5 | Ajay Naik | thick-client-security, information-security, bug-bounty, cybersecurity, information-technology | 24-Mar-2025 |
How to Start Your Career in Web3 Security and Make Millions $$$$$$ | https://medium.com/@whhackerbsac/how-to-start-your-career-in-web3-security-and-make-millions-a07c8aa3ee62?source=rss------bug_bounty-5 | Bsac Hunter | web3, cybersecurity, web3-security, blockchain, bug-bounty | 24-Mar-2025 |
The Dark Side of Invite Links: A Race Condition Exploit Story (English-Hindi) | https://medium.com/@ajay.kumar.695632/the-dark-side-of-invite-links-a-race-condition-exploit-story-english-hindi-257d5bd8e9c5?source=rss------bug_bounty-5 | Ajay Kumar | bugs, bug-bounty-writeup, bug-bounty, bug-bounty-tips, bugcrowd | 24-Mar-2025 |
The Ultimate Guide to Price Manipulation Vulnerabilities: Techniques, Case Studies & Advanced… | https://infosecwriteups.com/the-ultimate-guide-to-price-manipulation-vulnerabilities-techniques-case-studies-advanced-0e1a24c5ee3d?source=rss------bug_bounty-5 | Ajay Naik | information-security, penetration-testing, bug-bounty, price-manipulation, cybersecurity | 24-Mar-2025 |
How to Detect API Keys and Secrets Hiding in a Web Application | https://medium.com/@aviwolicki/how-to-detect-api-keys-and-secrets-hiding-in-a-web-application-8470945c229d?source=rss------bug_bounty-5 | Avi W | web-application-security, bug-bounty, cybersecurity | 24-Mar-2025 |
Cybersecurity for Beginners: Protect Yourself Like a Pro | https://medium.com/@agranesamia2/cybersecurity-for-beginners-protect-yourself-like-a-pro-08cc41af9c21?source=rss------bug_bounty-5 | Amisaa | bug-bounty, cybersecurity, ethical-hacking, ctf, online-privacy | 24-Mar-2025 |
Mastering Bug Bounty Hunting: Exploring Different Types of Payloads for Effective Exploitation | https://medium.com/@cybertips96/mastering-bug-bounty-hunting-exploring-different-types-of-payloads-for-effective-exploitation-40f922c057f4?source=rss------bug_bounty-5 | Cybertips | bug-bounty-tips, bug-bounty, payload | 24-Mar-2025 |
Bug Find | https://medium.com/@ashrafulhossainrafi22/bug-find-47717daa7977?source=rss------bug_bounty-5 | Ashraful Hossain Rafi | bug-bounty | 24-Mar-2025 |
Custom Dorks to find Bug Bounty Programs | https://medium.com/developersglobal/custom-dorks-to-find-bug-bounty-programs-4867da4b9ebf?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty-tips, bug-bounty, bug-bounty-hunter, google-dork, bug-bounty-program | 24-Mar-2025 |
Automated Information Gathering from Websites | https://cyberw1ng.medium.com/automated-information-gathering-from-websites-9c2975861497?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | technology, programming, bug-bounty, careers, cybersecurity | 24-Mar-2025 |
CSRF | https://medium.com/@520hazem/dw-98bdac9232c6?source=rss------bug_bounty-5 | Hazem | bug-bounty, csrf-bypass, csrf, portswigger-lab, pentesting | 24-Mar-2025 |
CVE-2025–29927 — Bypass de Middleware en Next.js | https://medium.com/@juanfelipeoz.rar/cve-2025-29927-bypass-de-middleware-en-next-js-80e900285cf5?source=rss------bug_bounty-5 | Juan Felipe Osorio Z | nextjs, bug-bounty, ciberseguridad, cve-2025-29927, hacking | 24-Mar-2025 |
Custom Dorks to find Bug Bounty Programs | https://osintteam.blog/custom-dorks-to-find-bug-bounty-programs-4867da4b9ebf?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty-tips, bug-bounty, bug-bounty-hunter, google-dork, bug-bounty-program | 24-Mar-2025 |
12 Windows Command Line Hacks for Incident Responders | https://medium.com/@paritoshblogs/12-windows-command-line-hacks-for-incident-responders-d9e95ef1c3a3?source=rss------bug_bounty-5 | Paritosh | cybersecurity, hacking, bug-bounty, information-technology, incident-response | 23-Mar-2025 |
Network Pentesting -Active/Passive Information gathering like Pro Part -2 | https://medium.com/@Cyber_siva/network-pentesting-active-passive-information-gathering-like-pro-part-2-cdbeec6b9300?source=rss------bug_bounty-5 | Siva Sankar | cybersecurity, bug-bounty, networking | 23-Mar-2025 |
picoCTF Web Exploitation: SSTI1 | https://medium.com/@Kamal_S/picoctf-web-exploitation-ssti1-e2363b1885a0?source=rss------bug_bounty-5 | Kamal S | bug-bounty, picoctf, ssti, command-injection, ssti1 | 23-Mar-2025 |
How I Exploited an SSRF Vulnerability & Earned $5000 — Real-World Exploit! | https://theindiannetwork.medium.com/how-i-exploited-an-ssrf-vulnerability-earned-5000-real-world-exploit-e8ded56ef9ce?source=rss------bug_bounty-5 | TheIndianNetwork | ssrf-vulnerability, server-side-request, bug-bounty-tips, bug-bounty, ssrf-attack | 23-Mar-2025 |
I Found a Zero-Day Exploit & Got Paid $3000 — Full Real-World Breakdown! | https://theindiannetwork.medium.com/i-found-a-zero-day-exploit-got-paid-3000-full-real-world-breakdown-42cb6d307699?source=rss------bug_bounty-5 | TheIndianNetwork | bug-bounty-tips, bug-bounty, bug-bounty-writeup, zero-day, zero-day-vulnerability | 23-Mar-2025 |
I Hacked a Million-Dollar Website with Just a Text Box — Earned $25,000! (Full Story) | https://theindiannetwork.medium.com/i-hacked-a-million-dollar-website-with-just-a-text-box-earned-25-000-full-story-bef4a8ec28fe?source=rss------bug_bounty-5 | TheIndianNetwork | xss-vulnerability, stored-xss, xss-attack, bug-bounty, bug-bounty-tips | 23-Mar-2025 |
️ How to Build a Perfect Bug Bounty Methodology | https://medium.com/@vipulsonule71/%EF%B8%8F-how-to-build-a-perfect-bug-bounty-methodology-0dacf715874e?source=rss------bug_bounty-5 | Vipul Sonule | bug-bounty, technology, hacking, penetration-testing, ethical-hacking | 23-Mar-2025 |
CORS | https://medium.com/@520hazem/cors-add835d8de3b?source=rss------bug_bounty-5 | Hazem | bug-bounty, pentesting, portswigger-lab, portswigger, cors | 23-Mar-2025 |
The Ultimate Guide to Subdomain Enumeration for Bug Bounty Hunters | https://medium.com/@thexnumb/the-ultimate-guide-to-subdomain-enumeration-for-bug-bounty-hunters-73b60fca62bc?source=rss------bug_bounty-5 | Thexnumb | infosec, bug-bounty, cybersecurity, hacking, penetration-testing | 23-Mar-2025 |
Broken Access Control leads to Addition of Malicious Files / Inclusion of Sensitive Files. | https://medium.com/@saurabhcsec/broken-access-control-leads-to-addition-of-malicious-files-inclusion-of-sensitive-files-4d0b424e1515?source=rss------bug_bounty-5 | Saurabhcsec | bug-bounty-writeup, web-development, cybersecurity, hacking, bug-bounty | 23-Mar-2025 |
Why SAST is a Must-Have Skill for AppSec Professionals! | https://sahildari.medium.com/why-sast-is-a-must-have-skill-for-appsec-professionals-6090e98eb15f?source=rss------bug_bounty-5 | Sahil Dari | secure-coding, appsec, sast, cybersecurity, bug-bounty | 23-Mar-2025 |
️ Work-from-Home Bug Bounty: How to Get Started & Succeed | https://medium.com/@vipulsonule71/%EF%B8%8F-work-from-home-bug-bounty-how-to-get-started-succeed-ce2ee466d9cb?source=rss------bug_bounty-5 | Vipul Sonule | writing-tips, bug-bounty, writing, technology, hacking | 23-Mar-2025 |
How I Got a Bug Bounty Using Only Recon | https://medium.com/@drhtunaungkyaw1993/how-i-got-a-bug-bounty-using-only-recon-b0c0e92f2503?source=rss------bug_bounty-5 | Htun Aung Kyaw | hacking, myanmar, bug-bounty, pentest, yeswehack | 23-Mar-2025 |
Cracking a Password-Protected ZIP File with John the Ripper — A Hands-On Guide | https://medium.com/@rundcodehero/cracking-a-password-protected-zip-file-with-john-the-ripper-a-hands-on-guide-1aea0f6b3627?source=rss------bug_bounty-5 | Randi Adhityas Saputra | crack-passwords, bug-bounty, pentest, john-the-ripper | 23-Mar-2025 |
Bug Bounty Hunting — Complete Guide (Part-122) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-122-5b7edf5b959c?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, cybersecurity, hacking, bug-bounty-tips, ethical-hacking | 23-Mar-2025 |
How I Got a Bug Bounty Reward Using Only Recon | https://medium.com/@drhtunaungkyaw1993/how-i-got-a-bug-bounty-using-only-recon-b0c0e92f2503?source=rss------bug_bounty-5 | Htun Aung Kyaw | hacking, myanmar, bug-bounty, pentest, yeswehack | 23-Mar-2025 |
Hacking with GitHub’s hidden gems for subdomain enumeration. | https://medium.com/h7w/hacking-with-githubs-hidden-gems-for-subdomain-enumeration-a1266d4a019c?source=rss------bug_bounty-5 | Abhishek pawar | programming, bug-bounty, github, hacking, domains | 23-Mar-2025 |
Internet Archive: Wayback Hunting for Bug Bounty Hunters | https://osintteam.blog/internet-archive-wayback-hunting-for-bug-bounty-hunters-36b112011a7c?source=rss------bug_bounty-5 | RivuDon | wayback-machine, bug-bounty-writeup, infosec, bug-bounty-tips, bug-bounty | 23-Mar-2025 |
Subdomain Found! Now What? (Part 2) | https://osintteam.blog/subdomain-found-now-what-part-2-2c2835f459ca?source=rss------bug_bounty-5 | Monika sharma | bug-bounty, penetration-testing, hacking, bug-bounty-tips, technology | 23-Mar-2025 |
How I Accidentally Bypassed a Paywall and Got User Data for Free | https://northstar1.medium.com/how-i-accidentally-bypassed-a-paywall-and-got-user-data-for-free-de73f98a51da?source=rss------bug_bounty-5 | NorthStar | burp-suite-pro, bug-bounty-tips, bug-bounty, bug-bounty-writeup, idor-vulnerability | 23-Mar-2025 |
OSINT Techniques for Finding Leaked Credentials on Telegram | https://medium.com/@0xblackd3v/osint-techniques-for-finding-leaked-credentials-on-telegram-abefee04e19e?source=rss------bug_bounty-5 | Blackd3v | bug-bounty, bugs, cybersecurity, hacking | 23-Mar-2025 |
Understanding Privilege Escalation in Web Applications | https://cyberw1ng.medium.com/understanding-privilege-escalation-in-web-applications-c560e641b93b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, technology, bug-bounty, programming | 23-Mar-2025 |
Breaking Down CVSS: Understanding Vulnerability Scores Like a Hacker | https://medium.com/@jkyne6368/breaking-down-cvss-understanding-vulnerability-scores-like-a-hacker-de85b114d07c?source=rss------bug_bounty-5 | Jordilla | hacking, bug-bounty, cybersecurity, freelancing, aws | 22-Mar-2025 |
How I Found a $4,837 SQLi Bug in Just 17 Minutes | https://medium.com/@ibtissamhammadi/how-i-found-a-4-837-sqli-bug-in-just-17-minutes-8a4c778d2057?source=rss------bug_bounty-5 | Ibtissam Hammadi | bug-bounty, sql, web-security, ethical-hacking, cybersecurity | 22-Mar-2025 |
Discovering and Exploiting a Path Traversal Vulnerability in Chromium’s md_browser Tool | https://medium.com/@piyushbhor22/chromiums-path-traversal-vulnerability-ece8be276859?source=rss------bug_bounty-5 | Pi - The Kernel Panic | code-analysis, bug-bounty, chromium, vulnerability-assessment, path-traversal | 22-Mar-2025 |
Common and Security Vulnerabilities in Restaking Layers | https://securrtech.medium.com/common-and-security-vulnerabilities-in-restaking-layers-110c61049892?source=rss------bug_bounty-5 | Securr - Web3 Security | blockchain-security, web3-security, smart-contract-security, smart-contract-auditing, bug-bounty | 22-Mar-2025 |
Information Disclosure — Exposed Order Details via Shipping Status API | https://medium.com/@mIna_x1/information-disclosure-exposed-order-details-via-shipping-status-api-7fd177364d12?source=rss------bug_bounty-5 | Mina Ashraf | bug-bounty, bug-bounty-writeup, cyper-security | 22-Mar-2025 |
LegionHunter VPS Setup Script for Bug Bounty & Pentesting | https://medium.com/developersglobal/legionhunter-vps-setup-script-for-bug-bounty-pentesting-298d3ef16964?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty, vps, pentesting, vps-server, linux | 22-Mar-2025 |
Microsoft 365 Copilot For Work: Image Data Exfiltration From SharePoint | https://infosecwriteups.com/microsoft-365-copilot-for-work-image-data-exfiltration-from-sharepoint-644bc818a5db?source=rss------bug_bounty-5 | Cyd Tseng | microsoft, bug-bounty, cybersecurity, microsoft-copilot, vulnerability | 22-Mar-2025 |
Finding new apex domains in a unique way. | https://infosecwriteups.com/finding-new-apex-domains-in-a-unique-way-87404d8dfa1d?source=rss------bug_bounty-5 | loyalonlytoday | penetration-testing, bug-bounty-tips, bug-bounty, apex, cybersecurity | 22-Mar-2025 |
LFI Advanced Methodology by Abhijeet | https://medium.com/@Abhijeet_kumawat_/lfi-advanced-methodology-by-abhijeet-9993b827db53?source=rss------bug_bounty-5 | Abhijeet Kumawat | infosec, cybersecurity, lfi, bug-bounty, hacking | 22-Mar-2025 |
How I Bypassed 403 Forbidden & Accessed Restricted Pages — Real-World Exploit! | https://theindiannetwork.medium.com/how-i-bypassed-403-forbidden-accessed-restricted-pages-real-world-exploit-e19ccb18bbbb?source=rss------bug_bounty-5 | TheIndianNetwork | bug-bounty-tips, bug-bounty-writeup, bug-bounty, 403-forbidden, 403-bypass | 22-Mar-2025 |
How I Deleted Accounts With Just an Email Address | https://medium.com/@preetham._.kumar/how-i-deleted-accounts-with-just-an-email-address-d50d60bd6308?source=rss------bug_bounty-5 | StunnerSec | cybersecurity, hacking, bug-bounty, ethical-hacking, penetration-testing | 22-Mar-2025 |
TheHarvester: A Powerful OSINT Tool for Cybersecurity Professionals | https://medium.com/@alidrabkih/theharvester-a-powerful-osint-tool-for-cybersecurity-professionals-cc8660876f31?source=rss------bug_bounty-5 | Ali Drabkih | bug-bounty, tools, hacking, cybrt | 22-Mar-2025 |
Hunting Bugs: My Favorite Flaws | https://hackergod00001.medium.com/hunting-bugs-my-favorite-flaws-9b405a8b9f9d?source=rss------bug_bounty-5 | Hackergod00001 | cybersecurity, secrets, bug-bounty-tips, knowledge, bug-bounty | 22-Mar-2025 |
LFI Advanced Methodology by Abhijeet | https://infosecwriteups.com/lfi-advanced-methodology-by-abhijeet-9993b827db53?source=rss------bug_bounty-5 | Abhijeet Kumawat | infosec, cybersecurity, lfi, bug-bounty, hacking | 22-Mar-2025 |
Mastering DeFi Security Through Hands-On Hacking Challenges | https://medium.com/@schofieldleonard8/mastering-defi-security-through-hands-on-hacking-challenges-98914ed3a260?source=rss------bug_bounty-5 | Leonard Schofield | defi-strategy, crypto-hack, web3-security, crypto-exploit, bug-bounty | 22-Mar-2025 |
How I Made $4,500 in My First Month Bug Hunting | https://medium.com/@ibtissamhammadi/how-i-made-4-500-in-my-first-month-bug-hunting-5985a2b6f143?source=rss------bug_bounty-5 | Ibtissam Hammadi | bug-bounty, bug-hunting, cybersecurity, hacking, technology | 22-Mar-2025 |
Web Hacking Series - Part 1: HTTP Basics – The Invisible Language of the Web | https://medium.com/@cybertips96/web-hacking-series-part-1-http-basics-the-invisible-language-of-the-web-7e007fd06e7b?source=rss------bug_bounty-5 | Cybertips | bug-bounty | 22-Mar-2025 |
The Ultimate Guide to Bug Bounty Hunting: How to Get Started and Succeed | https://medium.com/@HexaGaurd/the-ultimate-guide-to-bug-bounty-hunting-how-to-get-started-and-succeed-74bb31926190?source=rss------bug_bounty-5 | HexaGaurd | bug-bounty-hunter, bug-bounty, cybersecurity, ethical-hacking, bugbounty-poc | 22-Mar-2025 |
✨ The Art of Reconnaissance: How Hackers Gather Intel | https://medium.com/@vipulsonule71/the-art-of-reconnaissance-how-hackers-gather-intel-a665e9c58762?source=rss------bug_bounty-5 | Vipul Sonule | penetration-testing, bug-bounty, cybersecurity, ai, hacking | 22-Mar-2025 |
Pico CTF: Easy Challenges | Part - 1 | https://medium.com/@john1robert2000/pico-ctf-easy-challenges-part-1-8cd54e389dd0?source=rss------bug_bounty-5 | Rizwan | bug-bounty, ctf-walkthrough | 22-Mar-2025 |
Chaining Low-Severity Bugs for Critical Impact — Turning Tiny Holes into Major Exploits | https://osintteam.blog/chaining-low-severity-bugs-for-critical-impact-turning-tiny-holes-into-major-exploits-95a996bbda92?source=rss------bug_bounty-5 | Vivek PS | bug-bounty, web-development, ethical-hacking, cybersecurity, programming | 22-Mar-2025 |
Shhh…Be Quiet Hacker. | https://medium.com/meetcyber/shhh-be-quiet-hacker-4048643f590d?source=rss------bug_bounty-5 | NnFace | hacking, bug-bounty, it, cybersecurity, quiet | 22-Mar-2025 |
Unauthorized Access to “About” Feature via Parameter Manipulation | https://mmnahian.medium.com/unauthorized-access-to-about-feature-via-parameter-manipulation-b85b08796b87?source=rss------bug_bounty-5 | mmnahian | penetration-testing, bug-bounty, bug-bounty-tips, infosec, bug-bounty-writeup | 22-Mar-2025 |
PAT-tastrophe: How We Hacked Virtuals’ $4.6B Agentic AI & Cryptocurrency Ecosystem | https://medium.com/@gonzo-hacks/pat-tastrophe-how-we-hacked-virtuals-4-6b-agentic-ai-cryptocurrency-ecosystem-f850b544d0f5?source=rss------bug_bounty-5 | Dane Sherrets | hacking, ai, cryptocurrency, agents, bug-bounty | 22-Mar-2025 |
How a Security Researcher Earned $1,900 Bounty for Privilege Escalation | https://cyberw1ng.medium.com/how-a-security-researcher-earned-1-900-bounty-for-privilege-escalation-d430e24e8b1b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, careers, technology, programming | 22-Mar-2025 |
Next.js and the corrupt middleware: the authorizing artifact | https://medium.com/@zhero_/next-js-and-the-corrupt-middleware-the-authorizing-artifact-14e6fb688d26?source=rss------bug_bounty-5 | Rachid.A | javascript, hacking, bug-bounty, vulnerability, nextjs | 22-Mar-2025 |
How a Security Researcher Earned $1,900 Bounty for Privilege Escalation | https://osintteam.blog/how-a-security-researcher-earned-1-900-bounty-for-privilege-escalation-d430e24e8b1b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, careers, technology, programming | 22-Mar-2025 |
Exploiting Blind XSS in a Signup Page: Admin Panel Takeover and Real-World Impact ($3000 P2 Private… | https://medium.com/@MianHammadx0root/exploiting-blind-xss-in-a-signup-page-admin-panel-takeover-and-real-world-impact-3000-p2-private-110205e3674b?source=rss------bug_bounty-5 | Mian Hammad | bug-bounty, xss-attack, bugbounty-writeup, blind-xss, pentesting | 21-Mar-2025 |
The Essential Guide to Bug Bounties and Responsible Disclosure | https://medium.com/@locamartin/the-essential-guide-to-bug-bounties-and-responsible-disclosure-b4d34053c139?source=rss------bug_bounty-5 | Loca Martin | bug-bounty | 21-Mar-2025 |
How I Made $1000 in Just 30 Minutes by Discovering an Account Takeover (ATO) Vulnerability! | https://theindiannetwork.medium.com/how-i-made-1000-in-just-30-minutes-by-discovering-an-account-takeover-ato-vulnerability-84afd6c5d9ab?source=rss------bug_bounty-5 | TheIndianNetwork | bug-bounty, account-takeover-attacks, account-takeover, bug-bounty-tips, bug-bounty-hunter | 21-Mar-2025 |
From Lockdown to Payday: Hacking a Porn Site for $1,500 | https://stevenfloresca.medium.com/from-lockdown-to-payday-hacking-a-porn-site-for-1-500-899bf57cc556?source=rss------bug_bounty-5 | Steven Floresca | information-security, hacker, bug-bounty, xss-vulnerability, security | 21-Mar-2025 |
Find Private Bug Bounty Programs without an invite | https://osintteam.blog/find-private-bug-bounty-programs-without-an-invite-d2baf4c3be06?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty-tips, bug-bounty, bug-bounty-hunter, ethical-hacking, pentesting | 21-Mar-2025 |
File Upload Bypass: Pulling off The Ultimate Disrespect | https://sudosuraj.medium.com/file-upload-bypass-pulling-off-the-ultimate-disrespect-d7200be31717?source=rss------bug_bounty-5 | sudosuraj | file-upload-bypass, file-upload-vulnerability, bug-bounty-tips, sudosuraj, bug-bounty | 21-Mar-2025 |
best google dorking | https://mknayek101.medium.com/best-google-dorking-00ccc375d415?source=rss------bug_bounty-5 | MkNayek | bug-bounty | 21-Mar-2025 |
How I Earned $700 in Just 10 Minutes by Finding a Path Traversal Vulnerability | https://theindiannetwork.medium.com/how-i-earned-700-in-just-10-minutes-by-finding-a-path-traversal-vulnerability-ef311fe25515?source=rss------bug_bounty-5 | TheIndianNetwork | file-path-traversal, path-traversal, directory-traversal, directory-listing, bug-bounty | 21-Mar-2025 |
How to Route Traffic from WSL to Burp Suite on Windows: A Step-by-Step Guide | https://infosecwriteups.com/how-to-route-traffic-from-wsl-to-burp-suite-on-windows-a-step-by-step-guide-38d58f65b21a?source=rss------bug_bounty-5 | coffinxp | hacking, burpsuite, penetration-testing, bug-bounty-tips, bug-bounty | 21-Mar-2025 |
Get $5000: GitHub Dorks & Leaks | https://infosecwriteups.com/get-5000-github-dorks-leaks-b26728099d38?source=rss------bug_bounty-5 | Abhijeet Kumawat | cybersecurity, bug-bounty, hacking, infosec, github | 21-Mar-2025 |
Advanced Bug Bounty: API Key and Token Leaks — Tools, Techniques, and Exploitation | https://infosecwriteups.com/advanced-bug-bounty-api-key-and-token-leaks-tools-techniques-and-exploitation-7d3fcb3b5fb7?source=rss------bug_bounty-5 | Ajay Naik | cybersecurity, information-security, api, bug-bounty, bug-bounty-tips | 21-Mar-2025 |
Top Cybersecurity Tools | https://medium.com/@cy3ek/top-cybersecurity-tools-42b50ee678e2?source=rss------bug_bounty-5 | cybrk | linux, hacking, tools, bug-bounty | 21-Mar-2025 |
Understanding the Psychology of Bug Bounty Triage Teams — Why Some Bugs Get Marked as Duplicates… | https://infosecwriteups.com/understanding-the-psychology-of-bug-bounty-triage-teams-why-some-bugs-get-marked-as-duplicates-cab9195c6f58?source=rss------bug_bounty-5 | Vivek PS | ethical-hacking, cybersecurity, bug-bounty, programming | 21-Mar-2025 |
CSRF TO ACCOUNT TAKEOVER | https://levi4.medium.com/csrf-to-account-takeover-83cacd848903?source=rss------bug_bounty-5 | Levi Ackerman | cybersecurity, security, web, hacking, bug-bounty | 21-Mar-2025 |
Top 10 Terminal-Based Bug Hunting Tools in 2025 | https://medium.com/@cybertips96/top-10-terminal-based-bug-hunting-tools-in-2025-9c61e8d79aba?source=rss------bug_bounty-5 | Cybertips | bug-bounty, technology | 21-Mar-2025 |
Top 10 Chrome/Brave Extensions for Bug Hunting in 2025 | https://medium.com/@cybertips96/top-10-chrome-brave-extensions-for-bug-hunting-in-2025-242b09b8ec45?source=rss------bug_bounty-5 | Cybertips | technology, bug-bounty | 21-Mar-2025 |
5 Most Useful Websites for Bug Hunters to Know | https://medium.com/@vipulsonule71/5-most-useful-websites-for-bug-hunters-to-know-7094055e1e4b?source=rss------bug_bounty-5 | Vipul Sonule | hacking, ethical-hacking, penetration-testing, bug-bounty-writeup, bug-bounty | 21-Mar-2025 |
The Power of Bug Bounty Hunting: Strengthening Your Security Posture | https://medium.com/@jkyne6368/the-power-of-bug-bounty-hunting-strengthening-your-security-posture-dfb77a2869d3?source=rss------bug_bounty-5 | Jordilla | cybersecurity, vulnerability, penetration-testing, bug-bounty, security | 21-Mar-2025 |
What is a web fuzzer, when to use it and how to use it? | https://medium.com/@pars_87944/what-is-a-web-fuzzer-when-to-use-it-and-how-to-use-it-b2e2b720fa7a?source=rss------bug_bounty-5 | Pars SARICA | ctf, fuzzers, hacking, webfuzzing, bug-bounty | 21-Mar-2025 |
The Ultimate Feroxbuster Cheat Sheet: Faster & Better Than Others? | https://medium.com/@cybrpunked/the-ultimate-feroxbuster-cheat-sheet-faster-better-than-others-2fbe7d875d77?source=rss------bug_bounty-5 | Cybrpunked | bug-bounty, ethical-hacking, red-team, cybersecurity, penetration-testing | 21-Mar-2025 |
What Is Cybersecurity? (And Why It’s Like Locking Your Front Door) | https://medium.com/@ahmadjaved09/what-is-cybersecurity-and-why-its-like-locking-your-front-door-552b0772c0fa?source=rss------bug_bounty-5 | Ahmad Javed | hacking, bug-bounty, pentesting, cybersecurity, digital-self-defense | 21-Mar-2025 |
Advanced Dorking Techniques for Bug Bounty Hunters: Part 3 | https://hackersatty.medium.com/advanced-dorking-techniques-for-bug-bounty-hunters-part-3-2bdadc8acf38?source=rss------bug_bounty-5 | hackersatty | hackersatty, google-dorking, xss-attack, bug-bounty-tips, bug-bounty | 21-Mar-2025 |
Top Tools for Ethical Hackers in 2025 | https://medium.com/@vipulsonule71/top-tools-for-ethical-hackers-in-2025-7f15d53f14d8?source=rss------bug_bounty-5 | Vipul Sonule | bug-bounty, ethical-hacking, tech, hacking, penetration-testing | 21-Mar-2025 |
5 Game-Changing Websites Every Bug Hunter Must Know! ️♂️ | https://medium.com/@vipulsonule71/5-most-useful-websites-for-bug-hunters-to-know-7094055e1e4b?source=rss------bug_bounty-5 | Vipul Sonule | hacking, ethical-hacking, penetration-testing, bug-bounty-writeup, bug-bounty | 21-Mar-2025 |
Cryptographic Failures: Advanced Insights and Real-World Attacks | https://cyberw1ng.medium.com/cryptographic-failures-advanced-insights-and-real-world-attacks-bb6230f9f5be?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | programming, bug-bounty, careers, technology, cybersecurity | 21-Mar-2025 |
Access Control Vulnerability: | https://medium.com/@520hazem/access-control-vulnerability-67c0064190c9?source=rss------bug_bounty-5 | Hazem | access-control, portswigger, bug-bounty, portswigger-lab, pentesting | 21-Mar-2025 |
Bypassing Open Redirect Mitigations: How I Exploited a Trusted Platform | https://take0verx0.medium.com/bypassing-open-redirect-mitigations-how-i-exploited-a-trusted-platform-8130938083ed?source=rss------bug_bounty-5 | Shahariar Amin | open-redirect, bypass-wrapper, bug-bounty | 21-Mar-2025 |
Blog view count manipulation by automated requests. | https://take0verx0.medium.com/blog-view-count-manipulation-by-automated-requests-942eac11c233?source=rss------bug_bounty-5 | Shahariar Amin | bug-bounty | 21-Mar-2025 |
The rate limiting request /api/auth/_log is not used causing all APIs to crash. | https://medium.com/@VulnRAM/the-rate-limiting-request-api-auth-log-is-not-used-causing-all-apis-to-crash-87dc89c4f178?source=rss------bug_bounty-5 | ramzey elsayed mohamed | bug-bounty, bug-bounty-writeup, penetration-testing, bug-bounty-tips, bugs | 21-Mar-2025 |
Authentication Bypass Vulnerability — Impersonation on Article Comments | https://take0verx0.medium.com/authentication-bypass-vulnerability-impersonation-on-article-comments-97169213b07c?source=rss------bug_bounty-5 | Shahariar Amin | authentication-bypass, bug-bounty | 21-Mar-2025 |
Business Logic | https://medium.com/@520hazem/business-logic-53377a732c8c?source=rss------bug_bounty-5 | Hazem | business-logic-flaw, portswigger, portswigger-lab, bug-bounty, business-logic | 21-Mar-2025 |
$100 for a Filthy Enterprise Email Leaks in source code. | https://medium.com/@rootplinix/100-for-a-filthy-enterprise-email-leaks-in-source-code-c9ddf118d9ae?source=rss------bug_bounty-5 | Abu Hurayra | infosec, bug-bounty, writeup, hacking, cybersecurity | 21-Mar-2025 |
How to Get Root Privilege after getting foothold [ EJPT Notes] | https://infosecwriteups.com/how-to-get-root-privilege-after-getting-foothold-ejpt-notes-ce526a535ca3?source=rss------bug_bounty-5 | Mr Horbio | cybersecurity, hacking, bug-bounty, ethical-hacking, privilege-escalation | 21-Mar-2025 |
Bug Hunting with HTTPX: A Powerful Security Tool in 2025 ✅ | https://medium.com/@cybertips96/bug-hunting-with-httpx-a-powerful-security-tool-in-2025-1b20a8425f62?source=rss------bug_bounty-5 | Cybertips | technology, bug-bounty, hackerone-report, http-status-code | 21-Mar-2025 |
Cryptographic Failures: Advanced Insights and Real-World Attacks | https://osintteam.blog/cryptographic-failures-advanced-insights-and-real-world-attacks-bb6230f9f5be?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | programming, bug-bounty, careers, technology, cybersecurity | 21-Mar-2025 |
Mobile Number Verification Bypass CWE-840 Business Logic Error | https://medium.com/@VulnRAM/mobile-number-verification-bypass-cwe-840-business-logic-error-1cd80b0bced5?source=rss------bug_bounty-5 | ramzey elsayed mohamed | bug-bounty, pentesting, bug-bounty-writeup, bug-bounty-tips | 20-Mar-2025 |
How I Made $5000 in 1 Hour Finding 5 SQLi Vulnerabilities Manually | https://medium.com/@ibtissamhammadi/how-i-made-5000-in-1-hour-finding-5-sqli-vulnerabilities-manually-bfbff1c02a47?source=rss------bug_bounty-5 | Ibtissam Hammadi | cybersecurity, sql, web-security, bug-bounty, ethical-hacking | 20-Mar-2025 |
How I Made $1,000,000 in Bug Bounties — Finding a Simple $500,000+ Vulnerability with Just a… | https://theindiannetwork.medium.com/how-i-made-1-000-000-in-bug-bounties-finding-a-simple-500-000-vulnerability-with-just-a-d5e224041c6e?source=rss------bug_bounty-5 | TheIndianNetwork | idor-vulnerability, api-security, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 20-Mar-2025 |
How I Earned $2000 from SQL Injection: A Bug Hunter’s Guide | https://theindiannetwork.medium.com/how-i-earned-2000-from-sql-injection-a-bug-hunters-guide-3fb2bb0c51bd?source=rss------bug_bounty-5 | TheIndianNetwork | bug-bounty, sql-injection, database-hack, bug-bounty-tips, sql-injection-attack | 20-Mar-2025 |
From Zero to Hero: Hunting High-Paying Open Redirect Bugs in Web Apps | https://infosecwriteups.com/from-zero-to-hero-hunting-high-paying-open-redirect-bugs-in-web-apps-fdb80286236e?source=rss------bug_bounty-5 | coffinxp | penetration-testing, cybersecurity, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 20-Mar-2025 |
Ghost in the Machine: Advanced Persistent Threats (APTs) Hiding in Firmware and Hardware-Level… | https://medium.com/@paritoshblogs/ghost-in-the-machine-advanced-persistent-threats-apts-hiding-in-firmware-and-hardware-level-e2c228c4839d?source=rss------bug_bounty-5 | Paritosh | cybersecurity, hacking, information-technology, bug-bounty, apt | 20-Mar-2025 |
One Year of Cybersecurity Writing: Lessons, Insights & What’s Next! | https://medium.com/@verylazytech/one-year-of-cybersecurity-writing-lessons-insights-whats-next-beb1cff93805?source=rss------bug_bounty-5 | Very Lazy Tech | thank-you, hacking, growth, bug-bounty, cybersecurity | 20-Mar-2025 |
Part 1: How I dumped 5,000,000 emails by reading admin panel JS code. | https://medium.com/@alimuhammadsecured/how-i-dumped-5-000-000-emails-by-reading-admin-panel-js-code-bb8cfe23bcab?source=rss------bug_bounty-5 | Alimuhammadsecured | hacking, vulnerability, bug-bounty, red-team, ethicalhackin | 20-Mar-2025 |
✅ Step-by-Step Guide: Install WSL (Windows Subsystem for Linux) Terminal | https://medium.com/@cybertips96/step-by-step-guide-install-wsl-windows-subsystem-for-linux-terminal-674813db62fa?source=rss------bug_bounty-5 | Cybertips | bug-bounty | 20-Mar-2025 |
Server-Side Request Forgery (SSRF) Explained | https://medium.com/@abdelrahmanahmetoglu/server-side-request-forgery-ssrf-explained-46cc1468b9ba?source=rss------bug_bounty-5 | Abdelrahmanahmetoglu | web-security, cybersecurity, bug-bounty, web-development, ssrf | 20-Mar-2025 |
Easy $250: Discovered Exposed .env Files | https://medium.com/@Abhijeet_kumawat_/easy-250-discovered-exposed-env-files-762204fcedcd?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, infosec, cybersecurity, hacking, secrets | 20-Mar-2025 |
✅ Step-by-Step Guide: Install and Configure Oh My Posh in Windows Terminal (WSL) | https://medium.com/@cybertips96/step-by-step-guide-install-and-configure-oh-my-posh-in-windows-terminal-wsl-080fc7d9f11c?source=rss------bug_bounty-5 | Cybertips | promptengineeringchatgpt, artificial-intelligence, bug-bounty, psychology, technology | 20-Mar-2025 |
Full Account Takeover via XSS: My Bug Hunting Win… or Was It? | https://mushirsyed.medium.com/full-account-takeover-via-xss-my-bug-hunting-win-or-was-it-3b3fb05c25a9?source=rss------bug_bounty-5 | Syed Mushir | xss-vulnerability, bug-hunting, account-takeover, bug-bounty, xss-attack | 20-Mar-2025 |
I Bypassed WAF To Escalate SQLI ~Reward HOF | https://ajakcybersecurity.medium.com/i-bypassed-waf-to-escalate-sqli-reward-hof-00c5ddb0053e?source=rss------bug_bounty-5 | AJAK Cyber Academy | cybersecurity, learning, hacking, bug-bounty, penetration-testing | 20-Mar-2025 |
How to Approach a Target for Bug Hunting ✨ | https://medium.com/@vipulsonule71/how-to-approach-a-target-for-bug-hunting-81f8ce89cdf3?source=rss------bug_bounty-5 | Vipul Sonule | ethical-hacking, penetration-testing, cybersecurity, bug-bounty, hacking | 20-Mar-2025 |
Mastering Recon in Bug Bounty: Advanced Techniques for 2025 | https://medium.com/@hackerfromhills/mastering-recon-in-bug-bounty-advanced-techniques-for-2025-1c8b5f3c43b9?source=rss------bug_bounty-5 | Badal kathayat | hacker, bug-bounty-writeup, hacking, bug-bounty-tips, bug-bounty | 20-Mar-2025 |
Improper Access Control Worth $$$ Bounty | https://medium.com/@mohaned0101/improper-access-control-worth-bounty-e8706ab3a3ec?source=rss------bug_bounty-5 | mohaned alkhlot | bug-bounty, bug-bounty-tips | 20-Mar-2025 |
How I Took Admin Account via JWT Bypass | https://medium.com/@shyam.sam0704/how-i-took-admin-account-via-jwt-bypass-5eb96430c2ad?source=rss------bug_bounty-5 | Shyam | vulnerability-management, jwt-authentication, bug-bounty-writeup, bug-bounty, jwt-exploitation | 20-Mar-2025 |
Self-Hosted vs. Third-Party Bug Bounty Platforms: Key Differences Explained | https://medium.com/@cybertips96/self-hosted-vs-third-party-bug-bounty-platforms-key-differences-explained-16358ac9488c?source=rss------bug_bounty-5 | Cybertips | technology, programming, bug-bounty | 20-Mar-2025 |
Bug Bounty Hunting — Complete Guide (Part-121) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-121-f00a0b2a9abe?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, hacking, bug-bounty, bug-bounty-tips, cybersecurity | 20-Mar-2025 |
When Life Gave Me a 500 Error, I Found AWS Keys Instead! $$RF | https://medium.com/@iski/when-life-gave-me-a-500-error-i-found-aws-keys-instead-rf-b416f8ca68f8?source=rss------bug_bounty-5 | Iski | bug-bounty, cybersecurity, bug-bounty-tips, aws | 20-Mar-2025 |
Cryptographic Failures: A Comprehensive Guide | https://cyberw1ng.medium.com/cryptographic-failures-a-comprehensive-guide-410064fe6e4e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | programming, cybersecurity, careers, bug-bounty, technology | 20-Mar-2025 |
Finding and Exploiting XSS in a CRM (and getting paid for it) | https://medium.com/@AlasdairGorniak/finding-and-exploiting-xss-in-a-crm-and-getting-paid-for-it-71e2767faeba?source=rss------bug_bounty-5 | Alasdair Gorniak | xss-attack, ethical-hacking, cybersecurity, bug-bounty, hacking | 20-Mar-2025 |
No Rate Limiting on Login Endpoint — A Brute Force Vulnerability | https://medium.com/@cybermanx07/no-rate-limiting-on-login-endpoint-a-brute-force-vulnerability-d1300848b445?source=rss------bug_bounty-5 | Cyber Man | ethical-hacking, web-security, cybersecurity, burpsuite, bug-bounty | 19-Mar-2025 |
Active Directory Federation Services (AD FS) | https://medium.com/@paritoshblogs/active-directory-federation-services-ad-fs-1b7c38929964?source=rss------bug_bounty-5 | Paritosh | cybersecurity, information-technology, active-directory, hacking, bug-bounty | 19-Mar-2025 |
[CVE Anniversary Activity] CVE report analysis, exclusive activity is now open! | https://medium.com/@security.tecno/cve-exclusive-activity-analyze-12-cve-reports-and-start-a-reward-activity-4bab97436b06?source=rss------bug_bounty-5 | TECNO Security | hacking, cve, security, report, bug-bounty | 19-Mar-2025 |
From SSRF to $$$: How I Hacked Autodesk’s Rendering Service and Earned a Bug Bounty | https://cybersecuritywriteups.com/from-ssrf-to-how-i-hacked-autodesks-rendering-service-and-earned-a-bug-bounty-da444900f7d9?source=rss------bug_bounty-5 | Krish_cyber | osint, bug-bounty-writeup, cybersecurity, bug-bounty, info-sec-writeups | 19-Mar-2025 |
BugYatri - web2 & web3 BugBounty Platform for BugHunters!!! | https://medium.com/@bugyatri/bugyatri-web2-web3-bugbounty-platform-for-bughunters-476826513b6f?source=rss------bug_bounty-5 | BugYatri | bug-bounty, bounty-program, cybersecurity, web3, web | 19-Mar-2025 |
A great tool that will be helpful in your bug bounty&pentesting journey. | https://infosecwriteups.com/a-great-tool-that-will-be-helpful-in-your-bug-bounty-pentesting-journey-8ce118f4ea00?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, cybersecurity, hacking, penetration-testing, tips | 19-Mar-2025 |
Users Without Roles/Member Roles Can Create Private Repositories And Secret Teams In Github… | https://rhidayah.medium.com/users-without-roles-member-roles-can-create-private-repositories-and-secret-teams-in-github-8fec746ac684?source=rss------bug_bounty-5 | Rohmad Hidayah | broken-access-control, bug-bounty-writeup, privilege-escalation, bug-bounty, github | 19-Mar-2025 |
The Role of Ethical Hackers in Web3 Security | https://medium.com/@somtoochukwu65/the-role-of-ethical-hackers-in-web3-security-4b12579da1ef?source=rss------bug_bounty-5 | Divine Somtoochukwu Innocent | blockchain-security, ethical-hacking, web3-security, cyber-threats-2025, bug-bounty | 19-Mar-2025 |
Users Without Roles/Member Roles Can Create Private Repositories And Secret Teams In Github… | https://infosecwriteups.com/users-without-roles-member-roles-can-create-private-repositories-and-secret-teams-in-github-8fec746ac684?source=rss------bug_bounty-5 | Rohmad Hidayah | broken-access-control, bug-bounty-writeup, privilege-escalation, bug-bounty, github | 19-Mar-2025 |
15+ Linux Environment Variables Hackers Use (You Should Too!) | https://medium.com/@verylazytech/15-linux-environment-variables-hackers-use-you-should-too-f4b9397098dd?source=rss------bug_bounty-5 | Very Lazy Tech | cybersecurity, penetration-testing, bug-bounty, environmental-variables, hacking | 19-Mar-2025 |
Hacking Open Docker Registries: Pulling, Extracting, and Exploiting Images. | https://infosecwriteups.com/hacking-open-docker-registries-pulling-extracting-and-exploiting-images-339f41fbf9b4?source=rss------bug_bounty-5 | nav1n | rce-vulnerability, docker, sql-injection, bug-bounty, unauthorized-access | 19-Mar-2025 |
How I Got Access to Berkeley University’s One Of Server Using the Legendary ‘admin: admin’ Creds! | https://hiddendom.medium.com/how-i-got-access-to-berkeley-universitys-one-of-server-using-the-legendary-admin-admin-creds-64394e6b3152?source=rss------bug_bounty-5 | Gokuleswaran B | bug-bounty-writeup, penetration-testing, bug-bounty, ethical-hacking, bug-bounty-tips | 19-Mar-2025 |
“Secret Keys to Cash: Finding Hidden Flaws for Bug Bounties” | https://medium.com/@dimpchubb/secret-keys-to-cash-finding-hidden-flaws-for-bug-bounties-c67ee06dd3eb?source=rss------bug_bounty-5 | VulnerabilityIntel | bug-bounty-writeup, hacking, bug-bounty, penetration-testing, bug-bounty-tips | 19-Mar-2025 |
Exclusive Exploit for Sale — Unlock Advanced Security Testing Potential - $$$$ BOUNTY | https://medium.com/@ajaynaikhack/exclusive-exploit-for-sale-unlock-advanced-security-testing-potential-bounty-197a2cda3c9c?source=rss------bug_bounty-5 | Ajay Naik | penetration-testing, information-technology, cybersecurity, bug-bounty, information-security | 19-Mar-2025 |
Bug Bounty Hunting — Complete Guide (Part-120) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-120-034170afece7?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, cybersecurity, bug-bounty-tips, hacking, ethical-hacking | 19-Mar-2025 |
HTTP Request Smuggling: Advanced Security Testing Guide and Exploitation Techniques | https://infosecwriteups.com/http-request-smuggling-advanced-security-testing-guide-and-exploitation-techniques-1d4dac9a826a?source=rss------bug_bounty-5 | Ajay Naik | bug-bounty, information-security, information-technology, penetration-testing, http-request-smuggling | 19-Mar-2025 |
HTTP: The Invisible Language of the Web (And How Hackers Exploit It) | https://medium.com/@sobatistacyber/http-the-invisible-language-of-the-web-and-how-hackers-exploit-it-83456833c4c5?source=rss------bug_bounty-5 | SoBatista | https, bug-bounty, burpsuite, penetration-testing, hacking | 19-Mar-2025 |
No Tools, No Problem — Another Fun Bug Hunting Story! | https://strangerwhite.medium.com/no-tools-no-problem-another-fun-bug-hunting-story-22c234331bfd?source=rss------bug_bounty-5 | StrangeRwhite | hacking, information-technology, cyberaware, cybersecurity, bug-bounty | 19-Mar-2025 |
Automating Subdomain Takeover Discovery with Shell Scripting | https://icecream23.medium.com/automating-subdomain-takeover-discovery-with-shell-scripting-e9016ee77ddd?source=rss------bug_bounty-5 | Aman Bhuiyan | bug-bounty, takeovers, recon, bug-bounty-writeup | 19-Mar-2025 |
DOM XSS in portswigger | https://medium.com/@testwebsite1244/dom-xss-in-portswigger-50678427bc0f?source=rss------bug_bounty-5 | Oday | portswigger, burpsuite, bug-bounty | 19-Mar-2025 |
Why Threat Modeling is a Game Changer for Application Security | https://medium.com/@8459vismay/why-threat-modeling-is-a-game-changer-for-application-security-27a225c28f4e?source=rss------bug_bounty-5 | Vismay Patil | cybersecurity, penetration-testing, threat-modeling, bug-bounty, ethical-hacking | 19-Mar-2025 |
️ How to Use Nuclei for Bug Hunting | https://medium.com/@vipulsonule71/%EF%B8%8F-how-to-use-nuclei-for-bug-hunting-413f3496a335?source=rss------bug_bounty-5 | Vipul Sonule | penetration-testing, hacking, bug-bounty, technology, ethical-hacking | 19-Mar-2025 |
Part-3 | Deep Recon Methodology for Bug Bounty Hunters | https://infosecwriteups.com/part-3-deep-recon-methodology-for-bug-bounty-hunters-cd7139eed7e4?source=rss------bug_bounty-5 | Abhijeet Kumawat | cybersecurity, recon, hacking, infosec, bug-bounty | 19-Mar-2025 |
Hacking APIs: Bypassing Rate Limiting | https://iaraoz.medium.com/hacking-apis-bypassing-rate-limiting-0c7bd075b86c?source=rss------bug_bounty-5 | Israel Aráoz Severiche | hacking, appsec, owasp-top-10, bug-bounty, cybersecurity | 19-Mar-2025 |
Udemy Savings: Get F5 BIG-IP Courses for Less! | https://medium.com/@deepdive4learn/udemy-savings-get-f5-big-ip-courses-for-less-635e7d9cf449?source=rss------bug_bounty-5 | DeepDive4learn | cybersecurity, networking, bug-bounty, web, application-security | 19-Mar-2025 |
“Unveiled: The Dark Side of Bugcrowd — Unfair Rejections and a Warning to Hackers” | https://monsifhmouri.medium.com/unveiled-the-dark-side-of-bugcrowd-unfair-rejections-and-a-warning-to-hackers-ca9d8572ad63?source=rss------bug_bounty-5 | MONSIF HMOURI | bug-bounty, bugcrowd, ethical-hacking | 19-Mar-2025 |
$12,900 in Bounties in My First Month of Bug Hunting with Ax Framework | https://medium.com/@EthicalOffsec/12-900-in-bounties-in-my-first-month-of-bug-hunting-with-ax-framework-6d530d25c1c2?source=rss------bug_bounty-5 | 0xtavian | bug-bounty, bug-bounty-writeup, penetration-testing, hacking, bug-bounty-tips | 19-Mar-2025 |
$50K Bounty Just for GitHub Access Token exposure | https://medium.com/@hrofficial62/50k-bounty-just-for-github-access-token-exposure-d92dcc34eb4d?source=rss------bug_bounty-5 | Mr Horbio | pentesting, cybersecurity, hacking, ethical-hacking, bug-bounty | 19-Mar-2025 |
File Inclusion Vulnerabilities: Advanced Exploitation and Mitigation Techniques | https://cyberw1ng.medium.com/file-inclusion-vulnerabilities-advanced-exploitation-and-mitigation-techniques-6b47cb6547fd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | technology, cybersecurity, bug-bounty, programming, careers | 19-Mar-2025 |
♂️ “From Zero to Hero: How 2FA Bypass Turned Me Into a Bug Bounty Legend” | https://osintteam.blog/%EF%B8%8F-from-zero-to-hero-how-2fa-bypass-turned-me-into-a-bug-bounty-legend-8eb0b815aaf9?source=rss------bug_bounty-5 | Krish_cyber | bug-bounty, infosec-write-ups, osint, cybersecurity, bug-bounty-writeup | 19-Mar-2025 |
File Inclusion Vulnerabilities: Advanced Exploitation and Mitigation Techniques | https://osintteam.blog/file-inclusion-vulnerabilities-advanced-exploitation-and-mitigation-techniques-6b47cb6547fd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | technology, cybersecurity, bug-bounty, programming, careers | 19-Mar-2025 |
Dark Web and Phishing Kits: Exploring the Underground Market for Phishing Tools | https://medium.com/@paritoshblogs/dark-web-and-phishing-kits-exploring-the-underground-market-for-phishing-tools-a645a9b962f1?source=rss------bug_bounty-5 | Paritosh | hacking, bug-bounty, information-technology, phishing, cybersecurity | 18-Mar-2025 |
How to Hacking Amazon Simple Notification Service @amazon | https://medium.com/@mo7mead/how-to-hacking-amazon-simple-notification-service-amazon-14ff463c402c?source=rss------bug_bounty-5 | mo7mead | cybersecurity, bug-bounty, penetration-testing, bug-bounty-tips | 18-Mar-2025 |
Mastering F5 ASM: Web Application Security Like a Pro! | https://medium.com/@deepdive4learn/mastering-f5-asm-web-application-security-like-a-pro-2f390613b68a?source=rss------bug_bounty-5 | DeepDive4learn | owasp-top-10, web-development, cybersecurity, bug-bounty, api | 18-Mar-2025 |
ChatGPT Jailbreaking: A Sneaky Loophole That Exposes Ethical Gaps | https://medium.com/@dharineeshj2/chatgpt-jailbreaking-a-sneaky-loophole-that-exposes-ethical-gaps-1f3dcf015bf6?source=rss------bug_bounty-5 | Hack-Bat | bug-bounty, llm, hacking, cybersecurity, prompt-engineering | 18-Mar-2025 |
CRLF Injection: Guide to Finding & Exploiting Vulnerabilities | https://infosecwriteups.com/crlf-injection-guide-to-finding-exploiting-vulnerabilities-ec2d55805cc4?source=rss------bug_bounty-5 | Abhijeet Kumawat | crlf-injection, hacking, cybersecurity, infosec, bug-bounty | 18-Mar-2025 |
ZeroCopter Programs for Bug Hunting | https://osintteam.blog/zerocopter-programs-for-bug-hunting-6b73c4d97fe5?source=rss------bug_bounty-5 | AbhirupKonwar | bug-hunting, pentesting, bug-bounty-tips, ethical-hacking, bug-bounty | 18-Mar-2025 |
Modern XSS Challenges: Beyond the Basics | https://infosecwriteups.com/modern-xss-challenges-beyond-the-basics-90bd9d931e30?source=rss------bug_bounty-5 | Dhanush N | bug-bounty-writeup, bug-bounty, security, xss-attack, bug-bounty-tips | 18-Mar-2025 |
️ How to Be an Ethical Hacker: A Complete Guide | https://medium.com/@vipulsonule71/%EF%B8%8F-how-to-be-an-ethical-hacker-a-complete-guide-dfa8437aa2d9?source=rss------bug_bounty-5 | Vipul Sonule | bug-bounty, ethical-hacking, cybersecurity, penetration-testing, hacking | 18-Mar-2025 |
How to find IDORs like a pro | https://medium.com/@bxrowski0x/how-to-find-idors-like-a-pro-158cf23baf23?source=rss------bug_bounty-5 | Omar ElSayed | info-sec-writeups, bug-bounty, infosec, idor, cybersecurity | 18-Mar-2025 |
The Ultimate Guide to Setting Up ezXSS on Oracle Cloud Free Tier ARM Server | https://medium.com/@curiouskhanna/the-ultimate-guide-to-setting-up-ezxss-on-oracle-cloud-free-tier-arm-server-a60677b2ac2a?source=rss------bug_bounty-5 | Shubham Khanna | cybersecurity, blind-xss, bug-bounty, xss-attack | 18-Mar-2025 |
CSRF to XSS: Chaining Vulnerabilities for Critical Bug Bounties | https://krishna-cyber.medium.com/csrf-to-xss-chaining-vulnerabilities-for-critical-bug-bounties-804bced55bb3?source=rss------bug_bounty-5 | Krish_cyber | osint, infosec-write-ups, bug-bounty-writeup, bug-bounty, cybersecurity | 18-Mar-2025 |
Can You Find a $4,500 Bug in Google Slides in Under 3 Hours | https://medium.com/@ibtissamhammadi/can-you-find-a-4-500-bug-in-google-slides-in-under-3-hours-69e9113ccfd3?source=rss------bug_bounty-5 | Ibtissam Hammadi | google, bug-hunting, ethical-hacking, cybersecurity, bug-bounty | 18-Mar-2025 |
Bug Bounty Hunting in 2025: How to Earn Big with the Best Tools & Platforms | https://medium.com/@modernshubhamgupta/bug-bounty-hunting-in-2025-how-to-earn-big-with-the-best-tools-platforms-a04e66d6575f?source=rss------bug_bounty-5 | Shubham Raj | bug-bounty-tips, bug-bounty, money-making-ideas, cybersecurity, ethical-hacking | 18-Mar-2025 |
How to Make Your First $100,000 in Bug Bounty | https://medium.com/@hackerfromhills/how-to-make-your-first-100-000-in-bug-bounty-51e10cda8f11?source=rss------bug_bounty-5 | Badal kathayat | bug-bounty-tips, bug-hunter, bug-bounty, hacking, bug-bounty-writeup | 18-Mar-2025 |
Hacking With Cookies | https://medium.com/cloud-security/hacking-with-cookies-99d8308169f0?source=rss------bug_bounty-5 | Teri Radichel | pentesting, cookies, penetration-testing, bug-bounty, hacking | 18-Mar-2025 |
Some Ways to Find More IDOR Vulnerabilities | https://medium.com/@vipulsonule71/some-ways-to-find-more-idor-vulnerabilities-5648f2f6baa7?source=rss------bug_bounty-5 | Vipul Sonule | ethical-hacking, bug-bounty, penetration-testing, hacking, technology | 18-Mar-2025 |
The Ultimate Guide to CDX API for Bug Bounty Recon | https://myselfakash20.medium.com/the-ultimate-guide-to-cdx-api-for-bug-bounty-recon-e98c36d033ed?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty, bug-bounty-tips, bug-bounty-writeup, programming, cybersecurity | 18-Mar-2025 |
Open Redirect Vulnerability: A Detailed Overview and How I Discovered It | https://theindiannetwork.medium.com/open-redirect-vulnerability-a-detailed-overview-and-how-i-discovered-it-b95a228f6047?source=rss------bug_bounty-5 | TheIndianNetwork | bug-bounty, open-redirect-vurnability, open-redirect, open-redirection, bug-bounty-tips | 18-Mar-2025 |
Understanding File Inclusion Vulnerabilities: A Practical Guide | https://cyberw1ng.medium.com/understanding-file-inclusion-vulnerabilities-a-practical-guide-25a22c461c2b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, technology, programming, careers, bug-bounty | 18-Mar-2025 |
How I Made $3000 in 3 Minutes with SQLi | https://medium.com/@ibtissamhammadi/how-i-made-3000-in-3-minutes-with-sqli-d32c7f29c869?source=rss------bug_bounty-5 | Ibtissam Hammadi | database, bug-bounty, cybersecurity, sql, ethical-hacking | 17-Mar-2025 |
Bug Bounty: Cookie timeline utilization when the system uses multiple authentication cookies | https://medium.com/@expression4865/bug-bounty-cookie-timeline-utilization-when-the-system-uses-multiple-authentication-cookies-7d2e6cc68c34?source=rss------bug_bounty-5 | expression4865 | bug-bounty, csrf, xss-attack | 17-Mar-2025 |
Subdomain Found! Now What? Next Steps for Bug Hunters | https://infosecwriteups.com/subdomain-found-now-what-next-steps-for-bug-hunters-df8fd79c73b7?source=rss------bug_bounty-5 | Monika sharma | hacking, penetration-testing, bug-bounty-tips, bug-bounty, technology | 17-Mar-2025 |
[Best of February — M3Di] From Forest to Code: Transformational Security Researcher Growth Notes | https://medium.com/@security.tecno/best-of-february-m3di-from-forest-to-code-transformational-security-researcher-growth-notes-5079ac24d1b4?source=rss------bug_bounty-5 | TECNO Security | app-development, hacking, bug-bounty, hacker, security | 17-Mar-2025 |
Introduction to web3 | https://doordiefordream.medium.com/introduction-to-web3-b78aa109ced0?source=rss------bug_bounty-5 | DOD cyber solutions | web3, blockchain, technology, bug-bounty, ethical-hacking | 17-Mar-2025 |
Bug Bounty: Cookie timeline utilization when the system uses multiple authentication cookies | https://medium.com/@smilemil/bug-bounty-cookie-timeline-utilization-when-the-system-uses-multiple-authentication-cookies-7d2e6cc68c34?source=rss------bug_bounty-5 | smilemil | bug-bounty, csrf, xss-attack | 17-Mar-2025 |
Best Bug Bounty Tips of 2025! | https://systemweakness.com/best-bug-bounty-tips-of-2025-6f5368491526?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty, bug-bounty-tips, programming, cybersecurity, hacking | 17-Mar-2025 |
How I Bypassed a Firewall, Leading to a Successful SQL Injection Exploit | https://medium.com/@AhmedSamy-X/how-i-bypassed-a-firewall-leading-to-a-successful-sql-injection-exploit-aa605996e163?source=rss------bug_bounty-5 | Ahmedsamy | bug-bounty-tips, sql-injection, bug-bounty, cybersecurity, web-exploitation | 17-Mar-2025 |
Master Subdomain Enumeration: Step-by-Step Guide to Installing and Using Subfinder | https://medium.com/@GrayWhite/master-subdomain-enumeration-step-by-step-guide-to-installing-and-using-subfinder-8a9c9b1d0ee9?source=rss------bug_bounty-5 | CrookSec | hacking, bug-bounty, cybersecurity | 17-Mar-2025 |
Using the full potential of BuiltWith for bug bounty | https://medium.com/@loyalonlytoday/using-the-full-potential-of-builtwith-for-bug-bounty-24b6145dba44?source=rss------bug_bounty-5 | loyalonlytoday | reconnaissance, bug-bounty, cybersecurity, penetration-testing, tips | 17-Mar-2025 |
Is Your Website Vulnerable? Discover the Power of Content Security Policy (CSP)! | https://medium.com/@verylazytech/is-your-website-vulnerable-discover-the-power-of-content-security-policy-csp-6b1db2c5779f?source=rss------bug_bounty-5 | Very Lazy Tech | cybersecurity, bug-bounty, vulnerability, web-penetration-testing, csp | 17-Mar-2025 |
Bug Bounty Hunting — Complete Guide (Part-119) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-119-6da43af9002c?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-tips, ethical-hacking, hacking, bug-bounty, cybersecurity | 17-Mar-2025 |
How to start hacking with use AI | https://medium.com/@vipulsonule71/how-to-start-hacking-with-use-ai-29ff04942528?source=rss------bug_bounty-5 | Vipul Sonule | ethical-hacking, bug-bounty, cybersecurity, penetration-testing, hacking | 17-Mar-2025 |
Exif Metadata Not Stripped Leak User Geolocation | https://firdausmuhammadismail.medium.com/exif-metadata-not-stripped-leak-user-geolocation-67698e6a4ff5?source=rss------bug_bounty-5 | Firdaus Muhammad Ismail | exif-data, bug-bounty, exiftool, server-security, bug-bounty-tips | 17-Mar-2025 |
Portswigger XSS Attack Lab 1 | https://medium.com/@yfhackerinfo/portswigger-xss-attack-lab-1-abf7e06b4344?source=rss------bug_bounty-5 | Your Friendly Hacker | cybersecurity, portswigger, bug-bounty, xss-attack, penetration-testing | 17-Mar-2025 |
bxbxb | https://medium.com/@tbryzshmarhkhalh63/bxbxb-b01a7e6ce064?source=rss------bug_bounty-5 | شماره خاله تبریز =مشهد ـکرمان ـخوزستان ـ زاهدانـ | startup, hx, artificial-intelligence, bug-bounty, software-development | 17-Mar-2025 |
How I Earned $15,000 from Bug Bounties: Buffer Overflow Exploit Explained (With Practical Code) | https://theindiannetwork.medium.com/how-i-earned-15-000-from-bug-bounties-buffer-overflow-exploit-explained-with-practical-code-b662843f6e07?source=rss------bug_bounty-5 | TheIndianNetwork | buffer-overflow-exploits, buffer-overflow, bug-bounty, buffer-overflow-attack, bug-bounty-tips | 17-Mar-2025 |
How I Earned $12,000 Finding a Remote Command Execution Bug (With Real Exploit) | https://theindiannetwork.medium.com/how-i-earned-12-000-finding-a-remote-command-execution-bug-with-real-exploit-18aaa66d2703?source=rss------bug_bounty-5 | TheIndianNetwork | bug-bounty, bug-bounty-tips, rce, remote-command-execution, rce-vulnerability | 17-Mar-2025 |
Zero-Day Hunting for Rent: The Rise of Bug Bounty Mercenaries | https://medium.com/dare-to-be-better/zero-day-hunting-for-rent-the-rise-of-bug-bounty-mercenaries-411c88954140?source=rss------bug_bounty-5 | Ahmad Javed | zero-day-economy, penetration-testing, bug-bounty, hackers-for-hire, cybersecurity | 17-Mar-2025 |
Best Bug Bounty Tools for Hackers in 2025: Why Digi Astra is the Ultimate Choice | https://medium.com/@modernshubhamgupta/best-bug-bounty-tools-for-hackers-in-2025-why-digi-astra-is-the-ultimate-choice-fd414bc41fa9?source=rss------bug_bounty-5 | Shubham Raj | ethical-hacking, bug-bounty-writeup, hacking, cybersecurity, bug-bounty | 17-Mar-2025 |
What Is Race Condition Vulnerability | https://medium.com/@rawansa3ed2002/what-is-race-condition-vulnerability-e01cd1be0e9b?source=rss------bug_bounty-5 | Rawansaed | bug-bounty, race-condition, ethical-hacking, cybersecurity, bug-hunting | 17-Mar-2025 |
Simple 2FA Bypass Techniques for Beginners | https://cyberw1ng.medium.com/simple-2fa-bypass-techniques-for-beginners-edec48befa23?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | technology, careers, programming, cybersecurity, bug-bounty | 17-Mar-2025 |
How to Earn $3000/Hour with a Critical Vulnerability | https://medium.com/@ibtissamhammadi/how-to-earn-3000-hour-with-a-critical-vulnerability-7fe0f262d3e5?source=rss------bug_bounty-5 | Ibtissam Hammadi | bug-bounty, hacking, cybersecurity, ethical-hacking, bug-bounty-hunting | 17-Mar-2025 |
How I Discovered a P4 Bug on the U.S. Social Security Administration | https://osintteam.blog/how-i-discovered-a-p4-bug-on-the-u-s-social-security-administration-8236ecd2a003?source=rss------bug_bounty-5 | Xh081iX | ethical-hacking, bug-bounty-tips, infosec, bug-bounty, cybersecurity | 17-Mar-2025 |
$$$$ For Full Account Take-over, 2fa bypass, Sensitive data Exposure via Critical CORS… | https://mr-pwner.medium.com/for-full-account-take-over-2fa-bypass-sensitive-data-exposure-via-critical-cors-310ee989179a?source=rss------bug_bounty-5 | Omar | ethical-hacking, cybersecurity, web-security, bug-bounty, account-takeover | 17-Mar-2025 |
Critical IDOR: Unrestricted Access to All Company Published Files | https://medium.com/@0xAhM3D/critical-idor-unrestricted-access-to-all-company-published-files-c8db77070e87?source=rss------bug_bounty-5 | 0xAhM3D | bug-bounty-tips, idor-vulnerability, bug-bounty, idor-poc, bug-bounty-writeup | 17-Mar-2025 |
How To Discover Hidden Endpoints️♂️ | https://medium.com/@Abhijeet_kumawat_/how-to-discover-hidden-endpoints-%EF%B8%8F-%EF%B8%8F-cc4c82c8a886?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, hacking, ai, infosec, cybersecurity | 17-Mar-2025 |
How To Discover Hidden Endpoints️♂️ | https://infosecwriteups.com/how-to-discover-hidden-endpoints-%EF%B8%8F-%EF%B8%8F-cc4c82c8a886?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, hacking, ai, infosec, cybersecurity | 17-Mar-2025 |
Simple 2FA Bypass Techniques for Beginners | https://osintteam.blog/simple-2fa-bypass-techniques-for-beginners-edec48befa23?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | technology, careers, programming, cybersecurity, bug-bounty | 17-Mar-2025 |
CVE-2025–26633: A Silent Threat in Windows MMC — What You Need to Know | https://medium.com/@jkyne6368/cve-2025-26633-a-silent-threat-in-windows-mmc-what-you-need-to-know-0f5156d97738?source=rss------bug_bounty-5 | Jordilla | information-security, ethical-hacking, bug-bounty, cve, cybersecurity | 16-Mar-2025 |
How I Hacked an E-Commerce Website & Found XSS | https://aiwolfie.medium.com/how-i-hacked-an-e-commerce-website-found-xss-75db71424d4a?source=rss------bug_bounty-5 | AIwolfie | bug-bounty, bug-bounty-writeup, cybersecurity, html-injection, xss-attack | 16-Mar-2025 |
VERY BASIC - How I Solve CSRF in Portswigger Lab | https://medium.com/@aashifm/very-basic-how-i-solve-csrf-in-portswigger-lab-f090e3325a0e?source=rss------bug_bounty-5 | 196.0.0.1 | cybersecurity, proxy, bug-bounty, csrf, burpsuite | 16-Mar-2025 |
My journey being hacker #1 in BOLIVIA 2024/2023 | https://medium.com/@vanpedrazas/my-journey-being-hacker-1-in-bolivia-2024-2023-7299d397a682?source=rss------bug_bounty-5 | Ivan Bernardo Pedrazas Rodriguez | motivation, life, cybersecurity, bug-bounty, life-lessons | 16-Mar-2025 |
A website that will be helpful in your bug bounty journey. | https://infosecwriteups.com/a-website-that-will-be-helpful-in-your-bug-bounty-journey-de4f0f1721a8?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty-tips, ethical-hacking, cybersecurity, resources, bug-bounty | 16-Mar-2025 |
Reverse Engineering APIs with Burp2API | https://medium.com/@samhilliard/reverse-engineering-apis-with-burp2api-f333c7a8bab9?source=rss------bug_bounty-5 | Sam Hilliard | bug-bounty, postman, reverse-engineering, burpsuite, pentesting | 16-Mar-2025 |
File Upload Vulnerabilities: How Hackers Exploit Them & How to Stay Secure | https://medium.com/@verylazytech/file-upload-vulnerabilities-how-hackers-exploit-them-how-to-stay-secure-fe75b4b5003c?source=rss------bug_bounty-5 | Very Lazy Tech | hacking, file-upload-bypass, unrestricted-file-upload, bug-bounty, file-upload-vulnerability | 16-Mar-2025 |
How to Start bug hunting in 2025 | https://medium.com/@vipulsonule71/how-to-start-bug-hunting-in-2025-6e131cefe1eb?source=rss------bug_bounty-5 | Vipul Sonule | bug-bounty, penetration-testing, cybersecurity, hacking, technology | 16-Mar-2025 |
My journey being hacker #1 in BOLIVIA 2024/2023 | https://medium.com/@vanpedrazas/my-journey-being-hacker-1-in-bolivia-2024-2023-7299d397a682?source=rss------bug_bounty-5 | Ivan Bernardo Pedrazas Rodriguez | motivation, cybersecurity, bug-bounty, life-lessons, startup | 16-Mar-2025 |
Blind XSS: When Your Payloads Are Sneakier Than Your Ex | https://medium.com/@shadyfarouk1986/blind-xss-when-your-payloads-are-sneakier-than-your-ex-1321eec7af83?source=rss------bug_bounty-5 | Shady Farouk | bug-bounty, vulnerability, bounty-hunter, pentesting | 16-Mar-2025 |
Ethical Hacking with ChatGPT | https://medium.com/@vipulsonule71/ethical-hacking-with-chatgpt-651bf8f00e81?source=rss------bug_bounty-5 | Vipul Sonule | hacking, cybersecurity, bug-bounty, chatgpt, penetration-testing | 16-Mar-2025 |
Gas Level Vulnerability: Floating pragma version | https://medium.com/@jeetpal2007/gas-level-vulnerability-floating-pragma-version-10a7741ab096?source=rss------bug_bounty-5 | JEETPAL | bug-bounty-writeup, web3, smart-contract-security, smartcontract-audit, bug-bounty | 16-Mar-2025 |
How I Hacked an E-Commerce Website & Found XSS | https://publication.osintambition.org/how-i-hacked-an-e-commerce-website-found-xss-75db71424d4a?source=rss------bug_bounty-5 | AIwolfie | bug-bounty, bug-bounty-writeup, cybersecurity, html-injection, xss-attack | 16-Mar-2025 |
CVE-2025–24993: A Critical Vulnerability in Microsoft Windows NTFS | https://medium.com/@jkyne6368/cve-2025-24993-a-critical-vulnerability-in-microsoft-windows-ntfs-b90782570e2d?source=rss------bug_bounty-5 | Jordilla | penetration-testing, cve, vulnerability, ethical-hacking, bug-bounty | 16-Mar-2025 |
CRTO Review — 2025 | https://abhishekgk.medium.com/crto-review-2025-c3f39480a10d?source=rss------bug_bounty-5 | Abhishekgk | cybersecurity, bug-bounty, crto, red-team, certification | 16-Mar-2025 |
Bug Bounty Hunting — Complete Guide (Part-118) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-118-6d657a95f1e7?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, cybersecurity, hacking, ethical-hacking, bug-bounty-tips | 16-Mar-2025 |
Day 27: The $2,200 ATO Most Bug Hunters Overlooked | https://medium.com/@danielbelay/day-27-the-2-200-ato-most-bug-hunters-overlooked-3de76d30d96a?source=rss------bug_bounty-5 | dani3l | account-takeover, bug-bounty, cybersecurity | 16-Mar-2025 |
Finding CSRF Bug Bounty Program — Get $$ | https://firdausmuhammadismail.medium.com/finding-csrf-bug-bounty-program-get-253461291432?source=rss------bug_bounty-5 | Firdaus Muhammad Ismail | csrf, bug-bounty, csrf-token, vulnerability, hackerone | 16-Mar-2025 |
SQL Injection UNION Attack, Retrieving Multiple Values in a Single Column | https://medium.com/@marduk.i.am/sql-injection-union-attack-retrieving-multiple-values-in-a-single-column-d6c6d91be74d?source=rss------bug_bounty-5 | Marduk I Am | portswigger-lab, bug-bounty, sqli, sql-injection, information-security | 16-Mar-2025 |
Bypassing 2FA to Impersonate Users on Drugs.com | https://medium.com/@regan_temudo/bypassing-2fa-to-impersonate-users-on-drugs-com-66fb84b0491d?source=rss------bug_bounty-5 | Regan Temudo | ethical-hacking, bug-bounty, 2fa, vulnerability-disclosure, cybersecurity | 16-Mar-2025 |
CVE-2022–45875: Command Injection Vulnerability in Apache DolphinScheduler | https://sahnounoussama.medium.com/cve-2022-45875-command-injection-vulnerability-in-apache-dolphinscheduler-50acfe7dfa07?source=rss------bug_bounty-5 | Sahnoun Oussama | cve-2022-45875, code-review, apache-dolphinscheduler, bug-bounty, ctf-walkthrough | 16-Mar-2025 |
OAuth and JWT Attacks | https://medium.com/cloud-security/oauth-and-jwt-attacks-3840fe2a113f?source=rss------bug_bounty-5 | Teri Radichel | bug-bounty, security, penetration-testing, oauth, pentesting | 16-Mar-2025 |
CSRF in JSON Requests: A Real-World Exploit on Payout Features | https://medium.com/@mohamed.yasser442200/csrf-in-json-requests-a-real-world-exploit-on-payout-features-2829086ace5c?source=rss------bug_bounty-5 | Spider4 | hacking, csrf, json, bug-bounty, bug-bounty-tips | 16-Mar-2025 |
Mastering Web Recon with WebCopilot | https://osintteam.blog/mastering-web-recon-with-webcopilot-78da58bfb428?source=rss------bug_bounty-5 | Monika sharma | penetration-testing, bug-bounty-tips, bug-bounty, hacking, technology | 16-Mar-2025 |
How a Logic Flaw Allowed Attackers to Hijack Accounts | https://cyberw1ng.medium.com/how-a-logic-flaw-allowed-attackers-to-hijack-accounts-39509d7340e6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, programming, technology, careers | 16-Mar-2025 |
How I Found an Open Redirect Vulnerability Easily (Worth $500!) | https://infosecwriteups.com/how-i-found-an-open-redirect-vulnerability-easily-worth-500-274999bb6527?source=rss------bug_bounty-5 | Abhijeet Kumawat | hacking, infosec, bug-bounty, ai, cybersecurity | 16-Mar-2025 |
How a Logic Flaw Allowed Attackers to Hijack Accounts | https://osintteam.blog/how-a-logic-flaw-allowed-attackers-to-hijack-accounts-39509d7340e6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, programming, technology, careers | 16-Mar-2025 |
How to Access Another’s Systems Remotely like Hacker [Ethical Hacking] | https://medium.com/@hrofficial62/how-to-access-anothers-systems-remotely-like-hacker-ethical-hacking-732fca529e49?source=rss------bug_bounty-5 | Mr Horbio | bug-bounty, cybersecurity, hacking, pentesting, ethical-hacking | 15-Mar-2025 |
A Website that will be helpful in your Bug bounty and OSINT journey | https://infosecwriteups.com/a-website-that-will-be-helpful-in-your-bug-bounty-and-osint-journey-2c3368346924?source=rss------bug_bounty-5 | loyalonlytoday | investing, cybersecurity, tips, osint, bug-bounty | 15-Mar-2025 |
Bypassing OTP Verification: Another Bug Found Without Any Tools! | https://strangerwhite.medium.com/bypassing-otp-verification-another-bug-found-without-any-tools-8b2c1013c3e7?source=rss------bug_bounty-5 | StrangeRwhite | bug-bounty-tips, otp-bypass, bug-bounty, infosec, bugbounty-writeup | 15-Mar-2025 |
Low-Level Vulnerability: Fixed Hardcoded Data | https://medium.com/@jeetpal2007/low-level-vulnerability-fixed-hardcoded-data-f0cc9b9d971f?source=rss------bug_bounty-5 | JEETPAL | smart-contract-auditing, smart-contract-security, web3, smart-contracts, bug-bounty | 15-Mar-2025 |
Web 3: — writeups collections | https://medium.com/@jeetpal2007/web-3-writeups-collections-9f3cce5bc382?source=rss------bug_bounty-5 | JEETPAL | web3, smart-contract-security, bug-bounty, cybersecurity | 15-Mar-2025 |
Title: How a Simple Header Lets Attackers Bypass OTP Rate Limits (And How to Fix It) | https://medium.com/@PareXploit/title-how-a-simple-header-lets-attackers-bypass-otp-rate-limits-and-how-to-fix-it-a005167c6eaf?source=rss------bug_bounty-5 | Paresh Kukadiya | web-security, bug-bounty, cyber-awareness, ratelimitbypass, cybersecurity | 15-Mar-2025 |
The Ultimate Guide to Writing Test Cases for Smart Contracts | https://securrtech.medium.com/the-ultimate-guide-to-writing-test-cases-for-smart-contracts-99ce93f34149?source=rss------bug_bounty-5 | Securr - Web3 Security | bug-bounty, smart-contract-auditing, smart-contract-security, web3-security, blockchain-security | 15-Mar-2025 |
Directory Transversal at 404 (not found) | https://medium.com/@saiganesh18062003/directory-transversal-at-404-not-found-def92e74de12?source=rss------bug_bounty-5 | Levi Ackerman | bugs, information-security, hacking, bug-bounty, cybersecurity | 15-Mar-2025 |
Day 26: Critical ATO via Business Logic Flaw | https://medium.com/@danielbelay/day-26-critical-ato-via-business-logic-flaw-87236b93eea1?source=rss------bug_bounty-5 | dani3l | account-takeover, cybersecurity, bug-bounty | 15-Mar-2025 |
What After choosing a target ? Recon Methodology— Bug Bounty Restart Phase 3 | https://infosecwriteups.com/what-after-choosing-a-target-recon-methodology-bug-bounty-restart-phase-3-8d83afee5116?source=rss------bug_bounty-5 | Om Arora | technology, bug-bounty-tips, bug-bounty, cybersecurity, infosec | 15-Mar-2025 |
Broken Link Hunting The Power of Patience and Persistence | https://enes478.medium.com/broken-link-hunting-the-power-of-patience-and-persistence-784c4cc61aa9?source=rss------bug_bounty-5 | Enes Özlek | hackerone, bug-bounty-tips, bug-bounty, bugbounty-writeup | 15-Mar-2025 |
How to Bypass Web Application Firewalls (WAF) | https://medium.com/@vipulsonule71/how-to-bypass-web-application-firewalls-waf-9210c25cbb4c?source=rss------bug_bounty-5 | Vipul Sonule | bug-bounty, ethical-hacking, ai, hacking, cybersecurity | 15-Mar-2025 |
XSS Payload Extracted Server Private Key | $$$ Bounty | https://medium.com/@darshannnaik1234/xss-payload-extracted-server-private-key-bounty-b20730fc0753?source=rss------bug_bounty-5 | Darshan Naresh Naik | cybercrime, bug-bounty, technology, hacking, cyberseurity | 15-Mar-2025 |
Bug Bounty Hunting for Absolute Beginners | https://medium.com/@hackerfromhills/bug-bounty-hunting-for-absolute-beginners-f4ec4a127705?source=rss------bug_bounty-5 | Badal kathayat | hacking, bug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-hunter | 15-Mar-2025 |
CVE-2025–24813: Apache Tomcat Path Equivalence Vulnerability $$$$ BOUNTY | https://infosecwriteups.com/cve-2025-24813-apache-tomcat-path-equivalence-vulnerability-bounty-961350b31e16?source=rss------bug_bounty-5 | Ajay Naik | penetration-testing, bug-bounty, information-technology, cybersecurity, information-security | 15-Mar-2025 |
Payload Generation Techniques for Bug Bounty Hunters | https://bitpanic.medium.com/payload-generation-techniques-for-bug-bounty-hunters-ab8b75bdffa6?source=rss------bug_bounty-5 | Spectat0rguy | bug-bounty, ai-generated-content, technology, programming, cybersecurity | 15-Mar-2025 |
Open Redirect — CodePolitan Vulnerability Catch | https://firdausmuhammadismail.medium.com/open-redirect-codepolitan-vulnerability-catch-10d33baa6a71?source=rss------bug_bounty-5 | Firdaus Muhammad Ismail | writeup, bug-bounty, bug-hunter, vulnerability, redirect | 15-Mar-2025 |
From ‘alert(1)’ to Account Takeover: A Story of 4-digit Bounties and Bypassing HTML Sanitisers | https://medium.com/@saltify/from-alert-1-to-account-takeover-a-story-of-4-digit-bounties-and-bypassing-html-sanitisers-dd8ca0ac502b?source=rss------bug_bounty-5 | saltify | cybersecurity, ethical-hacking, bug-bounty, infosec | 15-Mar-2025 |
How I Bypassed Verification & One Pro Tip for Bug Hunters | https://medium.com/@mahdisalhi0500/how-i-bypassed-verification-one-pro-tip-for-bug-hunters-28dc82578614?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | bug-bounty-writeup, bug-bounty-tips, bug-bounty, penetration-testing, infosec | 15-Mar-2025 |
Beginner’s SQL Injection Cheat Sheet | https://cyberw1ng.medium.com/beginners-sql-injection-cheat-sheet-7c0f8d217e8e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, technology, cybersecurity, programming | 15-Mar-2025 |
Mastering JSRecon: A Comprehensive Guide to Identifying Sensitive Data in JavaScript Files | https://systemweakness.com/mastering-jsrecon-a-comprehensive-guide-to-identifying-sensitive-data-in-javascript-files-352771f10659?source=rss------bug_bounty-5 | 0verlo0ked | exploitation, bug-bounty, javascript, bugs, js | 14-Mar-2025 |
Part-2 | Mastering 403 Forbidden Bypass Techniques✨ | https://cybersecuritywriteups.com/part-2-mastering-403-forbidden-bypass-techniques-707e7880fa22?source=rss------bug_bounty-5 | Abhijeet Kumawat | cybersecurity, 403-forbidden, hacking, bug-bounty, infosec | 14-Mar-2025 |
How I Found a Critical Billing Bug but Ended Up with a Duplicate | https://medium.com/@aminouji23/how-i-found-a-critical-billing-bug-but-ended-up-with-a-duplicate-ac6934fab714?source=rss------bug_bounty-5 | Aminouji | pentesting, information-security, infosec, bug-bounty-tips, bug-bounty | 14-Mar-2025 |
Metasploit 101: Hack Systems, Test Security, and Stay Ahead! | https://medium.com/@paritoshblogs/metasploit-101-hack-systems-test-security-and-stay-ahead-799922167146?source=rss------bug_bounty-5 | Paritosh | cybersecurity, metasploit, bug-bounty, information-technology, hacking | 14-Mar-2025 |
The Ultimate Burp Suite Playbook — Hidden Features & Automation! | https://medium.com/@paritoshblogs/the-ultimate-burp-suite-playbook-hidden-features-automation-e9a07944dbd4?source=rss------bug_bounty-5 | Paritosh | cybersecurity, ai, burpsuite, bug-bounty, hacking | 14-Mar-2025 |
When Code Flaws Strike: How Tiny Bugs Lead to Admin Account Takeovers | https://krishna-cyber.medium.com/when-code-flaws-strike-how-tiny-bugs-lead-to-admin-account-takeovers-74124a437ba3?source=rss------bug_bounty-5 | Krish_cyber | osint, bug-bounty, bug-bounty-tips, infosec-write-ups, cybersecurity | 14-Mar-2025 |
Mastering iOS Pentesting with otool | https://medium.com/@prasadraj954/mastering-ios-pentesting-with-otool-0803bd65c7ed?source=rss------bug_bounty-5 | Raj Prasad Kuiri | pentesting, bug-bounty, ios-penetration-testing, mobile-pentesting, cybersecurity | 14-Mar-2025 |
Exploit ZoomEye’s Subscription “Bug” to Unlock 75 Days of Free Recon Power | https://medium.com/@kenilalexandra07/exploit-zoomeyes-subscription-bug-to-unlock-75-days-of-free-recon-power-eaf843a339e2?source=rss------bug_bounty-5 | Kenilalexandra | hacking, bug-bounty, vulnerability, shodan, cve | 14-Mar-2025 |
How to Find a Job as a Bug Hunter | https://medium.com/@vipulsonule71/how-to-find-a-job-as-a-bug-hunter-c6e9a8962299?source=rss------bug_bounty-5 | Vipul Sonule | bug-bounty, technews, cybersecurity, hacking, technology | 14-Mar-2025 |
How to Find XSS in Bug Hunting (Automated Approach) | https://medium.com/@vipulsonule71/how-to-find-xss-in-bug-hunting-automated-approach-f306cce03a76?source=rss------bug_bounty-5 | Vipul Sonule | penetration-testing, xss-attack, cybersecurity, hacking, bug-bounty | 14-Mar-2025 |
How I Found an IDOR Vulnerability – A Responsible Disclosure Story | https://medium.com/@vickyrohith70/how-i-found-an-idor-vulnerability-a-responsible-disclosure-story-def2885bbe0c?source=rss------bug_bounty-5 | Vickyrohith | web-applications, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 14-Mar-2025 |
Agent T walkthrough — TryHackMe | https://medium.com/@ahmedessmat/agent-t-walkthrough-tryhackme-e6831a57af33?source=rss------bug_bounty-5 | Ahmed Essmat | cybersecurity, agent-t, bug-bounty | 14-Mar-2025 |
10 Hacking Tools from the Future: What to Expect in 2025 | https://medium.com/@hxp7th/10-hacking-tools-from-the-future-what-to-expect-in-2025-efc4d8a21a6a?source=rss------bug_bounty-5 | Hxp7th | futurism, hacking, cybersecurity, hacking-tools, bug-bounty | 14-Mar-2025 |
Automating SQL Injection: A Practical Guide for Security Researchers | https://cyberw1ng.medium.com/automating-sql-injection-a-practical-guide-for-security-researchers-2ee75fd16b84?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, programming, technology, cybersecurity, bug-bounty | 14-Mar-2025 |
The Art of SQL Injection : A Comprehensive Guide | https://zeusvuln.medium.com/the-art-of-sql-injection-a-comprehensive-guide-d394e8affb6d?source=rss------bug_bounty-5 | ZeUsVuLn | bug-bounty, bug-bounty-writeup, bug-bounty-tips, cybersecurity | 14-Mar-2025 |
Skills Assessment for Web Service & API attacks: Hackthebox CBBH Course | https://medium.com/@treykenyon30/skills-assessment-for-web-service-api-attacks-hackthebox-cbbh-course-51b3b56feb2d?source=rss------bug_bounty-5 | Treykenyon | web-app-security, hackthebox, cbbh, bug-bounty, hacking | 14-Mar-2025 |
This nuclei template made me to find more bugs | https://medium.com/@canonminibeast/this-nuclei-template-made-me-to-find-more-bugs-20de8365be3d?source=rss------bug_bounty-5 | Canonminibeast | cybersecurity, bug-bounty-writeup, bug-bounty, bug-bounty-tips, hacking | 14-Mar-2025 |
This nuclei template made me to find more bugs | https://medium.com/@canonminibeast/this-nuclei-template-made-me-to-find-more-bugs-caa8c7d6931e?source=rss------bug_bounty-5 | Canonminibeast | bug-bounty-tips, bug-bounty-writeup, bug-bounty, recon, cybersecurity | 14-Mar-2025 |
How I Buy ₹6284 Worth of Items for Just ₹1 | https://cybersecuritywriteups.com/how-i-buy-6284-worth-of-items-for-just-1-14b96af18c6e?source=rss------bug_bounty-5 | Abhijeet Kumawat | infosec, money, ai, bug-bounty, cybersecurity | 14-Mar-2025 |
Automating SQL Injection: A Practical Guide for Security Researchers | https://osintteam.blog/automating-sql-injection-a-practical-guide-for-security-researchers-2ee75fd16b84?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, programming, technology, cybersecurity, bug-bounty | 14-Mar-2025 |
Unauthenticated API Leaks Private Property Data | https://medium.com/@banertheinrich/unauthenticated-api-leaks-private-property-data-f125e8fe0c4d?source=rss------bug_bounty-5 | Adham Heinrich | bug-bounty-writeup, bug-bounty, bug-bounty-tips, idor, cybersecurity | 13-Mar-2025 |
Bug Bounty | https://medium.com/@hihiprocybertech/bug-bounty-0e661e725299?source=rss------bug_bounty-5 | hihipro | ethical-hacking, cybersecurity, bug-bounty, bug-bounty-writeup, bug-bounty-tips | 13-Mar-2025 |
How I found my 2nd SQL injection vulnerability on the Indian Government website! | https://hiddendom.medium.com/how-i-found-my-2nd-sql-injection-vulnerability-on-the-indian-government-website-e617e682e953?source=rss------bug_bounty-5 | Gokuleswaran B | bug-bounty-tips, sql-injection-attack, bug-bounty-writeup, sql-injection, bug-bounty | 13-Mar-2025 |
How I Hacked NASA And Received an Appreciation Letter | https://medium.com/@Abhijeet_kumawat_/how-i-hacked-nasa-and-received-an-appreciation-letter-2d4a78a4a1f6?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, cybersecurity, nasa, hacking, infosec | 13-Mar-2025 |
How to Earn Money in Bug Hunting Using Automated Tools | https://medium.com/@vipulsonule71/how-to-earn-money-in-bug-hunting-using-automated-tools-93382ffcd7ed?source=rss------bug_bounty-5 | Vipul Sonule | writing, ethical-hacking, hacking, cybersecurity, bug-bounty | 13-Mar-2025 |
How I Bypassed Email Uniqueness: Exploiting Weak Access Control in a Bug Bounty Program | https://saconychukwu.medium.com/how-i-bypassed-email-uniqueness-exploiting-weak-access-control-in-a-bug-bounty-program-28177f3c0b29?source=rss------bug_bounty-5 | Sacony Chukwu | bug-bounty-hunter, cybersecurity, bug-bounty-writeup, bug-bounty | 13-Mar-2025 |
Bypass the Rate limiting mechanism and earn bounty of $5000 and more. | https://medium.com/@anandrishav2228/bypass-the-rate-limiting-mechanism-and-earn-bounty-of-5000-and-more-dad3ef6db3ad?source=rss------bug_bounty-5 | Rishav anand | cybersecurity, bug-bounty, hacking, money, infosec | 13-Mar-2025 |
Bypassing Windows Defender & AVs with an LNK Exploit to Gain a Reverse Shell | https://medium.com/@dharineeshj2/bypassing-windows-defender-avs-with-an-lnk-exploit-to-gain-a-reverse-shell-09244fcefb10?source=rss------bug_bounty-5 | Hack-Bat | hacking, pentesting, cybersecurity, bug-bounty | 13-Mar-2025 |
Hacking Swagger UI - 101 | https://infosecwriteups.com/hacking-swagger-ui-101-ccbce66ba028?source=rss------bug_bounty-5 | RivuDon | swagger-ui, bug-bounty, infosec, bug-bounty-tips, bug-bounty-writeup | 13-Mar-2025 |
GraphQL Vulnerabilities: A Complete Guide to Security Testing and Advanced Exploitation Techniques | https://infosecwriteups.com/graphql-vulnerabilities-a-complete-guide-to-security-testing-and-advanced-exploitation-techniques-5eb94af945c0?source=rss------bug_bounty-5 | Ajay Naik | graphql, penetration-testing, cybersecurity, bug-bounty, information-security | 13-Mar-2025 |
2FA & MFA Hacks: Bypass OTP Like a Pro — @VeryLazyTech | https://medium.com/@verylazytech/2fa-mfa-hacks-bypass-otp-like-a-pro-verylazytech-7eb9f8c4f5c1?source=rss------bug_bounty-5 | Very Lazy Tech | otp-bypass, 2fa, mfa, bug-bounty, bypass-technique | 13-Mar-2025 |
How to Hack Wifi using | wifite Tool ️ | https://medium.com/@vipulsonule71/how-to-hack-wifi-using-wifite-tool-%EF%B8%8F-235a6eb67ed4?source=rss------bug_bounty-5 | Vipul Sonule | penetration-testing, ai, hacking, technology, bug-bounty | 13-Mar-2025 |
Get your First bounty as a newbie | https://medium.com/@saiganesh18062003/get-your-first-bounty-as-a-newbie-fcba6a92e998?source=rss------bug_bounty-5 | Levi Ackerman | cyber, bug-bounty, bug-bounty-tips, cybersecurity, bug-bounty-writeup | 13-Mar-2025 |
Markdown Parsing Flaw Leads to Persistent System Lockdown | https://medium.com/@syarifsajjad07/markdown-parsing-flaw-leads-to-persistent-system-lockdown-f7a0820d7685?source=rss------bug_bounty-5 | Syarifsajjad | bug-bounty, cybersecurity, hacking, hackerone, bug-bounty-tips | 13-Mar-2025 |
How I Found Sensitive Information using Github Dorks in Bug Bounties — Part 2 | https://mukibas37.medium.com/find-bugs-using-github-dorking-part-2-2f80c1023592?source=rss------bug_bounty-5 | Mukilan Baskaran | bug-bounty-writeup, ethical-hacking, cybersecurity, bug-bounty, github-dorking | 13-Mar-2025 |
How I Found a Bug in Minutes — No Tools, Just Mindful Approach to Testing! | https://strangerwhite.medium.com/how-i-found-a-bug-in-minutes-no-tools-just-mindful-approach-to-testing-0dd034ff8ab9?source=rss------bug_bounty-5 | StrangeRwhite | bug-bounty, cybersecurity, hacking, bugbounty-writeup, vulnerability | 13-Mar-2025 |
Title: “Mass Assignment Mastery: From Zero to ATO Hero in Bug Bounties ️♂️” | https://krishna-cyber.medium.com/title-mass-assignment-mastery-from-zero-to-ato-hero-in-bug-bounties-%EF%B8%8F-%EF%B8%8F-d3bf53027ce7?source=rss------bug_bounty-5 | Krish_cyber | osint, bug-bounty-tips, infosec-write-ups, hacking, bug-bounty | 13-Mar-2025 |
Understanding SQL Injection: A Deep Dive into Exploitation and Prevention | https://cyberw1ng.medium.com/understanding-sql-injection-a-deep-dive-into-exploitation-and-prevention-0d3712bc6b93?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, technology, careers, programming | 13-Mar-2025 |
The Hidden Goldmine: Exploiting Exposed API Keys & Tokens in 2025 | https://cybersecuritywriteups.com/the-hidden-goldmine-exploiting-exposed-api-keys-tokens-in-2025-fc22139f4cbd?source=rss------bug_bounty-5 | Krish_cyber | ethical-hacking, cybersecurity, info-sec-writeups, api, bug-bounty | 13-Mar-2025 |
Hackyholidays CTF (Grinch Network) Write-Up | Part 2| Hacker101 CTF | https://medium.com/@sari.mmusab/hackyholidays-ctf-grinch-network-write-up-part-2-hacker101-ctf-89d394702807?source=rss------bug_bounty-5 | Musab Sarı | cybersecurity, ctf, bug-bounty, burpsuite, technology | 13-Mar-2025 |
Proffesional Hacker’s Breakout. NnFace’s Advices #3 “The Curve of Hacking” | https://osintteam.blog/proffesional-hackers-breakout-nnface-s-advices-3-the-curve-of-hacking-b28c9875145e?source=rss------bug_bounty-5 | NnFace | bug-bounty, bug-bounty-tips, cybersecurity, hacker, hacking | 13-Mar-2025 |
Cracking the Cache: A Bug Bounty Hunter’s Guide to Web Cache Vulnerabilities (With Real-World… | https://osintteam.blog/cracking-the-cache-a-bug-bounty-hunters-guide-to-web-cache-vulnerabilities-with-real-world-33bb7b47ff1c?source=rss------bug_bounty-5 | Krish_cyber | infosec-write-ups, hacking, cybersecurity, bug-bounty, bug-bounty-tips | 13-Mar-2025 |
Turn website feedback into instant, actionable tickets. | https://medium.com/@readybready4/turn-website-feedback-into-instant-actionable-tickets-40ef4bc14be6?source=rss------bug_bounty-5 | New AI Apps Daily | bug-bounty, bugs, bug-report, bug-bounty-writeup, bug-bounty-tips | 12-Mar-2025 |
Cómo conseguí mi primera vulnerabilidad válida para Adobe | https://medium.com/@juanfelipeoz.rar/c%C3%B3mo-consegu%C3%AD-mi-primera-vulnerabilidad-v%C3%A1lida-para-adobe-2d6617ec51e5?source=rss------bug_bounty-5 | Juan Felipe Osorio Z | hacking, bug-bounty-writeup, cybersecurity, bug-bounty, hackerone | 12-Mar-2025 |
100$ reward from hacking the earning site | https://bytesnull44.medium.com/100-reward-from-hacking-the-earning-site-803b49028df7?source=rss------bug_bounty-5 | Bytesnull | bug-bounty, programming, developer, cybersecurity | 12-Mar-2025 |
How I Bypassed Cloudflare WAF and Achieve XSS | $500 bounty | https://cybersecuritywriteups.com/how-i-bypassed-cloudflare-waf-and-achieve-xss-500-bounty-32914f652901?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, hacking, xss-attack, cybersecurity, infosec | 12-Mar-2025 |
Earn $$$ Hunting Bugs! A Beginner’s Guide to Bug Bounty Success | https://medium.com/@paritoshblogs/earn-hunting-bugs-a-beginners-guide-to-bug-bounty-success-6ba585935178?source=rss------bug_bounty-5 | Paritosh | how-to, bug-bounty, cybersecurity, hacking, ai | 12-Mar-2025 |
Zero-Click Account Takeover via Auth Bypass | https://medium.com/@hossam_hamada/zero-click-account-takeover-via-auth-bypass-c3130fb5a5e0?source=rss------bug_bounty-5 | Hossam Hamada | bug-bounty-tips, bug-bounty, account-takeover, hackerone, authentication | 12-Mar-2025 |
Understanding Basic Chmod | https://medium.com/pndsec/understanding-basic-chmod-8b93a82baf95?source=rss------bug_bounty-5 | Erkan Kavas | ethical-hacking, pentesting, linux, chmod, bug-bounty | 12-Mar-2025 |
Found Bug in Car and make $20,000 and more. | https://medium.com/@anandrishav2228/found-bug-in-car-and-make-20-000-and-more-6c71152bca80?source=rss------bug_bounty-5 | Rishav anand | bug-bounty, cybersecurity, red-team, money, cars | 12-Mar-2025 |
Network Pentesting -Active / Passive Information gathering like Pro Part -1 | https://medium.com/@Cyber_siva/network-pentesting-active-passive-information-gathering-like-pro-part-1-7d0ab04b1491?source=rss------bug_bounty-5 | Siva Sankar | network-security, cybersecurity, hacking, pentesting, bug-bounty | 12-Mar-2025 |
LDAP Injection Unleashed: The Hidden Exploit Hackers Use to Break In! | https://medium.com/@verylazytech/ldap-injection-unleashed-the-hidden-exploit-hackers-use-to-break-in-42eb28f14325?source=rss------bug_bounty-5 | Very Lazy Tech | ldap, cybersecurity, hacking, penetration-testing, bug-bounty | 12-Mar-2025 |
How I Earned $500 for Getting Trapped in a Private Facebook Event | https://infosecwriteups.com/how-i-earned-500-for-getting-trapped-in-a-private-facebook-event-d4b7f3fdaacd?source=rss------bug_bounty-5 | Vivek PS | cybersecurity, bug-bounty, hacking, programming, ethical-hacking | 12-Mar-2025 |
Recon Done, Now What? A Beginner’s Guide to Finding Bugs After Recon! | https://systemweakness.com/recon-done-now-what-a-beginners-guide-to-finding-bugs-after-recon-e13177674833?source=rss------bug_bounty-5 | Taahir Mujawarr | bug-bounty, bug-bounty-writeup, hacking, cybersecurity, bug-bounty-tips | 12-Mar-2025 |
How to Find Subdomain Takeover in Bug Hunting | https://medium.com/@vipulsonule71/how-to-find-subdomain-takeover-in-bug-hunting-33aed8f43c27?source=rss------bug_bounty-5 | Vipul Sonule | technology, penetration-testing, hacking, cybersecurity, bug-bounty | 12-Mar-2025 |
Ultimate List of Free Resources for Bug Bounty Hunters | https://infosecwriteups.com/ultimate-list-of-free-resources-for-bug-bounty-hunters-bfba8deb5a36?source=rss------bug_bounty-5 | Om Arora | cybersecurity, technology, bug-bounty, programming, infosec | 12-Mar-2025 |
how i found the broken link hijacking? | https://doordiefordream.medium.com/how-i-found-broken-link-hijacking-46a57e9d40c3?source=rss------bug_bounty-5 | Bug hunter balu | bug-bounty, cybersecurity, vulnerability, technology, ethical-hacking | 12-Mar-2025 |
Hacking with SSRF: A Deep Dive into Server-Side Request Forgery | https://medium.com/codingninjablogs/hacking-with-ssrf-a-deep-dive-into-server-side-request-forgery-e42d9011f672?source=rss------bug_bounty-5 | #$ubh@nk@r | bug-bounty, infosec, ssrf, writeup, hacking | 12-Mar-2025 |
How Interesting 2FA Bypass Through Browser Feature Lead Me To Critical Vulnerability. | https://medium.com/@dishantsingh989/how-interesting-2fa-bypass-through-browser-feature-lead-me-to-critical-vulnerability-18f9c72a8f8d?source=rss------bug_bounty-5 | Dishantsingh | bug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-writeup, hackerone | 12-Mar-2025 |
Penetration Testing: Discovery Phase & Reconnaissance Techniques | https://medium.com/@shoaibbinrashid11/penetration-testing-discovery-phase-reconnaissance-techniques-6e1fc9d479f5?source=rss------bug_bounty-5 | Shoaib Bin Rashid | cybersecurity, web-security, bug-bounty, pentesting, penetration-testing | 12-Mar-2025 |
Penetration Testing er Discovery Phase: Passive & Active Reconnaissance | https://medium.com/@shoaibbinrashid11/penetration-testing-er-discovery-phase-passive-active-reconnaissance-436b4bf5485b?source=rss------bug_bounty-5 | Shoaib Bin Rashid | penetration-testing, pentesting, bug-bounty, web-security, cybersecurity | 12-Mar-2025 |
Mastering 403 Bypass: Unlock Hidden Bounties Like a Pro! | https://osintteam.blog/mastering-403-bypass-unlock-hidden-bounties-like-a-pro-bc8ee954c209?source=rss------bug_bounty-5 | Krish_cyber | bug-bounty-writeup, bug-bounty, infosec-write-ups, osint, cybersecurity | 12-Mar-2025 |
Authentication Bypass leads to PII = ($$$) | https://mchklt.medium.com/authentication-bypass-leads-to-pii-01d34fc7f547?source=rss------bug_bounty-5 | ABDELKARIM MOUCHQUELITA | cybersecurity, authentication, automation, bug-bounty, hacking | 12-Mar-2025 |
Bug Hunting: Find Hidden Vulnerabilities | https://osintteam.blog/bug-hunting-find-hidden-vulnerabilities-32ef94af0d28?source=rss------bug_bounty-5 | Monika sharma | bug-bounty-tips, bug-bounty, hacking, technology, penetration-testing | 12-Mar-2025 |
Simple SQL Injection: Exploiting and Preventing One of the Most Dangerous Web Vulnerabilities | https://cyberw1ng.medium.com/simple-sql-injection-exploiting-and-preventing-one-of-the-most-dangerous-web-vulnerabilities-f61c6841348a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | technology, careers, bug-bounty, programming, cybersecurity | 12-Mar-2025 |
What $5,000 Vulnerability Did Everyone Else Miss | https://medium.com/@ibtissamhammadi/what-5-000-vulnerability-did-everyone-else-miss-1afd570a280b?source=rss------bug_bounty-5 | Ibtissam Hammadi | bug-bounty, hackerone, vulnerability, ethical-hacking, cybersecurity | 12-Mar-2025 |
Investigating Nmap Scans with Wireshark | https://medium.com/@thecyberghost/investigating-nmap-scans-with-wireshark-bfe77af6441a?source=rss------bug_bounty-5 | The Cyber Ghost | nmap, bug-bounty, wireshark-tutorial, cybersecurity, wireshark | 12-Mar-2025 |
Multiple Account Creation with Same Email | https://medium.com/@A0X-Y0S3TRX/multiple-account-creation-with-same-email-81acb37aca96?source=rss------bug_bounty-5 | A0X-Y0S3TRX | bug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, hunting, bug-bounty | 12-Mar-2025 |
How to Write Effective Prompts for ChatGPT in Bug Bounty Hunting | https://medium.com/@ajudeb55/how-to-write-effective-prompts-for-chatgpt-in-bug-bounty-hunting-b885dcf4f743?source=rss------bug_bounty-5 | Aju Deb | programming, cybersecurity, bug-bounty, chatgpt, technology | 11-Mar-2025 |
Exposed! A Massive Data Leak Uncovered with Just a Simple Google Dork ️ | https://medium.com/@dharineeshj2/exposed-a-massive-data-leak-uncovered-with-just-a-simple-google-dork-%EF%B8%8F-a103b640e2e5?source=rss------bug_bounty-5 | Hack-Bat | cybersecurity, bug-bounty, ethical-hacking, hacking | 11-Mar-2025 |
IDOR Unlocked: Accessing Unauthorized Data with a Simple Tweak! | https://medium.com/@dharineeshj2/idor-unlocked-accessing-unauthorized-data-with-a-simple-tweak-a6a5a01a341f?source=rss------bug_bounty-5 | Hack-Bat | hacking, cybersecurity, bug-bounty, ethical-hacking | 11-Mar-2025 |
Linux Privilege Escalation [Part-1] | EJPT Notes | https://medium.com/@hrofficial62/linux-privilege-escalation-part-1-ejpt-notes-7f978d958888?source=rss------bug_bounty-5 | Mr Horbio | hacking, penetration-testing, ethical-hacking, cybersecurity, bug-bounty | 11-Mar-2025 |
绕过JsBridge鉴权实现账户接管 | https://medium.com/@xiaoshi666/%E7%BB%95%E8%BF%87jsbridge%E9%89%B4%E6%9D%83%E5%AE%9E%E7%8E%B0%E8%B4%A6%E6%88%B7%E6%8E%A5%E7%AE%A1-cf421b291484?source=rss------bug_bounty-5 | xiaoshi | bug-bounty, cybersecurity | 11-Mar-2025 |
Mastering XSS Attacks To Become Professional Bug Bounty Hunter | https://cybersecuritywriteups.com/mastering-xss-attacks-to-become-professional-bug-bounty-hunter-816f018643b3?source=rss------bug_bounty-5 | Abhijeet Kumawat | infosec, ai, cybersecurity, bug-bounty, xss-attack | 11-Mar-2025 |
PHOTOGRAPHER 1 BY OFFSEC | https://medium.com/@mickeylance001/photographer-1-by-offsec-27dbcc716805?source=rss------bug_bounty-5 | mickey lance | ctf-walkthrough, offsec, bug-bounty, penetration-testing, ctf-writeup | 11-Mar-2025 |
CORS Misconfigurations & Bypass Techniques: A Hacker’s Guide to Exploiting Weak Policies | https://medium.com/@verylazytech/cors-misconfigurations-bypass-techniques-a-hackers-guide-to-exploiting-weak-policies-f3229b574a9a?source=rss------bug_bounty-5 | Very Lazy Tech | bug-bounty, cors, penetration-testing, ethical-hacking, hacking | 11-Mar-2025 |
Disclosure of Secrets – A $1000 Bug Bounty Win | https://medium.com/@salaheddine_kalada/exploiting-misconfigured-azure-application-insights-a-1000-bug-bounty-win-cf16f6ad2ff0?source=rss------bug_bounty-5 | Salaheddine | bug-bounty, bug-bounty-tips, bug-bounty-writeup, bugbounty-writeup | 11-Mar-2025 |
How to Become a Bug Bounty Hunter in 2025 | https://medium.com/@ebinkantony/how-to-become-a-bug-bounty-hunter-in-2025-e7a528b5cc16?source=rss------bug_bounty-5 | Ebin K Antony | bug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty, ethical-hacking | 11-Mar-2025 |
Hijacking the CTF Event: The Story of a Host Header Injection (1000$) | https://medium.com/@bajajkrrish11/hijacking-the-ctf-event-the-story-of-a-host-header-injection-1000-f6ef62006f07?source=rss------bug_bounty-5 | Krrish Bajaj | hacking, host-header-injection, bug-bounty-tips, bug-bounty, bounty-program | 11-Mar-2025 |
One Token, Two Apps: The OAuth Flaw That Can Compromise Your Accounts — A Silent Security Disaster | https://medium.com/@rahulgairola/one-token-two-apps-the-oauth-flaw-that-can-compromise-your-accounts-a-silent-security-disaster-31cff04dcceb?source=rss------bug_bounty-5 | Rahul Gairola | bug-bounty-tips, cybersecurity, bug-bounty-writeup, bug-bounty, oauth | 11-Mar-2025 |
How I uncover an IDOR led to access Private CV | https://infosecwriteups.com/how-i-uncover-an-idor-led-to-access-private-cv-access-3ff5be987896?source=rss------bug_bounty-5 | JEETPAL | cybersecurity, bug-bounty-writeup, bugbounty-tips, idor, bug-bounty | 11-Mar-2025 |
WAF(Web Application Firewall) Fingerprinting. | https://medium.com/infosecmatrix/waf-web-application-firewall-fingerprinting-035d008094cd?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, cybersecurity, fingerprinting, waf, programming | 11-Mar-2025 |
Today I Found an XSS Bug: A Lesson in Web Security | https://theindiannetwork.medium.com/today-i-found-an-xss-bug-a-lesson-in-web-security-d3fc4e3ae5b6?source=rss------bug_bounty-5 | TheIndianNetwork | cybersecurity, bug-bounty, ethical-hacking, cross-site-scription, xss-vulnerability | 11-Mar-2025 |
Client Side Path Traversal (CSPT) - A Deep Dive into an Overlooked Vulnerability | https://0xkratos.medium.com/client-side-path-traversal-cspt-a-deep-dive-into-an-overlooked-vulnerability-cdf91baca715?source=rss------bug_bounty-5 | Amal PK | bugbounty-writeup, cybersecurity, bug-bounty, cyber, hacking | 11-Mar-2025 |
Hijacking the CTF Event: The Story of a Host Header Injection (1000$) | https://cybersecuritywriteups.com/hijacking-the-ctf-event-the-story-of-a-host-header-injection-1000-f6ef62006f07?source=rss------bug_bounty-5 | Krrish Bajaj | hacking, host-header-injection, bug-bounty-tips, bug-bounty, bounty-program | 11-Mar-2025 |
This python script saved my recon time | https://medium.com/@canonminibeast/this-python-script-saved-my-recon-time-b780ade10b97?source=rss------bug_bounty-5 | Canonminibeast | google, bug-bounty-writeup, hacking, cybersecurity, bug-bounty | 11-Mar-2025 |
Testing for HTTP Verb Tampering: A Complete Guide | https://infosecwriteups.com/testing-for-http-verb-tampering-a-complete-guide-ca1fba91fdb6?source=rss------bug_bounty-5 | Ajay Naik | cybersecurity, information-security, information-technology, bug-bounty, penetration-testing | 11-Mar-2025 |
This python script saved my recon time | https://medium.com/@canonminibeast/this-python-script-saved-my-recon-time-66d6206628a0?source=rss------bug_bounty-5 | Canonminibeast | bug-bounty, cybersecurity, bug-bounty-writeup, hacking, website | 11-Mar-2025 |
Anomaly Detection in Network Traffic: Enhancing Cybersecurity | https://medium.com/@paritoshblogs/anomaly-detection-in-network-traffic-enhancing-cybersecurity-2e90277c6af3?source=rss------bug_bounty-5 | Paritosh | bug-bounty, ai, networking, hacking, cybersecurity | 11-Mar-2025 |
Account Takeover via postMessage | https://phlmox.medium.com/account-takeover-via-postmessage-3c493c6d1354?source=rss------bug_bounty-5 | phlmox | bug-bounty, cybersecurity, account-takeover | 11-Mar-2025 |
When Life Throws Errors, I Throw Commands: My Command Injection Bug | https://medium.com/@iski/when-life-throws-errors-i-throw-commands-my-command-injection-bug-18969d979da4?source=rss------bug_bounty-5 | Iski | bug-bounty, bug-bounty-tips, hacking, cybersecurity, command-injection | 11-Mar-2025 |
My First Paid Bug Bounty — Stored Blind XSS | https://medium.com/@dante.falls/my-first-paid-bug-bounty-stored-blind-xss-abe8ad06b3b3?source=rss------bug_bounty-5 | Dante Falls | cybersecurity, web-security, bug-bounty | 11-Mar-2025 |
Day 25: From alert(origin) to ATO — An XSS Story | https://medium.com/@danielbelay/day-25-from-alert-origin-to-ato-an-xss-story-41c78c1fe66d?source=rss------bug_bounty-5 | dani3l | bug-bounty, cybersecurity, account-takeover-attacks, ethical-hacking | 11-Mar-2025 |
Advanced SQL Injection (Part 2) | https://medium.com/@julius.grosserode.19/advanced-sql-injection-part-2-57bf83e202b1?source=rss------bug_bounty-5 | Julio | mysql, bug-bounty, sql, sql-injection, bug-bounty-reports | 11-Mar-2025 |
Critical SQL Injection Exploit in URL Paths: Bounty Report | https://cyberw1ng.medium.com/critical-sql-injection-exploit-in-url-paths-bounty-report-6bf36e066f1f?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | programming, careers, technology, bug-bounty, cybersecurity | 11-Mar-2025 |
Beyond Alert Boxes: Exploiting DOM XSS for Full Account Takeover | https://ehteshamulhaq198.medium.com/beyond-alert-boxes-exploiting-dom-xss-for-full-account-takeover-094e1507d206?source=rss------bug_bounty-5 | Ehtesham Ul Haq | information-security, xss-attack, bug-bounty, xss-bypass, bug-bounty-tips | 11-Mar-2025 |
From User to Admin: A Privilege Escalation via Business Logic | https://siratsami71.medium.com/from-user-to-admin-a-privilege-escalation-via-business-logic-7ae901be7d81?source=rss------bug_bounty-5 | Sirat Sami (analyz3r) | bug-bounty, logic, privilege-escalation | 10-Mar-2025 |
How I Hijacked an Instagram Account and Discovered Open Redirection Vulnerabilities | https://medium.com/@josekuttykunnelthazhebinu/how-i-took-over-an-instagram-account-using-broken-link-hijacking-found-open-redirections-on-c03b0c62add6?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | programming, bug-bounty, cybersecurity, penetration-testing, hacking | 10-Mar-2025 |
Best Tool For Subdomain Enumeration | https://cybersecuritywriteups.com/best-tool-for-subdomain-enumeration-f3f40a8e1748?source=rss------bug_bounty-5 | Abhijeet Kumawat | infosec, bug-bounty, cybersecurity, bots, hacking | 10-Mar-2025 |
With BLUF — Always write with clarity and effectiveness! | https://learningsomecti.medium.com/with-bluf-always-write-with-clarity-and-effectiveness-b4450939b841?source=rss------bug_bounty-5 | Andy C | writing, cybersecurity, threat-intelligence, bug-bounty, threat-hunting | 10-Mar-2025 |
The Hidden Danger of Social Media: How Just Viewing a Post Exposes Your Data | https://medium.com/@sulmanfarooq531/the-hidden-danger-of-social-media-how-just-viewing-a-post-exposes-your-data-b2181ec8d667?source=rss------bug_bounty-5 | Sulman Farooq S | social-media, cybersecurity, data, security, bug-bounty | 10-Mar-2025 |
Top 10 OAuth 2.0 Hacking Techniques — Part 2 | https://medium.com/@itamar.yochpaz/top-10-oauth-2-0-hacking-techniques-part-2-a45504ee373b?source=rss------bug_bounty-5 | Itamar Yochpaz | penetration-testing, bug-bounty, application-security, cybersecurity, hacking | 10-Mar-2025 |
Bug Report: Authentication Redirect Issue in Sanicle-AI Platform | https://chanmeng666.medium.com/bug-report-authentication-redirect-issue-in-sanicle-ai-platform-fedbf7c84862?source=rss------bug_bounty-5 | Chan Meng | authentication, bug-bounty, nextjs, nextauth, debugging | 10-Mar-2025 |
Secure Coding Practices for TEE Applications: A Guide for CA and TA Developers | https://medium.com/@security.tecno/secure-coding-practices-for-tee-applications-a-guide-for-ca-and-ta-developers-43978c4b82d4?source=rss------bug_bounty-5 | TECNO Security | security, bug-bounty, writing, hacking, blog | 10-Mar-2025 |
How I Earned $2000 Automated Bug Bounty Hunting | https://medium.com/@rafaelczanetti/how-i-earned-2000-automated-bug-bounty-hunting-e46ce02d645d?source=rss------bug_bounty-5 | Rafael Cavalcante | bug-bounty | 10-Mar-2025 |
Discover the Awesome Bug Bounty Writeups GitHub Repo | https://medium.com/@a.muhzeke/discover-the-awesome-bug-bounty-writeups-github-repo-40d4bfa61241?source=rss------bug_bounty-5 | Anthony Mazyck | threat-hunting, bug-bounty, soc, cybersecurity | 10-Mar-2025 |
Bypassing Rate Limits Like a Pro: Advanced Exploitation Techniques | https://medium.com/@verylazytech/bypassing-rate-limits-like-a-pro-advanced-exploitation-techniques-a2643a6ea606?source=rss------bug_bounty-5 | Very Lazy Tech | bug-bounty, bypassing-rate-limit, 403-forbidden, web-attack, penetration-testing | 10-Mar-2025 |
Bypass To 1-Click ATO | https://medium.com/@xiaoshi666/bypass-to-1-click-ato-ebfee258d8cc?source=rss------bug_bounty-5 | xiaoshi | bug-bounty, cybersecurity | 10-Mar-2025 |
What’s the $5 Secret Behind Exploiting IDOR Vulnerabilities? (You Won’t Believe #3) | https://medium.com/@ibtissamhammadi/whats-the-5-secret-behind-exploiting-idor-vulnerabilities-you-won-t-believe-3-b8e50c21a352?source=rss------bug_bounty-5 | Ibtissam Hammadi | bug-bounty, cybersecurity, web-security, idor-vulnerability, owasp | 10-Mar-2025 |
Unexpected input lead to Functionality confusion and P4 easy bug? | https://medium.com/@hamdiyasin135/unexpected-input-lead-to-functionality-confusion-and-p4-easy-bug-ba30013caddd?source=rss------bug_bounty-5 | yassin hamdi | bug-bounty, cyper-security, logic, access-control | 10-Mar-2025 |
Penetration Testing Planning Phase — Ekta Detailed Guide | https://medium.com/@shoaibbinrashid11/penetration-testing-planning-phase-ekta-detailed-guide-23009766800a?source=rss------bug_bounty-5 | Shoaib Bin Rashid | penetration-testing, bug-bounty, web-security, cybersecurity, pentesting | 10-Mar-2025 |
Penetration Testing Planning Phase — A Complete Guide | https://medium.com/@shoaibbinrashid11/penetration-testing-planning-phase-a-complete-guide-376140284df0?source=rss------bug_bounty-5 | Shoaib Bin Rashid | web-security, bug-bounty, cybersecurity, penetration-testing, pentesting | 10-Mar-2025 |
Penetration Testing Phases: Full Bangla Explanation with Example | https://medium.com/@shoaibbinrashid11/penetration-testing-phases-full-bangla-explanation-with-example-8dd3d5a5043c?source=rss------bug_bounty-5 | Shoaib Bin Rashid | bug-bounty, cybersecurity, web-security, pentesting, penetration-testing | 10-Mar-2025 |
How I Turned Government Website Into a Phishing Machine (And How You Can Prevent It) | https://medium.com/@nebty/how-i-turned-government-website-into-a-phishing-machine-and-how-you-can-prevent-it-fd70dbe57030?source=rss------bug_bounty-5 | Nebty | bug-bounty-tips, phishing, vulnerability, bug-bounty, cybersecurity | 10-Mar-2025 |
️♂️ How I Uncovered a $1000 Vulnerability by Exploiting an “Out-of-Sync” Flaw | https://cybersecuritywriteups.com/%EF%B8%8F-%EF%B8%8F-how-i-uncovered-a-1000-vulnerability-by-exploiting-an-out-of-sync-flaw-0b377c9c411d?source=rss------bug_bounty-5 | Krish_cyber | bug-bounty, infosec-write-ups, cybersecurity, xss-attack, osint | 10-Mar-2025 |
Article 2: Setting Up an Emulator in Android Studio with Window ,Linux | https://medium.com/@fancybearIN/article-2-setting-up-an-emulator-in-android-studio-with-window-linux-9b7bb490edb7?source=rss------bug_bounty-5 | Deepak Parkash | appsec, android-app-development, android, bug-bounty, androiddev | 10-Mar-2025 |
How I Made $500 in 30 Days Using ChatGPT as My Ethical Hacking Coach! ️ | https://krishna-cyber.medium.com/how-i-made-500-in-30-days-using-chatgpt-as-my-ethical-hacking-coach-%EF%B8%8F-f4e8c48c4501?source=rss------bug_bounty-5 | Krish_cyber | cybersecurity, infosec-write-ups, osint, chatgpt, bug-bounty | 10-Mar-2025 |
Server Side Parameter Pollution — Deep Dive — Part 1 | https://medium.com/@prathmeshshendarkar/server-side-parameter-pollution-deep-dive-part-1-51aed2539c07?source=rss------bug_bounty-5 | Prathmesh S | programming, servers, bugs, web, bug-bounty | 10-Mar-2025 |
Race Conditions in Bug Bounty: From Beginner to Advanced | https://cyberw1ng.medium.com/race-conditions-in-bug-bounty-from-beginner-to-advanced-4b48586dfc73?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, technology, programming, bug-bounty, cybersecurity | 10-Mar-2025 |
Extracting Forensic Evidence from Smartwatch Data: A CID Hackathon Experience | https://infosecwriteups.com/extracting-forensic-evidence-from-smartwatch-data-a-cid-hackathon-experience-8a45b6ef7d5b?source=rss------bug_bounty-5 | Xh081iX | iot, bug-bounty, cybersecurity, infosec, ethical-hacking | 10-Mar-2025 |
How to find hidden parameters in your bug bounty target | https://infosecwriteups.com/how-to-find-hidden-parameters-in-your-bug-bounty-target-35427ac49b91?source=rss------bug_bounty-5 | loyalonlytoday | tips, bug-bounty-tips, cybersecurity, bug-bounty, ethical-hacking | 10-Mar-2025 |
Race Conditions in Bug Bounty: From Beginner to Advanced | https://systemweakness.com/race-conditions-in-bug-bounty-from-beginner-to-advanced-4b48586dfc73?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, technology, programming, bug-bounty, cybersecurity | 10-Mar-2025 |
From Partial IDOR to GPS Tracking — API Flaw Explained | https://infosecwriteups.com/from-partial-idor-to-gps-tracking-api-flaw-explained-5eebab2af32a?source=rss------bug_bounty-5 | Mahendra Purbia (Mah3Sec) | api, infosec, pentesting, bug-bounty, idor | 09-Mar-2025 |
“Blind CSS Exfiltration: The Bug Bounty Tactic That Earns Hackers $10k+ (Here’s How)” | https://osintteam.blog/blind-css-exfiltration-the-bug-bounty-tactic-that-earns-hackers-10k-heres-how-fdb12a82826f?source=rss------bug_bounty-5 | Krish_cyber | info-sec-writeups, osint, bug-bounty-writeup, bug-bounty, cybersecurity | 09-Mar-2025 |
How I Found a Google API Key Leak in a Bug Bounty Program | https://medium.com/@AhmedSamy-X/how-i-found-a-google-api-key-leak-in-a-bug-bounty-program-c9a497efe479?source=rss------bug_bounty-5 | Ahmedsamy | penetration-testing, hacking, api, cybersecurity, bug-bounty | 09-Mar-2025 |
The Original Bug Bounty: Alfred Hobbs and the Great Lock Controversy of 1851 | https://caseyjohnellis.medium.com/the-original-bug-bounty-alfred-hobbs-and-the-great-lock-controversy-of-1851-cd390705befb?source=rss------bug_bounty-5 | caseyjohnellis | vulnerability-research, cybersecurity, bug-bounty, locksmith | 09-Mar-2025 |
Find Exposed Buckets and files, etc., with this resource. | https://infosecwriteups.com/find-exposed-buckets-and-files-etc-with-this-resource-115f8865015b?source=rss------bug_bounty-5 | loyalonlytoday | tips, bug-bounty, penetration-testing, cybersecurity, ethical-hacking | 09-Mar-2025 |
Attacking and Defending Active Directory: Real-World Scenarios | https://medium.com/@paritoshblogs/attacking-and-defending-active-directory-real-world-scenarios-6533ca82a8d2?source=rss------bug_bounty-5 | Paritosh | hacking, active-directory, blue-team, bug-bounty, red-team | 09-Mar-2025 |
The Art of Bug Reporting | https://medium.com/nerd-for-tech/the-art-of-bug-reporting-13be09192741?source=rss------bug_bounty-5 | sajith dilshan | bug-bounty, software-testing, bug-report, bug-reporting, qa | 09-Mar-2025 |
How to Use Nuclei for Bug Hunting | https://medium.com/@vipulsonule71/how-to-use-nuclei-for-bug-hunting-0d60bea1fd92?source=rss------bug_bounty-5 | Vipul Sonule | bug-bounty, cybersecurity, technology, ai, hacking | 09-Mar-2025 |
Bug Bounty Hunting — Complete Guide (Part-117) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-117-8211b7ea0a72?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-tips, bug-bounty, cybersecurity, ethical-hacking, hacking | 09-Mar-2025 |
Found 5 BAC in One Single App within 2 Hours | https://medium.com/@mrro0o0tt/found-5-bac-in-one-single-app-within-2-hours-07a2307db2ca?source=rss------bug_bounty-5 | Whoami | idor-vulnerability, broken-access-control, bug-bounty, bug-bounty-tips, privilege-escalation | 09-Mar-2025 |
Part-2 | Deep Recon Methodology for Bug Bounty Hunters | https://cybersecuritywriteups.com/part-2-deep-recon-methodology-for-bug-bounty-hunters-2ea73cefb010?source=rss------bug_bounty-5 | Abhijeet Kumawat | recon, infosec, hacking, bug-bounty, cyber-security-awareness | 09-Mar-2025 |
Top 11 Bug Bounty Extensions That Will Save You Hours | https://infosecwriteups.com/top-11-bug-bounty-extensions-that-will-save-you-hours-bea31a368529?source=rss------bug_bounty-5 | Om Arora | bug-bounty-tips, bug-bounty, technology, cybersecurity, infosec | 09-Mar-2025 |
Big Bounty: Uncovering Critical Security Flaws in Android Apps | https://hackersatty.medium.com/big-bounty-uncovering-critical-security-flaws-in-android-apps-0935963703e6?source=rss------bug_bounty-5 | hackersatty | javascript, android, android-bug-bounty, bug-bounty, bug-bounty-tips | 09-Mar-2025 |
JWT Vulnerabilities in Pentesting: Exploitation Techniques & Security Best Practices | https://medium.com/@verylazytech/free-link-in-the-first-comment-d6d0cb759590?source=rss------bug_bounty-5 | Very Lazy Tech | ethical-hacking, jwt-security, jwt-pentesting, jwt-hacking, bug-bounty | 09-Mar-2025 |
Penetration Testing: Hacking for Security — The Beginner’s Guide | https://medium.com/@shoaibbinrashid11/penetration-testing-hacking-for-security-the-beginners-guide-2183261f8d29?source=rss------bug_bounty-5 | Shoaib Bin Rashid | cybersecurity, penetration-testing, ethical-hacking, bug-bounty, pentesting | 09-Mar-2025 |
“Oops, I Can See Everything!”: A Funny Tale of Broken Access Control | https://medium.com/@bevennyamande/oops-i-can-see-everything-a-funny-tale-of-broken-access-control-9089586d5a86?source=rss------bug_bounty-5 | 0xbeven | bug-bounty-writeup, bug-bounty, bug-bounty-tips | 09-Mar-2025 |
Penetration Testing: Ethical Hacking Er Shundor Duniya | https://medium.com/@shoaibbinrashid11/penetration-testing-ethical-hacking-er-shundor-duniya-a0335e4e901f?source=rss------bug_bounty-5 | Shoaib Bin Rashid | bug-bounty, pentesting, web-security, cybersecurity, penetration-testing | 09-Mar-2025 |
SQL Injection | https://medium.com/@julius.grosserode.19/sql-injection-97a239647ac7?source=rss------bug_bounty-5 | Julio | sqli, sql-injection, sql, error-based-sql-injection, bug-bounty | 09-Mar-2025 |
Stored XSS on a HackerOne Private Bug Bounty Program | https://medium.com/@mohaned0101/stored-xss-on-a-hackerone-private-bug-bounty-program-997d5d4a104a?source=rss------bug_bounty-5 | mohaned alkhlot | xss-vulnerability, bug-bounty, bug-bounty-tips, xss-attack | 09-Mar-2025 |
The 5 Phases of Penetration Testing: A Complete Guide | https://medium.com/@shoaibbinrashid11/the-5-phases-of-penetration-testing-a-complete-guide-e6a50572262c?source=rss------bug_bounty-5 | Shoaib Bin Rashid | penetration-testing, web-security, pentesting, bug-bounty | 09-Mar-2025 |
Bug Hunting Recon Guide: Find Hidden Vulnerabilities Like a Pro | https://osintteam.blog/bug-hunting-recon-guide-find-hidden-vulnerabilities-like-a-pro-353accfe65c4?source=rss------bug_bounty-5 | Monika sharma | bug-bounty-tips, hacking, technology, penetration-testing, bug-bounty | 09-Mar-2025 |
From Remote Code Execution to Data Base Pwnage | https://medium.com/@pandurangisuprit/from-remote-code-execution-to-data-base-pwnage-63404905e044?source=rss------bug_bounty-5 | Suprit Pandurangi | rce, vulnerability, critical-thinking, remote-code-execution, bug-bounty | 09-Mar-2025 |
Exposing PII and SSNs through Persistent Session Tokens — $15,000 Bug Bounty | https://medium.com/@moblig/exposing-pii-and-ssns-through-persistent-session-tokens-15-000-bug-bounty-293ab06c1606?source=rss------bug_bounty-5 | Moblig | bug-bounty, leaked, cybersecurity, research | 09-Mar-2025 |
How i Find IDOR lead to account takeover | https://yazeedeliwah.medium.com/how-i-find-idor-lead-to-account-takeover-de762cc1e101?source=rss------bug_bounty-5 | black_virus | recon, cybersecurity, hacking, idor, bug-bounty | 09-Mar-2025 |
$2,162 Bounty: Exploiting VGA Deadlock in Xen Hypervisor for Maximum Impact | https://cyberw1ng.medium.com/2-162-bounty-exploiting-vga-deadlock-in-xen-hypervisor-for-maximum-impact-2a98238ac0dd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, technology, bug-bounty, careers, programming | 09-Mar-2025 |
$2,162 Bounty: Exploiting VGA Deadlock in Xen Hypervisor for Maximum Impact | https://osintteam.blog/2-162-bounty-exploiting-vga-deadlock-in-xen-hypervisor-for-maximum-impact-2a98238ac0dd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, technology, bug-bounty, careers, programming | 09-Mar-2025 |
Exploiting Mass Assignment to ATO | https://medium.com/@GERRR4Y/exploiting-mass-assignment-to-ato-ab0c1aadc2de?source=rss------bug_bounty-5 | Aya Ayman(GERR4Y) | penetration-testing, bug-bounty | 08-Mar-2025 |
CORS Misconfiguration vs. CSRF: Battle of the Web Villains! | https://medium.com/@shadyfarouk1986/cors-misconfiguration-vs-csrf-battle-of-the-web-villains-6743cb0ed08b?source=rss------bug_bounty-5 | Shady Farouk | bug-bounty-tips, bug-bounty, bounty-program, bug-bounty-writeup | 08-Mar-2025 |
Why Custom Linux & Python Tools in Bug Bounty Beat Traditional Tools! | https://medium.com/@shadyfarouk1986/why-custom-linux-python-tools-in-bug-bounty-beat-traditional-tools-db2092a8cf9c?source=rss------bug_bounty-5 | Shady Farouk | bug-bounty-tips, bug-bounty-writeup, bug-bounty, pentesting | 08-Mar-2025 |
Deep Recon Methodology for Bug Bounty Hunters | Part-1 | https://medium.com/@Abhijeet_kumawat_/deep-recon-methodology-for-bug-bounty-hunters-part-1-724fa4d6324c?source=rss------bug_bounty-5 | Abhijeet Kumawat | recon, cybersecurtiy, bug-bounty, hacking, infosec | 08-Mar-2025 |
LostFuzzer: Passive URL Fuzzing & Nuclei DAST for Bug Hunters | https://infosecwriteups.com/lostfuzzer-passive-url-fuzzing-nuclei-dast-for-bug-hunters-a33501b9563b?source=rss------bug_bounty-5 | coffinxp | automation, penetration-testing, bug-bounty-tips, technology, bug-bounty | 08-Mar-2025 |
Find apex domains that are related to your bug bounty target (part 2) | https://infosecwriteups.com/find-apex-domains-that-are-related-to-your-bug-bounty-target-part-2-e60644fd3cf8?source=rss------bug_bounty-5 | loyalonlytoday | ethical-hacking, cybersecurity, apex, bug-bounty, tips | 08-Mar-2025 |
Installing Burp Suite Certificate & Frida Setup for Android Penetration | https://cybersecuritywriteups.com/installing-burp-suite-certificate-frida-setup-for-android-penetration-b242f5c8a0a9?source=rss------bug_bounty-5 | Abdul Rehman Parkar | bug-bounty, cybersecurity, android-pentesting, burpsuite, ethical-hacking | 08-Mar-2025 |
My First IDOR in Hindustan Times | https://medium.com/@ShreyasMahajann/my-first-idor-in-hindustan-times-0f93ab372de6?source=rss------bug_bounty-5 | Shreyas Mahajan | penetration-testing, bug-bounty, security, cybersecurity | 08-Mar-2025 |
How a Minor Rounding Error Cost a DeFi Protocol Millions | https://securrtech.medium.com/how-a-minor-rounding-error-cost-a-defi-protocol-millions-5fedcf2b148d?source=rss------bug_bounty-5 | Securr - Web3 Security | smart-contract-auditing, smart-contract-security, web3-security, blockchain-security, bug-bounty | 08-Mar-2025 |
Installing Burp Suite Certificate & Frida Setup for Android Penetration testing | https://cybersecuritywriteups.com/installing-burp-suite-certificate-frida-setup-for-android-penetration-b242f5c8a0a9?source=rss------bug_bounty-5 | Abdul Rehman Parkar | bug-bounty, cybersecurity, android-pentesting, burpsuite, ethical-hacking | 08-Mar-2025 |
From Zero to $8k: How I Stumbled Into a Critical Bug (And You Can Too! | https://krishna-cyber.medium.com/from-zero-to-8k-how-i-stumbled-into-a-critical-bug-and-you-can-too-f5cb37832b8d?source=rss------bug_bounty-5 | Krish_cyber | hacking, bugs, bug-bounty, osint, infosec-write-ups | 08-Mar-2025 |
The Hidden Danger: Sensitive Information Leakage via Log Files! | https://cybersecuritywriteups.com/the-hidden-danger-sensitive-information-leakage-via-log-files-6244175b26be?source=rss------bug_bounty-5 | Krish_cyber | bug-bounty, cybersecurity, programming, bug-bounty-writeup, infosec-write-ups | 08-Mar-2025 |
Article 1: Setting up Android Studio -the foundation for Android pentesting | https://medium.com/@itsboyy0007/article-1-setting-up-android-studio-the-foundation-for-android-pentesting-de86726f486a?source=rss------bug_bounty-5 | Deepak Parkash | bug-bounty, hacking, android, appsec, cybersecurity | 08-Mar-2025 |
Mr. Robot TryhackMe | https://medium.com/@mr.tripathy/mr-robot-tryhackme-5afa3435b75f?source=rss------bug_bounty-5 | Madhab Tripathy | bug-bounty, penetration-testing, red-team, tryhackme-walkthrough, tryhackme | 08-Mar-2025 |
How I Found Clickjacking in a Public Program | https://medium.com/@slash0x01/how-i-found-clickjacking-in-a-public-program-9581aa6bab1f?source=rss------bug_bounty-5 | Slash0x01 | penetration-testing, bug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-writeup | 08-Mar-2025 |
5 Exploitation Techniques to Exploit HTTP Parameter Pollution (HPP) in Web Applications | https://bitpanic.medium.com/5-exploitation-techniques-to-exploit-http-parameter-pollution-hpp-in-web-applications-ead3710f96ac?source=rss------bug_bounty-5 | Spectat0rguy | cybersecurity, bug-bounty, ai-generated-content, programming, technology | 08-Mar-2025 |
Mastering Shodan Search Engine Dorks: A Comprehensive Guide for Security Researchers | https://infosecwriteups.com/mastering-shodan-search-engine-dorks-a-comprehensive-guide-for-security-researchers-0e70e4e628cb?source=rss------bug_bounty-5 | Ajay Naik | search-engines, information-technology, penetration-testing, cybersecurity, bug-bounty | 08-Mar-2025 |
Uncovering a critical bug : Zero-click ATO | https://infosecwriteups.com/uncovering-a-critical-bug-zero-click-ato-cbec5eb33ccf?source=rss------bug_bounty-5 | JEETPAL | account-takeover, bugbounty-writeup, cybersecurity, bugbounty-tips, bug-bounty | 08-Mar-2025 |
Article 1: Setting up Android Studio -the foundation for Android pentesting | https://medium.com/@fancybearIN/article-1-setting-up-android-studio-the-foundation-for-android-pentesting-de86726f486a?source=rss------bug_bounty-5 | Deepak Parkash | bug-bounty, hacking, android, appsec, cybersecurity | 08-Mar-2025 |
The Secret to Choosing Targets That Actually Have Vulnerabilities : Bug Bounty Restart Phase 2 | https://omarora1603.medium.com/the-secret-to-choosing-targets-that-actually-have-vulnerabilities-bug-bounty-restart-phase-2-3af718bc89bc?source=rss------bug_bounty-5 | Om Arora | bug-bounty, bug-bounty-tips, programming, technology, cybersecurity | 08-Mar-2025 |
Static Application Security Testing (SAST) for Xamarin Android Applications | https://medium.com/@k3r0/static-application-security-testing-sast-for-xamarin-android-applications-14b1bff84d14?source=rss------bug_bounty-5 | Kyrillos nady | bug-bounty, red-team, xamarin, android, pentesting | 08-Mar-2025 |
Bypassing Authentication Like a Pro: Advanced Exploitation Techniques | https://javroot.medium.com/bypassing-authentication-like-a-pro-advanced-exploitation-techniques-a0a6463e4179?source=rss------bug_bounty-5 | Javroot | cybersecurity, web-development, bug-bounty, bug-bounty-tips, infosec | 08-Mar-2025 |
Automating Information Gathering for Bug Bounty Hunters | https://cyberw1ng.medium.com/automating-information-gathering-for-bug-bounty-hunters-161f23dad2ae?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | programming, automation, bug-bounty, cybersecurity, careers | 08-Mar-2025 |
The Secret to Choosing Targets That Actually Have Vulnerabilities : Bug Bounty Restart Phase 2 | https://infosecwriteups.com/the-secret-to-choosing-targets-that-actually-have-vulnerabilities-bug-bounty-restart-phase-2-3af718bc89bc?source=rss------bug_bounty-5 | Om Arora | bug-bounty, bug-bounty-tips, programming, technology, cybersecurity | 08-Mar-2025 |
This tool helped me to find IDOR | https://medium.com/@canonminibeast/this-tool-helped-me-to-find-idor-c87a9c1a04f3?source=rss------bug_bounty-5 | Canonminibeast | bugbout, bug-bounty, website | 08-Mar-2025 |
This tool helped me to find IDOR | https://medium.com/@canonminibeast/this-tool-helped-me-to-find-idor-c1897eee1b2d?source=rss------bug_bounty-5 | Canonminibeast | bug-bounty, idor-vulnerability, hacking, cybersecurity, hacker | 08-Mar-2025 |
Automating Information Gathering for Bug Bounty Hunters | https://osintteam.blog/automating-information-gathering-for-bug-bounty-hunters-161f23dad2ae?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | programming, automation, bug-bounty, cybersecurity, careers | 08-Mar-2025 |
I Found Exposing API Keys and Tokens in a Private Program | https://medium.com/@Abhijeet_kumawat_/i-found-exposing-api-keys-and-tokens-in-a-private-program-1d02ef9e49d0?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, money, cybersecurity, infosec, hacking | 07-Mar-2025 |
I hacked space x and rewarded 2500$ Bypassing Full Payment to Regain Internet Access | https://bytesnull44.medium.com/i-hacked-space-x-and-rewarded-2500-bypassing-full-payment-to-regain-internet-access-bd6120483a06?source=rss------bug_bounty-5 | Bytesnull | hacking, bug-bounty, bugcrowd, cybersecurity, hackerone | 07-Mar-2025 |
The Art of SSTI: From Detection to Domination | https://zeusvuln.medium.com/the-art-of-ssti-from-detection-to-domination-f5fdd2411439?source=rss------bug_bounty-5 | ZeUsVuLn | bug-bounty-tips, bug-bounty-writeup, ssti, bug-bounty, cybersecurity | 07-Mar-2025 |
Anonymous access on SMB [Ejpt exam notes] | https://medium.com/@hrofficial62/anonymous-access-on-smb-ejpt-exam-notes-b898d6f508fc?source=rss------bug_bounty-5 | Mr Horbio | pentesting, ethical-hacking, cybersecurity, hacking, bug-bounty | 07-Mar-2025 |
Understanding DDoS Attacks: A Threat to Online Services | https://medium.com/@HexaGaurd/understanding-ddos-attacks-a-threat-to-online-services-a837e459a311?source=rss------bug_bounty-5 | HexaGaurd | cybersecurity, ddos, ddos-attack, bug-bounty, hexagaurd | 07-Mar-2025 |
I Found Exposing API Keys and Tokens in a Private Program | https://cybersecuritywriteups.com/i-found-exposing-api-keys-and-tokens-in-a-private-program-1d02ef9e49d0?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, money, cybersecurity, infosec, hacking | 07-Mar-2025 |
How I Could Pre-Take Over Accounts on Target.com with a Simple Trick! | https://medium.com/@jeetpal2007/how-i-could-pre-take-over-accounts-on-target-com-with-a-simple-trick-503599009f3c?source=rss------bug_bounty-5 | JEETPAL | cybersecurity, bug-bounty-tips, email-verification, bug-bounty, bugbounty-writeup | 07-Mar-2025 |
Bug Hunting: From Recon to Reporting | https://osintteam.blog/bug-hunting-from-recon-to-reporting-3ad44ffd94dc?source=rss------bug_bounty-5 | Monika sharma | bug-bounty, penetration-testing, bug-bounty-tips, technology, hacking | 07-Mar-2025 |
How to Run Tp-Link AC600(Archer T2U Plus) in Kali , and solve error. | https://medium.com/@anandrishav2228/how-to-run-tp-link-ac600-archer-t2u-plus-in-kali-and-solve-error-8758c281cb8d?source=rss------bug_bounty-5 | Rishav anand | aircrack-ng, bug-bounty, cybersecurity, tp-link, wifi | 07-Mar-2025 |
⚔️ Cyber Storm: Navigating the Digital Battlefield ⚔️ | https://osintteam.blog/%EF%B8%8F-cyber-storm-navigating-the-digital-battlefield-%EF%B8%8F-8cc433ce7687?source=rss------bug_bounty-5 | Krish_cyber | javascript, programming, technology, bug-bounty, cybersecurity | 07-Mar-2025 |
How a Hacker Mindset Can Save Your Business from Catastrophic Cyberattacks | https://medium.com/@hackrate/how-a-hacker-mindset-can-save-your-business-from-catastrophic-cyberattacks-fbaf484fc496?source=rss------bug_bounty-5 | Levente Molnar | bug-bounty, bug-bounty-tips, penetration-testing, ethical-hacking, cybersecurity | 07-Mar-2025 |
Wayback Machine for Bug Bounty Hunting | https://medium.com/@thexnumb/wayback-machine-for-bug-bounty-hunting-74802a454769?source=rss------bug_bounty-5 | Thexnumb | wayback-machine, reconnaissance, bug-bounty, infosec, penetration-testing | 07-Mar-2025 |
Secret Bug Bounty Tips: $10K Daily | https://medium.com/@ibtissamhammadi/secret-bug-bounty-tips-10k-daily-5951273f0c29?source=rss------bug_bounty-5 | Ibtissam Hammadi | bug-bounty-program, bug-bounty-hunter, bug-bounty, cybersecurity, bug-bounty-tips | 07-Mar-2025 |
Uncovering an Account Linking Vulnerability: Persistent Unauthorized Access Without User Awareness | https://medium.com/@patidarbhuwan44/uncovering-an-account-linking-vulnerability-persistent-unauthorized-access-without-user-awareness-70141b5ccd2c?source=rss------bug_bounty-5 | Bhuwan Patidar | vulnerability-disclosure, cybersecurity, bug-bounty, web-security, hacking | 07-Mar-2025 |
How to Find Vulnerabilities for Bug Hunting ️♂️ | https://medium.com/@vipulsonule71/how-to-find-vulnerabilities-for-bug-hunting-%EF%B8%8F-%EF%B8%8F-050e3a67e40e?source=rss------bug_bounty-5 | Vipul Sonule | ai, cybersecurity, technology, bug-bounty, hacking | 07-Mar-2025 |
The Ultimate 2025 Guide to Securing a Job in Red Teaming . | https://medium.com/@anandrishav2228/the-ultimate-2025-guide-to-securing-a-job-in-red-teaming-6a1ef6edf1b8?source=rss------bug_bounty-5 | Rishav anand | red-team, bug-bounty, money, hacking, cybersecurity | 07-Mar-2025 |
WordPress Misconfiguration Lead to User Files Disclosure ($$$) | https://wahaz.medium.com/wordpress-misconfiguration-lead-to-user-files-disclosure-a7cbdce11df0?source=rss------bug_bounty-5 | Rizaldi Wahaz | cybersecurity, wordpress, penetration-testing, hacker, bug-bounty | 07-Mar-2025 |
Ethically Hacking a Mail Server: Finding Open Relays & Sending Phishing Emails | https://medium.com/@dharineeshj2/ethically-hacking-a-mail-server-finding-open-relays-sending-phishing-emails-235ced92f076?source=rss------bug_bounty-5 | Hack-Bat | cybersecurity, pentesting, hacking, bug-bounty, black-hat-hacker | 07-Mar-2025 |
How To Start Bug Hunting in 2025 | https://medium.com/@anonyhelps.su/how-to-start-bug-hunting-in-2025-58c0c4dc1e9c?source=rss------bug_bounty-5 | Anonyhelps Su | hacking, bug-bounty, hacking-training, earnings, cybersecurity | 07-Mar-2025 |
Email Disclosure via .git Config in project: $500 Bounty Bug | https://medium.com/@a13h1/email-disclosure-via-git-config-in-project-500-bounty-bug-ee057ca12e6f?source=rss------bug_bounty-5 | Abhi Sharma | penetration-testing, information-disclosure, bug-bounty, information-security, cybersecurity | 07-Mar-2025 |
Listen to my Podcast Guest Appearance | https://medium.com/@hacktheplanet/listen-to-my-podcast-guest-appearance-493bd31a5103?source=rss------bug_bounty-5 | SirHaxAlot | tor, sirhaxalot, bug-bounty, darkweb, hacking | 07-Mar-2025 |
XSS IN OPERA-MINI | https://davidferreira101.medium.com/xss-in-opera-mini-e0c2dd6b60c6?source=rss------bug_bounty-5 | David Ferreira | cybersecurity, pentesting, bug-bounty | 07-Mar-2025 |
Finding Funded TRON Wallets: Is It Possible? | https://medium.com/meetcyber/finding-funded-tron-wallets-is-it-possible-8e36f68f7448?source=rss------bug_bounty-5 | Erkan Kavas | reconnaissance, trx, tron, bug-bounty, blockchain | 07-Mar-2025 |
Hunting PII Exposures — A Bug Bounty Perspective | https://medium.com/@blify/hunting-pii-exposures-a-bug-bounty-perspective-79212c65ab10?source=rss------bug_bounty-5 | Blify | information-security, bug-bounty, bug-bounty-tips, cybersecurity | 07-Mar-2025 |
CSPT: Your way to XSS & CSRF in Modern Apps | https://medium.com/@68abdelrahmanmohamed/cspt-your-way-to-xss-csrf-in-modern-apps-59260c8ad19a?source=rss------bug_bounty-5 | Abdulrahman | web-penetration-testing, bug-bounty, penetration-testing | 07-Mar-2025 |
ZeroClick Account Takeover : A Four-Bug Chain Exploit | https://medium.com/@Cr40/zeroclick-account-takeover-a-four-bug-chain-exploit-115ce0f6fc23?source=rss------bug_bounty-5 | Asim | bug-bounty, account-takeover, cybersecurity, penetration-testing, bug-bounty-writeup | 07-Mar-2025 |
OTP Bypass Bug in Public Bug Bounty Program | https://infosecwriteups.com/otp-bypass-bug-in-public-bug-bounty-program-5554eafc18ab?source=rss------bug_bounty-5 | It4chis3c | bug-bounty, otp-bypass, otp-verification, secrets, responsible-disclosure | 07-Mar-2025 |
8 Automated Methods to Discover API Keys Across Websites and API Requests | https://cyberw1ng.medium.com/8-automated-methods-to-discover-api-keys-across-websites-and-api-requests-08d547cdbb80?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, programming, bug-bounty, automation | 07-Mar-2025 |
Day 23: Account Takeover via Response Manipulation | https://medium.com/@danielbelay/day-23-account-takeover-via-response-manipulation-90a1fe62dd8e?source=rss------bug_bounty-5 | dani3l | cybersecurity, bug-bounty, ethical-hacking, account-takeover-attacks | 07-Mar-2025 |
Exposed Files: The Gift That Keeps on Giving | https://medium.com/@mahad.ahmed0x1/exposed-files-the-gift-that-keeps-on-giving-d0394df80f12?source=rss------bug_bounty-5 | 404NotPentested | coding, devops, web-development, cybersecurity, bug-bounty | 06-Mar-2025 |
Stored xss using PDF a bug? | https://medium.com/@dsmodi484/stored-xss-using-pdf-a-bug-0690125015bb?source=rss------bug_bounty-5 | cryptoshant | bug-bounty, lenovo, cybersecurity, pdf, hacking | 06-Mar-2025 |
How to Find Your First Bug ️♂️ | https://medium.com/@vipulsonule71/how-to-find-your-first-bug-%EF%B8%8F-%EF%B8%8F-d6a0b0ef40b3?source=rss------bug_bounty-5 | Vipul Sonule | ai, cybersecurity, penetration-testing, bug-bounty, hacking | 06-Mar-2025 |
How To Find Low-Hanging Bugs? | https://cybersecuritywriteups.com/how-to-find-low-hanging-bugs-6e8b3eb8b3ca?source=rss------bug_bounty-5 | Abhijeet Kumawat | infosec, money, bug-bounty, cybersecurity, hacking | 06-Mar-2025 |
My First Bug Bounty Win: How I Found and Reported a Security Vulnerability | https://heinhtetagg.medium.com/my-first-bug-bounty-win-how-i-found-and-reported-a-security-vulnerability-c41fdfd717c2?source=rss------bug_bounty-5 | Hein Htet Aung | bug-bounty, bug-bounty-writeup | 06-Mar-2025 |
CORS Exploitation Walkthrough | Bypass & Exploit Misconfigured CORS | Ethical Hacking Tutorial | https://medium.com/@spector-sec/cors-exploitation-walkthrough-bypass-exploit-misconfigured-cors-ethical-hacking-tutorial-db15994788d3?source=rss------bug_bounty-5 | spector-sec | cors, bug-bounty, penetration-testing, info-sec-writeups, cybersecurity | 06-Mar-2025 |
Use this unique way to find broken link hijacking bugs. | https://infosecwriteups.com/use-this-unique-way-to-find-broken-link-hijacking-bugs-3081878839d4?source=rss------bug_bounty-5 | loyalonlytoday | broken-link, cybersecurity, penetration-testing, ethical-hacking, bug-bounty | 06-Mar-2025 |
Finding the origin IP part 2 | https://infosecwriteups.com/finding-the-origin-ip-part-2-c96d7488c40e?source=rss------bug_bounty-5 | loyalonlytoday | penetration-testing, tips, cybersecurity, programming, bug-bounty | 06-Mar-2025 |
How I Earned $4,000+ in My First Six Months of Bug Bounty Hunting | https://medium.com/@nchaitreddyutilities/how-i-earned-4-000-in-my-first-six-months-of-bug-bounty-hunting-e969144a368a?source=rss------bug_bounty-5 | Chaitanya Reddy | bug-bounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity | 06-Mar-2025 |
Is Bug Bounty Still a Good Career in 2025? | https://medium.com/@HackerNasr/is-bug-bounty-still-a-good-career-in-2025-d5ef726b07f6?source=rss------bug_bounty-5 | HackerNasr | pentesting, bug-bounty-tips, hacking, bug-bounty, ethical-hacking | 06-Mar-2025 |
Invite Me Once, I Own Your Account!” (HINDI + ENGLISH) | https://medium.com/@ajay.kumar.695632/invite-me-once-i-own-your-account-hindi-english-b27cb72fe64a?source=rss------bug_bounty-5 | Ajay Kumar | bugs, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 06-Mar-2025 |
First Italians on Ferrari’s Hall of Fame: Our Experience with the Bug Bounty Program | https://medium.com/@br3ss/first-italians-on-ferraris-hall-of-fame-our-experience-with-the-bug-bounty-program-5c101dba71c6?source=rss------bug_bounty-5 | Br3ss | bug-bounty, ferrari, security, cybersecurity, seo | 06-Mar-2025 |
Never Underestimate Any Error. This is why I Got Appreciation Letter from Drexel University CISO | https://hiddendom.medium.com/never-underestimate-any-error-this-is-why-i-got-appreciation-letter-from-drexel-university-ciso-ba37a6bad077?source=rss------bug_bounty-5 | Gokuleswaran B | bug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs, penetration-testing | 06-Mar-2025 |
How Recon → SQLi Made €€€€ Bounty | https://medium.com/@iski/how-recon-sqli-made-bounty-425fc0fa2e92?source=rss------bug_bounty-5 | Iski | p1-bug, sql, cybersecurity, bug-bounty, bug-bounty-tips | 06-Mar-2025 |
A list of automated recon tools | https://cybersecuritywriteups.com/a-list-of-automated-recon-tools-f0d034429532?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, recon, tips, penetration-testing, cybersecurity | 06-Mar-2025 |
Easy Account Takeover Using OTP Bypass | https://medium.com/@dharineeshj2/easy-account-takeover-using-otp-bypass-4de2079fb9b1?source=rss------bug_bounty-5 | Hack-Bat | bug-bounty, hacking, vulnerability, cybersecurity | 06-Mar-2025 |
Enhancing Bug Bounty Hunting and Web App Pentesting with mitmproxy and Burp suite | https://medium.com/@MutexSec/enhancing-bug-bounty-hunting-and-web-app-pentesting-with-mitmproxy-and-burp-suite-1d6d0f381bd0?source=rss------bug_bounty-5 | Exhaustedmutex | red-team, penetration-testing, proxy, bug-bounty, burpsuite | 06-Mar-2025 |
Mastering 403 Forbidden Bypass Techniques ✨ | https://cybersecuritywriteups.com/mastering-403-forbidden-bypass-techniques-2ab393f1c77f?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, money, hacking, cybersecurity, infosec | 06-Mar-2025 |
How to Find SQL Injection ️♂️ | https://medium.com/@vipulsonule71/how-to-find-sql-injection-%EF%B8%8F-%EF%B8%8F-c5e2113ef263?source=rss------bug_bounty-5 | Vipul Sonule | hacking, ai, cybersecurity, bug-bounty, penetration-testing | 06-Mar-2025 |
How I Ethically Hacked a Government Portal: SQL Injection in a Gov. Portal | https://myselfakash20.medium.com/how-i-ethically-hacked-a-government-portal-sql-injection-in-a-gov-portal-9682869e5999?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty, ethical-hacking | 06-Mar-2025 |
Understanding Race Conditions in Web Applications | https://medium.com/@shoaibbinrashid11/understanding-race-conditions-in-web-applications-9cc7c5984471?source=rss------bug_bounty-5 | Shoaib Bin Rashid | web-security, penetration-testing, bug-bounty, race-condition | 06-Mar-2025 |
How I Found My First CVE – A Beginner’s Guide | https://abhinav-porwal.medium.com/how-i-found-my-first-cve-a-beginners-guide-3cf2b56b37f0?source=rss------bug_bounty-5 | Abhinav Porwal | cybersecurity, bug-bounty, bug-bounty-tips, information-security, hacking | 06-Mar-2025 |
Bug Bounty Hunting — Complete Guide (Part-116) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-116-a9a65ad7f24f?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, hacking | 06-Mar-2025 |
The art of hunting logical bugs: Exploiting business logic in modern apps | https://infosecwriteups.com/the-art-of-hunting-logical-bugs-exploiting-business-logic-in-modern-apps-a374c3650b90?source=rss------bug_bounty-5 | Vivek PS | programming, cybersecurity, bug-bounty, ethical-hacking | 06-Mar-2025 |
Bug Bounty: How a Race Condition Led to Application-Level DoS | https://medium.com/@Bug_Slay3r/bug-bounty-how-a-race-condition-led-to-application-level-dos-76458ae57e9d?source=rss------bug_bounty-5 | Shrujal Mandawkar | bug-bounty, bug-bounty-tips, race-condition, bug-bounty-writeup, bugs | 06-Mar-2025 |
“Unlock Bug Bounty Rewards by Hunting Exposed debug.log | https://krishna-cyber.medium.com/unlock-bug-bounty-rewards-by-hunting-exposed-debug-log-0d50382a64d1?source=rss------bug_bounty-5 | Krish_cyber | bug-bounty-tips, bug-bounty, osint, programming, infosec-write-ups | 6-Mar-2025 |
✨ Cyber Guardians Unleashed: The Dynamic Duo of SOC & SIEM ✨ | https://krishna-cyber.medium.com/cyber-guardians-unleashed-the-dynamic-duo-of-soc-siem-80e3ccdc4c62?source=rss------bug_bounty-5 | Krish_cyber | technology, javascript, cybersecurity, bug-bounty, programming | 6-Mar-2025 |
Information Disclosure: AWS Sensitive API Key Leakage | https://cyberw1ng.medium.com/information-disclosure-aws-sensitive-api-key-leakage-0b60d3af5109?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, programming, careers, cybersecurity, cloud | 06-Mar-2025 |
How I Discovered a Stored XSS Vulnerability in JS Files | https://cybersecuritywriteups.com/how-i-discovered-a-stored-xss-vulnerability-in-js-files-7b527d2c8962?source=rss------bug_bounty-5 | Krish_cyber | programming, bug-bounty, xss-attack, cybersecurity, bug-bounty-tips | 06-Mar-2025 |
Information Disclosure: AWS Sensitive API Key Leakage | https://osintteam.blog/information-disclosure-aws-sensitive-api-key-leakage-0b60d3af5109?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, programming, careers, cybersecurity, cloud | 06-Mar-2025 |
How I Ethically Hacked a Government Portal: SQL Injection in a Gov. Portal | https://infosecwriteups.com/how-i-ethically-hacked-a-government-portal-sql-injection-in-a-gov-portal-9682869e5999?source=rss------bug_bounty-5 | Akash Ghosh | cybersecurity, bug-bounty-tips, bug-bounty, ethical-hacking, technology | 06-Mar-2025 |
How I Found Sensitive Information using Github Dorks in Bug Bounties — Part 1 | https://mukibas37.medium.com/how-i-found-sensitive-information-using-github-dorks-in-bug-bounties-part-1-09c9465fa902?source=rss------bug_bounty-5 | Mukilan Baskaran | ethical-hacking, github-recon, cybersecurity, infosec, bug-bounty | 05-Mar-2025 |
One Program, Three Takeovers — A Deep Dive into Subdomain Hijacking! | https://medium.com/@AhmedSamy-X/one-program-three-takeovers-a-deep-dive-into-subdomain-hijacking-a97405601a14?source=rss------bug_bounty-5 | Ahmedsamy | penetration-testing, cybersecurity, bug-bounty, subdomain-takeover | 05-Mar-2025 |
Cracking the Shield: Advanced WAF Bypass Techniques That Still Work in 2025 | https://myselfakash20.medium.com/cracking-the-shield-advanced-waf-bypass-techniques-that-still-work-in-2025-814cee616ccf?source=rss------bug_bounty-5 | Akash Ghosh | cybersecurity, bug-bounty-tips, bug-bounty, technology, bug-bounty-writeup | 05-Mar-2025 |
Understanding AES-256 Encryption: The Ultimate Security Standard | https://medium.com/@viveksheela1707/understanding-aes-256-encryption-the-ultimate-security-standard-3535a5a8128a?source=rss------bug_bounty-5 | Vivek Sheela | user-testing, security, security-systems, technology, bug-bounty | 05-Mar-2025 |
$150 Easy HTML Injection Vulnerability | https://medium.com/@Abhijeet_kumawat_/150-easy-html-injection-vulnerability-08de8584001d?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, infosec, cybersecurity, money, hacking | 05-Mar-2025 |
Finding jwt tokens that lead to PII data leakage. | https://infosecwriteups.com/finding-jwt-tokens-that-lead-to-pii-data-leakage-b047d45d97bf?source=rss------bug_bounty-5 | loyalonlytoday | cybersecurity, programming, bug-bounty, bug-bounty-tips, ethical-hacking | 05-Mar-2025 |
Able to create an account without a phone number. (unique bug) | https://infosecwriteups.com/able-to-create-an-account-without-a-phone-number-unique-bug-1fe2d14b9d54?source=rss------bug_bounty-5 | loyalonlytoday | tips, bug-bounty-tips, ethical-hacking, cybersecurity, bug-bounty | 05-Mar-2025 |
Find new apex domains that are related to your bug bounty target. | https://infosecwriteups.com/find-new-apex-domains-that-are-related-to-your-bug-bounty-target-a05fdcbf5875?source=rss------bug_bounty-5 | loyalonlytoday | tips, penetration-testing, bug-bounty, cybersecurity, programming | 05-Mar-2025 |
2025 OWASP Vulnerabilities Complete Guide for Security Tester | https://infosecwriteups.com/2025-owasp-vulnerabilities-complete-guide-for-security-tester-8b20f754bee4?source=rss------bug_bounty-5 | Ajay Naik | information-security, penetration-testing, owasp, owasp-top-10, bug-bounty | 05-Mar-2025 |
The Curious Case of an Insecure Password Reset Flaw | https://sapienshack.medium.com/the-curious-case-of-an-insecure-password-reset-flaw-135000e4a462?source=rss------bug_bounty-5 | Sapienshack | pentesting, penetration-testing, bug-bounty, application-security, bug-bounty-writeup | 05-Mar-2025 |
Cybersecurity Update: Major Attacks and Trends | https://medium.com/@sivaprakash4112/cybersecurity-update-major-attacks-and-trends-981a2c4e12b0?source=rss------bug_bounty-5 | Sivaprakash Sivakumar | cybersecurity, bug-bounty, news, cyberattack, cryptocurrency | 05-Mar-2025 |
Cache Deception Attack help you make a good Bounty.(0–1) | https://medium.com/@anandrishav2228/cache-deception-attack-help-you-make-a-good-bounty-0-1-3030c21fa3e6?source=rss------bug_bounty-5 | Rishav anand | hacking, bug-bounty, cybersecurity, cache, money | 05-Mar-2025 |
XSS :- When, Where, and How to Strike in Web and Mobile Apps! and make $$$ Easily | https://medium.com/@anandrishav2228/xss-when-where-and-how-to-strike-in-web-and-mobile-apps-and-make-easily-b41c2f1e73f6?source=rss------bug_bounty-5 | Rishav anand | hacking, money, xss-attack, bug-bounty, cybersecurity | 05-Mar-2025 |
Command Injection: The Ultimate Guide to Exploiting and Preventing OS Command Execution | https://medium.com/@verylazytech/command-injection-the-ultimate-guide-to-exploiting-and-preventing-os-command-execution-85b74f519fce?source=rss------bug_bounty-5 | Very Lazy Tech | bug-bounty, injection-payloads, prevent-injection, command-injection, os-injection | 05-Mar-2025 |
$50-$100 worth Sensitive Leaks via Google Dorks | Part 2 | https://infosecwriteups.com/50-100-worth-sensitive-leaks-via-google-dorks-part-2-868f4b1e7919?source=rss------bug_bounty-5 | It4chis3c | google, secrets, bug-bounty, google-hacking, google-dork | 05-Mar-2025 |
How i Bypass 403 and earn bounty $$$$ | https://medium.com/@anandrishav2228/how-i-bypass-403-and-earn-bounty-faddabb4b497?source=rss------bug_bounty-5 | Rishav anand | servers, cybersecurity, money, bug-bounty, hacking | 05-Mar-2025 |
Critical IDOR Vulnerability in Order Tracking System Exposes Customer Data | https://jxycybersec.medium.com/critical-idor-vulnerability-in-order-tracking-system-exposes-customer-data-a9dbae34d329?source=rss------bug_bounty-5 | Digvijay Gholase | bug-bounty-tips, bug-bounty, information-security, cybersecurity, bug-bounty-writeup | 05-Mar-2025 |
100 Kali Linux Commands for Penetration Testing | https://medium.com/@kanastain1/100-kali-linux-commands-for-penetration-testing-bf578c53b5b6?source=rss------bug_bounty-5 | Kanastain | penetration-testing, cybersecurity, bug-bounty, pentest | 05-Mar-2025 |
How to Become a Bug Bounty Hunter ️♂️ | https://medium.com/@vipulsonule71/how-to-become-a-bug-bounty-hunter-%EF%B8%8F-%EF%B8%8F-daac7a6a4f16?source=rss------bug_bounty-5 | Vipul Sonule | hacking, cybersecurity, bug-bounty-tips, penetration-testing, bug-bounty | 05-Mar-2025 |
Cracking the Code: Unveiling the Hidden Dangers of Account Takeover | https://osintteam.blog/cracking-the-code-unveiling-the-hidden-dangers-of-account-takeover-487fb5407c2c?source=rss------bug_bounty-5 | Krish_cyber | bug-bounty-tips, infosec-write-ups, bug-bounty, account-takeover, bug-bounty-writeup | 05-Mar-2025 |
Bug Bounty Hunting — Complete Guide (Part-115) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-115-35780b6d6fe4?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, hacking | 05-Mar-2025 |
How to Run a Bug Bounty Program Without the Overhead | https://medium.com/@hackrate/how-to-run-a-bug-bounty-program-without-the-overhead-bc12bcd87c56?source=rss------bug_bounty-5 | Levente Molnar | bug-bounty, hacking, bug-bounty-tips, ethical-hacking, cybersecurity | 05-Mar-2025 |
How I Hacked NASA and Got a P1 on Bugcrowd | https://0xjin.medium.com/how-i-hacked-nasa-and-got-a-p1-on-bugcrowd-512541e57eab?source=rss------bug_bounty-5 | 0xJin | bugbounty-writeup, ethical-hacking, bugbounty-poc, bug-bounty, bugbounty-tips | 05-Mar-2025 |
How to find IDORs | https://medium.com/@julius.grosserode.19/how-to-find-idors-595424fe5fce?source=rss------bug_bounty-5 | Julio | idor-vulnerability, idor, owasp-top-10, api, bug-bounty | 05-Mar-2025 |
My Bug Bounty Journey: Mistakes I Made and Advice for Beginners | https://medium.com/@aminouji23/my-bug-bounty-journey-mistakes-i-made-and-advice-for-beginners-6b4d23ba50b3?source=rss------bug_bounty-5 | Aminouji | methodology, bug-bounty, cybersecurity, mystery | 05-Mar-2025 |
How IDOR and Broken Access Control Exposed Private Data and Earned Me $4,000 in 1 Day | https://medium.com/@ibtissamhammadi/how-idor-and-broken-access-control-exposed-private-data-and-earned-me-4-000-in-1-day-dd01a07e93e4?source=rss------bug_bounty-5 | Ibtissam Hammadi | idor, bug-bounty, web-application-security, ethical-hacking, broken-access-control | 05-Mar-2025 |
BreachSeek - Multi-Agent Automated Penetration Tester | https://gaya3-r.medium.com/breachseek-multi-agent-automated-penetration-tester-b5fd61dab0a4?source=rss------bug_bounty-5 | gayatri r | bug-bounty-writeup, pentesting, bug-bounty, llm-pentesting | 05-Mar-2025 |
Automating Information Gathering in Cloud Environments | https://cyberw1ng.medium.com/automating-information-gathering-in-cloud-environments-ee1e56a4f6bd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | automation, osint, cloud, bug-bounty, cybersecurity | 05-Mar-2025 |
The Prefix, The Suffix, and the SQL Injection That Almost Got Away | https://clarkvoss.medium.com/the-prefix-the-suffix-and-the-sql-injection-that-almost-got-away-b76376cb74e1?source=rss------bug_bounty-5 | Clark Voss | hacking, cybersecurity, security, hacking-tools, bug-bounty | 05-Mar-2025 |
Finding Exposed AWS Buckets Like a Pro! : Bug Bounty Recon [Part-2] | https://medium.com/@hrofficial62/finding-exposed-aws-buckets-like-a-pro-bug-bounty-recon-part-2-81012428256f?source=rss------bug_bounty-5 | Mr Horbio | hacking, cybersecurity, pentesting, bug-bounty, ethical-hacking | 04-Mar-2025 |
different types of burp suite extensions for bug hunting and penetration testing | https://osintteam.blog/different-types-of-burp-suite-extensions-for-bug-hunting-and-penetration-testing-ebc80ec14aa7?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, penetration-testing, tips, cybersecurity, burpsuite | 04-Mar-2025 |
How I Achieved the Hall of Fame on a U.S. Government Website | https://medium.com/@Abhijeet_kumawat_/how-i-achieved-the-hall-of-fame-on-a-u-s-government-website-8ff6fbdcf176?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, cybersecurity, infosec, hacking, us-government | 04-Mar-2025 |
Why beginners should look for open redirect vulnerabilities: An easy win in ethical hacking | https://medium.com/@vivekps143/why-beginners-should-look-for-open-redirect-vulnerabilities-an-easy-win-in-ethical-hacking-18fe21cf630d?source=rss------bug_bounty-5 | Vivek PS | programming, hacking, cybersecurity, bugbounty-writeup, bug-bounty | 04-Mar-2025 |
Rate limit bypass lead to OTP bypass($600) | https://bytesnull44.medium.com/rate-limit-bypass-lead-to-otp-bypass-600-f64f39f9e130?source=rss------bug_bounty-5 | Bytesnull | hackerone, bug-bounty, bugcrowd, cybersecurity | 04-Mar-2025 |
The Mindset of a Successful Bug Bounty Hunter: Think Like a Hacker, Act Like a Scientist | https://medium.com/@vivekps143/the-mindset-of-a-successful-bug-bounty-hunter-think-like-a-hacker-act-like-a-scientist-744253e2f091?source=rss------bug_bounty-5 | Vivek PS | artificial-intelligence, bug-bounty, ethical-hacking, programming, cybersecurity | 04-Mar-2025 |
Advanced Bug Hunting Techniques: Unearthing Unique Bugs with AI and Exploits | https://medium.com/@codelinex/advanced-bug-hunting-techniques-unearthing-unique-bugs-with-ai-and-exploits-d404b7aa9c4b?source=rss------bug_bounty-5 | CodelineX Pvt Ltd | bug-bounty, hacking, cybersecurity | 04-Mar-2025 |
The Underground Art of Client-Side Bug Hunting: Uncovering Hidden Vulnerabilities in Web… | https://medium.com/@codelinex/the-underground-art-of-client-side-bug-hunting-uncovering-hidden-vulnerabilities-in-web-899330fcb6e5?source=rss------bug_bounty-5 | CodelineX Pvt Ltd | cybersecurity, internet, bug-bounty, hacking | 04-Mar-2025 |
I hack the online gambling via xss upload (part 2) (3500 USD) | https://bytesnull44.medium.com/i-hack-the-online-gambling-via-xss-upload-part-2-3500-usd-18fb7646b506?source=rss------bug_bounty-5 | Bytesnull | cybersecurity, bug-bounty-tips, xss-vulnerability, xss-attack, bug-bounty | 04-Mar-2025 |
The Art of WAF Bypass: Advanced Techniques and Strategies for Ethical Hackers | https://medium.com/@codelinex/the-art-of-waf-bypass-advanced-techniques-and-strategies-for-ethical-hackers-d8f05cea0353?source=rss------bug_bounty-5 | CodelineX Pvt Ltd | hacking, cybersecurity, bug-bounty-tips, cyber-security-awareness, bug-bounty | 04-Mar-2025 |
️♂️ When Google Became My Personal Vulnerability Scanner and helped me to find Exposed… | https://hiddendom.medium.com/%EF%B8%8F-%EF%B8%8F-when-google-became-my-personal-vulnerability-scanner-and-helped-me-to-find-exposed-d1d28d24d2ac?source=rss------bug_bounty-5 | Gokuleswaran B | dorks, bug-bounty-tips, bug-bounty-writeup, vulnerability, bug-bounty | 04-Mar-2025 |
I hack the online gambling via xss upload (part 1) 5000 USD) | https://bytesnull44.medium.com/i-hack-the-online-gambling-via-xss-upload-part-1-5000-usd-7a27bedd03a5?source=rss------bug_bounty-5 | Bytesnull | hacking, bugbounty-writeup, cybersecurity, bug-bounty | 04-Mar-2025 |
Critical IDOR on chat message (1000 USD) | https://bytesnull44.medium.com/critical-idor-on-chat-message-1000-usd-e07f3a28730d?source=rss------bug_bounty-5 | Bytesnull | bugbounty-tips, cybersecurity, hacking, bug-bounty | 04-Mar-2025 |
Bypassing Client-Side Controls | https://medium.com/@muhammad4208/bypassing-client-side-controls-6f85c97747d7?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty-program, bug-bounty-hunter, bug-bounty, bug-bounty-tips, web-testing | 4-Mar-2025 |
Bug Bounty Hunting — Complete Guide (Part-114) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-114-930889caa359?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-tips, ethical-hacking, cybersecurity, hacking, bug-bounty | 4-Mar-2025 |
$1500 Blind Sql injection via json body | https://bytesnull44.medium.com/1500-blind-sql-injection-via-json-body-4091bf8b02cc?source=rss------bug_bounty-5 | Bytesnull | vulnerability, infosec, cybersecurity, bug-bounty | 4-Mar-2025 |
Day 22: Account Takeover Worth $1000 | https://medium.com/@danielbelay/day-22-account-takeover-worth-1000-a07ef7dd460f?source=rss------bug_bounty-5 | dani3l | bug-bounty, cybersecurity, account-takeover, ethical-hacking | 4-Mar-2025 |
Blind SSRF with Out-of-Band Detection | https://medium.com/@codingbolt.in/blind-ssrf-with-out-of-band-detection-0d53e2986a73?source=rss------bug_bounty-5 | codingbolt | ethical-hacking, ssrf, bug-bounty-tips, bug-bounty, ssrf-attack | 04-Mar-2025 |
Advanced Dorking Methodology for Finding Vulnerabilities (Part 2) | https://hackersatty.medium.com/advanced-dorking-methodology-for-finding-vulnerabilities-part-2-47a251b245c1?source=rss------bug_bounty-5 | hackersatty | medium, bug-bounty-writeup, bug-bounty-tips, google-dork, bug-bounty | 04-Mar-2025 |
Unauthenticated SharePoint File Enumeration and Downloading | https://soltanali0.medium.com/unauthenticated-sharepoint-file-enumeration-and-downloading-a39ecc07e688?source=rss------bug_bounty-5 | soltanali0 | sharepoint, microsoft, bug-bounty, hacking | 04-Mar-2025 |
How to Use Automated Tools for Information Gathering | https://medium.com/@vipulsonule71/how-to-use-automated-tools-for-information-gathering-779bae995dc8?source=rss------bug_bounty-5 | Vipul Sonule | bug-bounty, writing, technology, hacking, cybersecurity | 04-Mar-2025 |
Breaking and Fixing My Way Into Cybersecurity | https://medium.com/@MutexSec/breaking-and-fixing-my-way-into-cybersecurity-1c888d959823?source=rss------bug_bounty-5 | Exhaustedmutex | penetration-testing, technology, cybersecurity, bug-bounty, journal | 04-Mar-2025 |
Footprinting & Information Gathering Master Index | https://medium.com/@0xizen/footprinting-information-gathering-master-index-84f00469f45a?source=rss------bug_bounty-5 | Shashi Raj Jha | red-team, information-gathering, footprinting, bug-bounty, bug-bounty-tips | 04-Mar-2025 |
Do CTFs Really Make You Better at Hacking? | https://medium.com/@HackerNasr/do-ctfs-really-make-you-better-at-hacking-3975e9295266?source=rss------bug_bounty-5 | HackerNasr | bug-bounty-tips, hacking, ctf, bug-bounty, capture-the-flag | 04-Mar-2025 |
Top 50 Reconnaissance Tools for 2025 | https://medium.com/@codingbolt.in/top-50-reconnaissance-tools-for-2025-711ab067c737?source=rss------bug_bounty-5 | codingbolt | recon, cybersecurity, bug-bounty, reconnaissance, ethical-hacking | 04-Mar-2025 |
SSRF and the Pitfalls of Blacklist-Based Input Filters | https://medium.com/@codingbolt.in/ssrf-and-the-pitfalls-of-blacklist-based-input-filters-b19e4765fa6d?source=rss------bug_bounty-5 | codingbolt | ethical-hacking, ssrf-attack, ssrf, bug-bounty, bug-bounty-tips | 04-Mar-2025 |
How I Discovered One More Easy Bug in 5 Minutes | https://medium.com/@Abhijeet_kumawat_/how-i-discovered-one-more-easy-bug-in-5-minutes-e1f07ac766f6?source=rss------bug_bounty-5 | Abhijeet Kumawat | hacking, infosec, bug-bounty, cybersecurity, money | 04-Mar-2025 |
Guide to Downloading, Installing, and Configuring Burp Suite Professional on Kali Linux | https://abhinav-porwal.medium.com/guide-to-downloading-installing-and-configuring-burp-suite-professional-on-kali-linux-19ca40b0bba4?source=rss------bug_bounty-5 | Abhinav Porwal | burp-suite-pro, bug-bounty, burpsuite, cybersecurity, ethical-hacking | 04-Mar-2025 |
Bug Bounty Journey — Valid Report Part 4 | https://medium.com/@0xF3r4t/bug-bounty-journey-valid-report-part-4-b7bc49aaa737?source=rss------bug_bounty-5 | 0xF3r4t | wayback-machine, bug-bounty | 04-Mar-2025 |
Streamline Reconnaissance with NetSanitizer: A URL Deduplication Powerhouse for Bug Bounty Hunters | https://medium.com/@iamsecure1920/streamline-reconnaissance-with-netsanitizer-a-url-deduplication-powerhouse-for-bug-bounty-hunters-a2832821b03c?source=rss------bug_bounty-5 | iamsecure1920 (Sai Krishna Sobila ) | bug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips, bounty-program | 04-Mar-2025 |
$50-$100 worth Sensitive Leaks via Google Dorks | Part 1 | https://infosecwriteups.com/50-100-worth-sensitive-leaks-via-google-dorks-part-1-b5e72af87513?source=rss------bug_bounty-5 | It4chis3c | google, bug-bounty, google-dork, secrets, dorking | 04-Mar-2025 |
Day 0: Starting My 100-Day Bug Bounty Journey | https://medium.com/@swethas274/day-0-starting-my-100-day-bug-bounty-journey-37d032c853d3?source=rss------bug_bounty-5 | Swetha | side-hustle, bug-bounty, cybersecurity, hacking, 100daychallenge | 04-Mar-2025 |
Best Browser Extensions for Bug Hunting and Cybersecurity | https://abhinav-porwal.medium.com/best-browser-extensions-for-bug-hunting-and-cybersecurity-5cfc4866cdab?source=rss------bug_bounty-5 | Abhinav Porwal | information-security, cybersecurity, hacking, bug-bounty, bug-bounty-tips | 04-Mar-2025 |
How to Find Your First Easy Bug as a Bug Bounty Hunter (Step-by-Step Guide) | https://abhinav-porwal.medium.com/how-to-find-your-first-easy-bug-as-a-bug-bounty-hunter-step-by-step-guide-151f3150ba4e?source=rss------bug_bounty-5 | Abhinav Porwal | ethical-hacking, cybersecurity, bug-bounty-writeup, bug-bounty, bug-bounty-tips | 04-Mar-2025 |
How i breached the US federal goverment and found 10,000 plus classfied infomation | https://medium.com/@coffeeaddict_exe/how-i-breached-the-us-federal-goverment-and-found-10-000-plus-classfied-infomation-dfac687a8c44?source=rss------bug_bounty-5 | CoffeeAddict | usa, bug-bounty, government, bug-bounty-tips, hacking | 04-Mar-2025 |
How I Made $5,000 in 3 Days with Bounty Hunting (No Experience Needed) | https://medium.com/@ibtissamhammadi/how-i-made-5-000-in-3-days-with-bounty-hunting-no-experience-needed-9050f3548a84?source=rss------bug_bounty-5 | Ibtissam Hammadi | beginners-guide, cybersecurity, ethical-hacking, bug-bounty, earn-money-online | 04-Mar-2025 |
From Zero to Hero: Your Step-by-Step Guide to Bagging Your First Bug Bounty (With Real-World… | https://krishna-cyber.medium.com/from-zero-to-hero-your-step-by-step-guide-to-bagging-your-first-bug-bounty-with-real-world-0e2f63ac0030?source=rss------bug_bounty-5 | Krish_cyber | bug-bounty, bug-bounty-writeup, bug-zero, bugs, bug-bounty-tips | 04-Mar-2025 |
Auth Bypass & Unauthorized Access via Hidden Login | https://medium.com/@hossam_hamada/auth-bypass-unauthorized-access-via-hidden-login-65bca9810ddc?source=rss------bug_bounty-5 | Hossam Hamada | bug-bounty-tips, hackerone, bugbounty-writeup, bug-bounty | 04-Mar-2025 |
Sensitive API Key Leakage Report Disclosure: AWS VDP | https://cyberw1ng.medium.com/sensitive-api-key-leakage-report-disclosure-aws-vdp-b26806e1ecd1?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cloud, programming, jobs, bug-bounty, cybersecurity | 04-Mar-2025 |
The Art of Recon: Hunting Bugs Before They Hide — Part Three (From Recon to Reward) | https://zeusvuln.medium.com/the-art-of-recon-hunting-bugs-before-they-hide-part-three-from-recon-to-reward-c9eea7cf5b10?source=rss------bug_bounty-5 | ZeUsVuLn | bug-bounty-tips, bug-bounty-writeup, reconnaissance, cybersecurity, bug-bounty | 04-Mar-2025 |
Defining the Pentest Scope: OWASP ZAP Context & Subdomains | https://err0rsecur1ty.medium.com/defining-the-pentest-scope-owasp-zap-context-subdomains-7e5ff5dfd74d?source=rss------bug_bounty-5 | Zehzah M.A | ( Err0r_SecuR1ty ) | ethical-hacking, cybersecurity, owaspzap, bug-bounty, penetration-testing | 04-Mar-2025 |
I Discovered a Critical Security Flaw That Changed How I Protect My Data Forever | https://medium.com/@ibtissamhammadi/i-discovered-a-critical-security-flaw-that-changed-how-i-protect-my-data-forever-30becd75d83c?source=rss------bug_bounty-5 | Ibtissam Hammadi | cybersecurity, critical-security, ethical-hacking, bug-bounty, bug-bounty-hunting | 03-Mar-2025 |
Mastering XSS on the Fly: The Ultimate Guide to Web Vulnerabilities and Bug Bounties | https://cybersecuritywriteups.com/mastering-xss-on-the-fly-the-ultimate-guide-to-web-vulnerabilities-and-bug-bounties-78502107ea9b?source=rss------bug_bounty-5 | Krish_cyber | bug-bounty, idor, osint, infosec-write-ups, xss-attack | 03-Mar-2025 |
From Zero to Hero: How I Uncovered a Critical Privilege Escalation Flaw and Earned $500 | https://cybersecuritywriteups.com/from-zero-to-hero-how-i-uncovered-a-critical-privilege-escalation-flaw-and-earned-500-c6be96484090?source=rss------bug_bounty-5 | Krish_cyber | osint, bug-bounty-tips, bug-bounty, info-sec-writeups, information-security | 03-Mar-2025 |
ChatGPT for Bug Bounty Hunters: Custom Payloads, Automated Scripts, and More | https://medium.com/@Abhijeet_kumawat_/chatgpt-for-bug-bounty-hunters-custom-payloads-automated-scripts-and-more-125aef1e9a80?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, cybersecurity, infosec, hacking, money | 03-Mar-2025 |
How to choose a target for Bug-Bounty to earn extra $$$. | https://medium.com/@anandrishav2228/how-to-choose-a-target-for-bug-bounty-to-earn-extra-d081bcd93692?source=rss------bug_bounty-5 | Rishav anand | money, hacking, bug-bounty-tips, cybersecurity, bug-bounty | 03-Mar-2025 |
A BIG MISCONCEPTION: “MY ORGANISATION IS NOT MATURE ENOUGH FOR BUG BOUNTY” | https://medium.com/@hackrate/a-big-misconception-my-organisation-is-not-mature-enough-for-bug-bounty-93c87b131baf?source=rss------bug_bounty-5 | Levente Molnar | cybersecurity, hacking, bug-bounty-tips, bug-bounty, ethical-hacking | 03-Mar-2025 |
Qumursqa mukofoti | https://medium.com/@buckybyte/qumursqa-mukofoti-1200f848d1b7?source=rss------bug_bounty-5 | Bucky Byte | bug-bounty | 03-Mar-2025 |
Setting Up XSSHunter(Latest) with Docker and Cloudflare Proxy | https://petruknisme.medium.com/setting-up-xsshunter-latest-with-docker-and-cloudflare-proxy-6c35db80762c?source=rss------bug_bounty-5 | Aan | xsshunter, xs, web-pentesting, pentest, bug-bounty | 03-Mar-2025 |
Advanced Open Redirection Techniques and Exploitation Using Burp Suite Dynamic Analysis | https://medium.com/@shadyfarouk1986/advanced-open-redirection-techniques-and-exploitation-using-burp-suite-dynamic-analysis-6d6f5bc23f66?source=rss------bug_bounty-5 | Shady Farouk | bug-bounty, bug-bounty-writeup, pentesting, hacking | 03-Mar-2025 |
You Have No Experience, But Want to Start Bug Bounty Hunting? | https://systemweakness.com/you-have-no-experience-but-want-to-start-bug-bounty-hunting-0fd4e5d700d9?source=rss------bug_bounty-5 | HackerNasr | bug-bounty, ethical-hacking, careers, career-advice, hacking | 03-Mar-2025 |
Server-Side Request Forgery (SSRF): Attacking Internal Networks via External Requests | https://medium.com/ssd-secure-disclosure/server-side-request-forgery-ssrf-attacking-internal-networks-via-external-requests-333afd84ce94?source=rss------bug_bounty-5 | Oded van Kloeten | ssrf, code, bug-bounty, cybersecurity, hacking | 03-Mar-2025 |
The Curious Case of a Patched IDOR and the Rabbit Hole That Followed | https://medium.com/@stephenuchechukwu68/the-curious-case-of-a-patched-idor-and-the-rabbit-hole-that-followed-04a40297e5fd?source=rss------bug_bounty-5 | Stephenuchechukwu | cybersecurity, ethical-hacking, bug-bounty | 03-Mar-2025 |
Secret Google Dorks to Find Bug Bounty Programs | https://medium.com/@Abhijeet_kumawat_/secret-google-dorks-to-find-bug-bounty-programs-3896014e79ce?source=rss------bug_bounty-5 | Abhijeet Kumawat | hacking, cybersecurity, google-dork, secrets, bug-bounty | 03-Mar-2025 |
Basic SSRF Against Another Back-End System | https://medium.com/@codingbolt.in/basic-ssrf-against-another-back-end-system-5f285cd83b0a?source=rss------bug_bounty-5 | codingbolt | bugs, ssrf, bug-bounty-tips, ssrf-attack, bug-bounty | 03-Mar-2025 |
My First Private Bug Bounty Invitation — The Real Game Begins | https://medium.com/@sivasankardas/my-first-private-bug-bounty-invitation-the-real-game-begins-f80af1133f25?source=rss------bug_bounty-5 | Sivasankardas | reconnaissance, hall-of-fame, cybersecurity, bug-bounty, cross-site-scripting-xss | 03-Mar-2025 |
Asset discovery with favicon hash. | https://medium.com/infosecmatrix/asset-discovery-with-favicon-hash-267cea766385?source=rss------bug_bounty-5 | loyalonlytoday | tips, favicon, programming, cybersecurity, bug-bounty | 03-Mar-2025 |
IDOR Allows Attackers to Delete Any User’s Identity Documents | IDOR | $$$$ | https://medium.com/@Bug_Slay3r/idor-allows-attackers-to-delete-any-users-identity-documents-idor-18f0cc901d16?source=rss------bug_bounty-5 | Shrujal Mandawkar | vulnerability, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs | 03-Mar-2025 |
Bug Bounty Hunting with Censys: Finding an Unsecured Elasticsearch Instance and Reporting It | https://medium.com/@hacker_might/bug-bounty-hunting-with-censys-finding-an-unsecured-elasticsearch-instance-and-reporting-it-13a619cc0b4e?source=rss------bug_bounty-5 | hacker_might | bug-bounty, reconnaissance, censys, bug-bounty-writeup, threat-intelligence | 03-Mar-2025 |
“I Missed $2,200 by Closing Burp Suite Too Fast — Here’s How You Can Avoid My Costly Mistake” | https://cybersecuritywriteups.com/i-missed-2-200-by-closing-burp-suite-too-fast-heres-how-you-can-avoid-my-costly-mistake-91dc2e1d865d?source=rss------bug_bounty-5 | Krish_cyber | bug-bounty, bug-bounty-tips, infosec-write-ups, cybersecurity, osint | 03-Mar-2025 |
How I Uncovered an Email Leak That Could Have Cost Millions | https://krishna-cyber.medium.com/how-i-uncovered-an-email-leak-that-could-have-cost-millions-66500548d0b6?source=rss------bug_bounty-5 | Krish_cyber | infosec-write-ups, information-security, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 03-Mar-2025 |
Hacking My Way to $3,000: Unmasking a Sneaky IDOR Vulnerability ️♂️ | https://cybersecuritywriteups.com/hacking-my-way-to-3-000-unmasking-a-sneaky-idor-vulnerability-%EF%B8%8F-%EF%B8%8F-06ebcb65ba9a?source=rss------bug_bounty-5 | Krish_cyber | vulnerability, osint, infosec-write-ups, hacking, bug-bounty | 03-Mar-2025 |
Local File Disclosure/.. | https://medium.com/@julius.grosserode.19/local-file-disclosure-743f88291211?source=rss------bug_bounty-5 | Julio | local-file-read, bugs, bug-bounty, directory-traversal, local-file-exposure | 03-Mar-2025 |
Discovering Sensitive Information Using GitHub Dorks | https://cyberw1ng.medium.com/discovering-sensitive-information-using-github-dorks-10fd7e032bbd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, github, careers, programming, cybersecurity | 03-Mar-2025 |
Subdomain Takeover: How I Almost Snatched a Vulnerable Subdomain (But Was Too Late!)c | https://medium.com/@AhmedSamy-X/subdomain-takeover-how-i-almost-snatched-a-vulnerable-subdomain-but-was-too-late-c-a2a0afe7b2d9?source=rss------bug_bounty-5 | Ahmedsamy | ethical-hacking, cybersecurity, bug-bounty | 03-Mar-2025 |
Discovering 3 in a Row: BAC Read-only Vulnerabilities Total $4,182 | https://medium.com/@robert0/discovering-3-in-a-row-bac-read-only-vulnerabilities-total-4-182-59c93b753eb8?source=rss------bug_bounty-5 | Mr Robert | Ahmed M Hassan | hackerone, bug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-writeup | 03-Mar-2025 |
Cross-System Communication: Injection Vulnerabilities Internals | https://kalawy.medium.com/cross-system-communication-injection-vulnerabilities-internals-19d406bb57d5?source=rss------bug_bounty-5 | Kalawy | security-research, bug-bounty, sql-injection, vulnerability, web-attack | 03-Mar-2025 |
How Reading Disclosed Bug Bounty Reports Can Make You a Better Hacker — And Even Earn You Some… | https://medium.com/@weaponshot/how-reading-disclosed-bug-bounty-reports-can-make-you-a-better-hacker-and-even-earn-you-some-45fb4d1adf4d?source=rss------bug_bounty-5 | Matyis Kong | hackerone, hacking, bugcrowd, cybersecurity, bug-bounty | 03-Mar-2025 |
Cómo TLS Pass Through Ayuda a Reducir el Ruido en Burp Suite | https://medium.com/@ArtsSEC/c%C3%B3mo-tls-pass-through-ayuda-a-reducir-el-ruido-en-burp-suite-091b2b06d165?source=rss------bug_bounty-5 | ArtsSEC | bug-bounty, pentesting, security, infosec, burpsuite | 03-Mar-2025 |
Discovering Sensitive Information Using GitHub Dorks | https://osintteam.blog/discovering-sensitive-information-using-github-dorks-10fd7e032bbd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, github, careers, programming, cybersecurity | 03-Mar-2025 |
Web Vulnerabilities 104: Dependency Confusion — When Your App Trusts the Wrong Stranger! | https://medium.com/@shadyfarouk1986/web-vulnerabilities-104-dependency-confusion-when-your-app-trusts-the-wrong-stranger-46be46fecb93?source=rss------bug_bounty-5 | Shady Farouk | bug-bounty, bugbounty-writeup | 02-Mar-2025 |
How I Found Sensitive Information Disclosure | https://medium.com/@Abhijeet_kumawat_/how-i-found-sensitive-information-disclosure-21533fb8c6d2?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, sensitive-information, white-hat-hacker, hacking, cybersecurity | 02-Mar-2025 |
Blind SQL Injection in Oracle Database: Exfiltrating Data with Burp Collaborator — SQL Injection… | https://infosecwriteups.com/blind-sql-injection-in-oracle-database-exfiltrating-data-with-burp-collaborator-sql-injection-2b8062b04d51?source=rss------bug_bounty-5 | Bash Overflow | sql-injection-oracle-db, sqli-data-exfiltration, bug-bounty, blind-sql-injection, bug-bounty-writeup | 02-Mar-2025 |
Bug Bounty Hunting — Complete Guide (Part-113) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-113-572a98bcfbe0?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, bug-bounty, bug-bounty-tips, hacking, ethical-hacking | 02-Mar-2025 |
Day 21: Full Account Takeover via Open Redirection | https://medium.com/@danielbelay/day-21-full-account-takeover-via-open-redirection-5f3ca7f0c726?source=rss------bug_bounty-5 | dani3l | bug-bounty, cybersecurity, account-takeover, account-takeover-attacks | 02-Mar-2025 |
CVE-2024–57062: The iOS App That Keeps You Logged In — Even After Uninstalling | https://medium.com/@sahildabhilkar4/cve-2024-57062-the-ios-app-that-keeps-you-logged-in-even-after-uninstalling-ecc334997b7f?source=rss------bug_bounty-5 | Sahildabhilkar | vulnerability-disclosure, cybersecurity, cve, bug-bounty, ios-security | 02-Mar-2025 |
This is The Easiest Bug You Can Find✨ | https://medium.com/@Abhijeet_kumawat_/this-is-the-easiest-bug-you-can-find-b418fade22ee?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, hacking, infosec, money, cybersecurity | 02-Mar-2025 |
Open Redirects | https://medium.com/@julius.grosserode.19/open-redirects-7337ea352c93?source=rss------bug_bounty-5 | Julio | xss-vulnerability, open-redirect, xss-attack, redirect, bug-bounty | 02-Mar-2025 |
The Idor vulnerability and its impact on users safely | https://medium.com/@Dorking1/steps-to-reproduce-the-vulnerability-df7c7c242507?source=rss------bug_bounty-5 | Dorking1 | penetration-testing, bug-bounty | 02-Mar-2025 |
I’ve just discovered a new tool that looks very promising: WPProbe, a WordPress security scanner. | https://medium.com/@bidushtripathi/ive-just-discovered-a-new-tool-that-looks-very-promising-wpprobe-a-wordpress-security-scanner-266f2da3bbac?source=rss------bug_bounty-5 | ProgHub | bug-bounty, web-development, cybersecurity, hacking, linux | 02-Mar-2025 |
TOP 10 Hacking OAuth 2.0 Techniques — Part 1 | https://medium.com/@itamar.yochpaz/top-10-hacking-oauth-2-0-techniques-part-1-107238663a03?source=rss------bug_bounty-5 | Itamar Yochpaz | penetration-testing, cybersecurity, bug-bounty, application-security, hacking | 02-Mar-2025 |
HackTheBox: APKey Mobile Challenge | https://medium.com/@k3r0/hackthebox-apkey-mobile-challenge-6e3cf5647c2d?source=rss------bug_bounty-5 | Kyrillos nady | hackthebox, bug-bounty, android, mobile, red-team | 02-Mar-2025 |
From Web Cache Poisoning to Persistent XSS — A High Severity Bug | https://medium.com/@HackerNasr/from-web-cache-poisoning-to-persistent-xss-a-high-severity-bug-87bb6c19239d?source=rss------bug_bounty-5 | HackerNasr | pentesting, bug-bounty, ethical-hacking, cybersecurity, hacking | 02-Mar-2025 |
2/30 Cryptographic Failures Bug | https://jooexploit.medium.com/2-30-cryptographic-failures-bug-3c8f9efa523e?source=rss------bug_bounty-5 | Jooexploit | bug-bounty, writeup, cryptographic | 02-Mar-2025 |
Cloud Security Roadmap | https://medium.com/offensive-black-hat-hacking-security/cloud-security-roadmap-702fdb0815ca?source=rss------bug_bounty-5 | Harshad Shah | bug-bounty, cloud-security, penetration-testing, cloud, cybersecurity | 02-Mar-2025 |
Top 10 Tools for Bug Bounty Hunting in 2025 | https://bitpanic.medium.com/top-10-tools-for-bug-bounty-hunting-in-2025-52cd7c34094d?source=rss------bug_bounty-5 | Spectat0rguy | ai-generated-content, cybersecurity, technology, programming, bug-bounty | 02-Mar-2025 |
How I Uncovered IDOR, XSS, and Full Account Takeover in a Single Hunt | https://krishna-cyber.medium.com/how-i-uncovered-idor-xss-and-full-account-takeover-in-a-single-hunt-acfce2f9a84f?source=rss------bug_bounty-5 | Krish_cyber | xss-attack, bug-bounty, hacking, idor, infosec-write-ups | 02-Mar-2025 |
Bypassing 2FA: Advanced Techniques Hackers Use & How to Stop Them | https://medium.com/@rishishakya30/bypassing-2fa-advanced-techniques-hackers-use-how-to-stop-them-4e7de384258a?source=rss------bug_bounty-5 | CodelineX Pvt Ltd | cybersecurity, bug-bounty | 02-Mar-2025 |
MongoDB Penetration Testing: A Comprehensive Guide | https://infosecwriteups.com/mongodb-penetration-testing-a-comprehensive-guide-df80d829f060?source=rss------bug_bounty-5 | Ajay Naik | information-technology, bug-bounty, information-security, cybersecurity, cyberattack | 02-Mar-2025 |
Finding a Publicly Accessible Asset Leak: How I Reported a Critical Vulnerability ##NASA | https://medium.com/@ashokpandiya71/finding-a-publicly-accessible-asset-leak-how-i-reported-a-critical-vulnerability-nasa-9fd626df59f5?source=rss------bug_bounty-5 | Ashok kumar pareek | bug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, hall-of-fame | 02-Mar-2025 |
How I Exploited an OTP Vulnerability & Reported It! $$$ | https://medium.com/@Bug_Slay3r/how-i-exploited-an-otp-vulnerability-reported-it-660da35d997a?source=rss------bug_bounty-5 | Shrujal Mandawkar | bug-bounty-writeup, vulnerability, bug-bounty-tips, bug-bounty, bugs | 02-Mar-2025 |
How to Earn Bug Bounties with GitHub: A Practical Guide for Beginners | https://cyberw1ng.medium.com/how-to-earn-bug-bounties-with-github-a-practical-guide-for-beginners-20463cf2c125?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, programming, git, cybersecurity, bug-bounty | 02-Mar-2025 |
Day 114 — Exploring Cyber Bug Bounty Programs | https://medium.com/@thecyberkid12/day-114-exploring-cyber-bug-bounty-programs-41b0cc2790fb?source=rss------bug_bounty-5 | Sushrita Swain | bug-bounty, cybersecurity | 02-Mar-2025 |
Day 113 — Exploring Bug Bounty Programs and Capture the Flag Challenges | https://medium.com/@thecyberkid12/day-113-exploring-bug-bounty-programs-and-capture-the-flag-challenges-ba4d45092e1f?source=rss------bug_bounty-5 | Sushrita Swain | cybersecurity, capture-the-flag, ctf, bug-bounty | 02-Mar-2025 |
How to Identify Sensitive Data in JavaScript Files | https://medium.com/@khalyylgam/how-to-identify-sensitive-data-in-javascript-files-b0bb7eb6d948?source=rss------bug_bounty-5 | Khalil Gammar | javascript, bug-bounty, web-exploitation | 02-Mar-2025 |
How I was able to get two account takeovers via OAuth custom scheme hijacking at the same target | https://medium.com/@AlQa3Qa3_M0X0101/how-i-was-able-to-get-two-account-takeovers-via-oauth-custom-scheme-hijacking-at-the-same-target-6a6980ebbac1?source=rss------bug_bounty-5 | Mohamed reda | bug-bounty-tips, android-security, penetration-testing, bug-bounty | 01-Mar-2025 |
HTML Injection vulnerability in Google | https://medium.com/@Abhijeet_kumawat_/html-injection-vulnerability-in-google-cb2c73ca5996?source=rss------bug_bounty-5 | Abhijeet Kumawat | money, bug-bounty, hacking, cybersecurity, infosec | 01-Mar-2025 |
Finding Exposed AWS Buckets Like a Pro! : Bug Bounty Recon | https://medium.com/@hrofficial62/finding-exposed-aws-buckets-like-a-pro-bug-bounty-recon-c193cc1f9af5?source=rss------bug_bounty-5 | Mr Horbio | cybersecurity, bug-bounty, hacking, ethical-hacking, pentesting | 01-Mar-2025 |
WordPress ‘xmlrpc.php’ (CVE-2020–28036) — old is gold | https://osintteam.blog/wordpress-xmlrpc-php-cve-2020-28036-old-is-gold-a0b9c301fbac?source=rss------bug_bounty-5 | Abhishek pawar | bug-bounty, ai, programming, wordpress, pi | 01-Mar-2025 |
Web Application Recon Guide : | https://medium.com/@zerohackerone0/web-application-recon-guide-d010e7761d85?source=rss------bug_bounty-5 | Houssam Miliani | cybersecurity, bug-bounty, hacking | 01-Mar-2025 |
Beyond the Script: Mastering Exploratory Testing Like a Pro | https://medium.com/@sajith-dilshan/beyond-the-script-mastering-exploratory-testing-like-a-pro-b78d6c7d95fb?source=rss------bug_bounty-5 | sajith dilshan | software-testing, bug-bounty, qa-engineer, qa, exploratory-testing | 01-Mar-2025 |
VPS Setup for Bug Bounty | Part2 | https://systemweakness.com/vps-setup-for-bug-bounty-part2-07005bf9aa7d?source=rss------bug_bounty-5 | AbhirupKonwar | vps-hosting, information-security, pentesting, bug-bounty, ethical-hacking | 01-Mar-2025 |
How Hackers Chain Small Bugs into a Multi-Million Dollar Exploit | https://securrtech.medium.com/how-hackers-chain-small-bugs-into-a-multi-million-dollar-exploit-1bc05dd873f9?source=rss------bug_bounty-5 | Securr - Web3 Security | smart-contract-security, web3-security, blockchain-security, smart-contract-auditing, bug-bounty | 01-Mar-2025 |
Advanced Dorking Methodology for Finding Vulnerabilities (Part 1) | https://hackersatty.medium.com/advanced-dorking-methodology-for-finding-vulnerabilities-part-1-e3564e314819?source=rss------bug_bounty-5 | hackersatty | bug-bounty-writeup, google, medium, dorks, bug-bounty | 01-Mar-2025 |
How I Bypassed OTP Verification with Response Manipulation | https://medium.com/@pentestersuresh01/how-i-bypassed-otp-verification-with-response-manipulation-98be8d594a3f?source=rss------bug_bounty-5 | Suresh S | otp-verification, bug-bounty, bug-bounty-tips, cybersecurity, bug-bounty-writeup | 01-Mar-2025 |
PUT到GET轻松收获严重漏洞 | https://medium.com/@xiaoshi666/put%E5%88%B0get%E8%BD%BB%E6%9D%BE%E6%94%B6%E8%8E%B7%E4%B8%A5%E9%87%8D%E6%BC%8F%E6%B4%9E-3d89cd29462d?source=rss------bug_bounty-5 | xiaoshi | bug-bounty, cybersecurity | 01-Mar-2025 |
easy business logic bug allowed me to install paid applications for my organization for free | https://medium.com/@youssefmohamedelgohre1/easy-business-logic-bug-allowed-me-to-install-paid-applications-for-my-organization-for-free-c992c9959910?source=rss------bug_bounty-5 | Youssef | bug-bounty-writeup, bug-hunting, business-logic, hacking, bug-bounty | 01-Mar-2025 |
P2 Blind XSS | https://medium.com/@0xchoudhary/p2-blind-xss-ff8206c45372?source=rss------bug_bounty-5 | Sushil Choudhary | hacking, hackerone, bounty-program, hackthebox, bug-bounty | 01-Mar-2025 |
Bug Bounty Hunting — Complete Guide (Part-112) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-112-a1a25826fe45?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, cybersecurity, hacking, bug-bounty-tips, ethical-hacking | 01-Mar-2025 |
Bypassing Business Logic via Race Condition: A $500 Bounty Bug | https://medium.com/@a13h1/bypassing-business-logic-via-race-condition-a-500-bounty-bug-273396b17ec4?source=rss------bug_bounty-5 | Abhi Sharma | race-condition, infosec, bug-bounty, cybersecurity, pentesting | 01-Mar-2025 |
Start Bug Bounty and earn $$$: Top Write-Ups, POCs & Tutorials | https://medium.com/@Abhijeet_kumawat_/start-bug-bounty-and-earn-top-write-ups-pocs-tutorials-9f88ef743524?source=rss------bug_bounty-5 | Abhijeet Kumawat | daily-blog, cybersecurity, infosec, bug-bounty, hacking | 01-Mar-2025 |
How Bug Bounty Programs Scam Hackers and Get Away With It! | https://siratsami71.medium.com/how-bug-bounty-programs-scam-hackers-and-get-away-with-it-175fc06ea45b?source=rss------bug_bounty-5 | Sirat Sami (analyz3r) | bug-bounty, scammer, hackerone | 01-Mar-2025 |
From Bug Bounty To Making Our Own Startup! | https://medium.com/@the.air.cyborg/from-bug-bounty-to-making-our-own-startup-4887c5627823?source=rss------bug_bounty-5 | the_air_cyborg | indie-game, enterpreneurship, startup, crowdfunding, bug-bounty | 01-Mar-2025 |
Unlock the Power of CyberEagle Scanner! | https://medium.com/@ubaidhassan/unlock-the-power-of-cybereagle-scanner-2a6a37afc648?source=rss------bug_bounty-5 | Ubaid Khan | web, bug-bounty, penetration-testing, website, ethical-hacking | 01-Mar-2025 |
⚡ Find XSS Vulnerabilities in Just 2 Minutes! ⏳ | https://cybersecuritywriteups.com/find-xss-vulnerabilities-in-just-2-minutes-ba0e312bbe22?source=rss------bug_bounty-5 | Krish_cyber | osint, xss-attack, infosec-write-ups, bug-bounty, bug-bounty-tips | 01-Mar-2025 |
Review of Security Research Articles: February 2025 | https://medium.com/meetcyber/review-of-security-research-articles-february-2025-be1791bd6761?source=rss------bug_bounty-5 | Lukasz Wierzbicki | bug-bounty, penetration-testing, security, productivity, review | 01-Mar-2025 |
The Accidental RCE: How a Simple File Upload Led to Remote Code Execution! | https://cybersecuritywriteups.com/the-accidental-rce-how-a-simple-file-upload-led-to-remote-code-execution-c3aa19d1e8f3?source=rss------bug_bounty-5 | Krish_cyber | rce-vulnerability, idor, osint, infosec-write-ups, bug-bounty | 01-Mar-2025 |
The Forgotten Google Services: Google Alerts | https://medium.com/pndsec/the-forgotten-google-services-google-alerts-74502ba9c963?source=rss------bug_bounty-5 | Erkan Kavas | bug-bounty, old, google, services | 01-Mar-2025 |
Subdomain Enumeration with BBOT: Comparative Guide to Outperform Other Tools. | https://sankalppatil12112001.medium.com/subdomain-enumeration-with-bbot-comparative-guide-to-outperform-other-tools-5a4b71b28343?source=rss------bug_bounty-5 | XoX | subdomains-enumeration, cybersecurity, hacking, bug-bounty, infosec | 01-Mar-2025 |
How a Single Vulnerability Exposed Millions! | https://medium.com/@devdharan24/how-a-single-vulnerability-exposed-millions-49fdc95f4f35?source=rss------bug_bounty-5 | DevD | hacking, security, bug-bounty, bug-bounty-writeup, cybersecurity | 01-Mar-2025 |
Exploiting PostMessage | NahamSec | https://medium.com/@julius.grosserode.19/exploiting-postmessage-nahamsec-b24cb197a299?source=rss------bug_bounty-5 | Julio | bug-bounty, iframe, postmessage, xss-attack | 01-Mar-2025 |
Firefox and Chrome extensions for bug bounty hunters. (PART 2) | https://osintteam.blog/firefox-and-chrome-extensions-for-bug-bounty-hunters-part-2-be175b813a9b?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, cybersecurity, penetration-testing, extension, tips | 01-Mar-2025 |
VPS Subdomain Monitoring | https://cybersecuritywriteups.com/vps-subdomain-monitoring-ac89050869e4?source=rss------bug_bounty-5 | AbhirupKonwar | penetration-testing, pentesting, bug-bounty-tips, bug-bounty, vps-hosting | 01-Mar-2025 |
How I Turned the Black Basta Playbook Chat Leak into $4,000 in Just 24 Hours | https://medium.com/@ibtissamhammadi/how-i-turned-the-black-basta-playbook-chat-leak-into-4-000-in-just-24-hours-de60dff8171b?source=rss------bug_bounty-5 | Ibtissam Hammadi | cybersecurity, threat-intelligence, bug-bounty, hacking, infosec | 01-Mar-2025 |
When ‘Disabled’ Isn’t Really Disabled! — Exploiting a Weird Logic Flaw to Destroy an Organization | https://som3a.medium.com/when-disabled-isn-t-really-disabled-exploiting-a-weird-logic-flaw-to-destroy-an-organization-17ad3d9542d0?source=rss------bug_bounty-5 | 0xSOM3A | cybersecurity, bug-bounty-writeup, business-logic-flaw, bug-bounty-tips, bug-bounty | 01-Mar-2025 |
Insecure Direct Object Reference (IDOR) Vulnerability: A Comprehensive Guide | https://medium.com/@shadyfarouk1986/insecure-direct-object-reference-idor-vulnerability-a-comprehensive-guide-e61b66bfb20a?source=rss------bug_bounty-5 | Shady Farouk | bugbounty-writeup, bug-bounty | 01-Mar-2025 |
$35,000 Bounty: How Inappropriate Access Control Led to GitLab Account Takeover | https://cyberw1ng.medium.com/35-000-bounty-how-inappropriate-access-control-led-to-gitlab-account-takeover-39e071b6d9cc?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, jobs, cybersecurity, programming | 01-Mar-2025 |
Time Management for Bug Hunters During Ramadan: Balancing Hacking and Life | https://medium.com/@mahdisalhi0500/time-management-for-bug-hunters-during-ramadan-balancing-hacking-and-life-1cd2bf3cea0d?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | time-management, information-security, cybersecurity, bug-bounty, infosec | 01-Mar-2025 |
$500 How I Found XSS Using ChatGPT | https://medium.com/@Abhijeet_kumawat_/500-how-i-found-xss-using-chatgpt-54b5492af41a?source=rss------bug_bounty-5 | Abhijeet Kumawat | hacking, infosec, bug-bounty, ai, chatgpt | 28-Feb-2025 |
root-me | web-server | lab-3 | HTTP — Open redirect walkthrough | https://medium.com/@ssh_fsociety/root-me-web-server-lab-3-http-open-redirect-walkthrough-25cdcfb53100?source=rss------bug_bounty-5 | Sarthak Dukare (ssh_fsociety) | bug-bounty, cybersecurity, web-application-security, infosec, penetration-testing | 28-Feb-2025 |
CSRF in 2025: “Solved” But Still Bypassable | https://infosecwriteups.com/csrf-in-2025-solved-but-still-bypassable-942ca382ab77?source=rss------bug_bounty-5 | Vivek PS | web-development, cybersecurity, programming, hacking, bug-bounty | 28-Feb-2025 |
Finding an api key in a .js file in the comments | https://infosecwriteups.com/finding-an-api-key-in-a-js-file-in-the-comments-67b30af1d451?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, tips | 28-Feb-2025 |
Find related files to your bug bounty target | https://infosecwriteups.com/find-related-files-to-your-bug-bounty-target-4752d769eecc?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, cybersecurity, tips, programming, penetration-testing | 28-Feb-2025 |
Day 20: Admin Account Takeover via Weird Password Reset Functionality | https://medium.com/@danielbelay/day-20-admin-account-takeover-via-weird-password-reset-functionality-33afb15fa4c0?source=rss------bug_bounty-5 | dani3l | account-takeover, ethical-hacking, cybersecurity, bug-bounty, bug-bounty-tips | 28-Feb-2025 |
Best VPS for Bug Bounty & Pentesting | https://medium.com/meetcyber/best-vps-for-bug-bounty-pentesting-2b556c375f28?source=rss------bug_bounty-5 | AbhirupKonwar | vps-hosting, bug-bounty-tips, penetration-testing, pentesting, bug-bounty | 28-Feb-2025 |
OWASP Mobile Top 10 | M3: Insecure Authentication/Authorization | https://z0enix.medium.com/owasp-mobile-top-10-m3-insecure-authentication-authorization-7b94b8f23fc3?source=rss------bug_bounty-5 | Mohamed Hamadou | technology, owasp, bug-bounty, hacking, cybersecurity | 28-Feb-2025 |
The Road to CRTP Cert — Part 22 | https://medium.com/@dineshkumaar478/the-road-to-crtp-cert-part-22-f2a3d956448a?source=rss------bug_bounty-5 | Dineshkumaar R | bug-bounty, security, cybersecurity, crtp-exam, offensive-security | 28-Feb-2025 |
Severity vs. Priority in Software Testing: Key Differences & Best Practices | https://medium.com/@shaktisinghQA/severity-vs-priority-in-software-testing-key-differences-best-practices-eae4e5984616?source=rss------bug_bounty-5 | Shakti Singh | bugs, bug-bounty, priority-queue, qa, testing | 28-Feb-2025 |
Hacking Netflix for $$$ — Stored XSS + IDOR to Session Hijacking & Account Takeover | https://medium.com/@mares.viktor/hacking-netflix-for-stored-xss-idor-to-session-hijacking-account-takeover-9ba1cdeabbf8?source=rss------bug_bounty-5 | Viktor Mares | ethical-hacking, bug-bounty, cybersecurity, netflix, penetration-testing | 28-Feb-2025 |
A Deep Dive into Open Port Vulnerabilities in Websites | https://medium.com/@sahilchangede2003/a-deep-dive-into-open-port-vulnerabilities-in-websites-b324b9edb8ae?source=rss------bug_bounty-5 | 38_Sahil _Changede | cybersecurity, bug-bounty, cybercrime, education, cyber-security-awareness | 28-Feb-2025 |
How to Find Your First Bug and Earn Your First Bounty | https://medium.com/@Abhijeet_kumawat_/how-to-find-your-first-bug-and-earn-your-first-bounty-c2d6572eed53?source=rss------bug_bounty-5 | Abhijeet Kumawat | cybersecurity, money, bug-bounty, infosec, hacking | 28-Feb-2025 |
بسم الله الرحمن الرحيم | https://medium.com/@dark_zone/%D8%A8%D8%B3%D9%85-%D8%A7%D9%84%D9%84%D9%87-%D8%A7%D9%84%D8%B1%D8%AD%D9%85%D9%86-%D8%A7%D9%84%D8%B1%D8%AD%D9%8A%D9%85-acec5d231cf3?source=rss------bug_bounty-5 | darkzone | bug-bounty-tips, bug-bounty | 28-Feb-2025 |
Natural Ways to Repel Flower-Eating Bugs | https://medium.com/@deepakbhardwaj23091994/natural-ways-to-repel-flower-eating-bugs-047a9085a74b?source=rss------bug_bounty-5 | Mysticbhard | eating-bugs, bug-bounty-tips, flowers, bugs, bug-bounty | 28-Feb-2025 |
Useless P5 path traversal to RCE ☠️ | https://medium.com/@Hossam.Mesbah/useless-p5-path-traversal-to-rce-%EF%B8%8F-d2c8d3b169e2?source=rss------bug_bounty-5 | Hossam Mesbah | bug-bounty, bug-hunting, vulnerability-management, cybersecurity, penetration-testing | 28-Feb-2025 |
Scan React Native APKs for Vulnerable npm Dependencies in 2 Minutes! | https://splitunknown.medium.com/scan-react-native-apks-for-vulnerable-npm-dependencies-in-2-minutes-7579df6fe852?source=rss------bug_bounty-5 | JAY BHATT | bug-bounty, android-hacking-tool, android-reversing, reverse-engineering, bug-bounty-tips | 28-Feb-2025 |
CORS (Cross-Origin Resource Sharing) | https://medium.com/@julius.grosserode.19/cors-cross-origin-resource-sharing-53b4d5840f92?source=rss------bug_bounty-5 | Julio | cors, cross-origin, bug-bounty, cookies | 28-Feb-2025 |
The Art of Recon: Hunting Bugs Before They Hide — Part Two (Unleashed) | https://zeusvuln.medium.com/the-art-of-recon-hunting-bugs-before-they-hide-part-two-unleashed-227fbd5216b5?source=rss------bug_bounty-5 | ZeUsVuLn | bug-bounty-tips, bugs, cybersecurity, hacking, bug-bounty | 28-Feb-2025 |
How I Discovered a P2 Level Sensitive Data Exposure Bug in a Web3 Platform | https://cybersecuritywriteups.com/how-i-discovered-a-p2-level-sensitive-data-exposure-bug-in-a-web3-platform-4562fcbe655e?source=rss------bug_bounty-5 | Guru Prasad Pattanaik | ethical-hacking, bug-bounty-writeup, bug-bounty-tips, cybersecurity, bug-bounty | 28-Feb-2025 |
Bug Bounty Hunting — Complete Guide (Part-111) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-111-3cd2067c4ec7?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-tips, hacking, ethical-hacking, cybersecurity, bug-bounty | 28-Feb-2025 |
Exploiting WebView Vulnerabilities: Bypassing SOP to Access Internal App Files | https://medium.com/@k3r0/exploiting-webview-vulnerabilities-bypassing-sop-to-access-internal-app-files-2d95529c0293?source=rss------bug_bounty-5 | Kyrillos nady | android, mobile-app-development, red-team, bug-bounty, pentesting | 28-Feb-2025 |
10 Automation Tricks to Uncover SSRF Flaws | https://cyberw1ng.medium.com/10-automation-tricks-to-uncover-ssrf-flaws-8154529e35b4?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | programming, careers, cybersecurity, jobs, bug-bounty | 28-Feb-2025 |
How I Could Access Anyone’s College Subscription — IDOR Strikes Again! | https://medium.com/@shxsu1/how-i-could-access-anyones-college-subscription-idor-strikes-again-a4ea7c30f165?source=rss------bug_bounty-5 | shxsu1 | ethical-hacking, bug-bounty, hackerone, idor | 28-Feb-2025 |
10 Automation Tricks to Uncover SSRF Flaws | https://osintteam.blog/10-automation-tricks-to-uncover-ssrf-flaws-8154529e35b4?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | programming, careers, cybersecurity, jobs, bug-bounty | 28-Feb-2025 |
How to Find XSS Vulnerabilities in React JS Websites | https://medium.com/h7w/how-to-find-xss-vulnerabilities-in-react-js-websites-46f843bb932e?source=rss------bug_bounty-5 | Rendiero | bug-bounty, secure-coding, reactjs, xss-vulnerability, web-security | 27-Feb-2025 |
How I Found an Open Redirect Vulnerability Easily (Worth $500!) | https://medium.com/@Abhijeet_kumawat_/how-i-found-an-open-redirect-vulnerability-easily-worth-500-44cda132819b?source=rss------bug_bounty-5 | Abhijeet Kumawat | cybersecurity, open-redirect, bug-bounty, hacking, infosec | 27-Feb-2025 |
$1000–$25k worth API Bug Attack & Chaining Strategies | https://infosecwriteups.com/1000-25k-worth-api-bug-attack-chaining-strategies-ded4121b5791?source=rss------bug_bounty-5 | It4chis3c | secrets, chaining-vulnerabilities, bug-bounty, api, api-attack | 27-Feb-2025 |
Sensitive Information Disclosure on Out of scope domain Bug Bounty Writeup ($$$ USD Reward ) | https://medium.com/@rushikeshchaudhari124/sensitive-information-disclosure-on-out-of-scope-domain-bug-bounty-writeup-usd-reward-58adec34acfb?source=rss------bug_bounty-5 | Rushikesh chaudhari | information-disclosure, bug-bounty, responsible-disclosure, hacking | 27-Feb-2025 |
Bug Bounty Methodology (Part 1: Basic) | https://hackersatty.medium.com/bug-bounty-methodology-part-1-basic-ee4f3f7a4f81?source=rss------bug_bounty-5 | hackersatty | bug-bounty-tips, subdomains-enumeration, medium, bug-bounty, bug-bounty-writeup | 27-Feb-2025 |
Finding an easy bug in the profile picture field. | https://infosecwriteups.com/finding-an-easy-bug-in-the-profile-picture-field-122a7aca2b42?source=rss------bug_bounty-5 | loyalonlytoday | bugs, bug-bounty, hacking, cybersecurity, programming | 27-Feb-2025 |
I Found an XSS vulnerability in QuickRide — Here’s how you can too! | https://infosecwriteups.com/i-found-an-xss-vulnerability-in-quickride-heres-how-you-can-too-9606203d9e53?source=rss------bug_bounty-5 | Vivek PS | bug-bounty-tips, cybersecurity, bug-bounty, programming, hacking | 27-Feb-2025 |
OWASP Mobile Top 10 | M2: Inadequate Supply Chain Security ⛓ | https://z0enix.medium.com/owasp-mobile-top-10-m2-inadequate-supply-chain-security-771edd9ec109?source=rss------bug_bounty-5 | Mohamed Hamadou | mobile, bug-bounty, hacking, security, owasp | 27-Feb-2025 |
Earn $500-$2000 in WordPress website Bug-Bounty Program. | https://medium.com/@anandrishav2228/earn-500-2000-in-wordpress-website-bug-bounty-program-4351eb6ce647?source=rss------bug_bounty-5 | Rishav anand | money, cybersecurity, bug-bounty, hacking, wordpress | 27-Feb-2025 |
How To Discover Hidden Endpoints️♂️ | https://medium.com/@Abhijeet_kumawat_/how-to-discover-hidden-endpoints-%EF%B8%8F-%EF%B8%8F-ac9356dec1d2?source=rss------bug_bounty-5 | Abhijeet Kumawat | bug-bounty, hacking, cybersecurity, socrates, infosec | 27-Feb-2025 |
The Only Guide You Need to Find XSS Like a Pro | https://sudosuraj.medium.com/the-only-guide-you-need-to-find-xss-like-a-pro-c337588f9da3?source=rss------bug_bounty-5 | sudosuraj | bug-bounty-writeup, xss-vulnerability, sudosuraj, bug-bounty, bug-bounty-tips | 27-Feb-2025 |
How to URLing for Bug Bounties -Mastering URLs : Edition 2025 | https://kongsec.medium.com/how-to-urling-for-bug-bounties-mastering-urls-edition-2025-a9dca9e2a97f?source=rss------bug_bounty-5 | Kongsec | bugcrowd, hackerone, bug-bounty-tips, kongsec, bug-bounty | 27-Feb-2025 |
Bypassing Email Checks to Access Private Support Chats | https://medium.com/@rahulgairola/bypassing-email-checks-to-access-private-support-chats-c2895b1c9ef2?source=rss------bug_bounty-5 | Rahul Gairola | bug-bounty-writeup, bug-bounty, bug-bounty-tips, security | 27-Feb-2025 |
How I Hacked HackerOne’s 2FA in 2 Minutes for $50,000 | https://medium.com/@ibtissamhammadi/how-i-hacked-hackerones-2fa-in-2-minutes-for-50-000-13892c888657?source=rss------bug_bounty-5 | Ibtissam Hammadi | cybersecurity, hacking, hackerone, bug-bounty-tips, bug-bounty | 27-Feb-2025 |
A Logical Bug That Slipped Through | https://infosecwriteups.com/a-logical-bug-that-slipped-through-792b90850e72?source=rss------bug_bounty-5 | callgh0st | bug-bounty, burpsuite, genocide, logic, hacking | 27-Feb-2025 |
Best Hackers Channels on Internet Worth Following! #2 | https://medium.com/@doby4535/best-hackers-channels-on-internet-worth-following-2-9fe4458b3a50?source=rss------bug_bounty-5 | Dobysec | ethical-hacking, bug-bounty, penetration-testing, hacking, cybersecurity | 27-Feb-2025 |
How I Discovered 5 XSS Vulnerabilities and Built an Automated XSS Scanner | https://medium.com/@youssefhussein212103168/how-i-discovered-5-xss-vulnerabilities-and-built-an-automated-xss-scanner-4b357423ae61?source=rss------bug_bounty-5 | Youssefhussein | xss-attack, bug-bounty, xss-vulnerability, penetration-testing, cybersecurity | 27-Feb-2025 |
How to Find More IDORs (Insecure Direct Object References) | https://medium.com/@verylazytech/how-to-find-more-idors-insecure-direct-object-references-fcabeac2f880?source=rss------bug_bounty-5 | Very Lazy Tech | oscp, ethical-hacking, idor, bug-bounty, penetration-testing | 27-Feb-2025 |
How I Found an HTML Injection in a Bug Bounty Program | https://medium.com/@muhammedgalal66/how-i-found-an-html-injection-in-a-bug-bounty-program-81d1a9cdcfb6?source=rss------bug_bounty-5 | Dg0x6 | bugs, html, xss-attack, html-injection, bug-bounty | 27-Feb-2025 |
Restricted? Not Anymore! Exploiting a Simple race condition Flaw | https://0xmatrix.medium.com/restricted-not-anymore-exploiting-a-simple-race-condition-flaw-2adaefd45f6f?source=rss------bug_bounty-5 | Mo2men Elmady | cybersecurity, bug-bounty-tips, bug-bounty, hacking, penetration-testing | 27-Feb-2025 |
Critical phpMyAdmin Authentication Bypass via Shodan Dorking | https://medium.com/@youssefhussein212103168/critical-phpmyadmin-authentication-bypass-via-shodan-dorking-9bf664d053f7?source=rss------bug_bounty-5 | Youssefhussein | dorking, unauthorized-access, shodan, authentication-bypass, bug-bounty | 27-Feb-2025 |
Account Takeover on Hackerone using Token leakage | https://infosecwriteups.com/account-takeover-on-hackerone-using-token-leakage-407dcf862679?source=rss------bug_bounty-5 | Mr Horbio | bug-bounty, cybersecurity, hackerone, hacking, pentesting | 27-Feb-2025 |
Information Disclosure — The Hidden Risk in Public Reports! | https://medium.com/@momenrezkk90/information-disclosure-the-hidden-risk-in-public-reports-fd4ca13fd658?source=rss------bug_bounty-5 | MOAMEN REZK | cybersecurity, bug-bounty, security, bug-bounty-writeup, bug-bounty-tips | 27-Feb-2025 |
How I Discovered a High-Severity Information Disclosure via GitHub Dorking | https://medium.com/@youssefhussein212103168/how-i-discovered-a-high-severity-information-disclosure-via-github-dorking-f2a781c0a63d?source=rss------bug_bounty-5 | Youssefhussein | api, pentesting, penetration-testing, cybersecurity, bug-bounty | 27-Feb-2025 |
How I Found an IDOR Vulnerability and Accessed 100000+ User Details and got $$$ Bounty | https://harshbardhanx.medium.com/how-i-found-an-idor-vulnerability-and-accessed-100000-user-details-and-got-bounty-3f2faf8642cf?source=rss------bug_bounty-5 | Harsh Bardhan | bug-bounty-writeup, cybersecurity, bugs, bug-bounty, bug-bounty-tips | 27-Feb-2025 |
“65 Euros for an Account Deletion Fail — When Deleted Doesn’t Mean Deleted” | https://balook.medium.com/65-euros-for-an-account-deletion-fail-when-deleted-doesnt-mean-deleted-a6fb055a98ae?source=rss------bug_bounty-5 | baluz | bug-bounty, hacking | 27-Feb-2025 |
Account Takeover via Duplicate Registration — A 1500 Euro Jackpot | https://balook.medium.com/account-takeover-via-duplicate-registration-a-1500-euro-jackpot-2912c23b3ac4?source=rss------bug_bounty-5 | baluz | bug-bounty, web-apps, hacking, security | 27-Feb-2025 |
Introduction | https://balook.medium.com/introduction-92e0de28f23a?source=rss------bug_bounty-5 | baluz | hacking, bug-bounty, security | 27-Feb-2025 |
0-Click Admin Account Takeover in Netflix Dispatch Project | https://ltsirkov.medium.com/0-click-admin-account-takeover-in-netflix-dispatch-project-feec37326004?source=rss------bug_bounty-5 | Lyubomir Tsirkov | vulnerability, hackerone, cybersecurity, bug-bounty | 27-Feb-2025 |
JavaScript Enumeration for Bug Bounties: Expose Hidden Endpoints & Secrets Like a Pro! | https://myselfakash20.medium.com/javascript-enumeration-for-bug-bounties-expose-hidden-endpoints-secrets-like-a-pro-418c2aec318f?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty, programming, bug-bounty-writeup, bug-bounty-tips, cybersecurity | 27-Feb-2025 |
Bug Bounty Hunting — Complete Guide (Part-110) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-110-1cb2a3f076ae?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, bug-bounty, hacking, bug-bounty-tips, cybersecurity | 27-Feb-2025 |
25,000$ Bounty — Simple SSRF Led to AWS Credentials Exposure | https://cyberw1ng.medium.com/25-000-bounty-simple-ssrf-led-to-aws-credentials-exposure-a6938e0875f9?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, programming, cybersecurity, jobs, careers | 27-Feb-2025 |
Admin Account Takeover in Netflix Dispatch Project | https://ltsirkov.medium.com/0-click-admin-account-takeover-in-netflix-dispatch-project-feec37326004?source=rss------bug_bounty-5 | Lyubomir Tsirkov | vulnerability, hackerone, cybersecurity, bug-bounty | 27-Feb-2025 |
Hands-On Web Exploitation Course by NahamSec | https://medium.com/@julius.grosserode.19/hands-on-web-exploitation-course-by-nahamsec-8807aad7de58?source=rss------bug_bounty-5 | Julio | hacking-hub, web-hacking, bug-bounty, ctf-walkthrough, bugbounty-tips | 27-Feb-2025 |
CSRF | NahamSec Course | https://medium.com/@julius.grosserode.19/csrf-nahamsec-course-f04b49eca048?source=rss------bug_bounty-5 | Julio | self-xss, bug-bounty, csrf-protection, csrf-token, csrf | 27-Feb-2025 |
SQL Injection Unleashed: How I Learned to Hack (and Protect) Databases | https://osintteam.blog/sql-injection-unleashed-how-i-learned-to-hack-and-protect-databases-6cd2eb572992?source=rss------bug_bounty-5 | Abhishek pawar | hacking, cybersecurity, programming, bug-bounty, sql | 26-Feb-2025 |
How This $999 XSS Bug Bounty Was Found in Just 17 Minutes | https://infosecwriteups.com/how-this-999-xss-bug-bounty-was-found-in-just-17-minutes-71677d61c2c6?source=rss------bug_bounty-5 | Ibtissam Hammadi | hacking, bug-bounty, cybersecurity, web-security, programming | 26-Feb-2025 |
✨$500 HTML Injection in Snapchat | https://medium.com/@Abhijeet_kumawat_/500-html-injection-in-snapchat-9513accc6634?source=rss------bug_bounty-5 | Abhijeet Kumawat | cybersecurity, infosec, hacking, snapchat, bug-bounty | 26-Feb-2025 |
$500-$20k worth GraphQL Vulnerabilities | Advanced Tips & Tricks | https://it4chis3c.medium.com/500-20k-worth-graphql-vulnerabilities-advanced-tips-tricks-74e8f4679b91?source=rss------bug_bounty-5 | It4chis3c | attack, graphql-vulnerability, bug-bounty, graphql, secrets | 26-Feb-2025 |
WaybackURLs for Bug Bounty: How to Find Hidden Vulnerabilities & Sensitive Data | https://hackersatty.medium.com/waybackurls-for-bug-bounty-how-to-find-hidden-vulnerabilities-sensitive-data-aea579849c4d?source=rss------bug_bounty-5 | hackersatty | waybackurls, bug-bounty, hackerone, medium, wayback-machine | 26-Feb-2025 |
Simple Staking V2 Public test | https://medium.com/tokamak-network/simple-staking-v2-public-test-7eec1e137ed8?source=rss------bug_bounty-5 | Jason | news, public-test, bug-bounty, tokamak-network, staking | 26-Feb-2025 |
How i Hacked the Windows machine. | https://medium.com/@anandrishav2228/how-i-hacked-the-windows-machine-9c4b08b3d8be?source=rss------bug_bounty-5 | Rishav anand | hacking, bug-bounty, money, cybersecurity, red-team | 26-Feb-2025 |
CVE-2025–1094: PostgreSQL Injection Vulnerability Exploit | https://infosecwriteups.com/cve-2025-1094-postgresql-sql-injection-vulnerability-exploit-2acf37ae399a?source=rss------bug_bounty-5 | Ajay Naik | penetration-testing, security, cybersecurity, bug-bounty, information-security | 26-Feb-2025 |
Bug Bounty is Broken: How Some Researchers Are Earning Money Without Hacking | https://medium.com/@dasmanish6176/bug-bounty-is-broken-how-some-researchers-are-earning-money-without-hacking-c4155f58d49c?source=rss------bug_bounty-5 | Dasmanish | bug-bounty, ethical-hacking, cybersecurity, sensitive-data, hackerone | 26-Feb-2025 |
OWASP Mobile Top 10 | M1: Improper Credential Usage | https://z0enix.medium.com/owasp-mobile-top-10-m1-improper-credential-usage-bf6ee99eed69?source=rss------bug_bounty-5 | Mohamed Hamadou | mobile, cybersecurity, hacking, penetration-testing, bug-bounty | 26-Feb-2025 |
Full Customer DB dump in Service Now and they called it “Medium Risk” — what a joke | https://fdzdev.medium.com/full-customer-db-dump-in-service-now-and-they-called-it-medium-risk-what-a-joke-b9b31cd48172?source=rss------bug_bounty-5 | Facundo Fernandez | hacking, data-breach, vulnerability, penetration-testing, bug-bounty | 26-Feb-2025 |
AI Agent Vulnerabilities: Structural Flaws and Exploiting Co-Pilots — A Firsthand Account. | https://medium.com/@Logon_thepage/ai-agent-vulnerabilities-structural-flaws-and-exploiting-co-pilots-a-firsthand-account-70f4b221f93d?source=rss------bug_bounty-5 | Logon_thepage | vulnerability-assessment, co-pilot, bug-bounty, ai-agent | 26-Feb-2025 |
How One Photo Can Unlock Sensitive Information | https://medium.com/@aalgohary950/how-one-photo-can-unlock-sensitive-information-6d65ae982cae?source=rss------bug_bounty-5 | KhopeshH4x | penetration-testing, information-disclosure, data-lake, bug-bounty-tips, bug-bounty | 26-Feb-2025 |
MISCONCEPTION: “ETHICAL HACKERS CAN NEVER BE TRUSTED 100%” | https://medium.com/@hackrate/misconception-ethical-hackers-can-never-be-trusted-100-a11566fa2f4e?source=rss------bug_bounty-5 | Levente Molnar | bug-bounty-tips, penetration-testing, bug-bounty, ethical-hacking, cybersecurity | 26-Feb-2025 |
Bypassing AWS S3 Bucket Restrictions: Security Testing Techniques | https://infosecwriteups.com/bypassing-aws-s3-bucket-restrictions-security-testing-techniques-63fe75aa9ff8?source=rss------bug_bounty-5 | Ajay Naik | bug-bounty, penetration-testing, information-security, security-testing, cybersecurity | 26-Feb-2025 |
Maximize Your Bug Bounty Earnings: Automate Endpoint Discovery & Find High-Impact Vulnerabilities | https://hackersatty.medium.com/maximize-your-bug-bounty-earnings-automate-endpoint-discovery-find-high-impact-vulnerabilities-c9a530445e97?source=rss------bug_bounty-5 | hackersatty | medium, waybackurls, bug-bounty, wayback-machine, bug-bounty-writeup | 26-Feb-2025 |
The Vending Machine Hack: How I Outsmarted a Snack Dispenser! | https://krishna-cyber.medium.com/the-vending-machine-hack-how-i-outsmarted-a-snack-dispenser-033eab2e65d6?source=rss------bug_bounty-5 | Krish_cyber | hacking, bug-bounty, cybersecurity, iot, vending-machines | 26-Feb-2025 |
$100-$20k worth Stored XSS Vulnerability | Hidden Methods | https://infosecwriteups.com/100-20k-worth-stored-xss-vulnerability-hidden-methods-e56fe57437c4?source=rss------bug_bounty-5 | It4chis3c | bypass, secrets, stored-xss, xss-attack, bug-bounty | 26-Feb-2025 |
The $900 Bug: How I Cashed In with SSRF & LFI Hacks | https://cybersecuritywriteups.com/the-900-bug-how-i-cashed-in-with-ssrf-lfi-hacks-a2c1e8bb159f?source=rss------bug_bounty-5 | Krish_cyber | bug-bounty, bugs, hacking, info-sec-writeups, osint | 26-Feb-2025 |
Bypassing Authentication in Keycloak — A Deep Dive into Our Discovery | https://bensaad0.medium.com/bypassing-authentication-in-keycloak-a-deep-dive-into-our-discovery-40d89f2b5d45?source=rss------bug_bounty-5 | 0xBen | cybersecurity, bug-bounty | 26-Feb-2025 |
How I Turned Limited Access Into a $6,500 RCE Bounty | https://medium.com/@ibtissamhammadi/how-i-turned-limited-access-into-a-6-500-rce-bounty-75cfb2344806?source=rss------bug_bounty-5 | Ibtissam Hammadi | technology, bug-bounty, cybersecurity, hacking, 404 | 26-Feb-2025 |
No Finger? No Problem! iOS Biometrics Bypassed: Bug Bounty Win! | https://medium.com/@pandurangisuprit/no-finger-no-problem-ios-biometrics-bypassed-bug-bounty-win-f17bf619a089?source=rss------bug_bounty-5 | Suprit Pandurangi | ios, cybersecurity, biometrics, bug-bounty, bypass | 26-Feb-2025 |
JUST CRASHED SYSTEM USING IMAGE AND GOT BOUNTY $ 500 | https://medium.com/@hrofficial62/just-crashed-system-using-image-and-got-bounty-500-eb30dc4b85a5?source=rss------bug_bounty-5 | Mr Horbio | bug-bounty, cybersecurity, ethical-hacking, hacking, pentesting | 26-Feb-2025 |
How to Perform Information Gathering Using Google Dorking | https://medium.com/@vipulsonule71/how-to-perform-information-gathering-using-google-dorking-c89c33f48ccc?source=rss------bug_bounty-5 | Vipul Sonule | penetration-testing, cybersecurity, ethical-hacking, hacking, bug-bounty | 26-Feb-2025 |
S3 Bucket Recon: Finding Exposed AWS Buckets Like a Pro! | https://infosecwriteups.com/s3-bucket-recon-finding-exposed-aws-buckets-like-a-pro-106be5ab9e1d?source=rss------bug_bounty-5 | coffinxp | aws, bug-bounty-tips, amazon-web-services, technology, bug-bounty | 26-Feb-2025 |
When a Tiny Sensitive Leak Gave Me a Big $$$ Surprise️ | https://medium.com/@iski/when-a-tiny-sensitive-leak-gave-me-a-big-surprise-%EF%B8%8F-a5feb54d8d82?source=rss------bug_bounty-5 | Iski | bug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, p1-bug | 26-Feb-2025 |
Project : Recuzzer | https://medium.com/@nevildomain/project-recuzzer-d5a63c195605?source=rss------bug_bounty-5 | Mayh_m | python, security-tool, tools, penetration-testing, bug-bounty | 26-Feb-2025 |
Manual Exploitation SQL Injection CTF LAB | https://medium.com/@hay.chrifi/manual-exploitation-sql-injection-ctf-lab-92180f06a710?source=rss------bug_bounty-5 | Hayham Chrifi | ethical-hacking, offensive-security, ctf-writeup, bug-bounty | 26-Feb-2025 |
The $500 Cache Trick: How I Turned Cache Deception into Cold, Hard Cash! | https://osintteam.blog/the-500-cache-trick-how-i-turned-cache-deception-into-cold-hard-cash-13a49a2a6d78?source=rss------bug_bounty-5 | Krish_cyber | careers, jobs, bug-bounty, cybersecurity, programming | 26-Feb-2025 |
Bug Bounty Hunting — Complete Guide (Part-109) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-109-1840bb5bf3e0?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, cybersecurity, hacking, bug-bounty-tips, bug-bounty | 26-Feb-2025 |
Cloud Reconnaissance: How to Gather Information from Cloud Services | https://cyberw1ng.medium.com/cloud-reconnaissance-how-to-gather-information-from-cloud-services-34b2e9d42ea0?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, programming, jobs, bug-bounty, careers | 26-Feb-2025 |
How to Hack a Website | https://medium.com/@vipulsonule71/how-to-hack-a-website-1685484b8c6d?source=rss------bug_bounty-5 | Vipul Sonule | cybersecurity, bug-bounty, penetration-testing, hacking, technology | 26-Feb-2025 |
Don’t miss this while working on a bounty target! | https://medium.com/@sb12121111/dont-miss-this-while-working-on-a-bounty-target-fa8c8368129c?source=rss------bug_bounty-5 | Sadra Bakhtiari | security-research, ethical-hacking, cybersecurity, bug-bounty, web-security | 26-Feb-2025 |
JUST CRASHED SYSTEM USING IMAGE AND GOT BOUNTY $ 500 | https://infosecwriteups.com/just-crashed-system-using-image-and-got-bounty-500-eb30dc4b85a5?source=rss------bug_bounty-5 | Mr Horbio | bug-bounty, cybersecurity, ethical-hacking, hacking, pentesting | 26-Feb-2025 |
How I found clickjacking vulnerability on a bounty target | https://medium.com/@sb12121111/how-i-found-clickjacking-vulnerability-on-a-bounty-target-fe823f352e36?source=rss------bug_bounty-5 | Sadra Bakhtiari | web-security, bug-bounty, cybersecurity, ethical-hacking, security-research | 25-Feb-2025 |
Best Browser Extensions for Bug Bounty Hunters (Chrome & Firefox) | https://medium.com/@ajudeb55/best-browser-extensions-for-bug-bounty-hunters-chrome-firefox-644c3470359f?source=rss------bug_bounty-5 | Aju Deb | cybersecurity, bug-bounty, technology, pentesting, programming | 25-Feb-2025 |
How I Earned My First Bug Bounty: POST BASED REFLECTED XSS | https://medium.com/@noorvb5/how-i-earned-my-first-bug-bounty-post-based-reflected-xss-570d0e89961d?source=rss------bug_bounty-5 | MohammedNoor Ebdah | bug-bounty | 25-Feb-2025 |
$100 Bounty: Username Restriction Bypassed | https://medium.com/@Abhijeet_kumawat_/100-bounty-username-restriction-bypassed-30f5c057c810?source=rss------bug_bounty-5 | Abhijeet Kumawat | cybersecurity, hacking, make-money, infosec, bug-bounty | 25-Feb-2025 |
$100-$20k worth Account Takeover Vulnerability | Hidden Practical Steps | https://it4chis3c.medium.com/100-20k-worth-account-takeover-vulnerability-hidden-practical-steps-fd5dd1c8a491?source=rss------bug_bounty-5 | It4chis3c | account-takeover-attacks, bug-bounty, secrets, advanced, account-takeover | 25-Feb-2025 |
Extracting DOM XSS Vulnerabilities from JavaScript Files | https://z0enix.medium.com/extracting-dom-xss-vulnerabilities-from-javascript-files-606b0d888740?source=rss------bug_bounty-5 | Mohamed Hamadou | hacking, penetration-testing, bug-bounty, security | 25-Feb-2025 |
How I Made $1000+ from a Simple XSS Bug — My Bug Bounty Journey | https://krishna-cyber.medium.com/how-i-made-1000-from-a-simple-xss-bug-my-bug-bounty-journey-82283becb91b?source=rss------bug_bounty-5 | Krish_cyber | bug-bounty-tips, osint, bug-bounty, xss-attack, infosec | 25-Feb-2025 |
PostgreSQL Penetration Testing: A Comprehensive Guide | https://infosecwriteups.com/postgresql-penetration-testing-a-comprehensive-guide-33d21c4dceba?source=rss------bug_bounty-5 | Ajay Naik | security, information-security, cybersecurity, bug-bounty, penetration-testing | 25-Feb-2025 |
How I Discovered a Facebook Privacy Loophole and Earned $1000 | https://infosecwriteups.com/how-i-discovered-a-facebook-privacy-loophole-and-earned-1000-44318d196bfc?source=rss------bug_bounty-5 | Vivek PS | bug-bounty, hacking, cybersecurity, bug-bounty-tips, programming | 25-Feb-2025 |
Android Security Vulnerabilities and Exploitation | https://infosecwriteups.com/android-security-vulnerabilities-and-exploitation-4ef95e970e2f?source=rss------bug_bounty-5 | Ajay Naik | bug-bounty, penetration-testing, information-technology, cybersecurity, android | 25-Feb-2025 |
Mastering Subdomain Enumeration | https://infosecwriteups.com/mastering-subdomain-enumeration-05fa958567cd?source=rss------bug_bounty-5 | Monika sharma | penetration-testing, technology, bug-bounty-tips, hacking, bug-bounty | 25-Feb-2025 |
Part 1- Exploiting Content Injection & Info Disclosure: A High-Impact Bug Worth Big Rewards! | https://hackersatty.medium.com/part-1-exploiting-content-injection-info-disclosure-a-high-impact-bug-worth-big-rewards-34a25519ecc7?source=rss------bug_bounty-5 | hackersatty | owasp-top-10, medium, hackerone, bug-bounty-tips, bug-bounty | 25-Feb-2025 |
Bypassing IP-Based OTP rate limits: A Bug bounty hunter’s guide | https://infosecwriteups.com/bypassing-ip-based-otp-rate-limits-a-bug-bounty-hunters-guide-16ce8a1f2c71?source=rss------bug_bounty-5 | Vivek PS | programming, bug-bounty-tips, cybersecurity, hacking, bug-bounty | 25-Feb-2025 |
A simple tool for GitHub Dorking that will be helpful in your bug bounty journey. | https://infosecwriteups.com/a-simple-tool-for-github-dorking-that-will-be-helpful-in-your-bug-bounty-journey-d1720c15fc6d?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty-tips, cybersecurity, hacking, bug-bounty, tips | 25-Feb-2025 |
Bug Bounty Hunting — Complete Guide (Part-72) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-72-6c721aa447b0?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, ethical-hacking, hacking, bug-bounty, skills | 25-Feb-2025 |
How to Find P3 Bugs in Bug Bounty | https://medium.com/@vipulsonule71/how-to-find-p3-bugs-in-bug-bounty-07eee36e4696?source=rss------bug_bounty-5 | Vipul Sonule | bug-bounty, cybersecurity, technology, hacking, ai | 25-Feb-2025 |
TryHackMe|Gobuster: The Basics Write Up (setup troubleshooting) | https://medium.com/@Adhiyan24/tryhackme-gobuster-the-basics-write-up-setup-troubleshooting-5b0a3f0f48c4?source=rss------bug_bounty-5 | Adhiyan | tryhackme, troubleshooting, bug-bounty, gobuster, hacking | 25-Feb-2025 |
Mass Assignment Vulnerability in ty-api.xyz.cloud/api/v1/user/me Allows Permanent Account Lockout | https://medium.com/@binnaryninjax/mass-assignment-vulnerability-in-ty-api-xyz-cloud-api-v1-user-me-allows-permanent-account-lockout-02b4b84defd9?source=rss------bug_bounty-5 | Rishav Rayamajhi | cybersecurity, bug-bounty | 25-Feb-2025 |
Aquatone for Ethical Hackers: Master Reconnaissance Tools | https://devprogramming.medium.com/aquatone-for-ethical-hackers-master-reconnaissance-tools-2573b5b7d295?source=rss------bug_bounty-5 | DevProgramming | tools, hacking-tools, hacking, bug-bounty, penetration-testing | 25-Feb-2025 |
Scan Like a Pro: Bypass WAFs, IDS/IPS, and modern Cloud Security with Nmap Stealth Techniques | https://medium.com/@moldovanzsombor/scan-like-a-pro-bypass-wafs-ids-ips-and-modern-cloud-security-with-nmap-stealth-techniques-for-62a671229bc0?source=rss------bug_bounty-5 | Moldovan Zsombor | bug-bounty, nmap, cybersecurity, hacking, recon | 25-Feb-2025 |
The $12,000 2FA Bypass — So Simple, Yet So Critical! | https://medium.com/@rahulgairola/the-12-000-2fa-bypass-so-simple-yet-so-critical-e3f7d7e5751c?source=rss------bug_bounty-5 | Rahul Gairola | bug-bounty, authentication, 2fa, bug-bounty-writeup, bug-bounty-tips | 25-Feb-2025 |
The Top 10 Most Dangerous Web3 Vulnerabilities Right Now | https://securrtech.medium.com/the-top-10-most-dangerous-web3-vulnerabilities-right-now-a7197f25f3f5?source=rss------bug_bounty-5 | Securr - Web3 Security | bug-bounty, smart-contract-security, web3-security, smart-contract-auditing, blockchain-security | 25-Feb-2025 |
3 Must-Read Bug Bounty Books to Level Up Your Skills! | https://medium.com/@Abhijeet_kumawat_/3-must-read-bug-bounty-books-to-level-up-your-skills-2f6f3886ace8?source=rss------bug_bounty-5 | Abhijeet Kumawat | cybersecurity, bug-bounty, money, hacking, infosec | 25-Feb-2025 |
Think Outside The Box Again, With IDOR ! | https://n0x1.medium.com/think-outside-the-box-again-with-idor-94b010f958ea?source=rss------bug_bounty-5 | Mohammed Khalid | penetration-testing, bug-bounty, bug-bounty-writeup, bug-bounty-tips, web | 25-Feb-2025 |
A tool to find admin panels in your bug bounty target | https://medium.com/@loyalonlytoday/a-tool-to-find-admin-panels-in-your-bug-bounty-target-c21415e83a87?source=rss------bug_bounty-5 | loyalonlytoday | tips, ethical-hacking, cybersecurity, bug-bounty-tips, bug-bounty | 25-Feb-2025 |
Steps for Ethical Bug Hunting | https://techhindirai.medium.com/steps-for-ethical-bug-hunting-3d187263e77b?source=rss------bug_bounty-5 | Rahul Kumar | bug-bounty-tips, sql-injection, bug-bounty, ethical-hacking, sql | 25-Feb-2025 |
Autorize & IDOR: How a Simple Token Swap Exposed Sensitive Data | https://hackersatty.medium.com/autorize-idor-how-a-simple-token-swap-exposed-sensitive-data-f64ee3ceada6?source=rss------bug_bounty-5 | hackersatty | penetration-testing, medium, idor, bug-bounty-writeup, bug-bounty | 25-Feb-2025 |
Bug Bounty Misconception: “I Don’t Have Sufficient Budget to Pay Hunters” | https://medium.com/@hackrate/bug-bounty-misconception-i-dont-have-sufficient-budget-to-pay-hunters-7d8b39b70c14?source=rss------bug_bounty-5 | Levente Molnar | cybersecurity, hacking, bug-bounty-tips, bug-bounty, ethical-hacking | 25-Feb-2025 |
How to Find Bugs Easily in Bug Hunting | https://medium.com/@vipulsonule71/how-to-find-bugs-easily-in-bug-hunting-515977caafc8?source=rss------bug_bounty-5 | Vipul Sonule | penetration-testing, technology, cybersecurity, hacking, bug-bounty | 25-Feb-2025 |
How I Unlocked a $5,000 Payday by Hacking a Billion-Dollar App’s Weakest Link | https://medium.com/@ibtissamhammadi/how-i-unlocked-a-5-000-payday-by-hacking-a-billion-dollar-apps-weakest-link-7b9f4055d46a?source=rss------bug_bounty-5 | Ibtissam Hammadi | idor, cybersecurity, hacking, bug-bounty, vulnerability | 25-Feb-2025 |
Cyber Chat: rs0n | https://osintteam.blog/cyber-chat-rs0n-ea9725394f6d?source=rss------bug_bounty-5 | The Cybersec Café | cybersecurity, penetration-testing, bug-bounty, application-security, information-security | 25-Feb-2025 |
Breaking the chain of CA Certificate detection & SSL Pinning bypass for Android applications | https://medium.com/@pandurangisuprit/breaking-the-chain-of-ca-certificate-detection-ssl-pinning-bypass-for-android-applications-65c4ac66d9f2?source=rss------bug_bounty-5 | Suprit Pandurangi | ca-certificates, ssl-pinning-bypass, bug-bounty, security, android | 25-Feb-2025 |
7 Powerful Ways to Use ChatGPT as a Bug Bounty Assistant | https://bitpanic.medium.com/7-powerful-ways-to-use-chatgpt-as-a-bug-bounty-assistant-c7fc26ce54fc?source=rss------bug_bounty-5 | Spectat0rguy | technology, ai-generated-content, programming, bug-bounty, cybersecurity | 25-Feb-2025 |
Top Hacking Books for 2025 (plus Resources) — @verylazytech | https://medium.com/@verylazytech/top-hacking-books-for-2025-plus-resources-verylazytech-90875b0f6f93?source=rss------bug_bounty-5 | Very Lazy Tech | python, hacking, ethical-hacking, cybersecurity, bug-bounty | 25-Feb-2025 |
XXE: When XML Becomes Your Worst Nightmare | https://osintteam.blog/xxe-when-xml-becomes-your-worst-nightmare-291452531da2?source=rss------bug_bounty-5 | #$ubh@nk@r | hacking, xxe, bug-bounty, infosec, owasp | 25-Feb-2025 |
How I Took Over a Vercel Subdomain | https://medium.com/@Pentestforge/how-i-took-over-a-vercel-subdomain-e7b03dbf222d?source=rss------bug_bounty-5 | Joel I Patrick | information-security, bug-bounty, ethical-hacking, infosec-write-ups, cybersecurity | 25-Feb-2025 |
How I Exploited a Hidden Race Condition to Bypass Licensing and Claim All Subdomains on the target | https://0onoproblem.medium.com/how-i-exploited-a-hidden-race-condition-to-bypass-licensing-and-claim-all-subdomains-on-the-target-64944b148f49?source=rss------bug_bounty-5 | 0_oNoProblem | vulnerability-assessment, bug-bounty-tips, vulnerability, bug-bounty, bug-bounty-writeup | 25-Feb-2025 |
web cache deception on private program | https://medium.com/@0x_karim/web-cache-deception-on-private-program-ccce0a612d46?source=rss------bug_bounty-5 | 0xkarim | hacking, hackerone, bug-bounty, bug-bounty-tips, bug-hunting | 25-Feb-2025 |
Day 19: A Tale of 0-Click Account Takeover and 2FA Bypass | https://medium.com/@danielbelay/day-19-a-tale-of-0-click-account-takeover-and-2fa-bypass-2b2ed4914a3f?source=rss------bug_bounty-5 | dani3l | account-takeover-attacks, bug-bounty | 25-Feb-2025 |
cyber20 Simple Bug Bounty Automation Techniques | https://cyberw1ng.medium.com/cyber20-simple-bug-bounty-automation-techniques-b850db32591c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, programming, bug-bounty, automation | 25-Feb-2025 |
20 Simple Bug Bounty Automation Techniques | https://osintteam.blog/cyber20-simple-bug-bounty-automation-techniques-b850db32591c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, programming, bug-bounty, automation | 25-Feb-2025 |
I hacked a company using Elon Musk’s AI. | https://medium.com/@niels_ae/i-hacked-a-company-using-elon-musks-ai-6eaa48bef222?source=rss------bug_bounty-5 | Niels | bug-bounty, cybersecurity, hacker | 24-Feb-2025 |
Uncovering Hidden Cloudflare Pages and Workers | https://infosecwriteups.com/uncovering-hidden-cloudflare-pages-and-workers-af602df05f1a?source=rss------bug_bounty-5 | Scott Lindh | bug-bounty, cyber-security-awareness, hacker, penetration-testing, hackerone | 24-Feb-2025 |
Free VPS for penetration testing and bounty and part 3 | https://infosecwriteups.com/free-vps-for-penetration-testing-and-bounty-and-part-3-3c5b2f4642cc?source=rss------bug_bounty-5 | loyalonlytoday | vps, cybersecurity, tips, bug-bounty, programming | 24-Feb-2025 |
Subscription? No Thanks! We Hack Our Way In! | https://medium.com/@ajay.kumar.695632/subscription-no-thanks-we-hack-our-way-in-42f884f56db2?source=rss------bug_bounty-5 | Ajay Kumar | bug-bounty, bugs, bug-bounty-tips, bug-bounty-writeup | 24-Feb-2025 |
The biggest misconception: Bug Bounty Programs are only for the largest organizations | https://medium.com/@hackrate/the-biggest-misconception-bug-bounty-programs-are-only-for-the-largest-organizations-a31b920b9d18?source=rss------bug_bounty-5 | Levente Molnar | cybersecurity, bug-bounty-tips, bug-bounty, hacking, ethical-hacking | 24-Feb-2025 |
Interesting Case of CSRF in [Redacted] | https://one33se7en.medium.com/interesting-case-of-csrf-in-redacted-981dc2ba5f10?source=rss------bug_bounty-5 | one33se7en | bug-bounty-tips, bug-bounty-writeup, bug-bounty | 24-Feb-2025 |
Top 5 Bugs can give you $10,000 and more. | https://medium.com/@anandrishav2228/top-5-bugs-can-give-you-10-000-and-more-f51bc93a1162?source=rss------bug_bounty-5 | Rishav anand | hacking, cybersecurity, money, bug-bounty, students | 24-Feb-2025 |
Invitation Hijacking via Self-Signup in [Redacted] Enterprise | https://one33se7en.medium.com/invitation-hijacking-via-self-signup-in-redacted-enterprise-ab0f885a6cdd?source=rss------bug_bounty-5 | one33se7en | bug-bounty-tips, bug-bounty-writeup, bug-bounty | 24-Feb-2025 |
$100-$5000 worth LFI Vulnerability | Advanced Tips and Tricks | https://infosecwriteups.com/100-5000-worth-lfi-vulnerability-advanced-tips-and-tricks-f68fb48324a6?source=rss------bug_bounty-5 | It4chis3c | bypass, lfi-vulnerability, secrets, lfi, bug-bounty | 24-Feb-2025 |
LiveZilla Server XSS Vulnerability | https://cybersecuritywriteups.com/livezilla-server-xss-vulnerability-81563deea5a8?source=rss------bug_bounty-5 | RivuDon | bug-bounty, ethical-hacking, infosecurity, bug-bounty-tips, infosec | 24-Feb-2025 |
$50k BOUNTY JUST FOR GITHUB TOKEN LEAKS | https://medium.com/@hrofficial62/50k-bounty-just-for-github-token-leaks-93c901e076c4?source=rss------bug_bounty-5 | Mr Horbio | hackerone, pentesting, bug-bounty, hacking, cybersecurity | 24-Feb-2025 |
Apple has just fixed one of the biggest usability issues with CarPlay | https://medium.com/@mianhamdan.com/apple-has-just-fixed-one-of-the-biggest-usability-issues-with-carplay-1ed387c075d3?source=rss------bug_bounty-5 | Mian Hamdan | artificial-intelligence, bug-bounty, apple, apple-car, apple-music | 24-Feb-2025 |
How to Find XSS Automatically in Bug Hunting | https://medium.com/@vipulsonule71/how-to-find-xss-automatically-in-bug-hunting-a41a6220dba0?source=rss------bug_bounty-5 | Vipul Sonule | penetration-testing, cybersecurity, hacking, tryhackme-walkthrough, bug-bounty | 24-Feb-2025 |
NoSQL Injection Vulnerability | https://infosecwriteups.com/nosql-injection-vulnerability-ead8ccd60666?source=rss------bug_bounty-5 | Ajay Naik | cyber-security-awareness, cyberattack, penetration-testing, bug-bounty, cybersecurity | 24-Feb-2025 |
Interesting Case of CSRF | https://one33se7en.medium.com/interesting-case-of-csrf-in-redacted-981dc2ba5f10?source=rss------bug_bounty-5 | one33se7en | bug-bounty-tips, bug-bounty-writeup, bug-bounty | 24-Feb-2025 |
DS_Store Hunting: Uncovering Sensitive Data in Bug Bounty Programs | https://maordayanofficial.medium.com/ds-store-hunting-uncovering-sensitive-data-in-bug-bounty-programs-fc3f925c9c52?source=rss------bug_bounty-5 | Maor Dayan - מאור דיין | bug-bounty, security-research, sensitive, python, bug-hunting | 24-Feb-2025 |
How I Found My First High-Severity Bug and Got Rewarded with 3 Trays of Red Bull! | https://medium.com/@iski/how-i-found-my-first-high-severity-bug-and-got-rewarded-with-3-trays-of-red-bull-29ec0ca6a2e4?source=rss------bug_bounty-5 | Iski | bug-bounty-writeup, bug-bounty-hunting, p1-bug, bug-bounty, bug-bounty-tips | 24-Feb-2025 |
XSS & HTML Injection via Google Dorking – A Practical Guide | https://medium.com/@gourisankara357/xss-html-injection-via-google-dorking-a-practical-guide-b535a18fad3b?source=rss------bug_bounty-5 | Gouri Sankar A | xss-attack, bug-bounty-tips, google, infosec, bug-bounty | 24-Feb-2025 |
“ From Zero to $500+: How LFIs Can Line Your Pockets (Real-World Examples Inside!)” | https://osintteam.blog/from-zero-to-500-how-lfis-can-line-your-pockets-real-world-examples-inside-356d55cf46e3?source=rss------bug_bounty-5 | Krish_cyber | bug-bounty-writeup, bug-bounty, osint, money, infosec-write-ups | 24-Feb-2025 |
How I Found The open redirect vulnerability? | https://doordiefordream.medium.com/how-i-found-the-open-redirect-vulnerability-e0c3583b4e89?source=rss------bug_bounty-5 | Bug hunter balu | vulnerability, ethical-hacking, technology, cybersecurity, bug-bounty | 24-Feb-2025 |
Unpatched RCE in Laravel Voyager = Big Bounties! | https://osintteam.blog/unpatched-rce-in-laravel-voyager-big-bounties-2eb3ebb09253?source=rss------bug_bounty-5 | 0day stories | technology, bug-bounty, bug-bounty-tips, penetration-testing, cybersecurity | 24-Feb-2025 |
How I Earned $9,750 in 48 Hours by Finding a Critical Security Flaw | https://medium.com/@ibtissamhammadi/how-i-earned-9-750-in-48-hours-by-finding-a-critical-security-flaw-b3ec6172a7c9?source=rss------bug_bounty-5 | Ibtissam Hammadi | cybersecurity, bug-bounty, hacking, vulnerability, idor | 24-Feb-2025 |
Bug Bounty Hunting — Complete Guide (Part-107) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-107-983c1cd2e667?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, hacking, ethical, cybersecurity, bug-bounty-tips | 24-Feb-2025 |
Bug Bounty Recon: Turning Data into Actionable Findings (Part 3) | https://medium.com/@weaponshot/bug-bounty-recon-turning-data-into-actionable-findings-part-3-924d7d001ecc?source=rss------bug_bounty-5 | Matyis Kong | hacking, recon, cybersecurity, bug-bounty | 24-Feb-2025 |
$20,000 Bounty: How a Leaked Session Cookie Led to an Account Takeover | https://cyberw1ng.medium.com/20-000-bounty-how-a-leaked-session-cookie-led-to-an-account-takeover-06baed26b707?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, programming, bug-bounty, cybersecurity, jobs | 24-Feb-2025 |
HOW I DISCOVERED AN XSS VULNERABILITY IN A VDP PROGRAM | https://medium.com/@anripo2006/how-i-discovered-an-xss-vulnerability-in-a-vdp-program-7bc3880c6f22?source=rss------bug_bounty-5 | Antonio Rivera Poblete | xss-bypass, xss-vulnerability, bug-bounty | 24-Feb-2025 |
Special Characters :^) | https://medium.com/cloud-security/special-characters-9a65093c5bfe?source=rss------bug_bounty-5 | Teri Radichel | character, bug-bounty, special-character, encoding, pentesting | 24-Feb-2025 |
CÓMO DESCUBRÍ UNA VULNERABILIDAD XSS EN UN PROGRAMA VDP | https://medium.com/@anripo2006/c%C3%B3mo-descubr%C3%AD-una-vulnerabilidad-xss-en-un-programa-vdp-c9133241cc5b?source=rss------bug_bounty-5 | Antonio Rivera Poblete | vdp, xss-attack, bug-bounty, xss-bypass, hacking | 24-Feb-2025 |
$20,000 Bounty: How a Leaked Session Cookie Led to an Account Takeover | https://osintteam.blog/20-000-bounty-how-a-leaked-session-cookie-led-to-an-account-takeover-06baed26b707?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, programming, bug-bounty, cybersecurity, jobs | 24-Feb-2025 |
Resource consumption Vulnerability | https://medium.com/@VulnRAM/resource-consumption-vulnerability-542d0b38152e?source=rss------bug_bounty-5 | ramzey elsayed mohamed | bug-bounty, penetration-testing, bug-bounty-tips, bugs, bug-bounty-writeup | 23-Feb-2025 |
Firefox and Chrome extensions for bug-bounty hunters. (PART 1). | https://osintteam.blog/firefox-and-chrome-extensions-for-bug-bounty-hunters-part-1-49e34f70d076?source=rss------bug_bounty-5 | loyalonlytoday | extension, cybersecurity, tips, penetration-testing, bug-bounty | 23-Feb-2025 |
Administrator Account Takeover | https://medium.com/@hrofficial62/administrator-account-takeover-bf08c592bf6a?source=rss------bug_bounty-5 | Mr Horbio | pentesting, bug-bounty, hacking, hackerone, cybersecurity | 23-Feb-2025 |
Uncovering Hidden Treasures: Mastering Wayback URLs for Bug Bounty Hunting | https://abhayal.medium.com/uncovering-hidden-treasures-mastering-wayback-urls-for-bug-bounty-hunting-8571357b7649?source=rss------bug_bounty-5 | Abhayal | waybackurls, bug-bounty-tips, bug-bounty, bug-bounty-writeup, hacking | 23-Feb-2025 |
Information Disclosure Hunting: Tool Tips & Commands | https://infosecwriteups.com/information-disclosure-hunting-tool-tips-commands-48003154e8bb?source=rss------bug_bounty-5 | Monika sharma | technology, bug-bounty, hacking, penetration-testing, bug-bounty-tips | 23-Feb-2025 |
Mapping the Application | https://medium.com/@muhammad4208/mapping-the-application-a922729a6772?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | web-mapping, bug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-program | 23-Feb-2025 |
The Journey That Changed Everything — My NASA LOR Story | https://medium.com/@sivasankardasdas/the-journey-that-changed-everything-my-nasa-lor-story-744ace9f3caf?source=rss------bug_bounty-5 | Sivasankardas | cybersecurity, nasa, osint, ethical-hacking, bug-bounty | 23-Feb-2025 |
Profile Avatar Unlock vulnerability | https://medium.com/@ajay.kumar.695632/profile-avatar-unlock-vulnerability-c3f53fe278cd?source=rss------bug_bounty-5 | Ajay Kumar | bug-bounty, bug-bounty-writeup, bug-bounty-tips, bugs | 23-Feb-2025 |
Web Academy Lab: CORS vulnerability with basic origin reflection | https://medium.com/@mehedihasanemonceh/web-academy-lab-cors-vulnerability-with-basic-origin-reflection-a6130cb49053?source=rss------bug_bounty-5 | Mehedi Hasan Emon | cors-vulnerability, portswigger, bug-bounty, cors, pentesting | 23-Feb-2025 |
Bypassing HackerOne 2FA due to race condition. | https://akashhamal0x01.medium.com/bypassing-hackerone-2fa-due-to-race-condition-8afe2dbff7c9?source=rss------bug_bounty-5 | Akash Hamal | bug-bounty-tips, hackerone, cybersecurity, bug-bounty | 23-Feb-2025 |
Subdomain Enumeration Like Never Before: Unveiling rsecloud.com — The Hidden Gem for Advanced Recon | https://medium.com/@hacker_might/subdomain-enumeration-like-never-before-unveiling-rsecloud-com-the-hidden-gem-for-advanced-recon-322bcd900837?source=rss------bug_bounty-5 | hacker_might | bug-bounty, subdomains-enumeration, bug-bounty-tips, reconnaissance, hidden-recon | 23-Feb-2025 |
Exploiting an Exposed Swagger File to Achieve RCE | https://elhadadx.medium.com/exploiting-an-exposed-swagger-file-to-achieve-rce-cceb4d1f8ad0?source=rss------bug_bounty-5 | 0Xelhadadx | penetration-testing, security, bug-bounty, information-security, rce | 23-Feb-2025 |
Part 2: $1000 Bug Bounty Guide — Advanced JavaScript Analysis for Hidden Vulnerabilities | https://hackersatty.medium.com/part-2-1000-bug-bounty-guide-advanced-javascript-analysis-for-hidden-vulnerabilities-5a47645b575f?source=rss------bug_bounty-5 | hackersatty | bug-bounty-writeup, penetration-testing, bug-bounty, owasp-top-10, hacking | 23-Feb-2025 |
Bug Bounty Hunting — Complete Guide (Part-108) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-108-fc10603a0583?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, hacking | 23-Feb-2025 |
Cross-site scripting Lab- 2: Stored XSS into HTML context with nothing encoded | https://medium.com/@mehedihasanemonceh/cross-site-scripting-lab-2-stored-xss-into-html-context-with-nothing-encoded-67318fe316b2?source=rss------bug_bounty-5 | Mehedi Hasan Emon | bug-bounty, cross-site-scripting, website-security, portswigger, xss-attack | 23-Feb-2025 |
$1000-$10k worth Leaks via Github Secret Dorks | https://infosecwriteups.com/1000-10k-worth-leaks-via-github-secret-dorks-6e13a2b7617a?source=rss------bug_bounty-5 | It4chis3c | leaked, secrets, bug-bounty, github, github-dorking | 23-Feb-2025 |
Admin Account Takeover in Moodle! | https://medium.com/@Nightbloodz/admin-account-takeover-in-moodle-093708a0f749?source=rss------bug_bounty-5 | Alvaro Balada | infosec, cve, cybersecurity, bug-bounty-writeup, bug-bounty | 23-Feb-2025 |
Comprehensive CEH v13 Study Guide | https://medium.com/@verylazytech/comprehensive-ceh-v13-study-guide-965965af5c06?source=rss------bug_bounty-5 | Very Lazy Tech | ethical-hacking, penetration-testing, hacking, ceh-certification, bug-bounty | 23-Feb-2025 |
Are Private Bug Bounty Programs Worth It? The Truth About Invites | https://medium.com/@HackerNasr/are-private-bug-bounty-programs-worth-it-the-truth-about-invites-164f94842d54?source=rss------bug_bounty-5 | HackerNasr | cybersecurity, ethical-hacking, penetration-testing, hacking, bug-bounty | 23-Feb-2025 |
Subdomain Enumeration Like Never Before: Unveiling rsecloud.com — The Hidden Gem for Advanced Recon | https://osintteam.blog/subdomain-enumeration-like-never-before-unveiling-rsecloud-com-the-hidden-gem-for-advanced-recon-322bcd900837?source=rss------bug_bounty-5 | hacker_might | bug-bounty, subdomains-enumeration, bug-bounty-tips, reconnaissance, hidden-recon | 23-Feb-2025 |
How I Found an Easy Dom xss. | https://medium.com/infosecmatrix/how-i-found-an-easy-dom-xss-b93bbe09e2bf?source=rss------bug_bounty-5 | loyalonlytoday | tips, xss-attack, bug-bounty, hacking, cybersecurity | 23-Feb-2025 |
️ Top Tools Used for Bug Hunting | https://medium.com/@vipulsonule71/%EF%B8%8F-top-tools-used-for-bug-hunting-d1f40926733a?source=rss------bug_bounty-5 | Vipul Sonule | hacking, technology, writing, bug-bounty, vulnerability | 23-Feb-2025 |
$100-$5000 worth File Upload Vulnerability | Advanced Techniques | https://infosecwriteups.com/100-5000-worth-file-upload-vulnerability-advanced-techniques-7c598837607f?source=rss------bug_bounty-5 | It4chis3c | file-upload-vulnerability, bug-bounty, secrets, file-upload, bypass | 23-Feb-2025 |
Bug Bounty Hunting — Complete Guide (Part-106) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-106-f15dc8fd13f8?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, bug-bounty-tips, bug-bounty, ethical-hacking, cybersecurity | 23-Feb-2025 |
HackTheBox Challenge Only-Hacks | https://medium.com/@maxcyber882/hackthebox-challenge-only-hacks-d96d3aeb465c?source=rss------bug_bounty-5 | Maxcyber | hackthebox, infosec, cybersecurity, bug-bounty | 23-Feb-2025 |
Bank offer IDOR Fix Bypassed: How I Accessed Unauthorized Offers and Secured a $10,000 Bounty —… | https://bxmbn.medium.com/bank-offer-idor-fix-bypassed-how-i-accessed-unauthorized-offers-and-secured-a-10-000-bounty-41052b31a2fc?source=rss------bug_bounty-5 | bombon | bug-bounty, cybersecurity, idor-vulnerability | 23-Feb-2025 |
Day 18: How a Researcher Hacked One of the Biggest Airlines Group in the World | https://medium.com/@danielbelay/day-18-how-a-researcher-hacked-one-of-the-biggest-airlines-group-in-the-world-e2b896e74503?source=rss------bug_bounty-5 | dani3l | ethical-hacking, account-takeover, ato, bug-bounty | 23-Feb-2025 |
Let’s Talk About Encryption And IDORs(Yes, IDOR,s Again)— @bxmbn | https://bxmbn.medium.com/lets-talk-about-encryption-and-idors-yes-idor-s-again-bxmbn-911bfb7a2de3?source=rss------bug_bounty-5 | bombon | bug-bounty, encryption, idor | 23-Feb-2025 |
How I Hacked India’s Most Popular Matrimony Website and Earned a ₹10,000 Amazon Gift Card | https://infosecwriteups.com/how-i-hacked-indias-most-popular-matrimony-website-and-earned-a-10-000-amazon-gift-card-4dad7b6eff5d?source=rss------bug_bounty-5 | Vivek PS | cybersecurity, bug-bounty, programming, penetration-testing, hacking | 23-Feb-2025 |
Top 3 Books to get started Bug Hunting | https://medium.com/@julius.grosserode.19/top-3-books-to-get-started-bug-hunting-e20db0ccb9c6?source=rss------bug_bounty-5 | Julio | bug-bounty, hacking-books, hacking | 23-Feb-2025 |
Hijacking Sessions with IDOR and XSS— @bxmbn | https://bxmbn.medium.com/hijacking-sessions-with-idor-and-xss-bxmbn-396f99761a85?source=rss------bug_bounty-5 | bombon | idor, cross-site-scripting, bug-bounty | 23-Feb-2025 |
Account Takeover (ATO): A Practical Guide to Finding and Preventing Attacks | https://cyberw1ng.medium.com/account-takeover-ato-a-practical-guide-to-finding-and-preventing-attacks-64c071d0ae84?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | programming, cybersecurity, bug-bounty, careers, education | 23-Feb-2025 |
Account Takeover (ATO): A Practical Guide to Finding and Preventing Attacks | https://osintteam.blog/account-takeover-ato-a-practical-guide-to-finding-and-preventing-attacks-64c071d0ae84?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | programming, cybersecurity, bug-bounty, careers, education | 23-Feb-2025 |
How to Find XSS in Web Applications in Bug Hunting ️♂️ | https://medium.com/@vipulsonule71/how-to-find-xss-in-web-applications-in-bug-hunting-%EF%B8%8F-%EF%B8%8F-e5b3e9e27835?source=rss------bug_bounty-5 | Vipul Sonule | technology, writing, bug-bounty, cybersecurity, hacking | 22-Feb-2025 |
How I Found a Confidential Business Agreement on Wayback Machine | https://aiwolfie.medium.com/how-i-found-a-confidential-business-agreement-on-wayback-machine-efd1f0abf4cf?source=rss------bug_bounty-5 | AIwolfie | bug-bounty, bug-bounty-writeup, cybersecurity, hacking, hackerone | 22-Feb-2025 |
SQL Injection Vulnerability Analysis and Mitigation | https://medium.com/@shibinkodoth1/sql-injection-vulnerability-analysis-and-mitigation-4a3180976145?source=rss------bug_bounty-5 | Shibin Balakrishnan | hacking, cybersecurity, sql, sql-injection, bug-bounty | 22-Feb-2025 |
My Approach to Bypassing Strong WAF in XSS | https://medium.com/@randixploit.shtml/my-approach-to-bypassing-strong-waf-in-xss-0c2e0864043b?source=rss------bug_bounty-5 | Just R | penetration-testing, xss-attack, bug-bounty-writeup, bug-bounty, bypass | 22-Feb-2025 |
Finding the origin IP address | https://infosecwriteups.com/finding-the-origin-ip-address-1e9cd5073e8c?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, cybersecurity, programming, tips, ethical-hacking | 22-Feb-2025 |
What is the Dark Web? A Complete Guide for Businesses | https://medium.com/@08hakr/what-is-the-dark-web-a-complete-guide-for-businesses-15413b9a3aba?source=rss------bug_bounty-5 | Kshirsagar Hrushikesh | hacking, computer-science, cybersecurity, bug-bounty, darkweb | 22-Feb-2025 |
The Dark Web: A Business Survival Guide | https://medium.com/@cybershastra7/the-dark-web-a-business-survival-guide-dc4d36d4c3ec?source=rss------bug_bounty-5 | CyberShastra | cybersecurity, bug-bounty, darkweb, computer-science, hacking | 22-Feb-2025 |
Silent Takeover: How We Hacked Authentication Flows to Compromise 2000+ Healthcare Tenants with… | https://pandyamayur2018.medium.com/silent-takeover-how-we-hacked-authentication-flows-to-compromise-2000-healthcare-tenants-with-fa51817c3086?source=rss------bug_bounty-5 | Mayur Pandya | vapt, cybersecurity, authentication, bug-bounty, infosec | 22-Feb-2025 |
XSS Chronicles: How I Stumbled Upon a Critical API Key Leak | https://medium.com/@soufianehabti/xss-chronicles-how-i-stumbled-upon-a-critical-api-key-leak-9ea65ffc3f5a?source=rss------bug_bounty-5 | Soufiane Habti | bug-bounty, cybersecurity, ethical-hacking | 22-Feb-2025 |
Silent Takeover: How We Hacked Authentication Flows to Compromise 2000+ Healthcare Tenants with… | https://pandyamayurrr.medium.com/silent-takeover-how-we-hacked-authentication-flows-to-compromise-2000-healthcare-tenants-with-fa51817c3086?source=rss------bug_bounty-5 | Mayur Pandya | vapt, cybersecurity, authentication, bug-bounty, infosec | 22-Feb-2025 |
Breaking Boundaries: My Journey from limited Stored XSS to Open Redirect & a Sneaky CSRF Referrer… | https://medium.com/@0xNayelx/breaking-boundaries-my-journey-from-limited-stored-xss-to-open-redirect-a-sneaky-csrf-referrer-6dc939cf7aed?source=rss------bug_bounty-5 | 0xNayel | bug-bounty, security, bug-bounty-tips, writeup, bug-bounty-writeup | 22-Feb-2025 |
Identifying Our Target from Bugcrowd | https://medium.com/@mdsahat6397/identifying-our-target-from-bugcrowd-fdb3de6a98ab?source=rss------bug_bounty-5 | Tasneem Sahat | bugcrowd, bug-bounty | 22-Feb-2025 |
Web Security Academy: File path traversal, traversal sequences blocked with absolute path bypass | https://medium.com/@mehedihasanemonceh/web-security-academy-file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass-99255db560d6?source=rss------bug_bounty-5 | Mehedi Hasan Emon | bug-bounty, portswigger, cybersecurity, lfi, path-traversal | 22-Feb-2025 |
90% Hunters V/S 10% Hunters | https://bitpanic.medium.com/90-hunters-v-s-10-hunters-fa9089523181?source=rss------bug_bounty-5 | Spectat0rguy | cybersecurity, programming, bug-bounty-tips, bug-bounty, technology | 22-Feb-2025 |
1000$ Bounty in less than 30 Seconds via the power of custom wordlists | https://0xrasputin.medium.com/1000-bounty-in-less-than-30-seconds-via-the-power-of-custom-wordlists-3f7deba5bf08?source=rss------bug_bounty-5 | 0xRasputin | bug-hunting, pentesting, bug-bounty, recon | 22-Feb-2025 |
Web Application Technologies | https://medium.com/@muhammad4208/web-application-technologies-aaa947303675?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | web-technology, bug-bounty-tips, bug-bounty-program, bug-bounty, bug-bounty-hunter | 22-Feb-2025 |
Exploiting the Shadows: How I Uncovered a Command Injection via OOB and Bagged $800 | https://medium.com/@kura1yum3/exploiting-the-shadows-how-i-uncovered-a-command-injection-via-oob-and-bagged-800-73c4bc90a130?source=rss------bug_bounty-5 | KuroSh1R0 | hackerone, bug-bounty | 22-Feb-2025 |
️♂️How to Find XSS in Bug Hunting ️♂️ | https://medium.com/@vipulsonule71/%EF%B8%8F-%EF%B8%8F-how-to-find-xss-in-bug-hunting-%EF%B8%8F-%EF%B8%8F-d7243160da01?source=rss------bug_bounty-5 | Vipul Sonule | cybersecurity, ai, bug-bounty, penetration-testing, technology | 22-Feb-2025 |
$100-$200 worth 403 Bypass Techniques | https://infosecwriteups.com/100-200-worth-403-bypass-techniques-e4c22064091a?source=rss------bug_bounty-5 | It4chis3c | bug-bounty, secrets, bypass, 403-forbidden, hidden | 22-Feb-2025 |
Bug Bounty Hunting — Complete Guide (Part-105) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-105-6016b1f36174?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, bug-bounty, hacking, ethical-hacking, bug-bounty-tips | 22-Feb-2025 |
Bug Bounty Restart- Phase 1: Preparation & Mindset | https://infosecwriteups.com/bug-bounty-restart-phase-1-preparation-mindset-57ca877a9278?source=rss------bug_bounty-5 | Om Arora | cybersecurity, infosec, bug-bounty, bug-bounty-writeup, technology | 22-Feb-2025 |
Day 17: [$5K] Misconfigured Reset Password Leads to Account Takeover (No User Interaction ATO) | https://medium.com/@danielbelay/day-17-5k-misconfigured-reset-password-leads-to-account-takeover-no-user-interaction-ato-4d378e995fc2?source=rss------bug_bounty-5 | dani3l | account-takeover, ato, bug-bounty | 22-Feb-2025 |
CRLF Injection: How a Simple Bug Can Earn You $1500! | https://cybersecuritywriteups.com/crlf-injection-how-a-simple-bug-can-earn-you-1500-ff3aabc54a77?source=rss------bug_bounty-5 | Krish_cyber | bug-bounty, ethical-hacking, infosec-write-ups, bug-bounty-tips, osint | 22-Feb-2025 |
The Art of Software Testing: Types, Methods, and Best Practices | https://i-am-tibi.medium.com/the-art-of-software-testing-types-methods-and-best-practices-608cc6770136?source=rss------bug_bounty-5 | Tibb.In | software-testing, qa-testing, qa, bugs, bug-bounty | 22-Feb-2025 |
Earn $500 with Open Redirect Vulnerabilities! | https://osintteam.blog/earn-500-with-open-redirect-vulnerabilities-224d637f683c?source=rss------bug_bounty-5 | Krish_cyber | information-security, bug-bounty, infosec-write-ups, osint, open-redirect | 22-Feb-2025 |
Methods and Tools for Extracting Information from Websites | https://medium.com/@paritoshblogs/methods-and-tools-for-extracting-information-from-websites-c26b4584ef43?source=rss------bug_bounty-5 | Paritosh | ai, bug-bounty, python, web-scraping, cybersecurity | 22-Feb-2025 |
Finding Juicy Information from GraphQL | https://cyberw1ng.medium.com/finding-juicy-information-from-graphql-22fb09bd9e61?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, jobs, bug-bounty, programming, cybersecurity | 22-Feb-2025 |
Finding Juicy Information from GraphQL | https://osintteam.blog/finding-juicy-information-from-graphql-22fb09bd9e61?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, jobs, bug-bounty, programming, cybersecurity | 22-Feb-2025 |
$100 Bounty: Username Restriction Bypassed | https://medium.com/@kumawatabhijeet2002/100-bounty-username-restriction-bypassed-0d6422564c36?source=rss------bug_bounty-5 | Abhijeet kumawat | infosec, cybersecurity, hacking, secrets, bug-bounty | 21-Feb-2025 |
Burp Suite AI Extension for Pentester | https://hackerassociate.medium.com/burp-suite-ai-extension-for-pentester-742358811884?source=rss------bug_bounty-5 | Harshad Shah | burpsuite, infosec, hacking, cybersecurity, bug-bounty | 21-Feb-2025 |
【Recognition】Excellent Security Researcher in January 2025 → iiiiiinv | https://medium.com/@security.tecno/recognition-excellent-security-researcher-in-january-2025-iiiiiinv-29bcf9b3d91b?source=rss------bug_bounty-5 | TECNO Security | web-development, apps, security, research, bug-bounty | 21-Feb-2025 |
Getting Started with Bug Bounty Hunting: A Simple Guide(Free Version) | https://medium.com/@bombhajohn/getting-started-with-bug-bounty-hunting-a-simple-guide-free-version-3363ecd320c2?source=rss------bug_bounty-5 | Folks47ghee | cyber-security-awareness, bug-bounty, bug-bounty-tips, data, cybersecurity | 21-Feb-2025 |
OWASP Top 10: The Hacker’s Favorite Menu (And How to Ruin Their Appetite) | https://falilu.medium.com/owasp-top-10-the-hackers-favorite-menu-and-how-to-ruin-their-appetite-12b67dfaa998?source=rss------bug_bounty-5 | Falilu Rahman | owasp-top-10, web-application-security, technology, cybersecurity, bug-bounty | 21-Feb-2025 |
$100 Bounty: Username Restriction Bypassed | https://infosecwriteups.com/100-bounty-username-restriction-bypassed-0d6422564c36?source=rss------bug_bounty-5 | Abhijeet kumawat | infosec, cybersecurity, hacking, secrets, bug-bounty | 21-Feb-2025 |
$50-$500 worth Information Disclosure Bug Automation | https://it4chis3c.medium.com/50-500-worth-information-disclosure-bug-automation-3afc596fa206?source=rss------bug_bounty-5 | It4chis3c | information-disclosure, sensitive-data, bug-bounty, hidden, secrets | 21-Feb-2025 |
My First Bug Discovery in Facebook Bug Bounty 2025 | https://medium.com/@bayusetb/my-first-bug-discovery-in-facebook-bug-bounty-2025-728b14eaf6cc?source=rss------bug_bounty-5 | Bayusetb | facebook-bug-bounty, meta-bug-bounty, bug-bounty-writeup, idor, bug-bounty | 21-Feb-2025 |
From a Steward Security Gaurd to a Cybersecurity Startup Founder! | https://ajakcybersecurity.medium.com/from-a-steward-security-gaurd-to-a-cybersecurity-startup-founder-5fed143b6b24?source=rss------bug_bounty-5 | AJAK Cyber Academy | bug-bounty, cybersecurity, startup, technology, hacking | 21-Feb-2025 |
Note-taking apps for bug bounty hunting and ethical hacking purposes | https://medium.com/readers-club/note-taking-apps-for-bug-bounty-hunting-and-ethical-hacking-purposes-635a198ec9d9?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, notetaking, tips, notes, cybersecurity | 21-Feb-2025 |
How to Find Information Disclosure Bugs in Bug Hunting | https://medium.com/@vipulsonule71/how-to-find-information-disclosure-bugs-in-bug-hunting-44954ee8b2fd?source=rss------bug_bounty-5 | Vipul Sonule | technology, cybersecurity, bug-bounty, hacking, penetration-testing | 21-Feb-2025 |
Burp Suite AI Extension for Pentester | https://medium.com/offensive-black-hat-hacking-security/burp-suite-ai-extension-for-pentester-742358811884?source=rss------bug_bounty-5 | Harshad Shah | burpsuite, infosec, hacking, cybersecurity, bug-bounty | 21-Feb-2025 |
Find 100+ CVEs Using These 5 Simple GitHub Dorks | https://medium.com/@ibtissamhammadi/find-100-cves-using-these-5-simple-github-dorks-bfdde1653a20?source=rss------bug_bounty-5 | Ibtissam Hammadi | github, programming, infosec, bug-bounty, cybersecurity | 21-Feb-2025 |
Inside Our Car Hacking Demonstrator: A Training Platform for Automotive Cybersecurity | https://medium.com/@maajix/inside-our-car-hacking-demonstrator-a-training-platform-for-automotive-cybersecurity-4c95035b2994?source=rss------bug_bounty-5 | Majix | bug-bounty-tips, car-hacking, bug-bounty, automotive, hacking | 21-Feb-2025 |
Day 16: Massive Users Account Takeovers (Chaining Vulnerabilities to IDOR) | https://medium.com/@danielbelay/day-16-massive-users-account-takeovers-chaining-vulnerabilities-to-idor-11d1b0731c4c?source=rss------bug_bounty-5 | dani3l | ethical-hacking, pen-testing-tool, bug-bounty, ato | 21-Feb-2025 |
Easiest Vulnerability $200 You can test it under 2 minutes | https://progprnv.medium.com/easiest-vulnerability-200-you-can-test-it-under-2-minutes-2f45b4a0c785?source=rss------bug_bounty-5 | progprnv | bug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty | 21-Feb-2025 |
I Earned $500 in 2 Minutes by Finding a Sensitive File! | https://cybersecuritywriteups.com/i-earned-500-in-2-minutes-by-finding-a-sensitive-file-a71817a66ba9?source=rss------bug_bounty-5 | Krish_cyber | idor, hacking, bug-bounty, ai, infosec | 21-Feb-2025 |
Pre-Seeding Trap Story: Exploiting PII Data Before It’s Logged | https://medium.com/@ahmedelmorsy312/pre-seeding-trap-story-exploiting-pii-data-before-its-logged-8284f47a5854?source=rss------bug_bounty-5 | Ahmed Elmorsi | bug-hunting, cybersecurity, bug-bounty, hackerone | 21-Feb-2025 |
How I Discovered a Bug to Delete Any User Account! | https://medium.com/@kumawatabhijeet2002/how-i-discovered-a-bug-to-delete-any-user-account-b8ae1c60a6a9?source=rss------bug_bounty-5 | Abhijeet kumawat | cybersecurity, bug-bounty, infosec, money, hacking | 21-Feb-2025 |
How to Find Information Disclosure Bug | https://medium.com/@vipulsonule71/how-to-find-information-disclosure-bugs-in-bug-hunting-44954ee8b2fd?source=rss------bug_bounty-5 | Vipul Sonule | technology, cybersecurity, bug-bounty, hacking, penetration-testing | 21-Feb-2025 |
Announcing the Lysa (Testnet) Bug Bounty Program! | https://medium.com/@GoRWAChain/announcing-the-lysa-testnet-bug-bounty-program-b73ed9adbd5c?source=rss------bug_bounty-5 | Go! SmartChain AI | bug-bounty, blockchain, crypto, web3, cryptocurrency | 21-Feb-2025 |
Bug Bounty Hunting — Complete Guide (Part-104) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-104-b2c76940b84b?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, hacking, bug-bounty-tips, bug-bounty, cybersecurity | 21-Feb-2025 |
How to Choose a Bug Bounty Platform | https://medium.com/@hackrate/how-to-choose-a-bug-bounty-platform-178e0eb95202?source=rss------bug_bounty-5 | Levente Molnar | hacking, bug-bounty-tips, cybersecurity, ethical-hacking, bug-bounty | 21-Feb-2025 |
How I Found 5 Reflected XSS in a Public Program | https://medium.com/@mahmodziad40/how-i-found-5-reflected-xss-in-a-public-program-44b168ae6526?source=rss------bug_bounty-5 | httpzuz | bug-bounty-writeup, bug-bounty, reflected-xss, bug-bounty-tips, xss-attack | 21-Feb-2025 |
API Loophole: How I Bypassed CAPTCHA to Create Unlimited Accounts | https://medium.com/@rahulgairola/api-loophole-how-i-bypassed-captcha-to-create-unlimited-accounts-0d21de1f96e2?source=rss------bug_bounty-5 | Rahul Gairola | api-security, bug-bounty, api-security-testing, bug-bounty-tips, bug-bounty-writeup | 21-Feb-2025 |
Dynamic Application Security Testing (DAST) | https://medium.com/@evoskolyey/dynamic-application-security-testing-dast-95f70aa16745?source=rss------bug_bounty-5 | Eugene Voskoley | bug-bounty, appsec, devsecops, cybersecurity, dast | 21-Feb-2025 |
$100 worth Rate Limit Bypass Bug |Advanced Tricks & Tips | https://it4chis3c.medium.com/100-worth-rate-limit-bypass-bug-advanced-tricks-tips-7722a98553e3?source=rss------bug_bounty-5 | It4chis3c | hidden, rate-limit, rate-limit-bypass, secrets, bug-bounty | 21-Feb-2025 |
How to Find Your First Bug and Get Paid — Bug Bounty Made Easy | https://krishna-cyber.medium.com/how-to-find-your-first-bug-and-get-paid-bug-bounty-made-easy-da3de634265c?source=rss------bug_bounty-5 | Krish_cyber | idor, info-sec-writeups, osint, bug-bounty, readers-club | 21-Feb-2025 |
Installing and Using Nuclei for Automated Security Scanning | https://abhayal.medium.com/installing-and-using-nuclei-for-automated-security-scanning-1b4f53de3ae5?source=rss------bug_bounty-5 | Abhayal | bug-bounty, reconnaissance, hacking, bug-bounty-writeup, bug-bounty-tips | 21-Feb-2025 |
Bug Report Rejected? Here’s What You Can Do. | https://medium.com/@HackerNasr/bug-report-rejected-heres-what-you-can-do-b4407d7c19b8?source=rss------bug_bounty-5 | HackerNasr | cybersecurity, hacking, penetration-testing, bug-bounty, ethical-hacking | 21-Feb-2025 |
25000$ IDOR: How a Simple ID Enumeration Exposed Private Data | https://cyberw1ng.medium.com/25000-idor-how-a-simple-id-enumeration-exposed-private-data-7de2f60c46fd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | jobs, cybersecurity, careers, bug-bounty, programming | 21-Feb-2025 |
The Quickest Way To Learn XSS In 2025! (Free Version) | https://medium.com/@bombhajohn/the-quickest-way-to-learn-xss-in-2025-free-version-b006fa64f3ed?source=rss------bug_bounty-5 | Folks47ghee | bug-bounty, cybersecurity, technology, data, bug-bounty-tips | 21-Feb-2025 |
25000$ IDOR: How a Simple ID Enumeration Exposed Private Data | https://osintteam.blog/25000-idor-how-a-simple-id-enumeration-exposed-private-data-7de2f60c46fd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | jobs, cybersecurity, careers, bug-bounty, programming | 21-Feb-2025 |
Multiple Sensitive Data Leaks — A Deep Dive | https://aiwolfie.medium.com/multiple-sensitive-data-leaks-a-deep-dive-b913172b5146?source=rss------bug_bounty-5 | AIwolfie | cybersecurity, osint, bug-bounty, information-disclosure, hacking | 20-Feb-2025 |
WordPress users Disclosure Bug Bounty report | https://aimasterprompt.medium.com/wordpress-users-disclosure-bug-bounty-report-d1e901bfc6cb?source=rss------bug_bounty-5 | aimaster | cybersecurity, wordpress, information-technology, infosec, bug-bounty | 20-Feb-2025 |
Top 10 Tools Every Bug Bounty Hunter Must Use | https://osintteam.blog/top-10-tools-every-bug-bounty-hunter-must-use-18046e2306a8?source=rss------bug_bounty-5 | Abhijeet kumawat | hacking, tools, infosec, cybersecurity, bug-bounty | 20-Feb-2025 |
OWASP Top 10 Vulnerabilities 2025: A Comprehensive Guide | https://osintteam.blog/owasp-top-10-vulnerabilities-2025-a-comprehensive-guide-cc0019ded233?source=rss------bug_bounty-5 | Ajay Naik | cybersecurity, security-testing, bug-bounty, penetration-testing, application-security | 20-Feb-2025 |
CRLF Injection: Guide to Finding & Exploiting Vulnerabilities | https://osintteam.blog/crlf-injection-guide-to-finding-exploiting-vulnerabilities-75df64c274e6?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, crlf-injection, money, cybersecurity, hacking | 20-Feb-2025 |
How to crawl a website like a pro | https://siratsami71.medium.com/how-to-crawl-a-website-like-a-pro-008f98f41f9f?source=rss------bug_bounty-5 | Sirat Sami (analyz3r) | pentesting, bug-bounty | 20-Feb-2025 |
$5M Critical Vulnerability Discovery: 3 Warning Signs for 2025 | https://medium.com/@ibtissamhammadi/5m-critical-vulnerability-discovery-3-warning-signs-for-2025-f407bb9b7998?source=rss------bug_bounty-5 | Ibtissam Hammadi | security, bug-bounty, vulnerability, infosec, cybersecurity | 20-Feb-2025 |
₹1,000 in 10 mins: BookMyShow’s Open redirect bug! | https://infosecwriteups.com/1-000-in-10-mins-bookmyshows-open-redirect-bug-914f47590ecf?source=rss------bug_bounty-5 | Vivek PS | cybersecurity, bug-bounty, hacking, bug-bounty-tips, programming | 20-Feb-2025 |
Core Defense Mechanisms | https://medium.com/@muhammad4208/core-defense-mechanisms-b9ac54c29e52?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | defense-mechanism, bug-bounty-tips, web-development, bug-bounty | 20-Feb-2025 |
UUID Injection: 0-Click Superadmin ATO | https://medium.com/@RekoJR/uuid-injection-0-click-superadmin-ato-3dc46a19c9ad?source=rss------bug_bounty-5 | Reko ! | bug-bounty-tips, bug-bounty, bug-bounty-writeup | 20-Feb-2025 |
$1000 Bug Bounty Guide: Uncovering Hidden Vulnerabilities Through JavaScript Analysis | https://hackersatty.medium.com/1000-bug-bounty-guide-uncovering-hidden-vulnerabilities-through-javascript-analysis-c3f1a698b91b?source=rss------bug_bounty-5 | hackersatty | hacking, penetration-testing, owasp-top-10, bug-bounty-writeup, bug-bounty | 20-Feb-2025 |
Exploiting GraphQL Vulnerabilities: How Misconfigurations Can Lead to Data Leaks | https://cyberw1ng.medium.com/exploiting-graphql-vulnerabilities-how-misconfigurations-can-lead-to-data-leaks-c41d50a64cc3?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, jobs, careers, education, bug-bounty | 20-Feb-2025 |
Y2FuIHlvdSByZWNvbj8/ | can you recon? | Hacker101 CTF Write-Up | https://medium.com/@sari.mmusab/y2fuihlvdsbyzwnvbj8-can-you-recon-hacker101-ctf-write-up-f2a446ecc9f0?source=rss------bug_bounty-5 | Musab Sarı | cybersecurity, php, ctf, bug-bounty, writeup | 20-Feb-2025 |
Open redirect in logout | https://medium.com/@muhmoud.barket/open-redirect-in-logout-53656dbb922c?source=rss------bug_bounty-5 | Mahmoud Barkat | bug-bounty-writeup, bug-bounty-tips, bug-bounty | 20-Feb-2025 |
Bug Bounty Hunting — Complete Guide (Part-103) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-103-695beef8d81c?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, hacking, ethical-hacking, bug-bounty-tips, cybersecurity | 20-Feb-2025 |
$100 worth Open Redirect Automation | https://it4chis3c.medium.com/100-worth-open-redirect-automation-3e2f9e36bade?source=rss------bug_bounty-5 | It4chis3c | hidden, secrets, open-redirect, bug-bounty, practical | 20-Feb-2025 |
The Most Innovative Bug Bounty Platform | https://medium.com/@hackrate/the-most-innovative-bug-bounty-platform-bcd812cb3670?source=rss------bug_bounty-5 | Levente Molnar | bug-bounty-tips, hacking, bug-bounty, ethical-hacking, cybersecurity | 20-Feb-2025 |
Even Brahma Had Brahmastra — GarudaX Have Digi-Astra for You | https://medium.com/@modernshubhamgupta/even-brahma-had-brahmastra-garudax-have-digi-astra-for-you-834a75d7b337?source=rss------bug_bounty-5 | Shubham Raj | vapt, bug-bounty, vulnerability-assessment, digi-astra, cybersecurity | 20-Feb-2025 |
Why PortSwigger Labs is Essential for Beginner bug hunter | https://medium.com/@mehedihasanemonceh/why-portswigger-labs-is-essential-for-beginner-bug-hunter-8a940472d126?source=rss------bug_bounty-5 | Mehedi Hasan Emon | portswigger-lab, bug-bounty, portswigger, bug-hunter, cybersecurity | 20-Feb-2025 |
Future of Bug Reporting: How AI in Chrome DevTools is Revolutionizing QA | https://medium.com/@hafizghulamabbas/future-of-bug-reporting-how-ai-in-chrome-devtools-is-revolutionizing-qa-b2335c092541?source=rss------bug_bounty-5 | Hafiz Ghulam Abbas - Sr. SQA Automation Engineer | qa, ai, chrome, testing, bug-bounty | 20-Feb-2025 |
Shodan for Hackers: The Search Engine for the Internet of Everything | https://medium.com/@ajudeb55/shodan-for-hackers-the-search-engine-for-the-internet-of-everything-1a6a7c962d85?source=rss------bug_bounty-5 | Aju Deb | programming, hacking, bug-bounty, cybersecurity, technology | 20-Feb-2025 |
Exploiting GraphQL Vulnerabilities: How Misconfigurations Can Lead to Data Leaks | https://osintteam.blog/exploiting-graphql-vulnerabilities-how-misconfigurations-can-lead-to-data-leaks-c41d50a64cc3?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, jobs, careers, education, bug-bounty | 20-Feb-2025 |
Top Search Engines for Hackers: The Ultimate Guide | https://medium.com/@ajudeb55/top-search-engines-for-hackers-the-ultimate-guide-00f7ab52689e?source=rss------bug_bounty-5 | Aju Deb | programming, hacking, cybersecurity, bug-bounty, technology | 19-Feb-2025 |
Bug Bounty Made Me a MADMAN | https://medium.com/@thedevtaskofficial/bug-bounty-made-me-a-madman-346205a6e4af?source=rss------bug_bounty-5 | thedevtask official | bug-bounty, security-token, security, hacking, vulnerability | 19-Feb-2025 |
Free VPS for penetration testing and bug bounty part 2 | https://infosecwriteups.com/free-vps-for-penetration-testing-and-bug-bounty-part-2-d88e7ec00e2c?source=rss------bug_bounty-5 | loyalonlytoday | cybersecurity, vps, tips, bug-bounty, awareness | 19-Feb-2025 |
Insecure Deserialization + Lab Resolution | https://medium.com/@0xpedrop/insecure-deserialization-lab-resolution-1f53adbf26a1?source=rss------bug_bounty-5 | 0xPedrop | cybersecurity, hacking, bug-bounty, bug-bounty-tips | 19-Feb-2025 |
Unauthorized Access to Internal Panel via Response Manipulation | https://0onoproblem.medium.com/unauthorized-access-to-internal-panel-via-response-manipulation-0b6baaae9346?source=rss------bug_bounty-5 | 0_oNoProblem | bug-hunting, vulnerability-assessment, bug-bounty, info-sec-writeups, vulnerability | 19-Feb-2025 |
$1000 Bounty: Command Injection Vulnerability | https://medium.com/infosecmatrix/1000-bounty-command-injection-vulnerability-b190222bf07a?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, money, hacking, command-injection, infosec | 19-Feb-2025 |
How i got a fileupload vulnerability so easily | https://infosecwriteups.com/how-i-got-a-fileupload-vulnerability-so-easily-a659421a0523?source=rss------bug_bounty-5 | Le_Merdien | hacking, bug-bounty, networking, hackerone, penetration-testing | 19-Feb-2025 |
I Hacked FIDE.com — Call me Hacknus Carlsen! | https://infosecwriteups.com/i-hacked-fide-com-call-me-hacknus-carlsen-529eeb55440d?source=rss------bug_bounty-5 | Vivek PS | chess, hacking, programming, cybersecurity, bug-bounty | 19-Feb-2025 |
The Quickest Way To Learn XSS In 2025! | https://medium.com/@bombhajohn/how-i-learned-xss-e593a9b956e3?source=rss------bug_bounty-5 | Folks47ghee | cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-writeup, technology | 19-Feb-2025 |
How to Find Subdomain Takeover in Bug Hunting | https://medium.com/@vipulsonule71/how-to-find-subdomain-takeover-in-bug-hunting-863b39a68755?source=rss------bug_bounty-5 | Vipul Sonule | penetration-testing, hacking, cybersecurity, bug-bounty, technology | 19-Feb-2025 |
Inside Agoda’s Bug Bounty Program: How We Stay Ahead of Cyber Threats | https://medium.com/agoda-engineering/how-agoda-works-with-hackers-to-strengthen-its-security-2e4129299b8b?source=rss------bug_bounty-5 | Agoda Engineering | bug-bounty, engineering, cybersecurity, security, technology | 19-Feb-2025 |
How easy is it to earn from bug bounties? The truth behind ethical hacking rewards | https://infosecwriteups.com/how-easy-is-it-to-earn-from-bug-bounties-the-truth-behind-ethical-hacking-rewards-1a88e1f58444?source=rss------bug_bounty-5 | Vivek PS | hacking, programming, cybersecurity, growth-mindset, bug-bounty | 19-Feb-2025 |
Learn how to find one of the easy p4 bug | https://cybersecuritywriteups.com/learn-how-to-find-one-of-the-easy-p4-bug-4f6bdf29044c?source=rss------bug_bounty-5 | loyalonlytoday | bugs, penetration-testing, bug-bounty, cybersecurity, ethical-hacking | 19-Feb-2025 |
OTP Login Rate Limit Bypass — The Easiest Bug for Beginners to Discover | https://infosecwriteups.com/otp-login-rate-limit-bypass-the-easiest-bug-for-beginners-to-discover-74cbf2432b72?source=rss------bug_bounty-5 | Vivek PS | ethical-hacking, programming, bug-bounty-tips, web-security, bug-bounty | 19-Feb-2025 |
How I Earned a Hall of Fame Spot at UNESCO by Bypassing 403 Forbidden | https://infosecwriteups.com/how-i-earned-a-hall-of-fame-spot-at-unesco-by-bypassing-403-forbidden-fdb2185383f7?source=rss------bug_bounty-5 | Krunal Patel | bug-bounty, bug-bounty-writeup, hacking, penetration-testing, hall-of-fame | 19-Feb-2025 |
Bluetooth Low Energy Hacking 101 | https://medium.com/@majix_de/bluetooth-low-energy-hacking-101-15a471d3e956?source=rss------bug_bounty-5 | Majix | bluetooth, hacking, penetration-testing, pentesting, bug-bounty | 19-Feb-2025 |
How i got my name featured on Nebraska University Hall Of Fame. | https://medium.com/@eabubakr21/how-i-got-my-name-featured-on-nebraska-university-hall-of-fame-fdb1c16fc0f7?source=rss------bug_bounty-5 | Eslam Abu Bakr | penetration-testing, information-technology, bug-bounty, ethical-hacking, cybersecurity | 19-Feb-2025 |
Linux Privilege Escalation, some ideas from tryhackme machines — part 2 | https://medium.com/@loaymorad11/linux-privilege-escalation-some-ideas-from-tryhackme-machines-part-2-77def0b1e361?source=rss------bug_bounty-5 | Loaymorad | tryhackme, bug-bounty, cybersecurity, hacking, hackthebox | 19-Feb-2025 |
Beginner’s Guide: Basic Methods for Finding Android Application Vulnerabilities | https://medium.com/@security.tecno/beginners-guide-basic-methods-for-finding-android-application-vulnerabilities-f1da4e05341c?source=rss------bug_bounty-5 | TECNO Security | hacking, bug-bounty, apps, bonus, security | 19-Feb-2025 |
Critical Security Vulnerability: Unauthenticated Access to /shipments/deleted Endpoint Leads to… | https://hackersatty.medium.com/critical-security-vulnerability-unauthenticated-access-to-shipments-deleted-endpoint-leads-to-7edb5d9b7f76?source=rss------bug_bounty-5 | hackersatty | hackerone, bug-bounty-writeup, penetration-testing, bug-bounty, owasp-top-10 | 19-Feb-2025 |
How to Identify a Server’s Origin IP — And hy? | https://medium.com/@verylazytech/how-to-identify-a-servers-origin-ip-and-hy-b6312af71e51?source=rss------bug_bounty-5 | Very Lazy Tech | bypass, penetration-testing, cloudflare, ethical-hacking, bug-bounty | 19-Feb-2025 |
File Upload Restrictions Bypass in S3 Bucket | https://saeed0x1.medium.com/file-upload-restrictions-bypass-in-s3-bucket-87c2717664a3?source=rss------bug_bounty-5 | SAEED | bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips, aws | 19-Feb-2025 |
tool to generate XSS payloads. | https://medium.com/cyberscribers-exploring-cybersecurity/tool-to-generate-xss-payloads-7d8b323d187d?source=rss------bug_bounty-5 | loyalonlytoday | cybersecurity, bug-bounty, xss-vulnerability, bugs, cross-site-scripting | 19-Feb-2025 |
$2,000 Bounty: Unauthenticated Remote Code Execution to Reverse Shell — A Real-World Example | https://medium.com/@krishna9823420058/2-000-bounty-unauthenticated-remote-code-execution-to-reverse-shell-a-real-world-example-fd9dff5d9c3f?source=rss------bug_bounty-5 | Krish_cyber | osint, idor, hacking, infosec, bug-bounty | 19-Feb-2025 |
How I Made $6,000 by Exploiting JWT Manipulation on a Web3 Crypto App | https://medium.com/@krishna9823420058/how-i-made-6-000-by-exploiting-jwt-manipulation-on-a-web3-crypto-app-f3ab440f02b6?source=rss------bug_bounty-5 | Krish_cyber | bug-bounty, jwt-token, osint, hacking, cybersecurity | 19-Feb-2025 |
HTTP FILTER: Streamlining HTTP Response Analysis for Security Researchers | https://yogsec.medium.com/http-filter-streamlining-http-response-analysis-for-security-researchers-9e356e2065d2?source=rss------bug_bounty-5 | YogSec | http-filter, httpx, bug-bounty, http-tool, hacking-tools | 19-Feb-2025 |
No Rate Limit: The Easiest Bug Bounty Payout You’re Missing | https://medium.com/@abdulbasitpriv/no-rate-limit-the-easiest-bug-bounty-payout-youre-missing-79335e39c377?source=rss------bug_bounty-5 | Abdul Basit Khan | bug-bounty, website, rate-limit, vulnerability, penetration-testing | 19-Feb-2025 |
How I found SQL injection vulnerability on the government organization website! | https://hiddendom.medium.com/how-i-found-sql-injection-vulnerability-on-the-government-organization-website-01533dba5158?source=rss------bug_bounty-5 | Gokuleswaran B | bug-bounty-tips, bug-bounty, sql-injection, sql-injection-attack, bug-bounty-writeup | 19-Feb-2025 |
LFI Advanced Methodology by Abhijeet | https://infosecwriteups.com/lfi-advanced-methodology-by-abhijeet-6663bede44c6?source=rss------bug_bounty-5 | Abhijeet kumawat | infosec, lfi, hacking, money, bug-bounty | 19-Feb-2025 |
How to Identify a Server’s Origin IP — And Why? | https://medium.com/@verylazytech/how-to-identify-a-servers-origin-ip-and-hy-b6312af71e51?source=rss------bug_bounty-5 | Very Lazy Tech | bypass, penetration-testing, cloudflare, ethical-hacking, bug-bounty | 19-Feb-2025 |
JSFScan: Automation for JavaScript Recon in Bug Bounty | https://bevijaygupta.medium.com/jsfscan-automation-for-javascript-recon-in-bug-bounty-af3273ac61bf?source=rss------bug_bounty-5 | Vijay Kumar Gupta | recon, automation, javascript, bug-bounty, jsfscan | 19-Feb-2025 |
Turning XSS into Account Takeover (ATO): How to Level Up Your Exploit $$$ | https://medium.com/@HackerNasr/turning-xss-into-account-takeover-ato-how-to-level-up-your-exploit-16126c271476?source=rss------bug_bounty-5 | HackerNasr | cybersecurity, hacking, penetration-testing, ethical-hacking, bug-bounty | 19-Feb-2025 |
EASY P3 “Broken Access Control” | https://medium.com/@a0xtrojan/easy-p3-broken-access-control-a178dcda8c58?source=rss------bug_bounty-5 | A0X_Trojan | bug-bounty, broken-access-control, privilege-escalation, medium, bug-bounty-writeup | 19-Feb-2025 |
CAPHTB | https://medium.com/@a.essam0_o/caphtb-32d9a8c5ded1?source=rss------bug_bounty-5 | A.Essam | hacking, networking, ssh, privilege-escalation, bug-bounty | 19-Feb-2025 |
Bug Bounty Methodology: Exploiting Dev & Staging Environments for Maximum Bounty | https://medium.com/@zerodaystories/bug-bounty-methodology-exploiting-dev-staging-environments-for-maximum-bounty-414419faf744?source=rss------bug_bounty-5 | 0day stories | penetration-testing, bug-bounty-writeup, bug-bounty, bug-bounty-tips, cybersecurity | 19-Feb-2025 |
$50-$100 P5 & P4 Bug Automation with Nuclei | https://cybersecuritywriteups.com/50-100-p5-p4-bug-automation-with-nuclei-e7fce9a60dfd?source=rss------bug_bounty-5 | It4chis3c | secrets, nuclei-template, nucleus, bug-bounty, hidden | 19-Feb-2025 |
Hacked My Way Into Google’s Hall of Fame! The Relentless Bug Bounty Hunt | https://rootxabit.medium.com/hacked-my-way-into-googles-hall-of-fame-the-relentless-bug-bounty-hunt-75d9d2cdd8a0?source=rss------bug_bounty-5 | xabit • hacks | bug-bounty, google, hacker, tryhackme, bugcrowd | 19-Feb-2025 |
The Web Application Hacker’s Handbook: Web Application (In)security | https://medium.com/@muhammad4208/the-web-application-hackers-handbook-web-application-in-security-b2e7df531100?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty, bug-bounty-tips, web-application-security | 19-Feb-2025 |
Subdomain Enumeration: Expanding the Attack Surface | https://medium.com/@muhammad4208/subdomain-enumeration-expanding-the-attack-surface-5fefe74f1d83?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty, bug-bounty-hunter, bug-bounty-program, subdomains-enumeration, bug-bounty-tips | 19-Feb-2025 |
How I Stumbled Upon India’s Government Data Leak – and Why It’s a Wake-Up Call | https://medium.com/@warisjeet31/how-i-stumbled-upon-indias-government-data-leak-and-why-it-s-a-wake-up-call-c90695d84a29?source=rss------bug_bounty-5 | sin99xx | information-technology, bug-bounty, infosec, penetration-testing, cybersecurity | 19-Feb-2025 |
Bug Bounty Hunting — Complete Guide (Part-102) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-102-33f5cc96116c?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, hacking, bug-bounty-tips, ethical-hacking, bug-bounty | 19-Feb-2025 |
How I Found a CSRF via a misconfiguration in graphql | https://medium.com/@ismailismailgamal52/how-i-found-a-csrf-via-a-misconfiguration-in-graphql-42676a1e12b7?source=rss------bug_bounty-5 | ISMAILSHADOW | bug-bounty, graphql, csrf | 19-Feb-2025 |
Did You Know … A Woman Launched the U.S. Government’s First Bug Bounty Program | https://medium.com/did-you-know-short-fun-facts/did-you-know-a-woman-launched-the-u-s-governments-first-bug-bounty-program-3b7a32ebf00b?source=rss------bug_bounty-5 | Marisa Tranchitella Foltz | cybersecurity, did-you-know, bug-bounty, women-in-tech, people | 19-Feb-2025 |
“There is no subdomain with no usage” How understanding this rule led to 5 Criticals | https://kalawy.medium.com/there-is-no-subdomain-with-no-usage-how-understanding-this-rule-led-to-5-criticals-59e815ca6df2?source=rss------bug_bounty-5 | Kalawy | information-disclosure, bug-bounty, ssrf, bug-hunting, hacking | 19-Feb-2025 |
EASY P3 “Broken Access Control” | https://medium.com/@a0xtrojan/easy-p3-broken-access-control-7c28702cb1ee?source=rss------bug_bounty-5 | A0X_Trojan | broken-access-control, bug-bounty, privilege-escalation, bug-bounty-writeup, medium | 19-Feb-2025 |
How a GraphQL Misconfiguration Exposed Sensitive Information: A $25,000 Bug Bounty Report | https://cyberw1ng.medium.com/how-a-graphql-misconfiguration-exposed-sensitive-information-a-25-000-bug-bounty-report-a8207bc7ff11?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | programming, cybersecurity, jobs, careers, bug-bounty | 19-Feb-2025 |
How a GraphQL Misconfiguration Exposed Sensitive Information: A $25,000 Bug Bounty Report | https://osintteam.blog/how-a-graphql-misconfiguration-exposed-sensitive-information-a-25-000-bug-bounty-report-a8207bc7ff11?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | programming, cybersecurity, jobs, careers, bug-bounty | 19-Feb-2025 |
✨$500 HTML Injection in Snapchat | https://cybersecuritywriteups.com/500-html-injection-in-snapchat-c546282f1f60?source=rss------bug_bounty-5 | Abhijeet kumawat | hacking, infosec, html, snapchat, bug-bounty | 18-Feb-2025 |
How I Bypassed BookMyShow’s OTP Limit with Just a Space & Got ₹1000 for It! | https://infosecwriteups.com/how-i-bypassed-bookmyshows-otp-limit-with-just-a-space-got-1000-for-it-70eab29fb6aa?source=rss------bug_bounty-5 | Vivek PS | bug-bounty-writeup, hacking, progamming, web-security, bug-bounty | 18-Feb-2025 |
No email verification leads to an Oauth account takeover. | https://infosecwriteups.com/no-email-verification-leads-to-an-oauth-account-takeover-02eb30496939?source=rss------bug_bounty-5 | loyalonlytoday | awareness, bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips | 18-Feb-2025 |
Android App Endpoint API Discovery Using Static Analysis Methods | https://medium.com/@BugRey/android-app-endpoint-api-discovery-using-static-analysis-methods-2cb2c83ccfbb?source=rss------bug_bounty-5 | ./Rey~ | bug-bounty-tips, pentesting, penetration-testing, bug-bounty, android-security | 18-Feb-2025 |
Practical Guide Arbitrary File Upload | https://medium.com/@BugRey/practical-guide-arbitrary-file-upload-7c6a6e6becd6?source=rss------bug_bounty-5 | ./Rey~ | bug-bounty-tips, web-security, penetration-testing, pentesting, bug-bounty | 18-Feb-2025 |
Monday Vulnerability Disclosure (February 17, 2025) | https://medium.com/@bombhajohn/monday-vulnerability-disclosure-february-17-2025-08d7fe29c39b?source=rss------bug_bounty-5 | Folks47ghee | bug-bounty, data, cybersecurity, data-leak | 18-Feb-2025 |
JavaScript for Hackers: A Full Tutorial | https://medium.com/@hrofficial62/javascript-for-hackers-a-full-tutorial-84a2be091427?source=rss------bug_bounty-5 | Mr Horbio | cybersecurity, javascript, bug-bounty, pentesting, ethical-hacking | 18-Feb-2025 |
Hackyholidays CTF (Grinch Network) Write-Up | Part 1 | Hacker101 CTF | https://medium.com/@sari.mmusab/hackyholidays-ctf-grinch-network-write-up-part-1-hacker101-ctf-4dcf8d1fb2ed?source=rss------bug_bounty-5 | Musab Sarı | burpsuite, ctf, web, bug-bounty, cybersecurity | 18-Feb-2025 |
Ever Found a Valid Bug/Leaks in JavaScript Files? Part 1 | https://systemweakness.com/ever-found-a-valid-bug-leaks-in-javascript-files-part-1-efe1f535983b?source=rss------bug_bounty-5 | It4chis3c | extraction, secrets, js, javascript, bug-bounty | 18-Feb-2025 |
How I Hacked My Own Phone, Found 2 Critical Vulnerabilities, and Cashed In $1,500 | https://medium.com/@krishna9823420058/how-i-hacked-my-own-phone-found-2-critical-vulnerabilities-and-cashed-in-1-500-139535f25fa1?source=rss------bug_bounty-5 | Krish_cyber | bug-bounty, osint, bug-bounty-tips, cybersecurity, idor | 18-Feb-2025 |
Improper Authentication: Account TakeOver | https://medium.com/@mvenkata.bharath/improper-authentication-account-takeover-5dc9095c0b28?source=rss------bug_bounty-5 | Bharath Kumar | authentication, bug-bounty, cybersecurity, information-security, security-research | 18-Feb-2025 |
Insecure Direct Object Reference — Simple case | https://medium.com/@mvenkata.bharath/insecure-direct-object-reference-simple-case-1bc2afd4e362?source=rss------bug_bounty-5 | Bharath Kumar | bug-bounty, cybersecurity, information-security, idor-vulnerability | 18-Feb-2025 |
Instagram Authentication Flaw in Android App | https://medium.com/@akashkarmakar787/instagram-authentication-flaw-in-android-app-cf2a59e6a175?source=rss------bug_bounty-5 | Akash Karmakar | instagram, bug-bounty, facebook, login, security | 18-Feb-2025 |
Recon — Finding Information About a Target | https://medium.com/@yassentaalab51/recon-finding-information-about-a-target-ff146160fb1a?source=rss------bug_bounty-5 | Killua | cybersecurity, penetration-testing, bug-bounty, recon | 18-Feb-2025 |
Unverified Email Change Flaw on Apps.Target.com: A Sneaky Account Takeover Trick | https://infosecwriteups.com/unverified-email-change-flaw-on-apps-target-com-a-sneaky-account-takeover-trick-2d3402223f4f?source=rss------bug_bounty-5 | JEETPAL | cybersecurity, bug-bounty, bugbounty-writeup, account-takeover, bug-bounty-tips | 18-Feb-2025 |
CORS + XSS : Chaining Vulnerabilities for Critical Data Extraction | https://medium.com/@blify/cors-xss-chaining-vulnerabilities-for-critical-data-extraction-aed9d8fbd814?source=rss------bug_bounty-5 | Blify | security, bug-bounty, hacking, bug-bounty-writeup | 18-Feb-2025 |
Mastering Bug Bounties in 2025 — The Smart Way to Hunt & Earn Big | https://medium.com/@shaheeryasirofficial/mastering-bug-bounties-in-2025-the-smart-way-to-hunt-earn-big-df69d78ddb10?source=rss------bug_bounty-5 | Shaheer Yasir | bug-bounty-tips, cybersecurity, hackerone, hacking, bug-bounty | 18-Feb-2025 |
Ever Found a Valid Bug/Leaks in JavaScript Files in Bug Bounties? | https://infosecwriteups.com/ever-found-a-valid-bug-leaks-in-javascript-files-in-bug-bounties-81ba362612a7?source=rss------bug_bounty-5 | It4chis3c | js, bug-bounty, javascript, practical, secrets | 18-Feb-2025 |
$4000 Blind SQL Injection in inDrive | https://medium.com/@kumawatabhijeet2002/4000-blind-sql-injection-in-indrive-a0a4dcd99cb9?source=rss------bug_bounty-5 | Abhijeet kumawat | hacking, infosec, sql-injection, money, bug-bounty | 18-Feb-2025 |
️♂️ How to Start Bug Hunting Using These 5 Simple Steps | https://medium.com/@vipulsonule71/%EF%B8%8F-%EF%B8%8F-how-to-start-bug-hunting-using-these-5-simple-steps-1c15f227f852?source=rss------bug_bounty-5 | Vipul Sonule | hacking, technology, machine-learning, cybersecurity, bug-bounty | 18-Feb-2025 |
How I Discovered a 0-Click Account Takeover (ATO) Vulnerability in a Flutter Application | https://medium.com/@k3r0/how-i-discovered-a-0-click-account-takeover-ato-vulnerability-in-a-flutter-application-74c7a5c4dc70?source=rss------bug_bounty-5 | Kyrillos nady | flutter, penetration-testing, android-pentesting, hacking, bug-bounty | 18-Feb-2025 |
Registration logic error — 2500$ bug bounty | https://theclemvp.medium.com/registration-logic-error-2500-bug-bounty-72728ce5ffd0?source=rss------bug_bounty-5 | Molx32 | security, web-security, writeup, cybersecurity, bug-bounty | 18-Feb-2025 |
Day 13: Chaining Improper Authentication to IDOR and No Rate Limit for Mass Account Takeover | https://medium.com/@danielbelay/day-13-chaining-improper-authentication-to-idor-and-no-rate-limit-for-mass-account-takeover-bd6be94a96c3?source=rss------bug_bounty-5 | dani3l | account-takeover-attacks, bug-bounty | 18-Feb-2025 |
The Highest-Paid Bug Bounty Hunters in the World (And Their Secrets) | https://medium.com/@krishna9823420058/the-highest-paid-bug-bounty-hunters-in-the-world-and-their-secrets-2e0f13d4fc6a?source=rss------bug_bounty-5 | Krish_cyber | cybersecurity, infosec, ethical-hacking, hacking, bug-bounty | 18-Feb-2025 |
Finding Peace in the Chaos: A Security Researcher’s Perspective | https://medium.com/@thedevtaskofficial/finding-peace-in-the-chaos-a-security-researchers-perspective-06812e7ff767?source=rss------bug_bounty-5 | thedevtask official | security, vulnerability, peace, bug-bounty, philosophy | 18-Feb-2025 |
Reconnaissance with Sn1per: Is This the Ultimate Recon Weapon? | https://medium.com/@paritoshblogs/reconnaissance-with-sn1per-is-this-the-ultimate-recon-weapon-b05bf69dc8e1?source=rss------bug_bounty-5 | Paritosh | hacking, bug-bounty, information-technology, cybersecurity, sn1per | 18-Feb-2025 |
Bug Bounty in 2025: Part 3 — Investigating 4 Open Redirect Reports at HackerOne, So You Don’t Have… | https://medium.com/@halfcircassian/bug-bounty-in-2025-part-3-investigating-4-open-redirect-reports-at-hackerone-so-you-dont-have-499948a0e6b1?source=rss------bug_bounty-5 | Sıla Özeren | bug-bounty-tips, open-redirect, bug-bounty, bug-bounty-writeup, hackerone | 18-Feb-2025 |
Bug Bounty Hunting — Complete Guide (Part-101) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-101-ef5f9ed33841?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-tips, hacking, ethical-hacking, bug-bounty, cybersecurity | 18-Feb-2025 |
The Biggest Bug Bounty Myths | https://medium.com/@hackrate/the-biggest-bug-bounty-myths-ec5b56b39e5e?source=rss------bug_bounty-5 | Levente Molnar | bug-bounty, hacking, ethical-hacking, bug-bounty-tips, cybersecurity | 18-Feb-2025 |
The Hidden Risks in Multipart/Form-Data Requests | https://medium.com/@melodicbook/the-hidden-risks-in-multipart-form-data-requests-65a8f8557b22?source=rss------bug_bounty-5 | Sam Mirov | bug-bounty-tips, api-security, security-research, bug-bounty, web-application-security | 18-Feb-2025 |
Advanced Techniques to Discover and Secure Exposed Credentials Online | https://cyberw1ng.medium.com/advanced-techniques-to-discover-and-secure-exposed-credentials-online-977e5ec53095?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, jobs, education, cybersecurity | 18-Feb-2025 |
How to Earn $50k Finding Critical Vulnerabilities in Bug Bounty | https://medium.com/@ibtissamhammadi/how-to-earn-50k-finding-critical-vulnerabilities-in-bug-bounty-b78806051ab8?source=rss------bug_bounty-5 | Ibtissam Hammadi | technology, bug-bounty, hacking, cybersecurity, programming | 18-Feb-2025 |
Steal Secrets From The Web: Master Parameter Fuzzing | Recon Part 9 | https://it4chis3c.medium.com/ever-used-burp-suite-to-the-fullest-recon-part-9-22c389a29ad7?source=rss------bug_bounty-5 | It4chis3c | bug-bounty, parameter, fuzzing, extraction, secrets | 17-Feb-2025 |
How I Found an Open Redirect Vulnerability Easily (Worth $500!) | https://cybersecuritywriteups.com/how-i-found-an-open-redirect-vulnerability-easily-worth-500-d677d7693c06?source=rss------bug_bounty-5 | Abhijeet kumawat | open-redirect, bugbounty-tips, infosec, bug-bounty, hacking | 17-Feb-2025 |
The Rise of Industrialized Cybercrime: How Threat Actors Scaled Their Operations | https://medium.com/@paritoshblogs/the-rise-of-industrialized-cybercrime-how-threat-actors-scaled-their-operations-0e863667a383?source=rss------bug_bounty-5 | Paritosh | cybersecurity, hacking, information-technology, cybercrime, bug-bounty | 17-Feb-2025 |
Finding Vulnerabilities with Nmap | https://medium.com/@dasmanish6176/finding-vulnerabilities-with-nmap-713bd8693369?source=rss------bug_bounty-5 | Dasmanish | nmap, network-security, ethical-hacking, bug-bounty, cybersecurity | 17-Feb-2025 |
Hidden method to find Bugcrowd Programs | https://medium.com/meetcyber/hidden-method-to-find-bugcrowd-programs-c6ac027be4f4?source=rss------bug_bounty-5 | AbhirupKonwar | ethical-hacking, pentesting, bug-bounty, osint, bug-bounty-tips | 17-Feb-2025 |
Bug Hunting Automation | https://infosecwriteups.com/bug-hunting-automation-f91ce2ce70bc?source=rss------bug_bounty-5 | Monika sharma | technology, penetration-testing, bug-bounty, bug-bounty-tips, hacking | 17-Feb-2025 |
API Endpoints Discovery using Kiterunner | https://bitpanic.medium.com/api-endpoints-discovery-using-kiterunner-ded82e092543?source=rss------bug_bounty-5 | Spectat0rguy | cybersecurity, bug-bounty, ai-generated-content, technology, programming | 17-Feb-2025 |
How a Simple Graphql Vulnerability led to Admin Dashboard | https://medium.com/@rishi1.beria/how-a-simple-graphql-vulnerability-led-to-admin-dashboard-2fb10df3607a?source=rss------bug_bounty-5 | Rishi Beria | penetration-testing, hacking, cybersecurity, bug-bounty, graphql | 17-Feb-2025 |
Finding more subdomains using security trails api key | https://infosecwriteups.com/finding-more-subdomains-using-security-trails-api-key-0abdadd60574?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, cybersecurity, hacking, reconnaissance, subdomain | 17-Feb-2025 |
Exploiting the Log4j Vulnerability (CVE-2021–44228) — Proof of Concept (PoC) | https://medium.com/@muhammadwaseem29/exploiting-the-log4j-vulnerability-cve-2021-44228-proof-of-concept-poc-9b462b73b7a8?source=rss------bug_bounty-5 | Muhammad Waseem | hacking, bug-bounty-tips, infosec, cybersecurity, bug-bounty | 17-Feb-2025 |
From Curiosity to $10,000: How I Found a Critical Account Takeover Bug | https://medium.com/@rahulgairola/from-curiosity-to-10-000-how-i-found-a-critical-account-takeover-bug-ca6dd169c36b?source=rss------bug_bounty-5 | Rahul Gairola | bug-bounty-tips, bug-bounty-writeup, account-takeover, bug-bounty, authentication-bypass | 17-Feb-2025 |
A Beginner’s Guide to Bash [Special for Hacker | https://medium.com/@hrofficial62/a-beginners-guide-to-bash-special-for-hacker-ffe5c7ce4c21?source=rss------bug_bounty-5 | Mr Horbio | cybersecurity, pentesting, kali-linux, bug-bounty, bash | 17-Feb-2025 |
Zoho Account Takeover: How a Single Click Can Lead to Full Control over your Zoho account | https://infosecwriteups.com/zoho-account-takeover-how-a-single-click-can-lead-to-full-control-over-your-zoho-account-cd6f0c245272?source=rss------bug_bounty-5 | HackerWithOutHat | infose, javascript, bug-bounty, security | 17-Feb-2025 |
WHAT IS THE IMPORTANCE OF FINDING AQUISITIONS FOR BUG BOUNTY. | https://osintteam.blog/what-is-the-importance-of-finding-aquisitions-for-bug-bounty-3d4920796dc5?source=rss------bug_bounty-5 | loyalonlytoday | awareness, tips, cybersecurity, bug-bounty, hacking | 17-Feb-2025 |
How to Find Subdomains Using Shodan and the Favicon Hash Trick on Kali Linux | https://medium.com/@securitytalent/how-to-find-subdomains-using-shodan-and-the-favicon-hash-trick-on-kali-linux-8829e3d10297?source=rss------bug_bounty-5 | MD Mehedi Hasan | favicon-hash-trick, bug-bounty, find-subdomain | 17-Feb-2025 |
I Pasted a Simple HTML Code on BookMyShow… and Got ₹1000 for It! | https://infosecwriteups.com/i-pasted-a-simple-html-code-on-bookmyshow-and-got-1000-for-it-26313f0e2115?source=rss------bug_bounty-5 | Vivek PS | web-security, programming, bug-bounty, bug-bounty-writeup, hacking | 17-Feb-2025 |
Bug Bounty Hunting — Complete Guide (Part-100) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-100-ded60fc66bf5?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, ethical-hacking, bug-bounty, bug-bounty-tips, cybersecurity | 17-Feb-2025 |
Top CVEs to Watch in 2025: Hunting Critical Bugs | https://medium.com/@zerodaystories/top-cves-to-watch-in-2025-hunting-critical-bugs-3d7fee7ef95e?source=rss------bug_bounty-5 | 0day stories | bug-bounty-tips, technology, penetration-testing, cybersecurity, bug-bounty | 17-Feb-2025 |
IDOR Vulnerability in Group Profile Picture Feature($$) | https://medium.com/@Tanvir0x1/idor-vulnerability-in-group-profile-picture-feature-72bbf96e0f6e?source=rss------bug_bounty-5 | Tanvir Ahmed | bugs, bug-bounty-tips, bug-bounty | 17-Feb-2025 |
Ethical Hacking Roadmap 2025: Your Ultimate Guide to Landing a Cybersecurity Job! | https://medium.com/@krishna9823420058/ethical-hacking-roadmap-2025-your-ultimate-guide-to-landing-a-cybersecurity-job-57b0367fb070?source=rss------bug_bounty-5 | Krish_cyber | hacking, bug-bounty, ai, cybersecurity, ethical-hacking | 17-Feb-2025 |
Bug Bounty 101 for Companies | https://medium.com/@hackrate/bug-bounty-101-for-companies-a6747ae0e3bb?source=rss------bug_bounty-5 | Levente Molnar | bug-bounty-tips, hacking, bug-bounty, cybersecurity, ethical-hacking | 17-Feb-2025 |
How to Find SQL Injection and Get Bounty of $100, $200, $500 | https://medium.com/@kumawatabhijeet2002/how-to-find-sql-injection-and-get-bounty-of-100-200-500-f44e0df0ba77?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, money, sql-injection, infosec, hacking | 17-Feb-2025 |
Top 7 Payloads lists Every Bug Bounty Hunter Need To Know | https://medium.com/@verylazytech/top-7-payloads-lists-every-bug-bounty-hunter-need-to-know-bbb72c87c779?source=rss------bug_bounty-5 | Very Lazy Tech | penetration-testing, bug-bounty, red-team, payload, ethical-hacking | 17-Feb-2025 |
Subdomain Bruteforcing Using Burp Suite: A Step-by-Step Guide for Ethical Hackers | https://medium.com/@hacker_might/subdomain-bruteforcing-using-burp-suite-a-step-by-step-guide-for-ethical-hackers-6f48f59b9f00?source=rss------bug_bounty-5 | hacker_might | bug-bounty, reconnaissance, subdomains-enumeration, brute-force, burpsuite | 17-Feb-2025 |
10 Secrets Every Bug Bounty Hunter Must Know | https://medium.com/@ibtissamhammadi/10-secrets-every-bug-bounty-hunter-must-know-20d71c3858a7?source=rss------bug_bounty-5 | Ibtissam Hammadi | cybersecurity, infosec, tech-career, bug-bounty, hacking | 17-Feb-2025 |
Open Redirect to Xss | https://medium.com/@0x_karim/open-redirect-to-xss-d35eb8eb1cf4?source=rss------bug_bounty-5 | 0xkarim | bug-hunting, bug-bounty-tips, bug-bounty, hackerone, hacking | 17-Feb-2025 |
Finding Exposed Credentials and Sensitive Data in Cloud, Repositories, and Logs | https://cyberw1ng.medium.com/finding-exposed-credentials-and-sensitive-data-in-cloud-repositories-and-logs-a4a4c9e5323c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, jobs, hacking, bug-bounty, cybersecurity | 17-Feb-2025 |
Bug Bounty Recon: Mastering the Art of Information Gathering (Part 1) | https://medium.com/@weaponshot/bug-bounty-recon-mastering-the-art-of-information-gathering-part-1-01e24bb24462?source=rss------bug_bounty-5 | Matyis Kong | cybersecurity, bug-bounty | 17-Feb-2025 |
Finding Exposed Credentials and Sensitive Data in Cloud, Repositories, and Logs | https://osintteam.blog/finding-exposed-credentials-and-sensitive-data-in-cloud-repositories-and-logs-a4a4c9e5323c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, jobs, hacking, bug-bounty, cybersecurity | 17-Feb-2025 |
$500 How I Found XSS Using ChatGPT | https://medium.com/@kumawatabhijeet2002/500-how-i-found-xss-using-chatgpt-ec55792e35bb?source=rss------bug_bounty-5 | Abhijeet kumawat | xss-attack, hacking, chatgpt, bug-bounty, ai | 16-Feb-2025 |
Finding a p4 as per bug crowd vrt | https://cybersecuritywriteups.com/finding-a-p4-as-per-bug-crowd-vrt-1de5f8074cda?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, bugs, cybersecurity, ethical-hacking, 4ps | 16-Feb-2025 |
Bug Bounty Hunting: Automatic Vulnerability Discovery Using Fuzzers | https://medium.com/@muhammad4208/bug-bounty-hunting-automatic-vulnerability-discovery-using-fuzzers-6da56581c8ae?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | web-testing, bug-bounty-hunter, bug-bounty, bug-bounty-program, bug-bounty-tips | 16-Feb-2025 |
Bug Bounty Hunting: Web Vulnerability (API Testing) | https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-api-testing-96a49acc4f35?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty-tips, bug-bounty, api-testing, bug-bounty-hunter, bug-bounty-program | 16-Feb-2025 |
Bug Bounty Hunting: Web Vulnerability (Android Hacking Apps) | https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-android-hacking-apps-c74f85e81c90?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty-tips, bug-bounty, android-hacking-tool, bug-bounty-program, bug-bounty-hunter | 16-Feb-2025 |
IDOR Nightmare: Indian Post Office Portal Exposed Thousands of KYC Records with Article ID with… | https://systemweakness.com/idor-nightmare-indian-post-office-portal-exposed-thousands-of-kyc-records-with-article-id-with-735cc35a3984?source=rss------bug_bounty-5 | Gokuleswaran B | idor-vulnerability, bugbounty-writeup, bug-bounty, bug-bounty-writeup, idor | 16-Feb-2025 |
Business Logic Vulnerabilities | https://medium.com/@0x1di0t/business-logic-vulnerabilities-843ea2a316f2?source=rss------bug_bounty-5 | Wahid Najim | bug-bounty-writeup, business-logic-flaw, business-logic, bug-bounty, business-logic-bug | 16-Feb-2025 |
LivePwn Tool: The Ultimate Swiss Army Knife for Hackers and Bug Bounty Hunters | https://livepwn.medium.com/livepwn-tool-the-ultimate-swiss-army-knife-for-hackers-and-bug-bounty-hunters-6faac2c7157c?source=rss------bug_bounty-5 | livepwn | cybersecurity, ctf, cybertool, bug-bounty, hacking | 16-Feb-2025 |
How I Found a Sensitive Data Leak in Microsoft!” | https://rootxabit.medium.com/how-i-found-a-sensitive-data-leak-in-microsoft-6c20c66d0ead?source=rss------bug_bounty-5 | xabit • hacks | bug-bounty, hacking, hacker, medium, microsoft | 16-Feb-2025 |
CORS vs Access-Control-Allow-Origin | https://medium.com/@shadyfarouk1986/cors-vs-access-control-allow-origin-af5cecc3f4c7?source=rss------bug_bounty-5 | Shady Farouk | bug-bounty-program, bug-bounty, bug-bounty-writeup, bug-bounty-tips | 16-Feb-2025 |
Day 11: Full Account Takeover (ATO) — A Tale of Two Bugs | https://medium.com/@danielbelay/day-11-full-account-takeover-ato-a-tale-of-two-bugs-2e630aeb56ff?source=rss------bug_bounty-5 | dani3l | bug-bounty, account-takeover | 16-Feb-2025 |
Hacking Exposed .git Directories: Because Developers Still Don’t Learn | https://medium.com/@mahad.ahmed0x1/hacking-exposed-git-directories-because-developers-still-dont-learn-095de0b96e2c?source=rss------bug_bounty-5 | 404NotPentested | information-security, infosec, cybersecurity, penetration-testing, bug-bounty | 16-Feb-2025 |
$9,060 OS Command Injection — Private Bug Bounty P1 | 2023 | https://medium.com/@krishna9823420058/9-060-os-command-injection-private-bug-bounty-p1-2023-c9ac83a0fe2a?source=rss------bug_bounty-5 | Krish_cyber | osint, bugs, hacking, infosec-write-ups, bug-bounty | 16-Feb-2025 |
Portswigger Web Security Academy : “Excessive trust in client-side controls” walkthrough | https://medium.com/@Kinqdathacker/portswigger-web-security-academy-excessive-trust-in-client-side-controls-walkthrough-ddf5457a6e7b?source=rss------bug_bounty-5 | Kinqdathacker | web-hacking, penetration-testing, ctf, bug-bounty, business-logic-flaw | 16-Feb-2025 |
How To Discover Hidden Endpoints | https://medium.com/@kumawatabhijeet2002/how-to-discover-hidden-endpoints-fef261d619c1?source=rss------bug_bounty-5 | Abhijeet kumawat | secrets, bug-bounty, infosec, hidden, hacking | 16-Feb-2025 |
Top Web Application Penetration Testing Tools in 2025: A Comprehensive Guide for Ethical Hackers | https://medium.com/@verylazytech/top-web-application-penetration-testing-tools-in-2025-a-comprehensive-guide-for-ethical-hackers-863c0640baab?source=rss------bug_bounty-5 | Very Lazy Tech | hacking, bug-bounty, cyber, ethical-hacking, penetration-testing | 16-Feb-2025 |
Bug Bounty 101: How to Get Started and Earn Your First Reward | https://medium.com/@krishna9823420058/bug-bounty-101-how-to-get-started-and-earn-your-first-reward-4693846cc553?source=rss------bug_bounty-5 | Krish_cyber | bug-bounty, information-security, ethical-hacking, osint, infosec | 16-Feb-2025 |
Discovering the Power of WaybackURLs: A Tool for Web Archiving and Reconnaissance | https://medium.com/@cyberawareness/discovering-the-power-of-waybackurls-a-tool-for-web-archiving-and-reconnaissance-2881a1fc614e?source=rss------bug_bounty-5 | SourceFul Space | wayback-machine, penetration-testing, cybersecurity, bug-bounty, waybackurls | 16-Feb-2025 |
find hidden subdomain | https://medium.com/@dark_zone/find-hidden-subdomain-5d7cc42de1e8?source=rss------bug_bounty-5 | darkzone | bug-bounty, bug-bounty-tips | 16-Feb-2025 |
How a Simple RFI Turned into a $300 RCE Jackpot — A Hacker’s Wild Ride! | https://medium.com/@krishna9823420058/how-a-simple-rfi-turned-into-a-300-rce-jackpot-a-hackers-wild-ride-207e636e2398?source=rss------bug_bounty-5 | Krish_cyber | penetration-testing, bug-bounty, vulnerability, cybersecurity, ethical-hacking | 16-Feb-2025 |
“Hack the Bounty: Automate Bug Hunting & Get a Free VPS to Supercharge Your Game!” | https://medium.com/@krishna9823420058/hack-the-bounty-automate-bug-hunting-get-a-free-vps-to-supercharge-your-game-8ee8ed90b5dc?source=rss------bug_bounty-5 | Krish_cyber | infosec, cybersecurity, money, ethical-hacking, bug-bounty | 16-Feb-2025 |
How to Earn $100k as a Bug Bounty Hunter | https://medium.com/@ibtissamhammadi/how-to-earn-100k-as-a-bug-bounty-hunter-584690e63ab4?source=rss------bug_bounty-5 | Ibtissam Hammadi | cybersecurity, ethical-hacking, bug-bounty, tech-career, programming | 16-Feb-2025 |
XSS Hunting Like a Pro: The Ultimate Guide to Finding Cross-Site Scripting Bugs | https://medium.com/@krishna9823420058/xss-hunting-like-a-pro-the-ultimate-guide-to-finding-cross-site-scripting-bugs-3a459245b4bc?source=rss------bug_bounty-5 | Krish_cyber | osint, sql-injection, bug-bounty, xss-attack, hacking | 16-Feb-2025 |
Mastering SQL Injection: The Ultimate Guide to Finding Vulnerabilities Like a Pro | https://medium.com/@krishna9823420058/mastering-sql-injection-the-ultimate-guide-to-finding-vulnerabilities-like-a-pro-e64a0ba2d257?source=rss------bug_bounty-5 | Krish_cyber | osint, ethical-hacking, sql-injection, bug-bounty, cybersecurity | 16-Feb-2025 |
Bug Bounty Hunting — Complete Guide (Part-99) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-99-a31faa45f6b8?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, bug-bounty, hacking, bug-bounty-tips, ethical-hacking | 16-Feb-2025 |
Bypassing OTP via Inspect Element | https://medium.com/@noobsechunter/bypassing-otp-via-inspect-element-c95e8df29e54?source=rss------bug_bounty-5 | Whoami | learning, bug-bounty, otp-bypass, beginner | 16-Feb-2025 |
From Noob to $10k: How I Cracked the Bug Bounty Code as a Beginner! ✨ | https://medium.com/@krishna9823420058/from-noob-to-10k-how-i-cracked-the-bug-bounty-code-as-a-beginner-f4a672ec3169?source=rss------bug_bounty-5 | Krish_cyber | information-security, bug-bounty, hacking, osint, ethical-hacking | 16-Feb-2025 |
The Ultimate Bug Bounty Hunter’s Toolkit: Must-Have Tools to Hack Your Way to Success! ️♂️ | https://medium.com/@krishna9823420058/the-ultimate-bug-bounty-hunters-toolkit-must-have-tools-to-hack-your-way-to-success-%EF%B8%8F-%EF%B8%8F-be4dfc958d4b?source=rss------bug_bounty-5 | Krish_cyber | bug-bounty, bug-bounty-tips, hacking, ethical-hacking, osint | 16-Feb-2025 |
Hackers Assemble: The Vulniverse Saga | https://medium.com/@abhishek-ji/hackers-assemble-the-vulniverse-saga-84992359a522?source=rss------bug_bounty-5 | Abhishek Gupta | paruluniversity, bug-bounty, web-app-security, cybersecurity, the-hackers-meetup | 16-Feb-2025 |
How to Write the Perfect Bug Bounty Report (With Examples!) | https://medium.com/@krishna9823420058/how-to-write-the-perfect-bug-bounty-report-with-examples-5d95b95559ea?source=rss------bug_bounty-5 | Krish_cyber | bug-bounty-tips, bug-bounty, cybersecurity, osint, bug-bounty-writeup | 16-Feb-2025 |
Top 10 Platforms to Find Bug Bounty Programs in 2025: Hunt Bugs, Earn Cash, and Save the… | https://medium.com/@krishna9823420058/top-10-platforms-to-find-bug-bounty-programs-in-2025-hunt-bugs-earn-cash-and-save-the-dbc9a6ac13d1?source=rss------bug_bounty-5 | Krish_cyber | ethical-hacking, osint, bug-bounty, infosec-write-ups, bug-bounty-tips | 16-Feb-2025 |
Log4j RCE Vulnerability (CVE-2021–44228) Exploitation | https://medium.com/@muhammadwaseem29/log4j-rce-vulnerability-cve-2021-44228-exploitation-041ff74e1349?source=rss------bug_bounty-5 | Muhammad Waseem | cyber, rce, bug-bounty-tips, bug-bounty, hacking | 16-Feb-2025 |
# Exposure of Internal PHP Source Code Leading to Credential & Sensitive Data Leakage | https://medium.com/@bevennyamande/exposure-of-internal-php-source-code-leading-to-credential-sensitive-data-leakage-209383740e1e?source=rss------bug_bounty-5 | 0xbeven | bug-bounty-writeup, bug-bounty-tips, bug-bounty | 16-Feb-2025 |
How to Extract Information from Websites: Automated OSINT Techniques and Tools | https://cyberw1ng.medium.com/how-to-extract-information-from-websites-automated-osint-techniques-and-tools-434204e9c9dc?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | jobs, osint, cybersecurity, bug-bounty, careers | 16-Feb-2025 |
Symfonos2 Security Challenge | https://medium.com/@Y_Waheed/symfonos2-security-challenge-3d6a2a514f37?source=rss------bug_bounty-5 | Joo | penetration-testing, bug-bounty, bug-bounty-writeup, cybersecurity | 16-Feb-2025 |
How I Found My First Bug: A Beginner’s Guide to Bug Bounty Hunting | https://medium.com/@azizkilani88/how-i-found-my-first-bug-a-beginners-guide-to-bug-bounty-hunting-f41afef630d3?source=rss------bug_bounty-5 | A_SKILLER_007 | bugbounty-tips, bug-bounty, cybersecurity | 16-Feb-2025 |
How to Extract Information from Websites: Automated OSINT Techniques and Tools | https://osintteam.blog/how-to-extract-information-from-websites-automated-osint-techniques-and-tools-434204e9c9dc?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | jobs, osint, cybersecurity, bug-bounty, careers | 16-Feb-2025 |
Breaking Architect: Matrix AI Security Challenge by Repello | https://osintteam.blog/breaking-architect-matrix-ai-security-challenge-by-repello-6853c34a6874?source=rss------bug_bounty-5 | Rudrakshacker | ai, prompt-engineering, cybersecurity, bug-bounty, chatbots | 15-Feb-2025 |
From Recon to Exploitation: The Power of TerminatorZ | https://osintteam.blog/from-recon-to-exploitation-the-power-of-terminatorz-e86d8bf59c08?source=rss------bug_bounty-5 | Monika sharma | technology, penetration-testing, bug-bounty, hacking, bug-bounty-tips | 15-Feb-2025 |
How to Easily Find Exposed Credentials in Bug Hunting | https://osintteam.blog/how-to-easily-find-exposed-credentials-in-bug-hunting-bb70ac603bae?source=rss------bug_bounty-5 | RivuDon | hacking, bug-bounty, infosec, bug-bounty-writeup, bug-bounty-tips | 15-Feb-2025 |
Day 10:Turned Cookie-Based XSS into Account Takeover | https://medium.com/@danielbelay/day-10-turned-cookie-based-xss-into-account-takeover-ea28620f2888?source=rss------bug_bounty-5 | dani3l | bug-bounty, ethical-hacking | 15-Feb-2025 |
WEB APP PENTESTING CHECKLIST 2025 | https://medium.com/@shaheeryasirofficial/web-app-pentesting-checklist-2025-438eb646b47a?source=rss------bug_bounty-5 | Shaheer Yasir | offensive-security, web-app-security, bug-bounty, ethical-hacking, pentesting | 15-Feb-2025 |
Command Execution in Bug Bounties: How to Find, Test, and Exploit | https://rootxabit.medium.com/command-execution-in-bug-bounties-how-to-find-test-and-exploit-4f863c4a7240?source=rss------bug_bounty-5 | xabit • hacks | bug-bounty, recon, osint, oscp, website-hacking | 15-Feb-2025 |
Rate Limits Bypassed — Business Logic Flaw | https://medium.com/@muhammad_saud/rate-limits-bypassed-business-logic-flaw-948a11dce0e4?source=rss------bug_bounty-5 | Msaud | bug-bounty, hackerone, bug-bounty-writeup, penetration-testing, hacking | 15-Feb-2025 |
How I Earned $5,000 from a Single Bug Report | https://medium.com/@krishna9823420058/how-i-earned-5-000-from-a-single-bug-report-d4a793290a58?source=rss------bug_bounty-5 | Krish_cyber | information-security, ethical-hacking, bug-bounty, bug-bounty-tips, osint | 15-Feb-2025 |
The Blueprint to Your First $1,000+ Bug Bounty Reward | https://medium.com/@krishna9823420058/the-blueprint-to-your-first-1-000-bug-bounty-reward-380e1df3b2b2?source=rss------bug_bounty-5 | Krish_cyber | info-sec-writeups, bug-bounty-tips, ethical-hacking, osint, bug-bounty | 15-Feb-2025 |
How I Made $200 in 2 Minutes on HackerOne — Zomato Bug Bounty Program (With Real Example) | https://medium.com/@krishna9823420058/how-i-made-200-in-2-minutes-on-hackerone-zomato-bug-bounty-program-with-real-example-a851c4042ca6?source=rss------bug_bounty-5 | Krish_cyber | cybersecurity, osint, infosec-write-ups, hacking, bug-bounty | 15-Feb-2025 |
The Ultimate Guide to Subdomain Enumeration: Brute-Forcing Hidden Subdomains with dnsx, mgwls, and… | https://medium.com/@hacker_might/the-ultimate-guide-to-subdomain-enumeration-brute-forcing-hidden-subdomains-with-dnsx-mgwls-and-ffa36ad86519?source=rss------bug_bounty-5 | hacker_might | reconnaissance, brute-force, subdomains-enumeration, bug-bounty, bug-bounty-tips | 15-Feb-2025 |
Content Provider Exploitation: From Simple Misconfiguration to Application Lockdown | https://medium.com/@muhammedgalal66/content-provider-exploitation-from-simple-misconfiguration-to-application-lockdown-fd09520e9d3a?source=rss------bug_bounty-5 | Dg0x6 | bug-bounty-tips, bug-bounty-writeup, android-app-testing, bug-bounty, bugs | 15-Feb-2025 |
Cache Control: An Easy P4 Vulnerability | https://infosecwriteups.com/cache-control-an-easy-p4-vulnerability-746138597d10?source=rss------bug_bounty-5 | JEETPAL | cache-control, bugbounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity | 15-Feb-2025 |
Exposed Admin Panel, $8000 Bounty — The Power of Shodan Recon!” | https://medium.com/@rahulgairola/exposed-admin-panel-8000-bounty-the-power-of-shodan-recon-3408ce97531c?source=rss------bug_bounty-5 | Rahul Gairola | bug-bounty-writeup, bug-bounty-tips, authentication-bypass, authentication, bug-bounty | 15-Feb-2025 |
The Ultimate Guide to Subdomain Enumeration: Brute-Forcing Hidden Subdomains with dnsx, mgwls, and… | https://osintteam.blog/the-ultimate-guide-to-subdomain-enumeration-brute-forcing-hidden-subdomains-with-dnsx-mgwls-and-ffa36ad86519?source=rss------bug_bounty-5 | hacker_might | reconnaissance, brute-force, subdomains-enumeration, bug-bounty, bug-bounty-tips | 15-Feb-2025 |
Bug Bounty Hunting — Complete Guide (Part-98) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-98-65be156058f4?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, hacking, bug-bounty-tips, ethical-hacking, cybersecurity | 15-Feb-2025 |
From Cookie to P1: Exploiting a Simple Flaw for Maximum Impact | https://infosecwriteups.com/from-cookie-to-p1-exploiting-a-simple-flaw-for-maximum-impact-a05ef35c3e8c?source=rss------bug_bounty-5 | 0day stories | bug-bounty-writeup, bug-bounty-tips, cybersecurity, bug-bounty, penetration-testing | 15-Feb-2025 |
SSRF Advanced Methodology✨ | https://medium.com/@kumawatabhijeet2002/ssrf-advanced-methodology-ecbe289886ef?source=rss------bug_bounty-5 | Abhijeet kumawat | money, infosec, ssrf, hacking, bug-bounty | 15-Feb-2025 |
Unauthorized Access to Blinkist Premium Audiobooks — A Case Study | https://medium.com/@rstuv/unauthorized-access-to-blinkist-premium-audiobooks-a-case-study-8b3d7e6c3c17?source=rss------bug_bounty-5 | rstuv | bug-bounty, cybersecurity | 15-Feb-2025 |
From $0 to $2,500: My Journey Finding Critical Vulnerability Through Bug Bounty Programs | https://medium.com/@ibtissamhammadi/from-0-to-2-500-my-journey-finding-critical-vulnerability-through-bug-bounty-programs-c4d8a5059eec?source=rss------bug_bounty-5 | Ibtissam Hammadi | bug-bounty, cybersecurity, hacking, infosec, programming | 15-Feb-2025 |
Comparing Burp Suite Pro and OWASP ZAP: Which One is Right for You? | https://medium.com/@shadyfarouk1986/comparing-burp-suite-pro-and-owasp-zap-which-one-is-right-for-you-56629b2dac6d?source=rss------bug_bounty-5 | Shady Farouk | bug-bounty-tips, bug-bounty, vulnerability-assessment, bug-bounty-writeup | 15-Feb-2025 |
How a Hidden GitHub Token Led to a $50,000 Bug Bounty | https://cyberw1ng.medium.com/how-a-hidden-github-token-led-to-a-50-000-bug-bounty-6bbec61114d9?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, jobs, careers, bug-bounty, programming | 15-Feb-2025 |
API Testing ( Port Swigger Labs ) Solutions | https://medium.com/@youssefawad1357/api-testing-port-swigger-labs-solutions-2f8f7b949f9f?source=rss------bug_bounty-5 | youssef awad | api, pentesting, apihacking, penetration-testing, bug-bounty | 15-Feb-2025 |
Best Bug Bounty Platforms in 2025: A Comprehensive Comparison | https://medium.com/@hackrate/best-bug-bounty-platforms-in-2025-a-comprehensive-comparison-70aaa7d967eb?source=rss------bug_bounty-5 | Levente Molnar | bug-bounty, bug-bounty-tips, ethical-hacking, cybersecurity, hacking | 15-Feb-2025 |
How a Hidden GitHub Token Led to a $50,000 Bug Bounty | https://osintteam.blog/how-a-hidden-github-token-led-to-a-50-000-bug-bounty-6bbec61114d9?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, jobs, careers, bug-bounty, programming | 15-Feb-2025 |
A Powerful Web Crawling and OSINT Tool | https://osintteam.blog/a-powerful-web-crawling-and-osint-tool-c0a5d118f398?source=rss------bug_bounty-5 | Monika sharma | hacking, bug-bounty-tips, penetration-testing, bug-bounty, technology | 14-Feb-2025 |
HyperText Transfer Protocol (HTTP) | https://medium.com/bug-bounty-bug-hunter-academy/hypertext-transfer-protocol-http-3719e3eda9ea?source=rss------bug_bounty-5 | Michael Mancuso | http-request, bug-bounty, web, https | 14-Feb-2025 |
Get Your First Bug | https://cybersecuritywriteups.com/get-your-first-bug-b50dadbea60a?source=rss------bug_bounty-5 | Abhijeet kumawat | money, bug-bounty, infosec, hacking, ai | 14-Feb-2025 |
How I can trigger Remote Code Execution Via Cron Job | https://r0b0ts.medium.com/how-i-can-trigger-remote-code-execution-via-cron-job-b7d9d7dc9372?source=rss------bug_bounty-5 | r0b0ts | bug-bounty-writeup, pentesting, bug-bounty, bug-bounty-tips, web-security | 14-Feb-2025 |
How to Bypass Web Application Firewalls (WAFs) | https://medium.com/@vipulsonule71/how-to-bypass-web-application-firewalls-wafs-d4a0212b6fa5?source=rss------bug_bounty-5 | Vipul Sonule | technology, hacking, bug-bounty, penetration-testing, cybersecurity | 14-Feb-2025 |
Crack World | https://medium.com/@loaymorad11/crack-world-49be8914684d?source=rss------bug_bounty-5 | Loaymorad | tryhackme, bug-bounty, cybersecurity, hacking | 14-Feb-2025 |
How to Find Your First Bug and Get Paid — Bug Bounty Made Easy | https://medium.com/@krishna9823420058/how-to-find-your-first-bug-and-get-paid-bug-bounty-made-easy-cb595ef2aaee?source=rss------bug_bounty-5 | Krish_cyber | infosec-write-ups, bugs, hacking, bug-bounty, osint | 14-Feb-2025 |
Mastering Reconnaissance in Bug Bounty: The Art of Finding Hidden Vulnerabilities | https://abhayal.medium.com/mastering-reconnaissance-in-bug-bounty-the-art-of-finding-hidden-vulnerabilities-c34d87cb98c0?source=rss------bug_bounty-5 | Abhayal | hackerone, reconnaissance, bug-bounty, vulnerability, bug-bounty-tips | 14-Feb-2025 |
Find secret in S3 Bucket and earn $500 and more | https://medium.com/@anandrishav2228/find-secret-in-s3-bucket-and-earn-500-and-more-640b341dfe54?source=rss------bug_bounty-5 | Rishav anand | money, aws, cybersecurity, amazon, bug-bounty | 14-Feb-2025 |
Day 9: CRLF to Account Takeover (Chaining Bugs) | https://medium.com/@danielbelay/day-9-crlf-to-account-takeover-chaining-bugs-8e621c9be109?source=rss------bug_bounty-5 | dani3l | bug-bounty-writeup, ethical-hacking, bug-bounty | 14-Feb-2025 |
Top CTF Competitions and Where to Practice | https://medium.com/@BlackHat123/top-ctf-competitions-and-where-to-practice-f71c56ecfef1?source=rss------bug_bounty-5 | blackhat | ctf, competition, bug-bounty, walkthrough | 14-Feb-2025 |
Why Bug Bounty Programs Are Essential for In-Depth Vulnerability Detection | https://medium.com/@hackrate/why-bug-bounty-programs-are-essential-for-in-depth-vulnerability-detection-06bcfd3c6c18?source=rss------bug_bounty-5 | Levente Molnar | cybersecurity, bug-bounty, hacking, ethical-hacking, bug-bounty-tips | 14-Feb-2025 |
$1,700 IDOR: Unauthorized Modification of Web Hosting Configuration | https://medium.com/@a13h1/1-700-idor-unauthorized-modification-of-web-hosting-configuration-d6febc6c6a41?source=rss------bug_bounty-5 | Abhi Sharma | bug-bounty, cybersecurity, vulnerability, idor, pentesting | 14-Feb-2025 |
How I got a Stored XSS by searching through JS files. | https://medium.com/@oXnoOneXo/how-i-got-a-stored-xss-by-searching-through-js-files-fdfe2490668b?source=rss------bug_bounty-5 | oXnoOneXo | bug-bounty-tips, bug-bounty, bug-bounty-writeup | 14-Feb-2025 |
Bug Bounty Hunting — Complete Guide (Part-97) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-97-34ad1a8bc36c?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, bug-bounty-tips, bug-bounty, cybersecurity, ethical-hacking | 14-Feb-2025 |
Bug Bounty Hunting — Complete Guide (Part-96) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-96-c1cb10e05488?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, hacking, bug-bounty-tips, cybersecurity, ethical-hacking | 14-Feb-2025 |
Are You Missing Subdomains? The Resolver Trick You Need to Know! | https://medium.com/@maakthon/are-you-missing-subdomains-the-resolver-trick-you-need-to-know-71da4abeb39d?source=rss------bug_bounty-5 | Mahmoud Abd Alkarim | subdomain, penetration-testing, enumeration, bug-bounty, dns | 14-Feb-2025 |
Breaking Through the Firewall: How I Bypassed a WAF and Found a Critical Bug with $1700 | https://myselfakash20.medium.com/breaking-through-the-firewall-how-i-bypassed-a-waf-and-found-a-critical-bug-with-1700-0680e28c8785?source=rss------bug_bounty-5 | Akash Ghosh | programming, bug-bounty, bugbounty-tips, bug-bounty-writeup, cybersecurity | 14-Feb-2025 |
Easy $300: Template Injection | https://medium.com/@kumawatabhijeet2002/easy-300-template-injection-71e3395c53b3?source=rss------bug_bounty-5 | Abhijeet kumawat | hacking, ssti, money, bug-bounty, infosec | 14-Feb-2025 |
$1,700 IDOR: Unauthorized Modification of Web Hosting Configuration | https://infosecwriteups.com/1-700-idor-unauthorized-modification-of-web-hosting-configuration-d6febc6c6a41?source=rss------bug_bounty-5 | Abhi Sharma | bug-bounty, cybersecurity, vulnerability, idor, pentesting | 14-Feb-2025 |
From SQL Injection to Remote Code Execution: A Bug Bounty Hunter’s Unexpected Journey | https://medium.com/@gouravrathod8788/from-sql-injection-to-remote-code-execution-a-bug-bounty-hunters-unexpected-journey-bc91a3697f24?source=rss------bug_bounty-5 | Gourav Singh Rajput | bug-bounty, cybersecurity | 14-Feb-2025 |
Hackers Wanted: Bug Bounty Program Pays $50,000 for Critical Vulnerabilities | https://medium.com/@ibtissamhammadi/hackers-wanted-bug-bounty-program-pays-50-000-for-critical-vulnerabilities-e113b868ee0f?source=rss------bug_bounty-5 | Ibtissam Hammadi | ethical-hacking, bug-bounty, cybersecurity, tech-career, programming | 14-Feb-2025 |
Advanced Secrets Hunting: Finding Exposed Credentials in Unconventional Places | https://cyberw1ng.medium.com/advanced-secrets-hunting-finding-exposed-credentials-in-unconventional-places-9aaaf52330a3?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, jobs, programming, cybersecurity | 14-Feb-2025 |
Bug Bounty Hunting: Web Vulnerability (Secure Code Review) | https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-secure-code-review-39c61b961afc?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty-tips, bug-bounty, secure-code-review, bug-bounty-program, bug-bounty-hunter | 14-Feb-2025 |
Bug Bounty Hunting: Web Vulnerability (Information Disclosure) | https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-information-disclosure-b1ef91dc0208?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty-hunter, information-disclosure, bug-bounty-program, bug-bounty-tips, bug-bounty | 14-Feb-2025 |
Bug Bounty Hunting: Web Vulnerability (Single Sign-On services) | https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-single-sign-on-services-8fc6e85e5ece?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty-tips, single-sign-on, bug-bounty-hunter, bug-bounty-program, bug-bounty | 14-Feb-2025 |
Advanced Secrets Hunting: Finding Exposed Credentials in Unconventional Places | https://osintteam.blog/advanced-secrets-hunting-finding-exposed-credentials-in-unconventional-places-9aaaf52330a3?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, jobs, programming, cybersecurity | 14-Feb-2025 |
Powerful Burp Suite Extensions | https://osintteam.blog/powerful-burp-suite-extensions-d1c960f376b5?source=rss------bug_bounty-5 | Monika sharma | bug-bounty, hacking, bug-bounty-tips, penetration-testing, technology | 13-Feb-2025 |
Mastering SQL Injection: Detection, Exploitation & Automation Guide | https://rootxabit.medium.com/mastering-sql-injection-detection-exploitation-automation-guide-7f0195fe435d?source=rss------bug_bounty-5 | xabit • hacks | exploitation, bug-bounty, sqlinjectiontypes, zero-day-vulnerability, hacking | 13-Feb-2025 |
$10.5k Bounty Story | https://aimasterprompt.medium.com/10-5k-bounty-story-aa55497d77b6?source=rss------bug_bounty-5 | aimaster | bug-bounty, programming, technology, cybersecurity, infosec | 13-Feb-2025 |
Earn $$$$ by Finding CSRF Vulnerabilities! | https://infosecwriteups.com/earn-by-finding-csrf-vulnerabilities-638f876918cf?source=rss------bug_bounty-5 | Abhijeet kumawat | hacking, infosec, money, csrf, bug-bounty | 13-Feb-2025 |
️♂️ How to Information Gathering in Bug Hunting on Target | https://medium.com/@vipulsonule71/%EF%B8%8F-%EF%B8%8F-how-to-information-gathering-in-bug-hunting-on-target-00de7e20afc0?source=rss------bug_bounty-5 | Vipul Sonule | bug-bounty, hacking, cybersecurity, penetration-testing, technology | 13-Feb-2025 |
Threat Actor Attribution: A Detailed Guide | https://medium.com/@paritoshblogs/threat-actor-attribution-a-detailed-guide-39f5b81086ac?source=rss------bug_bounty-5 | Paritosh | cybersecurity, threat-intelligence, ai, bug-bounty, information-technology | 13-Feb-2025 |
Day 8: Self-XSS + Login & Logout CSRF + OAuth Hijacking | https://medium.com/@danielbelay/day-8-self-xss-login-logout-csrf-oauth-hijacking-83c848ad9a1e?source=rss------bug_bounty-5 | dani3l | ethical-hacking, account-takeover, bug-bounty | 13-Feb-2025 |
How Bug Bounty Programs Have Evolved: From Early Experiments to Modern Security Frameworks | https://medium.com/@hackrate/how-bug-bounty-programs-have-evolved-from-early-experiments-to-modern-security-frameworks-32b071e44513?source=rss------bug_bounty-5 | Levente Molnar | ethical-hacking, hacking, cybersecurity, bug-bounty, bug-bounty-tips | 13-Feb-2025 |
Bug Bounty in 2025: Part 2 — Intro to Open Redirect Vulnerability with a Conceptual Lab | https://medium.com/@halfcircassian/bug-bounty-in-2025-part-2-intro-to-open-redirect-vulnerability-with-a-conceptual-lab-c0db11537778?source=rss------bug_bounty-5 | Sıla Özeren | bug-bounty-writeup, open-redirect, bug-bounty-tips, bug-bounty, vulnerability | 13-Feb-2025 |
3 Steps to Landing the Highest Paid Bug Bounty: $150K in 30 Days | https://medium.com/@ibtissamhammadi/3-steps-to-landing-the-highest-paid-bug-bounty-150k-in-30-days-662da049fb4d?source=rss------bug_bounty-5 | Ibtissam Hammadi | bug-bounty, programming, infosec, cybersecurity, ethical-hacking | 13-Feb-2025 |
How does an extension help me find a PII data bug? | https://infosecwriteups.com/how-does-an-extension-help-me-find-a-pii-data-bug-a95d83043f9a?source=rss------bug_bounty-5 | loyalonlytoday | hacking, bug-bounty, programming, cybersecurity, tips | 13-Feb-2025 |
Community Bug Bounty Campaign | https://medium.com/bitoro-network/community-bug-bounty-campaign-853538e88021?source=rss------bug_bounty-5 | Kayla.Bitoro | bug-bounty, defi, injective, arbitrum, testnet | 13-Feb-2025 |
website leaking OTP in inspect element | https://cybersecuritywriteups.com/website-leaking-otp-in-inspect-element-aa38d15059c9?source=rss------bug_bounty-5 | loyalonlytoday | penetration-testing, cybersecurity, bug-bounty, hacking, bugs | 13-Feb-2025 |
Can Crowdsourced Ethical Hacking Replace Yearly Penetration Testing? | https://medium.com/@hackrate/can-crowdsourced-ethical-hacking-replace-yearly-penetration-testing-2c525820088b?source=rss------bug_bounty-5 | Levente Molnar | penetration-testing, bug-bounty, ethical-hacking, hacking, cybersecurity | 13-Feb-2025 |
Get Internship Offers During Second Year of College in Cybersecurity — offensive security domain | https://abhishekmorla.medium.com/get-internship-offers-during-second-year-of-college-in-cybersecurity-offensive-security-domain-7caecdfaabe5?source=rss------bug_bounty-5 | Abhishek Morla | btech, bug-bounty, red-team, cse, cybersecurity | 13-Feb-2025 |
Locked Features, Unlocked Access: Breaking Restrictions with Response Manipulation | https://medium.com/@0x5atab/locked-features-unlocked-access-breaking-restrictions-with-response-manipulation-c7546a39c4c7?source=rss------bug_bounty-5 | Muhammad Khatab | bug-hunting, bug-bounty-writeup, infosec, bugbounty-writeup, bug-bounty | 13-Feb-2025 |
BUG IN QWEN AI CHATBOT | https://medium.com/@rr-1k/bug-in-qwen-ai-chatbot-77d02e89d77f?source=rss------bug_bounty-5 | rr-1k | bug-bounty, bug-bounty-tips, deepseek, qwen, ai | 13-Feb-2025 |
Automate Open Redirect and Earn $250, $200, $100! | https://cybersecuritywriteups.com/automate-open-redirect-and-earn-250-200-100-b6bfd75a5dc7?source=rss------bug_bounty-5 | Abhijeet kumawat | money, infosec, hacking, bug-bounty, openai | 13-Feb-2025 |
Mr Robot CTF | https://medium.com/@princepr99/mr-robot-ctf-305aea527bcc?source=rss------bug_bounty-5 | Prince P Ravi | cybersecurity, ethical-hacking, bug-bounty | 13-Feb-2025 |
Bug Bounty Hunting — Complete Guide (Part-95) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-95-81b5e24c7f11?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, cybersecurity, bug-bounty-tips, ethical-hacking, hacking | 13-Feb-2025 |
Bug Bounty Hunting — Complete Guide (Part-94) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-94-f6432847ad99?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, hacking | 13-Feb-2025 |
$2000 Bounty: Unauthenticated Remote Code Execution to Reverse Shell — A Real-World Example | https://medium.com/@krishna9823420058/2000-bounty-unauthenticated-remote-code-execution-to-reverse-shell-a-real-world-example-aee9a7c6851b?source=rss------bug_bounty-5 | Krish_cyber | bug-bounty, info-sec-writeups, bugs, hacking, osint | 13-Feb-2025 |
Arcgis SQLi — CVE-2012–4949 | https://medium.com/@metogmer/arcgis-sqli-cve-2012-4949-06ea278ab6a4?source=rss------bug_bounty-5 | Muntadhar M. Ahmed | bug-bounty, bug-hunter, hackerone, cybersecurity, sql-injection | 13-Feb-2025 |
Bug Bounty Hunting: Web Vulnerability (Remote Code Execution) | https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-remote-code-execution-3935b5823657?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty-hunter, bug-bounty-tips, bug-bounty, remote-code-execution, bug-bounty-program | 13-Feb-2025 |
New to Bug bounty (simple way) | https://medium.com/@bombhajohn/new-to-bug-bounty-simple-way-62cd38d0b9fc?source=rss------bug_bounty-5 | Bombhajohn | cybersecurity, bug-bounty, bug-bounty-tips | 13-Feb-2025 |
Bug Bounty Hunting: Web Vulnerability (Application Logic Errors and Broken Access Control) | https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-application-logic-errors-and-broken-access-control-cd15bb9ccc0c?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty-program, broken-access-control, bug-bounty-hunter, bug-bounty-tips, bug-bounty | 13-Feb-2025 |
Finding Hidden API Keys, Tokens, and Sensitive Information in Applications | https://cyberw1ng.medium.com/finding-hidden-api-keys-tokens-and-sensitive-information-in-applications-d8a40a5a162a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | programming, bug-bounty, jobs, careers, cybersecurity | 13-Feb-2025 |
Bug Bounty Hunting: Web Vulnerability (Same-Origin Policy) | https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-same-origin-policy-23aabe865729?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty, bug-bounty-program, bug-bounty-hunter, same-origin-policy, bug-bounty-tips | 13-Feb-2025 |
New to Bug bounty (simple way) | https://medium.com/@bombhajohn/new-to-bug-bounty-simple-way-62cd38d0b9fc?source=rss------bug_bounty-5 | Folks47ghee | cybersecurity, bug-bounty, bug-bounty-tips | 13-Feb-2025 |
Finding Hidden API Keys, Tokens, and Sensitive Information in Applications | https://osintteam.blog/finding-hidden-api-keys-tokens-and-sensitive-information-in-applications-d8a40a5a162a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | programming, bug-bounty, jobs, careers, cybersecurity | 13-Feb-2025 |
N#S# server security misconfiguration. | https://medium.com/@hunter_sv/nasa-server-security-misconfiguration-4b7b9b7331b5?source=rss------bug_bounty-5 | Hunter_sv | bug-bounty | 12-Feb-2025 |
BFAC: The Ultimate Tool to Uncover Hidden Backup Files | https://osintteam.blog/bfac-the-ultimate-tool-to-uncover-hidden-backup-files-4a0de1f9e8de?source=rss------bug_bounty-5 | Monika sharma | bug-bounty, technology, penetration-testing, hacking, bug-bounty-tips | 12-Feb-2025 |
How I Found an ATO in a Public Program | https://medium.com/@khaledahmed_56157/how-i-found-an-ato-in-a-public-program-5209be3140f4?source=rss------bug_bounty-5 | Khaled Ahmed | bug-bounty, cybersecurity, penetration-testing, vulnerability, hackerone | 12-Feb-2025 |
Earn $5000 using Subdomain Takeover: Step By Step Guide | https://cybersecuritywriteups.com/earn-5000-using-subdomain-takeover-step-by-step-guide-eec3e8e6336d?source=rss------bug_bounty-5 | Abhijeet kumawat | subdomain-takeover, money, hacking, infosec, bug-bounty | 12-Feb-2025 |
Day 7: Drag & Drop XSS + Cookie Bomb for OAuth Hijacking | https://medium.com/@danielbelay/day-7-drag-drop-xss-cookie-bomb-for-oauth-hijacking-a9b828cd9c54?source=rss------bug_bounty-5 | dani3l | bug-bounty, ethical-hacking | 12-Feb-2025 |
Accessing Admin Portal Without Credentials via Long Redirection Response | https://systemweakness.com/accessing-admin-portal-without-credentials-via-long-redirection-response-da79d84bb93a?source=rss------bug_bounty-5 | Kushanmaduranga | redirection, web-security, bug-bounty, burpsuite, hacking | 12-Feb-2025 |
Exploiting crAPI with jwt_tool | https://medium.com/@samhilliard/in-this-post-ill-show-you-how-to-use-jwt-tool-to-analyze-and-exploit-jwt-vulnerabilities-in-97c62a0e6ac5?source=rss------bug_bounty-5 | Sam Hilliard | web, bug-bounty, pentesting, jwt, hacking | 12-Feb-2025 |
Let’s Build a Cybersecurity Knowledge Hub! | https://medium.com/@Mike_3xploit3r/lets-build-a-cybersecurity-knowledge-hub-5686d251f632?source=rss------bug_bounty-5 | Mike_3xploit3r | penetration-testing-tools, penetration-testing, ethical-hacking, cybersecurity, bug-bounty | 12-Feb-2025 |
Account Takeover via Lack of Email Verification Vulnerability | https://medium.com/@whitehat29/account-takeover-via-lack-of-email-verification-vulnerability-9b9be0751d8b?source=rss------bug_bounty-5 | Whitehat | infosec, hacking, bug-bounty-writeup, bug-bounty, bug-bounty-tips | 12-Feb-2025 |
Katana: A Fast and Powerful Web Fuzzer | https://medium.com/meetcyber/katana-a-fast-and-powerful-web-fuzzer-fc41c757d8a0?source=rss------bug_bounty-5 | Erkan Kavas | katana, bug-hunting, toolkit, bug-bounty, cybersecurity | 12-Feb-2025 |
Bug Bounty Hunting: Web Vulnerability (XML External Entity) | https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-xml-external-entity-c4f1b4b629f3?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | xxe-attack, bug-bounty-tips, bug-bounty, bug-bounty-hunter, xxe | 12-Feb-2025 |
Currently, HackerOne Has Over 1400 Bug Bounty Programs. Is It Really That Good? | https://medium.com/@hackrate/currently-hackerone-has-over-1400-bug-bounty-programs-is-it-really-that-good-eac92a515e29?source=rss------bug_bounty-5 | Levente Molnar | bug-bounty-tips, ethical-hacking, bug-bounty, hacking, cybersecurity | 12-Feb-2025 |
How I Found Information Disclosure Vulnerability? | https://doordiefordream.medium.com/how-i-found-information-disclosure-vulnerability-e673c421c104?source=rss------bug_bounty-5 | Bug hunter balu | web3, ethical-hacking, cybersecurity, technology, bug-bounty | 12-Feb-2025 |
Bug Bounty Hunting: Web Vulnerability (Insecure Deserialization) | https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-insecure-deserialization-6df3491dc33c?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty-hunter, insecure-deserialization, bug-bounty-tips, bug-bounty, bug-bounty-program | 12-Feb-2025 |
Unleashing the Power of Amass: A Comprehensive Guide to Subdomain Enumeration & Network Mapping… | https://medium.com/@zoningxtr/unleashing-the-power-of-amass-a-comprehensive-guide-to-subdomain-enumeration-network-mapping-4d4a9889b2c7?source=rss------bug_bounty-5 | Zoningxtr | penetration-testing, web-development, web3, cybersecurity, bug-bounty | 12-Feb-2025 |
Bug Bounty Hunting: Web Vulnerability (Template Injection) | https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-template-injection-373ee3c8b80c?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty-tips, template-injection, bug-bounty-hunter, bug-bounty, bug-bounty-program | 12-Feb-2025 |
Free VPS for ethical hacking and bug bounty hunting. | https://infosecwriteups.com/free-vps-for-ethical-hacking-and-bug-bounty-hunting-d9098c2fbe2a?source=rss------bug_bounty-5 | loyalonlytoday | ethical-hacking, hacking, bug-bounty, vps, cybersecurity | 12-Feb-2025 |
I Pasted a Link, Inspected the HTML, and Facebook Gave Me $1000 | https://infosecwriteups.com/i-pasted-a-link-inspected-the-html-and-facebook-gave-me-1000-9ed4a91e24d1?source=rss------bug_bounty-5 | Vivek PS | hacking, bug-bounty-writeup, bug-bounty-tips, programming, bug-bounty | 12-Feb-2025 |
Broken Brute-Force Protection: How to Bypass Rate Limiting in a Single Request — Authentication… | https://infosecwriteups.com/broken-brute-force-protection-how-to-bypass-rate-limiting-in-a-single-request-authentication-a4a761fc0b5a?source=rss------bug_bounty-5 | Bash Overflow | bypass-login-protection, brute-force-attack, bypass-rate-limiting, broken-access-control, bug-bounty | 12-Feb-2025 |
“.DS_Store” – The Accidental Treasure Map Devs Keep Handing Hackers | https://medium.com/@mahad.ahmed0x1/ds-store-the-accidental-treasure-map-devs-keep-handing-hackers-da0dceeead7d?source=rss------bug_bounty-5 | 404NotPentested | ethical-hacking, bug-bounty-tips, penetration-testing, cybersecurity, bug-bounty | 12-Feb-2025 |
Client-Side Template Injection (CSTI): A Comprehensive Guide | https://medium.com/@verylazytech/client-side-template-injection-csti-a-comprehensive-guide-ac2f49a77aae?source=rss------bug_bounty-5 | Very Lazy Tech | injection, ethical-hacking, web, pentesting, bug-bounty | 12-Feb-2025 |
Unleashing the Power of Sublist3r: The Ultimate Guide to Subdomain Enumeration | https://medium.com/@zoningxtr/unleashing-the-power-of-sublist3r-the-ultimate-guide-to-subdomain-enumeration-62d1468a2933?source=rss------bug_bounty-5 | Zoningxtr | security-token, cybersecurity, web-development, bug-bounty, penetration-testing | 12-Feb-2025 |
Bug Bounty Hunting — Complete Guide (Part-92) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-92-0cc43d2fedb2?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, bug-bounty-tips, ethical-hacking, bug-bounty, hacking | 12-Feb-2025 |
How to Automate Hunting for Open Redirect | https://infosecwriteups.com/how-to-automate-hunting-for-open-redirect-46537cd67b35?source=rss------bug_bounty-5 | Spectat0rguy | cybersecurity, bug-bounty-tips, programming, technology, bug-bounty | 12-Feb-2025 |
$900 Bounty: Open Redirection Bug | https://cybersecuritywriteups.com/900-bounty-open-redirection-bug-aa82142b0e9d?source=rss------bug_bounty-5 | Abhijeet kumawat | hacking, bounty-program, money, bug-bounty, infosec | 12-Feb-2025 |
How I Discovered a WordPress Vulnerability: Exposed Usernames & XML-RPC Exploitation | https://medium.com/@iamshafayat/how-i-discovered-a-wordpress-vulnerability-exposed-usernames-xml-rpc-exploitation-b35b0ec63a54?source=rss------bug_bounty-5 | Shafayat Ahmed Alif | bug-bounty-methodology, cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 12-Feb-2025 |
Bug Bounty Hunting — Complete Guide (Part-93) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-93-d66c26764179?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-tips, cybersecurity, hacking, ethical-hacking, bug-bounty | 12-Feb-2025 |
Bug Bounty in 2025: Part 1 — Mastering Regex for Security | https://medium.com/@halfcircassian/bug-bounty-in-2025-part-1-mastering-regex-for-security-3d58bcf51102?source=rss------bug_bounty-5 | Sıla Özeren | regex, open-redirect, bug-bounty-writeup, bug-bounty-tips, bug-bounty | 12-Feb-2025 |
Facebook Bug Bounty: Can You Really Earn $500 for Finding Bugs | https://medium.com/@ibtissamhammadi/facebook-bug-bounty-can-you-really-earn-500-for-finding-bugs-4e71c81af2a2?source=rss------bug_bounty-5 | Ibtissam Hammadi | facebook, hacking, cybersecurity, technology, bug-bounty | 12-Feb-2025 |
Hacking tools — Art of my creation | https://medium.com/@zatikyan.sevada/hacking-tools-art-of-my-creation-2f47ab1eca18?source=rss------bug_bounty-5 | Zatikyan Sevada | bug-bounty, hacking-tools, hacking, cybersecurity | 12-Feb-2025 |
$10,500 SSO Misconfiguration Bug on Grammarly | https://cyberw1ng.medium.com/10-500-sso-misconfiguration-bug-on-grammarly-438f2cb87a0c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | jobs, bug-bounty, careers, money, cybersecurity | 12-Feb-2025 |
$10,500 SSO Misconfiguration Bug on Grammarly | https://osintteam.blog/10-500-sso-misconfiguration-bug-on-grammarly-438f2cb87a0c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | jobs, bug-bounty, careers, money, cybersecurity | 12-Feb-2025 |
The Hidden Business Logic Error That Exists On Most E-Commerce Web Application | https://medium.com/@makarov_bm/the-hidden-business-logic-error-that-exists-on-most-e-commerce-web-application-7b9be9113073?source=rss------bug_bounty-5 | makarov | bug-bounty-writeup, business-logic, bug-bounty, web-security | 11-Feb-2025 |
HOW TO GET STARTED IN BUG BOUNTY AS A BEGINNER | https://medium.com/@pjha80122/how-to-get-started-in-bug-bounty-as-a-beginner-af49089c375c?source=rss------bug_bounty-5 | Pratik Jha | ethical-hacking, penetration-testing, bug-bounty, web-security, cybersecurity | 11-Feb-2025 |
Easy $1000-$10000+ Bounty Using Wayback Machine | https://medium.com/infosecmatrix/easy-1000-10000-bounty-using-wayback-machine-cb6c5cb77543?source=rss------bug_bounty-5 | Abhijeet kumawat | sensitive, bug-bounty, infosec, money, hacking | 11-Feb-2025 |
Finding subdomains that are hidden in the cloud. | https://infosecwriteups.com/finding-subdomains-that-are-hidden-in-the-cloud-ec54412802bf?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, hacking, penetration-testing, cybersecurity, cloud | 11-Feb-2025 |
Threat Hunting Techniques and Generative AI: A Practical Approach | https://medium.com/@paritoshblogs/threat-hunting-techniques-and-generative-ai-a-practical-approach-797a86ada4fd?source=rss------bug_bounty-5 | Paritosh | information-technology, cybersecurity, bug-bounty, threat-hunting, ai | 11-Feb-2025 |
Notify Tutorial for Bug Hunters | https://cybersecuritywriteups.com/notify-tutorial-for-bug-hunters-8ccb8d0d0b74?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty, cybersecurity, pentesting, hacking, bug-bounty-tips | 11-Feb-2025 |
Bug Bounty Hunting: Web Vulnerability (Server-side request forgery) | https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-server-side-request-forgery-7fb15230a807?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty-program, bug-bounty-tips, bug-bounty, bug-bounty-hunter, ssrf | 11-Feb-2025 |
GitHub Dorks & Leaks: How To Find Sensitive Data | https://medium.com/@verylazytech/github-dorks-leaks-how-to-find-sensitive-data-4e96e67f1d51?source=rss------bug_bounty-5 | Very Lazy Tech | penetration-testing, bug-bounty, github, ethical-hacking, exploit | 11-Feb-2025 |
Finding SQL Injection Using Wayback Machine | https://medium.com/@muhammadwaseem29/finding-sql-injection-using-wayback-machine-69409204a205?source=rss------bug_bounty-5 | Muhammad Waseem | sql-injection, hacking, infosec, bug-bounty, cybersecurity | 11-Feb-2025 |
How Pentest-as-a-Service Works: The Ultimate Guide | https://medium.com/@hackrate/how-pentest-as-a-service-works-the-ultimate-guide-a9bc92b28c87?source=rss------bug_bounty-5 | Levente Molnar | ethical-hacking, bug-bounty, penetration-testing, hacking, cybersecurity | 11-Feb-2025 |
Get $5000: GitHub Dorks & Leaks | https://cybersecuritywriteups.com/get-5000-github-dorks-leaks-30a6a324f368?source=rss------bug_bounty-5 | Abhijeet kumawat | hacking, infosec, money, github, bug-bounty | 11-Feb-2025 |
How to Report a Security Bug in a Chinese Government Website Responsibly | https://yogsec.medium.com/how-to-report-a-security-bug-in-a-chinese-government-website-responsibly-7ab8f7d5a3e1?source=rss------bug_bounty-5 | YogSec | china-cybersecurity, report-bug-in-chinese, hacking, bug-report, bug-bounty | 11-Feb-2025 |
Security researchers, ethical hackers, and bug bounty hunters often come across vulnerabilities in… | https://yogsec.medium.com/security-researchers-ethical-hackers-and-bug-bounty-hunters-often-come-across-vulnerabilities-in-45e03a7e156c?source=rss------bug_bounty-5 | YogSec | hacking, bug-bounty, cybersecurity, cybersecurity-usa, how-to-report-bug | 11-Feb-2025 |
Using Malicious-Website-Demo for Security Research and Bug Bounty Reports | https://yogsec.medium.com/using-malicious-website-demo-for-security-research-and-bug-bounty-reports-fbb25c6773f0?source=rss------bug_bounty-5 | YogSec | hacking-tools, sqli, bug-bounty, xs, cybersecurity | 11-Feb-2025 |
How I Found a Critical Vulnerability and Earned $4,000 in Bug Bounty Hunting | https://medium.com/@krishna9823420058/how-i-found-a-critical-vulnerability-and-earned-4-000-in-bug-bounty-hunting-2cd8e8ad6f43?source=rss------bug_bounty-5 | Krish_cyber | info-sec-writeups, osint, bugs, hacking, bug-bounty | 11-Feb-2025 |
️♂️ How to Choose a Target in Bug Hunting ️♀️ | https://medium.com/@vipulsonule71/%EF%B8%8F-%EF%B8%8F-how-to-choose-a-target-in-bug-hunting-%EF%B8%8F-%EF%B8%8F-2e7dd0ed5c95?source=rss------bug_bounty-5 | Vipul Sonule | cybersecurity, ai, technology, bug-bounty, hacking | 11-Feb-2025 |
IAST-Inspired Approach to Security Testing with LLM | https://medium.com/@pirikara077/iast-inspired-approach-to-security-testing-with-llm-8aae36f4088c?source=rss------bug_bounty-5 | Tomoya Yamashita | llm, cybersecurity, vulnerability-assessment, bug-bounty, penetration-testing | 11-Feb-2025 |
How I gained access to Tamil Nadu’s Property Approval Portal Dashboard just with a simple… | https://hiddendom.medium.com/how-i-gained-access-to-tamil-nadus-property-approval-portal-dashboard-just-with-a-simple-f0b463cc0635?source=rss------bug_bounty-5 | Gokuleswaran B | tamil-nadu, bug-bounty-writeup, bug-bounty, bug-bounty-tips, ethical-hacking | 11-Feb-2025 |
How I found 3 CSRFs on a Public Program | https://medium.com/@shellreaper/how-i-found-3-csrfs-on-a-public-program-e9b9ff52c1a0?source=rss------bug_bounty-5 | ShellReaper | bug-bounty, bug-bounty-writeup, bug-bounty-tips, csrf-attack, web-security | 11-Feb-2025 |
From Brute-Force to Bounty: My $200 and Double XSS Win on Acronis | https://muzamilsheikh.medium.com/from-brute-force-to-bounty-my-200-and-double-xss-win-on-acronis-4fc7c7ccff39?source=rss------bug_bounty-5 | MuzamilSheikh | bug-bounty-writeup, bug-bounty-tips, bug-bounty, cyber-security-awareness, cybersecurity | 11-Feb-2025 |
Restarting My Bug Bounty Journey: Why I Quit and What’s Next | https://infosecwriteups.com/restarting-my-bug-bounty-journey-why-i-quit-and-whats-next-16b0ae1a027b?source=rss------bug_bounty-5 | Om Arora | technology, cybersecurity, bug-bounty-tips, infosec, bug-bounty | 11-Feb-2025 |
How a Simple Clickjacking Bug Can Lead to Big Security Risks | https://cyberw1ng.medium.com/how-a-simple-clickjacking-bug-can-lead-to-big-security-risks-a61882702370?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, programming, jobs, bug-bounty, careers | 11-Feb-2025 |
Best Port Scanner for Bug Bounty: How to Install and Use Naabu Efficiently | https://medium.com/@hacker_might/best-port-scanner-for-bug-bounty-how-to-install-and-use-naabu-efficiently-4bffdab35ed5?source=rss------bug_bounty-5 | hacker_might | naabu, port-scanning, reconnaissance, bug-bounty-tips, bug-bounty | 11-Feb-2025 |
Burp Suite — Creación de Issues Manuales | https://medium.com/@ArtsSEC/burp-suite-creaci%C3%B3n-de-issues-manuales-ac65c5767852?source=rss------bug_bounty-5 | ArtsSEC | burpsuite, pentesting, infosec, bug-bounty, security | 11-Feb-2025 |
The 7 Most Hilarious Bugs I’ve Encountered in My Career | https://blog.stackademic.com/the-7-most-hilarious-bugs-ive-encountered-in-my-career-128aa23532ab?source=rss------bug_bounty-5 | Coders Stop | software-development, bug-bounty, programming, bugs, coding | 10-Feb-2025 |
Bypassed Cloudflare: XSS Pop-Up | https://medium.com/@kumawatabhijeet2002/bypassed-cloudflare-xss-pop-up-f9c67952abcf?source=rss------bug_bounty-5 | Abhijeet kumawat | xss-attack, infosec, hacking, bug-bounty-tips, bug-bounty | 10-Feb-2025 |
HTML Injection in Email Invitations: A Security Flaw Exploited | https://medium.com/@muralidharan1530/html-injection-in-email-invitations-a-security-flaw-exploited-39394f6ac266?source=rss------bug_bounty-5 | Murali Dharan | bug-bounty-writeup, bug-bounty, bug-bounty-tips | 10-Feb-2025 |
GetSubDomains: A Fast & Efficient Subdomain Enumeration Tool ️ | https://yogsec.medium.com/getsubdomains-a-fast-efficient-subdomain-enumeration-tool-%EF%B8%8F-11c7d8003931?source=rss------bug_bounty-5 | YogSec | subfinder, subdomains-finder, bug-bounty, cybersecurity, hacking-tools | 10-Feb-2025 |
ERC-20, ERC-721, ERC-1155: How Token Standards Introduce Unique Security Risks | https://securrtech.medium.com/erc-20-erc-721-erc-1155-how-token-standards-introduce-unique-security-risks-ed9fe5083200?source=rss------bug_bounty-5 | Securr - Web3 Security | smart-contract-security, blockchain-security, bug-bounty, web3-security, smart-contract-auditing | 10-Feb-2025 |
Bypassed Cloudflare: XSS Pop-Up | https://cybersecuritywriteups.com/bypassed-cloudflare-xss-pop-up-f9c67952abcf?source=rss------bug_bounty-5 | Abhijeet kumawat | xss-attack, infosec, hacking, bug-bounty-tips, bug-bounty | 10-Feb-2025 |
Stored XSS into Onclick Event: Bypassing Angle Brackets, Double Quotes, and Escaped Characters —… | https://infosecwriteups.com/stored-xss-into-onclick-event-bypassing-angle-brackets-double-quotes-and-escaped-characters-ee347b9e19d9?source=rss------bug_bounty-5 | Bash Overflow | exploiting-onclick-xss, bug-bounty, portswigger-xss-lab, stored-xss-bypass, bypass-html-encoding | 10-Feb-2025 |
Bug Bounty Hunting: A Step-by-Step Guide for Beginners | https://medium.com/cyberilluminati/bug-bounty-hunting-a-step-by-step-guide-for-beginners-05505b12769d?source=rss------bug_bounty-5 | IAMnk | bug-bounty, cyber, bug-bounty-tips, cybersecurity, red-team | 10-Feb-2025 |
Finding more subdomains Part 3 | https://infosecwriteups.com/finding-more-subdomains-part-3-dee1c581c49b?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, ethical-hacking, infosec, tips, cybersecurity | 10-Feb-2025 |
My First Paid Bug Bounty: A $250 Reward For Session Management Vulnerability | https://medium.com/@sauravkrish59/my-first-paid-bug-bounty-a-250-reward-for-session-management-vulnerability-22cb5163e05f?source=rss------bug_bounty-5 | Sauravkrish | bug-bounty-writeup, bug-bounty-tips, bug-bounty, ethical-hacking | 10-Feb-2025 |
How to Get Started in Bug Bounty as a Beginner | https://medium.com/@pjha80122/how-to-get-started-in-bug-bounty-as-a-beginner-48bca31622ec?source=rss------bug_bounty-5 | Pratik | cybersecurity, bug-bounty, ethical-hacking, web-security, penetration-testing | 10-Feb-2025 |
One of the best tool for subdomain finding | https://medium.com/infosecmatrix/one-of-the-best-tool-for-subdomain-finding-0a066c9e0841?source=rss------bug_bounty-5 | loyalonlytoday | ethical-hacking, cybersecurity, bug-bounty, subdomain, hacking | 10-Feb-2025 |
Jira Misconfiguration Leading to Unauthorized Access | https://metanetwebhostingsecurity.medium.com/jira-misconfiguration-leading-to-unauthorized-access-69d32ab5a5c7?source=rss------bug_bounty-5 | metanetwebhosting security | cyber-security-awareness, bug-bounty, bug-bounty-writeup, bug-bounty-tips, cybersecurity | 10-Feb-2025 |
My First Year in Bug Bounty: from 0$ to 10k$ Lessons, Successes, and Encouragement for Beginners | https://medium.com/@hhack4737/my-first-year-in-bug-bounty-from-0-to-10k-lessons-successes-and-encouragement-for-beginners-932bb8884a87?source=rss------bug_bounty-5 | xssor-dz | bug-bounty, bug-bounty-writeup | 10-Feb-2025 |
Unveiling EXIF Metadata: How to Extract Hidden Information from Images | https://rootxabit.medium.com/unveiling-exif-metadata-how-to-extract-hidden-information-from-images-55e7f3c7f844?source=rss------bug_bounty-5 | xabit • hacks | bugcrowd, hacking, 2025, exiftool, bug-bounty | 10-Feb-2025 |
How to Start Your Journey in Bug Bounty Hunting | https://medium.com/@vipulsonule71/how-to-start-your-journey-in-bug-bounty-hunting-7e939b75a314?source=rss------bug_bounty-5 | Vipul Sonule | tools, bug-bounty, technology, penetration-testing, cybersecurity | 10-Feb-2025 |
STIX/TAXII: The Cybersecurity Game-Changer You’re Not Using Yet!” | https://medium.com/@paritoshblogs/stix-taxii-the-cybersecurity-game-changer-youre-not-using-yet-f6ac012dae31?source=rss------bug_bounty-5 | Paritosh | threat-intelligence, hacking, information-technology, cybersecurity, bug-bounty | 10-Feb-2025 |
How Bug Bounty Programs Work: The Ultimate Guide | https://medium.com/@hackrate/how-bug-bounty-programs-work-the-ultimate-guide-143a7bd93451?source=rss------bug_bounty-5 | Levente Molnar | bug-bounty-tips, cybersecurity, ethical-hacking, hacking, bug-bounty | 10-Feb-2025 |
XML-RPC Vulnerability: Easy Exploit, Easy Bounty! | https://keroayman77.medium.com/xml-rpc-vulnerability-easy-exploit-easy-bounty-8019a35c700b?source=rss------bug_bounty-5 | Kerolos Ayman | bug-bounty-writeup, bug-bounty, bug-bounty-tips | 10-Feb-2025 |
Exposed API Keys & Config Files in js file! || Bug Bounty | https://keroayman77.medium.com/exposed-api-keys-config-files-in-js-file-bug-bounty-790b02a015ff?source=rss------bug_bounty-5 | Kerolos Ayman | bug-bounty-tips, bug-bounty-writeup, bug-bounty | 10-Feb-2025 |
Bug Bounty Target Selection: How Hackers Find the Most Profitable & Juicy Bugs Before Anyone Else! | https://myselfakash20.medium.com/bug-bounty-target-selection-how-hackers-find-the-most-profitable-juicy-bugs-before-anyone-else-061510e83698?source=rss------bug_bounty-5 | Akash Ghosh | programming, bug-bounty-tips, cybersecurity, bug-bounty-writeup, bug-bounty | 10-Feb-2025 |
International Operation Dismantles Phobos Ransomware Gang: Key Arrests and 8Base Takedown | https://medium.com/@wiretor/international-operation-dismantles-phobos-ransomware-gang-key-arrests-and-8base-takedown-61e126bb54c9?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, malware, gangs, ai, money | 10-Feb-2025 |
Day 6: CSS Injection + Clickjacking to Account Takeover | https://medium.com/@danielbelay/day-6-css-injection-clickjacking-to-account-takeover-c0a0622ac250?source=rss------bug_bounty-5 | dani3l | bug-bounty, ethical-hacking, account-takeover | 10-Feb-2025 |
Understanding and Exploiting an Open Redirect Vulnerability in NVIDIA | https://medium.com/@g0kb0ru/understanding-and-exploiting-an-open-redirect-vulnerability-in-nvidia-3b1b429cb3c5?source=rss------bug_bounty-5 | g0kb0ru | open-redirect, bug-bounty, bug-bounty-writeup, pentesting, bug-bounty-tips | 10-Feb-2025 |
Bug Bounty Target Selection: How Hackers Find the Most Profitable & Juicy Bugs Before Anyone Else! | https://infosecwriteups.com/bug-bounty-target-selection-how-hackers-find-the-most-profitable-juicy-bugs-before-anyone-else-061510e83698?source=rss------bug_bounty-5 | Akash Ghosh | technology, programming, cybersecurity, bug-bounty-writeup, bug-bounty | 10-Feb-2025 |
Easy $250: Discovered Exposed .env Files | https://cybersecuritywriteups.com/easy-250-discovered-exposed-env-files-47e0d425795d?source=rss------bug_bounty-5 | Abhijeet kumawat | money, bug-bounty, ai, hacking, infosec | 09-Feb-2025 |
How I got Bounty and Hall of Fame for finding easy bugs | https://infosecwriteups.com/how-i-got-bounty-and-hall-of-fame-for-finding-easy-bugs-1a72aefe6c3a?source=rss------bug_bounty-5 | RivuDon | bug-bounty-writeup, ethical-hacking, bug-bounty, infosec, bug-bounty-tips | 09-Feb-2025 |
How to find bugs in the Microsoft IIS page. | https://infosecwriteups.com/how-to-find-bugs-in-the-microsoft-iis-page-120c2050b66f?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, info-sec-writeups, hacking, bugs, cybersecurity | 09-Feb-2025 |
Sniper: An Automated Penetration Testing Tool | https://osintteam.blog/sniper-an-automated-penetration-testing-tool-fb54c506f60d?source=rss------bug_bounty-5 | Monika sharma | hacking, bug-bounty-tips, bug-bounty, technology, penetration-testing | 09-Feb-2025 |
From Duplicate to Letter of Appreciation: How I Hacked NASA | https://medium.com/@cyberhrsh/from-duplicate-to-letter-of-appreciation-how-i-hacked-nasa-3f8b5a6c105c?source=rss------bug_bounty-5 | Harsh kothari | nasa, swag, bug-bounty, vdp, hacking | 09-Feb-2025 |
Solidity: The Language That Powers the Crypto Revolution | https://medium.com/@legendh238/imagine-youre-in-a-futuristic-city-where-every-transaction-contract-and-agreement-is-1a1b49c873aa?source=rss------bug_bounty-5 | johan | bug-bounty, bitcoin, coding, solidity-language, solidity | 09-Feb-2025 |
Takeover fresh install nextcloud server admin. | https://medium.com/@nanwinata/takeover-fresh-install-nextcloud-server-admin-142b5c179fe4?source=rss------bug_bounty-5 | nanwn | bug-bounty, nextcloud, hackerone | 09-Feb-2025 |
How I Found Reflected XSS Vulnerability on Australian Government. [CVE-2022–35653] | https://systemweakness.com/how-i-found-reflected-xss-vulnerability-on-australian-government-cve-2022-35653-ead0e56db243?source=rss------bug_bounty-5 | Gokuleswaran B | bug-bounty-tips, xss-vulnerability, bug-bounty-writeup, xss-attack, bug-bounty | 09-Feb-2025 |
BUG BOUNTY Roadmap | https://medium.com/@codingbolt.in/bug-bounty-roadamp-4acc1220e123?source=rss------bug_bounty-5 | codingbolt | bug-bounty-tips, bugs, bug-bounty, bug-hunting, bug-bounty-writeup | 09-Feb-2025 |
️♂️My Journey of Securing WHO | https://infosecwriteups.com/%EF%B8%8F-%EF%B8%8Fmy-journey-of-securing-who-85f36c6caf0f?source=rss------bug_bounty-5 | cryptoshant | html, tips, bug-bounty, hacking, cybersecurity | 09-Feb-2025 |
Automated Bug Hunting With Semgrep: Your Secret Weapon for Catching Sneaky Bugs! | https://systemweakness.com/automated-bug-hunting-with-semgrep-your-secret-weapon-for-catching-sneaky-bugs-91439484acf4?source=rss------bug_bounty-5 | The Cyber Ghost | bug-bounty, bugs, bug-bounty-writeup, cybersecurity, bug-bounty-tips | 09-Feb-2025 |
My Experience at TheDeccanCTF 2025: A Night of Cybersecurity and Challenges | https://medium.com/@pavitr_swain/my-experience-at-thedeccanctf-2025-a-night-of-cybersecurity-and-challenges-b7dc2bc1f114?source=rss------bug_bounty-5 | Pavitr swain | bug-bounty, cybersecurity, thedeccanctf | 09-Feb-2025 |
How AI Revolutionizes Load Balancing in NGINX, F5 LTM, and GTM ⚙️ | https://medium.com/@deepdive4learn/how-ai-revolutionizes-load-balancing-in-nginx-f5-ltm-and-gtm-%EF%B8%8F-ee6c8edce7d7?source=rss------bug_bounty-5 | DeepDive4learn | cybersecurity, information-technology, pentesting, bug-bounty, web-development | 09-Feb-2025 |
Best USB WiFi Adapters for Linux and Windows in 2025 | https://medium.com/@verylazytech/best-usb-wifi-adapters-for-linux-and-windows-in-2025-fd6dfc4bad2c?source=rss------bug_bounty-5 | Very Lazy Tech | wifi-hack, wifi, bug-bounty, penetration-testing, cybersecurity | 09-Feb-2025 |
How to Start Bug Bounty Hunting: A Beginner’s Guide with BugBoard | https://yogsec.medium.com/how-to-start-bug-bounty-hunting-a-beginners-guide-with-bugboard-2be48dffc598?source=rss------bug_bounty-5 | YogSec | hacking-tools, bug-bounty, cybersecurity, hacking | 09-Feb-2025 |
How Amazon BBP Gave Me $400 bymistake | https://medium.com/@thedevtaskofficial/how-amazon-bbp-gave-me-400-bymistake-1968334003ac?source=rss------bug_bounty-5 | thedevtask official | cybersecurity, vulnerability, penetration-testing, bug-bounty, ethical-hacking | 09-Feb-2025 |
Ghauri Tool usage for extreme SLQi | https://medium.com/@anandrishav2228/ghauri-tool-usage-for-extreme-slqi-8eb90e65ea64?source=rss------bug_bounty-5 | Rishav anand | sqli, hacking, money, bug-bounty, cybersecurity | 09-Feb-2025 |
How I Chained 3 Vulnerabilities to Achieve Account Takeover (ATO) | https://medium.com/@hhack4737/how-i-chained-3-vulnerabilities-to-achieve-account-takeover-ato-5238b8acc1ae?source=rss------bug_bounty-5 | xssor-dz | bug-bounty-writeup, bug-bounty | 09-Feb-2025 |
Threat Hunting with Email Servers: A Practical Guide | https://medium.com/@paritoshblogs/threat-hunting-with-email-servers-a-practical-guide-635d524d72f7?source=rss------bug_bounty-5 | Paritosh | hacking, threat-intelligence, bug-bounty, threat-hunting, information-technology | 09-Feb-2025 |
Automating Subdomain Takeover Detection: A Step-by-Step Guide | https://bitpanic.medium.com/automating-subdomain-takeover-detection-a-step-by-step-guide-30d692f70752?source=rss------bug_bounty-5 | Spectat0rguy | programming, bug-bounty, technology, cybersecurity, bug-bounty-tips | 09-Feb-2025 |
Privacy Disclosure on m.facebook.com after add photo to the post | https://infosecwriteups.com/title-privacy-disclosure-on-m-facebook-com-after-add-photo-to-the-post-e7e07e2083e5?source=rss------bug_bounty-5 | Mohamed Laajimi | bug-bounty-writeup, cybersecurity, bug-bounty | 09-Feb-2025 |
Automate Google Dorking And Get Bugs! | https://osintteam.blog/automate-google-dorking-and-get-bugs-a34e4e06767c?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, money, ai, hacking, infosec | 09-Feb-2025 |
Mobile Pentesting with Frida: A Beginner’s Guide | https://medium.com/meetcyber/mobile-pentesting-with-frida-a-beginners-guide-996411fa0202?source=rss------bug_bounty-5 | Erkan Kavas | ios, android, frida, mobile-pentesting, bug-bounty | 09-Feb-2025 |
How to Find Primary Domains Using crt.sh: The Ultimate Guide for Beginners and Experts | https://medium.com/@hacker_might/how-to-find-primary-domains-using-crt-sh-the-ultimate-guide-for-beginners-and-experts-354ec0c56557?source=rss------bug_bounty-5 | hacker_might | reconnaissance, primary-domain, pentesting, bug-bounty, recon | 09-Feb-2025 |
How to Uncover Hidden Attack Surfaces? Recon part 6 | https://infosecwriteups.com/how-to-uncover-hidden-attack-surfaces-recon-part-6-61e43976ed22?source=rss------bug_bounty-5 | It4chis3c | bug-bounty, attack-surface, hidden, port-scanning, ip-scans | 09-Feb-2025 |
How to Find Primary Domains Using crt.sh: The Ultimate Guide for Beginners and Experts | https://osintteam.blog/how-to-find-primary-domains-using-crt-sh-the-ultimate-guide-for-beginners-and-experts-354ec0c56557?source=rss------bug_bounty-5 | hacker_might | reconnaissance, primary-domain, pentesting, bug-bounty, recon | 09-Feb-2025 |
Day 5: Chaining Bugs from Self-XSS to Full Account Takeover | https://medium.com/@danielbelay/day-5-chaining-bugs-from-self-xss-to-full-account-takeover-d01ab3759e06?source=rss------bug_bounty-5 | dani3l | bug-bounty, ethical-hacking, account-takeover | 09-Feb-2025 |
Insecure root-path FileProvider Config Leading to Path Traversal Vulnerability | https://medium.com/@k3r0/insecure-root-path-fileprovider-config-leading-to-path-traversal-vulnerability-7be2d6994aaf?source=rss------bug_bounty-5 | Kyrillos nady | bug-bounty, mobile-app-development, penetration-testing, android, hacking | 09-Feb-2025 |
The Art of Recon: Hunting Bugs Before They Hide (Part One) | https://zeusvuln.medium.com/the-art-of-recon-hunting-bugs-before-they-hide-part-one-1df269ab1d68?source=rss------bug_bounty-5 | ZeUsVuLn | reconnaissance, bug-bounty-writeup, bug-bounty-tips, bug-bounty | 09-Feb-2025 |
Exploiting an IDOR Vulnerability in Target.com Account Management System | https://bugbountylogs.medium.com/exploiting-an-idor-vulnerability-in-target-com-account-management-system-a5bec149e69f?source=rss------bug_bounty-5 | Bug Bounty Logs | idor, cyber-security-awareness, csrf-attack, bug-bounty-tips, bug-bounty | 09-Feb-2025 |
SQL Injection and Stored Cross-Site Scripting Vulnerability in Super Store Finder Plugin | https://medium.com/@wiretor/sql-injection-and-stored-cross-site-scripting-vulnerability-in-super-store-finder-plugin-214237191b5a?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, malware, ai, sql-injection, money | 09-Feb-2025 |
Massive Data Breach: 882,000 Patients Affected in US Health System Cyberattack | https://medium.com/@wiretor/massive-data-breach-882-000-patients-affected-in-us-health-system-cyberattack-ce8ddca0edc0?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | money, malware, ai, breach, bug-bounty | 09-Feb-2025 |
Exploiting Web Cache Poisoning with Multiple Headers: A Practical Guide Using Param Miner — Web… | https://bashoverflow.medium.com/exploiting-web-cache-poisoning-with-multiple-headers-a-practical-guide-using-param-miner-web-aca990356da8?source=rss------bug_bounty-5 | Bash Overflow | bug-bounty, bug-bounty-tips, cache-poisoning-xss, web-cache-attack, web-cache-poisoning | 08-Feb-2025 |
Selecting A Program for Bug Bounty on HackerOne | https://vijetareigns.medium.com/selecting-a-program-for-bug-bounty-on-hackerone-e51ce8a83b2a?source=rss------bug_bounty-5 | the_unlucky_guy | bug-bounty-tips, bug-bounty-writeup, cybersecurity, hackerone, bug-bounty | 08-Feb-2025 |
Sensitive Information Disclosure | https://medium.com/@kumawatabhijeet2002/sensitive-information-disclosure-f374fa508809?source=rss------bug_bounty-5 | Abhijeet kumawat | money, hacking, infosec, bug-bounty-tips, bug-bounty | 08-Feb-2025 |
nullcon HackIM CTF Goa 2025 | https://aftab700.medium.com/nullcon-hackim-ctf-goa-2025-a7e9c6b1c293?source=rss------bug_bounty-5 | Aftab Sama | ctf, cybersecurity, ctf-writeup, bug-bounty, nullcon | 08-Feb-2025 |
Find RXSS using Nuclei (DAST) | https://cybersecuritywriteups.com/find-rxss-using-nuclei-dast-87080542adde?source=rss------bug_bounty-5 | AbhirupKonwar | cybersecurity, pentesting, xss-attack, bug-bounty, bug-bounty-tips | 08-Feb-2025 |
Behind the Message: Two Critical XSS Vulnerabilities in Zoho’s Web Applications | https://infosecwriteups.com/behind-the-message-two-critical-xss-vulnerabilities-in-zohos-web-applications-86aa42887129?source=rss------bug_bounty-5 | HackerWithOutHat | javascript, bugbounty-writeup, bug-bounty, vulnerability, infosec | 08-Feb-2025 |
Best Browser Extensions for Bug Hunting and Cybersecurity | https://infosecwriteups.com/best-browser-extensions-for-bug-hunting-and-cybersecurity-77faf6bd8188?source=rss------bug_bounty-5 | coffinxp | bug-bounty, hacking, bug-bounty-tips, cybersecurity, technology | 08-Feb-2025 |
Web Security 101: Understanding LFI and RFI Attacks: A Bug Bounty Hunter’s Guide | https://anmolvishwakarma7466.medium.com/web-security-101-understanding-lfi-and-rfi-attacks-a-bug-bounty-hunters-guide-299b6b1d76e7?source=rss------bug_bounty-5 | Anmolvishwakarma | vulnerability, lfi, hacking, cybersecurity, bug-bounty | 08-Feb-2025 |
How to Get Your First Bug Bounty: A Beginner’s Guide | https://medium.com/@krishna9823420058/how-to-get-your-first-bug-bounty-a-beginners-guide-c2a07bb4e792?source=rss------bug_bounty-5 | Krish_cyber | bug-bounty-tips, bug-bounty, cybersecurity, bugbounty-writeup, ethical-hacking | 08-Feb-2025 |
BONUS for NAs! How? | https://medium.com/@thedevtaskofficial/bonus-for-well-written-nas-46a55eb20bc9?source=rss------bug_bounty-5 | thedevtask official | ethical-hacking, cybersecurity, bug-bounty, penetration-testing, vulnerability | 08-Feb-2025 |
Bug bounty triagers have blacklisted you! | https://medium.com/@thedevtaskofficial/the-bug-bounty-secret-nobody-tells-you-e66c99adb013?source=rss------bug_bounty-5 | thedevtask official | vulnerability, ethical-hacking, cybersecurity, penetration-testing, bug-bounty | 08-Feb-2025 |
Bug Bounty Hunting: Web Vulnerability (Insecure Direct Object References) | https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-insecure-direct-object-references-a39038e8f7a3?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty-program, bug-bounty-tips, bug-bounty, idor, bug-bounty-hunter | 08-Feb-2025 |
Lack of Clarity Costed me $500 | https://medium.com/@naveen_sparks/lack-of-clarity-costed-me-500-26565aeb05e7?source=rss------bug_bounty-5 | Naveen Kumar | mfa, bug-bounty, 2fa-bypass | 08-Feb-2025 |
$500 Bounty: Unlocking Premium Job Features with a Simple API Trick! | https://medium.com/@a13h1/500-bounty-unlocking-premium-job-features-with-a-simple-api-trick-1c59814ad8f4?source=rss------bug_bounty-5 | Abhi Sharma | cybersecurity, penetration-testing, api, infosec, bug-bounty | 08-Feb-2025 |
Account Verification OTP Bypass in Microsoft Security Response Centre | https://medium.com/@official.armanreza/account-verification-otp-bypass-in-microsoft-security-response-centre-21855731a6f5?source=rss------bug_bounty-5 | armanxreza | bug-bounty-writeup, security, bug-bounty, microsoft, msrc | 08-Feb-2025 |
Account Takeover via Email Change: Exploiting Weak Verification to Access Support Accounts | https://medium.com/@umd04843/account-takeover-via-email-change-exploiting-weak-verification-to-access-support-accounts-a3bb8d59e753?source=rss------bug_bounty-5 | Mohamed Usman | account-takeover, cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 08-Feb-2025 |
How I Found My First Bug $$$ | https://medium.com/@HackerNasr/how-i-found-my-first-bug-c976920cbbe3?source=rss------bug_bounty-5 | HackerNasr | xss-attack, penetration-testing, ethical-hacking, cybersecurity, bug-bounty | 08-Feb-2025 |
Strange SQL Injection on a public program | https://medium.com/@68abdelrahmanmohamed/strange-sql-injection-on-a-public-program-50e93a94f02a?source=rss------bug_bounty-5 | Abdulrahman | bug-bounty, sql-injection, web-app-security, pentesting, web-app-pentesting | 08-Feb-2025 |
My First Finding In Hackerone | https://islammeshriff.medium.com/my-first-finding-in-hackerone-7521597ca04d?source=rss------bug_bounty-5 | Islam Meshrif | bug-bounty, bug-bounty-writeup, information-disclosure | 08-Feb-2025 |
From Hidden XSS to Full Account Takeover – A Deep Dive into Exploiting Modern Web Applications | https://medium.com/@mahad.ahmed0x1/from-hidden-xss-to-full-account-takeover-a-deep-dive-into-exploiting-modern-web-applications-811380417387?source=rss------bug_bounty-5 | 404NotPentested | web-security, xss-attack, cybersecurity, cross-site-scripting, bug-bounty | 08-Feb-2025 |
How Subdomain Fuzzing Earned Me a $35,000 Bug Bounty! | https://medium.com/@ibtissamhammadi1/how-subdomain-fuzzing-earned-me-a-35-000-bug-bounty-994b39763451?source=rss------bug_bounty-5 | Ibtissam hammadi | web-security, hacking, cybersecurity, bug-bounty, infosec | 08-Feb-2025 |
EASIEST P4 TO FIND IN BUG BOUNTY PART 1 | https://medium.com/@sahusujal.dev2004/easiest-p4-to-find-in-bug-bounty-part-1-b903ad3cea37?source=rss------bug_bounty-5 | Sujal Sahu | cybersecurity, bug-bounty, bug-bounty-tips, bugs, real-world-bug-hunting | 08-Feb-2025 |
Ethical Hacking: Reconnaissance/Footprinting | https://medium.com/@paritoshblogs/ethical-hacking-reconnaissance-footprinting-214055abbf44?source=rss------bug_bounty-5 | Paritosh | ethical-hacking, reconnaissance, bug-bounty, information-technology, footprinting | 08-Feb-2025 |
Bug Bounty Hunting: Web Vulnerability (Race Condition) | https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-race-condition-2af68c166721?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty-tips, bug-bounty-hunter, bug-bounty-program, bug-bounty, race-condition | 08-Feb-2025 |
Bug Bounty Hunting: Web Vulnerability (SQL injection) | https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-sql-injection-1abe0f72832d?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty-hunter, bug-bounty, sql-injection, bug-bounty-tips, bug-bounty-program | 08-Feb-2025 |
My Journey to Earning the HTB Bug Bounty Hunter Certificate: An Honest Review | https://medium.com/@Arsenelupin12/my-journey-to-earning-the-htb-bug-bounty-hunter-certificate-an-honest-review-323fb71b306a?source=rss------bug_bounty-5 | Wasted Resources | hacking, hackerone, bug-bounty-tips, bug-bounty, cybersecurity | 08-Feb-2025 |
Hackers Exploit Cityworks RCE Bug to Breach Microsoft IIS Servers | https://medium.com/@wiretor/hackers-exploit-cityworks-rce-bug-to-breach-microsoft-iis-servers-ad48fc0e13e9?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, malware, money, ai, trump | 08-Feb-2025 |
HPE Notifies Employees of Data Breach After Russian Office 365 Hack | https://medium.com/@wiretor/hpe-notifies-employees-of-data-breach-after-russian-office-365-hack-d5bfed1fd135?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | trump, ai, malware, bug-bounty, money | 08-Feb-2025 |
2.8 Million IPs Power Large-Scale Attack on VPN and Security Devices | https://medium.com/@wiretor/2-8-million-ips-power-large-scale-attack-on-vpn-and-security-devices-a889473a5c36?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, usa, trump, ai, money | 08-Feb-2025 |
Just a Writeup about 2FA Bypass at a Private Program 🙂 | https://v0ltex.medium.com/just-a-writeup-about-2fa-bypass-at-a-private-program-509238a0a3a1?source=rss------bug_bounty-5 | Abdo Rabea | bug-hunting, 2fa-bypass, bug-bounty-writeup, bug-bounty, pentesting | 08-Feb-2025 |
The $50,000 Mistake — A Read/Write Profile IDOR Story | https://medium.com/@shxsu1/the-50-000-mistake-a-read-write-profile-idor-story-c31c353446d4?source=rss------bug_bounty-5 | shxsu1 | hackerone, bug-bounty, college, hacking, idor | 07-Feb-2025 |
[PART 2] Anyone can use unlimited Trial Premium on accounts that have used Trial Premium before | https://aidilarf.medium.com/part-2-anyone-can-use-unlimited-trial-premium-on-accounts-that-have-used-trial-premium-before-b1ac65c9a2d6?source=rss------bug_bounty-5 | Aidil Arief | bugs, bug-bounty, hackerone, business-logic-bug, linkedin | 07-Feb-2025 |
How to Exploit Web Cache Poisoning with an Unkeyed Header Using Param Miner — Web Cache… | https://bashoverflow.medium.com/how-to-exploit-web-cache-poisoning-with-an-unkeyed-header-using-param-miner-web-cache-a3ffacc546a1?source=rss------bug_bounty-5 | Bash Overflow | bug-bounty-tips, web-cache-poisoning, bug-bounty, cache-poisoning-xss, web-cache-exploit | 07-Feb-2025 |
50+ XSS: Mass Hunting | https://medium.com/@kumawatabhijeet2002/50-xss-mass-hunting-37e51fce5369?source=rss------bug_bounty-5 | Abhijeet kumawat | money, xss-attack, hacking, infosec, bug-bounty | 07-Feb-2025 |
How I Found an Excel Sheet with 200+ Bank Testing Account Login Details! | https://systemweakness.com/how-i-found-an-excel-sheet-with-200-bank-testing-account-login-details-883c38492424?source=rss------bug_bounty-5 | Gokuleswaran B | google-dork, reconnaissance, bug-bounty, dorking, bug-bounty-tips | 07-Feb-2025 |
Do You Struggle Finding Internal/Hidden Subdomains? Recon part 5 | https://osintteam.blog/do-you-struggle-finding-internal-hidden-subdomains-recon-part-5-b06c99a11364?source=rss------bug_bounty-5 | It4chis3c | subdomain-enumeration, hidden, bug-bounty, brute-force, secrets | 07-Feb-2025 |
RXSS Hacking Law Enforcement | https://systemweakness.com/rxss-hacking-law-enforcement-434ad9b5c03f?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty, bug-bounty-tips, ethical-hacking, cybersecurity, pentesting | 07-Feb-2025 |
Bug Bounty Program: Crypto Rewards for Finding Bugs in ARMswap Platform | https://medium.com/@michaeltaylor.armswap/bug-bounty-program-crypto-rewards-for-finding-bugs-in-armswap-platform-e863185b0b07?source=rss------bug_bounty-5 | Michael Taylor | bug-bounty, bug-bounty-program, bug-bounty-hunter, bug-bounty-tips, armswap | 07-Feb-2025 |
Exploiting CSRF in GraphQL Applications | https://fdzdev.medium.com/exploiting-csrf-in-graphql-applications-f262411588f7?source=rss------bug_bounty-5 | Facundo Fernandez | bug-bounty, data-breach, penetration-testing, cybersecurity, offensive-security | 07-Feb-2025 |
How to Find Your 1st Easy Bug as a Bug Bounty Hunter (Step-by-Step Guide) On Real Live Websites | https://medium.com/@shaikhminhaz1975/how-to-find-your-1st-easy-bug-as-a-bug-bounty-hunter-step-by-step-guide-on-real-live-websites-cc586d51e1e7?source=rss------bug_bounty-5 | Shaikh Minhaz | ethical-hacking, cybersecurity, bug-bounty, information-disclosure, how-to | 07-Feb-2025 |
How to Approach a Target for Bug Hunting | https://medium.com/@vipulsonule71/how-to-approach-a-target-for-bug-hunting-ef45c32cf8ee?source=rss------bug_bounty-5 | Vipul Sonule | cybersecurity, penetration-testing, hacking, bug-bounty, technology | 07-Feb-2025 |
3 Digit Codes That Decides Your Future | https://bitpanic.medium.com/3-digit-codes-that-decides-your-future-dd078f099b06?source=rss------bug_bounty-5 | Spectat0rguy | bug-bounty, technology, cybersecurity, web-development, bug-bounty-tips | 07-Feb-2025 |
How I Found Sensitive Log Files | https://medium.com/@kumawatabhijeet2002/how-i-found-sensitive-log-files-2336cd86226f?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, infosec, logistics, hacking, money | 07-Feb-2025 |
Day 3: Account Takeover via XSS in E-Signature Feature (Worth $2500) | https://medium.com/@danielbelay/day-3-account-takeover-via-xss-in-e-signature-feature-worth-2500-71db9449f74b?source=rss------bug_bounty-5 | dani3l | bugs, bug-bounty, ethical-hacking | 07-Feb-2025 |
Cloudflare Outage Disrupts Multiple Services Due to Phishing Block Mishap | https://medium.com/@wiretor/cloudflare-outage-disrupts-multiple-services-due-to-phishing-block-mishap-4fdac4bcd365?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ai, cloudflare, bug-bounty, money, malware | 07-Feb-2025 |
Kimsuky Hackers Deploy Custom RDP Wrapper for Remote Access | https://medium.com/@wiretor/kimsuky-hackers-deploy-custom-rdp-wrapper-for-remote-access-aa9d9eae74f6?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, hacking, money, malware, ai | 07-Feb-2025 |
Bypassing Rate Limit on Password Reset Page | https://medium.com/@omaroymdm/bypassing-rate-limit-on-password-reset-page-63814feec6f5?source=rss------bug_bounty-5 | Omar Mahmoud | rate-limiting, bug-bounty, pentesting | 07-Feb-2025 |
User Interface Says No, Backend Says Yes — Story of Bypassing Email Verification | https://som3a.medium.com/user-interface-says-no-backend-says-yes-story-of-bypassing-email-verification-b469f20a141f?source=rss------bug_bounty-5 | 0xSOM3A | bug-bounty-writeup, bug-bounty, bug-bounty-tips, cybersecurity | 07-Feb-2025 |
Introducing Zerodayf, A dynamic, AI-driven code analysis vulnerability scanner | https://medium.com/@kohihamed3/introducing-zerodayf-a-dynamic-ai-driven-code-analysis-vulnerability-scanner-7e9ab4ffb6e6?source=rss------bug_bounty-5 | 0xHamy | ai, bug-bounty, cve, appsec, vulnerability | 07-Feb-2025 |
Extreme Recon Dorking | https://medium.com/meetcyber/extreme-recon-dorking-eace7444b7c2?source=rss------bug_bounty-5 | AbhirupKonwar | pentesting, bug-bounty-tips, api-testing, bug-bounty, ethical-hacking | 06-Feb-2025 |
The $750 API Leak: Could This Happen to You? | https://deepseng.medium.com/the-750-api-leak-could-this-happen-to-you-08fb858b4af1?source=rss------bug_bounty-5 | Deep SenGupta | cybersecurity, api, bug-bounty | 06-Feb-2025 |
How I got an Account-Takeover By Race-conditions on Login page | https://medium.com/@krishnast545/how-i-got-an-account-takeover-by-race-conditions-on-login-page-3775faaffb4f?source=rss------bug_bounty-5 | Krishna | bug-bounty, bounty-hunter, web-app-security, race-condition, account-take-over | 06-Feb-2025 |
Automating Ghauri for SQLi with Bash Script | https://medium.com/meetcyber/automating-ghauri-for-sqli-with-bash-script-6ce8fb62c367?source=rss------bug_bounty-5 | Erkan Kavas | sqli, sql-injection, ethical-hacking, bug-bounty-tips, bug-bounty | 06-Feb-2025 |
Subdomain Enumeration: A Practical Guide | https://medium.com/@nakshatrasirohi/subdomain-enumeration-a-practical-guide-03b2007aedd7?source=rss------bug_bounty-5 | Nakshatra Sirohi | hacking, bug-bounty, recon, reconnaissance, bug-bounty-tips | 06-Feb-2025 |
Flutsploit : Flutter on the web manifest exploiter | https://medium.com/@raituzki/flutsploit-flutter-on-the-web-manifest-exploiter-8fc6b50b9de7?source=rss------bug_bounty-5 | Muhamad Raidinoor Pasha | security, bug-bounty, exploit, flutter | 06-Feb-2025 |
How to Earn Money in Cybersecurity: A Quick Guide | https://medium.com/@krishna9823420058/how-to-earn-money-in-cybersecurity-a-quick-guide-30422f14b2e7?source=rss------bug_bounty-5 | Krish_cyber | earn-money-online, cyber-security-awareness, ethical-hacking, cybersecurity, bug-bounty | 06-Feb-2025 |
Old CVE in my Old Organization | https://medium.com/@naveen_sparks/old-cve-in-my-old-organization-b4f863049171?source=rss------bug_bounty-5 | Naveen Kumar | cve, cve-2023-24488, bug-bounty | 06-Feb-2025 |
PHP Type Juggling Vulnerabilities: How Attackers Exploit Loose Comparisons | https://0xkratos.medium.com/php-type-juggling-vulnerabilities-how-attackers-exploit-loose-comparisons-e4e0c78ec9e6?source=rss------bug_bounty-5 | Amal PK | bug-bounty, bug-bounty-tips, programming, hacking, cybersecurity | 06-Feb-2025 |
DAY[4/30] CSRF (Cross-Site Request Forgery): Exploitation and Prevention in depth | https://medium.com/@hrofficial62/csrf-cross-site-request-forgery-exploitation-and-prevention-in-depth-72ed72ebf23a?source=rss------bug_bounty-5 | Mr Horbio | cybersecurity, bug-bounty, ethical-hacking, owasp, pentesting | 06-Feb-2025 |
Time to braking your NOS (☞゚ヮ゚)☞ | https://medium.com/@mahdisalhi0500/time-to-braking-your-nos-%EF%BE%9F%E3%83%AE%EF%BE%9F-834ee204bdd2?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | bug-bounty, information-security, penetration-testing, infosec, cybersecurity | 06-Feb-2025 |
$300 Bounty for Easy Default Credential | https://medium.com/@kumawatabhijeet2002/300-bounty-for-easy-default-credential-617de40114c4?source=rss------bug_bounty-5 | Abhijeet kumawat | medium, infosec, hacking, money, bug-bounty | 06-Feb-2025 |
DAY[3/30] XSS Attack Techniques: A Deep Dive into Exploitation and Defense | https://medium.com/@hrofficial62/xss-attack-techniques-a-deep-dive-into-exploitation-and-defense-df62b5f66c44?source=rss------bug_bounty-5 | Mr Horbio | ethical-hacking, pentesting, cybersecurity, bug-bounty, xss-attack | 06-Feb-2025 |
Advanced Techniques for Identifying Leaked API Keys in JS Files | https://systemweakness.com/advanced-techniques-for-identifying-leaked-api-keys-in-js-files-bb67845e5c0e?source=rss------bug_bounty-5 | Reju Kole | bug-bounty, javascript, bug-bounty-writeup, api, bug-bounty-tips | 06-Feb-2025 |
Mastering XSS: An Advanced Cheat Sheet for Exploiting Cross-Site Scripting Vulnerabilities | https://medium.com/@Arsenelupin12/mastering-xss-an-advanced-cheat-sheet-for-exploiting-cross-site-scripting-vulnerabilities-a1eb1470c3ae?source=rss------bug_bounty-5 | Wasted Resources | bug-bounty, xss-vulnerability, cybersecurity, hacking, xss-attack | 06-Feb-2025 |
TikTok Bug Bounty — $250 | https://medium.com/@bhussain894/tiktok-bug-bounty-250-82293995c9e4?source=rss------bug_bounty-5 | Bilal Hussain | bug-bounty, bug-bounty-writeup, ti̇ktok | 06-Feb-2025 |
How to Install and Use ZAP Tool for Web Application Security Testing: A Step-by-Step Guide | https://yaminiyadav583.medium.com/how-to-install-and-use-zap-tool-for-web-application-security-testing-a-step-by-step-guide-f07697a5e6fc?source=rss------bug_bounty-5 | Yamini Yadav | zap, bug-bounty, security, penetration-testing | 06-Feb-2025 |
Search Engines Every Pentester Should Know | https://osintteam.blog/search-engines-every-pentester-should-know-faabe0c7fb64?source=rss------bug_bounty-5 | Sacony Chukwu | bug-bounty-tips, hacking, bug-bounty, bugbounty-writeup, cybersecurity | 06-Feb-2025 |
Automating Google Dorking for Bug Bounty | https://osintteam.blog/automating-google-dorking-for-bug-bounty-2339abb4b910?source=rss------bug_bounty-5 | Monika sharma | technology, bug-bounty-tips, hacking, penetration-testing, bug-bounty | 06-Feb-2025 |
Day 2: Account Takeover via Stored XSS | https://medium.com/@danielbelay/day-2-account-takeover-via-stored-xss-ac62c49b20c1?source=rss------bug_bounty-5 | dani3l | bug-bounty, learning | 06-Feb-2025 |
How to stop a blockchain from reaching consensus? Or 40k bounty for stalling CometBFT | https://medium.com/@unknown_feature/how-to-stop-a-blockchain-from-reaching-consensus-or-40k-bounty-for-stalling-cometbft-1b8a6959e0f0?source=rss------bug_bounty-5 | Anna Skirko (unknown_feature) | crypto, code-review, bug-bounty, blockchain, hacking | 06-Feb-2025 |
How to Shutdown Your Computer Remotely by Pressing a Button on Your Smartwatch or Phone | https://navnee1h.medium.com/how-to-shutdown-your-computer-remotely-by-pressing-a-button-on-your-smartwatch-or-phone-77c07e2562e9?source=rss------bug_bounty-5 | Navaneeth M S | hacking, webhooks, bug-bounty, linux, automation | 06-Feb-2025 |
DDoS Attacks Reportedly Behind DayZ and Arma Network Outages | https://medium.com/@wiretor/ddos-attacks-reportedly-behind-dayz-and-arma-network-outages-937a1078d4c3?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ai, money, ddos, bug-bounty, hacker | 06-Feb-2025 |
Hackers Exploit SimpleHelp RMM Flaws to Deploy Sliver Malware | https://medium.com/@wiretor/hackers-exploit-simplehelp-rmm-flaws-to-deploy-sliver-malware-51d42d46079f?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | money, hacker, ai, bug-bounty, malware | 06-Feb-2025 |
Critical RCE Bug in Microsoft Outlook Now Exploited in Attacks | https://medium.com/@wiretor/critical-rce-bug-in-microsoft-outlook-now-exploited-in-attacks-ea10ec8761c8?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ai, money, bug-bounty, malware, rce | 06-Feb-2025 |
The Importance of Proxy Usage in Bug Hunting | https://medium.com/meetcyber/the-importance-of-proxy-usage-in-bug-hunting-9896618da7fc?source=rss------bug_bounty-5 | Erkan Kavas | ethical-hacking, bug-bounty, payload, bug-bounty-tips, proxy | 06-Feb-2025 |
FINDING A DOS BUG(STEP BY STEP). | https://medium.com/infosecmatrix/finding-a-dos-bug-step-by-step-22216cac37d8?source=rss------bug_bounty-5 | loyalonlytoday | bugs, hacking, bug-bounty, cybersecurity, do | 05-Feb-2025 |
Critical Session Management Vulnerability Leading to Account Hijacking | https://medium.com/@ahmadzuriqi4/critical-session-management-vulnerability-leading-to-account-hijacking-ec71e966265a?source=rss------bug_bounty-5 | Ahmadzuriqi | bug-bounty-tips, bug-bounty, bug-bounty-writeup, hacking, hacker | 05-Feb-2025 |
DOM-Based Reflected XSS in MTN Group’s Notification Server | https://medium.com/@regan_temudo/dom-based-reflected-xss-in-mtn-groups-notification-server-84289a87094e?source=rss------bug_bounty-5 | Regan Temudo | web-security, bug-bounty, xss-attack, cybersecurity, ethical-hacking | 05-Feb-2025 |
Get Easy $$$ Bugs by These Dorks | https://medium.com/@kumawatabhijeet2002/get-easy-bugs-by-these-dorks-b811ca815f3c?source=rss------bug_bounty-5 | Abhijeet kumawat | infosec, ai, hacking, bug-bounty, money | 05-Feb-2025 |
Bypassing OTP Verification: Exposing a Critical Authentication Flaw | https://medium.com/@amanba13.ab/bypassing-otp-verification-exposing-a-critical-authentication-flaw-80a1065a432c?source=rss------bug_bounty-5 | Aman Banga | cybersecurity, authentication, ios, bug-bounty | 05-Feb-2025 |
PII Exposure: The Data Heist You Never Knew Was Possible! | https://infosecwriteups.com/pii-exposure-the-data-heist-you-never-knew-was-possible-5577b84a1074?source=rss------bug_bounty-5 | th3.d1p4k | misconfiguration, hacking, bug-bounty, smtp, api | 05-Feb-2025 |
Brute Forcing Financial Apps With HackerOne | https://infosecwriteups.com/brute-forcing-financial-apps-with-hackerone-86e22add374e?source=rss------bug_bounty-5 | Aleksa Zatezalo | hackerone, vulnerability, hacking, disclosure, bug-bounty | 05-Feb-2025 |
Get Easy $$$ Bugs by These Dorks | https://osintteam.blog/get-easy-bugs-by-these-dorks-b811ca815f3c?source=rss------bug_bounty-5 | Abhijeet kumawat | infosec, ai, hacking, bug-bounty, money | 05-Feb-2025 |
Accidental Information Disclosure! | https://medium.com/@dopednaveen/accidental-information-disclosure-477198f071eb?source=rss------bug_bounty-5 | Naveen Kumar | bug-bounty, bug-bounty-writeup, pentesting | 05-Feb-2025 |
10 Must-Have Burp Suite Extensions for Pro Bug Hunters ️ | https://medium.com/@kumawatabhijeet2002/10-must-have-burp-suite-extensions-for-pro-bug-hunters-%EF%B8%8F-e53aa3b5af48?source=rss------bug_bounty-5 | Abhijeet kumawat | infosec, hacking, bug-bounty, ai, money | 05-Feb-2025 |
Penetration Testing as a Service (PTaaS): The Future of Cybersecurity | https://medium.com/@hackrate/penetration-testing-as-a-service-ptaas-the-future-of-cybersecurity-f8c0f223069b?source=rss------bug_bounty-5 | Levente Molnar | hacking, ethical-hacking, cybersecurity, penetration-testing, bug-bounty | 05-Feb-2025 |
How to find an easy bug is worth $100 | https://medium.com/cyberscribers-exploring-cybersecurity/how-to-find-an-easy-bug-is-worth-100-bbee4ca57d3d?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, cybersecurity, hacking, tips, ethical-hacking | 05-Feb-2025 |
($$$$) Critical IDOR Vulnerability Leads to User Information Disclosure | https://medium.com/@Tanvir0x1/critical-idor-vulnerability-leads-to-user-information-disclosure-b0bb7f06aef5?source=rss------bug_bounty-5 | Tanvir Ahmed | bug-bounty, idor | 05-Feb-2025 |
From Demo to Live: Zero-Click Account Takeover via the Same Encryption Algorithm | https://infosecwriteups.com/from-demo-to-live-zero-click-account-takeover-via-the-same-encryption-algorithm-38b6cabfb21e?source=rss------bug_bounty-5 | can1337 | bugbounty-writeup, account-takeover, bug-bounty, cybersecurity | 05-Feb-2025 |
Accidental Information Disclosure! | https://medium.com/@naveen_sparks/accidental-information-disclosure-477198f071eb?source=rss------bug_bounty-5 | Naveen Kumar | bug-bounty, bug-bounty-writeup, pentesting | 05-Feb-2025 |
OTP Bypass on [Redacted]: Contact Forms to Unauthorized Calls | https://medium.com/@manav.surti.13728342/otp-bypass-on-redacted-contact-forms-to-unauthorized-calls-453d09837fa4?source=rss------bug_bounty-5 | Manav Surti | bug-bounty, cybersecurity, otp-bypass | 05-Feb-2025 |
Day 1: Defeating the HttpOnly Flag for Account Takeover via RXSS | https://medium.com/@danielbelay/day-1-defeating-the-httponly-flag-for-account-takeover-via-rxss-a2fa9cbc0156?source=rss------bug_bounty-5 | dani3l | ethical-hacking, security, writeup, bug-bounty | 05-Feb-2025 |
Cyberforce 2024: How I found my first CVE OpenPLCV3 | https://medium.com/@alimuhammadsecured/cyberforce-2024-how-i-found-my-first-cve-openplcv3-16c058b114b0?source=rss------bug_bounty-5 | Alimuhammadsecured | ctf, vulnerability, exploit, cve, bug-bounty | 05-Feb-2025 |
Netgear Warns of Zero-Day Vulnerabilities in WiFi Routers | https://medium.com/@wiretor/netgear-warns-of-zero-day-vulnerabilities-in-wifi-routers-ffc2d8299b8f?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, netgear, usa, money, ai | 05-Feb-2025 |
All You Need To Know About Path Traversal | https://medium.com/@ossama.cybersec/all-you-need-to-know-about-path-traversal-5a01c18e01e4?source=rss------bug_bounty-5 | Ossama Ahmed (@pent0ss) | bug-bounty, pentesting, bug-bounty-tips, path-traversal, vulnerability | 05-Feb-2025 |
Practical and Easy Steps to Find XSS with a REAL CASE Study | https://medium.com/@BugRey/practical-and-easy-steps-to-find-xss-with-a-real-case-study-6959a3fbd6bf?source=rss------bug_bounty-5 | ./Rey~ | web-security, penetration-testing, web-security-testing, bug-bounty-tips, bug-bounty | 04-Feb-2025 |
How I Hacked My Way Into College (and Became a Life Job Afterward) | https://medium.com/@shxsu1/how-i-hacked-my-way-into-college-and-became-a-life-job-afterward-aef3e0e7e843?source=rss------bug_bounty-5 | shxsu1 | college, bug-bounty, hacking | 04-Feb-2025 |
[A Practical Guide] Exploiting SSRF with Filter Bypass via Open Redirection — SSRF Labs | https://bashoverflow.medium.com/a-practical-guide-exploiting-ssrf-with-filter-bypass-via-open-redirection-ssrf-labs-e0cfaa0c5774?source=rss------bug_bounty-5 | Bash Overflow | bug-bounty, ssrf-exploitation, open-redirection-exploit, ssrf, bypassing-ssrf-filters | 04-Feb-2025 |
Bug Bounty Hunting: Lab Setup & Traffic Interception Guide | https://medium.com/@muhammad4208/bug-bounty-hunting-lab-setup-traffic-interception-guide-d2b9956fa455?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty, bug-bounty-program, bug-bounty-tips | 04-Feb-2025 |
How I Earned 50000 United Miles(And how you can!) | https://medium.com/@thedevtaskofficial/how-i-earned-50000-united-miles-and-how-you-can-793a3b47142e?source=rss------bug_bounty-5 | thedevtask official | cybersecurity, vulnerability, ethical-hacking, bug-bounty, penetration-testing | 04-Feb-2025 |
Exposing Millions of Apple Users’ ticket and other details! ( Part -1 ) | https://virtuvil.medium.com/exposing-millions-of-apple-users-ticket-and-other-details-part-1-36bf35281cd6?source=rss------bug_bounty-5 | Virtuvil | apple, mac, iphone, bug-bounty, bugs | 04-Feb-2025 |
Hacking the Unseen: Finding Bugs Others Miss | https://medium.com/@Zebbern/hacking-the-unseen-finding-bugs-others-miss-a561efecf35d?source=rss------bug_bounty-5 | Zebbern | bug-bounty, pentesting, cybersecurity, hacking, artificial-intelligence | 04-Feb-2025 |
How I Found 2000+ Employee Details of the Indian Government Using Just Google Dorks(And What You… | https://hiddendom.medium.com/how-i-found-2000-employee-details-of-the-indian-government-using-just-google-dorks-and-what-you-d8e07afba27e?source=rss------bug_bounty-5 | Gokuleswaran B | bug-bounty-tips, bug-bounty, bugs, google-dork, penetration-testing | 04-Feb-2025 |
Easy Way to Find Exposed Sensitive API Keys in JS Files | https://infosecwriteups.com/easy-way-to-find-exposed-sensitive-api-keys-in-js-files-d9f9fccb18bb?source=rss------bug_bounty-5 | Abhijeet kumawat | infosec, bug-bounty, hacking, money, bug-bounty-tips | 04-Feb-2025 |
Bug Bounty Hunting: Web Hacking Reconnaissance | https://medium.com/@muhammad4208/bug-bounty-hunting-web-hacking-reconnaissance-78ac0effbae7?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-program | 04-Feb-2025 |
How I Earned 50000 bounty(And how you can do it too) | https://medium.com/@thedevtaskofficial/how-i-earned-50000-united-miles-and-how-you-can-793a3b47142e?source=rss------bug_bounty-5 | thedevtask official | cybersecurity, vulnerability, ethical-hacking, bug-bounty, penetration-testing | 04-Feb-2025 |
The Rising Importance of Bug Bounty Programs in the Fight Against Cybercrime | https://medium.com/@moredevraj370/the-rising-importance-of-bug-bounty-programs-in-the-fight-against-cybercrime-266f3e03bc2a?source=rss------bug_bounty-5 | Devraj More | linux, cybersecurity-course, bug-bounty, ethical-hacking-course, ransomware | 04-Feb-2025 |
Bug Bounty Hunting: Web Vulnerabilities | https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerabilities-1e9b6a0d5ec3?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty, bug-bounty-hunter, bug-bounty-program, bug-bounty-tips | 04-Feb-2025 |
Mastering Burp Suite: The Ultimate Cyber Swiss Army Knife for Bug Bounties | https://myselfakash20.medium.com/mastering-burp-suite-the-ultimate-cyber-swiss-army-knife-for-bug-bounties-df1398bb037f?source=rss------bug_bounty-5 | Akash Ghosh | technology, bug-bounty-tips, bugbounty-writeup, bug-bounty, cybersecurity | 04-Feb-2025 |
XSS — Cross-site scripting (DOM-Based) | https://medium.com/@F4lc0n/xss-cross-site-scripting-dom-based-e7b83ab67a1e?source=rss------bug_bounty-5 | F4lc0n | hacking, pentest, dom-based-xss, bug-bounty, xss-vulnerability | 04-Feb-2025 |
Day[2/30] Bug Bounty for Beginners Full course | https://medium.com/@hrofficial62/day-2-30-bug-bounty-for-beginners-full-course-0a8de66836c0?source=rss------bug_bounty-5 | Mr Horbio | bug-bounty, tips, ethical-hacking, pentesting, cybersecurity | 04-Feb-2025 |
Find Details of Any Phone Number Using PhoneInfoga | https://aimasterprompt.medium.com/find-details-of-any-phone-number-using-phoneinfoga-8b200015a479?source=rss------bug_bounty-5 | aimaster | technology, investigation, cybersecurity, bug-bounty, infosec | 04-Feb-2025 |
The Silent Breach: A Story of Leaked Token and PII | https://medium.com/@bughunt.bochi/the-silent-breach-a-story-of-leaked-token-and-pii-4576658030e3?source=rss------bug_bounty-5 | Yash Nimbalkar | security, bug-bounty, bug-bounty-writeup, information-security, cybersecurity | 04-Feb-2025 |
Best Hackers Channels on Internet Worth Following! | https://medium.com/@doby4535/best-hackers-channels-on-internet-worth-following-a498f1caf697?source=rss------bug_bounty-5 | Dobysec | exploit, penetration-testing, bug-bounty, hacking, ethical-hacking | 04-Feb-2025 |
Russian Hackers Exploit Zero-Day Attacks Against Ukraine | https://medium.com/@wiretor/russian-hackers-exploit-zero-day-attacks-against-ukraine-c96042b7989e?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | money, bug-bounty, ai, hacker, russian | 04-Feb-2025 |
Exploring a New SQLi Vulnerability: A Ghauri Experience | https://medium.com/meetcyber/exploring-a-new-sqli-vulnerability-a-ghauri-experience-541c588dc00d?source=rss------bug_bounty-5 | Erkan Kavas | sql-injection, bug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity | 04-Feb-2025 |
From Rookie to Bounty: How a $400 IDOR Flaw on HackerOne Cracked Open My Cybersecurity Journey | https://medium.com/@Arsenelupin12/from-rookie-to-bounty-how-a-400-idor-flaw-on-hackerone-cracked-open-my-cybersecurity-journey-1566b8564ae4?source=rss------bug_bounty-5 | Wasted Resources | bug-bounty-tips, hacking, bug-bounty, hackthebox, cybersecurity | 04-Feb-2025 |
From alert(origin) to ATO, an XSS Story | https://medium.com/@remmy9/from-alert-origin-to-ato-an-xss-story-d6bd2684bdca?source=rss------bug_bounty-5 | Remmy | bug-bounty, xss-attack, cybersecurity | 04-Feb-2025 |
Live Love WAF — Skirt the firewalls or die trying | https://medium.com/@l_s_/live-love-waf-skirt-the-firewalls-or-die-trying-4120facb41c8?source=rss------bug_bounty-5 | LS | bug-bounty, hacking, javascript, bug-bounty-writeup, cybersecurity | 04-Feb-2025 |
The Ghost Email Heist — Stealing Accounts from the Future | https://medium.com/@shxsu1/the-ghost-email-heist-stealing-accounts-from-the-future-9fce3ae1c086?source=rss------bug_bounty-5 | shxsu1 | hacking, email, brute-force, account-takeover, bug-bounty | 04-Feb-2025 |
Understanding API Security with OpenAPI: A Security Engineer’s Perspective | https://medium.com/cyprox-io/understanding-api-security-with-openapi-a-security-engineers-perspective-b8083c457a8a?source=rss------bug_bounty-5 | Orhan YILDIRIM | bug-bounty, ai, web, cybersecurity, artificial-intelligence | 03-Feb-2025 |
Javascript to API Bugs | https://medium.com/cyprox-io/javascript-to-api-bugs-3b5a778e51b7?source=rss------bug_bounty-5 | Orhan YILDIRIM | api, vulnerability-scanning, bug-bounty, web-application-security, bug-bounty-tips | 03-Feb-2025 |
Google did an Oopsie: a simple IDOR worth $3,133.7 | https://infosecwriteups.com/google-did-an-oopsie-a-simple-idor-worth-3-133-7-2abefaef954d?source=rss------bug_bounty-5 | accalon | idor, hacking, bug-bounty | 03-Feb-2025 |
Blind SSRF with Out-of-Band Detection: Step-by-Step Exploitation & Prevention — SSRF Labs | https://bashoverflow.medium.com/blind-ssrf-with-out-of-band-detection-step-by-step-exploitation-prevention-ssrf-labs-d8a4d890184d?source=rss------bug_bounty-5 | Bash Overflow | portswigger-lab, ssrf, blind-ssrf, ssrf-exploitation, bug-bounty | 03-Feb-2025 |
Top 235 IDOR Bug Bounty Reports | https://aimasterprompt.medium.com/top-235-idor-bug-bounty-reports-e00c8061fe28?source=rss------bug_bounty-5 | aimaster | infosec, bug-bounty, vulnerability, hacking, idor | 03-Feb-2025 |
Manually Bypassing the Client-Side Validation leading to Command Injection | https://medium.com/@markanthonyagudo/manually-bypassing-the-client-side-validation-leading-to-command-injection-b0aa6ee531e4?source=rss------bug_bounty-5 | Angelo Agudo | cybersecurity, security, hacking, bug-bounty, hackthebox | 03-Feb-2025 |
When the Walls Aren’t as Secure as They Seem: My Instagram Discovery | https://medium.com/@nowshekhari/when-the-walls-arent-as-secure-as-they-seem-my-instagram-discovery-cf29a7f40741?source=rss------bug_bounty-5 | Abhishek Hari | meta, cybersecurity, bug-bounty, privacy, instagram | 03-Feb-2025 |
20 Comprehensive Browser Extensions You Can’t Miss as a Bug Bounty Hunter | https://osintteam.blog/20-comprehensive-browser-extensions-you-cant-miss-as-a-bug-bounty-hunter-e33042e59a6d?source=rss------bug_bounty-5 | Sacony Chukwu | bug-bounty-tips, penetration-testing, cybersecurity, hacking, bug-bounty | 03-Feb-2025 |
FFUF Mastery: The Ultimate Web Fuzzing Guide | https://osintteam.blog/ffuf-mastery-the-ultimate-web-fuzzing-guide-f7755c396b92?source=rss------bug_bounty-5 | coffinxp | technology, hacking, bug-bounty, bug-bounty-tips, cybersecurity | 03-Feb-2025 |
Finding a no-limit bug on the invite teammate page. | https://cybersecuritywriteups.com/finding-a-no-limit-bug-on-the-invite-teammate-page-c495f9f86781?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, cybersecurity, no-rate-limit, hacking, penetration-testing | 03-Feb-2025 |
Web Cache Poisoning: The Overlooked Attack with High Impact | https://medium.com/@HackerNasr/web-cache-poisoning-the-overlooked-attack-with-high-impact-4cede5c04f7b?source=rss------bug_bounty-5 | HackerNasr | bug-bounty, cybersecurity, penetration-testing, ethical-hacking, web-security | 03-Feb-2025 |
1 Click ATO on a public Bugcrowd Program | https://medium.com/@68abdelrahmanmohamed/1-click-ato-on-a-public-bugcrowd-program-94ef037d0d50?source=rss------bug_bounty-5 | Abdulrahman | bug-bounty | 03-Feb-2025 |
Solving the Basic Pentesting CTF | TryHackMe | https://medium.com/@heshammr.robot/solving-the-basic-pentesting-ctf-tryhackme-fceb90aa1fbe?source=rss------bug_bounty-5 | 0xData Ghost | hacking, tryhackme, penetration-testing, ctf, bug-bounty | 03-Feb-2025 |
Platforms and vulnerable web apps for practicing and learning web pen testing | https://medium.com/h7w/platforms-and-vulnerable-web-apps-for-practicing-and-learning-web-pen-testing-815a86ea5247?source=rss------bug_bounty-5 | loyalonlytoday | hacking, cybersecurity, tips, learning, bug-bounty | 03-Feb-2025 |
Best YouTube channels to learn bug hunting and penetration testing | https://osintteam.blog/best-youtube-channels-to-learn-bug-hunting-and-penetration-testing-350b1422bbe9?source=rss------bug_bounty-5 | loyalonlytoday | ethical-hacking, cybersecurity, bug-bounty, tips, hacking | 03-Feb-2025 |
how i found xss in lenovo asset? | https://doordiefordream.medium.com/how-i-found-xss-in-lenovo-asset-64cf5e58676a?source=rss------bug_bounty-5 | Bug hunter balu | technology, bug-bounty, cybersecurity, ethical-hacking, web3 | 03-Feb-2025 |
Top Hacking Gadgets for 2025 | https://medium.com/@verylazytech/top-hacking-gadgets-for-2025-174c5bd4f284?source=rss------bug_bounty-5 | Very Lazy Tech | hacking-gadgets, hacking, hak5, cybersecurity, bug-bounty | 03-Feb-2025 |
Mattermost Privilege Escalation — A Business Acceptable Risk? | https://medium.com/@duality084/mattermost-privilege-escalation-a-business-acceptable-risk-d83b91d4413e?source=rss------bug_bounty-5 | Matias Ramirez | bugbounty-writeup, bug-bounty-tips, mattermost, bug-bounty | 03-Feb-2025 |
Get Easy $$$ from Web Parameter Tampering | https://medium.com/readers-club/get-easy-from-web-parameter-tampering-df993b0136b1?source=rss------bug_bounty-5 | Abhijeet kumawat | ai, bug-bounty, hacking, infosec, money | 03-Feb-2025 |
⚡Critical XSS in DeepSeek AI | https://systemweakness.com/critical-xss-in-deepseek-ai-b57090985e97?source=rss------bug_bounty-5 | It4chis3c | xss-attack, ai, hacking, bug-bounty, deepseek | 03-Feb-2025 |
Find Primary Domains for Bug Bounty Using Censys Search: Complete Guide | https://medium.com/@hacker_might/find-primary-domains-for-bug-bounty-using-censys-search-complete-guide-a26ea5eea5c2?source=rss------bug_bounty-5 | hacker_might | bug-bounty, reconnaissance, primary-domain, recon, bug-bounty-tips | 03-Feb-2025 |
How Loose Regex Can Earn You a Bounty for an Open Redirect Filter Bypass Bug | https://medium.com/@halfcircassian/how-bad-regex-can-earn-you-a-bounty-for-an-open-redirect-filter-bypass-bug-6845a2b83f7c?source=rss------bug_bounty-5 | Sıla Özeren | bug-bounty-writeup, regex, bug-bounty-tips, open-redirect, bug-bounty | 03-Feb-2025 |
From Debug page to Database access | https://ro0od.medium.com/from-debug-page-to-database-access-e81ca8be1711?source=rss------bug_bounty-5 | rood | bug-bounty | 03-Feb-2025 |
Discovering and Reporting a Reflective XSS Vulnerability | https://medium.com/@debang5hu/discovering-and-reporting-a-reflective-xss-vulnerability-8c5e14206d17?source=rss------bug_bounty-5 | debang5hu | cross-site-scripting, blackbox-ai, cybersecurity, bug-bounty | 03-Feb-2025 |
Common Vulnerabilities Found in Bug Bounty Programs but Overlooked in Traditional Penetration… | https://medium.com/@hackrate/common-vulnerabilities-found-in-bug-bounty-programs-but-overlooked-in-traditional-penetration-10edc6a9ec1e?source=rss------bug_bounty-5 | Levente Molnar | bug-bounty, hacking, ethical-hacking, bug-bounty-tips, penetration-testing | 03-Feb-2025 |
Secator: A Powerful Security Workflow Automation Tool | https://osintteam.blog/secator-a-powerful-security-workflow-automation-tool-41995057c731?source=rss------bug_bounty-5 | Monika sharma | bug-bounty-tips, hacking, bug-bounty, technology, penetration-testing | 03-Feb-2025 |
Practical Guide to Finding SQL Injection (Real Case Study) | https://medium.com/@BugRey/practical-guide-to-finding-sql-injection-real-case-study-3625bdb9d8c3?source=rss------bug_bounty-5 | ./Rey~ | bug-bounty, bug-bounty-tips, web-security-testing, web-security, penetration-testing | 03-Feb-2025 |
Find Primary Domains for Bug Bounty Using Censys Search: Complete Guide | https://osintteam.blog/find-primary-domains-for-bug-bounty-using-censys-search-complete-guide-a26ea5eea5c2?source=rss------bug_bounty-5 | hacker_might | bug-bounty, reconnaissance, primary-domain, recon, bug-bounty-tips | 03-Feb-2025 |
Top 10 Bug Bounty Platforms to Earn Money Online | https://hackreveals.medium.com/top-10-bug-bounty-platforms-to-earn-money-online-fbea54cf7cbb?source=rss------bug_bounty-5 | Prakash Tiwari | bug-bounty, side-hustle, earn-money-online, make-money-online, bug-bounty-writeup | 02-Feb-2025 |
Automate Vulnerability Detection in Burp Suite with bChecks | https://medium.com/mr-plan-publication/automate-vulnerability-detection-in-burp-suite-with-bchecks-667b6e58a70c?source=rss------bug_bounty-5 | Monika sharma | pentesting, bug-bounty-tips, hacking, bug-bounty, technology | 02-Feb-2025 |
XSS on GeeksforGeeks | https://cybersecuritywriteups.com/xss-on-geeksforgeeks-2eafcbbf90b0?source=rss------bug_bounty-5 | AbhirupKonwar | pentesting, xss-attack, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 02-Feb-2025 |
Bug Bounty Hunting: How the Internet Works | https://medium.com/@muhammad4208/bug-bounty-hunting-how-the-internet-works-ca0327bf53c5?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty, bug-bounty-program, bug-bounty-tips, bug-bounty-hunter | 02-Feb-2025 |
Bug Bounty Hunting: Sustaining Your Success | https://medium.com/@muhammad4208/bug-bounty-hunting-sustaining-your-success-6b9e3880411b?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty, bug-bounty-tips, bug-bounty-program, bug-bounty-hunter | 02-Feb-2025 |
Introducing CMS Detector — A Powerful CMS Detection Tool! | https://mistry4592.medium.com/introducing-cms-detector-a-powerful-cms-detection-tool-8b7a2f1dcdc4?source=rss------bug_bounty-5 | Chirag-Mistry | python3, cms-detector, penetration-testing, bug-bounty, cybersecurity | 02-Feb-2025 |
Bug Bounty Hunting | https://medium.com/@muhammad4208/bug-bounty-hunting-ac9b732559b5?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-program | 02-Feb-2025 |
Day[1/30] Bug Bounty for Beginners Full course | https://medium.com/@hrofficial62/day-1-30-bug-bounty-for-beginners-full-course-e88e7425c92c?source=rss------bug_bounty-5 | Mr Horbio | hacking, pentesting, cybersecurity, bug-bounty, ethical-hacking | 02-Feb-2025 |
Hacking Routers & IoT Devices with Routersploit: A Detailed Cheat Sheet | https://medium.com/@verylazytech/hacking-routers-iot-devices-with-routersploit-a-detailed-cheat-sheet-470a54fd3621?source=rss------bug_bounty-5 | Very Lazy Tech | routersploit, penetration-testing, hacking-router, iot-security, bug-bounty | 02-Feb-2025 |
Unveiling the Power of Shodan: A Step-by-Step Technical Guide to Internet Reconnaissance | https://medium.com/@zoningxtr/unveiling-the-power-of-shodan-a-step-by-step-technical-guide-to-internet-reconnaissance-e61212b7407f?source=rss------bug_bounty-5 | Zoningxtr | python-programming, bug-bounty, penetration-testing, web-development, iot | 02-Feb-2025 |
100 DAYS OF JAVASCRIPT | https://medium.com/@KC100/100-days-of-javascript-09392b1797fc?source=rss------bug_bounty-5 | Keorapetse Malgas | bug-bounty, ethical-hacking, 100daysofcode, cybersecurity, javascript | 02-Feb-2025 |
2 Arrested in Crackdown on Nulled and Cracked Hacking Forums | https://medium.com/@wiretor/2-arrested-in-crackdown-on-nulled-and-cracked-hacking-forums-249ed458214a?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, money, cybersecurity, lafires, ai | 02-Feb-2025 |
Apple iPhone USB-C Security Breach | https://medium.com/@wiretor/apple-iphone-usb-c-security-breach-34011863045a?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, money, malware, ai, apple | 02-Feb-2025 |
Finding Exposed Sensitive API Keys in JS Files | https://infosecwriteups.com/finding-exposed-sensitive-api-keys-in-js-files-5c129fb1f2c7?source=rss------bug_bounty-5 | Spectat0rguy | cybersecurity, technology, programming, bug-bounty, bug-bounty-tips | 02-Feb-2025 |
DeepSeek’s Vulnerabilities and Challenges: A Critical Analysis | https://medium.com/@HexaGaurd/deepseeks-vulnerabilities-and-challenges-a-critical-analysis-7b350644626d?source=rss------bug_bounty-5 | HexaGaurd | ethical-hacking, penetration-testing, security, bug-bounty, cybersecurity | 02-Feb-2025 |
2025: The Year to Start PTaaS | https://medium.com/@hackrate/2025-the-year-to-start-ptaas-c180f83617dd?source=rss------bug_bounty-5 | Levente Molnar | bug-bounty, cybersecurity, hacking, ethical-hacking, penetration-testing | 02-Feb-2025 |
A $150 Bug in My Methodology! | https://medium.com/@jkooo12/a-150-bug-in-my-methodology-8a51cdac53d4?source=rss------bug_bounty-5 | jack markez | cybersecurity, hackerone, hacking, bug-bounty, writers-on-medium | 02-Feb-2025 |
Easy Peasy RXSS | https://medium.com/@dsmodi484/easy-peasy-rxss-2f4bb1ec1d38?source=rss------bug_bounty-5 | cryptoshant | cybersecurity, bug-bounty, xss-attack, sqlmap, hacking | 01-Feb-2025 |
Finding an easy bug to get an easy $$$ | https://osintteam.blog/finding-an-easy-bug-to-get-an-easy-14f2426ba933?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, tips, penetration-testing, cybersecurity, hacking | 01-Feb-2025 |
Google: HTML Injection Bug | https://medium.com/@kumawatabhijeet2002/google-html-injection-bug-14a50e12bb96?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, money, hacking, infosec, bug-bounty-tips | 01-Feb-2025 |
The Art of Doing Source Code Review | https://green-terminals.medium.com/the-art-of-doing-source-code-review-c98ae0e35f84?source=rss------bug_bounty-5 | Aditya Rana | cybersecurity, ai, source-code-review, programming, bug-bounty | 01-Feb-2025 |
Dangerous Commands You Shouldn’t Execute in Linux | https://bitpanic.medium.com/dangerous-commands-you-shouldnt-execute-in-linux-fce596a45a8c?source=rss------bug_bounty-5 | Spectat0rguy | bug-bounty-tips, cybersecurity, programming, technology, bug-bounty | 01-Feb-2025 |
How to Create Advanced Custom Wordlist? Dive into Recon Part 4 | https://systemweakness.com/how-to-create-advanced-custom-wordlist-dive-into-recon-part-4-78c2d218a35a?source=rss------bug_bounty-5 | It4chis3c | subdomain-enumeration, secrets, custom-wordlist, bug-bounty, wordlist | 01-Feb-2025 |
How I Earned a $500 Bounty by Exploiting a Hidden Vulnerability (Without Even Trying) | https://medium.com/@thedevtaskofficial/how-i-earned-a-500-bounty-by-exploiting-a-hidden-vulnerability-without-even-trying-d22229d4d8bd?source=rss------bug_bounty-5 | thedevtask official | bug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking, bugs | 01-Feb-2025 |
Most Overlooked & Easiest Vulnerability - Part 2 | https://progprnv.medium.com/most-overlooked-easiest-vulnerability-ever-existed-550f1e2dc912?source=rss------bug_bounty-5 | progprnv | bug-bounty-writeup, bug-bounty-tips, bug-bounty, bug-bounty-program, cybersecurity | 01-Feb-2025 |
How to hack cameras easily and quickly | https://medium.com/@CTRL2030/how-to-hack-cameras-easily-and-quickly-babde709a9b8?source=rss------bug_bounty-5 | CTRL | cybersecurity, hacking, bug-bounty, penetration-testing, iot | 01-Feb-2025 |
WEB REQUEST — CRUD API | https://medium.com/@markanthonyagudo/web-request-crud-api-962284ea5e2b?source=rss------bug_bounty-5 | Angelo Agudo | cybersecurity, bug-bounty, penetration-tester, webrequest, web-security | 01-Feb-2025 |
How I Earned a $500 Bounty by Exploiting a Hidden Vulnerability (Without Even Trying) | https://medium.com/@thedevtaskofficial/how-i-earned-a-500-bounty-by-exploiting-a-hidden-vulnerability-without-even-trying-d22229d4d8bd?source=rss------bug_bounty-5 | thedevtask official | bug-bounty, vulnerability, penetration-testing, ethical-hacking, cybersecurity | 01-Feb-2025 |
Unauthorized Data Upload in Alibaba Cloud Object Storage Service | https://medium.com/@muhammadwaseem29/unauthorized-data-upload-in-alibaba-cloud-object-storage-service-cefa6abcef7f?source=rss------bug_bounty-5 | Muhammad Waseem | bug-bounty-tips, infosec, bug-bounty, cybersecurity, hacking | 01-Feb-2025 |
Collection of Wordlists for Bug Bounty Hunters | https://aimasterprompt.medium.com/collection-of-wordlists-for-bug-bounty-hunters-a07c0dee92ff?source=rss------bug_bounty-5 | aimaster | cybersecurity, bug-bounty-tips, bug-bounty, technology, infosec | 01-Feb-2025 |
Top Forensic Tools Every Investigator Should Know About | The Complete Guide to Essential Tools and… | https://mhmmuneef.medium.com/top-forensic-tools-every-investigator-should-know-about-the-complete-guide-to-essential-tools-and-b32081321cf9?source=rss------bug_bounty-5 | Mohammed Muneef | forensics, hacking, technology, bug-bounty, cybersecurity | 01-Feb-2025 |
️Nmap Command that Bug Hunters use often️ | https://medium.com/@shaheeryasirx1/%EF%B8%8Fnmap-command-that-bug-hunters-use-often-%EF%B8%8F-6bc599576641?source=rss------bug_bounty-5 | Shaheer Yasir | bug-bounty, offensive-security, hacking, cybersecurity, nmap | 01-Feb-2025 |
Basics In Reverse Engineering (RE) | https://medium.com/@lukwagoasuman236/basics-in-reverse-engineering-re-0591c96b5c1e?source=rss------bug_bounty-5 | lukewago | malware-analysis, reverse-engineering, bug-bounty, programming-languages, cybersecurity | 01-Feb-2025 |
Top Alternatives to Burp Collaborator: Using Interactsh for SSRF Detection and Bug Bounty Hunting | https://medium.com/@hacker_might/top-alternatives-to-burp-collaborator-using-interactsh-for-ssrf-detection-and-bug-bounty-hunting-099a1e156dfc?source=rss------bug_bounty-5 | hacker_might | reconnaissance, discovery-projects, ssrf, ssrf-detection, bug-bounty | 01-Feb-2025 |
1000$ Bounty: OAuth Bypass | https://cybersecuritywriteups.com/1000-bounty-oauth-bypass-97c3658729c0?source=rss------bug_bounty-5 | Abhijeet kumawat | money, hacking, bug-bounty, infosec, bug-bounty-tips | 01-Feb-2025 |
PS 5 pin bypass | https://medium.com/@momo334678/ps-5-pin-bypass-457c41aca93b?source=rss------bug_bounty-5 | coderMohammed | programming, bug-bounty, playstation, automation, hacking | 01-Feb-2025 |
Easy P3 Bug | LDAP Null Bind leads to extract sensitive credentials | https://medium.com/meetcyber/easy-p3-bug-ldap-null-bind-leads-to-extract-sensitive-credentials-0d06b8d58d99?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty, vulnerability, bug-bounty-tips, pentesting, bug-bounty-writeup | 01-Feb-2025 |
picoCTF Web Exploitation: IntroToBurp | https://medium.com/@Kamal_S/picoctf-web-exploitation-introtoburp-a2b50bf8e985?source=rss------bug_bounty-5 | Kamal S | owasp, bug-bounty, burpsuite, picoctf, intro-to-burp | 01-Feb-2025 |
Mock Test Capen: How We Cracked It | https://medium.com/@aleens09/mock-test-capen-how-we-cracked-it-f735df5a6a2c?source=rss------bug_bounty-5 | Aleens | cybersecurity, capture-the-flag, bug-bounty, hacking, ctf-writeup | 01-Feb-2025 |
Connect Burp suite to your Browser. | https://medium.com/@aravindhyox/connect-burp-suite-to-your-browser-f819fada96a5?source=rss------bug_bounty-5 | Aravindh Yox | burpsuite, bug-bounty, browsers, hacking | 01-Feb-2025 |
My Bug Hunting Methodology Approach to Finding Bugs Easily | https://medium.com/@mahdisalhi0500/my-bug-hunting-methodology-approach-to-finding-bugs-easily-30082f35b455?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | bug-bounty-tips, hacking, bug-bounty, information-security, penetration-testing | 01-Feb-2025 |
Understanding MITRE ATT&CK Groups: A Technical Analysis | https://medium.com/@paritoshblogs/understanding-mitre-att-ck-groups-a-technical-analysis-e35773a46cd5?source=rss------bug_bounty-5 | Paritosh | hacking, cybersecurity, information-technology, mitre-attack, bug-bounty | 01-Feb-2025 |
Texas Governor Orders Ban on DeepSeek, RedNote for Government Devices | https://medium.com/@wiretor/texas-governor-orders-ban-on-deepseek-rednote-for-government-devices-45faa723107e?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, hacking, ai, deepseek, bug-bounty | 01-Feb-2025 |
Hackers Exploit Gemini AI to Enhance Cyberattacks | https://medium.com/@wiretor/hackers-exploit-gemini-ai-to-enhance-cyberattacks-45f360de9de5?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | money, ai, bug-bounty, google, hacking | 01-Feb-2025 |
Top Alternatives to Burp Collaborator: Using Interactsh for SSRF Detection and Bug Bounty Hunting | https://osintteam.blog/top-alternatives-to-burp-collaborator-using-interactsh-for-ssrf-detection-and-bug-bounty-hunting-099a1e156dfc?source=rss------bug_bounty-5 | hacker_might | reconnaissance, discovery-projects, ssrf, ssrf-detection, bug-bounty | 01-Feb-2025 |
$150 Bug Bounty No Rate Limit 🙂 | https://cyberritzzz.medium.com/150-bug-bounty-no-rate-limit-b77cc6fa7708?source=rss------bug_bounty-5 | Cyb3rR1tzzz | cybersecurity, bug-bounty, hackerone | 01-Feb-2025 |
AI & Digital Tools for Neurodiverse Bug Bounty Hunters — A Beginner’s Guide | https://medium.com/@neurodiversehackers/ai-digital-tools-for-neurodiverse-bug-bounty-hunters-a-beginners-guide-b1d24fdc7bbb?source=rss------bug_bounty-5 | NeurodiverseHackers | cybersecurity, cyber-security-awareness, organization, neurodiversity, bug-bounty | 01-Feb-2025 |
OoHow to get a Job in the Cybersecurity field [With my experience] | https://medium.com/@hrofficial62/oohow-to-get-a-job-in-the-cybersecurity-field-with-my-experience-84b34ad95641?source=rss------bug_bounty-5 | Mr Horbio | pentesting, bug-bounty, bugbounty-writeup, ethical-hacking, cybersecurity | 31-Jan-2025 |
How I used shodan to discover 3 easy bugs on VDP program? | https://medium.com/@hamdiyasin135/how-i-used-shodan-to-discover-3-easy-bugs-on-vdp-program-1ddd8b291320?source=rss------bug_bounty-5 | yassin hamdi | hacking, hacker, recon, information-security, bug-bounty | 31-Jan-2025 |
Fuzzuli: A Powerful Content Discovery Tool for Bug Bounty Hunters | https://medium.com/@commanak46/fuzzuli-a-powerful-content-discovery-tool-for-bug-bounty-hunters-f33b67dd4410?source=rss------bug_bounty-5 | Monika sharma | bug-bounty-tool, technology, bug-bounty-tips, bug-bounty, pentesting | 31-Jan-2025 |
Secret Dork Hunting Methodology (Part1) | https://systemweakness.com/secret-dork-hunting-methodology-part1-6f06b5c47931?source=rss------bug_bounty-5 | AbhirupKonwar | penetration-testing, pentesting, bug-bounty, ethical-hacking, bug-bounty-tips | 31-Jan-2025 |
AI Security: Challenges and Practical Solutions | https://medium.com/@paritoshblogs/ai-security-challenges-and-practical-solutions-8a78a348fe1d?source=rss------bug_bounty-5 | Paritosh | security, hacking, bug-bounty, ai, cybersecurity | 31-Jan-2025 |
Zero Trust Security: Why It’s the Future of Cyber Protection in 2025 | https://medium.com/@adibostoninstitute123/zero-trust-security-why-its-the-future-of-cyber-protection-in-2025-86b5f0e42fa4?source=rss------bug_bounty-5 | Aditya Tripathi | ethical-hacking, bug-bounty, cybersecurity, cybersecurity-course, security | 31-Jan-2025 |
Finding an Easy Bug | https://cybersecuritywriteups.com/finding-an-easy-bug-a326dca448ed?source=rss------bug_bounty-5 | loyalonlytoday | tips, cybersecurity, bug-bounty, hacking, bugs | 31-Jan-2025 |
Start Web3 Bug Bounty and earn upto $1M | https://medium.com/@anandrishav2228/start-web3-bug-bounty-and-earn-upto-1m-e212f9468b88?source=rss------bug_bounty-5 | Rishav anand | bug-bounty, web3, money, cybersecurity, hacking | 31-Jan-2025 |
XSS + ARP Poisoning results in full account takeover | https://medium.com/@amir_kazi3/xss-arp-poisoning-results-in-full-account-takeover-f3f2be2ff843?source=rss------bug_bounty-5 | Amirali Kazerooni | cybersecurity, xss-attack, pentesting, networking, bug-bounty | 31-Jan-2025 |
How I Found Dom-XSS on My Collage Website !!! | https://medium.com/@jainilborisagar123/how-i-found-dom-xss-on-my-collage-website-572453ed1227?source=rss------bug_bounty-5 | Jainil Borisagar | bug-bounty, college, xss-attack, cybersecurity, xss-vulnerability | 31-Jan-2025 |
Dorks For Sensitive Information Disclosure | https://medium.com/@devanshpatel930/dorks-for-sensitive-information-disclosure-31fb90ad6f21?source=rss------bug_bounty-5 | Devanshpatel | bug-bounty, information-disclosure, bug-bounty-tips, bug-bounty-writeup, cybersecurity | 31-Jan-2025 |
Admin Panel Exploit Leaks 1 Million User Records on Logitech | https://medium.com/@zerodaystories/admin-panel-exploit-leaks-1-million-user-records-on-logitech-3c0b20189d30?source=rss------bug_bounty-5 | 0day stories | bug-bounty-tips, penetration-testing, bug-bounty, cybersecurity, bug-bounty-writeup | 31-Jan-2025 |
SaaS platform for Subdomain Enumeration Tool for Bug Hunters and Pentesters | https://aimasterprompt.medium.com/saas-platform-for-subdomain-enumeration-tool-for-bug-hunters-and-pentesters-cf20d4b8ff18?source=rss------bug_bounty-5 | aimaster | technology, bug-bounty-writeup, saas, cybersecurity, bug-bounty | 31-Jan-2025 |
Admin Panel Exploit Leaks 1 Million User Records on Logitech | https://osintteam.blog/admin-panel-exploit-leaks-1-million-user-records-on-logitech-3c0b20189d30?source=rss------bug_bounty-5 | 0day stories | bug-bounty-tips, penetration-testing, bug-bounty, cybersecurity, bug-bounty-writeup | 31-Jan-2025 |
Web Cache Deception Attack: How Hackers Trick Your Cache | https://medium.com/@nikith_g_karkera/web-cache-deception-attack-how-hackers-trick-your-cache-e71fd64b5e23?source=rss------bug_bounty-5 | zer0_bugs | pentesting, hacking, web-cache-deception, ethical-hacking, bug-bounty | 31-Jan-2025 |
Title:The Silent Takeover: How a Tiny Oversight Led to a Major Security Risk | https://medium.com/@thedevtaskofficial/title-the-silent-takeover-how-a-tiny-oversight-led-to-a-major-security-risk-1d051030d6e8?source=rss------bug_bounty-5 | thedevtask official | hacking, hacker, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 31-Jan-2025 |
Account Takeover via Cookie Attribute Manipulation — A Unique Method | https://medium.com/@pauldipesh29/account-takeover-via-cookie-attribute-manipulation-a-unique-method-ea66a78cdb06?source=rss------bug_bounty-5 | Dipesh Paul | owasp, hacking, ethical-hacking, bug-bounty, penetration-testing | 31-Jan-2025 |
Globe Life Data Breach May Impact an Additional 850,000 Clients | https://medium.com/@wiretor/globe-life-data-breach-may-impact-an-additional-850-000-clients-822a0d4084c1?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ai, bug-bounty, globe, trump, money | 31-Jan-2025 |
Mizuno USA Data Breach: Hackers Had Access for Two Months | https://medium.com/@wiretor/mizuno-usa-data-breach-hackers-had-access-for-two-months-ed0ae492ada5?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | mizuno, bug-bounty, money, ai, trump | 31-Jan-2025 |
Google Blocks 2.36 Million Risky Android Apps from Play Store in 2024 | https://medium.com/@wiretor/google-blocks-2-36-million-risky-android-apps-from-play-store-in-2024-8ae68808d046?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ai, bug-bounty, trump, google, money | 31-Jan-2025 |
$100 Easy Bounty p4 bug 🙂 | https://cyberritzzz.medium.com/100-easy-bounty-p4-bug-083943865238?source=rss------bug_bounty-5 | Cyb3rR1tzzz | writers-on-medium, hacking, bug-bounty, bugs, hackerone | 31-Jan-2025 |
Bug Bounty Recon Guide — Part: 1 | https://aimasterprompt.medium.com/bug-bounty-recon-guide-part-1-0927e7df82ef?source=rss------bug_bounty-5 | aimaster | cybersecurity, bug-bounty, bug-bounty-tips, infosec, technology | 30-Jan-2025 |
From the Dark Web to Ethical Hacking: The Journey of Monsif Hmouri in Cybersecurity | https://monsifhmouri.medium.com/from-the-dark-web-to-ethical-hacking-the-journey-of-monsif-hmouri-in-cybersecurity-db0f5056b044?source=rss------bug_bounty-5 | MONSIF HMOURI | anonymous, hacker, ethical-hacking, hacking, bug-bounty | 30-Jan-2025 |
Web Cache Deception: Understanding and Mitigating Security Risks | https://0xkratos.medium.com/web-cache-deception-understanding-and-mitigating-security-risks-c35b79963a49?source=rss------bug_bounty-5 | Amal PK | web-security, bug-bounty, cybersecuirty, hacking, technology | 30-Jan-2025 |
️♂️ Mastering Recon in Bug Bounty: Tools, Techniques, and a Step-by-Step Guide | https://medium.com/@zoningxtr/%EF%B8%8F-%EF%B8%8F-mastering-recon-in-bug-bounty-tools-techniques-and-a-step-by-step-guide-d27345269a5e?source=rss------bug_bounty-5 | Zoningxtr | cybersecurity, penetration-testing, web3, api, bug-bounty | 30-Jan-2025 |
AppSec Logic Master on OpenBugBounty | https://medium.com/mr-plan-publication/appsec-logic-master-on-openbugbounty-5fe67f4cd07a?source=rss------bug_bounty-5 | AbhirupKonwar | technology, pentesting, cybersecurity, bug-bounty, ethical-hacking | 30-Jan-2025 |
Earnings in 2025 | https://medium.com/@workwithsane/earnings-in-2025-1f7f344cd07d?source=rss------bug_bounty-5 | Sane | earning-money-online, making-money, earning-money, bug-bounty, earnings | 30-Jan-2025 |
Most Overlooked & Easiest P4 Vulnerability | https://progprnv.medium.com/most-overlooked-easiest-p4-vulnerability-d3a89cb10497?source=rss------bug_bounty-5 | progprnv | bug-bounty-writeup, hacking, bug-bounty-tips, cybersecurity, bug-bounty | 30-Jan-2025 |
Ridiculously Wrong Time to Get Into Bug Bounty | https://medium.com/@thedevtaskofficial/ridiculously-wrong-time-to-get-into-bug-bounty-364e066d6017?source=rss------bug_bounty-5 | thedevtask | hacking, bugcrowd, cybersecurity, hackerone, bug-bounty | 30-Jan-2025 |
Campaign: Report a Bug & Earn GUIDE Tokens | https://bmy-guide.medium.com/campaign-report-a-bug-earn-guide-tokens-0b1d6b5613a2?source=rss------bug_bounty-5 | bmy.guide | rewards, bmy-guide, bug-bounty, report, crypto | 30-Jan-2025 |
Ultimate Nuclei Templates: Private Collection for Quick Bounties | https://medium.com/meetcyber/my-private-nuclei-template-collection-for-easy-bounties-ba704073d065?source=rss------bug_bounty-5 | coffinxp | bug-bounty, technology, bug-bounty-tips, hacking, cybersecurity | 30-Jan-2025 |
3 Must-Read Bug Bounty Books to Level Up Your Skills! | https://medium.com/@kumawatabhijeet2002/3-must-read-bug-bounty-books-to-level-up-your-skills-2a1c3bc2b72f?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty-tips, money, bug-bounty, hacking, books | 30-Jan-2025 |
How I Hacked the Dutch Government and Got a Lousy T-Shirt | https://medium.com/@cyberhrsh/how-i-hacked-the-dutch-government-and-got-a-lousy-t-shirt-bb0f5716bbe1?source=rss------bug_bounty-5 | Harsh kothari | dutch, swag, hacking, dutch-government, bug-bounty | 30-Jan-2025 |
Exploring the World of Offensive Linux Security: A Deep Dive into Cyber Warfare Tools | https://medium.com/@thecyberghost/exploring-the-world-of-offensive-linux-security-a-deep-dive-into-cyber-warfare-tools-35785e82a36d?source=rss------bug_bounty-5 | The Cyber Ghost | offensive-security, cybersecurity, bug-bounty, cyber-security-awareness | 30-Jan-2025 |
Advanced GitHub Dorking: More Secrets, More Automation, More Bounties! | https://myselfakash20.medium.com/advanced-github-dorking-more-secrets-more-automation-more-bounties-f39dd553b1c2?source=rss------bug_bounty-5 | Akash Ghosh | cybersecurity, bug-bounty, technology, bugbounty-writeup, bug-bounty-tips | 30-Jan-2025 |
# API Penetration Testing: Basics and Roadmap for Aspiring Security Professionals | https://medium.com/@hack8655793/api-penetration-testing-basics-and-roadmap-for-aspiring-security-professionals-4b957e6f85ac?source=rss------bug_bounty-5 | CrackBugbounthunter | testing-tools, bug-bounty, api-pentesting | 30-Jan-2025 |
New Syncjacking Attack Hijacks Devices Using Chrome Extensions | https://medium.com/@wiretor/new-syncjacking-attack-hijacks-devices-using-chrome-extensions-8d3afc416e3d?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, hacking, bug-bounty, money, ai | 30-Jan-2025 |
Ransomware Attack Disrupts New York Blood Donation Giant | https://medium.com/@wiretor/ransomware-attack-disrupts-new-york-blood-donation-giant-a0f51c787fc6?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | money, trump, blood, bug-bounty, ai | 30-Jan-2025 |
Police Seizes Cracked and Nulled Hacking Forum Servers, Arrests Suspects | https://medium.com/@wiretor/police-seizes-cracked-and-nulled-hacking-forum-servers-arrests-suspects-6f837dfec1b0?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | police, ai, money, servers, bug-bounty | 30-Jan-2025 |
How I Bagged $300 for a Sneaky yet Simple Bug | https://medium.com/@thedevtaskofficial/how-i-bagged-300-for-a-sneaky-yet-simple-bug-f21a8a02b6e1?source=rss------bug_bounty-5 | thedevtask | money, hacking, bounty-program, money-making-ideas, bug-bounty | 30-Jan-2025 |
If Pentest-as-a-Service Is So Effective, Why Don’t Most Companies Adopt It? | https://medium.com/@hackrate/if-pentest-as-a-service-is-so-effective-why-dont-most-companies-adopt-it-8b5c66ce679c?source=rss------bug_bounty-5 | Levente Molnar | ethical-hacking, cybersecurity, hacking, penetration-testing, bug-bounty | 30-Jan-2025 |
How I Earned $200 Using GitHub Dorking P=2:Advanced GitHub Dorking: More Secrets, More Automation… | https://myselfakash20.medium.com/advanced-github-dorking-more-secrets-more-automation-more-bounties-f39dd553b1c2?source=rss------bug_bounty-5 | Akash Ghosh | cybersecurity, bug-bounty, technology, bugbounty-writeup, bug-bounty-tips | 30-Jan-2025 |
Bug Bounty Hunt : Playbook | https://santhosh-adiga-u.medium.com/bug-bounty-hunt-playbook-418866d82e84?source=rss------bug_bounty-5 | Santhosh Adiga U | hacking-tools, owasp-top-10, ethical-hacking, penetration-testing, bug-bounty | 30-Jan-2025 |
Google Dorking for Bug Bounty Hunters: Beginner’s Edition | https://medium.com/@ajudeb55/google-dorking-for-bug-bounty-hunters-beginners-edition-969ecf7ccd63?source=rss------bug_bounty-5 | Aju Deb | hacking, technology, google, bug-bounty, programming | 30-Jan-2025 |
Bug Hunting Recon: Finding acquisitions of target | https://medium.com/@ethicalhackerhuzaifa/bug-hunting-recon-finding-acquisitions-of-target-de4ec6a252a9?source=rss------bug_bounty-5 | Huzaifa Shaikh | recon, penetration-testing, bug-bounty-writeup, hacking, bug-bounty | 30-Jan-2025 |
Step-by-Step Guide to Solving HTB’s XSS Module: Section-by-Section Flag Solutions | https://medium.com/@Arsenelupin12/step-by-step-guide-to-solving-htbs-xss-module-section-by-section-flag-solutions-bc07e0cb9928?source=rss------bug_bounty-5 | Wasted Resources | hacking, bug-bounty, cybersecurity, xss-attack, htb | 30-Jan-2025 |
Sensitive Information Disclosure in 5 minutes | https://medium.com/@mhaziqulkhair/sensitive-information-disclosure-in-5-minutes-0de7ce868069?source=rss------bug_bounty-5 | Muhammad Haziqul Khair | sensitive-data-exposure, web-pentesting, reconnaissance, cybersecurity, bug-bounty | 29-Jan-2025 |
Start Bug Bounty and earn $$$: Top Write-Ups, POCs & Tutorials | https://cybersecuritywriteups.com/start-bug-bounty-and-earn-top-write-ups-pocs-tutorials-739b8a8456ab?source=rss------bug_bounty-5 | Abhijeet kumawat | hacking, infosec, bounty-program, money, bug-bounty | 29-Jan-2025 |
Discovering a Critical Vulnerability in Deepseek’s Password Reset Functionality leads to Zero Click… | https://medium.com/@teamtea.ye/discovering-a-critical-vulnerability-in-deepseeks-password-reset-functionality-leads-to-zero-click-96c597fe852c?source=rss------bug_bounty-5 | Teamtea | penetration-testing, account-takeover, deepseek-v3, deepseek, bug-bounty | 29-Jan-2025 |
Uncovering SQL Injection Vulnerabilities through JavaScript File Analysis | https://medium.com/@muhammad-/uncovering-sql-injection-vulnerabilities-through-javascript-file-analysis-d07e430ef862?source=rss------bug_bounty-5 | Mohammad | reconnaissance, security, sql-injection, bug-bounty, web-hacking | 29-Jan-2025 |
A case study of vulnerabilities in US government systems | https://research.ifcr.dk/a-case-study-of-vulnerabilities-in-us-government-systems-a82e9afbf6c2?source=rss------bug_bounty-5 | Martin Thirup Christensen | bug-bounty | 29-Jan-2025 |
Uncovering Deepseek AI’s Hidden Flaw: A Dive Into Its Response Filtering System | https://1-day.medium.com/uncovering-deepseek-ais-hidden-flaw-a-dive-into-its-response-filtering-system-96203b727192?source=rss------bug_bounty-5 | 1day | ai, deepseek, bug-bounty, deepseek-ai, deepseek-v3 | 29-Jan-2025 |
2025: The Year to Start a Bug Bounty Program | https://medium.com/@hackrate/2025-the-year-to-start-a-bug-bounty-program-6fa1b96f2013?source=rss------bug_bounty-5 | Levente Molnar | bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, hacking | 29-Jan-2025 |
Top 8 Bug Bounty Books for 2025: Must-Reads for Ethical Hackers | https://medium.com/@verylazytech/top-8-bug-bounty-books-for-2025-must-reads-for-ethical-hackers-9c73d457c0f9?source=rss------bug_bounty-5 | Very Lazy Tech | cybersecurity, exploit, ethical-hacking, bug-bounty, hacking | 29-Jan-2025 |
How to Find More Subdomains for Bug Bounties? Dive into Recon part 3 | https://it4chis3c.medium.com/how-to-find-more-subdomains-for-bug-bounties-dive-into-recon-part-3-c9825eac2d68?source=rss------bug_bounty-5 | It4chis3c | subdomain, subdomains-enumeration, assets, bug-bounty-tips, bug-bounty | 29-Jan-2025 |
Hackers exploiting flaws in SimpleHelp RMM to breach networks | https://medium.com/@wiretor/hackers-exploiting-flaws-in-simplehelp-rmm-to-breach-networks-d923ec39b353?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ai, hacking, bug-bounty, malware, hacker | 29-Jan-2025 |
Garmin GPS Watches Crash and Enter Reboot Loop, Users Frustrated | https://medium.com/@wiretor/garmin-gps-watches-crash-and-enter-reboot-loop-users-frustrated-d1b60092a1bb?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, ai, hacker, garmin, bug-bounty | 29-Jan-2025 |
Incident Response & Forensics: Log Analysis, Timeline Creation, and Root Cause Analysis | https://medium.com/@paritoshblogs/incident-response-forensics-log-analysis-timeline-creation-and-root-cause-analysis-95085ab1fc49?source=rss------bug_bounty-5 | Paritosh | incident-response, cybersecurity, hacking, bug-bounty, forensics | 29-Jan-2025 |
The $500 Vulnerability: How Censys Search Led Me to a Quick Bug Bounty | https://medium.com/@hacker_might/the-500-vulnerability-how-censys-search-led-me-to-a-quick-bug-bounty-afabeec7a176?source=rss------bug_bounty-5 | hacker_might | bug-bounty, reconnaissance, censys, recon, bounty-program | 29-Jan-2025 |
Easiest $225 Ever: A Simple SQL Injection Win! | https://medium.com/@whoadnan01/easiest-225-ever-a-simple-sql-injection-win-f40c0a6b8e45?source=rss------bug_bounty-5 | WhoAdnan | security, bug-bounty-tips, bug-hunting, bug-bounty-writeup, bug-bounty | 29-Jan-2025 |
Race Condition Attacks: Exploiting Tiny Gaps in Business Logic | https://medium.com/@HackerNasr/race-condition-attacks-exploiting-tiny-gaps-in-business-logic-c2589b9ac2e7?source=rss------bug_bounty-5 | HackerNasr | infosec, ethical-hacking, penetration-testing, bug-bounty, cybersecurity | 29-Jan-2025 |
How to Find More Subdomains for Bug Bounties? Dive into Recon part 3 | https://systemweakness.com/how-to-find-more-subdomains-for-bug-bounties-dive-into-recon-part-3-c9825eac2d68?source=rss------bug_bounty-5 | It4chis3c | subdomain, subdomains-enumeration, assets, bug-bounty-tips, bug-bounty | 29-Jan-2025 |
Start your CTF journey now.(101) | https://medium.com/@anandrishav2228/start-your-ctf-journey-now-101-fa68ed995bca?source=rss------bug_bounty-5 | Rishav anand | ctf, hacking, bug-bounty, money, cybersecurity | 28-Jan-2025 |
My Journey to Finding a Bug and Earning an Appreciation Letter | https://medium.com/@sachinkewat809/my-journey-to-finding-a-bug-and-earning-an-appreciation-letter-88cac7109e0e?source=rss------bug_bounty-5 | Sachin kewat | cybersecurity, hacking, oscp, vulnerability, bug-bounty | 28-Jan-2025 |
Rank Top 66 + 214 Rep on HackerOne | https://medium.com/meetcyber/rank-top-66-214-rep-on-hackerone-c260d244ae61?source=rss------bug_bounty-5 | AbhirupKonwar | cybersecurity, bug-bounty, hackerone, penetration-testing, ethical-hacking | 28-Jan-2025 |
Feeding Nuclei! | https://clarkvoss.medium.com/feeding-nuclei-06192a30de1c?source=rss------bug_bounty-5 | Clark Voss | bug-bounty, hacking-tools, hacking, security, cybersecurity | 28-Jan-2025 |
Opengrep : A Hype and Marketing Gimmick, let’s rename it to Privategrep. | https://rohitcoder.medium.com/opengrep-a-hype-and-marketing-gimmick-lets-rename-it-to-privategrep-61225dbf9090?source=rss------bug_bounty-5 | Rohit kumar | infosec, bug-bounty, hacking, semgrep, cybersecurity | 28-Jan-2025 |
20 Comprehensive Browser Extensions You Can’t Miss as a Bug Bounty Hunter | https://cybersecuritywriteups.com/20-comprehensive-browser-extensions-you-cant-miss-as-a-bug-bounty-hunter-e85b7d7c4234?source=rss------bug_bounty-5 | Sacony Chukwu | bug-bounty-tips, penetration-testing, hacking, bug-bounty, cybersecurity | 28-Jan-2025 |
️♂️Ultimate Guide to Finding Bugs in APIs: From Recon to Bounty | https://medium.com/@zoningxtr/ultimate-guide-to-finding-bugs-in-apis-from-recon-to-bounty-f0cc3487780b?source=rss------bug_bounty-5 | Zoningxtr | api, bug-bounty, bug-bounty-tips, cybersecurity, bug-bounty-writeup | 28-Jan-2025 |
Secondary Context Leads To Company Takeover. | https://medium.com/@Berserker1337/secondary-context-leads-to-company-takeover-0dc88ca751ea?source=rss------bug_bounty-5 | Berserker | cybersecurity, web-security, vulnerability, infosec, bug-bounty | 28-Jan-2025 |
Introduction to WhiteBox Testing | https://medium.com/@huyvo2910/introduction-to-whitebox-testing-ae4316269915?source=rss------bug_bounty-5 | Huy Vo | white-box-testing, bug-bounty, web-application-security, cybersecurity, penetration-testing | 28-Jan-2025 |
Web Proxyler ve Burp Suite | https://medium.com/@onalahmet2631/web-proxyler-ve-burp-suite-c2fffb373da5?source=rss------bug_bounty-5 | Ahmet Önal | penetration-testing, pentesting, red-team, cybersecurity, bug-bounty | 28-Jan-2025 |
How to Exploit Reflected XSS and Bypass Cloudflare Using Waybackurls — A Bug Hunter’s Guide | https://hackersatty.medium.com/how-to-exploit-reflected-xss-and-bypass-cloudflare-using-waybackurls-a-bug-hunters-guide-3aef1ffb80ee?source=rss------bug_bounty-5 | hackersatty | bug-bounty, bug-bounty-writeup, xss-attack, bypass-cloudflare, penetration-testing | 28-Jan-2025 |
Why Companies Are Hesitant About Bug Bounty Programs | https://medium.com/@hackrate/why-companies-are-hesitant-about-bug-bounty-programs-a5dcdea30f5c?source=rss------bug_bounty-5 | Levente Molnar | bug-bounty-tips, hacking, cybersecurity, bug-bounty, ethical-hacking | 28-Jan-2025 |
How I Found a Ticket Booking Bug That Allowed Me to Travel Almost for Free in TNSTC | https://infosecwriteups.com/how-i-found-a-ticket-booking-bug-that-allowed-me-to-travel-almost-for-free-in-tnstc-2c7aa23aebf6?source=rss------bug_bounty-5 | Karthikeyan.V | bug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup, infosec | 28-Jan-2025 |
CRLF Injection: A Critical Web Application Vulnerability | https://0xkratos.medium.com/understanding-crlf-injection-and-its-exploitation-b8271d14452a?source=rss------bug_bounty-5 | Amal PK | cybersecurity, vulnerability, injection, bug-bounty, web | 28-Jan-2025 |
FEW DATA BREACHES AND LEAK’S SEARCH ENGINES. | https://medium.com/secure-g-o-a-t/few-data-breaches-and-leaks-search-engines-62e82e2ae682?source=rss------bug_bounty-5 | loyalonlytoday | hacking, penetration-testing, leaked, bug-bounty, cybersecurity | 28-Jan-2025 |
XSS and CSRF ki Jodi | https://medium.com/@ajay.kumar.695632/xss-and-csrf-ki-jodi-800c3b940ddb?source=rss------bug_bounty-5 | Ajay Kumar | penetration-testing, bug-bounty-writeup, xss-attack, bug-bounty, bug-bounty-tips | 28-Jan-2025 |
How to Find First Bug (For Beginners) | https://medium.com/@hrofficial62/how-to-find-first-bug-for-beginners-de5d82302f25?source=rss------bug_bounty-5 | Mr Horbio | cybersecurity, penetration-testing, bug-bounty, hacking | 28-Jan-2025 |
How I Earned $200 Using GitHub Dorking: A Manual and Automated Guide to Finding Sensitive… | https://myselfakash20.medium.com/how-i-earned-200-using-github-dorking-a-manual-and-automated-guide-to-finding-sensitive-ebbbfcad7296?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty-tips, bug-bounty, technology, cybersecurity, bug-bounty-writeup | 28-Jan-2025 |
Insecure Data Transport: The Hidden Danger of Downloads Without Integrity Checks | https://medium.com/@HackerNasr/insecure-data-transport-the-hidden-danger-of-downloads-without-integrity-checks-e190883d3f14?source=rss------bug_bounty-5 | HackerNasr | bug-bounty, cybersecurity, data-analysis, penetration-testing, ethical-hacking | 28-Jan-2025 |
The Biggest Mistake in My Bug Bounty Journey and How I Fixed It | https://medium.com/@mahdisalhi0500/the-biggest-mistake-in-my-bug-bounty-journey-and-how-i-fixed-it-576e2d43ea2f?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | penetration-testing, learning, infosec, information-security, bug-bounty | 28-Jan-2025 |
SubFinder: Automating Subdomain Enumeration for Bug Bounty in 2025 | https://medium.com/@halfcircassian/subfinder-automating-subdomain-enumeration-for-bug-bounty-in-2025-2fc17e385e4f?source=rss------bug_bounty-5 | Sıla Özeren | subfinder, bug-bounty, bug-bounty-tips, bugbounty-writeup, subdomains-enumeration | 28-Jan-2025 |
What is a Supply Chain Attack? | https://medium.com/@stish834/what-is-a-supply-chain-attack-84f485e371bf?source=rss------bug_bounty-5 | stish834 | computer-science, bug-bounty-tips, bug-bounty-writeup, bug-bounty, vulnerability | 28-Jan-2025 |
5 Things You Should Understand Before Jumping into Bug Bounty | https://bitpanic.medium.com/5-things-you-should-understand-before-jumping-into-bug-bounty-813cd960c6bc?source=rss------bug_bounty-5 | Spectat0rguy | cybersecurity, technology, programming, bug-bounty, bug-bounty-tips | 28-Jan-2025 |
EU Sanctions Russian GRU Hackers for Cyberattacks Against Estonia | https://medium.com/@wiretor/eu-sanctions-russian-gru-hackers-for-cyberattacks-against-estonia-ac7fcd59f84b?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ai, hacker, bug-bounty, trump, money | 28-Jan-2025 |
How do I find my first CVE ? | https://medium.com/@AhmadSopyan/how-do-i-find-my-first-cve-e368a89c93c5?source=rss------bug_bounty-5 | Ahmad Sopyan | cve, cybersecurity, bug-bounty, worpdress, hacking | 28-Jan-2025 |
Working SSRF Methodology For ME! | https://medium.com/@sharathi72/working-ssrf-methodology-for-me-4763ae34b7db?source=rss------bug_bounty-5 | sharathi72 | bug-bounty-tips, bug-bounty, cybersecurity, methodology, bugbounty-writeup | 28-Jan-2025 |
Don’t know how to find Bounty Earning Assets? Let’s Dive Deep into Recon part 2 | https://it4chis3c.medium.com/dont-know-how-to-find-bounty-earning-assets-let-s-dive-deep-into-recon-part-2-7c85fdd5b6b7?source=rss------bug_bounty-5 | It4chis3c | dmarc-record, bug-bounty-tips, dns, bug-bounty, bug-bounty-writeup | 28-Jan-2025 |
A Security Gap (PII) in a Bus Company | https://medium.com/meetcyber/a-security-gap-pii-in-a-bus-company-ecfe972875ff?source=rss------bug_bounty-5 | Erkan Kavas | bug-bounty-tips, pii, bug-bounty-writeup, cybersecurity, bug-bounty | 28-Jan-2025 |
.DS_Store File: A Gift for Researchers and a Headache for Website Owners | https://infosecwriteups.com/ds-store-file-a-gift-for-researchers-and-a-headache-for-website-owners-219724b99043?source=rss------bug_bounty-5 | Jionin | bug-bounty, tools, information-security, mac | 28-Jan-2025 |
Pimcore 11.4.2-SQL Injection (CVE-2024–11956) | https://medium.com/@maeitsec/pimcore-11-4-2-sql-injection-cve-2024-11956-869c7d5812d8?source=rss------bug_bounty-5 | Maeitsec | bug-bounty, security | 28-Jan-2025 |
Pimcore 11.4.2-Stored XSS (CVE-2024–11954) | https://medium.com/@maeitsec/pimcore-11-4-2-stored-xss-cve-2024-11954-fc262469e5b4?source=rss------bug_bounty-5 | Maeitsec | poc, bug-bounty, security | 28-Jan-2025 |
Practical amass — How I configure and use amass in my recon flow | https://medium.com/@samhilliard/practical-amass-how-i-configure-and-use-amass-in-my-recon-flow-94b8814b9025?source=rss------bug_bounty-5 | Sam Hilliard | bug-bounty-tips, recon, web, bug-bounty | 27-Jan-2025 |
IDOR Leads to Deletion of Organization Owner | https://medium.com/@saurabhcsec/idor-leads-to-deletion-of-organization-owner-0f0deb6a71aa?source=rss------bug_bounty-5 | Saurabhcsec | bug-bounty-writeup, bug-bounty-tips, cybersecurity, bug-bounty | 27-Jan-2025 |
Finding an easy p4 it can be worth 200$ | https://medium.com/infosecmatrix/finding-a-easy-p4-it-can-be-worth-200-ddd90ffe08d8?source=rss------bug_bounty-5 | loyalonlytoday | hacking, 4ps, ethical-hacking, bug-bounty, cybersecurity | 27-Jan-2025 |
Mastering Bug Management (Part 1) | https://medium.com/@vadoliya.nikhil99/mastering-bug-management-part-1-f951e1cf46d0?source=rss------bug_bounty-5 | Nikhil Vadoliya | leadership, product-management, technology, bug-bounty, programming | 27-Jan-2025 |
Bypassing Web Application Firewalls with Shell Globbing | https://0xkratos.medium.com/bypassing-web-application-firewalls-with-shell-globbing-8af82ff0cc8a?source=rss------bug_bounty-5 | Amal PK | linux, cybersecurity, bug-bounty, bash, waf | 27-Jan-2025 |
Duplicate Accounts Using the Same Email [BUG]: A Business Logic Vulnerability | https://medium.com/@osamamohamed21212121/duplicate-accounts-using-the-same-email-bug-a-business-logic-vulnerability-d1852a589c79?source=rss------bug_bounty-5 | Osamamohamed (db3wy) | bug-bounty-tips, bugs, bug-bounty, cybersecurity, bug-bounty-writeup | 27-Jan-2025 |
how i got $$$$ from old public bug bounty program | https://medium.com/@ibrahimsyamgame/how-i-got-from-old-public-bug-bounty-program-aee4af074bbd?source=rss------bug_bounty-5 | Ibrahimsyamgame | bug-bounty, bug-bounty-tips, bug-bounty-writeup | 27-Jan-2025 |
Exploring the Top 10 Free OSINT Tools for 2025 | https://medium.com/@verylazytech/exploring-the-top-10-free-osint-tools-for-2025-5f23d0e4e49a?source=rss------bug_bounty-5 | Very Lazy Tech | recon, hacking, cybersecurity, bug-bounty, osint | 27-Jan-2025 |
Admin Panel Login Bypass Programs HackerOne $3000 | https://medium.com/@HackerPlus/admin-panel-login-bypass-programs-hackerone-3000-4e95803fff92?source=rss------bug_bounty-5 | HackerPlus+ | bug-bounty, ctf-writeup, bugcrowd, ctf, hackerone | 27-Jan-2025 |
Automating Bug Bounty with Python | https://medium.com/@Chandravarma.Hattaraki/automating-bug-bounty-with-python-ca146dcc5a9d?source=rss------bug_bounty-5 | Chandravarma.Hattaraki | bugbounty-automation, pentesting, vapt, vulnerability, bug-bounty | 27-Jan-2025 |
Beginner’s Toolkit: 9 Tools That Simplified My Cybersecurity Journey | https://medium.com/@d3vilz50n/beginners-toolkit-9-tools-that-simplified-my-cybersecurity-journey-420c3c320d0a?source=rss------bug_bounty-5 | d3vilz50n | ethical-hacking, hacking-tools, cybersecurity, bug-bounty, cybersecurity-tools | 27-Jan-2025 |
Finding Bugs Beyond the Obvious: A Rate Limit Bypass Story | https://medium.com/@dev.rawal0143/finding-bugs-beyond-the-obvious-a-rate-limit-bypass-story-d627e926b7e5?source=rss------bug_bounty-5 | Dev Rawal | rate-limit-bypass, bugs, hackerone, rate-limiting, bug-bounty | 27-Jan-2025 |
$9,500 Bug Bounty: How I Chained IDOR and BAC to Discover This Critical Vulnerability | https://medium.com/@ibtissamhammadi/9-500-bug-bounty-how-i-chained-idor-and-bac-to-discover-this-critical-vulnerability-a6ff942d4bac?source=rss------bug_bounty-5 | Ibtissam Hammadi | hacking, bug-bounty, cybersecurity, infosec, programing | 27-Jan-2025 |
“From Frustration to Fulfillment:Why Bug Bounty Hunting is Worth the Effort and How to Succeed” | https://medium.com/@Arsenelupin12/from-frustration-to-fulfillment-why-bug-bounty-hunting-is-worth-the-effort-and-how-to-succeed-ed632833f78d?source=rss------bug_bounty-5 | Wasted Resources | hacking, hackathons, bug-bounty, bug-bounty-tips, cybersecurity | 27-Jan-2025 |
Guía de Bug Bounty Hunting #1 | https://medium.com/@mon.cybersec/gu%C3%ADa-de-bug-bounty-hunting-1-b40f056a98d8?source=rss------bug_bounty-5 | Mon Patiño | cybersecurity, hacking, bug-bounty, ciberseguridad, bug-bounty-tips | 27-Jan-2025 |
2 good tools for subdomain enumeration. | https://osintteam.blog/2-good-tools-for-subdomain-enumeration-fdceb84ac685?source=rss------bug_bounty-5 | loyalonlytoday | pentesting, cybersecurity, subdomains-enumeration, reconnaissance, bug-bounty | 27-Jan-2025 |
ATM | Penetration Testing | https://medium.com/@HackerPlus/atm-penetration-testing-24a9514c6858?source=rss------bug_bounty-5 | HackerPlus+ | ctf, pentesting, atm, bug-bounty, hacker | 27-Jan-2025 |
How I found a p4 as per bug crowd vrt. | https://medium.com/h7w/how-i-found-a-p4-as-per-bug-crowd-vrt-aacbd2e9d285?source=rss------bug_bounty-5 | loyalonlytoday | 4ps, bug-bounty, ethical-hacking, cybersecurity, pentesting | 27-Jan-2025 |
HTTP Request Smuggling ft TryHackMe and more | https://medium.com/@rizn0x0cruz/http-request-smuggling-a92a5411435e?source=rss------bug_bounty-5 | rinz0x0cruz | web-hacking, bug-bounty, tryhackme-writeup, cybersecurity, computer-science | 27-Jan-2025 |
The Evolution of Cybersecurity: Trends, Threats, and Solutions for 2025 | https://0xhassan.medium.com/the-evolution-of-cybersecurity-trends-threats-and-solutions-for-2025-d7f7a7726423?source=rss------bug_bounty-5 | Hassan Ali Arshad | cybersecurity, bug-bounty, infosec, it, information-technology | 27-Jan-2025 |
Subdomain TakeOver Programs BugCrowd $2100 Bounty | https://medium.com/@HackerPlus/subdomain-takeover-programs-bugcrowd-2100-bounty-f47e78cdb945?source=rss------bug_bounty-5 | HackerPlus+ | bug-bounty, bug-bounty-tips, ctf-writeup, ctf, hackerone | 27-Jan-2025 |
My Journey to Finding My First XSS Vulnerability | https://medium.com/@shaikrief2/my-journey-to-finding-my-first-xss-vulnerability-a342f685d7dc?source=rss------bug_bounty-5 | Shxikrf | bug-bounty, cybersecurity, bug-bounty-writeup | 27-Jan-2025 |
Way to find IDORs or Broken access bugs | https://medium.com/@curiouskhanna/way-to-find-idors-or-broken-access-bugs-2c9a07c32281?source=rss------bug_bounty-5 | Shubham Khanna | idor, cybersecurity, bug-bounty, hacking, broken-access-control | 27-Jan-2025 |
These books will help to learn bug bounty & penetration testing and ethical hacking. Part 1. | https://cybersecuritywriteups.com/these-books-will-help-to-learn-bug-bounty-penetration-testing-and-ethical-hacking-part-1-852f54c6e075?source=rss------bug_bounty-5 | loyalonlytoday | books, pdf, bug-bounty, cybersecurity, ethical-hacking | 26-Jan-2025 |
These books will help to learn bug bounty & penetration testing and ethical hacking. Final part. | https://cybersecuritywriteups.com/these-books-will-help-to-learn-bug-bounty-penetration-testing-and-ethical-hacking-final-part-b1147247c9dc?source=rss------bug_bounty-5 | loyalonlytoday | books, bug-bounty, pdf, hacking, cybersecurity | 26-Jan-2025 |
These books will help to learn bug bounty & penetration testing and ethical hacking—part 2. | https://cybersecuritywriteups.com/these-books-will-help-to-learn-bug-bounty-penetration-testing-and-ethical-hacking-part-2-7796010139e2?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, pdf, books, cybersecurity, hacking | 26-Jan-2025 |
Here are some solutions on countering CTF mistake happened while panicking and over extement. | https://medium.com/@shalomo.social/here-are-some-solutions-on-countering-ctf-mistake-happened-while-panicking-and-over-extement-9f090424f08b?source=rss------bug_bounty-5 | Shalomo Agarwarkar | bug-bounty, machine-learning, cryptocurrency, programming, data-science | 26-Jan-2025 |
Securing NASA For Certificate: P3 Vulnerability | https://medium.com/@manan_sanghvi/securing-nasa-for-certificate-p3-vulnerability-272a6e5f2fca?source=rss------bug_bounty-5 | Manan Sanghvi | manan-sanghvi, bug-bounty, nasa, penetration-testing, hacking | 26-Jan-2025 |
Finding an easy p4 bug. | https://medium.com/cyberscribers-exploring-cybersecurity/finding-an-easy-p4-bug-489d91e9c754?source=rss------bug_bounty-5 | loyalonlytoday | cybersecurity, hacking, bug-bounty, bugs, penetration-testing | 26-Jan-2025 |
Técnicas Avanzadas para Analizar y Comprender Web Application Firewalls (WAF) | https://medium.com/@kimera71/t%C3%A9cnicas-avanzadas-para-analizar-y-comprender-web-application-firewalls-waf-515713cf6edd?source=rss------bug_bounty-5 | Kimera | red-team, bug-bounty, waf, pentesting | 26-Jan-2025 |
Light: TryHackMe Writeup | https://medium.com/@samyakkatiyar2/light-tryhackme-writeup-230c3d6c26ca?source=rss------bug_bounty-5 | Samyakkatiyar | ctf-writeup, ethical-hacking, cybersecurity, bug-bounty, application-security | 26-Jan-2025 |
Beginner’s Guide to Bug Bounty: Easy Tips for Finding Open Redirect Vulnerabilities | https://medium.com/@anishnarayan/beginners-guide-to-bug-bounty-easy-tips-for-finding-open-redirect-vulnerabilities-ffda668e6533?source=rss------bug_bounty-5 | Anish Narayan | bug-bounty-tips, open-redirect, bug-bounty, bug-bounty-writeup, bug-bounty-hunting | 26-Jan-2025 |
Unlock the Full Potential of the Wayback Machine for Bug Bounty | https://infosecwriteups.com/unlock-the-full-potential-of-the-wayback-machine-for-bug-bounty-8b6f57e2637d?source=rss------bug_bounty-5 | coffinxp | bug-bounty-tips, technology, tech, hacking, bug-bounty | 26-Jan-2025 |
How I “Hacked” discord.rocks | https://medium.com/@iusedarchbtw/how-i-hacked-discord-rocks-8044266b4775?source=rss------bug_bounty-5 | Wuemeli | discord, bug-bounty | 26-Jan-2025 |
Waybackurls: The Ultimate Tool for Recon in Bug Bounty Hunting | https://medium.com/@verylazytech/waybackurls-the-ultimate-tool-for-recon-in-bug-bounty-hunting-3465a1786162?source=rss------bug_bounty-5 | Very Lazy Tech | recon, waybackurls, hacking, bug-bounty, cybersecurity | 26-Jan-2025 |
Ransomware Gang Exploits SSH Tunnels for Stealthy VMware ESXi Access | https://medium.com/@wiretor/ransomware-gang-exploits-ssh-tunnels-for-stealthy-vmware-esxi-access-1f281b18deb8?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | money, malware, ai, hacking, bug-bounty | 26-Jan-2025 |
Mastering Amass: The Ultimate Recon Toolkit | https://medium.com/@muhammad4208/mastering-amass-the-ultimate-recon-toolkit-d66a56627849?source=rss------bug_bounty-5 | Muhammad Abdullah Niazi | bug-bounty-tips, reconnaissance, enumeration, bug-bounty | 26-Jan-2025 |
Silver Platter | TryHackMe | Walkthrough | https://medium.com/@lkmn1/silver-platter-tryhackme-walkthrough-7ae5719aa8c0?source=rss------bug_bounty-5 | Lukman Ardiyansyah | hacking, pentesting, linux, cybersecurity, bug-bounty | 26-Jan-2025 |
How I Gained Admin Access Through DeepLink Hijacking | https://medium.com/@k3r0/privilege-escalation-via-deeplink-hijacking-23b30f74b0ff?source=rss------bug_bounty-5 | Kyrillos nady | penetration-testing, hacking, mobile-app-development, bug-bounty, android | 26-Jan-2025 |
If Bug Bounty Programs Are So Effective, Why Don’t Most Companies Have Them? | https://medium.com/@hackrate/if-bug-bounty-programs-are-so-effective-why-dont-most-companies-have-them-fbba2f221089?source=rss------bug_bounty-5 | Levente Molnar | bug-bounty, hacking, cybersecurity, ethical-hacking, bug-bounty-tips | 26-Jan-2025 |
Netgate Needs a Bug Bounty | https://medium.com/cloud-security/netgate-needs-a-bug-bounty-90ae5eebe821?source=rss------bug_bounty-5 | Teri Radichel | bug-bounty, ubiquiti, pfsense, troubleshooting, net-gate | 26-Jan-2025 |
Exploiting XSS To Steal Cookies | https://osintteam.blog/exploiting-xss-to-steal-cookies-f0aebdcd815b?source=rss------bug_bounty-5 | The Cybersec Café | bug-bounty-tips, penetration-testing, cybersecurity, bug-bounty, information-security | 25-Jan-2025 |
Threat Hunting with Python (Cybersecurity) | https://medium.com/@paritoshblogs/threat-hunting-with-python-cybersecurity-b90b76415972?source=rss------bug_bounty-5 | Paritosh | cybersecurity, threat-hunting, bug-bounty, programming, python | 25-Jan-2025 |
How I Turned a Tiny Security Flaw into a $250 Bounty | https://medium.com/@ramshath1999/how-i-turned-a-tiny-security-flaw-into-a-250-bounty-90a0227d6c6f?source=rss------bug_bounty-5 | Ramshath | pentesting, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 25-Jan-2025 |
How I Discovered a Bypass in WhatsApp’s “View Once” Feature | https://medium.com/@ramshath1999/how-i-discovered-a-bypass-in-whatsapps-view-once-feature-aea3bdf6405a?source=rss------bug_bounty-5 | Ramshath | hacking, bug-bounty, pentesting, meta | 25-Jan-2025 |
How to Bypass SSL Pinning for Android Apps: A Step-by-Step Guide for Security Testing | https://medium.com/@usmandasthaheer/how-to-bypass-ssl-pinning-for-android-apps-a-step-by-step-guide-for-security-testing-13f2f4d10a2e?source=rss------bug_bounty-5 | The Cyber Monkey | bug-bounty, penetration-testing, bug-bounty-tips, cybersecurity | 25-Jan-2025 |
Practical Bug Bounty: A Complete Guide to Finding & Reporting Vulnerabilities | https://santhosh-adiga-u.medium.com/practical-bug-bounty-a-complete-guide-to-finding-reporting-vulnerabilities-b46a79910ab8?source=rss------bug_bounty-5 | Santhosh Adiga U | bug-bounty, ethical-hacking, penetration-testing, cybersecurity | 25-Jan-2025 |
Hello everyone! | https://medium.com/@sahusujal.dev2004/hello-everyone-8550eb37820f?source=rss------bug_bounty-5 | Sujal Sahu | bug-bounty-tips, bug-bounty, bounty-program, bug-bounty-dorks, bug-bounty-program | 25-Jan-2025 |
JSON Web Token (JWT) Vulnerabilities: Breaking Tokens for Fun and Profit | https://medium.com/@HackerNasr/json-web-token-jwt-vulnerabilities-breaking-tokens-for-fun-and-profit-cf36fc0122db?source=rss------bug_bounty-5 | HackerNasr | web-security, bug-bounty, infosec, pentesting, ethical-hacking | 25-Jan-2025 |
Business Logic Vulnerability — IDOR (Insecure Direct Object Reference) | https://medium.com/@ilhambachtiar578/business-logic-vulnerability-idor-insecure-direct-object-reference-3dfe04298392?source=rss------bug_bounty-5 | Ilhambachtiar | idor, penteration-testing, idor-vulnerability, bug-bounty, cybersecurity | 25-Jan-2025 |
FINDING UNIQUE BUG BOUNTY PROGRAMS | https://medium.com/@sahusujal.dev2004/hello-everyone-8550eb37820f?source=rss------bug_bounty-5 | Sujal Sahu | bug-bounty-tips, bug-bounty, bounty-program, bug-bounty-dorks, bug-bounty-program | 25-Jan-2025 |
$35K Bug Bounty: Python Scripts Crack Subdomains | https://medium.com/@ibtissamhammadi/35k-bug-bounty-python-scripts-crack-subdomains-bd2a131cc372?source=rss------bug_bounty-5 | Ibtissam Hammadi | python-hacking, bug-bounty, ethical-hacking, cybersecurity, network-security | 25-Jan-2025 |
OSINT (Reconnaissance) section: What is GithubDorking ? | https://medium.com/@nagavicyn2/osint-reconnaissance-section-what-is-githubdorking-0145221d1206?source=rss------bug_bounty-5 | Jionin | bug-bounty, github, github-dorking, reconnaissance, osint | 25-Jan-2025 |
Hemos lanzado un programa de recompensas por errores de $500,000 para identificar vulnerabilidades… | https://medium.com/@dolaresciberneticos/hemos-lanzado-un-programa-de-recompensas-por-errores-de-500-000-para-identificar-vulnerabilidades-d4c16fe7ec84?source=rss------bug_bounty-5 | Carlos Melgar | proof-system, expander-polyhdera, zero-knowledge, bug-bounty, expander | 25-Jan-2025 |
How I Found a Vulnerability in Lemonsqueezy’s Checkout Flow | https://medium.com/@rstuv/how-i-found-a-vulnerability-in-lemonsqueezys-checkout-flow-393cc7026ab0?source=rss------bug_bounty-5 | rstuv | bug-bounty, cybersecurity | 25-Jan-2025 |
Zyxel Warns of Critical Firewall Issues Due to Faulty Update | https://medium.com/@wiretor/zyxel-warns-of-critical-firewall-issues-due-to-faulty-update-1bedcc5ad085?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | money, bug-bounty, zynel, malware, hacking | 25-Jan-2025 |
Privilege Escalation in GraphQL : Exploiting Finance Role Token to Access Admin Data : Part 1 | https://hackersatty.medium.com/privilege-escalation-in-graphql-exploiting-finance-role-token-to-access-admin-data-part-1-7a017a7aeb89?source=rss------bug_bounty-5 | hackersatty | idor, vulnerability, medium, bug-bounty, graphql | 25-Jan-2025 |
PayPal Agrees to $2 Million Settlement Over 2022 Data Breach | https://medium.com/@wiretor/paypal-agrees-to-2-million-settlement-over-2022-data-breach-672e1b417dcc?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ai, malware, bug-bounty, paypal, money | 25-Jan-2025 |
Subdomain enumeration technique to discover critical vulnerabilities… | https://mahim-firoj.medium.com/subdomain-enumeration-technique-to-discover-critical-vulnerabilities-dfb4f4daa1af?source=rss------bug_bounty-5 | Md. Mahim Bin Firoj | vulnerability-assessment, subdomain, cybersecurity, bug-bounty, enumeration | 25-Jan-2025 |
Shodan Dorking : 50+ Dorks To Uncover Hidden World | https://bitpanic.medium.com/shodan-dorking-50-dorks-to-uncover-hidden-world-41e10819b7c8?source=rss------bug_bounty-5 | Spectat0rguy | cybersecurity, bug-bounty-tips, programming, bug-bounty, technology | 25-Jan-2025 |
Comprehensive Guide to SQL Injection Attacks: Understanding and Prevention | By Gentil Security | https://gentilsecurity.medium.com/comprehensive-guide-to-sql-injection-attacks-understanding-and-prevention-by-gentil-security-8f02e3461344?source=rss------bug_bounty-5 | Gentil Security | penetration-testing, sql-injection, cybersecurity, web-vulnerabilities, bug-bounty | 25-Jan-2025 |
Full GitHub Dorking guide: for OSINT and BugBounty (Reconnaissance) | https://infosecwriteups.com/full-github-dorking-guide-for-osint-and-bugbounty-reconnaissance-27557fb67ee0?source=rss------bug_bounty-5 | Jionin | github, reconnaissance, bug-bounty, osint, github-dorking | 25-Jan-2025 |
Making use of Javascript Source Maps (js.map) files in Bug Bounty — Information gathering tips | https://medium.com/@0x_Ju1ian/making-use-of-javascript-source-maps-js-map-files-in-bug-bounty-information-gathering-tips-87deddf1aa8d?source=rss------bug_bounty-5 | 0x_Ju1ian | bug-bounty-tips, bug-bounty | 24-Jan-2025 |
$200 Easy Directory Listing Vulnerability on a US Website | https://cybersecuritywriteups.com/200-easy-directory-listing-vulnerability-on-a-us-website-7d35fcda8aa2?source=rss------bug_bounty-5 | Abhijeet kumawat | infosec, bug-bounty, hacking, medium, money | 24-Jan-2025 |
CTF vs. Bug Bounty: Navigating Two Worlds of Cybersecurity | https://medium.com/@mehakchoradia1/ctf-vs-bug-bounty-navigating-two-worlds-of-cybersecurity-919ed152bed3?source=rss------bug_bounty-5 | Mehakchoradia | guidance, cybersecurity, capture-the-flag, careers, bug-bounty | 24-Jan-2025 |
How I Found a Stripe Key Disclosure Leading to PII Exposure | https://medium.com/@nihaltikka/how-i-found-a-stripe-key-disclosure-leading-to-pii-exposure-6e57d5fca9d5?source=rss------bug_bounty-5 | EL_Cazad0r | bug-bounty, bug-bounty-tips, bug-bounty-writeup, penetration-testing | 24-Jan-2025 |
Broken Link : My Story Of Hijacking a Twitter Handle | https://bitpanic.medium.com/broken-link-my-story-of-hijacking-a-twitter-handle-f087536db8c5?source=rss------bug_bounty-5 | Spectat0rguy | cybersecurity, technology, programming, bug-bounty, bug-bounty-tips | 24-Jan-2025 |
How to Spot XSS Bugs on Any Website | https://medium.com/h7w/how-to-spot-xss-bugs-on-any-website-5b4eed955c35?source=rss------bug_bounty-5 | Rendiero | penetration-testing, xss-attack, red-team, bug-bounty, vulnerability | 24-Jan-2025 |
Bug Bounty Scams in 2025: How to Identify Fake Opportunities and Safeguard Yourself | https://medium.com/@adibostoninstitute123/bug-bounty-scams-in-2025-how-to-identify-fake-opportunities-and-safeguard-yourself-e08cd7af5bce?source=rss------bug_bounty-5 | Aditya Tripathi | cybersecurity, learn-ethical-hacking, bug-bounty, cybersecurity-course, ethical-hacking-course | 24-Jan-2025 |
Subdomain Enumeration: A Practical Guide | https://medium.com/@nakshatrasirohi/subdomain-enumeration-a-practical-guide-31eb662d3bfb?source=rss------bug_bounty-5 | Nakshatra Sirohi | reconnaissance, bug-bounty, bug-bounty-tips, hacking-tools, recon | 24-Jan-2025 |
Exploiting XSS via Markdown on Xiaomi | https://medium.com/@n45ht/exploiting-xss-via-markdown-on-xiaomi-ad93519a42f5?source=rss------bug_bounty-5 | N45HT | web-security, cross-site-scripting, xs, bug-bounty, markdown | 24-Jan-2025 |
Bypassed Access Control Using a Simple Method-Based Request Trick — Access Control Labs | https://bashoverflow.medium.com/bypassed-access-control-using-a-simple-method-based-request-trick-access-control-labs-61ec15242d88?source=rss------bug_bounty-5 | Bash Overflow | bypass-access-control, http-method-based-bypass, privilege-escalation, bug-bounty, access-control-flaw | 24-Jan-2025 |
Linux Basics for Hackers, Developers, and System Administrators | https://medium.com/@v1xtron/linux-basics-for-hackers-developers-and-system-administrators-419b828f2a98?source=rss------bug_bounty-5 | v1xtron | bug-bounty, bug-bounty-writeup, ethical-hacking, linux, system-administration | 24-Jan-2025 |
Currently Bugcrowd has over 1400 bug bounty programs. Is it really so good? | https://medium.com/@hackrate/currently-bugcrowd-has-over-1400-bug-bounty-programs-is-it-really-so-good-383130cfb406?source=rss------bug_bounty-5 | Levente Molnar | cybersecurity, ethical-hacking, bug-bounty, hacking, bug-bounty-tips | 24-Jan-2025 |
Become a Bug Bounty Expert: Tips to Maximize Your Earnings | https://medium.com/@ramanidhaval11/become-a-bug-bounty-expert-tips-to-maximize-your-earnings-1cd13984631a?source=rss------bug_bounty-5 | Er Dhaval Ramani | ai, cybersecurity, bug-bounty | 24-Jan-2025 |
Admin Panel Exploit to Access Logitech Dashboard | https://medium.com/@asingh25377/admin-panel-exploit-to-access-logitech-dashboard-e4c3943dbf21?source=rss------bug_bounty-5 | aman singh | bugbounty-writeup, bugs, bug-bounty | 24-Jan-2025 |
CORS Misconfigurations: How Poor Policies Open Doors to Exploits | https://medium.com/@HackerNasr/cors-misconfigurations-how-poor-policies-open-doors-to-exploits-ef0af71e0302?source=rss------bug_bounty-5 | HackerNasr | penetration-testing, infosec, bug-bounty, ethical-hacking, web-security | 24-Jan-2025 |
Best Linux Distros for Cyber Security , Web & App Development | https://bitpanic.medium.com/best-linux-distros-for-cyber-security-web-app-development-72422faa37a2?source=rss------bug_bounty-5 | Spectat0rguy | bug-bounty, web-development, cybersecurity, technology, programming | 24-Jan-2025 |
SQL injection in largest Electricity Board of Sri Lanka | https://infosecwriteups.com/sql-injection-in-largest-electricity-board-of-sri-lanka-1a55c12104bd?source=rss------bug_bounty-5 | coffinxp | technology, sql-injection, sql, hacking, bug-bounty | 24-Jan-2025 |
Bypassing Rate Limit Protection to Account Takeover | https://medium.com/@sohailahmed0x0/bypassing-rate-limit-protection-to-account-takeover-fe44598fc1df?source=rss------bug_bounty-5 | Sohail Ahmed | brute-force, rate-limiting, cybersecurity, bug-bounty, pentesting | 24-Jan-2025 |
Setting up Lab for Active Directory | https://medium.com/@sohailahmed0x0/setting-up-lab-for-active-directory-9b0cb69041cd?source=rss------bug_bounty-5 | Sohail Ahmed | cybersecurity, infosec, bug-bounty, active-directory, pentesting | 24-Jan-2025 |
Escalate P3 SSRF TO P1 | https://medium.com/@anonanoon9/escalate-p3-ssrf-to-p1-a9ed4eaaefeb?source=rss------bug_bounty-5 | Yazeed Bilal | bug-bounty, bug-bounty-strategy, bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup | 23-Jan-2025 |
Easy $10,000 bounty using Wayback Machine | https://blog.bugbountyhunter.xyz/easy-10-000-bounty-using-wayback-machine-1b08e3b1cafe?source=rss------bug_bounty-5 | Japz Divino | bug-bounty-tips, bug-bounty-writeup, hackerone, bug-bounty | 23-Jan-2025 |
Create Your Free Red Teaming Lab at Zero Cost! | https://medium.com/@paritoshblogs/create-your-free-red-teaming-lab-at-zero-cost-d2547b2de11a?source=rss------bug_bounty-5 | Paritosh | cybersecurity, how-to, bug-bounty, hacking, pentesting | 23-Jan-2025 |
A Simple P2 Bug Via Forced Browsing | https://medium.com/@cyberpro151/a-simple-p2-bug-via-forced-browsing-d4926a82891f?source=rss------bug_bounty-5 | cyberpro151 | bug-bounty, bug-bounty-writeup, bug-bounty-tips, broken-access-control, cybersecurity | 23-Jan-2025 |
Get sonyliv free subscriptions | https://medium.com/@hrofficial62/get-sonyliv-free-subscriptions-fcc58f89bae6?source=rss------bug_bounty-5 | Mr Horbio | bug-bounty, bugbounty-writeup, cybersecurity, pentesting, hacki | 23-Jan-2025 |
Exposed Credentials Guide: Not just in client javascripts || 101 case studies | https://medium.com/@illoyscizceneghposter/exposed-credentials-guide-not-just-in-client-javascripts-101-case-studies-131b765e07a2?source=rss------bug_bounty-5 | Illoy Scizceneghposter | bug-bounty, hacking, infosec | 23-Jan-2025 |
Security Risks of Medium Paywall Bypass Methods. | https://pwndecoco.medium.com/security-risks-of-medium-paywall-bypass-methods-28b92f557a3a?source=rss------bug_bounty-5 | Pwndec0c0 | bug-bounty, hacking, bug-bounty-writeup, bug-bounty-tips, medium | 23-Jan-2025 |
$600 Vulnerability: My First Bug Hunting Journey | https://asyary.medium.com/600-vulnerability-my-first-bug-hunting-journey-98b961a62f4b?source=rss------bug_bounty-5 | Asyary Raihan | bug-bounty, bug-hunting, bug-bounty-writeup, hacking, cybersecurity | 23-Jan-2025 |
Introducing AZEx Incentivized Testnet | https://medium.com/@AZEX.io/introducing-azex-incentivized-testnet-04ddc32d83a1?source=rss------bug_bounty-5 | AZEX | testnet, berachain, defi, azex, bug-bounty | 23-Jan-2025 |
How a Vulnerability in Cinema Booking Systems Can Block Seats and Impact Revenue | https://medium.com/@anonymousshetty2003/how-a-vulnerability-in-cinema-booking-systems-can-block-seats-and-impact-revenue-c28e93d26616?source=rss------bug_bounty-5 | Anonymousshetty | bug-bounty-writeup, bug-bounty, ethical-hacking, hacking, cybersecurity | 23-Jan-2025 |
Finding more subdomains.(part 2) | https://medium.com/readers-club/finding-more-subdomains-part-2-07a64b331b43?source=rss------bug_bounty-5 | loyalonlytoday | cybersecurity, penetration-testing, subdomains-enumeration, hacking, bug-bounty | 23-Jan-2025 |
$5,000 Bug Bounty: The Hacker’s Unexpected Goldmine | https://medium.com/@ibtissamhammadi/5-000-bug-bounty-the-hackers-unexpected-goldmine-b87ab9fd0c3b?source=rss------bug_bounty-5 | Ibtissam Hammadi | bug-bounty, ethical-hacking, cybersecurity, infosec, tech-jobs | 23-Jan-2025 |
OSINT (Reconnaissance) section: What is GitDorking ? | https://medium.com/@nagavicyn2/osint-reconnaissance-section-what-is-gitdorking-3215520de9c7?source=rss------bug_bounty-5 | Jionin | github, osint, recon, bug-bounty, pentesting | 23-Jan-2025 |
Next.js, cache, and chains: the stale elixir | https://medium.com/@zhero_/next-js-cache-and-chains-the-stale-elixir-a4c6b3062e1b?source=rss------bug_bounty-5 | Rachid.A | javascript, cve, hacking, nextjs, bug-bounty | 23-Jan-2025 |
The Ultimate Guide to Hacking AWS S3: Find Vulnerable Buckets and Earn Big $$$$ | https://medium.com/@nebty/the-ultimate-guide-to-hacking-aws-s3-find-vulnerable-buckets-and-earn-big-5b089d921814?source=rss------bug_bounty-5 | Nebty | penetration-testing, cybersecurity, ethical-hacking, bug-bounty, s3 | 23-Jan-2025 |
Biggest innovation in Penetration Testing so far | https://medium.com/@hackrate/biggest-innovation-in-penetration-testing-so-far-d6fac4800119?source=rss------bug_bounty-5 | Levente Molnar | ethical-hacking, bug-bounty, penetration-testing, cybersecurity, hacking | 23-Jan-2025 |
How To Convert Your Android Device In A Recon Device ? | https://bitpanic.medium.com/how-to-convert-your-android-device-in-a-recon-device-4ad22c3bbdab?source=rss------bug_bounty-5 | Spectat0rguy | bug-bounty, technology, programming, bug-bounty-tips, cybersecurity | 23-Jan-2025 |
How I Found a Bug in Sony and Earned Exclusive Swag! | https://medium.com/@josekuttykunnelthazhebinu/how-i-found-a-bug-in-sony-and-earned-exclusive-swag-f565d56c395e?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | bug-bounty, cybersecurity, programming, technology, vulnerability | 23-Jan-2025 |
Essential Tools and Technologies Every SOC Analyst Must Master to Stay Ahead in Cybersecurity | https://mhmmuneef.medium.com/essential-tools-and-technologies-every-soc-analyst-must-master-to-stay-ahead-in-cybersecurity-50d76cc87ec5?source=rss------bug_bounty-5 | Mohammed Muneef | hacking, bug-bounty, cybersecurity, technology, soc | 23-Jan-2025 |
CTI REPORT - LockBit 3.0: | https://medium.com/@muhammetalgan3547/cti-report-lockbit-3-0-33e224e1d8d6?source=rss------bug_bounty-5 | Muhammet ALGAN | bug-bounty, cybersecurity, incident-response, cyber-threat-intelligence, hacking | 23-Jan-2025 |
Unique ways to Recon for Bug Hunters: Short series [Part 1] | https://osintteam.blog/unique-ways-to-recon-for-bug-hunters-short-series-part-1-7e91f3fcfe25?source=rss------bug_bounty-5 | RivuDon | ethical-hacking, infosec, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 22-Jan-2025 |
Polluting My Way to Victory: How I Found HTTP Parameter Pollution (HPP) and Exploited It Like a Pro | https://myselfakash20.medium.com/polluting-my-way-to-victory-how-i-found-http-parameter-pollution-hpp-and-exploited-it-like-a-pro-c4cf39ec90fe?source=rss------bug_bounty-5 | Akash Ghosh | cybersecurity, bug-bounty, bug-bounty-writeup, technology, bug-bounty-tips | 22-Jan-2025 |
Appreciation Letter from NASA for Uncovering Unauthorized file Access | https://medium.com/@hackxb12/appreciation-letter-from-nasa-for-uncovering-unauthorized-file-access-a1d1497a33e6?source=rss------bug_bounty-5 | Bhautik Patel | cybersecurity, bug-bounty | 22-Jan-2025 |
Threat Hunting Using Powershell | https://medium.com/@paritoshblogs/threat-hunting-using-powershell-ce8502307b65?source=rss------bug_bounty-5 | Paritosh | programming, threat-hunting, bug-bounty, cybersecurity, powershell | 22-Jan-2025 |
Earn $100–500 after Pentesting OAuth | https://medium.com/@anandrishav2228/earn-100-500-after-pentesting-oauth-02018371d4c2?source=rss------bug_bounty-5 | Rishav anand | pentesting, money, cybersecurity, oauth, bug-bounty | 22-Jan-2025 |
Polluting My Way to Victory: How I Found HTTP Parameter Pollution (HPP) and Exploited It Like a Pro | https://osintteam.blog/polluting-my-way-to-victory-how-i-found-http-parameter-pollution-hpp-and-exploited-it-like-a-pro-c4cf39ec90fe?source=rss------bug_bounty-5 | Akash Ghosh | cybersecurity, programming, bug-bounty, bug-bounty-writeup, technology | 22-Jan-2025 |
BY USING JAVASCRIPT ANALYSIS GOT 200$ for JUST AN API TOKEN Leak [Information Disclosure… | https://medium.com/@hrofficial62/by-using-javascript-analysis-got-200-for-just-an-api-token-leak-information-disclosure-a2f1868ab94f?source=rss------bug_bounty-5 | Mr Horbio | ethical-hacking, bug-bounty, cybersecurity, pentesting, hacking | 22-Jan-2025 |
What if XML-RPC.php file show 403 Forbidden | https://medium.com/@hrofficial62/what-if-xml-rpc-php-file-show-403-forbidden-0ba7141a8d52?source=rss------bug_bounty-5 | Mr Horbio | bug-bounty, hacking, penetration-testing, wordpress, cybersecurity | 22-Jan-2025 |
Recon | Subdomains | https://z0enix.medium.com/recon-subdomains-230f37ea97b1?source=rss------bug_bounty-5 | Mohamed Hamadou | recon, subdomain, bug-bounty, bug-bounty-tips | 22-Jan-2025 |
CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) | https://z0enix.medium.com/cwe-79-improper-neutralization-of-input-during-web-page-generation-cross-site-scripting-db5719c34014?source=rss------bug_bounty-5 | Mohamed Hamadou | bug-bounty, vulnerability | 22-Jan-2025 |
Account Tackover | https://z0enix.medium.com/account-tackover-765357c12e45?source=rss------bug_bounty-5 | Mohamed Hamadou | bug-bounty, bug-bounty-tips | 22-Jan-2025 |
How I Hacked a User Management System and Found 3 Critical GraphQL Vulnerabilities | https://medium.com/@4bdo/how-i-hacked-a-user-management-system-and-found-3-critical-graphql-vulnerabilities-4362eff1a38f?source=rss------bug_bounty-5 | 4bd0_m4g3d | infosec, cybersecurity, data-privacy, bug-bounty, ethical-hacking | 22-Jan-2025 |
Understanding Privilege Escalation in Linux and Windows Systems - [Part 1] | https://bashoverflow.medium.com/understanding-privilege-escalation-in-linux-and-windows-systems-part-1-f9c98c8a0a14?source=rss------bug_bounty-5 | Bash Overflow | privilege-escalation, penetration-testing, bug-bounty, linux-priv-esc, windows-priv-escalation | 22-Jan-2025 |
CertificateFinder: A Game-Changer for All Hidden Subdomains(freeGUI tool) | https://anontriager.medium.com/certificatefinder-a-game-changer-for-all-hidden-subdomains-freegui-tool-c9c58c910b3c?source=rss------bug_bounty-5 | Anonymous Traiger | jobs, hacking, bug-bounty, programming, developer | 22-Jan-2025 |
My Bug Bounty Journey: A Middle-Class Kid’s Quest for Free and Beyond | https://medium.com/@vivekps143/my-bug-bounty-journey-a-middle-class-kids-quest-for-free-and-beyond-1cd6b65240d6?source=rss------bug_bounty-5 | Vivek PS | bug-bounty-writeup, web-security, hacking, bug-bounty | 22-Jan-2025 |
The Biggest Bug Bounty Payouts of All Time and What We Learned | https://medium.com/@hackrate/the-biggest-bug-bounty-payouts-of-all-time-and-what-we-learned-0a35c8a327c2?source=rss------bug_bounty-5 | Levente Molnar | bug-bounty, cybersecurity, ethical-hacking, hacking, bug-bounty-tips | 22-Jan-2025 |
IPany VPN Breached in Supply-Chain Attack: Hackers Deploy SlowStepper Malware | https://medium.com/@wiretor/ipany-vpn-breached-in-supply-chain-attack-hackers-deploy-slowstepper-malware-ba0ae1c2ddb9?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, hacker, ai, malware, hacking | 22-Jan-2025 |
️ How to Stay Anonymous Online: A Hacker’s Perspective | https://medium.com/@atnoforcybersecurity/%EF%B8%8F-how-to-stay-anonymous-online-a-hackers-perspective-920b4bdc2401?source=rss------bug_bounty-5 | ATNO For Cybersecurity | Hacking | bug-bounty, cybersecurity, cyberattack, cybercrime | 22-Jan-2025 |
Easy Hacking with Google Dorking — Finding NASA High P2 Vulnerability | https://abhirdd.medium.com/easy-hacking-with-google-dorking-finding-nasa-high-p2-vulnerability-8b9797eac370?source=rss------bug_bounty-5 | Abhi Rantia Dharmawan | bug-bounty-tips, bugcrowd, bug-bounty, bug-bounty-writeup, nasa | 22-Jan-2025 |
Intent Redirect: Unlocking Hidden Pathways in Android Applications | https://medium.com/@k3r0/intent-redirect-unlocking-hidden-pathways-in-android-applications-8f3390965236?source=rss------bug_bounty-5 | Kyrillos nady | android-app-development, hacking, mobile-app-development, bug-bounty, pentesting | 22-Jan-2025 |
Basic Windows CMD Commands for Hackers: A Guide to Privilege Escalation | https://medium.com/@ajudeb55/basic-windows-cmd-commands-for-hackers-a-guide-to-privilege-escalation-99ad396aadf6?source=rss------bug_bounty-5 | Aju Deb | bug-bounty, money, technology, programming, cybersecurity | 21-Jan-2025 |
From Order to Exploit: A Deep Dive into Restaurant Network Security | https://medium.com/@davimouar/from-order-to-exploit-a-deep-dive-into-restaurant-network-security-64aeaf3a6f64?source=rss------bug_bounty-5 | Davi Moura | programming, bug-bounty, cybersecurity, hacking, security | 21-Jan-2025 |
Comprehensive XSS Learning Roadmap | https://medium.com/@shuklaneel525/comprehensive-xss-learning-roadmap-6f48585d8fe8?source=rss------bug_bounty-5 | NEEL SHUKLA | cross-site-scripting, bug-bounty-tips, cybersecurity, ethical-hacking, bug-bounty | 21-Jan-2025 |
Earn $1000–2000 by identifying Common vulnerability in Tech. | https://medium.com/@anandrishav2228/earn-1000-2000-by-identifying-common-vulnerability-in-tech-e8fd44da2a1c?source=rss------bug_bounty-5 | Rishav anand | bug-bounty, security, hacking, cyber, money | 21-Jan-2025 |
These Hackers Earn 7 figure income | https://medium.com/@BlackHat123/these-hackers-earn-7-figure-income-73013c4225f4?source=rss------bug_bounty-5 | blackhat | bug-bounty, ethical-hacking, earn-money-online, hackerone, hacker | 21-Jan-2025 |
How a Routine Security Test Led to My First CVE and Bug Bounty: Lessons in API Security and Beyond | https://tech.cashfree.com/how-a-routine-security-test-led-to-my-first-cve-and-bug-bounty-lessons-in-api-security-and-beyond-8f0da2bb553e?source=rss------bug_bounty-5 | Anubhav Sharma | vulnerability, api-security, infosec, bug-bounty, cybersecurity | 21-Jan-2025 |
I found my first bug [Google Dorking] | https://medium.com/@krishnathegr817/i-found-my-first-bug-google-dorking-30c974be94f2?source=rss------bug_bounty-5 | Krishna Agarwal | cybersecurity, bug-bounty, first-bug | 21-Jan-2025 |
Easy MFA Setup bypass Lead to unauthorized access to PII data Of users | https://medium.com/@0xOsman/easy-mfa-setup-bypass-lead-to-unauthorized-access-to-pii-data-of-users-443d41ae98a3?source=rss------bug_bounty-5 | Abdalah Osman | 2fa-bypass, bug-bounty, bugbounty-writeup, bugbounty-tips | 21-Jan-2025 |
“My Journey as a Bug Hunter: Reporting to the Dutch Government” | https://cybersecuritywriteups.com/my-journey-as-a-bug-hunter-reporting-to-the-dutch-government-7bfd18d616fa?source=rss------bug_bounty-5 | Taha Diwan | hacking, dutch-government, bug-bounty, cybersecurity, ethical-hacking | 21-Jan-2025 |
Bug Bounty Insights: 10 Key Findings - ZeroClick Account Takeover - Part 5 | https://medium.com/@maakthon/bug-bounty-insights-10-key-findings-zeroclick-account-takeover-part-5-a6acb3dce5e7?source=rss------bug_bounty-5 | Mahmoud Abd Alkarim | web-development, bug-bounty, hacking, account-takeover, bugbounty-writeup | 21-Jan-2025 |
How AI and Free Open-Source Tools are Revolutionizing Bug Bounty Hunting | https://medium.com/@zoningxtr/how-ai-and-free-open-source-tools-are-revolutionizing-bug-bounty-hunting-37241798177b?source=rss------bug_bounty-5 | Zoningxtr | bug-bounty, cybersecurity, penetration-testing | 21-Jan-2025 |
Unauthenticated Vulnerabilities: Maximum Impact $$$ | https://medium.com/@HackerNasr/unauthenticated-vulnerabilities-maximum-impact-9b51b4a0c719?source=rss------bug_bounty-5 | HackerNasr | information-security, cyberattack, bug-bounty, cybersecurity, vulnerability | 21-Jan-2025 |
How to Install MobSF on Kali Linux for Android Application Pentesting (2025) | https://medium.com/@usmandasthaheer/how-to-install-mobsf-on-kali-linux-for-android-application-pentesting-2025-50c4948a1c0d?source=rss------bug_bounty-5 | Usman Dasthaheer | penetration-testing, bug-bounty, cybersecurity, kali-linux | 21-Jan-2025 |
7-Zip Fixes Bug That Bypasses Windows MoTW Security Warnings | https://medium.com/@wiretor/7-zip-fixes-bug-that-bypasses-windows-motw-security-warnings-569ac8a89068?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ai, bug-bounty, 7zip, money, malware | 21-Jan-2025 |
Hi everyone, and welcome to this lab project: Finding Open Service Ports Using Kali Linux. | https://medium.com/@.rai/hi-everyone-and-welcome-to-this-lab-project-finding-open-service-ports-using-kali-linux-9be24cde101e?source=rss------bug_bounty-5 | Gamuchirai | open-source, metasploitable, nmap, kali, bug-bounty | 21-Jan-2025 |
The correct approach to testing for privilege escalation bugs...❕❗ | https://medium.com/@mahdisalhi0500/the-correct-approach-to-testing-for-privilege-escalation-bugs-d03bd9281a3e?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | infosec, bug-bounty-tips, penetration-testing, information-security, bug-bounty | 21-Jan-2025 |
How to transition from Pentesting to Bug Bounty Hunting | https://medium.com/@hackrate/how-to-transition-from-pentesting-to-bug-bounty-hunting-f98398c4ea0a?source=rss------bug_bounty-5 | Levente Molnar | penetration-testing, hacking, bug-bounty, cybersecurity, ethical-hacking | 21-Jan-2025 |
WordPress Hacking 2025 | https://medium.com/infosec-notes/wordpress-hacking-2025-03985e7d2e08?source=rss------bug_bounty-5 | Mr Horbio | wordpress, pentesting, cybersecurity, ethical-hacking, bug-bounty | 21-Jan-2025 |
response manipulation leads to access admin panel | https://medium.com/@ajax12395/response-manipulation-leads-to-access-admin-panel-2295655c646d?source=rss------bug_bounty-5 | xlr7 | bug-bounty | 20-Jan-2025 |
How I Turned a $10 RFI Bug into a $300 RCE Bounty (Step-by-Step Guide) | https://medium.com/@ibtissamhammadi/how-i-turned-a-10-rfi-bug-into-a-300-rce-bounty-step-by-step-guide-75042267969a?source=rss------bug_bounty-5 | Ibtissam Hammadi | web-security, rce, rfi, infosec, bug-bounty | 20-Jan-2025 |
Found HTML Injection in Emails! Earned HOF | https://medium.com/@dsmodi484/found-html-injection-in-emails-earned-hof-24a8a8223f29?source=rss------bug_bounty-5 | cryptoshant | cybersecurity, hacking, security, html, bug-bounty | 20-Jan-2025 |
Insecure Direct Object Reference (iDOR) via Programs HackerOne | https://medium.com/@HackerPlus/insecure-direct-object-reference-idor-via-programs-hackerone-3c8e261b7ca3?source=rss------bug_bounty-5 | HackerPlus+ | ctf, bug-bounty, bug-bounty-writeup, bug-bounty-tips, hackerone | 20-Jan-2025 |
How to Prepare for Incident Response ? A Step-by-Step Guide for Students | https://mhmmuneef.medium.com/how-to-prepare-for-incident-response-a-step-by-step-guide-for-students-fcf9f77cc56b?source=rss------bug_bounty-5 | Mohammed Muneef | bug-bounty, study-abroad, cybersecurity, technology, incident-response | 20-Jan-2025 |
Unlock Hidden Backups with wayBackupFinder.py | https://anmolksachan.medium.com/unlock-hidden-backups-with-waybackupfinder-py-7b98041a82d9?source=rss------bug_bounty-5 | Anmol K Sachan | writeup, bug-bounty, backup, automation, pentesting | 20-Jan-2025 |
Various Methods to Exploit Insecure Direct Object Reference (IDOR) | https://medium.com/@sahusujal.dev2004/various-methods-to-exploit-insecure-direct-object-reference-idor-f50a131fe651?source=rss------bug_bounty-5 | Sujal Sahu | bug-reporting, bug-bounty, writeup, web-penetration-testing, bug-bounty-tips | 20-Jan-2025 |
How to Turn Bug Bounty Scopes into Goldmines: Recon Techniques That Work | https://medium.com/@HackerNasr/how-to-turn-bug-bounty-scopes-into-goldmines-recon-techniques-that-work-4b6a1bd4979d?source=rss------bug_bounty-5 | HackerNasr | cyber-security-awareness, bug-bounty-writeup, bug-bounty, security-research, cybersecurity | 20-Jan-2025 |
Using Tor Network to Bypass Rate Limits | https://saeed0x1.medium.com/using-tor-network-to-bypass-rate-limits-9fe2b174c316?source=rss------bug_bounty-5 | SAEED | bug-bounty-writeup, bug-bounty-tips, tor, bug-bounty, cybersecurity | 20-Jan-2025 |
Agent Sudo 2.0 | https://medium.com/@pavanboss/agent-sudo-2-0-1d92f6232ff8?source=rss------bug_bounty-5 | PavanBoss | bug-bounty, sudo, agents, thm, ctf | 20-Jan-2025 |
Reconnaissance — Finding Apex/Root Domains | https://it4chis3c.medium.com/reconnaissance-finding-apex-root-domains-b822cf54663e?source=rss------bug_bounty-5 | It4chis3c | secrets, bug-bounty, apex-domain, reconnaissance, bug-bounty-tips | 20-Jan-2025 |
Security Session #2 | https://medium.com/@mon.cybersec/security-session-2-7b2ec1a2d03e?source=rss------bug_bounty-5 | Mon Works | burpsuite, hacking, bug-bounty, security, ciberseguridad | 20-Jan-2025 |
The ROI of Bug Bounty Programs: Cost vs. Impact | https://medium.com/@hackrate/the-roi-of-bug-bounty-programs-cost-vs-impact-591de5eb3630?source=rss------bug_bounty-5 | Levente Molnar | ethical-hacking, bug-bounty-tips, hacking, cybersecurity, bug-bounty | 20-Jan-2025 |
Using Tor Network to Bypass Rate Limits | https://systemweakness.com/using-tor-network-to-bypass-rate-limits-9fe2b174c316?source=rss------bug_bounty-5 | SAEED | bug-bounty-writeup, bug-bounty-tips, tor, bug-bounty, cybersecurity | 20-Jan-2025 |
40+ Google Dorks For Low Hanging Fruits | https://bitpanic.medium.com/40-google-dorks-for-low-hanging-fruits-d8fc3d5d7a8d?source=rss------bug_bounty-5 | Spectat0rguy | cybersecurity, bug-bounty, programming, bug-bounty-tips, technology | 20-Jan-2025 |
HTML Injection At Email Via Programs HackerOne | https://medium.com/@HackerPlus/html-injection-at-email-via-programs-hackerone-07f2e6652523?source=rss------bug_bounty-5 | HackerPlus+ | bug-bounty-tips, ctf, bugcrowd, bug-bounty, hackerone | 20-Jan-2025 |
Discovering backups, secrets, and more using the wayBackupFinder.py tool. | https://anmolksachan.medium.com/discovering-backups-secrets-and-more-using-the-waybackupfinder-py-tool-b97f67e95c50?source=rss------bug_bounty-5 | Anmol K Sachan | wayback-machine, bug-bounty, pentesting, bug-bounty-tips, osint | 20-Jan-2025 |
A Beginner’s Guide to Testing for Directory Traversal Attacks | https://medium.com/@mcooter/a-beginners-guide-to-testing-for-directory-traversal-attacks-300e7af275bd?source=rss------bug_bounty-5 | Michael Cooter | bug-bounty, oswa, directory-traversal, hacking, web-application-security | 20-Jan-2025 |
Exploiting Race Condition Bugs | https://medium.com/@vuk.ivanovic9000/exploiting-race-condition-bugs-41af288c9e0f?source=rss------bug_bounty-5 | Vuk Ivanovic | race-condition, exploitation, burpsuite, infosec, bug-bounty | 20-Jan-2025 |
A List of Known and Unknown Bug Bounty Platforms | https://medium.com/meetcyber/a-list-of-known-and-unknown-bug-bounty-platforms-c7e8a87e59f8?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, cybersecurity, hacking, ethical-hacking | 20-Jan-2025 |
How I found S3 buckets in Bug bounties | https://infosecwriteups.com/how-i-found-s3-buckets-in-bug-bounties-501faf76c3f9?source=rss------bug_bounty-5 | Mukilan Baskaran | bug-bounty, s3, s3-bucket, aws, aws-hacking | 20-Jan-2025 |
How I Made $500 in 30 Days Using ChatGPT as My Hacking Mentor | https://medium.com/@ibtissamhammadi/how-i-made-500-in-30-days-using-chatgpt-as-my-hacking-mentor-113226deed78?source=rss------bug_bounty-5 | Ibtissam Hammadi | ethical-hacking, hacking, cybersecurity, chatgpt, bug-bounty | 20-Jan-2025 |
What is a WAF ? How it works ? | https://medium.com/@rohitmaity001/what-is-a-waf-how-it-works-931a5f6fee84?source=rss------bug_bounty-5 | Rohit Maity | how-it-works, cyber, cybersecurity, cyber-securty, bug-bounty | 20-Jan-2025 |
PicoCTF Writeup — Web Gauntlet | https://medium.com/@sobatistacyber/picoctf-writeup-web-gauntlet-7c3b8c7c7946?source=rss------bug_bounty-5 | SoBatista | penetration-testing, hacking, ctf, sql-injection, bug-bounty | 20-Jan-2025 |
Hackers Deploy Malicious npm Packages to Steal Solana Wallet Keys via Gmail SMTP | https://medium.com/@wiretor/hackers-deploy-malicious-npm-packages-to-steal-solana-wallet-keys-via-gmail-smtp-cfdae9876dec?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, hacking, hacker, ai, bug-bounty | 20-Jan-2025 |
Easy P4: Cloudflare Bypass, Origin IP Found (Part 2) | https://sudosuraj.medium.com/easy-p4-cloudflare-bypass-origin-ip-found-part-2-5ffc615bff1f?source=rss------bug_bounty-5 | sudosuraj | cloudflare, bug-bounty-tips, bug-bounty-writeup, bug-bounty, sudosuraj | 20-Jan-2025 |
SQL Injection Vulnerability in Microsoft’s DevBlogs [devblogs.microsoft.com] | https://zhenwarx.medium.com/sql-injection-vulnerability-in-microsofts-devblogs-devblogs-microsoft-com-690792213d1f?source=rss------bug_bounty-5 | Zhenwarx | bug-bounty, sql-injection, microsoft | 20-Jan-2025 |
Incident Response in Digital Forensics | A Beginners-Friendly Guide | https://mhmmuneef.medium.com/incident-response-in-digital-forensics-a-beginners-friendly-guide-7ec0b4789519?source=rss------bug_bounty-5 | Mohammed Muneef | hacking, information-technology, technology, bug-bounty, cybersecurity | 20-Jan-2025 |
Finding my First SQL Injection On HackerOne | https://infosecwriteups.com/finding-my-first-sql-injection-on-hackerone-6a031ab5aa1c?source=rss------bug_bounty-5 | Aleksa Zatezalo | hackerone, sql-injection, bug-bounty, burpsuite, hacking | 19-Jan-2025 |
Unlimited XSS | This is the Dumbest Way to Find XSS Bug | https://medium.com/readers-club/unlimited-xss-this-is-the-dumbest-way-to-find-xss-bug-6ee92de5df38?source=rss------bug_bounty-5 | Abhijeet kumawat | infosec, xss-attack, money, bug-bounty, hacking | 19-Jan-2025 |
From Path Traversal to RCE: A $40,000 Bug Bounty Journey | https://medium.com/@ibtissamhammadi/from-path-traversal-to-rce-a-40-000-bug-bounty-journey-a8316994ab3d?source=rss------bug_bounty-5 | Ibtissam Hammadi | infosec, hacking-tutorial, remote-code-execution, bug-bounty, web-security | 19-Jan-2025 |
Monsif Hmouri: بين الأخلاقيات التقنية والنضال من أجل العدالة | https://monsifhmouri.medium.com/monsif-hmouri-%D8%A8%D9%8A%D9%86-%D8%A7%D9%84%D8%A3%D8%AE%D9%84%D8%A7%D9%82%D9%8A%D8%A7%D8%AA-%D8%A7%D9%84%D8%AA%D9%82%D9%86%D9%8A%D8%A9-%D9%88%D8%A7%D9%84%D9%86%D8%B6%D8%A7%D9%84-%D9%85%D9%86-%D8%A3%D8%AC%D9%84-%D8%A7%D9%84%D8%B9%D8%AF%D8%A7%D9%84%D8%A9-dd651dada725?source=rss------bug_bounty-5 | MONSIF HMOURI | bug-bounty, cybersecurity, palestinian-cause, digital-activism, ethical-hacking | 19-Jan-2025 |
Choosing Your First Program in Bug Bounties: A Beginner’s Guide | https://it4chis3c.medium.com/choosing-your-first-program-in-bug-bounties-a-beginners-guide-6b27c58316da?source=rss------bug_bounty-5 | It4chis3c | bug-bounty-writeup, bug-bounty-tips, secrets, roadmaps, bug-bounty | 19-Jan-2025 |
How i am Starting my Bug Hunting..? | https://medium.com/@Charon19d/how-i-am-starting-my-bug-hunting-7a727e3dfb74?source=rss------bug_bounty-5 | Charon19d | hacking, learning, cybersecurity, bug-bounty, bug-hunting | 19-Jan-2025 |
Command Injection for Beginners: From Detection to Exploitation | https://medium.com/@HackerNasr/command-injection-for-beginners-from-detection-to-exploitation-8e7816dcb53d?source=rss------bug_bounty-5 | HackerNasr | cyber-secuity, bug-bounty, information-security, security-research | 19-Jan-2025 |
Wolf Haldenstein Data Breach Impacts 3.4 Million Individuals | https://medium.com/@wiretor/wolf-haldenstein-data-breach-impacts-3-4-million-individuals-8e567c04e0b6?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, money, ai, hacker, bug-bounty | 19-Jan-2025 |
Star Blizzard Hackers Abuse WhatsApp to Target High-Value Diplomats | https://medium.com/@wiretor/star-blizzard-hackers-abuse-whatsapp-to-target-high-value-diplomats-beed8a06a0ec?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ai, hacker, money, bug-bounty, malware | 19-Jan-2025 |
CVE-2024–57767: Critical Server-Side Request Forgery (SSRF) Vulnerability | https://medium.com/@wiretor/cve-2024-57767-critical-server-side-request-forgery-ssrf-vulnerability-722db6cbba17?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, ai, bug-bounty, money, ssrf | 19-Jan-2025 |
How I Found a SQL Injection Vulnerability in website | https://medium.com/@Bl4cky/how-i-found-a-sql-injection-vulnerability-in-website-56a8b2b1edab?source=rss------bug_bounty-5 | Bl4cky | penetration-testing, sqlmap, bug-bounty, sql-injection, pentest | 19-Jan-2025 |
API Testing | https://0xy37.medium.com/api-testing-9de53e7736d3?source=rss------bug_bounty-5 | Yara AlHumaidan (0xy37) | bug-bounty, security, api, api-testing | 19-Jan-2025 |
From Low to Whoa: Elevating a P5 SSRF to a P3 | https://medium.com/@loayahmed686/from-low-to-whoa-elevating-a-p5-ssrf-to-a-p3-6db1afdbde4c?source=rss------bug_bounty-5 | r00t | bug-bounty-tips, bug-bounty, bug-bounty-writeup | 19-Jan-2025 |
How Did a Simple Path Traversal to RCE Bug Land Me $40K? | https://medium.com/@ibtissamhammadi/how-did-a-simple-path-traversal-to-rce-bug-land-me-40k-e20aecb162b0?source=rss------bug_bounty-5 | Ibtissam Hammadi | cybersecurity, information-security, ethical-hacking, bug-bounty | 18-Jan-2025 |
The Road to CRTP Cert — Part 16 | https://medium.com/@dineshkumaar478/the-road-to-crtp-cert-part-16-edc129cf1277?source=rss------bug_bounty-5 | Dineshkumaar R | pentesting, hacking, cybersecurity, active-directory, bug-bounty | 18-Jan-2025 |
How to Stay Anonymous While Doing OSINT | https://medium.com/@paritoshblogs/how-to-stay-anonymous-while-doing-osint-519f607fa79d?source=rss------bug_bounty-5 | Paritosh | threat-intelligence, osint, hacking, bug-bounty, chatgpt | 18-Jan-2025 |
Bug Bounty | Privilege Escalation From Admin To Owner | https://medium.com/@yog_sahare/bug-bounty-privilege-escalation-from-admin-to-owner-90d86e2395e6?source=rss------bug_bounty-5 | Yog Sahare | bug-bounty, bug-bounty-writeup, privilege-escalation, vulnerability, idor-vulnerability | 18-Jan-2025 |
Google XSS Game | https://medium.com/@PhilopaterSh/google-xss-game-6dbd1c8b3eb8?source=rss------bug_bounty-5 | Philopater Shenouda | google-xss-game, xss-attack, xss-challenge, web-penetration-testing, bug-bounty | 18-Jan-2025 |
AI-Powered Recon: Unearthing PII from Non-English Files | https://bunny0417.medium.com/ai-powered-recon-unearthing-pii-from-non-english-files-4bf9e91e6b6b?source=rss------bug_bounty-5 | Aayush kumar | bugbounty-writeup, infosec, bug-bounty-tips, bug-bounty, ai-security | 18-Jan-2025 |
This 200 Dorks cheats can change your life. | https://medium.com/@anandrishav2228/this-200-dorks-cheats-can-change-your-life-13217162aba4?source=rss------bug_bounty-5 | Rishav anand | hacking, bug-bounty, money, google-dork, cybersecurity | 18-Jan-2025 |
Threat Hunting Tool: Email Analyzer | https://hackerassociate.medium.com/threat-hunting-tool-email-analyzer-19518c7d2645?source=rss------bug_bounty-5 | Harshad Shah | infosec, bug-bounty, cyberattack, threat-hunting, cybersecurity | 18-Jan-2025 |
WIFI Hacking , user and password hacking [How hackers get Password of any wifi network] | https://medium.com/@hrofficial62/wifi-hacking-user-and-password-hacking-how-hackers-get-password-of-any-wifi-network-015ae6575bed?source=rss------bug_bounty-5 | Mr Horbio | bug-bounty, hacking, wifi, cybersecurity, pentesting | 18-Jan-2025 |
Comprehensive Scripts for Red teaming | https://saconychukwu.medium.com/comprehensive-scripts-for-red-teaming-72c3d2980369?source=rss------bug_bounty-5 | Sacony Chukwu | hacking, cybersecurity, bug-bounty-writeup, bug-bounty, bug-bounty-tips | 18-Jan-2025 |
Basic Linux Commands Every Newbie Bug Bounty Hunter Should Know | https://bitpanic.medium.com/basic-linux-commands-every-newbie-bug-bounty-hunter-should-know-d990da113f1c?source=rss------bug_bounty-5 | Spectat0rguy | cybersecurity, bug-bounty-tips, bug-bounty, technology, programming | 18-Jan-2025 |
Unlocking the Doors: How I Took Over Accounts with a Single Flaw! | https://medium.com/@omdubey170/unlocking-the-doors-how-i-took-over-accounts-with-a-single-flaw-239900ab5ee9?source=rss------bug_bounty-5 | Omdubey | bug-bounty-tips, bug-bounty-writeup, bugs, cybersecurity, bug-bounty | 18-Jan-2025 |
Re-captcha token generating secret key leaking identified via way back machine | https://medium.com/@swaroopvenkat828/re-captcha-token-generating-secret-key-leaking-identified-via-way-back-machine-8b7fc04e90f8?source=rss------bug_bounty-5 | swaroop 04|16 | bug-bounty, wayback-machine, bug-bounty-writeup, bugbounty-tips, sensitive-information | 18-Jan-2025 |
Master Bug Bounty Recon: Using GoWitness and Eyeballer to Uncover Juicy Subdomains | https://medium.com/@hacker_might/master-bug-bounty-recon-using-gowitness-and-eyeballer-to-uncover-juicy-subdomains-c7f79a3f3d06?source=rss------bug_bounty-5 | hacker_might | recon, bug-bounty-tips, tools, bug-bounty, reconnaissance | 18-Jan-2025 |
Game Real-Time Communication Is Vulnerability higher impact than XSS and ATO | https://medium.com/@bylyblyblybly/game-real-time-communication-is-vulnerability-higher-impact-than-xss-and-ato-c3d6b9ba77e5?source=rss------bug_bounty-5 | Bylyblyblybly | bug-bounty, gamehacking, android-bugs, cyper-security, android-security | 18-Jan-2025 |
Stored XSS to Admin in Unauthenticated-WordPress | https://infosecwriteups.com/stored-xss-to-admin-in-unauthenticated-wordpress-cb76bae66623?source=rss------bug_bounty-5 | c0d3x27 | bug-bounty, javascript, cybersecurity, hacking, software-development | 18-Jan-2025 |
Tools Used by Bug Bounty Hunters: A Comprehensive Guide | https://medium.com/@ajudeb55/tools-used-by-bug-bounty-hunters-a-comprehensive-guide-c5286a0da36a?source=rss------bug_bounty-5 | Aju Deb | cybersecurity, bug-bounty, hacking, programming, python | 18-Jan-2025 |
IDOR to Partial Access and ACCOUNT TAKEOVER in a Top 5 Cloud Storage Platform | https://q19.medium.com/idor-to-partial-access-and-account-takeover-in-a-top-5-cloud-storage-platform-844707a2cc01?source=rss------bug_bounty-5 | Q19 | hacking, security, bug-bounty, vulnerability | 18-Jan-2025 |
Otelier Data Breach Exposes Info, Hotel Reservations of Millions | https://medium.com/@wiretor/otelier-data-breach-exposes-info-hotel-reservations-of-millions-14e75e47e589?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | money, ai, malware, breach, bug-bounty | 18-Jan-2025 |
Malicious PyPi Package Steals Discord Auth Tokens from Developers | https://medium.com/@wiretor/malicious-pypi-package-steals-discord-auth-tokens-from-developers-2a6707bb84f7?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, ai, money, bug-bounty, python | 18-Jan-2025 |
Tool Overview | https://xss0r.medium.com/tool-overview-6c255fe7ec9b?source=rss------bug_bounty-5 | xss0r | xss0, bug-bounty, xss0rrecon, recon | 18-Jan-2025 |
Find First Bug for Beginner Bounty Hunters | https://infosecwriteups.com/find-first-bug-for-beginner-bounty-hunters-533f2da9dab1?source=rss------bug_bounty-5 | Mr Horbio | hacking, ethical-hacking, pentesting, bug-bounty, cybersecurity | 18-Jan-2025 |
WIFI Hacking , user and password hacking [How hackers get Password of any wifi network] | https://infosecwriteups.com/wifi-hacking-user-and-password-hacking-how-hackers-get-password-of-any-wifi-network-015ae6575bed?source=rss------bug_bounty-5 | Mr Horbio | bug-bounty, hacking, wifi, cybersecurity, pentesting | 18-Jan-2025 |
Zero Click Account Takeover — JWT Token Manipulation via Programs HackerOne | https://medium.com/@HackerPlus/zero-click-account-takeover-jwt-token-manipulation-via-programs-hackerone-07da3868ada9?source=rss------bug_bounty-5 | HackerPlus+ | bugcrowd, js, hackerone, jwt, bug-bounty | 18-Jan-2025 |
Cross-Site Scripting (XSS) attacks | https://medium.com/@rishuraj2666/cross-site-scripting-xss-attacks-cbb84d7f912d?source=rss------bug_bounty-5 | Rishuraj | xss-vulnerability, cybersecurity, security-researchers, hacking, bug-bounty | 18-Jan-2025 |
S3Bucket Enumeration and Takeover | https://medium.com/@sahusujal.dev2004/s3bucket-enumeration-and-takeover-f1ff24ad8187?source=rss------bug_bounty-5 | Sujal Sahu | bug-bounty, s3-bucket, cybersecurity, information-disclosure, bucket-takeover | 18-Jan-2025 |
How I Discovered a Password Reset Vulnerability on a Web Application | https://medium.com/@Dorking1/how-i-discovered-a-password-reset-vulnerability-on-a-web-application-14fe29f9499c?source=rss------bug_bounty-5 | Dorking1 | penetration-testing, bug-bounty, cybersecurity | 18-Jan-2025 |
Day 2 — Hacker101 MicroCMS v1 Flag 3 Write-Up | https://medium.com/@devinmack39/hacker101-microcms-v1-flag-3-write-up-db82e442b922?source=rss------bug_bounty-5 | Devin McCullum | appsec, learning, bug-bounty | 17-Jan-2025 |
Critical Vulnerability Alert: CVE-2025-22949 – Tenda AC9 Router Command Injection | https://medium.com/@muhammetalgan3547/critical-vulnerability-alert-cve-2025-22949-tenda-ac9-router-command-injection-3fe10252a835?source=rss------bug_bounty-5 | Muhammet ALGAN | bug-bounty, network-security, hacking, vulnerability, cybersecurity | 17-Jan-2025 |
Android Intent Redirection: A Hacker’s Gateway to Internal Components | https://medium.com/@0x3adly/android-intent-redirection-a-hackers-gateway-to-internal-components-ebe126bbb2e0?source=rss------bug_bounty-5 | Anas Eladly ( 0x3adly ) | cybersecurity, bug-bounty, mobile-security, penetration-testing, android | 17-Jan-2025 |
One More Easy Bug | HTML Injection | https://medium.com/@kumawatabhijeet2002/one-more-easy-bug-html-injection-4279fccabbc6?source=rss------bug_bounty-5 | Abhijeet kumawat | infosec, money, bug-bounty, hacking, bug-bounty-tips | 17-Jan-2025 |
One More Easy Bug | HTML Injection | https://cybersecuritywriteups.com/one-more-easy-bug-html-injection-4279fccabbc6?source=rss------bug_bounty-5 | Abhijeet kumawat | infosec, money, bug-bounty, hacking, bug-bounty-tips | 17-Jan-2025 |
Stored DOM-based XSS Vulnerability on VPSServer.com | https://medium.com/@hasanfahad769/stored-dom-based-xss-vulnerability-on-vpsserver-com-f96980104e4b?source=rss------bug_bounty-5 | Fahad Hossain | bug-bounty, cybersecurity, web-security-testing | 17-Jan-2025 |
Focusing on Expired Sessions to Uncover IDOR Vulnerabilities | https://medium.com/@alvinbijo_174/focusing-on-expired-sessions-to-uncover-idor-vulnerabilities-75f5055c7452?source=rss------bug_bounty-5 | session-x | bugs, bug-bounty, bug-bounty-tips, bugbounting, bugbounty-writeup | 17-Jan-2025 |
Collected XSS Payloads ⛏✌️⬇️ | https://medium.com/@alvinbijo_174/collected-xss-payloads-%EF%B8%8F-%EF%B8%8F-da7df1be4bbb?source=rss------bug_bounty-5 | session-x | hacking, bugbounty-tips, idor, bugbounty-writeup, bug-bounty | 17-Jan-2025 |
Privilege Escalation in 5 minutes: When you’re just one URL away from becoming the Boss… | https://medium.com/@forte.social/privilege-escalation-in-5-minutes-when-youre-just-one-url-away-from-becoming-the-boss-32a1f0934a0b?source=rss------bug_bounty-5 | eSecForte | bug-bounty, bugbounty-tips, hacking, privilege-escalation, web-app-security | 17-Jan-2025 |
Account Takeover: Trading OAuth Codes for fun and profit | https://medium.com/@sazouki/account-takeover-trading-oauth-codes-for-fun-and-profit-f65463e9a6c9?source=rss------bug_bounty-5 | Sazouki | bugbounty-writeup, bug-bounty | 17-Jan-2025 |
Hacker101 MicroCMS v1 Flag 3 Write-Up | https://medium.com/@devinmack39/hacker101-microcms-v1-flag-3-write-up-db82e442b922?source=rss------bug_bounty-5 | Devin McCullum | appsec, learning, bug-bounty | 17-Jan-2025 |
Why You Should Start a Bug Bounty Program for Your Mobile Applications | https://medium.com/@hackrate/why-you-should-start-a-bug-bounty-program-for-your-mobile-applications-a476c3646978?source=rss------bug_bounty-5 | Levente Molnar | cybersecurity, bug-bounty, ethical-hacking, bug-bounty-tips, hacking | 17-Jan-2025 |
XSS: Bypass CloudFront WAF | https://medium.com/@n45ht/xss-bypass-cloudfront-waf-9d0c8a12dc33?source=rss------bug_bounty-5 | N45HT | bug-bounty-writeup, cross-site-scripting, xs, bug-bounty-tips, bug-bounty | 17-Jan-2025 |
How I Hacked Hackers Account | https://0xshuvo.medium.com/how-i-hacked-hackers-account-d5409b095133?source=rss------bug_bounty-5 | Shuvo Kumar Saha | bugbounty-writeup, idor, infose, bug-bounty, bugbounty-tips | 17-Jan-2025 |
Account Takeover via IDOR form JWT Programs HackerOne 2500$ | https://medium.com/@HackerPlus/account-takeover-via-idor-form-jwt-programs-hackerone-2500-0a378fe2c951?source=rss------bug_bounty-5 | HackerPlus+ | hackerone, hacker, bug-hunting, bugcrowd, bug-bounty | 17-Jan-2025 |
The rise of scammer bug bounty programs — and the reason I quit bug bounty hunting. | https://medium.com/@brotheralameen/the-rise-of-scammer-bug-bounty-programs-and-the-reason-i-quit-bug-bounty-hunting-4cc661c92e09?source=rss------bug_bounty-5 | Alameen Karim Merali | bugs, bug-bounty-writeup, bug-bounty, bug-bounty-tips, cybersecurity | 17-Jan-2025 |
Leaking PII at Scale: How Third Parties Can Unintentionally Put Your Data at Risk. | https://medium.com/@omarahmed_13016/leaking-pii-at-scale-how-third-parties-can-unintentionally-put-your-data-at-risk-6101fcb3d5e0?source=rss------bug_bounty-5 | Omar Ahmed | hacking, writeup, vulnerability, hackerone, bug-bounty | 17-Jan-2025 |
Web Directory Free Plugin <= 1.7.2: Unauthenticated LFI Exploit (CVE-2024-3673) | https://bashoverflow.medium.com/web-directory-free-plugin-1-7-2-unauthenticated-lfi-exploit-cve-2024-3673-f3721f79477d?source=rss------bug_bounty-5 | Bash Overflow | cve-2024-3673, unauthenticated-lfi, bug-bounty, bug-bounty-tips, exploiting-lfi | 17-Jan-2025 |
US Sanctions Chinese Firm and Hacker Behind Treasury and Telecom Hacks | https://medium.com/@wiretor/us-sanctions-chinese-firm-and-hacker-behind-treasury-and-telecom-hacks-c25cfb0ae32a?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, money, ai, hacking, malware | 17-Jan-2025 |
US Cracks Down on North Korea’s IT Worker Army with New Sanctions | https://medium.com/@wiretor/us-cracks-down-on-north-koreas-it-worker-army-with-new-sanctions-e95efd40850a?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, north, malware, money, ai | 17-Jan-2025 |
W3 Total Cache Plugin Flaw Exposes Over 1 Million WordPress Sites to Attacks | https://medium.com/@wiretor/w3-total-cache-plugin-flaw-exposes-over-1-million-wordpress-sites-to-attacks-15e0b6ace4e0?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, marketing, ai, malware, hacker | 17-Jan-2025 |
100 Free Tools To Supercharge Your Bug Bounty Journey | https://bitpanic.medium.com/100-free-tools-to-supercharge-your-bug-bounty-journey-747ffb5d4bef?source=rss------bug_bounty-5 | Spectat0rguy | cybersecurity, bug-bounty, bug-bounty-tips, programming, technology | 17-Jan-2025 |
Finding a easy p4 it can be worth 200$ | https://medium.com/infosecmatrix/finding-a-easy-p4-it-can-be-worth-200-5d65a9faad0b?source=rss------bug_bounty-5 | loyalonlytoday | hacking, ethical-hacking, bugs, bug-bounty, cybersecurity | 16-Jan-2025 |
Day One — HACKER 101 MicroCMS v1 Flag 1 — CTF | https://medium.com/@devinmack39/day-one-hacker-101-microcms-v1-flag-1-ctf-eb606905eea7?source=rss------bug_bounty-5 | Devin McCullum | bug-bounty, web-app-security, learning-and-development, ctf-writeup, sql-injection | 16-Jan-2025 |
This is The Easiest Bug You Can Find✨ | https://cybersecuritywriteups.com/this-is-the-easiest-bug-you-can-find-feadc3ef95a5?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, money, hacking, infosec, easy | 16-Jan-2025 |
Capturing of Network Traffic Using Wireshark Tool | https://mhmmuneef.medium.com/capturing-of-network-traffic-using-wireshark-tool-09a9926f18dd?source=rss------bug_bounty-5 | Mohammed Muneef | networking, cybersecurity, technology, bug-bounty, hacking | 16-Jan-2025 |
Kicking Off 2025: Findings on U.S. Department of Energy | https://cybersecuritywriteups.com/kicking-off-2025-findings-on-u-s-department-of-energy-a92149e43102?source=rss------bug_bounty-5 | Guru Prasad Pattanaik || TH3N00BH4CK3R | ethical-hacking, bug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips | 16-Jan-2025 |
How to Tackle Vulnerable JavaScript Dependencies: Lessons from the Kerala Government Website | https://medium.com/@ashwin74/how-to-tackle-vulnerable-javascript-dependencies-lessons-from-the-kerala-government-website-220722709ac4?source=rss------bug_bounty-5 | ASHWIN KUMAR | bug-bounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity, javascript | 16-Jan-2025 |
Bug Bounty is live: Code breakers, welcome to Apillon! | https://blog.apillon.io/bug-bounty-is-live-code-breakers-welcome-to-apillon-6dd4ff40fc82?source=rss------bug_bounty-5 | Apillon | apillon-news, web3, bug-bounty, web3-development, rewards-programs | 16-Jan-2025 |
Cybersecurity with AI Roadmap in 2025 | https://medium.com/@anandrishav2228/cybersecurity-with-ai-roadmap-in-2025-25ced0372d5b?source=rss------bug_bounty-5 | Rishav anand | roadmaps, hacking, ai, bug-bounty, cybersecurity | 16-Jan-2025 |
My first step into Bug Bounty | https://medium.com/@n4itr0_07/my-first-step-into-bug-bounty-718d967e0576?source=rss------bug_bounty-5 | N4!TR0 07 | bug-bounty-writeup, sql-injection, bug-bounty-tips, security, bug-bounty | 16-Jan-2025 |
Hack The Box Curling Writeup:[Linux][Retired] | https://medium.com/@vignesh6872610/hack-the-box-curling-writeup-linux-retired-7be2cc094707?source=rss------bug_bounty-5 | Vignesh P | bug-bounty-tips, hackthebox-writeup, retiredmachine, hackthebox, bug-bounty | 16-Jan-2025 |
CISA Adds Two New Actively Exploited Vulnerabilities to Known Exploited Vulnerabilities Catalog | https://medium.com/@shalomo.social/cisa-adds-two-new-actively-exploited-vulnerabilities-to-known-exploited-vulnerabilities-catalog-023c1bd81754?source=rss------bug_bounty-5 | Shalomo Agarwarkar | cybersecurity, data-science, business, programming, bug-bounty | 16-Jan-2025 |
Using Full potential of Virustotal for Bugbounty | https://osintteam.blog/using-full-potential-of-virustotal-for-bugbounty-51d27750f588?source=rss------bug_bounty-5 | loyalonlytoday | hacking, bug-bounty, bugs, ethical-hacking, cybersecurity | 16-Jan-2025 |
A Journey of Limited Path Traversal To RCE With $40,000 Bounty! | https://medium.com/@HX007/a-journey-of-limited-path-traversal-to-rce-with-40-000-bounty-fc63c89576ea?source=rss------bug_bounty-5 | HX007 | programming, hacking, cybersecurity, security, bug-bounty | 16-Jan-2025 |
OTP BYPASS TECHNIQUE its My StOry [sweet and sour] | https://medium.com/infosec-notes/otp-bypass-technique-its-my-story-sweet-and-sour-3e96b9eb63a0?source=rss------bug_bounty-5 | Mr Horbio | pentesting, hacking, bug-bounty, cybersecurity, ethical-hacking | 16-Jan-2025 |
Java Script file analysis to find bugs | https://medium.com/@hrofficial62/java-script-file-analysis-to-find-bugs-1fb865fee83e?source=rss------bug_bounty-5 | Mr Horbio | ethical-hacking, pentesting, bug-bounty, hacking, cybersecurity | 16-Jan-2025 |
Bug Bounty Unlocked: Secrets, Strategies, and Mindset Hacks for Success | https://it4chis3c.medium.com/bug-bounty-unlocked-secrets-strategies-and-mindset-hacks-for-success-e5d94a632220?source=rss------bug_bounty-5 | It4chis3c | mindset, secrets, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 16-Jan-2025 |
Bounty Hunters Take Note: How Leaked Zoom Links Can Unveil Security Flaws | https://bevijaygupta.medium.com/bounty-hunters-take-note-how-leaked-zoom-links-can-unveil-security-flaws-9f524423b5bc?source=rss------bug_bounty-5 | Vijay Kumar Gupta | zoom-meetings, securityflaw, bug-bounty, security, zoom | 16-Jan-2025 |
Hackers Leak Configs and VPN Credentials for 15,000 FortiGate Devices | https://medium.com/@wiretor/hackers-leak-configs-and-vpn-credentials-for-15-000-fortigate-devices-c9586b6e6051?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ai, money, vpn, hacker, bug-bounty | 16-Jan-2025 |
How to pass EMAPT exam | https://medium.com/@nomad8061/how-to-pass-emapt-exam-78bed982d061?source=rss------bug_bounty-5 | Ahmed Badry | ine, bug-bounty, bug-bounty-writeup, bug-bounty-tips, emapt | 16-Jan-2025 |
Exploring CORS Misconfiguration Vulnerabilities in Modern Applications | https://rootast.medium.com/exploring-cors-misconfiguration-vulnerabilities-in-modern-applications-def492a23e95?source=rss------bug_bounty-5 | Arash Shahbazi | cross-origin-resource, pentest, owasp-top-10, web-application-security, bug-bounty | 16-Jan-2025 |
The Top 8 Kali Linux Tools For 2025 | https://mhmmuneef.medium.com/the-top-8-kali-linux-tools-for-2025-d5904319b1d7?source=rss------bug_bounty-5 | Mohammed Muneef | bug-bounty, technology, hacking, kali-linux, cybersecurity | 16-Jan-2025 |
What You Can Expect: A Personal Introduction and Blog Overview | https://medium.com/@T3chnocr4t/what-you-can-expect-a-personal-introduction-and-blog-overview-3a0a6cc984f6?source=rss------bug_bounty-5 | T3chnocr4t | bug-bounty-writeup, writeup, bug-bounty-tips, cybersecurity, bug-bounty | 15-Jan-2025 |
Metasploit for Beginners — A Guide to the Powerful Exploitation Framework | https://medium.com/@manishmshiva/metasploit-for-beginners-a-guide-to-the-powerful-exploitation-framework-a8b4245c8893?source=rss------bug_bounty-5 | Manish Shivanandhan | cybersecurity, bug-bounty, penetration-testing, metasploit, ethical-hacking | 15-Jan-2025 |
Hack with your mind! That’s enough? | https://osintteam.blog/hack-with-your-mind-thats-enough-1c6b645d1384?source=rss------bug_bounty-5 | Abu Hurayra | infosec, ethical-hacking, cybersecurity, bug-bounty, hacking | 15-Jan-2025 |
NTLM Auth Disclosing Internal System Info via HTTP/2 to HTTP/1.1 Downgrade | https://medium.com/meetcyber/ntlm-auth-disclosing-internal-system-info-via-http-2-to-http-1-1-downgrade-603cc35c2dc4?source=rss------bug_bounty-5 | AbhirupKonwar | pentesting, cybersecurity, bug-bounty, infosec, vulnerability | 15-Jan-2025 |
kya medium account jo suspend ho giya vo vapes aya ga .?? | https://medium.com/@subhash_9358/kya-medium-account-jo-suspend-ho-giya-vo-vapes-aya-ga-1d480676922e?source=rss------bug_bounty-5 | Schoudhary | bug-bounty, culture, cryptocurrency, business, artificial-intelligence | 15-Jan-2025 |
Bypassing Razer’s WAF for XSS | https://medium.com/@n45ht/bypassing-razers-waf-for-xss-afcaea744ab4?source=rss------bug_bounty-5 | N45HT | bug-bounty-tips, bug-bounty-writeup, bug-bounty, xs, cross-site-scripting | 15-Jan-2025 |
My 2nd Bounty on the Same Company Again: ¥15,000 for a Medium Bug | https://medium.com/@dibyaranjanmohanta2806/my-2nd-bounty-on-the-same-company-again-15-000-for-a-medium-bug-e3dd70c0d40a?source=rss------bug_bounty-5 | Dibyaranjanmohanta | money, currency, reporting, bug-bounty, japan | 15-Jan-2025 |
Exploiting IDOR in a Support Portal Chatbot | https://infosecwriteups.com/exploiting-idor-in-a-support-portal-chatbot-f1d0617bace1?source=rss------bug_bounty-5 | Supun Halangoda (Suppa) | bug-bounty, idor-vulnerability, bugbounty-tips, cybersecurity | 15-Jan-2025 |
EMC Mainnet Is Live! Join the Bug Bounty Blitz Program and Earn Rewards! | https://medium.com/@EdgeMatrixChain/emc-mainnet-is-live-join-the-bug-bounty-blitz-program-and-earn-rewards-f309b16ee396?source=rss------bug_bounty-5 | EMC ( Edge Matrix Chain) | ai, mainnet, depin, emc, bug-bounty | 15-Jan-2025 |
Stored XSS Found in Query Parameters of dhtmlxGrid.js on NASA.gov Subdomain (P3) | https://medium.com/@aleenscode/stored-xss-found-in-query-parameters-of-dhtmlxgrid-js-on-nasa-gov-subdomain-p3-2b343fa5f045?source=rss------bug_bounty-5 | Aleenscode | bug-bounty, hackerone, bugcrowd, cross-site-scripting, cybersecurity | 15-Jan-2025 |
User Enumeration: From Overlooked to Medium-Impact Bug | https://infosecwriteups.com/user-enumeration-from-overlooked-to-medium-impact-bug-48bbefa2ab3b?source=rss------bug_bounty-5 | callgh0st | genocide, bug-bounty, hacking, email, palestine | 15-Jan-2025 |
The Future of Bug Bounty and Penetration Testing | https://medium.com/@hackrate/the-future-of-bug-bounty-and-penetration-testing-bce3f23cb095?source=rss------bug_bounty-5 | Levente Molnar | bug-bounty, penetration-testing, ethical-hacking, hacking, cybersecurity | 15-Jan-2025 |
I found Reflected XSS on another university’s website | https://medium.com/@Bl4cky/hunting-reflected-xss-uncovering-vulnerabilities-on-university-websites-daa6c5ac790d?source=rss------bug_bounty-5 | Bl4cky | xss-attack, pentest, reflected-xss, bug-bounty | 15-Jan-2025 |
What Is Bug Bounty Hunting? A Complete Guide | https://medium.com/@atnoforcybersecurity/what-is-bug-bounty-hunting-a-complete-guide-58f7019e5871?source=rss------bug_bounty-5 | ATNO For Cybersecurity | Hacking | bug-bounty, hacking, network-security, cybersecurity | 15-Jan-2025 |
Allstate Faces Lawsuit for Tracking Drivers Without Permission | https://medium.com/@wiretor/allstate-faces-lawsuit-for-tracking-drivers-without-permission-e53b2cf5ed6b?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ai, malware, money, hacker, bug-bounty | 15-Jan-2025 |
Web Cache Poisoning: Turning Speed into a Security Nightmare | https://medium.com/@bughunt.bochi/web-cache-poisoning-turning-speed-into-a-security-nightmare-b2cde92e1036?source=rss------bug_bounty-5 | Bochixx | cyber-security-awareness, ethical-hacking, vulnerability, bug-bounty, web-cache-poisoning | 15-Jan-2025 |
Zero Day Alert: Google OAuth Flaw Could Expose Abandoned Accounts | https://medium.com/@wiretor/zero-day-alert-google-oauth-flaw-could-expose-abandoned-accounts-40dbaa77260d?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ai, money, bug-bounty, zero-day, business | 15-Jan-2025 |
FBI Deletes Chinese PlugX Malware from Thousands of US Computers | https://medium.com/@wiretor/fbi-deletes-chinese-plugx-malware-from-thousands-of-us-computers-f212a3f27f14?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, ai, hacker, fbi, money | 15-Jan-2025 |
Basics of Bypassing Authentication Mechanisms | https://bitpanic.medium.com/cracking-the-code-how-hackers-bypass-authentication-mechanisms-efa9a09f41ea?source=rss------bug_bounty-5 | Spectat0rguy | bug-bounty, bug-bounty-tips, technology, cybersecurity, programming | 15-Jan-2025 |
How I Found and Reported a Critical Credential Stuffing Bug Worth $2000 | https://medium.com/@sc128496/how-i-found-and-reported-a-critical-credential-stuffing-bug-worth-2000-a76d3b4eebb2?source=rss------bug_bounty-5 | Sahil Choudhary | technology, information-security, hacking, cybersecurity, bug-bounty | 15-Jan-2025 |
how I found a Google map it’s worth 300$ | https://cybersecuritywriteups.com/how-i-found-a-google-map-its-worth-300-99da8061fc67?source=rss------bug_bounty-5 | loyalonlytoday | cybersecurity, bug-bounty, ethical-hacking, hacking, bugs | 15-Jan-2025 |
Best Resources for Learning Cybersecurity: A Student’s Guide | https://medium.com/@himzyoti.talukdar1234/best-resources-for-learning-cybersecurity-a-students-guide-002694679378?source=rss------bug_bounty-5 | Himjyoti talukdar | penetration-testing, ctf, infosec, bug-bounty, cybersecurity | 15-Jan-2025 |
How i found RXSS in href Attribute | https://medium.com/@mohaned0101/how-i-found-rxss-in-href-attribute-13a85e4e2c4d?source=rss------bug_bounty-5 | mohaned alkhlot | xss-attack, bug-bounty, bug-bounty-tips, xss-vulnerability | 15-Jan-2025 |
Account Takeover in Mobile Apps: How to Exploit Vulnerabilities | https://medium.com/meetcyber/account-takeover-in-mobile-apps-how-to-exploit-vulnerabilities-dc1b55ef6891?source=rss------bug_bounty-5 | Erkan Kavas | account-take-over, mobile-app-development, phishing, bug-bounty, cybersecurity | 15-Jan-2025 |
Tips to find Stored XSS [Bug_Bounty_Tips] | https://medium.com/infosec-notes/tips-to-find-stored-xss-bug-bounty-tips-86cb62a529c8?source=rss------bug_bounty-5 | Mr Horbio | bug-bounty, xss-attack, bugbounty-writeup, cybersecurity, pentesting | 14-Jan-2025 |
OWASP Top 10 Testing Guide V4 Checklist | https://medium.com/@enigma_/owasp-top-10-testing-guide-v4-checklist-02448c971539?source=rss------bug_bounty-5 | enigma_ | owasp, oscp, infosec, cybersecurity, bug-bounty | 14-Jan-2025 |
The Road to CRTP Cert — Part 15 | https://medium.com/@dineshkumaar478/the-road-to-crtp-cert-part-15-d9ab41f827a4?source=rss------bug_bounty-5 | Dineshkumaar R | cybersecurity, bug-bounty, active-directory, hacking, offensive-security | 14-Jan-2025 |
OWASP Top 10 Testing Guide V4 Checklist | https://infosecwriteups.com/owasp-top-10-testing-guide-v4-checklist-02448c971539?source=rss------bug_bounty-5 | enigma_ | owasp, oscp, infosec, cybersecurity, bug-bounty | 14-Jan-2025 |
Mobile Pentesting Tools | https://hackerassociate.medium.com/mobile-pentesting-tools-479b797cd6a5?source=rss------bug_bounty-5 | Harshad Shah | cybersecurity, infosec, pentesting, bug-bounty, mobile-app-development | 14-Jan-2025 |
From Zero to Bounty — My Journey as a Bug Hunter | https://medium.com/@joaovmb15/from-zero-to-bounty-my-journey-as-a-bug-hunter-44d2bd63f657?source=rss------bug_bounty-5 | 0xJotave | bug-hunter, bug-hunting, cybersecurity, bug-bounty | 14-Jan-2025 |
Nmap Cheat Sheet: Essential Commands and Advanced Techniques for Scanning | https://medium.com/@verylazytech/nmap-cheat-sheet-essential-commands-and-advanced-techniques-for-scanning-2274e21654e0?source=rss------bug_bounty-5 | Very Lazy Tech | oscp, vulnerability, cybersecurity, nmap, bug-bounty | 14-Jan-2025 |
Reflected XSS protected by very strict CSP, with dangling markup attack (Port Swigger XSS Lab) | https://medium.com/@hackllego/reflected-xss-protected-by-very-strict-csp-with-dangling-markup-attack-port-swigger-xss-lab-e8811c2e476d?source=rss------bug_bounty-5 | Hackllego | bug-hunting, pentesting, bug-bounty, bug-bounty-tips, web-security | 14-Jan-2025 |
Simple Tips for Bug Bounty Beginners: Finding Open AWS S3 buckets, impact, and causes | https://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-open-aws-s3-buckets-impact-and-causes-52f252bcddfa?source=rss------bug_bounty-5 | Anish Narayan | cybersecurity, bug-bounty-writeup, programming, bug-bounty-tips, bug-bounty | 14-Jan-2025 |
Improper Authentication in a famous Trading website | https://medium.com/@anonymousshetty2003/improper-authentication-in-a-famous-trading-website-0ffd27fb665e?source=rss------bug_bounty-5 | Anonymousshetty | bug-bounty, otp-bypass, cybersecurity, ethical-hacking, improper-access-control | 14-Jan-2025 |
How I found an account take over by session fixation (Bugbounty) | https://medium.com/@leomsec/how-i-found-an-account-take-over-by-session-fixation-bugbounty-f2551f19be3e?source=rss------bug_bounty-5 | Leonardo | hacking, hacker, bug-bounty-tips, bug-bounty, web-hacking | 14-Jan-2025 |
Bug Bounty Programs: YES or NO? | https://medium.com/@hackrate/bug-bounty-programs-yes-or-no-6b866eea8b01?source=rss------bug_bounty-5 | Levente Molnar | ethical-hacking, bug-bounty-tips, hacking, cybersecurity, bug-bounty | 14-Jan-2025 |
Day 4. The 100-Day Bug Bounty Challenge: Understanding SQL Injection Classic(In-band) | https://mahhesshh.medium.com/day-4-the-100-day-bug-bounty-challenge-understanding-sql-injection-classic-in-band-2b8854d2e0e5?source=rss------bug_bounty-5 | Mahesh Dhakad | hacking, sql-injection, bug-bounty, sqli, cybersecurity | 14-Jan-2025 |
7 Ways to Be Better at Bug Bounty Hunting | https://bitpanic.medium.com/7-ways-to-be-better-at-bug-bounty-hunting-7eae956e500d?source=rss------bug_bounty-5 | Spectat0rguy | technology, bug-bounty-tips, programming, bug-bounty, cybersecurity | 14-Jan-2025 |
Improper Authentication in a famous Trading website | https://medium.com/@anonymousshetty2003/improper-authentication-in-a-famous-trading-website-0ffd27fb665e?source=rss------bug_bounty-5 | Anonymousshetty | bug-bounty, cybersecurity, ethical-hacking, improper-access-control, bug-bounty-tips | 14-Jan-2025 |
How to Use Wireshark: Comprehensive Tutorial + Tips | https://mhmmuneef.medium.com/how-to-use-wireshark-comprehensive-tutorial-tips-24252ed2673d?source=rss------bug_bounty-5 | Mohammed Muneef | bug-bounty, wireshark, cybersecurity, hacking, technology | 14-Jan-2025 |
Guía: instalación de VM + Kali | https://medium.com/@mon.cybersec/gu%C3%ADa-instalaci%C3%B3n-de-vm-kali-fb7230a5263c?source=rss------bug_bounty-5 | Mon Works | kali-linux, hacking, virtualbox, ciberseguridad, bug-bounty | 14-Jan-2025 |
The Definitive Guide to GitHub Recon: Lessons from Analyzing 100+ Reports | https://medium.com/@iamakashce19010/the-definitive-guide-to-github-recon-lessons-from-analyzing-100-reports-bd5d4891a815?source=rss------bug_bounty-5 | Akash | bug-bounty-tips, bug-bounty, bug-bounty-writeup | 14-Jan-2025 |
From Containers to Host: Privilege Escalation Techniques in Docker | https://medium.com/@kankojoseph4/from-containers-to-host-privilege-escalation-techniques-in-docker-487fe2124b8e?source=rss------bug_bounty-5 | Joseph "Sk4r1” KANKO | bug-bounty, cybersecurity, hacking, ethical-hacking, docker | 13-Jan-2025 |
Hire a hacker | https://medium.com/@carl19722401/hire-a-hack-c54710808c3c?source=rss------bug_bounty-5 | Dimitris Nicholas | cybersecurity, hire-a-hacker, find-a-hacker, bug-bounty, ethical-hacking | 13-Jan-2025 |
Stored CSRF via Uploaded HTML File in User Account Document Section | https://medium.com/@dee.gholase/stored-csrf-via-uploaded-html-file-in-user-account-document-section-dbe98e9184a3?source=rss------bug_bounty-5 | Digvijay Gholase | bug-bounty-tips, bug-bounty, infosec, bug-bounty-writeup, cybersecurity | 13-Jan-2025 |
JavaScript Recon | https://anontriager.medium.com/javascript-recon-efd981a85cfc?source=rss------bug_bounty-5 | Anonymous Traiger | jobs, cybersecurity, hacker, programming, bug-bounty | 13-Jan-2025 |
Diving in Android Security | https://anontriager.medium.com/diving-in-android-security-a93f017b16f0?source=rss------bug_bounty-5 | Anonymous Traiger | jobs, hacking, troubleshooting, cybersecurity, bug-bounty | 13-Jan-2025 |
Emerging Cyber Threats: The Latest Trends in Ransomware, Phishing, and APTs | https://medium.com/@paritoshblogs/emerging-cyber-threats-the-latest-trends-in-ransomware-phishing-and-apts-e3393f6410bc?source=rss------bug_bounty-5 | Paritosh | cybersecurity, ransomware, threat-intelligence, hacking, bug-bounty | 13-Jan-2025 |
How I got my name on WHO’s Hall of Fame | https://infosecwriteups.com/how-i-got-my-name-on-whos-hall-of-fame-060d57662b16?source=rss------bug_bounty-5 | RivuDon | bug-bounty, bug-bounty-tips, cybersecurity, hall-of-fame, infosec | 13-Jan-2025 |
Stored CSRF via Uploaded HTML File in User Account Document Section | https://jxycybersec.medium.com/stored-csrf-via-uploaded-html-file-in-user-account-document-section-dbe98e9184a3?source=rss------bug_bounty-5 | Digvijay Gholase | bug-bounty-tips, bug-bounty, infosec, bug-bounty-writeup, cybersecurity | 13-Jan-2025 |
Remember, the key is to stay motivated at every step. | https://medium.com/@rhonnysharma783/linkedin-linkedin-com-in-rhonny-99f682300332?source=rss------bug_bounty-5 | Rhonnysharma | bug-zero, bug-bounty, bug-bounty-tips, bugs, bug-bounty-writeup | 13-Jan-2025 |
Breaking into Jenkins for fun | https://medium.com/@24bkdoor/breaking-into-jenkins-for-fun-7070496521eb?source=rss------bug_bounty-5 | 24BkDoor | cybersecurity, jenkins, hacking, web-development, bug-bounty | 13-Jan-2025 |
Crack the Code — Part 2 | https://it4chis3c.medium.com/crack-the-code-part-2-aeaa5055251e?source=rss------bug_bounty-5 | It4chis3c | bug-bounty, roadmap-to-success, bug-bounty-writeup, bug-bounty-tips, roadmaps | 13-Jan-2025 |
MASS HUNTING TO FIND XSS(CROSS SITE SCRIPTING) | https://medium.com/h7w/mass-hunting-to-find-xss-cross-site-scripting-fd8218822dca?source=rss------bug_bounty-5 | loyalonlytoday | cross-site-scripting, xss-attack, hacking, bugs, bug-bounty | 13-Jan-2025 |
Does Your Company Need a Bug Bounty Program? | https://medium.com/@hackrate/does-your-company-need-a-bug-bounty-program-22d8dc5c1e7f?source=rss------bug_bounty-5 | Levente Molnar | ethical-hacking, bug-bounty-tips, hacking, bug-bounty, cybersecurity | 13-Jan-2025 |
This is How I Turned an Informative Bug into a Valid $500 Bug | https://infosecwriteups.com/this-is-how-i-turned-an-informative-bug-into-a-valid-500-bug-174ffeb94737?source=rss------bug_bounty-5 | Shubham Bhamare | facebook-bug-bounty, bug-bounty-tips, cybersecurity, bug-bounty, infosec | 13-Jan-2025 |
Building Your Own Bug Bounty Lab: A Hands-On Guide with Metasploit and More | https://myselfakash20.medium.com/building-your-own-bug-bounty-lab-a-hands-on-guide-with-metasploit-and-more-9595a71fc4c6?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty-tips, bug-bounty, cybersecurity, technology, bug-bounty-writeup | 13-Jan-2025 |
Critical Vulnerability Discovered: CVE-2025–22567 | https://medium.com/@wiretor/critical-vulnerability-discovered-cve-2025-22567-b0e4d9d852c1?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, bug-bounty, hacker, xss-attack, hacking | 13-Jan-2025 |
Top Hacking Tools and Skills You Need to Learn in 2025 | https://medium.com/@verylazytech/top-hacking-tools-and-skills-you-need-to-learn-in-2025-70cb90650c0f?source=rss------bug_bounty-5 | Very Lazy Tech | cybersecurity, hacking, bug-bounty, 2025, linux | 13-Jan-2025 |
I Changed Someone’s Profile Picture… And They Had No Idea!! | https://infosecwriteups.com/i-changed-someones-profile-picture-and-they-had-no-idea-a1dc621d12c4?source=rss------bug_bounty-5 | Krishnadev P Melevila | bug-bounty, cybersecurity, infosec, pentesting, burp | 13-Jan-2025 |
Bug Bounty Kültürü Neden Önemlidir? | https://medium.com/@omermertkaya/bug-bounty-k%C3%BClt%C3%BCr%C3%BC-neden-%C3%B6nemlidir-cdb126ede8cb?source=rss------bug_bounty-5 | Ömer Mert KAYA | security-awareness, cybersecurity, bug-bounty, vulnerability-management, proactive-security | 13-Jan-2025 |
How to Make Nmap Recognize New Services | https://mhmmuneef.medium.com/how-to-make-nmap-recognize-new-services-af44e6f9c20e?source=rss------bug_bounty-5 | Mohammed Muneef | cybersecurity, technology, networking, bug-bounty | 13-Jan-2025 |
Building Your Own Bug Bounty Lab: A Hands-On Guide with Metasploit and More | https://infosecwriteups.com/building-your-own-bug-bounty-lab-a-hands-on-guide-with-metasploit-and-more-9595a71fc4c6?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty-tips, bug-bounty, cybersecurity, technology, bug-bounty-writeup | 13-Jan-2025 |
How To Bypass CSRF Defenses With XSS | https://medium.com/@dante.falls/how-to-bypass-csrf-defenses-with-xss-44a124b7646a?source=rss------bug_bounty-5 | Dante Falls | information-security, web-security, cybersecurity, bug-bounty | 13-Jan-2025 |
Get Your First Bug Bounty with Burp Suite’s Match and Replace Feature | https://medium.com/@mahdisalhi0500/get-your-first-bug-bounty-with-burp-suites-match-and-replace-feature-7a32f81a3cb0?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | infosec, penetration-testing, cybersecurity, bug-bounty-tips, bug-bounty | 13-Jan-2025 |
Methodology for Detecting IDOR Vulnerability | https://medium.com/@dogxxx10/methodology-for-detecting-idor-vulnerability-1590b14d45a9?source=rss------bug_bounty-5 | Dogx0x | bug-bounty-writeup, web-hacking, bug-bounty-tips, hacking, bug-bounty | 13-Jan-2025 |
Bug Bounty vs VDP: Building Effective Security Programs with Hacker Collaboration | https://medium.com/@dzianisskliar29/bug-bounty-vs-vdp-building-effective-security-programs-with-hacker-collaboration-0a7db1b3f2df?source=rss------bug_bounty-5 | Dzianis Skliar | hackerone, bugcrowd, intigriti, bug-bounty, attack-surface-management | 13-Jan-2025 |
Security Session #1 | https://medium.com/@mon.cybersec/security-session-1-9457a0f5bd27?source=rss------bug_bounty-5 | Mon Works | bug-bounty, pentesting, ciberseguridad, cybersecurity, hacking | 13-Jan-2025 |
The Ultimate IDOR Testing Checklist | https://medium.com/@muhammetalgan3547/the-ultimate-idor-testing-checklist-ba4a7c094def?source=rss------bug_bounty-5 | Muhammet ALGAN | cybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty | 12-Jan-2025 |
How i Hacked into NASA & got Hall-Of-Fame, Acknowledgement -2025 | https://medium.com/@securityinsights/how-i-hacked-into-nasa-got-hall-of-fame-acknowledgement-2025-d22815f09e29?source=rss------bug_bounty-5 | Mehboob Khan | hacking, cybersecurity, nasa, ethical-hacking, bug-bounty | 12-Jan-2025 |
How to find my first bounty $$$$$ | https://systemweakness.com/how-to-find-my-first-bounty-68ba0022dcf0?source=rss------bug_bounty-5 | Mr Horbio | pentesting, cybersecurity, hacking, ethical-hacking, bug-bounty | 12-Jan-2025 |
How I Found This Crazy PII Data Leak Worth 500$ | https://medium.com/@sc128496/how-i-found-this-crazy-pii-data-leak-worth-500-e39d6dd19133?source=rss------bug_bounty-5 | Sahil Choudhary | outside-the-box, think-different, cybersecurity, reconnaissance, bug-bounty | 12-Jan-2025 |
The Road to CRTP Cert — Part 14 | https://medium.com/@dineshkumaar478/the-road-to-crtp-cert-part-14-b7f9cb8bd87f?source=rss------bug_bounty-5 | Dineshkumaar R | infosec, vapt, penetration-testing, red-team, bug-bounty | 12-Jan-2025 |
Server-Side Vulnerabilities | #5 File Upload Vulnerabilities | https://medium.com/@agapehearts/server-side-vulnerabilities-5-file-upload-vulnerabilities-7f5f68688cc7?source=rss------bug_bounty-5 | Agape HearTs | vulnerability, bug-bounty, ethical-hacking, portswigger, bugs | 12-Jan-2025 |
10 Best Bug Bounty Platforms to Earn Money Online | https://hackreveals.medium.com/10-best-bug-bounty-platforms-to-earn-money-online-e5b83767ac20?source=rss------bug_bounty-5 | Prakash Tiwari | bug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-program, osint | 12-Jan-2025 |
How I Got Access to Over 60,000 Traders’ Data | https://0xglss.medium.com/how-i-got-access-to-over-60-000-traders-data-b6043b2363c3?source=rss------bug_bounty-5 | 0xglss | admin-panel, account-takeover, xss-attack, bug-bounty, penetration-testing | 12-Jan-2025 |
hunting #2 | https://medium.com/@dark_zone/hunting-2-f06b275adf5c?source=rss------bug_bounty-5 | darkzone | bug-bounty | 12-Jan-2025 |
Day 3. The 100-Day Bug Bounty Challenge: Understanding DOM-Based XSS (Cross-Site Scripting) | https://mahhesshh.medium.com/day-2-the-100-day-bug-bounty-challenge-understanding-dom-based-xss-cross-site-scripting-96b2bf92a7f0?source=rss------bug_bounty-5 | Mahesh Dhakad | xss-attack, cybersecurity, dom-xss, bug-bounty, cross-site-scripting | 12-Jan-2025 |
nform“SOCMINT: The Digital Crystal Ball of Cybersecurity and Beyond” | https://medium.com/@paritoshblogs/nform-socmint-the-digital-crystal-ball-of-cybersecurity-and-beyond-1dfddad6193b?source=rss------bug_bounty-5 | Paritosh | hacking, socmint, information-technology, bug-bounty, cybersecurity | 12-Jan-2025 |
How To Get free burpsuite professional | https://cybersecuritywriteups.com/how-to-get-free-burpsuite-professional-f124ebaf529d?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, hacking, burpsuite, penetration-testing, cybersecurity | 12-Jan-2025 |
Unmasking a Captcha Bypass Vulnerability: Step-by-Step Walkthrough | https://medium.com/@vishalsharma445500/unmasking-a-captcha-bypass-vulnerability-step-by-step-walkthrough-6131519a3788?source=rss------bug_bounty-5 | Vishal Sharma | cybersecurity, ethical-hacking, vulnerability, penetration-testing, bug-bounty | 12-Jan-2025 |
IDOR & UUIDs to leak PII | https://medium.com/@CANITEY/idor-uuids-to-leak-pii-7675130ab784?source=rss------bug_bounty-5 | CANITEY | idor, cybersecurity, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 12-Jan-2025 |
How Improper cache storage lead to Make me $$$ | https://medium.com/@test123cybertest/how-improper-cache-storage-lead-to-make-me-4de4c003b376?source=rss------bug_bounty-5 | praveenarsh0xx0 | bug-bounty, tips-and-tricks, cybersecurity, ethical-hacking, penetration-testing | 12-Jan-2025 |
Logic Bugs in Payment Gateway | https://bitpanic.medium.com/logic-bugs-in-payment-gateway-25d5d48068c4?source=rss------bug_bounty-5 | Spectat0rguy | technology, cybersecurity, bug-bounty-tips, programming, bug-bounty | 12-Jan-2025 |
A Simple Bug to Get Started in Bug Bounty | https://medium.com/infosecmatrix/a-simple-bug-to-get-started-in-bug-bounty-599121c1b997?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, cybersecurity, hacking, bugs, pentesting | 12-Jan-2025 |
How i found Broken Access Control | https://medium.com/@gitlime71/how-i-found-broken-access-control-c3377d3df60e?source=rss------bug_bounty-5 | Raccoon | bug-bounty, pentesting, bug-bounty-tips, bug-bounty-writeup, penetration-testing | 12-Jan-2025 |
The State of Web3 Security in 2024 | https://medium.com/coinmonks/the-state-of-web3-security-in-2024-f3713fbe9e04?source=rss------bug_bounty-5 | Raiders | bug-bounty, web3, blockchain, hacking, security | 12-Jan-2025 |
The Art of Note-Taking in Bug Bounty Hunting | https://medium.com/@mahdisalhi0500/the-art-of-note-taking-in-bug-bounty-hunting-9b28876316e3?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | infosec, information-security, penetration-testing, bug-bounty, bug-bounty-tips | 12-Jan-2025 |
Portswigger Web Security Academy : File path traversal, simple case walkthrough | https://medium.com/@Kinqdathacker/portswigger-web-security-academy-file-path-traversal-simple-case-walkthrough-d04418d04b76?source=rss------bug_bounty-5 | Kinqdathacker | path-traversal, web-security, hacking, web-app-security, bug-bounty | 12-Jan-2025 |
Server-side vulnerabilities | #4 Server-Side Request Forgery | https://medium.com/@agapehearts/server-side-vulnerabilities-4-server-side-request-forgery-71b7c525eadc?source=rss------bug_bounty-5 | Agape HearTs | servers, bug-bounty, ethical-hacking, cybersecurity, bugs | 11-Jan-2025 |
Crawling for Emails In Websites — OSINT Methodology | https://osintteam.blog/crawling-for-emails-in-websites-osint-methodology-602e2b274c6e?source=rss------bug_bounty-5 | Jason Jacobs, MSc. | osint, bug-bounty, cybersecurity | 11-Jan-2025 |
LFI Bug can help you make $500 and more.(Noob-Advance) | https://medium.com/@anandrishav2228/lfi-bug-can-help-you-make-500-and-more-noob-advance-be001cb2d152?source=rss------bug_bounty-5 | Rishav anand | cybersecurity, money, bug-bounty, hacking, lfi | 11-Jan-2025 |
How to Hack Single Page Applications (SPAs): Modern Techniques | https://medium.com/@bootstrapsecurity/how-to-hack-single-page-applications-spas-modern-techniques-4f69c020b0ff?source=rss------bug_bounty-5 | BootstrapSecurity | bug-bounty-tips, hacking, bug-bounty, api, ethical-hacking | 11-Jan-2025 |
Understanding Large Language Models (LLMs): The Power of AI in Text Generation | https://medium.com/@paritoshblogs/understanding-large-language-models-llms-the-power-of-ai-in-text-generation-dce8c1ddeb7b?source=rss------bug_bounty-5 | Paritosh | chatgpt, llm, ai, hacking, bug-bounty | 11-Jan-2025 |
From Innocent Messages to Total Takeover: How I Hacked a Professional Network! | https://medium.com/@lordofheaven1234/from-innocent-messages-to-total-takeover-how-i-hacked-a-professional-network-2033537d5d6a?source=rss------bug_bounty-5 | Lord Heaven | blind-xss, bug-bounty, hacking, account-takeover | 11-Jan-2025 |
GOT 700$ BOUNTY BY Store XSS VULNERABILITY | https://medium.com/@hrofficial62/got-700-bounty-by-store-xss-vulnerability-bc48f2e31e46?source=rss------bug_bounty-5 | Mr Horbio | bug-bounty-tips, ethical-hacking, cybersecurity, bug-bounty, xss-attack | 11-Jan-2025 |
Microsoft ADFS Recon | https://medium.com/meetcyber/microsoft-adfs-recon-e56fcace8551?source=rss------bug_bounty-5 | AbhirupKonwar | cybersecurity, infosec, bug-bounty, penetration-testing, bug-bounty-tips | 11-Jan-2025 |
Breaking Vercel’s Clone URL with a Simple XSS Exploit | https://medium.com/@n45ht/breaking-vercels-clone-url-with-a-simple-xss-exploit-8f55b21f32eb?source=rss------bug_bounty-5 | N45HT | bug-bounty, hacking, bug-bounty-writeup, cross-site-scripting, xs | 11-Jan-2025 |
Telefónica Confirms Internal Ticketing System Breach After Data Leak | https://medium.com/@wiretor/telef%C3%B3nica-confirms-internal-ticketing-system-breach-after-data-leak-6067f759f65d?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, money, malware, bug-bounty, ai | 11-Jan-2025 |
The Subdomain They Forgot — How I Chained Bugs for a $1,000 Bounty | https://myselfakash20.medium.com/the-subdomain-they-forgot-how-i-chained-bugs-for-a-1-000-bounty-094d89758489?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty, cybersecurity, bug-bounty-tips, technology, bug-bounty-writeup | 11-Jan-2025 |
Secure Code Review Assessment for Javascript (Full Stack NextJS) | https://medium.com/@0xNayelx/secure-code-review-assessment-for-javascript-full-stack-nextjs-59651da6fb24?source=rss------bug_bounty-5 | 0xNayel | source-code, ctf-writeup, pentesting, bug-bounty, offensive-security | 11-Jan-2025 |
Exposing the Weak Points: Vulnerabilities in REST APIs | https://bitpanic.medium.com/exposing-the-weak-points-vulnerabilities-in-rest-apis-8e4acb4861b0?source=rss------bug_bounty-5 | Spectat0rguy | programming, bug-bounty-tips, cybersecurity, technology, bug-bounty | 11-Jan-2025 |
Crack the Code: Your Bug Bounty Hunting Journey Starts Here | https://it4chis3c.medium.com/crack-the-code-your-bug-bounty-hunting-journey-starts-here-e61701f8cb36?source=rss------bug_bounty-5 | It4chis3c | bug-bounty-tips, bug-bounty-writeup, bug-bounty, tryhackme, hackthebox | 11-Jan-2025 |
Critical IDOR Vulnerability: Unauthorized Users Can Modify Company’s PayPal Email | https://medium.com/@mahdisalhi0500/critical-idor-vulnerability-unauthorized-users-can-modify-companys-paypal-email-92bf24ae19df?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | infosec, bug-bounty, bug-bounty-tips, ethical-hacking, pentesting | 11-Jan-2025 |
EXIF Metadata-Based XSS Attacks: A Web Security Research | https://medium.com/@enesonder001/exif-metadata-based-xss-attacks-a-web-security-research-e88c7ea7b69b?source=rss------bug_bounty-5 | enes önder | bugs, bug-bounty-tips, xss-attack, xss-vulnerability, bug-bounty | 11-Jan-2025 |
GOT 700$ BOUNTY BY Store XSS VULNERABILITY | https://systemweakness.com/got-700-bounty-by-store-xss-vulnerability-bc48f2e31e46?source=rss------bug_bounty-5 | Mr Horbio | bug-bounty-tips, ethical-hacking, cybersecurity, bug-bounty, xss-attack | 11-Jan-2025 |
Day 08: My Bug Bounty Challenge … 0–100k without knowledge in one year! | https://medium.com/@dogxxx10/day-08-my-bug-bounty-challenge-0-100k-without-knowledge-in-one-year-70422a5cd7eb?source=rss------bug_bounty-5 | Dogx0x | hacking, bug-bounty-writeup, bug-bounty, bug-bounty-tips, hacking-training | 10-Jan-2025 |
Finding a easy p3 | https://medium.com/h7w/finding-a-easy-p3-a16186613391?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, ethical-hacking, cybersecurity, hacking, penetration-testing | 10-Jan-2025 |
30+ Standard Linux Commands for Beginner or Intermediate Users | https://medium.com/@BetterBy0x01/30-standard-linux-commands-for-beginner-or-intermediate-users-eacae976d92c?source=rss------bug_bounty-5 | Ashutosh Singh Patel | command-line, linux, hacking, bug-bounty, security | 10-Jan-2025 |
Server-side vulnerabilities | #3 AUTHENTICATION | https://medium.com/@agapehearts/server-side-vulnerabilities-3-authentication-ff80ac2efdb4?source=rss------bug_bounty-5 | Agape HearTs | bugs, bug-bounty, ethical-hacking, authentication, web-applications | 10-Jan-2025 |
The Road to CRTP Cert — Part 13 | https://medium.com/@dineshkumaar478/the-road-to-crtp-cert-part-13-8d14193f660f?source=rss------bug_bounty-5 | Dineshkumaar R | active-directory, hacking, cybersecurity, security, bug-bounty | 10-Jan-2025 |
Mastering HTTP Request Smuggling: Bypassing Firewalls and Filters | https://medium.com/@bootstrapsecurity/mastering-http-request-smuggling-bypassing-firewalls-and-filters-a3d69bcbe4d9?source=rss------bug_bounty-5 | BootstrapSecurity | hacking, ethical-hacking, bug-bounty-tips, api, bug-bounty | 10-Jan-2025 |
How I got CERT-EU Hall of Fame | https://cybersecuritywriteups.com/how-i-got-cert-eu-hall-of-fame-e65b3e72510b?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty-tips, bug-bounty, pentesting, bug-bounty-writeup, cybersecurity | 10-Jan-2025 |
PoC — Vulnérabilité Cache Varnish PURGE DDoS by @GupS3C | https://medium.com/@GupS3C/poc-vuln%C3%A9rabilit%C3%A9-cache-varnish-purge-ddos-by-gups3c-9ce181fe7fca?source=rss------bug_bounty-5 | GupS3C | bug-bounty, bug-bounty-writeup, varnish-cache, bug-hunt, pentesting | 10-Jan-2025 |
Web Application Pentesting Roadmap | https://medium.com/@codingbolt.in/web-application-pentesting-roadmap-4013e89b963b?source=rss------bug_bounty-5 | codingbolt | pentesting, web-pen-testing, bug-bounty, penetration-testing, bug-hunting | 10-Jan-2025 |
Finding Hidden Subdomains with OSINT Tools | https://infosecwriteups.com/finding-hidden-subdomains-with-osint-tools-ad7e411587ee?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, technology, cybersecurity, careers | 10-Jan-2025 |
From Directory Traversal to Full Account Takeover: A Researcher’s Journey | https://medium.com/@sulmanfarooq531/from-directory-traversal-to-full-account-takeover-a-researchers-journey-150044cbf109?source=rss------bug_bounty-5 | Sulman Farooq S | directory-traversal, cybersecurity, path-traversal, bug-bounty, account-takeover | 10-Jan-2025 |
Missing Rate Limit on Several Endpoints $1300 | https://ehteshamulhaq198.medium.com/missing-rate-limit-on-several-endpoints-1300-60f37e16be6b?source=rss------bug_bounty-5 | Ehtesham Ul Haq | technology, hacking, infosec, cybersecurity, bug-bounty | 10-Jan-2025 |
My Worst Informative Report //false positive Bug | https://medium.com/@0xoroot/my-worst-informative-report-false-positive-bug-6117039012cb?source=rss------bug_bounty-5 | 0xoroot | bug-bounty-tips, programming, hacking, bug-bounty, bounty-program | 10-Jan-2025 |
how i found the “Insufficient Authorization in Password Change Endpoint” vulnerability ? | https://doordiefordream.medium.com/how-i-found-the-insufficient-authorization-in-password-change-endpoint-vulnerability-1f0e943daeea?source=rss------bug_bounty-5 | Bug hunter balu | hacking, bug-bounty, cybersecurity, ethical-hacking, vulnerability | 10-Jan-2025 |
MirrorFace Hackers Targeting Japanese Government & Politicians Since 2019 | https://medium.com/@wiretor/mirrorface-hackers-targeting-japanese-government-politicians-since-2019-080121705345?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | money, ai, malware, hacking, bug-bounty | 10-Jan-2025 |
Data Breach Alert: BayMark Health Services Targeted by Ransomware Attack | https://medium.com/@wiretor/data-breach-alert-baymark-health-services-targeted-by-ransomware-attack-5c4cf81d8e79?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, malware, hacking, money, ai | 10-Jan-2025 |
How to Identify Overlooked Bugs in Android Applications: A Bug Bounty Hunter’s Guide | https://bitpanic.medium.com/how-to-identify-overlooked-bugs-in-android-applications-a-bug-bounty-hunters-guide-5c194ed283a4?source=rss------bug_bounty-5 | Spectat0rguy | bug-bounty-tips, bug-bounty, technology, programming, cybersecurity | 10-Jan-2025 |
A New Bug Hunting Story: Open Redirection Vulnerability | https://medium.com/meetcyber/a-new-bug-hunting-story-open-redirection-vulnerability-33a1b6374f88?source=rss------bug_bounty-5 | Erkan Kavas | bug-bounty, open-redirection, bug-bounty-writeup, bug-bounty-tips, cybersecurity | 10-Jan-2025 |
Behind the Scenes: How I Discovered Flaws in a Rewards and Recognition Portal | https://medium.com/@niraj1mahajan/behind-the-scenes-how-i-discovered-flaws-in-a-rewards-and-recognition-portal-27948a75c4d4?source=rss------bug_bounty-5 | Niraj Mahajan | bug-bounty, idor, broken-access-control, hacking, cybersecurity | 10-Jan-2025 |
Race Condition to Bypass Rate-Limiting: A new technique made by Nillsx | https://infosecwriteups.com/race-condition-to-bypass-rate-limiting-a-new-technique-made-by-nillsx-6a60f41dbae6?source=rss------bug_bounty-5 | Nillsx | bug-bounty, ethical-hacking, race-condition, bug-bounty-writeup, rate-limit | 10-Jan-2025 |
Revisiting a Simple SQL Injection Methodology | https://infosecwriteups.com/revisiting-a-simple-sql-injection-methodology-ecd42634a21e?source=rss------bug_bounty-5 | Jason Jacobs, MSc. | bug-bounty, ethical-hacking, cybersecurity, penetration-testing | 10-Jan-2025 |
Day 09: My Bug Bounty Challenge … 0–100k without knowledge in one year! | https://medium.com/@dogxxx10/day-09-my-bug-bounty-challenge-0-100k-without-knowledge-in-one-year-220c7c6bb0cf?source=rss------bug_bounty-5 | Dogx0x | hacking, hackthebox, bug-bounty-writeup, bug-bounty-tips, bug-bounty | 10-Jan-2025 |
Telegram Leaks PII, doesn’t care. | https://medium.com/@hacktheplanet/telegram-leaks-pii-doesnt-care-c75465be1cc2?source=rss------bug_bounty-5 | sirhaxalot | hacking, telegram, bug-bounty, security | 09-Jan-2025 |
Discovering Hidden Subdomains: Tools, Techniques | https://medium.com/@bootstrapsecurity/discovering-hidden-subdomains-tools-techniques-7c874c4f5966?source=rss------bug_bounty-5 | BootstrapSecurity | hacking, api, bug-bounty, ethical-hacking, bug-bounty-tips | 09-Jan-2025 |
The following content is purely fictional written with the intent to motivate the reader. | https://medium.com/@personaldevelop100/the-following-content-is-purely-fictional-written-with-the-intent-to-motivate-the-reader-6b23c19d70d8?source=rss------bug_bounty-5 | Personal_hunt | bug-bounty, motivation, bug-hunting | 09-Jan-2025 |
Finding subdomains using goole dorking. | https://medium.com/infosecmatrix/finding-subdomains-using-goole-dorking-4d6966e70637?source=rss------bug_bounty-5 | loyalonlytoday | dorking, penetration-testing, bug-bounty, hacking, cybersecurity | 09-Jan-2025 |
Hack. Earn. Secure the Future: Bug Bounties in 2025 | https://sagarjethi.medium.com/hack-earn-secure-the-future-bug-bounties-in-2025-0e2d05fcb364?source=rss------bug_bounty-5 | Sagar Jethi | hackathons, earn, bug-bounty, smart-contract-auditing, blockchain-developer | 09-Jan-2025 |
NTLM Authentication Disclosure Vulnerability Report | https://medium.com/@dasmanish6176/ntlm-authentication-disclosure-vulnerability-report-b47029c2e491?source=rss------bug_bounty-5 | Dasmanish | vapt, web-app-security, active-directory, ethical-hacking, bug-bounty | 09-Jan-2025 |
How I get 7 open redirect and 7 XSS in public program! | https://medium.com/@mohamed.yasser442200/how-i-get-7-open-redirect-and-7-xss-in-public-program-7518a3f26b49?source=rss------bug_bounty-5 | Spider4 | bug-bounty, security, bug-bounty-tips, xss-attack, bug-bounty-writeup | 09-Jan-2025 |
From Exploit to Payday-Chaining Stored XSS in PDF Upload to Full AccountTakeover via Email change… | https://medium.com/@meljith6355484/from-exploit-to-payday-chaining-stored-xss-in-pdf-upload-to-full-accounttakeover-via-email-change-d36e855e0575?source=rss------bug_bounty-5 | Meljith Pereira | hacking, ethical-hacking, xss-attack, bugcrowd, bug-bounty | 09-Jan-2025 |
Unlock the Ultimate Resource Hub for Security Researchers | https://infosecwriteups.com/unlock-the-ultimate-resource-hub-for-security-researchers-9fa52bbff1ff?source=rss------bug_bounty-5 | JEETPAL | bug-bounty-hunter, bug-bounty, bugbounty-writeup, cybersecurity, bugbounty-tips | 09-Jan-2025 |
Exposing Sensitive Data: A Wake-Up Call for Nokia's Security | https://medium.com/@gourisankara357/exposing-sensitive-data-a-wake-up-call-for-nokias-security-c5ba75fddd22?source=rss------bug_bounty-5 | Gouri Sankar A | info-sec-writeups, bug-bounty, infosec-write-ups, cybersecurity, bugs | 09-Jan-2025 |
Biggest Misconceptions About Bug Bounty Programs (From a Company Perspective) | https://medium.com/@hackrate/biggest-misconceptions-about-bug-bounty-programs-from-a-company-perspective-42481997d40d?source=rss------bug_bounty-5 | Levente Molnar | cybersecurity, bug-bounty-tips, bug-bounty, hacking, ethical-hacking | 09-Jan-2025 |
Critical [9.8] SQL Injection in a Major Indonesian Web Hosting Platform | https://medium.com/@n45ht/critical-9-8-sql-injection-in-a-major-indonesian-web-hosting-platform-8bda5d2913d3?source=rss------bug_bounty-5 | N45HT | bug-bounty-writeup, bug-bounty, vulnerability, sql-injection, hacking | 09-Jan-2025 |
Hacking made easy with XSSIFY | https://aravind07.medium.com/hacking-made-easy-with-xssify-9637890cd33b?source=rss------bug_bounty-5 | Gnana Aravind K | hacking, security, xss-attack, cybersecurity, bug-bounty | 09-Jan-2025 |
Stay Ahead of Cyber Threats, Top Websites for Real-Time Updates and Insights | https://medium.com/@b.mythili123/stay-ahead-of-cyber-threats-top-websites-for-real-time-updates-and-insights-57a1b384cdfa?source=rss------bug_bounty-5 | Hello Love | hackthebox, tryhackme, cybersecurity, bug-bounty, hacking | 09-Jan-2025 |
Top 10 Overlooked Business Logic Flaws in Web Applications | https://bitpanic.medium.com/top-10-overlooked-business-logic-flaws-in-web-applications-6745d42f3786?source=rss------bug_bounty-5 | Spectat0rguy | bug-bounty, technology, cybersecurity, bug-bounty-tips, programming | 09-Jan-2025 |
From N/A to $$$: A Simple Python Script Led to Application-Level DoS | https://hashimamin.medium.com/from-n-a-to-a-simple-python-script-led-to-application-level-dos-83a65f75b7dc?source=rss------bug_bounty-5 | Hashim Amin | bug-bounty, privilege-escalation, infosec, cybersecurity, pentesting | 09-Jan-2025 |
Urgent: Patch SonicWall SSLVPN Vulnerability Now | https://medium.com/@wiretor/urgent-patch-sonicwall-sslvpn-vulnerability-now-385713cdfa2f?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, malware, hacking, money, sonicwall | 09-Jan-2025 |
The Great FAQ Collection About Bug Bounty | https://medium.com/@hackrate/the-great-faq-collection-about-bug-bounty-87421d970ddd?source=rss------bug_bounty-5 | Levente Molnar | hacking, bug-bounty-tips, bug-bounty, cybersecurity, ethical-hacking | 09-Jan-2025 |
What Is Cross Site Scripting (XSS)? | https://medium.com/@dante.falls/what-is-cross-site-scripting-xss-d74b19920d8e?source=rss------bug_bounty-5 | Dante Falls | information-security, bug-bounty, web-security, cybersecurity, xss-attack | 09-Jan-2025 |
How I Discovered a Delete CSRF Vulnerability | https://medium.com/@Ursula-/how-i-discovered-a-delete-csrf-vulnerability-a46d4bc2e700?source=rss------bug_bounty-5 | Fatma Mustafa | bug-hunting, bug-bounty, bug-bounty-writeup | 09-Jan-2025 |
Threat Hunting with MITRE ATT&CK: A Proactive Approach to Cyber Defence | https://medium.com/@paritoshblogs/threat-hunting-with-mitre-att-ck-a-proactive-approach-to-cyber-defence-a84945f61bda?source=rss------bug_bounty-5 | Paritosh | bug-bounty, hacking, cybersecurity, mitre-attck, threat-hunting | 08-Jan-2025 |
A Beginner’s Guide to Pentesting GraphQL APIs | https://medium.com/@suprajabaskaran8/a-beginners-guide-to-pentesting-graphql-apis-395fa1878f6a?source=rss------bug_bounty-5 | Suprajabaskaran | graphql, cybersecurity, bug-bounty, bugbounty-writeup, hacking | 08-Jan-2025 |
First bounty — Second Order Stored XSS on club.paris2024.org | https://medium.com/@swaroopvenkat828/first-bounty-second-order-stored-xss-on-club-paris2024-org-9a3ad7fe7c7f?source=rss------bug_bounty-5 | swaroop 04|16 | bug-bounty-tips, bug-bounty, bug-bounty-writeup | 08-Jan-2025 |
Weird JavaScript files | https://medium.com/@dsmodi484/weird-javascript-files-7e6e7296e914?source=rss------bug_bounty-5 | cryptoshant | hacking, cybersecurity, javascript, bug-bounty, tips | 08-Jan-2025 |
File Upload Vulnerabilities: Techniques and Payloads | https://medium.com/@bootstrapsecurity/file-upload-vulnerabilities-techniques-and-payloads-b0bdf97eb298?source=rss------bug_bounty-5 | BootstrapSecurity | hacking, ethical-hacking, bug-bounty-tips, bug-bounty, api | 08-Jan-2025 |
ChatGPT for Bug Bounty Hunters: Custom Payloads, Automated Scripts, and More | https://medium.com/@kumawatabhijeet2002/chatgpt-for-bug-bounty-hunters-custom-payloads-automated-scripts-and-more-8a15690c3fa5?source=rss------bug_bounty-5 | Abhijeet kumawat | infosec, chatgpt, hacking, bug-bounty, bug-bounty-tips | 08-Jan-2025 |
A Beginner’s Guide to Pentesting GraphQL APIs | https://infosecwriteups.com/a-beginners-guide-to-pentesting-graphql-apis-395fa1878f6a?source=rss------bug_bounty-5 | Suprajabaskaran | graphql, cybersecurity, bug-bounty, bugbounty-writeup, hacking | 08-Jan-2025 |
POC — WordPress File Upload plugin, in the wfu_file_downloader.php | https://medium.com/@verylazytech/poc-wordpress-file-upload-plugin-in-the-wfu-file-downloader-php-57a173ab9e90?source=rss------bug_bounty-5 | Very Lazy Tech | wordpress-plugins, cve-2024-9047, cybersecurity, bug-bounty, hacking | 08-Jan-2025 |
Day 0. The 100-Day Bug Bounty Challenge: Sharing 100 Vulnerabilities in 100 Days | https://medium.com/@mahhesshh/day-0-the-100-day-bug-bounty-challenge-sharing-100-vulnerabilities-in-100-days-17308f82d741?source=rss------bug_bounty-5 | Mahesh Dhakad | cybersecurity, bug-bounty, hacking, vulnerability, 100daychallenge | 08-Jan-2025 |
How a YouTube Video Led Me to $650: My Host Header Injection Adventure | https://medium.com/@trffnsec/how-a-youtube-video-led-me-to-650-my-host-header-injection-adventure-696fd82b2886?source=rss------bug_bounty-5 | TrffnSec | ethical-hacking, cybersecurity, bug-bounty, website-testing | 08-Jan-2025 |
The Rate Limit bypass which almost killed my brain | https://siratsami71.medium.com/this-rate-limit-bypass-which-almost-killed-my-brain-1905749a5f4d?source=rss------bug_bounty-5 | Sirat Sami (analyz3r) | brute-force, hackerone, bug-bounty | 08-Jan-2025 |
Automate-XSS Five-In-One Tool | https://medium.com/@saket590/automate-xss-five-in-one-tool-95a947545b2c?source=rss------bug_bounty-5 | Dr. Saket Acharya | bug-bounty, hacking, xss-vulnerability, xss-attack, xss-bypass | 08-Jan-2025 |
Day 0. The 100-Day Bug Bounty Challenge: Sharing 100 Vulnerabilities in 100 Days | https://mahhesshh.medium.com/day-0-the-100-day-bug-bounty-challenge-sharing-100-vulnerabilities-in-100-days-17308f82d741?source=rss------bug_bounty-5 | Mahesh Dhakad | cybersecurity, bug-bounty, hacking, vulnerability, 100daychallenge | 08-Jan-2025 |
Weird JavaScript files | https://infosecwriteups.com/weird-javascript-files-7e6e7296e914?source=rss------bug_bounty-5 | cryptoshant | hacking, cybersecurity, javascript, bug-bounty, tips | 08-Jan-2025 |
Leaky Response, Easy Takeover! | https://medium.com/@tanyago/leaky-response-easy-takeover-25367c18f0dc?source=rss------bug_bounty-5 | Tanya Goyal | bug-bounty, bug-bounty-tips, bug-bounty-writeup | 08-Jan-2025 |
Why Companies Should Adopt a Bug Bounty Program | https://medium.com/@hackrate/why-companies-should-adopt-a-bug-bounty-program-cd4e1a492989?source=rss------bug_bounty-5 | Levente Molnar | bug-bounty, hacking, cybersecurity, ethical-hacking, bug-bounty-tips | 08-Jan-2025 |
How I Ethically Hacked the Indian Army for the Second Time | https://cybersecuritywriteups.com/how-i-ethically-hacked-the-indian-army-for-the-second-time-edf6ec4495f8?source=rss------bug_bounty-5 | Guru Prasad Pattanaik || TH3N00BH4CK3R | cybersecurity, bug-bounty-writeup, ethical-hacking, bug-bounty-tips, bug-bounty | 08-Jan-2025 |
Blind OS Command Injection with Output Redirection | https://osintteam.blog/blind-os-command-injection-with-output-redirection-1d08c3793ff1?source=rss------bug_bounty-5 | The Cybersec Café | cybersecurity, bug-bounty, penetration-testing, bug-bounty-tips, information-security | 08-Jan-2025 |
No Session Expiry after log-out, attacker can reuse the old cookies | https://mknayek101.medium.com/no-session-expiry-after-log-out-attacker-can-reuse-the-old-cookies-b90a4a45032d?source=rss------bug_bounty-5 | MkNayek | penetration-testing, cybersecurity, bug-bounty-tips, bug-bounty, pentesting | 08-Jan-2025 |
Disclosure of any bpost.be username via email | https://mknayek101.medium.com/disclosure-of-any-bpost-be-username-via-email-afde00aff7d9?source=rss------bug_bounty-5 | MkNayek | penetration-testing, pentesting, bug-bounty-tips, bug-bounty, cybersecurity | 08-Jan-2025 |
User information disclosed via API endpoint | https://mknayek101.medium.com/user-information-disclosed-via-api-endpoint-80a1b82e3f3a?source=rss------bug_bounty-5 | MkNayek | penetration-testing, web-hacking, pentesting, bug-bounty-tips, bug-bounty | 08-Jan-2025 |
AI Security Insights from HackerOne’s 8th Annual Security Report | https://medium.com/ai-security-hub/ai-security-insights-from-hackerones-8th-annual-security-report-f775473c1226?source=rss------bug_bounty-5 | Tal Eliyahu | hackerone, bug-bounty, hacking, cybersecurity, artificial-intelligence | 08-Jan-2025 |
PowerSchool Hacked: 18K Customers and 60M Students’ Privacy Compromised | https://medium.com/@wiretor/powerschool-hacked-18k-customers-and-60m-students-privacy-compromised-e418e3ed8ccc?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | money, ai, malware, powerschool, bug-bounty | 08-Jan-2025 |
UN Aviation Agency Hit by Cyberattack: 42K Recruitment Records Stolen | https://medium.com/@wiretor/un-aviation-agency-hit-by-cyberattack-42k-recruitment-records-stolen-6a51c8817d7f?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | money, bug-bounty, un, ai, malware | 08-Jan-2025 |
Green Bay Packers Pro Shop Breach: Over 8,500 Credit Cards Stolen! | https://medium.com/@wiretor/green-bay-packers-pro-shop-breach-over-8-500-credit-cards-stolen-e99ea97bf154?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | money, green-bay, ai, malware, bug-bounty | 08-Jan-2025 |
CISA Alerts: Critical Oracle WebLogic & Mitel Vulnerabilities Exploited! | https://medium.com/@wiretor/cisa-alerts-critical-oracle-weblogic-mitel-vulnerabilities-exploited-136f227dcfb0?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ai, programming, malware, business, bug-bounty | 08-Jan-2025 |
Breaking Barriers: Understanding and Mastering WAF Bypass Techniques | https://bitpanic.medium.com/breaking-barriers-understanding-and-mastering-waf-bypass-techniques-2277150d2574?source=rss------bug_bounty-5 | Spectat0rguy | cybersecurity, bug-bounty, technology, programming, bug-bounty-tips | 08-Jan-2025 |
Day 07: My Bug Bounty Challenge … 0–100k without knowledge in one year! | https://medium.com/@dogxxx10/day-07-my-bug-bounty-challenge-0-100k-without-knowledge-in-one-year-cc5eff18ae10?source=rss------bug_bounty-5 | Dogx0x | bug-bounty-writeup, bug-bounty, web-hacking, hacking, bug-bounty-tips | 08-Jan-2025 |
Detect Open Redirect Vulnerabilities with RedirXploit | https://angixblack.medium.com/detect-open-redirect-vulnerabilities-with-redirxploit-946ac287846f?source=rss------bug_bounty-5 | Angix black | bugs, open-redirect, tools, bug-bounty, bug-bounty-tips | 07-Jan-2025 |
How i found ssti injection (Server-side template injection)on yeswehack platform in public program | https://medium.com/@ravindrajatav0709/how-i-found-ssti-injection-server-side-template-injection-on-yeswehack-platform-in-public-program-bfde6a89f477?source=rss------bug_bounty-5 | Ravindrajatav | bug-bounty, bugbounty-writeup, bug-bounty-tips, bugs, cybersecurity | 07-Jan-2025 |
Getting Started with Bug Bounty Hunting in 2025: A Real World Guide | https://medium.com/@hackbynight/getting-started-with-bug-bounty-hunting-in-2025-a-real-world-guide-051a3fb36376?source=rss------bug_bounty-5 | hackbynight | bug-bounty-tips, bug-bounty, cybersecurity, information-security, hacking | 07-Jan-2025 |
Server-Side Template Injection (SSTI): Advanced Exploitation Techniques | https://medium.com/@bootstrapsecurity/server-side-template-injection-ssti-advanced-exploitation-techniques-2d8ccdf6270f?source=rss------bug_bounty-5 | BootstrapSecurity | ethical-hacking, bug-bounty-tips, bug-bounty, api, hacking | 07-Jan-2025 |
Finding more subdomains | https://medium.com/@loyalonlytoday/finding-more-subdomains-8b1abb32f3e5?source=rss------bug_bounty-5 | loyalonlytoday | reconnaissance, hacking, bug-bounty-tips, cybersecurity, bug-bounty | 07-Jan-2025 |
Burp Suite + Form Deletion = Admin Storage Nightmare | https://infosecwriteups.com/burp-suite-form-deletion-admin-storage-nightmare-240618a8c983?source=rss------bug_bounty-5 | callgh0st | humanity, hacking, gaza, genocide, bug-bounty | 07-Jan-2025 |
Web Application Penetration Testing Checklist | https://saconychukwu.medium.com/web-application-penetration-testing-checklist-3da7d3be8f1a?source=rss------bug_bounty-5 | Sacony Chukwu | bug-bounty-tips, hacking, bug-bounty, bug-bounty-writeup, cybersecurity | 07-Jan-2025 |
Automated Penetration Testing: A Guide to Domain Collection | https://medium.com/@security.tecno/automated-penetration-testing-a-guide-to-domain-collection-a79df50d74a0?source=rss------bug_bounty-5 | TECNO Security | web, hacking, bug-bounty, security | 07-Jan-2025 |
Hack The Box UpDown[Retired][Linux] | https://medium.com/@vignesh6872610/hack-the-box-updown-retired-linux-5e0a9f6ec84e?source=rss------bug_bounty-5 | Vignesh P | htb-writeup, hackthebox-walkthrough, retiredmachine, bug-bounty, linux | 07-Jan-2025 |
P4 Bugs and POC | Part-9 | https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-9-16b5a8ffb52d?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, bug-bounty-tips, hacking, infosec, money | 07-Jan-2025 |
bug-bounty Rate Limit vulnerability | https://medium.com/@eslamatef396/bug-bounty-rate-limit-vulnerability-cb81481456bc?source=rss------bug_bounty-5 | UnStoppable | web-penetration-testing, rate-limiting, bug-bounty | 07-Jan-2025 |
CVE-2024–12033: A Critical WordPress Vulnerability in Jupiter X Core | https://medium.com/@wiretor/cve-2024-12033-a-critical-wordpress-vulnerability-in-jupiter-x-core-38ac3380b909?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, wordpress, malware, rce, cve | 07-Jan-2025 |
CVE-2024–12532: Vulnerability in BWD Elementor Addons Plugin | https://medium.com/@wiretor/cve-2024-12532-vulnerability-in-bwd-elementor-addons-plugin-da1a34bd2f99?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ai, malware, wordpress, hacking, bug-bounty | 07-Jan-2025 |
CVE-2024–12711: Vulnerability in RSVP and Event Management Plugin | https://medium.com/@wiretor/cve-2024-12711-vulnerability-in-rsvp-and-event-management-plugin-2a0b374807e1?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | business, malware, ai, bug-bounty, hacking | 07-Jan-2025 |
Critical Infrastructure Ransomware Attack Tracker Surpasses 2,000 Incidents! | https://medium.com/@wiretor/critical-infrastructure-ransomware-attack-tracker-surpasses-2-000-incidents-431f5531a2af?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ai, bug-bounty, hacking, business, malware | 07-Jan-2025 |
Bug Bounty Hunting Prerequisites | https://it4chis3c.medium.com/bug-bounty-hunting-prerequisites-964560919547?source=rss------bug_bounty-5 | It4chis3c | roadmaps, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-hunting | 07-Jan-2025 |
The Most Groundbreaking Bug Bounty Discoveries That Changed Cybersecurity Forever | https://medium.com/@hackrate/the-most-groundbreaking-bug-bounty-discoveries-that-changed-cybersecurity-forever-a2a39e7e10af?source=rss------bug_bounty-5 | Levente Molnar | hacking, bug-bounty, bug-bounty-tips, ethical-hacking, cybersecurity | 07-Jan-2025 |
Beginners Introduction To Server Side Request Forgery | https://bitpanic.medium.com/beginners-introduction-to-server-side-request-forgery-85c3a35eb726?source=rss------bug_bounty-5 | Spectat0rguy | bug-bounty-tips, programming, bug-bounty, cybersecurity, technology | 07-Jan-2025 |
My Journey to Finding Two XSS Vulnerabilities on a Bug Bounty Website | https://medium.com/@mickaelbenlolo/my-journey-to-finding-two-xss-vulnerabilities-on-a-bug-bounty-website-b6a1e38425df?source=rss------bug_bounty-5 | Mickael Benlolo | penetration-testing, xss-vulnerability, cybersecurity, bug-bounty | 07-Jan-2025 |
Humorous XSS Vulnerabilities in a Movie Website | https://medium.com/meetcyber/humorous-xss-vulnerabilities-in-a-movie-website-3600d7828661?source=rss------bug_bounty-5 | Erkan Kavas | xss-vulnerability, cybersecurity, xss-challenge, xss-attack, bug-bounty | 07-Jan-2025 |
Day 06: My Bug Bounty Challenge ... 0–100k without knowledge in one year! | https://medium.com/@dogxxx10/day-06-my-bug-bounty-challenge-0-100k-without-knowledge-in-one-year-5ed71536fd89?source=rss------bug_bounty-5 | Dogx0x | bug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty, web-hacking | 07-Jan-2025 |
P4 Bugs and POC | Part 7 | https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-7-a379f057ba96?source=rss------bug_bounty-5 | Abhijeet kumawat | hacking, bug-bounty, infosec, bug-bounty-tips, money | 06-Jan-2025 |
Day 27 of 30 Day — 30 Vulnerabilities | Server-Side Template Injection (SSTI) | https://it4chis3c.medium.com/day-27-of-30-day-30-vulnerabilities-server-side-template-injection-ssti-12f933587800?source=rss------bug_bounty-5 | It4chis3c | bug-bounty, 30dayswritingchallenge, ssti, bug-bounty-tips, bug-bounty-writeup | 06-Jan-2025 |
From oos — getting bounty Improper Access Control to create an commentor account on the application. | https://medium.com/@swaroopvenkat828/from-oos-getting-bounty-improper-access-control-to-create-an-commentor-account-on-the-application-027b517928bb?source=rss------bug_bounty-5 | swaroop 04|16 | bug-bounty-tips, bugbounty-writeup, bug-bounty | 06-Jan-2025 |
Bypassing API Authentication: Exploiting Token Reuse and Expiry | https://medium.com/@bootstrapsecurity/bypassing-api-authentication-exploiting-token-reuse-and-expiry-0432e7689659?source=rss------bug_bounty-5 | BootstrapSecurity | bug-bounty, api, bug-bounty-tips, ethical-hacking, hacking | 06-Jan-2025 |
Missing SPF BUG HUNTING | https://medium.com/@cybertips96/missing-spf-bug-hunting-121294c9572e?source=rss------bug_bounty-5 | Cybertips | bug-bounty | 06-Jan-2025 |
How I Found PII at NASA Using Google Dorking | https://medium.com/@salaheddine_kalada/how-i-found-pii-at-nasa-using-google-dorking-6447a89decc7?source=rss------bug_bounty-5 | Salaheddine KALADA | bug-bounty-tips, bug-bounty-writeup, bug-bounty-program, bug-bounty, bug-bounty-hunter | 06-Jan-2025 |
How I Got My First Critical Bug ## Easy Bug | https://medium.com/@0xoroot/how-i-got-my-first-critical-bug-easy-bug-fb5d1631bcd4?source=rss------bug_bounty-5 | 0xoroot | critical-thinking, bug-bounty, penetration-testing, hacking, bugs | 06-Jan-2025 |
How I Was Able to Block Any Username | https://infosecwriteups.com/how-i-was-able-to-block-any-username-5707a1fbd25c?source=rss------bug_bounty-5 | JEETPAL | bug-bounty-tips, cybersecurity, bug-bounty-writeup, business-logic-flaw, bug-bounty | 06-Jan-2025 |
Chrome Extension Hacked: - A Wake-Up Call for Users. | https://medium.com/@forte.social/chrome-extension-hacked-a-wake-up-call-for-users-c0c8de0281aa?source=rss------bug_bounty-5 | eSecForte | bug-bounty-tips, cybersecurity, chrome-extension, bug-bounty, hacking | 06-Jan-2025 |
The Evolution of Bug Bounties: A Decade of Digital Vigilance | https://medium.com/@hackrate/the-evolution-of-bug-bounties-a-decade-of-digital-vigilance-99b1e86421b0?source=rss------bug_bounty-5 | Levente Molnar | ethical-hacking, hacking, bug-bounty-tips, bug-bounty, cybersecurity | 06-Jan-2025 |
How IBM Helped Me Get Private Invites on Hacker1 | https://medium.com/@oxab/how-ibm-helped-me-get-private-invites-on-hacker1-ffbe3c1b26d3?source=rss------bug_bounty-5 | Oxab | bugbounting, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 06-Jan-2025 |
Introduction to My Bug Bounty Hunting Series | https://it4chis3c.medium.com/introduction-to-my-bug-bounty-hunting-series-79a68dcb07a6?source=rss------bug_bounty-5 | It4chis3c | bug-hunting, bug-bounty, bug-bounty-writeup, web-security, bug-bounty-tips | 06-Jan-2025 |
Comprehensive Command and Control Tools for Red Teaming Operations | https://saconychukwu.medium.com/comprehensive-command-and-control-tools-for-red-teaming-operations-23e458d830c0?source=rss------bug_bounty-5 | Sacony Chukwu | bug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, ethical-hacking | 06-Jan-2025 |
Advanced C# Offensive Frameworks for Red Team Operations | https://saconychukwu.medium.com/advanced-c-offensive-frameworks-for-red-team-operations-a001cac7e10f?source=rss------bug_bounty-5 | Sacony Chukwu | ethical-hacking, bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips | 06-Jan-2025 |
Exploiting Session Hijacking Vulnerability: My Bug Bounty Experience | https://medium.com/@mickaelbenlolo/exploiting-session-hijacking-vulnerability-my-bug-bounty-experience-659706a24a93?source=rss------bug_bounty-5 | Mickael Benlolo | bug-bounty, session-hijacking, penetration-testing, cybersecurity | 06-Jan-2025 |
Chasing Bugs, Finding Purpose: My Journey to the First Bounty! | https://medium.com/@he4dr0/chasing-bugs-finding-purpose-my-journey-to-the-first-bounty-cf610c0f023e?source=rss------bug_bounty-5 | he4dr0 | bug-bounty, hackerone, security-research, information-disclosure, journey | 06-Jan-2025 |
How I Found My First Bug | https://medium.com/@dibyaranjanmohanta2806/i-found-my-first-bug-52e20e37b429?source=rss------bug_bounty-5 | Dibyaranjanmohanta | bugs, my-first-bug, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 06-Jan-2025 |
Eagerbee Backdoor Targets Middle Eastern Government Orgs & ISPs | https://medium.com/@wiretor/eagerbee-backdoor-targets-middle-eastern-government-orgs-isps-e0246bb044c4?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | backdoor, bug-bounty, business, malware, ai | 06-Jan-2025 |
Cryptocurrency Wallet Drainers Stole $500 Million in 2024 | https://medium.com/@wiretor/cryptocurrency-wallet-drainers-stole-500-million-in-2024-7e1da1edb1b7?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, malware, crypto, bug-bounty, ai | 06-Jan-2025 |
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips | https://mhmmuneef.medium.com/thn-weekly-recap-top-cybersecurity-threats-tools-and-tips-b11776bb3c7b?source=rss------bug_bounty-5 | Mohammed Muneef | technology, cybersecurity, bug-bounty, cybercrime, hacking | 06-Jan-2025 |
Breaking News: Chinese Hackers Breach U.S. Telecom Networks! | https://medium.com/@wiretor/breaking-news-chinese-hackers-breach-u-s-telecom-networks-be8249641716?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, hacking, cve, ai, malware | 06-Jan-2025 |
A List Of Default Admin Panel Passwords to Boost Your Bug Bounty | https://bitpanic.medium.com/a-list-of-default-admin-panel-passwords-to-boost-your-bug-bounty-67af4c4f45b2?source=rss------bug_bounty-5 | Spectat0rguy | cybersecurity, programming, bug-bounty, technology, bug-bounty-tips | 06-Jan-2025 |
HR Admin Account Takeover: Chaining Stored XSS and IDOR in a Human Resource App | https://medium.com/@abdullah12987654/hr-admin-account-takeover-chaining-stored-xss-and-idor-in-a-human-resource-app-9718c9e77d34?source=rss------bug_bounty-5 | Abdullah | cyebrsecurity, offensive-security, bug-bounty, ethical-hacking, hacking | 06-Jan-2025 |
Bug Bounty — How I Found an XSS Vulnerability Through a “Change Email” Option! | https://medium.com/@mickaelbenlolo/bug-bounty-how-i-found-an-xss-vulnerability-through-a-change-email-option-3ed57ba2d11f?source=rss------bug_bounty-5 | Mickael Benlolo | xss-vulnerability, penetration-testing, bug-bounty, cybersecurity | 06-Jan-2025 |
How I Found My First Bug (RXSS) | https://medium.com/@a0xtrojan/how-i-found-my-first-bug-rxss-2ac44e94d628?source=rss------bug_bounty-5 | A0X_Trojan | tips-and-tricks, xss-attack, bug-bounty, penetration-testing, web-app-security | 06-Jan-2025 |
Hidden Dangers of XSS Vulnerabilities — Real Case | https://medium.com/meetcyber/hidden-dangers-of-xss-vulnerabilities-real-case-22177daa6fc8?source=rss------bug_bounty-5 | Erkan Kavas | xss-bypass, cybersecurity, xss-attack, bug-bounty, xss-vulnerability | 06-Jan-2025 |
Day 0 — 05 : M y Bug Bounty Challenge 0–100k without knowledge in one year! | https://medium.com/@dogxxx10/day-0-05-m-y-bug-bounty-challenge-0-100k-without-knowledge-in-one-year-94f090fdf54a?source=rss------bug_bounty-5 | Dogxxx | bug-bounty-writeup, hacking, bug-bounty, bug-bounty-tips, web-hacking | 06-Jan-2025 |
P4 Bugs and POC | Part-8 | https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-8-2b4ed878c53a?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, money, bug-bounty-tips, infosec, hacking | 06-Jan-2025 |
How I Exposed IDOR and Path Traversal Vulnerabilities in a Parking Portal | https://medium.com/@br3ss/how-i-exposed-idor-and-path-traversal-vulnerabilities-in-a-parking-portal-0ae8e4940306?source=rss------bug_bounty-5 | Br3ss | idor, cybersecurity, hacking, path-traversal, bug-bounty | 06-Jan-2025 |
P4 Bugs and POC | Part-8 | https://infosecwriteups.com/p4-bugs-and-poc-part-8-2b4ed878c53a?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, money, bug-bounty-tips, infosec, hacking | 06-Jan-2025 |
My First Bug Report in Microsoft Windows Task Manager | https://medium.com/@abdullah.farwees/my-first-bug-report-in-microsoft-windows-task-manager-726972722e50?source=rss------bug_bounty-5 | Abdullah Farwees - Video Audio Software Engineer | microsoft-bug, microsoft-bug-bounty, bug-bounty-tips, bugs, bug-bounty | 05-Jan-2025 |
From Recon to Exploitation: 100 Linux Commands Every Pentester Must Know | https://medium.com/@rundcodehero/from-recon-to-exploitation-100-linux-commands-every-pentester-must-know-e8f118226de6?source=rss------bug_bounty-5 | Randi Adhityas Saputra | bug-bounty, linux-tutorial, cybersecurity, command-line, penetration-testing | 05-Jan-2025 |
Exploiting CORS Misconfigurations: A Bug Bounty Case Study | https://medium.com/@mickaelbenlolo/exploiting-cors-misconfigurations-a-bug-bounty-case-study-8e85a868c3c8?source=rss------bug_bounty-5 | Mickael Benlolo | bug-bounty, cybersecurity, entry-level, pentesting | 05-Jan-2025 |
Frontrunning Vulnerability: What It Is, How to Exploit, Prevent, and Mitigate It | https://infosecwriteups.com/frontrunning-vulnerability-what-it-is-how-to-exploit-prevent-and-mitigate-it-19149db077bd?source=rss------bug_bounty-5 | JEETPAL | cybersecurity, front-running, web3, bugbounty-writeup, bug-bounty | 05-Jan-2025 |
Peering into the Shadows: How an Empty Domain Led to a Full-Blown Exploitation Chain | https://medium.com/@tusharpuri6/peering-into-the-shadows-how-an-empty-domain-led-to-a-full-blown-exploitation-chain-b06219d92d0e?source=rss------bug_bounty-5 | Tusharpuri | bug-bounty, penetration-testing, application-security, offensive-security, infosec | 05-Jan-2025 |
Easy P4: Cloudflare Bypass, Origin IP Found (Part 1) | https://sudosuraj.medium.com/easy-p4-cloudflare-bypass-origin-ip-found-part-1-685d27e73dd0?source=rss------bug_bounty-5 | sudosuraj | hackerone, bug-bounty, sudosuraj, bug-bounty-writeup, info-sec-writeups | 05-Jan-2025 |
Comprehensive Reconnaissance Tools for Red Teaming and OSINT Operations | https://saconychukwu.medium.com/comprehensive-reconnaissance-tools-for-red-teaming-and-osint-operations-17b06b698548?source=rss------bug_bounty-5 | Sacony Chukwu | penetration-testing, bug-bounty, hacking | 05-Jan-2025 |
Comprehensive Phishing Tools for Red Teaming and Delivery Tactics | https://saconychukwu.medium.com/comprehensive-phishing-tools-for-red-teaming-and-delivery-tactics-cf30c615ab24?source=rss------bug_bounty-5 | Sacony Chukwu | ethical-hacking, penetration-testing, hacking, bug-bounty | 05-Jan-2025 |
Bug Bounty — Finding and Exploiting a Cookie Security Flaw: A Deep Dive into PHPSESSID and Missing… | https://medium.com/@mickaelbenlolo/bug-bounty-finding-and-exploiting-a-cookie-security-flaw-a-deep-dive-into-phpsessid-and-missing-3aca0db6c1cd?source=rss------bug_bounty-5 | Mickael Benlolo | penetration-testing, bug-bounty, cybersecurity, entry-level | 05-Jan-2025 |
Discovering SQLi Vulnerabilities Through Deeper Analysis | https://medium.com/@erkankavas/discovering-sqli-vulnerabilities-through-deeper-analysis-4e305dfbc181?source=rss------bug_bounty-5 | Erkan Kavas | cybersecurity, bug-bounty-tips, bug-bounty-writeup, sqli, bug-bounty | 05-Jan-2025 |
How I was able to Sign Up at one of the Company Panels ? P3 $$$ | https://19whoami19.medium.com/how-i-was-able-to-sign-up-at-one-of-the-company-panels-p3-c824d76e36e9?source=rss------bug_bounty-5 | WHO AM I ? | cybersecurity, bug-bounty, pentesting, broken-access-control | 05-Jan-2025 |
Finding and Reporting an XSS Vulnerability: My Bug Bounty Journey | https://medium.com/@mickaelbenlolo/finding-and-reporting-an-xss-vulnerability-my-bug-bounty-journey-0bc4a4609d34?source=rss------bug_bounty-5 | Mickael Benlolo | entry-level, xss-vulnerability, cybersecurity, penetration-testing, bug-bounty | 05-Jan-2025 |
Strategies to Maximize Your Earnings on Bug Bounty Platforms | https://bitpanic.medium.com/strategies-to-maximize-your-earnings-on-bug-bounty-platforms-6053aaf0a781?source=rss------bug_bounty-5 | Spectat0rguy | cybersecurity, information-technology, technology, bug-bounty, bug-bounty-tips | 05-Jan-2025 |
CVE-2025–0224: Provision-ISR SH-4050A-2 Server.js Information Disclosure | https://medium.com/@wiretor/cve-2025-0224-provision-isr-sh-4050a-2-server-js-information-disclosure-42df13998a66?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | cve, ai, bug-bounty, malware, business | 05-Jan-2025 |
CVE-2025–0226: Information Disclosure Vulnerability in Tsinghua Unigroup Electronic Archives… | https://medium.com/@wiretor/cve-2025-0226-information-disclosure-vulnerability-in-tsinghua-unigroup-electronic-archives-cf44084fc78c?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, hacking, malware, ai, business | 05-Jan-2025 |
Account Deletion Flaw Exposes Chats, Researcher Gets $1,000 (5/30DAYS) | https://medium.com/@zerodaystories/account-deletion-flaw-exposes-chats-researcher-gets-1-000-5-30days-d51245c30c65?source=rss------bug_bounty-5 | 0day stories | technology, bug-bounty, penetration-testing, hacking, cybersecurity | 05-Jan-2025 |
Bug Bounty Goldmine: The Wildest Cybersecurity Discoveries | https://medium.com/@hackrate/bug-bounty-goldmine-the-wildest-cybersecurity-discoveries-bb6d1be478dd?source=rss------bug_bounty-5 | Levente Molnar | ethical-hacking, bug-bounty-tips, bug-bounty, hacking, cybersecurity | 05-Jan-2025 |
Top 8 Bug Bounty Platforms in 2025 | https://hackers-guild-blog.medium.com/top-8-bug-bounty-platforms-in-2025-84a1f6b7b226?source=rss------bug_bounty-5 | Hackers Guild | bug-bounty, hacking, osint, hacker, bug-bounty-program | 05-Jan-2025 |
Brute Force Attack (Owaspbwa Lab, Hydra Tool) | https://medium.com/@BetterBy0x01/brute-force-attack-owaspbwa-lab-hydra-tool-f3cd947f86bb?source=rss------bug_bounty-5 | Ashutosh Singh Patel | bug-bounty, hacking, security, attack, owasp | 04-Jan-2025 |
Besides bXSS | https://wanderication.medium.com/besides-bxss-681f3d97cda9?source=rss------bug_bounty-5 | Jay Wandery | bug-bounty, xss-attack | 04-Jan-2025 |
Account TakeOver | Abusing the Application logic flaw in the reset password functionality | https://wanderication.medium.com/account-takeover-abusing-the-application-logic-flaw-in-the-reset-password-functionality-1b0a92caafca?source=rss------bug_bounty-5 | Jay Wandery | account-takeover-attacks, bug-bounty | 04-Jan-2025 |
Account Takeover via Facebook Oauth | https://anontriager.medium.com/account-takeover-via-facebook-oauth-cd1f6219f7dd?source=rss------bug_bounty-5 | Anonymous Traiger | bug-bounty, programming, jobs, hacker, cybersecurity | 04-Jan-2025 |
Top 15 Vulnerable Web Applications and Websites for Ethical Hacking Practice | https://saconychukwu.medium.com/top-15-vulnerable-web-applications-and-websites-for-ethical-hacking-practice-d2062e5bc383?source=rss------bug_bounty-5 | Sacony Chukwu | pentesting, bug-bounty, hacking | 04-Jan-2025 |
Boost Cybersecurity with Bug Bounty Programs | https://medium.com/@ramanidhaval11/boost-cybersecurity-with-bug-bounty-programs-26498ce74226?source=rss------bug_bounty-5 | Er Dhaval Ramani | cybersecurity, bug-bounty, cyber-security-awareness, bugbounty-writeup | 04-Jan-2025 |
How I Discovered an Email Disclosure Vulnerability | https://infosecwriteups.com/how-i-discovered-an-email-disclosure-vulnerability-bf798d3f3228?source=rss------bug_bounty-5 | JEETPAL | bug-bounty-writeup, cybersecurity, bug-bounty, bugbounty-tips | 04-Jan-2025 |
Bug Bash: 11 Creeping Critters Every QA Tester Must Squash! | https://medium.com/@divyarajsinhdev/bug-bash-11-creeping-critters-every-qa-tester-must-squash-31d4da2f7805?source=rss------bug_bounty-5 | Divyarajsinh Dodia | bug-bounty, software-testing, qa, automation, software-development | 04-Jan-2025 |
List of Top Bug Bounty Platforms for 2025 | https://medium.com/@hackrate/list-of-top-bug-bounty-platforms-for-2025-a13d86290a14?source=rss------bug_bounty-5 | Levente Molnar | penetration-testing, ethical-hacking, cybersecurity, bug-bounty, hacking | 04-Jan-2025 |
The Power of Swagger UI Docs-Broken access control | https://medium.com/@hamdiyasin135/the-power-of-swagger-ui-docs-broken-access-control-a3b57fb035bd?source=rss------bug_bounty-5 | yassin hamdi | access-control, hackerone, bug-bounty | 04-Jan-2025 |
P4 Bugs and PoC | Part 4 | https://infosecwriteups.com/p4-bugs-and-poc-part-4-c65113b489b0?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, money, bug-bounty-tips, infosec, hacking | 04-Jan-2025 |
Microsoft Vulnerability Exploitation — [IDOR] — Unbinding of Any Microsoft Account’s Recovery Email | https://medium.com/@iamjamehas/microsoft-vulnerability-exploitation-idor-unbinding-of-any-microsoft-accounts-recovery-email-0f6dcf50820e?source=rss------bug_bounty-5 | jamehadv | zero-day, red-team, exploits-zero-day, microsoft, bug-bounty | 04-Jan-2025 |
API Fuzzing for Bug Bounty: Unlock the Secrets of Vulnerable APIs | https://bevijaygupta.medium.com/api-fuzzing-for-bug-bounty-unlock-the-secrets-of-vulnerable-apis-d8b297280caa?source=rss------bug_bounty-5 | Vijay Kumar Gupta | api, fuzzing, vulnerability, bug-bounty, api-vulnerabilities | 04-Jan-2025 |
Bad Tenable Plugin Updates Take Down Nessus Agents Worldwide | https://medium.com/@wiretor/bad-tenable-plugin-updates-take-down-nessus-agents-worldwide-baf7c48c34a3?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | business, xss-attack, ai, malware, bug-bounty | 04-Jan-2025 |
New Android Malware Alert: FireScam Targets RuStore Users! | https://medium.com/@wiretor/new-android-malware-alert-firescam-targets-rustore-users-b5de983bd805?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, rce, ai, bug-bounty, xss-attack | 04-Jan-2025 |
Find XSS Vulnerabilities in Minutes | https://medium.com/@phirojshah20/find-xss-vulnerabilities-in-minutes-912d02d2b848?source=rss------bug_bounty-5 | Phirojshah | bugs, bug-bounty, bug-bounty-tips, xss-vulnerability, cybersecurity | 04-Jan-2025 |
Detecting GraphQL Injection: Tools and Techniques for Security Testers | https://bitpanic.medium.com/detecting-graphql-injection-tools-and-techniques-for-security-testers-f3742d0388aa?source=rss------bug_bounty-5 | Spectat0rguy | technology, programming, bug-bounty-tips, bug-bounty, cybersecurity | 04-Jan-2025 |
How I Found P1 Vulnerability Using Google Dork | https://h0x1d.medium.com/how-i-found-a-p1-vulnerability-using-google-dork-33ac0250df89?source=rss------bug_bounty-5 | Hamed Mohamed - h0x1d | bug-bounty, bug-bounty-writeup, bug-bounty-tips | 04-Jan-2025 |
My First Year in Bug Bounty | https://cyxbugs.medium.com/my-first-year-in-bug-bounty-42f39a42fc7f?source=rss------bug_bounty-5 | Cyx | bug-bounty-tips, cybersecurity, hacking, bug-bounty | 04-Jan-2025 |
Nikto : VulnerabilityScanner COMMANDS | https://jawstar.medium.com/nikto-vulnerabilityscanner-commands-578b76344097?source=rss------bug_bounty-5 | Jawstar | penetration-testing, technology, cybersecurity, bug-bounty, nikto | 04-Jan-2025 |
P4 Bugs and POC | Part 5 | https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-5-556962ec83f7?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, money, infosec, hacking, bug-bounty-tips | 04-Jan-2025 |
What Is Cross Site Request Forgery? | https://medium.com/@dante.falls/what-is-cross-site-request-forgery-a52a48562f58?source=rss------bug_bounty-5 | Dante Falls | cybersecurity, information-security, web-security, bug-bounty | 04-Jan-2025 |
Detecting GraphQL Injection: Tools and Techniques for Security Testers | https://medium.com/infosecmatrix/detecting-graphql-injection-tools-and-techniques-for-security-testers-f3742d0388aa?source=rss------bug_bounty-5 | Spectat0rguy | technology, programming, bug-bounty-tips, bug-bounty, cybersecurity | 04-Jan-2025 |
SQL Injection: A Beginner’s Guide PART 1 | https://medium.com/@hamzamabdulrhman/sql-injection-a-beginners-guide-part-1-0bdb41ec8609?source=rss------bug_bounty-5 | Hamza M. Abdulrhman | bug-bounty, sql-injection, hacking, sql, sql-server | 03-Jan-2025 |
How My Journey Started as a Bug Bounty Hunter | https://virpalsinh.medium.com/how-my-journey-started-as-a-bug-bounty-hunter-67641b57d01f?source=rss------bug_bounty-5 | virpalsinh | information-security, cybersecurity, careers, ethical-hacking, bug-bounty | 03-Jan-2025 |
What is an Advanced Persistent Threat (APT)? | https://ritikshrivas.medium.com/what-is-an-advanced-persistent-threat-apt-bbf9bb366e2d?source=rss------bug_bounty-5 | Ritik Shrivas | bug-bounty, information-security, vulnerability, cybersecurity, information-technology | 03-Jan-2025 |
P4 Bugs and POC | Part 1 | https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-1-0dab3517bbe9?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, money, infosec, hacking, bug-bounty-tips | 03-Jan-2025 |
How I Uncovered an LFI in 15 Seconds: The Tale of a Curious Hacker and an Unprepared Server | https://medium.com/@shyamfdo82/how-i-uncovered-an-lfi-in-15-seconds-the-tale-of-a-curious-hacker-and-an-unprepared-server-e49925452007?source=rss------bug_bounty-5 | Shyamfdo | cybersecurity, red-team, hacking, penetration-testing, bug-bounty | 03-Jan-2025 |
Use SQL-Map at its best. | https://medium.com/@anandrishav2228/use-sql-map-at-its-best-64180f9ad279?source=rss------bug_bounty-5 | Rishav anand | hacker, money, cybersecurity, bug-bounty, sql | 03-Jan-2025 |
Bug Bounty Methodology Version 2025 | https://medium.com/@techinsights5/bug-bounty-methodology-version-2025-4cb701838658?source=rss------bug_bounty-5 | TechInsights | bug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup, bug-bounty-methodology | 03-Jan-2025 |
PDF.js Arbitrary JavaScript Code Execution (CVE-2024-4367) | https://infosecwriteups.com/pdf-js-arbitrary-javascript-code-execution-cve-2024-4367-be4a64f877df?source=rss------bug_bounty-5 | coffinxp | cve, bug-bounty-tips, bug-bounty, bug-bounty-writeup, pdf | 03-Jan-2025 |
What is a Hacker? | https://hackers-guild-blog.medium.com/what-is-a-hacker-c957e390855b?source=rss------bug_bounty-5 | Hackers Guild | bounty-program, osint, cybersecurity, hacking, bug-bounty | 03-Jan-2025 |
Here’s 24 web-application hacking tools: | https://saconychukwu.medium.com/heres-24-web-application-hacking-tools-17369f7f5097?source=rss------bug_bounty-5 | Sacony Chukwu | bug-bounty | 03-Jan-2025 |
My First RCE Vulnerability | https://medium.com/@RekoJR/my-first-rce-vulnerability-636cdc9f2dab?source=rss------bug_bounty-5 | Reko ! | bug-bounty, bug-bounty-writeup | 03-Jan-2025 |
PDF.js Arbitrary JavaScript Code Execution (CVE-2024-4367) | https://infosecwriteups.com/pdf-js-arbitrary-javascript-code-execution-cve-2024-4367-be4a64f877df?source=rss------bug_bounty-5 | coffinxp | bug-bounty-tips, bug-bounty, bug-bounty-writeup, technology, xss-attack | 03-Jan-2025 |
How to Start Penetration Testing: Tools, Techniques, and Tips. | https://cybersaurabh.medium.com/how-to-start-penetration-testing-tools-techniques-and-tips-bfbf09a0130a?source=rss------bug_bounty-5 | The Saurabh Pal | penetration-testing, bug-bounty-writeup, bug-bounty, ethical-hacking, hacking | 03-Jan-2025 |
Free Labs to Practice XSS | https://medium.com/@MaMad4Ever/free-labs-to-practice-xss-08b11016ba05?source=rss------bug_bounty-5 | MaMad | xss-attack, xss-vulnerability, penetration-testing, xss-challenge, bug-bounty | 03-Jan-2025 |
The Ultimate Guide to Top Bug Bounty Platforms in 2025 | https://medium.com/@hackrate/the-ultimate-guide-to-top-bug-bounty-platforms-in-2025-b6d6c3442188?source=rss------bug_bounty-5 | Levente Molnar | bug-bounty, ethical-hacking, cybersecurity, hacking, penetration-testing | 03-Jan-2025 |
MFA Bypass Exposed: A C Flaw in Two-Factor Authentication | https://medium.com/@swaroopvenkat828/mfa-bypass-exposed-a-c-flaw-in-two-factor-authentication-6e126b1cfbd0?source=rss------bug_bounty-5 | swaroop 04 | mfa, bug-bounty, mfa-bypass, 2025, bugbounty-writeup | 03-Jan-2025 |
Siri Privacy Crisis: Apple Faces $95 Million Settlement for Secret Recordings! | https://medium.com/@wiretor/siri-privacy-crisis-apple-faces-95-million-settlement-for-secret-recordings-32472ca8e705?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, business, apple, siri, ai | 03-Jan-2025 |
€10B Cybersecurity Giant Denies Space Bears Ransomware Breach Claims | https://medium.com/@wiretor/10b-cybersecurity-giant-denies-space-bears-ransomware-breach-claims-464a80206f57?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, hacking, ai, business, malware | 03-Jan-2025 |
Hackers’ New Trick — DoubleClickjacking Hijacks Your Accounts Without a Trace | https://medium.com/@wiretor/hackers-new-trick-doubleclickjacking-hijacks-your-accounts-without-a-trace-d812ec920ac8?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | business, malware, hacker, bug-bounty, ai | 03-Jan-2025 |
Over 3 Million Mail Servers Exposed: Time to Encrypt! | https://medium.com/@wiretor/over-3-million-mail-servers-exposed-time-to-encrypt-1c1065932c89?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | business, ai, malware, bug-bounty, hacking | 03-Jan-2025 |
Improper Access Control in APIs Earns $3,900 Bounty(4/30 DAYS) | https://medium.com/@zerodaystories/improper-access-control-in-apis-earns-3-900-bounty-4-30-days-5a8668695b84?source=rss------bug_bounty-5 | 0day stories | penetration-testing, bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips | 03-Jan-2025 |
Time based user enumeration [identitytoolkit.googleapis.com] | https://medium.com/bug-bounty/time-based-user-enumeration-identitytoolkit-googleapis-com-72b2710b380a?source=rss------bug_bounty-5 | Philippe Delteil | user-enumeration, google-api, bug-bounty | 03-Jan-2025 |
P4 Bugs and PoC | Part 2 | https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-2-0842039eddf3?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty-tips, infosec, bug-bounty, money, hacking | 03-Jan-2025 |
PicoCTF Writeups — dont-use-client-side | https://medium.com/@sobatistacyber/picoctf-writeups-dont-use-client-side-1cda7ae1cc87?source=rss------bug_bounty-5 | SoBatista | ctf, bug-bounty, picoctf, hacking, penetration-testing | 03-Jan-2025 |
Mastering 403 Bypass Techniques: A Penetration Tester’s Guide | https://bitpanic.medium.com/mastering-403-bypass-techniques-a-penetration-testers-guide-f3a1cb16b9a3?source=rss------bug_bounty-5 | Spectat0rguy | bug-bounty-tips, cybersecurity, technology, programming, bug-bounty | 03-Jan-2025 |
Python libraries every Hacker should know | https://infosecwriteups.com/python-libraries-every-hacker-should-know-97fb5dae2efd?source=rss------bug_bounty-5 | Abhishek pawar | hacking, programming, cybersecurity, python, bug-bounty | 03-Jan-2025 |
#ERROR! | https://medium.com/@cybertips96/-d6a3961c1fdd?source=rss------bug_bounty-5 | Cybertips | bug-bounty | 03-Jan-2025 |
Vulnerability Testing Techniques | https://medium.com/@phirojshah20/vulnerability-testing-techniques-b9498fefd4b3?source=rss------bug_bounty-5 | Phirojshah | bug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty, bugs | 03-Jan-2025 |
P4 Bugs and PoC | Part 3 | https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-3-8ca9776c87bc?source=rss------bug_bounty-5 | Abhijeet kumawat | infosec, hacking, bug-bounty-tips, bug-bounty, money | 03-Jan-2025 |
TOP 10 VULNERABILITIES IN CYBER SECURITY | https://medium.com/@saiganesh18062003/top-10-vulnerabilities-in-cyber-security-337bb7a28760?source=rss------bug_bounty-5 | Levi Ackerman | security, cybersecurity, technology, bug-bounty, security-services | 03-Jan-2025 |
Be Aware Of It, Hacker! How To Keep Yourself Off Dangerous Triggers During Hacking Story! | https://medium.com/@nnface/be-aware-of-it-hacker-how-to-keep-yourself-off-dangerous-triggers-during-hacking-story-b4e0962c05a7?source=rss------bug_bounty-5 | NnFace | scammer-alert, cybersecurity, bug-bounty, scam, hacking | 03-Jan-2025 |
How I Found an Open AWS S3 Bucket and Used It to Take Over a Subdomain | https://medium.com/@bochamekh21/how-i-found-an-open-aws-s3-bucket-and-used-it-to-take-over-a-subdomain-75736e90c945?source=rss------bug_bounty-5 | Boubker Chamekh | subdomain-takeover, bug-bounty, hacking, hackerone, bug-bounty-writeup | 03-Jan-2025 |
P4 Bugs and PoC | Part 3 | https://infosecwriteups.com/p4-bugs-and-poc-part-3-8ca9776c87bc?source=rss------bug_bounty-5 | Abhijeet kumawat | infosec, hacking, bug-bounty-tips, bug-bounty, money | 03-Jan-2025 |
Security Misconfiguration (Tryhackme) | https://medium.com/@BetterBy0x01/security-misconfiguration-tryhackme-9c763a743a71?source=rss------bug_bounty-5 | Ashutosh Singh Patel | tryhackme-writeup, tryhackme, hacking, security, bug-bounty | 02-Jan-2025 |
Zero Click Account Takeover | https://anontriager.medium.com/zero-click-account-takeover-7f8bdcda2236?source=rss------bug_bounty-5 | Anonymous Traiger | rewards, bug-bounty, programing, hacking, cybersecurity | 02-Jan-2025 |
hunting #1 | https://medium.com/@dark_zone/hunting-1-ee308e923359?source=rss------bug_bounty-5 | darkzone | bug-bounty | 02-Jan-2025 |
A Recon Tool That Uses AI to Predict Subdomains | https://medium.com/@kumawatabhijeet2002/a-recon-tool-that-uses-ai-to-predict-subdomains-73a41aaa774d?source=rss------bug_bounty-5 | Abhijeet kumawat | ai, bug-bounty, infosec, hacking, recon | 02-Jan-2025 |
Code Analysis can help you make $200-$500 (C,C++,Node and general codes) | https://medium.com/@anandrishav2228/code-analysis-can-help-you-make-200-500-c-c-node-and-general-codes-cb7752617931?source=rss------bug_bounty-5 | Rishav anand | money, programming, cybersecurity, bug-bounty, code | 02-Jan-2025 |
WP-CRON Leading to a Complete Denial of Service (DoS) for Bank ‘X’ | https://cybersecuritywriteups.com/wp-cron-leading-to-a-complete-denial-of-service-dos-for-bank-x-82de725dfa4f?source=rss------bug_bounty-5 | Guru Prasad Pattanaik | ethical-hacking, cyber-security-awareness, cyberattack, bug-bounty, cybersecurity | 02-Jan-2025 |
【Activities Guide】A detailed overview of the TECNO Security Response Center’s security incentive… | https://medium.com/@security.tecno/activities-guide-a-detailed-overview-of-the-tecno-security-response-centers-security-incentive-6e43effd8d37?source=rss------bug_bounty-5 | TECNO Security | bug-bounty, hacking, security, activity | 02-Jan-2025 |
How to Build a Cloud Security Monitoring Dashboard ! | https://medium.com/@paritoshblogs/how-to-build-a-cloud-security-monitoring-dashboard-81951b57613f?source=rss------bug_bounty-5 | Paritosh | cloud-security, bug-bounty, hacking, cybersecurity, cloud | 02-Jan-2025 |
Google Dorks Checklist for Bug Bounty — Bug Bounty Thursday | https://medium.com/@kerstan/google-dorks-checklist-for-bug-bounty-bug-bounty-thursday-ab5ccadb91b2?source=rss------bug_bounty-5 | kerstan | cybersecurity, bug-bounty, hacking | 02-Jan-2025 |
Zendesk Access Token Disclosed in a JavaScript File Allowing Ticket Access | https://medium.com/@aloneh1/zendesk-access-token-disclosed-in-a-javascript-file-allowing-ticket-access-cfc5ba637dde?source=rss------bug_bounty-5 | Anzil | bug-bounty, vapt, cybersecurity, bug-bounty-writeup | 02-Jan-2025 |
Finding Hidden API-Keys & How to Use them | https://medium.com/@sumitcfe/finding-hidden-api-keys-how-to-use-them-9c8a187d922b?source=rss------bug_bounty-5 | Sumit Jain | vulnerability, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bugs | 02-Jan-2025 |
US Arrests Army Soldier Over AT&T, Verizon Hacking | Linked to Presidential Call Log Leaks | https://medium.com/@wiretor/us-arrests-army-soldier-over-at-t-verizon-hacking-linked-to-presidential-call-log-leaks-25897c6b4e0b?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacker, bug-bounty, malware, ai, business | 02-Jan-2025 |
Rhode Islanders’ Data Breach: Protect Yourself from Cyberattacks Today! | https://medium.com/@wiretor/rhode-islanders-data-breach-protect-yourself-from-cyberattacks-today-1c0f4f79b40b?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, business, bug-bounty, hacking, ai | 02-Jan-2025 |
Election Interference Exposed: Iranian and Russian Cyber Tactics in the Spotlight | https://medium.com/@wiretor/election-interference-exposed-iranian-and-russian-cyber-tactics-in-the-spotlight-3e9059006021?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, hacking, business, ai, bug-bounty | 02-Jan-2025 |
Three Russian-German Nationals Charged with Spying for Russia | https://medium.com/@wiretor/three-russian-german-nationals-charged-with-spying-for-russia-838f9b0d39d4?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, ransomware, hacking, secret-service, bug-bounty | 02-Jan-2025 |
postMessage XSS | https://medium.com/@rootast/postmessage-xss-f5402c9e219c?source=rss------bug_bounty-5 | Arash Shahbazi | javascript, api, xss-attack, bug-bounty, postmessage | 02-Jan-2025 |
WP-CRON Leading to a Complete Denial of Service (DoS) for Bank ‘X’ | https://cybersecuritywriteups.com/wp-cron-leading-to-a-complete-denial-of-service-dos-for-bank-x-82de725dfa4f?source=rss------bug_bounty-5 | Guru Prasad Pattanaik || TH3N00BH4CK3R | ethical-hacking, cyber-security-awareness, cyberattack, bug-bounty, cybersecurity | 02-Jan-2025 |
A Guide to MITRE ATT&CK Cloud Matrices: Simplified with Examples | https://medium.com/@paritoshblogs/a-guide-to-mitre-att-ck-cloud-matrices-simplified-with-examples-2f6588b9ac0e?source=rss------bug_bounty-5 | Paritosh | cloud, bug-bounty, hacking, cloud-computing, cybersecurity | 01-Jan-2025 |
Refer Friends, Win Credit Rewards! | https://medium.com/@security.tecno/refer-friends-win-credit-rewards-574795eeb6a9?source=rss------bug_bounty-5 | TECNO Security | bug-bounty, hacker, rewards, security | 01-Jan-2025 |
Bug Bounty Journey in 2024 | https://medium.com/@suganthankumaralingam/bug-bounty-journey-in-2024-e4f23874f991?source=rss------bug_bounty-5 | Suganthankumaralingam | bug-bounty-writeup, bug-zero, hackerone, bug-bounty-tips, bug-bounty | 01-Jan-2025 |
Bypassing Email verification through HTTP response interception | https://callgh0st.medium.com/bypassing-email-verification-through-http-response-interception-7644a907899a?source=rss------bug_bounty-5 | callgh0st | email, bug-bounty, gaza, hacking, support | 01-Jan-2025 |
Win the Race | Exploiting Race Condition Vulnerability | https://medium.com/codingninjablogs/win-the-race-exploiting-race-condition-vulnerability-21ba7297f039?source=rss------bug_bounty-5 | #$ubh@nk@r | infosec, bug-bounty, web-security, race-condition, hacking | 01-Jan-2025 |
My first 100 Days with Bug Bounties. | https://medium.com/@rootplinix/my-first-100-days-with-bug-bounties-7c4f69f73d3d?source=rss------bug_bounty-5 | Abu Hurayra | bug-bounty, infosec, vulnerability, cybersecurity, hacking | 01-Jan-2025 |
Bypassing Email verification through HTTP response interception | https://infosecwriteups.com/bypassing-email-verification-through-http-response-interception-7644a907899a?source=rss------bug_bounty-5 | callgh0st | email, bug-bounty, gaza, hacking, support | 01-Jan-2025 |
Understanding DNS for Bug Bounty Hunting | https://medium.com/@mastergojo122/understanding-dns-for-bug-bounty-hunting-428ec422aac6?source=rss------bug_bounty-5 | Wahid Najim | dns-servers, dns, bug-bounty, bug-bounty-writeup | 01-Jan-2025 |
Advanced Enumeration Techniques | https://medium.com/@phirojshah20/advanced-enumeration-techniques-45cbeb429231?source=rss------bug_bounty-5 | Phirojshah | bugs, cybersecurity, bug-bounty, bug-bounty-tips | 01-Jan-2025 |
Discovery and Probing Tools | https://medium.com/@phirojshah20/discovery-and-probing-tools-5bb0a594b5d2?source=rss------bug_bounty-5 | Phirojshah | bug-bounty-tips, cybersecurity, bug-bounty | 01-Jan-2025 |
Bug Bounty Hunting Methodology 2025 | https://medium.com/@phirojshah20/bug-bounty-hunting-methodology-2025-797bf8ae4c27?source=rss------bug_bounty-5 | Phirojshah | bug-bounty, bug-hunting, reconnaissance, cybersecurity, bugs | 01-Jan-2025 |
CVE-2024–56803: Ghostty Vulnerability Allows Command Injection | https://medium.com/@wiretor/cve-2024-56803-ghostty-vulnerability-allows-command-injection-23e41eb1e8ad?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, ai, bug-bounty, business, malware | 01-Jan-2025 |
Uncover Hidden Web Paths with Recursive Dirbusting | https://bitpanic.medium.com/uncover-hidden-web-paths-with-recursive-dirbusting-6befea8ab485?source=rss------bug_bounty-5 | Spectat0rguy | bug-bounty-tips, technology, bug-bounty, cybersecurity, programming | 01-Jan-2025 |
Over 3.1 Million Fake Stars on GitHub: A Threat to Trust & Security ️ | https://medium.com/@wiretor/over-3-1-million-fake-stars-on-github-a-threat-to-trust-security-%EF%B8%8F-f6af3a43224d?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ai, bug-bounty, malware, hacking, business | 01-Jan-2025 |
This Simple GraphQL SSRF Bug Earned Me $3,000 (3/30 DAYS) | https://medium.com/@zerodaystories/this-simple-graphql-ssrf-bug-earned-me-3-000-3-30-days-9bd13e2c2f9d?source=rss------bug_bounty-5 | 0day stories | bug-bounty, penetration-testing, bug-bounty-writeup, cybersecurity, bug-bounty-tips | 01-Jan-2025 |
Dive into Go: A Full Guide for Penetration Testers, Bounty Hunters, and Developers | https://medium.com/@v1xtron/dive-into-go-a-full-guide-for-penetration-testers-bounty-hunters-and-developers-5cc013d3f5c6?source=rss------bug_bounty-5 | v1xtron | go, learn-to-code, programming-languages, bug-bounty | 01-Jan-2025 |
Welcome to our first article on this account! | https://medium.com/@Dorking1/welcome-to-our-first-article-on-this-account-f7eb4049b768?source=rss------bug_bounty-5 | Dorking1 | bug-bounty, penetration-testing, cybersecurity | 01-Jan-2025 |
This Simple GraphQL SSRF Bug Earned $3,000 (3/30 DAYS) | https://medium.com/@zerodaystories/this-simple-graphql-ssrf-bug-earned-me-3-000-3-30-days-9bd13e2c2f9d?source=rss------bug_bounty-5 | 0day stories | bug-bounty, penetration-testing, bug-bounty-writeup, cybersecurity, bug-bounty-tips | 01-Jan-2025 |
File upload bypass — Fuzz magic bytes / Mime types with ffuf | https://medium.com/@opabravo/file-upload-bypass-fuzz-magic-bytes-mime-types-with-ffuf-b218171533d4?source=rss------bug_bounty-5 | Fate Walker | ffuf, fuzzing, penetration-testing, file-upload-vulnerability, bug-bounty | 31-Dec-2024 |
From Hidden Parameter to Account Takeover | https://medium.com/@radwan0x/from-hidden-parameter-to-account-takeover-e6905f35d93a?source=rss------bug_bounty-5 | Mohamed Radwan | bug-bounty, csrf-attack, bug-bounty-tips | 31-Dec-2024 |
Vertical Privilege Escalation from Manager to Owner: A Bug Bounty Story | https://medium.com/@swaroopvenkat828/vertical-privilege-escalation-from-manager-to-owner-a-bug-bounty-story-7a039eb0b938?source=rss------bug_bounty-5 | swaroop 04 | privilege-escalation, bug-bounty-tips, bug-bounty | 31-Dec-2024 |
Sensitive Data Exposure (Tryhackme) | https://medium.com/@BetterBy0x01/sensitive-data-exposure-tryhackme-111ed71542af?source=rss------bug_bounty-5 | Ashutosh Singh Patel | security, data, tryhackme, hacking, bug-bounty | 31-Dec-2024 |
Mastering XSS in a single read! | https://anontriager.medium.com/mastering-xss-in-a-single-read-40bc850427bd?source=rss------bug_bounty-5 | Anonymous Traiger | bug-bounty, hacker, programming, cybersecurity, jobs | 31-Dec-2024 |
Mastering 403 Forbidden Bypass Techniques Part-2✨ | https://medium.com/@kumawatabhijeet2002/mastering-403-forbidden-bypass-techniques-part-2-658af618d5b0?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty-tips, 403-forbidden, hacking, infosec, bug-bounty | 31-Dec-2024 |
How I Discovered Exposed .env Files on a Subdomain of a Popular Exam Proctoring Website | https://medium.com/@anonymousshetty2003/how-i-discovered-exposed-env-files-on-a-subdomain-of-a-popular-exam-proctoring-website-50f1847a9e59?source=rss------bug_bounty-5 | Anonymousshetty | information-disclosure, hacking, bug-bounty, cybersecurity, bug-bounty-tips | 31-Dec-2024 |
How I Discovered a Leaked cAdvisor Panel Dashboard on a Website | https://medium.com/@anonymousshetty2003/how-i-discovered-a-leaked-cadvisor-panel-dashboard-on-a-website-1f097b526b3e?source=rss------bug_bounty-5 | Anonymousshetty | cybersecurity, shodan, hacking, bug-bounty, bug-hunting | 31-Dec-2024 |
API Pentesting: Unrestricted Resource Consumption | https://devilwrites.medium.com/api-pentesting-unrestricted-resource-consumption-2692bf368575?source=rss------bug_bounty-5 | hackerdevil | api, api-penetration-testing, owasp, api-security, bug-bounty | 31-Dec-2024 |
Advanced Analysis: XSS Vulnerability in an AI-Powered Chatbot Service | https://medium.com/@MianHammadx0root/advanced-analysis-xss-vulnerability-in-an-ai-powered-chatbot-service-53212f545624?source=rss------bug_bounty-5 | Mian Hammad | xss-attack, cybersecurity, ai-chat-bot, ai, bug-bounty | 31-Dec-2024 |
How I Discovered an 8.2 Severity bug on hackerone for Account Takeover via HTML Injection | https://medium.com/@ravindrajatav0709/how-i-discovered-an-8-2-severity-bug-on-hackerone-for-account-takeover-via-html-injection-3e5b0ec32cc9?source=rss------bug_bounty-5 | Ravindrajatav | bugs, bug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty | 31-Dec-2024 |
My First Year in Bug Bounty Hunting | https://0xshuvo.medium.com/my-first-year-in-bug-bounty-hunting-2b5c2cb9c205?source=rss------bug_bounty-5 | Shuvo Kumar Saha | bug-bounty-hunter, bug-bounty-writeup, bug-bounty, bug-bounty-tips, infosec | 31-Dec-2024 |
OTP Bypass Leads to $2000 (2/30 DAYS) | https://medium.com/@zerodaystories/otp-bypass-leads-to-2000-2-30-days-7845b2580e7e?source=rss------bug_bounty-5 | 0day stories | bug-bounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity, penetration-testing | 31-Dec-2024 |
2024 Bug Bounty Achievements | https://medium.com/readers-club/2024-bug-bounty-achievements-15c5195031d3?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty, cybersecurity, failure, growth-mindset, never-give-up | 31-Dec-2024 |
How was I able to lock any user’s account? | https://zerocode-ph.medium.com/how-was-i-able-to-lock-any-users-account-4303ff175a04?source=rss------bug_bounty-5 | Syd Ricafort (0cod3) | bug-bounty | 31-Dec-2024 |
The Struggles of Manual Security Testers in an Automation-Heavy Bug Bounty Era | https://mixbanana.medium.com/the-struggles-of-manual-security-testers-in-an-automation-heavy-bug-bounty-era-22cccf32fc13?source=rss------bug_bounty-5 | MixBanana | penetration-testing, security, bug-bounty, cybersecurity | 31-Dec-2024 |
U.S. Treasury Breached via Remote Support Platform: Lessons for Cybersecurity Professionals | https://medium.com/@wiretor/u-s-treasury-breached-via-remote-support-platform-lessons-for-cybersecurity-professionals-bd25d69ee856?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | business, bug-bounty, ai, xss-attack, hacker | 31-Dec-2024 |
Session Hijacking Vulnerability in Password Reset Flow Leading to Cross-Account Access | https://medium.com/@iPsalmy/session-hijacking-vulnerability-in-password-reset-flow-leading-to-cross-account-access-4823d88e680a?source=rss------bug_bounty-5 | iPsalmy | penetration-testing, cybersecurity, application-security, information-security, bug-bounty | 31-Dec-2024 |
My story of hacking Dutch Government | by Chinmaya Rana | https://chinmayarana.medium.com/my-story-of-hacking-dutch-government-by-chinmaya-rana-b54ea26c92dd?source=rss------bug_bounty-5 | Chinmaya Rana | hacking, readteam, bug-bounty, cybersecurity, web-security | 31-Dec-2024 |
Unleashing My Recon Weapon: A Custom Bash Tool for Bug Bounty | https://medium.com/@kumawatabhijeet2002/unleashing-my-recon-weapon-a-custom-bash-tool-for-bug-bounty-d946b5f26dd9?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, bug-bounty-tips, recon, hacking, infosec | 31-Dec-2024 |
This is a writeup of how can I get critical $$$$ bounty from PII Disclosure - Broken Access | https://medium.com/@0xNayelx/this-is-a-writeup-of-how-can-i-get-critical-bounty-from-pii-disclosure-broken-access-7a113e5dc50c?source=rss------bug_bounty-5 | 0xNayel | bug-bounty-writeup, ctf-writeup, cybersecurity, bug-bounty-tips, bug-bounty | 31-Dec-2024 |
SQLi Time-Based Blind Finding Methods | https://medium.com/@erkankavas/sqli-time-based-blind-finding-methods-cdef02de2d0e?source=rss------bug_bounty-5 | Erkan Kavas | sqli, ethical-hacking, bug-bounty, bug-bounty-tips, hacking | 31-Dec-2024 |
Old School Out-of-Band (OOB) SQL Injection Manual Approach | https://anontuttuvenus.medium.com/old-school-out-of-band-oob-sql-injection-manual-approach-cc50b81c5984?source=rss------bug_bounty-5 | Anon Tuttu Venus | webapplicationpentest, sql-injection, bug-bounty, owasp-top-10, sqli | 31-Dec-2024 |
Alhamdulillah ❤️ | https://medium.com/@momenrezkk90/alhamdulillah-%EF%B8%8F-4c8ba456bec1?source=rss------bug_bounty-5 | MOAMEN REZK | bug-bounty, cybersecurity, penetration-testing, bugs, red-team | 31-Dec-2024 |
Mastering Wfuzz: Uncover Hidden Web Vulnerabilitiese | https://medium.com/@kumawatabhijeet2002/mastering-wfuzz-uncover-hidden-web-vulnerabilitiese-351cbbef18d6?source=rss------bug_bounty-5 | Abhijeet kumawat | hacking, bug-bounty-tips, bug-bounty, infosec, medium | 30-Dec-2024 |
Sql Injection Vulnerability via Registration Form | https://medium.com/@kevstrs_/sql-injection-vulnerability-via-registration-form-ccaf7bbddd0b?source=rss------bug_bounty-5 | kevstrs_ | sql-injection, bug-bounty, injection, pentesting | 30-Dec-2024 |
How I was able to delete a production backend server in my first finding. | https://gr3yg05t.medium.com/how-i-was-able-to-delete-a-production-backend-server-in-my-first-finding-5dcce8aa093c?source=rss------bug_bounty-5 | Mr Grey | bug-bounty, bug-bounty-tips, info-sec-writeups, infosec, bug-bounty-writeup | 30-Dec-2024 |
Triaging an LFI Vulnerability Report | https://anontriager.medium.com/triaging-an-lfi-vulnerability-report-ad9a33016f0c?source=rss------bug_bounty-5 | Anonymous Traiger | jobs, programming, money, bug-bounty, cybersecurity | 30-Dec-2024 |
US Healthcare Providers May Be Hit With New Cybersecurity Rules | https://mhmmuneef.medium.com/us-healthcare-providers-may-be-hit-with-new-cybersecurity-rules-61aa2655ea79?source=rss------bug_bounty-5 | Mohammed Muneef | healthcare-technology, cybersecurity-awareness, news, bug-bounty, technology | 30-Dec-2024 |
️♂️ Enhancing Bug Bounty Programs in an AI-Driven Market | https://infosecwriteups.com/%EF%B8%8F-%EF%B8%8F-enhancing-bug-bounty-programs-in-an-ai-driven-market-e512b0b2766a?source=rss------bug_bounty-5 | Tal Eliyahu | bug-bounty, genai, artificial-intelligence, security, cybersecurity | 30-Dec-2024 |
DNS Tunneling to Bypass Firewall. | https://medium.com/@anandrishav2228/dns-tunneling-to-bypass-firewall-ab5e9d91bd7b?source=rss------bug_bounty-5 | Rishav anand | firewall, bug-bounty, money, hacking, cybersecurity | 30-Dec-2024 |
When APIs Can’t Keep Up: How I Exploited Misconfigured Rate Limits to Crash the Party | https://myselfakash20.medium.com/when-apis-cant-keep-up-how-i-exploited-misconfigured-rate-limits-to-crash-the-party-e5be48d4cacd?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty-tips, bug-bounty, bug-bounty-writeup, technology, cybersecurity | 30-Dec-2024 |
Exploiting SQLi to Query Database Version on MySQL and Microsoft | https://osintteam.blog/exploiting-sqli-to-query-database-version-on-mysql-and-microsoft-8d38a3ec42b4?source=rss------bug_bounty-5 | The Cybersec Café | sql-injection, cybersecurity, information-security, penetration-testing, bug-bounty | 30-Dec-2024 |
Server-side vulnerabilities | #1 PATH TRAVERSAL | https://medium.com/@agapehearts/server-side-vulnerabilities-1-path-traversal-5df782acb60d?source=rss------bug_bounty-5 | Agape HearTs | ethical-hacking, portswigger, servers, cybersecurity, bug-bounty | 30-Dec-2024 |
CSRF Enable 2FA allow User Lose Access to Their Account. | https://anjarwilujeng.medium.com/csrf-enable-2fa-allow-user-lose-access-to-their-account-331eaed89d25?source=rss------bug_bounty-5 | AWesome | bug-bounty, bug-bounty-writeup, csrf | 30-Dec-2024 |
Hacker Nedir ve Türleri Nelerdir? | https://medium.com/@gzmpyrz99/hacker-nedir-ve-t%C3%BCrleri-nelerdir-abff0e616fbf?source=rss------bug_bounty-5 | Gizem Poyraz | blue-team, hacker, red-team, scriptkkiddie, bug-bounty | 30-Dec-2024 |
When APIs Can’t Keep Up: How I Exploited Misconfigured Rate Limits to Crash the Party | https://infosecwriteups.com/when-apis-cant-keep-up-how-i-exploited-misconfigured-rate-limits-to-crash-the-party-e5be48d4cacd?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty, hacking, programming, technology, cybersecurity | 30-Dec-2024 |
Weirdest access control vulnerability I have ever found… | https://siratsami71.medium.com/weirdest-access-control-vulnerability-i-have-ever-found-b3ea97019fad?source=rss------bug_bounty-5 | Sirat Sami (analyz3r) | hackerone, security, pentesting, bug-bounty | 30-Dec-2024 |
What Bug Bounty Hunters Don’t Tell You. | https://medium.com/@padhyepushkar/what-bug-bounty-hunters-dont-tell-you-78969ca0916a?source=rss------bug_bounty-5 | Pushkar Padhye | bug-bounty, bug-bounty-writeup, bug-bounty-tips, blogging, knowledge | 30-Dec-2024 |
Unauthorized Account Deletion via Email Spoofing | https://medium.com/@Salmansaifeldin/unauthorized-account-deletion-via-email-spoofing-dbfccad287c7?source=rss------bug_bounty-5 | Salman SaifEl-Din | bug-bounty-tips, cybersecurity, bug-bounty | 30-Dec-2024 |
Unlocking Secrets: How to Create Your Own Wordlist for Hidden Directories and Endpoints ✨ | https://medium.com/@kumawatabhijeet2002/unlocking-secrets-how-to-create-your-own-wordlist-for-hidden-directories-and-endpoints-9d78539857b3?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty-tips, hacking, bug-bounty, medium, infosec | 30-Dec-2024 |
Bug Bounty Insights: 10 Key Findings - Email Verification Flaws - Part 4 | https://medium.com/@maakthon/bug-bounty-insights-10-key-findings-email-verification-flaws-part-4-49412c461450?source=rss------bug_bounty-5 | Mahmoud Abd Alkarim | bug-bounty-tips, security-research, bug-bounty, cybersecurity, broken-access-control | 30-Dec-2024 |
Delete any comment without admin privilege | https://medium.com/@a.essam0_o/delete-any-comment-without-admin-privilege-d5af9105ed9d?source=rss------bug_bounty-5 | A.Essam | attack, bug-bounty, web, hacking, pentesting | 30-Dec-2024 |
PortSwigger — Authentication | https://medium.com/@rzashirinov38/portswigger-authentication-e3760f4d1411?source=rss------bug_bounty-5 | Rza Shirinov | portswigger, authentication, web, bug-bounty, login | 30-Dec-2024 |
Hidden Gems: Simple Exploits Overlooked by Most Bug Hunters | https://bitpanic.medium.com/hidden-gems-simple-exploits-overlooked-by-most-bug-hunters-3113cc1db4b8?source=rss------bug_bounty-5 | Spectat0rguy | bug-bounty-tips, bug-bounty, technology, cybersecurity, programming | 30-Dec-2024 |
Apache MINA CVE-2024–52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization | https://medium.com/@wiretor/apache-mina-cve-2024-52046-cvss-10-0-flaw-enables-rce-via-unsafe-serialization-1d042d0ad53e?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | xss-attack, malware, hacking, bug-bounty, apache-mina | 30-Dec-2024 |
Outdated D-Link Routers Under Siege: Botnets Exploit Vulnerabilities | https://medium.com/@wiretor/outdated-d-link-routers-under-siege-botnets-exploit-vulnerabilities-24fa380d9e2e?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, malware, ai, xss-attack, hacking | 30-Dec-2024 |
US Cracks Down on Foreign Exploitation of Personal Information | https://medium.com/@wiretor/us-cracks-down-on-foreign-exploitation-of-personal-information-1c57dd844750?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, usa, bug-bounty, hacker, xss-attack | 30-Dec-2024 |
Telecom Giants Secure Networks After Salt Typhoon Espionage Scandal | https://medium.com/@wiretor/telecom-giants-secure-networks-after-salt-typhoon-espionage-scandal-106159c959ba?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | xss-attack, bug-bounty, malware, ai, hacking | 30-Dec-2024 |
Useful Extensions for Bug Bounty Hunting | https://medium.com/@phirojshah20/useful-extensions-for-bug-bounty-hunting-0a1f4e32344c?source=rss------bug_bounty-5 | Phirojshah | cybersecurity, bug-bounty, bugs, bug-bounty-tips, extension | 30-Dec-2024 |
How to Find Origin IP of any Website Behind a WAF | https://infosecwriteups.com/how-to-find-origin-ip-of-any-website-behind-a-waf-c85095156ef7?source=rss------bug_bounty-5 | coffinxp | bug-bounty-tips, waf-bypass, bug-bounty, technology, recon | 30-Dec-2024 |
Mastering the Art of Bug Bounty Hunting: A Step-by-Step Guide | https://medium.com/@kumawatabhijeet2002/mastering-the-art-of-bug-bounty-hunting-a-step-by-step-guide-8eaabfe1cbf6?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, infosec, hacking, free, bug-bounty-tips | 30-Dec-2024 |
Discovered 30 BOLA + IDOR vulnerabilities in a single subdomain (BBP). | https://im4x.medium.com/discovered-30-bola-idor-vulnerabilities-in-a-single-subdomain-bbp-a382e4554e71?source=rss------bug_bounty-5 | Ahmed Najeh | hacking, bug-bounty, hackerone | 30-Dec-2024 |
How I Took Over Millions of Instagram Accounts Using SQL Injection Method & Takeover via Filtering… | https://pwn0sec.medium.com/how-i-took-over-millions-of-instagram-accounts-using-sql-injection-method-takeover-via-filtering-cd858d486a54?source=rss------bug_bounty-5 | PwnOsec Research Groups | indonesian, bug-bounty, pemerintah-indonesia, bug-bounty-tips | 30-Dec-2024 |
Breaking app’s logic workflow to decrease the payments’ amounts | https://medium.com/@bag0zathev2/breaking-apps-logic-workflow-to-decrease-the-payments-amounts-9c9f44efe23d?source=rss------bug_bounty-5 | Fares Walid (SirBugs) | cybersecurity, bug-bounty, bug-hunting, payment-gateway, payments | 29-Dec-2024 |
Command Injection (Tryhackme and Owaspbwa) | https://medium.com/@BetterBy0x01/command-injection-tryhackme-and-owaspbwa-6765b324c99d?source=rss------bug_bounty-5 | Ashutosh Singh Patel | command-injection, security, bug-hunting, hacking, bug-bounty | 29-Dec-2024 |
how i found the parameter tempering vulnerability? | https://doordiefordream.medium.com/how-i-found-the-parameter-tempering-vulnerability-09c4ea5f9675?source=rss------bug_bounty-5 | Bug hunter balu | bug-bounty, hacking, cybersecurity, ethical-hacking, web3 | 29-Dec-2024 |
Cross-Domain Referrer Leakage (Bug Bounty) | https://anontriager.medium.com/cross-domain-referrer-leakage-bug-bounty-5c7fb967883d?source=rss------bug_bounty-5 | Anonymous Traiger | bug-bounty, cybersecurity, bug-bounty-tips, jobs, bug-bounty-writeup | 29-Dec-2024 |
How to find SSRF, Bypass Cloudflare, and extract AWS metadata | https://anontriager.medium.com/how-to-find-ssrf-bypass-cloudflare-and-extract-aws-metadata-46d1ee6d1857?source=rss------bug_bounty-5 | Anonymous Traiger | cybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty, jobs | 29-Dec-2024 |
Uncovering Race Conditions in Endpoint API Key Generation | https://anjarwilujeng.medium.com/uncovering-race-conditions-in-endpoint-api-key-generation-dec3abf31a83?source=rss------bug_bounty-5 | AWesome | race-condition, bug-bounty-writeup, bug-bounty | 29-Dec-2024 |
HTB Write-Up: Retrieving the Flag via cURL | 使用 cURL 提取 Flag | https://medium.com/@lixinlovestudy/htb-write-up-retrieving-the-flag-via-curl-%E4%BD%BF%E7%94%A8-curl-%E6%8F%90%E5%8F%96-flag-5987084868bb?source=rss------bug_bounty-5 | Lixin Zhang | hackthebox, writeup, bug-bounty | 29-Dec-2024 |
Complete Guide to SQL Injection Detection: A Security Researcher’s Handbook | https://medium.com/@phirojshah20/complete-guide-to-sql-injection-detection-a-security-researchers-handbook-c3b25d40bdb6?source=rss------bug_bounty-5 | Phirojshah | cybersecurity, bug-bounty, sql, sql-injection, bugs | 29-Dec-2024 |
Apk Bug Boundy Guide | https://medium.com/@adithyakrishnav001/apk-bug-boundy-guide-7968d04baf7e?source=rss------bug_bounty-5 | Adithyakrishna V | hacking, android, bug-bounty, apk, aad1 | 29-Dec-2024 |
Crack the Code: A Beginner’s Blueprint to Cybersecurity Success | https://medium.com/@divyesh.jagad/crack-the-code-a-beginners-blueprint-to-cybersecurity-success-6aa6546a89bd?source=rss------bug_bounty-5 | Divyesh Jagad | infosec, cybersecurity, bug-bounty, beginner, income | 29-Dec-2024 |
Hunting Hidden Gems: Bug Bounties in the Code of JavaScript | https://medium.com/@loayahmed686/hunting-hidden-gems-bug-bounties-in-the-code-of-javascript-f369a6617204?source=rss------bug_bounty-5 | r00t | code-review, bug-bounty-tips, bug-bounty | 29-Dec-2024 |
BEST AUTOMATED TOOLS THAT YOU NEED TO KNOW NOW ????? | https://jawstar.medium.com/best-automated-tools-that-you-need-to-know-now-f7c883f0487c?source=rss------bug_bounty-5 | Jawstar | automation-testing, automation, penetration-testing, vulnerability, bug-bounty | 29-Dec-2024 |
OWASP Top 10 2025: What to Expect | https://infosecwriteups.com/owasp-top-10-2025-what-to-expect-22b8ede0c428?source=rss------bug_bounty-5 | Aditya Sawant | penetration-testing, bug-bounty, information-security, owasp, cybersecurity | 29-Dec-2024 |
Brazilian Hacker Charged with Extorting $3.2M in Bitcoin After Breaching 300,000 Accounts | https://medium.com/@wiretor/brazilian-hacker-charged-with-extorting-3-2m-in-bitcoin-after-breaching-300-000-accounts-22a888c20177?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | xss-attack, ai, business, bug-bounty, malware | 29-Dec-2024 |
Ruijie Networks’ Cloud Platform Vulnerabilities Could Expose 50,000 Devices to Remote Attacks | https://medium.com/@wiretor/ruijie-networks-cloud-platform-vulnerabilities-could-expose-50-000-devices-to-remote-attacks-0c71e3e230b0?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacker, bug-bounty, ai, business, malware | 29-Dec-2024 |
Critical Alert: CVE-2024–12356 Command Injection Vulnerability in BeyondTrust RS & PRA | https://medium.com/@wiretor/critical-alert-cve-2024-12356-command-injection-vulnerability-in-beyondtrust-rs-pra-6e8df2f63471?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, bug-bounty, ai, bus, malware | 29-Dec-2024 |
Hackers Target ZAGG Customers in Third-Party Breach: Credit Card Data Exposed | https://medium.com/@wiretor/hackers-target-zagg-customers-in-third-party-breach-credit-card-data-exposed-8d2ac0f66ba2?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ai, business, bug-bounty, malware, hacker | 29-Dec-2024 |
Mastering DIRB: Your Guide to Uncovering Hidden Web Directories | https://medium.com/@kumawatabhijeet2002/mastering-dirb-your-guide-to-uncovering-hidden-web-directories-d336f6dafa36?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, hacking, infosec, free, bug-bounty-tips | 29-Dec-2024 |
Every Flask app hides a story—be the one to uncover it | https://bitpanic.medium.com/every-flask-app-hides-a-story-be-the-one-to-uncover-it-32f2942f7927?source=rss------bug_bounty-5 | Spectat0rguy | information-security, cybersecurity, technology, bug-bounty, bug-bounty-tips | 29-Dec-2024 |
How I Unsubscribed 100+ Emails Including CEO*CTO*CISO* Etc Of The Company With Out User Interaction | https://medium.com/@alexandermr289/how-i-unsubscribed-100-emails-including-ceo-cto-ciso-etc-of-the-company-with-out-user-interaction-f6d78320ddaf?source=rss------bug_bounty-5 | Mr_alexander | osint, cybersecurity, medium, bug-bounty, darkweb | 29-Dec-2024 |
HTML Injection | https://medium.com/@mastergojo122/html-injection-b6f4151c7d6a?source=rss------bug_bounty-5 | Wahid Najim | html-injection, bug-bounty-writeup, cybersecurity, bug-bounty | 29-Dec-2024 |
403/401 Bypass Methods + Bash Automation + Your Support 😉 | https://anontriager.medium.com/403-401-bypass-methods-bash-automation-your-support-5468b93599fd?source=rss------bug_bounty-5 | Anonymous Traiger | bug-bounty, cybersecurity, bugbounty-tips, bug-bounty-writeup | 28-Dec-2024 |
The Bug Bounty Reconnaissance Framework (BBRF) | https://anontriager.medium.com/the-bug-bounty-reconnaissance-framework-bbrf-9e6d5d814551?source=rss------bug_bounty-5 | Anonymous Traiger | bug-bounty, cybersecurity, bugbounty-tips, bug-bounty-writeup | 28-Dec-2024 |
You can find hardcoded API-Key, Secret, Token Etc… | https://anontriager.medium.com/you-can-find-hardcoded-api-key-secret-token-etc-d27130c481a8?source=rss------bug_bounty-5 | Anonymous Traiger | cybersecurity, bugbounty-poc, bug-bounty, bugbounting, bug-bounty-tips | 28-Dec-2024 |
Exploiting Weak Password Change Mechanisms: Real-World Scenarios | https://medium.com/@alvinbijo_174/exploiting-weak-password-change-mechanisms-real-world-scenarios-84394158e9d8?source=rss------bug_bounty-5 | session-x | bug-bounty-tips, bug-bounty | 28-Dec-2024 |
IDOR Flaw Leads to $1160 Bounty (1/30 DAYS) | https://medium.com/@zerodaystories/idor-flaw-leads-to-1160-bounty-1-30-days-406cd288bebb?source=rss------bug_bounty-5 | 0day stories | bug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-writeup, penetration-testing | 28-Dec-2024 |
How I was able to delete MFA of any user without Authentication | https://medium.com/@sharp488/how-i-was-able-to-delete-mfa-of-any-user-without-authentication-814904b506a2?source=rss------bug_bounty-5 | Sharat Kaikolamthuruthil | bug-bounty-writeup, information-security, bug-bounty-hunter, bug-bounty-tips, bug-bounty | 28-Dec-2024 |
Bug Hunting Methodology: A Comprehensive Guide | https://medium.com/@phirojshah20/bug-hunting-methodology-a-comprehensive-guide-619978852f89?source=rss------bug_bounty-5 | Phirojshah | recon, reconnaissance, bug-bounty, bug-bounty-tips, cybersecurity | 28-Dec-2024 |
Best Cyber Security tools You Must Know before 2024 ENDS | https://medium.com/meetcyber/best-cyber-security-tools-you-must-know-before-2024-ends-c207bd6ba0cd?source=rss------bug_bounty-5 | Abhishek pawar | bug-bounty, hacking, news, cybersecurity, ethical-hacking | 28-Dec-2024 |
Default Credentials Put 15,000+ Four-Faith Routers at Risk | https://medium.com/@wiretor/default-credentials-put-15-000-four-faith-routers-at-risk-65d235b23cfe?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacker, malware, business, bug-bounty, ai | 28-Dec-2024 |
✈️ Japan Airlines Hit by Cyberattack: A Wake-Up Call for Aviation Cybersecurity! ✈️ | https://medium.com/@wiretor/%EF%B8%8F-japan-airlines-hit-by-cyberattack-a-wake-up-call-for-aviation-cybersecurity-%EF%B8%8F-dfddcafa3d34?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, xss-attack, hacking, japan, bug-bounty | 28-Dec-2024 |
Volkswagen Leak Reveals 800,000 Cars’ Data: Precision Geo-Locations Exposed! | https://medium.com/@wiretor/volkswagen-leak-reveals-800-000-cars-data-precision-geo-locations-exposed-80acc7587581?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, ai, bug-bounty, hacking, business | 28-Dec-2024 |
Chinese Hackers Target U.S. Telecoms: What You Need to Know | https://medium.com/@wiretor/chinese-hackers-target-u-s-telecoms-what-you-need-to-know-4637ca456eeb?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, bug-bounty, malware, ai, business | 28-Dec-2024 |
Mastering Gobuster: Unveiling Hidden Paths in Web Applications | https://medium.com/@kumawatabhijeet2002/mastering-gobuster-unveiling-hidden-paths-in-web-applications-2c7b6bb2fb1d?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, bug-bounty-tips, hidden, hacking, infosec | 28-Dec-2024 |
Admin Hunter: Fast and Efficient Admin Panel Discovery | https://medium.com/@rootspaghetti/admin-hunter-fast-and-efficient-admin-panel-discovery-6461e818942c?source=rss------bug_bounty-5 | Root@Spaghetti | bug-bounty-tips, bug-bounty | 28-Dec-2024 |
Logic Flaw: Turning an Invitation Function into a Revenue Blocker | https://gr3yg05t.medium.com/logic-flaw-turning-an-invitation-function-into-a-revenue-blocker-b4523dc46dde?source=rss------bug_bounty-5 | Mr Grey | bug-bounty-writeup, bug-bounty-tips, bug-bounty, business-logic-flaw, infosec | 27-Dec-2024 |
Most commonly found Vulnerabilities in Web Applications. | https://medium.com/paktolus-engineering/most-commonly-found-vulnerabilities-in-web-applications-01dfb54530e2?source=rss------bug_bounty-5 | Jay Shankar | penetration-testing, web-vulnerabilities, bug-bounty-writeup, bug-bounty, vapt-services | 27-Dec-2024 |
Logic Flaw: Using Invitation Function to Block Other Accounts | https://gr3yg05t.medium.com/logic-flaw-turning-an-invitation-function-into-a-revenue-blocker-b4523dc46dde?source=rss------bug_bounty-5 | Mr Grey | bug-bounty-writeup, bug-bounty-tips, bug-bounty, business-logic-flaw, infosec | 27-Dec-2024 |
Cookie Replay | https://vikasrai11.medium.com/cookie-replay-e379800e40b2?source=rss------bug_bounty-5 | Vikas Rai | penetration-testing, bug-bounty, vulnerability, security-token, cybersecurity | 27-Dec-2024 |
How i accidentally found a 1-click account takeover bug | https://infosecwriteups.com/how-i-accidentally-found-a-1-click-account-takeover-bug-dd27a512dd22?source=rss------bug_bounty-5 | callgh0st | account-takeover, transparency, gaza, bug-bounty, hacking | 27-Dec-2024 |
Is 2025 the Year to Begin Bug Bounty Hunting? Here’s What you need to Know .. | https://medium.com/@techinsights5/is-2025-the-year-to-begin-bug-bounty-hunting-heres-what-you-need-to-know-3e61bcf14a4b?source=rss------bug_bounty-5 | TechInsights | ethical-hacking, bug-bounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity | 27-Dec-2024 |
AdsPower「安全众测计划」后,What’s Next? | https://medium.com/@AdsPowerHK/adspower-%E5%AE%89%E5%85%A8%E4%BC%97%E6%B5%8B%E8%AE%A1%E5%88%92-%E5%90%8E-whats-next-01a612937c93?source=rss------bug_bounty-5 | AdsPower 指紋瀏覽器 | bug-bounty, 指纹浏览器, adspower | 27-Dec-2024 |
The WAF Gambit: How I Bypassed a Client’s Web Application Firewall and Exposed a Vulnerability | https://medium.com/@GHOSTWIELD/the-waf-gambit-how-i-bypassed-a-clients-web-application-firewall-and-exposed-a-vulnerability-d8f47452429a?source=rss------bug_bounty-5 | GhostWield | cybersecurity, money, hacking, trends, bug-bounty | 27-Dec-2024 |
Game Hacking: Exploiting Executables and Libraries | https://medium.com/@k3r0/game-hacking-exploiting-executables-and-libraries-27c1b144732a?source=rss------bug_bounty-5 | Kyrillos nady | hacking, android, bug-bounty, penetration-testing, games | 27-Dec-2024 |
Bug Bounty Hunting Using Android: A Mobile Hacker’s Toolkit | https://bitpanic.medium.com/bug-bounty-hunting-using-android-a-mobile-hackers-toolkit-195ea39cccd6?source=rss------bug_bounty-5 | Spectat0rguy | information-security, bug-bounty, technology, bug-bounty-tips, cybersecurity | 27-Dec-2024 |
Hackers Exploit CVE-2024–3393 to Disable Palo Alto Networks Firewalls | https://medium.com/@wiretor/hackers-exploit-cve-2024-3393-to-disable-palo-alto-networks-firewalls-00e89bb60c11?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, xss-attack, malware, hacking | 27-Dec-2024 |
Beware of ‘OtterCookie’ Malware: Devs Targeted with Fake Job Offers! | https://medium.com/@wiretor/beware-of-ottercookie-malware-devs-targeted-with-fake-job-offers-01367c51f639?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | business, malware, bug-bounty, hacking, ai | 27-Dec-2024 |
Chrome Extensions Hijacked: Protect Your Data Now! | https://medium.com/@wiretor/chrome-extensions-hijacked-protect-your-data-now-8bd0e43d8473?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | xs, hacking, malware, bug-bounty, ai | 27-Dec-2024 |
Mastering FFUF: The Ultimate Fuzzing Toolkit | https://medium.com/@kumawatabhijeet2002/mastering-ffuf-the-ultimate-fuzzing-toolkit-e16a85416c5c?source=rss------bug_bounty-5 | Abhijeet kumawat | hacking, bug-bounty, bug-bounty-tips, infosec, medium | 27-Dec-2024 |
BPP [$750]Arbitrary File Upload Vulnerability To Remote Code Execution (RCE) Outside the Platform. | https://aryasec.medium.com/bpp-750-arbitrary-file-upload-vulnerability-to-remote-code-execution-rce-outside-the-platform-9093b51d044d?source=rss------bug_bounty-5 | Tengku Arya Saputra | rce-vulnerability, penetration-testing, bug-bounty, rce, bug-bounty-writeup | 27-Dec-2024 |
Must-Have Browser Extensions for Bug Bounty Hunters | https://aiwolfie.medium.com/must-have-browser-extensions-for-bug-bounty-hunters-58edff558912?source=rss------bug_bounty-5 | AIwolfie | bug-bounty, bug-bounty-tips, hacking, ethical-hacking, bug-bounty-writeup | 27-Dec-2024 |
Bug Chain: pre-auth takeover to permanent access. | https://gr3yg05t.medium.com/bug-chain-pre-auth-takeover-to-permanent-access-4d92829ed816?source=rss------bug_bounty-5 | Mr Grey | bug-bounty-tips, bug-bounty, infosec, bug-bounty-writeup, business-logic-flaw | 27-Dec-2024 |
Bug Bounty Hunting Using Android: A Mobile Hacker’s Toolkit | https://medium.com/infosecmatrix/bug-bounty-hunting-using-android-a-mobile-hackers-toolkit-195ea39cccd6?source=rss------bug_bounty-5 | Spectat0rguy | information-security, bug-bounty, technology, bug-bounty-tips, cybersecurity | 27-Dec-2024 |
Uncovering Amazon S3 Bucket Vulnerabilities: A Comprehensive Guide for Ethical Hackers | https://medium.com/@kumawatabhijeet2002/uncovering-amazon-s3-bucket-vulnerabilities-a-comprehensive-guide-for-ethical-hackers-124790bf9e62?source=rss------bug_bounty-5 | Abhijeet kumawat | s3, amazon, hacking, bug-bounty-tips, bug-bounty | 26-Dec-2024 |
How i Found WCP To DoS Attack Worth of $$$ | https://medium.com/@RekoJR/how-i-found-wcp-to-dos-attack-worth-of-f1a14553be82?source=rss------bug_bounty-5 | Reko ! | bug-bounty-tips, cache, bug-bounty | 26-Dec-2024 |
My Second Year into Bug Bounties — From Google Dorks to Manual Hunting | https://medium.com/@vedantroy/my-second-year-into-bug-bounties-from-google-dorks-to-manual-hunting-ea8f80dc5b21?source=rss------bug_bounty-5 | Vedant Roy | bugbounty-writeup, cybersecurity, bugs, bug-bounty, bug-bounty-tips | 26-Dec-2024 |
Find XSS Vulnerabilities in Just 2 Minutes | https://coffinxp.medium.com/find-xss-vulnerabilities-in-just-2-minutes-d14b63d000b1?source=rss------bug_bounty-5 | coffinxp | xss-attack, hacking, automation, bug-bounty-tips, bug-bounty | 26-Dec-2024 |
Uncovering Amazon S3 Bucket Vulnerabilities: A Comprehensive Guide for Ethical Hackers | https://medium.com/infosecmatrix/uncovering-amazon-s3-bucket-vulnerabilities-a-comprehensive-guide-for-ethical-hackers-124790bf9e62?source=rss------bug_bounty-5 | Abhijeet kumawat | s3, amazon, hacking, bug-bounty-tips, bug-bounty | 26-Dec-2024 |
Easy Bounties: JavaScript (JS) File Analysis | https://aditya-narayan.medium.com/easy-bounties-javascript-js-file-analysis-72ba5eb44822?source=rss------bug_bounty-5 | Aditya Narayan | bug-bounty-writeup, cybersecurity, writers-on-medium, bug-bounty-tips, bug-bounty | 26-Dec-2024 |
Stuxnet: The Virus That Shook the World | https://medium.com/@zerodaystories/stuxnet-the-virus-that-shook-the-world-27e7f1349c8f?source=rss------bug_bounty-5 | 0day stories | technology, science, bug-bounty, cybersecurity, hacking | 26-Dec-2024 |
Unauthenticated RCE Bug Bounty POC | Private Bug Bounty Program | CVE-2020–11798 | https://pwn0sec.medium.com/unauthenticated-rce-bug-bounty-poc-private-bug-bounty-program-cve-2020-11798-dbbb626b9fdb?source=rss------bug_bounty-5 | PwnOsec Research Groups | ferari, bug-bounty-tips, bug-bounty | 26-Dec-2024 |
Access Granted ! | https://vikasrai11.medium.com/access-granted-5f4747775247?source=rss------bug_bounty-5 | Vikas Rai | bug-bounty, cybersecurity, acces, vulnerability | 26-Dec-2024 |
Traditional Pentest vs. Bug Bounty Program: The Pros, The Cons, and How to Do It Right | https://medium.com/@hackrate/traditional-pentest-vs-bug-bounty-program-the-pros-the-cons-and-how-to-do-it-right-f2d8beff40bf?source=rss------bug_bounty-5 | Levente Molnar | penetration-testing, ethical-hacking, hacking, cybersecurity, bug-bounty | 26-Dec-2024 |
Apache Traffic Control Vulnerability Let Attackers Inject Malicious SQL Commands | https://mhmmuneef.medium.com/apache-traffic-control-vulnerability-let-attackers-inject-malicious-sql-commands-66188cbcd84d?source=rss------bug_bounty-5 | Mohammed Muneef | hacking, bug-bounty, information-security, technology, cybersecurity | 26-Dec-2024 |
Critical SQL Injection Vulnerability in Apache Traffic Control | https://medium.com/@wiretor/critical-sql-injection-vulnerability-in-apache-traffic-control-a28cedca8b93?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, malware, xss-attack, bug-bounty, ai | 26-Dec-2024 |
IBM AIX Vulnerability: Attackers Can Trigger DoS Condition | https://medium.com/@wiretor/ibm-aix-vulnerability-attackers-can-trigger-dos-condition-5a5532a8ba66?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, bug-bounty, hacker, xss-attack, malware | 26-Dec-2024 |
Find Secrets in Hidden Directories Using Fuzzing ️ | https://medium.com/@kumawatabhijeet2002/find-secrets-in-hidden-directories-using-fuzzing-%EF%B8%8F-21a9a96c3246?source=rss------bug_bounty-5 | Abhijeet kumawat | fuzzing, infosec, bug-bounty, hacking, bounty-program | 26-Dec-2024 |
How I found an IDOR on Achmea | https://medium.com/@nayeems3c/how-i-found-idor-on-achmea-cf9ce4b7d908?source=rss------bug_bounty-5 | Nayeem Islam | bug-bounty, idor, penetration-testing, bug-bounty-writeup, web-security | 26-Dec-2024 |
Earn up to $30,000 by just thinking like a pro hacker while pentesting. | https://medium.com/@anandrishav2228/earn-up-to-30-000-by-just-thinking-like-a-pro-hacker-while-pentesting-da8e5984ccb9?source=rss------bug_bounty-5 | Rishav anand | bug-bounty, hacker, money, penetration-testing, cybersecurity | 26-Dec-2024 |
Fuzzing with AFL++ | https://medium.com/@arohablue/introduction-to-fuzzing-with-afl-42d37ea78386?source=rss------bug_bounty-5 | Aroha blue | bug-bounty, afl, fuzzing, kali, security | 26-Dec-2024 |
XSS Via SVG File Upload | https://abhishekgk.medium.com/xss-via-svg-file-upload-5c30af809107?source=rss------bug_bounty-5 | Abhishekgk | bug-bounty, file-upload-vulnerability, bug-bounty-tips, xss-attack, bug-bounty-writeup | 26-Dec-2024 |
Interesting Technique to Enumerate Table Names in MySQL 8.x | https://j3x.medium.com/interesting-technique-to-enumerate-table-names-in-mysql-8-x-668857d43186?source=rss------bug_bounty-5 | Amdjed Zerrougui | bug-bounty, cybersecurity, hacking, penetration-testing | 26-Dec-2024 |
Bug Critical Flaw: Default Password to Super Admin! | https://medium.com/@firdansp/bug-critical-flaw-default-password-to-super-admin-ef20c4214231?source=rss------bug_bounty-5 | 0verRida | bugs, cybersecurity, bug-bounty, bug-bounty-tips, hacker | 25-Dec-2024 |
Business logic: I can order anything from your account without paying for it | https://gr3yg05t.medium.com/business-logic-i-can-order-anything-from-your-account-without-paying-for-it-86ef070e01dd?source=rss------bug_bounty-5 | Mr Grey | infosec, bug-bounty, business-logic-flaw, infosec-write-ups, bug-bounty-writeup | 25-Dec-2024 |
My First Encounter with Stored XSS ️♂️ | https://infosecwriteups.com/my-first-encounter-with-stored-xss-%EF%B8%8F-%EF%B8%8F-88e167582b7e?source=rss------bug_bounty-5 | cryptoshant | cybersecurity, bug-bounty, hacking, stored-xss, success | 25-Dec-2024 |
How I accidentally found an IDOR bug in Google slides and rewarded $3,133.70 | https://medium.com/@atikqur007/how-i-accidentally-found-an-idor-bug-in-google-slides-and-rewarded-3-133-70-96866fac3af1?source=rss------bug_bounty-5 | Atikqur Rahman | bugbounty-writeup, cybersecurity, bug-bounty, google, pentesting | 25-Dec-2024 |
Escalating a duplicate Access Control bug to hijack Google Calendar Accounts for a €300 Bounty | https://medium.com/@saltify/escalating-a-duplicate-access-control-bug-to-hijack-google-calendar-accounts-for-a-300-bounty-a5358cfc868f?source=rss------bug_bounty-5 | saltify | infosec, bug-bounty, ethical-hacking, cybersecurity | 25-Dec-2024 |
API Pentesting: Broken Object Property Level Authorization | https://devilwrites.medium.com/api-pentesting-broken-object-property-level-authorization-21d65939ad24?source=rss------bug_bounty-5 | hackerdevil | api-security, api, owasp, penetration-testing, bug-bounty | 25-Dec-2024 |
Autentic Platform Launches Bug Bounty Program to Strengthen Security | https://autentic.medium.com/autentic-platform-launches-bug-bounty-program-to-strengthen-security-0aaad03b4a6e?source=rss------bug_bounty-5 | Autentic RWA | autentic, bug-bounty | 25-Dec-2024 |
10 of the biggest cybersecurity stories of 2024 | https://mhmmuneef.medium.com/10-of-the-biggest-cybersecurity-stories-of-2024-45037b13530f?source=rss------bug_bounty-5 | Mohammed Muneef | news, medium, bug-bounty, technology, hacker | 25-Dec-2024 |
10 Burp Suite Extensions you must have in your arsenal | https://bitpanic.medium.com/10-burp-suite-extensions-you-must-have-in-your-arsenal-a3ce81fefb05?source=rss------bug_bounty-5 | Spectat0rguy | bug-bounty, technology, infosec, cybersecurity, bug-bounty-tips | 25-Dec-2024 |
Cross-Site Scripting (XSS): Techniques, Bypasses, and Detection | https://medium.com/@rootast/cross-site-scripting-xss-techniques-bypasses-and-detection-927af5a55d02?source=rss------bug_bounty-5 | Arash shahbazi | xss-attack, javascript, hacker, methodology, bug-bounty | 25-Dec-2024 |
How Would I Start Cybersecurity If I Knew This? A 1-Year Roadmap for 2025 | https://medium.com/@afilalbadr2/how-would-i-start-cybersecurity-if-i-knew-this-a-1-year-roadmap-for-2025-c069ba183dc0?source=rss------bug_bounty-5 | Afilalbadr | job-preparation, active-directory-attack, hacking, bug-bounty, penetration-testing | 25-Dec-2024 |
The Ultimate Checklist for Detecting IDOR and Broken Access Control Vulnerabilities | https://thexssrat.medium.com/the-ultimate-checklist-for-detecting-idor-and-broken-access-control-vulnerabilities-b1585dd4e999?source=rss------bug_bounty-5 | Thexssrat | hacking, bug-bounty, hacker, broken-access-control, bug-bounty-tips | 25-Dec-2024 |
How Would I Start Cybersecurity If I Knew This? A 1-Year Roadmap for 2025 | https://medium.com/@GHOSTWIELD/how-would-i-start-cybersecurity-if-i-knew-this-a-1-year-roadmap-for-2025-c069ba183dc0?source=rss------bug_bounty-5 | GhostWield | job-preparation, active-directory-attack, hacking, bug-bounty, penetration-testing | 25-Dec-2024 |
Website Enumeration and Information Gathering [Part 2] | https://medium.com/@BetterBy0x01/website-enumeration-and-information-gathering-part-2-3588cf9e0529?source=rss------bug_bounty-5 | Ashutosh Singh Patel | security, bug-bounty, hacking, bug-bounty-tips | 24-Dec-2024 |
How I Test for Open Redirect | https://osintteam.blog/how-i-test-for-open-redirect-271cd0d0ae55?source=rss------bug_bounty-5 | Cybersec with Hemmars | bug-bounty, cybersecurity, technology, open-redirect, bug-bounty-writeup | 24-Dec-2024 |
Find Bug in 10 Minutes: Critical SQL File Leak Reveals Sensitive Data | https://medium.com/@firdansp/find-bug-in-10-minutes-critical-sql-file-leak-reveals-sensitive-data-84e48fece4bb?source=rss------bug_bounty-5 | 0verRida | bug-bounty-tips, bug-bounty, bugs, cybersecurity, writeup | 24-Dec-2024 |
Important Windows Events Every SOC Analyst Should Know | https://medium.com/@paritoshblogs/important-windows-events-every-soc-analyst-should-know-ed91bce15ed2?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-technology, chatgpt, cybersecurity, hacking | 24-Dec-2024 |
Rickdiculouslyeasy 1 — VulnHub Write-up | https://medium.com/@aminouji23/rickdiculouslyeasy-1-vulnhub-write-up-eb59e824baa7?source=rss------bug_bounty-5 | Aminouji | vulnhub, bug-bounty, ctf-writeup, penetration-testing, cybersecurity | 24-Dec-2024 |
Bug Bounty Journey — Valid Report Part 2 | https://medium.com/@0xF3r4t/bug-bounty-journey-valid-report-part-2-0f3a075e2a65?source=rss------bug_bounty-5 | 0xF3r4t | waybackurls, bug-bounty-writeup, bug-bounty | 24-Dec-2024 |
Bug Bounty Journey — Valid Report 1 | https://medium.com/@0xF3r4t/bug-bounty-journey-valid-report-1-ffc38d6799a4?source=rss------bug_bounty-5 | 0xF3r4t | dirsearch, bug-bounty, vdp | 24-Dec-2024 |
Penetration Testing Tools — The Basics | https://medium.com/@iamshafayat/penetration-testing-tools-the-basics-46367acc653e?source=rss------bug_bounty-5 | Shafayat Ahmed Alif | pentest, cybersecurity, bug-bounty, pentest-tools, penetration-testing | 24-Dec-2024 |
500$ Secrets: Uncovering Critical Vulnerabilities with Advanced JavaScript Analysis | https://hackersatty.medium.com/500-secrets-uncovering-critical-vulnerabilities-with-advanced-javascript-analysis-ab9a970dc8e8?source=rss------bug_bounty-5 | hackersatty | medium, bug-bounty, javascript, hackerone, bug-bounty-tips | 24-Dec-2024 |
A Seemingly Harmless Bug That Could Cost a Company Millions | https://bitpanic.medium.com/a-seemingly-harmless-bug-that-could-cost-a-company-millions-aeada3a31bae?source=rss------bug_bounty-5 | Spectat0rguy | cybersecurity, technology, programming, bug-bounty, bug-bounty-tips | 24-Dec-2024 |
Why 2025 Will Be the Year of Bug Bounty | https://medium.com/@hackrate/why-2025-will-be-the-year-of-bug-bounty-9811e3987e78?source=rss------bug_bounty-5 | Levente Molnar | penetration-testing, cybersecurity, ethical-hacking, hacking, bug-bounty | 24-Dec-2024 |
RISE OF 0-DAY | https://medium.com/@zerodaystories/rise-of-0-day-cd35fe1c8e62?source=rss------bug_bounty-5 | 0day stories | penetration-testing, hacker, technology, bug-bounty, hacking | 24-Dec-2024 |
Seven Critical Vulnerabilities Found in Premium WPLMS WordPress Plugins | https://medium.com/@wiretor/seven-critical-vulnerabilities-found-in-premium-wplms-wordpress-plugins-c3ce57c55bae?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, xss-attack, bug-bounty, hacking, ai | 24-Dec-2024 |
New Glutton Malware Exploits Popular PHP Frameworks | https://medium.com/@wiretor/new-glutton-malware-exploits-popular-php-frameworks-2a5914f89407?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | business, ai, malware, hacking, bug-bounty | 24-Dec-2024 |
Advent of Cyber 2024 [ Day 24 ] Writeup with Answers | TryHackMe Walkthrough | https://medium.com/infosecmatrix/advent-of-cyber-2024-day-24-writeup-with-answers-tryhackme-walkthrough-18393b422649?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, tryhackme, hacking, careers | 24-Dec-2024 |
From Broken Access Control to First Bounty | https://infosecwriteups.com/from-broken-access-control-to-first-bounty-01712b1dab53?source=rss------bug_bounty-5 | callgh0st | gaza, bug-bounty, palestine, hacking, access-control | 24-Dec-2024 |
Received an Appreciation Letter from NASA | https://medium.com/@kumawatabhijeet2002/received-an-appreciation-letter-from-nasa-927c3d1ae828?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, nasa, appreciation, xss-attack, infosec | 24-Dec-2024 |
A Seemingly Harmless Bug That Could Cost a Company Millions | https://medium.com/infosecmatrix/a-seemingly-harmless-bug-that-could-cost-a-company-millions-aeada3a31bae?source=rss------bug_bounty-5 | Spectat0rguy | cybersecurity, technology, programming, bug-bounty, bug-bounty-tips | 24-Dec-2024 |
Breaking Through the Limits: How I Bypassed Rate-Limiting with IP and Username Rotation | https://medium.com/@abdelrahhmanhisham/breaking-through-the-limits-how-i-bypassed-rate-limiting-with-ip-and-username-rotation-d8de230aec2a?source=rss------bug_bounty-5 | Abdelrahhmanhisham | bug-bounty-tips, bug-bounty, rate-limit, exploit, rate-limit-bypass | 23-Dec-2024 |
How I Discovered Private Programs and New Programs Set to Launch on HackerOne | https://medium.com/@hossam_hamada/how-i-discovered-private-programs-and-new-programs-set-to-launch-on-hackerone-a85117a70d7b?source=rss------bug_bounty-5 | Hossam Hamada | hacking, bugbounty-writeup, hackerone, bug-bounty, bugbounty-tips | 23-Dec-2024 |
Website Enumeration & Information Gathering [Part 1] | https://medium.com/@BetterBy0x01/website-enumeration-information-gathering-part-1-8392422178da?source=rss------bug_bounty-5 | Ashutosh Singh Patel | bug-hunting, enumeration, bug-bounty, information-gathering | 23-Dec-2024 |
Website Leak (gov): Sensitive Credentials and API Keys Exposed | https://medium.com/@firdansp/website-leak-gov-sensitive-credentials-and-api-keys-exposed-44b2ebbebb7b?source=rss------bug_bounty-5 | 0verRida | bug-bounty, bug-bounty-tips, cybersecurity, bugs, red-team | 23-Dec-2024 |
PROTOTYPE POLLUTION VULNERABILITY | https://medium.com/@0xpedrop/prototype-pollution-vulnerability-f62e1c59a3fd?source=rss------bug_bounty-5 | Pedro Paulo D. | bug-bounty-tips, cybersecurity, bug-bounty | 23-Dec-2024 |
Google Dorks to Find Bug Bounty Programs | https://medium.com/infosecmatrix/google-dorks-to-find-bug-bounty-programs-003a80375d13?source=rss------bug_bounty-5 | Abhijeet kumawat | hacking, google, dorks, infosec, bug-bounty | 23-Dec-2024 |
Shield Your Enterprise: Tackling Cyber Threats Head-On | https://medium.com/@paritoshblogs/shield-your-enterprise-tackling-cyber-threats-head-on-fd26be10c366?source=rss------bug_bounty-5 | Paritosh | ai, hacking, cybersecurity, information-technology, bug-bounty | 23-Dec-2024 |
Bash Scripting: Guide for Security & Bug Bounty Hunters | https://infosecwriteups.com/bash-scripting-guide-for-security-bug-bounty-hunters-cybersecurity-d07794c33412?source=rss------bug_bounty-5 | Mukilan Baskaran | security-researchers, bug-bounty, cybersecurity, information-security, penetration-testing | 23-Dec-2024 |
POC — CVE-2024–50623- Cleo Unrestricted file upload and download | https://medium.com/@verylazytech/poc-cve-2024-50623-cleo-unrestricted-file-upload-and-download-382afa5a15db?source=rss------bug_bounty-5 | Very Lazy Tech | unrestricted-file-upload, vulnerability, exploit, bug-bounty, cve-2024-50623 | 23-Dec-2024 |
Bug Bounty Pemula Kusus Peretasan Aplikasi Web | https://medium.com/@mansorihack/bug-bounty-pemula-kusus-peretasan-aplikasi-web-cb7e8ea75f75?source=rss------bug_bounty-5 | Mansorihack | bug-bounty, cybersecurity, readteam | 23-Dec-2024 |
How I Found an XSS Bug That Made Websites Scream “Alert!” | https://aiwolfie.medium.com/how-i-found-an-xss-bug-that-made-websites-scream-alert-1b6f9eebcf14?source=rss------bug_bounty-5 | AIwolfie | pentesting, xss-attack, ethical-hacking, bug-bounty, hacking | 23-Dec-2024 |
Exploiting Password Reset Link After Email Change | https://medium.com/@0xboody/exploiting-password-reset-link-after-email-change-17fe2babc01e?source=rss------bug_bounty-5 | Abdelrahman Sayed | bug-bounty-writeup, bug-bounty, bug-bounty-tips, penetration-testing | 23-Dec-2024 |
Blazing-Fast Recon & Vulnerability Scanning with SubDomainRadar.io | https://medium.com/@alexandrevandammepro/blazing-fast-recon-vulnerability-scanning-with-subdomainradar-io-701baef23ff2?source=rss------bug_bounty-5 | Alexandre Vandamme | bug-bounty, cybersecurity, vulnerability, bug-bounty-tips, bounty-program | 23-Dec-2024 |
Stop Data Breaches in Their Tracks with LeakRadar.io | https://medium.com/@alexandrevandammepro/stop-data-breaches-in-their-tracks-with-leakradar-io-cc3c4b887c14?source=rss------bug_bounty-5 | Alexandre Vandamme | bug-bounty, data, bug-bounty-writeup, bug-bounty-tips, cybersecurity | 23-Dec-2024 |
Dutch DPA Fines Netflix €4.75 Million for GDPR Violations | https://medium.com/@wiretor/dutch-dpa-fines-netflix-4-75-million-for-gdpr-violations-d2ad59170118?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, bug-bounty, malware, ai, business | 23-Dec-2024 |
North Korean Hackers Steal $1.3 Billion in Crypto in 2024 | https://medium.com/@wiretor/north-korean-hackers-steal-1-3-billion-in-crypto-in-2024-d53c409930df?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, hacking, malware | 23-Dec-2024 |
Italy Fines OpenAI €15 Million for ChatGPT GDPR Violations | https://medium.com/@wiretor/italy-fines-openai-15-million-for-chatgpt-gdpr-violations-42a93c87a4fe?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, bug-bounty, ai, business, hacking | 23-Dec-2024 |
[$$$ Bug Bounty Write Up] SSRF in OAuth Implementation of a Client Application | https://medium.com/@ahmedfadel6162/bug-bounty-write-up-ssrf-in-oauth-implementation-of-a-client-application-57ba02539e20?source=rss------bug_bounty-5 | Ahmed Fadel | bug-bounty, penetration-testing, cybersecurity, hacking | 23-Dec-2024 |
This Is How I Bypassed The Most Critical Security Check! | https://medium.com/@mdnafeed3/this-is-how-i-bypassed-the-most-critical-security-check-00e9ba525ebc?source=rss------bug_bounty-5 | H4cker-Nafeed | bug-bounty, bug-bounty-tips, cybersecurity, hacking, technology | 23-Dec-2024 |
EWPTX Examination Structure and Content | https://medium.com/@vishalsuwalkab/ewptx-examination-structure-and-content-577d81379c39?source=rss------bug_bounty-5 | Vishalsuwalkab | cybersecurity, ewptx, ejpt, ine, bug-bounty | 23-Dec-2024 |
How Technology Can Enhance Information Security in Organizations | https://medium.com/@bi___ya/how-technology-can-enhance-information-security-in-organizations-9b0ce5029472?source=rss------bug_bounty-5 | biya | information-security, bug-bounty, company, hacking, business | 23-Dec-2024 |
Bug Bounty Isn’t Always Fair: A Researcher’s Perspective | https://medium.com/@ph4nt0mbyt3/bug-bounty-isnt-always-fair-a-researcher-s-perspective-be0a62b9f0eb?source=rss------bug_bounty-5 | ph4nt0mbyt3 | bug-bounty | 23-Dec-2024 |
How to Make Money with WebSocket: 10 Vulnerabilities You Should Be Aware Of | https://im4x.medium.com/what-is-wss-fa2476eeddc1?source=rss------bug_bounty-5 | Ahmed Najeh | bug-bounty, hacker, hackerone, websocket, wss | 23-Dec-2024 |
EWPTX Examination Structure and Content Part(2) | https://medium.com/@vishalsuwalkab/ewptx-examination-structure-and-content-577d81379c39?source=rss------bug_bounty-5 | Vishalsuwalkab | cybersecurity, ewptx, ejpt, ine, bug-bounty | 23-Dec-2024 |
Very Basic Beginner Bug Bounty Methodology: Practical Tips and Techniques for Web Apps | https://thexssrat.medium.com/very-basic-beginner-bug-bounty-methodology-practical-tips-and-techniques-for-web-apps-3cf9104e7f50?source=rss------bug_bounty-5 | Thexssrat | hacks, hacking, bug-bounty-tips, bug-bounty | 23-Dec-2024 |
100 CLI Flags and Tricks Every Bug Bounty Hunter Should Know | https://thexssrat.medium.com/100-cli-flags-and-tricks-every-bug-bounty-hunter-should-know-959813992077?source=rss------bug_bounty-5 | Thexssrat | hacks, hacking, cli, bug-bounty-tips, bug-bounty | 23-Dec-2024 |
Reflected XSS bypass WAF & Page notfound | https://kresec.medium.com/reflected-xss-bypass-waf-page-notfound-e149db1ee6c4?source=rss------bug_bounty-5 | KreSec | xss-attack, security, bug-bounty | 22-Dec-2024 |
Automate MAC Address Change on Arch Linux at Boot | https://theexploitlab.medium.com/automate-mac-address-change-on-arch-linux-at-boot-893f6ccdb1b4?source=rss------bug_bounty-5 | The Exploit Lab | bug-bounty, bugs, macchanger, cybersecurity | 22-Dec-2024 |
Different terms, same services across providers (AWS, Azure, GCP) | https://medium.com/@RaunakGupta1922/different-terms-same-services-across-providers-aws-azure-gcp-2337af0640db?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | gcp, azure, bug-bounty, aws, devops | 22-Dec-2024 |
API pentesting: Broken Authentication | https://infosecwriteups.com/api-pentesting-broken-authentication-987658c691c0?source=rss------bug_bounty-5 | hackerdevil | penetration-testing, owasp, bug-bounty, api-security, api | 22-Dec-2024 |
Top 7 Cybersecurity Certificates in 2025 | https://osintteam.blog/top-7-cybersecurity-certificates-in-2025-26228b661f1d?source=rss------bug_bounty-5 | Tahir Ayoub | technology, ai, ethical-hacking, bug-bounty, cybersecurity | 22-Dec-2024 |
Day 24 of 30 Days — 30 Vulnerabilities | Web Cache Poisoning | https://it4chis3c.medium.com/day-24-of-30-days-30-vulnerabilities-web-cache-poisoning-790697f073da?source=rss------bug_bounty-5 | It4chis3c | 30dayswritingchallenge, bug-bounty-tips, bug-bounty, web-cache-poisoning | 22-Dec-2024 |
Unveiling default Security Flaws with the defaulty Nmap Script | https://medium.com/@defaulty.io/unveiling-default-security-flaws-with-the-defaulty-nmap-script-800d97654a15?source=rss------bug_bounty-5 | Defaulty.io | hacking, bug-bounty, compliance, pentesting, cybersecurity | 22-Dec-2024 |
Bug Bounty Hunting With Burp Suite (Intercept, Repeater & Intruder) | https://medium.com/@BetterBy0x01/bug-bounty-hunting-with-burp-suite-intercept-repeater-intruder-cdcb3e3966bf?source=rss------bug_bounty-5 | Ashutosh Singh Patel | bug-hunting, burpsuite, bug-bounty, proxy | 22-Dec-2024 |
10 Minutes to Finding Your First Open Redirect Bug | https://medium.com/@k4r7h1kn/10-minutes-to-finding-your-first-open-redirect-bug-68f764d6b5d3?source=rss------bug_bounty-5 | Karthikeyan | cybersecurity, bug-bounty-tips, bug-bounty, hacking, open-redirect | 22-Dec-2024 |
How to Enable HTTPS Using a Free SSL Certificate from Certbot | https://medium.com/@awsdevops183/how-to-enable-https-using-a-free-ssl-certificate-from-certbot-99b71f808b1e?source=rss------bug_bounty-5 | Madhukar Reddy | security, bug-bounty, tls, amazon-web-services, devops | 22-Dec-2024 |
open redirect GET — Based | https://medium.com/@zpx15266/open-redirect-get-based-bc86e62c3af2?source=rss------bug_bounty-5 | ramzey elsayed mohamed | cve, bug-bounty, bug-bounty-writeup, bugs, penetration-testing | 22-Dec-2024 |
SSRF Burpsuite Extension | https://hackerassociate.medium.com/ssrf-burpsuite-extension-b494d4e70b28?source=rss------bug_bounty-5 | Harshad Shah | hacking, infosec, bug-bounty, cybersecurity, penetration-testing | 22-Dec-2024 |
Chasing P3 Bug: My Hunt for Vulnerabilities in the ‘Wishlists’ Functionality and Its Results | https://medium.com/@nebty/chasing-p3-bug-my-hunt-for-vulnerabilities-in-the-wishlists-functionality-and-its-results-86b6e79b9274?source=rss------bug_bounty-5 | Nebty | cybersecurity, bug-bounty-tips, idor, ethical-hacking, bug-bounty | 22-Dec-2024 |
So, You want a strong bug bounty methodology? | https://medium.com/@shaheen101sec/so-you-want-a-strong-bug-bounty-methodology-57fdef27cad6?source=rss------bug_bounty-5 | Shaheen101sec | bug-bounty-writeup, cybersecurity, bug-bounty, pentesting, bug-bounty-tips | 22-Dec-2024 |
Exposed‼️ How a Simple Bug Uncovered a Default Credential Data Leak on Indonesia Government | https://medium.com/@firdansp/exposed-how-a-simple-bug-uncovered-a-default-credential-data-leak-on-indonesia-government-ba73f2175e81?source=rss------bug_bounty-5 | 0verRida | data-leak, bugs, cybersecurity, bug-bounty, bug-bounty-tips | 22-Dec-2024 |
How I Found My First Bug Using Shodan | https://medium.com/@bughunt.bochi/how-i-found-my-first-bug-using-shodan-3d8826a7655b?source=rss------bug_bounty-5 | Bochixx | bug-bounty, bug-bounty-writeup, pentesting, ethical-hacking | 22-Dec-2024 |
SSRF Burpsuite Extension | https://medium.com/offensive-black-hat-hacking-security/ssrf-burpsuite-extension-b494d4e70b28?source=rss------bug_bounty-5 | Harshad Shah | hacking, infosec, bug-bounty, cybersecurity, penetration-testing | 22-Dec-2024 |
The Top 2 Strategies for Finding Your First XSS Vulnerability — Part 2 | https://medium.com/@halfcircassian/the-top-2-strategies-for-finding-your-first-xss-vulnerability-part-2-8bae7b49cc6d?source=rss------bug_bounty-5 | Sıla Özeren | cybersecurity, web-application-security, bug-bounty, xss-attack, dom-manipulation | 22-Dec-2024 |
Payment Bypass Guide for Bug Bounty | 69 case studies | https://medium.com/@illoyscizceneghposter/payment-bypass-guide-for-bug-bounty-69-case-studies-15379b4f76fa?source=rss------bug_bounty-5 | Illoy Scizceneghposter | bug-bounty, bug-bounty-tips, cybersecurity | 21-Dec-2024 |
The Bounty Hunters: Bug Bounty Programs | https://medium.com/@investigator515/the-bounty-hunters-bug-bounty-programs-8dcd24d5bafa?source=rss------bug_bounty-5 | Investigator515 | hacking, technology, information-security, bug-bounty, cybersecurity | 21-Dec-2024 |
How I Exploited an OTP Bypass Vulnerability on a Cryptocurrency Platform | https://medium.com/@anonymous512/how-i-exploited-an-otp-bypass-vulnerability-on-a-cryptocurrency-platform-2a817b02b3ea?source=rss------bug_bounty-5 | Wafa Abbas | account-hacking, bug-bounty, authentication-bypass, otp-bypass, vulnerability | 21-Dec-2024 |
Mastering 403 Forbidden Bypass Techniques ✨ | https://medium.com/@kumawatabhijeet2002/mastering-403-forbidden-bypass-techniques-4ab1482afe49?source=rss------bug_bounty-5 | Abhijeet kumawat | bounty-program, infosec, 403-forbidden, hacking, bug-bounty | 21-Dec-2024 |
Kali Linux 2024.4: 14 New Tools to Supercharge Your Penetration Testing Arsenal | https://bitpanic.medium.com/kali-linux-2024-4-14-new-tools-to-supercharge-your-penetration-testing-arsenal-543ff8370091?source=rss------bug_bounty-5 | Spectat0rguy | bug-bounty-tips, technology, cybersecurity, programming, bug-bounty | 21-Dec-2024 |
Understanding Tycoon 2FA Phishing: A New Era of Security Threats | https://medium.com/@paritoshblogs/understanding-tycoon-2fa-phishing-a-new-era-of-security-threats-19fb14dc83a5?source=rss------bug_bounty-5 | Paritosh | cybersecurity, information-technology, hacking, tycoon-phshing, bug-bounty | 21-Dec-2024 |
Malicious Rspack & Vant Packages Exploited Using Stolen NPM Tokens | https://medium.com/@wiretor/malicious-rspack-vant-packages-exploited-using-stolen-npm-tokens-0b69df1512fd?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, ai, business, hacking, bug-bounty | 21-Dec-2024 |
FlowerStorm: The New Microsoft Phishing Threat Filling the Void Left by Rockstar2FA | https://medium.com/@wiretor/flowerstorm-the-new-microsoft-phishing-threat-filling-the-void-left-by-rockstar2fa-578144a14487?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ai, bug-bounty, microsoft, hacking, malware | 21-Dec-2024 |
LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damages | https://medium.com/@wiretor/lockbit-developer-rostislav-panev-charged-for-billions-in-global-ransomware-damages-bee0bfc4c9b9?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, malware, bug-bounty, business, ai | 21-Dec-2024 |
Kali Linux 2024.4: 14 New Tools to Supercharge Your Penetration Testing Arsenal | https://medium.com/infosecmatrix/kali-linux-2024-4-14-new-tools-to-supercharge-your-penetration-testing-arsenal-543ff8370091?source=rss------bug_bounty-5 | Spectat0rguy | bug-bounty-tips, technology, cybersecurity, programming, bug-bounty | 21-Dec-2024 |
Mastering 403 Forbidden Bypass Techniques ✨ | https://medium.com/infosecmatrix/mastering-403-forbidden-bypass-techniques-4ab1482afe49?source=rss------bug_bounty-5 | Abhijeet kumawat | bounty-program, infosec, 403-forbidden, hacking, bug-bounty | 21-Dec-2024 |
Blind XXE with OOB Interaction via XML Parameter Entities | https://osintteam.blog/blind-xxe-with-oob-interaction-via-xml-parameter-entities-97244bf2b85e?source=rss------bug_bounty-5 | Ryan G. Cox - The Cybersec Café | cybersecurity, bug-bounty-tips, information-security, bug-bounty, pentesting | 20-Dec-2024 |
CSRF On Delete Profile: High Severity(7.1) HackerOne | https://medium.com/@josuofficial327/csrf-on-delete-profile-high-severity-7-1-hackerone-33bdb598ef67?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | bug-bounty-writeup, bug-bounty, ethical-hacking, bug-bounty-program, cybersecurity | 20-Dec-2024 |
Part-2 | Deep Recon Methodology for Bug Bounty Hunters | https://medium.com/@kumawatabhijeet2002/part-2-deep-recon-methodology-for-bug-bounty-hunters-644077ee41d4?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty-writeup, infosec, bugs, bug-bounty, hacking | 20-Dec-2024 |
The Most Easiest OTP Bypass Vulnerability I’ve Found: A Critical Flaw in Session Management | https://medium.com/@ajay.kumar.695632/the-most-easiest-otp-bypass-vulnerability-ive-found-a-critical-flaw-in-session-management-09b1555dbf9e?source=rss------bug_bounty-5 | Ajay Kumar | bug-hunting, bug-bounty, bug-bounty-tips, bugs, bug-bounty-writeup | 20-Dec-2024 |
The Secret World of Hackers: A Beginner’s Guide to Understanding Cyber Attacks | https://medium.com/@paritoshblogs/the-secret-world-of-hackers-a-beginners-guide-to-understanding-cyber-attacks-81377a0b477e?source=rss------bug_bounty-5 | Paritosh | ai, information-technology, cybersecurity, bug-bounty, hacking | 20-Dec-2024 |
Utilizing machine learning to collect more subdomains using subwiz | https://medium.com/@demonia/utilizing-machine-learning-to-collect-more-subdomains-using-subwiz-2d65cec1ee80?source=rss------bug_bounty-5 | Mohammed Dief | bug-bounty, recon, cybersecurity, reconnaissance, bug-bounty-tips | 20-Dec-2024 |
Information Disclosure On Password cancel Endpoint | https://medium.com/@regan_temudo/information-disclosure-on-password-cancel-endpoint-4b6f43cc5fd7?source=rss------bug_bounty-5 | Regan Temudo | cybersecurity, information-disclosure, bug-bounty, ethical-hacking, csrf | 20-Dec-2024 |
OSI Model Explanation | https://medium.com/@hossennaim547/osi-model-explanation-09259ce7a5af?source=rss------bug_bounty-5 | naimHOSSEN | bug-bounty, hacking, osi-model, cybersecurity | 20-Dec-2024 |
Simple ATO in private program. | https://medium.com/@oXnoOneXo/simple-ato-in-private-program-890cd1485675?source=rss------bug_bounty-5 | oXnoOneXo | bug-bounty-tips, bug-bounty-writeup, bug-bounty | 20-Dec-2024 |
From Comments to Command Execution: How an E-Book Platform Gave Me RCE | https://imooaaz.medium.com/from-comments-to-command-execution-how-an-e-book-platform-gave-me-rce-f27a079ca584?source=rss------bug_bounty-5 | Moaaz Afifi | bug-bounty, penetration-testing, cybersecurity, rce-vulnerability, xss-attack | 20-Dec-2024 |
Unlocking Web Security: A Deep Dive into the OWASP Top 10 | https://medium.com/@rootast/unlocking-web-security-a-deep-dive-into-the-owasp-top-10-d669199277bd?source=rss------bug_bounty-5 | Arash shahbazi | cybersecurity, students, owasp-top-10, bug-bounty, university | 20-Dec-2024 |
Discover All Paths in Next.js Websites | https://rhashibur75.medium.com/discover-all-paths-in-next-js-websites-43e319b24be9?source=rss------bug_bounty-5 | Kazi Hashibur Rahman | bug-bounty, bug-bounty-tips, bug-bounty-writeup, nextjs, penetration-testing | 20-Dec-2024 |
Ascension Data Breach: 5.6M Health Records Stolen by Black Basta Ransomware | https://medium.com/@wiretor/ascension-data-breach-5-6m-health-records-stolen-by-black-basta-ransomware-a8d2f7ba6856?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, hacking, business, malware, ai | 20-Dec-2024 |
Android Malware on Amazon Appstore Disguised as Health App | https://medium.com/@wiretor/android-malware-on-amazon-appstore-disguised-as-health-app-3cda80dfc856?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, ai, hacking, malware | 20-Dec-2024 |
SQL Injection via ORDER BY Parameter | https://medium.com/@mfthylmaz/sql-injection-via-order-by-parameter-a7cb7d04017f?source=rss------bug_bounty-5 | mfthylmaz | sql-injection, bug-bounty, web-security, hacking | 20-Dec-2024 |
Essential Stuff For Your First Hacking Trip. Hacking Gadgets #2 “Assortment For The Little Hacker” | https://medium.com/h7w/essential-stuff-for-your-first-hacking-trip-hacking-gadgets-2-assortment-for-the-little-hacker-e886dba68a11?source=rss------bug_bounty-5 | NnFace | hacking, trip, technology, bug-bounty, cybersecurity | 19-Dec-2024 |
No Rate Limit Vulnerability on a US Government Website | https://medium.com/@kumawatabhijeet2002/no-rate-limit-vulnerability-on-a-us-government-website-ae47402b663d?source=rss------bug_bounty-5 | Abhijeet kumawat | infosec, bug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty | 19-Dec-2024 |
How I Got $1000 AWS Credits and Maximized Its Potential | https://medium.com/@awsdevops183/how-i-got-1000-aws-credits-and-maximized-its-potential-e08650930171?source=rss------bug_bounty-5 | Madhukar Reddy | aws, devops, python, cybersecurity, bug-bounty | 19-Dec-2024 |
The Day I Found a Cross-Site Scripting (XSS) Vulnerability in a Bug Bounty Program | https://medium.com/@awsdevops183/the-day-i-found-a-cross-site-scripting-xss-vulnerability-in-a-bug-bounty-program-4edec6f09bed?source=rss------bug_bounty-5 | Madhukar Reddy | cybersecurity, bug-bounty, devsecops, cross-site-scripting | 19-Dec-2024 |
First Google Chrome v8 JIT bug bounty before Christmas . | https://vxrl.medium.com/first-google-chrome-v8-jit-bug-bounty-before-christmas-1338fb2c8255?source=rss------bug_bounty-5 | VXRL | google, v8, chromium, psvr, bug-bounty | 19-Dec-2024 |
Exploiting a Rate Limiting Bug in the Chat Section of a Health Application (got me $200) | https://medium.com/@awsdevops183/exploiting-a-rate-limiting-bug-in-the-chat-section-of-a-health-application-got-me-200-a06ca465707f?source=rss------bug_bounty-5 | Madhukar Reddy | devsecops, cybersecurity, information-technology, bug-bounty, burpsuite | 19-Dec-2024 |
POC — CVE-2024–9935 — PDF Generator Addon for Elementor Page Builder <= 1.7.5 | https://medium.com/@verylazytech/poc-cve-2024-9935-pdf-generator-addon-for-elementor-page-builder-1-7-5-2c3436b95fb1?source=rss------bug_bounty-5 | Very Lazy Tech | bug-bounty, arbitrary-file-download, cybersecurity, lfi, cve-2024-9935 | 19-Dec-2024 |
The Day I Found a Cross-Site Scripting (XSS) Vulnerability in a Bug Bounty Program ( $411) | https://medium.com/@awsdevops183/the-day-i-found-a-cross-site-scripting-xss-vulnerability-in-a-bug-bounty-program-4edec6f09bed?source=rss------bug_bounty-5 | Madhukar Reddy | cybersecurity, bug-bounty, devsecops, cross-site-scripting | 19-Dec-2024 |
How I Bypassed View-Only Mode with a Simple Trick ( duplicate bug ) | https://medium.com/@mahdisalhi0500/how-i-bypassed-view-only-mode-with-a-simple-trick-duplicate-bug-92e1ec91a8d7?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | security, information-security, bug-bounty, penetration-testing, infosec | 19-Dec-2024 |
How i Found X-Forwarded Header Injection — Server Be Like, ‘Ab Toh Trust Issues Ho Rahe Hain!’ | https://aiwolfie.medium.com/how-i-found-x-forwarded-header-injection-server-be-like-ab-toh-trust-issues-ho-rahe-hain-220e100332a3?source=rss------bug_bounty-5 | AIwolfie | cybersecurity, bug-bounty, servers, ethical-hacking, host-header-injection | 19-Dec-2024 |
Subdomain Takeover guides, methodology and exploit POCs | https://aditya-narayan.medium.com/subdomain-takeover-guides-methodology-and-exploit-pocs-9f5dd632c175?source=rss------bug_bounty-5 | Aditya Narayan | bug-bounty-writeup, subdomain-takeover, bug-bounty-tips, reconnaissance, bug-bounty | 19-Dec-2024 |
Installing Xposed Framework for Enhanced Penetration Testing (SSLunpinning) | https://medium.com/@sumith.ec12/installing-xposed-framework-for-enhanced-penetration-testing-sslunpinning-d50fbb2354c6?source=rss------bug_bounty-5 | sumith p v | bug-bounty, vapt, pentesting, security-testing, ssl-pinning-bypass | 19-Dec-2024 |
HTML Injection to Mass Phishing | https://infosecwriteups.com/html-injection-to-mass-phishing-5701d495cdc2?source=rss------bug_bounty-5 | Bharat Singh | phishing, bug-bounty, cybersecurity, penetration-testing, bug-bounty-writeup | 19-Dec-2024 |
Zero-Click Account Takeover Through Response Manipulation | https://medium.com/@abdullayman04/zero-click-account-takeover-through-response-manipulation-ee786a7a06dd?source=rss------bug_bounty-5 | Abdullah Ayman | cybersecurity, bug-bounty, account-takeover, penetration-testing | 19-Dec-2024 |
How I Found an Authentication Bypass Vulnerability in the Password Change Process | https://medium.com/@ajay.kumar.695632/how-i-found-an-authentication-bypass-vulnerability-in-the-password-change-process-160359fae1bc?source=rss------bug_bounty-5 | Ajay Kumar | bugs, bug-bounty-writeup, bug-bounty-tips, bug-bounty, bug-hunting | 19-Dec-2024 |
HACKING NASA TO GET APPRECIATION LETTER | https://medium.com/@click2jit/hacking-nasa-to-get-appreciation-letter-a6ff93a3bcbc?source=rss------bug_bounty-5 | Prasenjit Malakar | cybersecurity, bug-bounty, ethical-hacking, programming, xss-attack | 19-Dec-2024 |
Interpol Replaces “Pig Butchering” with “Romance Baiting” to Protect Victims | https://medium.com/@wiretor/interpol-replaces-pig-butchering-with-romance-baiting-to-protect-victims-4c702d62adaa?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, ai, bug-bounty, malware, hacker | 19-Dec-2024 |
Beginners Guide for Exploiting Race Conditions | https://bitpanic.medium.com/beginners-guide-for-exploiting-race-conditions-ab73c843b44a?source=rss------bug_bounty-5 | Spectat0rguy | bug-bounty, programming, cybersecurity, bug-bounty-tips, technology | 19-Dec-2024 |
“Do Your Best, and Let Allah Do the Rest” led me to a Privilege Escalation Bug | https://medium.com/@mrasg/do-your-best-and-let-allah-do-the-rest-leads-me-to-privilege-escalation-bug-60a3c028c802?source=rss------bug_bounty-5 | Ahmed Samir Ghallab | pentesting, penetration-testing, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 19-Dec-2024 |
Successfully Gained Full Admin Access and Changed the Password Through Token Manipulation ⚔️ | https://medium.com/@momenrezkk90/successfully-gained-full-admin-access-and-changed-the-password-through-token-manipulation-%EF%B8%8F-fe91fc0d9a0f?source=rss------bug_bounty-5 | Momenrezk | penetration-testing, bug-bounty, cybersecurity | 18-Dec-2024 |
Easiest P1 $$$$$! | https://medium.com/@mrsingh10978/easiest-p1-702990960a50?source=rss------bug_bounty-5 | Anonymous Traiger | bug-bounty-program, bug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips | 18-Dec-2024 |
Mobile Application Bounty Practice: SQL Injection Principles, Vulnerability Discovery and… | https://medium.com/@security.tecno/mobile-application-bounty-practice-sql-injection-principles-vulnerability-discovery-and-3921ad2e6998?source=rss------bug_bounty-5 | TECNO Security | hacking, security, sql, bug-bounty | 18-Dec-2024 |
FROM STRUGGLES TO SUCCESS: MY JOURNEY TO THE NASA HALL OF FAME | https://rootxabit.medium.com/from-struggles-to-success-my-journey-to-the-nasa-hall-of-fame-38700dd6303a?source=rss------bug_bounty-5 | sudo-xabit | info-sec-writeups, bugcrowd, bug-bounty, hacked, nasa | 18-Dec-2024 |
Admin Panel Access via Default Credentials | https://infosecwriteups.com/admin-panel-access-via-default-credentials-215b92b030bb?source=rss------bug_bounty-5 | cryptoshant | bug-bounty-tips, pentesting, bug-bounty, hall-of-fame, hacking | 18-Dec-2024 |
Rate Limit Bypass Using Response Manipulation. | https://aman0.medium.com/rate-limit-bypass-using-response-manipulation-dcce19aff7ef?source=rss------bug_bounty-5 | Aman H | web3, bug-bounty, infosec, bug-bounty-tips, penetration-testing | 18-Dec-2024 |
$150 Easy HTML Injection Vulnerability | https://medium.com/@kumawatabhijeet2002/150-easy-html-injection-vulnerability-5c176b5d07fa?source=rss------bug_bounty-5 | Abhijeet kumawat | hacking, bounty-program, infosec, bug-bounty, bug-bounty-tips | 18-Dec-2024 |
What is Passive Reconnaissance? ️♂️ | https://theexploitlab.medium.com/what-is-passive-reconnaissance-%EF%B8%8F-%EF%B8%8F-4de8a9ce5003?source=rss------bug_bounty-5 | The Exploit Lab | hacking, bugs, bug-bounty, bug-bounty-tips | 18-Dec-2024 |
How to Use Enum4linux for SMB Enumeration in Kali Linux | https://theexploitlab.medium.com/how-to-use-enum4linux-for-smb-enumeration-in-kali-linux-d96e27f9391d?source=rss------bug_bounty-5 | The Exploit Lab | bug-bounty, smb, bug-bounty-tips, bugs | 18-Dec-2024 |
How to Use Corsy for CORS Misconfiguration Scanning | https://theexploitlab.medium.com/how-to-use-corsy-for-cors-misconfiguration-scanning-7ba7b22ee9d5?source=rss------bug_bounty-5 | The Exploit Lab | cors, hacking, bug-bounty, bug-bounty-tips | 18-Dec-2024 |
Useful Wordlists for Bug Bounty Hunters | https://medium.com/@iamshafayat/useful-wordlists-for-bug-bounty-hunters-09f9b3cd2344?source=rss------bug_bounty-5 | Shafayat Ahmed Alif | bug-bounty, cybersecurity, penetration-testing, bug-bounty-tips, bug-bounty-writeup | 18-Dec-2024 |
Step-by-Step Guide to Building Secure Web Applications with OWASP Top 10 | https://medium.com/@dhatchu9715/step-by-step-guide-to-building-secure-web-applications-with-owasp-top-10-7c603dda58f3?source=rss------bug_bounty-5 | Dhatchu | owasp, bug-bounty, hacking, networking, cybersecurity | 18-Dec-2024 |
Bug Bounty Findings: 10 Major Vulnerabilities Exposed in Cloverleaf’s Application - BAC in GraphQL… | https://medium.com/@maakthon/bug-bounty-findings-10-major-vulnerabilities-exposed-in-cloverleafs-application-bac-in-graphql-0ae1ee0eb4d5?source=rss------bug_bounty-5 | Mahmoud Abd Alkarim | cybersecurity, bug-bounty, broken-access-control, bug-bounty-writeup, security-research | 18-Dec-2024 |
The Dark Side of Shodan | https://yasinspace.medium.com/the-dark-side-of-shodan-2d9b422e28a8?source=rss------bug_bounty-5 | Yasin | red-team, hacking, bug-bounty, shodan, bug-bounty-tips | 18-Dec-2024 |
This 200$ Gadget Can Hack Anything | https://osintteam.blog/this-200-gadget-can-hack-anything-c482888871e3?source=rss------bug_bounty-5 | Tahir Ayoub | bug-bounty, cybersecurity, technology, cybercrime, hacking | 18-Dec-2024 |
Best python scripts for cybersecurity analyst | https://medium.com/@paritoshblogs/best-python-scripts-for-cybersecurity-analyst-d5ebc91b4cdb?source=rss------bug_bounty-5 | Paritosh | information-technology, cybersecurity, hacking, bug-bounty, python | 18-Dec-2024 |
Turning a Known Issue into €100 Bounty: My Bug Bounty Breakthrough✨ | https://medium.com/@anmolv77654/turning-a-known-issue-into-a-100-bounty-my-bug-bounty-breakthrough-3bd89c281ea9?source=rss------bug_bounty-5 | AnmolSecSavvy | web-security, cybersecurity, bug-bounty, ethical-hacking, bug-bounty-tips | 18-Dec-2024 |
$750 Domain Hijacking Vulnerability | https://1-day.medium.com/750-domain-hijacking-vulnerability-f6e4b4445711?source=rss------bug_bounty-5 | 1day | bug-bounty, information-security, penetration-testing, ethical-hacking, bug-bounty-tips | 18-Dec-2024 |
Meta Hit with $264M Fine! Irish DPC Takes a Stand on Facebook Data Breach | https://medium.com/@wiretor/meta-hit-with-264m-fine-irish-dpc-takes-a-stand-on-facebook-data-breach-60cb69abe3df?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, bug-bounty, ai, business, malware | 18-Dec-2024 |
Beware of New Ledger Phishing Attack: Protect Your Crypto Wallet! | https://medium.com/@wiretor/beware-of-new-ledger-phishing-attack-protect-your-crypto-wallet-a048705d2b58?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, malware, ai, hacking, business | 18-Dec-2024 |
CVE-2024–54385 | WordPress Plugin | https://medium.com/@malvinval/cve-2024-54385-wordpress-plugin-7ff0f8e5ad1d?source=rss------bug_bounty-5 | Malvin Valerian | cve, hacking, cybersecurity, bug-bounty, wordpress | 17-Dec-2024 |
200$ DLL Hijacking Attack | https://cybersecuritywriteups.com/200-dll-hijacking-attack-fdb4fd46fea9?source=rss------bug_bounty-5 | AbhirupKonwar | cybersecurity, penetration-testing, bug-bounty, bug-bounty-writeup, bug-bounty-tips | 17-Dec-2024 |
OSINT AND DORKING TOOLS | https://medium.com/@reazatih/osint-and-dorking-tools-67dc970d049d?source=rss------bug_bounty-5 | Re@Za | osint, hacking, dorks, bug-bounty | 17-Dec-2024 |
Utilizing MITRE ATT&CK Framework: Examples and Practical Applications | https://medium.com/@paritoshblogs/utilizing-mitre-att-ck-framework-examples-and-practical-applications-0c4ea468ad53?source=rss------bug_bounty-5 | Paritosh | mitre-attck, hacking, threat-intelligence, bug-bounty, cybersecurity | 17-Dec-2024 |
Open Redirect to XSS: Chaining Vulnerabilities for Maximum Impact | https://medium.com/@iPsalmy/open-redirect-to-xss-chaining-vulnerabilities-for-maximum-impact-36ae8dd9f198?source=rss------bug_bounty-5 | iPsalmy | web-application-security, bug-bounty, xss-attack | 17-Dec-2024 |
API Keys Attack: How to Find and Exploit Secrets in Web Applications | https://medium.com/@bootstrapsecurity/api-keys-attack-how-to-find-and-exploit-secrets-in-web-applications-1896d75d716b?source=rss------bug_bounty-5 | BootstrapSecurity | ethical-hacking, bug-bounty, api, hacking, hacking-team | 17-Dec-2024 |
Top 9 Books to Master Bug Hunting and Penetration Testing | https://osintteam.blog/top-9-books-to-master-bug-hunting-and-penetration-testing-c40039b330bb?source=rss------bug_bounty-5 | Bicitro Biswas | hacking, cybersecurity, bug-bounty, books, penetration-testing | 17-Dec-2024 |
Exposing Facebook’s Hidden Goldmine: Creators’ Private Data at Risk | https://gtm0x01.medium.com/exposing-facebooks-hidden-goldmine-creators-private-data-at-risk-01317f3f0031?source=rss------bug_bounty-5 | Gtm Mänôz | graphql, hacking, facebook, infosec, bug-bounty | 17-Dec-2024 |
SubScanX: A Powerful Recon Tool for Bug Bounty and Pentesting | https://medium.com/@rootspaghetti/subscanx-a-powerful-recon-tool-for-bug-bounty-and-pentesting-ed229128a661?source=rss------bug_bounty-5 | Root@Spaghetti | bug-bounty-tips, bug-bounty | 17-Dec-2024 |
Documenting Bug Bounty Journey and Current Approach | https://aditya-narayan.medium.com/documenting-bug-bounty-journey-and-current-approach-334db57e857e?source=rss------bug_bounty-5 | Aditya Narayan | bug-bounty-tips, writeup, hacker, bug-bounty, cybersecurity | 17-Dec-2024 |
How I got Appreciation Letters for finding bugs. | https://infosecwriteups.com/how-i-got-appreciation-letters-for-finding-bugs-e935f42e2f71?source=rss------bug_bounty-5 | Rivek Raj Tamang ( RivuDon ) | hacking, cybersecurity, ethical-hacking, bug-bounty, bug-bounty-tips | 17-Dec-2024 |
How I Broke the Speed Limit: A Bug Bounty Tale of Bypassing Rate Limiting | https://infosecwriteups.com/how-i-broke-the-speed-limit-a-bug-bounty-tale-of-bypassing-rate-limiting-29a1ec4e8681?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, technology | 17-Dec-2024 |
6 AI Tools Used by Hackers 2025 | https://ai.plainenglish.io/6-ai-tools-used-by-hackers-2025-dfdda79cf51f?source=rss------bug_bounty-5 | Tahir Ayoub | chatgpt, hacking, ai, cybersecurity, bug-bounty | 17-Dec-2024 |
403 Bypass changing http method only | https://rahman0x01.medium.com/403-bypass-changing-http-method-only-f0a32b43a3c8?source=rss------bug_bounty-5 | rahman0x01 | hunting, ethical-hacking, bug-bounty | 17-Dec-2024 |
Cybersecurity Alert: Texas Tech University System Data Breach Impacts 1.4 Million Patients! | https://medium.com/@wiretor/cybersecurity-alert-texas-tech-university-system-data-breach-impacts-1-4-million-patients-caceb8096be9?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, malware, ai, hacking, business | 17-Dec-2024 |
FBI ALERT: HiatusRAT Malware Attacks Targeting Web Cameras & DVRs! | https://medium.com/@wiretor/fbi-alert-hiatusrat-malware-attacks-targeting-web-cameras-dvrs-37f2eeb2bd01?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, business, hacking, fbi, malware | 17-Dec-2024 |
Easy 100$ in public Hackerone program under 3 minutes | https://medium.com/@loayahmed686/easy-100-in-public-hackerone-program-under-3-minutes-69b20e185d3b?source=rss------bug_bounty-5 | r00t | bug-bounty | 17-Dec-2024 |
Uncovering Vulnerabilities Through Swagger UI Directory Enumeration | https://hackersatty.medium.com/uncovering-vulnerabilities-through-swagger-ui-directory-enumeration-49e6b43558cd?source=rss------bug_bounty-5 | hackersatty | cybersecurity, javascript, vulnerability, bug-bounty, swagger | 17-Dec-2024 |
Top 5 Ways to Hack APIs and find good bugs | https://medium.com/@sreedeep200/top-5-ways-to-hack-apis-and-find-good-bugs-dfd4a7bbb623?source=rss------bug_bounty-5 | Sreedeep cv | cybersecurity, hacking, api, security, bug-bounty | 17-Dec-2024 |
Exploiting Access Control Misconfiguration: Privilege Escalation via Improper PATCH Method… | https://medium.com/@momenrezkk90/exploiting-access-control-misconfiguration-privilege-escalation-via-improper-patch-method-b653bb92ada6?source=rss------bug_bounty-5 | Momenrezk | bug-bounty, privilege-escalation, cybersecurity, penetration-testing | 17-Dec-2024 |
HTB University CTF 2024 Web challenges writeup: Armaxis[very easy] | https://medium.com/@0xNayelx/htb-university-ctf-2024-web-challenges-writeup-armaxis-very-easy-404ac9f101b8?source=rss------bug_bounty-5 | 0xNayel | security, web-security, htb, ctf, bug-bounty | 16-Dec-2024 |
HTB University CTF 2024 Web challenges writeup: Breaking Bank[easy] | https://medium.com/@0xNayelx/htb-university-ctf-2024-web-challenges-writeup-breaking-bank-easy-1c3064092abc?source=rss------bug_bounty-5 | 0xNayel | writeup, htb, bug-bounty, ctf, security | 16-Dec-2024 |
Advanced Google Dorking | Part14 | https://systemweakness.com/advanced-google-dorking-part14-79b21e11ae25?source=rss------bug_bounty-5 | AbhirupKonwar | penetration-testing, cybersecurity, ethical-hacking, bug-bounty, bug-bounty-tips | 16-Dec-2024 |
How I Got 200 euro bounty? | https://doordiefordream.medium.com/how-i-got-200-euro-bounty-03bcce712a51?source=rss------bug_bounty-5 | Bug hunter balu | hacking, vulnerability, ethical-hacking, bug-bounty, cybersecurity | 16-Dec-2024 |
Master the Art of Cyber Defense: Top Open-Source Tools for Threat Intelligence! | https://medium.com/@paritoshblogs/master-the-art-of-cyber-defense-top-open-source-tools-for-threat-intelligence-7c575e69b853?source=rss------bug_bounty-5 | Paritosh | cybersecurity, hacking, bug-bounty, information-technology, threat-intelligence | 16-Dec-2024 |
How I Discovered SSTI Vulnerability in Just 5 Minutes | $300 Bounty | https://medium.com/@kumawatabhijeet2002/how-i-discovered-ssti-vulnerability-in-just-5-minutes-f7ac31f3f6b0?source=rss------bug_bounty-5 | Abhijeet kumawat | infose, hacking, bug-bounty-tips, bug-bounty, penetration-testing | 16-Dec-2024 |
Unmasking a Privacy Oversight: A Deep Dive into Persistent User Data | https://medium.com/@najeebkm010/unmasking-a-privacy-oversight-a-deep-dive-into-persistent-user-data-5ee433397021?source=rss------bug_bounty-5 | Najeebkm | bug-bounty, information-disclosure, cyber, security | 16-Dec-2024 |
RCE in 2 Universities | https://osintteam.blog/rce-in-2-universities-d2f13a2a2afb?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty, cybersecurity, cyberattack, penetration-testing, bug-bounty-tips | 16-Dec-2024 |
Ethical Dilemmas in Using AI for Security Testing and Bug Bounties | https://pointlessai.medium.com/ethical-dilemmas-in-using-ai-for-security-testing-and-bug-bounties-ad6d75e6fab7?source=rss------bug_bounty-5 | PointlessAI Medium | chatgpt, bug-bounty, bugbounty-writeup, ai | 16-Dec-2024 |
My Bug Hunting Methodology: Recon | https://gentilsecurity.medium.com/my-bug-hunting-methodology-recon-cbc6821708d8?source=rss------bug_bounty-5 | GenTiL | reconnaissance, cybersecurity, hacking, bug-hunting, bug-bounty | 16-Dec-2024 |
How to Hack JSON Web Tokens (JWT): Weak Implementations for Critical Vulnerabilities | https://medium.com/@bootstrapsecurity/how-to-hack-json-web-tokens-jwt-weak-implementations-for-critical-vulnerabilities-75462988cb11?source=rss------bug_bounty-5 | BootstrapSecurity | ethical-hacking, cybersecurity, jwt-token, bug-bounty, bug-bounty-tips | 16-Dec-2024 |
A Beginner's guide for Starting Web3 Bug Bounty | https://bitpanic.medium.com/how-to-start-web3-bug-bounty-30f7f968ae11?source=rss------bug_bounty-5 | Spectat0rguy | bug-bounty, cybersecurity, web3, bug-bounty-tips, technology | 16-Dec-2024 |
My Bug Hunting Methodology: Recon | by ahmedhamdy0x | https://gentilsecurity.medium.com/my-bug-hunting-methodology-recon-cbc6821708d8?source=rss------bug_bounty-5 | GenTiL | reconnaissance, cybersecurity, hacking, bug-hunting, bug-bounty | 16-Dec-2024 |
2FA Testing Tips for Bug Bounty Hunters | https://bevijaygupta.medium.com/2fa-testing-tips-for-bug-bounty-hunters-d6d77322e1b4?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty, bug-bounty-tips, 2fa-authentication, bugs, 2fa | 16-Dec-2024 |
How I Discovered a High-Severity Vulnerability on Discord (and got rewarded) | https://mirzebaba.medium.com/how-i-discovered-a-high-severity-vulnerability-on-discord-and-got-rewarded-bb327902fbb9?source=rss------bug_bounty-5 | Mirzəbaba | vulnerabilit, discord, ethical-hacking, cybersecurity, bug-bounty | 16-Dec-2024 |
Clop Ransomware Gang Behind Major Cleo Data Breach | https://medium.com/@wiretor/clop-ransomware-gang-behind-major-cleo-data-breach-421b729bafde?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, malware, ai, hacking, business | 16-Dec-2024 |
ConnectOnCall Breach Exposes 900K+ Records! Don’t Be Next — Get Wire Tor Protection Today | https://medium.com/@wiretor/connectoncall-breach-exposes-900k-records-dont-be-next-get-wire-tor-protection-today-d4dd7de3570d?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, bug-bounty, malware, ai, business | 16-Dec-2024 |
Winnti Hackers Strike Again: New ‘Glutton’ Backdoor Exposed! | https://medium.com/@wiretor/winnti-hackers-strike-again-new-glutton-backdoor-exposed-5cd7bbb0faf0?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, business, hacking, malware, ai | 16-Dec-2024 |
[Hacking Scope] Exposure for tons of secret documents | https://medium.com/@nagashygaballah/hacking-scope-exposure-for-tons-of-secret-documents-5ba5c3906600?source=rss------bug_bounty-5 | 111xNagashy | bug-bounty, penetration-testing, hacking | 16-Dec-2024 |
Traditional Penetration Testing vs. Bug Bounty Programs | https://medium.com/@hackrate/traditional-penetration-testing-vs-bug-bounty-programs-bb792a4d0d3f?source=rss------bug_bounty-5 | Levente Molnar | ethical-hacking, penetration-testing, bug-bounty, hacking, cybersecurity | 16-Dec-2024 |
From Minor Glitches to Major Wins: How I Chained CSRF and IDOR for a Critical Exploit | https://osintteam.blog/from-minor-glitches-to-major-wins-how-i-chained-csrf-and-idor-for-a-critical-exploit-0b110170cd9c?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty-tips, programming, cybersecurity, technology, bug-bounty | 16-Dec-2024 |
Searching web security lessons? | https://medium.com/@l1ttlewing/searching-web-security-lessons-8a4dbefd0d04?source=rss------bug_bounty-5 | littlewing | infosec, cybersecurity, bug-bounty, information-security, web-security | 16-Dec-2024 |
Wordlists Every Pentester Must Have !! | https://theartificialthinker.medium.com/wordlists-every-pentester-must-have-7ad4c1e46ce5?source=rss------bug_bounty-5 | Abhishek pawar | ethical-hacking, hacker, tech, pentest, bug-bounty | 16-Dec-2024 |
JWT Auth Gone Wild: The Unexpected Twist! | https://medium.com/@ProwlSec/jwt-auth-gone-wild-the-unexpected-twist-a0b2ed943225?source=rss------bug_bounty-5 | ProwlSec | jwt, bugs, bug-bounty, hacking, pentesting | 15-Dec-2024 |
What are Low Hanging Bugs? | Easy way to find them️♂️ | https://medium.com/@kumawatabhijeet2002/what-are-low-hanging-bugs-easy-way-to-find-them-%EF%B8%8F-%EF%B8%8F-399b37b354b7?source=rss------bug_bounty-5 | Abhijeet kumawat | hacking, bug-bounty-tips, infose, bugs, bug-bounty | 15-Dec-2024 |
MSSQL (Microsoft SQL Server) — Port 1433 | https://medium.com/@verylazytech/mssql-microsoft-sql-server-port-1433-bc26d0bbdca9?source=rss------bug_bounty-5 | Very Lazy Tech | penetration-testing, mssql, oscp, bug-bounty, cybersecurity | 15-Dec-2024 |
Automotive Penetration Testing Checklist | https://infosecwriteups.com/automotive-penetration-testing-checklist-8bbe83091c47?source=rss------bug_bounty-5 | Ajay Naik | penetration-testing, cybersecurity, information-technology, information-security, bug-bounty | 15-Dec-2024 |
SQL Injection Vulnerability on a Security Awareness website: From Database Dump to cPanel Access | https://medium.com/@anonymousshetty2003/sql-injection-vulnerability-on-a-security-awareness-website-from-database-dump-to-cpanel-access-4bb3645eef07?source=rss------bug_bounty-5 | Anonymousshetty | bug-bounty, sql-injection, cybersecurity, ethical-hacking | 15-Dec-2024 |
How i found a Email Spoofing vulnerability to perform Phishing Attacks | https://medium.com/@anonymousshetty2003/how-i-found-a-email-spoofing-vulnerability-to-perform-phishing-attacks-00ec2cc934bb?source=rss------bug_bounty-5 | Anonymousshetty | email-spoofing, cybersecurity, bug-bounty, ethical-hacking | 15-Dec-2024 |
ShadowJS: JavaScript File Discovery Tool | https://medium.com/@rootspaghetti/shadowjs-javascript-file-discovery-tool-1ede2f3172b6?source=rss------bug_bounty-5 | Root@Spaghetti | bug-bounty-tips, bug-bounty | 15-Dec-2024 |
Ultimate Django Vulnerability Checklist | https://bitpanic.medium.com/ultimate-django-vulnerability-checklist-ceb7f428c45f?source=rss------bug_bounty-5 | Spectat0rguy | technology, cybersecurity, python, bug-bounty, bug-bounty-tips | 15-Dec-2024 |
LKQ Hacked: Cyberattack Disrupts Canadian Unit Operations and Exposes Company Data | https://medium.com/@wiretor/lkq-hacked-cyberattack-disrupts-canadian-unit-operations-and-exposes-company-data-7db6b9763011?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, xs, bug-bounty, lkq, hacking | 15-Dec-2024 |
Russia Blocks Viber: Latest Move to Censor Communications | https://medium.com/@wiretor/russia-blocks-viber-latest-move-to-censor-communications-9dce4d823d67?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | russia, malware, viber, hacking, bug-bounty | 15-Dec-2024 |
JavaScript BugBounty Method | https://medium.com/@cc1a2bb/javascript-bugbounty-method-5b789bfa7f44?source=rss------bug_bounty-5 | cc1a2b | hacking, cybersecurity, javascript, bug-bounty, bug-bounty-tips | 15-Dec-2024 |
Cybersecurity Roadmap 2025 | https://hackerassociate.medium.com/cybersecurity-roadmap-2025-f7ad9d4ac49c?source=rss------bug_bounty-5 | Harshad Shah | cybersecurity, infosec, bug-bounty, penetration-testing, hacking | 14-Dec-2024 |
Simplifying Reconnaissance: Building a Custom Bug Hunting Discord Bot | https://medium.com/@najeebkm010/simplifying-reconnaissance-building-a-custom-bug-hunting-discord-bot-6792ab4249bf?source=rss------bug_bounty-5 | Najeebkm | bug-bounty-tool, bug-bounty, cybersecurity | 14-Dec-2024 |
How I Discovered a $7,000 Critical Vulnerability: IDOR to BAC to Account Takeover | https://medium.com/@najeebkm010/how-i-discovered-a-7-000-critical-vulnerability-idor-to-bac-to-account-takeover-0c195eae2ed2?source=rss------bug_bounty-5 | Najeebkm | bug-bounty-writeup, bug-bounty | 14-Dec-2024 |
10 day with Me | OWASP Top 10 | Day -1: Broken Access Control | https://infyra.medium.com/10-day-with-me-owasp-top-10-day-1-broken-access-control-e75572ce157e?source=rss------bug_bounty-5 | Md. EMTIAZ AHMED | broken-access-control, owasp, owasp-top-10, bug-bounty, cybersecurity | 14-Dec-2024 |
Exploiting API Rate Limiting: Bypassing Restrictions | https://medium.com/@bootstrapsecurity/exploiting-api-rate-limiting-bypassing-restrictions-c89a1bd61aee?source=rss------bug_bounty-5 | BootstrapSecurity | api-security, development, rate-limiting, hacking, bug-bounty | 14-Dec-2024 |
How I Found a Broken Link Hijacking Vulnerability in 2 Minutes | $250 Bounty | https://medium.com/@kumawatabhijeet2002/how-i-found-a-broken-link-hijacking-vulnerability-in-2-minutes-250-bounty-0d991eb9c61b?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, bugs, infosec, broken-link-hijacking, hacking | 14-Dec-2024 |
My First Critical Bug: Exposing 3.5 Lakh+ PII! ️ | https://infosecwriteups.com/my-first-critical-bug-exposing-3-5-lakh-pii-%EF%B8%8F-fbad616ddbea?source=rss------bug_bounty-5 | cryptoshant | hacking, bug-bounty-tips, penetration-testing, cybersecurity, bug-bounty | 14-Dec-2024 |
Git Information Leak: How to Exploit an Exposed .git Repository on a Web Server | https://medium.com/@burhankhansodhar/git-information-leak-how-to-exploit-an-exposed-git-repository-on-a-web-server-ac190ae18928?source=rss------bug_bounty-5 | Itz Burhan Khan | penetration-testing, web-server, directory-listing, bug-bounty, git | 14-Dec-2024 |
Are you looking for an Intigriti alternative? | https://medium.com/@hackrate/are-you-looking-for-an-intigriti-alternative-4128a25888ed?source=rss------bug_bounty-5 | Levente Molnar | cybersecurity, bug-bounty, hacking, ethical-hacking, penetration-testing | 14-Dec-2024 |
Dubai Police Identity Used in Sophisticated UAE Mobile Scams | https://medium.com/@wiretor/dubai-police-identity-used-in-sophisticated-uae-mobile-scams-36b9d149db17?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | business, malware, hacking, ai, bug-bounty | 14-Dec-2024 |
Using Platform Profiles to send Fake in Information: A Security Risk Good logic bug | https://medium.com/@mahdisalhi0500/using-platform-profiles-to-send-fake-in-information-a-security-risk-good-logic-bug-0510d73802b8?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | penetration-testing, cybersecurity, bug-bounty-tips, bug-bounty, security | 14-Dec-2024 |
P4 bug’s and their POC steps | Part 9 | https://osintteam.blog/p4-bugs-and-their-poc-steps-part-9-c1f873227917?source=rss------bug_bounty-5 | socalledhacker | infosec, bug-bounty, bug-bounty-tips, cybersecurity, hacking | 14-Dec-2024 |
Reflected XSS on Gaming Blog Website | https://medium.com/@enigma_/reflected-xss-on-gaming-blog-website-edc448d613a3?source=rss------bug_bounty-5 | enigma_ | writeup, bug-bounty-writeup, hackin, penetration-testing, bug-bounty | 13-Dec-2024 |
Introducing ShodanSpider v2: Your Ultimate Free Tool for CVE Searching and Shodan Data Analysis… | https://shubhamrooter.medium.com/introducing-shodanspider-v2-your-ultimate-free-tool-for-cve-searching-and-shodan-data-analysis-ba7c7b3097b0?source=rss------bug_bounty-5 | Shubham Tiwari | cybersecurity, shodanspider, bug-bounty, redteam-tool, pentesting | 13-Dec-2024 |
#ERROR! | https://medium.com/meetcyber/hidden-ace-up-hackers-sleeve-hacking-gadgets-1-phone-on-a-simmy-8b3d3cd540cf?source=rss------bug_bounty-5 | NnFace | cybersecurity, hacking, termux, kali-linux, bug-bounty | 13-Dec-2024 |
Deep Recon Methodology for Bug Bounty Hunters | Part-1 | https://medium.com/@kumawatabhijeet2002/deep-recon-methodology-for-bug-bounty-hunters-part-1-54bdac09dcf4?source=rss------bug_bounty-5 | Abhijeet kumawat | infosec, bug-bounty, methodology, bug-bounty-tips | 13-Dec-2024 |
Critical Unauthorized Access to Admin Pages via Vulnerable Endpoints | https://hackersatty.medium.com/critical-unauthorized-access-to-admin-pages-via-vulnerable-endpoints-e8799b3f7f69?source=rss------bug_bounty-5 | hackersatty | admin-panel, javascript, bug-bounty, hackerone, hackersatty | 13-Dec-2024 |
Third Party Services Takeover using Oauth Misconfiguration | https://infosecwriteups.com/third-party-services-takeover-using-oauth-misconfiguration-8888a0c1ad86?source=rss------bug_bounty-5 | Ronak Patel | information-security, cybersecurity, ethical-hacking, bug-bounty | 13-Dec-2024 |
Idor Is Easy ! You may Don’t know ! The Longest PrivEsc I’ve ever faced on Public BBP | https://medium.com/@Ahmex000/idor-is-easy-you-may-dont-know-the-longest-privesc-i-ve-ever-faced-on-public-bbp-1bf67cd699d8?source=rss------bug_bounty-5 | Ahmex000 | bug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-hunting, bugbounty-writeup | 13-Dec-2024 |
How I Found and Fixed XSS on a Website: A Bug Hunter’s Tale | https://medium.com/@mayankmalaviya3/how-i-found-and-fixed-xss-on-a-website-a-bug-hunters-tale-bc7351043928?source=rss------bug_bounty-5 | Mayank Malaviya (Aiwolfie) | hacking, bug-bounty, security, xss-attack, vulnerability | 13-Dec-2024 |
429 Bypasser Extension Guide | https://medium.com/@raxomara/429-bypasser-extension-guide-1d4f86b7d630?source=rss------bug_bounty-5 | Raxomara | cybersecurity, 429-bypasser, rate-limit-bypass, bug-bounty, bug-bounty-tips | 13-Dec-2024 |
Make Penetration Testing Sexy Again | https://medium.com/@hackrate/make-penetration-testing-sexy-again-with-hackgate-51c556944c0b?source=rss------bug_bounty-5 | Levente Molnar | ethical-hacking, bug-bounty, cybersecurity, penetration-testing, hacking | 13-Dec-2024 |
The Growing Threat of Identity Attacks in Cybersecurity | https://medium.com/@paritoshblogs/the-growing-threat-of-identity-attacks-in-cybersecurity-5e847cf4ab6d?source=rss------bug_bounty-5 | Paritosh | information-technology, hacking, cybersecurity, identity, bug-bounty | 13-Dec-2024 |
Bug Bounty Training Program | https://bevijaygupta.medium.com/bug-bounty-training-program-78c927572385?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-writeup, bug-bounty, bug-bounty-tips, bugs, bug-zero | 13-Dec-2024 |
A Beginner’s Guide to Testing for Server-Side Request Forgery (SSRF) | https://medium.com/@mcooter/a-beginners-guide-to-testing-for-server-side-request-forgery-ssrf-9a4b5e16fdd2?source=rss------bug_bounty-5 | Michael Cooter | bug-bounty, ssrf, oswa, web-application-security, hacking | 13-Dec-2024 |
Android vs iOS Security Intro | https://medium.com/@in3tinct/android-vs-ios-security-intro-4a9b5ecc65cf?source=rss------bug_bounty-5 | Vaibhav | security, android, bug-bounty, ios, mobile-app-development | 13-Dec-2024 |
Bug Bounty Findings: 10 Major Vulnerabilities Exposed in Cloverleaf’s Application — IDOR — Part 2 | https://medium.com/@maakthon/bug-bounty-findings-10-major-vulnerabilities-exposed-in-cloverleafs-application-idor-part-2-932746b6b445?source=rss------bug_bounty-5 | Mahmoud Abd Alkarim | security-research, web-application-security, cybersecurity, bug-bounty, bug-bounty-writeup | 13-Dec-2024 |
APIS are so easy to exploit | https://medium.com/@momen_besher/apis-are-so-easy-to-exploit-80bf65941e28?source=rss------bug_bounty-5 | steve55555 | api, vulnerability, bug-bounty-tips, cybersecurity, bug-bounty | 13-Dec-2024 |
【Award-winning Survey】About Security Vulnerability Submission Function | https://medium.com/@security.tecno/award-winning-survey-about-security-vulnerability-submission-function-c3113e2baec0?source=rss------bug_bounty-5 | TECNO Security | rewards, bugs, surveys, hacking, bug-bounty | 12-Dec-2024 |
[Bugbounty]SQLI — Data Exfiltration via DNS | https://medium.com/@kauenavarro/bugbounty-sqli-data-exfiltration-via-dns-3e68ece08205?source=rss------bug_bounty-5 | Kauê Navarro | hacking, sqli, bug-hunter, bug-bounty, bugcrowd | 12-Dec-2024 |
How I Bypassed Email Confirmation: A Playful Journey into the World of Bug Hunting | https://medium.com/@mrasg/how-i-bypassed-email-confirmation-a-playful-journey-into-the-world-of-bug-hunting-30f72d6c2fb6?source=rss------bug_bounty-5 | Ahmed Samir Ghallab | pentesting, bug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty | 12-Dec-2024 |
Measuring the Success of Bug Bounty Programs: Outdated vs. Modern Approaches | https://medium.com/@hackrate/measuring-the-success-of-bug-bounty-programs-outdated-vs-modern-approaches-9cf87655092b?source=rss------bug_bounty-5 | Levente Molnar | ethical-hacking, penetration-testing, cybersecurity, hacking, bug-bounty | 12-Dec-2024 |
How I hacked University | https://medium.com/@Wantet/how-i-hacked-university-76097e703cb5?source=rss------bug_bounty-5 | Wantet | penetration-testing, university, bug-bounty, hacking | 12-Dec-2024 |
How to Find and Identify Race Condition Vulnerabilities as a Penetration Tester | https://cyberw1ng.medium.com/how-to-find-and-identify-race-condition-vulnerabilities-as-a-penetration-tester-9d9ecce6ed56?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, hacking, careers, technology | 12-Dec-2024 |
Bug Bounty Findings: 10 Major Vulnerabilities Exposed in Cloverleaf’s Application - Open Redirect … | https://medium.com/@maakthon/bug-bounty-findings-10-major-vulnerabilities-exposed-in-cloverleafs-web-application-part-1-95f659ff7d0a?source=rss------bug_bounty-5 | Mahmoud Abd Alkarim | web-application-security, cybersecurity, bug-bounty-writeup, bug-bounty, security-research | 12-Dec-2024 |
Account Takeover using SSO Logins | https://rikeshbaniya.medium.com/account-takeover-using-sso-logins-fa35f28a358b?source=rss------bug_bounty-5 | Rikesh Baniya | bugcrowd, bug-bounty-writeup, bug-bounty-tips, hackerone, bug-bounty | 12-Dec-2024 |
Hack The Box Academy — File Inclusion — Skills Assessment | https://medium.com/@d4nglz17/hack-the-box-academy-file-inclusion-skills-assessment-1ca0283a9a06?source=rss------bug_bounty-5 | Danglz | hackthebox, penetration-testing, bug-bounty-writeup, bug-bounty, information-security | 12-Dec-2024 |
Identity & Access Alert: Microsoft MFA Bypassed via AuthQuake Attack! | https://medium.com/@wiretor/identity-access-alert-microsoft-mfa-bypassed-via-authquake-attack-fc57043fe39a?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, microsoft, bug-bounty, ai, business | 12-Dec-2024 |
Critical Alert: Hackers Exploit Hunk Companion WordPress Plugin! | https://medium.com/@wiretor/critical-alert-hackers-exploit-hunk-companion-wordpress-plugin-50fcf5834f84?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | business, wordpress, hacking, bug-bounty, malware | 12-Dec-2024 |
€XXX bounty for 2FA disabled without password and OTP by response manipulation | https://osintteam.blog/xxx-bounty-for-2fa-disabled-without-password-and-otp-by-response-manipulation-499ba5234a4f?source=rss------bug_bounty-5 | socalledhacker | hacking, bug-bounty, infosec, cybersecurity, bug-bounty-tips | 12-Dec-2024 |
“Bypasseando controles en un POS” (Un poco de humo… del bueno) | https://medium.com/@andresbe.be/bypasseando-controles-en-un-pos-un-poco-de-humo-del-bueno-b18b6ecbc775?source=rss------bug_bounty-5 | Andres Barroso | bypass-restriction, point-of-sale-device, bug-bounty | 12-Dec-2024 |
How a Race Condition Became an Account Takeover Vulnerability | https://medium.com/@mrasg/how-a-race-condition-became-an-account-takeover-vulnerability-756f14990f38?source=rss------bug_bounty-5 | Ahmed Samir Ghallab | bug-bounty-writeup, bug-bounty-tips, security, pentesting, bug-bounty | 12-Dec-2024 |
“Bypasseando controles en un POS” | https://medium.com/@andresbe.be/bypasseando-controles-en-un-pos-un-poco-de-humo-del-bueno-b18b6ecbc775?source=rss------bug_bounty-5 | Andres Barroso | bypass-restriction, point-of-sale-device, bug-bounty | 12-Dec-2024 |
Exposed Git Directory P1 Bug | https://medium.com/@abhirupkonwar04/exposed-git-directory-p1-bug-5fd272a62f51?source=rss------bug_bounty-5 | AbhirupKonwar | vulnerability-management, pentesting, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 11-Dec-2024 |
We Faced a Brute Force Attack — Here’s What Saved Us! | https://medium.com/@paritoshblogs/we-faced-a-brute-force-attack-heres-what-saved-us-1d33547eca61?source=rss------bug_bounty-5 | Paritosh | information-technology, hacking, cybersecurity, bug-bounty, brute-force | 11-Dec-2024 |
Exposed Git Directory P1 Bug | https://systemweakness.com/exposed-git-directory-p1-bug-5fd272a62f51?source=rss------bug_bounty-5 | AbhirupKonwar | vulnerability-management, pentesting, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 11-Dec-2024 |
Email Flooding Without Knowing Victim Email Via CSRF | https://0xshuvo.medium.com/email-flooding-without-knowing-victim-email-via-csrf-8de8bf5de3a3?source=rss------bug_bounty-5 | Shuvo Kumar Saha | email-flooding, csrf, bug-bounty, bugbounty-writeup, bug-bounty-tips | 11-Dec-2024 |
How I Earned My First $100 in a Bug Bounty Program (And How You Can Too!) | https://medium.com/@divyesh.jagad/how-i-earned-my-first-100-in-a-bug-bounty-program-and-how-you-can-too-57b58b37226a?source=rss------bug_bounty-5 | Divyesh Jagad | passive-income, data-security, bug-bounty, ethical-hacking, cybersecurity | 11-Dec-2024 |
Easy SQLI in just 30 minutes | https://medium.com/@mohammed01550038865/easy-sqli-in-just-30-minutes-0296038bb473?source=rss------bug_bounty-5 | Muhammed Mubarak | bug-bounty, hackerone, sql-injection, bugcrowd, writing-tips | 11-Dec-2024 |
IDOR leads to leak private user’s data | https://medium.com/@banertheinrich/idor-leads-to-leak-private-users-data-3a2b59f58826?source=rss------bug_bounty-5 | Adham Heinrich | idor, bug-bounty, idor-vulnerability, cybersecurity, penetration-testing | 11-Dec-2024 |
Hackrate PTaaS Powered by HackGATE: Redefining Penetration Testing | https://medium.com/@hackrate/hackrate-ptaas-powered-by-hackgate-redefining-penetration-testing-cb91c07ecc8f?source=rss------bug_bounty-5 | Levente Molnar | penetration-testing, bug-bounty, ethical-hacking, cybersecurity, hacking | 11-Dec-2024 |
Data Breach: 446K Patients & Employees Affected at Center for Vein Restoration | https://medium.com/@wiretor/data-breach-446k-patients-employees-affected-at-center-for-vein-restoration-a75cf6fc1a5e?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ai, bug-bounty, hacking, malware, business | 11-Dec-2024 |
Urgent Warning: Ivanti CSA Flaw Exposes Admin Controls to Hackers! | https://medium.com/@wiretor/urgent-warning-ivanti-csa-flaw-exposes-admin-controls-to-hackers-d6937ede4389?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, bug-bounty, ivanti, ransomware, business | 11-Dec-2024 |
Critical WPForms Flaw Exposes 6M Sites to Unauthorized Stripe Refunds | https://medium.com/@wiretor/critical-wpforms-flaw-exposes-6m-sites-to-unauthorized-stripe-refunds-da9f48a7bfd0?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, hacking, wpforms, business, malware | 11-Dec-2024 |
How I Secured The Indian Army? | https://cybersecuritywriteups.com/how-i-secured-the-indian-army-9a80ba399202?source=rss------bug_bounty-5 | Guru Prasad Pattanaik | bug-bounty-tips, cybersecurity, ethical-hacking, bug-bounty-writeup, bug-bounty | 11-Dec-2024 |
Mastering JavaScript, Can It Make You an XSS Bug Hunter? | https://rendiero.medium.com/mastering-javascript-can-it-make-you-an-xss-bug-hunter-a0f0aaba0c6f?source=rss------bug_bounty-5 | Rendiero | hacking, penetration-testing, bug-bounty, xss-attack, javascript | 10-Dec-2024 |
Email and home address disclosure using unauthenticated API endpoint worth $500 | https://vijetareigns.medium.com/email-and-home-address-disclosure-using-unauthenticated-api-endpoint-worth-500-4a497ff0678c?source=rss------bug_bounty-5 | the_unlucky_guy | cybersecurity, bug-bounty, application-security, bug-bounty-writeup, bug-bounty-tips | 10-Dec-2024 |
Investigating a Linux Machine Security Breach Without Tools! | https://medium.com/@paritoshblogs/investigating-a-linux-machine-security-breach-without-tools-464e14bdeab0?source=rss------bug_bounty-5 | Paritosh | hacking, information-technology, linux, bug-bounty, cybersecurity | 10-Dec-2024 |
$500 Bypassing Cloudflare WAF to Achieve XSS | https://medium.com/@kumawatabhijeet2002/500-bypassing-cloudflare-waf-to-achieve-xss-f3b9c4acb702?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, xss-vulnerability, bug-bounty-writeup, bug-bounty-tips, bugs | 10-Dec-2024 |
HackerOne 香港汇丰接收赏金 | https://medium.com/@dem0ns/hackerone-%E9%A6%99%E6%B8%AF%E6%B1%87%E4%B8%B0%E6%8E%A5%E6%94%B6%E8%B5%8F%E9%87%91-353356389bc9?source=rss------bug_bounty-5 | 猫猫虫 | hsbc, h1, bug-bounty, hackerone, 挖洞 | 10-Dec-2024 |
One way hackers stole API keys, Passwords, Tokens and Secrets. | https://osintteam.blog/one-way-hackers-stole-api-keys-passwords-tokens-and-secrets-4e731435bbd4?source=rss------bug_bounty-5 | Pwndec0c0 | programming, bug-bounty, cybersecurity, hacking, web-development | 10-Dec-2024 |
Zoho QEngine: Arbitrary File Read | https://infosecwriteups.com/zoho-qengine-arbitrary-file-read-08df3d1e167e?source=rss------bug_bounty-5 | Jayateertha Guruprasad | hacking, cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 10-Dec-2024 |
NASA P2 Google Dorking | https://medium.com/@srinathkk99/nasa-p3-google-dorking-f7bd4b56d395?source=rss------bug_bounty-5 | Srinath K K | cybersecurity, bug-bounty, nasa, vulnerability, appreciation | 10-Dec-2024 |
The Ultimate Guide to Starting a Bug Bounty Program: A Company’s Perspective | https://medium.com/@hackrate/the-ultimate-guide-to-starting-a-bug-bounty-program-a-companys-perspective-4feebb585ac4?source=rss------bug_bounty-5 | Levente Molnar | ethical-hacking, hacking, penetration-testing, cybersecurity, bug-bounty | 10-Dec-2024 |
I Found 7 Log4j (RCE) in a Single Program! | https://medium.com/@rootplinix/i-found-7-log4j-rce-in-a-single-program-5afb7d02dd06?source=rss------bug_bounty-5 | Abu Hurayra | bug-bounty-tips, cybersecurity, bug-bounty-writeup, log4shell, bug-bounty | 10-Dec-2024 |
Must-Have Hacking Extensions For Bugbounty Hunters | https://medium.com/@The_scratch/must-have-hacking-extensions-for-bugbounty-hunters-5de4c56c6963?source=rss------bug_bounty-5 | Scratch | reconnaissance, bug-bounty, cybersecurity, hacking, bug-bounty-tips | 10-Dec-2024 |
Naabu: A Fast and Efficient Port Scanning Tool | https://medium.com/@rootspaghetti/naabu-a-fast-and-efficient-port-scanning-tool-a5f8a4cf0641?source=rss------bug_bounty-5 | Root@Spaghetti | bug-bounty-tips, hacking, bug-bounty | 10-Dec-2024 |
OAuth Account Hijacking via redirect_uri | https://osintteam.blog/oauth-account-hijacking-via-redirect-uri-ae8ca7a66930?source=rss------bug_bounty-5 | Ryan G. Cox - The Cybersec Café | bug-bounty, pentesting, bug-bounty-tips, information-security, cybersecurity | 10-Dec-2024 |
How i bypassed 403 forbidden (private method) | https://medium.com/@reazatih/how-i-bypassed-403-forbidden-private-method-fc066c11f90f?source=rss------bug_bounty-5 | Re@Za | cybersecurity, bug-bounty, penetration-testing, 403-forbidden, hacking | 10-Dec-2024 |
$50M Crypto Heist Linked to North Korean Hackers in Radiant Capital Attack | https://medium.com/@wiretor/50m-crypto-heist-linked-to-north-korean-hackers-in-radiant-capital-attack-71be5b6515d7?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | business, ai, crypto, bug-bounty, malware | 10-Dec-2024 |
Chinese Cyber Attack Targets European IT Firms Using Visual Studio Code for Supply-Chain… | https://medium.com/@wiretor/chinese-cyber-attack-targets-european-it-firms-using-visual-studio-code-for-supply-chain-761a472b00b2?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | business, ai, bug-bounty, malware, hacking | 10-Dec-2024 |
Romanian Energy Supplier Electrica Hit by Ransomware Attack ⚡ | https://medium.com/@wiretor/romanian-energy-supplier-electrica-hit-by-ransomware-attack-8e1b3d8e453d?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | business, hacking, malware, romania, bug-bounty | 10-Dec-2024 |
OpenWrt Sys upgrade Flaw: Hackers Can Push Malicious Firmware Images | https://medium.com/@wiretor/openwrt-sys-upgrade-flaw-hackers-can-push-malicious-firmware-images-088a0d23a1b0?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, openwrt, business, bug-bounty, hacking | 10-Dec-2024 |
Mastering Bug Bounty Recon: Essential Techniques for Ethical Hackers | https://medium.com/@verylazytech/mastering-bug-bounty-recon-essential-techniques-for-ethical-hackers-549c5b472975?source=rss------bug_bounty-5 | Very Lazy Tech | subdomain-enumeration, bug-bounty, github-recon, ethical-hacking, bug-bounty-techniques | 10-Dec-2024 |
How I Bypassed OTP Like a Devil, Leading to Full Account Takeover | https://infosecwriteups.com/how-i-bypassed-otp-like-a-devil-leading-to-full-account-takeover-7bb7a673f7a0?source=rss------bug_bounty-5 | Ranjan | account-takeover, bug-bounty, ethical-hacking, otp-bypass, hacking | 10-Dec-2024 |
How I Earned Over 100 Points on HackerOne with Email Spoofing. | https://j0nasdias.medium.com/how-i-earned-over-100-points-on-hackerone-with-email-spoofing-1ae0c4bc6aba?source=rss------bug_bounty-5 | Jonas Dias Rebelo | pentest, vulnerability, email-spoofing, hackerone, bug-bounty | 10-Dec-2024 |
NASA P3 Google Dorking | https://cybersecuritywriteups.com/nasa-p3-google-dorking-6779970b6f03?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty-writeup, cybersecurity, bug-bounty-tips, pentesting, bug-bounty | 09-Dec-2024 |
Vote Manipulation & Debug Exposure, Another Interesting Finding… | https://medium.com/@josuofficial327/vote-manipulation-debug-exposure-another-interesting-finding-ec31f8cb939c?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | programming, bug-bounty-tips, penetration-testing, cybersecurity, bug-bounty | 09-Dec-2024 |
How I Exploited Amazon Cognito Misconfigurations to Access Confidential S3 Data | https://1-day.medium.com/how-i-exploited-amazon-cognito-misconfigurations-to-access-confidential-s3-data-badb62cabfab?source=rss------bug_bounty-5 | 1day | bug-bounty-writeup, writeup, pentesting, bug-bounty, aws | 09-Dec-2024 |
From Couch to Cloud: Bug Hunting Made Easy! | https://udayshelke17-40981.medium.com/from-couch-to-cloud-bug-hunting-made-easy-993039c8208b?source=rss------bug_bounty-5 | sudo uday | hacking, bug-bounty, cybersecurity, cloud-security, bug-bounty-tips | 09-Dec-2024 |
How I Earned $$$ | Open Redirection | https://medium.com/@A0X-Y0S3TRX/how-i-earned-open-redirection-c26e191dbff2?source=rss------bug_bounty-5 | A0X-Y0S3TRX | bug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-program | 09-Dec-2024 |
The List of Top Penetration Testing as a Service (PTaaS) Platforms for 2024 | https://medium.com/@hackrate/the-list-of-top-penetration-testing-as-a-service-ptaas-platforms-for-2024-e04969614042?source=rss------bug_bounty-5 | Levente Molnar | ethical-hacking, cybersecurity, bug-bounty, hacking, penetration-testing | 09-Dec-2024 |
How I Exploited Amazon Cognito Misconfigurations to Access Confidential S3 Data | https://awstip.com/how-i-exploited-amazon-cognito-misconfigurations-to-access-confidential-s3-data-badb62cabfab?source=rss------bug_bounty-5 | 1day | bug-bounty-writeup, writeup, pentesting, bug-bounty, aws | 09-Dec-2024 |
VPS for Hackers: Top Picks for Bug Bounty and Cloud Pentesters Enthusiasts 2025 | https://hackerassociate.medium.com/vps-for-hackers-top-picks-for-bug-bounty-and-cloud-pentesters-enthusiasts-2025-195b17eea9f7?source=rss------bug_bounty-5 | Harshad Shah | cybersecurity, bug-bounty, penetration-testing, infosec, vps | 09-Dec-2024 |
Exposed Prometheus Server Endpoint | https://osintteam.blog/exposed-prometheus-server-endpoint-cfb8e82e441b?source=rss------bug_bounty-5 | AbhirupKonwar | pentesting, bug-bounty, bug-bounty-writeup, vulnerability-management, bug-bounty-tips | 09-Dec-2024 |
2.9 Billion Records Compromised in NPD Breach: The Largest Data Leak Ever! | https://medium.com/@wiretor/2-9-billion-records-compromised-in-npd-breach-the-largest-data-leak-ever-9edaa25d362c?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | business, ransomware, bug-bounty, breach, malware | 09-Dec-2024 |
One Phishing Hit Leads to Massive Breach: 11K Children’s Data Exposed | https://medium.com/@wiretor/one-phishing-hit-leads-to-massive-breach-11k-childrens-data-exposed-f8bb80abc574?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | phising, business, malware, bug-bounty, hacking | 09-Dec-2024 |
Eight Suspected Phishers Arrested in Belgium, Netherlands for Multi-Million Euro Fraud Scheme | https://medium.com/@wiretor/eight-suspected-phishers-arrested-in-belgium-netherlands-for-multi-million-euro-fraud-scheme-2df2e53d1fe3?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, phishing, business, malware, scam | 09-Dec-2024 |
How to Earn Money with Bug Bounties and Other Platforms | https://medium.com/@tuteja_lovish/how-to-earn-money-with-bug-bounties-and-other-platforms-6a248db1a94d?source=rss------bug_bounty-5 | Lovish Kumar | security-token, bugs, bug-bounty, security, bounties | 09-Dec-2024 |
QR Codes Bypass Browser Isolation for Malicious C2 Communication ️ | https://medium.com/@wiretor/qr-codes-bypass-browser-isolation-for-malicious-c2-communication-%EF%B8%8F-6dddc201d532?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, hacking, business, bug-bounty, qr-code | 09-Dec-2024 |
Server Security Misconfiguration: Misconfigured DNS — High-Impact Subdomain Takeover (P2) | https://medium.com/@mathewskuruvila32/server-security-misconfiguration-misconfigured-dns-high-impact-subdomain-takeover-p2-cb9e7ccadf2d?source=rss------bug_bounty-5 | Mathews kuruvila | vulnerability, hacking, ethical-hacking, web-app-development, bug-bounty | 09-Dec-2024 |
The HackerOne-Wayback Machine Saga: An Unofficial Vulnerability or Just Public Oversight? | https://huntrai.medium.com/the-hackerone-wayback-machine-saga-an-unofficial-vulnerability-or-just-public-oversight-22c1fb0112bb?source=rss------bug_bounty-5 | Aditya sunny | bug-bounty, bugs, hacking | 09-Dec-2024 |
How I Discovered a Critical Vulnerability in WhatsApp’s Admin System | https://huntrai.medium.com/how-i-discovered-a-critical-vulnerability-in-whatsapps-admin-system-ce0a3f2bbcb2?source=rss------bug_bounty-5 | Aditya sunny | infosec, bug-bounty, hackerone, hacking, bugs | 09-Dec-2024 |
1-Click Account Takeover (ATO) via CORS Misconfiguration | https://medium.com/@mohammed01550038865/1-click-account-takeover-ato-via-cors-misconfiguration-64dc26d24917?source=rss------bug_bounty-5 | Muhammed Mubarak | hackerone, bugcrowd, bug-bounty-tips, ato, bug-bounty | 09-Dec-2024 |
From Dev to Disaster: My Hilarious First Attempt at Bug Bounties with Burp Suite Pro | https://medium.com/@zero_4583/from-dev-to-disaster-my-hilarious-first-attempt-at-bug-bounties-with-burp-suite-pro-20fddd3ad295?source=rss------bug_bounty-5 | Nathan Vincent | bug-bounty, burpsuite, appsec, penetration-testing | 08-Dec-2024 |
Misconfigurations That Paid Me Big: How I Exploited Them (And How You Can Stop Me) | https://systemweakness.com/misconfigurations-that-paid-me-big-how-i-exploited-them-and-how-you-can-stop-me-788a5375aa3c?source=rss------bug_bounty-5 | Akash Ghosh | technology, bug-bounty, cybersecurity, bug-bounty-writeup, programming | 08-Dec-2024 |
$400 Bounty in 10 sec | https://systemweakness.com/400-bounty-in-10-sec-14d26c2976ec?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty-writeup, pentesting, bug-bounty-tips, cybersecurity, bug-bounty | 08-Dec-2024 |
Critical Authentication Bypass & Account Takeover via Attacker’s MFA Code | https://medium.com/@sharp488/critical-authentication-bypass-account-takeover-via-attackers-mfa-code-fadf36fe6e34?source=rss------bug_bounty-5 | Sharat Kaikolamthuruthil | bug-bounty, information-technology, bug-bounty-writeup, bug-bounty-tips, information-security | 08-Dec-2024 |
WhiteLevel Error Page / Spring Boot Actuators Hunting | https://0xshuvo.medium.com/whitelevel-error-page-spring-boot-actuators-hunting-b0290c4ccdbd?source=rss------bug_bounty-5 | Shuvo Kumar Saha | bug-bounty-writeup, bug-bounty, infosec, bug-hunting, exploit | 08-Dec-2024 |
The Dark Side of AI: Inside PyTorch’s Unpatched Vulnerabilities | https://medium.com/@piyushbhor22/the-dark-side-of-ai-inside-pytorchs-unpatched-vulnerabilities-0d8ce74fc9b5?source=rss------bug_bounty-5 | Pi - The Kernel Panic | machine-learning, pytorch, zero-day, exploits-zero-day, bug-bounty | 08-Dec-2024 |
All About Pentesting & Securing Checkouts and Transactions | https://infosecwriteups.com/all-about-pentesting-securing-checkouts-and-transactions-f7bb1de4fd7b?source=rss------bug_bounty-5 | Xcheater | bug-bounty, appsec, payment-gateway | 08-Dec-2024 |
Exploiting PHP Insecure Deserialization | https://medium.com/@mayank_prajapati/exploiting-php-insecure-deserialization-2e301557f12f?source=rss------bug_bounty-5 | Mayank Kumar Prajapati | bug-bounty, cybersecurity, red-team, ethical-hacking, penetration-testing | 08-Dec-2024 |
$200 Recon Bug Bounty | https://medium.com/infosecmatrix/200-recon-bug-bounty-3538566b94dc?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty-tips, pentesting, bug-bounty-writeup, ethical-hacking, bug-bounty | 08-Dec-2024 |
The Ultimate Guide to Starting a Penetration Testing as a Service (PTaaS) Project for Your Company | https://medium.com/@hackrate/the-ultimate-guide-to-starting-a-penetration-testing-as-a-service-ptaas-project-for-your-company-5d7919eed353?source=rss------bug_bounty-5 | Levente Molnar | bug-bounty, hacking, penetration-testing, ethical-hacking, cybersecurity | 08-Dec-2024 |
PoC: Bypass Input with SQL Injection to Gaining Information in SMK Maarif Terpadu Cicalengka and… | https://medium.com/@baracarlo/poc-bypass-input-with-sql-injection-to-gaining-information-in-smk-maarif-terpadu-cicalengka-and-51d56cfbbd60?source=rss------bug_bounty-5 | Baradika | sql-injection, cybersecurity, bug-hunting, bug-bounty | 08-Dec-2024 |
How I Found Info disclosure vulnerability? | https://doordiefordream.medium.com/how-i-found-info-disclosure-vulnerability-32fa9e9b9a45?source=rss------bug_bounty-5 | Bug hunter balu | ethical-hacking, hacking, cybersecurity, bug-bounty, web3 | 08-Dec-2024 |
Russia’s ‘BlueAlpha’ APT Hides in Cloudflare Tunnels | https://medium.com/@wiretor/russias-bluealpha-apt-hides-in-cloudflare-tunnels-7d7372615241?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, hacking, malware, business, russia | 08-Dec-2024 |
Top 5 Must-Read Books to Master Web Penetration Testing (Beginners & Beyond) | https://medium.com/@verylazytech/top-5-must-read-books-to-master-web-penetration-testing-beginners-beyond-9bf99651445f?source=rss------bug_bounty-5 | Very Lazy Tech | hacking, bug-bounty, penetration-testing, web-development, web-penetration-testing | 08-Dec-2024 |
How I Found a Critical Vulnerability and Earned $4,000 in Bug Bounty Hunting | https://medium.com/@zack0x01_/how-i-found-a-critical-vulnerability-and-earned-4-000-in-bug-bounty-hunting-2ce4a1227fdc?source=rss------bug_bounty-5 | zack0x01 | idor, cybersecurity, bug-bounty, hacking | 08-Dec-2024 |
Mastering Git Conflicts: A Developer’s Guide to Seamless Merges ️⚡ | https://rajuhemanth456.medium.com/mastering-git-conflicts-a-developers-guide-to-seamless-merges-%EF%B8%8F-19718b819da0?source=rss------bug_bounty-5 | Hemanth Raju | bug-bounty, coding, software-development, interview, github | 08-Dec-2024 |
Privilege Escalation via Impersonation Features feature | https://medium.com/@0x_xnum/privilege-escalation-via-impersonation-features-feature-c49cf3a3dc03?source=rss------bug_bounty-5 | Ahmed Tarek | privilege-escalation, hacking, bug-bounty-tips, bug-bounty, pentesting | 08-Dec-2024 |
Mastering Internet Scanning: How to Use ZMap and Censys for Ethical Hacking — Part 1 | https://systemweakness.com/mastering-internet-scanning-how-to-use-zmap-and-censys-for-ethical-hacking-part-1-2ca54401e2e0?source=rss------bug_bounty-5 | hacker_might | reconnaissance, recon, ip-security, zmap, bug-bounty | 08-Dec-2024 |
Unlocking Cybersecurity with Censys: A Guide to Ethical Hacking, Bug Bounties, and Pentesting —… | https://systemweakness.com/unlocking-cybersecurity-with-censys-a-guide-to-ethical-hacking-bug-bounties-and-pentesting-4e1c6e4358c3?source=rss------bug_bounty-5 | hacker_might | fun, bug-bounty, recon, censys, osint | 08-Dec-2024 |
Mastering Subdomain Visualization: Using Aquatone for Effective Reconnaissanc | https://medium.com/@kalkumbe7745/mastering-subdomain-visualization-using-aquatone-for-effective-reconnaissanc-6409c7846c2c?source=rss------bug_bounty-5 | Rutvik Kalkumbe | ethical-hacking, cybersecurity, bug-bounty, security, aquatone | 08-Dec-2024 |
How I Test for Cross-Site Scripting | https://osintteam.blog/how-i-test-for-cross-site-scripting-9262de5e949d?source=rss------bug_bounty-5 | Cybersec with Hemmars | writing, technology, cybersecurity, bug-bounty | 08-Dec-2024 |
My First Bounty of ₹₹₹ | https://osintteam.blog/my-first-bounty-of-37c2d40cbdd9?source=rss------bug_bounty-5 | cryptoshant | password-reset, bug-bounty, journey, cybersecurity, hacking | 07-Dec-2024 |
From Low Privileges to Owner Rights: A Wild Journey Through an ATO Vulnerability | https://medium.com/@mrasg/from-low-privileges-to-owner-rights-a-wild-journey-through-an-ato-vulnerability-cb21c468634c?source=rss------bug_bounty-5 | Ahmed Samir Ghallab | bug-bounty-tips, bug-bounty-writeup, cybersecurity, hacking, bug-bounty | 07-Dec-2024 |
P3 Bug in Few Minutes | https://medium.com/meetcyber/p3-bug-in-few-minutes-006f57913f71?source=rss------bug_bounty-5 | AbhirupKonwar | pentesting, cybersecurity, bug-bounty, infosec, bug-bounty-tips | 07-Dec-2024 |
How I Found an ATO Vulnerability in Stripe Program in an Overlooked Corner | https://medium.com/@mrasg/how-i-found-an-ato-vulnerability-in-stripe-program-in-an-overlooked-corner-dce7d2cdaaf9?source=rss------bug_bounty-5 | Ahmed Samir Ghallab | security, bug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty | 07-Dec-2024 |
How to Make a Clickjacking Vulnerability Scanner with Python | https://infosecwriteups.com/how-to-make-a-clickjacking-vulnerability-scanner-with-python-a53f48e70b58?source=rss------bug_bounty-5 | Muhammad Abdullahi | python, cybersecurity, bug-bounty, hacking, python-programming | 07-Dec-2024 |
Beyond signUP OR resetPassword || Send , Confirm AND Setting ! | https://medium.com/@0xAwali/beyond-signup-or-resetpassword-send-confirm-and-setting-d153f3ab6e17?source=rss------bug_bounty-5 | Mahmoud M. Awali | web-security, bug-bounty | 07-Dec-2024 |
5 Ways I Got RCE’s In the Wild | https://medium.com/@red.whisperer/5-ways-i-got-rces-99a78901ba33?source=rss------bug_bounty-5 | Chux | cybersecurity, hacking, bug-bounty, technology, programming | 07-Dec-2024 |
Code Flaws and Consequences: The Bug That Exposed PII | https://medium.com/@CANITEY/code-flaws-and-consequences-the-bug-that-exposed-pii-3de5251e1484?source=rss------bug_bounty-5 | CANITEY | penetration-testing, bugbounty-writeup, pentesting, cybersecurity, bug-bounty | 07-Dec-2024 |
When One Isn’t Enough: Multiple SQL Injections Found in 1 VDP | https://osintteam.blog/when-one-isnt-enough-multiple-sql-injections-found-in-1-vdp-f45de0b4c674?source=rss------bug_bounty-5 | #$ubh@nk@r | hackerone, infosec, sql-injection, bug-bounty, web-security | 07-Dec-2024 |
Ransomware Breach Exposes 310K Patient Records at Anna Jaques Hospital | https://medium.com/@wiretor/ransomware-breach-exposes-310k-patient-records-at-anna-jaques-hospital-8548c120ad63?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ransomware, hacking, bug-bounty, business, malware | 07-Dec-2024 |
Ultralytics AI Supply Chain Breach: Cryptominer Infects Thousands! | https://medium.com/@wiretor/ultralytics-ai-supply-chain-breach-cryptominer-infects-thousands-5a0d82d1c32e?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | machine-learning, hacking, bug-bounty, malware, ai | 07-Dec-2024 |
New Windows Zero-Day Alert: NTLM Credentials at Risk! | https://medium.com/@wiretor/new-windows-zero-day-alert-ntlm-credentials-at-risk-ad6256807d0c?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, malware, bug-bounty-tips, windows, hacking | 07-Dec-2024 |
Police Shut Down Manson Cybercrime Market & Arrest Key Suspects! | https://medium.com/@wiretor/police-shut-down-manson-cybercrime-market-arrest-key-suspects-29bdcbaae6cf?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | business, bus, bug-bounty, malware, manson | 07-Dec-2024 |
11 Must-Read Blogs to Understand IDOR | https://saminbinh.medium.com/11-best-blogs-to-learn-idor-7769511d5e05?source=rss------bug_bounty-5 | SAMIN BIN HUMAYUN | information-technology, cybersecurity, bug-bounty, idor, idor-vulnerability | 07-Dec-2024 |
How I discovered my first CVE | https://medium.com/@zumiyumi/how-i-discovered-my-first-cve-7b1e2987326c?source=rss------bug_bounty-5 | Zumi Yumi | bug-bounty, xss-attack, cve, code-review, cybersecurity | 07-Dec-2024 |
Hackers Aren’t Built by Tools — They Build the Tools | https://shuvonsec.medium.com/hackers-arent-built-by-tools-they-build-the-tools-6581f38dbb34?source=rss------bug_bounty-5 | Shariar Shahnawaz Shuvon | hacking, bug-bounty, information-security, cybersecurity, bug-bounty-tips | 07-Dec-2024 |
Why Are You Not Identifying Bugs in Website 2025 | https://osintteam.blog/why-are-you-not-identifying-bugs-in-website-2025-8ff218815b7d?source=rss------bug_bounty-5 | Tahir Ayoub | hacking, cyber-security-awareness, bug-bounty-tips, bug-bounty, hackathons | 06-Dec-2024 |
How I Found 3x XSS in 6 Seconds! Without Automated Tools | https://medium.com/@embossdotar/how-i-found-3x-xss-in-6-seconds-without-automated-tools-b0c852dea66f?source=rss------bug_bounty-5 | embossdotar | cybersecurity-awareness, hacking, bug-bounty, cybersecurity, ethical-hacking | 06-Dec-2024 |
10 RXSS on HackerOne VDPs | https://medium.com/infosecmatrix/10-rxss-on-hackerone-vdps-5162d3ee42af?source=rss------bug_bounty-5 | AbhirupKonwar | infosec, cybersecurity, xss-attack, bug-bounty, pentesting | 06-Dec-2024 |
From Newbie to Pro: My Journey to a $3,000 Bug Bounty | https://myselfakash20.medium.com/from-newbie-to-pro-my-journey-to-a-3-000-bug-bounty-61abe935e3db?source=rss------bug_bounty-5 | Akash Ghosh | technology, bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips | 06-Dec-2024 |
The Art of Pwning Okta For Profit and Fun | https://whoisshuvam.medium.com/the-art-of-pwning-okta-for-profit-and-fun-075dedbc4715?source=rss------bug_bounty-5 | Suvam Adhikari | bug-bounty-tips, cybersecurity, info-sec-writeups, bug-bounty, hackerone | 06-Dec-2024 |
“The Hidden GPS Threat: Unstripped Metadata on Redacted.com led 5K Rubel in bounties” ️♂️ | https://infosecwriteups.com/the-hidden-gps-threat-unstripped-metadata-on-redacted-com-led-5k-rubel-in-bounties-%EF%B8%8F-%EF%B8%8F-fd044d2031b6?source=rss------bug_bounty-5 | JEETPAL | bug-bounty, bug-bounty-writeup, exif-data, cybersecurity, bugbounty-tips | 06-Dec-2024 |
10 Essential Tips for Bug Bounty Beginners: A Fun, Practical, and Slightly Cheeky Guide to Kicking… | https://medium.com/@mrasg/10-essential-tips-for-bug-bounty-beginners-a-fun-practical-and-slightly-cheeky-guide-to-kicking-c7da8a9b1b31?source=rss------bug_bounty-5 | Ahmed Samir Ghallab | hacking, cybersecurity, penetration-testing, bug-bounty, bug-bounty-tips | 06-Dec-2024 |
Atrium Health Data Breach Impacts 585,000 People: Why Healthcare Cybersecurity Needs Immediate… | https://medium.com/@wiretor/atrium-health-data-breach-impacts-585-000-people-why-healthcare-cybersecurity-needs-immediate-38a479e96e39?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, bug-bounty, marketing, business, malware | 06-Dec-2024 |
️ BREAKING: U.S. Arrests Scattered Spider Suspect Behind Telecom Hacks & Phishing Scams ️ | https://medium.com/@wiretor/%EF%B8%8F-breaking-u-s-arrests-scattered-spider-suspect-behind-telecom-hacks-phishing-scams-%EF%B8%8F-cd44ea215b09?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, business, ransomware, malware, hacking | 06-Dec-2024 |
Now let’s set Frida For SSL Pinning Bypass. | https://aman0.medium.com/now-lets-set-frida-for-ssl-pinning-bypass-9ee8ae11b7b5?source=rss------bug_bounty-5 | Aman H | penetration-testing, bug-bounty, mobile-app-development, infosec, hacking | 06-Dec-2024 |
List of Top Bug Bounty Platforms for 2024 | https://medium.com/@hackrate/list-of-top-bug-bounty-platforms-for-2024-fc31553c2e78?source=rss------bug_bounty-5 | Levente Molnar | penetration-testing, cybersecurity, vulnerability, bug-bounty, ethical-hacking | 06-Dec-2024 |
Path Traversal Vulnerabilities in Web Applications: Understanding CVE-2024–9935 and How to Protect… | https://chintalatarakaram.medium.com/path-traversal-vulnerabilities-in-web-applications-understanding-cve-2024-9935-and-how-to-protect-40de3cca8ac8?source=rss------bug_bounty-5 | Chintala Taraka Ram | vulnerability, bug-bounty, python, education, web-development | 06-Dec-2024 |
How I Found 3x XSS in 6 Seconds! Without Automated Tools | https://medium.com/meetcyber/how-i-found-3x-xss-in-6-seconds-without-automated-tools-b0c852dea66f?source=rss------bug_bounty-5 | embossdotar | cybersecurity-awareness, hacking, bug-bounty, cybersecurity, ethical-hacking | 06-Dec-2024 |
A01: Broken Access Control and A05: Security Misconfiguration Leads to Unauthenticated Access to… | https://medium.com/@enigma_/a01-broken-access-control-and-a05-security-misconfiguration-leads-to-unauthenticated-access-to-0897e3bec491?source=rss------bug_bounty-5 | enigma | cybersecurity, bug-bounty, vulnerability, penetration-testing, ethical-hacking | 06-Dec-2024 |
How I Turned a Low-Hanging Fruit Bug Into Mass Unauthorized Deletion of Invited Members | https://medium.com/@ahmedsamirghallab/how-i-turned-a-low-hanging-fruit-bug-into-mass-unauthorized-deletion-of-invited-members-6f195deffe11?source=rss------bug_bounty-5 | Ahmed Samir Ghallab | bug-bounty, bug-bounty-tips, bug-bounty-writeup, hacking, penetration-testing | 05-Dec-2024 |
How To Find Sensitive Log Files Easily.. | https://medium.com/@josuofficial327/how-to-find-sensitive-log-files-easily-1dd14bb5f221?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | ethical-hacking, vulnerability, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 05-Dec-2024 |
Mission: Exploit – Advanced Bug Bounty Techniques Inspired by James Bond | https://bitpanic.medium.com/mission-exploit-advanced-bug-bounty-techniques-inspired-by-james-bond-a891ee3d0ef9?source=rss------bug_bounty-5 | Spectat0rguy | bug-bounty-tips, bug-bounty, cybersecurity, programming, technology | 05-Dec-2024 |
How I Achieved a Full Account Takeover Through Information Disclosure | https://medium.com/@ahmedsamirghallab/how-i-achieved-a-full-account-takeover-through-information-disclosure-16c6f697b76e?source=rss------bug_bounty-5 | Ahmed Samir Ghallab | bug-bounty-tips, penetration-testing, bug-bounty-writeup, bug-bounty, cybersecurity | 05-Dec-2024 |
How Note-Taking and Hacktivity Analysis Led to Privilege Escalation | https://medium.com/@ahmedsamirghallab/how-note-taking-and-hacktivity-analysis-led-to-privilege-escalation-627aaf3bbd84?source=rss------bug_bounty-5 | Ahmed Samir Ghallab | pentesting, bug-bounty-tips, bug-bounty-writeup, security, bug-bounty | 05-Dec-2024 |
Unveiling the Unseen: A Journey from Simple Recon Using Shodan to Leaking AWS Secrets | https://medium.com/@security.tecno/unveiling-the-unseen-a-journey-from-simple-recon-using-shodan-to-leaking-aws-secrets-bc7bed1ad16f?source=rss------bug_bounty-5 | TECNO Security | hacking, security, writing, bug-bounty | 05-Dec-2024 |
How Note-Taking and Hacktivity Analysis Led to Privilege Escalation | https://medium.com/@mrasg/how-note-taking-and-hacktivity-analysis-led-to-privilege-escalation-627aaf3bbd84?source=rss------bug_bounty-5 | Ahmed Samir Ghallab | pentesting, bug-bounty-tips, bug-bounty-writeup, security, bug-bounty | 05-Dec-2024 |
How I Achieved a Full Account Takeover Through Information Disclosure | https://medium.com/@mrasg/how-i-achieved-a-full-account-takeover-through-information-disclosure-16c6f697b76e?source=rss------bug_bounty-5 | Ahmed Samir Ghallab | bug-bounty-tips, penetration-testing, bug-bounty-writeup, bug-bounty, cybersecurity | 05-Dec-2024 |
How I Turned a Low-Hanging Fruit Bug Into Mass Unauthorized Deletion of Invited Members | https://medium.com/@mrasg/how-i-turned-a-low-hanging-fruit-bug-into-mass-unauthorized-deletion-of-invited-members-6f195deffe11?source=rss------bug_bounty-5 | Ahmed Samir Ghallab | bug-bounty, bug-bounty-tips, bug-bounty-writeup, hacking, penetration-testing | 05-Dec-2024 |
How Two Hardcoded Credentials Led To Payment System Takeover, Exposed 20,000 Credit Cards & Enabled… | https://medium.com/@Berserker1337/how-two-hardcoded-credentials-led-to-payment-system-takeover-exposed-20-000-credit-cards-enabled-04b0ac232786?source=rss------bug_bounty-5 | Berserker | bug-hunting, bug-bounty, writeup, cybersecurity, web-security | 05-Dec-2024 |
Fix “Failed to load BApp” Burp Suite Extensions! | https://medium.com/@d3vilz50n/fix-failed-to-load-bapp-burp-suite-extensions-923efa10659d?source=rss------bug_bounty-5 | d3vilz50n | hacking-tools, hacking, fix, bug-bounty, burpsuite | 05-Dec-2024 |
How I Earned My First Bug Bounty: A Beginner’s Story | https://medium.com/@kingstar75114/how-i-earned-my-first-bug-bounty-a-beginners-story-58e8a3023cc6?source=rss------bug_bounty-5 | TehanG07 | bugs, bug-hunting, bug-bounty-tips, bug-bounty, bug-hunter | 05-Dec-2024 |
Correct Innerstanding + Overstanding | https://medium.com/@onelovemafia/correct-innerstanding-overstanding-8d3cfd9baa7d?source=rss------bug_bounty-5 | OneLoveMafia | deep-learning, mysticism, bug-bounty, game-development, zen | 05-Dec-2024 |
Earn $10,000 XSS in Android Apps Scratch to Advance. | https://medium.com/@anandrishav2228/earn-10-000-xss-in-android-apps-scratch-to-advance-cb3aa6c2b98f?source=rss------bug_bounty-5 | Rishav anand | hacking, bug-bounty, cybersecurity, xss-attack, money | 05-Dec-2024 |
AZEx Testnet Campaign is LIVE | https://medium.com/@AZEX.io/azex-testnet-campaign-is-live-ac553c18af8a?source=rss------bug_bounty-5 | AZEX | berachain, bug-bounty, testnet, dois, azex | 05-Dec-2024 |
How I Exploited Passkey to Gain Unauthorized Access and TakeOver Invited Accounts | https://medium.com/@mrasg/how-i-exploited-passkey-to-gain-unauthorized-access-and-takeover-invited-accounts-b8b4547ffe70?source=rss------bug_bounty-5 | Ahmed Samir Ghallab | penetration-testing, pentesting, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 05-Dec-2024 |
How I Broke Into My Dev Friend’s Website in Less Than 24 Hour | https://infosecwriteups.com/how-i-broke-into-my-dev-friends-website-in-less-than-24-hour-6fdb31ad65a1?source=rss------bug_bounty-5 | sM0ky4 | hacking, bug-bounty, cyberattack, cybersecurity, bug-bounty-writeup | 05-Dec-2024 |
The Story of How I Hacked an International University in Indonesia | https://infosecwriteups.com/the-story-of-how-i-hacked-an-international-university-in-indonesia-ec819a8c8fc0?source=rss------bug_bounty-5 | JC | bug-bounty-tips, infosec, cybersecurity, bug-bounty-writeup, bug-bounty | 05-Dec-2024 |
Penetration Testing on Steroids: Revolutionizing Ethical Hacking with Hackrate and HackGATE | https://medium.com/@hackrate/penetration-testing-on-steroids-revolutionizing-ethical-hacking-with-hackrate-and-hackgate-7edaf7244075?source=rss------bug_bounty-5 | Levente Molnar | cybersecurity, penetration-testing, ethical-hacking, cybersecurity-news, bug-bounty | 05-Dec-2024 |
Practical Bug Bounty — TCM Academy | Report writing, Bypass, Best Programs. | https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-report-writing-bypass-best-programs-710516804f53?source=rss------bug_bounty-5 | Mohammad Awab Hassan Nizami | penetration-testing, cybersecurity, ethical-hacking, web-penetration-testing, bug-bounty | 05-Dec-2024 |
Chinese Hackers Salt Typhoon Breach Global Telecom Networks | https://medium.com/@wiretor/chinese-hackers-salt-typhoon-breach-global-telecom-networks-00b40e0ce07e?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | telecom, bug-bounty, business, hacking, networking | 05-Dec-2024 |
New DroidBot Malware Targets 77 Banking & Crypto Apps! | https://medium.com/@wiretor/new-droidbot-malware-targets-77-banking-crypto-apps-1b5105a66625?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bots, hacking, bug-bounty, business, malware | 05-Dec-2024 |
UK Cracks Down on Russian Money Laundering Networks | https://medium.com/@wiretor/uk-cracks-down-on-russian-money-laundering-networks-4dfae89f9000?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, uk, business, malware, bug-bounty | 05-Dec-2024 |
⚠️ Critical Zero-Day Uncovered: Mitel MiCollab Wide Open to Attackers! ⚠️ | https://medium.com/@wiretor/%EF%B8%8F-critical-zero-day-uncovered-mitel-micollab-wide-open-to-attackers-%EF%B8%8F-cdc36da3552e?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, bug-bounty, zero-day, business, programming | 05-Dec-2024 |
Bug Hunting | https://medium.com/meetcyber/bug-hunting-ff366260d8df?source=rss------bug_bounty-5 | Nazrul Islam Rana | bug-hunting, platform, hacker, xx, bug-bounty | 05-Dec-2024 |
From Frustration to Exploitation: How a Link Shortener Helped Me Bypass WAF | https://imooaaz.medium.com/from-frustration-to-exploitation-how-a-link-shortener-helped-me-bypass-waf-03724dca1592?source=rss------bug_bounty-5 | Moaaz Afifi | bug-bounty, bugs, bug-bounty-tips, bug-bounty-writeup, cybersecurity | 05-Dec-2024 |
How I Climbed to #1 Hacker | https://medium.com/@CipherHawk/how-i-climbed-to-1-hacker-ffb52e2799c3?source=rss------bug_bounty-5 | CipherHawk | networking, bug-bounty-tips, cybersecurity, hacking, bug-bounty | 04-Dec-2024 |
Modern Security Vulnerabilities: Lessons from Recent Breaches | https://medium.com/@SakshifromKushoAI/modern-security-vulnerabilities-lessons-from-recent-breaches-b925a6928bbf?source=rss------bug_bounty-5 | Sakshi from KushoAI | secure-coding, cybersecurity, bug-bounty, app-security, data-breach | 04-Dec-2024 |
Path Traversal, bypass file extension validation with null bytes | https://medium.com/@sulthanyluthfi/path-traversal-bypass-file-extension-validation-with-null-bytes-0cedc4fb53f5?source=rss------bug_bounty-5 | Luthfi Sulthany | cybersecurity, bug-bounty, burpsuite, penetration-testing, path-traversal | 04-Dec-2024 |
Firebase URL Exploitation: Taking Over Android Databases Like a Pro! | https://infosecwriteups.com/firebase-url-exploitation-taking-over-android-databases-like-a-pro-79a00844496d?source=rss------bug_bounty-5 | JEETPAL | bug-bounty, android, cybersecurirty, bug-bounty-tips, bugbountywriteup | 04-Dec-2024 |
How to Bypass Firewalls and IDS on Filtered Ports: The Ultimate Step-by-Step Guide to Advanced… | https://medium.com/@shaikhminhaz1975/how-to-bypass-firewalls-and-ids-on-filtered-ports-the-ultimate-step-by-step-guide-to-advanced-9cb238d66450?source=rss------bug_bounty-5 | Shaikh Minhaz | firewall, step-by-step-guide, cybersecurity, bug-bounty, penetration-testing | 04-Dec-2024 |
Critical RCE Vulnerability in Veeam Service Provider Console — Update Now! ️ | https://medium.com/@wiretor/critical-rce-vulnerability-in-veeam-service-provider-console-update-now-%EF%B8%8F-1e147e98458b?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, bug-bounty, hacking, rce, business | 04-Dec-2024 |
Critical RCE Flaw Discovered in WhatsUp Gold (CVE-2024–8785) — Update Immediately! ️ | https://medium.com/@wiretor/critical-rce-flaw-discovered-in-whatsup-gold-cve-2024-8785-update-immediately-%EF%B8%8F-8b6e69c183ab?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | business, bug-bounty, ransomware, malware, rce | 04-Dec-2024 |
Backdoor Discovered in Solana’s Web3.js npm Library: Crypto Wallets at Risk | https://medium.com/@wiretor/backdoor-discovered-in-solanas-web3-js-npm-library-crypto-wallets-at-risk-605bcb02a292?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ransomware, solana-network, business, malware, bug-bounty | 04-Dec-2024 |
CORS Implementation & Various Headers, CORS series (Part 2) | https://medium.com/@vipulparveenjain/cors-implementation-various-headers-cors-series-part-2-895a04ef481d?source=rss------bug_bounty-5 | Vipul Jain | bug-bounty, cors-vulnerability, cross-origin-resource, web-security, hacking | 04-Dec-2024 |
Bug Bounty Methodology Checklist for Web Applications (B2B Apps) | https://thexssrat.medium.com/bug-bounty-methodology-checklist-for-web-applications-b2b-apps-b876a20236d0?source=rss------bug_bounty-5 | Thexssrat | bug-bounty-tips, hacker, bug-bounty, hacks, hacking | 04-Dec-2024 |
My Experience at the 2024 FIRST & AfricaCERT Symposium: A CyberGirl’s Perspective- Part Final | https://medium.com/@.rai/my-experience-at-the-2024-first-africacert-symposium-a-cybergirls-perspective-part-final-b190349785b4?source=rss------bug_bounty-5 | Gamuchirai | forensics, osint, bug-bounty, open-source, digital-marketing | 04-Dec-2024 |
SQL injection UNION attack, finding a column containing text | https://medium.com/@Laxious8848/sql-injection-union-attack-finding-a-column-containing-text-10a0e36cc062?source=rss------bug_bounty-5 | Laxious | sql-injection, web-penetration-testing, union-based-sql-injection, bug-bounty, web-pen-testing | 04-Dec-2024 |
Why Penetration Testing as a Service (PTaaS) Outperforms Traditional Pentest Providers | https://medium.com/@hackrate/why-penetration-testing-as-a-service-ptaas-outperforms-traditional-pentest-providers-7b1e6b0a6d0a?source=rss------bug_bounty-5 | Levente Molnar | cybersecurity, ethical-hacking, bug-bounty, penetration-testing | 03-Dec-2024 |
Bug Bounty Tips Series: 10 Ways To Find HTTP Host Header Injection Vulnerability | https://medium.com/@alishoaib5929/bug-bounty-tips-series-10-ways-to-find-http-host-header-injection-vulnerability-1ad56c9dddd2?source=rss------bug_bounty-5 | Shoaib Ali | web-hacking, bug-bounty, bug-bounty-writeup, bug-bounty-tips, web-security | 03-Dec-2024 |
The Art of Blind Command Injection: Unlocking Internal Secrets | https://medium.com/@yogeshbhandage/the-art-of-blind-command-injection-unlocking-internal-secrets-917daa755463?source=rss------bug_bounty-5 | Yogesh Bhandage | bug-bounty, bug-bounty-tips, hacking, penetration-testing, command-injection | 03-Dec-2024 |
20 Bug Bounty CrowdSourced Platforms | https://systemweakness.com/20-bug-bounty-crowdsourced-platforms-a4c486c85671?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty-tips, pentesting, infosec, ethical-hacking, bug-bounty | 03-Dec-2024 |
Practical Bug Bounty — TCM Academy | Other Common Vulnerabilities | https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-other-common-vulnerabilities-433dc6b1b3bc?source=rss------bug_bounty-5 | Mohammad Awab Hassan Nizami | penetration-testing, ethical-hacking, bug-bounty, cybersecurity, tcm-academy | 03-Dec-2024 |
Story Of 15 Vulnerabilities in one public BBP ! | https://medium.com/@Ahmex000/story-of-15-vulnerabilities-in-one-buplic-bbp-561e68213991?source=rss------bug_bounty-5 | Ahmex000 | bug-bounty-hunter, bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips | 03-Dec-2024 |
Critical Bug: Deny Sign-In & Steal Sensitive Info on Behalf of Victims | https://infosecwriteups.com/critical-bug-deny-sign-in-steal-sensitive-info-on-behalf-of-victims-cad4ced9227d?source=rss------bug_bounty-5 | JEETPAL | cybersecurity, bugbounty-tips, auth-bypass, bug-bounty, bug-bounty-writeup | 03-Dec-2024 |
Ensuring Comprehensive Ethical Hacking with Penetration Testing as a Service | https://medium.com/@hackrate/ensuring-comprehensive-ethical-hacking-with-penetration-testing-as-a-service-9b67734f46cd?source=rss------bug_bounty-5 | Levente Molnar | ethical-hacking, penetration-testing, bug-bounty, cybersecurity | 03-Dec-2024 |
Tricky & Simple EXIF protection Bypass | https://saurabhsanmane.medium.com/tricky-simple-exif-protection-bypass-5d0babd908f3?source=rss------bug_bounty-5 | Saurabh sanmane | bug-bounty, information-disclosure, vulnerability, ethical-hacking, cybersecurity | 03-Dec-2024 |
Exploring Lightning Bounties: The Intersection of Open-Source and Bitcoin | https://medium.com/@mabramo11/exploring-lightning-bounties-the-intersection-of-open-source-and-bitcoin-8555c6403310?source=rss------bug_bounty-5 | Mike Abramo | bug-bounty, lightning-bounties, open-source, bitcoin, lightning-network | 03-Dec-2024 |
Cisco Warns of Attacks Exploiting Decade-Old ASA Vulnerability | https://medium.com/@wiretor/cisco-warns-of-attacks-exploiting-decade-old-asa-vulnerability-11462bd60f7b?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | programming, business, hacking, bug-bounty, cisco | 03-Dec-2024 |
Energy Sector Contractor ENGlobal Targeted in Ransomware Attack | https://medium.com/@wiretor/energy-sector-contractor-englobal-targeted-in-ransomware-attack-a56112b119d3?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, energy, business, bug-bounty, malware | 03-Dec-2024 |
Docker/Kubernetes (K8s)Penetration Testing Checklist | https://infosecwriteups.com/docker-kubernetes-k8s-penetration-testing-checklist-4d0a13c38495?source=rss------bug_bounty-5 | Ajay Naik | penetration-testing, bug-bounty, docker, kubernetes, cybersecurity | 03-Dec-2024 |
How to Create an Android Payload in Just 1 Minute | Ethical Hacking | https://bjamali.medium.com/how-to-create-an-android-payload-in-just-1-minute-ethical-hacking-bc109b368909?source=rss------bug_bounty-5 | Babar Ali Jamali | penetration-testing, ethical-hacking, android, bug-bounty, cybersecurity | 03-Dec-2024 |
Crack the Code: Earn Up to $500K in InceptionLRT’s Bug Bounty Program | https://medium.com/@InceptionLRT/crack-the-code-earn-up-to-500k-in-inceptionlrts-bug-bounty-program-3b5d2feb6ed6?source=rss------bug_bounty-5 | InceptionLRT | crypto, restaking, bug-bounty, defi, ethereum | 03-Dec-2024 |
What is Cybersecurity | https://twanstcodes.medium.com/what-is-cybersecurity-52e71fe7dfa2?source=rss------bug_bounty-5 | Twana Muhammed | it, programming, cybersecurity, bug-bounty | 03-Dec-2024 |
Mastering Bug Bounty Hunting with White Rabbit Neo AI | https://medium.com/@curiouskhanna/mastering-bug-bounty-hunting-with-white-rabbit-neo-ai-452a3bc3adce?source=rss------bug_bounty-5 | Shubham Khanna | hackerone, bug-bounty, ai, security-researchers | 03-Dec-2024 |
Python — Program Security Headers | https://medium.com/@ibnu.rusdianto55/python-program-security-headers-966786261d5f?source=rss------bug_bounty-5 | Ibnu Rusdianto | python, bug-bounty, security-header, indonesia, keamanan-siber | 03-Dec-2024 |
How I got access to Credentials easily | https://medium.com/infosecmatrix/how-i-got-access-to-credentials-easily-00ced4ba15bd?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty, cybersecurity, ethical-hacking, google-dork, pentest | 02-Dec-2024 |
How to Master Advanced Threat Hunting | https://medium.com/@paritoshblogs/how-to-master-advanced-threat-hunting-bcfb9d1e159c?source=rss------bug_bounty-5 | Paritosh | cybersecurity, threat-hunting, hacking, ai, bug-bounty | 02-Dec-2024 |
CTFLearn Series| Challenge 96 : Forensics 101 — Walkthrough | https://medium.com/@rishikeshkhot26/ctflearn-series-challenge-96-forensics-101-walkthrough-13100d9f45fb?source=rss------bug_bounty-5 | Rishikesh_Khot | hacking, forensics, bug-bounty, capture-the-flag, cybersecurity | 02-Dec-2024 |
Some Easiest P4 Bugs | https://icecream23.medium.com/some-easiest-p4-bugs-561cd710a7e1?source=rss------bug_bounty-5 | Aman Bhuiyan | ethical-hacking, bugbounty-tips, bug-bounty, p4-bugs, bug-hunter | 02-Dec-2024 |
All UPI IDs in India have Predictable Patterns that allow the disclosure of mail IDs! | https://infosecwriteups.com/all-upi-ids-in-india-have-predictable-patterns-that-allow-the-disclosure-of-mail-ids-eede37a35758?source=rss------bug_bounty-5 | JEETPAL | upi, cybersecurity, bugbounty-tips, bug-bounty, bug-bounty-writeup | 02-Dec-2024 |
Command Injection: Mastering Exploitation Techniques with a Comprehensive Cheatsheet | https://medium.com/@verylazytech/command-injection-mastering-exploitation-techniques-with-a-comprehensive-cheatsheet-6f549fee46b8?source=rss------bug_bounty-5 | Very Lazy Tech | ethical-hacking, command-injection, cybersecurity, bug-bounty, oscp | 02-Dec-2024 |
$3 Billion Crypto Exchange XT Allegedly Hacked | https://medium.com/@wiretor/3-billion-crypto-exchange-xt-allegedly-hacked-c560c9572168?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | crypto, xt, malware, bug-bounty, ransomeware | 02-Dec-2024 |
Hackers Steal $17 Million from Uganda’s Central Bank | https://medium.com/@wiretor/hackers-steal-17-million-from-ugandas-central-bank-533dcbabbeff?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacked, ransomeware, bug-bounty, bank-hacked, malware | 02-Dec-2024 |
Small Bugs, Big Bounties: A Hacker’s Guide to Quick Wins | https://myselfakash20.medium.com/small-bugs-big-bounties-a-hackers-guide-to-quick-wins-46a75dbc3573?source=rss------bug_bounty-5 | Akash Ghosh | programming, technology, bug-bounty, bug-bounty-tips, cybersecurity | 02-Dec-2024 |
Critical Vulnerability Discovered in Zabbix Network Monitoring Tool | https://medium.com/@wiretor/critical-vulnerability-discovered-in-zabbix-network-monitoring-tool-df358293a1a9?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ransomeware, malware, bug-bounty, zabbix, hacking | 02-Dec-2024 |
From File Upload To LFI: A Journey To Exploitation | https://medium.com/@red.whisperer/from-file-upload-to-lfi-a-journey-to-exploitation-02ab5e1a7d0a?source=rss------bug_bounty-5 | Chux | bug-bounty, cybersecurity, hacking, ethical-hacking, infosec | 02-Dec-2024 |
Small Bugs, Big Bounties: A Hacker’s Guide to Quick Wins | https://infosecwriteups.com/small-bugs-big-bounties-a-hackers-guide-to-quick-wins-46a75dbc3573?source=rss------bug_bounty-5 | Akash Ghosh | programming, hacking, technology, bug-bounty, cybersecurity | 02-Dec-2024 |
Unpacking an IDOR-Based Exploit in International Shipping (70 Million+ PII Data Breach) | https://medium.com/@susapr/unpacking-an-idor-based-exploit-in-international-shipping-70-million-pii-data-breach-8c29cf33347d?source=rss------bug_bounty-5 | susapr | bug-bounty-writeup, cybersecurity, data-breach, information-technology, bug-bounty | 02-Dec-2024 |
How I got my first Hall of Fame - Bug Bounty | https://medium.com/@pranavrp77/how-i-got-my-first-hall-of-fame-bug-bounty-d296637e37dd?source=rss------bug_bounty-5 | Pranav Patil | bug-bounty, hacking, bug-bounty-writeup, bug-bounty-tips, cybersecurity | 02-Dec-2024 |
Command Injection: Mastering Exploitation Techniques with a Comprehensive Cheatsheet | https://systemweakness.com/command-injection-mastering-exploitation-techniques-with-a-comprehensive-cheatsheet-6f549fee46b8?source=rss------bug_bounty-5 | Very Lazy Tech | ethical-hacking, command-injection, cybersecurity, bug-bounty, oscp | 02-Dec-2024 |
Understanding the Scope: Navigating Website Pentesting and Bug Bounty Targets | https://medium.com/@zero_4583/understanding-the-scope-navigating-website-pentesting-and-bug-bounty-targets-a6ab701df932?source=rss------bug_bounty-5 | Nathan Vincent | appsec, bug-bounty, pentesting, scopes | 01-Dec-2024 |
Critical Account Takeover (MFA + Auth Bypass) due to Cookie Misconfiguration | https://medium.com/@sharp488/critical-account-takeover-mfa-auth-bypass-due-to-cookie-misconfiguration-3ca7d1672f9d?source=rss------bug_bounty-5 | Sharat Kaikolamthuruthil | bug-bounty, hackerone, information-security, bug-bounty-writeup, bug-bounty-tips | 01-Dec-2024 |
Week 4: A Drive to Recharge and Reconnect | https://mokhansec.medium.com/week-4-a-drive-to-recharge-and-reconnect-4d0f8b7258d0?source=rss------bug_bounty-5 | Mohsin khan | bug-bounty-writeup, bug-bounty-tips, bugs, cybersecurity, bug-bounty | 01-Dec-2024 |
From Minor Bug to Major DoS: My Journey with Web Cache Poisoning | https://crunkcode.medium.com/from-minor-bug-to-major-dos-my-journey-with-web-cache-poisoning-4b721e5358f4?source=rss------bug_bounty-5 | Ayushkr | web-exploitation, web-cache-poisoning, bug-bounty, pentesting | 01-Dec-2024 |
Exploiting Facebook Ads: $2100 Bug Bounty for Role Management DoS | https://infosecwriteups.com/exploiting-facebook-ads-2100-bug-bounty-for-role-management-dos-afe09c1ecbb0?source=rss------bug_bounty-5 | Kiril Krivoguz | facebook, cybersecurity, hacking, information-security, bug-bounty | 01-Dec-2024 |
Smart Contract Funds Lost Due to Missing Address Validation: $80M in Danger! | https://medium.com/@jeetpal2007/smart-contract-funds-lost-due-to-missing-address-validation-80m-in-danger-a4ec7d823a3f?source=rss------bug_bounty-5 | JEETPAL | smartcontract-audit, cybsersecurity, zeroaddress, web3, bug-bounty | 01-Dec-2024 |
How I Discovered an API Security Issue: My First Bug Bounty Blog | https://hackersatty.medium.com/how-i-discovered-an-api-security-issue-my-first-bug-bounty-blog-7deec48453ff?source=rss------bug_bounty-5 | hackersatty | bug-bounty, hackersatty, bug-bounty-writeup, swagger-ui, api-security | 01-Dec-2024 |
Hack IOT devices to earn $100–$200 in an hour. | https://medium.com/@anandrishav2228/hack-iot-devices-to-earn-100-200-in-an-hour-f211a54e87f3?source=rss------bug_bounty-5 | Rishav anand | cybersecurity, penetration-testing, money, bug-bounty, iot | 01-Dec-2024 |
Ketika Validasi MIME Type Tak Cukup: Perbaikan Aman untuk Upload File | https://medium.com/@ferizco/ketika-validasi-mime-type-tak-cukup-perbaikan-aman-untuk-upload-file-4df4ac6ec0ff?source=rss------bug_bounty-5 | Ferizco | bug-bounty, security, cybersecurity, web-development, php | 01-Dec-2024 |
Firmware Penetration Testing Checklist | https://infosecwriteups.com/firmware-penetration-testing-checklist-9d5e70388371?source=rss------bug_bounty-5 | Ajay Naik | penetration-testing, security, information-technology, bug-bounty, cybersecurity | 01-Dec-2024 |
Basics of SQL Injection | https://medium.com/@mayank_prajapati/basics-of-sql-injection-88ab0e57588b?source=rss------bug_bounty-5 | Mayank Kumar Prajapati | penetration-testing, vulnerability, hacking, bug-bounty-tips, bug-bounty | 01-Dec-2024 |
Why I Failed This November: A Clown’s Reflection on Failure | https://jackhavoltrey.medium.com/why-i-failed-this-november-a-clowns-reflection-on-failure-3223fec4451e?source=rss------bug_bounty-5 | Jack Havoltrey | bug-bounty-tips, bug-bounty | 01-Dec-2024 |
Execution of a clickjacking attack on Gemini (Google’s AI-powered assistant) - which I recently… | https://systemweakness.com/execution-of-a-clickjacking-attack-on-gemini-googles-ai-powered-assistant-which-i-recently-45e60a98316a?source=rss------bug_bounty-5 | NIKHIL KUMAR GANDLA | penetration-testing, cybersecurity, bug-bounty, application-security, information-security | 01-Dec-2024 |
From Minor Bug to Major DoS: My Journey with Web Cache Poisoning | https://ayushkr12.medium.com/from-minor-bug-to-major-dos-my-journey-with-web-cache-poisoning-4b721e5358f4?source=rss------bug_bounty-5 | Ayushkr | web-exploitation, web-cache-poisoning, bug-bounty, pentesting | 01-Dec-2024 |
Russia Arrests Cybercriminal Wazawaka Tied to Ransomware Gangs | https://medium.com/@wiretor/russia-arrests-cybercriminal-wazawaka-tied-to-ransomware-gangs-9354c557f1d5?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ransomware, hacking, wazawaka, malware, bug-bounty | 01-Dec-2024 |
SpyLoan Android Malware Installed Over 8 Million Times on Google Play! | https://medium.com/@wiretor/spyloan-android-malware-installed-over-8-million-times-on-google-play-d0331b3c762e?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, hacking, ransomeware, bug-bounty, spyloan | 01-Dec-2024 |
picoCTF Web Exploitation: Unminify | https://medium.com/@Kamal_S/picoctf-web-exploitation-unminify-6dd45341b7f5?source=rss------bug_bounty-5 | Kamal S | owasp, unminify, ctf, bug-bounty, picoctf | 01-Dec-2024 |
Exploring Alternatives to Cobalt: Why Hackrate Stands Out | https://medium.com/@hackrate/exploring-alternatives-to-cobalt-why-hackrate-stands-out-67473c1e74e6?source=rss------bug_bounty-5 | Levente Molnar | cybersecurity, bug-bounty, ethical-hacking, penetration-testing | 01-Dec-2024 |
Web Shell Upload via Extension Blacklist Bypass — File Upload Vulnerability | https://medium.com/@rcxsecurity/web-shell-upload-via-extension-blacklist-bypass-file-upload-vulnerability-f98ee877aff1?source=rss------bug_bounty-5 | Ryan G. Cox - The Cybersec Café | cybersecurity, hacking, information-security, bug-bounty, pentesting | 01-Dec-2024 |
The Ultimate Guide to Top Pentest-as-a-Service Providers in 2024 | https://medium.com/@hackrate/the-ultimate-guide-to-top-pentest-as-a-service-providers-in-2024-f03b0408b0a5?source=rss------bug_bounty-5 | Levente Molnar | ethical-hacking, cybersecurity, penetration-testing, bug-bounty, hacking | 01-Dec-2024 |
SQL injection UNION attack, determining the number of columns returned by the query | https://medium.com/@Laxious8848/sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-4792d89ad93f?source=rss------bug_bounty-5 | Laxious | sql-injection, web-pen-testing, web-penetration-testing, bug-bounty, union-based-sql-injection | 01-Dec-2024 |
Out of Scope, Out of Mind? The | https://medium.com/@talatumsolutions/out-of-scope-out-of-mind-the-0e5f558c43ba?source=rss------bug_bounty-5 | Talatum-solutions | talatum, hacking, cyber-security-solutions, pentesting, bug-bounty | 30-Nov-2024 |
Turn Cybersecurity Tricks Into Cash: Here’s How You Can Start Today | https://medium.com/@divyesh.jagad/turn-cybersecurity-tricks-into-cash-heres-how-you-can-start-today-9ccfff1ee0f4?source=rss------bug_bounty-5 | Divyesh Jagad | trending, bug-bounty, freelancing, infosec, remote-working | 30-Nov-2024 |
Privilege Escalation via Role Persistence Vulnerability | https://medium.com/@aalgohary950/privilege-escalation-via-role-persistence-vulnerability-0c22a002d6ff?source=rss------bug_bounty-5 | C1pher_1 | hacking, penetration-testing, bug-bounty, access-control, privilege-escalation | 30-Nov-2024 |
Discovery of Xss / Html Injection by analyzing target source code | https://medium.com/@gheeX/discovery-of-xss-html-injection-by-analyzing-target-source-code-0bc7a96c3ca4?source=rss------bug_bounty-5 | Ghee1337 | vulnerability, bug-bounty-writeup, bug-bounty-tips, xss-attack, bug-bounty | 30-Nov-2024 |
Delete Account Functionality Helped Me Earn $250 | https://vijetareigns.medium.com/delete-account-functionality-helped-me-earn-250-21baa23c4034?source=rss------bug_bounty-5 | the_unlucky_guy | bug-bounty-tips, bug-bounty, bug-bounty-writeup, application-security, cybersecurity | 30-Nov-2024 |
Marianas Web — The Danger Part of the Internet! | https://medium.com/@TahirAyoub/marianas-web-the-danger-part-of-the-internet-be69e3118e3d?source=rss------bug_bounty-5 | Tahir Ayoub | cybersecurity, darkweb, bug-bounty, deep-web, hacking | 30-Nov-2024 |
A massive security breach at Andrew Tate’s platform The Real World has exposed the personal… | https://medium.com/@wiretor/a-massive-security-breach-at-andrew-tates-platform-the-real-world-has-exposed-the-personal-576892ffca1c?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, hacking, malware, expose, andrew-tate | 30-Nov-2024 |
5 Side Hustles For Ethical Hackers | https://medium.com/@red.whisperer/5-side-hustles-for-ethical-hackers-8f3e0ca983ed?source=rss------bug_bounty-5 | Chux | ethical-hacking, cybersecurity, hacking, bug-bounty, side-hustle | 30-Nov-2024 |
The Ultimate Guide to Top Ethical Hacking Platforms in 2024 | https://medium.com/@hackrate/the-ultimate-guide-to-top-ethical-hacking-platforms-in-2024-adcfc808caea?source=rss------bug_bounty-5 | Hackrate | bug-bounty, cybersecurity, ethical-hacking, penetration-testing | 30-Nov-2024 |
⚠️ Microsoft Hacking Warning 450 Million Windows Users Must Now Act! ️ | https://medium.com/@wiretor/%EF%B8%8F-microsoft-hacking-warning-450-million-windows-users-must-now-act-%EF%B8%8F-a7be6255a338?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, windows, ransomeware, breached, bug-bounty | 30-Nov-2024 |
Russian Script Kiddie Builds Massive DDoS Botnet | https://medium.com/@wiretor/russian-script-kiddie-builds-massive-ddos-botnet-bac1b6c57e9f?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, bug-bounty, programming, hacking, russian | 30-Nov-2024 |
P4 bug’s and their POC steps | Part 8 | https://osintteam.blog/p4-bugs-and-their-poc-steps-part-8-910ee6ba5710?source=rss------bug_bounty-5 | socalledhacker | cybersecurity, infosec, bug-bounty, hacking, bug-bounty-tips | 30-Nov-2024 |
X(twitter) & my first real bug | https://medium.com/@elkhawaga1900/x-twitter-my-first-real-bug-7c7d26bef48f?source=rss------bug_bounty-5 | sponge2003 | bug-bounty, duplicate | 30-Nov-2024 |
The Ultimate Guide to Top Ethical Hacking Platforms in 2024 | https://medium.com/@hackrate/the-ultimate-guide-to-top-ethical-hacking-platforms-in-2024-adcfc808caea?source=rss------bug_bounty-5 | Levente Molnar | bug-bounty, cybersecurity, ethical-hacking, penetration-testing | 30-Nov-2024 |
The Ultimate Guide to Top Bug Bounty Platforms in 2024 | https://medium.com/@hackrate/the-ultimate-guide-to-top-bug-bounty-platforms-in-2024-08f53b117063?source=rss------bug_bounty-5 | Hackrate | ethical-hacking, cybersecurity, penetration-testing, bug-bounty | 29-Nov-2024 |
The Ultimate Guide to Top Bug Bounty Platforms in 2024: Why Hackrate Stands Out | https://medium.com/@hackrate/the-ultimate-guide-to-top-bug-bounty-platforms-in-2024-why-hackrate-stands-out-d402c86c407b?source=rss------bug_bounty-5 | Hackrate | penetration-testing, bug-bounty, ethical-hacking, cybersecurity | 29-Nov-2024 |
Exploring Alternatives to HackerOne: Why Hackrate Stands Out | https://medium.com/@hackrate/exploring-alternatives-to-hackerone-why-hackrate-stands-out-894092aec0aa?source=rss------bug_bounty-5 | Hackrate | ethical-hacking, penetration-testing, cybersecurity, bug-bounty, hacking | 29-Nov-2024 |
How To Become Up-To-Date Hacker? 8 Gold Points To Stay Informed During Lifetime-Hacking Story | https://osintteam.blog/how-to-become-up-to-date-hacker-8-gold-points-to-stay-informed-during-lifetime-hacking-story-2e95f33c5d6f?source=rss------bug_bounty-5 | NnFace | bug-bounty, cybersecurity, kali-linux, hacking, technology | 29-Nov-2024 |
Advanced Google Dorking | Part7 | https://systemweakness.com/advanced-google-dorking-part7-a8df43d00743?source=rss------bug_bounty-5 | AbhirupKonwar | infosec, pentesting, ethical-hacking, cybersecurity, bug-bounty | 29-Nov-2024 |
Email Verification Bypass Vulnerability: A Critical Flaw Exploited | https://medium.com/@muralidharan1530/email-verification-bypass-vulnerability-a-critical-flaw-exploited-1d7a316b2514?source=rss------bug_bounty-5 | Murali Dharan | bounties, bug-bounty-writeup, bug-bounty, bugs, bug-bounty-tips | 29-Nov-2024 |
POC — CVE-2024–21534 Jsonpath-plus vulnerable to Remote Code Execution (RCE) due to improper input… | https://medium.com/@verylazytech/poc-cve-2024-21534-jsonpath-plus-vulnerable-to-remote-code-execution-rce-due-to-improper-input-a466ae69aa92?source=rss------bug_bounty-5 | Very Lazy Tech | cybersecurity, cve, exploit, cve-2024-21534, bug-bounty | 29-Nov-2024 |
hackthebox-Administrator-walkthrough | https://medium.com/@ryuzakiryuga31/hackthebox-administrator-walkthrough-217d01374d00?source=rss------bug_bounty-5 | R09sh | bug-bounty, hackthebox, network-security, network-penetration-test, system-administration | 29-Nov-2024 |
Google Dorking Made Simpler with GFU | https://medium.com/@sheryx00/google-dorking-made-simpler-with-gfu-20c67c5c8fc4?source=rss------bug_bounty-5 | Sheryx00 | google-dork, open-source, bug-bounty, pentesting, bug-bounty-tips | 29-Nov-2024 |
Authentication Bypass Vulnerability 🙂 | https://aman0.medium.com/authentication-bypass-vulnerability-a7b8fff3361f?source=rss------bug_bounty-5 | Aman H | authentication-bypass, vulnerability, penetration-testing, bug-bounty-tips, bug-bounty | 29-Nov-2024 |
Exploring Alternatives to Bugcrowd: Why Hackrate Stands Out | https://medium.com/@hackrate/exploring-alternatives-to-bugcrowd-why-hackrate-stands-out-8d54235f62d1?source=rss------bug_bounty-5 | Hackrate | bug-bounty, cybersecurity, penetration-testing, ethical-hacking | 29-Nov-2024 |
The Ultimate Bug Bounty Roadmap Zero to Pro | https://medium.com/@adinesh02/the-ultimate-bug-bounty-roadmap-zero-to-pro-56440ac4cef2?source=rss------bug_bounty-5 | DINESH A | technology, tech, bug-bounty, hacking, cybersecurity | 29-Nov-2024 |
Phishing-as-a-Service (PhaaS): “Rockstar 2FA” Targets Microsoft 365 with AiTM Attacks | https://medium.com/@wiretor/phishing-as-a-service-phaas-rockstar-2fa-targets-microsoft-365-with-aitm-attacks-572617422ea5?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, xs, phaa, american-dream, hacking | 29-Nov-2024 |
Critical Flaw in ProjectSend Under Active Exploitation — Protect Your Servers! | https://medium.com/@wiretor/critical-flaw-in-projectsend-under-active-exploitation-protect-your-servers-c0903ab96a68?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | xs, malware, bug-bounty, hacking, pentest | 29-Nov-2024 |
Unmasking Open Redirect Vulnerabilities: A Real-World Discovery | https://medium.com/@360Security/unmasking-open-redirect-vulnerabilities-a-real-world-discovery-348081e5d03e?source=rss------bug_bounty-5 | Anand Patel | penetration-testing, vapt, bug-bounty, web-security, cybersecurity | 29-Nov-2024 |
Hacking AI — Understanding LLM Attacks and Prompt Injections | https://medium.com/@anmol.sh/hacking-ai-understanding-llm-attacks-and-prompt-injections-9354f26a8353?source=rss------bug_bounty-5 | Anmol Shah | ai, hacking, penetration-testing, artificial-intelligence, bug-bounty | 29-Nov-2024 |
Website’s for fake mobile numbers and sms services. | https://osintteam.blog/websites-for-fake-mobile-numbers-and-sms-services-9057442ef82b?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, cybersecurity, bug-bounty-tips, tips, hacking | 28-Nov-2024 |
30 Best Hacking Prompts | https://medium.com/@TahirAyoub/30-best-hacking-prompts-0c10ee61edf4?source=rss------bug_bounty-5 | Tahir Ayoub | bug-bounty, hacking, chatgpt, cybersecurity, ai | 28-Nov-2024 |
The More Confident You Are About Your Testing, The Bigger the Bug You Missed | https://manishsaini74.medium.com/the-more-confident-you-are-about-your-testing-the-bigger-the-bug-you-missed-189fe169c005?source=rss------bug_bounty-5 | Manish Saini | bug-bounty, test-automation, software-engineering, software-testing, quality-assurance | 28-Nov-2024 |
8 Shocking Ways to Protect Your Identity Online | https://medium.com/@paritoshblogs/8-shocking-ways-to-protect-your-identity-online-fe13ad3b92e1?source=rss------bug_bounty-5 | Paritosh | ai, identity, hacking, cybersecurity, bug-bounty | 28-Nov-2024 |
Finding Low-Hanging Bugs: A Practical Guide with Commands | https://medium.com/@ayansheikh45689/finding-low-hanging-bugs-a-practical-guide-with-commands-d6fb9159857d?source=rss------bug_bounty-5 | Ayan | penetration-testing, bug-finding, bug-bounty, ethical-hacking, cybersecurity | 28-Nov-2024 |
Finding more subdomains.(part 2) | https://infosecwriteups.com/finding-more-subdomains-part-2-1850ead4dd92?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, penetration-testing, reconnaissance, cybersecurity, hacking | 28-Nov-2024 |
JWTs: A Comedy of Errors and Exploits | https://jackhavoltrey.medium.com/jwts-a-comedy-of-errors-and-exploits-81d1fb25d24d?source=rss------bug_bounty-5 | Jack Havoltrey | bug-bounty, authentication, bug-bounty-tips, jwt, web-development | 28-Nov-2024 |
Bug Bounty Chronicles: Exploiting the PUT Method for Remote Code Execution (RCE) | https://medium.com/@pawarpushpak36/bug-bounty-chronicles-exploiting-the-put-method-for-remote-code-execution-rce-c2782bea61da?source=rss------bug_bounty-5 | Pawarpushpak | bug-zero, remote-code-execution, bug-bounty-tips, bug-bounty, infosec | 28-Nov-2024 |
The Art of Account Take Over #1: Chaining XSS and non-HttpOnly Session Cookie | https://xdead4f.medium.com/the-art-of-account-take-over-1-chaining-xss-and-non-httponly-session-cookie-8e474bc83e5c?source=rss------bug_bounty-5 | 0xdead4f | xs, penetration-testing, bug-bounty, cybersecurity | 28-Nov-2024 |
How to find Access control vulnerabilities useful Tips PART (1)☢ | https://medium.com/@mahmodziad40/how-to-find-access-control-vulnerabilities-useful-tips-part-1-56ca1a9c60ce?source=rss------bug_bounty-5 | httpzuz | portswigger, penetration-testing, access-control, bug-bounty-tips, bug-bounty | 28-Nov-2024 |
UK Hospital Network Hit by Cyberattack, Procedures Postponed | https://medium.com/@wiretor/uk-hospital-network-hit-by-cyberattack-procedures-postponed-3b9622eec715?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ransomware, malware, cyberattack, uk-hospital-attack, bug-bounty | 28-Nov-2024 |
T-Mobile Detects Network Intrusion Attempts from Wireline Provider | https://medium.com/@wiretor/t-mobile-detects-network-intrusion-attempts-from-wireline-provider-ee7fab1a7eac?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, bug-bounty, xs, t-mobile, hacking | 28-Nov-2024 |
Malicious npm Library @0xengine/xmlrpc Steals Data and Mines Cryptocurrency | https://medium.com/@wiretor/malicious-npm-library-0xengine-xmlrpc-steals-data-and-mines-cryptocurrency-50171f172ef7?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, xs, bug-bounty, malware, ransomeware | 28-Nov-2024 |
Exploiting CSRF and OTP Reuse: How Weak Token Management Enables Password Reset Attacks, Leading… | https://medium.com/@iPsalmy/exploiting-csrf-and-otp-reuse-how-weak-token-management-enables-password-reset-attacks-leading-to-c2f6b914f398?source=rss------bug_bounty-5 | iPsalmy | bug-bounty, infosec, web-application-security, api-security, cybersecurity | 28-Nov-2024 |
#HappyThanksgiving from Wire Tor! | https://medium.com/@wiretor/happythanksgiving-from-wire-tor-5a655498f35f?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, hacking, happy-thanksgiving, happy-thanksgiving-day, malware | 28-Nov-2024 |
Private IP Disclosure in Bug Bounty Programs: Understanding the Risk and Reward | https://medium.com/@shamzen96/private-ip-disclosure-in-bug-bounty-programs-understanding-the-risk-and-reward-6441aa866db0?source=rss------bug_bounty-5 | Shivam Raj | bug-bounty, bug-bounty-tips | 27-Nov-2024 |
The P2 Bug You Could Miss Without Reading the Documentation | https://mokhansec.medium.com/the-p2-bug-you-could-miss-without-reading-the-documentation-b0eacc3b7587?source=rss------bug_bounty-5 | Mohsin khan | cybersecurity, bugs, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 27-Nov-2024 |
Easy Way To Root Your Virtual Device 🙂 | https://aman0.medium.com/easy-way-to-root-your-virtual-device-9d1a2aa99ea1?source=rss------bug_bounty-5 | Aman H | penetration-testing, mobile-app-development, root-android-phone, bug-bounty, app-security-testing | 27-Nov-2024 |
Install MassDNS in Linux | https://medium.com/@mohamdaminporsalari/install-massdns-in-linux-4a5937829972?source=rss------bug_bounty-5 | MaMad | bug-bounty, dns, massdns, pentesting, bug-bounty-tool | 27-Nov-2024 |
How I Turned NASA’s Search Bar into a Phishing Gateway | https://systemweakness.com/how-i-turned-nasas-search-bar-into-a-phishing-gateway-697de30859b0?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty-tips, cybersecurity, technology, bug-bounty, programming | 27-Nov-2024 |
0-Click ATO: How I Can Take Over Every Account on the Website | https://medium.com/@aesmail034/0-click-ato-how-i-can-take-over-every-account-on-the-website-9a69c9afb57c?source=rss------bug_bounty-5 | Ahmed Esmail | hackerone, bug-bounty, cybersecurity, account-takeover | 27-Nov-2024 |
Race Condition Exploit Enables Free Plan Users to Access Premium Features | https://medium.com/@rawansa3ed2002/race-condition-exploit-enables-free-plan-users-to-access-premium-features-9619d0fa0a53?source=rss------bug_bounty-5 | Rawansaed | bug-bounty, race-condition, hackerone, penetration-testing, cybersecurity | 27-Nov-2024 |
System Hacking Technique | https://medium.com/@TahirAyoub/system-hacking-technique-ac376bd3f0ef?source=rss------bug_bounty-5 | Tahir Ayoub | bug-bounty, hacking-tools, cybersecurity, hacking, computer-security | 27-Nov-2024 |
Install MassDNS in Linux | https://medium.com/@MaMad4Ever/install-massdns-in-linux-4a5937829972?source=rss------bug_bounty-5 | MaMad | bug-bounty, dns, massdns, pentesting, bug-bounty-tool | 27-Nov-2024 |
Introducing JSNinja: Your Ultimate JavaScript Bug Hunting Companion ️♂️ | https://medium.com/@vikas0vks/introducing-jsninja-your-ultimate-javascript-bug-hunting-companion-%EF%B8%8F-%EF%B8%8F-bee1fcc4bd75?source=rss------bug_bounty-5 | Vikas | information-security, bug-bounty-tips, bug-bounty | 27-Nov-2024 |
SMB Enumeration and Exploitation: Master Ports 139 and 445 for Penetration Testing | https://medium.com/@verylazytech/smb-enumeration-and-exploitation-master-ports-139-and-445-for-penetration-testing-ddca90a384c5?source=rss------bug_bounty-5 | Very Lazy Tech | bug-bounty, oscp, smb, hacking, cybersecurity | 27-Nov-2024 |
Understanding Ethical Hacking: The Key to Cybersecurity | https://medium.com/@harshkatiyar5556/understanding-ethical-hacking-the-key-to-cybersecurity-454c6671c5f9?source=rss------bug_bounty-5 | Harsh Katiyar | web3, mind-hacking-techniques, ethical-hacking, cybersecurity, bug-bounty | 27-Nov-2024 |
How to Find DNS Rebinding Vulnerabilities in Bug Bounty Hunting | https://dineshpathro9.medium.com/how-to-find-dns-rebinding-vulnerabilities-in-bug-bounty-hunting-3323da71f5ee?source=rss------bug_bounty-5 | Hunter | bugs, bug-bounty-tips, bug-bounty, bug-zero | 27-Nov-2024 |
0-Click ATO: How I Can Take Over Every Account on the Website | https://som3a.medium.com/0-click-ato-how-i-can-take-over-every-account-on-the-website-9a69c9afb57c?source=rss------bug_bounty-5 | Ahmed Esmail | hackerone, bug-bounty, cybersecurity, account-takeover | 27-Nov-2024 |
IDOR Allows an Admin to Add SuperAdmin (Which is not allowed) | https://medium.com/@mrro0o0tt/idor-allows-an-admin-to-add-superadmin-which-is-not-allowed-239fcc82ff69?source=rss------bug_bounty-5 | Whoami | idor-vulnerability, bug-bounty, broken-access-control, business-logic-bug, bug-bounty-tips | 27-Nov-2024 |
Researchers Unveil “Bootkitty” — The First UEFI Bootkit Targeting Linux Kernels! | https://medium.com/@wiretor/researchers-unveil-bootkitty-the-first-uefi-bootkit-targeting-linux-kernels-30ff7b7c6819?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | zero-day, cve, bug-bounty, malware, bootkitty | 27-Nov-2024 |
Interpol Arrests 1,000+ in Massive ‘Operation Serengeti’ Anti-Cybercrime Crackdown | https://medium.com/@wiretor/interpol-arrests-1-000-in-massive-operation-serengeti-anti-cybercrime-crackdown-45ffa24e6f4a?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, xss-attack, interpol, hacking, bug-bounty | 27-Nov-2024 |
New NachoVPN Attack: Rogue VPN Servers Installing Malicious Updates ️ | https://medium.com/@wiretor/new-nachovpn-attack-rogue-vpn-servers-installing-malicious-updates-%EF%B8%8F-262c85645850?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, vpn, malware, bug-bounty, programming | 27-Nov-2024 |
JS Review and Abuse GraphQL Result 10xBAC + Admin Panel ATO | https://medium.com/@0xbugatti/js-review-and-abuse-graphql-result-10xbac-admin-panel-ato-0f013fe471ea?source=rss------bug_bounty-5 | 0xbugatti | owasp-top-10, bug-bounty, bugbounty-writeup, web-app-security, bugbounty-tips | 27-Nov-2024 |
How I abled to get users/admins PII Disclosure | https://medium.com/@a7madhacck/how-i-abled-to-get-users-admins-pii-disclosure-6c02fef82c11?source=rss------bug_bounty-5 | Ahmad Yussef | technology, hackerone, bug-bounty-writeup, cybersecurity, bug-bounty | 27-Nov-2024 |
Automating the Setup of a Bug Bounty Toolkit | https://dineshpathro9.medium.com/automating-the-setup-of-a-bug-bounty-toolkit-05b3e589eb84?source=rss------bug_bounty-5 | hunter | bug-bounty, bug-bounty-tips, bugs, hacking | 26-Nov-2024 |
VOIP Penetration Testing Checklist | https://infosecwriteups.com/voip-penetration-testing-checklist-890bb4e09bac?source=rss------bug_bounty-5 | Ajay Naik | security, information-technology, penetration-testing, cybersecurity, bug-bounty | 26-Nov-2024 |
Find Website Vulnerabilities with One Hacking Tool | https://medium.com/@TahirAyoub/find-website-vulnerabilities-with-one-hacking-tool-0008a908c6fd?source=rss------bug_bounty-5 | Tahir Ayoub | cybersecurity, bug-bounty-tips, bug-bounty, hacking, tools | 26-Nov-2024 |
Bugbounty Hunting: The First Step After Finding Your Target | https://dineshpathro9.medium.com/bugbounty-hunting-the-first-step-after-finding-your-target-998267eeeb28?source=rss------bug_bounty-5 | Hunter | bug-bounty-tips, bug-bounty, bug-zero, bugs | 26-Nov-2024 |
Challenges and Pitfalls of Automating Bug Bounty Submissions with AI | https://pointlessai.medium.com/challenges-and-pitfalls-of-automating-bug-bounty-submissions-with-ai-adb06ab0d2c6?source=rss------bug_bounty-5 | PointlessAI Medium | ai, bug-bounty, cybersecurity, chatgpt, vulnerability-management | 26-Nov-2024 |
IBM Fixes RCE Vulnerabilities in Data Virtualization Manager and Security SOAR | https://medium.com/@wiretor/ibm-fixes-rce-vulnerabilities-in-data-virtualization-manager-and-security-soar-dfbc178710f5?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, rce, bug-bounty, malware, ibm | 26-Nov-2024 |
Firefox and Windows Zero-Days Exploited by Russian RomCom Hackers: A Cybersecurity Wake-Up Call! | https://medium.com/@wiretor/firefox-and-windows-zero-days-exploited-by-russian-romcom-hackers-a-cybersecurity-wake-up-call-a8029dacd27b?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ransomware, malware, windows-hacking, bug-bounty, firefox-hacked | 26-Nov-2024 |
Critical Vulnerabilities Discovered in Popular Anti-Spam Plugin for WordPress ️ | https://medium.com/@wiretor/critical-vulnerabilities-discovered-in-popular-anti-spam-plugin-for-wordpress-%EF%B8%8F-353b3a727d7e?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacked, malware, wordpress, ransomware, bug-bounty | 26-Nov-2024 |
Find Website Vulnerabilities with One Hacking Tool | https://blog.cubed.run/find-website-vulnerabilities-with-one-hacking-tool-0008a908c6fd?source=rss------bug_bounty-5 | Tahir Ayoub | cybersecurity, bug-bounty-tips, bug-bounty, hacking, tools | 26-Nov-2024 |
How I Hacked NASA | https://vikram1337.medium.com/how-i-hacked-nasa-74f4ada6e90c?source=rss------bug_bounty-5 | Vikram | writeup, pentesting, bug-bounty, nasa | 26-Nov-2024 |
race condition on BBP | https://medium.com/@mohanad9837/race-condition-on-bbp-7294e8582ade?source=rss------bug_bounty-5 | mohaned | bug-bounty, race-condition | 25-Nov-2024 |
Why Subdomain Enumeration ? | https://ahmed-rezk.medium.com/why-subdomain-enumeration-3e4570dd9aba?source=rss------bug_bounty-5 | Ahmed Rezk | cybersecurity, red-teaming, bug-bounty-tips, pentesting, bug-bounty | 25-Nov-2024 |
Privilege Escalation in Collaborative Platforms — BugBounty | https://medium.com/@Zero-Ray/privilege-escalation-in-collaborative-platforms-bugbounty-e1e240384b43?source=rss------bug_bounty-5 | Mahmoud Fawzy | privilege-escalation, bug-bounty, bug-bounty-hunter, bugcrowd, bug-bounty-writeup | 25-Nov-2024 |
HOW I FOUND MY FIRST XSS BUG | https://medium.com/@Zeroo_sec/how-i-found-my-first-xss-bug-553225548d29?source=rss------bug_bounty-5 | Ranjan | ethical-hacking, hacking, bug-bounty, bug-bounty-tips | 25-Nov-2024 |
Google Dorks for Bug Bounty: The Ultimate Guide | https://medium.com/@verylazytech/google-dorks-for-bug-bounty-the-ultimate-guide-e7611b533aee?source=rss------bug_bounty-5 | Very Lazy Tech | ethical-hacking, google-dork, google-hacking, penetration-testing, bug-bounty | 25-Nov-2024 |
Google dorking the right way. | https://osintteam.blog/google-dorking-the-right-way-27b0eeb31212?source=rss------bug_bounty-5 | an0nbil | bug-bounty-tips, bug-bounty, programming, ethical-hacking, cybersecurity | 25-Nov-2024 |
Microlise Data Breach Confirmed: SafePay Ransomware Group Claims Responsibility ️ | https://medium.com/@wiretor/microlise-data-breach-confirmed-safepay-ransomware-group-claims-responsibility-%EF%B8%8F-035e36e25afc?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | usa, ransomeware, bug-bounty, malware, xs | 25-Nov-2024 |
Bangkok Busts High-Tech SMS Scam Operation | https://medium.com/@wiretor/bangkok-busts-high-tech-sms-scam-operation-e13909a2625f?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ransomware, bug-bounty, hacking, malware, xxe | 25-Nov-2024 |
Finastra Data Breach: What Financial Institutions Need to Know ️ | https://medium.com/@wiretor/finastra-data-breach-what-financial-institutions-need-to-know-%EF%B8%8F-df9e960c90c7?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, bug-bounty, pentest, hacking, xs | 25-Nov-2024 |
SSRF To Internal Data Access Via PDF Print Feature | https://bishal0x01.medium.com/ssrf-to-internal-data-access-via-pdf-print-feature-b8e6a912844a?source=rss------bug_bounty-5 | Bishal Shrestha | ssrf, bug-bounty, information-security | 25-Nov-2024 |
Bug Bounty Tips and Tricks | https://bevijaygupta.medium.com/bug-bounty-tips-and-tricks-7b25317c8e7e?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-tips, bug-zero, bug-bounty-writeup, bugs, bug-bounty | 25-Nov-2024 |
Google Dorks for Bug Bounty: The Ultimate Guide | https://systemweakness.com/google-dorks-for-bug-bounty-the-ultimate-guide-e7611b533aee?source=rss------bug_bounty-5 | Very Lazy Tech | ethical-hacking, google-dork, google-hacking, penetration-testing, bug-bounty | 25-Nov-2024 |
here is how I got my first bounty $$$ | https://medium.com/@mohanad9837/here-is-how-i-got-my-first-bounty-78c18da7feeb?source=rss------bug_bounty-5 | mohaned | xss-vulnerability, xss-bypass, bug-bounty, xss-attack | 25-Nov-2024 |
GitTrash: Digging Deep into Git Repositories for Hidden Treasures | https://medium.com/@sheryx00/gittrash-digging-deep-into-git-repositories-for-hidden-treasures-dfa6b3ff9251?source=rss------bug_bounty-5 | Sheryx00 | pentesting, bug-bounty, open-source, git | 24-Nov-2024 |
SSRF(Server-Side Request Forgery) | https://medium.com/@mukkagopi50/ssrf-server-side-request-forgery-50329b7e39fb?source=rss------bug_bounty-5 | Gopi Mukka | vapt, ssrf, ssrf-attack, vulnerability-assessment, bug-bounty | 24-Nov-2024 |
Mastering Web Application Pentesting Part — II | https://infosecwriteups.com/mastering-web-application-pentesting-part-ii-f02898bf48e3?source=rss------bug_bounty-5 | Mukilan Baskaran | web-security, infosec, bug-bounty, cybersecurity, computer-security | 24-Nov-2024 |
Week 3: When the Drive to Work Fades | https://mokhansec.medium.com/week-3-when-the-drive-to-work-fades-3e94a89559c0?source=rss------bug_bounty-5 | Mohsin khan | bug-bounty-writeup, bugs, bug-bounty-tips, bug-bounty, cybersecurity | 24-Nov-2024 |
Hacking WordPress: Where to Begin? | https://0x4a6f76616e.medium.com/hacking-wordpress-where-to-begin-60179dc403d9?source=rss------bug_bounty-5 | Jovan | bug-bounty, hacking, pentesting, vulnerability, wordpress | 24-Nov-2024 |
7 Steps guide to CNAME Subdomain Takeover | https://bitpanic.medium.com/7-steps-guide-to-cname-subdomain-takeover-f10eebd7e952?source=rss------bug_bounty-5 | Spectat0rguy | bug-bounty-tips, cybersecurity, information-security, bug-bounty | 24-Nov-2024 |
Cyberattack at French Hospital Exposes Health Data of 750,000 Patients | https://medium.com/@wiretor/cyberattack-at-french-hospital-exposes-health-data-of-750-000-patients-01b8f62893d1?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | pentest, hacking, xs, malware, bug-bounty | 24-Nov-2024 |
Microsoft Disrupts ONNX Phishing-as-a-Service Operation ️ | https://medium.com/@wiretor/microsoft-disrupts-onnx-phishing-as-a-service-operation-%EF%B8%8F-a1b5535f5d9a?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, malware, xs, bug-bounty, pentest | 24-Nov-2024 |
Microsoft Tests Third-Party Passkey Support in Windows 11: A Passwordless Future | https://medium.com/@wiretor/microsoft-tests-third-party-passkey-support-in-windows-11-a-passwordless-future-92a5fe28571a?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | microsoft, pentest, bug-bounty, hacking, xs | 24-Nov-2024 |
Hackers Exploit Avast Anti-Rootkit Driver to Disable Security Defenses | https://medium.com/@wiretor/hackers-exploit-avast-anti-rootkit-driver-to-disable-security-defenses-13df8a3c313e?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, ransomware, bug-bounty, malware, xss-attack | 24-Nov-2024 |
How I got 50euro bounty? | https://doordiefordream.medium.com/how-i-got-50euro-bounty-71dcf4c6e335?source=rss------bug_bounty-5 | Bug hunter balu | html, cybersecurity, technology, vulnerability, bug-bounty | 24-Nov-2024 |
Recon. Useful Tips for Bug Bounty — PART 1 | https://medium.com/@dzchalevich/recon-useful-tips-for-bug-bounty-part-1-0defee9bc7cf?source=rss------bug_bounty-5 | theroo@ttt | web-security, bug-bounty-tips, bug-bounty, penetration-testing, recon | 24-Nov-2024 |
Happy hunting! | https://medium.com/@hacker_33169/happy-hunting-eae0a858b540?source=rss------bug_bounty-5 | B3ntl3y | cybersecurity, bug-bounty, penetration-testing | 24-Nov-2024 |
Beginner’s Guide to Ethical Hacking: What I Learned from My First Bug Bounty | https://medium.com/@yarmuhammadnizamani556/beginners-guide-to-ethical-hacking-what-i-learned-from-my-first-bug-bounty-724a9f97f38b?source=rss------bug_bounty-5 | Curious Mind | ethical-hacking, cybersecurity, bug-bounty | 24-Nov-2024 |
Android Pentesting can make you $500/day. | https://medium.com/@anandrishav2228/android-pentesting-can-make-you-500-day-818158f9b43d?source=rss------bug_bounty-5 | Rishav anand | cybersecurity, android, hacking, money, bug-bounty | 24-Nov-2024 |
How I do my recon and end up finding hidden assets and vulnerabilities before anyone else Pt.2 | https://medium.com/@demonia/how-i-do-my-recon-and-end-up-finding-hidden-assets-and-vulnerabilities-before-anyone-else-pt-2-2c8dd13d6c19?source=rss------bug_bounty-5 | Mohammed Dief | cybersecurity, information-security, bug-bounty, hackerone, recon | 24-Nov-2024 |
IDOR is NOT only on the ID | https://medium.com/@mshulkhan/idor-is-not-only-on-the-id-8e94b5cc193e?source=rss------bug_bounty-5 | M Shulkhan | google-bug, bug-bounty, hacking, hackerkamp150, sysbraykr | 24-Nov-2024 |
My Bug Bounty Hunting Methodology | https://cybersechemmars.medium.com/my-bug-bounty-hunting-methodology-51ac0a891978?source=rss------bug_bounty-5 | Cybersec with Hemmars | cybersecurity, writing, bug-bounty, bug-bounty-writeup | 24-Nov-2024 |
TryHackMe | NoSQLi Walkthrough | https://medium.com/@k3r0/tryhackme-nosqli-walkthrough-155c6380f5b3?source=rss------bug_bounty-5 | Kyrillos nady | penetration-testing, bug-bounty, nosql, web-penetration-testing, hacking | 24-Nov-2024 |
Bug House Exterminator in Wilton: Your Ultimate Guide to a Pest-Free Home | https://medium.com/@muhammadmohsinsiddique46/bug-house-exterminator-in-wilton-your-ultimate-guide-to-a-pest-free-home-47d56773c394?source=rss------bug_bounty-5 | Muhammadmohsinsiddique | bed-bug-extermination, bug-bounty, wilton, bugs | 23-Nov-2024 |
7 Main Sins Of A Hacker, What To Stay Away From During Hacking Story? | https://medium.com/h7w/7-main-sins-of-a-hacker-what-to-stay-away-from-during-hacking-story-115d749952e2?source=rss------bug_bounty-5 | NnFace | faith, hacking, bug-bounty, cybersecurity, kali-linux | 23-Nov-2024 |
HTML INJECTION- My Second Major Bounty | https://medium.com/@josuofficial327/html-injection-my-second-major-bounty-cb7c3b32ce60?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | owasp-top-10, bug-bounty-tips, cybersecurity, penetration-testing, bug-bounty | 23-Nov-2024 |
Building a Bug Bounty Journey: Exploring Web Security with a Custom CMS | https://medium.com/@zero_4583/building-a-bug-bounty-journey-exploring-web-security-with-a-custom-cms-06dffc81e969?source=rss------bug_bounty-5 | Nathan Vincent | php, appsec, cms-development, bug-bounty | 23-Nov-2024 |
Why Bug Bounty Is Just for You 🙂 | https://infosecwriteups.com/why-bug-bounty-is-just-for-you-61541deb62b8?source=rss------bug_bounty-5 | Satyam Pathania | bug-bounty, money, cybersecurity, infosec, technology | 23-Nov-2024 |
Disallowed but Discoverable: The Hacker’s robots.txt Playbook | https://myselfakash20.medium.com/disallowed-but-discoverable-the-hackers-robots-txt-playbook-73dca570f23e?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty, cybersecurity, technology, programming, bug-bounty-writeup | 23-Nov-2024 |
Vulnerable WordPress October 2024 (Zahhak Castle) | https://medium.com/@onhexgroup/vulnerable-wordpress-october-2024-zahhak-castle-fb7da609b5e1?source=rss------bug_bounty-5 | Onhexgroup | information-security, infosec, cybersecurity, bug-bounty, wordpress | 23-Nov-2024 |
North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn | https://medium.com/@wiretor/north-korean-hackers-steal-10m-with-ai-driven-scams-and-malware-on-linkedin-25daddc61809?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, hacking, malware, ai, programming | 23-Nov-2024 |
Over 2,000 Palo Alto Firewalls Hacked Using Recently Patched Bugs | https://medium.com/@wiretor/over-2-000-palo-alto-firewalls-hacked-using-recently-patched-bugs-ccc83ef8b4d6?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, malware, hacking, hacked, xss-attack | 23-Nov-2024 |
Chinese Hackers Target Linux with WolfsBane Malware | https://medium.com/@wiretor/chinese-hackers-target-linux-with-wolfsbane-malware-c4a313c0e63f?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | chinese, linux, hacking, malware, bug-bounty | 23-Nov-2024 |
Cyber Alert: APT28 Hackers Breach US Firm with Innovative “Nearest Neighbor Attack” | https://medium.com/@wiretor/cyber-alert-apt28-hackers-breach-us-firm-with-innovative-nearest-neighbor-attack-9245d88841d8?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, bug-bounty, apt-28, hacking, xss-attack | 23-Nov-2024 |
Ubuntu Users Alert: Decade-Old Needrestart Flaws Expose Root Privilege Risks | https://medium.com/@wiretor/ubuntu-users-alert-decade-old-needrestart-flaws-expose-root-privilege-risks-a504f5d2b949?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | usa, ubuntu, penetration-testing, bug-bounty, malware | 23-Nov-2024 |
Step into my Professional Life(:Finding my first Bug:) | https://medium.com/@anshjain722/step-into-my-professional-life-finding-my-first-bug-e8175b1d9601?source=rss------bug_bounty-5 | Ansh Jain | cybersecurity, xss-vulnerability, vulnerability, bugs, bug-bounty | 23-Nov-2024 |
Methods to bypass 403 & 401 | https://infosecwriteups.com/methods-to-bypass-403-401-38df4cec069e?source=rss------bug_bounty-5 | Dishant Modi | penetration-testing, cybersecurity, bug-bounty-tips, bug-bounty, hacking | 23-Nov-2024 |
How I Discovered an Email Change Vulnerability Leading to Pre-Account Takeover | p2 | https://medium.com/@dhananjay_00/how-i-discovered-an-email-change-vulnerability-leading-to-pre-account-takeover-p2-7e76e0002eef?source=rss------bug_bounty-5 | Dhananjay Pathak | bug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty, hacking | 23-Nov-2024 |
Why I Switched from Cloud to Local Password Management | https://expectme.medium.com/why-i-switched-from-cloud-to-local-password-management-2b79448495dc?source=rss------bug_bounty-5 | Mamoud Eid | bug-bounty, privacy, cybersecurity | 23-Nov-2024 |
Bug Bounty Beginner’s Roadmap-02 | https://medium.com/@sheikh.mohammad.adil.71/bug-bounty-beginners-roadmap-02-3236f15df715?source=rss------bug_bounty-5 | SHEIKH MOHAMMAD ADIL | roadmaps, ethical-hacking, bounty-program, bug-bounty | 23-Nov-2024 |
My OSWA Experience | https://medium.com/@zumyumi/my-oswa-experience-eaa4e94d1797?source=rss------bug_bounty-5 | Zumi Yumi | oswe, oscp, web, oswa, bug-bounty | 23-Nov-2024 |
️♂️ Bug Bounty Beginner’s Roadmap-01 | https://medium.com/@sheikh.mohammad.adil.71/%EF%B8%8F-%EF%B8%8F-ultimate-bug-bounty-roadmap-ee81e805ad6b?source=rss------bug_bounty-5 | SHEIKH MOHAMMAD ADIL | bug-bounty, ethical-hacking, hackerone, cybersecurity, roadmaps | 23-Nov-2024 |
File path traversal, validation of file extension with null byte bypass | https://medium.com/@Laxious8848/file-path-traversal-validation-of-file-extension-with-null-byte-bypass-6625f4a4fbec?source=rss------bug_bounty-5 | Laxious | web-penetration-testing, lfi, lfi-vulnerability, bug-bounty, web-pen-testing | 22-Nov-2024 |
File path traversal, validation of start of path | https://medium.com/@Laxious8848/file-path-traversal-validation-of-start-of-path-063e8995a55d?source=rss------bug_bounty-5 | Laxious | lfi, web-penetration-testing, web-pen-testing, lfi-vulnerability, bug-bounty | 22-Nov-2024 |
Ghost Tap Exploits NFC Payments for Fraud | https://medium.com/@wiretor/ghost-tap-exploits-nfc-payments-for-fraud-dc2a263ff603?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, ransomware, hacking, programming, bug-bounty | 22-Nov-2024 |
Oracle Agile PLM Vulnerability Exploited in the Wild: Protect Your Data! | https://medium.com/@wiretor/oracle-agile-plm-vulnerability-exploited-in-the-wild-protect-your-data-129f8d9ac922?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, ransomware, malware, pentest, hacking | 22-Nov-2024 |
File path traversal, traversal sequences stripped with superfluous URL-decode | https://medium.com/@Laxious8848/file-path-traversal-traversal-sequences-stripped-with-superfluous-url-decode-0b303cfe5b69?source=rss------bug_bounty-5 | Laxious | web-penetration-testing, web-pen-testing, bug-bounty, lfi-vulnerability, lfi | 22-Nov-2024 |
Resolving the “externally-managed-environment” Error in Python | https://medium.com/@prathameshbagul/resolving-the-externally-managed-environment-error-in-python-b91650d45946?source=rss------bug_bounty-5 | Prath | bug-bounty, python, pentesting, kali-linux, cybersecurity | 22-Nov-2024 |
ShodanSpider: A Powerful Tool for Cybersecurity Research | https://shubhamrooter.medium.com/shodanspider-a-powerful-tool-for-cybersecurity-research-02eac3ed75e2?source=rss------bug_bounty-5 | Shubham Tiwari | bug-bounty, security-analytics, vapt, shodan, bug-hunting | 22-Nov-2024 |
My Journey Finding Bugs on NASA | https://cybersecuritywriteups.com/my-journey-finding-bugs-on-nasa-a2296d142b0a?source=rss------bug_bounty-5 | Shridhar Rajaput | bug-bounty-writeup, inspiration, cybersecurity, bug-bounty, information-technology | 22-Nov-2024 |
Why Bug Bounty Could Be a Career for You 🙂 | https://osintteam.blog/why-bug-bounty-could-be-a-career-for-you-17b6b7b66e16?source=rss------bug_bounty-5 | Satyam Pathania | money, technology, cybersecurity, bug-bounty, infosec | 22-Nov-2024 |
Unveiling a Critical Bug in One of the World’s Largest Banks: My Barclays Story | https://cybersecuritywriteups.com/unveiling-a-critical-bug-in-one-of-the-worlds-largest-banks-my-barclays-story-34a9fb5f5140?source=rss------bug_bounty-5 | Guru Prasad Pattanaik | bug-bounty-tips, bug-bounty, cybersecurity, bug-bounty-writeup, ethical-hacking | 22-Nov-2024 |
The $900 Bug: My Journey Through SSRF and LFI Exploits | https://myselfakash20.medium.com/the-900-bug-my-journey-through-ssrf-and-lfi-exploits-222feb276deb?source=rss------bug_bounty-5 | Akash Ghosh | programming, technology, cybersecurity, hacking, bug-bounty | 22-Nov-2024 |
IDOR Checklist 2025 | https://medium.com/@mohanad9837/idor-checklist-2025-443575a389d4?source=rss------bug_bounty-5 | mohaned | idor, bug-bounty, idor-vulnerability | 22-Nov-2024 |
Finding and Exploiting open SMB service [bug bounty write-up]. | https://medium.com/@sugamdangal52/finding-and-exploiting-open-smb-service-bug-bounty-write-up-492d72cd2fa3?source=rss------bug_bounty-5 | Sugam Dangal | ethical-hacking, bug-bounty, bug-hunting, hacking, bug-bounty-writeup | 22-Nov-2024 |
Forbidden Bypass Cloudflare Zero Trust — English Version | https://medium.com/@j0hnZ3RA/forbidden-bypass-cloudflare-zero-trust-english-version-436efff4a548?source=rss------bug_bounty-5 | j0hnZ3RA | bug-bounty, red-team, pentesting, security | 22-Nov-2024 |
Forbidden Bypass Cloudflare Zero Trust | https://medium.com/@j0hnZ3RA/forbidden-bypass-cloudflare-zero-trust-6bcc7ad464ee?source=rss------bug_bounty-5 | j0hnZ3RA | security, pentesting, bypass, red-team, bug-bounty | 22-Nov-2024 |
They Ignored My Bug Report but Fixed It Silently: My Experience with Enhancv | https://medium.com/@0xw01f/they-ignored-my-bug-report-but-fixed-it-silently-my-experience-with-enhancv-a8ffe5e3e790?source=rss------bug_bounty-5 | w01f | cybersecurity, bug-bounty, vulnerability, responsibility, ethics | 22-Nov-2024 |
HTML encode ilə XSS və HTML İnjection hücumlarının qarşısının alınması | https://medium.com/@rootelvin/html-encode-il%C9%99-xss-v%C9%99-html-i%CC%87njection-h%C3%BCcumlar%C4%B1n%C4%B1n-qar%C5%9F%C4%B1s%C4%B1n%C4%B1n-al%C4%B1nmas%C4%B1-01e21dfe11b5?source=rss------bug_bounty-5 | Elvin Nuruyev | appsec-testing, web-pentesting, cyber-security-solutions, secure-coding, bug-bounty | 22-Nov-2024 |
captainX404 | https://medium.com/@captainX404/captainx404-b41a7f1e3ff3?source=rss------bug_bounty-5 | captainX404 | bug-bounty | 22-Nov-2024 |
Reconnaissance on archive URLs | https://medium.com/@mayank_prajapati/reconnaissance-on-archive-urls-4125ce7544ed?source=rss------bug_bounty-5 | Mayank Kumar Prajapati | bug-bounty-tips, cybersecurity, bugs, bug-bounty, hacking | 22-Nov-2024 |
HTML encode ilə XSS və HTML İnjection hücumlarının qarşısının alınması | https://elvinnuruyev.medium.com/html-encode-il%C9%99-xss-v%C9%99-html-i%CC%87njection-h%C3%BCcumlar%C4%B1n%C4%B1n-qar%C5%9F%C4%B1s%C4%B1n%C4%B1n-al%C4%B1nmas%C4%B1-01e21dfe11b5?source=rss------bug_bounty-5 | Elvin Nuruyev | appsec-testing, web-pentesting, cyber-security-solutions, secure-coding, bug-bounty | 22-Nov-2024 |
Cloud Hacking : flaws.cloud level 1 walkthrough | https://medium.com/@Kinqdathacker/cloud-hacking-flaws-cloud-level-1-walkthrough-9f966da07e82?source=rss------bug_bounty-5 | Kinqdathacker | ctf-writeup, cloud-security, bug-bounty, s3-bucket, hacking | 22-Nov-2024 |
How i finded a p4 as per bugcrowd. | https://osintteam.blog/how-i-finded-a-p4-as-per-bugcrowd-c7c72718583a?source=rss------bug_bounty-5 | loyalonlytoday | hacking, tips, bugs, bug-bounty, cybersecurity | 21-Nov-2024 |
Master My Skill Student got highest bounty of $5000 by Vikrant Sharma | https://medium.com/@mastermyskill/master-my-skill-student-got-highest-bounty-of-5000-by-vikrant-sharma-287a9b46522e?source=rss------bug_bounty-5 | Master My Skill | bug-bounty | 21-Nov-2024 |
Unlock the $4 Million Bounty: Join Microsoft’s Zero Day Quest! | https://byteshiva.medium.com/unlock-the-4-million-bounty-join-microsofts-zero-day-quest-87c6e50c1010?source=rss------bug_bounty-5 | Siva | infosec, cybersecurity, microsoftzerodayquest, hacking, bug-bounty | 21-Nov-2024 |
Unique XSS Earned Me a $$$ Bounty | https://wgetkb.medium.com/unique-xss-earned-me-a-bounty-b7156c36fd32?source=rss------bug_bounty-5 | Prasad KB | bounty-program, xss-vulnerability, infosec, bug-bounty, security | 21-Nov-2024 |
Insecure direct object references | https://medium.com/@Laxious8848/insecure-direct-object-references-2ce01fa76018?source=rss------bug_bounty-5 | Laxious | web-pen-testing, idor, idor-vulnerability, webapplicationpentest, bug-bounty | 21-Nov-2024 |
HTB — Learn the basics of Penetration Testing: Meow | https://medium.com/@febrywiji12/htb-learn-the-basics-of-penetration-testing-meow-6158f97c3c6e?source=rss------bug_bounty-5 | Sheperd01 | telnet, hackthebox, ctf, bug-bounty, tutorial | 21-Nov-2024 |
How to Find Open Redirect Vulnerabilities: A Comprehensive Guide | https://medium.com/@rupaitanudas/how-to-find-open-redirect-vulnerabilities-a-comprehensive-guide-e2b6e8c965c6?source=rss------bug_bounty-5 | Rupaitanudas | open-redirect, bug-bounty, web-application-security | 21-Nov-2024 |
BugBoard: The Ultimate Dashboard for Bug Hunters | https://medium.com/@abhinavsingwal/bugboard-the-ultimate-dashboard-for-bug-hunters-1fc7177117bb?source=rss------bug_bounty-5 | Abhinavsingwal | bug-bounty, hacking, hacker, bugboard, hacking-tools | 21-Nov-2024 |
Introduction to CORS-Cross-origin resource sharing & SOP-Same Origin Policy, CORS series (Part 1) | https://medium.com/@vipulparveenjain/introduction-to-cors-cross-origin-resource-sharing-sop-same-origin-policy-cors-series-part-1-149ad6f77cf6?source=rss------bug_bounty-5 | Vipul Jain | hacking, bug-bounty, web-security-testing, cors-vulnerability, cross-origin-resource | 21-Nov-2024 |
Antivirus Evasion for Beginners: A Step-by-Step Guide to Bypassing AV for Penetration Testers | https://medium.com/@verylazytech/antivirus-evasion-for-beginners-a-step-by-step-guide-to-bypassing-av-for-penetration-testers-e600de35be20?source=rss------bug_bounty-5 | Very Lazy Tech | penetration-testing, bug-bounty, antivirus-evasion, bypassing-av, hacking | 21-Nov-2024 |
How I Hacked a Website While Dancing | https://medium.com/@shaikhminhaz1975/how-i-hacked-a-website-while-dancing-22c3e1cd3431?source=rss------bug_bounty-5 | Shaikh Minhaz | hacking, cybersecurity, how-to, ethical-hacking, bug-bounty | 21-Nov-2024 |
BugBoard: The Ultimate Dashboard for Bug Hunters | https://medium.com/@abhinavsingwal/bugboard-the-ultimate-dashboard-for-bug-hunters-1fc7177117bb?source=rss------bug_bounty-5 | Abhinav Singwal | bug-bounty, hacking, hacker, bugboard, hacking-tools | 21-Nov-2024 |
Bypass Email Verification in Mozilla | https://0d-amr.medium.com/bypass-email-verification-in-mozilla-2ab45ac36c42?source=rss------bug_bounty-5 | Amr | bug-bounty-tips, cybersecurity, ethical-hacking, penetration-testing, bug-bounty | 21-Nov-2024 |
Mastering Web Application Pentesting with TryhackMe | https://infosecwriteups.com/mastering-web-application-pentesting-with-tryhackme-24257ef182c5?source=rss------bug_bounty-5 | Mukilan Baskaran | tryhackme, cybersecurity, bug-bounty, tryhackme-walkthrough, infosec | 21-Nov-2024 |
PART 2: THE NEXT CHAPTER IN MY NASA BUG HUNTING JOURNEY | https://rootxabit.medium.com/part-2-the-next-chapter-in-my-nasa-bug-hunting-journey-1d6338c5f017?source=rss------bug_bounty-5 | sudo-xabit | hacking-nasa, bug-bounty, india, tips, nasa | 21-Nov-2024 |
File path traversal, simple case | https://medium.com/@Laxious8848/file-path-traversal-simple-case-d0dd8c493981?source=rss------bug_bounty-5 | Laxious | lfi, webapplicationpentest, lfi-vulnerability, bug-bounty, web-pen-testing | 21-Nov-2024 |
File path traversal, traversal sequences stripped non-recursively | https://medium.com/@Laxious8848/file-path-traversal-traversal-sequences-stripped-non-recursively-647780ace38e?source=rss------bug_bounty-5 | Laxious | web-penetration-testing, web-pen-testing, lfi, bug-bounty, lfi-vulnerability | 21-Nov-2024 |
File path traversal, traversal sequences blocked with absolute path bypass | https://medium.com/@Laxious8848/file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass-b909ad161fa2?source=rss------bug_bounty-5 | Laxious | bug-bounty, web-pentesting, web-penetration-testing, lfi-vulnerability, lfi | 21-Nov-2024 |
HTB — Learn the basics of Penetration Testing: Meow | https://medium.com/@febrywiji/htb-learn-the-basics-of-penetration-testing-meow-6158f97c3c6e?source=rss------bug_bounty-5 | Sheperd01 | telnet, hackthebox, ctf, bug-bounty, tutorial | 21-Nov-2024 |
Worth 10000$ Cracking the Price Barrier: Exploiting Price Tampering on an E-Commerce Website | https://medium.com/@kumawatabhijeet2002/worth-10000-cracking-the-price-barrier-exploiting-price-tampering-on-an-e-commerce-website-19e3f82f52aa?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, bug-bounty-writeup, bug-bounty-tips, bugs | 20-Nov-2024 |
How I was able to Take over a Subdomain and got Hall of Fame | https://rivudon.medium.com/how-i-was-able-to-take-over-a-subdomain-and-got-hall-of-fame-aca4aaca761b?source=rss------bug_bounty-5 | Rivek Raj Tamang ( RivuDon ) | subdomain-takeover, ethical-hacking, bug-bounty-tips, bug-hunting, bug-bounty | 20-Nov-2024 |
Web vulnerability bounty rules update | https://medium.com/@security.tecno/web-vulnerability-bounty-rules-update-20bcf6f6e3da?source=rss------bug_bounty-5 | TECNO Security | hacking, web, security, bug-bounty | 20-Nov-2024 |
Bypassing Password Reuse Restriction A Security Flaw. | https://aman0.medium.com/bypassing-password-reuse-restriction-a-security-flaw-1bf2210d9bbd?source=rss------bug_bounty-5 | Aman H | bug-bounty-writeup, vulnerability, information-security, penetration-testing, bug-bounty | 20-Nov-2024 |
The $2,200 ATO Most Bug Hunters Overlooked by Closing Intruder Too Soon | https://mokhansec.medium.com/the-2-200-ato-most-bug-hunters-overlooked-by-closing-intruder-too-soon-505f21d56732?source=rss------bug_bounty-5 | Mohsin khan | cybersecurity, bug-bounty, bug-bounty-writeup, bugs, bug-bounty-tips | 20-Nov-2024 |
Reflected Cross-Site Scripting (XSS) via POST request: | https://ak-rizk.medium.com/reflected-cross-site-scripting-xss-via-post-request-f0d54ee84f99?source=rss------bug_bounty-5 | A-RIZK | xss-attack, web-hacking, pentesting, bug-bounty | 20-Nov-2024 |
How Hidden 3xXSS got revealed | https://medium.com/@0xbugatti/how-hidden-3xxss-got-revealed-b42f041d36f6?source=rss------bug_bounty-5 | 0xbugatti | bug-bounty, bug-bounty-writeup, web-app-security, web-app-pentesting, bug-bounty-tips | 20-Nov-2024 |
How I Earned $650 Using Just Recon: A Bug Hunter’s Success Story | https://myselfakash20.medium.com/how-i-earned-650-using-just-recon-a-bug-hunters-success-story-4d78788e46a5?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty, programming, penetration-testing, cybersecurity, technology | 20-Nov-2024 |
Swiss Army Knife of Top Bug Hunters | https://bitpanic.medium.com/swiss-army-knife-of-top-bug-hunters-dd1bf237c513?source=rss------bug_bounty-5 | Spectat0rguy | information-security, bug-bounty-tips, cybersecurity, cyber-security-awareness, bug-bounty | 20-Nov-2024 |
Honey, did you leave the APIs open again? | https://medium.com/@l_s_/honey-you-left-the-apis-open-again-c382a3a2d917?source=rss------bug_bounty-5 | LS | hacking, api, bug-bounty, cybersecurity, bug-bounty-writeup | 20-Nov-2024 |
Introduction to Bug Bounty | https://medium.com/@hakoje3813/introduction-to-bug-bounty-5461825079ad?source=rss------bug_bounty-5 | Hacker | aidp, bug-bounty | 20-Nov-2024 |
How to Start in the Masochistic World of Bug Bounty — what nobody told you before. | https://j0nasdias.medium.com/how-to-start-in-the-masochistic-world-of-bug-bounty-what-nobody-told-you-before-22b789933cdd?source=rss------bug_bounty-5 | Jonas Dias Rebelo | intigriti, hackerone, xs, pentest, bug-bounty | 20-Nov-2024 |
GhostFilter: Automating URL Filtering for Smarter Bug Hunting | https://osintteam.blog/ghostfilter-automating-url-filtering-for-smarter-bug-hunting-d779d8fc844f?source=rss------bug_bounty-5 | SIDDHANT SHUKLA | hacking, bug-bounty-tips, bug-bounty, ctf, cybersecurity | 20-Nov-2024 |
Importance of Shodan in Bug Hunting: Your Ultimate Guide to Finding Hidden Gems | https://osintteam.blog/importance-of-shodan-in-bug-hunting-your-ultimate-guide-to-finding-hidden-gems-45cf87201d11?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty, bug-bounty-writeup, bug-bounty-tips, cybersecurity, infosec | 19-Nov-2024 |
Finding subdomains those are hidden in cloud. | https://osintteam.blog/finding-subdomains-those-are-hidden-in-cloud-f0c13d3d80ea?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, bugs, tips, cybersecurity, hacking | 19-Nov-2024 |
【Vulnerability Campaign】Earn Your Thanksgiving Bonus Rebate | https://medium.com/@security.tecno/vulnerability-campaign-earn-your-thanksgiving-bonus-rebate-95847ac8b144?source=rss------bug_bounty-5 | TECNO Security | hacking, security, bonus, bug-bounty | 19-Nov-2024 |
OTP Bypass — Weak brute-force protection | https://medium.com/@Jitheshjithu/otp-bypass-weak-brute-force-protection-42c3f6b7899d?source=rss------bug_bounty-5 | Jithesh | bug-bounty-tips, brute-force, bug-bounty, otp-bypass, burpsuite | 19-Nov-2024 |
How a CSRF Vulnerability Can Be Exploited to Target Email Accounts — A Practical Walkthrough | https://medium.com/@muhammedgalal66/how-a-csrf-vulnerability-can-be-exploited-to-target-email-accounts-a-practical-walkthrough-60e6c2eac31f?source=rss------bug_bounty-5 | Dg0x6 | bug-bounty, bounty-program, bug-hunting, csrf, hunting | 19-Nov-2024 |
The Easiest $$$ I Made from a Business Logic Vulnerability | https://medium.com/@0xsussy/the-easiest-i-made-from-a-business-logic-vulnerability-5c11a31ca455?source=rss------bug_bounty-5 | Hamza Khaled | bugbounty-writeup, bugbounty-poc, bug-bounty, bugbounty-tips | 19-Nov-2024 |
Enumeração de subdomínios através da homepage | https://medium.com/@sarkis093/enumera%C3%A7%C3%A3o-de-subdom%C3%ADnios-atrav%C3%A9s-da-homepage-971d7aa341bf?source=rss------bug_bounty-5 | sarkis093 | shell, pentesting, red-team, osint, bug-bounty | 19-Nov-2024 |
From User to Admin: The Art of Privilege Escalation | https://bootcampsecurity.medium.com/from-user-to-admin-the-art-of-privilege-escalation-b80a4cd1e89b?source=rss------bug_bounty-5 | Garv Kataria | cybersecurity, privilege-escalation, ethical-hacking, bug-bounty-tips, bug-bounty | 19-Nov-2024 |
Common Security Risks in Browser Extensions | https://medium.com/@Parag_Bagul/common-security-risks-in-browser-extensions-e61422499f7c?source=rss------bug_bounty-5 | ParagBagul | browser-extension, web-browser-extension, cybersecurity, bug-bounty, extension-development | 19-Nov-2024 |
Exploiting Business Logic Flaws in e-commerce platforms | https://medium.com/@Pentestforge/exploiting-business-logic-flaws-in-e-commerce-platforms-c3042a240c4a?source=rss------bug_bounty-5 | Joel I Patrick | ethical-hacking, bug-bounty, cybersecurity, web-exploitation, hacking | 19-Nov-2024 |
Unlock Bug Bounty Brilliance: The Ultimate Guide to Browser Extensions That Supercharge Your… | https://osintteam.blog/unlock-bug-bounty-brilliance-the-ultimate-guide-to-browser-extensions-that-supercharge-your-fbb323e29dc0?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty, bug-bounty-tips, extension, bug-bounty-writeup, cybersecurity | 19-Nov-2024 |
Critical Remote Code Execution (RCE) Bug in VMware vCenter Server Now Exploited in Active… | https://medium.com/@wiretor/critical-remote-code-execution-rce-bug-in-vmware-vcenter-server-now-exploited-in-active-a03c8fe37d02?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | programming, hacking, pentesting, bug-bounty, malware | 19-Nov-2024 |
Maxar Data Breach: U.S. Space Tech Giant Compromised | https://medium.com/@wiretor/maxar-data-breach-u-s-space-tech-giant-compromised-391640982117?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, pentest, programming, malware, bug-bounty | 19-Nov-2024 |
Chinese Hackers Exploit Fortinet VPN Zero-Day to Steal Credentials | https://medium.com/@wiretor/chinese-hackers-exploit-fortinet-vpn-zero-day-to-steal-credentials-b10232aaabef?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ransomware, hacking, bug-bounty, progamming, malware | 19-Nov-2024 |
How I Uncovered an Unsubscribe Exploit While Checking My Internship Applications | https://expl0it32.medium.com/how-i-uncovered-an-unsubscribe-exploit-while-checking-my-internship-applications-9661aacad8f9?source=rss------bug_bounty-5 | eXpl0it_32 | hacking, cybersecurity, idor, bug-report, bug-bounty | 19-Nov-2024 |
HOW I FOUND A BUG IN NASA | https://rootxabit.medium.com/how-i-found-a-bug-in-nasa-f76800eaf3b9?source=rss------bug_bounty-5 | sudo-xabit | bug-bounty, hacking, hall-of-fame, nasa, vdp | 19-Nov-2024 |
Bug bounty hunting : Profitable Pursuit or Time Trap? | https://medium.com/@Arsenelupin12/bug-bounty-hunting-profitable-pursuit-or-time-trap-a99ecb11358f?source=rss------bug_bounty-5 | Lupin | bug-bounty, bug-bounty-tips, hackthebox, cybersecurity, hacking | 19-Nov-2024 |
SQL injection vulnerability in where clause allowing retrieval of hidden data | https://medium.com/@Laxious8848/sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-c6ca0c949382?source=rss------bug_bounty-5 | Laxious | penetration-testing, bug-bounty, webapplicationpentest, error-based-sql-injection, sql-injection | 19-Nov-2024 |
BUG BOUNTY HUNTING | https://medium.com/@muazutopclass/bug-bounty-hunting-0536a314d4e4?source=rss------bug_bounty-5 | Mu'azu S. Ahmed | cybersecurity, money, bug-bounty, techie-delight, freelancing | 19-Nov-2024 |
Easy admin Access By Gaming with JSON | https://medium.com/@0xbugatti/easy-admin-access-by-gaming-with-json-5ec5313e2236?source=rss------bug_bounty-5 | 0xbugatti | bug-bounty, web-security, penetration-testing, bug-bounty-tips, bug-bounty-writeup | 19-Nov-2024 |
Bug bounty hunting : Profitable Pursuit or Time Trap? | https://medium.com/@Arsenelupin12/bug-bounty-hunting-profitable-pursuit-or-time-trap-a99ecb11358f?source=rss------bug_bounty-5 | Wasted Resources | bug-bounty, bug-bounty-tips, hackthebox, cybersecurity, hacking | 19-Nov-2024 |
Hackers’ Cache Hotlist | https://medium.com/h7w/hackers-cache-hotlist-5649742c35b1?source=rss------bug_bounty-5 | Lukasz Wierzbicki | bug-bounty, pentesting, hacking, articles, security | 18-Nov-2024 |
How SubDomainRadar.io Simplifies Your Recon Workflow | https://medium.com/@alexandrevandammepro/how-subdomainradar-io-simplifies-your-recon-workflow-173e4061ceb3?source=rss------bug_bounty-5 | Alexandre Vandamme | infosec, cyberattack, bug-bounty, hacking, cybersecurity | 18-Nov-2024 |
File Upload - Upload. Intercept. Exploit. | https://p4n7h3rx.medium.com/file-upload-upload-intercept-exploit-b5aa18cb8e9d?source=rss------bug_bounty-5 | p4n7h3rx | bug-bounty, pentesting, pentest, bug-bounty-tips, hacking | 18-Nov-2024 |
BioCorp CTF | https://ghostman01.medium.com/biocorp-ctf-99a072260842?source=rss------bug_bounty-5 | SIDDHANT SHUKLA | ctf, web-hacking, bug-bounty, cybersecurity, hacking | 18-Nov-2024 |
M4 — Insufficient Input/Output Validation | https://medium.com/@tamires.scruz/m4-insufficient-input-output-validation-fccc6cfc2561?source=rss------bug_bounty-5 | Tamy Angel | cybersecurity, android, pentesting, bug-bounty, vulnerability | 18-Nov-2024 |
From Novice to Pro: My Journey to Earning Through Bug Bounty Hunting | https://myselfakash20.medium.com/from-novice-to-pro-my-journey-to-earning-through-bug-bounty-hunting-3f123d19c39a?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty-writeup, ethical-hacking, bug-bounty, cybersecurity, bug-bounty-tips | 18-Nov-2024 |
Automating XXE Exploitation: A Write-Up on Intigriti CTF 2024 BioCorp Challenge | https://osintteam.blog/biocorp-ctf-99a072260842?source=rss------bug_bounty-5 | SIDDHANT SHUKLA | ctf, web-hacking, bug-bounty, cybersecurity, hacking | 18-Nov-2024 |
How I Hacked an Entire Company’s IT Infrastructure by Uncovering a Critical Bug Through Effective… | https://medium.com/@0xbedo/how-i-hacked-an-entire-companys-it-infrastructure-by-uncovering-a-critical-bug-through-effective-8322d4d763a8?source=rss------bug_bounty-5 | 0xbedo | bug-bounty, aem, pentesting, cybersecurity, security | 18-Nov-2024 |
Top 9 Books on Cyber Security | https://medium.com/@bicitrobiswas/top-9-books-on-cyber-security-e3984ec1e48b?source=rss------bug_bounty-5 | Bicitro Biswas | cybersecurity, hacking, programming, bug-bounty, students | 18-Nov-2024 |
How I Found an IDOR Vulnerability in a Local News App and What You Can Learn From It | https://medium.com/@sulmanfarooq531/how-i-found-an-idor-vulnerability-in-a-local-news-app-and-what-you-can-learn-from-it-0b02a2ab91d5?source=rss------bug_bounty-5 | Sulman Farooq S | cybersecurity, bug-bounty, idor-vulnerability, idor | 18-Nov-2024 |
How to Use Proxy for Bug Hunting | https://medium.com/@Progsky/how-to-use-proxy-for-bug-hunting-64e08cb33cc1?source=rss------bug_bounty-5 | Progsky | bug-hunting, ethical-hacking, ethical-hacking-tools, bug-bounty, cybersecurity | 18-Nov-2024 |
AI vs. Human: Why Bug Bounty Hunting Still Needs Human Intuition | https://pointlessai.medium.com/ai-vs-human-why-bug-bounty-hunting-still-needs-human-intuition-40b6e023c184?source=rss------bug_bounty-5 | PointlessAI | bug-bounty-tips, ai, bug-bounty, chatgpt, vulnerability-management | 18-Nov-2024 |
Data Breaches Demand Proactive Security: AnnieMac Hack Impacts 171,000 Individuals ️ | https://medium.com/@wiretor/data-breaches-demand-proactive-security-anniemac-hack-impacts-171-000-individuals-%EF%B8%8F-27a46bece7d2?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | anniemac-hacked, bug-bounty, data-breach, programming, hacked | 18-Nov-2024 |
Phishing Emails Using SVG Attachments: A Growing Threat | https://medium.com/@wiretor/phishing-emails-using-svg-attachments-a-growing-threat-c531fe9d3806?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, bug-bounty, phising, hacking, email | 18-Nov-2024 |
How to Start a Career in Cybersecurity: A Step-by-Step Guide for Beginners | https://medium.com/@griffin_dev.il/how-to-start-a-career-in-cybersecurity-a-step-by-step-guide-for-beginners-77a5457aa6e7?source=rss------bug_bounty-5 | GriFfin_Dev.iL | ethical-hacking, cybersecurity, cyber-security-awareness, bug-bounty, careers | 18-Nov-2024 |
B-Hunters | https://medium.com/@ebraamemil/b-hunters-a5b53aa9df42?source=rss------bug_bounty-5 | Ebraam Emil | bug-bounty-tips, framework, bug-bounty | 18-Nov-2024 |
2FA simple bypass | https://medium.com/@kcaaditya976/2fa-simple-bypass-1eb82080b914?source=rss------bug_bounty-5 | Laxious | bug-bounty, web-application-security, web-penetration-testing, mfa-bypass, web-pentesting | 18-Nov-2024 |
CTF Walkthrough: Grayboard | https://medium.com/@nehalrajesh10/ctf-walkthrough-grayboard-c5955fff6410?source=rss------bug_bounty-5 | Nehal Pillai | ctf, bug-bounty, ctf-walkthrough | 18-Nov-2024 |
Breaking into Bug Bounties: A Guide to Hunting Business Logic and BAC Vulnerabilities in B2B… | https://thexssrat.medium.com/breaking-into-bug-bounties-a-guide-to-hunting-business-logic-and-bac-vulnerabilities-in-b2b-58a8f4a89711?source=rss------bug_bounty-5 | Thexssrat | idor-vulnerability, penetration-testing, bug-bounty, hacking, hacker | 18-Nov-2024 |
2FA simple bypass | https://medium.com/@Laxious8848/2fa-simple-bypass-1eb82080b914?source=rss------bug_bounty-5 | Laxious | bug-bounty, web-application-security, web-penetration-testing, mfa-bypass, web-pentesting | 18-Nov-2024 |
Vietnamese Hackers Unleash PXA Stealer: Targeting Sensitive Data Across Europe and Asia | https://medium.com/@wiretor/vietnamese-hackers-unleash-pxa-stealer-targeting-sensitive-data-across-europe-and-asia-2d0723c11ff1?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, ransomeware, xss-attack, hacking, bug-bounty | 17-Nov-2024 |
DEEPDATA Malware Exploits Fortinet Flaw to Steal VPN Credentials | https://medium.com/@wiretor/deepdata-malware-exploits-fortinet-flaw-to-steal-vpn-credentials-2605280c2e8c?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ransomeware, xss-attack, bug-bounty, hacking, malware | 17-Nov-2024 |
Botnet Exploits GeoVision Zero-Day to Install Mirai Malware | https://medium.com/@wiretor/botnet-exploits-geovision-zero-day-to-install-mirai-malware-98ce1622dc21?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ransomware, bug-bounty, usa, malware, hacking | 17-Nov-2024 |
Comprehensive Guide to Exploitation Techniques for Bug Bounty Hunters: From Beginner to Advanced | https://myselfakash20.medium.com/comprehensive-guide-to-exploitation-techniques-for-bug-bounty-hunters-from-beginner-to-advanced-b32001326b9e?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty-writeup, exploitation, bug-bounty-tips, cybersecurity, bug-bounty | 17-Nov-2024 |
The $300 Journey from RFI to RCE that Changed Everything | https://medium.com/@dhabaleshward/the-300-journey-from-rfi-to-rce-that-changed-everything-2b4c00c05da0?source=rss------bug_bounty-5 | Dhabaleshwar Das | penetration-testing, bug-bounty, vulnerability, ethical-hacking, cybersecurity | 17-Nov-2024 |
How I Found open-redirect vulnerability using virus total? | https://doordiefordream.medium.com/how-i-found-open-redirect-using-virus-total-460d721b9596?source=rss------bug_bounty-5 | balu bandi | bug-bounty-tips, ethical-hacking, bug-bounty, cybersecurity, vulnerability | 17-Nov-2024 |
Week 2: Hard Work Transforms into a 5-Digit Payday | https://mokhansec.medium.com/week-2-hard-work-transforms-into-a-5-digit-payday-8087819bccd9?source=rss------bug_bounty-5 | Mohsin khan | bug-bounty-tips, bugs, cybersecurity, bug-bounty, bug-bounty-writeup | 17-Nov-2024 |
Exposing Open Redirect Vulnerabilities: JavaScript File Analysis in HTTP History Burp Suite | https://medium.com/@gheeX/exposing-open-redirect-vulnerabilities-javascript-file-analysis-in-http-history-burp-suite-c64bd1c93c54?source=rss------bug_bounty-5 | Ghee1337 | bug-bounty-writeup, javascript, vulnerability, bug-bounty-tips, bug-bounty | 17-Nov-2024 |
XSS in Registration Form: A Bug Bounty Success | https://medium.com/@ziadsakr/xss-in-registration-form-a-bug-bounty-success-6fb9450b0e66?source=rss------bug_bounty-5 | Ziad Sakr | xss-bypass, xss-vulnerability, bug-bounty, xss-attack, firewall | 17-Nov-2024 |
8 Advanced Techniques For Novice Bug Bounty Hunters | https://bitpanic.medium.com/8-advanced-techniques-for-novice-bug-bounty-hunters-ab6110185e55?source=rss------bug_bounty-5 | Spectat0rguy | cybersecurity, information-security, cyber-security-awareness, bug-bounty, bug-bounty-tips | 17-Nov-2024 |
SQL injection vulnerability allowing login bypass | https://medium.com/@kcaaditya976/sql-injection-vulnerability-allowing-login-bypass-1e9f7bd45adf?source=rss------bug_bounty-5 | Laxious | sql, web-penetration-testing, web-pentesting, bug-bounty, sql-injection | 17-Nov-2024 |
Bug bounty Cheatsheet | https://medium.com/@shardulsawant67/bug-bounty-cheatsheet-b87d3250bc2e?source=rss------bug_bounty-5 | Shardul Sawant | bug-bounty, bug-bounty-cheatsheet, web-penetration-testing, hacking, website-hacking | 17-Nov-2024 |
API Hacktics: Unveiling Vulnerabilities in Modern Web APIs | https://myselfakash20.medium.com/api-hacktics-unveiling-vulnerabilities-in-modern-web-apis-e41cc09a2b9d?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty-tips, cybersecurity, bug-bounty-writeup, bugs, bug-bounty | 17-Nov-2024 |
How to Find P4 Vulnerabilities and Information Disclosure Bugs | Step-by-Step Guide to All Key… | https://medium.com/@shaikhminhaz1975/how-to-find-p4-vulnerabilities-and-information-disclosure-bugs-step-by-step-guide-to-all-key-6ba8fc84c882?source=rss------bug_bounty-5 | Shaikh Minhaz | penetration-testing, how-to-find-bug, information-disclosure, ethical-hacking, bug-bounty | 17-Nov-2024 |
Hunting for Default Credentials: A Deeper Dive into the Toolkit | https://medium.com/@defaulty.io/hunting-for-default-credentials-a-deeper-dive-into-the-toolkit-2b3edde86f01?source=rss------bug_bounty-5 | Defaulty.io | cybersecurity, information-security, hacking, bug-bounty, penetration-testing | 17-Nov-2024 |
FB OAuth Misconfiguration | https://xsametyigit.medium.com/fb-oauth-misconfiguration-d6c2f5d067d8?source=rss------bug_bounty-5 | Samet Yiğit | bug-bounty-writeup, bug-bounty-tips, bug-bounty | 17-Nov-2024 |
OWASP Top 10–2021 Tryhackme Writeup | https://infosecwriteups.com/owasp-top-10-2021-tryhackme-writeup-56f2a04c895e?source=rss------bug_bounty-5 | Mukilan Baskaran | cybersecurity, bug-bounty, infosec, information-security, web-security | 17-Nov-2024 |
DOM XSS in document.write sink using source location.search | https://medium.com/@kcaaditya976/dom-xss-in-document-write-sink-using-source-location-search-cc0ba7b461c2?source=rss------bug_bounty-5 | Laxious | xss-attack, web-pen-testing, dom-xss, bug-bounty, xss-vulnerability | 17-Nov-2024 |
Who needs credentials, when you have the phone number…? | https://medium.com/@thelazypentester/who-needs-credentials-when-you-have-the-phone-number-fc0c8f51b87e?source=rss------bug_bounty-5 | Jobson | idor, bug-bounty, hacking, cybersecurity, sensitive-information | 17-Nov-2024 |
API Hacktics: Unveiling Vulnerabilities in Modern Web APIs | https://osintteam.blog/api-hacktics-unveiling-vulnerabilities-in-modern-web-apis-e41cc09a2b9d?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty-tips, cybersecurity, bug-bounty-writeup, bugs, bug-bounty | 17-Nov-2024 |
Lemons: A Bug Bounty Analogy | https://medium.com/@lixipluv/lemons-a-bug-bounty-analogy-ef427f514b2a?source=rss------bug_bounty-5 | Lixipluv | lemon, introduction, bug-bounty | 16-Nov-2024 |
Race condition — can cause a flood of forgotten password verification SMS requests | https://medium.com/@viperblitzz/race-condition-can-cause-a-flood-of-forgotten-password-verification-sms-requests-1775a375653d?source=rss------bug_bounty-5 | Viperblitzz | bug-bounty-tips, bug-hunting, bug-bounty | 16-Nov-2024 |
Chaining CSRF and an Open-Redirect leads to sensitive information disclosure | https://medium.com/@rvanwart_49640/chaining-csrf-and-an-open-redirect-leads-to-sensitive-information-disclosure-5915b24bc53b?source=rss------bug_bounty-5 | Raymond Van Wart | bug-bounty, cybersecurity, web-application-security | 16-Nov-2024 |
Heroku Subdomain Takeover | https://xsametyigit.medium.com/heroku-subdomain-takeover-39b9f1ce7c4c?source=rss------bug_bounty-5 | Samet Yiğit | bug-bounty-writeup, bug-bounty, subdomain-takeover, bug-bounty-tips | 16-Nov-2024 |
Secret OSINT Tricks to Dig Up Hidden Info Online! | https://medium.com/@paritoshblogs/secret-osint-tricks-to-dig-up-hidden-info-online-5401ffdd9c89?source=rss------bug_bounty-5 | Paritosh | bug-bounty, hacking, osint, cybersecurity, information-technology | 16-Nov-2024 |
Chaining CSRF and an Open-Redirect leads to sensitive information disclosure | https://raymondv.medium.com/chaining-csrf-and-an-open-redirect-leads-to-sensitive-information-disclosure-5915b24bc53b?source=rss------bug_bounty-5 | Raymond Van Wart | bug-bounty, cybersecurity, web-application-security | 16-Nov-2024 |
How I Helped Secure Millions of Users’ Medical Reports — Bug Bounty! | https://kumarmohank889.medium.com/how-i-helped-secure-millions-of-users-medical-reports-bug-bounty-bccf61a8ecee?source=rss------bug_bounty-5 | Mohan Kumar N | cybersecurity, hacking, bug-bounty-tips, ethical-hacking, bug-bounty | 16-Nov-2024 |
Mastering Recon for Bug Hunters, Part 4: Advanced Strategies & Real-World Examples | https://myselfakash20.medium.com/mastering-recon-for-bug-hunters-part-4-advanced-strategies-real-world-examples-5de1a7aa7f84?source=rss------bug_bounty-5 | Akash Ghosh | bugs, bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips | 16-Nov-2024 |
Account takover via forget password | https://medium.com/@amirreza.marzban/account-takover-via-forget-password-4ec6514f29ee?source=rss------bug_bounty-5 | AmirReza Marzban | bug-bounty, bug-bounty-writeup, hacking, account-takeover, bug-bounty-hunter | 16-Nov-2024 |
Account takover of an online casino | https://bug-abdelilah.medium.com/account-takover-of-an-online-casino-e13987835266?source=rss------bug_bounty-5 | abdelilah | bug-bounty, xss-attack, penetration-testing, cybersecurity, account-takeover | 16-Nov-2024 |
How Did I Get My First Collaboration Bounty Of $1000? | https://medium.com/@pguru978/how-did-i-get-my-first-collaboration-bounty-of-1000-dc64ec02a6c7?source=rss------bug_bounty-5 | Guru Prasad Pattanaik | bug-bounty, bug-bounty-writeup, ethical-hacking, cybersecurity, bug-bounty-tips | 16-Nov-2024 |
Exploiting Android Activities with Drozer: A Step-by-Step Guide | https://medium.com/@ayushkumar12021987/exploiting-android-activities-with-drozer-a-step-by-step-guide-ebc9b564758d?source=rss------bug_bounty-5 | Ayush Kumar | bug-bounty, pentesting, android, bug-bounty-writeup, security | 16-Nov-2024 |
How I Turned a Low Blind SSRF Into a Critical Vulnerability With Strategic Impact Escalation | https://medium.com/@DrakenKun/how-i-turned-a-low-blind-ssrf-into-a-critical-vulnerability-with-strategic-impact-escalation-536505cc4352?source=rss------bug_bounty-5 | DrakenKun | web-security, pentesting, bug-bounty, ssrf, cybersecurity | 16-Nov-2024 |
Sensitive Data Exposure in a Moodle Config File | https://medium.com/@mrcix/sensitive-data-exposure-in-a-moodle-config-file-648ca3d54676?source=rss------bug_bounty-5 | mrci0x1 | bug-bounty, information-security, web-security | 16-Nov-2024 |
These Two Tools Helped Me Earn $40K in Bounties | https://medium.com/@alwalxed/these-two-tools-helped-me-earn-40k-in-bounties-8c688b9deccd?source=rss------bug_bounty-5 | Awa | osint, cybersecurity, bug-bounty, golang, tools | 16-Nov-2024 |
Bypass of Username Policy: Breaking the Rules with a Simple Trick | https://medium.com/@mrcix/bypass-of-username-policy-breaking-the-rules-with-a-simple-trick-fcf7ce97925c?source=rss------bug_bounty-5 | mrci0x1 | bug-bounty-tips, penetration-testing, bug-bounty-writeup, web-security, bug-bounty | 16-Nov-2024 |
How Did I Get My First Collaboration Bounty Of $1000? | https://cybersecuritywriteups.com/how-did-i-get-my-first-collaboration-bounty-of-1000-dc64ec02a6c7?source=rss------bug_bounty-5 | Guru Prasad Pattanaik | bug-bounty, bug-bounty-writeup, ethical-hacking, cybersecurity, bug-bounty-tips | 16-Nov-2024 |
$500 Bounty for Account Takeover on European Bug Bounty Platform | https://0vulns.medium.com/500-bounty-for-account-takeover-on-european-bug-bounty-platform-cd5af3edb1ec?source=rss------bug_bounty-5 | 0vulns | cybersecurity, bug-bounty | 15-Nov-2024 |
HOW I HACKED BILLION ANDROID USERS SOCIAL AND 3rd PARTY ACCOUNT | A STORY ABOUT 5000$ BUG |… | https://medium.com/@karthithehacker/how-i-hacked-billion-android-users-social-and-3rd-party-account-a-story-about-5000-bug-54d8b6ce75df?source=rss------bug_bounty-5 | Karthikeyan.V | bug-bounty, bugbounty-writeup | 15-Nov-2024 |
NahamStore CTF Çözümü: Web Güvenlik Açıklarıyla Bug Bounty Pratiği | https://berkkahya0.medium.com/nahamstore-ctf-%C3%A7%C3%B6z%C3%BCm%C3%BC-web-g%C3%BCvenlik-a%C3%A7%C4%B1klar%C4%B1yla-bug-bounty-prati%C4%9Fi-a1b3d7133329?source=rss------bug_bounty-5 | Berk Kahya | bug-bounty, tryhackme, nahamstore, ctf-writeup, cybersecurity | 15-Nov-2024 |
Simple RXSS di website insight.kontan.co.id | https://medium.com/@0xRedFox29/simple-rxss-di-website-insight-kontan-co-id-cfb39dd64a3a?source=rss------bug_bounty-5 | kunx90 | bug-bounty-tips, bug-bounty | 15-Nov-2024 |
TAKEOVER | https://medium.com/@mukkagopi50/takeover-16aa79977e6b?source=rss------bug_bounty-5 | Gopi Mukka | account-takeover-attacks, vulnerability, bug-bounty, takeovers | 15-Nov-2024 |
Server-Side Request Forgery (SSRF) | https://medium.com/@mukkagopi50/server-side-request-forgery-ssrf-80d168fd82f7?source=rss------bug_bounty-5 | Gopi Mukka | bug-bounty, vulnerability, ssrf | 15-Nov-2024 |
How to Test for DNS Zone Transfer Attacks | https://dineshpathro9.medium.com/how-to-test-for-dns-zone-transfer-attacks-bf7c604bb28a?source=rss------bug_bounty-5 | hunter | bug-bounty, bug-bounty-writeup, hacking, bugs, bug-bounty-tips | 15-Nov-2024 |
How I Exploited a Vulnerability to Change a User’s Backup Email Address (Easy P1 vulnerability) | https://medium.com/@hasap134/how-i-exploited-a-vulnerability-to-change-a-users-backup-email-address-easy-p1-vulnerability-f854041f8e91?source=rss------bug_bounty-5 | Beesco | cybersecurity, vulnerability, bug-bounty, bug-bounty-tips, bugs | 15-Nov-2024 |
Earn $5000 After Learning How to Bypass the Rate Limiting for API Bug Hunting . | https://medium.com/@anandrishav2228/earn-5000-after-learning-how-to-bypass-the-rate-limiting-for-api-bug-hunting-89dc40289120?source=rss------bug_bounty-5 | Rishav anand | api, money, cybersecurity, bug-bounty, hacking-tools | 15-Nov-2024 |
TALE OF A VULNERABILITY WHICH LEADS TO ACCOUNT TAKEOVER OF GOVERNMENT ANDROID APPLICATION | https://medium.com/@karthithehacker/tale-of-a-vulnerability-which-leads-to-account-takeover-of-government-android-application-6f47a57b8cfb?source=rss------bug_bounty-5 | Karthikeyan.V | vapt, bug-bounty, android | 15-Nov-2024 |
Easy $20,160 bug from hackerone | https://medium.com/@loaymorad11/easy-20-160-bug-from-hackerone-aeac67ce3e81?source=rss------bug_bounty-5 | Loaymorad | cybersecurity, penetration-testing, bug-bounty, hackerone, bugbounty-writeup | 15-Nov-2024 |
How did I found Account Takeover Vulnerability on takeuforward.org | https://rajukani100.medium.com/how-did-i-found-account-takeover-vulnerability-on-takeuforward-org-735630b4167c?source=rss------bug_bounty-5 | Raj Ukani | hacking, cyber-security-awareness, bug-bounty, bug-bounty-writeup, developer | 15-Nov-2024 |
Today How to get $500 Bounty on HackerOne — P3 | https://medium.com/@bugbounty_learners/today-how-to-get-500-bounty-on-hackerone-p3-345fa44f76a3?source=rss------bug_bounty-5 | bugbounty_learners | bug-bounty-writeup, bugs, bug-bounty-tips, software-development, bug-bounty | 15-Nov-2024 |
My first bounty | https://medium.com/@josuofficial327/my-first-bounty-fdddb7ef5611?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | penetration-testing, ethical-hacking, bug-bounty-writeup, bug-bounty, bug-bounty-tips | 15-Nov-2024 |
These books will help to learn bug bounty & penetration testing and ethical hacking. Part 1 . | https://osintteam.blog/these-books-will-help-to-learn-bug-bounty-penetration-testing-and-ethical-hacking-part-1-635781cd3aaa?source=rss------bug_bounty-5 | loyalonlytoday | tips, books, hacking, bug-bounty, cybersecurity | 15-Nov-2024 |
Known Brands, Government Domains, and More Hijacked via Sitting Ducks Attacks! | https://medium.com/@wiretor/known-brands-government-domains-and-more-hijacked-via-sitting-ducks-attacks-fddd61bd6105?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | usa, hacking, ransomware, malware, bug-bounty | 15-Nov-2024 |
New Glove Infostealer Malware Bypasses Chrome’s Cookie Encryption: A Growing Threat | https://medium.com/@wiretor/new-glove-infostealer-malware-bypasses-chromes-cookie-encryption-a-growing-threat-e4377ef1f2a7?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, malware, programming, hacking | 15-Nov-2024 |
Critical Plugin Flaw Exposed 4 Million WordPress Websites to Takeover | https://medium.com/@wiretor/critical-plugin-flaw-exposed-4-million-wordpress-websites-to-takeover-7cf7b5984ab4?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | programming, ransomware, malware, bug-bounty, wordpress | 15-Nov-2024 |
CSRF leads to delete account | https://xsametyigit.medium.com/csrf-leads-to-delete-account-711dde21af1e?source=rss------bug_bounty-5 | Samet Yiğit | bug-bounty-tips, bugbounty-writeup, bug-bounty | 15-Nov-2024 |
How I Got Access to an Admin Portal by Response Manipulation | https://medium.com/@anonymousshetty2003/how-i-got-access-to-an-admin-portal-by-response-manipulation-d2abeec7ce58?source=rss------bug_bounty-5 | Anonymousshetty | cybersecurity, bug-bounty, bug-bounty-writeup, bug-bounty-tips, ethical-hacking | 15-Nov-2024 |
3 reflected XSS in one program | https://xsametyigit.medium.com/3-reflected-xss-in-one-program-c50469c6d522?source=rss------bug_bounty-5 | Samet Yiğit | bug-bounty-writeup, bug-bounty, bug-bounty-tips | 15-Nov-2024 |
New Script — Leakix CLI by VECERT | https://medium.com/@vecert/new-script-leakix-cli-by-vecert-68abbf35d08d?source=rss------bug_bounty-5 | VECERT | pentesting, leakix, osint, bug-bounty | 15-Nov-2024 |
2 good tools for subdomain enumration. | https://osintteam.blog/2-good-tools-for-subdomain-enumration-ca3ee36fbf81?source=rss------bug_bounty-5 | loyalonlytoday | tips, hacking, bug-bounty, subdomains-enumeration, cybersecurity | 14-Nov-2024 |
Beginner's guide for Input Data Validation Checklist | https://bitpanic.medium.com/beginners-guide-for-input-data-validation-checklist-2f9d5ef4a341?source=rss------bug_bounty-5 | Spectat0rguy | cybersecurity, information-technology, bug-bounty, cyber-security-awareness, bug-bounty-tips | 14-Nov-2024 |
Critical File Upload Vulnerabilities: Exploits and Mitigation Strategies | https://medium.com/@security.tecno/critical-file-upload-vulnerabilities-exploits-and-mitigation-strategies-90230e8a31bf?source=rss------bug_bounty-5 | TECNO Security | blog, scurity, bug-bounty, hacking | 14-Nov-2024 |
Is HackerOne Support Service Degrading? | https://medium.com/@abdulparkar/is-hackerone-support-service-degrading-cbfa6adc1027?source=rss------bug_bounty-5 | Abdul Rehman Parkar | programming, hackerone, cybersecurity, ethical-hacking, bug-bounty | 14-Nov-2024 |
ISRO: YouTube Broken Link Hijack | https://infosecwriteups.com/isro-youtube-broken-link-hijack-304a92001b47?source=rss------bug_bounty-5 | Dishant Modi | bug-bounty, bug-bounty-tips, broken-link, hall-of-fame, vulnerability | 14-Nov-2024 |
Helpful Resources for Bug Hunters | https://medium.com/meetcyber/helpful-resources-for-bug-hunters-53dbe011cdd4?source=rss------bug_bounty-5 | AbhirupKonwar | ethical-hacking, bug-bounty-tips, bug-bounty, pentesting, hacking | 14-Nov-2024 |
How i hacked NASA (WARNING: Dad Jokes) | https://medium.com/@rootplinix/how-i-hacked-nasa-warning-dad-jokes-7424faec5790?source=rss------bug_bounty-5 | Abu Hurayra | hacking, cybersecurity-awareness, bug-bounty, cybersecurity, bug-bounty-tips | 14-Nov-2024 |
Finding Security Design Flaw in a FAANG to later be ghosted by Recruiter: A funny Tale | https://medium.com/bug-bounty-hunting/finding-security-design-flaw-in-a-faang-to-later-be-ghosted-by-recruiter-a-funny-tale-73e73fb0d6aa?source=rss------bug_bounty-5 | Ronnie Joseph | google, netflix, bug-bounty, cybersecurity, meta | 14-Nov-2024 |
AI in Bug Bounty Hunting: A Step-by-Step Tutorial for Beginners | https://prakash888kpk.medium.com/ai-in-bug-bounty-hunting-a-step-by-step-tutorial-for-beginners-673e24aed66c?source=rss------bug_bounty-5 | Lets Unlearn | machine-learning, bug-bounty, bug-bounty-tips, ai, bug-bounty-writeup | 14-Nov-2024 |
How I Uncovered an SSRF Vulnerability in a Private HackerOne Program | https://medium.com/@josuofficial327/how-i-uncovered-an-ssrf-vulnerability-in-a-private-hackerone-program-4c3146b414ff?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | ethical-hacking, bugbounty-writeup, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 14-Nov-2024 |
Basics of Stored XSS and Demo | https://medium.com/@kcaaditya976/basics-of-stored-xss-and-demo-d410714a77c0?source=rss------bug_bounty-5 | Laxious | bug-bounty, cybersecurity, bug-bounty-hunting, xss-attack, stored-xss | 14-Nov-2024 |
Bug Report: Broken Access Control in Google Photos | https://medium.com/@abhinavsingwal/bug-report-broken-access-control-in-google-photos-d9c10ca8c472?source=rss------bug_bounty-5 | Abhinavsingwal | google-vulnerability, bug-bounty, google-bug-report, bug-report, google-photos-bug | 14-Nov-2024 |
My Journey to Drugs Hall of Fame in just 10 minutes | https://medium.com/@bugbounty_learners/my-journey-to-drugs-hall-of-fame-in-just-10-minutes-dcd03240e42a?source=rss------bug_bounty-5 | bugbounty_learners | bug-bounty-tips, bug-bounty-writeup, bugs, web-development, bug-bounty | 14-Nov-2024 |
Mastering Reconnaissance Part 3: Unleashing Advanced Exploitation and Post-Recon Tactics | https://myselfakash20.medium.com/mastering-reconnaissance-part-3-unleashing-advanced-exploitation-and-post-recon-tactics-b81369678040?source=rss------bug_bounty-5 | Akash Ghosh | cybersecurity, bug-bounty-tips, bug-bounty-writeup, bugbounty-writeup, bug-bounty | 14-Nov-2024 |
CISA & FBI Confirm China Hacked Telecom Providers for Spying: What Does This Mean for Your… | https://medium.com/@wiretor/cisa-fbi-confirm-china-hacked-telecom-providers-for-spying-what-does-this-mean-for-your-f523b2459c75?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, pentest, bug-bounty, malware, ransomeware | 14-Nov-2024 |
Idaho Man Sentenced to 10 Years for Hacking, Data Theft, and Extortion | https://medium.com/@wiretor/idaho-man-sentenced-to-10-years-for-hacking-data-theft-and-extortion-003b243e419f?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | programming, malware, bug-bounty, zero-day, hacking | 14-Nov-2024 |
Windows Zero-Day Exploited by Russia Triggered With File Drag-and-Drop, Delete Actions | https://medium.com/@wiretor/windows-zero-day-exploited-by-russia-triggered-with-file-drag-and-drop-delete-actions-0dd82469e486?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, usa, hacking, bug-bounty, ransomware | 14-Nov-2024 |
Storm-1811’s Quick-Assist phishing could have been worse | https://mrsheepsheep.medium.com/storm-1811s-quick-assist-phishing-could-have-been-worse-fd84e04b0daa?source=rss------bug_bounty-5 | Alexandre Souleau | cybersecurity, xss-attack, bug-bounty, microsoft | 14-Nov-2024 |
Server-Side Request Forgery $(SSRF)$ allows internal ports scanning | https://medium.com/h7w/server-side-request-forgery-ssrf-allows-internal-ports-scanning-ef7edf6534b7?source=rss------bug_bounty-5 | socalledhacker | hacking, infosec, cybersecurity, bug-bounty-tips, bug-bounty | 14-Nov-2024 |
Bypass Rate-Limit via X-Forwarded-For | https://medium.com/@null.x.b1ty/bypass-rate-limit-via-x-forwarded-for-ea26c7a25a90?source=rss------bug_bounty-5 | Snoop-dog | hackerone, bug-bounty | 14-Nov-2024 |
How i Finded a easy dom xss. | https://infosecwriteups.com/how-i-finded-a-easy-dom-xss-6499afc21b5d?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, tips, hacking, xss-attack, cybersecurity | 14-Nov-2024 |
SQL Injection: How I Secured Personal Information (PII) of 1.1M Job Seekers | https://infosecwriteups.com/sql-injection-how-i-secured-personal-information-pii-of-1-1m-job-seekers-7f7c55d11fbc?source=rss------bug_bounty-5 | brutexploiter | cybersecurity, software-engineering, bug-bounty, technology, programming | 14-Nov-2024 |
Exposing a Data Leak Vulnerability: My Journey to Discovery | https://infosecwriteups.com/exposing-a-data-leak-vulnerability-my-journey-to-discovery-d7222b48d81c?source=rss------bug_bounty-5 | Abhishek Bhujang | security, hacking, bug-hunting, ethical-hacking, bug-bounty | 14-Nov-2024 |
Discovering My First Vulnerability in a Few Minutes | https://medium.com/@jagdishdammala/discovering-my-first-vulnerability-in-a-few-minutes-6bbc9419cbfc?source=rss------bug_bounty-5 | Jagdish Dammala | bug-bounty | 14-Nov-2024 |
Account Takeover: How I Gained Access to Any User Account Through a Simple Registration Flaw | https://0d-amr.medium.com/account-takeover-how-i-gained-access-to-any-user-account-through-a-simple-registration-flaw-96f9f6bdc0ae?source=rss------bug_bounty-5 | Amr | ctf, pentesting, hacking, bug-bounty, security | 14-Nov-2024 |
Exploiting SSTI Vulnerability on an E-commerce Website: A Professional Walkthrough | https://medium.com/@MianHammadx0root/exploiting-ssti-vulnerability-on-an-e-commerce-website-a-professional-walkthrough-6cc95afb2b38?source=rss------bug_bounty-5 | Mian Hammad | bug-bounty, server-side, server-security, penetration-testing, ssti | 13-Nov-2024 |
How I Found an SQL Injection in coupon code | https://medium.com/@gheeX/how-i-found-an-sql-injection-in-coupon-code-f31d6eb1a720?source=rss------bug_bounty-5 | Ghee1337 | bug-bounty, infosec, bug-bounty-tips, sql-injection, bug-bounty-writeup | 13-Nov-2024 |
Breaking In with Guest: My First Bug Bounty | https://ghostman01.medium.com/guest-admin-a7c70aa10ddb?source=rss------bug_bounty-5 | SIDDHANT SHUKLA | hacking, bug-bounty, bug-bounty-writeup, cybersecurity, bug-hunting | 13-Nov-2024 |
Introducing Loxs: The Ultimate Multi-Vulnerability Scanner for Web Applications | https://anishalx.medium.com/introducing-loxs-the-ultimate-multi-vulnerability-scanner-for-web-applications-907ed2b2004b?source=rss------bug_bounty-5 | Anish alx | hacking-tools, python, pentesting, hacking, bug-bounty | 13-Nov-2024 |
1500$ Open Reduction Bug: Performed Restricted Actions in login page | https://medium.com/@bugbounty_learners/1500-open-reduction-bug-performed-restricted-actions-in-login-page-4194359c1fc2?source=rss------bug_bounty-5 | bugbounty_learners | bug-bounty-writeup, bug-bounty-tips, web-development, bug-bounty, open-redirect | 13-Nov-2024 |
Blind XSS Bug Hunting Methodology | https://osintteam.blog/blind-xss-bug-hunting-methodology-b997c37a9620?source=rss------bug_bounty-5 | AbhirupKonwar | pentesting, cybersecurity, ethical-hacking, xss-attack, bug-bounty | 13-Nov-2024 |
A Deep Dive into Nmap Scripts for Web Application Testing | https://systemweakness.com/a-deep-dive-into-nmap-scripts-for-web-application-testing-6a9b3a06995e?source=rss------bug_bounty-5 | Khaleel Khan | hacking, nmap, infosec, bug-bounty, cybersecurity | 13-Nov-2024 |
SQL Injection UNION Attack, Retrieving Data from Other Tables | https://medium.com/@marduk.i.am/sql-injection-union-attack-retrieving-data-from-other-tables-38f471813c57?source=rss------bug_bounty-5 | Marduk I Am | bug-bounty, information-security, sql-injection, portswigger-lab, sqli | 13-Nov-2024 |
Easy Bug: How I Uncovered and Re-Exploited a Resolved Vulnerability from a Disclosed Report | https://medium.com/@cvjvqmmsm/easy-bug-how-i-uncovered-and-re-exploited-a-resolved-vulnerability-from-a-disclosed-report-ab2211a98b7b?source=rss------bug_bounty-5 | Barbarossa | bug-bounty, bugbounty-writeup | 13-Nov-2024 |
Common Mistakes in Coding: How to Avoid Them | https://medium.com/@kharodawalam/common-mistakes-in-coding-how-to-avoid-them-9e5c881b0473?source=rss------bug_bounty-5 | Mohammed Kharodawala | mistakes-to-avoid, bug-bounty, data-structure-algorithm, programming, software-development | 13-Nov-2024 |
Mobile Application Penetration Testing Checklist | https://infosecwriteups.com/mobile-application-penetration-testing-checklist-460deadf3d9f?source=rss------bug_bounty-5 | Ajay Naik | information-security, penetration-testing, information-technology, cybersecurity, bug-bounty | 13-Nov-2024 |
5 Golden Tips to Land Your First Job in Offensive Security | https://medium.com/@eran25670/5-golden-tips-to-land-your-first-job-in-offensive-security-e960b4215dc7?source=rss------bug_bounty-5 | Eran | cybersecurity, offensive-security, penetration-testing, bug-bounty-tips, bug-bounty | 13-Nov-2024 |
clickjacking: definição, impactos, mecanismo e prevenção | https://medium.com/@Poystick/clickjacking-defini%C3%A7%C3%A3o-impactos-mecanismo-e-preven%C3%A7%C3%A3o-46e05a89614b?source=rss------bug_bounty-5 | Tarcísio Luchesi | hacking, bug-bounty, programação | 12-Nov-2024 |
Mastering Reconnaissance Part 2: Advanced Scanning, Content Discovery, and Automation for Bug… | https://myselfakash20.medium.com/mastering-reconnaissance-part-2-advanced-scanning-content-discovery-and-automation-for-bug-8903a7c190a6?source=rss------bug_bounty-5 | Akash Ghosh | bugbounty-writeup, bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips | 12-Nov-2024 |
Your Guide to Web Reconnaissance: Mastering the Art of Information Gathering | https://medium.com/@secinfinitylabs/your-guide-to-web-reconnaissance-mastering-the-art-of-information-gathering-32dfee5f2deb?source=rss------bug_bounty-5 | Secinfinity Labs | information-gathering, information-security, penetration-testing, bug-bounty-tips, bug-bounty | 12-Nov-2024 |
Top 10 Threat Actors of 2024 | https://medium.com/@alexandermr289/top-10-threat-actors-of-2024-4ac605357291?source=rss------bug_bounty-5 | Mr_alexander | osint, cybersecurity, bug-bounty, news, medium | 12-Nov-2024 |
Become a Writer for Cybersecurity Write-ups! | https://cybersecuritywriteups.com/become-a-writer-for-cybersecurity-write-ups-3f1e780323a8?source=rss------bug_bounty-5 | Abdul Rehman Parkar | bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, bugbounty-writeup | 12-Nov-2024 |
Showing Impact is Your friend (500$+500$ bounties) | https://medium.com/@noureldin1042/showing-impact-is-your-friend-500-500-bounties-2ed87f3a64b7?source=rss------bug_bounty-5 | Noureldin(0x_5wf) | programming-languages, bug-bounty, bug-bounty-tips, programming, bug-bounty-writeup | 12-Nov-2024 |
Exploring docker-compose.yaml leads to sensitive disclosure | https://medium.com/@raituzki/exploring-docker-compose-yaml-leads-to-sensitive-disclosure-1feaa3d3317f?source=rss------bug_bounty-5 | Muhamad Raidinoor Pasha | hacking, bug-bounty-tips, docker, yaml, bug-bounty | 12-Nov-2024 |
How I hacked 100 hackers | https://corneacristian.medium.com/how-i-hacked-100-hackers-5c3c313e8a1a?source=rss------bug_bounty-5 | Cristian Cornea | bug-bounty, intelligence, hacking, cybersecurity, penetration-testing | 12-Nov-2024 |
Bug Bounty | Here’s Why Your Way To Success Doesn’t Lie In Learning | https://medium.com/@sM0ky4/bug-bounty-heres-why-your-way-to-success-doesn-t-lie-in-learning-bc72d4000b88?source=rss------bug_bounty-5 | sM0ky4 | cybersecurity, bug-bounty-tips, bug-bounty, time-management | 12-Nov-2024 |
How Can You Be Sure That Ethical Hackers Are TRULY Ethical? | https://medium.com/@hackrate/how-can-you-be-sure-that-ethical-hackers-are-truly-ethical-17ee0fcc6058?source=rss------bug_bounty-5 | Hackrate | bug-bounty, ethical-hacking, hacking, penetration-testing, cybersecurity | 12-Nov-2024 |
HTTP Desync Attack (Request Smuggling) - Mass Account Takeover | https://medium.com/@bugbounty_learners/http-desync-attack-request-smuggling-mass-account-takeover-0292fcc8c4a4?source=rss------bug_bounty-5 | bugbounty_learners | bug-bounty, web-development, bug-bounty-tips, bug-bounty-writeup, bugs | 12-Nov-2024 |
Complete Guide to Securing Web Applications on Ports 80 and 443 | https://medium.com/@verylazytech/complete-guide-to-securing-web-applications-on-ports-80-and-443-a123def0b82c?source=rss------bug_bounty-5 | Very Lazy Tech | owasp-top-10, web-application-security, bug-bounty, penetration-testing, web-security | 12-Nov-2024 |
Advanced Techniques for Bypassing Web Filters: A Practical Guide to Identifying and Exploiting XSS… | https://thexssrat.medium.com/advanced-techniques-for-bypassing-web-filters-a-practical-guide-to-identifying-and-exploiting-xss-f6cadeedf9ca?source=rss------bug_bounty-5 | Thexssrat | hacks, bug-bounty, penetration-testing, xss-attack, hacking | 12-Nov-2024 |
M3 — Insecure Authentication/Authorization | https://medium.com/@tamires.scruz/m3-insecure-authentication-authorization-cedf6e94d1ce?source=rss------bug_bounty-5 | Tamy Angel | bug-bounty, owasp, pentesting, android, cybersecurity | 12-Nov-2024 |
SHODAN Cheat Sheet — A Comprehensive Guide to Shodan: The Search Engine for Hackers | https://medium.com/@iamshafayat/shodan-cheat-sheet-a-comprehensive-guide-to-shodan-the-search-engine-for-hackers-451b403f328f?source=rss------bug_bounty-5 | Shafayat Ahmed Alif | cheatsheet, shodan, cybersecurity, ethical-hacking, bug-bounty | 12-Nov-2024 |
Exploiting Server-Side Template Injection (SSTI) with a Custom Exploit: PortSwigger Lab Walkthrough | https://medium.com/@0xA4zOo0/exploiting-server-side-template-injection-ssti-with-a-custom-exploit-portswigger-lab-walkthrough-a661d5c47001?source=rss------bug_bounty-5 | A Z O | bug-bounty, ssti, hacking | 12-Nov-2024 |
Complete Guide to pentesting Web Applications on Ports 80 and 443 | https://medium.com/@verylazytech/complete-guide-to-securing-web-applications-on-ports-80-and-443-a123def0b82c?source=rss------bug_bounty-5 | Very Lazy Tech | owasp-top-10, web-application-security, bug-bounty, penetration-testing, web-security | 12-Nov-2024 |
How I Hijacked an Abandoned Twitter Account and Why Broken Link Hijacking Matters | https://medium.com/@anonymousshetty2003/how-i-hijacked-an-abandoned-twitter-account-and-why-broken-link-hijacking-matters-0128e0f562c8?source=rss------bug_bounty-5 | Anonymousshetty | ethical-hacking, broken-link-hijacking, cybersecurity, bug-bounty | 12-Nov-2024 |
How AI is Making Bug Bounties More Accessible for New Hackers | https://pointlessai.medium.com/how-ai-is-making-bug-bounties-more-accessible-for-new-hackers-726f9a058eac?source=rss------bug_bounty-5 | PointlessAI | bug-bounty-tips, ai, bug-bounty, vulnerability-management | 12-Nov-2024 |
How I Discovered a Private Key Leak on a Company’s Subdomain | https://medium.com/@anonymousshetty2003/how-i-discovered-a-private-key-leak-on-a-companys-subdomain-929100e7a561?source=rss------bug_bounty-5 | Anonymousshetty | bug-bounty, cybersecurity, ethical-hacking | 12-Nov-2024 |
Top Cybersecurity Tools Every Professional Should Know | https://medium.com/@paritoshblogs/top-cybersecurity-tools-every-professional-should-know-0aff34558518?source=rss------bug_bounty-5 | Paritosh | information-security, chatgpt, bug-bounty, cybersecurity, hacking | 12-Nov-2024 |
North Korean Hackers Use Flutter Apps to Evade macOS Security | https://medium.com/@wiretor/north-korean-hackers-use-flutter-apps-to-evade-macos-security-e22221dd9696?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | pentesting, malware, bug-bounty, ransomware, hacking | 12-Nov-2024 |
Massive Data Breach Affects Millions of Hot Topic Customers | https://medium.com/@wiretor/massive-data-breach-affects-millions-of-hot-topic-customers-b03fe562e0f7?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | pentesting, malware, bug-bounty, ransomware | 12-Nov-2024 |
Form I-9 Compliance Data Breach Impacts Over 190,000 People | https://medium.com/@wiretor/form-i-9-compliance-data-breach-impacts-over-190-000-people-adee0a89694c?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ransomware, malware, hacking, bug-bounty, pentesting | 12-Nov-2024 |
Finding more infromation about a email using a osint tool. | https://osintteam.blog/finding-more-infromation-about-a-email-using-a-osint-tool-d557a0579414?source=rss------bug_bounty-5 | loyalonlytoday | cybersecurity, osint, bug-bounty, hacking, osint-investigation | 12-Nov-2024 |
️♂️Recon For New Bug bounty Hunters — Short Story | https://sud-defcon.medium.com/%EF%B8%8F-%EF%B8%8Frecon-for-new-bug-bounty-hunters-short-story-2992e780fbbb?source=rss------bug_bounty-5 | Sudarshan Patel | reconnaissance, bug-bounty-tips, bug-bounty, recon, bug-bounty-writeup | 12-Nov-2024 |
Hacking Knowledge Around The Corner. From Where To Learn Hacking Skills? | https://medium.com/meetcyber/hacking-knowledge-around-the-corner-c2a48214d052?source=rss------bug_bounty-5 | NnFace | cybersecurity, kali-linux, bug-bounty, hacking, knowledge | 12-Nov-2024 |
Volt Typhoon Botnet Rebuilds After FBI Crackdown | https://medium.com/@wiretor/volt-typhoon-botnet-rebuilds-after-fbi-crackdown-e23a74459ff6?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | hacking, programming, malware, ransomeware, bug-bounty | 12-Nov-2024 |
Extract full photos/videos database from any locked Google Pixel phone | https://medium.com/@rus1r105/extract-full-photos-videos-database-from-any-locked-google-pixel-phone-be6da35ad93d?source=rss------bug_bounty-5 | rus1r105 | cybersecurity, android, google-vrp, bug-bounty, writeup | 11-Nov-2024 |
How I Found an HTML Injection in Email Vulnerability on Samsung, Leading to a $$$$ Payday | https://cybersecuritywriteups.com/how-an-html-injection-vulnerability-in-samsung-emails-led-to-a-payday-3dcfccc12a36?source=rss------bug_bounty-5 | Taha Diwan | bug-bounty, cybersecurity, ethical-hacking, penetration-testing, web-penetration-testing | 11-Nov-2024 |
[2024 Thanksgiving] Security Technology Research Writing Activity | https://medium.com/@security.tecno/2024-thanksgiving-security-technology-research-writing-activity-325e4b0fd9c8?source=rss------bug_bounty-5 | TECNO Security | writing, research, bug-bounty, security | 11-Nov-2024 |
Hacking Active Directory and Earn upto $30,000. | https://medium.com/@anandrishav2228/hacking-active-directory-and-earn-upto-30-000-9561858a3c8f?source=rss------bug_bounty-5 | Rishav anand | bug-bounty, active-directory, money, hacking, cybersecurity | 11-Nov-2024 |
Recon JavaScript Files with Rarely Encountered Techniques | https://zucki.medium.com/recon-javascript-files-with-rarely-encountered-techniques-5882a3ad1955?source=rss------bug_bounty-5 | Marzucki | bug-bounty, automation, recon, automation-testing, javascript | 11-Nov-2024 |
#Task 20 - HTTP Request Sumgling — Basics & Types -> Only for Bigners | https://medium.com/@bugbounty_learners/task-1-http-request-sumgling-basics-types-only-for-bigners-2157461dca3e?source=rss------bug_bounty-5 | bugbounty_learners | cybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty, web-development | 11-Nov-2024 |
GetSimpleCMS CSRF | Parol Dəyişdirmə Funksiyasında Tapdığım CSRF boşluğu | https://zeynalxan.medium.com/getsimplecms-csrf-parol-d%C9%99yi%C5%9Fdirm%C9%99-funksiyas%C4%B1nda-tapd%C4%B1%C4%9F%C4%B1m-csrf-bo%C5%9Flu%C4%9Fu-8786c125453e?source=rss------bug_bounty-5 | Zeynalxan Quliyev | csrf-attack, csrf, ato, bug-bounty, cybersecurity | 11-Nov-2024 |
PRE-ACCOUNT TAKEOVER through Oauth misconfiguration on a mailing website | https://infosecwriteups.com/pre-account-takeover-through-misconfigured-oauth-on-a-mailing-website-b906a5c118e9?source=rss------bug_bounty-5 | Harish | cybersecurity, ethical-hacking, cyber-security-awareness, bug-bounty-tips, bug-bounty | 11-Nov-2024 |
Jumping into Bug Bounty Automation | https://bitpanic.medium.com/jumping-into-bug-bounty-automation-4739abdb6d15?source=rss------bug_bounty-5 | Spectat0rguy | information-security, cybersecurity, bug-bounty, information-technology, infosec | 11-Nov-2024 |
Won’t Fix Vulnerabilities in Google Colab | https://0xjin.medium.com/wont-fix-vulnerabilities-in-google-colab-fcd3b6581746?source=rss------bug_bounty-5 | 0xJin | bug-bounty, bug-bounty-writeup, google, bug-bounty-tips | 11-Nov-2024 |
Exposing the Dark Side of Google Dorks: How I Extracted Millions of Emails. | https://pwndecoco.medium.com/exposing-the-dark-side-of-google-dorks-how-i-extracted-millions-of-emails-0fe0f7f6db8b?source=rss------bug_bounty-5 | Pwndec0c0 | hacking, cybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty | 11-Nov-2024 |
Server-Side Template Injection in an Unknown Language with a Documented Exploit — SSTI… | https://medium.com/@rcxsecurity/server-side-template-injection-in-an-unknown-language-with-a-documented-exploit-ssti-de01a069b946?source=rss------bug_bounty-5 | Ryan G. Cox - The Cybersec Café | hacking, information-security, pentesting, bug-bounty, cybersecurity | 11-Nov-2024 |
P4 bug’s and their POC steps | Part 7 | $Easy Money$ | https://medium.com/h7w/p4-bugs-and-their-poc-steps-part-7-easy-money-d7cb9270f539?source=rss------bug_bounty-5 | socalledhacker | infosec, hacking, cybersecurity, bug-bounty-tips, bug-bounty | 11-Nov-2024 |
How I Found a Critical 9.8 Bug — Directory Listing leads to Critical P1 Exposure of PII and more | https://medium.com/@enigma_/how-i-found-a-critical-9-8-9c4d14d82e20?source=rss------bug_bounty-5 | enigma | owasp, bug-bounty, directory-listing, ethical-hacking, hacker | 10-Nov-2024 |
Addressing OWASP Top 10 Vulnerabilities: Why You Need Wire Tor’s Pentesting Services | https://medium.com/@wiretor/addressing-owasp-top-10-vulnerabilities-why-you-need-wire-tors-pentesting-services-5d2f374c3f22?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | breached, hacking, usa, bug-bounty, malware | 10-Nov-2024 |
How I was able to inject my malicious link in Email Confirmation Link ( Link Injection / Open… | https://infosecwriteups.com/how-i-able-to-inject-my-malicious-link-in-email-confirmation-link-link-injection-open-redirect-dbf95075f89c?source=rss------bug_bounty-5 | Abdul Rehman Parkar | cybersecurity, bug-bounty-writeup, infosec-write-ups, ethical-hacking, bug-bounty | 10-Nov-2024 |
Mastering Reconnaissance: The Ultimate Guide for Bug Hunters (Part 1) | https://myselfakash20.medium.com/mastering-reconnaissance-the-ultimate-guide-for-bug-hunters-part-1-b91a2367ee65?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty-writeup, bug-bounty, bug-bounty-tips, recon, bugbounty-writeup | 10-Nov-2024 |
Week 1: Documenting My Journey as a Full-Time Bug Hunter | https://mokhansec.medium.com/week-1-documenting-my-journey-as-a-full-time-bug-hunter-fbe1bbefeb79?source=rss------bug_bounty-5 | Mohsin khan | bugs, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 10-Nov-2024 |
From P5(Informational)to Medium(P3) : How I was able to achieve it it in Dept of Defense VDP? | https://medium.com/@tirqwork1/from-p5-informational-to-medium-p3-how-i-was-able-to-achieve-it-it-in-dept-of-defense-vdp-76e5eda28b5a?source=rss------bug_bounty-5 | ARoy | us-dept-of-defense, data-protection, hackerone, bug-bounty, cybersecurity | 10-Nov-2024 |
From System Administrator to Bug Bounty Hunter: A Journey into Web Security | https://medium.com/@zero_4583/from-system-administrator-to-bug-bounty-hunter-a-journey-into-web-security-9b37bb52dde2?source=rss------bug_bounty-5 | Nathan Vincent | app-security, learning-to-code-journey, bug-bounty, secure-coding | 10-Nov-2024 |
How I was able to inject malicious link in Email Confirmation Link ( Link Injection / Open… | https://cybersecuritywriteups.com/how-i-able-to-inject-my-malicious-link-in-email-confirmation-link-link-injection-open-redirect-dbf95075f89c?source=rss------bug_bounty-5 | Abdul Rehman Parkar | cybersecurity, bug-bounty-writeup, infosec-write-ups, ethical-hacking, bug-bounty | 10-Nov-2024 |
How a Unique Combination Opened the Door to an IDOR | https://infosecwriteups.com/how-a-unique-combination-opened-the-door-to-an-idor-f44a3efe51e8?source=rss------bug_bounty-5 | Supun Halangoda (Suppa) | cybersecurity, bug-bounty-writeup, bug-bounty-tips, secure-coding, bug-bounty | 10-Nov-2024 |
POC — CVE-2024–10914 Command Injection Vulnerability in `name` parameter for D-Link NAS | https://medium.com/@verylazytech/poc-cve-2024-10914-command-injection-vulnerability-in-name-parameter-for-d-link-nas-194e70f68120?source=rss------bug_bounty-5 | Very Lazy Tech | command-injection, cybersecurity, cve-2024-10914, bug-bounty, remote-code-execution | 10-Nov-2024 |
CRLF Injection Zero to Master | https://medium.com/@bugbounty_learners/crlf-injection-zero-to-master-17a93afc33a3?source=rss------bug_bounty-5 | bugbounty_learners | bug-bounty-tips, bug-bounty-writeup, bug-bounty, software-development, web-development | 10-Nov-2024 |
Possible subdomain takeovers gives me 1000 dollars | https://medium.com/lucky-vulnerabilities/possible-subdomain-takeovers-gives-me-1000-dollars-9f3ad682ddce?source=rss------bug_bounty-5 | Lucky Vulnerabilities | bug-bounty, bug-bounty-tips, bug-hunting, updates, news | 10-Nov-2024 |
HackTheBox: Information Gathering | https://medium.com/@rodripadisec/hackthebox-information-gathering-7af3526f13f5?source=rss------bug_bounty-5 | pad1ryoshi | reconnaissance, web3, hackthebox-academy, hackthebox, bug-bounty | 10-Nov-2024 |
Understanding Common Windows Commands and How Threat Actors Use Them: | https://medium.com/@wtrentond/understanding-common-windows-commands-and-how-threat-actors-use-them-34298408e163?source=rss------bug_bounty-5 | Trent W | tech, cybersecurity, microsoft, bug-bounty, technology | 10-Nov-2024 |
Double Race Condition : Breaking Rules | https://sayedv2.medium.com/double-race-condition-breaking-rules-88850372afb8?source=rss------bug_bounty-5 | Mohamed Sayed | cybersecurity, bugbounty-writeup, race-condition, bugbounty-tips, bug-bounty | 10-Nov-2024 |
Ethical Hacking — How It Helps Prevent Cyber Attacks | https://medium.com/@RocketMeUpCybersecurity/ethical-hacking-how-it-helps-prevent-cyber-attacks-41d3d791c7c9?source=rss------bug_bounty-5 | RocketMe Up Cybersecurity | ethical-hacking, bug-bounty, cyberattack, penetration-testing, vulnerability-assessment | 10-Nov-2024 |
Hackers Evade Detection with New ZIP File Concatenation Technique! | https://medium.com/@wiretor/hackers-evade-detection-with-new-zip-file-concatenation-technique-3bd29544f96e?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ransom, bug-bounty, hacking, pentesting, malware | 10-Nov-2024 |
HackTheBox: Information Gathering | https://pad1ryoshi.medium.com/hackthebox-information-gathering-7af3526f13f5?source=rss------bug_bounty-5 | pad1ryoshi | reconnaissance, web3, hackthebox-academy, hackthebox, bug-bounty | 10-Nov-2024 |
30 Books To Learn H@acking | https://osintteam.blog/30-books-to-learn-h-acking-2911c57f148c?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | programming, bug-bounty, books, technology, hacking | 10-Nov-2024 |
Understanding Common Windows Commands and How Threat Actors Use Them: | https://medium.com/@wtrentond/understanding-common-windows-commands-and-how-threat-actors-use-them-34298408e163?source=rss------bug_bounty-5 | Trent W | tech, artificial-intelligence, cybersecurity, bug-bounty, technology | 10-Nov-2024 |
Possible subdomain takeovers gives me 1000 dollars | https://medium.com/lucky-vulnerabilities/possible-subdomain-takeovers-gives-me-1000-dollars-9f3ad682ddce?source=rss------bug_bounty-5 | Lucky Vulnerabilities | bug-bounty, bug-bounty-tips, bug-hunting, updates, news | 10-Nov-2024 |
BugBounty — Mastering the Basics (along with Resources)[Part-3] | https://medium.com/@iabhipathak/bugbounty-mastering-the-basics-along-with-resources-part-3-1619f6854e20?source=rss------bug_bounty-5 | Abhinav Pathak | security, privacy, cybersecurity, hacking, bug-bounty | 09-Nov-2024 |
Analyzing JavaScript Files for Retrieving Admin Credentials | https://medium.com/@abdullah12987654/analyzing-javascript-files-for-retrieving-admin-credentials-0c6f25ff507a?source=rss------bug_bounty-5 | Abdullah | web-vulnerabilities, pentesting, cyber-security-services, hacking, bug-bounty | 09-Nov-2024 |
IDOR and Excessive Data Exposure in Mobile Application — The Tale of an IDOR # 02 | https://medium.com/@abdullah12987654/idor-and-excessive-data-exposure-in-mobile-application-9bab953ea2b6?source=rss------bug_bounty-5 | Abdullah | bug-bounty, idor-vulnerability, hacking, cyber-security-services, pentesting | 09-Nov-2024 |
Username restrictions bypass on Hackerone program | https://medium.com/@bugbounty_learners/username-restrictions-bypass-on-hackerone-program-61f4c8ff8b44?source=rss------bug_bounty-5 | bugbounty_learners | bug-bounty-writeup, bug-bounty, bug-zero, bug-bounty-tips, bugs | 09-Nov-2024 |
API Security Penetration Testing Checklist | https://infosecwriteups.com/api-security-testing-penetration-testing-checklist-bb2969906ec1?source=rss------bug_bounty-5 | Ajay Naik | infosec, information-security, information-technology, bug-bounty, cybersecurity | 09-Nov-2024 |
how i found 3 open redirect bugs on hackerone public program? | https://doordiefordream.medium.com/how-i-found-3-open-redirect-bugs-on-hackerone-public-program-d6f75850996b?source=rss------bug_bounty-5 | balu bandi | ethical-hacking, hacking, cybersecurity, vulnerability, bug-bounty | 09-Nov-2024 |
How I Accidentally Found a ‘Cache Magic Trick’ — aka Unauthenticated PURGE on Varnish (Hold My… | https://medium.com/@mayankmalaviya3/how-i-accidentally-found-a-cache-magic-trick-aka-unauthenticated-purge-on-varnish-hold-my-5e13e5056618?source=rss------bug_bounty-5 | Mayank Malaviya (Aiwolfie) | bug-bounty, unauthenticated-purge, penetration-testing, security, unauthenticated | 09-Nov-2024 |
“Hack Smarter, Not Harder: Google Dorks for Fast Bug Hunting and Recon” | https://myselfakash20.medium.com/hack-smarter-not-harder-google-dorks-for-fast-bug-hunting-and-recon-3029a4004cfd?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty-tips, bugs, bug-bounty, bug-bounty-writeup | 09-Nov-2024 |
John the Ripper in Cybersecurity | https://infosecwriteups.com/john-the-ripper-in-cybersecurity-46c8f5c3a99f?source=rss------bug_bounty-5 | Ajay Naik | cybersecurity-training, cybersecurity, bug-bounty, information-technology, penetration-testing | 09-Nov-2024 |
Predicting Cyber Threats: Can We Use Threat Intelligence to Forecast Attacks Like Weather? | https://medium.com/@paritoshblogs/predicting-cyber-threats-can-we-use-threat-intelligence-to-forecast-attacks-like-weather-4f57175b25ec?source=rss------bug_bounty-5 | Paritosh | information-technology, bug-bounty, hacking, threat-intelligence, cybersecurity | 09-Nov-2024 |
Critical Vulnerabilities in Aruba Access Points: What You Need to Know! | https://medium.com/@wiretor/critical-vulnerabilities-in-aruba-access-points-what-you-need-to-know-7053d6349bf1?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | pentesting, malware, bug-bounty, ransomware, hacking | 09-Nov-2024 |
D-Link Exposes 60,000+ NAS Devices to Unpatched Critical Flaw | https://medium.com/@wiretor/d-link-exposes-60-000-nas-devices-to-unpatched-critical-flaw-c06b62cf67e9?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | ransomware, hacking, xss-attack, malware, bug-bounty | 09-Nov-2024 |
Critical Veeam RCE Vulnerability Exploited in New Frag Ransomware Attacks | https://medium.com/@wiretor/critical-veeam-rce-vulnerability-exploited-in-new-frag-ransomware-attacks-ae75d32f6bb0?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, hacking, malware, ransomware, xss-attack | 09-Nov-2024 |
Palo Alto Networks Warns of Potential PAN-OS RCE Vulnerability! ️ | https://medium.com/@wiretor/palo-alto-networks-warns-of-potential-pan-os-rce-vulnerability-%EF%B8%8F-148d8b8da5a9?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, xss-attack, malware, hacking, ransomware | 09-Nov-2024 |
How to Integrate Artificial Intelligence in Bug Bounty? | https://bitpanic.medium.com/how-to-integrate-artificial-intelligence-in-bug-bounty-fab592ae6c80?source=rss------bug_bounty-5 | Spectat0rguy | bug-bounty, cybersecurity, ai, penetration-testing | 09-Nov-2024 |
My Obsidian Setup | https://cybersechemmars.medium.com/my-obsidian-setup-b3e96516feaa?source=rss------bug_bounty-5 | Cybersec with Hemmars | notetaking, cybersecurity, notes, bug-bounty, obsidian | 09-Nov-2024 |
Broken Authentication: Full Methodology for Identifying and Exploiting Vulnerabilities | https://dineshpathro9.medium.com/broken-authentication-full-methodology-for-identifying-and-exploiting-vulnerabilities-63a55c3d4399?source=rss------bug_bounty-5 | hunter | bug-zero, bug-bounty, bugs, bug-bounty-tips, bug-bounty-writeup | 09-Nov-2024 |
Advanced Techniques for CSRF (Cross-Site Request Forgery) Attacks: A Full Methodology Guide | https://dineshpathro9.medium.com/advanced-techniques-for-csrf-cross-site-request-forgery-attacks-a-full-methodology-guide-8db29faecc01?source=rss------bug_bounty-5 | hunter | bug-bounty-tips, csrf, bug-zero, bugs, bug-bounty | 09-Nov-2024 |
CVE-2023–27350 : PaperCut Tryhackme Write up | https://jawstar.medium.com/cve-2023-27350-papercut-tryhackme-write-up-2237fe48d3a7?source=rss------bug_bounty-5 | Jawstar | technology, bug-bounty, tryhackme, software-development, cybersecurity | 09-Nov-2024 |
Escalating RXSS with HttpOnly SameSite Session Cookies | https://medium.com/@dhakatedeep909/escalating-rxss-with-httponly-samesite-session-cookies-a1ba3b9e50c1?source=rss------bug_bounty-5 | Deep Dhakate AKA intrud3r | cybersecurity, hacking, bug-bounty | 09-Nov-2024 |
RCE by finding secret hidden files via Encryption and hashing | https://medium.com/@karim.engmohamed/%D8%A7%D9%84%D8%B3%D9%84%D8%A7%D9%85-%D8%B9%D9%84%D9%8A%D9%83%D9%85-e37717c23cfd?source=rss------bug_bounty-5 | Karim Mohamed | hacker, cybersecurity, hackerone, bug-bounty, bug-bounty-tips | 09-Nov-2024 |
Fast Setup Mobile Apps Pentest With Burpsuite And memu | https://zucki.medium.com/fast-setup-mobile-apps-pentest-with-burpsuite-and-memu-567d661b6bb9?source=rss------bug_bounty-5 | Marzucki | android-pentesting, android, pentesting, mobile-apps, bug-bounty | 08-Nov-2024 |
Why is recon so very important? API key exposure by only recon | https://medium.com/@karim.engmohamed/why-is-recon-so-very-important-api-key-exposure-by-only-recon-f8aff4ab1ac3?source=rss------bug_bounty-5 | Karim Mohamed | cybersecurity, hacking, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 08-Nov-2024 |
Advanced Google Dorking Techniques for Bug Bounty Hunting: Finding Responsible Disclosure Programs… | https://dineshpathro9.medium.com/advanced-google-dorking-techniques-for-bug-bounty-hunting-finding-responsible-disclosure-programs-5a00a0d9d0e9?source=rss------bug_bounty-5 | DiNeSh_PaThRo | bug-bounty, bugbounty-writeup, web-app-security, dorks, bug-bounty-tips | 08-Nov-2024 |
Metasploit Guide :- Main weapon of Hackers | https://medium.com/@anandrishav2228/metasploit-guide-main-weapon-of-hackers-a791e72df686?source=rss------bug_bounty-5 | Rishav anand | metasploit, cybersecurity, money, hacker, bug-bounty | 08-Nov-2024 |
SQL Injection UNION Attack, Finding a Column Containing Text | https://medium.com/@marduk.i.am/sql-injection-union-attack-finding-a-column-containing-text-ee28ff48eb30?source=rss------bug_bounty-5 | Marduk I Am | sqli, portswigger-lab, bug-bounty, infosec, sql-injection | 08-Nov-2024 |
What to Do After Choosing a Bug Bounty Target? Part 2 | Bug Bounty Guide | https://medium.com/@js8971105/what-to-do-after-choosing-a-bug-bounty-target-part-2-bug-bounty-guide-811affb17572?source=rss------bug_bounty-5 | cyberghost | info-sec-writeups, ethical-hacking, reconnaissance-techniques, bug-bounty, cybersecurity | 08-Nov-2024 |
CyberDef Dokumentasi | Time-Based Blind SQLI | https://hack4funacademy.medium.com/cyberdef-dokumentasi-time-based-blind-sqli-7db756ddf2ad?source=rss------bug_bounty-5 | Hack4Fun Academy | bug-bounty, hacking, cybersecurity | 08-Nov-2024 |
Finding My First Bug: The Power of Understanding Website Logic ♀️ | https://medium.com/@mahdisalhi0500/finding-my-first-bug-the-power-of-understanding-website-logic-%EF%B8%8F-4197dd08cf29?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | infosec, bug-bounty, bug-bounty-tips, ethical-hacking, information-security | 08-Nov-2024 |
How to Get Started in Web App Bug Bounty: Practical Steps to Keep You Motivated! ️♂️ | https://medium.com/@soorajv910/how-to-get-started-in-web-app-bug-bounty-practical-steps-to-keep-you-motivated-%EF%B8%8F-%EF%B8%8F-c6c1507c84fd?source=rss------bug_bounty-5 | sooraj v | hacking, bug-bounty, bugcrowd, bug-bounty-tips, hackerone | 08-Nov-2024 |
How i earned easy$$$ by deleting user comments on any post | https://medium.com/thedeephub/how-i-earned-easy-by-deleting-user-comments-on-any-post-c2e226f2157a?source=rss------bug_bounty-5 | Le_Merdien | pentesting, cybersecurity, bug-bounty, penetration-testing, hacker | 08-Nov-2024 |
“XSS ve Context Örnekleri” | https://medium.com/@sgzldmrc/xss-ve-context-%C3%B6rnekleri-6ba2bc976c1f?source=rss------bug_bounty-5 | Serdar Güzeldemirci | xss-attack, bug-bounty, cyber-security-awareness, xss-bypass | 08-Nov-2024 |
How to Prepare for the OSEP Roadmap — A Comprehensive Guide for Cybersecurity Professionals | https://medium.com/@verylazytech/how-to-prepare-for-the-osep-roadmap-a-comprehensive-guide-for-cybersecurity-professionals-f3fecede5919?source=rss------bug_bounty-5 | Very Lazy Tech | hacking, ethical-hacking, bug-bounty, osep, cybersecurity | 08-Nov-2024 |
20 Open Redirect Bugs in Few Minutes | https://systemweakness.com/20-open-redirect-bugs-in-few-minutes-c9fdabf75642?source=rss------bug_bounty-5 | AbhirupKonwar | pentesting, bug-bounty, bug-bounty-tips, cybersecurity, vulnerability | 08-Nov-2024 |
Web App Fingerprinting in 9 Steps | https://bitpanic.medium.com/web-app-fingerprinting-in-9-steps-5b86615b56f7?source=rss------bug_bounty-5 | Spectat0rguy | bug-bounty, cybersecurity, bugbounty-tips | 08-Nov-2024 |
Email HTML injection with a simple tip | https://medium.com/@mohamed.yasser442200/email-html-injection-with-a-simple-tip-aeab346fbefc?source=rss------bug_bounty-5 | Spider4 | bug-bounty, hunting, bugcrowd, cybersecurity, pentesting | 08-Nov-2024 |
Unpatched Vulnerabilities in Mazda Infotainment Systems Pose Serious Security Risks | https://medium.com/@wiretor/unpatched-vulnerabilities-in-mazda-infotainment-systems-pose-serious-security-risks-b634ae8883d8?source=rss------bug_bounty-5 | WIRE TOR | bug-bounty, malware, ransomware, hacking, pentesting | 08-Nov-2024 |
Texas Oilfield Supplier Newpark Resources Hit by Ransomware Attack | https://medium.com/@wiretor/texas-oilfield-supplier-newpark-resources-hit-by-ransomware-attack-fc374aa6b8dc?source=rss------bug_bounty-5 | WIRE TOR | bug-bounty, ransomware, pentesting, malware, hacking | 08-Nov-2024 |
Malwarebytes Acquires AzireVPN to Enhance Privacy and Security Offerings | https://medium.com/@wiretor/malwarebytes-acquires-azirevpn-to-enhance-privacy-and-security-offerings-194b3bf42554?source=rss------bug_bounty-5 | WIRE TOR | bug-bounty, ransomware, hacking, pentesting, malware | 08-Nov-2024 |
Hackers Leveraging Winos4.0: A Growing Threat in Post-Exploitation Attacks | https://medium.com/@wiretor/hackers-leveraging-winos4-0-a-growing-threat-in-post-exploitation-attacks-e830dac3766b?source=rss------bug_bounty-5 | WIRE TOR | malware, hacking, ransomware, bug-bounty, xss-attack | 08-Nov-2024 |
A Comprehensive Toolkit for Web Penetration Testing and Bug Hunting | https://dineshpathro9.medium.com/a-comprehensive-toolkit-for-web-penetration-testing-and-bug-hunting-21a7b01d722f?source=rss------bug_bounty-5 | DiNeSh_PaThRo | bug-bounty, bug-zero, hacking, bug-bounty-tips, web-app-security | 08-Nov-2024 |
Top Search Engines for Pentesters | https://osintteam.blog/top-search-engines-for-pentesters-6fa90ffb6aa0?source=rss------bug_bounty-5 | D.Haddad | cybersecurity, bug-bounty, penetration-testing, hacking-tools, osint | 08-Nov-2024 |
Unpatched Vulnerabilities in Mazda Infotainment Systems Pose Serious Security Risks | https://medium.com/@wiretor/unpatched-vulnerabilities-in-mazda-infotainment-systems-pose-serious-security-risks-b634ae8883d8?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, malware, ransomware, hacking, pentesting | 08-Nov-2024 |
Texas Oilfield Supplier Newpark Resources Hit by Ransomware Attack | https://medium.com/@wiretor/texas-oilfield-supplier-newpark-resources-hit-by-ransomware-attack-fc374aa6b8dc?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, ransomware, pentesting, malware, hacking | 08-Nov-2024 |
Malwarebytes Acquires AzireVPN to Enhance Privacy and Security Offerings | https://medium.com/@wiretor/malwarebytes-acquires-azirevpn-to-enhance-privacy-and-security-offerings-194b3bf42554?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | bug-bounty, ransomware, hacking, pentesting, malware | 08-Nov-2024 |
Hackers Leveraging Winos4.0: A Growing Threat in Post-Exploitation Attacks | https://medium.com/@wiretor/hackers-leveraging-winos4-0-a-growing-threat-in-post-exploitation-attacks-e830dac3766b?source=rss------bug_bounty-5 | WIRE TOR - The Ethical Hacking Services | malware, hacking, ransomware, bug-bounty, xss-attack | 08-Nov-2024 |
Google Dorking in Bug Hunting: Uncovering Hidden Vulnerabilities | https://myselfakash20.medium.com/google-dorking-in-bug-hunting-uncovering-hidden-vulnerabilities-aebe773f73be?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty, bug-bounty-writeup, dorking, bugs, bug-bounty-tips | 07-Nov-2024 |
My first acknowledgement from Government NCIIPC India (A unit of NTRO) of my bug Bounty journey… | https://medium.com/@subhajit_taki77/my-first-acknowledgement-from-government-nciipc-india-a-unit-of-ntro-of-my-bug-bounty-journey-fda6637766f9?source=rss------bug_bounty-5 | Subhajit_Taki77 | cybersecurity, bug-bounty, acknowledgement, nciipc | 07-Nov-2024 |
Bypass Rich Text Editors lead to Stored XSS - $500 Rewards | https://medium.com/@bugbounty_learners/bypass-rich-text-editors-lead-to-stored-xss-500-rewards-077e22eba20f?source=rss------bug_bounty-5 | bugbounty_learners | bug-bounty-writeup, bug-bounty, bugs, bug-bounty-tips | 07-Nov-2024 |
Why Bug Bounty Failures Occur — Key Insights for Success | https://r3dw4n4hm3d.medium.com/why-bug-bounty-failures-occur-key-insights-for-success-2813349c5e1a?source=rss------bug_bounty-5 | R3DW4N 4HM3D | bug-bounty, vulnerabilityresearch, cybersecurity, ethical-hacking | 07-Nov-2024 |
Exploring the OWASP API Security Top 10: A Guide to Securing Your APIs | https://medium.com/@ad.abhi0013/exploring-the-owasp-api-security-top-10-a-guide-to-securing-your-apis-5ee4456cb9c3?source=rss------bug_bounty-5 | Abhishek Adhikari | bug-bounty, owasp-api-security-top-10, api | 07-Nov-2024 |
Account Takeover for Google SSO Users | https://7odamoo.medium.com/account-takeover-for-google-sso-users-b50f99b49f0d?source=rss------bug_bounty-5 | Mahmoud Hamed | bug-bounty, pentesting | 07-Nov-2024 |
From an Out-of-Scope Bug to Unlocking Lifetime Premium Accounts in Mozilla | https://0d-amr.medium.com/from-an-out-of-scope-bug-to-unlocking-lifetime-premium-accounts-in-mozilla-fe96371d814c?source=rss------bug_bounty-5 | Amr | ctf, bug-bounty, penetration-testing, cyber-secuity | 07-Nov-2024 |
Exposing hidden DOS techniques laying in plain sight. | https://medium.com/@omarahmed_13016/exposing-hidden-dos-techniques-laying-in-plain-sight-29965ab1d53b?source=rss------bug_bounty-5 | Omar Ahmed | hacking, vulnerability, bug-bounty-writeup, bug-bounty, bug-bounty-tips | 07-Nov-2024 |
No Rate Limiting — Bug | https://medium.com/@Jitheshjithu/no-rate-limiting-bug-7107cfc5d175?source=rss------bug_bounty-5 | Jithesh | bug-bounty-writeup, no-rate-limit, bugs, bug-bounty, bug-bounty-tips | 07-Nov-2024 |
Canada Orders TikTok to Close Canadian Operations Amid Growing Security Concerns | https://medium.com/@wiretor/canada-orders-tiktok-to-close-canadian-operations-amid-growing-security-concerns-45b40c461986?source=rss------bug_bounty-5 | WIRE TOR | hacking, xss-attack, malware, bug-bounty, pentesting | 07-Nov-2024 |
SteelFox Malware Hits Hard: Protect Your System This Black Friday & Cyber Monday with 50% Off… | https://medium.com/@wiretor/steelfox-malware-hits-hard-protect-your-system-this-black-friday-cyber-monday-with-50-off-d96831583b9e?source=rss------bug_bounty-5 | WIRE TOR | hacking, breached, bug-bounty, malware, usa | 07-Nov-2024 |
How to Find CSRF Vulnerabilities Using Kali Linux: A Full Methodology | https://dineshpathro9.medium.com/how-to-find-csrf-vulnerabilities-using-kali-linux-a-full-methodology-070a21aee0b5?source=rss------bug_bounty-5 | DiNeSh_PaThRo | bug-bounty-tips, bug-bounty, hacking, csrf, bugbounty-writeup | 07-Nov-2024 |
North Korean Hackers Target macOS Users with Fake Crypto PDFs | https://medium.com/@wiretor/north-korean-hackers-target-macos-users-with-fake-crypto-pdfs-d6d93c347dfe?source=rss------bug_bounty-5 | WIRE TOR | usa, pentesting, malware, hacking, bug-bounty | 07-Nov-2024 |
Uygulamalarla XSS’e Gerçekçi Bir Yaklaşım | https://medium.com/@sgzldmrc/uygulamalarla-xsse-ger%C3%A7ek%C3%A7i-bir-yakla%C5%9F%C4%B1m-a3e82ae0be3a?source=rss------bug_bounty-5 | Serdar Güzeldemirci | xss-attack, bug-bounty, xss-vulnerability, web-app-security, cross-site-scripting | 07-Nov-2024 |
OAuth Misconfiguration Pre-Account Takeover | https://medium.com/h7w/oauth-misconfiguration-pre-account-takeover-535beb8d1987?source=rss------bug_bounty-5 | socalledhacker | infosec, hacking, bug-bounty-tips, cybersecurity, bug-bounty | 07-Nov-2024 |
China-Aligned MirrorFace Hackers Target EU Diplomats with World Expo 2025 Bait | https://medium.com/@wiretor/china-aligned-mirrorface-hackers-target-eu-diplomats-with-world-expo-2025-bait-a289ad3ec600?source=rss------bug_bounty-5 | WIRE TOR | bug-bounty, hacking, malware, usa, xss-attack | 07-Nov-2024 |
How To Automate Your Broad Scope Recon | https://thexssrat.medium.com/how-to-automate-your-broad-scope-recon-a4ff998dea0e?source=rss------bug_bounty-5 | Thexssrat | bug-bounty-writeup, hacks, bug-bounty-tips, hacking, bug-bounty | 07-Nov-2024 |
Understanding Broken Access Control (BAC): A Comprehensive Guide | https://thexssrat.medium.com/understanding-broken-access-control-bac-a-comprehensive-guide-c0e325c43b04?source=rss------bug_bounty-5 | Thexssrat | hacking, broken-access-control, hacker, hacks, bug-bounty | 07-Nov-2024 |
Developers Don’t Care About Security | https://medium.com/@krishanthan2022.4.4/developers-dont-care-about-security-e4814ecc4907?source=rss------bug_bounty-5 | R.Krishanthan | bug-bounty, web-security, penetration-testing, vulnerability, development | 06-Nov-2024 |
Stored HTML Injection to Stored Url Redirection | https://medium.com/@abdullah12987654/stored-html-injection-to-stored-url-redirection-40a1c8452f12?source=rss------bug_bounty-5 | Abdullah | html-injection, url-redirection, hacking, bug-bounty, pentesting | 06-Nov-2024 |
FUZZING That Leads to Internal Source Code! | https://medium.com/@rootplinix/fuzzing-that-leads-to-internal-source-code-ef992143c015?source=rss------bug_bounty-5 | Abu Hurayra | infosec, cybersecurity, bug-bounty, hacking | 06-Nov-2024 |
OAuth Under Siege: The Dangers of Account Impersonation | https://medium.com/@ProwlSec/oauth-under-siege-the-dangers-of-account-impersonation-df0e780f1c4f?source=rss------bug_bounty-5 | ProwlSec | hacking, tips, account-takeover, bug-bounty, bug-hunting | 06-Nov-2024 |
How I Earned $350 Exploiting Clickjacking Vulnerability to Trigger XSS Attack | https://medium.com/@abdulparkar/how-i-earned-350-exploiting-clickjacking-vulnerability-to-trigger-xss-attack-23b3216ca640?source=rss------bug_bounty-5 | Abdul Rehman Parkar | bug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking, ethical-hacking | 06-Nov-2024 |
SQL Injection UNION Attack, Determining the Number of Columns Returned by the Query | https://medium.com/@marduk.i.am/sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-a740b76989fe?source=rss------bug_bounty-5 | Marduk I Am | portswigger-lab, bug-bounty, sql-injection, sqli, information-security | 06-Nov-2024 |
XSS Restction bypass on Hackerone program | https://medium.com/@bugbounty_learners/xss-restction-bypass-on-hackerone-program-a7b37636425d?source=rss------bug_bounty-5 | bugbounty_learners | bug-bounty, pentesting, bugs, bug-bounty-tips, cybersecurity | 06-Nov-2024 |
A Step-by-Step Guide to the Bug Hunting Process: From Reconnaissance to Reporting | https://myselfakash20.medium.com/a-step-by-step-guide-to-the-bug-hunting-process-from-reconnaissance-to-reporting-9991b06314b8?source=rss------bug_bounty-5 | Akash Ghosh | bug-bounty-tips, bugbounty-writeup, bug-bounty-writeup, bug-hunting, bug-bounty | 06-Nov-2024 |
Mastering Bug Hunting: A Beginner’s Guide to Effective Methodologies | https://medium.com/@secinfinitylabs/mastering-bug-hunting-a-beginners-guide-to-effective-methodologies-fc7491625645?source=rss------bug_bounty-5 | Secinfinity Labs | bug-hunting, infosecurity, cybersecurity, bug-bounty-tips, bug-bounty | 06-Nov-2024 |
Bug Hunting Recon | https://medium.com/@prajwalpatil453/bug-hunting-recon-840455f4d71a?source=rss------bug_bounty-5 | Anonstrk | bug-bounty, reconnaissance, bug-bounty-tips, methodology | 06-Nov-2024 |
Manipulated All Files on Server of a HackerOne Target | https://systemweakness.com/manipulated-all-files-on-server-of-a-hackerone-target-7b60a6dad117?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty, pentesting, bug-bounty-tips, infosec, cybersecurity | 06-Nov-2024 |
My First and easiest Bug i have found | https://aboalezz1.medium.com/my-first-and-easiest-bug-i-have-found-3b7daee5d2f9?source=rss------bug_bounty-5 | Mohamed AboAlezz | web-hacking, bug-hunting, bug-bounty, bug-bounty-writeup, bug-bounty-tips | 06-Nov-2024 |
Understanding Types of Privileged Accounts and Their Security Risks | https://bitpanic.medium.com/understanding-types-of-privileged-accounts-and-their-security-risks-935605f2232c?source=rss------bug_bounty-5 | Bit Panic | cybersecurity, bugbounty-writeup, bug-bounty | 06-Nov-2024 |
All About JWT Vulnerabilities | https://medium.com/@0x_xnum/all-about-jwt-vulnerabilities-ef7314c4dd02?source=rss------bug_bounty-5 | Ahmed Tarek | jwt-exploitation, bugbounty-writeup, bug-bounty, authentication, hacking | 06-Nov-2024 |
Most Commonly Used Tools in Bug Bounty | https://medium.com/@halildeniz313/most-commonly-used-tools-in-bug-bounty-4603382ecee3?source=rss------bug_bounty-5 | Halildeniz | web-security, cyber-security-awareness, bug-bounty-tips, cybersecurity, bug-bounty | 06-Nov-2024 |
An IDOR and Auth Bypass That Led to Mass Account Takeover — KSFE | https://1-day.medium.com/an-idor-and-auth-bypass-that-led-to-mass-account-takeover-ksfe-db04cec8d730?source=rss------bug_bounty-5 | 1day | bug-bounty-writeup, hacking, bug-bounty, penetration-testing, writeup | 06-Nov-2024 |
⚠️ Cyberattack Causes Statewide Outage in Washington Courts | https://medium.com/@wiretor/%EF%B8%8F-cyberattack-causes-statewide-outage-in-washington-courts-cb9bcd6264a4?source=rss------bug_bounty-5 | WIRE TOR | xss-attack, malware, usa, hacking, bug-bounty | 06-Nov-2024 |
Nokia Breached by IntelBroker: Source Code Allegedly Stolen | https://medium.com/@wiretor/nokia-breached-by-intelbroker-source-code-allegedly-stolen-a1fa5b62a10a?source=rss------bug_bounty-5 | WIRE TOR | malware, hacked, bug-bounty, hacking, xss-attack | 06-Nov-2024 |
INTERPOL Disrupts Over 22,000 Malicious Servers in Global Crackdown on Cybercrime | https://medium.com/@wiretor/interpol-disrupts-over-22-000-malicious-servers-in-global-crackdown-on-cybercrime-9f4e2840dc6e?source=rss------bug_bounty-5 | WIRE TOR | bug-bounty, pentesting, malware, xss-attack, hacking | 06-Nov-2024 |
Microchip Technology Reports $21.4 Million Loss From Ransomware Attack | https://medium.com/@wiretor/microchip-technology-reports-21-4-million-loss-from-ransomware-attack-a123d2609b91?source=rss------bug_bounty-5 | WIRE TOR | bug-bounty, malware, trump, usa, hacking | 06-Nov-2024 |
Bypassing Promo Code Validation via Response Manipulation Enabled the Creation of a Business… | https://anas0x1.medium.com/bypassing-promo-code-validation-via-response-manipulation-enabled-the-creation-of-a-business-3f926b19c0bb?source=rss------bug_bounty-5 | Anas Ibrahim | penetration-testing, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 06-Nov-2024 |
IDOR Vulnerability Allowed the Deletion of Any User from an Administrator Account. | https://anas0x1.medium.com/idor-vulnerability-allowed-the-deletion-of-any-user-from-an-administrator-account-da64e79ce1b0?source=rss------bug_bounty-5 | Anas Ibrahim | bug-bounty, bug-bounty-tips, bug-bounty-writeup, penetration-testing, idor | 06-Nov-2024 |
Behind the Scenes: How I Hacked one of the largest Amusement Park in the Philippines. | https://medium.com/hacking101/behind-the-scenes-how-i-hacked-one-of-the-largest-amusement-park-in-the-philippines-be38566ed563?source=rss------bug_bounty-5 | Pwndec0c0 | bug-bounty-tips, bug-bounty-writeup, penetration-testing, bug-bounty, hacking | 06-Nov-2024 |
Essential Bug Hunting Tools for Beginners: Start Your Journey in Cybersecurity | https://myselfakash20.medium.com/essential-bug-hunting-tools-for-beginners-start-your-journey-in-cybersecurity-ea51e1f26068?source=rss------bug_bounty-5 | Akash Ghosh | bugbounty-writeup, bug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 05-Nov-2024 |
How I Got Paid for an Out-of-Scope Vulnerability | https://medium.com/@abdulparkar/how-i-got-paid-for-an-out-of-scope-vulnerability-4e51eb93db5c?source=rss------bug_bounty-5 | Abdul Rehman Parkar | bug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips, infosec-write-ups | 05-Nov-2024 |
Remote Code Execution (RCE): An In-Depth Guide with practical | https://medium.com/@anandrishav2228/remote-code-execution-rce-an-in-depth-guide-with-practical-7082a7e17e97?source=rss------bug_bounty-5 | Rishav anand | cybersecurity, money, ai, hacker, bug-bounty | 05-Nov-2024 |
IDOR Leading To Improper Access Control | https://medium.com/@shadykhaled2002/idor-leading-to-improper-access-control-c3999aa28fc4?source=rss------bug_bounty-5 | Le_Merdien | cybersecurity, bug-bounty, pentesting, penetration-testing | 05-Nov-2024 |
Alert: Reflected XSS Detected | https://osintteam.blog/alert-reflected-xss-detected-57850c34a61e?source=rss------bug_bounty-5 | Dishant Modi | xss-attack, penetration-testing, bug-bounty-tips, bug-bounty, cybersecurity | 05-Nov-2024 |
Lesser-Known Tools for Web Bug Bounty Hunting | https://medium.com/@halildeniz313/lesser-known-tools-for-web-bug-bounty-hunting-e10a95fa25bd?source=rss------bug_bounty-5 | Halildeniz | web-security, cyber-security-awareness, bug-bounty-tips, bug-bounty, cybersecurity | 05-Nov-2024 |
Vulnerabilities Weaponizing — Cross-site Scripting (XSS) | https://medium.com/@aufzayed/vulnerabilities-weaponizing-cross-site-scripting-xss-608a4f45321c?source=rss------bug_bounty-5 | Abdelrhman Zayed | exploit-development, red-teaming, penetration-testing, cybersecurity, bug-bounty | 05-Nov-2024 |
€50 bounty — Long String DOS Attack Bug and POC Steps | https://medium.com/h7w/50-bounty-long-string-dos-attack-bug-and-poc-steps-eaa8a5777263?source=rss------bug_bounty-5 | socalledhacker | cybersecurity, infosec, bug-bounty, bug-bounty-tips, hacking | 05-Nov-2024 |
Zero-Day FOMO: The Fear of Missing Out on the Next Big Exploit | https://medium.com/@paritoshblogs/zero-day-fomo-the-fear-of-missing-out-on-the-next-big-exploit-d3b42d35323c?source=rss------bug_bounty-5 | Paritosh | zero-day, vulnerability, cybersecurity, hacking, bug-bounty | 05-Nov-2024 |
SIP OPTIONS Abuse And Flood Vulnerability (exploit Voip) | https://medium.com/@zpx15266/sip-options-abuse-and-flood-vulnerability-exploit-voip-b9bc030909ae?source=rss------bug_bounty-5 | ramzey elsayed mohamed | bug-bounty-writeup, penetration-testing, bug-bounty, bug-bounty-tips, bugs | 05-Nov-2024 |
How I Got Paid for an Out-of-Scope Vulnerability $$$ | https://medium.com/@abdulparkar/how-i-got-paid-for-an-out-of-scope-vulnerability-4e51eb93db5c?source=rss------bug_bounty-5 | Abdul Rehman Parkar | bug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips, infosec-write-ups | 05-Nov-2024 |
Tips to Avoid Duplicates or N/A Reports in Bug Bounty Programs | https://bitpanic.medium.com/tips-to-avoid-duplicates-or-n-a-reports-in-bug-bounty-programs-a067a4e54d5e?source=rss------bug_bounty-5 | Bit Panic | cybersecurity, bug-bounty | 05-Nov-2024 |
55 YouTube Channels to Learn HACKING!!!!! | https://osintteam.blog/55-youtube-channels-to-learn-hacking-b5167d3125d9?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | bug-bounty, hacking, technology, programming, cybersecurity | 05-Nov-2024 |
How I found my first bug! | https://medium.com/@karim.engmohamed/how-i-found-my-first-bug-b1f21046deb7?source=rss------bug_bounty-5 | Karim Mohamed | python, bug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty | 05-Nov-2024 |
Unleashing the Bug Hunter Within: A Curated Toolkit and Proven Process | https://pwndecoco.medium.com/unleashing-the-bug-hunter-within-a-curated-toolkit-and-proven-process-fb2f89c7f1f0?source=rss------bug_bounty-5 | Pwndec0c0 | programming, cybersecurity, penetration-testing, bug-bounty, hacking | 05-Nov-2024 |
Google Fixes Dangerous Android Exploits | https://medium.com/@wiretor/google-fixes-dangerous-android-exploits-6e6be3465e6c?source=rss------bug_bounty-5 | WIRE TOR | usa, hacking, breached, malware, bug-bounty | 05-Nov-2024 |
Easy logic bug that leaks the email for every user | https://medium.com/@banertheinrich/easy-logic-bug-that-leaks-the-email-for-every-user-ef2d9d0cf088?source=rss------bug_bounty-5 | Adham Heinrich | bug-bounty, cybersecurity, hackerone, bug-bounty-tips, bug-bounty-writeup | 04-Nov-2024 |
Panduan “Bug Bounty Programs pada Aplikasi Laravel” berdasarkan kerangka yang telah disusun: | https://medium.com/@_azwar/panduan-bug-bounty-programs-pada-aplikasi-laravel-berdasarkan-kerangka-yang-telah-disusun-7cc3b230397c?source=rss------bug_bounty-5 | azwar | laravel, bug-bounty | 04-Nov-2024 |
Cloud flare bypass leads to Account Takeover via Password Reset Poisoning | https://medium.com/@abdulparkar/cloud-flare-bypass-leads-to-account-takeover-via-password-reset-poisoning-ba349d784b97?source=rss------bug_bounty-5 | Abdul Rehman Parkar | bug-bounty, ethical-hacking, bug-bounty-writeup, cybersecurity, bug-bounty-tips | 04-Nov-2024 |
How to Find the Best Resources for Learning Bug Bounty and Cybersecurity |PRO Tip | https://medium.com/@shaikhminhaz1975/how-to-find-the-best-resources-for-learning-bug-bounty-and-cybersecurity-pro-tip-d5e915e82539?source=rss------bug_bounty-5 | Shaikh Minhaz | penetration-testing, best, cybersecurity, bug-bounty, ethical-hacking | 04-Nov-2024 |
Vibe Yo’Tribe | https://medium.com/@onelovemafia/vibe-yotribe-3d8a0c098ee2?source=rss------bug_bounty-5 | OneLoveMafia | climate-change, machine-learning, bug-bounty, blockchain, philosophy | 04-Nov-2024 |
How to Configure Proxies in Browser for Bug-Bounty | https://medium.com/@anandrishav2228/how-to-configure-proxies-in-browser-for-bug-bounty-c175c5513e1a?source=rss------bug_bounty-5 | Rishav anand | vpn, proxy, cybersecurity, money, bug-bounty | 04-Nov-2024 |
Bypass the Blocked IP address while Pentesting. | https://medium.com/@anandrishav2228/bypass-the-blocked-ip-address-while-pentesting-c4c02a8dc14d?source=rss------bug_bounty-5 | Rishav anand | money, cybersecurity, bug-bounty, ip-address, hacking | 04-Nov-2024 |
bugbountytraining靶场(四) | https://medium.com/@starkxun5215/bugbountytraining%E9%9D%B6%E5%9C%BA-%E5%9B%9B-378fa157f500?source=rss------bug_bounty-5 | xun stark | bug-bounty | 04-Nov-2024 |
Breaking the Rules: How a Race Condition Allowed Me to Bypass the Limits | https://medium.com/@manibharathi.b/breaking-the-rules-how-a-race-condition-allowed-me-to-bypass-the-limits-by-mani-d6840746a04e?source=rss------bug_bounty-5 | Mani Bharathi B | bug-bounty-tips, bug-bounty, cybersecurity, vulnerability, bug-bounty-writeup | 04-Nov-2024 |
Account takeover for $3000 | https://sushantdhopat.medium.com/account-takeover-for-3000-722ee6f5fbde?source=rss------bug_bounty-5 | sushantdhopat | bug-bounty, infosec | 04-Nov-2024 |
Exploit exposed zendesk API Token for $1000 | https://sushantdhopat.medium.com/exploit-exposed-zendesk-api-token-for-1000-847966489070?source=rss------bug_bounty-5 | sushantdhopat | infosec, bug-bounty, information-security | 04-Nov-2024 |
IDOR leading to broken functionality | https://medium.com/@shadykhaled2002/idor-leading-to-broken-functionality-3b464213fa76?source=rss------bug_bounty-5 | Le_Merdien | penetration-testing, cybersecurity, pentesting, bug-bounty | 04-Nov-2024 |
The OAuth Oversight: When Configuration Errors Turn into Account Hijacks | https://medium.com/@nightcoders0/the-oauth-oversight-when-configuration-errors-turn-into-account-hijacks-5ed1f9c83d16?source=rss------bug_bounty-5 | Nightcoders | pentesting, hacking, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 04-Nov-2024 |
How I Found a €100 Bug at DCU: From “Not Applicable” to Cashing In! | https://medium.com/@trffnsec/how-i-found-a-100-bug-at-dcu-from-not-applicable-to-cashing-in-2e58699a8faa?source=rss------bug_bounty-5 | TrffnSec | bugbounty-writeup, hacking, bug-bounty-tips, ethical-hacking, bug-bounty | 04-Nov-2024 |
Essential One-Liner Commands for Bug Bounty Hunters and Pentesters | https://infosecwriteups.com/essential-one-liner-commands-for-bug-bounty-hunters-and-pentesters-7648ec305c66?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, bug-bounty, automation, cybersecurity | 04-Nov-2024 |
How I Found HTML Injection? | https://medium.com/@gitlime71/how-i-found-html-injection-bdbbf2861d95?source=rss------bug_bounty-5 | Raccoon | bug-bounty, penetration-testing, bug-bounty-writeup | 04-Nov-2024 |
Columbus Ransomware Attack: Data of 500,000 Stolen | https://medium.com/@wiretor/columbus-ransomware-attack-data-of-500-000-stolen-93076d58689c?source=rss------bug_bounty-5 | WIRE TOR | malware, pentesting, usa, pentest, bug-bounty | 04-Nov-2024 |
Unveiling the “Pygmy Goat” Malware: A New Threat in Cybersecurity | https://medium.com/@wiretor/unveiling-the-pygmy-goat-malware-a-new-threat-in-cybersecurity-aaeb360f9497?source=rss------bug_bounty-5 | WIRE TOR | bug-bounty, hacking, usa, malware, pentesting | 04-Nov-2024 |
Meet “Interlock” Ransomware — A New Threat Targeting FreeBSD Servers | https://medium.com/@wiretor/meet-interlock-ransomware-a-new-threat-targeting-freebsd-servers-4be6ba312c62?source=rss------bug_bounty-5 | WIRE TOR | hacking, malware, pentesting, bug-bounty, usa | 04-Nov-2024 |
Introducing SubdomainRadar.io: | https://medium.com/@alexandrevandammepro/introducing-subdomainradar-io-727d765445f2?source=rss------bug_bounty-5 | Alexandre Vandamme | bug-bounty, vulnerability, bug-bounty-tips, osint, security | 04-Nov-2024 |
Essential One-Liner Commands for Bug Bounty Hunters and Pentesters | https://systemweakness.com/essential-one-liner-commands-for-bug-bounty-hunters-and-pentesters-7648ec305c66?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, bug-bounty, automation, cybersecurity | 04-Nov-2024 |
ExploiterX — Vulnerability Scanner Tool | https://anishalx.medium.com/exploiterx-vulnerability-scanner-tool-bc1796e278a1?source=rss------bug_bounty-5 | Anish | web3, python, bug-bounty, penetration-testing, hacking | 03-Nov-2024 |
Must-Have Tools for Cybersecurity Researchers: A Complete Installation Guide | https://myselfakash20.medium.com/must-have-tools-for-cybersecurity-researchers-a-complete-installation-guide-5738022e535f?source=rss------bug_bounty-5 | Akash Ghosh | cybersecurity, tools, bug-bounty, recon, reconnaissance | 03-Nov-2024 |
AcquiFinder | a tool to grab acquisitions of a company by Crunchbase | https://medium.com/@AmmarxLe0x/acquifinder-a-tool-to-grab-acquisitions-of-a-company-by-crunchbase-6315db784813?source=rss------bug_bounty-5 | xLe0x | bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program, bug-bounty | 03-Nov-2024 |
“Keyed In” Compromising an entire organization through their API | https://medium.com/@s1renhead/keyed-in-compromising-an-entire-organization-through-their-api-2ed6cb54eec5?source=rss------bug_bounty-5 | S1renhead | bug-bounty-writeup, bug-bounty, hacking, bug-bounty-tips | 03-Nov-2024 |
[Hacking impact] Acees admin panel | https://medium.com/@nagashygaballah/hacking-impact-acees-admin-panel-a4326a36e208?source=rss------bug_bounty-5 | 111xNagashy | hacker, hackerone, hacking, bug-bounty, security | 03-Nov-2024 |
How I Discovered RXSS Bug on Microsoft subdomain !!! | https://medium.com/@sayantichy/how-i-discovered-rxss-bug-on-microsoft-subdomain-21082191ad10?source=rss------bug_bounty-5 | Sayanti Chowdhury | xss-vulnerability, bug-bounty, xss-attack, first-bug, reflected-xss | 03-Nov-2024 |
Getting Back on the Cybersecurity Write-Ups: Return to Medium | https://mukibas37.medium.com/getting-back-on-the-cybersecurity-write-ups-return-to-medium-1ac51c9edde9?source=rss------bug_bounty-5 | Mukilan Baskaran | cybersecurity, infosec, back-to-writing, ctf, bug-bounty | 03-Nov-2024 |
A Comprehensive Guide to SQL Injection: Types, Hunting Methods, and Tools | https://medium.com/@n4itr0_07/a-comprehensive-guide-to-sql-injection-types-hunting-methods-and-tools-8d716dd34355?source=rss------bug_bounty-5 | N4!TR0 07 | sql-injection, bug-bounty, bug-bounty-tips, bugbounty-writeup, cybersecurity | 03-Nov-2024 |
IDOR Exploit: Gaining Unauthorized Control Over Users’ Shopping Baskets | https://0xmatrix.medium.com/idor-exploit-gaining-unauthorized-control-over-users-shopping-baskets-122650091cf5?source=rss------bug_bounty-5 | Mo2men Elmady | bug-bounty, hacking, idor, penetration-testing, bugs | 03-Nov-2024 |
Dstat.cc DDoS Site Seized & Two Suspects Arrested in Germany | https://medium.com/@wiretor/dstat-cc-ddos-site-seized-two-suspects-arrested-in-germany-c8d44187b181?source=rss------bug_bounty-5 | WIRE TOR | bug-bounty, malware, hacking, pentesting, usa | 03-Nov-2024 |
CRA Breach Exposed: Over 62,000 Taxpayer Accounts Compromised! | https://medium.com/@wiretor/cra-breach-exposed-over-62-000-taxpayer-accounts-compromised-62bc0cf3cb9a?source=rss------bug_bounty-5 | WIRE TOR | malware, bug-bounty, hacking, pentesting, usa | 03-Nov-2024 |
FBI Arrests Suspect in SEC Account Hack: What This Means for Cybersecurity | https://medium.com/@wiretor/fbi-arrests-suspect-in-sec-account-hack-what-this-means-for-cybersecurity-735d8dd72512?source=rss------bug_bounty-5 | WIRE TOR | hacking, usa, bug-bounty, pentesting, malware | 03-Nov-2024 |
Becoming a Web Security Specialist: Essential Insights and a Roadmap | https://medium.com/@halildeniz313/becoming-a-web-security-specialist-essential-insights-and-a-roadmap-91032925d1aa?source=rss------bug_bounty-5 | Halildeniz | cyber-security-awareness, bug-bounty, cybersecurity, web-security, ethical-hacking | 03-Nov-2024 |
Time Based SQL Injection Bug Hunting Methodology | https://medium.com/@abhirupkonwar04/time-based-sql-injection-bug-hunting-methodology-be485de5ab9e?source=rss------bug_bounty-5 | AbhirupKonwar | ethical-hacking, bug-bounty, cybersecurity, sql-injection, pentesting | 02-Nov-2024 |
Time Based SQL Injection Bug Hunting Methodology | https://osintteam.blog/time-based-sql-injection-bug-hunting-methodology-be485de5ab9e?source=rss------bug_bounty-5 | AbhirupKonwar | ethical-hacking, bug-bounty, cybersecurity, sql-injection, pentesting | 02-Nov-2024 |
Simple Tips for Bug Bounty Beginners: Escalating to XSS (XSS Series Part — 2) | https://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-escalating-to-xss-xss-series-part-2-1d6b75ecf942?source=rss------bug_bounty-5 | Anish Narayan | technology, programming, cybersecurity, bug-bounty-writeup, bug-bounty | 02-Nov-2024 |
Breaking Into Information Security as a Fresher: A Guide to Starting Your Journey | https://medium.com/@nitinbasera11/breaking-into-information-security-as-a-fresher-a-guide-to-starting-your-journey-caa253c0f5ae?source=rss------bug_bounty-5 | Nitinbasera | bug-bounty, security, cybersecurity, web-app-security, infosec | 02-Nov-2024 |
My Journey as a Bug Bounty Hunter and Web3 Enthusiast: Tips for Beginners | https://medium.com/@veerendravamshi/my-journey-as-a-bug-bounty-hunter-and-web3-enthusiast-tips-for-beginners-50aa0bfbfc78?source=rss------bug_bounty-5 | Veerendra Vamshi | blockchain, bug-bounty, web3, cryptocurrency, defi | 02-Nov-2024 |
Hacking For Free. Dodging Paying For Hacking Knowledge System | Primary Hacking School #9 | https://medium.com/@nnface/hacking-for-free-dodging-paying-for-hacking-knowledge-system-primary-hacking-school-9-c86f6dd3752c?source=rss------bug_bounty-5 | NnFace | hacking, cybersecurity, kali-linux, money, bug-bounty | 02-Nov-2024 |
Microsoft Acknowledges Outlook Freezing Issue and Offers Workarounds | https://medium.com/@wiretor/microsoft-acknowledges-outlook-freezing-issue-and-offers-workarounds-52fa28e41f13?source=rss------bug_bounty-5 | WIRE TOR | hacking, ransomware, malware, pentesting, bug-bounty | 02-Nov-2024 |
Account Takeover Via Google Auth Misconfiguration | https://medium.com/@abdulparkar/account-takeover-via-google-auth-misconfiguration-af4a59dd82e7?source=rss------bug_bounty-5 | Abdul Rehman Parkar | ethical-hacking, bug-bounty-tips, hacking, bug-bounty, bug-bounty-writeup | 02-Nov-2024 |
bugbountytraining靶场(三) | https://medium.com/@starkxun5215/bugbountytraining%E9%9D%B6%E5%9C%BA-%E4%B8%89-dfe55be3123f?source=rss------bug_bounty-5 | xun stark | bug-bounty | 01-Nov-2024 |
Hard Server-Side Request Forgery (SSRF) A bypass method to RCE and Port Scan | https://medium.com/@sarvour/hard-server-side-request-forgery-ssrf-a-bypass-method-to-rce-and-port-scan-61adf085d62a?source=rss------bug_bounty-5 | sarvour | pentesting, security, rce, bug-bounty, writeup | 01-Nov-2024 |
Template Engines Injection 101 | https://medium.com/@0xAwali/template-engines-injection-101-4f2fe59e5756?source=rss------bug_bounty-5 | Mahmoud M. Awali | bug-bounty, hacking | 01-Nov-2024 |
Web Application Basics — Tryhackme Walkthrough | https://medium.com/@TRedEye/web-application-basics-tryhackme-walkthrough-ee6a0cf2f1f6?source=rss------bug_bounty-5 | TRedEye | cybersecurity, hacking, bug-bounty, website, tryhackme | 01-Nov-2024 |
Configuring Burp Suite with Firefox (Step-by-Step) | https://harshbardhanx.medium.com/configuring-burp-suite-with-firefox-step-by-step-40f56a706546?source=rss------bug_bounty-5 | Harsh Bardhan | bug-bounty, cybersecurity, bug-bounty-writeup, burpsuite, bug-bounty-tips | 01-Nov-2024 |
Hackers Target Critical Zero-Day Vulnerabilities in PTZ Cameras | https://medium.com/@wiretor/hackers-target-critical-zero-day-vulnerabilities-in-ptz-cameras-d2d5023d329d?source=rss------bug_bounty-5 | WIRE TOR | pentest, zero-day, malware, bug-bounty, ransomware | 01-Nov-2024 |
qBittorrent Security Flaw Fixed After 14 Years Upgrade Now! | https://medium.com/@wiretor/qbittorrent-security-flaw-fixed-after-14-years-upgrade-now-bfa491d214bb?source=rss------bug_bounty-5 | WIRE TOR | xss-attack, bug-bounty, hacking, malware, pentesting | 01-Nov-2024 |
New LightSpy Spyware Version Targets iPhones with Advanced Surveillance Tactics | https://medium.com/@wiretor/new-lightspy-spyware-version-targets-iphones-with-advanced-surveillance-tactics-154f8887cd42?source=rss------bug_bounty-5 | WIRE TOR | hacking, apple, xss-attack, bug-bounty, malware | 01-Nov-2024 |
The Pen-Tester’s Muse: Writing Exploits into Earnings on Medium | https://medium.com/illumination/the-pen-testers-muse-writing-exploits-into-earnings-on-medium-a739abaab422?source=rss------bug_bounty-5 | Quintius Walker | bug-bounty, cybersecurity, poetry, creativity, poetry-on-medium | 01-Nov-2024 |
Reasons for Failure in Bug Bounty Programs and the Path to Success | https://medium.com/@halildeniz313/reasons-for-failure-in-bug-bounty-programs-and-the-path-to-success-af19917f4be9?source=rss------bug_bounty-5 | Halildeniz | bug-bounty-tips, cybersecurity, bug-bounty, pentesting, ethical-hacking | 01-Nov-2024 |
bugbountytraining靶场(二) | https://medium.com/@starkxun5215/bugbountytraining%E9%9D%B6%E5%9C%BA-%E4%BA%8C-669c3ac29651?source=rss------bug_bounty-5 | xun stark | bug-bounty | 31-Oct-2024 |
How HTML injection can help to make $1000. | https://medium.com/@anandrishav2228/how-html-injection-can-help-to-make-1000-531c6f7b6672?source=rss------bug_bounty-5 | Rishav anand | html, ai, bug-bounty, money, cybersecurity | 31-Oct-2024 |
HOW I FOUND CVE-2023–35813? | https://doordiefordream.medium.com/how-i-found-cve-2023-35813-c239c2f03192?source=rss------bug_bounty-5 | balu bandi | cve, ethical-hacking, bug-bounty, cybersecurity, writing | 31-Oct-2024 |
OAuth Account Takeover (ATO) Vulnerability via Email Manipulation | https://medium.com/@muhammedgalal66/oauth-account-takeover-ato-vulnerability-via-email-manipulation-94e0e942bcb8?source=rss------bug_bounty-5 | Dg0x6 | account-takeover-attacks, account-takeover, bug-bounty-tips, hackerone, bug-bounty | 31-Oct-2024 |
SSRF to Internal Port Scanning on Self-Hosted Platform | https://infosecwriteups.com/ssrf-to-internal-port-scanning-on-self-hosted-platform-05a17a461eed?source=rss------bug_bounty-5 | JEETPAL | ssrf, bugbounty-tips, bug-bounty, bug-bounty-writeup, cybersecurity | 31-Oct-2024 |
7 Real-Life Bug Bounties That Made Headlines: Lessons You Can’t Afford to Miss! | https://medium.com/@qaafqasim/7-real-life-bug-bounties-that-made-headlines-lessons-you-cant-afford-to-miss-4b812b2caafa?source=rss------bug_bounty-5 | Qasim Mahmood Khalid | cyber-security-awareness, bug-bounty-writeup, bug-bounty, ethical-hacking, cybersecurity | 31-Oct-2024 |
Responsible Discovery, Irresponsible Response: The Cost of Punishing Security Researchers | https://khalifayakub.medium.com/responsible-discovery-irresponsible-response-the-cost-of-punishing-security-researchers-8bbb15f66ab7?source=rss------bug_bounty-5 | Mohammed Yakub Khalifa | ethics, cybersecurity-awareness, cybersecurity, bug-bounty, ethical-hacking | 31-Oct-2024 |
0-Click ATO Via reset password weird scenario | https://medium.com/@mos693570/0-click-ato-via-reset-password-weird-scenario-9afa4a88e413?source=rss------bug_bounty-5 | Mo Salah | bug-bounty | 31-Oct-2024 |
Could a Simple IDOR Vulnerability in Facebook Affects the Outcome of US Elections? | https://medium.com/@bazzounbassem/could-a-simple-idor-vulnerability-in-facebook-affects-the-outcome-of-us-elections-c17bc5e12e30?source=rss------bug_bounty-5 | Bassem M Bazzoun | ethical-hacking, bug-bounty, us-election-2024, cybersecurity | 31-Oct-2024 |
How One Accidental Find Led to Full App Security Testing | https://medium.com/@hasirhamdan77/how-one-accidental-find-led-to-full-app-security-testing-ea1c317174cb?source=rss------bug_bounty-5 | Hasirhamdan | jwt-exploitation, application-security, bug-bounty, mobile-security, hacking | 31-Oct-2024 |
Comprehensive Bug Bounty Hunting Methodology (2024 Edition) | https://xalgord.medium.com/comprehensive-bug-bounty-hunting-checklist-2024-edition-4abb3a9cbe66?source=rss------bug_bounty-5 | Krishna Kaushal | cybersecurity, bug-bounty-tips, bug-bounty, hacking, reconnaissance | 31-Oct-2024 |
Tale of Zendesk 0 day and a potential 25K $ bounty | https://rikeshbaniya.medium.com/tale-of-zendesk-0-day-and-a-potential-25k-bounty-61bcf9c5dc06?source=rss------bug_bounty-5 | Rikesh Baniya | bug-bounty-writeup, bug-bounty-tips, hackerone, security-research, bug-bounty | 31-Oct-2024 |
XML Upload Challenge: Breaking Boundaries with External Entities | https://medium.com/@josh.beck2006/xml-upload-challenge-breaking-boundaries-with-external-entities-79677649485f?source=rss------bug_bounty-5 | Josh Beck | cybersecurity, ctf-writeup, bug-bounty | 31-Oct-2024 |
Hunting for IDOR and BAC Vulnerabilities in B2B Applications with Burp Suite’s Authorize Extension | https://thexssrat.medium.com/hunting-for-idor-and-bac-vulnerabilities-in-b2b-applications-with-burp-suites-authorize-extension-597877b53d94?source=rss------bug_bounty-5 | Thexssrat | idor, broken-access-control, bug-bounty, bug-bounty-tips, burpsuite | 31-Oct-2024 |
LottieFiles Hacked: A Cautionary Tale for the Crypto Community! | https://medium.com/@wiretor/lottiefiles-hacked-a-cautionary-tale-for-the-crypto-community-8cc3b6cf9148?source=rss------bug_bounty-5 | WIRE TOR | malware, xss-attack, hacking, usa, bug-bounty | 31-Oct-2024 |
Protecting E-Commerce: Understanding the Phish n’ Ships Campaign | https://medium.com/@wiretor/protecting-e-commerce-understanding-the-phish-n-ships-campaign-619cc4f3d150?source=rss------bug_bounty-5 | WIRE TOR | malware, hacking, usa, bug-bounty, xss-attack | 31-Oct-2024 |
Ex-Disney Employee Charged with Hacking: A Cautionary Tale! | https://medium.com/@wiretor/ex-disney-employee-charged-with-hacking-a-cautionary-tale-d9174351fd7c?source=rss------bug_bounty-5 | WIRE TOR | malware, bug-bounty, xss-attack, usa, hacking | 31-Oct-2024 |
File Transfer Cheatsheet: Windows and Linux | https://medium.com/@verylazytech/file-transfer-cheatsheet-windows-and-linux-1e36ec9a22ac?source=rss------bug_bounty-5 | Very Lazy Tech | file-transfer, bug-bounty, post-exploitation, exfiltration, cybersecurity | 30-Oct-2024 |
Hacking your first OAuth on the Web application: Account takeover using Redirect and State… | https://medium.com/@security.tecno/hacking-your-first-oauth-on-the-web-application-account-takeover-using-redirect-and-state-5e857c7b1d43?source=rss------bug_bounty-5 | TECNO Security | research-reports, hacking, bug-bounty, security | 30-Oct-2024 |
Discovered a Unique Email Verification Bypass | https://mo9khu93r.medium.com/discovered-a-unique-email-verification-bypass-47bb1e955a13?source=rss------bug_bounty-5 | mo9khu93r | penetration-testing, email-verification, hacking, cybersecurity, bug-bounty | 30-Oct-2024 |
Apple $1,000,000 Bounty: Zero-Click Exploit Achieves Kernel Execution and PAC Bypass on Latest iOS… | https://medium.com/@vintaconnect/apple-1-000-000-bounty-zero-click-exploit-achieves-kernel-execution-and-pac-bypass-on-latest-ios-7cdf35ff8bc6?source=rss------bug_bounty-5 | VintaConnect | apple, apple-bug-bounty, ios, kernel, bug-bounty | 30-Oct-2024 |
CVE-2024–27954 — WordPress Automatic Plugin < 3.92.1 — Arbitrary File Download and SSRF | https://infosecwriteups.com/cve-2024-27954-wordpress-automatic-plugin-3-92-1-arbitrary-file-download-and-ssrf-34f2e938db54?source=rss------bug_bounty-5 | Ajay Naik | bug-bounty, penetration-testing, wordpress, cybersecurity, bug-bounty-hunter | 30-Oct-2024 |
$200-$10,000 for Command Injection Bug . | https://medium.com/@anandrishav2228/200-10-000-for-command-injection-bug-2279041f3478?source=rss------bug_bounty-5 | Rishav anand | hacking, cybersecurity, bug-bounty, money, command-injection | 30-Oct-2024 |
My First Remote Code Execution (RCE) | https://medium.com/@prasenjitkantipaul/my-first-remote-code-execution-rce-ea9c3e32943f?source=rss------bug_bounty-5 | Prasenjit Kanti Paul | bug-bounty, bug-bounty-tips, bug-bounty-hunter, rce, bug-bounty-writeup | 30-Oct-2024 |
CVE-2024–4577 — PHP CGI Argument Injection Remote Code Execution | https://infosecwriteups.com/cve-2024-4577-php-cgi-argument-injection-remote-code-execution-294ed4758e4f?source=rss------bug_bounty-5 | Ajay Naik | medium, penetration-testing, bug-bounty, cybersecurity, information-technology | 30-Oct-2024 |
A Guide to Burp Suite for Ethical Hackers | https://medium.com/@codingbolt.in/a-guide-to-burp-suite-for-ethical-hackers-e1b985470547?source=rss------bug_bounty-5 | codingbolt | penetration-testing, cybersecurity, bug-bounty, burpsuite, ethical-hacking | 30-Oct-2024 |
Multi-Step Process with No Access Control on One Step — Access Control Vulnerability | https://medium.com/@rcxsecurity/multi-step-process-with-no-access-control-on-one-step-access-control-vulnerability-599aee989521?source=rss------bug_bounty-5 | Ryan G. Cox - The Cybersec Café | pentesting, cybersecurity, penetration-testing, information-security, bug-bounty | 30-Oct-2024 |
Chaining Four Vulnerabilities Leading to Account Takeover | https://medium.com/@jke3595/chaining-four-vulnerabilities-leading-to-account-takeover-664f18508600?source=rss------bug_bounty-5 | Joel I Patrick | bounty-program, ethical-hacking, security, bug-bounty, cybersecurity | 30-Oct-2024 |
Predictable Initial Passwords vulnerability | https://medium.com/@istibaroudissou/predictable-initial-passwords-vulnerability-3292322bfdd4?source=rss------bug_bounty-5 | Istibarou DISSOU | vulnerability, bug-bounty, pentesting | 30-Oct-2024 |
Lets Get into the Real field. | https://harshbardhanx.medium.com/lets-get-into-the-real-field-b2c9278d0b63?source=rss------bug_bounty-5 | Harsh Bardhan | bug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty-hunter | 30-Oct-2024 |
Email Spoofing | https://medium.com/@hacragon/email-spoofing-1a81728f92b3?source=rss------bug_bounty-5 | Subin Kumar | dmarc-record, email-spoofing, bug-bounty | 30-Oct-2024 |
Exposed Git Configs Lead to 15,000 Stolen Cloud Credentials: The WireTor Solution | https://medium.com/@wiretor/exposed-git-configs-lead-to-15-000-stolen-cloud-credentials-the-wiretor-solution-d6de23eaca26?source=rss------bug_bounty-5 | WIRE TOR | malware, election2024, usa, bug-bounty, pentesting | 30-Oct-2024 |
WIRE TOR — The Ethical Hacking Services | https://medium.com/@wiretor/wire-tor-the-ethical-hacking-services-bac69e4fa28a?source=rss------bug_bounty-5 | WIRE TOR | bug-bounty, pentesting, malware, xss-attack, hacking | 30-Oct-2024 |
Protect Yourself from Election Scams: Insights from WireTor | https://medium.com/@wiretor/protect-yourself-from-election-scams-insights-from-wiretor-1e118e682f76?source=rss------bug_bounty-5 | WIRE TOR | bug-bounty, pentesting, xss-attack, hacking, malware | 30-Oct-2024 |
Spooktacular Halloween Sale: 50% Off! | https://medium.com/@wiretor/spooktacular-halloween-sale-50-off-f1967438dac0?source=rss------bug_bounty-5 | WIRE TOR | pentesting, bug-bounty, usa, hacking, halloween | 30-Oct-2024 |
Automating Bug Bounty Hunts with Bash: A Beginner-Friendly Guide | https://pwndecoco.medium.com/automating-bug-bounty-hunts-with-bash-a-beginner-friendly-guide-3fc2b3d7f341?source=rss------bug_bounty-5 | Pwndec0c0 | hacking, bug-bounty-tips, penetration-testing, bug-bounty, cybersecurity | 30-Oct-2024 |
Full Account Takeover at One of the Largest E-Commerce Companies | https://m0uka.medium.com/full-account-takeover-at-one-of-the-largest-e-commerce-companies-8cf416e9dc7e?source=rss------bug_bounty-5 | m0uka | hackerone, hacking, bug-bounty, bugcrowd, security-research | 29-Oct-2024 |
Account Linked Domains Takeover | https://medium.com/@ph4nt0mbyt3/account-linked-domains-takeover-852cab92e018?source=rss------bug_bounty-5 | ph4nt0mbyt3 | pentesting, bug-bounty, pentest | 29-Oct-2024 |
How to find Information Disclouser in any WebTech or Mobile App. and Earn upto $500-$2000 | https://medium.com/@anandrishav2228/how-to-find-information-disclouser-in-any-webtech-or-mobile-app-and-earn-upto-500-2000-7bda67bbe754?source=rss------bug_bounty-5 | Rishav anand | cybersecurity, money, api, bug-bounty, hacker | 29-Oct-2024 |
From Study Stress to Critical Account Takeover: How a Gym Break and a Little Curiosity Uncovered a… | https://medium.com/@CipherHawk/from-study-stress-to-critical-account-takeover-how-a-gym-break-and-a-little-curiosity-uncovered-a-d15cfc2e142b?source=rss------bug_bounty-5 | CipherHawk | bug-bounty, hackerone, hacking, yeswehack, bugbounty-tips | 29-Oct-2024 |
How I get Open Redirect Vulnerability in BBP ? | https://medium.com/@keroayman77/how-i-get-open-redirect-vulnerability-in-bbp-6006e5a34602?source=rss------bug_bounty-5 | Kerolos Ayman | bug-bounty-writeup, bug-bounty | 29-Oct-2024 |
Web cache poisoning explained | https://medium.com/@ad.abhi0013/web-cache-poisoning-explained-f3ddc4bfbf94?source=rss------bug_bounty-5 | Abhishek Adhikari | cybersecurity, web-cache-poisoning, bug-bounty | 29-Oct-2024 |
Find Open Redirect in Just 2 min - $1000 | https://medium.com/@mdnafeed3/find-open-redirect-in-just-2-min-1000-c527bb3e65fb?source=rss------bug_bounty-5 | H4cker-Nafeed | cybersecurity, bug-bounty, bug-bounty-tips | 29-Oct-2024 |
How can SQL injection, CSRF, and XSS attacks be prevented in Golang — Bug Bounty Tuesday | https://medium.com/@kerstan/how-can-sql-injection-csrf-and-xss-attacks-be-prevented-in-golang-bug-bounty-tuesday-2f857b2e4b53?source=rss------bug_bounty-5 | kerstan | golang, coding, cybersecurity, hacking, bug-bounty | 29-Oct-2024 |
How I Started My Bug Bounty Journey…!!! | https://harshbardhanx.medium.com/how-i-started-my-bug-bounty-journey-1b9683fa6252?source=rss------bug_bounty-5 | Harsh Bardhan | bug-hunting, bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips | 29-Oct-2024 |
My step by step process on how I do Bug Bounty Hunting: From finding targets to Submission of the… | https://pwndecoco.medium.com/my-step-by-step-process-on-how-i-do-bug-bounty-hunting-from-finding-targets-to-submission-of-the-c3ad5d4b07ad?source=rss------bug_bounty-5 | Pwndec0c0 | penetration-testing, bug-bounty, cybersecurity, bug-bounty-writeup, hacking | 29-Oct-2024 |
How do SSL Scanners Work | https://medium.com/@serhatcck/how-do-ssl-scanners-work-b4977308e981?source=rss------bug_bounty-5 | Serhat ÇİÇEK | cryptography, application-security, bug-bounty, hacking, pentesting | 29-Oct-2024 |
Data Breach Affects 800,000 Citizens in Italy | https://medium.com/@wiretor/data-breach-affects-800-000-citizens-in-italy-1f977df0cab6?source=rss------bug_bounty-5 | WIRE TOR | bug-bounty, malware, italian, pentesting, hacking | 29-Oct-2024 |
Massive PSAUX Ransomware Attack Targets 22,000 CyberPanel Instances! | https://medium.com/@wiretor/massive-psaux-ransomware-attack-targets-22-000-cyberpanel-instances-2925859c759c?source=rss------bug_bounty-5 | WIRE TOR | hacking, bug-bounty, usa, malware, cybersecurity | 29-Oct-2024 |
WIRE TOR — The Ethical Hacking Services | https://medium.com/@wiretor/wire-tor-the-ethical-hacking-services-47ef9ecf7471?source=rss------bug_bounty-5 | WIRE TOR | hacking, bug-bounty, malware, usa, pentesting | 29-Oct-2024 |
Payment Bypass via API Request to Activate Premium Plan on Private Bug Bounty Program | https://medium.com/@sharp488/payment-bypass-via-api-request-to-activate-premium-plan-on-private-bug-bounty-program-bbd7fc91ef99?source=rss------bug_bounty-5 | Sharat Kaikolamthuruthil | bug-bounty, information-technology, bug-bounty-tips, bugs, information-security | 28-Oct-2024 |
How to find a Race-condition Bug and make $1300 | https://medium.com/@anandrishav2228/how-to-find-a-race-condition-bug-and-make-1300-66d7e14040e9?source=rss------bug_bounty-5 | Rishav anand | race-condition, hacker, bug-bounty, cybersecurity, money | 28-Oct-2024 |
$150,000 Evmos Vulnerability Through Reading Documentation | https://medium.com/@jjordanjjordan/150-000-evmos-vulnerability-through-reading-documentation-d26328590a7a?source=rss------bug_bounty-5 | jayjonah.eth | bug-bounty, crypto, web3, ethereum, blockchain | 28-Oct-2024 |
Blind Cross Site Scripting in License Application | https://medium.com/@abdullah12987654/blind-cross-site-scripting-in-license-application-aa865c0e0496?source=rss------bug_bounty-5 | Abdullah | penetration-testing, cross-site-scripting, xss-vulnerability, hacking, bug-bounty | 28-Oct-2024 |
HTTP Request Smuggling: From Needs More Info to Confirmed Impact! | https://medium.com/@rezauditore/http-request-smuggling-from-needs-more-info-to-confirmed-impact-9b36349355ca?source=rss------bug_bounty-5 | rezauditore | bug-bounty, http-request, peace, lgbtq, hacking | 28-Oct-2024 |
Best AI Tool to Learn Hacking 2025 | https://medium.com/@TahirAyoub/best-ai-tool-to-learn-hacking-2025-e30b11c551c8?source=rss------bug_bounty-5 | Tahir Ayoub | ai, cybersecurity, artificial-intelligence, bug-bounty, hacking | 28-Oct-2024 |
Easy 400$ Bounty on Hackerone Public BBP | https://medium.com/@kaforybory/easy-400-bounty-on-hackerone-public-bbp-b7a9aa2d6767?source=rss------bug_bounty-5 | Hassan Makki | cybersecurity, infosec, bug-bounty-tips, penetration-testing, bug-bounty | 28-Oct-2024 |
Exposing a Data Leak Vulnerability: My Journey to Discovery | https://infosecwriteups.com/exposing-a-data-leak-vulnerability-my-journey-to-discovery-7be93ce2c5b0?source=rss------bug_bounty-5 | Abhishek Bhujang | ethical-hacking, security, bug-bounty, bug-hunting, hacking | 28-Oct-2024 |
Ethical Hacking and Bug Bounty Programs — Harnessing Hackers for Good | https://medium.com/@RocketMeUpCybersecurity/ethical-hacking-and-bug-bounty-programs-harnessing-hackers-for-good-ac8417374af0?source=rss------bug_bounty-5 | RocketMe Up Cybersecurity | security-testing, vulnerability-assessment, white-hat-hacker, ethical-hacking, bug-bounty | 28-Oct-2024 |
My first bug bounty | https://medium.com/@zatikyan.sevada/my-first-bug-bounty-5dc382b7cd50?source=rss------bug_bounty-5 | Zatikyan Sevada | cybersecurity, information-disclosure, bug-bounty, hacking-tools | 28-Oct-2024 |
Portswigger Lab: Reflected XSS in a JavaScript URL with some characters blocked | https://medium.com/@iamdeusx/portswigger-lab-reflected-xss-in-a-javascript-url-with-some-characters-blocked-fa15ae95d90e?source=rss------bug_bounty-5 | DeusX | bug-bounty, portswigger, cybersecurity, ctf | 28-Oct-2024 |
LLM Pentest Services at Wire Tor️ | https://medium.com/@wiretor/llm-pentest-services-at-wire-tor-%EF%B8%8F-e2617eb98a89?source=rss------bug_bounty-5 | WIRE TOR | cybersecurity, malware, hacking, usa, bug-bounty | 28-Oct-2024 |
Breaking Down My Bug Bounty Find: Exploiting EC-Council’s iClass Platform | https://medium.com/@salaheddine_kalada/breaking-down-my-bug-bounty-find-exploiting-ec-councils-iclass-platform-68bd9a6c8460?source=rss------bug_bounty-5 | Salaheddine KALADA | responsible-disclosure, ethical-hacking, bug-bounty-writeup, bug-bounty, cybersecurity | 28-Oct-2024 |
How I Leveraged HTML Injection to Create an Account Using Someone Else’s Email | https://infosecwriteups.com/how-i-leveraged-html-injection-to-create-an-account-using-someone-elses-email-b80f83ab9465?source=rss------bug_bounty-5 | Devansh | cybersecurity, html-injection, bug-bounty, information-security | 27-Oct-2024 |
Use Burp Suite Community version like a professional version Save upto $449 | https://medium.com/@anandrishav2228/use-burp-suite-community-version-like-a-professional-version-2225e9d0404f?source=rss------bug_bounty-5 | Rishav anand | burpsuite, hacking, bug-bounty, money, cybersecurity | 27-Oct-2024 |
My Roadmap and the Tools I plan to use to aid my journey. | https://cybersechemmars.medium.com/my-roadmap-and-the-tools-i-plan-to-use-to-aid-my-journey-4f720504fce6?source=rss------bug_bounty-5 | Cybersec with Hemmars | bug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips | 27-Oct-2024 |
Unauthorized Privilege Escalation: Gaining Command Line Access on Unpermitted Company Devices $$$$ | https://sp1der0x.medium.com/unauthorized-privilege-escalation-gaining-command-line-access-on-unpermitted-company-devices-1a67e55f1b63?source=rss------bug_bounty-5 | Spider | hacking, business-logic, privilege-escalation, access-control, bug-bounty | 27-Oct-2024 |
Bypassing File Upload Defenses: My Journey from Simple Bypass to Near RCE | https://medium.com/@dsmodi484/bypassing-file-upload-defenses-my-journey-from-simple-bypass-to-near-rce-ffbd23400efa?source=rss------bug_bounty-5 | Dishant Modi | bug-bounty, vulnerability, file-upload, methodology, rce | 27-Oct-2024 |
How to find bugs in Microsoft iis page. | https://infosecwriteups.com/how-to-find-bugs-in-microsoft-iis-page-ef336a229abc?source=rss------bug_bounty-5 | loyalonlytoday | penetration-testing, cybersecurity, hacking, tips, bug-bounty | 27-Oct-2024 |
How I Leveraged HTML Injection to Create an Account Using Someone Else’s Email | https://infosecwriteups.com/how-i-leveraged-html-injection-to-create-an-account-using-someone-elses-email-b80f83ab9465?source=rss------bug_bounty-5 | Devansh Doshi | cybersecurity, html-injection, bug-bounty, information-security | 27-Oct-2024 |
Fog & Akira Ransomware Exploit SonicWall VPN: Is Your Network Safe? | https://medium.com/@wiretor/fog-akira-ransomware-exploit-sonicwall-vpn-is-your-network-safe-81da77b75cae?source=rss------bug_bounty-5 | WIRE TOR | pentesting, hacking, cybersecurity, usa, bug-bounty | 27-Oct-2024 |
China-Backed Cyber Attack: Donald Trump and JD Vance Targeted! | https://medium.com/@wiretor/china-backed-cyber-attack-donald-trump-and-jd-vance-targeted-004518c60c89?source=rss------bug_bounty-5 | WIRE TOR | malware, bug-bounty, usa, hacking, cybersecurity | 27-Oct-2024 |
Unauthorized Privilege Escalation: Gaining Command Line Access on Unpermitted Company Devices $$$$ | https://sp1der0x.medium.com/unauthorized-privilege-escalation-gaining-command-line-access-on-unpermitted-company-devices-1a67e55f1b63?source=rss------bug_bounty-5 | Sp1der0x | hacking, business-logic, privilege-escalation, access-control, bug-bounty | 27-Oct-2024 |
Firefox&Chrome extensions for bugbounty hunters.(PART 2) | https://osintteam.blog/firefox-chrome-extensions-for-bugbounty-hunters-part-2-c3febcb6e64b?source=rss------bug_bounty-5 | loyalonlytoday | tips, hacking, penetration-testing, cybersecurity, bug-bounty | 26-Oct-2024 |
Free vps for hacking and bug bounty hunting. | https://osintteam.blog/free-vps-for-hacking-and-bug-bounty-hunting-921d1dda71ce?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, hacking, tips-and-tricks, vps, cybersecurity | 26-Oct-2024 |
Bug Bounty with AI in Real-Time: The Future of Cybersecurity | https://prakash888kpk.medium.com/bug-bounty-with-ai-in-real-time-the-future-of-cybersecurity-b3f783c7f0de?source=rss------bug_bounty-5 | Lets Unlearn | tips-and-tricks, ai, bug-bounty | 26-Oct-2024 |
Find CSRF and get a bounty of $900 Quickly | https://medium.com/@anandrishav2228/find-csrf-and-get-a-bounty-of-900-quickly-a9c3bf311dfb?source=rss------bug_bounty-5 | Rishav anand | money, bug-bounty, cybersecurity, hacker, ai | 26-Oct-2024 |
One idea Uncovers Authentication Bypass & Session management flaw | https://medium.com/@CipherHawk/one-idea-uncovers-authentication-bypass-session-management-flaw-2e1536f5c52d?source=rss------bug_bounty-5 | CipherHawk | bug-bounty, hackerone, vulnerability, bugcrowd, hacking | 26-Oct-2024 |
How to Handle Burnout as a Bug Bounty Hunter: Step-by-Step Guide | https://bevijaygupta.medium.com/how-to-handle-burnout-as-a-bug-bounty-hunter-step-by-step-guide-173bdc11386d?source=rss------bug_bounty-5 | Vijay Gupta | burnout, bug-bounty-writeup, bug-bounty, bugs, bug-bounty-tips | 26-Oct-2024 |
Curious Case of a Feedback Link | https://medium.com/@thelazypentester/curious-case-of-a-feedback-link-0b1f5b208df0?source=rss------bug_bounty-5 | Jobson | sensitive-information, bug-bounty, cybersecurity, hacking, burpsuite | 26-Oct-2024 |
Bug Hunting Methodology | https://medium.com/@prajwalpatil453/bug-hunting-methodology-0780e74958be?source=rss------bug_bounty-5 | Anonstrk | cybersecurity, bug-bounty-tips, bug-bounty, methodology, bug-hunting | 26-Oct-2024 |
500$ Idor vulnerability. | https://medium.com/@noureldin1042/500-idor-vulnerability-dfc5d6f31119?source=rss------bug_bounty-5 | Noureldin(0x_5wf) | programming, hacking, bug-bounty, bug-bounty-writeup, bug-bounty-tips | 26-Oct-2024 |
INICON: A One-Stop Recon Tool for Bug Bounty Hunters | https://medium.com/@jwalanth/inicon-a-one-stop-recon-tool-for-bug-bounty-hunters-8e1dcfa90a6c?source=rss------bug_bounty-5 | Kira61(Jwalanth) | cybersecurity, python, pentesting, reconnaissance, bug-bounty | 26-Oct-2024 |
How I Discovered an Easy 2FA Vulnerability on Logitech | https://medium.com/@dhananjay_00/how-i-discovered-an-easy-2fa-vulnerability-on-logitech-ff0d07178b04?source=rss------bug_bounty-5 | Dhananjay Pathak | bug-bounty-tips, bug-bounty, bugbounty-writeup, hackerone, hacking | 26-Oct-2024 |
Dependency Confusion Unleashed: How One Misconfiguration Can Compromise an Entire System | https://medium.com/@omargamal4em/dependency-confusion-unleashed-how-one-misconfiguration-can-compromise-an-entire-system-e0df2a26c341?source=rss------bug_bounty-5 | omar gamal | bug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-tips | 26-Oct-2024 |
AIO Web App Pentesting Checklist | https://cristivlad.medium.com/aio-web-app-pentesting-checklist-afe277d735dd?source=rss------bug_bounty-5 | Cristi Vlad | cybersecurity, bug-bounty, infosec, penetration-testing, pentesting | 26-Oct-2024 |
Apple Paying Big Bucks for Security Flaws: Your Chance to Cash In! | https://medium.com/@v55232352/apple-paying-big-bucks-for-security-flaws-your-chance-to-cash-in-edb0f4f5ad21?source=rss------bug_bounty-5 | Patrick Hoover | cyber-security-services, bug-bounty, apple-security-update | 26-Oct-2024 |
SQL Injections and the cute $2000 bounty | https://medium.com/@nireshpandian19/sql-injections-and-the-cute-2000-bounty-2d18441ee0e3?source=rss------bug_bounty-5 | JAI NIRESH J | bug-bounty, bug-bounty-writeup, idor-vulnerability, bug-bounty-tips, sql-injection | 26-Oct-2024 |
Bind Shells: A Practical Guide | https://medium.com/@learntheshell/bind-shells-a-practical-guide-9c00b3d7ad74?source=rss------bug_bounty-5 | LearnTheShell | cybersecurity, bug-bounty, pentesting, bind-shell, bug-bounty-tips | 26-Oct-2024 |
Cronjobs for hackers (bugbounty article) | https://medium.com/@bag0zathev2/cronjobs-for-hackers-bugbounty-article-7d51588d0fd5?source=rss------bug_bounty-5 | Fares Walid (SirBugs) | cybersecurity, bugbounty-tips, cronjob, bug-bounty, hacking | 26-Oct-2024 |
BugBounty — Mastering the Basics (along with Resources)[Part-1] | https://medium.com/@iabhipathak/bugbounty-mastering-the-basics-along-with-resources-part-1-47d30eb3d19a?source=rss------bug_bounty-5 | Abhinav Pathak | bug-bounty, cybersecurity, security, ethical-hacking, hacking | 26-Oct-2024 |
DVWA : Brute Force Vulnerability Solution (Low & Medium Security Level) | https://medium.com/@Kamal_S/dvwa-brute-force-vulnerability-solution-low-medium-security-level-9c01eadf3720?source=rss------bug_bounty-5 | Kamal S | dvwa, burpsuite, brute-force, owasp, bug-bounty | 26-Oct-2024 |
New Cisco ASA and FTD Features: Blocking VPN Brute-Force Password Attacks! | https://medium.com/@wiretor/new-cisco-asa-and-ftd-features-blocking-vpn-brute-force-password-attacks-c9065ef3ccfd?source=rss------bug_bounty-5 | WIRE TOR | presidential-election-usa, cybersecurity, usa, bug-bounty, hacking | 26-Oct-2024 |
New Windows Driver Signature Bypass Enables Rootkit Installs! | https://medium.com/@wiretor/new-windows-driver-signature-bypass-enables-rootkit-installs-42d64a4e973a?source=rss------bug_bounty-5 | WIRE TOR | bug-bounty, cybersecurity, networking, hacking, malware | 26-Oct-2024 |
Black Basta Ransomware Targets Teams: Stay Vigilant! | https://medium.com/@wiretor/black-basta-ransomware-targets-teams-stay-vigilant-a76d8550003c?source=rss------bug_bounty-5 | WIRE TOR | hacking, cybersecurity, malware, xss-attack, bug-bounty | 26-Oct-2024 |
Hunting for Open Redirect Vulnerabilities: A Beginner to Expert Guide | https://medium.com/@360Security/hunting-for-open-redirect-vulnerabilities-a-beginner-to-expert-guide-c33dd1ac1875?source=rss------bug_bounty-5 | 360 Security | web-security, penetration-testing, vulnerability, cybersecurity, bug-bounty | 26-Oct-2024 |
Red Hat SSO 7.6 Host Header Injection Vulnerability | https://medium.com/@mark.roy.1337/exploiting-and-securing-red-hat-sso-7-6-host-header-injection-vulnerability-654424f6889a?source=rss------bug_bounty-5 | Mark R. | vulnerability, bug-bounty, cybersecurity | 25-Oct-2024 |
TECNO Security Year-End Reward Sprint Preview: Grand Prizes Await You! | https://medium.com/@security.tecno/tecno-security-year-end-reward-sprint-preview-grand-prizes-await-you-7dec791e12ce?source=rss------bug_bounty-5 | TECNO Security | bug-bounty, hacking, bonus, security | 25-Oct-2024 |
How I Bypassed Rate Limit on Login | https://mo9khu93r.medium.com/how-i-bypassed-rate-limit-on-login-b600b15158ef?source=rss------bug_bounty-5 | mo9khu93r | bug-bounty, hacking, cybersecurity, pentesting, rate-limit-bypass | 25-Oct-2024 |
Remote Code Execution - Rage of Race Condition on Gen AI | https://shahjerry33.medium.com/remote-code-execution-rage-of-race-condition-on-gen-ai-6f4cbc1a0e62?source=rss------bug_bounty-5 | Jerry Shah (Jerry) | cybersecurity, penetration-testing, infosec, vulnerability, bug-bounty | 25-Oct-2024 |
Bug punya severity & priority | https://ilhamday.medium.com/bug-punya-severity-priority-5552885eebd6?source=rss------bug_bounty-5 | Ilham Ferry | testing, bug-bounty, qa, quality-assurance, software-development | 25-Oct-2024 |
Red Hat SSO 7.6 Host Header Injection Vulnerability | https://medium.com/@mark-r/exploiting-and-securing-red-hat-sso-7-6-host-header-injection-vulnerability-654424f6889a?source=rss------bug_bounty-5 | Mark R. | vulnerability, bug-bounty, cybersecurity | 25-Oct-2024 |
Advance AI Test Cases For Penetration Testing | https://infosecwriteups.com/advance-ai-testcases-for-penetration-testing-d61b2196311d?source=rss------bug_bounty-5 | Ajay Naik | information-technology, cyberattack, cybersecurity, bug-bounty, ai | 25-Oct-2024 |
Exploiting BAC: Unlimited Likes in Comment Sections | https://medium.com/@RaunakGupta1922/exploiting-bac-unlimited-likes-in-comment-sections-64f173b951fe?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | bug-bounty-tips, cybersecurity, programming, bug-bounty, technology | 25-Oct-2024 |
Information Disclosure in Top 500 Company through Source Code | https://medium.com/@anonymousshetty2003/information-disclosure-in-top-500-company-through-source-code-fe91a7806acc?source=rss------bug_bounty-5 | Anonymousshetty | bug-bounty, cybersecurity, hacking, information-disclosure, security | 25-Oct-2024 |
WordPress Penetration Testing: A Hacker’s Playbook | https://systemweakness.com/wordpress-penetration-testing-a-hackers-playbook-bb97b8a009b1?source=rss------bug_bounty-5 | Ahmed Makawi | penetration-testing, ethical-hacking, wordpress, bug-bounty | 25-Oct-2024 |
How to install WhatWeb & usage samples. | https://pwndecoco.medium.com/how-to-install-whatweb-usage-samples-8b735fc4d645?source=rss------bug_bounty-5 | Pwndec0c0 | penetration-testing, whatweb, bug-bounty, cybersecurity, linux | 25-Oct-2024 |
My step by step process on how I do Bug Bounty Hunting: From finding targets to Submission of the… | https://pwndecoco.medium.com/my-step-by-step-process-on-how-i-do-bug-bounty-program-from-finding-targets-to-submission-of-the-d25939b2a1b3?source=rss------bug_bounty-5 | Pwndec0c0 | bug-bounty-tips, bug-bounty-writeup, bug-bounty, penetration-testing, cybersecurity | 25-Oct-2024 |
Uncovering Vulnerabilities: My Discovery of Hashed Passwords on a Dutch Government Website | https://medium.com/@anonymousshetty2003/uncovering-vulnerabilities-my-discovery-of-hashed-passwords-on-a-dutch-government-website-f30969e6ebbc?source=rss------bug_bounty-5 | Anonymousshetty | cybersecurity, security, bug-bounty, hacking, information-disclosure | 25-Oct-2024 |
Finding Cross-Site Scripting (XSS) vulnerabilities in Bug bounty program | https://medium.com/@curiouskhanna/finding-cross-site-scripting-xss-vulnerabilities-in-bug-bounty-program-2a40bef4c8d7?source=rss------bug_bounty-5 | Shubham Khanna | cybersecurity, earn-money-online, research, bug-bounty | 25-Oct-2024 |
Cracking JWT Tokens: A Path to Identifying Bugs and Earn upto $700 | https://medium.com/@anandrishav2228/cracking-jwt-tokens-a-path-to-identifying-bugs-and-earn-upto-700-4028bcdcbebf?source=rss------bug_bounty-5 | Rishav anand | bug-bounty, hacking, money, token, cybersecurity | 24-Oct-2024 |
50€ Rabbit Hole — Plain as Cake Bugs | https://medium.com/@rootplinix/50-rabbit-hole-plain-as-cake-bugs-e3e0940f93ce?source=rss------bug_bounty-5 | Abu Hurayra | bug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips, cybersecurity | 24-Oct-2024 |
IDOR+Privilege Escalation+No Rate Limit+Business Logic into a Single Vulnerability | https://medium.com/@hossam_hamada/idor-privilege-escalation-no-rate-limit-business-logic-into-a-single-vulnerability-1e6acc9a3884?source=rss------bug_bounty-5 | Hossam Hamada | hackerone, idor, bug-bounty, privilege-escalation, business-logic | 24-Oct-2024 |
Bug Bounty Burnout: Stay Motivated and Mentally Strong | https://bevijaygupta.medium.com/bug-bounty-burnout-stay-motivated-and-mentally-strong-9408b92fa6c8?source=rss------bug_bounty-5 | Vijay Gupta | mentally-strong, bug-bounty, motivation, bug-bounty-tips, bugs | 24-Oct-2024 |
Critical Threat for WordPress Developers and Users, if You are Using a General Password to login… | https://medium.com/@a5adujjaman/critical-threat-for-wordpress-developers-and-users-if-you-are-using-a-general-password-to-login-359ff16fcc45?source=rss------bug_bounty-5 | Asadujjaman Asif | security, two-factor-authentication, bug-bounty, wordpress, wordpress-security | 24-Oct-2024 |
Web3 BBP Journal: Oct.24, 2024 | https://medium.com/@harryfyx/web3-bbp-journal-oct-24-2024-d3c7083ac416?source=rss------bug_bounty-5 | hhhkb | bug-bounty | 24-Oct-2024 |
Bugcrowd Triage is Terrible | https://medium.com/@cybersecnoneed/bugcrowd-triage-is-terrible-97065059aaff?source=rss------bug_bounty-5 | Cybersecnoneed | bug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-program | 24-Oct-2024 |
Unreleased function leads to 150$ bounty | https://medium.com/@noureldin1042/unreleased-function-leads-to-150-bounty-c8521e3e3ba8?source=rss------bug_bounty-5 | Noureldin(0x_5wf) | bug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-hunting, programming | 24-Oct-2024 |
How I Accessed Microsoft’s ServiceNow — Exposing ALL Microsoft Employee emails, Chat Support… | https://medium.com/@moblig/how-i-accessed-microsofts-servicenow-exposing-all-microsoft-employee-emails-chat-support-5f8d535eb63b?source=rss------bug_bounty-5 | Moblig | bug-bounty, cybersecurity, microsoft, news | 24-Oct-2024 |
Seprate Active and Dead Subdomains part 4 | https://osintteam.blog/seprate-active-and-dead-subdomains-part-4-18f092dc8423?source=rss------bug_bounty-5 | Mr Abdullah | bugbounty-writeup, subdomains-enumeration, hacking, bug-bounty, web-hacking | 24-Oct-2024 |
Smart recon to PWN the panel | https://ro0od.medium.com/smart-recon-to-pwn-the-panel-a23b0b9466bb?source=rss------bug_bounty-5 | rood | hacking, bug-bounty, hackerone, writeup, bug-bounty-tips | 24-Oct-2024 |
Penalized for Responsible Disclosure | https://geochen.medium.com/penalized-for-responsible-disclosure-e36b3f57dc8a?source=rss------bug_bounty-5 | George Chen | big-four, hacking, bug-bounty, cybersecurity, responsible-disclosure | 24-Oct-2024 |
Bug Bounty with AI: Enhancing Cybersecurity Through Artificial Intelligence | https://prakash888kpk.medium.com/bug-bounty-with-ai-enhancing-cybersecurity-through-artificial-intelligence-fc679204b800?source=rss------bug_bounty-5 | Lets Unlearn | ai-tools, bug-bounty, ai, bugs, bounties | 24-Oct-2024 |
Cheat Sheet : Utilisation de Nuclei pour les Tests de Sécurité et b | https://medium.com/@Itachi0xf/cheat-sheet-utilisation-de-nuclei-pour-les-tests-de-s%C3%A9curit%C3%A9-et-b-e4d9d57aff32?source=rss------bug_bounty-5 | Itachix0f | hacking, cheatsheet, learning, bug-bounty | 24-Oct-2024 |
Das CRUD-Prinzip | https://medium.com/@rainer_zufall111/das-crud-prinzip-786530d1a302?source=rss------bug_bounty-5 | R4In3RZuf4LL | cybersecurity, hacking, bug-bounty, api | 24-Oct-2024 |
How i found exposed db creds on .gov site | https://medium.com/@jenroots/how-i-found-exposed-db-creds-on-gov-site-24588d9eb9c8?source=rss------bug_bounty-5 | Jenroots | bug-bounty-tips, information-security, penetration-testing, bugs, bug-bounty | 24-Oct-2024 |
Second Strike: Uncovering a GraphQL IDOR That Let Me Delete Anyones Post | https://dukrov.medium.com/second-strike-uncovering-a-graphql-idor-that-let-me-delete-anyones-post-7c6fefd71db7?source=rss------bug_bounty-5 | ͏ ͏Dukrov | bug-bounty, hackerone, cybersecurity, bugbounty-tips, hacking | 24-Oct-2024 |
How to Handle Burnout as a Bug Bounty Hunter: Step By Step guide | https://medium.com/@shaikhminhaz1975/how-to-handle-burnout-as-a-bug-bounty-hunter-step-by-step-guide-c83b06c4fc1f?source=rss------bug_bounty-5 | Shaikh Minhaz | burnout-prevention, stress-management, cybersecurity, stress, bug-bounty | 23-Oct-2024 |
How to Find CVEs, Report Them, and Leverage Them for Career Growth and Bounties of $$$$$. | https://medium.com/@anandrishav2228/how-to-find-cves-report-them-and-leverage-them-for-career-growth-and-bounties-of-3b62538c64d1?source=rss------bug_bounty-5 | Rishav anand | ai, money, cybersecurity, cve, bug-bounty | 23-Oct-2024 |
One Payload for Bugbounty(X$$)! | https://pwndecoco.medium.com/one-payload-for-bugbounty-x-ace7dfd4859d?source=rss------bug_bounty-5 | Pwndec0c0 | penetration-testing, bugbounty-tips, bug-bounty, hacking, bugbounty-writeup | 23-Oct-2024 |
Hacking Tools That You Need To Learn | https://aircorridor.medium.com/hacking-tools-that-you-need-to-learn-2d8ebb8b47aa?source=rss------bug_bounty-5 | Aircorridor | bug-bounty, cybersecurity, linux, tools, hacking | 23-Oct-2024 |
Improper Access Control — Generic: How I Gained Full Control Over an Admin Panel | https://medium.com/@rezauditore/improper-access-control-generic-how-i-gained-full-control-over-an-admin-panel-c82587a1a09f?source=rss------bug_bounty-5 | rezauditore | bug-bounty, lgbtq, appsec, ethical-hacking, api | 23-Oct-2024 |
How I Discovered Sensitive App_ID and App_Key Disclosure in a JavaScript File and Earned $150 | https://medium.com/@dhananjay_00/how-i-discovered-sensitive-app-id-and-app-key-disclosure-in-a-javascript-file-and-earned-150-ad3fb7f942bc?source=rss------bug_bounty-5 | Dhananjay Pathak | penetration-testing, cybersecurity, hacking, bug-bounty, hackerone | 23-Oct-2024 |
Understanding SMTP User Enumeration via MX Record Attacks | https://hackerhalt.medium.com/smtp-user-enumeration-mx-record-4e5761d52e57?source=rss------bug_bounty-5 | Hacker Halt | pentesting, bugcrowd, bug-bounty, hackerone | 23-Oct-2024 |
Entering The Dark Web And Explaining The Art Of Deep Anonymity | Primary Hacking School #8 | https://medium.com/@nnface/entering-the-dark-web-and-explaining-the-art-of-deep-anonymity-primary-hacking-school-8-20239706e4fc?source=rss------bug_bounty-5 | NnFace | darkweb, web, hacking, kali-linux, bug-bounty | 23-Oct-2024 |
Eyeglass Adventures: From Typos to Admin Access — A Hacker’s Tale | https://medium.com/@khode4li/eyeglass-adventures-from-typos-to-admin-access-a-hackers-tale-0a3149acd6e9?source=rss------bug_bounty-5 | Khod4li | security, mass-assignment, bug-bounty, broken-access-control, vulnerability | 23-Oct-2024 |
Stored XSS Critical or NOT? | https://medium.com/@mrro0o0tt/stored-xss-critical-or-not-da9eb9b19029?source=rss------bug_bounty-5 | Whoami | bug-bounty-hunter, bug-bounty-tips, bug-bounty, hacking, bug-bounty-writeup | 23-Oct-2024 |
Requisições Web — Tudo que você deve saber para começar em cybersegurança | https://medium.com/@malwarilia/requisi%C3%A7%C3%B5es-web-tudo-que-voc%C3%AA-deve-saber-para-come%C3%A7ar-em-cyberseguran%C3%A7a-ef01a89b250c?source=rss------bug_bounty-5 | Marília Rocha | bug-bounty-tips, pentesting, cybersecurity, infosec, bug-bounty | 22-Oct-2024 |
Bug Bounty Methodology for SQL Injection with Waybash URLs | https://pwn0sec.medium.com/bug-bounty-methodology-for-sql-injection-with-waybash-urls-d1d13d0ebdaa?source=rss------bug_bounty-5 | Imhunterand | bug-bounty-tips, waybash, sql-injection, bug-bounty-writeup, bug-bounty | 22-Oct-2024 |
Oracle SQL Injection | Database Recon | https://systemweakness.com/oracle-sql-injection-database-recon-0c384d4a085a?source=rss------bug_bounty-5 | AbhirupKonwar | cybersecurity, sql-injection, bug-bounty, pentesting, bug-bounty-tips | 22-Oct-2024 |
Forget password OTP flaw lead to Account Takeover. | https://medium.com/@bughunt789/forget-password-otp-flaw-lead-to-account-takeover-b3f2b847952b?source=rss------bug_bounty-5 | BUG HUNTER | bug-bounty, bug-bounty-writeup, response-manipulation, account-takeover, account-takeover-attacks | 22-Oct-2024 |
How I Hacked Over 150k PII on a Program | https://medium.com/@rootplinix/how-i-hacked-over-150k-pii-on-a-program-f58b8b141d4a?source=rss------bug_bounty-5 | Abu Hurayra | pii-data, infosec, hackerone, bug-bounty-tips, bug-bounty | 22-Oct-2024 |
SQL Injection Attack, Listing the Database Contents on Oracle | https://medium.com/@marduk.i.am/sql-injection-attack-listing-the-database-contents-on-oracle-3be23e33a43d?source=rss------bug_bounty-5 | Marduk I Am | sqli, information-security, sql-injection, portswigger-lab, bug-bounty | 22-Oct-2024 |
Discovery of Reflected XSS Vulnerability on a Global Car Website #2 | https://medium.com/@gg20205959/discovery-of-reflected-xss-vulnerability-on-a-global-car-website-2-ddfc7ba9f67d?source=rss------bug_bounty-5 | VulnSniper | xss-attack, xss-vulnerability, bug-bounty, penetration-testing | 22-Oct-2024 |
LLM Penetration Testing Checklist | https://infosecwriteups.com/llm-penetration-testing-checklist-87eda0ce2991?source=rss------bug_bounty-5 | Ajay Naik | information-technology, information-security, penetration-testing, cybersecurity, bug-bounty | 22-Oct-2024 |
Security Flaw in Styra’s OPA Exposes NTLM Hashes to Remote Attackers | https://medium.com/@wiretor/security-flaw-in-styras-opa-exposes-ntlm-hashes-to-remote-attackers-f4c9ce201de8?source=rss------bug_bounty-5 | WIRE TOR | penetration-testing, hacking, bug-bounty, cybersecurity, usa | 22-Oct-2024 |
Shodan Secrets | Hack Hidden Files Easily | https://osintteam.blog/shodan-secrets-hack-hidden-files-easily-94de007def73?source=rss------bug_bounty-5 | AbhirupKonwar | cybersecurity, bug-hunting, shodan, bug-bounty, pentesting | 22-Oct-2024 |
Hunting Broken Object Level Authorization | https://blackhawkk.medium.com/hunting-broken-object-level-authorization-9b499fc0f327?source=rss------bug_bounty-5 | Tanmay Bhattacharjee | bug-bounty, api-sec, owasp | 22-Oct-2024 |
Single endpoint leads to two bounties!(400$) | https://medium.com/@noureldin1042/single-endpoint-leads-to-two-bounties-400-7dd96cf601c7?source=rss------bug_bounty-5 | Noureldin(0x_5wf) | bug-bounty, bug-hunting, bug-bounty-writeup, hackerone, bug-bounty-tips | 22-Oct-2024 |
Breaking Boundaries: Discovering Session Invalidation Failures in User Roles | https://medium.com/@hawkeye69669/breaking-boundaries-discovering-session-invalidation-failures-in-user-roles-84711777f9f2?source=rss------bug_bounty-5 | Hawkeye | bug-bounty-tips, bug-bounty, infosec-write-ups, bug-bounty-writeup, infosec | 22-Oct-2024 |
Google Warns of Samsung Zero-Day Exploited in the Wild | https://medium.com/@wiretor/google-warns-of-samsung-zero-day-exploited-in-the-wild-fb98c84b3e06?source=rss------bug_bounty-5 | WIRE TOR | usa, cybersecurity, hacking, bug-bounty, malware | 22-Oct-2024 |
Critical Vulnerabilities Expose mbNET.mini and Helmholz Industrial Routers to Attacks | https://medium.com/@wiretor/critical-vulnerabilities-expose-mbnet-mini-and-helmholz-industrial-routers-to-attacks-feac904b23b5?source=rss------bug_bounty-5 | WIRE TOR | usa, hacking, bug-bounty, cybersecurity, pentesting | 22-Oct-2024 |
Ransomware Alert: Cicada3301 Emerges as Successor to BlackCat | https://medium.com/@wiretor/ransomware-alert-cicada3301-emerges-as-successor-to-blackcat-e0e468472e08?source=rss------bug_bounty-5 | WIRE TOR | pentesting, bug-bounty, cybersecurity, usa, hacking | 22-Oct-2024 |
How i tricked Crypto Trading Site into sending Dangerous email to it’s Users | https://medium.com/@Rahulkrishnan_R_Panicker/how-i-tricked-crypto-trading-site-into-sending-dangerous-email-to-its-users-a11a972c470f?source=rss------bug_bounty-5 | Rahulkrishnan R Panicker | bug-bounty, bug-bounty-tips, bug-bounty-writeup, pentesting, security | 21-Oct-2024 |
Oops, Nykaa! How I Almost Ordered ₹1 Lakh Worth of Makeup (Without Even Logging In!) | https://medium.com/@lungfu-chingchung/oops-nykaa-how-i-almost-ordered-1-lakh-worth-of-makeup-without-even-logging-in-f10679e0d8c9?source=rss------bug_bounty-5 | LungFu | learning, firstwriteup, mastmaula, security, bug-bounty | 21-Oct-2024 |
Another Dark Reality of Bug Hunting | https://bevijaygupta.medium.com/another-dark-reality-of-bug-hunting-0c8fa62e9867?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-tips, dark-reality, bug-bounty, bugs, bug-zero | 21-Oct-2024 |
How to Use nslookup from Beginner to Advanced: A Comprehensive Guide | https://medium.com/@anandrishav2228/how-to-use-nslookup-from-beginner-to-advanced-a-comprehensive-guide-846ad93955e4?source=rss------bug_bounty-5 | Rishav anand | money, cybersecurity, hacker, bug-bounty, dns | 21-Oct-2024 |
How I Found and Reported a High Severity Stored XSS Vulnerability in the UK Ministry of Defence: A… | https://medium.com/@sagarjondhle/how-i-found-and-reported-a-critical-stored-xss-vulnerability-in-the-uk-ministry-of-defence-a-bug-e44497befaa8?source=rss------bug_bounty-5 | IronPurush | bug-bounty, cybersecurity, information-technology, education | 21-Oct-2024 |
Hacking LLMNR and NBT-NS | https://medium.com/@nishcyber22/hacking-llmnr-and-nbt-ns-3187458ee89d?source=rss------bug_bounty-5 | 0xn1sh | penetration-testing, hacking, cybersecurity, windows-hacking, bug-bounty | 21-Oct-2024 |
HTTP para Pentesters: Tudo que você precisa saber | https://medium.com/@malwarilia/introdu%C3%A7%C3%A3o-ao-http-para-pentesters-tudo-que-voc%C3%AA-precisa-saber-f3cce97d42e9?source=rss------bug_bounty-5 | Marília Rocha | offensive-security, segurança-da-informação, cybersecurity, bug-bounty, pentes | 21-Oct-2024 |
What’s Session Management | https://medium.com/@vishalsahu1604/whats-session-management-306c08a9afcf?source=rss------bug_bounty-5 | Vishal Sahoo | bug-bounty, cybersecurity, website-traffic, website, website-development | 21-Oct-2024 |
Unlocking Cybersecurity with Censys: A Guide to Ethical Hacking, Bug Bounties, and Pentesting —… | https://medium.com/@vulnlabresearcher/unlocking-cybersecurity-with-censys-a-guide-to-ethical-hacking-bug-bounties-and-pentesting-f4c29e89ac54?source=rss------bug_bounty-5 | VulnResearcher | passive-network-scanning, internet-scanning-tools, censys-tutorial, bug-bounty, ethical-hacking | 21-Oct-2024 |
CSRF-ATTACK-PREVENTION-GUIDE | https://osintteam.blog/csrf-attack-prevention-guide-3afe8791af6d?source=rss------bug_bounty-5 | Asad Mohsin | cyber-security-awareness, cybersecuirty, cyber-attack-prevention, bug-bounty, csrf | 21-Oct-2024 |
How No rate limiting got me 150$ in 5 minutes. | https://medium.com/@noureldin1042/how-no-rate-limiting-got-me-150-in-5-minutes-e0abbec48f35?source=rss------bug_bounty-5 | Noureldin(0x_5wf) | bug-bounty, bounty-hunter, penetration-testing, bounty-program, bug-hunting | 21-Oct-2024 |
How i found 22 LFI in the same program using automation tricks | https://medium.com/@zomasec/how-i-found-22-lfi-in-the-same-program-using-automation-tricks-3ea303d24f4a?source=rss------bug_bounty-5 | Hazem El-Sayed | bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips, web-security | 21-Oct-2024 |
My First $100 Bounty: Exploiting IDOR Vulnerability in Account Section | https://medium.com/@tinu7494/my-first-100-bounty-exploiting-idor-vulnerability-in-account-section-fc81d28dbed9?source=rss------bug_bounty-5 | Whitehat | bug-bounty, penetration-testing, bug-bounty-tips, hacking, cybersecurity | 21-Oct-2024 |
How Sensitive Information Disclosure Can Lead to Account Takeover | https://medium.com/@D2Cy/how-sensitive-information-disclosure-can-lead-to-account-takeover-vulnerabilities-4d18d2a3711d?source=rss------bug_bounty-5 | Devansh | information-security, bug-bounty, idor, account-takeover | 21-Oct-2024 |
Mastering Arsenal (How to Use the Nuclei Tool Effectively) | https://medium.com/@bitthr3at/mastering-arsenal-how-to-use-the-nuclei-tool-effectively-5ff976dfaeb0?source=rss------bug_bounty-5 | Naman Gupta (Bitthr3at) | nucleus, scanning, bug-bounty, pentest, tools | 21-Oct-2024 |
Microsoft Blocks Windows 11 24H2 on Select ASUS Models: A Cautionary Tale for Users | https://medium.com/@wiretor/microsoft-blocks-windows-11-24h2-on-select-asus-models-a-cautionary-tale-for-users-5fc3314e0cfa?source=rss------bug_bounty-5 | WIRE TOR | cybersecurity, bug-bounty, pentest, usa, hacking | 21-Oct-2024 |
Cisco Takes DevHub Portal Offline Following Hacker Leak of Sensitive Data | https://medium.com/@wiretor/cisco-takes-devhub-portal-offline-following-hacker-leak-of-sensitive-data-b6ca5cffe3c3?source=rss------bug_bounty-5 | WIRE TOR | pentesting, hacking, usa, bug-bounty, cybersecurity | 21-Oct-2024 |
Massive WordPress Breach: Over 6,000 Sites Hacked by Infostealing Malware Plugins! ️ | https://medium.com/@wiretor/massive-wordpress-breach-over-6-000-sites-hacked-by-infostealing-malware-plugins-%EF%B8%8F-2a4cb7e80d0c?source=rss------bug_bounty-5 | WIRE TOR | pentest, usa, pentesting, bug-bounty, cybersecurity | 21-Oct-2024 |
North Korean Hackers Exploit Microsoft Zero-Day: APT37’s “Code-on-Toast” Attack Uncovered | https://medium.com/@wiretor/north-korean-hackers-exploit-microsoft-zero-day-apt37s-code-on-toast-attack-uncovered-c10af50cf040?source=rss------bug_bounty-5 | WIRE TOR | cybersecurity, usa, bug-bounty, hacking, malware | 21-Oct-2024 |
My Bug Hunting Journey Begins | https://medium.com/@ahmsyhmi/my-bug-hunting-journey-begins-c75c291ffe9c?source=rss------bug_bounty-5 | Ahmad Syahmi | bug-bounty-tips, bug-bounty, cybersecurity, bug-bounty-hunter, bug-hunting | 20-Oct-2024 |
How i got 300euro bounty? | https://doordiefordream.medium.com/how-i-got-300euro-bounty-5e25f0a212de?source=rss------bug_bounty-5 | balu bandi | ethical-hacking, hacking, bug-bounty, writeup, cybersecurity | 20-Oct-2024 |
How I Found My First P1 Bug ?? | https://medium.com/@prajwalpatil453/how-i-found-my-first-p1-bug-705b6ba5e3e2?source=rss------bug_bounty-5 | Anonstrk | bug-bounty-tips, cybersecurity, tips-and-tricks, vdp, bug-bounty | 20-Oct-2024 |
How Much Does Penetration Testing Cost? | https://securitylit.medium.com/how-much-does-penetration-testing-cost-945fdb94e973?source=rss------bug_bounty-5 | Security Lit Limited | it-security, penetration-testing, pentesting, services, bug-bounty | 20-Oct-2024 |
Is CISSP Certification Still Worth It in 2025? Find Out Why You Should Consider It! | https://securitylit.medium.com/is-cissp-certification-still-worth-it-in-2025-find-out-why-you-should-consider-it-dda36a443f80?source=rss------bug_bounty-5 | Security Lit Limited | penetration-testing, it-security, bug-bounty, cybersecurity | 20-Oct-2024 |
Bypassing Email Uniqueness Check: A Logic Flaw Disrupting Password Recovery | https://medium.com/@0xoroot/bypassing-email-uniqueness-check-a-logic-flaw-disrupting-password-recovery-95464c95b664?source=rss------bug_bounty-5 | 0xoroot | bug-bounty-tips, broken-access-control, hacking, bug-bounty, hackerone | 20-Oct-2024 |
Mastering SQLMap Tool for Effective SQL Injection Testing | https://medium.com/@prasanna.acharya/mastering-sqlmap-tool-for-effective-sql-injection-testing-38911178d3f6?source=rss------bug_bounty-5 | Prasanna Acharya | sqlmap, sql-injection, bug-bounty-tips, web-penetration-testing, bug-bounty | 20-Oct-2024 |
Mastering Internet Scanning: How to Use ZMap and Censys for Ethical Hacking — Part 1 | https://medium.com/@vulnlabresearcher/mastering-internet-scanning-how-to-use-zmap-and-censys-for-ethical-hacking-part-1-9d05feb7a382?source=rss------bug_bounty-5 | VulnResearcher | bug-bounty, ethical-hacking, network-scanning, cybersecurity, zmap-tutorial | 20-Oct-2024 |
Hack Application Pattern Lock | https://medium.com/@k3r0/hack-application-pattern-lock-5ade6b8128dc?source=rss------bug_bounty-5 | Kyrillos nady | bug-bounty, pentesting, hacking, mobi̇le, android | 20-Oct-2024 |
Bug Bounty Roadmap for Beginner’s | https://medium.com/@kumawatabhijeet2002/bug-bounty-roadmap-for-beginners-de747ab39036?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, hacking, bugbounty-writeup, bug-bounty-tips | 20-Oct-2024 |
The Deceptive Dance of Self-XSS: How to Protect Yourself from Your Own Browser | https://medium.com/@mrutunjayasenapati0/the-deceptive-dance-of-self-xss-how-to-protect-yourself-from-your-own-browser-303ffe642073?source=rss------bug_bounty-5 | Mrutunjaya Senapati | xss-attack, bug-bounty, vulnerability, bugs, hacking | 20-Oct-2024 |
My Adventure in Bug Bounty: Sharing My Very First Successful Discovery | https://medium.com/@prateek.baghela/my-adventure-in-bug-bounty-sharing-my-very-first-successful-discovery-526124148107?source=rss------bug_bounty-5 | Prateek Baghela | cybersecurity, hacking, ethical-hacking, bug-bounty | 20-Oct-2024 |
My first SQLi vulnerability | https://medium.com/@rimed.software/my-first-sqli-vulnerability-f1eaab78eadf?source=rss------bug_bounty-5 | muhammed demir | owasp-top-10, bug-bounty, bug-bounty-writeup, sqli, cybersecurity | 20-Oct-2024 |
Halloween Special Offer: 25% Off All Cybersecurity Services! | https://medium.com/@wiretor/halloween-special-offer-25-off-all-cybersecurity-services-01ff60356d66?source=rss------bug_bounty-5 | WIRE TOR | hacking, bug-bounty, halloween, cybersecurity, usa | 20-Oct-2024 |
Finally I got My First Bounty | From Self Hosted Program | https://medium.com/@the.air.cyborg/finally-i-got-my-first-bounty-from-self-hosted-program-71ffe09473c4?source=rss------bug_bounty-5 | the_air_cyborg | clickjacking, bugbounty-writeup, bug-bounty, bugbounty-tips, clickbait | 20-Oct-2024 |
Mastering Nmap Firewall Evasion Techniques: A Detailed Guide | https://medium.com/@anandrishav2228/mastering-nmap-firewall-evasion-techniques-a-detailed-guide-f5d5b9f00587?source=rss------bug_bounty-5 | Rishav anand | firewall, bug-bounty, nmap, cybersecurity, money | 20-Oct-2024 |
How to Start Hacking: A Comprehensive Guide to Ethical Hacking and Penetration Testing for… | https://medium.com/@verylazytech/how-to-start-hacking-a-comprehensive-guide-to-ethical-hacking-and-penetration-testing-for-db6e3fcd63ea?source=rss------bug_bounty-5 | Very Lazy Tech | bug-bounty, books, how-to-start-hacking, penetration-testing, cybersecurity | 20-Oct-2024 |
Superior Tool Untuk Melakukan Google Dorking Dalam Mencari Kerentanan Website | https://medium.com/@bimosp56/superior-tool-untuk-melakukan-google-dorking-dalam-mencari-kerentanan-website-ec7719b05a5b?source=rss------bug_bounty-5 | Bimo Salasa Putra | bug-bounty, bigbountyrecon, vulnerability-assessment, google-dorking, vulnerability | 20-Oct-2024 |
FINDING A DOS BUG(STEP BY STEP). | https://osintteam.blog/finding-a-dos-bug-step-by-step-5f13d361dc90?source=rss------bug_bounty-5 | loyalonlytoday | hacking, penetration-testing, bug-bounty-tips, cybersecurity, bug-bounty | 20-Oct-2024 |
$$$ Bounty for PII disclosure through API | https://osintteam.blog/bounty-for-pii-disclosure-through-api-71b660bc984b?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | cybersecurity, hacking, bug-bounty, ethical-hacking, technology | 20-Oct-2024 |
Security Misconfigurations in Docker Containers: My $500 Win! | https://osintteam.blog/security-misconfigurations-in-docker-containers-my-500-win-241af85882b2?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | ethical-hacking, hacking, bug-bounty, cybersecurity, technology | 20-Oct-2024 |
Exploiting Auth0 Misconfigurations: A Case Study on Account Linking Vulnerabilities | https://medium.com/@iknowhatodo/exploiting-auth0-misconfigurations-a-case-study-on-account-linking-vulnerabilities-76fb6b9703f8?source=rss------bug_bounty-5 | Hossam Ahmed | security, penetration-testing, bug-bounty, information-security | 20-Oct-2024 |
What are Cookies? and How Attackers Take Privilege of Cookies | https://medium.com/@vishalsahu1604/what-are-cookies-and-how-attackers-take-privilege-of-cookies-a016145c5fff?source=rss------bug_bounty-5 | Vishal Sahoo | website-development, bug-bounty, technology, cybersecurity, website | 20-Oct-2024 |
How I could steal Telegram OTPs using SMS relays | https://medium.com/@cyberletmewin/how-i-could-steal-telegram-otps-using-sms-relays-4672769c98e3?source=rss------bug_bounty-5 | Abdelkhalek Beraoud (letmewin) | telegram, information-security, mobile-network, cybersecurity, bug-bounty | 20-Oct-2024 |
VDP vs CVD vs Bug Bounty | https://medium.com/@ali.abdollahi/vdp-vs-cvd-vs-bug-bounty-bc2402038e4f?source=rss------bug_bounty-5 | Ali Abdollahi | cybersecurity, security, information-security, vulnerability, bug-bounty | 20-Oct-2024 |
Hackers Exploit Roundcube Webmail Vulnerability to Steal Login Credentials | https://medium.com/@wiretor/hackers-exploit-roundcube-webmail-vulnerability-to-steal-login-credentials-6b2761a7dd81?source=rss------bug_bounty-5 | WIRE TOR | hacking, pentest, usa, cybersecurity, bug-bounty | 20-Oct-2024 |
Hackers Exploit Redbox Kiosks: A Wake-Up Call for Digital Security | https://medium.com/@wiretor/hackers-exploit-redbox-kiosks-a-wake-up-call-for-digital-security-1d19e18f3a80?source=rss------bug_bounty-5 | WIRE TOR | hacking, usa, cybersecurity, malware, bug-bounty | 20-Oct-2024 |
How to Find XSS in Real-Life Bug Bounty Targets | https://medium.com/@rupaitanudas/how-to-find-xss-in-real-life-bug-bounty-targets-319177706ad8?source=rss------bug_bounty-5 | Rupaitanudas | xss-attack, bug-bounty, tips-and-tricks | 20-Oct-2024 |
Internet Archive Breached Again: Urgent Call for Enhanced Cybersecurity | https://medium.com/@wiretor/internet-archive-breached-again-urgent-call-for-enhanced-cybersecurity-4cb161fc5408?source=rss------bug_bounty-5 | WIRE TOR | cybersecurity, bug-bounty, usa, malware, hacking | 20-Oct-2024 |
how did I lose $5000? | https://medium.com/@mr.matrex00.7/how-did-i-lose-5000-6bf4a5c7cbf7?source=rss------bug_bounty-5 | Mr Matrex | hackthebox, tryhackme, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 20-Oct-2024 |
Unveiling Hidden Vulnerabilities: A Journey into E-Commerce Security | https://medium.com/@CipherHawk/unveiling-hidden-vulnerabilities-a-journey-into-e-commerce-security-db7993b788cc?source=rss------bug_bounty-5 | CipherHawk | bug-bounty-tips, bug-bounty, bugcrowd, cybersecurity, hackerone | 20-Oct-2024 |
VDP vs CVD vs Bug Bounty | https://systemweakness.com/vdp-vs-cvd-vs-bug-bounty-bc2402038e4f?source=rss------bug_bounty-5 | Ali Abdollahi | cybersecurity, security, information-security, vulnerability, bug-bounty | 20-Oct-2024 |
How I Found My First Easy P3 Vulnerability in HackerOne Bug Bounty | https://medium.com/@aryan9868/how-i-found-my-first-easy-p3-vulnerability-in-hackerone-bug-bounty-f9227942c6c0?source=rss------bug_bounty-5 | h4ck3rrawat | bugs, bug-bounty-tips, bugbounty-writeup, hackerone, bug-bounty | 19-Oct-2024 |
Google Dorking Queries to find vulnurable targets | https://medium.com/@kanishk.k1410/google-dorkingqueries-to-find-vulnurable-targets-89ee672b6996?source=rss------bug_bounty-5 | Kanishk Kumar | google-dorking, hacking, technology, bug-bounty, offensive-security | 19-Oct-2024 |
How a NoSQL Injection Attack Helped Me Earn $500: A Step-by-Step Guide | https://medium.com/@anandrishav2228/how-a-nosql-injection-attack-helped-me-earn-500-a-step-by-step-guide-51370a95bb93?source=rss------bug_bounty-5 | Rishav anand | bug-bounty, ai, money, nosql, cybersecurity | 19-Oct-2024 |
A Comprehensive Guide to API Fuzzing: Strengthen Your API Security | https://medium.com/@Code_With_Ssn/a-comprehensive-guide-to-api-fuzzing-strengthen-your-api-security-5c00aac974b0?source=rss------bug_bounty-5 | N4!TR0 07 | api-fuzzing, api, bug-bounty, bug-bounty-writeup, reconnaissance | 19-Oct-2024 |
From JavaScript Analysis To UUID Pattern Exploration Revealed a Critical IDOR! | https://medium.com/@ozomarzu/from-javascript-analysis-to-uuid-pattern-exploration-revealed-a-critical-idor-5c526451e7ec?source=rss------bug_bounty-5 | CyberOz | bug-bounty-tips, js, idor, bug-bounty-writeup, bug-bounty | 19-Oct-2024 |
Password Brute-Forcing: The Cybersecurity Game Show You Didn’t Sign Up For | https://medium.com/@mrutunjayasenapati0/password-brute-forcing-the-cybersecurity-game-show-you-didnt-sign-up-for-c03052aedeeb?source=rss------bug_bounty-5 | Mrutunjaya Senapati | hacking, vulnerability, bug-bounty, passwords, bugs | 19-Oct-2024 |
How I Uncovered a Hidden XSS Vulnerability in a Global Car Website | https://medium.com/@gg20205959/how-i-uncovered-a-hidden-xss-vulnerability-in-a-global-car-website-1e0b86a86a7a?source=rss------bug_bounty-5 | VulnSniper | xss-attack, xss-vulnerability, hacking, alerts, bug-bounty | 19-Oct-2024 |
How I Uncovered a High-Severity Vulnerability Using a Single HTTP Header | https://medium.com/@ahmeedhisham2019/how-i-uncovered-a-high-severity-vulnerability-using-a-single-http-header-bf678a2775dc?source=rss------bug_bounty-5 | CipherHawk | cybersecurity, ethical-hacking, hackerone, bug-bounty-tips, bug-bounty | 19-Oct-2024 |
SubdomainRadar.io — The best Subdomain Finder And Port Scanner | https://medium.com/@alexandrevandammepro/subdomainradar-io-the-best-subdomain-finder-and-port-scanner-a5390b5fee67?source=rss------bug_bounty-5 | Alexandre Vandamme | subdomains-enumeration, osint, bug-bounty, infose, cybersecurity | 19-Oct-2024 |
How I am starting my Bug Bounty Hunting Journey | https://cybersechemmars.medium.com/how-i-am-starting-my-bug-bounty-hunting-journey-6d807a367d80?source=rss------bug_bounty-5 | Cybersec with Hemmars | bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, cybersecurity | 19-Oct-2024 |
Get easy $50,000 bugbounty hunting from hackerone program | https://medium.com/@loaymorad11/get-easy-50-000-bugbounty-hunting-from-hackerone-program-e5a119d2af0c?source=rss------bug_bounty-5 | Loaymorad | hackerone, writeup, information-disclosure, cybersecurity, bug-bounty | 19-Oct-2024 |
Attack on Zendesk | https://medium.com/@skirkanna/attack-on-zendesk-6f4f3adf3458?source=rss------bug_bounty-5 | Anna Skirko (unknown_feature) | bug-bounty, apple, zendesk, supply-chain, slack | 19-Oct-2024 |
How I Uncovered a High-Severity Vulnerability Using a Single HTTP Header | https://medium.com/@CipherHawk/how-i-uncovered-a-high-severity-vulnerability-using-a-single-http-header-bf678a2775dc?source=rss------bug_bounty-5 | CipherHawk | cybersecurity, ethical-hacking, hackerone, bug-bounty-tips, bug-bounty | 19-Oct-2024 |
How I Found a Subdomain Takeover Bug and Earned a $500 Bounty | https://medium.com/@D2Cy/how-i-found-a-subdomain-takeover-bug-and-earned-a-500-bounty-0edc139fe994?source=rss------bug_bounty-5 | D2Cy | information-security, bug-bounty, bug-bounty-writeup, cybersecurity, subdomain-takeover | 19-Oct-2024 |
XSS | https://medium.com/@cyberviperx/xss-f5daee1b9e95?source=rss------bug_bounty-5 | Majd abuleil | xss-vulnerability, bug-bounty, cybersecurity, hacking, xss-attack | 19-Oct-2024 |
6 BEST Hacking Books for Learning Cybersecurity | https://medium.com/illumination/6-best-hacking-books-for-learning-cybersecurity-bbe0e9bdf0ae?source=rss------bug_bounty-5 | Tahir Ayoub | penetration-testing, bug-bounty, hacking, cybersecurity, ethical-hacking | 19-Oct-2024 |
Alabama Man Arrested for SEC Social Media Hack That Caused Bitcoin Price Spike | https://medium.com/@wiretor/alabama-man-arrested-for-sec-social-media-hack-that-caused-bitcoin-price-spike-eebee5fe0a88?source=rss------bug_bounty-5 | WIRE TOR | information-technology, cybersecurity, malware, xss-attack, bug-bounty | 19-Oct-2024 |
Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant | https://medium.com/@wiretor/russian-romcom-attacks-target-ukrainian-government-with-new-singlecamper-rat-variant-89d740937358?source=rss------bug_bounty-5 | WIRE TOR | cybersecurity, xss-attack, hacking, bug-bounty, usa | 19-Oct-2024 |
Attention WordPress Users! Critical Jetpack Vulnerability Fixed! | https://medium.com/@wiretor/attention-wordpress-users-critical-jetpack-vulnerability-fixed-f52d455499fe?source=rss------bug_bounty-5 | WIRE TOR | bug-bounty, usa, sqli, malware, hacking | 19-Oct-2024 |
How I Found a Subdomain Takeover Bug and Earned a $500 Bounty | https://medium.com/@D2Cy/how-i-found-a-subdomain-takeover-bug-and-earned-a-500-bounty-0edc139fe994?source=rss------bug_bounty-5 | Devansh | information-security, bug-bounty, bug-bounty-writeup, cybersecurity, subdomain-takeover | 19-Oct-2024 |
2FA Bypass via OAuth Linking | https://medium.com/@sharp488/2fa-bypass-via-oauth-linking-c8a640519ae8?source=rss------bug_bounty-5 | Sharat Kaikolamthuruthil | bug-bounty-tips, bug-bounty, hacking, information-security, information-technology | 18-Oct-2024 |
Stored XSS & Privilege Escalation in Profile Field -Private Program | https://cyb3rc4t.medium.com/stored-xss-privilege-escalation-in-profile-field-private-program-2bdde55e34b2?source=rss------bug_bounty-5 | CYB3RC4T | infosec, bugbounty-writeup, bug-bounty, security, privilege-escalation | 18-Oct-2024 |
Managing and Modifying URLs in SubScope for Bug Bounty Programs: A Comprehensive Guide | https://medium.com/@hunthubspace/managing-and-modifying-urls-in-subscope-for-bug-bounty-programs-a-comprehensive-guide-667df5ed07ab?source=rss------bug_bounty-5 | hunThub | automation, bug-bounty, penetration-testing, cybersecurity, bug-bounty-tips | 18-Oct-2024 |
I found this Bug in just 5 min. Only and Earn $300. | https://medium.com/@anandrishav2228/i-found-this-bug-in-just-5-min-only-and-earn-300-6b57528a7291?source=rss------bug_bounty-5 | Rishav anand | cors, bug-bounty, cybersecurity, money, vulnerability | 18-Oct-2024 |
Exploiting Session Fixation via Stored XSS and Cookie Jar Overflow Attack | https://akashc99.medium.com/exploiting-session-fixation-via-stored-xss-and-cookie-jar-overflow-attack-7cf8d60e1f9e?source=rss------bug_bounty-5 | Akash c | cybersecurity, web-app-security, bug-bounty, bug-hunter, hacking | 18-Oct-2024 |
A Security Researcher’s Journey: Uncovering an Account Takeover Vulnerability | https://medium.com/@cybershree/a-security-researchers-journey-uncovering-an-account-takeover-vulnerability-624763bd4ecd?source=rss------bug_bounty-5 | Shridhar Rajaput | cybersecurity, security, bug-bounty-tips, vulnerability, bug-bounty | 18-Oct-2024 |
The Harsh Reality of Bug Bounty Hunting Bugcrowd | https://medium.com/@cybershree/the-harsh-reality-of-bug-bounty-hunting-on-bugcrowd-aac3b29e9f43?source=rss------bug_bounty-5 | Shridhar Rajaput | bugcrowd, cybersecurity, bugbounty-writeup, bugs, bug-bounty | 18-Oct-2024 |
Exploring Session Hijacking: How Attackers Compromise Web Sessions | https://medium.com/@mrutunjayasenapati0/exploring-session-hijacking-how-attackers-compromise-web-sessions-6a1c78e6c718?source=rss------bug_bounty-5 | Mrutunjaya Senapati | vulnerability, bug-bounty, sessions, bug-bounty-tips, hacking | 18-Oct-2024 |
IDOR: User Information Disclosure | https://systemweakness.com/idor-user-information-disclosure-7c6951a55a7a?source=rss------bug_bounty-5 | Aswin Thambi Panikulangara | cybersecurity, bug-bounty, hacking, bug-bounty-tips, bugbounty-writeup | 18-Oct-2024 |
How Do Hackers Crack ANY Software | https://medium.com/@TahirAyoub/how-do-hackers-crack-any-software-8e8e201bb169?source=rss------bug_bounty-5 | Tahir Ayoub | hacking, bug-bounty, cybersecurity, medium, pentesting | 18-Oct-2024 |
Business logic vulnerability : Permanent Comments lock | https://sayedv2.medium.com/business-logic-vulnerability-permanent-comments-lock-f118087967ba?source=rss------bug_bounty-5 | Mohamed Sayed | security, bug-bounty, cybersecurity, business-logic, infosec | 18-Oct-2024 |
How I Earned $150 for Reporting a Simple Parameter Bug | https://medium.com/@janmaciejewski07/how-i-earned-150-for-reporting-a-simple-parameter-bug-90734441dcd5?source=rss------bug_bounty-5 | Jan Maciejewski | programming, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-program | 18-Oct-2024 |
Easy P3 Bug: A Spoofing Vulnerability | https://medium.com/@cybershree/easy-p3-bug-a-spoofing-vulnerability-ca73a62b6f48?source=rss------bug_bounty-5 | Shridhar Rajaput | cybersecurity, penetration-testing, bug-bounty, linkedin, information-technology | 18-Oct-2024 |
Easy P4 Bug #2: Account Deletion Lacks Password Verification | https://medium.com/@cybershree/p4-bug-2-account-deletion-lacks-password-verification-a8633a00c9fc?source=rss------bug_bounty-5 | Shridhar Rajaput | cybersecurity, bugs, security-research, bug-bounty, information-technology | 18-Oct-2024 |
Easy P4 Bug : Failure to Invalidate Sessions Post Password Change | https://medium.com/@cybershree/easy-p4-bug-failure-to-invalidate-sessions-post-password-change-56a3aee9e8cc?source=rss------bug_bounty-5 | Shridhar Rajaput | cybersecurity, bug-bounty, information-technology, hackerone, ethical-hacking | 18-Oct-2024 |
The Harsh Reality of Bug Bounty Hunting on Bugcrowd | https://medium.com/@cybershree/the-harsh-reality-of-bug-bounty-hunting-on-bugcrowd-aac3b29e9f43?source=rss------bug_bounty-5 | Shridhar Rajaput | bugcrowd, cybersecurity, bugbounty-writeup, bugs, bug-bounty | 18-Oct-2024 |
Microsoft Unveils macOS Vulnerability: A Deep Dive into the HM Surf Flaw ️ | https://medium.com/@wiretor/microsoft-unveils-macos-vulnerability-a-deep-dive-into-the-hm-surf-flaw-%EF%B8%8F-1bb8b77b2a63?source=rss------bug_bounty-5 | WIRE TOR | cybersecurity, cve, bug-bounty, hacking, zero-day | 18-Oct-2024 |
Hong Kong Crime Ring Swindles Victims Out of $46M Using Deepfakes | https://medium.com/@wiretor/hong-kong-crime-ring-swindles-victims-out-of-46m-using-deepfakes-9dc8cb713248?source=rss------bug_bounty-5 | WIRE TOR | hacking, usa, shell, sql, bug-bounty | 18-Oct-2024 |
Omni Family Health Impacts 470,000 Individuals | https://medium.com/@wiretor/omni-family-health-impacts-470-000-individuals-d20a82cd0ac8?source=rss------bug_bounty-5 | WIRE TOR | usa, sql, rce, bug-bounty, hacking | 18-Oct-2024 |
Another Dark Reality of Bug Hunting | https://medium.com/@akashmotkar001/another-dark-reality-of-bug-hunting-6539c60dac31?source=rss------bug_bounty-5 | Akashmotkar | ethical-hacking, hacking, bug-bounty, bugs, cybersecurity | 18-Oct-2024 |
How Do Hackers Crack ANY Software | https://medium.com/h7w/how-do-hackers-crack-any-software-8e8e201bb169?source=rss------bug_bounty-5 | Tahir Ayoub | hacking, bug-bounty, cybersecurity, medium, pentesting | 18-Oct-2024 |
Bug Bounty Tools that make you Rich and Independent and Help earn upto $100–$50,000 | https://medium.com/@anandrishav2228/bug-bounty-tools-that-make-you-rich-and-independent-and-help-earn-upto-100-50-000-eddc92485bae?source=rss------bug_bounty-5 | Rishav anand | hacking, tools, bug-bounty, money, cybersecurity | 17-Oct-2024 |
Bug Bounty Millionaires: Are You Missing Out on Easy Money? | https://medium.com/@paritoshblogs/bug-bounty-millionaires-are-you-missing-out-on-easy-money-e5b10a9e2cc1?source=rss------bug_bounty-5 | Paritosh | information-technology, cybersecurity, money, bug-bounty, hacking | 17-Oct-2024 |
Electron JS Application Penetration Testing | https://medium.com/@ajaynaikhack/electron-js-application-penetration-testing-b0809af324f6?source=rss------bug_bounty-5 | Ajay Naik | cybersecurity, bug-bounty, information-security, electronjs, penetration-testing | 17-Oct-2024 |
How to Find XSS in Bug Bounty Programs: A Step-by-Step Guide with Source Code Examples | https://medium.com/@shaikhminhaz1975/how-to-find-xss-in-bug-bounty-programs-a-step-by-step-guide-with-source-code-examples-804e4b8a225d?source=rss------bug_bounty-5 | Shaikh Minhaz | cybersecurity, step-by-step-guide, penetration-testing, xss-attack, bug-bounty | 17-Oct-2024 |
Your approach to finding XSS would change after you read this | https://medium.com/@nireshpandian19/your-approach-to-finding-xss-would-change-after-you-read-this-8292fcafefc1?source=rss------bug_bounty-5 | JAI NIRESH J | idor-vulnerability, bug-bounty, cybersecurity, bug-bounty-writeup, idor | 17-Oct-2024 |
Electron JS Application Penetration Testing | https://infosecwriteups.com/electron-js-application-penetration-testing-b0809af324f6?source=rss------bug_bounty-5 | Ajay Naik | cybersecurity, bug-bounty, information-security, electronjs, penetration-testing | 17-Oct-2024 |
E-commerce website vulnerability bounty practice sharing(II) | https://medium.com/@security.tecno/e-commerce-website-vulnerability-bounty-practice-sharing-ii-739d47705908?source=rss------bug_bounty-5 | TECNO Security | security, hacking, bonus, bug-bounty | 17-Oct-2024 |
IDOR lead to Restriction Bypass!! | https://kumarmohank889.medium.com/idor-lead-to-restriction-bypass-7f42d593ffd4?source=rss------bug_bounty-5 | Mohan Kumar N | bug-bounty-tips, bug-bounty, bug-bounty-writeup, cybersecurity, hacking | 17-Oct-2024 |
Over 7 Million WooCommerce Sites Affected by a Simple HTML Injection: CVE-2024–9944 Analysis | https://dropn0w.medium.com/over-7-million-woocommerce-sites-affected-by-a-simple-html-injection-cve-2024-9944-analysis-ce81c918c39a?source=rss------bug_bounty-5 | drop | cve, cybersecurity, bug-bounty, woocommerce, wordpress | 17-Oct-2024 |
Advanced IDOR Exploitation: Discovering Hidden Vulnerabilities Through Delayed Object Creation | https://medium.com/@ashfquejahan5/advanced-idor-exploitation-discovering-hidden-vulnerabilities-through-delayed-object-creation-beb9da9e036f?source=rss------bug_bounty-5 | jahanaj | bug-bounty, idor, web | 17-Oct-2024 |
Unmasking Server-Side Request Forgery (SSRF): How Attackers Exploit Internal Systems | https://medium.com/@mrutunjayasenapati0/unmasking-server-side-request-forgery-ssrf-how-attackers-exploit-internal-systems-286b5b71a46a?source=rss------bug_bounty-5 | Mrutunjaya Senapati | bug-bounty, vulnerability, ethical-hacking, hacking, ssrf-attack | 17-Oct-2024 |
Bug Bounty — IDOR lead to Restriction Bypass!! | https://kumarmohank889.medium.com/idor-lead-to-restriction-bypass-7f42d593ffd4?source=rss------bug_bounty-5 | Mohan Kumar N | bug-bounty-tips, bug-bounty, bug-bounty-writeup, cybersecurity, hacking | 17-Oct-2024 |
Maximizing Web3 Security with Bug Bounty Program Data | https://securrtech.medium.com/maximizing-web3-security-with-bug-bounty-program-data-1434315dbcdb?source=rss------bug_bounty-5 | Securr | web3-security, blockchain-technology, bug-bounty, smart-contract-auditing, web3 | 17-Oct-2024 |
Walkthrough for the Appointment Machine — Hack The Box (HTB) Challenge | https://medium.com/@jessemridley/walkthrough-for-the-appointment-machine-hack-the-box-htb-challenge-b228fe34e2f5?source=rss------bug_bounty-5 | Jesse Ridley | ethical-hacking, cybersecurity, bug-bounty, technology, penetration-testing | 17-Oct-2024 |
FROM OUT OF SCOPE TO ACCEPTED | https://medium.com/@nightcoders0/from-out-of-scope-to-accepted-4f52e626b734?source=rss------bug_bounty-5 | Nightcoders | bugs, bug-bounty-writeup, ethical-hacking, bug-bounty, bug-bounty-tips | 17-Oct-2024 |
Hack The Box Challenge: Day 4 — Knowledge Check Walkthrough | https://medium.com/@jessemridley/hack-the-box-challenge-day-4-knowledge-check-walkthrough-ce22f62d0854?source=rss------bug_bounty-5 | Jesse Ridley | cybersecurity, freelancing, technology, bug-bounty, hacking | 17-Oct-2024 |
Payload Pursuit: XSS Challenge | https://medium.com/@josh.beck2006/payload-pursuit-xss-challenge-40105e34379c?source=rss------bug_bounty-5 | Josh Beck | cybersecurity, ctf-writeup, bug-bounty, ctf | 17-Oct-2024 |
ACCESS MEDIUM PAID BLOGS FOR YOUR RESEARCH IN BUG BOUNTY | https://medium.com/@anonymousshetty2003/access-medium-paid-blogs-for-your-research-in-bug-bounty-b19395d20e0b?source=rss------bug_bounty-5 | Anonymousshetty | cybersecurity, hacking, ethical-hacking, bug-bounty | 17-Oct-2024 |
$600 Bug Bounty: How I Poked Microservices and Got Paid! | https://osintteam.blog/600-bug-bounty-how-i-poked-microservices-and-got-paid-9e1bbe0f45e8?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | vulnerability, programming, cybersecurity, bug-bounty, penetration-testing | 17-Oct-2024 |
Breaking News: Sudan Brothers Charged in DDoS Attack Service Disruption! | https://medium.com/@wiretor/breaking-news-sudan-brothers-charged-in-ddos-attack-service-disruption-856290eb0dfb?source=rss------bug_bounty-5 | WIRE TOR | usa, virus, bug-bounty, hacking, trojan | 17-Oct-2024 |
Vulnerability Discovered in Kubernetes Image Builder! | https://medium.com/@wiretor/vulnerability-discovered-in-kubernetes-image-builder-5846cf32cb80?source=rss------bug_bounty-5 | WIRE TOR | bug-bounty, usa, hacking, europe, virus | 17-Oct-2024 |
Use Case: Bypassing In-App Purchase By Payment Client-Side Validation | https://secfathy0x1.medium.com/use-case-bypassing-in-app-purchase-by-payment-client-side-validation-e87e2c775a9c?source=rss------bug_bounty-5 | Mohamed K. Fathy | bug-bounty-writeup, hacking, bug-bounty, android, cybersecurity | 17-Oct-2024 |
I Can Crash Anyone’s Instagram Post - Zero Day-Permanent DoS | Meta | BugBounty | 2024 | https://prathapilango.medium.com/i-can-crash-anyones-instagram-post-zero-day-permanent-dos-meta-bugbounty-2024-a2e50ac15caf?source=rss------bug_bounty-5 | Prathapilango | cyebrsecurity, bug-bounty, bug-bounty-writeup, meta-bug-bounty, info-sec-writeups | 17-Oct-2024 |
Admin Panel Takeover Using a Leaky JS File | https://medium.com/@RaunakGupta1922/admin-panel-takeover-using-a-leaky-js-file-dc41fac0f86d?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | javascript, programming, technology, bug-bounty, cybersecurity | 16-Oct-2024 |
How I Deleted Users from the Database on Private Bug Bounty Program | https://medium.com/@sharp488/how-i-deleted-users-from-the-database-on-private-bug-bounty-program-f1939e83dd6f?source=rss------bug_bounty-5 | Sharat Kaikolamthuruthil | bugs, bug-bounty, information-technology, information-security, bug-bounty-tips | 16-Oct-2024 |
Birdie Flies in to Save the Day: Our Custom Bug Tracking Tool for Android & iOS Apps | https://engineering.probo.in/birdie-flies-in-to-save-the-day-our-custom-bug-tracking-tool-for-android-ios-apps-3834ab2bc434?source=rss------bug_bounty-5 | Probo | coding, app-development, engineering, bug-bounty, prediction-markets | 16-Oct-2024 |
How Website Work | https://medium.com/@Joshua_su/how-website-work-3df5e4e93a61?source=rss------bug_bounty-5 | Joshua Suksakorn | curl, cybersecurity, website, bug-bounty | 16-Oct-2024 |
How to Find API Bugs and Earn Big with Bug Bounties upto $20,000 | https://medium.com/@anandrishav2228/how-to-find-api-bugs-and-earn-big-with-bug-bounties-upto-20-000-12358743fcf9?source=rss------bug_bounty-5 | Rishav anand | money, api, bug-bounty, hacker, cybersecurity | 16-Oct-2024 |
Admin Panel Takeover Using a Leaky JS File | https://osintteam.blog/admin-panel-takeover-using-a-leaky-js-file-dc41fac0f86d?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | javascript, programming, technology, bug-bounty, cybersecurity | 16-Oct-2024 |
Quantity Manipulation Allows Purchases at Reduced Prices | https://medium.com/@abdelrahman0x01/quantity-manipulation-allows-purchases-at-reduced-prices-d2e998b82a02?source=rss------bug_bounty-5 | Abdelrahman0x01 | bug-bounty, information-security, cybersecurity, penetration-testing, cyberattack | 16-Oct-2024 |
How I do my recon and end up finding hidden assets and vulnerabilities before anyone else Pt.1 | https://medium.com/@demonia/how-i-do-my-recon-and-end-up-finding-hidden-assets-and-vulnerabilities-before-anyone-else-pt-1-30777f987c93?source=rss------bug_bounty-5 | Mohammed Dief | reconnaissance, bug-bounty, hacking, bug-bounty-tips, cybersecurity | 16-Oct-2024 |
Cracking the HTB Cap Box: A Step-by-Step Walkthrough | https://medium.com/@vignesh6872610/cracking-the-htb-cap-box-a-step-by-step-walkthrough-0b08a4fff3f9?source=rss------bug_bounty-5 | Vignesh P | cap, hackthebox, retiredmachine, bug-bounty-tips, bug-bounty | 16-Oct-2024 |
How to Earn money online using Cybersecurity knowledge | https://medium.com/@rashad.desk/how-to-earn-money-online-using-cybersecurity-knowledge-ece1078969f4?source=rss------bug_bounty-5 | Rashadul Islam | freelancing, cybersecurity, earn-money-online, bug-bounty | 16-Oct-2024 |
Unauthorized SQL Injection: Turning ‘No Entry’ Signs into Dollar Signs! | https://medium.com/@Xt3sY/unauthorized-sql-injection-turning-no-entry-signs-into-dollar-signs-80dcf1168dbd?source=rss------bug_bounty-5 | Pushkar Bhagat | bug-bounty, hacking, hackerone, bugcrowd, hacker | 16-Oct-2024 |
Hidden Reflected XSS via Android Application in VDP | https://cyb3rc4t.medium.com/hidden-reflected-xss-via-android-application-in-vdp-68f4210196f1?source=rss------bug_bounty-5 | CYB3RC4T | bug-bounty-tips, security, infosec, android-pentesting, bug-bounty | 16-Oct-2024 |
Insecure direct object references | https://medium.com/@codingbolt.in/insecure-direct-object-references-8daea91886f4?source=rss------bug_bounty-5 | codingbolt | bug-bounty, ethical-hacking, idor, cybersecurity, owasp | 16-Oct-2024 |
User ID controlled by request parameter with password disclosure | https://medium.com/@codingbolt.in/user-id-controlled-by-request-parameter-with-password-disclosure-98e4f9ebe167?source=rss------bug_bounty-5 | codingbolt | ethical-hacking, owasp, owasp-top-10, bug-bounty, cybersecurity | 16-Oct-2024 |
User ID controlled by request parameter with data leakage in redirect | https://medium.com/@codingbolt.in/user-id-controlled-by-request-parameter-with-data-leakage-in-redirect-65b571611c7b?source=rss------bug_bounty-5 | codingbolt | cybersecurity, ethical-hacking, owasp-top-10, owasp, bug-bounty | 16-Oct-2024 |
User ID controlled by request parameter, with unpredictable user IDs | https://medium.com/@codingbolt.in/user-id-controlled-by-request-parameter-with-unpredictable-user-ids-b9e12542330d?source=rss------bug_bounty-5 | codingbolt | cybersecurity, bug-bounty, owasp-top-10, ethical-hacking, owasp | 16-Oct-2024 |
User ID controlled by request parameter | https://medium.com/@codingbolt.in/user-id-controlled-by-request-parameter-7a0bb3006f68?source=rss------bug_bounty-5 | codingbolt | cybersecurity, owasp, owasp-top-10, bug-bounty, ethical-hacking | 16-Oct-2024 |
User role can be modified in user profile | https://medium.com/@codingbolt.in/user-role-can-be-modified-in-user-profile-eb1a28631358?source=rss------bug_bounty-5 | codingbolt | cybersecurity, bug-bounty, owasp-top-10, owasp, ethical-hacking | 16-Oct-2024 |
Exposing Vulnerabilities: The Power of Google Dorking in Cybersecurity Part-2 | https://medium.com/@abhilov/exposing-vulnerabilities-the-power-of-google-dorking-in-cybersecurity-part-2-90dbf2e68ded?source=rss------bug_bounty-5 | Abhilov Gupta | bug-bounty, dorking, google, cybersecurity, hacking | 16-Oct-2024 |
HOW I FIND XXS REFLECTED IN 5 SEC | https://medium.com/@mr.matrex00.7/xxxs-reflected-in-external-programme-1d234bd3b3c3?source=rss------bug_bounty-5 | Mr Matrex | xss-attack, xss-vulnerability, hunter, bug-bounty | 16-Oct-2024 |
WAF Bypass — Parameter Poisoning | https://medium.com/@unrealdenis2020/waf-bypass-parameter-poisoning-21ad6e0db83c?source=rss------bug_bounty-5 | E1nZ | waf, bugbounty-writeup, waf-bypass, parameter-poisoning, bug-bounty | 16-Oct-2024 |
Hidden Reflected XSS via Android Application in VDP | https://cyb3rc4t.medium.com/hidden-reflected-xss-via-android-application-in-vdp-68f4210196f1?source=rss------bug_bounty-5 | CYB3RC4T | bug-bounty-tips, cybersecurity, infosec, bug-bounty, hackerone | 16-Oct-2024 |
Zero-Hero Hacker By Reading. Top 5 Books Designed For Hackers | Primary Hacking School #7 | https://medium.com/@nnface/zero-hero-hacker-by-reading-top-5-books-designed-for-hackers-primary-hacking-school-7-559618b200b3?source=rss------bug_bounty-5 | NnFace | cybersecurity, linux, hacking, bug-bounty, kali-linux | 16-Oct-2024 |
How Google Dorking Helps me to Earn more than $2,000 in Bug Bounty. | https://medium.com/@anandrishav2228/how-google-dorking-helps-me-to-earn-more-than-2-000-in-bug-bounty-b2ac959b3905?source=rss------bug_bounty-5 | Rishav anand | cybersecurity, google, bug-bounty, money, advanced | 15-Oct-2024 |
5 Cybersecurity Projects You Can Build This Weekend (with Python) | https://medium.com/@paritoshblogs/5-cybersecurity-projects-you-can-build-this-weekend-with-python-74bf03c3ba5d?source=rss------bug_bounty-5 | Paritosh | bug-bounty, python, coding, cybersecurity, hacking | 15-Oct-2024 |
Perform a Command Injection Attack in Large Language Models (LLMs) | https://medium.com/@360Security/perform-a-command-injection-attack-in-large-language-models-llms-86cd7db5e528?source=rss------bug_bounty-5 | 360 Security | penetration-testing, llm, cybersecurity, bug-bounty, ai | 15-Oct-2024 |
Sensitive Information Disclosure (Critical Finding) | https://medium.com/@bughunt789/sensitive-information-disclosure-critical-finding-8fcbd7fe1704?source=rss------bug_bounty-5 | BUG HUNTER | bắc, bug-bounty, sensitive-information, idor | 15-Oct-2024 |
Best AI Tool Used by Hacker 2025 | https://medium.com/@TahirAyoub/best-ai-tool-used-by-hacker-2025-715ab6ac8843?source=rss------bug_bounty-5 | Tahir Ayoub | ai, hacking, cybersecurity, ethical-hacking, bug-bounty | 15-Oct-2024 |
Google Dorks for Bug Bounty | Find Sensitive Information | https://medium.com/@shardulsawant67/google-dorks-for-bug-bounty-find-sensitive-information-6ed3e165bc02?source=rss------bug_bounty-5 | Shardul Sawant | enumeration, hacking, google-dork, google-hacking, bug-bounty | 15-Oct-2024 |
The 50 Ultimate Fuzzing Guide for Bug Bounty Hunters: Mastering FUZZING | https://medium.com/@pankajkryadav1/the-50-ultimate-fuzzing-guide-for-bug-bounty-hunters-mastering-fuzzing-9f70e5474dc5?source=rss------bug_bounty-5 | Pankaj kr Yadav | bug-bounty-tips, bug-bounty, fuzzing, web-security, ethical-hacking | 15-Oct-2024 |
How I got Account Take Over in a Bug Bounty Program | https://hiroki-sawada.medium.com/how-i-got-account-take-over-in-a-bug-bounty-program-df3412c46274?source=rss------bug_bounty-5 | Hiroki Sawada | bugcrowd, xss-attack, account-takeover, bug-bounty, hackerone | 15-Oct-2024 |
Mass Account Takeover via simple IDOR and funny OTP Bypass | https://medium.com/@manibharathi.b/mass-account-takeover-via-simple-idor-and-funny-otp-bypass-23c12979e92d?source=rss------bug_bounty-5 | Mani Bharathi B | bug-bounty, hacker, cybersecurity, ethical-hacking, bug-bounty-tips | 15-Oct-2024 |
Insufficient Workflow Validation | https://medium.com/@rcxsecurity/insufficient-workflow-validation-795d90f881dc?source=rss------bug_bounty-5 | Ryan G. Cox - The Cybersec Cafe | penetration-testing, cybersecurity, hacking, information-security, bug-bounty | 15-Oct-2024 |
How I Discovered My First Bug: Worth $150 for Information Exposure Through Debug Logs (CWE-215) | https://medium.com/@rupaitanudas/how-i-discovered-my-first-bug-worth-150-for-information-exposure-through-debug-logs-cwe-215-6a66dd10b21b?source=rss------bug_bounty-5 | Rupaitanudas | yeswehack, hacking, ethical-hacking, hackerone, bug-bounty | 15-Oct-2024 |
How I Accessed an Admin Panel Without Touching the Keyboard | https://medium.com/@ranjanyadav2003/how-i-accessed-an-admin-panel-without-touching-the-keyboard-43ad45a06f8d?source=rss------bug_bounty-5 | Ranjan_Yadav | bug-bounty, hacking, cybersecurity, web-security, programming | 15-Oct-2024 |
How I Accidentally Deleted My Medium Account While Hacking Medium (Oops) | https://medium.com/@vivekps143/how-i-accidentally-deleted-my-medium-account-while-hacking-medium-oops-82aa44c6bc69?source=rss------bug_bounty-5 | Vivek PS | bug-hunter, bloging, automation, developer, bug-bounty | 15-Oct-2024 |
Peeling Back the Layers: Exploring Critical Security Flaws in Chatbot Systems | https://medium.com/@tusharpuri6/peeling-back-the-layers-exploring-critical-security-flaws-in-chatbot-systems-940e14d62ac6?source=rss------bug_bounty-5 | Tusharpuri | infosec, bug-bounty, application-security, penetration-testing, offensive-security | 15-Oct-2024 |
Attacking organisations with big scope: Part 2 | https://medium.com/@sabirasdev/attacking-organisations-with-big-scope-part-2-6a0ee0387551?source=rss------bug_bounty-5 | S A B I R | cybersecurity, cyberattack, reconnaissance, bug-bounty, dorking | 15-Oct-2024 |
Best AI Tool Used by Hacker 2025 | https://infosecwriteups.com/best-ai-tool-used-by-hacker-2025-715ab6ac8843?source=rss------bug_bounty-5 | Tahir Ayoub | ai, hacking, cybersecurity, ethical-hacking, bug-bounty | 15-Oct-2024 |
How I Accessed an Admin Panel Without Touching the Keyboard | https://medium.com/@ranjanyadav2003/how-i-accessed-an-admin-panel-without-touching-the-keyboard-43ad45a06f8d?source=rss------bug_bounty-5 | Ranjan | bug-bounty, hacking, cybersecurity, web-security, programming | 15-Oct-2024 |
OAuth: A Backdoor in Disguise — a $7500 Study Case | https://xdead4f.medium.com/oauth-a-backdoor-in-disguise-a-7500-study-case-3383a4012295?source=rss------bug_bounty-5 | 0xdead4f | cyber-sec, security-reseach, cybersecurity, bug-bounty, cyber-security-writeup | 14-Oct-2024 |
Web3 BBP journal: | https://medium.com/@harryfyx/web3-bbp-journal-777d830f35d0?source=rss------bug_bounty-5 | hhhkb | web3, bug-bounty | 14-Oct-2024 |
Passively Found Secrets in Javascript File on a Private Bug Bounty Program | https://medium.com/@sharp488/passively-found-secrets-in-javascript-file-on-a-private-bug-bounty-program-36eb29c2a35c?source=rss------bug_bounty-5 | Sharat Kaikolamthuruthil | bug-bounty, bug-bounty-tips, burpsuite-extension, burpsuite, bug-bounty-writeup | 14-Oct-2024 |
Bug bounty programs pada aplikasi Laravel memungkinkan penemuan celah keamanan (vulnerabilities)… | https://medium.com/@_azwar/bug-bounty-programs-pada-aplikasi-laravel-memungkinkan-penemuan-celah-keamanan-vulnerabilities-7db40b405794?source=rss------bug_bounty-5 | azwar | bug-bounty, vulnerability, laravel | 14-Oct-2024 |
ColdRoot Malware | https://medium.com/@reemmoslem34/coldroot-malware-de44cf04e319?source=rss------bug_bounty-5 | Rem Khalid | bug-bounty, cyberattack, cybersecurity, hacking, malware | 14-Oct-2024 |
Zerologon Exploit | https://medium.com/@reemmoslem34/zerologon-exploit-ce83a5a8ef3b?source=rss------bug_bounty-5 | Rem Khalid | bug-bounty, hacking, malware, cybersecurity, cyberattack | 14-Oct-2024 |
List of the Best Free Labs to Start Learning Cybersecurity on TryHackMe | https://medium.com/@malwarilia/list-of-the-best-free-labs-to-start-learning-cybersecurity-on-tryhackme-b94c1803c496?source=rss------bug_bounty-5 | Marília Rocha | bug-bounty, information-security, cybersecurity, pentest, cyberattack | 14-Oct-2024 |
Finding XSS Vulnerabilities and earn upto $200-$10,000 easily . | https://medium.com/@anandrishav2228/finding-xss-vulnerabilities-and-earn-upto-200-10-000-easily-0aab2c725882?source=rss------bug_bounty-5 | Rishav anand | company, xss-attack, bug-bounty, cybersecurity, money | 14-Oct-2024 |
Bug on ParrotCTF | https://infosecwriteups.com/bug-on-parrotctf-e64424b0d043?source=rss------bug_bounty-5 | SIDHARTH PANDA | parrotctf, bug-bounty, extention, hacking | 14-Oct-2024 |
TERGET WEBSITE RECON PROCESS | https://medium.com/@MdAktarujaman.ehp/terget-website-recon-process-d8e38649782e?source=rss------bug_bounty-5 | Md Aktarujjaman | bug-bounty, hacking, penetration-testing, target, website | 14-Oct-2024 |
GraphQL Hacking 101: Finding and Exploiting APIs for Fun and Profit | https://medium.com/@v1xtron/graphql-hacking-101-finding-and-exploiting-apis-for-fun-and-profit-af34b5ea15f3?source=rss------bug_bounty-5 | v1xtron | graphql, reconnaissance, bug-bounty-tips, bug-bounty, penetration-testing | 14-Oct-2024 |
Attacking organisation with big scope: Part 1 | https://medium.com/@sabirasdev/attacking-organisation-with-big-scope-part-1-631fdc00e973?source=rss------bug_bounty-5 | S A B I R | cyber-security-awareness, reconnaissance, cybersecurity, bug-bounty | 14-Oct-2024 |
10 Habits to Become A PRO Hacker! | https://medium.com/@TahirAyoub/10-habits-to-become-a-pro-hacker-3c826b650192?source=rss------bug_bounty-5 | Tahir Ayoub | bug-bounty, habits, hacking, cybersecurity, ethical-hacking | 14-Oct-2024 |
JWT Authentication Bypass leads to Admin Control Panel | https://infosecwriteups.com/jwt-authentication-bypass-leads-to-admin-control-panel-dfa6efcdcbf5?source=rss------bug_bounty-5 | Hohky | bug-bounty, bug-bounty-writeup, account-takeover, jwt-token, hacking | 14-Oct-2024 |
❤Bug Bounty tool List❤ | https://medium.com/@shardulsawant67/bug-bounty-tool-list-fee6620c0048?source=rss------bug_bounty-5 | Shardul Sawant | bug-bounty-tool, website-hosting, bug-bounty, bug-bounty-tips, web-enumeration | 14-Oct-2024 |
Social media account hijacking — VDP | https://medium.com/@embossdotar/social-media-account-hijacking-vdp-fa674b25af44?source=rss------bug_bounty-5 | embossdotar | cybersecurity, bug-bounty, it-security, vulnerability, hacking | 14-Oct-2024 |
Exposing 100,000 User Data : Massive API Bug Exposing | https://medium.com/@360Security/exposing-100-000-user-data-massive-api-bug-exposing-037b56cfe98d?source=rss------bug_bounty-5 | 360 Security | cybersecurity, bug-bounty, penetration-testing, information-security, api-security | 14-Oct-2024 |
10 Habits to Become A PRO Hacker! | https://osintteam.blog/10-habits-to-become-a-pro-hacker-3c826b650192?source=rss------bug_bounty-5 | Tahir Ayoub | bug-bounty, habits, hacking, cybersecurity, ethical-hacking | 14-Oct-2024 |
Blind SSRF Vulnerability | https://medium.com/@guravtushar231/blind-ssrf-vulnerability-97d2f1decfe6?source=rss------bug_bounty-5 | Tushar_infosec | bug-bounty, cybersecurity, ethical-hacking, ssrf, hacking | 14-Oct-2024 |
Pokémon Developer Game Freak Hacked: 2,600 Employees’ Data Leaked! | https://medium.com/@wiretor/pok%C3%A9mon-developer-game-freak-hacked-2-600-employees-data-leaked-9e00ad9b3b0e?source=rss------bug_bounty-5 | WIRE TOR | virus, pentest, malware, bug-bounty, hacking | 14-Oct-2024 |
10 Habits to Become A PRO Hacker! | https://infosecwriteups.com/10-habits-to-become-a-pro-hacker-3c826b650192?source=rss------bug_bounty-5 | Tahir Ayoub | bug-bounty, habits, hacking, cybersecurity, ethical-hacking | 14-Oct-2024 |
0dSSRF | Automate Finding SSRF & External Service Interactions & Open Redirects | https://kariiem.medium.com/0dssrf-automate-finding-ssrf-external-service-interactions-open-redirects-944be6770a02?source=rss------bug_bounty-5 | Kariiem Gamal | bug-bounty, bug-bounty-tips, ssrf, web-pen-testing, pentesting | 14-Oct-2024 |
P4 bug’s and their POC steps | Part 6 | https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-6-8e3aa981673a?source=rss------bug_bounty-5 | socalledhacker | bugs, infosec, web-security, bug-bounty, cybersecurity | 14-Oct-2024 |
IDOR chained with JWT token cracking leads to edit, view and deletion of 160000 user accounts. | https://aswinthambipanik07.medium.com/idor-chained-with-jwt-token-cracking-leads-to-edit-view-and-deletion-of-160000-user-accounts-65e65e6dc1f1?source=rss------bug_bounty-5 | Aswin Thambi Panikulangara | bug-bounty, bug-bounty-tips, jwt, hacking, cybersecurity | 13-Oct-2024 |
No Rate Limit on Forgot Password: Leading to Email Flooding or mail bombing | https://medium.com/@mrutunjayasenapati0/no-rate-limit-on-forgot-password-leading-to-email-flooding-or-mail-bombing-c68d842d6eaf?source=rss------bug_bounty-5 | Mrutunjaya Senapati | cybersecurity, linux, hunting, bug-bounty, hacking | 13-Oct-2024 |
How I got Time Based SQL Injection in an Old Public Bug Bounty Program | https://medium.com/@kshunya/how-i-got-time-based-sql-injection-in-an-old-public-bug-bounty-program-f6260cd4e75e?source=rss------bug_bounty-5 | Vishal Barot | ethical-hacking, bug-bounty, vapt, cybersecurity, penetration-testing | 13-Oct-2024 |
IDOR : Step by Step guide to Account Takeover of Any User | https://medium.com/@360Security/idor-step-by-step-guide-to-account-takeover-of-any-user-cb90bbcfd0fc?source=rss------bug_bounty-5 | 360 Security | information-security, cybersecurity, bug-bounty, penetration-testing, vulnerability | 13-Oct-2024 |
Recon Nədir və Niyə Əhəmiyyətlidir? : Zəifliklərin Aşkar Edilməsi və Etik Hakerlik (Bölüm 2) | https://zeynalxan.medium.com/recon-n%C9%99dir-v%C9%99-niy%C9%99-%C9%99h%C9%99miyy%C9%99tlidir-z%C9%99iflikl%C9%99rin-a%C5%9Fkar-edilm%C9%99si-v%C9%99-etik-hakerlik-b%C3%B6l%C3%BCm-2-c4b554db0c8e?source=rss------bug_bounty-5 | Zeynalxan Quliyev | recon, recon-nece-edilir, bug-bounty-tips, recon-nədir, bug-bounty | 13-Oct-2024 |
⚠️ How to crash a PC Forever ⚠️ | https://medium.com/@emailrajdeepmishra/%EF%B8%8F-how-to-crash-a-pc-forever-%EF%B8%8F-09aa122c1844?source=rss------bug_bounty-5 | RAJDEEP MISHRA | bug-bounty, cybersecurity, ethical-hacking, crash, bugs | 13-Oct-2024 |
Breaking the Game: Score Manipulation and Leaderboard Takeover | https://aminudin.medium.com/breaking-the-game-score-manipulation-and-leaderboard-takeover-b3ab16d02060?source=rss------bug_bounty-5 | Aminudin | bug-bounty-tips, bug-bounty-writeup, bugs, bug-bounty | 13-Oct-2024 |
A Deep Dive into Subdomain Management Using SubScope | https://medium.com/@hunthubspace/a-deep-dive-into-subdomain-management-using-subscope-43f8653b4593?source=rss------bug_bounty-5 | hunThub | penetration-testing, bug-bounty, bug-bounty-tips, cybersecurity, automation | 13-Oct-2024 |
Bypassing Location Restrictions on a Android App Using Frida | https://medium.com/@omdubey170/hello-pentester-07209d5d8d42?source=rss------bug_bounty-5 | Omdubey | android, bug-bounty, android-pentesting, hacking, cybersecurity | 13-Oct-2024 |
The Great Photo Heist: IDOR Vulnerability Strikes Again | https://rofes1337.medium.com/the-great-photo-heist-idor-vulnerability-strikes-again-6ed9a47c8c74?source=rss------bug_bounty-5 | Yousef Muhammedelkhir | hackerone, bug-bounty, poc, idor-vulnerability, idor-poc | 13-Oct-2024 |
Creating a Honeypot: A Practical Guide to Understanding Cybersecurity Threats | https://medium.com/@paritoshblogs/creating-a-honeypot-a-practical-guide-to-understanding-cybersecurity-threats-9d2e63e90892?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-technology, cybersecurity, hacking, honeypot | 13-Oct-2024 |
“The Biggest Mistake Holding You Back in Bug Bounty Hunting: Why You’re Not Making Progress” | https://medium.com/@mahdisalhi0500/the-biggest-mistake-holding-you-back-in-bug-bounty-hunting-why-youre-not-making-progress-1475eef8f04b?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | infosec, hacking, ethical-hacking, cybersecurity, bug-bounty | 13-Oct-2024 |
Cracking WordPress Security with WPScan: A Bug Bounty Hunter’s Journey ️️♂️ | https://medium.com/@gouravrathod8788/cracking-wordpress-security-with-wpscan-a-bug-bounty-hunters-journey-%EF%B8%8F-%EF%B8%8F-%EF%B8%8F-c9389c94cc6b?source=rss------bug_bounty-5 | Gourav Singh Rajput | cybersecurity, bug-bounty, bug-bounty-tips, wordpress | 13-Oct-2024 |
From simple recon to PWN wordpress admin panel writeup | https://ro0od.medium.com/from-simple-recon-to-pwn-wordpress-admin-panel-writeup-622156a1c9b2?source=rss------bug_bounty-5 | rood | bug-bounty, writeup, infosec-write-ups, infosec | 13-Oct-2024 |
How to create a custom daemon using shell scripts | https://medium.com/@mysticraganork66/how-to-create-a-custom-daemon-using-shell-scripts-ce27c13657d1?source=rss------bug_bounty-5 | 0verlo0ked | hacking, cybersecurity, writeup, daemon, bug-bounty | 13-Oct-2024 |
Unleashing the Power of Kali Linux Daemons | https://systemweakness.com/unleashing-the-power-of-kali-linux-daemons-c19133db43ec?source=rss------bug_bounty-5 | 0verlo0ked | bug-bounty, penetration-testing, docker, hacking, cybersecurity | 13-Oct-2024 |
Cache Deception | 450$ | https://medium.com/@0x_karim/cache-deception-450-a02cd655b33f?source=rss------bug_bounty-5 | 0xkarim | bug-bounty, bug-bounty-tips, hacking, web-security, bugs | 13-Oct-2024 |
OAuth Misconfiguration: How I Hijacked Accounts with 0 Clicks and Got Paid! | https://osintteam.blog/oauth-misconfiguration-how-i-hijacked-accounts-with-0-clicks-and-got-paid-df8f7a20b438?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | technology, programming, cybersecurity, bug-bounty, javascript | 13-Oct-2024 |
Open Redirect to XSS to Account Takeover to $$$$ | https://osintteam.blog/open-redirect-to-xss-to-account-takeover-to-de8739f9a4f0?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | javascript, technology, programming, cybersecurity, bug-bounty | 13-Oct-2024 |
UNION Tabanlı SQL Injection | https://medium.com/@kenes7667/union-tabanl%C4%B1-sql-injection-bcc023156b64?source=rss------bug_bounty-5 | EnessKoç | bug-bounty, sql-injection | 12-Oct-2024 |
Automation in Cyber Defence: The Future of Securing Digital Frontiers | https://medium.com/@paritoshblogs/automation-in-cyber-defence-the-future-of-securing-digital-frontiers-992fa1ceb552?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-technology, coding, cybersecurity, automation | 12-Oct-2024 |
Clickjacking Is Worth Reporting Nowadays? | Removing all confusion on Clickjacking bugs. | https://medium.com/@the.air.cyborg/clickjacking-is-worth-reporting-nowadays-removing-all-confusion-on-clickjacking-bugs-a1c77fc4e5b8?source=rss------bug_bounty-5 | the_air_cyborg | clickjacking, bug-bounty-tips, bugbounty-writeup, bug-bounty, vulnerability | 12-Oct-2024 |
Port Scanning Essentials for Bug Bounty Researchers | https://bevijaygupta.medium.com/port-scanning-essentials-for-bug-bounty-researchers-de52c6aa7b8a?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty, port-scanning, bounty-program, bugs, bug-bounty-tips | 12-Oct-2024 |
Cracking ATO via Email HTML Injection | https://medium.com/@dsmodi484/cracking-ato-via-email-html-injection-edd19c8e1b8f?source=rss------bug_bounty-5 | Dishant Modi | email, injection, vulnerability, html, bug-bounty | 12-Oct-2024 |
How I Discovered Account Takeover (ATO) via Cross-Site Scripting (XSS) | https://osintteam.blog/how-i-discovered-account-takeover-ato-via-cross-site-scripting-xss-34698ee54009?source=rss------bug_bounty-5 | JEETPAL | ato, bug-bounty-tips, xss-attack, bug-bounty, bug-bounty-writeup | 12-Oct-2024 |
Understanding Server-Side Request Forgery (SSRF): A Critical Web Vulnerability | https://medium.com/@mrutunjayasenapati0/understanding-server-side-request-forgery-ssrf-a-critical-web-vulnerability-11a7ee2d87f7?source=rss------bug_bounty-5 | Mrutunjaya Senapati | owasp, vulnerability, hacking, ssrf, bug-bounty | 12-Oct-2024 |
Cybersecurity Breach Forces Calgary Public Library to Shut Down All Locations ️ | https://medium.com/@wiretor/cybersecurity-breach-forces-calgary-public-library-to-shut-down-all-locations-%EF%B8%8F-f1c0921f40e8?source=rss------bug_bounty-5 | WIRE TOR | hacked, bug-bounty, hacker, data, breach | 12-Oct-2024 |
Unlocking Some Effective Information Gathering Methodologies | https://medium.com/@prasanna.acharya/unlocking-some-effective-information-gathering-methodologies-1f67787019d1?source=rss------bug_bounty-5 | Prasanna Acharya | bug-bounty, web-security, bug-bounty-tips, information-gathering, web-penetration-testing | 12-Oct-2024 |
From NA to P1, How i was able to get access to a Bank Admin Panel | https://medium.com/@yousefmoh15/from-na-to-p1-how-i-was-able-to-get-access-to-a-bank-admin-panel-52e5f9ef7ef5?source=rss------bug_bounty-5 | Yousef Mohamed | hacking, bug-bounty, wordpress, bugcrowd | 12-Oct-2024 |
Uncovering Path Traversal Vulnerabilities Through Host Monitoring | https://mchklt.medium.com/uncovering-path-traversal-vulnerabilities-through-host-monitoring-c8abb65f48f5?source=rss------bug_bounty-5 | ABDELKARIM MOUCHQUELITA | automation, ethical-hacking, penetration-testing, bug-bounty-hunter, bug-bounty | 12-Oct-2024 |
Uncovering Path Traversal Through Host Monitoring | https://mchklt.medium.com/uncovering-path-traversal-vulnerabilities-through-host-monitoring-c8abb65f48f5?source=rss------bug_bounty-5 | ABDELKARIM MOUCHQUELITA | automation, ethical-hacking, penetration-testing, bug-bounty-hunter, bug-bounty | 12-Oct-2024 |
Effective Port Scanning for Finding Vulnerabilities in Bug Bounties | https://bevijaygupta.medium.com/effective-port-scanning-for-finding-vulnerabilities-in-bug-bounties-0c16871a7e0b?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty, bugs, bug-bounty-tips, vulnerability, port-scanning | 11-Oct-2024 |
Bug Hunting Recon Methodology | Part2 | LegionHunter | https://osintteam.blog/bug-hunting-recon-methodology-part2-legionhunter-4bb925e3e1bf?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty, pentesting, infosec, cybersecurity, bug-bounty-tips | 11-Oct-2024 |
How to Find SQL Vulnerabilities in Web Applications and Websites and Earn up to $500—$10,000 | https://medium.com/@anandrishav2228/how-to-find-sql-vulnerabilities-in-web-applications-and-websites-and-earn-up-to-500-10-000-f0935e9d4892?source=rss------bug_bounty-5 | Rishav anand | bug-bounty, money, ai, cybersecurity, india | 11-Oct-2024 |
How I Made $6,200 in a Single Bug Bounty Using SubdomainRadar.io | https://medium.com/@alexandrevandammepro/how-i-made-6-200-in-a-single-bug-bounty-using-subdomainradar-io-a557f2baae0b?source=rss------bug_bounty-5 | Alexandre Vandamme | pentesting, cybersecurity, osint, bug-bounty, bug-bounty-tips | 11-Oct-2024 |
How I Got $250 with a Weak Signup Flow | https://infosecwriteups.com/how-i-got-250-with-a-weak-signup-flow-3d87d34059fa?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | bug-bounty, technology, programming, cybersecurity | 11-Oct-2024 |
Hacking Documentaries and Movies for Bug Bounty Hunters | https://medium.com/cyberscribers-exploring-cybersecurity/hacking-documentaries-and-movies-for-bug-bounty-hunters-92e02b6ab264?source=rss------bug_bounty-5 | Tahir Ayoub | cybersecurity, documentary, hacking, security, bug-bounty | 11-Oct-2024 |
CVE-2024–0195 Improper Control of Generation of Code (‘Code Injection’) | https://infosecwriteups.com/cve-2024-0195-improper-control-of-generation-of-code-code-injection-c292836e03ec?source=rss------bug_bounty-5 | Ajay Naik | vulnerability, bugs, bug-bounty, cyber-security-awareness, cybersecurity | 11-Oct-2024 |
Introduction to Netcat | https://medium.com/@Code_With_Ssn/introduction-to-netcat-af57e11ee756?source=rss------bug_bounty-5 | N4!TR0 07 | bug-bounty-writeup, bug-bounty-tips, netcat, bug-bounty, cybersecurity | 11-Oct-2024 |
One Cookie Paid Me $500 in under a minute | https://medium.com/@nireshpandian19/one-cookie-paid-me-500-in-under-a-minute-8a9fb1a034ae?source=rss------bug_bounty-5 | JAI NIRESH J | bug-bounty-tips, cybersecurity, programming, technology, bug-bounty | 11-Oct-2024 |
Lenfi Successfully Concludes Its Bug Bounty Program | https://medium.com/@lenfi/lenfi-successfully-concludes-its-bug-bounty-program-e317df3967b2?source=rss------bug_bounty-5 | Lenfi | defi, bug-bounty, cardano, project-catalyst, lenfi | 11-Oct-2024 |
File Path Traversal Sequences Stripped Non-Recursively | https://medium.com/@rcxsecurity/file-path-traversal-sequences-stripped-non-recursively-6d8a6a2d92d4?source=rss------bug_bounty-5 | Ryan G. Cox - The Cybersec Cafe | information-security, cybersecurity, red-team, penetration-testing, bug-bounty | 11-Oct-2024 |
Understanding Security Logging and Monitoring Failures: A Crucial Vulnerability in Web Security | https://medium.com/@mrutunjayasenapati0/understanding-security-logging-and-monitoring-failures-a-crucial-vulnerability-in-web-security-d63a7b42062e?source=rss------bug_bounty-5 | Mrutunjaya Senapati | hacking, vulnerability, bugs, bug-bounty, owasp | 11-Oct-2024 |
How I discovered 2FA bypass leading to potential ATO lead funds loss in a web3 | https://medium.com/@jeetpal2007/how-i-discovered-2fa-bypass-leading-to-potential-ato-lead-funds-loss-in-a-web3-dc19f5588fbd?source=rss------bug_bounty-5 | JEETPAL | cybersecurity, bug-bounty, bugbounty-writeup, ato, web3 | 11-Oct-2024 |
How I discovered 2FA bypass leading to potential ATO lead funds loss in a web3 | https://medium.com/h7w/how-i-discovered-2fa-bypass-leading-to-potential-ato-lead-funds-loss-in-a-web3-e498ce26b29e?source=rss------bug_bounty-5 | JEETPAL | bug-bounty, bugbounty-writeup, ato, web3, cybersecurity | 11-Oct-2024 |
Broken Access Control Vulnerability in an Order Management System | https://medium.com/@omdubey170/broken-access-control-vulnerability-in-an-order-management-system-8a1097b03926?source=rss------bug_bounty-5 | Omdubey | bug-bounty, infosec, hacking, cybersecurity, vulnerability | 11-Oct-2024 |
Effective Domain Management for Bug Bounty Programs Using SubScope | https://medium.com/@hunthubspace/effective-domain-management-for-bug-bounty-programs-using-subscope-f74b7a0db428?source=rss------bug_bounty-5 | hunThub | programming, penetration-testing, automation, bug-bounty, bug-bounty-tips | 11-Oct-2024 |
Endpoint confusion lead to 2FA bypass | https://medium.com/@mohamed0xmuslim/endpoint-confusion-lead-to-2fa-bypass-67015dbb4c70?source=rss------bug_bounty-5 | Muhammad_Mostafa | bug-bounty-hunter, bug-bounty, bug-bounty-writeup, penetration-testing, bug-bounty-tips | 11-Oct-2024 |
CVE-2024-44000 - WordPress Debug Log Exposure Leading to Session Cookie Hijacking | https://infosecwriteups.com/cve-2024-44000-wordpress-debug-log-exposure-leading-to-session-cookie-hijacking-afcfada02c44?source=rss------bug_bounty-5 | Ajay Naik | vulnerability, vulnerability-management, penetration-testing, cybersecurity, bug-bounty | 11-Oct-2024 |
Bypass WAF & Grab a $200 Bug Bounty! | https://osintteam.blog/bypass-waf-grab-a-200-bug-bounty-4442621cd90a?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | technology, bug-bounty, cybersecurity, javascript, programming | 11-Oct-2024 |
Firefox&Chrome extensions for bugbounty hunters. | https://osintteam.blog/firefox-chrome-extensions-for-bugbounty-hunters-4006707ee87b?source=rss------bug_bounty-5 | loyalonlytoday | cybersecurity, hacking, penetration-testing, bug-bounty, tips | 11-Oct-2024 |
Bypass WAF & Grab a $300 Bug Bounty! | https://osintteam.blog/bypass-waf-grab-a-200-bug-bounty-4442621cd90a?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | technology, bug-bounty, cybersecurity, javascript, programming | 11-Oct-2024 |
Unlocking the Potential of OSINT: Shaping the Future of Intelligence in Our Data-Driven World | https://medium.com/@narayanadasbalaji2004/unlocking-the-potential-of-osint-shaping-the-future-of-intelligence-in-our-data-driven-world-b0cda62d6bb5?source=rss------bug_bounty-5 | Narayanadas Balaji | hacking, osint, cybersecurity, bugbounty-tips, bug-bounty | 10-Oct-2024 |
Streamlining Your Bug Bounty Projects: Adding and Managing Programs via SubScope | https://medium.com/@hunthubspace/streamlining-your-bug-bounty-projects-adding-and-managing-programs-via-subscope-e394acfdf711?source=rss------bug_bounty-5 | hunThub | automation, bug-bounty-tips, bug-bounty, penetration-testing, cybersecurity | 10-Oct-2024 |
How I Earned $250 for Reporting a simple Bug To CodaPayments | https://medium.com/@aligoodluck427/how-i-earned-250-for-reporting-a-simple-bug-to-codapayments-b8f1be275138?source=rss------bug_bounty-5 | Aligoodluck | bugbounty-tips, bug-bounty, bugbounty-automation, bugbounty-writeup, bugbounty-poc | 10-Oct-2024 |
First Bug, Big Win: How a $100 IDOR Bug Kicked-off My Bug Bounty Journey | https://dukrov.medium.com/first-bug-big-win-how-a-100-idor-bug-kicked-off-my-bug-bounty-journey-69e2e7179477?source=rss------bug_bounty-5 | ͏ ͏Dukrov | hackerone, bugbounty-tips, hacking, cybersecurity, bug-bounty | 10-Oct-2024 |
How i got my first Letter of Appreciation + Hall of Fame | https://rivudon.medium.com/how-i-got-my-first-letter-of-appreciation-hall-of-fame-a3c0079e60ef?source=rss------bug_bounty-5 | Rivek Raj Tamang ( RivuDon ) | bug-bounty-tips, bug-bounty, infosec, information-security, cybersecurity | 10-Oct-2024 |
Critical IDOR Vulnerability leads to PII leakage | https://snc0pe.medium.com/critical-idor-vulnerability-leads-to-pii-leakage-684795ede850?source=rss------bug_bounty-5 | Snc0pe | bug-bounty, web-app-security, idor | 10-Oct-2024 |
How to Use ChatGPT Effectively for Bug Bounty Hunting | https://medium.com/@anandrishav2228/how-to-use-chatgpt-effectively-for-bug-bounty-hunting-47ff0762139e?source=rss------bug_bounty-5 | Rishav anand | chatgpt, money, ai, bug-bounty, cybersecurity | 10-Oct-2024 |
The Truth About Bug Bounty Hunting. | https://medium.com/@thebughunttribe/the-truth-about-bug-bounty-hunting-597e54acd2a0?source=rss------bug_bounty-5 | The Hunt Tribe | bug-bounty-hunter, bug-bounty, bugs, bugbounty-tips, bugbounty-writeup | 10-Oct-2024 |
Forced OAuth Profile Linking Lead to Account Takeover | https://medium.com/@0xtal3at/forced-oauth-profile-linking-lead-to-account-takeover-954114158818?source=rss------bug_bounty-5 | 0Xtal3at | bug-bounty, bugbounty-writeup, cybersecurity | 10-Oct-2024 |
Understanding Software and Data Integrity Failures: A Critical Vulnerability in Web Security | https://medium.com/@mrutunjayasenapati0/understanding-software-and-data-integrity-failures-a-critical-vulnerability-in-web-security-9d3f96f20bb9?source=rss------bug_bounty-5 | Mrutunjaya Senapati | hacking, bugs, bug-bounty, vulnerability, owasp | 10-Oct-2024 |
Bypassing Multiple Checks on Android Applications: A Security Researcher’s Experience | https://medium.com/@sc128496/bypassing-multiple-checks-on-android-applications-a-security-researchers-experience-2ec1a3005b60?source=rss------bug_bounty-5 | Sahil Choudhary | android, pentesting, bug-bounty, cybersecurity, reverse-engineering | 10-Oct-2024 |
How i found my first open redirect | https://medium.com/@yagomartins30/how-i-found-my-first-open-redirect-cd9ca60d307d?source=rss------bug_bounty-5 | Yago Martins | hacking, bug-bounty, programming, writeup, pentesting | 10-Oct-2024 |
Top 10 Cybersecurity Tools Every Business Should Use in 2024 | https://cyberconsultingcompany.medium.com/top-10-cybersecurity-tools-every-business-should-use-in-2024-f7b93c208722?source=rss------bug_bounty-5 | Cyber Consulting Company | cyber, cyber-security-awareness, cyber-security-solutions, bug-bounty, cyber-security-services | 09-Oct-2024 |
Unlock Unlimited Access to ChatGPT-4: A Step-by-Step Guide to Using Images and Files Without Limits | https://medium.com/@shaikhminhaz1975/unlock-unlimited-access-to-chatgpt-4-a-step-by-step-guide-to-using-images-and-files-without-limits-0f1db3ca57d8?source=rss------bug_bounty-5 | Shaikh Minhaz | bug-bounty, gpt-4, cybersecurity, free, chatgpt | 09-Oct-2024 |
Bug Hunting Recon Methodology | Part1 | LegionHunter | https://systemweakness.com/bug-hunting-recon-methodology-part1-legionhunter-975b7bbe3231?source=rss------bug_bounty-5 | AbhirupKonwar | bug-bounty, pentesting, bug-hunting, legionhunter, bug-bounty-tips | 09-Oct-2024 |
Port Scanning Demystified for Bug Bounty Success | https://bevijaygupta.medium.com/port-scanning-demystified-for-bug-bounty-success-a820c2c632cd?source=rss------bug_bounty-5 | Vijay Gupta | port-scanning, bug-bounty-tips, bugs, bug-zero, bug-bounty | 09-Oct-2024 |
E-commerce website vulnerability bounty practice sharing: Pre-Authentication takeover, API security… | https://medium.com/@security.tecno/e-commerce-website-vulnerability-bounty-practice-sharing-pre-authentication-takeover-api-security-b27b51edfaff?source=rss------bug_bounty-5 | TECNO Security | hacking, web, security, bug-bounty | 09-Oct-2024 |
How I Found SSRF in 5 minutes | https://medium.com/@gguzelkokar.mdbf15/how-i-found-ssrf-in-5-minutes-a3a58e3d53e1?source=rss------bug_bounty-5 | Gökhan Güzelkokar | bug-bounty, web-security, application-security, hacking, ssrf | 09-Oct-2024 |
Curated List of Awesome Hacker Search Engines for Penetration Testing and Cybersecurity… | https://osintteam.blog/curated-list-of-awesome-hacker-search-engines-for-penetration-testing-and-cybersecurity-9f0b9cb63a1d?source=rss------bug_bounty-5 | Ajay Naik | vulnerability, information-security, cybersecurity, bug-bounty, bug-bounty-tips | 09-Oct-2024 |
How to Start Your Hacking Journey and Choose the Right Role in Cybersecurity | https://medium.com/@harshkatiyar5556/how-to-start-your-hacking-journey-and-choose-the-right-role-in-cybersecurity-9eff1ec5e7f2?source=rss------bug_bounty-5 | Harsh Katiyar | ethical-hacking, bug-bounty, careers, penetration-testing, cybersecurity | 09-Oct-2024 |
My Active Subdomain Enumeration Technique | https://mr-abdullah.medium.com/my-active-subdomain-enumeration-technique-57a508343fc4?source=rss------bug_bounty-5 | Mr Abdullah | bug-bounty, web-hacking, enumeration, hacking, information | 09-Oct-2024 |
SSRF via Flawed Request Parsing | https://medium.com/@rcxsecurity/ssrf-via-flawed-request-parsing-7b32a119f047?source=rss------bug_bounty-5 | Ryan G. Cox - The Cybersec Cafe | penetration-testing, information-security, hacking, cybersecurity, bug-bounty | 09-Oct-2024 |
Understanding Identification and Authentication Failures: A Critical Vulnerability in Web Security | https://medium.com/@mrutunjayasenapati0/understanding-identification-and-authentication-failures-a-critical-vulnerability-in-web-security-88a4bcbcc783?source=rss------bug_bounty-5 | Mrutunjaya Senapati | bug-bounty, bugs, vulnerability, hacking, owasp | 09-Oct-2024 |
Understanding Vulnerable and Outdated Components: A Critical Vulnerability in Web Security | https://medium.com/@mrutunjayasenapati0/understanding-vulnerable-and-outdated-components-a-critical-vulnerability-in-web-security-f8a9a9ae0b10?source=rss------bug_bounty-5 | Mrutunjaya Senapati | owasp, hacking, bug-bounty, vulnerability, bugs | 09-Oct-2024 |
No Easy P1s on the fly if your site runs WP or Drupal | https://medium.com/@nireshpandian19/no-easy-p1s-on-the-fly-if-your-site-runs-wp-or-drupal-a7700650f86b?source=rss------bug_bounty-5 | JAI NIRESH J | bug-bounty, wordpress, bug-bounty-writeup, ethical-hacking, idor | 09-Oct-2024 |
Finding a no ratelimit bug on invite teammate page. | https://osintteam.blog/finding-a-no-ratelimit-bug-on-invite-teammate-page-02c97e845b00?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty-tips, cybersecurity, bug-bounty, tips, hacking | 09-Oct-2024 |
Easy P1s on the fly if your site runs WP or Drupal | https://medium.com/@nireshpandian19/no-easy-p1s-on-the-fly-if-your-site-runs-wp-or-drupal-a7700650f86b?source=rss------bug_bounty-5 | JAI NIRESH J | bug-bounty, wordpress, bug-bounty-writeup, ethical-hacking, idor | 09-Oct-2024 |
Race Condition leads to Cache Poisoning ?! | https://ltidi.medium.com/race-condition-leads-to-cache-poisoning-77bdfb9483fd?source=rss------bug_bounty-5 | LTiDi | web-cache-poisoning, bug-bounty | 08-Oct-2024 |
Unlocking Hidden Vulnerabilities: How to Automate Your Bug Bounty Game with GitHub Actions | https://theshaco.com/unlocking-hidden-vulnerabilities-how-to-automate-your-bug-bounty-game-with-github-actions-3f6c9501fe64?source=rss------bug_bounty-5 | Khaleel Khan | hacking, bug-bounty, bug-bounty-tips, cybersecurity, infosec | 08-Oct-2024 |
From Ports to Payouts: Scanning Strategies for Bug Bounties | https://bevijaygupta.medium.com/from-ports-to-payouts-scanning-strategies-for-bug-bounties-a2861077a0d8?source=rss------bug_bounty-5 | Vijay Gupta | scanning, bug-bounty-tips, bug-bounty, payouts, ports | 08-Oct-2024 |
How I Discovered an Email Verification Bypass | https://mo9khu93r.medium.com/how-i-discovered-an-email-verification-bypass-e487270a61d3?source=rss------bug_bounty-5 | mo9khu93r | vulnerability, hacking, bug-bounty, cybersecurity, pentesting | 08-Oct-2024 |
Understanding and Detecting XSS Vulnerabilities: A Complete Guide | https://medium.com/@anandrishav2228/understanding-and-detecting-xss-vulnerabilities-a-complete-guide-4d3a85e4bed0?source=rss------bug_bounty-5 | Rishav anand | ai, bug-bounty, testing, cybersecurity, money | 08-Oct-2024 |
A quick P2 vulnerability, just like that ! | https://medium.com/@nireshpandian19/a-quick-p2-vulnerability-just-like-that-5fc4f25f3b09?source=rss------bug_bounty-5 | JAI NIRESH J | bug-bounty, hackerone, bug-bounty-writeup, idor, ethical-hacking | 08-Oct-2024 |
Methods to Bypass Captchas: A Deep Dive into Common Techniques | https://medium.com/@dasmanish6176/methods-to-bypass-captchas-a-deep-dive-into-common-techniques-309006f28923?source=rss------bug_bounty-5 | Dasmanish | bug-bounty, ethical-hacking, vapt, captcha | 08-Oct-2024 |
How i found endpoints from reading hacker-one reports | https://medium.com/@anonymousshetty2003/how-i-found-endpoints-from-reading-hacker-one-reports-20cfd6f0f62c?source=rss------bug_bounty-5 | Anonymousshetty | cybersecurity, hacking, dorking, bug-bounty | 08-Oct-2024 |
Blind XSS Practical Guide — Bug Bounty Tuesday | https://medium.com/@kerstan/blind-xss-practical-guide-bug-bounty-tuesday-3126bd52fae6?source=rss------bug_bounty-5 | kerstan | hacking, cybersecurity, bug-bounty | 08-Oct-2024 |
ironCTF 2024 Writeup | https://medium.com/@pphreak313/ironctf-2024-writeup-782f41854341?source=rss------bug_bounty-5 | Shlok K | ctf-writeup, cybersecurity, bug-bounty, ctf | 08-Oct-2024 |
From 401 — Unauthorized Access to 3000 $ Bounty from Microsoft. | https://medium.com/@bashir69emceeaka5/from-401-unauthorized-access-to-3000-bounty-from-microsoft-53b086379a08?source=rss------bug_bounty-5 | Bashir Mohammed | red-team, microsoft, bug-bounty, bugbounty-writeup, security | 08-Oct-2024 |
How I Hacked an Admin Panel in Just 2 Minutes | https://medium.com/@ranjanyadav2003/how-i-hacked-an-admin-panel-in-just-2-minutes-19d145820ee7?source=rss------bug_bounty-5 | Ranjan_Yadav | bug-bounty, cybersecurity | 08-Oct-2024 |
CVE-2024–25600: WordPress Bricks Builder Remote Code Execution Vulnerability -$$$$ BOUNTY | https://infosecwriteups.com/cve-2024-25600-wordpress-bricks-builder-remote-code-execution-vulnerability-bounty-997d488fd54e?source=rss------bug_bounty-5 | Ajay Naik | bug-bounty, cyberattack, rewards, cybersecurity, information-technology | 08-Oct-2024 |
Exploiting NoSQL operator injection to extract unknown fields | https://medium.com/@codingbolt.in/exploiting-nosql-operator-injection-to-extract-unknown-fields-b0d58bea9bbe?source=rss------bug_bounty-5 | codingbolt | cybersecurity, bug-bounty, nosql-injection, nosql, ethical-hacking | 08-Oct-2024 |
Exploiting NoSQL injection to extract data | https://medium.com/@codingbolt.in/exploiting-nosql-injection-to-extract-data-70fea37ed111?source=rss------bug_bounty-5 | codingbolt | ethical-hacking, nosql-injection, cybersecurity, nosql, bug-bounty | 08-Oct-2024 |
Exploiting NoSQL operator injection to bypass authentication | https://medium.com/@codingbolt.in/exploiting-nosql-operator-injection-to-bypass-authentication-9239353b9424?source=rss------bug_bounty-5 | codingbolt | ethical-hacking, nosql-injection, bug-bounty, cybersecurity, nosql | 08-Oct-2024 |
How Disabling 2FA Could End with a Bug? | https://7odamoo.medium.com/hacking-hackerone-how-disabling-2fa-could-end-with-a-bug-b637c154ce06?source=rss------bug_bounty-5 | Mahmoud Hamed | bug-bounty, pentesting | 08-Oct-2024 |
Breaking into the Shoutcast Server of a Multimedia Company | https://medium.com/@anonymousshetty2003/breaking-into-the-shoutcast-server-of-a-multimedia-company-e13dae3b17a3?source=rss------bug_bounty-5 | Anonymousshetty | cybersecurity, hacking, bug-bounty, vapt, wapt | 08-Oct-2024 |
Understanding Security Misconfiguration: A Critical Vulnerability in Web Security | https://medium.com/@mrutunjayasenapati0/understanding-security-misconfiguration-a-critical-vulnerability-in-web-security-4c87a5de4937?source=rss------bug_bounty-5 | Mrutunjaya Senapati | hacking, owasp, bug-bounty, server-misconfiguration, vulnerability | 08-Oct-2024 |
Account Takeover via Hidden Parameters in BBP | https://cyb3rc4t.medium.com/account-takeover-via-hidden-parameters-in-bbp-f65ce42ca96f?source=rss------bug_bounty-5 | CYB3RC4T | bounty-program, bug-bounty, infosec, account-takeover, hackerone | 8-Oct-2024 |
Using ‘Waymore’ to Uncover Archived Treasures and Customer Data | https://sl4x0.medium.com/using-waymore-to-uncover-archived-treasures-and-customer-data-a969474447a7?source=rss------bug_bounty-5 | Abdelrhman Allam (sl4x0) | bugcrowd, hackerone, web-security, pentesting, bug-bounty | 8-Oct-2024 |
How I got a 5000 $ Bounty from Microsoft | https://medium.com/@bashir69emceeaka5/how-i-got-a-5000-bounty-from-microsoft-fb2e27fd40f7?source=rss------bug_bounty-5 | Bashir Mohammed | red-team, bug-bounty-tips, security, bug-bounty-writeup, bug-bounty | 8-Oct-2024 |
How I got a 5000 $ Bounty from Microsoft | https://medium.com/@bashir69emceeaka5/how-i-got-a-5000-bounty-from-microsoft-fb2e27fd40f7?source=rss------bug_bounty-5 | Bashir Mohamed | red-team, bug-bounty-tips, security, bug-bounty-writeup, bug-bounty | 08-Oct-2024 |
From 401 — Unauthorized Access to 3000 $ Bounty from Microsoft. | https://medium.com/@bashir69emceeaka5/from-401-unauthorized-access-to-3000-bounty-from-microsoft-53b086379a08?source=rss------bug_bounty-5 | Bashir Mohamed | red-team, microsoft, bug-bounty, bugbounty-writeup, security | 08-Oct-2024 |
HOW TO INSTALL GO IN KALILINUX. | https://osintteam.blog/how-to-install-go-in-kalilinux-95924b5e9cde?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, cybersecurity, hacking, go, tips | 08-Oct-2024 |
Top 10 BurpSuite Extensions Every Bug Bounty Hunter Needs | https://osintteam.blog/top-10-burpsuite-extensions-every-bug-bounty-hunter-needs-67b6fddf612b?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | programming, ethical-hacking, hacking, burpsuite, bug-bounty | 08-Oct-2024 |
Asset discovery with favicon hash. | https://osintteam.blog/asset-discovery-with-favicon-hash-515d1c8a85cd?source=rss------bug_bounty-5 | loyalonlytoday | hacking, tips, bug-bounty-tips, cybersecurity, bug-bounty | 07-Oct-2024 |
Finding a easy p4 as per bugcrowd vrt | https://osintteam.blog/finding-a-easy-p4-as-per-bugcrowd-vrt-3e5c132f28d0?source=rss------bug_bounty-5 | loyalonlytoday | bugs, tips, bug-bounty, cybersecurity, hacking | 07-Oct-2024 |
Bug Bounty VS Motivation | https://osintteam.blog/bug-bounty-vs-motivation-27c3c37f2c28?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | programming, motivation, hacking, cybersecurity, bug-bounty | 07-Oct-2024 |
Subdomain Enumeration | BBOT ✅>= Subfinder + Sublist3r + Assetfinder + Amass ❌ | https://medium.com/@kumawatabhijeet2002/subdomain-enumeration-bbot-subfinder-sublist3r-assetfinder-amass-e4880cf4ab5b?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty-tips, subdomain-takeover, subdomain-enumeration, bug-bounty, bug-bounty-writeup | 07-Oct-2024 |
Scanning Kerentanan Website zero.webappsecurity.com | https://medium.com/@bimosp56/scanning-kerentanan-website-zero-webappsecurity-com-ce1d10f730b7?source=rss------bug_bounty-5 | Bimo Salasa Putra | cybersecurity, scanning, bug-bounty, vulnerabili, pentesting | 07-Oct-2024 |
Chinese Hackers Breach US Court Wiretap System | https://medium.com/@wiretor/chinese-hackers-breach-us-court-wiretap-system-b7181fbe93b2?source=rss------bug_bounty-5 | WIRE TOR | cybersecurity, bug-bounty, hacking, pentesting, xss-attack | 07-Oct-2024 |
How a Simple Bug Could Have Taken Down Your Instagram Tags | https://medium.com/@kiril.krivogyz/how-a-simple-bug-could-have-taken-down-your-instagram-tags-d3247e931c9d?source=rss------bug_bounty-5 | Kiril Krivogyz | bug-bounty, bug-bounty-tips, bug-bounty-writeup, hacking, instagram | 07-Oct-2024 |
Accidental Exposure of Private GraphQL Fields | https://medium.com/@codingbolt.in/accidental-exposure-of-private-graphql-fields-729b3fb99471?source=rss------bug_bounty-5 | codingbolt | api, bug-bounty, graphql, cybersecurity, api-penetration-testing | 07-Oct-2024 |
Exploiting server-side parameter pollution in a REST URL | https://medium.com/@codingbolt.in/exploiting-server-side-parameter-pollution-in-a-rest-url-2ed599aafdbc?source=rss------bug_bounty-5 | codingbolt | cybersecurity, bugs, api-penetration-testing, api-testing, bug-bounty | 07-Oct-2024 |
Exploiting a mass assignment vulnerability | https://medium.com/@codingbolt.in/exploiting-a-mass-assignment-vulnerability-07dd9e598302?source=rss------bug_bounty-5 | codingbolt | api-testing, api-penetration-testing, bug-bounty, apihacking, cybersecurity | 07-Oct-2024 |
Finding and Exploiting an Unused API Endpoint | https://medium.com/@codingbolt.in/finding-and-exploiting-an-unused-api-endpoint-0a79f47f38f1?source=rss------bug_bounty-5 | codingbolt | bugs, cybersecurity, bug-bounty, api-penetration-testing, api-testing | 07-Oct-2024 |
Introducing Bug Bounty Program For Thorn Protocol | https://thornprotocol.medium.com/introducing-bug-bounty-program-for-thorn-protocol-4d7a89d898e0?source=rss------bug_bounty-5 | Thorn Protocol | bug-bounty | 07-Oct-2024 |
xmlrpc.php allows SSRF! | https://take0verx0.medium.com/xmlrpc-php-allows-ssrf-5357049d43e9?source=rss------bug_bounty-5 | Shahariar Amin | bug-bounty, cybersecurity, bug-bounty-tips | 07-Oct-2024 |
cURL for API Testing & Automation: Advanced Commands for Penetration Testers and Developers | https://theshaco.com/curl-for-api-testing-automation-advanced-commands-for-penetration-testers-and-developers-67b2ce7d8f4f?source=rss------bug_bounty-5 | Khaleel Khan | hacking, infosec, kali-linux, cybersecurity, bug-bounty | 07-Oct-2024 |
Finding a Hidden GraphQL Endpoint | https://medium.com/@codingbolt.in/finding-a-hidden-graphql-endpoint-56001ab29f85?source=rss------bug_bounty-5 | codingbolt | graphql, api, api-testing, cybersecurity, bug-bounty | 07-Oct-2024 |
How I Got my First Bounty €€ ? | https://medium.com/@muralidharan1530/how-i-got-my-first-bounty-776e8487f9a0?source=rss------bug_bounty-5 | Murali Dharan | bug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs | 07-Oct-2024 |
Finding DOM XSS via File Upload | https://medium.com/@0Xdarsh/finding-dom-xss-via-file-upload-2a533a97cfaa?source=rss------bug_bounty-5 | 0Xdarsh | pentesting, web-penetration-testing, bug-hunting, bug-bounty | 07-Oct-2024 |
My 2nd bounty : Referer-based access control + Response manipulation | https://medium.com/@adebayosec/my-2nd-bounty-referer-based-access-control-response-manipulation-2ab7f54d083f?source=rss------bug_bounty-5 | Torious | penetration-testing, broken-access-control, hacking, bug-bounty, cybersecurity | 07-Oct-2024 |
Bypassing GraphQL brute force protections | https://medium.com/@codingbolt.in/bypassing-graphql-brute-force-protections-5cce7b3657c8?source=rss------bug_bounty-5 | codingbolt | api, api-testing, cybersecurity, bug-bounty, graphql | 07-Oct-2024 |
First Bug report as a beginner in Bug Bounty | https://blue3dot.medium.com/first-bug-report-as-a-beginner-in-bug-bounty-367e406cd960?source=rss------bug_bounty-5 | Manikanta G | info-sec-writeups, hackerone, cybersecurity, bug-bounty | 07-Oct-2024 |
How I found Cache Deception in a private bug bounty program. | https://medium.com/@mos693570/how-i-found-cache-deception-in-a-private-bug-bounty-program-0e3056d15858?source=rss------bug_bounty-5 | Mo Salah | web-cache-deception, bug-bounty | 07-Oct-2024 |
IDOR Attack Slips Through the Cracks: Vulnerability Scanners Miss Critical Security Flaw! | https://medium.com/@Aman-Gupta.cse/idor-attack-slips-through-the-cracks-vulnerability-scanners-miss-critical-security-flaw-c0061ea8c122?source=rss------bug_bounty-5 | Aman Gupta | bug-bounty, news, idor-vulnerability, cybersecurity, automation | 07-Oct-2024 |
tool to generate xss payloads. | https://medium.com/h7w/tool-to-generate-xss-payloads-09bf1e519121?source=rss------bug_bounty-5 | loyalonlytoday | hacking, bug-bounty-tips, cybersecurity, bug-bounty, xss-attack | 07-Oct-2024 |
5 Most Usefull Programming Language For Hackers | Primary Hacking School #6 | https://medium.com/@nnface/5-most-usefull-programming-language-for-hackers-primary-hacking-school-6-21b5979f0fe6?source=rss------bug_bounty-5 | NnFace | programming, kali-linux, cybersecurity, bug-bounty, hacking | 07-Oct-2024 |
How i get to find no rate limit bug worth $300 | https://medium.com/@sreejihkn43073/how-i-get-to-find-no-rate-limit-bug-worth-300-5036b0abbc7f?source=rss------bug_bounty-5 | Sreejihkn | bugcrowd, cybersecurity, bug-bounty, no-rate-limit, bug-bounty-tips | 06-Oct-2024 |
What To Do After Installing Kali #2? | Primary Hacking School #5 | https://medium.com/@nnface/what-to-do-after-installing-kali-2-primary-hacking-school-5-e9a4a8272dfa?source=rss------bug_bounty-5 | NnFace | cybersecurity, hacking, kali-linux, bug-bounty, linux | 06-Oct-2024 |
Enhancing Vulnerability Detection: Leveraging Shodan and ChatGPT for Efficient CIDR Scanning | https://medium.com/@malzureedi/enhancing-vulnerability-detection-leveraging-shodan-and-chatgpt-for-efficient-cidr-scanning-48970d4b94fa?source=rss------bug_bounty-5 | Malzureedi | red-team, bug-bounty-tips, cybersecurity, penetration-testing, bug-bounty | 06-Oct-2024 |
Exploiting server-side parameter pollution in a query string | https://medium.com/@codingbolt.in/exploiting-server-side-parameter-pollution-in-a-query-string-38768943c6ca?source=rss------bug_bounty-5 | codingbolt | bug-bounty-tips, bug-bounty, api-security, cybersecurity, bug-bounty-writeup | 06-Oct-2024 |
I Studied 100+ SSRF Reports, and Here’s What I Learned | https://infosecwriteups.com/i-studied-100-ssrf-reports-and-heres-what-i-learned-1654c72ee2df?source=rss------bug_bounty-5 | Aditya Sawant | bug-bounty, cybersecurity, penetration-testing, appsec, bug-bounty-tips | 06-Oct-2024 |
Exploiting an API endpoint using documentation | https://medium.com/@codingbolt.in/exploiting-an-api-endpoint-using-documentation-d07d3cedfddc?source=rss------bug_bounty-5 | codingbolt | bug-bounty, api-penetration-testing, cybersecurity, bug-bounty-tips, api-testing | 06-Oct-2024 |
High-Risk Vulnerabilities in Apache HTTP Server’s mod_proxy Encoding Problem Allow Authentication… | https://infosecwriteups.com/high-risk-vulnerabilities-in-apache-http-servers-mod-proxy-encoding-problem-allow-authentication-cbe8d422738d?source=rss------bug_bounty-5 | Ajay Naik | cybersecurity, cyberattack, bug-bounty, vulnerability, bug-bounty-tips | 06-Oct-2024 |
Understanding Insecure Design: A Critical Vulnerability in Web Security | https://medium.com/@mrutunjayasenapati0/understanding-insecure-design-a-critical-vulnerability-in-web-security-1185e989ba0c?source=rss------bug_bounty-5 | Mrutunjaya Senapati | bug-bounty, vulnerability, insecure-design, owasp, hacking | 06-Oct-2024 |
How i found the rxss on hackerone vdp program? | https://doordiefordream.medium.com/how-i-found-the-rxss-on-hackerone-vdp-program-c14530481c90?source=rss------bug_bounty-5 | balu bandi | ethical-hacking, cybersecurity, bug-bounty, xss-attack, bugs | 06-Oct-2024 |
How I Secured the Data of 15 Million Consumers: Uncovering Critical Vulnerabilities in Gujarat’s… | https://medium.com/@yashprajapati791/how-i-secured-the-data-of-15-million-consumers-uncovering-critical-vulnerabilities-in-gujarats-6dc453323851?source=rss------bug_bounty-5 | Yash Virendra Prajapati | responsible-disclosure, bug-bounty, unauthorized-access, trending, ethical-hacking | 06-Oct-2024 |
Conditional Error Blind SQLi — Real World vs. Portswigger Labs | https://medium.com/@rodriguezjorgex/conditional-error-blind-sqli-real-world-vs-portswigger-labs-75d8eaee8c13?source=rss------bug_bounty-5 | Rodriguezjorgex | sql-injection, bug-bounty, hacking | 06-Oct-2024 |
Race Condition , Allows creation of unlimited projects, bypassing free-tier limits. | https://dark0x.medium.com/race-condition-allows-creation-of-unlimited-projects-bypassing-free-tier-limits-109dd91c6783?source=rss------bug_bounty-5 | Mahmoud Hatem (0xDark) | sybersecurity, bugs, bug-bounty, hacking, bug-bounty-writeup | 06-Oct-2024 |
Network Penetration Testing: A Comprehensive Guide to Securing Your Infrastructure | https://systemweakness.com/network-penetration-testing-a-comprehensive-guide-to-securing-your-infrastructure-64ce44712dd2?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, technology, bug-bounty, hacking, careers | 06-Oct-2024 |
Why I Quit Bug Bounty Hunting 🙁 | https://infosecwriteups.com/why-i-quit-bug-bounty-hunting-95e81c907a6f?source=rss------bug_bounty-5 | Satyam Pathania | bug-bounty, technology, hacking, cybersecurity, information-technology | 06-Oct-2024 |
Critical Vulnerabilities in porte_plume plugin to Remote Exploits -$$$$ Bounty -CVE-2024–7954 | https://infosecwriteups.com/critical-vulnerabilities-in-porte-plume-plugin-to-remote-exploits-bounty-cve-2024-7954-3dbee45134ac?source=rss------bug_bounty-5 | Ajay Naik | bug-bounty, rewards, information-security, cybersecurity, penetration-testing | 06-Oct-2024 |
Finding a easy bug in profile picture field. | https://infosecwriteups.com/finding-a-easy-bug-in-profile-picture-field-a9b5f853a5bf?source=rss------bug_bounty-5 | loyalonlytoday | cybersecurity, bug-bounty, bug-bounty-tips, hacking, penetration-testing | 06-Oct-2024 |
Unrestricted File Upload in AWS S3 Bucket | https://infosecwriteups.com/unrestricted-file-upload-in-aws-s3-bucket-2a764a3965f4?source=rss------bug_bounty-5 | mo9khu93r | pentesting, aws, bug-bounty, hacking, cybersecurity | 06-Oct-2024 |
Understanding XSS Vulnerability For Beginners: A Deep Dive into Web Security Risks | https://medium.com/@error.not.known.404/understanding-xss-vulnerability-a-deep-dive-into-web-security-risks-189276a2d695?source=rss------bug_bounty-5 | Error | hacking, bug-bounty, ethical-hacking, security, bug-bounty-tips | 06-Oct-2024 |
Write-Up — Telegram Anonymous Chat Hack Bot | https://medium.com/@EroHack/write-up-telegram-anonymous-chat-hack-bot-ad3497f813ed?source=rss------bug_bounty-5 | EroHack | bug-bounty, telegram-bot, hacking, pentesting, writeup | 05-Oct-2024 |
Sensitive Data Leak using Cors Misconfiguration in prominent Domain Registrar | https://infosecwriteups.com/sensitive-data-leak-using-cors-misconfiguration-in-prominent-domain-registrar-b3010e4e6501?source=rss------bug_bounty-5 | Ronak Patel | bug-bounty, bug-bounty-writeup, ethical-hacking, information-security | 05-Oct-2024 |
SQL Injection Due To Weak Filtering in PHP | https://medium.com/@bountyget/sql-injection-due-to-weak-filtering-in-php-51f9e8d705c0?source=rss------bug_bounty-5 | Dhiren Kumar Pradhan | sql-injection, info-sec-writeups, bug-bounty, secure-coding, infosec | 05-Oct-2024 |
Burp Suite and Android: A Step-by-Step Connection Guide #part 1 | https://medium.com/@mahdisalhi0500/burp-suite-and-android-a-step-by-step-connection-guide-part-1-550dab3aa4c5?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | penetration-testing, androidhacking, infosec, ethical-hacking, bug-bounty | 05-Oct-2024 |
Uncovering Hidden Vulnerabilities: How I Earned Two Bounties for the Same Issue | https://medium.com/@milanjain7906/uncovering-hidden-vulnerabilities-how-i-earned-two-bounties-for-the-same-issue-f55cf960110d?source=rss------bug_bounty-5 | Milanjain | bug-bounty, hacker, bugbounty-writeup, hacking, cybersecurity | 05-Oct-2024 |
Resource Exhaustion: Leveraging Denial-of-Service Attacks for Maximum Impact | https://medium.com/@tusharpuri6/unleashing-the-chaos-my-dive-into-denial-of-service-dos-attacks-1ad06478b89a?source=rss------bug_bounty-5 | Tusharpuri | penetration-testing, infosec, bug-bounty, application-security, offensive-security | 05-Oct-2024 |
#6. Bug Bounty Series: Vertical Privilege Escalation via Session Storage | https://cyb3rmind.medium.com/6-bug-bounty-series-vertical-privilege-escalation-via-session-storage-be377380bfe4?source=rss------bug_bounty-5 | Cyb3r M!nds | penetration-testing, bug-bounty-tips, privilege-escalation, hacking, bug-bounty | 05-Oct-2024 |
Understanding Coordinated Vulnerability Disclosure (CVD) & Vulnerability Disclosure Programs (VDP) | https://medium.com/@yotamperkal/understanding-coordinated-vulnerability-disclosure-cvd-vulnerability-disclosure-programs-vdp-27ea33c882e0?source=rss------bug_bounty-5 | Yotam Perkal | information-security, cybersecurity, bug-bounty, ethical-hacking, vulnerability-management | 05-Oct-2024 |
Understanding Injection: A Critical Vulnerability in Web Security | https://medium.com/@mrutunjayasenapati0/understanding-injection-a-critical-vulnerability-in-web-security-7c5c5b692958?source=rss------bug_bounty-5 | Mrutunjaya Senapati | owasp, bug-bounty, hacking, injection, vulnerability | 05-Oct-2024 |
WHAT IS THE IMPORTANCE OF FINDING AQUISITIONS FOR BUG BOUNTY. | https://osintteam.blog/what-is-the-importance-of-finding-aquisitions-for-bug-bounty-02688ef90553?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, tips, cybersecurity, hacking, bug-bounty-tips | 05-Oct-2024 |
Bug Bounty VS Procrastination | https://osintteam.blog/bug-bounty-vs-procrastination-66fadc0a3ace?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | programming, bug-bounty, patience, procrastination, cybersecurity | 05-Oct-2024 |
Subdomain Enumeration & Takeovers (Part-3: Takeovers) | https://medium.com/@bitthr3at/subdomain-enumeration-takeovers-part-3-takeovers-e5c2b66be7fa?source=rss------bug_bounty-5 | Naman Gupta (Bitthr3at) | bug-bounty, recon, web, attack-surface, subdomain-takeover | 05-Oct-2024 |
Power of SQL Injection: How a Simple Query Can Lead to Complete Database Compromise | https://cyberw1ng.medium.com/power-of-sql-injection-how-a-simple-query-can-lead-to-complete-database-compromise-11ddbefd9e9a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, cybersecurity, technology, bug-bounty | 05-Oct-2024 |
Full Privilege Escalation from Agent to Admin Leads to Team Takeover | https://medium.com/@abdelrahman0x01/full-privilege-escalation-from-agent-to-admin-leads-to-team-takeover-2819507af2f1?source=rss------bug_bounty-5 | Abdelrahman0x01 | cybersecurity, cyberattack, bug-bounty-tips, penetration-testing, bug-bounty | 05-Oct-2024 |
My First XSS Vulnerability Discovery on WebApp | https://medium.com/@sultonhasan017/my-first-xss-vulnerability-discovery-on-webapp-60cfad40f67a?source=rss------bug_bounty-5 | Sulton hasan | bug-bounty, dom-based-xss, xss-vulnerability, penetration-testing | 05-Oct-2024 |
Well, now that you’ve put your mind in the right direction and started testing a website, the first… | https://medium.com/@shaikhminhaz1975/well-now-that-youve-put-your-mind-in-the-right-direction-and-started-testing-a-website-the-first-c900776d6f89?source=rss------bug_bounty-5 | Shaikh Minhaz | brute-force, bug-bounty, ethical-hacking, cybersecurity, penetration-testing | 04-Oct-2024 |
Guarding the Gateway: Understanding and Preventing File Upload Attacks | https://medium.com/@wintersoldiers/guarding-the-gateway-understanding-and-preventing-file-upload-attacks-b116abd5eef0?source=rss------bug_bounty-5 | Winter_Soldiers | file-upload-vulnerability, web-security, hacking, bug-bounty, rce-vulnerability | 04-Oct-2024 |
Directory Brute-Forcing: All Methods You Need to Know — File Extension, Status Filter, and… | https://medium.com/@shaikhminhaz1975/well-now-that-youve-put-your-mind-in-the-right-direction-and-started-testing-a-website-the-first-c900776d6f89?source=rss------bug_bounty-5 | Shaikh Minhaz | brute-force, bug-bounty, ethical-hacking, cybersecurity, penetration-testing | 04-Oct-2024 |
SQL injection with filter bypass via XML encoding | https://medium.com/@codingbolt.in/sql-injection-with-filter-bypass-via-xml-encoding-754808d7d29a?source=rss------bug_bounty-5 | codingbolt | bug-bounty, sql-injection-attack, sql-injection, bug-bounty-tips, cybersecurity | 04-Oct-2024 |
Identifying the LLM Attack Surface: A Beginner’s Guide | https://medium.com/@360Security/identifying-the-llm-attack-surface-a-beginners-guide-190b6e1c0aba?source=rss------bug_bounty-5 | Anand | llm, bug-bounty, vapt, penetration-testing, cybersecurity | 04-Oct-2024 |
GraphQL vs REST: Comparison and exploit | https://medium.com/@kabi_777/graphql-vs-rest-comparison-and-security-insights-f481f3389e43?source=rss------bug_bounty-5 | Kabi_777 | bug-bounty, bug-bounty-writeup, bug-bounty-hunter, cybersecurity, bug-bounty-tips | 04-Oct-2024 |
Unlocking Cybersecurity: The Power of Bug Bounty Programs in 2024 | https://medium.com/@eyowas1994/unlocking-cybersecurity-the-power-of-bug-bounty-programs-in-2024-d77d33137e64?source=rss------bug_bounty-5 | CyberSec Tactics | ethical-hacking, bug-bounty, cybersecurity, hacking, web-security | 04-Oct-2024 |
From File Upload to Remote Code Execution (RCE) | https://medium.com/@lukasz.wierzbicki/from-file-upload-to-remote-code-execution-rce-d8f210b22a8c?source=rss------bug_bounty-5 | Lukasz Wierzbicki | security-testing, security-research, bug-bounty, pentesting, pentest | 04-Oct-2024 |
Broken Access Control — Unprotected admin functionality | https://medium.com/@codingbolt.in/broken-access-control-unprotected-admin-functionality-9905f57fa88a?source=rss------bug_bounty-5 | codingbolt | access-control, privilege-escalation, cybersecurity, bug-bounty, broken-access-control | 04-Oct-2024 |
A Methodology Guide to Bypassing RASP and Root Detection in Mobile Apps with Frida | https://medium.com/@abhijithknamboothiri96/a-methodology-guide-to-bypassing-rasp-and-root-detection-in-mobile-apps-with-frida-17e4f97b88bc?source=rss------bug_bounty-5 | Abhijith Namboothiry | cybersecurity, mobile-pentesting, penetration-testing, bug-bounty, security | 04-Oct-2024 |
Understanding Cryptographic Failures: A Key Vulnerability in Web Security | https://medium.com/@mrutunjayasenapati0/understanding-cryptographic-failures-a-key-vulnerability-in-web-security-bb024a4c41ca?source=rss------bug_bounty-5 | Mrutunjaya Senapati | owasp-top-10, bug-bounty, web-penetration-testing, cyrptography, hacking | 04-Oct-2024 |
How to choose the Correct Severity or CVSS Score for a Bug: A Practical Guide | https://medium.com/@a13h1/how-to-choose-the-correct-severity-or-cvss-score-for-a-bug-a-practical-guide-7a83be0096f3?source=rss------bug_bounty-5 | Abhi Sharma | cybersecurity, bug-bounty, bug-bounty-tips, hacking, infosec | 04-Oct-2024 |
Are you ready to take over entire infrastructure? | https://medium.com/@alex122303q/are-you-ready-to-take-over-entire-infrastructure-a93d2a0f902c?source=rss------bug_bounty-5 | Nebty | ctf, malicious-document, standoff365, bug-bounty, penetration-testing | 04-Oct-2024 |
US Trading Account Fund Exploit: An IDOR Vulnerability Walkthrough | https://medium.com/@360Security/us-trading-account-fund-exploit-an-idor-vulnerability-walkthrough-a61ba5186874?source=rss------bug_bounty-5 | 360 Security | vapt, web-security, bug-bounty, cybersecurity, penetration-testing | 04-Oct-2024 |
Identifying the LLM Attack Surface: A Beginner’s Guide | https://medium.com/@360Security/identifying-the-llm-attack-surface-a-beginners-guide-190b6e1c0aba?source=rss------bug_bounty-5 | 360 Security | llm, bug-bounty, vapt, penetration-testing, cybersecurity | 04-Oct-2024 |
Command Injection: How Exploiting User Input Can Lead to Full System Compromise | https://systemweakness.com/command-injection-how-exploiting-user-input-can-lead-to-full-system-compromise-6becf5b981a1?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, hacking, technology, bug-bounty | 04-Oct-2024 |
one of the best tool for subdomains finding. | https://osintteam.blog/one-of-the-best-tool-for-subdomains-finding-0769dff261f4?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, hacking | 04-Oct-2024 |
easy bug bounty as a beginner part 1 | https://medium.com/@canonminibeast/easy-bug-bounty-as-a-beginner-part-1-38833747da8d?source=rss------bug_bounty-5 | Canonminibeast | hacking-tools, hacking, web-penetration-testing, bug-bounty, bugbounty-poc | 04-Oct-2024 |
Are you ready to take over entire infrastructure? | https://medium.com/@nebty/are-you-ready-to-take-over-entire-infrastructure-a93d2a0f902c?source=rss------bug_bounty-5 | Nebty | ctf, malicious-document, standoff365, bug-bounty, penetration-testing | 04-Oct-2024 |
Some XSS Situation | https://medium.com/@haticezkmnl/some-xss-situation-31fa64e113fe?source=rss------bug_bounty-5 | Hatice Zehra Kamanlı | cyber, xss-attack, bug-bounty, exploitation, cybersecurity | 03-Oct-2024 |
OTP Bypass Methods | Bug Bounty | https://medium.com/@arrheniuspaelongan09/otp-bypass-methods-bug-bounty-4a988573c12a?source=rss------bug_bounty-5 | Qchad | programming, bug-bounty, penetration-testing, technology, hacking | 03-Oct-2024 |
Understanding Broken Access Control: A Critical Vulnerability in Web Security | https://medium.com/@mrutunjayasenapati0/understanding-broken-access-control-a-critical-vulnerability-in-web-security-6ebd33ad4d35?source=rss------bug_bounty-5 | Mrutunjaya Senapati | bug-bounty, web-penetration-testing, owasp, hacking, broken-access-control | 03-Oct-2024 |
Hacker Kali Toolkit Zero-Hero | Primary Hacking School #4 | https://medium.com/@nnface/hacker-kali-toolkit-zero-hero-primary-hacking-school-4-a489aafb7f75?source=rss------bug_bounty-5 | NnFace | linux, cybersecurity, hacking, bug-bounty, kali-linux | 03-Oct-2024 |
Visible error-based SQL injection | https://medium.com/@codingbolt.in/visible-error-based-sql-injection-46b8bafe9059?source=rss------bug_bounty-5 | codingbolt | bug-bounty-tips, sql-injection, bug-bounty, sql-injection-attack, cybersecurity | 03-Oct-2024 |
Blind SQL injection with conditional errors | https://medium.com/@codingbolt.in/blind-sql-injection-with-conditional-errors-f7c05ef531ad?source=rss------bug_bounty-5 | codingbolt | sql-injection, cybersecurity, sql-injection-attack, bug-bounty-tips, bug-bounty | 03-Oct-2024 |
Blind SQL injection with conditional responses | https://medium.com/@codingbolt.in/blind-sql-injection-with-conditional-responses-7ffa3a1ac84d?source=rss------bug_bounty-5 | codingbolt | bug-bounty-tips, sql-injection, bug-bounty, sql-injection-attack, cybersecurity | 03-Oct-2024 |
SQL injection UNION attack, retrieving multiple values in a single column | https://medium.com/@codingbolt.in/sql-injection-union-attack-retrieving-multiple-values-in-a-single-column-ed5ce734abf2?source=rss------bug_bounty-5 | codingbolt | sql-injection-attack, cybersecurity, bug-bounty-tips, bug-bounty, sql-injection | 03-Oct-2024 |
SQL injection UNION attack, retrieving data from other tables | https://medium.com/@codingbolt.in/sql-injection-union-attack-retrieving-data-from-other-tables-11cc211f5ad3?source=rss------bug_bounty-5 | codingbolt | sql-injection-attack, sql-injection, bug-bounty, cybersecurity, bug-bounty-tips | 03-Oct-2024 |
DNS — Port 53 — Pentesting | https://medium.com/@verylazytech/dns-port-53-pentesting-7b8ca6307d54?source=rss------bug_bounty-5 | Very Lazy Tech | cybersecurity, bug-bounty, hacking, dns-exploit, dns | 03-Oct-2024 |
VDP: Broken Session Management Allows Unlimited Free Scans on Pentesting Website | https://medium.com/@enigma_/vdp-broken-session-management-allows-unlimited-free-scans-on-pentesting-website-99467dce1d3c?source=rss------bug_bounty-5 | enigma | penetration-testing, hacking, owasp, bug-bounty, bug-bounty-writeup | 03-Oct-2024 |
Subdomain Enumeration & Takeovers (Part-2: Active Enumeration) | https://medium.com/@bitthr3at/subdomain-enumeration-takeovers-part-2-active-enumeration-304cb3381813?source=rss------bug_bounty-5 | Naman Gupta (Bitthr3at) | recon, subdomain-enumeration, web, bug-bounty, attack-surface | 03-Oct-2024 |
How I hacked RD Sharma’s Publisher Website? | https://abhayvis.medium.com/how-i-hacked-rd-sharmas-publisher-website-7a76b3cb12ae?source=rss------bug_bounty-5 | Abhay Vishwakarma | sql-injection, hacking, bug-bounty | 03-Oct-2024 |
Blind SQL injection with out-of-band data exfiltration | https://medium.com/@codingbolt.in/blind-sql-injection-with-out-of-band-data-exfiltration-0a08129bfad5?source=rss------bug_bounty-5 | codingbolt | sql-injection, cybersecurity, bug-bounty-tips, sql-injection-attack, bug-bounty | 03-Oct-2024 |
Blind SQL injection with out-of-band interaction | https://medium.com/@codingbolt.in/blind-sql-injection-with-out-of-band-interaction-e44f6f75bc47?source=rss------bug_bounty-5 | codingbolt | bug-bounty-tips, sql-injection-attack, cybersecurity, sql-injection, bug-bounty | 03-Oct-2024 |
Blind SQL injection with time delays and information retrieval | https://medium.com/@codingbolt.in/blind-sql-injection-with-time-delays-and-information-retrieval-fa38f3618a99?source=rss------bug_bounty-5 | codingbolt | sql-injection-attack, cybersecurity, sql-injection, bug-bounty, bug-bounty-tips | 03-Oct-2024 |
Blind SQL injection with time delays | https://medium.com/@codingbolt.in/blind-sql-injection-with-time-delays-94cc5d962902?source=rss------bug_bounty-5 | codingbolt | cybersecurity, sql-injection-attack, bug-bounty, sql-injection, bug-bounty-tips | 03-Oct-2024 |
Pre-Account Takeover via Facebook OAuth Misconfiguration | https://nyein-chan-aung.medium.com/pre-account-takeover-via-facebook-oauth-misconfiguration-e16b984b7953?source=rss------bug_bounty-5 | Nyein Chan Aung | bug-bounty-tips, takeovers, bug-bounty | 03-Oct-2024 |
XML External Entity (XXE) Injection: How Malicious XML Payloads Can Breach Your Application | https://systemweakness.com/xml-external-entity-xxe-injection-how-malicious-xml-payloads-can-breach-your-application-4837f732781e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | technology, cybersecurity, hacking, bug-bounty, careers | 03-Oct-2024 |
How ChatGPT Made Me a Hacker. | https://medium.com/@wajeehakhan9797/how-chatgpt-made-me-a-hacker-b89b1cce992b?source=rss------bug_bounty-5 | Wajeeha Khan | learning, openai, large-language-models, hacking, bug-bounty | 03-Oct-2024 |
Critical Vulnerabilities in DrayTek Vigor Routers: Over 700,000 Devices Exposed to Remote Exploits… | https://infosecwriteups.com/critical-vulnerabilities-in-draytek-vigor-routers-over-700-000-devices-exposed-to-remote-exploits-2f3f731b50d9?source=rss------bug_bounty-5 | Ajay Naik | cybersecurity, penetration-testing, bug-bounty, rewards, hacking | 03-Oct-2024 |
Blind SQL injection with out-of-band data exfiltration | https://systemweakness.com/blind-sql-injection-with-out-of-band-data-exfiltration-0a08129bfad5?source=rss------bug_bounty-5 | codingbolt | sql-injection, cybersecurity, bug-bounty-tips, sql-injection-attack, bug-bounty | 03-Oct-2024 |
Critical Information Disclosure Vulnerability via CNAME (AUTOMATED SCAN) | https://offsec01.medium.com/critical-information-disclosure-vulnerability-via-cname-automated-scan-be0f6597ac5e?source=rss------bug_bounty-5 | Facundo Fernandez | bug-bounty, penetration-testing, ethical-hacking, hacking, cybersecurity | 03-Oct-2024 |
https://forms.gle/bHE9FbPTuzYzREAz7 | https://medium.com/@a1il7j99h/https-forms-gle-bhe9fbptuzyzreaz7-5f9f5d561a4b?source=rss------bug_bounty-5 | Re$@T!l< | cyber, bug-bounty, hacker | 02-Oct-2024 |
How I Earned $4000+ from a Simple Information Disclosure Bug | https://medium.com/@rajauzairabdullah/how-i-earned-4000-from-a-simple-information-disclosure-bug-d644c47803c1?source=rss------bug_bounty-5 | Raja Uzair Abdullah | information-disclosure, bug-bounty-tips, bug-bounty, penetration-testing | 02-Oct-2024 |
Seri Belajar APT (Advanced Persistent Threat) Secara Sederhana Pada Target OS Linux — Pengumpulan… | https://medium.com/@mrp.bpp/seri-belajar-apt-advanced-persistent-threat-secara-sederhana-pada-target-os-linux-pengumpulan-967c3c2f46cc?source=rss------bug_bounty-5 | Mada Perdhana | hacking, apt, linux-hacking, bug-bounty, ethical-hacking-tips | 02-Oct-2024 |
Seri Belajar APT (Advanced Persistent Threat) Secara Sederhana Pada Target OS Linux — Pengumpulan… | https://medium.com/@mrp.bpp/seri-belajar-apt-advanced-persistent-threat-secara-sederhana-pada-target-os-linux-pengumpulan-4cbd83db98af?source=rss------bug_bounty-5 | Mada Perdhana | apt, nmap, hacking, bug-bounty, ethical-hacking-tips | 02-Oct-2024 |
How i got my first bounty of $$$ | https://rivudon.medium.com/how-i-got-my-first-bounty-of-e163f970d1e0?source=rss------bug_bounty-5 | Rivek Raj Tamang ( RivuDon ) | infosec, hackerone, bug-bounty-tips, bug-bounty | 02-Oct-2024 |
Mastering Code Quality | https://python.plainenglish.io/mastering-code-quality-2f595404d547?source=rss------bug_bounty-5 | rahul bhatia | coverage, python, code-quality, bug-bounty, bug-detection | 02-Oct-2024 |
$175 Prototype Pollution Vulnerability — My first bounty | https://1-day.medium.com/175-prototype-pollution-vulnerability-my-first-bounty-197738a32330?source=rss------bug_bounty-5 | 1day | writeup, penetration-testing, bug-bounty, hacking, bug-bounty-writeup | 02-Oct-2024 |
Boost Your Code Quality with Python Coverage | https://python.plainenglish.io/mastering-code-quality-2f595404d547?source=rss------bug_bounty-5 | rahul bhatia | coverage, python, code-quality, bug-bounty, bug-detection | 02-Oct-2024 |
Comment j’ai découvert une vulnérabilité d’Information Disclosure sur un site que j’utilise | https://medium.com/@Itachi0xf/comment-jai-d%C3%A9couvert-une-vuln%C3%A9rabilit%C3%A9-d-information-disclosure-sur-un-site-que-j-utilise-3a9fed9daa02?source=rss------bug_bounty-5 | Itachix0f | information-disclosure, hacking, apihacking, bug-bounty | 02-Oct-2024 |
How to Find Bugs and Vulnerabilities Using ChatGPT: Guaranteed Results | https://bevijaygupta.medium.com/how-to-find-bugs-and-vulnerabilities-using-chatgpt-guaranteed-results-288ff81dfe40?source=rss------bug_bounty-5 | Vijay Gupta | bugs, bug-bounty, vulnerability, bug-bounty-tips, chatgpt | 02-Oct-2024 |
SQL injection attack, listing the database contents on non-Oracle databases | https://medium.com/@codingbolt.in/sql-injection-attack-listing-the-database-contents-on-non-oracle-databases-718de8ba755a?source=rss------bug_bounty-5 | codingbolt | bugs, bug-bounty, cybersecurity, sql-injection, bug-bounty-tips | 02-Oct-2024 |
SQL injection UNION attack, determining the number of columns returned by the query | https://medium.com/@codingbolt.in/sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-f04154bd5b3c?source=rss------bug_bounty-5 | codingbolt | sql-injection-attack, sql-injection, bug-bounty, bug-bounty-tips, cybersecurity | 02-Oct-2024 |
Exfiltration of Data from a Standalone PC | https://roadtooscp.medium.com/exfiltration-of-data-from-a-standalone-pc-00a538f0f773?source=rss------bug_bounty-5 | RoadToOSCP | bug-bounty, hacking, red-teaming, malware, data-security | 02-Oct-2024 |
Découverte d’une vulnérabilité XSS avec contournement de la CSP via unpkg.com | https://medium.com/@Itachi0xf/d%C3%A9couverte-dune-vuln%C3%A9rabilit%C3%A9-xss-avec-contournement-de-la-csp-via-unpkg-com-02437e0eac34?source=rss------bug_bounty-5 | Itachix0f | hacking, xss-attack, csp-bypass, bug-bounty, xss-bypass | 02-Oct-2024 |
“A Vulnerability, A Treasure: Go on a Fun Treasure Hunt with OWASP Top 10!” | https://medium.com/@rootspaghetti/a-vulnerability-a-treasure-go-on-a-fun-treasure-hunt-with-owasp-top-10-d9fe21911856?source=rss------bug_bounty-5 | Root@Spaghetti | hacking, bug-bounty, bug-bounty-tips | 02-Oct-2024 |
SQL injection attack, listing the database contents on Oracle | https://medium.com/@codingbolt.in/sql-injection-attack-listing-the-database-contents-on-oracle-ceb843466f32?source=rss------bug_bounty-5 | codingbolt | sql-injection, bug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty | 02-Oct-2024 |
Exploiting Blind XSS to Access Admin Dashboard for Bounty Rewards | https://medium.com/@arrheniuspaelongan09/exploiting-blind-xss-to-access-admin-dashboard-for-bounty-rewards-fcdd54ddea7c?source=rss------bug_bounty-5 | Qchad | technology, hacking, bug-bounty, penetration-testing, hacker | 02-Oct-2024 |
Which path to choose in cybersecurity? | https://medium.com/@mr_prey3r/which-path-to-choose-in-cybersecurity-ca048e621ba0?source=rss------bug_bounty-5 | Rubayet Hasan aka MR_Prey3r | cybersecurity, hacking, bug-bounty, ethical-hacking | 02-Oct-2024 |
OWASP Top 10: 2021 vs. 2017 — A Comparative Analysis | https://medium.com/@mrutunjayasenapati0/owasp-top-10-2021-vs-2017-a-comparative-analysis-70990e5570f8?source=rss------bug_bounty-5 | Mrutunjaya Senapati | bug-bounty, bugs, vulnerability, owasp, hacking | 02-Oct-2024 |
Deep Dive in Reconnaissance | https://medium.com/@bitthr3at/deep-dive-in-reconnaissance-a1e88cfdebf5?source=rss------bug_bounty-5 | Naman Gupta (Bitthr3at) | recon, subdomains-enumeration, bug-bounty, web, attack-surface | 02-Oct-2024 |
Bug Bounty Proqramlarına Giriş: Zəifliklərin Aşkar Edilməsi və Etik Hakerlik (Bölüm 1) | https://zeynalxan.medium.com/bug-bounty-proqramlar%C4%B1na-giri%C5%9F-z%C9%99iflikl%C9%99rin-a%C5%9Fkar-edilm%C9%99si-v%C9%99-etik-hakerlik-b%C3%B6l%C3%BCm-1-8caa7eb90dd8?source=rss------bug_bounty-5 | Zeynalxan Quliyev | etik-xaker, bug-bounty, whitehat, bug-bounty-nədir, hakerlik | 2-Oct-2024 |
A Comprehensive Bug Bounty Checklist for Beginners. | https://medium.com/@anandrishav2228/a-comprehensive-bug-bounty-checklist-for-beginners-f96ba591cf3d?source=rss------bug_bounty-5 | Rishav anand | computer-science, security, cybersecurity, engineering, bug-bounty | 2-Oct-2024 |
Cross-Origin Resource Sharing (CORS) Misconfiguration: How Attackers Exploit Weak Policies to Steal… | https://cyberw1ng.medium.com/cross-origin-resource-sharing-cors-misconfiguration-how-attackers-exploit-weak-policies-to-steal-5902af92d71f?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, technology, bug-bounty, cybersecurity | 2-Oct-2024 |
SQL injection UNION attack, finding a column containing text | https://medium.com/@codingbolt.in/sql-injection-union-attack-finding-a-column-containing-text-09d913162e0f?source=rss------bug_bounty-5 | codingbolt | sql-injection, sql-injection-attack, bug-bounty, cybersecurity, bug-bounty-tips | 2-Oct-2024 |
Reverse Shells: A Practical Guide | https://medium.com/@learntheshell/reverse-shells-a-practical-guide-af1815bc3127?source=rss------bug_bounty-5 | LearnTheShell | bug-bounty, bug-bounty-tips, reverse-shell, cybersecurity, pentesting | 02-Oct-2024 |
Secrets Manager exposed (HasiCorp Vault) | https://medium.com/@manumanram2/secrets-manager-exposed-hasicorp-vault-7075539a9e1e?source=rss------bug_bounty-5 | SrPatoMan | information-disclosure, hacking, bug-bounty | 02-Oct-2024 |
Cross-Origin Resource Sharing (CORS) Misconfiguration: How Attackers Exploit Weak Policies to Steal… | https://systemweakness.com/cross-origin-resource-sharing-cors-misconfiguration-how-attackers-exploit-weak-policies-to-steal-5902af92d71f?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, technology, bug-bounty, cybersecurity | 02-Oct-2024 |
Utilizing AI Model for Hacking: Bypassing CAPTCHAs using AI leads to Account Takeover | Bug Bounty | https://ph-hitachi.medium.com/utilizing-ai-model-for-hacking-bypassing-captchas-using-ai-leads-to-account-takeover-bug-bounty-028804b779a0?source=rss------bug_bounty-5 | Ph.Hitachi | vulnerability, bug-bounty, captcha, security, ai | 01-Oct-2024 |
Chaining Application-Level DoS with CSRF: A Sneaky Exploit to Block User Logins | https://medium.com/@dsmodi484/chaining-application-level-dos-with-csrf-a-sneaky-exploit-to-block-user-logins-4caaac781883?source=rss------bug_bounty-5 | Dishant Modi | hackerone, bug-bounty, csrf, python, vulnerability | 01-Oct-2024 |
Top 10 Documentation Every Hacker Should Know | https://medium.com/@RaunakGupta1922/top-10-documentation-every-hacker-should-know-f28e73f7c207?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | ethical-hacking, cybersecurity, bug-bounty, programming, infosec | 01-Oct-2024 |
Mastering XSS (Cross-Site Scripting) Attacks: A Comprehensive Guide to become Professional Bug… | https://medium.com/@kumawatabhijeet2002/mastering-xss-cross-site-scripting-attacks-a-comprehensive-guide-to-become-professional-bug-6251058c576e?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, xss-vulnerability, bug-bounty-tips, dom-based-xss, xss-attack | 01-Oct-2024 |
Don’t Miss Out! The Best Platforms to Report Vulnerabilities and Earn Big! | https://medium.com/@paritoshblogs/dont-miss-out-the-best-platforms-to-report-vulnerabilities-and-earn-big-787bbb03607a?source=rss------bug_bounty-5 | Paritosh | how-to, vulnerability, hacking, bug-bounty, cybersecurity | 01-Oct-2024 |
Why can’t Bug Bounty Hunter find a bug? | https://m0hitrawat.medium.com/why-cant-bug-bounty-hunter-find-a-bug-b5c9bc72a30d?source=rss------bug_bounty-5 | Mohit Rawat | pentesting-checklist, bug-bounty, bug-bounty-writeup, pentesting-guide, bug-bounty-tips | 01-Oct-2024 |
Android Application Pentesting Part 2 | Android Platform Architecture | https://dkcyberz.medium.com/android-application-pentesting-part-2-android-platform-architecture-0db5e27f209a?source=rss------bug_bounty-5 | Harpy Hunter | android-pentesting, bug-bounty, bugbounty-writeup, pentesting, ethical-hacking | 01-Oct-2024 |
Understanding the OWASP Top 10: Your Guide to Web Application Security | https://medium.com/@mrutunjayasenapati0/understanding-the-owasp-top-10-your-guide-to-web-application-security-fab59537db8b?source=rss------bug_bounty-5 | Mrutunjaya Senapati | hacking, bug-bounty, owasp-top-10, hunting, bounty-program | 01-Oct-2024 |
Why Web3Projects Should Start with Smaller Bug Bounties | https://medium.com/@rangashree.rangaraja/why-web3projects-should-start-with-smaller-bug-bounties-a391777bc559?source=rss------bug_bounty-5 | Rangashree Rangaraja | bug-bounty, web3-security, web3, blockchain, blockchain-technology | 01-Oct-2024 |
Exploiting the Unprotected: How I Gained Unauthorized Access to Redis | https://medium.com/@impratikdabhi/exploiting-the-unprotected-how-i-gained-unauthorized-access-to-redis-5070eea7da35?source=rss------bug_bounty-5 | Pratik Dabhi | hacking, hacking-tools, bugcrowd, hackerone, bug-bounty | 01-Oct-2024 |
Taming Post Claps | https://medium.engineering/taming-post-claps-273d97ce1ced?source=rss------bug_bounty-5 | Ryan Lattanzi | dynamodb, software-development, programming, bug-bounty | 01-Oct-2024 |
4 Burpsuite Intruder Attack Types You Should Know —Bug Tuesday | https://medium.com/@kerstan/4-burpsuite-intruder-attack-types-you-should-know-bug-tuesday-5c7a0900cb56?source=rss------bug_bounty-5 | kerstan | bug-bounty, hacking, cybersecurity | 01-Oct-2024 |
Escalating stored XSS to Account Takeover | https://nyein-chan-aung.medium.com/escalating-stored-xss-to-account-takeover-28c549cd5f6b?source=rss------bug_bounty-5 | Nyein Chan Aung | bug-bounty, bug-bounty-writeup, bug-bounty-tips | 01-Oct-2024 |
Unauthenticated PHP Object Injection in GiveWP Plugin for WordPress | https://infosecwriteups.com/unauthenticated-php-object-injection-in-givewp-plugin-for-wordpress-5fffa8df79c8?source=rss------bug_bounty-5 | Ajay Naik | rewards, hacking, bug-bounty, vulnerability, cybersecurity | 01-Oct-2024 |
File Upload (RCE) to Bounty | HackerOne | https://starlox.medium.com/file-upload-rce-to-bounty-hackerone-928e8e5b375e?source=rss------bug_bounty-5 | #$ubh@nk@r | infosec, hacking, pentesting, bug-bounty, cybersecurity | 01-Oct-2024 |
Sneaking into your documents: How I hacked DigiLocker? | https://medium.com/codechef-vit/sneaking-into-your-documents-how-i-hacked-digilocker-ae6dc44267fb?source=rss------bug_bounty-5 | Prateek Srivastava | bug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, penetration-testing | 01-Oct-2024 |
Cross-Site Request Forgery (CSRF): How Attackers Exploit Trust to Hijack User Actions | https://systemweakness.com/cross-site-request-forgery-csrf-how-attackers-exploit-trust-to-hijack-user-actions-94d29d787e47?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, bug-bounty, technology, hacking | 01-Oct-2024 |
How I Manipulated A User’s Email: A CSRF PoC Walkthrough from TCM Academy | https://medium.com/@trixiahorner/csrf-walkthrough-5876cdf437ea?source=rss------bug_bounty-5 | Trixia Horner | cybersecurity, hacking, bug-bounty, vulnerability, website | 01-Oct-2024 |
Nmap: A Comprehensive Guide for Web Application Bug Hunting | https://medium.com/@anandrishav2228/nmap-a-comprehensive-guide-for-web-application-bug-hunting-d8c2a0ef360a?source=rss------bug_bounty-5 | Rishav anand | cybersecurity, nmap, bug-bounty, engineering, hacking | 01-Oct-2024 |
Bug in a Mailing List Exposed Hundreds of American Universities: How I Found and Exploited the… | https://medium.com/@sarvagnpathak/bug-in-a-mailing-list-exposed-hundreds-of-american-universities-how-i-found-and-exploited-the-cf5df54baf37?source=rss------bug_bounty-5 | Sarvagn Pathak | cybersecurity, bug-bounty, awareness, hacking | 01-Oct-2024 |
AllSafe Challenges | https://medium.com/@soliman_almansor/all-safe-challenges-599a09cce447?source=rss------bug_bounty-5 | Soliman Almansor | hacking, bug-bounty, information-security, android-pentesting, infosec | 01-Oct-2024 |
Excited to announce our Industrial Security Training Program at @security_lit! | https://securitylit.medium.com/excited-to-announce-our-industrial-security-training-program-at-security-lit-82a21753634e?source=rss------bug_bounty-5 | Security Lit Limited | it-security, cybersecurity, penetration-testing, bug-bounty, traning | 01-Oct-2024 |
Open Redirect Bug | wedohacks | https://wedohack.medium.com/open-redirect-bug-wedohacks-26012e51d50c?source=rss------bug_bounty-5 | WE DO HACKS | open-redirect, bug-bounty, bugs, bug-hunting, hacking | 01-Oct-2024 |
CORS Vulnerability with Trusted Insecure Protocols | https://medium.com/@rcxsecurity/cors-vulnerability-with-trusted-insecure-protocols-09df3304e3d8?source=rss------bug_bounty-5 | Ryan G. Cox - The Cybersec Cafe | bug-bounty, information-security, penetration-testing, cybersecurity, hacking | 01-Oct-2024 |
Remote code Execution | https://medium.com/@roshiniyathakula/remote-code-execution-9b2e9f26963d?source=rss------bug_bounty-5 | Roshiniyathakula | rce-vulnerability, penetration-testing, bug-bounty, reverse-shell, hacking | 30-Sep-2024 |
Uncovering Hidden Subdomains with Favicons: Advanced Enumeration Techniques | https://systemweakness.com/uncovering-hidden-subdomains-with-favicons-advanced-enumeration-techniques-e92cb30cbcc3?source=rss------bug_bounty-5 | Khaleel Khan | bug-bounty-tips, hacking, cybersecurity, infosec, bug-bounty | 30-Sep-2024 |
Discovering Facebook OAuth Misconfigurations: A Journey into Pre-Account Takeover | https://medium.com/@cybershree/discovering-facebook-oauth-misconfigurations-a-journey-into-pre-account-takeover-92a38254cbec?source=rss------bug_bounty-5 | cybershree | bug-bounty, bug-bounty-tips, writing, cybersecurity, bugcrowd | 30-Sep-2024 |
Android Application Penetration Testing Part 1 | Introduction | https://dkcyberz.medium.com/android-application-penetration-testing-part-1-introduction-738351fe8806?source=rss------bug_bounty-5 | Harpy Hunter | bug-bounty, pentesting, mobile-pentesting, android-pentesting, bugbounty-writeup | 30-Sep-2024 |
How to use AI for Bug Bounty in 2024 | https://medium.com/@anandrishav2228/how-to-use-ai-for-bug-bounty-in-2024-39ef4d2a518a?source=rss------bug_bounty-5 | Rishav anand | ai, networking, security, cybersecurity, bug-bounty | 30-Sep-2024 |
SQL Injection vulnerability in CRMEB v.5.2.2 — $$$$ Bounty | https://osintteam.blog/sql-injection-vulnerability-in-crmeb-v-5-2-2-bounty-7bc056a19cce?source=rss------bug_bounty-5 | Ajay Naik | vulnerability, sql, rewards, bug-bounty, sql-injection | 30-Sep-2024 |
Easy P2 — Pre account takeover via Facebook OAuth misconfiguration | https://sudosuraj.medium.com/easy-p2-pre-account-takeover-via-facebook-oauth-misconfiguration-23c681ba8f07?source=rss------bug_bounty-5 | sudosuraj | cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup, penetration-testing | 30-Sep-2024 |
SQL Injection Vulnerability on Login Page Allows Unauthorized Database Dump | https://medium.com/@harshitha431/sql-injection-sqli-9675e21cc54a?source=rss------bug_bounty-5 | Harshitha | bug-bounty, vulnerability, hacking, penetration-testing, sql-injection | 30-Sep-2024 |
Prototype Pollution: How a JavaScript Quirk Can Lead to Complete Application Takeover | https://cyberw1ng.medium.com/prototype-pollution-how-a-javascript-quirk-can-lead-to-complete-application-takeover-9adb5e4f6b6b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, hacking, cybersecurity, technology | 30-Sep-2024 |
CVE-2024–23897 — Jenkins File Read Vulnerability — POC | https://medium.com/@verylazytech/cve-2024-23897-jenkins-file-read-vulnerability-poc-6a1dfdbfd6f2?source=rss------bug_bounty-5 | Very Lazy Tech | cve-2024-23897, jenkins, cybersecurity, bug-bounty, pentesting | 30-Sep-2024 |
XSS + OAuth Misconfigs = Token Theft and ATO | https://7odamoo.medium.com/xss-oauth-misconfigs-token-theft-and-ato-d0837c44cd31?source=rss------bug_bounty-5 | Mahmoud Hamed | penetration-testing, bug-bounty, cybersecurity | 30-Sep-2024 |
How to Use Medusa for Fast, Multi-Protocol Brute-Force Attacks | https://medium.com/@stealthsecurity/how-to-use-medusa-for-fast-multi-protocol-brute-force-attacks-0627997c5686?source=rss------bug_bounty-5 | Stealth Security | ethical-hacking, penetration-testing, cybersecurity, bug-bounty, hacking | 30-Sep-2024 |
Prototype Pollution: How a JavaScript Quirk Can Lead to Complete Application Takeover | https://infosecwriteups.com/prototype-pollution-how-a-javascript-quirk-can-lead-to-complete-application-takeover-9adb5e4f6b6b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, hacking, cybersecurity, technology | 30-Sep-2024 |
OWASP juice shop -How I get account takeover from XSS | https://medium.com/@abdo-eg/owasp-juice-shop-how-i-get-account-takeover-from-xss-ae3cfc978381?source=rss------bug_bounty-5 | Abdullah Ahmed | xss-attack, owasp, hashing, bug-bounty, ato | 29-Sep-2024 |
Hacking with Linux: Your Ultimate Guide to Cyber Security Mastery | https://medium.com/@RaunakGupta1922/hacking-with-linux-your-ultimate-guide-to-cyber-security-mastery-e8f8bb38510c?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | cybersecurity, linux, ethical-hacking, bug-bounty, hacking | 29-Sep-2024 |
OWASP juice-shop login as an admin using SQLi and OSINT | https://medium.com/@abdo-eg/owasp-juice-shop-login-as-an-admin-using-sqli-and-osint-90c4abc4322b?source=rss------bug_bounty-5 | Abdullah Ahmed | web-security, ethical-hacking, owasp, bug-bounty, penetration-testing | 29-Sep-2024 |
H7CTF — WEB CHALLENGES | https://medium.com/@josangeorge27/h7ctf-web-challenges-db1883775dfd?source=rss------bug_bounty-5 | Josan George | ctf, ctf-walkthrough, cybersecurity, bug-bounty, web-application-security | 29-Sep-2024 |
Essential Port Scanning Skills for Bug Bounty Hunters | https://bevijaygupta.medium.com/essential-port-scanning-skills-for-bug-bounty-hunters-f0e09f3612ce?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty, port-scanning, bug-zero, bugs, bug-bounty-tips | 29-Sep-2024 |
Bypassing Filters: SSRF Exploitation via DNS Rebinding with Just 1 in 30 Successful Requests | https://mokhansec.medium.com/bypassing-filters-ssrf-exploitation-via-dns-rebinding-with-just-1-in-30-successful-requests-2fdc3a9cfd7d?source=rss------bug_bounty-5 | Mohsin khan | bug-bounty-writeup, bug-bounty-tips, bug-bounty, ssrf, bugs | 29-Sep-2024 |
Privacy concern bug | https://osintteam.blog/privacy-concern-bug-72b30aead215?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty-tips, tips, bug-bounty, cybersecurity, hacking | 29-Sep-2024 |
How to Find Bugs and Vulnerabilities Using ChatGPT: Guaranteed Results | https://medium.com/@shaikhminhaz1975/how-to-find-bugs-and-vulnerabilities-using-chatgpt-guaranteed-results-3b630fae4691?source=rss------bug_bounty-5 | Shaikh Minhaz | bug-bounty, chatgpt, penetration-testing, cybersecurity, how-to | 29-Sep-2024 |
Find Vulnerabilities With This Single Nmap Command | https://medium.com/@josuofficial327/find-vulnerabilities-with-this-single-nmap-command-a4476c16c82c?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | ethical-hacking, cybersecurity, vulnerability, bug-bounty-tips, bug-bounty | 29-Sep-2024 |
Performing a Dependency Confusion Attack with Remote Code Execution (RCE): A Step-by-Step Guide | https://medium.com/@360Security/performing-a-dependency-confusion-attack-with-remote-code-execution-rce-a-step-by-step-guide-8d6055aa53e4?source=rss------bug_bounty-5 | Anand | vapt, cybersecurity, sdlc, rce, bug-bounty | 29-Sep-2024 |
Critical bug in MediaTek Chips:CVE-2024–20017 | https://medium.com/@dudleydaniel.raj2005/critical-bug-in-mediatek-chips-cve-2024-20017-6e955ad56923?source=rss------bug_bounty-5 | Hydra_101 | mediatek, chips, cybersecurity, bug-bounty, wifi | 29-Sep-2024 |
Mastering Advanced Google Dorks for Ethical Hacking and Vulnerability Discovery | https://osintteam.blog/mastering-advanced-google-dorks-for-ethical-hacking-and-vulnerability-discovery-6d9e3dde0433?source=rss------bug_bounty-5 | Ajay Naik | bug-bounty, cybersecurity, rewards, medium, google-dork | 29-Sep-2024 |
SMTP/s — Port 25,465,587 For pentesters | https://medium.com/@verylazytech/smtp-s-port-25-465-587-3e5706e081e9?source=rss------bug_bounty-5 | Very Lazy Tech | bug-bounty, cybersecurity, smtp, penetration-testing, hacking | 29-Sep-2024 |
how i found union based sql injection in hackerone public vdp program? | https://doordiefordream.medium.com/how-i-found-union-based-sql-injection-in-hackerone-public-vdp-program-7c76d61f6c77?source=rss------bug_bounty-5 | cybersecurity researcher | ethical-hacking, cyber-security-awareness, bug-bounty-writeup, bug-bounty, cybersecurity | 29-Sep-2024 |
KidRecon: The Ultimate Automated Subdomain Reconnaissance Tool for Ethical Hackers | https://angixblack.medium.com/kidrecon-the-ultimate-automated-subdomain-reconnaissance-tool-for-ethical-hackers-afb8ed8ea883?source=rss------bug_bounty-5 | Angix black | infosec, bug-bounty, recon, automation, bug-bounty-tips | 29-Sep-2024 |
Server-Side Request Forgery (SSRF): How Attackers Can Exploit Internal Networks | https://systemweakness.com/server-side-request-forgery-ssrf-how-attackers-can-exploit-internal-networks-417ed78ae69b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, careers, technology, cybersecurity | 29-Sep-2024 |
Best Bug Bounty and VA/PT Tools in 2024: Use Cases & Commands | https://medium.com/@anandrishav2228/best-bug-bounty-and-va-pt-tools-in-2024-use-cases-commands-42986d594190?source=rss------bug_bounty-5 | Rishav anand | cybersecurity, bug-bounty, company, pentesting, computer-science | 29-Sep-2024 |
Why is Bug Triage Important in Software Testing? | https://medium.com/@divyarajsinhdev/why-is-bug-triage-important-in-software-testing-678decfb727f?source=rss------bug_bounty-5 | Divyarajsinh Dodia | automation, qa, bug-bounty, testing | 29-Sep-2024 |
Understanding Bug Triage: A Crucial Process for Efficient Software Testing | https://medium.com/@divyarajsinhdev/understanding-bug-triage-a-crucial-process-for-efficient-software-testing-790b9b353177?source=rss------bug_bounty-5 | Divyarajsinh Dodia | test, qa, automation, bug-bounty, testing | 29-Sep-2024 |
DVWA : Cross Site Scripting (XSS) Vulnerability Solution (Low Security Level) | https://medium.com/@Kamal_S/dvwa-cross-site-scripting-xss-vulnerability-solution-low-security-level-452396997b5a?source=rss------bug_bounty-5 | Kamal S | security-testing, xs, bug-bounty, dvwa, owasp | 29-Sep-2024 |
Mac Spoofing | https://bob218.medium.com/mac-spoofing-ad0b180f3fad?source=rss------bug_bounty-5 | bob218 | cybersecurity, network-security, cyberattack, osint, bug-bounty | 29-Sep-2024 |
Life Sucks P-1 | https://medium.com/@janpreet9697/life-sucks-p-1-182d702bab02?source=rss------bug_bounty-5 | Janpreet | cybersecurity, life, engineering, bug-bounty, motivation | 29-Sep-2024 |
How Bug Bounty Programs can enable widespread fraud | https://medium.com/@hacktheplanet/how-bug-bounty-programs-can-enable-widespread-fraud-b027f36a49ef?source=rss------bug_bounty-5 | SirHaxAlot | bug-bounty, hacking, fraud, cybersecurity | 28-Sep-2024 |
Stories of a sporadic bug bounty hunter | https://jayaye15.medium.com/stories-of-a-sporadic-bug-bounty-hunter-a09cd32cf0a2?source=rss------bug_bounty-5 | jb00gie | cybersecurity, sql-injection, bug-bounty | 28-Sep-2024 |
My First Bounty Report Experience | https://medium.com/@sreedeepcs.gurukripa/my-first-bounty-report-experience-71095e5c34cd?source=rss------bug_bounty-5 | ambuhecker | bug-bounty, cybersecurity, bug-hunting, hacking | 28-Sep-2024 |
Account Takeover and DoS: Weaponizing Enumeration, IDOR, and Registration Flooding | https://medium.com/@tusharpuri6/account-takeover-and-dos-weaponizing-enumeration-idor-and-registration-flooding-4b88fce20f4b?source=rss------bug_bounty-5 | Tusharpuri | penetration-testing, bug-bounty, offensive-security, application-security, infosec | 28-Sep-2024 |
Exploiting a Logic Bug in Discounts Code Generation | https://medium.com/@sam_0x0/exploiting-a-logic-bug-in-discount-code-generation-a7f624bb396f?source=rss------bug_bounty-5 | Eslam Omar | bug-bounty, logic-bug, hackerone, bug-bounty-tips, bug-bounty-writeup | 28-Sep-2024 |
Exploring the Role of Port Scanning in Bug Bounty Hunting | https://bevijaygupta.medium.com/exploring-the-role-of-port-scanning-in-bug-bounty-hunting-a365e9006b6e?source=rss------bug_bounty-5 | Vijay Gupta | port-scanning, bug-bounty-hunter, scanning, bug-bounty, bugs | 28-Sep-2024 |
Essential Tools for Bug Bounty Hunters | https://medium.com/@jatniwalafizza786/essential-tools-for-bug-bounty-hunters-3c2788cf64ae?source=rss------bug_bounty-5 | Jatniwalafizza | cybersecurity, cybersecurity-course, bug-bounty-courses, bug-bounty | 28-Sep-2024 |
500$ Email Verification Token Leaks in Request | https://medium.com/@0xchoudhary/500-email-verification-token-leaks-in-request-4f0b5ff4b121?source=rss------bug_bounty-5 | Sushil Choudhary | hackerone, bug-bounty, hacking, bounty-program, bugbounty-writeup | 28-Sep-2024 |
Top 20 Must-Have Hacking Gadgets for Cybersecurity Professionals | https://medium.com/@ajaynaikhack/top-20-must-have-hacking-gadgets-for-cybersecurity-professionals-bec4dfe896cf?source=rss------bug_bounty-5 | Ajay Naik | cybersecurity, bug-bounty, gadgets, hacking, information-security | 28-Sep-2024 |
Security Misconfiguration: Identifying and Preventing This Common Vulnerability | https://medium.com/@mrutunjayasenapati0/security-misconfiguration-identifying-and-preventing-this-common-vulnerability-14ab1c4989ac?source=rss------bug_bounty-5 | Mrutunjaya Senapati | vulnerability, hacking, security-misconfiguration, bug-bounty, penetration-testing | 28-Sep-2024 |
Insecure Direct Object References (IDOR): Understanding and Preventing This Vulnerability | https://medium.com/@mrutunjayasenapati0/insecure-direct-object-references-idor-understanding-and-preventing-this-vulnerability-4c8e831f17b4?source=rss------bug_bounty-5 | Mrutunjaya Senapati | bug-bounty, idor, idor-vulnerability, vulnerability, hacking | 28-Sep-2024 |
Exploiting a Logic Bug in Discount Codes Generation | https://medium.com/@sam_0x0/exploiting-a-logic-bug-in-discount-code-generation-a7f624bb396f?source=rss------bug_bounty-5 | Eslam Omar | bug-bounty, logic-bug, hackerone, bug-bounty-tips, bug-bounty-writeup | 28-Sep-2024 |
Why Go is the Perfect Choice for CLIs | https://medium.com/@rezauditore/why-go-is-the-perfect-choice-for-clis-477281989ace?source=rss------bug_bounty-5 | rezauditore | peace, lgbtq, golang, bug-bounty, programming | 28-Sep-2024 |
Exposed private key leads to Google cloud service account takeover — Privilege Escalation | https://vettrivel007.medium.com/exposed-private-key-leads-to-google-cloud-service-account-takeover-privilege-escalation-6f031e20c819?source=rss------bug_bounty-5 | VETTRIVEL | bug-bounty-tips, bounty-program, pentesting, bug-bounty, cybersecurity | 28-Sep-2024 |
Broken Authentication: A Common Vulnerability Exposing User Accounts | https://cyberw1ng.medium.com/broken-authentication-a-common-vulnerability-exposing-user-accounts-2b48b6f9b644?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, careers, cybersecurity, technology | 28-Sep-2024 |
Nuclei ile Zafiyet Tespiti | https://medium.com/@alperenkeskk/nuclei-ile-zafiyet-tespiti-ec94aa180aab?source=rss------bug_bounty-5 | Alperen Keskin | cyber-security-awareness, bug-bounty-tips, security, tools, bug-bounty | 28-Sep-2024 |
HackTheBox Broken Authentication (Skills Assessment) | https://medium.com/@N0UR0X01/hackthebox-broken-authentication-skills-assessment-c43feaab1a52?source=rss------bug_bounty-5 | N0UR0x01 | htb-writeup, htb-academy, bug-bounty, htb-academy-writeup, broken-authentication | 28-Sep-2024 |
How to google dork effectively for private and other bug bounty programs | https://medium.com/@malikirtizameg/how-to-google-dork-effectively-for-private-and-other-bug-bounty-program-d54f9e7b4d57?source=rss------bug_bounty-5 | bug bounty | penetration-testing, python, bug-bounty, cybersecurity, hacking | 28-Sep-2024 |
Full Account Takeover via Facebook OAuth Misconfiguration | https://medium.com/@0x_xnum/full-account-takeover-via-facebook-oauth-misconfiguration-9e30fe1c1da1?source=rss------bug_bounty-5 | Ahmed Tarek | bug-bounty, oauth, bugbounty-writeup, bugcrowd, account-takeover | 28-Sep-2024 |
SQL injection attack, querying the database type and version on MySQL and Microsoft | https://medium.com/@codingbolt.in/sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft-162715c6cd0e?source=rss------bug_bounty-5 | codingbolt | sql-injection-attack, sql-injection, bug-bounty-writeup, bug-bounty, bug-bounty-tips | 28-Sep-2024 |
SQL injection attack, querying the database type and version on Oracle | https://medium.com/@codingbolt.in/sql-injection-attack-querying-the-database-type-and-version-on-oracle-f78a035c654d?source=rss------bug_bounty-5 | codingbolt | bug-bounty-tips, sql-injection, bug-bounty-writeup, bug-bounty, sql-injection-attack | 28-Sep-2024 |
ORM HQL Injection | https://medium.com/@oscuridad1010/orm-hql-injection-e072207e8942?source=rss------bug_bounty-5 | Gamiel Manbiotan | infosec, hackerone, bugcrowd, developer, bug-bounty | 28-Sep-2024 |
How to use built with for bugbounty | https://osintteam.blog/how-to-use-built-with-for-bugbounty-9f58ba501f5a?source=rss------bug_bounty-5 | loyalonlytoday | hacking, bug-bounty-tips, cybersecurity, bug-bounty, recon | 28-Sep-2024 |
P4 bug’s and their POC steps | Part 5 | https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-5-242eddd02fd0?source=rss------bug_bounty-5 | socalledhacker | infosec, hacking, bug-bounty, web-security, bug-bounty-tips | 28-Sep-2024 |
Level Up your Bug Bounty Game — to P1s and P2s Series : PART 1 | https://medium.com/@nireshpandian19/level-up-your-bug-bounty-game-to-p1s-and-p2s-series-part-1-edaa702c8499?source=rss------bug_bounty-5 | JAI NIRESH J | bug-bounty-writeup, bug-bounty, cybersecurity, ethical-hacking, bug-hunting | 27-Sep-2024 |
Web App Hacking Tips & Trick—Celah File Upload — Bagian 1 | https://medium.com/@mrp.bpp/web-app-hacking-tips-trick-celah-file-upload-bagian-1-1df16a844279?source=rss------bug_bounty-5 | Mada Perdhana | file-upload-vulnerability, hacking, bug-bounty-tips, bug-bounty, web-hacking | 27-Sep-2024 |
Sedikit Tips & Trick Saat Testing API — Bagian 2 | https://medium.com/@mrp.bpp/sedikit-tips-trick-saat-testing-api-bagian-2-a548a85bcea6?source=rss------bug_bounty-5 | Mada Perdhana | web-hacking, api-hacing, bug-bounty, bug-hunting, bug-bounty-tips | 27-Sep-2024 |
Sedikit Tips & Trick Saat Testing API — Bagian 1 | https://medium.com/@mrp.bpp/sedikit-tips-trick-saat-testing-api-bagian-1-3983017fec4d?source=rss------bug_bounty-5 | Mada Perdhana | hacking-apis, web-hacking, bug-bounty, bug-bounty-tips, bug-hunting | 27-Sep-2024 |
Deep Dive in Reconnaissance (Chapter 1 [part-2] — Root Domain Enumeration) | https://medium.com/@bitthr3at/deep-dive-in-reconnaissance-chapter-1-part-2-root-domain-enumeration-87765a50d125?source=rss------bug_bounty-5 | Naman Gupta (Bitthr3at) | appsec, recon, osint, attack-surface-discovery, bug-bounty | 27-Sep-2024 |
How to Become a Bug Bounty Hunter: A Complete Guide for Beginners | https://medium.com/@anandrishav2228/how-to-become-a-bug-bounty-hunter-a-complete-guide-for-beginners-316c27bb2c8c?source=rss------bug_bounty-5 | Rishav anand | bug-bounty, hackerspaces, hacking, website, cybersecurity | 27-Sep-2024 |
SQL injection vulnerability allowing login bypass | https://medium.com/@codingbolt.in/sql-injection-vulnerability-allowing-login-bypass-7f1de7d77a6a?source=rss------bug_bounty-5 | codingbolt | bug-bounty, sql-injection, bug-bounty-tips, bug-bounty-writeup, cybersecurity | 27-Sep-2024 |
SQL injection vulnerability in WHERE clause allowing retrieval of hidden data | https://medium.com/@codingbolt.in/sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-8ea2be5f13df?source=rss------bug_bounty-5 | codingbolt | bug-bounty-tips, bug-bounty-writeup, sql-injection, bugs, bug-bounty | 27-Sep-2024 |
NMAP Usage | https://medium.com/@mohanmecktro/nmap-usage-780a7f4ccdcc?source=rss------bug_bounty-5 | Mohan Mecktro | hacking-tools, nmap, bug-bounty, penetration-testing, kali | 27-Sep-2024 |
Web App Hacking Tips & Trick — Celah File Upload — Bagian 2 | https://medium.com/@mrp.bpp/web-app-hacking-tips-trick-celah-file-upload-bagian-2-fdc536d3045e?source=rss------bug_bounty-5 | Mada Perdhana | file-upload-vulnerability, bug-bounty, web-hacking, bug-bounty-tips, hacking | 27-Sep-2024 |
Cross-Site Request Forgery (CSRF): Understanding the Threat and How to Mitigate It | https://medium.com/@mrutunjayasenapati0/cross-site-request-forgery-csrf-understanding-the-threat-and-how-to-mitigate-it-fb5db007f13b?source=rss------bug_bounty-5 | Mrutunjaya Senapati | hunting, hacking, vulnerability, csrf, bug-bounty | 27-Sep-2024 |
5 Key Factors to Help You Choose the Best Bug Bounty Program on HackerOne | https://medium.com/@blackarazi/5-key-factors-to-help-you-choose-the-best-bug-bounty-program-on-hackerone-b27bb2159d07?source=rss------bug_bounty-5 | Azhari Harahap | bug-bounty-tips, hackerone, bug-bounty-program, bug-bounty | 27-Sep-2024 |
I Spent a Month on a Private Program and Earned $$$$$ | https://mokhansec.medium.com/i-spent-a-month-on-a-private-program-and-earned-c57b4c3d7dba?source=rss------bug_bounty-5 | Mohsin khan | bug-bounty-tips, bugs, bug-bounty | 27-Sep-2024 |
What is Bug Bounty | https://medium.com/@iabhipathak/what-is-bug-bounty-fc9fe6a73e16?source=rss------bug_bounty-5 | Abhinav Pathak | information-security, hacking, bug-bounty, security, cybersecurity | 27-Sep-2024 |
Unlocking Success: My Journey to Bypassing 2FA and Winning My First Bounty $800 | https://medium.com/@mihad0x1/unlocking-success-my-journey-to-bypassing-2fa-and-winning-my-first-bounty-800-c6e7654feea4?source=rss------bug_bounty-5 | mihad0x1 | hacking, security-research, bugbounty-writeup, bug-bounty, hacker | 27-Sep-2024 |
High vs. Low Severity Bugs: A Complete Guide to Bug Classification in Software and Cybersecurity | https://medium.com/@shoaibjamal663/classification-of-bugs-high-vs-low-severity-bugs-62ce16630ddf?source=rss------bug_bounty-5 | Muhammad Shoaib Jamal | software-development, bugs, risk-management, cybersecurity, bug-bounty | 27-Sep-2024 |
NoSQL Injection Attacks | https://medium.com/@majix_de/nosql-injection-attacks-1397fd366c28?source=rss------bug_bounty-5 | Majix | hacking, bug-bounty, penetration-testing, nosql, bug-bounty-tips | 27-Sep-2024 |
️ Information Disclosure Vulnerability: Exposing API Keys and Tokens in a Private Program | https://medium.com/@kumawatabhijeet2002/%EF%B8%8F-information-disclosure-vulnerability-exposing-api-keys-and-tokens-in-a-private-program-e06c4d110552?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, information-disclosure, vulnerability, bug-bounty-tips, pii-data | 27-Sep-2024 |
From Enumeration to Takeover: Crack the Code of Subdomain Vulnerabilities! | https://enigma96.medium.com/from-enumeration-to-takeover-crack-the-code-of-subdomain-vulnerabilities-4fea92cd0374?source=rss------bug_bounty-5 | enigma | bug-bounty-tips, pentesting, bug-bounty, bugs, hacking | 27-Sep-2024 |
How a Simple Exploit Can Lead to a $500 Bounty — Cache Deception | https://infosecwriteups.com/how-a-simple-exploit-can-lead-to-a-500-bounty-cache-deception-8da0583f6013?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, technology, bug-bounty, cybersecurity, careers | 27-Sep-2024 |
How I Found an Authentication Flaw in a Chat Feature | https://medium.com/@krishnast545/my-first-high-severity-bug-how-i-found-an-authentication-flaw-in-a-chat-feature-58fb0f939a4a?source=rss------bug_bounty-5 | Krishna | bugs, bug-bounty | 27-Sep-2024 |
Privilege Escalation on Amazon Linux (SageMaker) | https://medium.com/@rickconsole/privilege-escalation-on-amazon-linux-sagemaker-cf115042ea5f?source=rss------bug_bounty-5 | Rick Console | bug-bounty, cloud-computing, cybersecurity, aws, penetration-testing | 27-Sep-2024 |
Web App Hacking Tips & Trick — Celah File Upload — Bagian 3 | https://medium.com/@mrp.bpp/web-app-hacking-tips-trick-celah-file-upload-bagian-3-8ec192d1633b?source=rss------bug_bounty-5 | Mada Perdhana | hacking, bug-hunting, bug-bounty-tips, bug-bounty, file-upload-vulnerability | 27-Sep-2024 |
Web Cache Poisoning with Multiple Headers | https://medium.com/@rcxsecurity/web-cache-poisoning-with-multiple-headers-d4e27497288e?source=rss------bug_bounty-5 | Ryan G. Cox - The Cybersec Cafe | information-security, information-technology, penetration-testing, cybersecurity, bug-bounty | 27-Sep-2024 |
It’s not a bug. It really is a feature. | https://medium.com/@info_11548/its-not-a-bug-it-really-is-a-feature-b758f1454970?source=rss------bug_bounty-5 | Cloette Zager with FranGuardian Corporation | bug-bounty, features, featured, featured-stories, bugs | 27-Sep-2024 |
Vulnerability: Multiple Vulnerabilities in Linux CUPS (CVSS 9.9) | https://infosecwriteups.com/vulnerability-multiple-vulnerabilities-in-linux-cups-cvss-9-9-49dbdcd73cb0?source=rss------bug_bounty-5 | Ajay Naik | bug-bounty, vulnerability, rewards, information-security, cybersecurity | 27-Sep-2024 |
my first easy IDOR in a big company | https://medium.com/@malikirtizameg/my-first-easy-idor-in-a-big-company-104ee6c4a7ff?source=rss------bug_bounty-5 | bug bounty | bug-bounty-tips, cybersecurity, bug-bounty, hacking, ethical-hacking | 27-Sep-2024 |
Shodan Revealed: How to Discover Vulnerabilities Across the Web | https://medium.com/@RejuKole.com/shodan-revealed-how-to-discover-vulnerabilities-across-the-web-925a382bb9bd?source=rss------bug_bounty-5 | Reju Kole | bug-bounty, ethical-hacking, shodan, bug-bounty-tips, web | 27-Sep-2024 |
The Art of the Phantom Deposit: a study on vulnerabilities in crypto exchanges | https://medium.com/@silviosaturnowk/the-art-of-the-phantom-deposit-a-study-on-vulnerabilities-in-crypto-exchanges-3a356153bfe2?source=rss------bug_bounty-5 | Silvio Saturno | exploit, cybersecurity, bug-bounty, smart-contracts, solidity | 27-Sep-2024 |
How to install Subdominator & how to find subdomains using Subdominator !! | https://medium.com/@sherlock297/how-to-install-subdominator-how-to-find-subdomains-using-subdominator-fe9b48be2aea?source=rss------bug_bounty-5 | Ravindra Dagale | windows, tools, tutorial, bug-bounty, subdominator | 26-Sep-2024 |
10 Essential Blog Sites For Bug Bounty Hunters | https://medium.com/@RaunakGupta1922/10-essential-blog-sites-for-bug-bounty-hunters-8309cbbe3756?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | knowledge, learning, articles, hacking, bug-bounty | 26-Sep-2024 |
Deep Dive in Reconnaissance (Chapter 1 [part-1] — Root Domain Enumeration) | https://medium.com/@bitthr3at/deep-dive-in-reconnaissance-chapter-1-part-1-root-domain-enumeration-7ddfda1283fd?source=rss------bug_bounty-5 | Naman Gupta (Bitthr3at) | osint, appsec, recon, attack-surface-discovery, bug-bounty | 26-Sep-2024 |
Exploiting SMTP on Metasploitable 2: Unveiling the Power of Port 25 | https://medium.com/@thefellowhacker/exploiting-smtp-on-metasploitable-2-unveiling-the-power-of-port-25-4fab583855f8?source=rss------bug_bounty-5 | Taahir Mujawarr | hacker, hacking, cybersecurity, technology, bug-bounty | 26-Sep-2024 |
Cross-Site Scripting (XSS): Understanding and Mitigating a Common Web Vulnerability | https://medium.com/@mrutunjayasenapati0/cross-site-scripting-xss-understanding-and-mitigating-a-common-web-vulnerability-fe82824c24f5?source=rss------bug_bounty-5 | Mrutunjaya Senapati | hacking, hunting, xss-attack, vulnerability, bug-bounty | 26-Sep-2024 |
Story of Time Machines: Where Archived URLs and Juicy Information Handshake Each Other | https://medium.com/@security.tecno/story-of-time-machines-where-archived-urls-and-juicy-information-handshake-each-other-11efd831da46?source=rss------bug_bounty-5 | TECNO Security | security, bug-bounty, research, hacking | 26-Sep-2024 |
Vulnerable WordPress August 2024 (Museum of Ostad Bohtouni) | https://medium.com/@onhexgroup/vulnerable-wordpress-august-2024-museum-of-ostad-bohtouni-dad683a3ef15?source=rss------bug_bounty-5 | Onhexgroup | wordpress-security, wordpress, bug-bounty, info, cybersecurity | 26-Sep-2024 |
Top 7 Free Cybersecurity Tools Every Beginner Must Try Today! | https://medium.com/@paritoshblogs/top-7-free-cybersecurity-tools-every-beginner-must-try-today-44eea1aa91b8?source=rss------bug_bounty-5 | Paritosh | bug-bounty, hacking, projects, cybersecurity, free | 26-Sep-2024 |
Analyzing a Real HTTP Request Smuggling Attack. What Happened here? | https://medium.com/@rezauditore/analyzing-a-real-http-request-smuggling-attack-what-happened-here-19dbc6edf9a4?source=rss------bug_bounty-5 | rezauditore | pentesting, bug-bounty, ctf-writeup, lgbtq, tips | 26-Sep-2024 |
CVE-2024–45519 in Zimbra — Bounty 1000 USD | https://infosecwriteups.com/cve-2024-45519-in-zimbra-bounty-1000-usd-0304b2a813f3?source=rss------bug_bounty-5 | Ajay Naik | hacking, vulnerability, bug-bounty, rewards, cybersecurity | 26-Sep-2024 |
Mastering IDS: A Comprehensive Guide with Snort Implementation | https://medium.com/@hackeraakash2002/mastering-ids-a-comprehensive-guide-with-snort-implementation-4ccc8192a0cf?source=rss------bug_bounty-5 | HackwithAJ | network-security, bug-bounty, hacking, cyber-security-awareness, ids-ips | 26-Sep-2024 |
SSH Hacking: How to Exploit Port 22 Vulnerabilities for Penetration Testing | https://medium.com/@verylazytech/ssh-hacking-how-to-exploit-port-22-vulnerabilities-for-penetration-testing-601d257ee491?source=rss------bug_bounty-5 | Very Lazy Tech | cybersecurity, hacking, penetration-testing, bug-bounty, exploit | 26-Sep-2024 |
Bug bounty – Recon Tips for subdomain enumeration | https://medium.com/@tharunteja725_8686/bug-bounty-recon-tips-for-subdomain-enumeration-0b3d51ad1cc8?source=rss------bug_bounty-5 | Chidurala Tharun teja | bug-bounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity, oscp | 26-Sep-2024 |
Akamai WAF Bypass Lead To Discover 30 XSS bugs | https://medium.com/@nagashygaballah/akamai-waf-bypass-lead-to-discover-30-xss-bugs-bea0f8be1dd4?source=rss------bug_bounty-5 | 111xNagashy | tips-and-tricks, cybersecurity, xss-attack, penetration-testing, bug-bounty | 26-Sep-2024 |
SUBDOMAIN ENUMERATION — BUGBOUNTY | https://medium.com/@tharunteja725_8686/subdomain-enumeration-bugbounty-2831b70ee735?source=rss------bug_bounty-5 | Chidurala Tharun teja | penetration-testing, bug-bounty, cybersecurity, oscp, bug-bounty-tips | 26-Sep-2024 |
Reflected XSS with event handlers and href attributes blocked | https://medium.com/@codingbolt.in/reflected-xss-with-event-handlers-and-href-attributes-blocked-b333eb18942e?source=rss------bug_bounty-5 | codingbolt | xss-attack, xss-vulnerability, cyberattack, cybersecurity, bug-bounty | 26-Sep-2024 |
Reflected XSS with AngularJS sandbox escape and CSP | https://medium.com/@codingbolt.in/reflected-xss-with-angularjs-sandbox-escape-and-csp-e68867138b6f?source=rss------bug_bounty-5 | codingbolt | xss-attack, cybersecurity, bug-bounty, cybercrime, bug-bounty-tips | 26-Sep-2024 |
Reflected XSS with AngularJS sandbox escape without strings | https://medium.com/@codingbolt.in/reflected-xss-with-angularjs-sandbox-escape-without-strings-e434c669ac56?source=rss------bug_bounty-5 | codingbolt | bug-bounty, xss-attack, cyberattack, cybersecurity, bug-bounty-tips | 26-Sep-2024 |
Exploiting XSS to perform CSRF | https://medium.com/@codingbolt.in/exploiting-xss-to-perform-csrf-1aac291690bd?source=rss------bug_bounty-5 | codingbolt | xss-attack, bug-bounty-writeup, bug-bounty-tips, bug-bounty, cybersecurity | 26-Sep-2024 |
How To Configure Metasploitable Machine To Hack? | Primary Hacking School #3 | https://medium.com/@nnface/how-to-configure-metasploitable-machine-to-hack-primary-hacking-school-3-083cd63c47cf?source=rss------bug_bounty-5 | NnFace | hacking-tools, hacking, bug-bounty, cybersecurity, kali-linux | 26-Sep-2024 |
White Hat vs Black Hat Hackers: What’s the Real Difference & Which One Are You? | https://codingrasi.medium.com/white-hat-vs-black-hat-hackers-whats-the-real-difference-which-one-are-you-f2c7327d77a7?source=rss------bug_bounty-5 | CodingRasi | youtube-creators, hacking, bug-bounty, ethical-hacking, hacker | 26-Sep-2024 |
Reflected XSS protected by CSP, with CSP bypass | https://medium.com/@codingbolt.in/reflected-xss-protected-by-csp-with-csp-bypass-58d46ec1fc71?source=rss------bug_bounty-5 | codingbolt | xss-attack, xss-vulnerability, bug-bounty, bug-bounty-tips, cybersecurity | 26-Sep-2024 |
Reflected XSS protected by very strict CSP, with dangling markup attack | https://medium.com/@codingbolt.in/reflected-xss-protected-by-very-strict-csp-with-dangling-markup-attack-029d16b86163?source=rss------bug_bounty-5 | codingbolt | xss-vulnerability, xss-attack, bug-bounty-tips, bug-bounty, cybersecurity | 26-Sep-2024 |
SSRF Simplified (OWASP 2021-A10) | https://medium.com/@kannnannmk/ssrf-simplified-owasp-2021-a10-62586a3468f4?source=rss------bug_bounty-5 | Neelamegha Kannan S | penetration-testing, vulnerability, cybersecurity, bug-bounty, information-security | 26-Sep-2024 |
Reflected XSS in a JavaScript URL with some characters blocked | https://medium.com/@codingbolt.in/reflected-xss-in-a-javascript-url-with-some-characters-blocked-7decfa413c79?source=rss------bug_bounty-5 | codingbolt | bug-bounty-tips, cybersecurity, bugs, xss-attack, bug-bounty | 26-Sep-2024 |
Finding subdomains using security trails api key | https://osintteam.blog/finding-subdomains-using-security-trails-api-key-8b45d5a4629e?source=rss------bug_bounty-5 | loyalonlytoday | penetration-testing, hacking, bug-bounty-tips, cybersecurity, bug-bounty | 26-Sep-2024 |
IDORS — leaking 1.5 crore user details | https://medium.com/@nireshpandian19/idors-leaking-1-5-crore-user-details-5bbc3b9368e2?source=rss------bug_bounty-5 | JAI NIRESH J | bug-bounty, idor-vulnerability, ethical-hacking, idor, cybersecurity | 25-Sep-2024 |
Exploring the Role of Port Scanning in Bug Bounty Hunting | https://bevijaygupta.medium.com/exploring-the-role-of-port-scanning-in-bug-bounty-hunting-169a1d723bb0?source=rss------bug_bounty-5 | Vijay Gupta | port-scanning, bug-bounty, bugs, bug-bounty-writeup, bug-bounty-tips | 25-Sep-2024 |
My First Easy IDOR: A Simple Guide to Understanding Insecure Direct Object References | https://medium.com/@Alireza.salmani/my-first-easy-idor-a-simple-guide-to-understanding-insecure-direct-object-references-8b48aa1da8ea?source=rss------bug_bounty-5 | Alireza Salmani | bug-bounty, access-control, ethical-hacking, web-application-security, cybersecurity | 25-Sep-2024 |
Golang edge case: when “defer” will never work out in your code | https://waclawthedev.medium.com/golang-edge-case-when-defer-will-never-work-out-in-your-code-f783518679e9?source=rss------bug_bounty-5 | Wacław The Developer | golang, bug-bounty, defer, go, backend | 25-Sep-2024 |
Finding a p4 as per bugcrowd vrt | https://medium.com/@loyalonlytoday/finding-a-p4-as-per-bugcrowd-vrt-9f08278a75ae?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, penetration-testing, web-hacking, bugbounty-writeup, bugs | 25-Sep-2024 |
How I Discovered DOM XSS by Analyzing Javascript Code | https://medium.com/@fajarsylvana/how-i-discovered-dom-xss-by-analyzing-javascript-code-6fa57c680a0e?source=rss------bug_bounty-5 | Fajar Sylvana | pentesting, bug-bounty-tips, hacking, penetration-testing, bug-bounty | 25-Sep-2024 |
FTP Hacking: How to Exploit Port 21 Vulnerabilities for Penetration Testing | https://medium.com/@verylazytech/ftp-hacking-how-to-exploit-port-21-vulnerabilities-for-penetration-testing-bbd65e2238da?source=rss------bug_bounty-5 | Very Lazy Tech | network-security, ethical-hacking, bug-bounty, cybersecurity, penetration-testing | 25-Sep-2024 |
Cracking the Code: How I Took Over Admin Accounts Across Organizations | https://medium.com/@ismailsaid1603/cracking-the-code-how-i-took-over-admin-accounts-across-organizations-5d135ba152b4?source=rss------bug_bounty-5 | Esmail Saied (0xSp1DeR) | tips-and-tricks, hackerone, bugcrowd, bugbounty-writeup, bug-bounty | 25-Sep-2024 |
How I proved impact with Google Map API Key | https://r0b0ts.medium.com/how-i-proved-impact-with-google-map-api-key-7aa801616abb?source=rss------bug_bounty-5 | r0b0ts | bug-bounty-writeup, bug-bounty-tips, bugbounty-writeup, bug-bounty, bug-bounty-hunter | 25-Sep-2024 |
website leaking otp in inspect elemet | https://osintteam.blog/website-leaking-otp-in-inspect-elemet-8da71ae4004d?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, hacking, bugbounty-writeup, bug-bounty-tips, penetration-testing | 25-Sep-2024 |
Reflected XSS into a JavaScript string with single quote and backslash escaped | https://medium.com/@codingbolt.in/reflected-xss-into-a-javascript-string-with-single-quote-and-backslash-escaped-621b6a187f04?source=rss------bug_bounty-5 | codingbolt | bugs, bug-bounty-tips, xss-attack, bug-bounty, xss-vulnerability | 25-Sep-2024 |
Reflected XSS in canonical link tag | https://medium.com/@codingbolt.in/reflected-xss-in-canonical-link-tag-c4902808a6e7?source=rss------bug_bounty-5 | codingbolt | xss-attack, bug-hunting, bug-bounty, bug-bounty-tips, bugs | 25-Sep-2024 |
Kerentanan Kritis : Bypass Autentikasi (CVE-2024–7593) pada Ivanti vTM: Penjelasan dan Tindakan… | https://medium.com/@mrp.bpp/kerentanan-bypass-autentikasi-kritis-cve-2024-7593-pada-ivanti-vtm-penjelasan-dan-tindakan-77d159f53199?source=rss------bug_bounty-5 | Mada Perdhana | bug-bounty, hacking, ivanti-service-manager, exploit, 0-day-attacks | 25-Sep-2024 |
Eksfiltrasi Data Menggunakan Komunikasi DNS (Out-of-Band) | https://medium.com/@mrp.bpp/eksfiltrasi-data-menggunakan-komunikas-idns-out-of-band-7932a1ab335f?source=rss------bug_bounty-5 | Mada Perdhana | oob, bug-bounty, bug-bounty-tips, hacking | 25-Sep-2024 |
Exploiting cross-site scripting to steal cookies | https://medium.com/@codingbolt.in/exploiting-cross-site-scripting-to-steal-cookies-8f57e316e8d3?source=rss------bug_bounty-5 | codingbolt | bug-bounty-tips, xss-attack, xss-vulnerability, cookies, bug-bounty | 25-Sep-2024 |
Understanding Common Web Vulnerabilities: A Guide for Beginners | https://medium.com/@mrutunjayasenapati0/understanding-common-web-vulnerabilities-a-guide-for-beginners-398e8987cc4f?source=rss------bug_bounty-5 | Mrutunjaya Senapati | beginner, bug-bounty, vulnerability, beginners-guide, guides-and-tutorials | 25-Sep-2024 |
Reflected XSS into a template literal with angle brackets, single, double quotes, backslash and… | https://medium.com/@codingbolt.in/reflected-xss-into-a-template-literal-with-angle-brackets-single-double-quotes-backslash-and-5acbbd9f2631?source=rss------bug_bounty-5 | codingbolt | bug-bounty, bug-bounty-writeup, bug-bounty-tips, xss-attack | 25-Sep-2024 |
Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and single quotes… | https://medium.com/@codingbolt.in/stored-xss-into-onclick-event-with-angle-brackets-and-double-quotes-html-encoded-and-single-quotes-9af43308602b?source=rss------bug_bounty-5 | codingbolt | bug-bounty-tips, bug-bounty, xss-vulnerability, bugs, xss-attack | 25-Sep-2024 |
Reflected XSS into a JavaScript string with angle brackets and double quotes HTML-encoded and… | https://medium.com/@codingbolt.in/reflected-xss-into-a-javascript-string-with-angle-brackets-and-double-quotes-html-encoded-and-e1ad9b482189?source=rss------bug_bounty-5 | codingbolt | bug-bounty-tips, xss-attack, xss-vulnerability, bugs, bug-bounty | 25-Sep-2024 |
Skrip Otomatisasi XSS (Cross-Site Scripting) | https://medium.com/@mrp.bpp/skrip-otomatisasi-xss-cross-site-scripting-6b6064da0408?source=rss------bug_bounty-5 | Mada Perdhana | bug-bounty, xss-attack, tools, hacking, bug-bounty-tips | 25-Sep-2024 |
How to Create a Fun, Engaging, and Long-Lasting Bug Bounty Program for Your Community | https://medium.com/@GrowthKingdom/how-to-create-a-fun-engaging-and-long-lasting-bug-bounty-program-for-your-community-f67da7fb230a?source=rss------bug_bounty-5 | Growth Kingdom | dapps, blockchain, web3, crypto, bug-bounty | 25-Sep-2024 |
Understanding SQL Injection: A Deep Dive into One of the Most Common Web Vulnerabilities | https://medium.com/@mrutunjayasenapati0/understanding-sql-injection-a-deep-dive-into-one-of-the-most-common-web-vulnerabilities-2c5d031180c6?source=rss------bug_bounty-5 | Mrutunjaya Senapati | sql-injection, hacking, injection, bug-bounty, sql | 25-Sep-2024 |
How Bug Bounties Strengthen Defenses -InITScienceAI | https://medium.com/@initscienceaiandlooklivenews/how-bug-bounties-strengthen-defenses-initscienceai-c727d3b8a2d3?source=rss------bug_bounty-5 | InITScienceAi | bug-bounty-tips, bugs, bugbounting, bug-bounty, bug-bounty-hunter | 24-Sep-2024 |
Advanced Port Scanning Techniques for Bug Bounty Programs | https://bevijaygupta.medium.com/advanced-port-scanning-techniques-for-bug-bounty-programs-fd22a049ed37?source=rss------bug_bounty-5 | Vijay Gupta | bugs, bug-bounty, bug-bounty-tips, port-scanning, bug-zero | 24-Sep-2024 |
test:test not Part 2 | https://medium.com/@bxrowski0x/test-test-not-part-2-492fb030c8c2?source=rss------bug_bounty-5 | Omar ElSayed | bug-bounty, keycloak, bug-bounty-tips, bug-bounty-writeup, cybersecurity | 24-Sep-2024 |
Unlocking Web3 Success: Why Code4rena & Codehawk Are the Ultimate Bug Bounty Platforms for Newbies | https://medium.com/@firmanregar/unlocking-web3-success-why-code4rena-codehawk-are-the-ultimate-bug-bounty-platforms-for-newbies-c1c041117934?source=rss------bug_bounty-5 | Firman Siregar | bug-bounty, smart-contract-security | 24-Sep-2024 |
Mastering Subdomain Takeover | https://medium.com/@verylazytech/mastering-subdomain-takeover-48d9b9d593a9?source=rss------bug_bounty-5 | Very Lazy Tech | subdomain-takeover, cybersecurity, bug-bounty, subdomain, hacking | 24-Sep-2024 |
DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded | https://medium.com/@codingbolt.in/dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-51f3b873d180?source=rss------bug_bounty-5 | codingbolt | hacking, web-hacking, bug-bounty, xss-attack, xss-vulnerability | 24-Sep-2024 |
DOM XSS in document.write sink using source location.search inside a select element | https://medium.com/@codingbolt.in/dom-xss-in-document-write-sink-using-source-location-search-inside-a-select-element-80223838d4af?source=rss------bug_bounty-5 | codingbolt | xss-attack, xss-vulnerability, bug-bounty, hacking, bugs | 24-Sep-2024 |
What Are Bugs in Cybersecurity? Understanding the Basics | https://medium.com/@shoaibjamal663/what-are-bugs-in-cybersecurity-understanding-the-basics-84f2f9ef7304?source=rss------bug_bounty-5 | Muhammad Shoaib Jamal | bugs, cybersecurity, vulnerability, bug-bounty, bug-bounty-tips | 24-Sep-2024 |
Price Tampering | Buying course at ₹1! | https://medium.com/@anchalrajawat009/price-tampering-buying-course-at-1-09759112e9a4?source=rss------bug_bounty-5 | Aanchal Singh Rajawat | bug-bounty, business-logic-flaw, hacking | 24-Sep-2024 |
$1500-P1-Business logic/Failed Defense Vulnerability | https://itsravikiran25.medium.com/1500-p1-business-logic-failed-defense-vulnerability-0b1915aca994?source=rss------bug_bounty-5 | ravikiraN | infosec, cybersecurity, bug-bounty, hacking, bugbounty-tips | 24-Sep-2024 |
Panduan Bagi Pemula untuk Memasuki Dunia Bug Bounty | https://medium.com/@mrp.bpp/panduan-bagi-pemula-untuk-memasuki-dunia-bug-bounty-bba812d0f680?source=rss------bug_bounty-5 | Mada Perdhana | bug-bounty-writeup, bug-bounty, bug-bounty-tips, bug-bounty-hunter, panduan-pemula | 24-Sep-2024 |
Going Crazy with Farming VDPs: Extplorer Admin Panel Bypass & Remote Code Execution (RCE) | https://infosecwriteups.com/going-crazy-with-farming-vdps-extplorer-admin-panel-bypass-remote-code-execution-rce-ed6ae27bbce9?source=rss------bug_bounty-5 | YoungVanda | infosec, technology, cybersecurity, hacking, bug-bounty | 24-Sep-2024 |
Unlock the Hidden Doors of the Android World: Legendary Recon Tools for Bug Bounty! | https://medium.com/@rootspaghetti/unlock-the-hidden-doors-of-the-android-world-legendary-recon-tools-for-bug-bounty-9065e3aa6268?source=rss------bug_bounty-5 | Root@Spaghetti | bug-bounty, bug-bounty-tips | 24-Sep-2024 |
An IDOR leads to leak users details | https://medium.com/@mohameddiv77/an-idor-leads-to-leak-users-details-b54a2280e0f9?source=rss------bug_bounty-5 | Mohamed Ibrahim | bug-bounty-tips, bug-bounty | 24-Sep-2024 |
diffrent types of burpsuite extenstions for bughunting | https://medium.com/@loyalonlytoday/diffrent-types-of-burpsuite-extenstions-for-bughunting-d411b3d002e1?source=rss------bug_bounty-5 | loyalonlytoday | hacking, bugs, bug-bounty-tips, bug-bounty, burpsuite | 24-Sep-2024 |
Reflected XSS with some SVG markup allowed | https://medium.com/@codingbolt.in/reflected-xss-with-some-svg-markup-allowed-e7aafbf02378?source=rss------bug_bounty-5 | codingbolt | xss-attack, xss-vulnerability, ethical-hacking, bug-bounty, cybersecurity | 24-Sep-2024 |
Reflected XSS into HTML context with most tags and attributes blocked | https://medium.com/@codingbolt.in/reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-0bb80ac37064?source=rss------bug_bounty-5 | codingbolt | bug-bounty, xss-attack, bug-bounty-tips, xss-vulnerability, bug-bounty-writeup | 24-Sep-2024 |
$1500-P1-Business logic/Failed Defense Vulnerability | https://itsravikiran25.medium.com/1500-p1-business-logic-failed-defense-vulnerability-0b1915aca994?source=rss------bug_bounty-5 | r@v!k!r@n | cybersecurity, bug-bounty, hacking, infosec-write-ups, bugbounty-tips | 24-Sep-2024 |
Mendapatkan Akses SMTP Melalui Celah SQL Injection | https://rdnzx.medium.com/mendapatkan-akses-smtp-melalui-celah-sql-injection-f6d593fcad5e?source=rss------bug_bounty-5 | Radian ID | cybersecurity, bug-bounty, sql-injection, bug-bounty-writeup, bug-bounty-tips | 24-Sep-2024 |
You Won’t Find Any Vulnerabilities Without This Technique: Get Your First Bug Bounty | https://medium.com/@shaikhminhaz1975/you-wont-find-any-vulnerabilities-without-this-technique-get-your-first-bug-bounty-dee2af93e607?source=rss------bug_bounty-5 | Shaikh Minhaz | cybersecurity, red-team, penetration-testing, vulnerability, bug-bounty | 23-Sep-2024 |
Master the subdomain hunting Part 2 | https://infosecwriteups.com/master-the-subdomain-hunting-part-2-dea0ee035019?source=rss------bug_bounty-5 | ʏᴀꜱʜʜ | 2fa, subdomain, bug-bounty-tips, bugs, bug-bounty | 23-Sep-2024 |
Automate Bug Hunting With This Tool | https://medium.com/@josuofficial327/automate-bug-hunting-with-this-tool-68dfbbaaa0b1?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | cybersecurity, info-sec-writeups, ethical-hacking, bug-bounty, bug-bounty-hunter | 23-Sep-2024 |
From Developer to Hacker: Breaking into GraphQL | https://medium.com/@jonathanmondaut/from-developer-to-hacker-breaking-into-graphql-6083c80b4588?source=rss------bug_bounty-5 | Jonathan Mondaut | bug-bounty, graphql, hacker, hacking, technology | 23-Sep-2024 |
Unlocking Bug Bounties: The Power of Port Scanning | https://bevijaygupta.medium.com/unlocking-bug-bounties-the-power-of-port-scanning-ebca71c898a7?source=rss------bug_bounty-5 | Vijay Gupta | port-scanning, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs | 23-Sep-2024 |
Best Platforms to Learn for Becoming a Pentester or Bug Bounty Hunter | https://rendiero.medium.com/best-platforms-to-learn-for-becoming-a-pentester-or-bug-bounty-hunter-6c6aa8cbdd64?source=rss------bug_bounty-5 | Rendiero | bug-bounty, penetration-testing, hacker, learning, resources | 23-Sep-2024 |
RXSS with My Approach | https://medium.com/@nomad8061/rxss-with-my-approach-c9a989d3ba0b?source=rss------bug_bounty-5 | Ahmed Badry | bug-bounty-tips, bug-bounty-writeup, bug-zero, bugs, bug-bounty | 23-Sep-2024 |
From CORS Misconfiguration to Account Takeover | https://medium.com/@majix_de/from-cors-misconfiguration-to-account-takeover-1231f263a90e?source=rss------bug_bounty-5 | Majix | bug-bounty-tips, bug-bounty, hacking, penetration-testing, programming | 23-Sep-2024 |
Unauthenticated API Endpoint to Create Support Ticket Worth $500 | https://vijetareigns.medium.com/unauthenticated-api-endpoint-to-create-support-ticket-worth-500-789e91ad9a00?source=rss------bug_bounty-5 | the_unlucky_guy | bug-bounty, cybersecurity, bug-bounty-tips, bugbounty-writeup, bug-bounty-writeup | 23-Sep-2024 |
DOM XSS using Web Messages and a JavaScript URL | https://medium.com/@rcxsecurity/dom-xss-using-web-messages-and-a-javascript-url-dcced7fa4195?source=rss------bug_bounty-5 | Ryan G. Cox - The Cybersec Cafe | information-technology, information-security, cybersecurity, penetration-testing, bug-bounty | 23-Sep-2024 |
Uncovering a Stored XSS Vulnerability on Drugs.com | https://medium.com/@regan_temudo/uncovering-a-stored-xss-vulnerability-on-drugs-com-1748ccbecc16?source=rss------bug_bounty-5 | Regan Temudo | cross-site-scripting, bug-bounty, xx, cybersecurity, stored-xxs | 23-Sep-2024 |
How to Guide to SQL Injection Testing: Manual Testing Techniques and SQLMap Usage | https://medium.com/@mustafa_kamal/how-to-guide-to-sql-injection-testing-manual-testing-techniques-and-sqlmap-usage-5e45046b07bf?source=rss------bug_bounty-5 | Mustafa Khan | sql, hacking, bug-bounty, sql-injection, sqlmap | 23-Sep-2024 |
finding a easy p4 | https://medium.com/@loyalonlytoday/finding-a-easy-p4-08272e48f778?source=rss------bug_bounty-5 | loyalonlytoday | bugs, penetration-testing, bug-bounty, bugbounty-writeup, bug-bounty-tips | 23-Sep-2024 |
Bypassing restrictions using special characters | https://medium.com/@youssefmoner2022/bypassing-restrictions-using-special-characters-8f11af75d278?source=rss------bug_bounty-5 | Youssefmoner | bug-bounty, hacking, vulnerability | 23-Sep-2024 |
Turning a Closed Bug Report into $650: The Art of Demonstrating Impact! | https://hasanka-amarasinghe.medium.com/turning-a-closed-bug-report-into-650-the-art-of-demonstrating-impact-730a3df78df8?source=rss------bug_bounty-5 | Hasanka Amarasinghe | bugbounty-writeup, salesforce, bug-bounty, infosec, cybersecurity | 23-Sep-2024 |
Cross-Site-Scripting (XSS): Understanding and Mitigating Web Vulnerabilities | https://medium.com/@RejuKole.com/cross-site-scripting-xss-understanding-and-mitigating-web-vulnerabilities-b2b5a2c606fc?source=rss------bug_bounty-5 | Reju Kole | bug-bounty-tips, bug-bounty, web, xss-attack, xss-vulnerability | 23-Sep-2024 |
Reflected XSS into a JavaScript string with angle brackets HTML encoded | https://medium.com/@codingbolt.in/reflected-xss-into-a-javascript-string-with-angle-brackets-html-encoded-b9b60f4b2823?source=rss------bug_bounty-5 | codingbolt | xss-attack, bug-bounty, bugs, xss-vulnerability, bug-bounty-tips | 23-Sep-2024 |
Stored XSS into anchor href attribute with double quotes HTML-encoded | https://medium.com/@codingbolt.in/stored-xss-into-anchor-href-attribute-with-double-quotes-html-encoded-9f384d27aa95?source=rss------bug_bounty-5 | codingbolt | bug-bounty-tips, bugs, bug-bounty, xss-attack, xss-vulnerability | 23-Sep-2024 |
750$ in 5 Minutes - XXE to LFI | https://skramthu.medium.com/750-in-5-minutes-xxe-to-lfi-897bca9c304c?source=rss------bug_bounty-5 | Ram | hackerone, money, security, bug-bounty, infosec | 23-Sep-2024 |
How to Guide SQL Injection: Manual Testing Techniques and SQLMap Usage | https://medium.com/@mustafa_kamal/how-to-guide-to-sql-injection-testing-manual-testing-techniques-and-sqlmap-usage-5e45046b07bf?source=rss------bug_bounty-5 | Mustafa Khan | sql, hacking, bug-bounty, sql-injection, sqlmap | 23-Sep-2024 |
When a Session Token Isn’t Enough, A Full Account Takeover Story | https://medium.com/@ahmedramadan.ar16148/when-a-session-token-isnt-enough-a-full-account-takeover-story-cf99421bb1e3?source=rss------bug_bounty-5 | Ahmed Ramadan | oauth2, oauth, penetration-testing, authentication, bug-bounty | 23-Sep-2024 |
Hacking The butler — Jenkins hacking 101 | https://thexssrat.medium.com/hacking-the-butler-jenkins-hacking-101-e437ed557460?source=rss------bug_bounty-5 | Thexssrat | hacks, bug-bounty, hacking, jenkins | 23-Sep-2024 |
P4 bug’s and their POC steps | Part 4 | https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-4-fd81b91fd368?source=rss------bug_bounty-5 | socalledhacker | bugs, web-security, infosec, bug-bounty, cybersecurity | 23-Sep-2024 |
TECNO Security Response Center 3rd Anniversary | Safeguarding Product Security, Grateful for Our… | https://medium.com/@security.tecno/tecno-security-response-center-3rd-anniversary-safeguarding-product-security-grateful-for-our-550016adce10?source=rss------bug_bounty-5 | TECNO Security | birthday, security, hacking, bug-bounty | 22-Sep-2024 |
Practical Incident Response: A Step-by-Step Guide | https://medium.com/@paritoshblogs/practical-incident-response-a-step-by-step-guide-290dadca6e2d?source=rss------bug_bounty-5 | Paritosh | information-technology, incident-response, cybersecurity, bug-bounty, ai | 22-Sep-2024 |
5 unique Lesser-known methods to find vulnerabilities for bug bounty hunters | https://harish45.medium.com/5-unique-lesser-known-methods-to-find-vulnerabilities-for-bug-bounty-hunters-03799e73c153?source=rss------bug_bounty-5 | Harish | cybersecurity, bug-bounty, bug-bounty-tips, ethical-hacking, hackerrank | 22-Sep-2024 |
Port Scanning Tactics to Boost Your Bug Bounty Success | https://bevijaygupta.medium.com/port-scanning-tactics-to-boost-your-bug-bounty-success-5d46191fa92e?source=rss------bug_bounty-5 | Vijay Gupta | bugs, bug-bounty-tips, bug-bounty, tactics, port-scanning | 22-Sep-2024 |
How I Leveraged Open Redirect to Account Takeover | https://medium.com/@abdelrahman0x01/how-i-leveraged-open-redirect-to-account-takeover-b0ff213d23dc?source=rss------bug_bounty-5 | Abdelrahman0x01 | cyberattack, account-takeover, penetration-testing, cybersecurity, bug-bounty | 22-Sep-2024 |
Finding emails for this issue. Finding a easy bug to get a easy $$$ | https://medium.com/@loyalonlytoday/finding-emails-for-this-issue-finding-a-easy-bug-to-get-a-easy-5bc4cd00d112?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, penetration-testing, bugbounty-writeup, hacking, bug-bounty-tips | 22-Sep-2024 |
How i got 250 euro bounty | https://doordiefordream.medium.com/how-i-got-250-euro-bounty-9e523fdf807d?source=rss------bug_bounty-5 | cybersecurity researcher | bug-bounty, bugs, cybersecurity, ethical-hacking | 22-Sep-2024 |
How I Discovered an Account Takeover from a Reset Password Vulnerability | https://medium.com/@bountyget/how-i-discovered-an-account-takeover-from-a-reset-password-vulnerability-aa39fe0896b5?source=rss------bug_bounty-5 | Dhiren Kumar Pradhan | cybersecurity, infosec, bug-bounty-writeup, bug-bounty-tips, bug-bounty | 22-Sep-2024 |
From Simple File Import to Full Server Exposure: The Power of SSRF Exploitation | https://medium.com/@tusharpuri6/from-simple-file-import-to-full-server-exposure-the-power-of-ssrf-exploitation-64ee925e54dc?source=rss------bug_bounty-5 | Tusharpuri | infosec, bug-bounty, penetration-testing, offensive-security, application-security | 22-Sep-2024 |
5 unique Lesser-known methods to find vulnerabilities for bug bounty hunters | https://osintteam.blog/5-unique-lesser-known-methods-to-find-vulnerabilities-for-bug-bounty-hunters-03799e73c153?source=rss------bug_bounty-5 | Harish | cybersecurity, bug-bounty, bug-bounty-tips, ethical-hacking, hackerrank | 22-Sep-2024 |
How I was decrypting the traffic and getting from low privilege user to full admin access | https://sadc0d3r.medium.com/how-i-was-decrypting-the-traffic-and-getting-from-low-privilege-user-to-full-admin-access-6a2f3b743ac5?source=rss------bug_bounty-5 | Ahmed Rabeaa Mosaa (SadC0d3r) | penetration-test, penetration-testing, cybersecurity, web-attack, bug-bounty | 22-Sep-2024 |
How I Hacked Into a Nationwide University Database System Exposing Thousands of Student Records | https://1-day.medium.com/how-i-hacked-into-a-nationwide-university-database-system-exposing-thousands-of-student-records-65dce4e4ee23?source=rss------bug_bounty-5 | 1day | bug-bounty-writeup, penetration-testing, writeup, hacking, bug-bounty | 22-Sep-2024 |
Join any project = Critical | https://medium.com/@etfchg18/join-any-project-critical-b3625d09876e?source=rss------bug_bounty-5 | iiiwaleed | bug-bounty, web-security, bug-bounty-tips | 22-Sep-2024 |
Top 3 subdomain takeovers | https://infosecwriteups.com/top-3-subdomain-takeovers-ea51ecd911fd?source=rss------bug_bounty-5 | Hicham Almakroudi | ethical-hacking, hackerone, subdomain-takeover, bug-report, bug-bounty | 22-Sep-2024 |
#1 Bug Hunting: Subdomain Enumeration — Explained | https://infosecwriteups.com/1-bug-hunting-subdomain-enumeration-explained-389e6fcb3f62?source=rss------bug_bounty-5 | Om Maniya | cybersecurity, enumeration, bug-bounty, programming, bug-bounty-tips | 21-Sep-2024 |
Understanding Insecure Deserialization | https://medium.com/@kannnannmk/understanding-insecure-deserialization-faea7bc5ff5e?source=rss------bug_bounty-5 | Neelamegha Kannan S | bug-bounty, insecure-deserialization, bug-bounty-tips, cybersecurity, penetration-testing | 21-Sep-2024 |
Mastering Port Scanning for Bug Bounty Hunters | https://bevijaygupta.medium.com/mastering-port-scanning-for-bug-bounty-hunters-226c8d007023?source=rss------bug_bounty-5 | Vijay Gupta | port-scanning, bug-bounty-tips, bug-bounty, bugs, port-scan | 21-Sep-2024 |
Email Injection | Unseen Threat | https://medium.com/@abolfazl.vaziri/email-injection-unseen-threat-6db7e32ab656?source=rss------bug_bounty-5 | Abolfazl Vaziri | email, email-attack, bug-bounty, hacking, email-injection | 21-Sep-2024 |
My First CVE: A Dream Realized | https://medium.com/@mAd13/my-first-cve-a-dream-realized-8bad3ede900a?source=rss------bug_bounty-5 | Makwana Abhik | hacking, cve, cybersecurity, cve-2024-8042, bug-bounty | 21-Sep-2024 |
DOM-based XSS: Exploiting `document.write` with `location.search` | https://medium.com/@codingbolt.in/dom-based-xss-exploiting-document-write-with-location-search-b5276b34b51b?source=rss------bug_bounty-5 | Coding Bolt | xss-attack, bug-bounty, xss-vulnerability, bug-hunting, bugs | 21-Sep-2024 |
Some Token Leak Can Lead to Disclose a Lot of Users’ Personal Data | https://r0b0ts.medium.com/some-token-leak-can-lead-to-disclose-a-lot-of-users-personal-data-6b5b7748ccec?source=rss------bug_bounty-5 | r0b0ts | bug-bounty-writeup, pentesting, bug-bounty, web-security, bug-bounty-tips | 21-Sep-2024 |
500$: Open Redirect Vulnerability | https://medium.com/@a13h1/500-open-redirect-vulnerability-9cc9fd4d9b7b?source=rss------bug_bounty-5 | Abhi Sharma | programming, cybersecurity, open-redirect, infosec, bug-bounty | 21-Sep-2024 |
My First CVE: A Dream Realized | https://medium.com/@mAd13/my-first-cve-a-dream-realized-8bad3ede900a?source=rss------bug_bounty-5 | Abhik Makwana | hacking, cve, cybersecurity, cve-2024-8042, bug-bounty | 21-Sep-2024 |
Simple IDOR vulnerability can lead to leak Email address of all users | https://r0b0ts.medium.com/simple-idor-vulnerability-can-lead-to-leak-email-address-of-all-users-055ada3ba3fc?source=rss------bug_bounty-5 | r0b0ts | bug-bounty, bug-bounty-tips, bug-bounty-writeup, web-security, pentesting | 21-Sep-2024 |
How Hackers Crack Active Directory Passwords and Exploit MFA : Are You Next? | https://medium.com/@paritoshblogs/how-hackers-crack-active-directory-passwords-and-exploit-mfa-are-you-next-11cfdd0feb20?source=rss------bug_bounty-5 | Paritosh | chatgpt, active-directory, hacking, bug-bounty, cybersecurity | 21-Sep-2024 |
Welcome to My Cybersecurity Journey | https://medium.com/@mrutunjayasenapati0/welcome-to-my-cybersecurity-journey-e795aebd096d?source=rss------bug_bounty-5 | Mrutunjaya Senapati | ethical-hacking, bugs, bug-bounty, bug-bounty-tips, cybersecurity | 21-Sep-2024 |
DOM-based XSS: Exploiting `document.write` with `location.search` | https://medium.com/@codingbolt.in/dom-based-xss-exploiting-document-write-with-location-search-b5276b34b51b?source=rss------bug_bounty-5 | codingbolt | xss-attack, bug-bounty, xss-vulnerability, bug-hunting, bugs | 21-Sep-2024 |
Reflected XSS into Attribute with HTML-Encoded | https://medium.com/@codingbolt.in/reflected-xss-into-attribute-with-html-encoded-ffe97e2c1439?source=rss------bug_bounty-5 | codingbolt | bugs, xss-vulnerability, xss-attack, bug-bounty, cybersecurity | 21-Sep-2024 |
Taking ffuf Fuzzing Further | https://medium.com/@learntheshell/taking-ffuf-fuzzing-further-016be44d0b07?source=rss------bug_bounty-5 | LearnTheShell | bug-bounty, hacking, ffuf, bug-bounty-tips, fuzzing | 21-Sep-2024 |
Finding a easy Bug | https://medium.com/@loyalonlytoday/finding-a-easy-bug-caed2e199b1d?source=rss------bug_bounty-5 | loyalonlytoday | penetration-testing, hacking, bug-bounty, bug-bounty-tips, bugbounty-writeup | 21-Sep-2024 |
DOM XSS in jQuery: The Danger of `href` Attribute with `location.search` Source | https://medium.com/@codingbolt.in/dom-xss-in-jquery-the-danger-of-href-attribute-with-location-search-source-b2d883cbec59?source=rss------bug_bounty-5 | codingbolt | bug-hunting, bug-bounty, xss-attack, bug-bounty-tips, bugs | 21-Sep-2024 |
DOM-based XSS: The Case of `innerHTML` and `location.search` | https://medium.com/@codingbolt.in/dom-based-xss-the-case-of-innerhtml-and-location-search-373c47866c56?source=rss------bug_bounty-5 | codingbolt | bug-bounty, bug-bounty-writeup, xss-vulnerability, xss-attack, bug-bounty-tips | 21-Sep-2024 |
Accessing full history of Firepad users. | https://medium.com/@adityaahuja.work/accessing-full-history-of-firepad-users-ddc889e73936?source=rss------bug_bounty-5 | Aditya Ahuja | owasp-top-10, cybersecurity, bug-bounty, information-disclosure, cyber-awareness | 21-Sep-2024 |
test:test type of bug | https://medium.com/@bxrowski0x/test-test-type-of-bug-cfb352d9bf85?source=rss------bug_bounty-5 | Omar ElSayed | bug-bounty, cybersecurity, keycloak, bug-bounty-writeup, bug-bounty-tips | 21-Sep-2024 |
XSS via Cookie Injection: A Deep Dive into the Discovery | https://medium.com/@ayushkr99732/xss-via-cookie-injection-a-deep-dive-into-the-discovery-9ef70e22eceb?source=rss------bug_bounty-5 | Ayushkr | pentesting, cross-site-scripting, bug-bounty, cookie-injection | 21-Sep-2024 |
Persistent XSS via Cookie Injection: A Deep Dive into the Discovery | https://medium.com/@ayushkr99732/xss-via-cookie-injection-a-deep-dive-into-the-discovery-9ef70e22eceb?source=rss------bug_bounty-5 | Ayushkr | pentesting, cross-site-scripting, bug-bounty, cookie-injection | 21-Sep-2024 |
Safety above all else! MoreLogin joins Bugrap Bug Bounty Platform | https://medium.com/@moreloginbrowser/safety-above-all-else-morelogin-joins-bugrap-bug-bounty-platform-b92a99d7e4d7?source=rss------bug_bounty-5 | MoreLogin Browser | security, bug-bounty, antidetect-browser, white-hat-hacker, cybersecurity | 20-Sep-2024 |
Common Job Roles in Cyber Security | https://medium.com/@RaunakGupta1922/common-job-roles-in-cyber-security-e792d367af67?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | cyber-security-awareness, bug-bounty, diversity, jobs, hacking | 20-Sep-2024 |
A Perfect Story Which help to Understand Bug Bounty | https://medium.com/@Butcher_hell/a-perfect-story-which-help-to-understand-bug-bounty-c0a699239629?source=rss------bug_bounty-5 | W H I Z H A W K | cybersecurity, storytelling, hacking, bug-bounty, technology | 20-Sep-2024 |
How to Learn and Participate in Bug Bounties | https://rendiero.medium.com/how-to-learn-and-participate-in-bug-bounties-1a2e71dd190b?source=rss------bug_bounty-5 | Rendiero | cybersecurity, beginners-guide, learning, bug-bounty, hacking | 20-Sep-2024 |
Bypassing Rate Limits: All Known Techniques | https://medium.com/@raxomara/bypassing-rate-limits-all-known-techniques-25891bb5ca59?source=rss------bug_bounty-5 | Raxomara | rate-limit-bypass, bug-bounty-tips, security-research, cybersecurity, bug-bounty | 20-Sep-2024 |
Finding a easy p4 | https://medium.com/@loyalonlytoday/finding-a-easy-p4-e32c47c8b54a?source=rss------bug_bounty-5 | loyalonlytoday | penetration-testing, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs | 20-Sep-2024 |
The Ultimate Guide to Forgot Password Test Cases | https://medium.com/@chinmaya_ramana/the-ultimate-guide-to-forgot-password-test-cases-059e483fdc40?source=rss------bug_bounty-5 | Chinmaya Ramana | security, hacking, bug-bounty, web-application-security, application-security | 20-Sep-2024 |
Clickjacking Vulnerability to trigger Reflacted XSS | https://medium.com/@g52238317/clickjacking-vulnerability-to-trigger-reflacted-xss-9029cc5fd676?source=rss------bug_bounty-5 | Abdelrhman Yasser | cybersecurity, clickjacking, xss-attack, bug-bounty | 20-Sep-2024 |
Bypassing Date Restrictions in an Educational Platform: A Logic Flaw Exploit | https://medium.com/@ahmed_ashraf/bypassing-date-restrictions-in-an-educational-platform-a-logic-flaw-exploit-fdd3d0e3a1cb?source=rss------bug_bounty-5 | Ahmedashraf | business-logic-flaw, privilege-escalation, cybersecurity, bug-bounty, penetration-testing | 20-Sep-2024 |
Bug Bounty Dark Reality: The Hidden Truth of Successful Bug Hunting | https://medium.com/@yashpawar1199/bug-bounty-dark-reality-the-hidden-truth-of-successful-bug-hunting-0b9ed547802d?source=rss------bug_bounty-5 | Yash Pawar @HackersParadise | bug-bounty-dark-reality, bug-bounty, howu-hnters-find-bugs, bounty-efforts-fail, successful-bug-hunting | 20-Sep-2024 |
Unlocking Restricted Features: A Vulnerability Analysis of Organization’s Role Management | https://0xmatrix.medium.com/unlocking-restricted-features-a-vulnerability-analysis-of-organizations-role-management-aa6a4f7bd0d3?source=rss------bug_bounty-5 | Mo2men Elmady | hacking, penetration-testing, bug-bounty-tips, bug-bounty, cybersecurity | 20-Sep-2024 |
Exploiting GraphQL API Suggestions | https://nir-choubey-2011.medium.com/exploiting-graphql-api-suggestions-7695e5b8c3ef?source=rss------bug_bounty-5 | niraj choubey | api-security, bug-bounty, security, graphql-security | 20-Sep-2024 |
Safety above all else! MoreLogin joins Bugrap Bug Bounty Platform | https://medium.com/@moreloginbrowser/safety-above-all-else-morelogin-joins-bugrap-bug-bounty-platform-cdc178fd6e7e?source=rss------bug_bounty-5 | MoreLogin Browser | bug-bounty, cybersecurity, morelogin, antidetect-browser, security | 19-Sep-2024 |
Best Bug Bounty and Pentesting Methodology for Beginners: A Step-by-Step Guide | https://bevijaygupta.medium.com/best-bug-bounty-and-pentesting-methodology-for-beginners-a-step-by-step-guide-a68170d3acc8?source=rss------bug_bounty-5 | Vijay Gupta | bugs, penetration-testing, bug-bounty, bug-bounty-tips, pentesting | 19-Sep-2024 |
How to get shodan membership upgrade for free | https://medium.com/@hichamalmakroudi/how-to-get-shodan-membership-upgrade-for-free-4f21122d2d73?source=rss------bug_bounty-5 | Hicham Almakroudi | shodan, hacking-tools, ethical-hacking, bug-bounty, free | 19-Sep-2024 |
Nikto A Powerful Web Server Scanner for Vulnerability Assessment | https://medium.com/@yashpawar1199/nikto-a-powerful-web-server-scanner-for-vulnerability-assessment-1bd257204f41?source=rss------bug_bounty-5 | Yash Pawar @HackersParadise | bug-bounty, hacking, penetration-testing, cybersecurity, nikto | 19-Sep-2024 |
How a 403 bypass got me a bounty | https://medium.com/@ehsameer/how-a-403-bypass-got-me-a-bounty-7b2d58c0fd88?source=rss------bug_bounty-5 | ehsameer | bug-bounty-tips, bugbounty-writeup, bug-bounty, hackerone | 19-Sep-2024 |
How Hackers Trick You Into Actions You Never Meant to Do ! | https://medium.com/@yassentaalab51/how-hackers-trick-you-into-actions-you-never-meant-to-do-c0993c8f1bbe?source=rss------bug_bounty-5 | Yassen Taalab | owasp, penetration-testing, bug-bounty, cybersecurity, clickjacking | 19-Sep-2024 |
How to install Bug Bounty Hunting Tools on Linux and Windows by using Golang(Go)[ProjectDiscovery] | https://medium.com/@abdulrahman.muhammad.qarni52/getting-started-with-projectdiscovery-tools-on-linux-and-windows-70e644f1198c?source=rss------bug_bounty-5 | OxLegacy52 | hacking, tools-for-hacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty | 19-Sep-2024 |
Finding a easy bug to get a easy $$$ | https://medium.com/@loyalonlytoday/finding-a-easy-bug-to-get-a-easy-f008b2b25f73?source=rss------bug_bounty-5 | loyalonlytoday | hacking, bug-bounty-tips, penetration-testing, bugbounty-writeup, bug-bounty | 19-Sep-2024 |
Primary Hacking School #2 After Installing Kali | https://medium.com/@nnface/primary-hacking-school-2-after-installing-kali-6a226c68e7de?source=rss------bug_bounty-5 | NnFace | kali-linux, linux, bug-bounty, cybersecurity, hacking | 19-Sep-2024 |
Understanding File Permissions and Ownership | https://cyberw1ng.medium.com/understanding-file-permissions-and-ownership-d73c07f373e2?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, technology, bug-bounty, careers, cybersecurity | 19-Sep-2024 |
How I hacked multiple Indian universities (AGAIN). | https://medium.com/@alimuhammadsecured/how-i-hacked-multiple-indian-universities-again-d1b9c2a0e01d?source=rss------bug_bounty-5 | Alimuhammadsecured | ctf, cybersecurity, hacking, bug-bounty, malware | 19-Sep-2024 |
How Hackers Trick You Into Actions You Never Meant to Do ! | https://medium.com/@yassentaalab51/how-hackers-trick-you-into-actions-you-never-meant-to-do-c0993c8f1bbe?source=rss------bug_bounty-5 | Killua | owasp, penetration-testing, bug-bounty, cybersecurity, clickjacking | 19-Sep-2024 |
Understanding File Permissions and Ownership | https://systemweakness.com/understanding-file-permissions-and-ownership-d73c07f373e2?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, technology, bug-bounty, careers, cybersecurity | 19-Sep-2024 |
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package | https://medium.com/@p0lyxena/2-500-bug-bounty-write-up-remote-code-execution-rce-via-unclaimed-node-package-6b9108d10643?source=rss------bug_bounty-5 | Fuleki Ioan | bugcrowd, bug-bounty, writeup, cybersecurity, remote-code-execution | 18-Sep-2024 |
Write up : Business Logic Flaw in Payment Discount Calculation Allows Excessive Discount… | https://medium.com/@jakboubmostefa/write-up-business-logic-flaw-in-payment-discount-calculation-allows-excessive-discount-19d567f5da18?source=rss------bug_bounty-5 | Mostefa Jakboub | vulnerability, bug-bounty, cybersecurity | 18-Sep-2024 |
10 Essential Browser Extensions for Bug Bounty Hunters | https://medium.com/@firdansp/10-essential-browser-extensions-for-bug-bounty-hunters-f17f8b001bcc?source=rss------bug_bounty-5 | 0verRida | bug-bounty-tips, writeup, bug-hunting, extension, bug-bounty | 18-Sep-2024 |
How to Perform a Cybersecurity Risk Assessment: The Simple Guide | https://medium.com/@paritoshblogs/how-to-perform-a-cybersecurity-risk-assessment-the-simple-guide-b37d1b986682?source=rss------bug_bounty-5 | Paritosh | bug-bounty, risk, hacking, chatgpt, cybersecurity | 18-Sep-2024 |
Leveling Up the Wrong Way: Exploiting API Vulnerabilities in Game Progression | https://aminudin.medium.com/leveling-up-the-wrong-way-exploiting-api-vulnerabilities-in-game-progression-19f883f48da8?source=rss------bug_bounty-5 | Aminudin | hacker, bug-bounty, bug-bounty-tips | 18-Sep-2024 |
Scanning ip’s got from virustotal | https://medium.com/@loyalonlytoday/scanning-ips-got-from-virustotal-7baa7398ba83?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty-tips, bug-bounty, penetration-testing, hacking, bug-bounty-writeup | 18-Sep-2024 |
Mastering Cybersecurity “A Guide to Effective Learning” | https://rendiero.medium.com/mastering-cybersecurity-a-guide-to-effective-learning-9e32bd8c5926?source=rss------bug_bounty-5 | Rendiero | cybersecurity, bug-bounty, penetration-testing, hacking, learning | 18-Sep-2024 |
Scanning ip’s got from virustotal to find a bug | https://medium.com/@loyalonlytoday/scanning-ips-got-from-virustotal-7baa7398ba83?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty-tips, bug-bounty, penetration-testing, hacking, bug-bounty-writeup | 18-Sep-2024 |
The Reality of Cybersecurity Jobs: Why Freshers Should Focus on Defense✨ Over Hacking | https://medium.com/@mohammedthoufeeq_25137/the-reality-of-cybersecurity-jobs-why-freshers-should-focus-on-defense-over-hacking-002cd641a453?source=rss------bug_bounty-5 | Mohamed Thoufeeq | cybersecurity, hacking, cyberattack, programming, bug-bounty | 18-Sep-2024 |
😞The Reality of Cybersecurity Jobs: Why Freshers Should Focus on Defense✨ Over Hacking 😎 | https://medium.com/@shari7a0x/protect-your-account-zero-click-account-takeover-for-admin-support-through-password-update-d155c7966b6e?source=rss------bug_bounty-5 | Shari7a0x | bug-bounty-tips, bug-bounty, ato, bugs | 18-Sep-2024 |
Real Bug Bounty & Penetration Testing on Live Websites: Step-by-Step Guide (Part 2) | https://medium.com/@shaikhminhaz1975/real-bug-bounty-penetration-testing-on-live-websites-step-by-step-guide-part-2-19ca30b17b93?source=rss------bug_bounty-5 | Shaikh Minhaz | ethical-hacking, bug-bounty, cybersecurity, penetration-testing, chatgpt | 18-Sep-2024 |
How Black Hat Hackers Hack into your Telegram Groups !!! | https://medium.com/@josuofficial327/how-black-hat-hackers-hack-into-your-telegram-groups-6970a93a20e1?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | penetration-testing, ethical-hacking, bug-bounty, hacking, cybersecurity | 18-Sep-2024 |
Missing Rate Limit Vulnerability: How to Test and Identify It | https://medium.com/@octayus/missing-rate-limit-vulnerability-how-to-test-and-identify-it-2f3937e903e6?source=rss------bug_bounty-5 | OctaYus | cybersecurity, infosec, hacking, bug-bounty, twitter | 18-Sep-2024 |
How I Utilized AI to Discover an Amazon S3 Bucket Takeover Vulnerability in Red Bull’s Bug Bounty… | https://medium.com/@mohamedsaqibc/how-i-utilized-ai-to-discover-an-amazon-s3-bucket-takeover-vulnerability-in-red-bulls-bug-bounty-503d3c4d995f?source=rss------bug_bounty-5 | Mohamed Saqib C | hacking, artificial-intelligence, cybersecurity, bug-bounty | 18-Sep-2024 |
Hunting APIs for Bounties: How to Hack and Win Big in Bug Bounties! | https://medium.com/@rootspaghetti/hunting-apis-for-bounties-how-to-hack-and-win-big-in-bug-bounties-942d0f4e0885?source=rss------bug_bounty-5 | Root@Spaghetti | hacking, bug-bounty, bug-bounty-tips | 18-Sep-2024 |
P4 bug’s and their POC steps | Part 3 | https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-3-298087630cac?source=rss------bug_bounty-5 | socalledhacker | web, web-security, p4-bugs, bug-bounty, vulnerability | 18-Sep-2024 |
Live Bug Bounty Walkthrough: How to Hunt & Report Bugs Effectively (Part 2) | https://medium.com/cyberscribers-exploring-cybersecurity/real-bug-bounty-penetration-testing-on-live-websites-step-by-step-guide-part-2-19ca30b17b93?source=rss------bug_bounty-5 | Shaikh Minhaz | ethical-hacking, bug-bounty, cybersecurity, penetration-testing, chatgpt | 18-Sep-2024 |
Using Application Functionality to Exploit Insecure Deserialization | https://medium.com/@rcxsecurity/using-application-functionality-to-exploit-insecure-deserialization-b4e7c6abdae1?source=rss------bug_bounty-5 | Ryan G. Cox - The Cybersec Cafe | information-security, penetration-testing, bug-bounty, information-technology, cybersecurity | 17-Sep-2024 |
First-Time Penetration Testing: How to Uncovered Critical Flaws at a Company (Interactive Guide) | https://medium.com/@paritoshblogs/first-time-penetration-testing-how-to-uncovered-critical-flaws-at-a-company-interactive-guide-4275f79c02ce?source=rss------bug_bounty-5 | Paritosh | hacking, bug-bounty, ai, penetration-testing, cybersecurity | 17-Sep-2024 |
From GitHub Recon to Hotstar Admin Access: A Deep Dive into Security Flaws | https://infosecwriteups.com/from-github-recon-to-hotstar-admin-access-a-deep-dive-into-security-flaws-2e4ae0ec937e?source=rss------bug_bounty-5 | Vishal Vishwakarma | hacking, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 17-Sep-2024 |
“ part 2 Beginner’s Bug Bounty Methodology: A Journey from Writeups to Real-World Application” | https://medium.com/@mahdisalhi0500/part-2-beginners-bug-bounty-methodology-a-journey-from-writeups-to-real-world-application-5d62f79e039f?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | cybersecurity, bug-bounty-tips, bug-bounty, ethical-hacking, infose | 17-Sep-2024 |
How To Find Clickjacking Easily… | https://medium.com/@josuofficial327/how-to-find-clickjacking-under-a-minute-751089be3f74?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | penetration-testing, bug-bounty, cybersecurity, info-sec-writeups, bug-bounty-tips | 17-Sep-2024 |
#5. Bug Bounty Series: $$$ by AWS S3 Bucket misconfigurations | https://cyb3rmind.medium.com/5-bug-bounty-series-by-aws-s3-bucket-misconfigurations-fb645057d03e?source=rss------bug_bounty-5 | Cyb3r M!nds | penetration-testing, takeovers, bug-bounty, subdomain-takeover, s3-bucket | 17-Sep-2024 |
How I got my first $$$ bounty? | https://medium.com/@yashsomalkar/how-i-got-my-first-bounty-098d75ae650d?source=rss------bug_bounty-5 | Rudrakshacker | bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips, idor-vulnerability | 17-Sep-2024 |
Platforms and vulnerable webapps for practing and learning webpentesting | https://medium.com/@loyalonlytoday/platforms-and-vulnerable-webapps-for-practing-and-learning-webpentesting-b76df42e3ec4?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, penetration-testing, hacking, bugbounty-writeup, web-penetration-testing | 17-Sep-2024 |
Direct Volume Access Attack | https://medium.com/@reemmoslem34/direct-volume-access-attack-dfbb2d73e406?source=rss------bug_bounty-5 | Rem Khalid | bug-bounty, cryptocurrency, malware, hacking, cybersecurity | 17-Sep-2024 |
Dll Side Loading Attack | https://medium.com/@reemmoslem34/dll-side-loading-attack-80ea716fd588?source=rss------bug_bounty-5 | Rem Khalid | python, malware, cybersecurity, hacking, bug-bounty | 17-Sep-2024 |
A bypass on GitLab’s Login Email Verification via OAuth ROPC flow. | https://cybxis.medium.com/a-bypass-on-gitlabs-login-email-verification-via-oauth-ropc-flow-e194242cad96?source=rss------bug_bounty-5 | cybxis | hackerone, gitlab, oauth2, bug-bounty | 17-Sep-2024 |
Type of Cyber Security | https://medium.com/@RaunakGupta1922/type-of-cyber-security-c43047a34fe7?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | hacking, bug-bounty, social-media, cybersecurity, basics | 16-Sep-2024 |
Menguasai Reconnaissance: Metode lengkap untuk mengumpulkan informasi | https://hack4funacademy.medium.com/menguasai-reconnaissance-metode-lengkap-untuk-mengumpulkan-informasi-acdeba7dc054?source=rss------bug_bounty-5 | Hack4Fun Academy | programming, bug-bounty, hacking, cybersecurity, networking | 16-Sep-2024 |
How to Set Up Proxychains in Kali Linux | https://medium.com/@vignesh6872610/how-to-set-up-proxychains-in-kali-linux-ddd44c3502af?source=rss------bug_bounty-5 | Vignesh P | bug-bounty, bug-bounty-writeup, proxychains, linux-tutorial, bug-bounty-tips | 16-Sep-2024 |
Three Months of Full-Time Bug Bounty Hunting as a Newbie in 2024 | https://medium.com/@nchaitreddyutilities/three-months-of-full-time-bug-bounty-hunting-as-a-newbie-in-2024-a941977b61f1?source=rss------bug_bounty-5 | Chaitanya Reddy | bug-bounty-tips, cybersecurity, bug-bounty, writeup | 16-Sep-2024 |
WhatsApp View Once Privacy Issue Initial Fix Assessment: The Good, the Bad and The Ugly | https://medium.com/@TalBeerySec/whatsapp-view-once-privacy-issue-initial-fix-assessment-the-good-the-bad-and-the-ugly-be97ec1cc2e5?source=rss------bug_bounty-5 | Tal Be'ery | security, web-development, bug-bounty, privacy, whatsapp | 16-Sep-2024 |
Guide to Finding and Exploiting Web Cache Poisoning | https://systemweakness.com/guide-to-finding-and-exploiting-web-cache-poisoning-f32d0962d28d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, careers, technology, bug-bounty | 16-Sep-2024 |
The Curious Case Of MutantBedrog’s Trusted-Types CSP Bypass | https://blog.confiant.com/the-curious-case-of-mutantbedrogs-trusted-types-csp-bypass-950b19a38b4f?source=rss------bug_bounty-5 | Eliya Stein | bug-bounty, malvertising, hacking, cybersecurity, threat-intelligence | 16-Sep-2024 |
How I Found Live Traffic Exposure on a Public Server: One of my interesting findings | https://medium.com/@josuofficial327/how-i-found-live-traffic-exposure-on-a-public-server-one-of-my-interesting-findings-0ecde16813a8?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | bug-bounty, cybersecurity, penetration-testing, bugbounty-writeup, bug-bounty-hunter | 16-Sep-2024 |
Using Full potential of Virustotal for Bugbounty | https://medium.com/@loyalonlytoday/using-full-potential-of-virustotal-for-bugbounty-8d80221ab2e4?source=rss------bug_bounty-5 | loyalonlytoday | bugbounty-tips, penetration-testing, hacking, bug-bounty, bugbounty-writeup | 16-Sep-2024 |
How i accidently found a server side template injection | https://medium.com/@malikirtizameg/how-i-accidently-found-a-server-side-template-injection-f5e7aec0b64d?source=rss------bug_bounty-5 | Insbat Arshad | cybersecurity, bug-bounty, programming, devops, python | 16-Sep-2024 |
CloudSek CTF 2024 Writeup | https://naumankh4n.medium.com/cloudsek-ctf-aug-2024-writeup-6b4409675f88?source=rss------bug_bounty-5 | Nauman Khan | hacking, bug-bounty, ctf, penetration-testing, ctf-writeup | 16-Sep-2024 |
Subdomain takeover amazon S3 | https://medium.com/@hichamalmakroudi/subdomain-takeover-amazon-s3-21de0af8a1d3?source=rss------bug_bounty-5 | Hicham Almakroudi | bug-bounty, aws, hacking, s3, subdomain-takeover | 16-Sep-2024 |
How To Get Easy critical 0 click account takeover on public bug bounty program at hackerone ! | https://medium.com/@kaforybory/how-to-get-easy-critical-0-click-account-takeover-on-public-bug-bounty-program-at-hackerone-8b1859cc7738?source=rss------bug_bounty-5 | Hassan Makki | infosec, bug-bounty-tips, cybersecurity, bug-bounty, bug-hunting | 16-Sep-2024 |
Structure your recon files before they structure you | https://medium.com/@paractmol/structure-your-recon-files-before-they-structure-you-ba3509a182f0?source=rss------bug_bounty-5 | paractmol | golang, recon, tools, bug-bounty, automation-tools | 16-Sep-2024 |
How to Kick Off Your Journey into Bug Hunting: A Beginner's Guide | https://medium.com/@justluke5691/how-to-kick-off-your-journey-into-bug-hunting-a-beginners-guide-eb5a551f4edb?source=rss------bug_bounty-5 | K. Niraj Chandra Singha | bug-bounty, technology, cybersecurity | 16-Sep-2024 |
very easy and helpfull for new hunters, how i accidently found a server side template injection | https://medium.com/@malikirtizameg/how-i-accidently-found-a-server-side-template-injection-f5e7aec0b64d?source=rss------bug_bounty-5 | Insbat Arshad | cybersecurity, bug-bounty, programming, devops, python | 16-Sep-2024 |
Structure your recon files before they become unstructured | https://medium.com/@paractmol/structure-your-recon-files-before-they-structure-you-ba3509a182f0?source=rss------bug_bounty-5 | paractmol | golang, recon, tools, bug-bounty, automation-tools | 16-Sep-2024 |
#3 HOW TO FIND OPEN REDIRECT EASILY ??? | https://medium.com/@josuofficial327/3-how-to-find-open-redirect-easily-fd8a7ea6e12b?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | threat-intelligence, bug-bounty, bug-bounty-tips, threat-hunting, cybersecurity | 15-Sep-2024 |
Subdomain Takeovers for Beginners | https://medium.com/@hichamalmakroudi/subdomain-takeovers-for-beginners-a51ed74db543?source=rss------bug_bounty-5 | Hicham Almakroudi | subdomain-takeover, bug-bounty, bug-bounty-tips, ethical-hacking, hacking | 15-Sep-2024 |
XSS — Cross Site Scripting | https://medium.com/@codingboltacademy/xss-cross-site-scripting-65e1981817df?source=rss------bug_bounty-5 | Coding Bolt Academy | xss-vulnerability, xss-attack, bug-bounty, cross-site-scripting, ethical-hacking | 15-Sep-2024 |
IDOR — Broken Access Control | https://medium.com/@codingboltacademy/idor-broken-access-control-efeb6698919f?source=rss------bug_bounty-5 | Coding Bolt Academy | ethical-hacking, penetration-testing, cybersecurity, bug-bounty, idor | 15-Sep-2024 |
How i got 100$ bounty | https://medium.com/@mukkumukku110/how-i-got-100-bounty-b3dd58e82e00?source=rss------bug_bounty-5 | bughunter | bug-bounty, bugs, bug-bounty-writeup, bug-bounty-tips | 15-Sep-2024 |
Hunting for Corporate Accounts: Exploiting IDOR and Parameter Pollution in Web Applications | https://medium.com/@tusharpuri6/hunting-for-corporate-accounts-exploiting-idor-and-parameter-pollution-in-web-applications-1792294e0c48?source=rss------bug_bounty-5 | Tusharpuri | bug-bounty, application-security, penetration-testing, offensive-security, infosec | 15-Sep-2024 |
Live Bug Bounty & Penetration Testing on Real Websites: Step-by-Step Guide (Part 1) | https://medium.com/@shaikhminhaz1975/live-bug-bounty-penetration-testing-on-real-websites-step-by-step-guide-part-1-971ccc9b9587?source=rss------bug_bounty-5 | Shaikh Minhaz | bug-bounty, bug-bounty-tips, penetration-testing, cybersecurity, information-gathering | 15-Sep-2024 |
SQL Injetion | https://medium.com/@adhikarisudip869/sql-injetion-f6f5f4291cbc?source=rss------bug_bounty-5 | Sudip Adhikari | sql, sql-injection, bug-bounty | 15-Sep-2024 |
How to Find IDOR Vulnerabilities: A Guide for Bug Bounty Hunters and Developers | https://cyberw1ng.medium.com/how-to-find-idor-vulnerabilities-a-guide-for-bug-bounty-hunters-and-developers-3d2ba2a766f5?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, cybersecurity, technology, careers | 15-Sep-2024 |
BugBounty platforms List | https://medium.com/@loyalonlytoday/bugbounty-platforms-list-ed3a5af3a8a2?source=rss------bug_bounty-5 | loyalonlytoday | bugbounty-writeup, bug-bounty-tips, hacking, bug-bounty, penetration-testing | 15-Sep-2024 |
Automating the CORS Vulnerability Scan | https://angixblack.medium.com/automating-the-cors-vulnerability-scan-66d57752cc36?source=rss------bug_bounty-5 | Angix black | cors, infosec, pentesting, bug-bounty, corsan | 15-Sep-2024 |
A very easy bug anyone can find | https://medium.com/@malikirtizameg/a-very-easy-bug-anyone-can-find-8d2b11a768c7?source=rss------bug_bounty-5 | Insbat Arshad | programming, cybersecurity, bug-bounty, software-engineering, devops | 15-Sep-2024 |
How to Find IDOR Vulnerabilities: A Guide for Bug Bounty Hunters and Developers | https://systemweakness.com/how-to-find-idor-vulnerabilities-a-guide-for-bug-bounty-hunters-and-developers-3d2ba2a766f5?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, cybersecurity, technology, careers | 15-Sep-2024 |
Mastering WordPress Pentesting: The Ultimate Resource Guide | https://medium.com/@RaunakGupta1922/mastering-wordpress-pentesting-the-ultimate-resource-guide-423bc1e1ddef?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | hacking, cybersecurity, wordpress, bug-bounty, wordpress-plugins | 14-Sep-2024 |
Telnet Takedown: The Port 23 Exploit on Metasploitable 2, Part III | https://medium.com/@thefellowhacker/telnet-takedown-the-port-23-exploit-on-metasploitable-2-part-iii-a10a6e15b468?source=rss------bug_bounty-5 | Taahir Mujawarr | cybersecurity, bug-bounty, metasploitable, hacking, penetration-testing | 14-Sep-2024 |
Open Redirect via Image Upload | https://medium.com/@osamamohamed21212121/open-redirect-via-image-upload-bf6f87f8d447?source=rss------bug_bounty-5 | Osamamohamed | bug-bounty-tips, bug-bounty, bugs, bug-zero, bug-bounty-writeup | 14-Sep-2024 |
SSRF Via Image Upload | https://medium.com/@osamamohamed21212121/ssrf-via-image-upload-f046e2d0e692?source=rss------bug_bounty-5 | Osamamohamed | bug-bounty, bug-zero, bug-bounty-writeup, bugs, bug-bounty-tips | 14-Sep-2024 |
Critical Data Breach Exposed: A Deep Dive into a Government Agency’s Security Flaw | https://medium.com/@contact.adnanks/critical-data-breach-exposed-a-deep-dive-into-a-government-agencys-security-flaw-3c4a9b431de6?source=rss------bug_bounty-5 | Adnan K S | bug-bounty-tips, security, cybersecurity, bug-bounty-writeup, bug-bounty | 14-Sep-2024 |
Unlocking Admin Privileges: How I Exploited an IDOR Vulnerability | https://medium.com/@cybsersec/unlocking-admin-privileges-how-i-exploited-an-idor-vulnerability-6829b595889a?source=rss------bug_bounty-5 | Cybsersec | cybersecurity, security-research, bug-bounty | 14-Sep-2024 |
Unlocking Admin Privileges: How I Exploited an IDOR Vulnerability | https://medium.com/@Krypton09/unlocking-admin-privileges-how-i-exploited-an-idor-vulnerability-6829b595889a?source=rss------bug_bounty-5 | Krypton | cybersecurity, security-research, bug-bounty | 14-Sep-2024 |
How I Discovered a Major Security Flaw in Keltron’s Server Using Google Dorking | https://medium.com/@contact.adnanks/how-i-discovered-a-major-security-flaw-in-keltrons-server-using-google-dorking-f8bb3c784803?source=rss------bug_bounty-5 | Adnan K S | cybersecurity, security, owncloud, bug-bounty-tips, bug-bounty | 14-Sep-2024 |
how to install kali linux on windows using wsl(windows subsystem linux) | https://medium.com/@loyalonlytoday/how-to-install-kali-linux-on-windows-using-wsl-windows-subsystem-linux-92019022ac57?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, penetration-testing, wsl-2, hacking, wsl | 14-Sep-2024 |
fisher: Cybertalents Cybersecurity Bootcamp Cohort 8 | https://medium.com/@bridget4/fisher-cybertalents-cybersecurity-bootcamp-cohort-8-cfb9aa6b7a6c?source=rss------bug_bounty-5 | Bridget | careers, bug-bounty, cybersecurity, learning, cyber-talents | 14-Sep-2024 |
What is Prototype Pollution? | https://systemweakness.com/what-is-prototype-pollution-4e2049f68fca?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, technology, careers, hacking, cybersecurity | 14-Sep-2024 |
How I Discovered a Major Security Flaw in Keltron’s Server Using Google Dorking | https://medium.com/@contact.adnanks/how-i-discovered-a-major-security-flaw-in-keltrons-server-using-google-dorking-e8a8c1dae09b?source=rss------bug_bounty-5 | Adnan K S | hacking, bug-bounty, cybersecurity, ethical-hacking, bug-bounty-tips | 14-Sep-2024 |
How I Gained Access to a Corporate CCTV Surveillance System Using Shodan | https://medium.com/@contact.adnanks/how-i-gained-access-to-a-corporate-cctv-surveillance-system-using-shodan-daac1fa3b37a?source=rss------bug_bounty-5 | Adnan K S | bug-bounty, surveillance, cctv, cybersecurity, hacking | 14-Sep-2024 |
How I Discovered a Critical Vulnerability and Took Over an Organization Using Burp Suite | https://medium.com/@contact.adnanks/how-i-discovered-a-critical-vulnerability-and-took-over-an-organization-using-burp-suite-fb2d52adc944?source=rss------bug_bounty-5 | Adnan K S | research, bug-bounty-tips, cybersecurity, bug-bounty, ethical-hacking | 14-Sep-2024 |
Critical Data Breach Exposed: A Deep Dive into a Government Agency’s Security Flaw (Part 2) | https://medium.com/@contact.adnanks/critical-data-breach-exposed-a-deep-dive-into-a-government-agencys-security-flaw-part-2-ba190920e945?source=rss------bug_bounty-5 | Adnan K S | bug-bounty, grafana, research-reports, cybersecurity, bug-bounty-tips | 14-Sep-2024 |
Let the Hunt Begin with Nuclei: The Secret Weapon of the Bug Bounty World! | https://medium.com/@rootspaghetti/let-the-hunt-begin-with-nuclei-the-secret-weapon-of-the-bug-bounty-world-9b2491d3a9cb?source=rss------bug_bounty-5 | Root@Spaghetti | bug-bounty-tips, hacking, bug-bounty | 14-Sep-2024 |
Mastering GraphQL API Pentesting: The Ultimate Resource Guide | https://medium.com/@RaunakGupta1922/mastering-graphql-api-pentesting-the-ultimate-resource-guide-7755c08bddd2?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | vulnerability, cybersecurity, graphql, bug-bounty, hacking | 13-Sep-2024 |
Deleting a folder led to the deactivation of the company’s accounts. | https://medium.com/@hossam_hamada/deleting-a-folder-led-to-the-deactivation-of-the-companys-accounts-3759b6b92927?source=rss------bug_bounty-5 | Hossam Hamada | bug-bounty-tips, hackerone, bug-bounty, penetration-testing, bugcrowd | 13-Sep-2024 |
#2 ANOTHER EASY BUG- HTML INJECTION | https://medium.com/@josuofficial327/2-another-easy-bug-html-injection-0447a79b6c66?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | bug-bounty-hunter, bug-bounty, linux, vulnerability, cybersecurity | 13-Sep-2024 |
How Unguessable IDOR Worth me €1000 On Intigriti | https://medium.com/@manan_sanghvi/how-unguessable-idor-worth-me-1000-on-intigriti-7ab6f928b3d9?source=rss------bug_bounty-5 | Manan Sanghvi | bounty-program, bug-bounty, intigriti, idor, hacking | 13-Sep-2024 |
Logic Flaw: I Can Block You from Accessing Your Own Account | https://medium.com/@hashimamin/logic-flaw-i-can-block-you-from-accessing-your-own-account-63fc2a88bb72?source=rss------bug_bounty-5 | Hashim Amin | bug-bounty-tips, bug-bounty, bugs, ethical-hacking, infosec | 13-Sep-2024 |
What is an Open Redirect Vulnerability? And How to Find It | https://systemweakness.com/what-is-an-open-redirect-vulnerability-and-how-to-find-it-7d94a3b9d0ef?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, technology, bug-bounty, hacking | 13-Sep-2024 |
Log4j Exploit Lab: Reverse Shell with JNDI Exploit Kit | https://medium.com/@josh.beck2006/log4j-exploit-lab-reverse-shell-with-jndi-exploit-kit-21f015204e29?source=rss------bug_bounty-5 | Josh Beck | bug-bounty, cybersecurity, ctf | 13-Sep-2024 |
How to find and exploit bugsnag API Key | https://medium.com/@socalledhacker/how-to-find-and-exploit-bugsnag-api-key-312e0f216735?source=rss------bug_bounty-5 | socalledhacker | cybersecurity, bug-bounty, web-security, bug-bounty-tips, infosec | 13-Sep-2024 |
How to Write an Effective Bug Bounty Report: Tips, Structure, and Examples | https://infosecwriteups.com/how-to-write-an-effective-bug-bounty-report-tips-structure-and-examples-3248d81dd759?source=rss------bug_bounty-5 | Abhi Sharma | bug-bounty, hacking, bug-bounty-tips, cybersecurity, infosec | 13-Sep-2024 |
Finding a easy p4 it can be worth 200$ | https://medium.com/@loyalonlytoday/finding-a-easy-p4-it-can-be-worth-200-10d6682f6923?source=rss------bug_bounty-5 | loyalonlytoday | penetration-testing, bug-bounty, bugbounty-writeup, website-hacking, hacking | 13-Sep-2024 |
Subdomain Enumeration Part 2 (Manual & Automation) | https://osintteam.blog/subdomain-enumeration-part-2-manual-automation-77a46d93e2ed?source=rss------bug_bounty-5 | Mr Abdullah | ethical-hacking, hacking, web-hacking, bug-bounty, bug-bounty-tips | 13-Sep-2024 |
Unleashing GitHub Dorks: The Ultimate Hack for Finding Hidden Secrets in Bug Bounties! | https://enigma96.medium.com/unleashing-github-dorks-the-ultimate-hack-for-finding-hidden-secrets-in-bug-bounties-125b83fd9c93?source=rss------bug_bounty-5 | enigma | github-dorking, penetration-testing, bug-bounty, hackin, bug-bounty-tips | 13-Sep-2024 |
Stored XSS via Image Upload | https://medium.com/@osamamohamed21212121/stored-xss-via-image-upload-b75edecf1e54?source=rss------bug_bounty-5 | Osamamohamed | bug-bounty-tips, bugs, bug-bounty, bug-zero, bug-bounty-writeup | 13-Sep-2024 |
IDOR in Bug Bounty Program | https://medium.com/@osamamohamed21212121/idor-in-bug-bounty-program-8fbbffe32f6e?source=rss------bug_bounty-5 | Osamamohamed | bug-bounty, bugs, bug-bounty-writeup, bug-zero, bug-bounty-tips | 13-Sep-2024 |
Mastering Dirsearch: Finding Hidden Web Directories | https://medium.com/@bootstrapsecurity/mastering-dirsearch-finding-hidden-web-directories-f57327c06fed?source=rss------bug_bounty-5 | BootstrapSecurity | ethical-hacking, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-hunter | 12-Sep-2024 |
Computer Security: How Bureaucracies Ignore Unexploded Ordinance | https://kf106.medium.com/computer-security-how-bureaucracies-ignore-unexploded-ordinance-319e8e931ad5?source=rss------bug_bounty-5 | Keir Finlow-Bates | bureaucracy, bug-bounty, security, cybersecurity, hacker | 12-Sep-2024 |
The Secrets to Writing Threat Intelligence Reports That Actually Stop Cyber Attacks! | https://medium.com/@paritoshblogs/the-secrets-to-writing-threat-intelligence-reports-that-actually-stop-cyber-attacks-330fd6fc37a5?source=rss------bug_bounty-5 | Paritosh | ai, hacking, threat-intelligence, bug-bounty, cybersecurity | 12-Sep-2024 |
Password Reset Flaws: Key Methods for Finding Vulnerabilities | https://medium.com/@dsmodi484/password-reset-flaws-key-methods-for-finding-vulnerabilities-eb843440e06c?source=rss------bug_bounty-5 | Dishant Modi | bug-bounty, vulnerability, bug-bounty-tips, account-takeover, testing | 12-Sep-2024 |
Leveraging GreyNoise for Enhanced Threat Detection and Intelligence | https://medium.com/@ajaynaikhack/leveraging-greynoise-for-enhanced-threat-detection-and-intelligence-437aac815d38?source=rss------bug_bounty-5 | Ajay Naik | rewards, vulnerability, cybersecurity, bug-bounty, threat-detection | 12-Sep-2024 |
Insecure Direct Object Reference (IDOR) | https://medium.com/@security.tecno/insecure-direct-object-reference-idor-ffecf6cbc211?source=rss------bug_bounty-5 | TECNO Security | bug-bounty, security, research, hacking | 12-Sep-2024 |
Mastering IDOR: The Ultimate Resource Guide | https://medium.com/@RaunakGupta1922/mastering-idor-the-ultimate-resource-guide-84e44052f70c?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | bug-bounty, hacking, cybersecurity, college, idor | 12-Sep-2024 |
[IDOR] View other users’ transaction details | https://rhidayah.medium.com/idor-view-other-users-transaction-details-73c0c80aada6?source=rss------bug_bounty-5 | Rohmad Hidayah | broken-access-control, idor, bug-bounty, idor-vulnerability, information-disclosure | 12-Sep-2024 |
Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS | https://mikko-kenttala.medium.com/zero-click-calendar-invite-critical-zero-click-vulnerability-chain-in-macos-a7a434fc887b?source=rss------bug_bounty-5 | Mikko Kenttälä | vulnerability, macos, information-security, bug-bounty | 12-Sep-2024 |
Hide & Seek - Hidden Open Redirect | Bug Hunting | https://mo9khu93r.medium.com/hide-seek-hidden-open-redirect-bug-hunting-88499f5e0e99?source=rss------bug_bounty-5 | mo9khu93r | hacking, pentesting, bug-bounty, cybersecurity, kali-linux | 12-Sep-2024 |
Hydra for bruteforcing | https://medium.com/@tharunteja725_8686/hydra-for-bruteforcing-3784a98bab6a?source=rss------bug_bounty-5 | Chidurala Tharun teja | hacking, oscp, bug-bounty, bug-bounty-tips, cybersecurity | 12-Sep-2024 |
How an Open Redirect Vulnerability Got a Bug Bounty of $500 | https://cyberw1ng.medium.com/how-an-open-redirect-vulnerability-got-a-bug-bounty-of-500-13ece7a987d8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, technology, bug-bounty, careers, cybersecurity | 12-Sep-2024 |
My first Account-take-over | https://medium.com/@osamamohamed21212121/my-first-account-take-over-f6590c4a3a54?source=rss------bug_bounty-5 | Osamamohamed | bugs, bug-bounty, bug-zero, bug-bounty-writeup, bug-bounty-tips | 12-Sep-2024 |
My journey to find CSRF (Cross-Site Request Forgery ) | https://medium.com/@osamamohamed21212121/my-journey-to-find-csrf-cross-site-request-forgery-ddf1e1bd579d?source=rss------bug_bounty-5 | Osamamohamed | bug-bounty-writeup, bug-bounty-tips, bug-bounty, bugs, bug-zero | 12-Sep-2024 |
Stored XSS via File upload(using .svg file Extension ) | https://ch4ndan.medium.com/stored-xss-via-file-upload-using-svg-file-extension-515e23536d4d?source=rss------bug_bounty-5 | Ch4ndan das | cybersecurity, xss-attack, bug-bounty, bugs, bug-bounty-tips | 12-Sep-2024 |
My first XSS: Reflected XSS | https://medium.com/@osamamohamed21212121/my-first-xss-reflected-xss-0949992b94ab?source=rss------bug_bounty-5 | Osamamohamed | bugs, bug-bounty-tips, bug-bounty, bug-zero, bug-bounty-writeup | 12-Sep-2024 |
Hack Google Like a Pro: Automate Google Dorks with Bash for Bug Bounties! | https://enigma96.medium.com/hack-google-like-a-pro-automate-google-dorks-with-bash-for-bug-bounties-7611818a4bf0?source=rss------bug_bounty-5 | enigma | hacker, bug-bounty, pentesting, bug-bounty-tips, dorks | 12-Sep-2024 |
How to learn Game Hacking in 6 minutes | Part 1 | https://medium.com/@deadoverflow/how-to-learn-game-hacking-in-10-minutes-part-1-19991004fd99?source=rss------bug_bounty-5 | Imad Husanovic | games, hacking, bug-bounty-tips, bug-bounty, cybersecurity | 12-Sep-2024 |
How to learn Game Hacking in 6 minutes | Part 1 | https://systemweakness.com/how-to-learn-game-hacking-in-10-minutes-part-1-19991004fd99?source=rss------bug_bounty-5 | Imad Husanovic | games, hacking, bug-bounty-tips, bug-bounty, cybersecurity | 12-Sep-2024 |
Introduction to Bug Bounty Hunting | https://medium.com/@kanishkar22052004/introduction-to-bug-bounty-hunting-183f133c7d0d?source=rss------bug_bounty-5 | Kanishkar | bug-bounty, ethical-hacking, cybersecurity | 11-Sep-2024 |
Understanding the OWASP Top 10 in 2024 | https://bootstrapsecurity.medium.com/understanding-the-owasp-top-10-in-2024-245b600737f9?source=rss------bug_bounty-5 | BootstrapSecurity | bug-bounty-tips, bug-bounty, ethical-hacking, cybersecurity, infosec-write-ups | 11-Sep-2024 |
Understanding the OWASP Top 10 in 2024 | https://medium.com/@bootstrapsecurity/understanding-the-owasp-top-10-in-2024-245b600737f9?source=rss------bug_bounty-5 | BootstrapSecurity | bug-bounty-tips, bug-bounty, ethical-hacking, cybersecurity, infosec-write-ups | 11-Sep-2024 |
HTB Academy: Information Gathering — Web Edition (Updated). | https://medium.com/@mazalwebdesign/htb-academy-information-gathering-web-edition-updated-50058fdec55e?source=rss------bug_bounty-5 | maz4l | htb-walkthrough, htb-writeup, penetration-testing, bug-bounty, ethical-hacking | 11-Sep-2024 |
API Bug Bounty Hunting: Reconnaissance and Reverse Engineering an API | https://towardsdev.com/api-bug-bounty-hunting-reconnaissance-and-reverse-engineering-an-api-1d61f82b5d72?source=rss------bug_bounty-5 | Adithyakrishna V | cybersecurity, bug-bounty, hacking, api | 11-Sep-2024 |
NGINX HTTP/3 QUIC Module Vulnerability -CVE-2024–35200 | https://infosecwriteups.com/nginx-http-3-quic-module-vulnerability-cve-2024-35200-e2f6aaea2a68?source=rss------bug_bounty-5 | Ajay Naik | bug-bounty, security, cve, vulnerability, rewards | 11-Sep-2024 |
BIG-IP HSB vulnerability CVE-2024–39778 | https://medium.com/@ajaynaikhack/big-ip-hsb-vulnerability-cve-2024-39778-9fd33cc4d5e5?source=rss------bug_bounty-5 | Ajay Naik | rewards-and-recognition, vulnerability, bug-bounty, security | 11-Sep-2024 |
Why Django’s [DEBUG=True] is a Goldmine for Hackers | https://medium.com/@verylazytech/why-djangos-debug-true-is-a-goldmine-for-hackers-01486289607d?source=rss------bug_bounty-5 | Very Lazy Tech | hacking, cybersecurity, django, bug-bounty, misconfiguration | 11-Sep-2024 |
Best Bug Bounty and Pentesting Methodology for Beginners(Step By Step) | https://medium.com/@shaikhminhaz1975/best-bug-bounty-and-pentesting-methodology-for-beginners-step-by-step-b6167128156a?source=rss------bug_bounty-5 | Shaikh Minhaz | cybersecurity, methodology, penetration-testing, bug-bounty, ethical-hacking | 11-Sep-2024 |
MY First Bug Hunt: A Beginner’s Guide to Cybersecurity with Google Dorks | https://medium.com/@KpCyberInfo/my-first-bug-hunt-a-beginners-guide-to-cybersecurity-with-google-dorks-b62a28214d38?source=rss------bug_bounty-5 | Krunal Patel | bug-bounty, cybersecurity, google-dork, beginner, security | 11-Sep-2024 |
How Finding an SQL Injection Vulnerability Earned a $1000 Bug Bounty | https://systemweakness.com/how-finding-an-sql-injection-vulnerability-earned-a-1000-bug-bounty-af2ee0b62f6c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, technology, bug-bounty, hacking | 11-Sep-2024 |
Interesting Story of an Account Takeover Vulnerability | https://medium.com/@deepanshudev369/interesting-story-of-an-account-takeover-vulnerability-140a45a058a3?source=rss------bug_bounty-5 | Deepanshu(golu369) | cybersecurity, ethical-hacking, vulnerability-assessment, bug-bounty, research | 11-Sep-2024 |
P4 bug’s and their POC steps | Part 2 | https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-2-17b6583c57d9?source=rss------bug_bounty-5 | socalledhacker | web-security, hacking, bug-bounty-tips, vulnerability, bug-bounty | 11-Sep-2024 |
Pemburuan Hacker Penpie: Menyediakan Hingga 10% dari Dana yang Dikembalikan sebagai Hadiah | https://blog.penpiexyz.io/pemburuan-hacker-penpie-menyediakan-hingga-10-dari-dana-yang-dikembalikan-sebagai-hadiah-6e81cc0f610b?source=rss------bug_bounty-5 | 0xJultoshi | defi, bahasa, bug-bounty, investasi, crypto | 11-Sep-2024 |
Primary Hacking School #1 Installing Kali | https://medium.com/@nnface/primary-hacking-school-1-installing-kali-a3e249c41730?source=rss------bug_bounty-5 | NnFace | bug-bounty, cybersecurity, hacking, linux, kali-linux | 11-Sep-2024 |
How I Stole a Player Spot with Simple XSS | https://medium.com/@ali_guell/how-i-stole-a-player-spot-with-simple-xss-6a8fa2776a84?source=rss------bug_bounty-5 | black_wheatear | writeup, bug-bounty, hacking, web-development, cybersecurity | 11-Sep-2024 |
Securing Your Applications Against CSRF Attacks: Best Practices for Cybersecurity Experts | https://medium.com/@kpishear/securing-your-applications-against-csrf-attacks-best-practices-for-cybersecurity-experts-4e572b9fc032?source=rss------bug_bounty-5 | kpishear | bug-bounty, tech, cybersecurity, trading, technology | 10-Sep-2024 |
Free Bug Bounty Course For Beginners ️ | https://medium.com/@amanktec12/free-bug-bounty-course-for-beginners-%EF%B8%8F-f126b9907c96?source=rss------bug_bounty-5 | Cyberxeal | free-bug-hunting-course, free, course, bug-bounty, bug-hunting | 10-Sep-2024 |
Would you mind to tell me what your bank balance is? No? Okay, I’ll hack it. | https://infosecwriteups.com/would-you-mind-to-tell-me-what-your-bank-balance-is-no-okay-ill-hack-it-b3f49810cfe2?source=rss------bug_bounty-5 | Manav Bankatwala | bank-hack, cybersecurity, information-security, idor, bug-bounty | 10-Sep-2024 |
My first Hall of Fame (HoF) | Bug Bounty Journey. | https://rivudon.medium.com/my-first-hall-of-fame-hof-bug-bounty-journey-59a56b1e96c2?source=rss------bug_bounty-5 | Rivek Raj Tamang ( RivuDon ) | bug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips, infosec-writeup | 10-Sep-2024 |
The “Who Needs Secure Attachments Anyway?” Saga | https://medium.com/@shobitsharma/the-who-needs-secure-attachments-anyway-saga-6026dc61a371?source=rss------bug_bounty-5 | Shobit Sharma | bug-bounty, cybersecurity, bug-bounty-tips, infosec-write-ups, bug-bounty-writeup | 10-Sep-2024 |
How Hackers Can Steal Your Data in 15 Seconds | https://medium.com/@kerstan/how-hackers-can-steal-your-data-in-15-seconds-798bbed9cbac?source=rss------bug_bounty-5 | kerstan | hacking, cybersecurity, bug-bounty | 10-Sep-2024 |
Basic Challenge Level 11 | https://aftab700.medium.com/basic-challenge-level-11-eaa689246c31?source=rss------bug_bounty-5 | Aftab Sama | ctf, cybersecurity, information-security, bug-bounty, ethical-hacking | 10-Sep-2024 |
Basic Challenge Level 10 | https://aftab700.medium.com/basic-challenge-level-10-afaac3919778?source=rss------bug_bounty-5 | Aftab Sama | cybersecurity, bug-bounty, ctf-writeup, ctf, information-security | 10-Sep-2024 |
Basic Challenge Level 9 | https://aftab700.medium.com/basic-challenge-level-9-588ab110cc2d?source=rss------bug_bounty-5 | Aftab Sama | ctf-writeup, ctf, bug-bounty, information-security, cybersecurity | 10-Sep-2024 |
OWASP top 10 A09:Security Logging and Monitoring failures | https://medium.com/@shivamsharma.ss484/owasp-top-10-a09-security-logging-and-monitoring-failures-e2f4bdc50fbe?source=rss------bug_bounty-5 | Shivamsharma | owasp, hacking, cybersecurity, owasp-top-10, bug-bounty | 10-Sep-2024 |
‘find’ command for Recon | https://medium.com/@DatBoyBlu3/find-command-for-recon-4f3cf296c5d5?source=rss------bug_bounty-5 | Daniel Edwards | cybersecurity, linux, bug-bounty, unix, penetration-testing | 10-Sep-2024 |
Top Reconnaissance Tools for Ethical Security Testing | https://medium.com/@ajaynaikhack/top-reconnaissance-tools-for-ethical-security-testing-2b4088106b81?source=rss------bug_bounty-5 | Ajay Naik | reconnaissance, ethical-hacking, bug-bounty, rewards, vulnerability | 10-Sep-2024 |
Introducing FavFreak: Unlock the Power of Favicon Hashing for Bug Bounty Hunting | https://medium.com/@unreal_umber_hyena_37/introducing-favfreak-unlock-the-power-of-favicon-hashing-for-bug-bounty-hunting-0361dbb629c3?source=rss------bug_bounty-5 | Cyber Sentinel X | security, cybersecurity, penetration-testing, bug-bounty, ethical-hacking | 10-Sep-2024 |
How I got RCE on an Indian university without admin credentials Tale of directory listing, SQL… | https://medium.com/@alimuhammadsecured/how-i-got-rce-on-an-indian-university-without-admin-credentials-tale-of-directory-listing-sql-1f77e2933011?source=rss------bug_bounty-5 | Alimuhammadsecured | bug-bounty, bug-bounty-writeup, ctf, rce, hacking | 10-Sep-2024 |
TryHackMe | Simple CTF | Walkthrough | By HexaHunter | https://hexahunter.medium.com/tryhackme-simple-ctf-walkthrough-by-hexahunter-b9457e4d7d16?source=rss------bug_bounty-5 | Momal Naz | web-security, penetration-testing, tryhackme-walkthrough, ctf-writeup, bug-bounty | 09-Sep-2024 |
Mastering Reconnaissance with Nmap: Unveiling Your Target’s Secrets | https://infosecwriteups.com/mastering-reconnaissance-with-nmap-unveiling-your-targets-secrets-ec940d05a140?source=rss------bug_bounty-5 | Ajay Naik | cybersecurity, information-security, nmap, bug-bounty, infosec-write-ups | 09-Sep-2024 |
Self-XSS to ATO via Quick Login feature | https://thecatfather.medium.com/self-xss-to-ato-via-quick-login-feature-532df12d1c08?source=rss------bug_bounty-5 | The CatFather | bug-bounty-writeup, bug-bounty, bug-bounty-tips | 09-Sep-2024 |
Exploiting Firestore Database Rules: A Pathway to Data Breaches | https://medium.com/@S3THU/exploiting-firestore-database-rules-a-pathway-to-data-breaches-aa945476cc16?source=rss------bug_bounty-5 | Sethu Satheesh | firebase, hacking, cybersecurity, bug-bounty, pentesting | 09-Sep-2024 |
Google Dorks for Bug Bounty Part 3: Exposing Hidden Admin Panels & Login Portals | https://enigma96.medium.com/google-dorks-for-bug-bounty-part-3-exposing-hidden-admin-panels-login-portals-52b600e3f10b?source=rss------bug_bounty-5 | enigma | bug-bounty, bug-bounty-tips, pentesting, hacking, penetration-testing | 09-Sep-2024 |
2nd Order SQL Injection | https://medium.com/@bountyget/2nd-order-sql-injection-e2ac60e792a4?source=rss------bug_bounty-5 | Dhiren Kumar Pradhan | bug-bounty-tips, sql-injection, cybersecurity, penetration-testing, bug-bounty | 09-Sep-2024 |
{إِنَّ اللَّهَ وَمَلائِكَتَهُ يُصَلُّونَ عَلَى النَّبِيِّ يَا أَيُّهَا الَّذِينَ آمَنُوا صَلُّوا… | https://medium.com/@mahdisalhi0500/%D8%A5%D9%90%D9%86%D9%8E%D9%91-%D8%A7%D9%84%D9%84%D9%8E%D9%91%D9%87%D9%8E-%D9%88%D9%8E%D9%85%D9%8E%D9%84%D8%A7%D8%A6%D9%90%D9%83%D9%8E%D8%AA%D9%8E%D9%87%D9%8F-%D9%8A%D9%8F%D8%B5%D9%8E%D9%84%D9%8F%D9%91%D9%88%D9%86%D9%8E-%D8%B9%D9%8E%D9%84%D9%8E%D9%89-%D8%A7%D9%84%D9%86%D9%8E%D9%91%D8%A8%D9%90%D9%8A%D9%90%D9%91-%D9%8A%D9%8E%D8%A7-%D8%A3%D9%8E%D9%8A%D9%8F%D9%91%D9%87%D9%8E%D8%A7-%D8%A7%D9%84%D9%8E%D9%91%D8%B0%D9%90%D9%8A%D9%86%D9%8E-%D8%A2%D9%85%D9%8E%D9%86%D9%8F%D9%88%D8%A7-%D8%B5%D9%8E%D9%84%D9%8F%D9%91%D9%88%D8%A7-4cdb13f5ff52?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | hacking, information-security, ethical-hacking, bug-bounty, information-technology | 09-Sep-2024 |
SQL Injection Attack, Listing the Database Contents on Non-Oracle Databases | https://medium.com/@marduk.i.am/sql-injection-attack-listing-the-database-contents-on-non-oracle-databases-825485566585?source=rss------bug_bounty-5 | Marduk I Am | bug-bounty, portswigger-lab, sqli, information-security, sql-injection | 09-Sep-2024 |
Hunting for Hidden API Endpoints Using Katana and Hakraler | https://anasbetis023.medium.com/hunting-for-hidden-api-endpoints-using-katana-and-hakraler-ba0bd6b9611f?source=rss------bug_bounty-5 | Anas H Hmaidy | bug-bounty, penetration-testing, bug-bounty-tips, cybersecurity | 09-Sep-2024 |
Optimal Ethical Hacker Setup for Penetration Testing | https://infosecwriteups.com/optimal-ethical-hacker-setup-for-penetration-testing-4847a8afbe45?source=rss------bug_bounty-5 | Ajay Naik | security, bug-bounty, vulnerability, desktop | 09-Sep-2024 |
Unveiling Hidden Threats: Advanced Recon Techniques and the Path to Automation | https://medium.com/@rootspaghetti/unveiling-hidden-threats-advanced-recon-techniques-and-the-path-to-automation-4c1b3dd885a3?source=rss------bug_bounty-5 | Root@Spaghetti | bug-bounty-tips, bug-bounty, hacking | 09-Sep-2024 |
P4 bug’s and their POC steps | Part 1 | https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-1-1cef0152d1a5?source=rss------bug_bounty-5 | socalledhacker | vulnerability, p4-bugs, hacking, web-app-security, bug-bounty | 09-Sep-2024 |
How HTTP Request Smuggling Vulnerability Gets You a $750 Bug Bounty | https://cyberw1ng.medium.com/how-http-request-smuggling-vulnerability-gets-you-a-750-bug-bounty-3dfe9063fd8d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, careers, cybersecurity, technology | 09-Sep-2024 |
Introducing CorScan: A Comprehensive Tool for CORS Vulnerability Detection | https://angixblack.medium.com/introducing-corscan-a-comprehensive-tool-for-cors-vulnerability-detection-4ce83be6870e?source=rss------bug_bounty-5 | Angix black | penetration-testing, bug-bounty, cors, bugbounty-automation, corscan | 09-Sep-2024 |
Lap 1: JWT authentication bypass via unverified signature | https://abdelrahmansalaheldeen.medium.com/lap-1-jwt-authentication-bypass-via-unverified-signature-8e450a7b2f59?source=rss------bug_bounty-5 | Abdelrahman Salaheldeen | cybersecurity, web-application-security, web-app-pentesting, jwt, bug-bounty | 08-Sep-2024 |
The Only Oscp Tip You Need | https://medium.com/@issam.qsous/the-only-oscp-tip-you-need-cfac65948f68?source=rss------bug_bounty-5 | Essam Qsous | oscp, bug-bounty, cybersecurity, pentesting, hacking | 08-Sep-2024 |
JSON Web Token attacks (JWT) | https://abdelrahmansalaheldeen.medium.com/json-web-token-attacks-jwt-c082d76f3e4c?source=rss------bug_bounty-5 | Abdelrahman Salaheldeen | jwt, web-penetration-testing, web-application-security, bug-bounty, cybersecurity | 08-Sep-2024 |
0-Click Mass Account Takeover via Password Reset Functionality | https://0d-samii.medium.com/0-click-mass-account-takeover-via-password-reset-functionality-68cdf27e028d?source=rss------bug_bounty-5 | 0d_samii | bugs, bug-bounty-tips, bug-bounty, cybersecurity | 08-Sep-2024 |
How To Stay Ahead of 99% of Bug Bounty Hunters | https://bevijaygupta.medium.com/how-to-stay-ahead-of-99-of-bug-bounty-hunters-d77030705ed5?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-tips, bugs, hackthebox, bug-bounty, bounty-hunter | 08-Sep-2024 |
Discovering a Stored XSS Vulnerability on a Bug Bounty Program | https://anmolvishwakarma7466.medium.com/discovering-a-stored-xss-vulnerability-on-a-bug-bounty-program-8dad1b475695?source=rss------bug_bounty-5 | Anmolvishwakarma | xss-attack, appsec, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 08-Sep-2024 |
Found Bugs, Got Paid, Stayed Poor: Making a Living with Bug Bounties | https://bevijaygupta.medium.com/found-bugs-got-paid-stayed-poor-making-a-living-with-bug-bounties-a30355564d32?source=rss------bug_bounty-5 | Vijay Gupta | money-making-ideas, bug-bounty-tips, bug-bounty, money-management, bugs | 08-Sep-2024 |
Nmap: The Best Network Scanning Utility for Security Expert | https://medium.com/@mohanmecktro/nmap-the-best-network-scanning-utility-for-security-expert-ea7a6fd01efb?source=rss------bug_bounty-5 | Mohan Mecktro | bug-bounty-hunter, penetration-testing, bug-bounty, nmap, kali-linux-tools | 08-Sep-2024 |
How I Become Google HOF | https://medium.com/@lijoparappur/how-i-become-google-hof-ef697b8b5963?source=rss------bug_bounty-5 | Lijoparappur | bug-bounty, google-hacking | 08-Sep-2024 |
How i found xss in goverment website with one tools. | https://medium.com/@sulthanyluthfi/how-i-found-xss-in-goverment-website-with-one-tools-5dd5d431ed03?source=rss------bug_bounty-5 | Luthfi Sulthany | xss-attack, bug-bounty, linux, penetration-testing, cybersecurity | 08-Sep-2024 |
Day 30of 30 Day — 30 Vulnerabilities | Cross-Site Request Forgery (CSRF) | https://medium.com/@kumawatabhijeet2002/day-30of-30-day-30-vulnerabilities-cross-site-request-forgery-csrf-062ff53c5efd?source=rss------bug_bounty-5 | Abhijeet kumawat | 30dayswritingchallenge, bug-bounty, bug-bounty-tips, csrf | 08-Sep-2024 |
My recon methodology for hunting CVE-2021–42063 led to discovering an RXSS vulnerability in the… | https://medium.com/@karthithehacker/my-recon-methodology-for-hunting-cve-2021-42063-led-to-discovering-an-rxss-vulnerability-in-the-27a7aa435fd3?source=rss------bug_bounty-5 | Karthikeyan.V | bug-bounty, infosec, bugbounty-writeup, ethical-hacking, cybersecurity | 08-Sep-2024 |
The Weak Link in Two-Factor Authentication: Exploiting Reusable OTPs | https://medium.com/@tusharpuri6/the-weak-link-in-two-factor-authentication-exploiting-reusable-otps-ed30bd8bf4da?source=rss------bug_bounty-5 | Tusharpuri | offensive-security, bug-bounty, penetration-testing, vulnerability, application-security | 08-Sep-2024 |
OWASP top 10 A08:Software and Data Integrity Failures | https://medium.com/@shivamsharma.ss484/owasp-top-10-a08-software-and-data-integrity-failures-bd41b5f9db2c?source=rss------bug_bounty-5 | Shivamsharma | owasp-top-10, bug-bounty, cybersecurity, hacking, owasp | 08-Sep-2024 |
Post-Exploitation Techniques: What Happens After a Hack? | https://cyberw1ng.medium.com/post-exploitation-techniques-what-happens-after-a-hack-961ddc068fb6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, technology, hacking, cybersecurity, careers | 08-Sep-2024 |
Post-Exploitation Techniques: What Happens After a Hack? | https://systemweakness.com/post-exploitation-techniques-what-happens-after-a-hack-961ddc068fb6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, technology, hacking, cybersecurity, careers | 08-Sep-2024 |
Bug Bounty Road ️ Map ️ | https://osintteam.blog/bug-bounty-road-%EF%B8%8F-map-%EF%B8%8F-b42c14750a6a?source=rss------bug_bounty-5 | Mr Abdullah | bug-bounty-roadmap, bug-bounty, bug-bounty-writeup, ethical-hacking, cybersecurity | 07-Sep-2024 |
Users without roles are able to find out whether the “Invite other people” feature on a Pinterest… | https://rhidayah.medium.com/users-without-roles-are-able-to-find-out-whether-the-invite-other-people-feature-on-a-pinterest-b1cf86305337?source=rss------bug_bounty-5 | Rohmad Hidayah | pinterest, bug-bounty, privacy, business-logic-flaw | 07-Sep-2024 |
Exploiting the Silent Threat: Time-Based Blind SQL Injection via the Object_ID Parameter | https://harshit3.medium.com/exploring-time-based-blind-sql-injection-vulnerability-via-the-object-id-parameter-7cd377c6e00d?source=rss------bug_bounty-5 | Harshit | owasp, vulnerability, cybersecurity, bug-bounty, information-security | 07-Sep-2024 |
Account takeover through no rate limits | https://rhidayah.medium.com/account-takeover-through-no-rate-limits-3d7a82a69779?source=rss------bug_bounty-5 | Rohmad Hidayah | account-takeover, no-rate-limit, bug-bounty, broken-authentication | 07-Sep-2024 |
The Rise of AI in Cybersecurity: Opportunities and Threats | https://bootstrapsecurity.medium.com/the-rise-of-ai-in-cybersecurity-opportunities-and-threats-531b42f9bef9?source=rss------bug_bounty-5 | BootstrapSecurity | bug-bounty-tips, bug-bounty, cybersecurity, ethical-hacking, ai-in-cybersecurity | 07-Sep-2024 |
how i finded a google map it’s worths 300$ | https://systemweakness.com/how-i-finded-a-google-map-its-worths-300-9fe5fe32e6de?source=rss------bug_bounty-5 | loyalonlytoday | bugs, penetration-testing, hacking, bug-bounty, bug-bounty-tips | 07-Sep-2024 |
Subdomain Takeover : The Hacker’s Jackpot (And How You Can Hit It Too!) | https://medium.com/@Kaizen2977/subdomain-takeover-the-hackers-jackpot-and-how-you-can-hit-it-too-76d49b916bc1?source=rss------bug_bounty-5 | Kapil Chotalia | bug-bounty, subdomain-takeover, subdomains-enumeration, hacking, penetration-testing | 07-Sep-2024 |
Users without roles are able to find out whether the “Invite other people” feature on a Pinterest… | https://rhidayah.medium.com/users-without-roles-are-able-to-find-out-whether-the-invite-other-people-feature-on-a-pinterest-b1cf86305337?source=rss------bug_bounty-5 | Rohmad Hidayah | pinterest, bug-bounty, privacy, bugcrowd, business-logic-flaw | 07-Sep-2024 |
Day 29 of 30 Day — 30 Vulnerabilities | Remote Code Execution (RCE) | https://medium.com/@kumawatabhijeet2002/day-29-of-30-day-30-vulnerabilities-remote-code-execution-rce-eb3f8f7ccf62?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty-tips, rce, bug-bounty, 30dayswritingchallenge, remote-code-execution | 07-Sep-2024 |
Vulnerability Scanner | https://medium.com/@hydra_/vulnerability-scanner-1ad628218979?source=rss------bug_bounty-5 | hydra | bug-bounty, vulnerability-scanner, infosec | 07-Sep-2024 |
Understanding window.postMessage() and Its XSS Risks | https://medium.com/@spideyyy/understanding-window-postmessage-and-its-xss-risks-5a96bcd90428?source=rss------bug_bounty-5 | spidey | cybersecurity, bug-bounty, web-security, hacking, xss-attack | 07-Sep-2024 |
Find Your First 5 Bug Bounties in Easy Ways | https://infosecwriteups.com/find-your-first-5-bug-bounties-in-easy-ways-3aaca5c57a2d?source=rss------bug_bounty-5 | Subh Dhungana | hackerone, infosec, cybersecurity, bug-bounty, hacking | 07-Sep-2024 |
My recon methodology for hunting CVE-2021–42063 led to discovering an RXSS vulnerability in the… | https://medium.com/@karthithehacker/my-recon-methodology-for-hunting-cve-2021-42063-led-to-discovering-an-rxss-vulnerability-in-the-80bd4ca0f623?source=rss------bug_bounty-5 | Karthikeyan.V | bug-bounty, infosec, cybersecurity | 07-Sep-2024 |
Hunting in the Cyber World: Effective Recon Strategies for a Successful Bug Bounty | https://medium.com/@rootspaghetti/hunting-in-the-cyber-world-effective-recon-strategies-for-a-successful-bug-bounty-8ec5f27bd9ae?source=rss------bug_bounty-5 | Root@Spaghetti | bug-bounty, cybersecurity, hacking, bug-bounty-tips | 07-Sep-2024 |
850$ IDOR:Unauthorized Session Revokation of any user | https://infosecwriteups.com/850-idor-unauthorized-session-revokation-of-any-user-93f9cb92fdfe?source=rss------bug_bounty-5 | Abhi Sharma | cybersecurity, infosec, idor, bug-bounty, programming | 07-Sep-2024 |
Google Dorks Secrets: Discover Hidden Endpoints & Parameters with Google Dorks | https://enigma96.medium.com/google-dorks-secrets-discover-hidden-endpoints-parameters-with-google-dorks-7c3bb3257ef9?source=rss------bug_bounty-5 | enigma | web-security-testing, hacking, bug-bounty-tips, bug-bounty, penetration-testing | 07-Sep-2024 |
cyberExploring Client-Side Desync: Understanding the Risk and Mitigating the Threat | https://cyberw1ng.medium.com/cyberexploring-client-side-desync-understanding-the-risk-and-mitigating-the-threat-b375dec78f21?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, technology, cybersecurity, careers | 07-Sep-2024 |
Day 28 of 30 Day — 30 Vulnerabilities | DOM-based XSS | https://medium.com/@kumawatabhijeet2002/day-28-of-30-day-30-vulnerabilities-dom-based-xss-e7bfadc56b2f?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, 30dayswritingchallenge, bug-bounty-tips, dom-based-xss | 06-Sep-2024 |
Bounty Hunter’s Handbook: Practical Tips for Bug Hunting | https://medium.com/@security.tecno/bounty-hunters-handbook-practical-tips-for-bug-hunting-b3a8b03d1101?source=rss------bug_bounty-5 | TECNO Security | hacking, hunting, tips, bug-bounty | 06-Sep-2024 |
[$12000] 3 Critical 0-click TikTok Account Takeover Vulnerabilities, 2FA bypass & more security… | https://vojtechcekal.medium.com/12000-3-critical-0-click-tiktok-account-takeover-vulnerabilities-2fa-bypass-more-security-78554827cfc3?source=rss------bug_bounty-5 | Vojtech Cekal | vulnerability, bug-bounty-writeup, bug-bounty-tips, cybersecurity, bug-bounty | 06-Sep-2024 |
OAuth Based CSRF: Exploiting The Flaw In Implementation Of State Parameter | https://medium.com/@cyberpro151/oaauth-based-csrf-exploiting-the-flaw-in-implementation-of-state-parameter-36bfae68aa65?source=rss------bug_bounty-5 | cyberpro151 | bug-bounty, cybersecurity, appsec, hacking, pentest | 06-Sep-2024 |
Google Map API Key Exposure $$$ | Just 2 Minutes | Don’t Miss Your Bounty | https://dkcyberz.medium.com/google-map-api-key-exposure-just-2-minutes-dont-miss-your-bounty-380eac7b9dd9?source=rss------bug_bounty-5 | Harpy Hunter | bug-bounty-tips, bugbounty-writeup, google-map-api, bug-bounty, owasp-top-10 | 06-Sep-2024 |
Google Dork Mastery Part 1 : Finding Hidden Critical Files with Google Dorks Like a Pro | https://enigma96.medium.com/google-dork-mastery-part-1-finding-hidden-critical-files-with-google-dorks-like-a-pro-d28ad159e9ae?source=rss------bug_bounty-5 | enigma | penetration-testing, hacking, bug-bounty-tips, web-security, bug-bounty | 06-Sep-2024 |
Master Mobile Traffic Hacking: Intercept Android App Data with Burp Suite | https://medium.com/@WillFromSwiss/master-mobile-traffic-hacking-intercept-android-app-data-with-burp-suite-9278163310ad?source=rss------bug_bounty-5 | WillFromSwiss | cybersecurity, application-security, hacking, android, bug-bounty | 06-Sep-2024 |
As Luck Would Have It — tales of good fortune in bug bounty | https://medium.com/@l_s_/as-luck-would-have-it-tales-of-good-fortune-in-bug-bounty-9c56d31b3ef5?source=rss------bug_bounty-5 | LS | infosec, information-security, bug-bounty-writeup, hacking, bug-bounty | 06-Sep-2024 |
How I Explored Further and Chained HTTP Request Smuggling with Other Vulnerabilities | https://cyberw1ng.medium.com/how-i-explored-further-and-chained-http-request-smuggling-with-other-vulnerabilities-cfb974e1e8aa?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, technology, hacking, bug-bounty, cybersecurity | 06-Sep-2024 |
How 100% Manual Hacking (Without Even Kali And Burp) Led To 2 Medium Vulnerabilities On YesWeHack | https://medium.com/@manan_sanghvi/how-100-manual-hacking-without-even-kali-and-burp-led-to-2-medium-vulnerabilities-on-yeswehack-bbda00fcd84e?source=rss------bug_bounty-5 | Manan Sanghvi | vulnerability, bug-bounty, xss-attack, cybersecurity, ethical-hacking | 05-Sep-2024 |
Day 27 of 30 Day — 30 Vulnerabilities | Server-Side Template Injection (SSTI) | https://medium.com/@kumawatabhijeet2002/day-27-of-30-day-30-vulnerabilities-server-side-template-injection-ssti-f12c851d7e08?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, server-side-technology, 30dayswritingchallenge, ssti, bug-bounty-tips | 05-Sep-2024 |
Exploiting Salesforce Lightning Permissions Issues | https://medium.com/@theodorejackson.us/exploiting-salesforce-lightning-permissions-issues-5c04f202c887?source=rss------bug_bounty-5 | Ted Jackson | pentesting, bug-bounty, security, salesforce, cybersecurity | 05-Sep-2024 |
RCE Exploits Explained: Techniques & Tools in 2024 | https://bootstrapsecurity.medium.com/rce-exploits-explained-techniques-tools-in-2024-79dbbbc67ba6?source=rss------bug_bounty-5 | BootstrapSecurity | ethical-hacking, vulnerability-assessment, cybersecurity, bug-bounty-tips, bug-bounty | 05-Sep-2024 |
What is WAF? & Secret Techniques to Bypass It | https://medium.com/huntersec-security/what-is-waf-secret-techniques-to-bypass-it-2a4de4768131?source=rss------bug_bounty-5 | Ajay Naik | bug-bounty, firewall-security, infosec | 05-Sep-2024 |
SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff | https://medium.com/@ali.zamini/ssti-in-bug-bounty-program-the-time-i-played-with-handlebars-and-broke-stuff-7dc1f9834a3d?source=rss------bug_bounty-5 | Ali Zamini | bug-hunting, bug-bounty, hacking, web-app-pentesting, ssti | 05-Sep-2024 |
Blocking Users from Registration | https://medium.com/@patidarbhuwan44/blocking-users-from-registration-e3a584f25e4b?source=rss------bug_bounty-5 | Bhuwan Patidar | bug-bounty, hacking, bug-bounty-tips, web, cybersecurity | 05-Sep-2024 |
Uncover Hidden Subdomains with Sublist3r and curl: Boost Your Bug Hunting Success | https://enigma96.medium.com/uncover-hidden-subdomains-with-sublist3r-and-curl-boost-your-bug-hunting-success-a80b180a9377?source=rss------bug_bounty-5 | enigma | bug-bounty, bug-bounty-tips, penetration-testing, hacking, web-security | 05-Sep-2024 |
Find SSRF , LFI , XSS using httpx , waybackurls , gf , gau , qsreplace | https://medium.com/@SatyamPathania/find-ssrf-lfi-xss-using-httpx-waybackurls-gf-gau-qsreplace-96c4794e404c?source=rss------bug_bounty-5 | Satyam Pathania | earn-money-online, cybersecurity, bug-bounty, hacking, money | 05-Sep-2024 |
Cybersecurity 101 : Subdomain Scanner ทำงานยังไง ? | https://medium.com/@nengapi/cybersecurity-101-subdomain-scanner-%E0%B8%97%E0%B8%B3%E0%B8%87%E0%B8%B2%E0%B8%99%E0%B8%A2%E0%B8%B1%E0%B8%87%E0%B9%84%E0%B8%87-04c9993620ed?source=rss------bug_bounty-5 | Neng Apichet | subdomain, bug-bounty, subdomain-enumeration, cybersecurity | 05-Sep-2024 |
Practical Bug Bounty — TCM Academy | Automated Tools | https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-automated-tools-ed177aab16f6?source=rss------bug_bounty-5 | Mohammad Awab Hassan Nizami | web-penetration-testing, bug-bounty, penetration-testing, ethical-hacking, cybersecurity | 05-Sep-2024 |
Dependency Confusion: A Namespace Takeover Story | https://medium.com/@sakshirathore3478/dependency-confusion-a-namespace-takeover-story-fa334533bd50?source=rss------bug_bounty-5 | Sakshi Rathore | bug-bounty-tips, webapplicationpentest, bug-bounty, cybersecurity, bug-bounty-hunter | 05-Sep-2024 |
Reflected XSS | US Department of Education Recognition | https://codingninjablogs.tech/reflected-xss-us-department-of-education-recognition-270ec27e7f5f?source=rss------bug_bounty-5 | #$ubh@nk@r | vulnerability, bug-bounty, cybersecurity, infosec, hacking | 05-Sep-2024 |
My first Bug : Uncovering a Reflected XSS with a Simple Payload | https://medium.com/@firdansp/my-first-bug-uncovering-a-reflected-xss-with-a-simple-payload-270b5e3742bb?source=rss------bug_bounty-5 | Firda Nurelia | xs, bug-bounty, bug-bounty-tips, xss-vulnerability, writeup | 05-Sep-2024 |
How I Discovered an HTTP Request Smuggling Vulnerability in a Major Web Console | https://cyberw1ng.medium.com/how-i-discovered-an-http-request-smuggling-vulnerability-in-a-major-web-console-5188b2b4c539?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, technology, bug-bounty, cybersecurity | 05-Sep-2024 |
Hidden Reflected XSS on 403 Page. | https://medium.com/@Hacker_Yogi/hidden-reflected-xss-on-403-page-0cbb46683138?source=rss------bug_bounty-5 | Ruben (Hacker_Yogi) | pentesting, bug-bounty-tips, information-security, xss-attack, bug-bounty | 05-Sep-2024 |
Broken Authentication Leads to the Ability to Unsubscribe Other Users' Payment Reminders | https://medium.com/@blackarazi/broken-authentication-leads-to-the-ability-to-unsubscribe-other-users-payment-reminders-0fdb1a63edec?source=rss------bug_bounty-5 | Azhari Harahap | bug-bounty, broken-authentication, api-security, application-security, bug-bounty-writeup | 04-Sep-2024 |
Ultimate FFUF Cheatsheet: Advanced Fuzzing Tactics for Pro Bug Hunters! | https://medium.com/h7w/ultimate-ffuf-cheatsheet-advanced-fuzzing-tactics-for-pro-bug-hunters-492598750150?source=rss------bug_bounty-5 | Khaleel Khan | hacking-tools, bug-bounty, hacking, cybersecurity, infosec | 04-Sep-2024 |
dirsearch: Panduan Lengkap untuk Pengumpulan Informasi Web yang Efektif! | https://medium.com/@adriansyah1230/dirsearch-panduan-lengkap-untuk-pengumpulan-informasi-web-yang-efektif-c7fdee43b2d4?source=rss------bug_bounty-5 | Adrian Syah Abidin | bug-bounty, cybersecurity, infosec, dirsearch, pentesting | 04-Sep-2024 |
Aquatone: Solusi Cerdas untuk Inspeksi Visual Website yang Mendalam! | https://medium.com/@adriansyah1230/aquatone-solusi-cerdas-untuk-inspeksi-visual-website-yang-mendalam-68811f0735c7?source=rss------bug_bounty-5 | Adrian Syah Abidin | cybersecurity, aquatone, keamanan-informasi, bug-bounty, infosec | 04-Sep-2024 |
A Comprehensive Guide to FFUF for Bug Hunters | https://maelstromenigma.medium.com/a-comprehensive-guide-to-ffuf-for-bug-hunters-76942e90f92b?source=rss------bug_bounty-5 | enigma | webservices-testing, bug-bounty-tips, bug-bounty, bug-hunting, recon | 04-Sep-2024 |
Nmap: Pemindai Keamanan Jaringan yang Kuat dan Alat Unggulan untuk Pengumpulan Informasi! | https://medium.com/@adriansyah1230/nmap-pemindai-keamanan-jaringan-yang-kuat-dan-alat-unggulan-untuk-pengumpulan-informasi-ce2186eda0d1?source=rss------bug_bounty-5 | Adrian Syah Abidin | nmap-command, cybersecurity, infosec, bug-bounty, nmap | 04-Sep-2024 |
Subdomain Enumeration | BBOT ✅>= Subfinder + Sublist3r + Assetfinder + Amass | https://dkcyberz.medium.com/bbot-subfinder-sublist3r-assetfinder-amass-subdomain-enumeration-c42bbbf76052?source=rss------bug_bounty-5 | Harpy Hunter | bug-bounty, subdomain-takeover, bugbounty-tips, subdomains-enumeration, bugbounty-writeup | 04-Sep-2024 |
OWASP Amass: Alat Canggih untuk Pengumpulan Informasi dan Strategi Pemetaan Serangan yang Efektif! | https://medium.com/@adriansyah1230/owasp-amass-alat-canggih-untuk-pengumpulan-informasi-dan-strategi-pemetaan-serangan-yang-efektif-7859ad0515ad?source=rss------bug_bounty-5 | Adrian Syah Abidin | massa, owasp, bug-bounty, pentest, cybersecurity | 04-Sep-2024 |
Day 26 of 30 Day — 30 Vulnerabilities | Race Conditions | https://medium.com/@kumawatabhijeet2002/day-26-of-30-day-30-vulnerabilities-race-conditions-e6b761e006b1?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty-tips, bug-bounty, 30dayswritingchallenge, race-condition | 04-Sep-2024 |
reNgine: Framework Otomatisasi Terbaik untuk Pengumpulan Informasi dan Pengujian Penetrasi Web! | https://medium.com/@adriansyah1230/rengine-framework-otomatisasi-terbaik-untuk-pengumpulan-informasi-dan-pengujian-penetrasi-web-13e338edff02?source=rss------bug_bounty-5 | Adrian Syah Abidin | infosec, bug-bounty, keamanan-informasi, rengine, cybersecurity | 04-Sep-2024 |
Exploring the World of `magicRecon`: A Fun Guide to Target Information Gathering | https://medium.com/@rootspaghetti/exploring-the-world-of-magicrecon-a-fun-guide-to-target-information-gathering-03a9e2bb7e39?source=rss------bug_bounty-5 | Root@Spaghetti | cybersecurity, bug-bounty-tips, hacking, bug-bounty | 04-Sep-2024 |
Zomatoooo! IDOR in Saved Payments | https://prateeksrivastavaa.medium.com/zomatoooo-idor-in-saved-payments-f8c014879741?source=rss------bug_bounty-5 | Prateek Srivastava | bug-bounty-writeup, bug-bounty, cybersecurity, penetration-testing, bug-bounty-tips | 04-Sep-2024 |
Openredirect CSRF SSRF XSS And Sqli vulnerability | https://medium.com/@shadowhackr_87285/openredirect-csrf-ssrf-xss-and-sqli-vulnerability-6a9f3a5662e2?source=rss------bug_bounty-5 | Shadowhackr | xss-attack, cybersecurity, bug-bounty, vulnerability, sql | 04-Sep-2024 |
Zero-Day Exploits: An Inconspicuous Danger | https://medium.com/@mohanmecktro/zero-day-exploits-an-inconspicuous-danger-7e3ca32c164e?source=rss------bug_bounty-5 | Mohan Mecktro | bug-bounty-tips, cyber, cybersecurity, bug-bounty, hacking | 04-Sep-2024 |
Decoding the Enigma: A Deep Dive into the /home/000~ROOT~000/ Directory | https://soltanali0.medium.com/decoding-the-enigma-a-deep-dive-into-the-home-000-root-000-directory-3be592f05525?source=rss------bug_bounty-5 | soltanali0 | information-security, bug-bounty, directory-listing, security-research, lfi | 04-Sep-2024 |
TeamCity Takedown: Breach, Backup, and Break-in. | https://medium.com/@josh.beck2006/teamcity-takedown-breach-backup-and-break-in-3ce333b63788?source=rss------bug_bounty-5 | Josh Beck | cybersecurity, bug-bounty, ctf-writeup | 04-Sep-2024 |
Advanced Strategies to Defend Against HTTP Request Smuggling: A Deep Dive | https://cyberw1ng.medium.com/advanced-strategies-to-defend-against-http-request-smuggling-a-deep-dive-ba7c0abe911a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, bug-bounty, technology, penetration-testing | 04-Sep-2024 |
Shodan: Senjata Rahasia Wajib Bagi Peretas dan Peneliti Keamanan untuk Pengumpulan Informasi yang… | https://medium.com/@adriansyah1230/shodan-senjata-rahasia-wajib-bagi-peretas-dan-peneliti-keamanan-untuk-pengumpulan-informasi-yang-a3f86dd47eed?source=rss------bug_bounty-5 | Adrian Syah Abidin | infosec, shodan, bug-bounty, hacking, cybersecurity | 03-Sep-2024 |
Bug Bounty: Your Guide to Ethical Hacking, Rewards, and the Best Learning Resources | https://medium.com/@akatrigger53/bug-bounty-your-guide-to-ethical-hacking-rewards-and-the-best-learning-resources-071c6eb14a27?source=rss------bug_bounty-5 | Akansh Panday | bug-bounty, hacking, darkweb, cybersecurity | 03-Sep-2024 |
How to overcome the pause point in BugBounty | https://anonysm.medium.com/how-to-overcome-the-pause-point-in-bugbounty-02b849cfcff8?source=rss------bug_bounty-5 | Muthu D | cybersecurity, bug-bounty, penetration-testing, motivation, hacking | 03-Sep-2024 |
DNSDumpster: Eksplorasi Informasi Domain Mendalam | https://medium.com/@adriansyah1230/dnsdumpster-eksplorasi-informasi-domain-mendalam-d20fa2635596?source=rss------bug_bounty-5 | Adrian Syah Abidin | keamanan-informasi, cybersecurity, infosec, bug-bounty, dnsdumpster | 03-Sep-2024 |
Day 25 of 30 Day — 30 Vulnerabilities | HTTP Request Smuggling | https://medium.com/@kumawatabhijeet2002/day-25-of-30-day-30-vulnerabilities-http-request-smuggling-722c3f01dbc4?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, http-request-smuggling, bug-bounty-tips, 30dayswritingchallenge | 03-Sep-2024 |
How to Bypass Web Application Firewalls (WAFs) | https://bootstrapsecurity.medium.com/how-to-bypass-web-application-firewalls-10cec76e8276?source=rss------bug_bounty-5 | BootstrapSecurity | bugbounty-tips, cybersecurity, ethical-hacking, bug-bounty | 03-Sep-2024 |
The removed employee can see whether the users he invited to the victim’s Pinterest business… | https://rhidayah.medium.com/the-removed-employee-can-see-whether-the-users-he-invited-to-the-victims-pinterest-business-085d2ee8e14e?source=rss------bug_bounty-5 | Rohmad Hidayah | bugcrowd, bug-bounty, pinterest, business-logic-flaw | 03-Sep-2024 |
[IDOR] Update another user’s profile | https://rhidayah.medium.com/idor-update-another-users-profile-79d0158ae60c?source=rss------bug_bounty-5 | Rohmad Hidayah | idor, bug-bounty | 03-Sep-2024 |
Pre account takeover via google sign in | https://rhidayah.medium.com/pre-account-takeover-via-google-sign-in-bb442f4c32a2?source=rss------bug_bounty-5 | Rohmad Hidayah | bug-bounty, account-takeover | 03-Sep-2024 |
P3 (Medium) : How I Gain Access To NASA's Internal Workspace?! | https://medium.com/@srishavinkumar/p3-medium-how-i-gain-access-to-nasas-internal-workspace-d0896fee563c?source=rss------bug_bounty-5 | Sri Shavin Kumar | bug-bounty, bug-bounty-tips, cybersecurity, technology, programming | 03-Sep-2024 |
Improper Authorization via Mass Assignment of Membership Parameters | https://ahmedtamer0.medium.com/improper-authorization-via-mass-assignment-of-membership-parameters-7245925b09f5?source=rss------bug_bounty-5 | Ahmed Tamer | bug-hunting, api, mass-assignment, writeup, bug-bounty | 03-Sep-2024 |
How Bypassed KonyLab Code Protection | https://medium.com/@xmosb7/how-bypassed-konylab-code-protection-cac53da01ad1?source=rss------bug_bounty-5 | Mahmoud Mosbah | mobilesec, infosec, cybersecurity, cyberattack, bug-bounty | 03-Sep-2024 |
Subdomain Enumeration part 1 (Manual & Automation) | https://mrunknown124154.medium.com/subdomain-enumeration-part-1-manual-automation-45108388bdb2?source=rss------bug_bounty-5 | Mr Abdullah | subdomains-enumeration, hacking, bug-bounty, web-hacking, web-penetration-testing | 03-Sep-2024 |
API VULNERABILITIES | https://medium.com/@adithyakrishnav001/api-vulnerabilities-9b68a0bd87a8?source=rss------bug_bounty-5 | Adithyakrishna V | cybersecurity, hacking, aad1, api-security, bug-bounty | 03-Sep-2024 |
HTTP Request Smuggling: The Hidden Web Threat You Need to Know About | https://cyberw1ng.medium.com/http-request-smuggling-the-hidden-web-threat-you-need-to-know-about-71ff45c7f94a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | technology, cybersecurity, bug-bounty, hacking, careers | 03-Sep-2024 |
My First Bounty: How I Exploited a CORS Misconfiguration | https://anas0x1.medium.com/my-first-bounty-how-i-exploited-a-cors-misconfiguration-bc1f9137b272?source=rss------bug_bounty-5 | Anas Ibrahim | cors, bug-bounty, bug-hunting, hackerone, cybersecurity | 03-Sep-2024 |
How I Discovered a Hidden XSS and What I Learned | https://medium.com/@issam.qsous/how-i-discovered-a-hidden-xss-and-what-i-learned-9a34995ebbd2?source=rss------bug_bounty-5 | Essam Qsous | web-development, hacking, penetration-testing, security, bug-bounty | 03-Sep-2024 |
The Accidental Discovery | https://medium.com/@Kinqdathacker/the-accidental-discovery-8ed6f9622b0c?source=rss------bug_bounty-5 | Kinqdathacker | cybersecurity, hacking, technology, web-hacking, bug-bounty | 02-Sep-2024 |
Day 23 of 30 Days — 30 Vulnerabilities | JSON Web Token (JWT) Attacks | https://medium.com/@kumawatabhijeet2002/day-23-of-30-days-30-vulnerabilities-json-web-token-jwt-attacks-e77c719fe22d?source=rss------bug_bounty-5 | Abhijeet kumawat | web, bug-bounty, bug-bounty-tips, 30dayswritingchallenge | 02-Sep-2024 |
Advanced Web Application Security Checklist | https://securitycipher.medium.com/advanced-web-application-security-checklist-6f7ed5917c72?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | cybersecurity, bug-bounty-tips, bug-bounty, technology, security | 02-Sep-2024 |
How I Hacked into Yamaha using CVE 2017-5487 | https://medium.com/@josuofficial327/how-i-found-an-easy-cve-in-yamaha-964366a34b59?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | cybersecurity, bug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-tips | 02-Sep-2024 |
[Specially Customized] TECNO Security 3rd Anniversary Bug Hunting Competition! | https://medium.com/@security.tecno/specially-customized-tecno-security-3rd-anniversary-bug-hunting-competition-8a4e6501e91e?source=rss------bug_bounty-5 | TECNO Security | bug-bounty, bounty-program, hacking, hunting | 02-Sep-2024 |
Hunting JavaScript Files for Bug Hunters | https://bevijaygupta.medium.com/hunting-javascript-files-for-bug-hunters-7355df2215ec?source=rss------bug_bounty-5 | Vijay Gupta | hunting, javascript, bugs, bug-bounty, bug-hunting | 02-Sep-2024 |
A Story About How i Found CVE-2020–27838 in TVH responsible disclosure | https://medium.com/@karthithehacker/a-story-about-how-i-found-cve-2020-27838-in-tvh-responsible-disclosure-16946f8f8faf?source=rss------bug_bounty-5 | Karthikeyan.V | bug-bounty, cybersecurity, infosec, web-security | 02-Sep-2024 |
Advanced Web Application Security Checklist | https://infosecwriteups.com/advanced-web-application-security-checklist-6f7ed5917c72?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | cybersecurity, bug-bounty-tips, bug-bounty, technology, security | 02-Sep-2024 |
Business logic / Failed defense Vulnerability in bug bounty | https://itsravikiran25.medium.com/business-logic-failed-defense-vulnerability-in-bug-bounty-4ab932a1a200?source=rss------bug_bounty-5 | Ravikiran | bug-bounty-writeup, cybersecurity, penetration-testing, bug-bounty, hacking | 02-Sep-2024 |
A Story About How i Found CVE-2020–27838 in TVH responsible disclosure | https://infosecwriteups.com/a-story-about-how-i-found-cve-2020-27838-in-tvh-responsible-disclosure-16946f8f8faf?source=rss------bug_bounty-5 | Karthikeyan.V | bug-bounty, cybersecurity, infosec, web-security | 02-Sep-2024 |
HTML Form Injection Vulnerability in Gmail | https://medium.com/@h4x0r_dz/html-form-injection-vulnerability-in-gmail-152a01f6d423?source=rss------bug_bounty-5 | h4x0r_dz | google, web, bug-bounty, vulnerability, security | 02-Sep-2024 |
Easy 500$ Bounty with Host Header Injection By Ramthulla | https://skramthu.medium.com/easy-500-bounty-with-host-header-injection-by-ramthulla-bb556ebd4c46?source=rss------bug_bounty-5 | Ram | infosec-write-ups, bounty-program, hackerone, bug-bounty, bugbounty-writeup | 02-Sep-2024 |
Pentesting vs Bug Bounty: Apa Perbedaannya dan Bagaimana Tahapannya? | https://medium.com/@adriansyah1230/pentesting-vs-bug-bounty-apa-perbedaannya-dan-bagaimana-tahapannya-182cc05a2721?source=rss------bug_bounty-5 | Adrian Syah Abidin | hacking, bug-bounty, pentesting, cybersecurity | 02-Sep-2024 |
How to Automate Subdomain Takeover Finding: Low Hang Fruit… | https://dkcyberz.medium.com/how-to-automate-subdomain-takeover-finding-low-hang-fruit-5733f2794df1?source=rss------bug_bounty-5 | Harpy Hunter | bug-bounty-tips, how-to-takeover-s3-bucket, bug-bounty, bug-bounty-writeup, subdomain-takeover | 02-Sep-2024 |
Secure your Instagram Account Today, Or be a victim. | https://mayur-jadhav.medium.com/secure-your-instagram-account-today-or-be-a-victim-9f476937a5e2?source=rss------bug_bounty-5 | Mayur Jadhav | bug-bounty, social-media, hacking, cybersecurity | 02-Sep-2024 |
26.18 Lab: Web cache poisoning via HTTP/2 request tunnelling | https://cyberw1ng.medium.com/26-18-lab-web-cache-poisoning-via-http-2-request-tunnelling-72abd219dc68?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, technology, careers, hacking, bug-bounty | 02-Sep-2024 |
SSRF via DNS Rebinding That Leads to Several Clouds Access (Arabic) | https://medium.com/@Berserker1337/ssrf-via-dns-rebinding-that-leads-to-several-clouds-access-arabic-db9f9a9c530c?source=rss------bug_bounty-5 | Berserker | bug-bounty, infosec | 02-Sep-2024 |
Lessons Learned #1: One line of code can make your application vulnerable (Pre-Auth RCE in Metabase… | https://medium.com/appsec-untangled/lessons-learned-1-one-line-of-code-can-make-your-application-vulnerable-pre-auth-rce-in-metabase-a8579ca0102d?source=rss------bug_bounty-5 | Mohamed AboElKheir | threat-modeling, vulnerability, bug-bounty, application-security, cybersecurity | 02-Sep-2024 |
Insider Secrets to Earning $100 to $250 in Bug Bounties | https://medium.com/@ajaynaikhack/insider-secrets-to-earning-100-to-250-in-bug-bounties-9dd6adb2a304?source=rss------bug_bounty-5 | Ajay Naik | cybersecurity, bug-bounty | 02-Sep-2024 |
The Wild World of Path Traversal: Sneaking Around the Web’s Dark Corners | https://cluelesszay.medium.com/the-wild-world-of-path-traversal-sneaking-around-the-webs-dark-corners-088f5522e371?source=rss------bug_bounty-5 | zaythecluelessdev | path-traversal, web-security, cybersecurity, bug-bounty, ethical-hacking | 01-Sep-2024 |
Race condition to bypass email verify, part #2 | https://siratsami71.medium.com/race-condition-to-bypass-email-verify-part-2-5efca002cf24?source=rss------bug_bounty-5 | Sirat Sami (analyz3r) | bug-bounty-tips, cybersecurity, bugbounty-writeup, bug-bounty | 01-Sep-2024 |
How I found exif metdata leak and earned small bounty | https://medium.com/@deepk007/how-i-found-exif-metdata-leak-and-earned-small-bounty-34c93de2fa2e?source=rss------bug_bounty-5 | DEep | bug-bounty, ethical-hacking, hacking, bug-bounty-tips, cybersecurity | 01-Sep-2024 |
Advanced Techniques for Exploiting SSRF Vulnerabilities | https://bootstrapsecurity.medium.com/advanced-techniques-for-exploiting-ssrf-vulnerabilities-9996cade3a64?source=rss------bug_bounty-5 | BootstrapSecurity | bug-bounty-tips, bug-bounty-hunter, cybersecurity, ethical-hacking, bug-bounty | 01-Sep-2024 |
Port Scanning for Bug Bounties | https://bevijaygupta.medium.com/port-scanning-for-bug-bounties-1b660ea41483?source=rss------bug_bounty-5 | Vijay Gupta | bug-fixes, port-scanning, bugs, bug-bounty, bug-bounty-tips | 01-Sep-2024 |
Subdomain Discovery Tool | https://medium.com/@World-Breaker/subdomain-discovery-tool-7403e38a760f?source=rss------bug_bounty-5 | usu@rioZ3r0 | python, enum, enumeration, subdomain, bug-bounty | 01-Sep-2024 |
OWASP A05 :Security Misconfiguration | https://medium.com/@shivamsharma.ss484/owasp-a05-security-misconfiguration-10518396c757?source=rss------bug_bounty-5 | Shivamsharma | owasp, owasp-top-10, cybersecurity, bug-bounty, oscp | 01-Sep-2024 |
A Story About How I Found XSS in ASUS | https://infosecwriteups.com/a-story-about-how-i-found-xss-in-asus-cb233ce3bb9c?source=rss------bug_bounty-5 | Karthikeyan.V | bugbounty-tips, infosec, bugbounty-writeup, bug-bounty, bugbounty-poc | 01-Sep-2024 |
# 5 Install OWASP Juice Shop on Kali Linux — Guide for Burp Suite | https://securitycipher.medium.com/5-install-owasp-juice-shop-on-kali-linux-guide-for-burp-suite-6b31c1ece398?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | bug-bounty-tips, security, technology, cybersecurity, bug-bounty | 01-Sep-2024 |
How I found My first P1 Bug which ended up ….$? | https://medium.com/@yashsomalkar/how-i-found-my-first-p1-bug-which-ended-up-5e6cffdbb066?source=rss------bug_bounty-5 | Yashsomalkar | bugbounty-writeup, bugbounty-poc, aws, bug-bounty, cybersecurity | 01-Sep-2024 |
How I Got $250 For My Second Bug In HackerOne | https://medium.com/@likithteki76/how-i-got-250-for-my-second-bug-in-hackerone-35c75cbd84bd?source=rss------bug_bounty-5 | Likith Teki | hackerone, bug-bounty, bug-bounty-tips, bug-hunting, bugbounty-writeup | 01-Sep-2024 |
26.18 Lab: Bypassing access controls via HTTP/2 request tunneling | https://cyberw1ng.medium.com/26-18-lab-bypassing-access-controls-via-http-2-request-tunneling-f92ae50661bc?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, penetration-testing, bug-bounty, cybersecurity, careers | 01-Sep-2024 |
How I found My first P1 Bug which ended up ….$? | https://medium.com/@yashsomalkar/how-i-found-my-first-p1-bug-which-ended-up-5e6cffdbb066?source=rss------bug_bounty-5 | Rudrakshacker | bugbounty-writeup, bugbounty-poc, aws, bug-bounty, cybersecurity | 01-Sep-2024 |
How I Got $250 For My Second Bug on HackerOne | https://medium.com/@likithteki76/how-i-got-250-for-my-second-bug-in-hackerone-35c75cbd84bd?source=rss------bug_bounty-5 | Likith Teki | hackerone, bug-bounty, bug-bounty-tips, bug-hunting, bugbounty-writeup | 01-Sep-2024 |
26.17 Lab: Exploiting HTTP request smuggling to perform web cache deception | https://cyberw1ng.medium.com/26-17-lab-exploiting-http-request-smuggling-to-perform-web-cache-deception-69a6e9654b7e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, penetration-testing, careers, bug-bounty, cybersecurity | 31-Aug-2024 |
All You Need to know About Broken Authentication and Session Management | https://medium.com/@ahmed.hilal/all-you-need-to-know-about-broken-authentication-and-session-management-26920f100714?source=rss------bug_bounty-5 | X0_AhMeD_0X | bug-bounty, pentesting, cybersecurity, bugs, vulnerability | 31-Aug-2024 |
DEPENDENCY CONFUSION CAN LEAD TO P5 OR P2 BASED ON LUCK | https://medium.com/@anonymousshetty2003/dependency-confusion-can-lead-to-p5-or-p2-based-on-luck-64a5b94b80c1?source=rss------bug_bounty-5 | Anonymousshetty | hacking, dependency-confusion, cybersecurity, bug-bounty | 31-Aug-2024 |
“Boost Your Productivity: Essential Tips for Organizing Your Work as a Bug Bounty Hunter” | https://medium.com/@mahdisalhi0500/boost-your-productivity-essential-tips-for-organizing-your-work-as-a-bug-bounty-hunter-8de1517dc6a4?source=rss------bug_bounty-5 | Mahdisalhi | bug-bounty, bug-bounty-tips, ethical-hacking, infosec, hacking | 31-Aug-2024 |
HOW I GOT ACCESS TO ACCOUNT BY OTP BYPASS | https://medium.com/@anonymousshetty2003/how-i-got-access-to-account-by-otp-bypass-c49eb0490744?source=rss------bug_bounty-5 | Anonymousshetty | cybersecurity, hacking, bug-bounty, otp-bypass | 31-Aug-2024 |
Bug bounty Hunting 101 | https://medium.com/@sys_br3ach3r/bug-bounty-hunting-101-7d2258a3b21d?source=rss------bug_bounty-5 | sys_br3ach3r | bug-bounty-tips, bug-bounty | 31-Aug-2024 |
OTP bypass through the Response manipulation | https://itsravikiran25.medium.com/otp-bypass-through-the-response-manipulation-4f25ab36f60b?source=rss------bug_bounty-5 | Ravikiran | cybersecurity, bugbounty-writeup, bug-bounty, hacking, otp-bypass | 31-Aug-2024 |
The Discovery of CVE-2024–5947: Authentication Bypass in Deep Sea Electronics DSE855 | https://medium.com/@karthithehacker/the-discovery-of-cve-2024-5947-authentication-bypass-in-deep-sea-electronics-dse855-5fa2e89cbdfb?source=rss------bug_bounty-5 | Karthikeyan.V | bug-bounty, infosec, information-security, bugbounty-tips, bugbounty-writeup | 31-Aug-2024 |
Using Default Credential to Admin Account Takeover | https://ch4ndan.medium.com/using-default-credential-to-admin-account-takeover-04c557e67969?source=rss------bug_bounty-5 | Ch4ndan das | bugs, bug-bounty-tips, hacking, bug-bounty, cybersecurity | 31-Aug-2024 |
How to Take Over a Subdomain Through S3 Bucket Takeover… | https://dkcyberz.medium.com/how-to-take-over-a-subdomain-through-s3-bucket-takeover-a53238499b81?source=rss------bug_bounty-5 | Harpy Hunter | bug-bounty, bug-hunting, hackerone, s3-bucket, subdomain-takeover | 31-Aug-2024 |
How to Get Started in Bug Bounty Hunting: A Comprehensive Beginner’s Guide | https://shubhdhungana.medium.com/how-to-get-started-in-bug-bounty-hunting-a-comprehensive-beginners-guide-4cdaf3dcd910?source=rss------bug_bounty-5 | Subh Dhungana | bug-bounty, cybersecurity, hacking, hackerone, infosec | 31-Aug-2024 |
Most Asked Questions from Cybersecurity Beginners with Answers | https://medium.com/@cham3leon/most-asked-questions-from-cybersecurity-beginners-with-answers-91b7c680e967?source=rss------bug_bounty-5 | cham3leon | faq, cybersecurity, guides-and-tutorials, pentesting, bug-bounty | 31-Aug-2024 |
The Discovery of CVE-2024–5947: Authentication Bypass in Deep Sea Electronics DSE855 | https://infosecwriteups.com/the-discovery-of-cve-2024-5947-authentication-bypass-in-deep-sea-electronics-dse855-5fa2e89cbdfb?source=rss------bug_bounty-5 | Karthikeyan.V | bug-bounty, infosec, information-security, bugbounty-tips, bugbounty-writeup | 31-Aug-2024 |
Bypassing CSP via URL Parser Confusions : XSS on Netlify’s Image CDN | https://sudhanshur705.medium.com/bypassing-csp-via-url-parser-confusions-xss-on-netlifys-image-cdn-755a27065fd9?source=rss------bug_bounty-5 | Sudhanshu Rajbhar | bug-bounty, csp, xss-attack | 31-Aug-2024 |
Parameter tampering result in product price manipulation | https://medium.com/@RaunakGupta1922/parameter-tampering-result-in-product-price-manipulation-356c07a571e5?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | business, cybersecurity, hacking, college, bug-bounty | 31-Aug-2024 |
IIS welcome page to source code review to LFI! | https://medium.com/@omarahmed_13016/iis-welcome-page-to-source-code-review-to-lfi-23ec581049f5?source=rss------bug_bounty-5 | Omar Ahmed | bug-bounty, hackerone, application-security, bug-bounty-tips | 31-Aug-2024 |
How to Get Started in Bug Bounty Hunting: A Comprehensive Beginner’s Guide | https://infosecwriteups.com/how-to-get-started-in-bug-bounty-hunting-a-comprehensive-beginners-guide-4cdaf3dcd910?source=rss------bug_bounty-5 | Subh Dhungana | bug-bounty, cybersecurity, hacking, hackerone, infosec | 31-Aug-2024 |
From Reset to Takeover: The Exploitation Potential of IDOR in Password Recovery Systems | https://medium.com/@tusharpuri6/from-reset-to-takeover-the-exploitation-potential-of-idor-in-password-recovery-systems-5d1b6f53530a?source=rss------bug_bounty-5 | Tusharpuri | bug-bounty, application-security, penetration-testing, offensive-security, authentication | 31-Aug-2024 |
How to find webcams using the Google Dorking. | https://bob218.medium.com/how-to-find-webcams-using-the-google-dorking-4c7b491fa856?source=rss------bug_bounty-5 | bob218 | hacking, bug-bounty, osint, cybersecurity, google-dork | 31-Aug-2024 |
How Attackers Sneak in Hidden Requests and What You Can Do About It | https://cyberw1ng.medium.com/how-attackers-sneak-in-hidden-requests-and-what-you-can-do-about-it-cc085f245b4e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, careers, hacking, penetration-testing | 31-Aug-2024 |
Day 23 of 30 Days — 30 Vulnerabilities | JSON Web Token (JWT) Attacks | https://medium.com/@kumawatabhijeet2002/day-23-of-30-days-30-vulnerabilities-json-web-token-jwt-attacks-d9509595ebd8?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty-tips, bug-bounty, jwt-token, jwt-authentication, 30dayswritingchallenge | 30-Aug-2024 |
New trick to make self xss impactful | https://medium.com/@Rahulkrishnan_R_Panicker/new-trick-to-make-self-xss-impactful-073d52a07d4f?source=rss------bug_bounty-5 | Rahulkrishnan R Panicker | bug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty, xss-attack | 30-Aug-2024 |
How to install dnsReaper and use of dnsReaper | https://medium.com/@sherlock297/how-to-install-dnsreaper-and-use-of-dnsreaper-bc69d66d8c08?source=rss------bug_bounty-5 | Ravindra Dagale | dnsreaper, tools, bug-bounty, how-to, subdomain-takeover | 30-Aug-2024 |
Google Dorks | https://medium.com/@twinkspap/google-dorks-c83abf0918ef?source=rss------bug_bounty-5 | twinks | bug-bounty, google-dork, learning, skills, cybersecurity | 30-Aug-2024 |
Top 100Vulnerabilities: Identifying and Addressing Security Risks | https://medium.com/@0xvan/top-100vulnerabilities-identifying-and-addressing-security-risks-bce861b5fa31?source=rss------bug_bounty-5 | 0xvan | bug-bounty-tips, security, cybersecurity, bug-bounty, web-security | 30-Aug-2024 |
./Fingerprinting Web Technologies | https://gauravdavre.medium.com/fingerprinting-web-technologies-fde6631f9ef7?source=rss------bug_bounty-5 | Gaurav Davre | bug-bounty, cybersecurity, open-source-intelligence, reconnaissance, web-technology | 30-Aug-2024 |
26.16 Lab: Exploiting HTTP request smuggling to perform web cache poisoning | https://cyberw1ng.medium.com/26-16-lab-exploiting-http-request-smuggling-to-perform-web-cache-poisoning-fa35ac4fdf4c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, penetration-testing, bug-bounty, careers, cybersecurity | 30-Aug-2024 |
Unlock Hidden Web Vulnerabilities: Advanced ParamSpider Tactics Every Hacker Must Know! | https://systemweakness.com/unlock-hidden-web-vulnerabilities-advanced-paramspider-tactics-every-hacker-must-know-62487db3e8c8?source=rss------bug_bounty-5 | Khaleel Khan | penetration-testing, bug-bounty, hacking, infosec, cybersecurity | 30-Aug-2024 |
The Easiest Bug For Beginners | https://medium.com/@josuofficial327/the-easiest-bug-for-beginners-491986cbc53c?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | bug-bounty-hunter, cybersecurity, ethical-hacking, hacking, bug-bounty | 30-Aug-2024 |
The Hunt for XXE to LFI: How I Uncovered CVE-2019–9670 in a Bug Bounty Program | https://medium.com/@karthithehacker/the-hunt-for-xxe-to-lfi-how-i-uncovered-cve-2019-9670-in-a-bug-bounty-program-5668e4afa806?source=rss------bug_bounty-5 | Karthikeyan.V | bug-bounty, information-security, infosec, bugbounty-writeup, bug-bounty-tips | 30-Aug-2024 |
When Giving Out Cheap Hotel Deals Go Wrong: | https://medium.com/@ralph.andalis92/when-giving-out-cheap-hotel-deals-go-wrong-bfea34fa3cde?source=rss------bug_bounty-5 | Ralph Andalis | bug-bounty-tips, pentesting, bug-bounty, web-application-security, web-security | 30-Aug-2024 |
My Five Minute Critical Vulnerability Discovery on Hackerone | https://medium.com/@0xvan/my-five-minute-critical-vulnerability-discovery-on-hackerone-067258333c80?source=rss------bug_bounty-5 | 0xvan | bug-bounty-writeup, bug-bounty-tips, ethical-hacking, pentesting, bug-bounty | 30-Aug-2024 |
DVWA Cheat Sheet (Low & Medium) | https://medium.com/@loaysalah276/dvwa-cheat-sheet-low-medium-c7490e76f1b5?source=rss------bug_bounty-5 | Loay Salah | bug-bounty, cybersecurity, penetration-testing, owasp-top-10, dvwa | 30-Aug-2024 |
Understanding Bugcrowd’s Vulnerability Rating Taxonomy (VRT): | https://medium.com/@js8971105/understanding-bugcrowds-vulnerability-rating-taxonomy-vrt-d5bc946443b5?source=rss------bug_bounty-5 | jatin singh | bug-bounty, web-security, hacking, vrt, web | 30-Aug-2024 |
Top 100 Vulnerabilities: Identifying and Addressing Security Risks | https://medium.com/@0xvan/top-100vulnerabilities-identifying-and-addressing-security-risks-bce861b5fa31?source=rss------bug_bounty-5 | 0xvan | bug-bounty-tips, security, cybersecurity, bug-bounty, web-security | 30-Aug-2024 |
Subdomain Analysis for Bug Bounty Hunting: A Comprehensive Guide | https://bughunteralltime.medium.com/subdomain-analysis-for-bug-bounty-hunting-a-comprehensive-guide-920e33a59a91?source=rss------bug_bounty-5 | Bug_Hunter_All_Time | bug-bounty | 30-Aug-2024 |
How to Hunt for Sensitive Directories in Bug Bounty Hunting | https://bughunteralltime.medium.com/how-to-hunt-for-sensitive-directories-in-bug-bounty-hunting-f61a7f61d8fb?source=rss------bug_bounty-5 | Bug_Hunter_All_Time | bug-bounty-tips, bug-bounty, hacking | 30-Aug-2024 |
How to Map Out a Target for Bug Bounty Hunting | https://bughunteralltime.medium.com/how-to-map-out-a-target-for-bug-bounty-hunting-acea0ed59783?source=rss------bug_bounty-5 | Bug_Hunter_All_Time | bug-bounty-tips, bug-bounty, hacking, bugs | 30-Aug-2024 |
How To FindWeb Technology Identification for Effective Bug Bounty Hunting | https://bughunteralltime.medium.com/how-to-findweb-technology-identification-for-effective-bug-bounty-hunting-a0f57c80b67b?source=rss------bug_bounty-5 | Bug_Hunter_All_Time | hacking, bug-bounty-tips, bug-bounty, bug-fixes, web-development | 30-Aug-2024 |
Interview joke 2: Application Security (Prod. | https://medium.com/@kannnannmk/interview-joke-2-application-security-prod-7a0c4c6cdd1a?source=rss------bug_bounty-5 | Neelamegha Kannan S | bug-bounty, application-security, code-review, pentesting, bug-bounty-tips | 30-Aug-2024 |
Easy Subdomain Enumeration Tools & Commands | https://medium.com/@josuofficial327/easy-subdomain-enumeration-tools-commands-5f8a8fe0f3a0?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | cybersecurity, ethical-hacking, bug-bounty-tips, bug-hunting, bug-bounty | 30-Aug-2024 |
Interview joke 1: Application Security (Prod. | https://medium.com/@kannnannmk/application-security-prod-3868c0b8cb64?source=rss------bug_bounty-5 | Neelamegha Kannan S | bug-bounty-tips, interview, bug-bounty, web-security, application-security | 30-Aug-2024 |
OWASP A04:2021 INSECURE DESIGN | https://medium.com/@shivamsharma.ss484/owasp-a04-2021-insecure-design-34ef11e83e6f?source=rss------bug_bounty-5 | Shivamsharma | owasp, owasp-top-10, bug-bounty, hacking, cybersecurity | 30-Aug-2024 |
A Comprehensive AI Security Model for Penetration Testing leverages advanced AI techniques to… | https://medium.com/@ajaynaik_16635/a-comprehensive-ai-security-model-for-penetration-testing-leverages-advanced-ai-techniques-to-9caa4febfc21?source=rss------bug_bounty-5 | Ajay Naik | bug-bounty-tips, bug-bounty, ai-security, ethical-hacking | 30-Aug-2024 |
Bad Effect Of Bug In Domain. | https://medium.com/@nazmulhasan017191/bad-effect-of-bug-in-domain-e0cfd62cb3bc?source=rss------bug_bounty-5 | Nazmul Hasan | technical-analysis, information-security, cybersecurity, bug-hunting, bug-bounty | 30-Aug-2024 |
How to Find Clickjacking Vulnerabilities Using the Command Line in Kali Linux | https://bughunteralltime.medium.com/how-to-find-clickjacking-vulnerabilities-using-the-command-line-in-kali-linux-a07cc64437f3?source=rss------bug_bounty-5 | Bug_Hunter_All_Time | bug-bounty-tips, hacking, bugs, bug-bounty | 30-Aug-2024 |
Understanding Log Stealer and Its Role in Security Testing — Part 1 | https://medium.com/haktrak-cybersecurity-squad/understanding-log-stealer-and-its-role-in-security-testing-part-1-5f2223b47847?source=rss------bug_bounty-5 | YoKo Kho | security-testing, stealer-logs, stealer-malware, broken-access-control, bug-bounty | 30-Aug-2024 |
Understanding Stealer Logs and Its Role in Security Testing — Part 1 | https://medium.com/haktrak-cybersecurity-squad/understanding-log-stealer-and-its-role-in-security-testing-part-1-5f2223b47847?source=rss------bug_bounty-5 | YoKo Kho | stealer-logs, stealer-malware, red-team, broken-access-control, bug-bounty | 30-Aug-2024 |
A Comprehensive AI Security Model for Penetration Testing leverages advanced AI techniques to… | https://medium.com/@ajaynaikhack/a-comprehensive-ai-security-model-for-penetration-testing-leverages-advanced-ai-techniques-to-9caa4febfc21?source=rss------bug_bounty-5 | Ajay Naik | bug-bounty-tips, bug-bounty, ai-security, ethical-hacking | 30-Aug-2024 |
Overview CVE-2024–38063 is a critical zero-click remote code execution (RCE) vulnerability… | https://medium.com/@ajaynaikhack/overview-cve-2024-38063-is-a-critical-zero-click-remote-code-execution-rce-vulnerability-9be862382548?source=rss------bug_bounty-5 | Ajay Naik | hacking, bug-bounty, cve, network-security, windows | 30-Aug-2024 |
Day 22 of 30 Days — 30 Vulnerabilities | Business Logic Flaws | https://medium.com/@kumawatabhijeet2002/day-22-of-30-days-30-vulnerabilities-business-logic-flaws-734c2f4b0575?source=rss------bug_bounty-5 | Abhijeet kumawat | business-logic, bug-bounty-tips, business-logic-flaw, 30dayswritingchallenge, bug-bounty | 29-Aug-2024 |
Part -2: Uncovering a Critical Parameter Tampering Vulnerability on a Major OTT Platform | https://medium.com/@sulmanfarooq531/uncovering-a-critical-parameter-tampering-vulnerability-on-a-major-ott-platform-e3342cd3437c?source=rss------bug_bounty-5 | Sulman Farooq S | cybersecurity, bug-bounty, http-parameter-pollution, ethical-hacking, ott | 29-Aug-2024 |
How Hackers Use Cross-Site Scripting to Break Through Web Application Firewalls! | https://theshaco.com/how-hackers-use-cross-site-scripting-to-break-through-web-application-firewalls-ab101f1778a1?source=rss------bug_bounty-5 | Khaleel Khan | web-development, cybersecurity, infosec, hacking, bug-bounty | 29-Aug-2024 |
Practical Bug Bounty — TCM Academy | Module 8 pt.3 (SSTI, XXE, Insecure File Uploads) | https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-8-pt-3-ssti-xxe-insecure-file-uploads-1ed7056ea0c7?source=rss------bug_bounty-5 | Mohammad Awab Hassan Nizami | bug-bounty, web-penetration-testing, cybersecurity, ethical-hacking, tcm-academy | 29-Aug-2024 |
Part 2 — How I Found Vulnerabilities in NASA and Got into the Hall of Fame — 4 Bugs | Karthikeyan… | https://systemweakness.com/part-2-how-i-found-vulnerabilities-in-nasa-and-got-into-the-hall-of-fame-4-bugs-karthikeyan-79c3ec17a336?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, careers, cybersecurity, hacking, bug-bounty | 29-Aug-2024 |
Disable Any Customer Ability To Create Service Account With Business Logic Vulnerability | https://medium.com/@bilalresearcher/disable-any-customer-ability-to-create-service-account-with-business-logic-vulnerability-05ab37901a4a?source=rss------bug_bounty-5 | Bilal Researcher | hacking, bug-bounty-writeup, cybersecurity, bug-bounty, bugbounty-writeup | 29-Aug-2024 |
Reflected XSS To Account Takeover Without Stealing Session Cookie | https://medium.com/@bilalresearcher/reflected-xss-to-account-takeover-without-stealing-session-cookie-413e522aac40?source=rss------bug_bounty-5 | Bilal Researcher | hacking, bug-bounty-writeup, bug-bounty, bugbounty-writeup, cybersecurity | 29-Aug-2024 |
Detecting Blind Injection Attacks with Discord Webhooks | https://medium.com/@bilalresearcher/detecting-blind-injection-attacks-with-discord-webhooks-9a9d3b566bf1?source=rss------bug_bounty-5 | Bilal Researcher | hacking, cybersecurity, bugbounty-writeup, bug-bounty, bug-bounty-writeup | 29-Aug-2024 |
A Beautiful Bug: Interesting URL scheme bypass + Race Condition | https://medium.com/@bilalresearcher/a-beautiful-bug-interesting-url-scheme-bypass-race-condition-e8ff79361740?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bugbounty-writeup, hacking, cybersecurity, bug-bounty-writeup | 29-Aug-2024 |
Stored XSS to Account Takeover (AWS Cognito) | https://medium.com/@bilalresearcher/stored-xss-to-account-takeover-aws-cognito-bd29d241e5d1?source=rss------bug_bounty-5 | Bilal Researcher | xss-vulnerability, bug-bounty-tips, bugbounty-writeup, cybersecurity, bug-bounty | 29-Aug-2024 |
My Journey to the United Nations Hall of Fame: A Story of Lucky Me | https://medium.com/@siddharth_1/my-journey-to-the-united-nations-hall-of-fame-a-story-of-lucky-me-d489d93bd363?source=rss------bug_bounty-5 | Siddharth | cybersecurity, united-nations, vulnerability, bug-bounty, bug-bounty-writeup | 29-Aug-2024 |
XSS Web Application Firewall Bypass Techniques | https://medium.com/@bilalresearcher/xss-web-application-firewall-bypass-techniques-e10476b5fa72?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bug-bounty-writeup, hacking, bugbounty-writeup, cybersecurity | 29-Aug-2024 |
OAuth CSRF: Exploiting the Authorization Code Flow for Account Takeover | https://medium.com/@bilalresearcher/oauth-csrf-exploiting-the-authorization-code-flow-for-account-takeover-b1e3790416b7?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bugbounty-writeup, cybersecurity, hacking, bug-bounty-writeup | 29-Aug-2024 |
Two Factor Authentication Bypass via using Victim’s DeviceID | https://medium.com/@bilalresearcher/two-factor-authentication-bypass-via-using-victims-deviceid-1fc10bfe95c9?source=rss------bug_bounty-5 | Bilal Researcher | hacking, bugbounty-writeup, bug-bounty-writeup, bug-bounty, cybersecurity | 29-Aug-2024 |
Bypassed an Admin Panel Using SQL Payloads | https://medium.com/@bilalresearcher/bypassed-an-admin-panel-using-sql-payloads-572574b41d1c?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, hacking, cybersecurity, bug-bounty-writeup, bugbounty-writeup | 29-Aug-2024 |
Hunting JavaScript File for Bug Hunters | https://medium.com/@bilalresearcher/hunting-javascript-file-for-bug-hunters-ae4af0479a9c?source=rss------bug_bounty-5 | Bilal Researcher | cybersecurity, bugbounty-writeup, hacking, bug-bounty, bug-bounty-writeup | 29-Aug-2024 |
Common 403 Bypasses Part 2 | https://medium.com/@bilalresearcher/common-403-bypasses-part-2-80fd094a86fe?source=rss------bug_bounty-5 | Bilal Researcher | bugbounty-writeup, hacking, bug-bounty, cybersecurity, bug-bounty-writeup | 29-Aug-2024 |
Common 403 Bypasses Part 1 | https://medium.com/@bilalresearcher/common-403-bypasses-part-1-a693a8413108?source=rss------bug_bounty-5 | Bilal Researcher | cybersecurity, bugbounty-writeup, bug-bounty-writeup, bug-bounty, hacking | 29-Aug-2024 |
Advanced SQLMap Customization | https://medium.com/@bilalresearcher/advanced-sqlmap-customization-34d04b6c0984?source=rss------bug_bounty-5 | Bilal Researcher | cybersecurity, hacking, bug-bounty, bug-bounty-writeup, bugbounty-writeup | 29-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-91) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-91-bcac49fd0f29?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, cybersecurity, money, bug-bounty, hacking | 28-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-90) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-90-0f7e5ae09f8c?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, cybersecurity, hacking, ethical-hacking, money | 28-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-89) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-89-f7771af9355f?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | money, bug-bounty, hacking, cybersecurity, ethical-hacking | 28-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-88) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-88-5fba54f61fd0?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, money, hacking, cybersecurity, ethical-hacking | 28-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-87) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-87-d78ff97837fd?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | money, hacking, cybersecurity, ethical-hacking, bug-bounty | 28-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-86) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-86-dfcf154a34d3?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, cybersecurity, money, bug-bounty, ethical-hacking | 28-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-85) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-85-46305e104b6f?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, ethical-hacking, cybersecurity, bug-bounty, money | 28-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-84) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-84-d3a454db9673?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, ethical-hacking, money, cybersecurity, hacking | 28-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-83) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-83-45728838a32c?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, hacking, bug-bounty, cybersecurity, money | 28-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-82) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-82-8c89ec5c5ef7?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | money, bug-bounty, hacking, cybersecurity, ethical-hacking | 28-Aug-2024 |
Day 21 of 30 Days — 30 Vulnerabilities | OAuth Misconfigurations | https://medium.com/@kumawatabhijeet2002/day-21-of-30-days-30-vulnerabilities-oauth-misconfigurations-693c16cf5476?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, web-security-testing, bug-bounty-tips, 30dayswritingchallenge, oauth | 28-Aug-2024 |
How to Scan a Range of IP Addresses with Nmap | https://medium.com/@sherlock297/how-to-scan-a-range-of-ip-addresses-with-nmap-d802dc168846?source=rss------bug_bounty-5 | Ravindra Dagale | tools, nmap, information-technology, bug-bounty, security | 28-Aug-2024 |
The Secret to Finding Anyone’s Digital Footprint: Master OSINT in 7 Easy Steps! | https://medium.com/@paritoshblogs/the-secret-to-finding-anyones-digital-footprint-master-osint-in-7-easy-steps-bd278a058c73?source=rss------bug_bounty-5 | Paritosh | information-technology, cybersecurity, osint, hacking, bug-bounty | 28-Aug-2024 |
Exploiting Second-Order IDOR Vulnerabilities | https://medium.com/@bountyget/exploiting-second-order-idor-vulnerabilities-6d2554eb1319?source=rss------bug_bounty-5 | Dhiren Kumar Pradhan | bug-bounty, infosec, information-security, bug-bounty-tips, bug-bounty-writeup | 28-Aug-2024 |
Exploiting IDORs in APIs That Use Static Keywords | https://medium.com/@bountyget/exploiting-idors-in-apis-that-use-static-keywords-f94b7797634a?source=rss------bug_bounty-5 | Dhiren Kumar Pradhan | information-security, bug-bounty-writeup, bug-bounty-tips, infosec, bug-bounty | 28-Aug-2024 |
IDOR : Deleting Comments Like a Boss! | https://medium.com/@tanyago/idor-deleting-comments-like-a-boss-0413a375024f?source=rss------bug_bounty-5 | Tanya Goyal | bug-bounty, bug-bounty-tips, bug-bounty-writeup, idor, bug-hunting | 28-Aug-2024 |
25.7 Lab: Password reset poisoning via dangling markup | https://cyberw1ng.medium.com/25-7-lab-password-reset-poisoning-via-dangling-markup-cee4cc5a20f3?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, cybersecurity, hacking, penetration-testing | 28-Aug-2024 |
The Ultimate List of Browser Extensions for Bug Bounty Hunters | https://medium.com/@k4r7hx/the-ultimate-list-of-browser-extensions-for-bug-bounty-hunters-5e349437e063?source=rss------bug_bounty-5 | Karthikeyan | extension, ethical-hacking, bug-bounty, penetration-testing, web | 28-Aug-2024 |
How important Cookies can be? | https://medium.com/@alireza.razaghzadegan1999/how-important-cookies-can-be-86c7a3fdd790?source=rss------bug_bounty-5 | Alireza Razaghzadegan | technology, website, bug-bounty, security | 28-Aug-2024 |
Blind Command Injection Leads to Nothing!! | https://medium.com/@kush.kira/blind-command-injection-leads-to-nothing-ea56f6662a58?source=rss------bug_bounty-5 | Kira | os-command-injection, command-injection, ssrf, bug-bounty, hacking | 28-Aug-2024 |
OTP Bypassing with Response Manipulation | https://medium.com/@sahilkushwaha275/otp-bypassing-with-response-manipulation-238498b02737?source=rss------bug_bounty-5 | S33NU | bug-hunting, cybersecurity, hacking, pentesting, bug-bounty | 28-Aug-2024 |
Dramatic Surge in Password-Stealing Attacks Targeting Amazon, Facebook, and Google Users | https://medium.com/@realahmedmoses/dramatic-surge-in-password-stealing-attacks-targeting-amazon-facebook-and-google-users-011f6bd3315a?source=rss------bug_bounty-5 | Moses Ahmed | technology, coding, bug-bounty, cybersecurity, programming | 28-Aug-2024 |
How To Get Stored Xss & RCE Using Bypass Signature & Extension Via File Upload |_| | https://medium.com/@bilalresearcher/how-to-get-stored-xss-rce-using-bypass-signature-extension-via-file-upload-9b3e8d9348cd?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-writeup, bugbounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips | 27-Aug-2024 |
Find Blind XSS like a pro. | https://medium.com/@bilalresearcher/find-blind-xss-like-a-pro-ddc9ef8d5e89?source=rss------bug_bounty-5 | Bilal Researcher | bugbounty-writeup, bug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips | 27-Aug-2024 |
The only recon methodology you need to know. | https://medium.com/@bilalresearcher/the-only-recon-methodology-you-need-to-know-9feb257ca4a2?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, idor, bug-bounty-writeup, cybersecurity, bugbounty-writeup | 27-Aug-2024 |
Advanced Web Cache Poisoning Techniques (Part 2): Tools, Methods, and Exploits | https://medium.com/@bilalresearcher/advanced-web-cache-poisoning-techniques-part-2-tools-methods-and-exploits-b379aeb7ab36?source=rss------bug_bounty-5 | Bilal Researcher | idor, hacking, bug-bounty-writeup, bug-bounty, bugbounty-writeup | 27-Aug-2024 |
Unraveling Web Cache Poisoning: A Deep Dive (Part 1) | https://medium.com/@bilalresearcher/unraveling-web-cache-poisoning-a-deep-dive-part-1-49fa00e81d1a?source=rss------bug_bounty-5 | Bilal Researcher | bugbounty-writeup, cybersecurity, idor, bug-bounty, bug-bounty-writeup | 27-Aug-2024 |
Finding IDOR Vulnerabilities: Key Endpoints and Resources | https://medium.com/@bilalresearcher/finding-idor-vulnerabilities-key-endpoints-and-resources-e4c2457aa231?source=rss------bug_bounty-5 | Bilal Researcher | idor, bug-bounty-writeup, bugbounty-writeup, bug-bounty, hacking | 27-Aug-2024 |
How I was able to discover ATO Via IDOR vulnerability | https://medium.com/@bilalresearcher/how-i-was-able-to-discover-ato-via-idor-vulnerability-c31d074a62e8?source=rss------bug_bounty-5 | Bilal Researcher | cybersecurity, hacking, bug-bounty, bug-bounty-writeup, bugbounty-writeup | 27-Aug-2024 |
SAML Authentication Bypass Leading to Admin Panel Access | https://medium.com/@bilalresearcher/saml-authentication-bypass-leading-to-admin-panel-access-751380db249e?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bugbounty-writeup, cybersecurity, bug-bounty-writeup, hacking | 27-Aug-2024 |
Critical Security Vulnerability Discovered on Reserve Bank of India’s Website: A Wake-Up Call… | https://medium.com/@psychomong/critical-security-vulnerability-discovered-on-reserve-bank-of-indias-website-a-wake-up-call-06fd08db0559?source=rss------bug_bounty-5 | psychomong | bugs, hacker, bug-bounty, no-rate-limit, hacking | 27-Aug-2024 |
Day 20 0f 30 Days — 30 Vulnerabilities | Host Header Injection | https://medium.com/@kumawatabhijeet2002/day-20-0f-30-days-30-vulnerabilities-host-header-injection-9bc006b4734c?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty-writeup, bug-bounty, host-header-injection, bug-bounty-tips, hostattack | 27-Aug-2024 |
Day 19 of 30 Days — 30 Vulnerabilities | Rate Limiting Bypass | https://medium.com/@kumawatabhijeet2002/day-19-of-30-days-30-vulnerabilities-rate-limiting-bypass-896c8e2bdfc1?source=rss------bug_bounty-5 | Abhijeet kumawat | 30dayswritingchallenge, bug-bounty-tips, bug-bounty, rate-limit-bypass | 27-Aug-2024 |
24.13 Lab: Internal cache poisoning | https://cyberw1ng.medium.com/24-13-lab-internal-cache-poisoning-2c328e4d4a6d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, careers, hacking, penetration-testing | 27-Aug-2024 |
Practical Bug Bounty — TCM Academy | Module 8 pt. 2 (XSS, CMDI) | https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-8-pt-2-xss-cmdi-b8728aa5261d?source=rss------bug_bounty-5 | Mohammad Awab Hassan Nizami | bug-bounty, xss-attack, web-penetration-testing, ethical-hacking, cybersecutiy | 27-Aug-2024 |
$15k RCE Through Monitoring Debug Mode | https://medium.com/@0xold/15k-rce-through-monitoring-debug-mode-4f474d8549d5?source=rss------bug_bounty-5 | 0xold | local-file-inclusion, pentesting, hacking, bug-bounty, rce | 27-Aug-2024 |
Exploiting IDORs via JSON Globbing | https://medium.com/@bountyget/exploiting-idors-via-json-globbing-e4c6e2c0535c?source=rss------bug_bounty-5 | Dhiren Kumar Pradhan | penetration-testing, idor, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 27-Aug-2024 |
How i get OTP bypass leads to ATO | https://kiraadx.medium.com/how-i-get-otp-bypass-leads-to-ato-a7645ade3a90?source=rss------bug_bounty-5 | KiRaaDx | bug-bounty-tips, bug-bounty, bug-bounty-writeup | 27-Aug-2024 |
Discovering Two Out-of-Scope Blind/Stored XSS Vulnerabilities in an Admin Panel on a Public Bug… | https://medium.com/@octayus/discovering-two-out-of-scope-blind-stored-xss-vulnerabilities-in-an-admin-panel-on-a-public-bug-c0262fa35238?source=rss------bug_bounty-5 | OctaYus | bug-bounty, python, xss-attack, penetration-testing, cybersecurity | 27-Aug-2024 |
CSRF Bypass Using Domain Confusion Leads To ATO | https://infosecwriteups.com/csrf-bypass-using-domain-confusion-leads-to-ato-ac682dd17722?source=rss------bug_bounty-5 | Osama Aly | bug-bounty, cybersecurity, hackerone | 27-Aug-2024 |
How did I manage to get my first p2 vulnerability using only ffuf | https://medium.com/@loayahmed686/how-did-i-manage-to-get-my-first-p2-vulnerability-using-only-ffuf-a8a70d965d33?source=rss------bug_bounty-5 | r00t | bug-bounty, cybersecurity | 27-Aug-2024 |
Fundora on Testnet Bounty Hunt: Spotting Bugs and Reaping Rewards | https://gingerjoygames.medium.com/fundora-on-testnet-bounty-hunt-spotting-bugs-and-reaping-rewards-7529ec61b1cc?source=rss------bug_bounty-5 | Ginger Joy Games | games, testnet, mobile-games, web3, bug-bounty | 27-Aug-2024 |
Monitoring Gitlab Snippets for secrets with TruffleHog | https://medium.com/@learntheshell/monitoring-gitlab-snippets-for-secrets-with-trufflehog-5c77281ff5b7?source=rss------bug_bounty-5 | LearnTheShell | trufflehog, bug-bounty, git, bug-bounty-tips, gitlab | 27-Aug-2024 |
How I Got Sensitive Directory Using Shodan | https://ch4ndan.medium.com/how-i-got-sensitive-directory-using-shodan-10e5b91cda86?source=rss------bug_bounty-5 | Ch4ndan das | bug-bounty, cybersecurity, bug-bounty-tips, bugs, information-disclosure | 27-Aug-2024 |
Unveiling the Secrets of Malware Traffic: Analyzing Malware Infected pcap with Wireshark | https://medium.com/@dsksatheesh35/unveiling-the-secrets-of-malware-traffic-analyzing-malware-infected-pcap-with-wireshark-5989a9b013fd?source=rss------bug_bounty-5 | D Satheesh Kumar | malware-analysis, bug-bounty, cybersecurity, wireshark, network-security | 27-Aug-2024 |
HTML Injection in email via fname field | https://medium.com/@hossam_hamada/html-injection-in-email-via-fname-field-564c3657e8ad?source=rss------bug_bounty-5 | Hossam Hamada | penetration-testing, bug-bounty, hackerone, bugcrowd, html-injection | 27-Aug-2024 |
How I Took Over Two Subdomains: A Step-by-Step Guide | https://medium.com/@0xSphinx/how-i-took-over-two-subdomains-a-step-by-step-guide-df5d9eecbb2e?source=rss------bug_bounty-5 | 0xSphinx | cybersecurity, security, aws, hacking, bug-bounty | 27-Aug-2024 |
Day 17 of 30 Days — 30 Vulnerabilities | Path/Directory Traversal | https://medium.com/@kumawatabhijeet2002/day-17-of-30-days-30-vulnerabilities-path-directory-traversal-008e92c07f23?source=rss------bug_bounty-5 | Abhijeet kumawat | 30dayswritingchallenge, bug-bounty-tips, path-traversal, bug-bounty | 26-Aug-2024 |
Thief Raccoon — Login Phishing Tool | https://medium.com/@bountyget/thief-raccoon-login-phishing-tool-59c574687aae?source=rss------bug_bounty-5 | Bountyget | python3, infosec, info-sec-writeups, bug-bounty, penetration-testing | 26-Aug-2024 |
From Developer to Hacker — Entering the Red team | https://medium.com/@jonathanmondaut/from-developer-to-hacker-entering-the-red-team-8b50989b9464?source=rss------bug_bounty-5 | Jonathan Mondaut | bug-bounty, youtube, networking, twitter, cybersecurity | 26-Aug-2024 |
New Malware Uses PHP Exploit to Backdoor Windows Systems - Stay Informed! | https://medium.com/@realahmedmoses/new-malware-uses-php-exploit-to-backdoor-windows-systems-stay-informed-8df12e89391a?source=rss------bug_bounty-5 | Moses Ahmed | technology, bug-bounty, data-science, cybersecurity, programming | 26-Aug-2024 |
Password Reset Glitch Leads to Instant Account Takeover | https://bevijaygupta.medium.com/password-reset-glitch-leads-to-instant-account-takeover-a4e67b667eaf?source=rss------bug_bounty-5 | Vijay Gupta | vulnerability, reset, bug-bounty, passwords, glitch | 26-Aug-2024 |
DNS enumeration methodology and techniques | https://systemweakness.com/dns-enumeration-methodology-and-techniques-1945fa4164fd?source=rss------bug_bounty-5 | Harsh Hatej | kali-linux, cybersecurity, linux, subdomains-enumeration, bug-bounty | 26-Aug-2024 |
Account Take Over | P1 — Critical | https://irsyadsec.medium.com/account-take-over-p1-critical-5468ce8218b9?source=rss------bug_bounty-5 | Irsyad Muhammad Fawwaz | writeup, bugcrowd, bug-bounty, cybersecurity, bug-bounty-tips | 26-Aug-2024 |
Understanding Robots.txt: The Key to Managing Web Crawlers | https://medium.com/@kanishk.k1410/understanding-robots-txt-the-key-to-managing-web-crawlers-04eda892ec92?source=rss------bug_bounty-5 | Kanishk Kumar | information-technology, investigation, cybersecurity, osint, bug-bounty | 26-Aug-2024 |
Hacking My College panel using University Website Like a Pro | https://medium.com/@RaunakGupta1922/hacking-my-college-panel-using-university-website-like-a-pro-9dd075133dce?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | hacking, bugbounty-writeup, college, cybersecurity, bug-bounty | 26-Aug-2024 |
Exposing Hidden Risks: Uncovering Sensitive Data on a Government Website using Google Dorks | https://medium.com/@sulmanfarooq531/exposing-hidden-risks-uncovering-sensitive-data-on-a-government-website-using-google-dorks-51748e4f3695?source=rss------bug_bounty-5 | Sulman Farooq S | cybersecurity, government, google-dork, google, bug-bounty | 26-Aug-2024 |
“Like” Bypass on Customer Reviews — €500 bounty | https://medium.com/@asharm.khan7/like-bypass-on-customer-reviews-500-bounty-b8d45a98c096?source=rss------bug_bounty-5 | Ashar Mahmood | hacking-for-defense, ethical-hacking, bug-bounty, bug-bounty-tips, hacking | 26-Aug-2024 |
Best Attack Surface Visualization Tools | https://netlas.medium.com/best-attack-surface-visualization-tools-8034e681807d?source=rss------bug_bounty-5 | Netlas.io | bug-bounty, penetration-testing, attack-surface, cybersecurity, attack-surface-management | 26-Aug-2024 |
Meet Dobby: Your New Bug Bounty Assistant | https://medium.com/@h3llbl4ckk/meet-dobby-your-new-bug-bounty-assistant-f5bebfeb7607?source=rss------bug_bounty-5 | Mehmet Kaya | cybersecurity, github, open-source, hacking, bug-bounty | 26-Aug-2024 |
Account Takeover (Same OTP) | https://medium.com/@raxomara/account-takeover-same-otp-81bfba35d9b3?source=rss------bug_bounty-5 | Raxomara | account-takeover, bug-bounty-tips, cybersecurity, bug-bounty, race-condition | 26-Aug-2024 |
WebSec — CSRF/XSRF (Cross-Site Request Forgery) | https://medium.com/@meryemddalgali/websec-csrf-xsrf-cross-site-request-forgery-6c048c6323d1?source=rss------bug_bounty-5 | Meryem Dalgalı | bug-bounty, web-security, xsrf, csrf-attack, vulnerability | 26-Aug-2024 |
24.12 Lab: Cache key injection vulnerabilities | https://cyberw1ng.medium.com/24-12-lab-cache-key-injection-vulnerabilities-22429a13eebf?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, careers, cybersecurity, penetration-testing | 26-Aug-2024 |
Day 18 of 30 Days — 30 Vulnerabilities | Insecure Deserialization | https://medium.com/@kumawatabhijeet2002/day-18-of-30-days-30-vulnerabilities-insecure-deserialization-29656c0d212a?source=rss------bug_bounty-5 | Abhijeet kumawat | serialization, insecure-design, 30dayswritingchallenge, bug-bounty-tips, bug-bounty | 26-Aug-2024 |
How I was able to give verification badge to any YouTube channel and bypass needed requirements | https://xtt0k.medium.com/how-i-was-able-to-give-verification-badge-to-any-youtube-channel-and-bypass-needed-requirements-b88855afe4b7?source=rss------bug_bounty-5 | Vojtech Cekal | youtube, bug-bounty, bounty-hunter, bugs, vulnerability | 26-Aug-2024 |
OSINT, ChatGPT, and Password Spraying to Takeover System Administrator Account | https://medium.com/@mmaulanaabdullah/osint-chatgpt-and-password-spraying-to-takeover-system-administrator-account-b0a6295edbbc?source=rss------bug_bounty-5 | M Maulana Abdullah | cybersecurity, infosec, chatgpt, ai, bug-bounty | 26-Aug-2024 |
How I found XSS and open redirect in Kamiapp.com accidentally | https://medium.com/@alimuhammadsecured/how-i-found-xss-and-open-redirect-in-kamiapp-com-accidentally-2ff0d3c2b61b?source=rss------bug_bounty-5 | Alimuhammadsecured | bbp, ctf, bug-bounty, hacking | 26-Aug-2024 |
How do I chain multiple Nuclei templates together in a single scan? | https://medium.com/@sherlock297/how-do-i-chain-multiple-nuclei-templates-together-in-a-single-scan-621a3fb8787f?source=rss------bug_bounty-5 | Ravindra Dagale | linux, bug-bounty, how-to, cybersecurity, tips | 25-Aug-2024 |
How to get your first valid bug by reading disclosed reports | https://anonysm.medium.com/how-to-get-your-first-valid-bug-by-reading-disclosed-reports-2663c9987bf3?source=rss------bug_bounty-5 | Muthu D | cybersecurity, ethical-hacking, bug-bounty, hacking, penetration-testing | 25-Aug-2024 |
Bypass Brute-force IP Block | https://icecream23.medium.com/bypass-brute-force-ip-block-870a4329c3be?source=rss------bug_bounty-5 | Aman Bhuiyan | ethical-hacking, bypassing, ip, bug-bounty | 25-Aug-2024 |
The Evolution of Phishing Attacks: A Growing Cybersecurity Challenge | https://medium.com/@paritoshblogs/the-evolution-of-phishing-attacks-a-growing-cybersecurity-challenge-800b0eeacf00?source=rss------bug_bounty-5 | Paritosh | phishing, hacking, social-media, cybersecurity, bug-bounty | 25-Aug-2024 |
Vulnerable WordPress July 2024 (Ash-e_doogh) | https://medium.com/@onhexgroup/vulnerable-wordpress-july-2024-ash-e-doogh-c7e71d7d94d5?source=rss------bug_bounty-5 | Onhexgroup | wordpress-security, wordpress, bug-bounty, cybersecurity, infosec | 25-Aug-2024 |
Finding origin ip address | https://systemweakness.com/finding-origin-ip-address-672ca2e2967b?source=rss------bug_bounty-5 | loyalonlytoday | bugbounty-writeup, bug-bounty, bug-bounty-tips, hacking, penetration-testing | 25-Aug-2024 |
Explore Koii Network’s DEPIN world with a $10,000 Bug Bounty reward | https://medium.com/coinmonks/explore-koii-networks-depin-world-with-a-10-000-bug-bounty-reward-6a57a5450a44?source=rss------bug_bounty-5 | xeefox | ai, koii, depin, koii-network, bug-bounty | 25-Aug-2024 |
Defensive Strategies and Best Practices to Protect Against Web Cache Poisoning | https://cyberw1ng.medium.com/defensive-strategies-and-best-practices-to-protect-against-web-cache-poisoning-7d9b855658c7?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, bug-bounty, penetration-testing, careers | 25-Aug-2024 |
HOW TO START IN BUG BOUNTY HUNTING | https://medium.com/@gouravrathod8788/how-to-start-in-bug-bounty-hunting-848f5c74807f?source=rss------bug_bounty-5 | Gourav Singh Rajput | cybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty | 25-Aug-2024 |
TOP USEFUL CYBR SECURITY & BUG HUNTING TOOL | https://medium.com/@gouravrathod8788/top-useful-cybr-security-bug-hunting-tool-de9ae281e12f?source=rss------bug_bounty-5 | Gourav Singh Rajput | cybersecurity, hacking-tools, bug-bounty, ethical-hacking, hacking | 25-Aug-2024 |
Solving the Prompt Airlines CTF | https://infosecwriteups.com/solving-the-prompt-airlines-ctf-2235c725050b?source=rss------bug_bounty-5 | hackerdevil | bug-bounty, ctf, ctf-writeup, promptairlines, cybersecurity | 25-Aug-2024 |
Hitting the jackpot with RCE! | https://medium.com/@gokulsspace/hitting-the-jackpot-with-rce-43755cac1415?source=rss------bug_bounty-5 | Gokulsspace | pentesting, cybersecurity, kerala, ethical-hacking, bug-bounty | 25-Aug-2024 |
How I was able to Edit/Read Users Workspaces/Data without any access to it | https://medium.com/@octayus/how-i-was-able-to-edit-read-users-workspaces-data-without-any-access-to-it-aed616dbde8e?source=rss------bug_bounty-5 | OctaYus | information-technology, cybersecurity, infosec, bug-bounty, bounty-program | 25-Aug-2024 |
How I got $24000 Bounty from a Log4j RCE in Apple App Store. | https://medium.com/@meharhuzaifa777/exploiting-log4j-rce-in-apple-app-store-ca99a549de1f?source=rss------bug_bounty-5 | Meharhuzaifa | cybersecurity, bug-bounty-writeup, ethical-hacking, bug-bounty | 25-Aug-2024 |
Intruder + Frida to Account Takeover | https://medium.com/@bilalresearcher/intruder-frida-to-account-takeover-548d4dd785ef?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bug-bounty-writeup, cybersecurity, bugbounty-writeup, hacking | 25-Aug-2024 |
Using E-Notation to bypass Access Control restrictions to access arbitrary user PII-discussions | https://medium.com/@bilalresearcher/using-e-notation-to-bypass-access-control-restrictions-to-access-arbitrary-user-pii-discussions-d16bbad42394?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-writeup, idor, hacking, cybersecurity, bug-bounty | 25-Aug-2024 |
PwnOS-1 Walkthrough | https://erdemstar.medium.com/pwnos-1-walkthrough-fec01bd0e8d4?source=rss------bug_bounty-5 | Erdemstar | bug-bounty, oscp-preparation, oscp, cybersecurity, security | 25-Aug-2024 |
Kioptrix Level 4 Walkthrough | https://erdemstar.medium.com/kioptrix-level-4-walkthrough-96d46095c789?source=rss------bug_bounty-5 | Erdemstar | oscp-preparation, bug-bounty-tips, oscp, cybersecurity, bug-bounty | 25-Aug-2024 |
LOLbins / LOLBAS Attack ! | https://medium.com/@reemmoslem34/lolbins-lolbas-attack-006aad1ac364?source=rss------bug_bounty-5 | Rem Khalid | bug-bounty, cybersecurity, malware, python, cryptocurrency | 25-Aug-2024 |
What Really Provides Security in the Cloud? | https://medium.com/@paritoshblogs/what-really-provides-security-in-the-cloud-2f0cc83d113a?source=rss------bug_bounty-5 | Paritosh | information-technology, bug-bounty, information-security, cybersecurity, infosec | 24-Aug-2024 |
Practical Bug Bounty — TCM Academy | Module 8 | https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-8-44663b4f87e3?source=rss------bug_bounty-5 | Mohammad Awab Hassan Nizami | sqli, bug-bounty, sql-injection, tcm-academy, web-penetration-testing | 24-Aug-2024 |
Cross-Site Origin Policy (CORS) | https://itsravikiran25.medium.com/cross-site-origin-policy-cors-c82e4b0208f8?source=rss------bug_bounty-5 | Ravikiran | infosec-write-ups, vulnerability-assessment, cybersecurity, bug-bounty, cors | 24-Aug-2024 |
Exploiting Privilege Escalation via Role Parameter Manipulation | https://medium.com/@tusharpuri6/exploiting-privilege-escalation-via-role-parameter-manipulation-5f8df062eb71?source=rss------bug_bounty-5 | Tusharpuri | penetration-testing, offensive-security, privilege-escalation, application-security, bug-bounty | 24-Aug-2024 |
MASS HUNTING TO FIND XSS(CROSS SITE SCRIPTING) | https://systemweakness.com/mass-hunting-to-find-xss-cross-site-scripting-27cc687e58e0?source=rss------bug_bounty-5 | loyalonlytoday | penetration-testing, xss-vulnerability, bugbounty-automation, bug-bounty, bug-bounty-tips | 24-Aug-2024 |
Unleash Your Inner Hacker with Koii’s $10,000 Bug Bounty Challenge | https://medium.com/nest-of-rin/unleash-your-inner-hacker-with-koiis-10-000-bug-bounty-challenge-d37c23969df1?source=rss------bug_bounty-5 | Rin | koii-network, koii, developer, hackathons, bug-bounty | 24-Aug-2024 |
Top 5 Vulnerabilities That Can Earn You Big in Bug Bounties | https://medium.com/@verylazytech/top-5-vulnerabilities-that-can-earn-you-big-in-bug-bounties-4541878d7e19?source=rss------bug_bounty-5 | Very Lazy Tech | ethical-hacking, cybersecurity, hacking, bug-bounty, cyber | 24-Aug-2024 |
What I Learned from Reading 217* Subdomain Takeover Bug Reports | https://bevijaygupta.medium.com/what-i-learned-from-reading-217-subdomain-takeover-bug-reports-5c6caae2b5da?source=rss------bug_bounty-5 | Vijay Gupta | subdomain, bugs, bug-report, subdomain-takeover, bug-bounty | 24-Aug-2024 |
Reset password Checklist | https://medium.com/@hozayfan782/reset-password-checklist-1ebabdd6c0f3?source=rss------bug_bounty-5 | Hozayfa Nasser | bug-bounty, bug-bounty-writeup, bug-bounty-tips, cybersecurity, research | 24-Aug-2024 |
How do I run Nuclei in silent mode to avoid unnecessary output? | https://medium.com/@sherlock297/how-do-i-run-nuclei-in-silent-mode-to-avoid-unnecessary-output-25fbb9d2e26d?source=rss------bug_bounty-5 | Ravindra Dagale | nucleus, information-security, bug-bounty, output, how-to | 24-Aug-2024 |
Unauthorized Deletion of Forms by Low-Level Unlicensed Users: A 500$ Access Control Bug | https://medium.com/@a13h1/unauthorized-deletion-of-forms-by-low-level-unlicensed-users-a-500-access-control-bug-98dc50c8c193?source=rss------bug_bounty-5 | Abhi Sharma | programming, bug-bounty, infosec, cybersecurity, access-control | 24-Aug-2024 |
Essential Resources for Exploiting Web Cache Poisoning: Tools, Techniques, and Learning Materials | https://cyberw1ng.medium.com/essential-resources-for-exploiting-web-cache-poisoning-tools-techniques-and-learning-materials-cbbef5221392?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, penetration-testing, cybersecurity, bug-bounty | 24-Aug-2024 |
Beware of fake bug bounty programs, my real life experience | https://harish45.medium.com/beware-of-fake-bug-bounty-programs-my-real-life-experience-ce009d435ed8?source=rss------bug_bounty-5 | Harish | bug-bounty, cybersecurity-awareness, cybersecurity, ethical-hacking, bug-bounty-tips | 24-Aug-2024 |
Find Bugs From Google Dorks | https://ch44nd.medium.com/find-bugs-from-google-dorks-ec574c01471b?source=rss------bug_bounty-5 | Chandan das | bug-bounty, information-disclosure, bugs, hacking, google-dork | 24-Aug-2024 |
One-click Account Take Over | https://medium.com/@bilalresearcher/one-click-account-take-over-50e4128c990d?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-writeup, hacking, bug-bounty-tips, bugbounty-writeup, bug-bounty | 24-Aug-2024 |
0-click Full Account Takeover | https://medium.com/@bilalresearcher/0-click-full-account-takeover-0ddc951e14ae?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-writeup, bug-bounty, hacking, bug-bounty-tips, bugbounty-writeup | 24-Aug-2024 |
Drupal Website Takeover | Admin Dashboard | https://medium.com/@bilalresearcher/drupal-website-takeover-admin-dashboard-6ae4a34d0689?source=rss------bug_bounty-5 | Bilal Researcher | hacking, bug-bounty-writeup, bug-bounty-tips, bugbounty-writeup, bug-bounty | 24-Aug-2024 |
STRIPE Live Key Exposed:: Bounty: $1000 | https://medium.com/@bilalresearcher/stripe-live-key-exposed-bounty-1000-57018f1d4520?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bug-bounty-writeup, bug-bounty-program, hacking, bug-bounty-tips | 24-Aug-2024 |
[GraphQL IDOR]Leaking credit card information of 1000s of users [External Audit] | https://medium.com/@bilalresearcher/graphql-idor-leaking-credit-card-information-of-1000s-of-users-external-audit-1404256b761f?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-writeup, hacking, bugbounty-writeup, bug-bounty-tips, bug-bounty | 24-Aug-2024 |
Exposing Database Creds via SVN: A $400 Discovery | https://medium.com/@bilalresearcher/exposing-database-creds-via-svn-a-400-discovery-fa7c2de288bf?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking, bugbounty-writeup | 24-Aug-2024 |
SQL Injections for bug bounty | https://medium.com/@boogsta/sql-injections-for-bug-bounty-3a608babd9b1?source=rss------bug_bounty-5 | Boogsta | hacking, bug-bounty, cybersecurity, programming, cyber | 24-Aug-2024 |
Chain of Rate Limit Bypass and Weak Token Expiry Leads To Account Take Over | https://medium.com/@bilalresearcher/chain-of-rate-limit-bypass-and-weak-token-expiry-leads-to-account-take-over-0cf794fef31c?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bug-bounty-writeup, bugbounty-writeup, bug-bounty-tips, hacking | 24-Aug-2024 |
CSRF Bypass Combined with IDOR To Complete Account Takeover! | https://medium.com/@bilalresearcher/csrf-bypass-combined-with-idor-to-complete-account-takeover-588b34b9cf60?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-writeup, bug-bounty-tips, bug-bounty, hacking, bugbounty-writeup | 24-Aug-2024 |
User information disclosure via message reactions | https://medium.com/@bilalresearcher/user-information-disclosure-via-message-reactions-affc72cfd8de?source=rss------bug_bounty-5 | Bilal Researcher | bugbounty-writeup, hacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty | 24-Aug-2024 |
IDOR Lead to Data Leak | https://medium.com/@bilalresearcher/idor-lead-to-data-leak-6943ade0a3d6?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bug-bounty-tips, bugbounty-writeup, bug-bounty-writeup, hacking | 24-Aug-2024 |
XSS & IDOR & CSRF to ATO | https://medium.com/@bilalresearcher/xss-idor-csrf-to-ato-0e898876789d?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-tips, bug-bounty-writeup, hacking, bugbounty-writeup, bug-bounty | 24-Aug-2024 |
How I Turned a Rate-Limit Bypass into an Account Takeover | https://medium.com/@bilalresearcher/how-i-turned-a-rate-limit-bypass-into-an-account-takeover-5a50b0f4dc6a?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-tips, bugbounty-writeup, bug-bounty-writeup, hacking, bug-bounty | 24-Aug-2024 |
$$$ Bypassing SSRF Restrictions on a Google Product: A Journey Through DNS Rebinding | https://medium.com/@bilalresearcher/bypassing-ssrf-restrictions-on-a-google-product-a-journey-through-dns-rebinding-caaf00ebe479?source=rss------bug_bounty-5 | Bilal Researcher | bugbounty-writeup, bug-bounty-writeup, bug-bounty-tips, bug-bounty, hacking | 24-Aug-2024 |
Discovering a Session Persistence Vulnerability That Led to a $$$$ Bounty | https://medium.com/@bilalresearcher/discovering-a-session-persistence-vulnerability-that-led-to-a-bounty-bbf3dd526f01?source=rss------bug_bounty-5 | Bilal Researcher | bugbounty-writeup, bug-bounty-tips, hacking, bug-bounty-writeup, bug-bounty | 24-Aug-2024 |
Bypassing methods that I used to find CSRF vulnerabilities | https://medium.com/@bilalresearcher/bypassing-methods-that-i-used-to-find-csrf-vulnerabilities-0709cc8a3c4d?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-writeup, bugbounty-writeup, bug-bounty, bug-bounty-tips, hacking | 24-Aug-2024 |
Mobile Pentesting: A Walkthrough of the First 10 Challenges on Injured Android App-Part1 | https://medium.com/@mly57003/mobile-pentesting-a-walkthrough-of-the-first-10-challenges-on-injured-android-app-part1-0e85c600494f?source=rss------bug_bounty-5 | mohamed ali | bug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-hunter | 24-Aug-2024 |
Can AI and ML Stop Cyber Attacks? | https://medium.com/@paritoshblogs/can-ai-and-ml-stop-cyber-attacks-291c6425d0e8?source=rss------bug_bounty-5 | Paritosh | ai, cybersecurity, machine-learning, bug-bounty, chatgpt | 23-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-81) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-81-833084004f21?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, ethical-hacking, money, cybersecurity, hacking | 23-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-80) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-80-ae2ad3c7f971?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, ethical-hacking, bug-bounty, hacking, money | 23-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-79) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-79-415c1bd4f7c3?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, hacking, money, ethical-hacking, cybersecurity | 23-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-78) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-78-85e87ffc94f9?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, ethical-hacking, money, cybersecurity, hacking | 23-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-77) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-77-b9b1354812cc?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, bug-bounty, cybersecurity, money, hacking | 23-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-76) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-76-07a4d8f583c0?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, bug-bounty, cybersecurity, skills, hacking | 23-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-75) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-75-8d5930bd46dc?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, skills, hacking, ethical-hacking, bug-bounty | 23-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-74) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-74-778fd4767e52?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, bug-bounty, ethical-hacking, hacking, skills | 23-Aug-2024 |
Elevate Your Cybersecurity Skills with Expert Training and Penetration Testing! | https://imranthe3rd3ye.medium.com/elevate-your-cybersecurity-skills-with-expert-training-and-penetration-testing-b16e8b122642?source=rss------bug_bounty-5 | Md. Imran Chowdhury | learn-hacking, ethical-hacking, penetration-testing, kali-linux, bug-bounty | 23-Aug-2024 |
Monitoring Gists for secrets with Trufflehog | https://medium.com/@learntheshell/monitoring-gists-with-trufflehog-612b7d9dbab5?source=rss------bug_bounty-5 | LearnTheShell | github, git, bug-bounty, trufflehog, bug-bounty-tips | 23-Aug-2024 |
Hidden in Plain Sight: Uncovering RCE on a Forgotten Axis2 Instance | https://medium.com/@domenicoveneziano/hidden-in-plain-sight-uncovering-rce-on-a-forgotten-axis2-instance-86ddc91f1415?source=rss------bug_bounty-5 | Domenico Veneziano | bug-bounty-tips, bug-bounty-writeup, bug-bounty | 23-Aug-2024 |
Finally, SSL Pinning for Flutter Bypassed After Frustration.. | https://wahaz.medium.com/finally-ssl-pinning-for-flutter-bypassed-after-frustration-4573e15ed18e?source=rss------bug_bounty-5 | Rizaldi Wahaz | bug-bounty, cybersecurity, hacking, flutter, penetration-testing | 23-Aug-2024 |
How I Got an Appreciation Letter from NASA for Finding a Simple Bug | https://infosecwriteups.com/how-i-got-an-appreciation-letter-from-nasa-for-finding-a-simple-bug-8812852d0337?source=rss------bug_bounty-5 | Om Arora | bug-bounty, programming, technology, cybersecurity, infosec | 23-Aug-2024 |
Web Cache Poisoning: Understanding the Threat and How to Protect Your Website | https://cyberw1ng.medium.com/web-cache-poisoning-understanding-the-threat-and-how-to-protect-your-website-82ebaba2f0e8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, cybersecurity, hacking, careers, bug-bounty | 23-Aug-2024 |
Day 16 of 30 Days — 30 Vulnerabilities | Subdomain Takeover | https://medium.com/@kumawatabhijeet2002/day-16-of-30-days-30-vulnerabilities-subdomain-takeover-01088ad1d525?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty-tips, subdomain-takeover, bug-bounty, 30dayswritingchallenge | 23-Aug-2024 |
how i got into the server of our university. | https://medium.com/@mesterx54/how-i-got-into-the-server-of-our-university-aae2782bcc64?source=rss------bug_bounty-5 | Abdeladime Mk (mesterx54) | bug-bounty, rce, bug-bounty-tips, sqli, pentesting | 23-Aug-2024 |
Stealing Admin Cookies: An XSS Challenge from TCM Security’s Practical Bug Bounty Course | https://medium.com/@trixiahorner/stealing-admin-cookies-an-xss-challenge-from-tcm-securitys-practical-bug-bounty-course-b08a990cca84?source=rss------bug_bounty-5 | Trixia Horner | penetration-testing, ethical-hacking, hacking, cybersecurity, bug-bounty | 23-Aug-2024 |
Boost Subdomain Discovery with Subfinder and API Integrations | https://saurabh-jain.medium.com/integrating-shodan-and-censys-api-keys-into-subfinder-c28452af2efb?source=rss------bug_bounty-5 | Saurabh Jain | bug-bounty-writeup, bug-bounty, subdomains-enumeration, subfinder, hacking | 23-Aug-2024 |
Response Manipulation FTW: Understanding and Exploiting Response Manipulation | https://medium.com/@security.tecno/response-manipulation-ftw-understanding-and-exploiting-response-manipulation-6ad2d81f2eb4?source=rss------bug_bounty-5 | TECNO Security | security, reserach, hacking, bug-bounty | 22-Aug-2024 |
10 Secrets Ethical Hackers Don’t Want You to Know (But We’re Revealing Them Anyway!) | https://medium.com/@paritoshblogs/10-secrets-ethical-hackers-dont-want-you-to-know-but-we-re-revealing-them-anyway-094ca920c3d8?source=rss------bug_bounty-5 | Paritosh | cybersecurity, bug-bounty, hacking, information-technology, ethical-hacking | 22-Aug-2024 |
CORRUPT SEBI INDIA JEOPARDIZING DIRECTOES FINANCIAL INFO, ZOMATO BUG BOUNTY HACKERONE FRAUD | https://medium.com/@krivadna_87390/corrupt-sebi-india-jeopardizing-directoes-financial-info-zomato-bug-bounty-hackerone-fraud-f27145ccfad8?source=rss------bug_bounty-5 | Krivadna | android, social-media, bug-bounty, cybersecurity, bugbounty-writeup | 22-Aug-2024 |
Grep tips for Javascript Analysis | Bug Bounty | https://0xmaruf.medium.com/grep-tips-for-javascript-analysis-bug-bounty-7dce88266121?source=rss------bug_bounty-5 | Md Maruf Hosan (0xMaruf) | cybersecurity, bug-bounty-tips, bug-bounty | 22-Aug-2024 |
TESLA MOTORS VIN NUMBER LEAK THROUGH IT’S API ENDPOINT, THEY CALL IT NO SECURITY IMPACT.. | https://medium.com/@krivadna_87390/tesla-motors-vin-number-leak-through-its-api-endpoint-they-call-it-no-security-impact-bb30fb5f1314?source=rss------bug_bounty-5 | Krivadna | android, bug-bounty, penetration-testing, bugbounty-writeup, cybersecurity | 22-Aug-2024 |
CORRUPT SEBI INDIA JEOPARDIZING DIRECTOR'S FINANCIAL INFO • PAN NUMBER LEAK ZOMATO BUG BOUNTY… | https://medium.com/@krivadna_87390/corrupt-sebi-india-jeopardizing-directoes-financial-info-zomato-bug-bounty-hackerone-fraud-f27145ccfad8?source=rss------bug_bounty-5 | Krivadna | android, social-media, bug-bounty, cybersecurity, bugbounty-writeup | 22-Aug-2024 |
Exposing Source Code via SVN: A $400 Discovery | https://infosecwriteups.com/exposing-source-code-via-svn-a-400-discovery-9fc54b3f3f31?source=rss------bug_bounty-5 | Vipul Sahu | bug-bounty-tips, bug-bounty, information-security, cybersecurity | 22-Aug-2024 |
安全賞金計劃來了,獎金最高達¥6000! | https://medium.com/@AdsPowerHK/%E5%AE%89%E5%85%A8%E8%B3%9E%E9%87%91%E8%A8%88%E5%8A%83%E4%BE%86%E4%BA%86-%E7%8D%8E%E9%87%91%E6%9C%80%E9%AB%98%E9%81%94-6000-672c3dcf1483?source=rss------bug_bounty-5 | AdsPower 指紋瀏覽器 | adspower, 指纹浏览器, 漏洞, bug-bounty, 指纹浏览器ip | 22-Aug-2024 |
Automating the Hunt for Reflected XSS: Essential One-Liners for Web Security | https://medium.com/@garvsanwariya60/automating-the-hunt-for-reflected-xss-essential-one-liners-for-web-security-025bbd82f95d?source=rss------bug_bounty-5 | Garvsanwariya | xss-attack, cybersecurity, hacking, web-security, bug-bounty | 22-Aug-2024 |
Instagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts Center | https://medium.com/@scriptshuva/instagram-and-meta-2fa-bypass-by-unprotected-backup-code-retrieval-in-accounts-center-c735ff650f10?source=rss------bug_bounty-5 | Shuva Saha | bug-bounty-writeup, bug-bounty, facebook-bug-bounty, 2fa-bypass, meta-bug-bounty | 22-Aug-2024 |
Exposing Database Creds via SVN: A $400 Discovery | https://infosecwriteups.com/exposing-source-code-via-svn-a-400-discovery-9fc54b3f3f31?source=rss------bug_bounty-5 | Vipul Sahu | bug-bounty-tips, bug-bounty, information-security, cybersecurity | 22-Aug-2024 |
How I can easily get four P1 at NASA using Simple Google Dorking. | https://k4tedu.medium.com/how-i-can-easily-get-four-p1-at-nasa-using-simple-google-dorking-d4457bec1971?source=rss------bug_bounty-5 | k4tedu | bug-bounty, dorking, penetration-testing, nasa-vdp, pentest-web | 22-Aug-2024 |
WebSec — SSTI (Server Site Template Injection) | https://medium.com/@meryemddalgali/websec-ssti-server-site-template-injection-1a9603caa51e?source=rss------bug_bounty-5 | Meryem Dalgalı | vulnerability, application-security, bug-bounty, pentest-learnings, web-security | 22-Aug-2024 |
Bypassing methods that I used to find CSRF vulnerabilities | https://anonysm.medium.com/bypassing-methods-that-i-used-to-find-csrf-vulnerabilities-b7dbf88cdb0a?source=rss------bug_bounty-5 | Muthu D | cybersecurity, ethical-hacking, hacking, bug-bounty, penetration-testing | 22-Aug-2024 |
How I Found Vulnerabilities in NASA and Got into the Hall of Fame — 4 Bugs | https://infosecwriteups.com/how-i-found-vulnerabilities-in-nasa-and-got-into-the-hall-of-fame-4-bugs-78e0fc4cc5cc?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hall-of-fame, careers, cybersecurity, bug-bounty, hacking | 22-Aug-2024 |
Easy Bug | Email Spoofing | https://saeidmicro.medium.com/easy-bug-email-spoofing-5d1bfc1a885e?source=rss------bug_bounty-5 | Saeid Khater | bug-bounty | 22-Aug-2024 |
Blind SSRF | https://saeidmicro.medium.com/blind-ssrf-ee5f0e6ed86f?source=rss------bug_bounty-5 | Saeid Khater | bug-bounty | 22-Aug-2024 |
Battle of the Web Security Titans: Burp Suite vs. OWASP ZAP | https://shaifsec.medium.com/battle-of-the-web-security-titans-burp-suite-vs-owasp-zap-e3da58d36203?source=rss------bug_bounty-5 | Shaif Ali | penetration-testing, bug-bounty, web-security, cybersecurity, shaifsec | 22-Aug-2024 |
Advanced Web Cache Poisoning Techniques (Part 2): Tools, Methods, and Exploits | https://medium.com/@dsmodi484/advanced-web-cache-poisoning-techniques-part-2-tools-methods-and-exploits-d35619d4bd75?source=rss------bug_bounty-5 | Dishant Modi | resources, vulnerability, web-cache-poisoning, bug-bounty, methodology | 21-Aug-2024 |
Secrets of Red Teaming: Must-Know Tips and Tricks for Beginners! | https://medium.com/@paritoshblogs/secrets-of-red-teaming-must-know-tips-and-tricks-for-beginners-7a0dbf8eb021?source=rss------bug_bounty-5 | Paritosh | red-teaming, hacking, bug-bounty, pentesting, cybersecurity | 21-Aug-2024 |
Beyond the Login The Path Traversal Attack | https://medium.com/@rajqureshi07/beyond-the-login-the-path-traversal-attack-30c1cfc09b3a?source=rss------bug_bounty-5 | Raj Qureshi | bug-bounty, information-technology, infosec, bug-bounty-tips, information-security | 21-Aug-2024 |
Deploying Rust Smart Contracts | https://medium.com/@bugbountydegen/deploying-rust-smart-contracts-7a22e04c4cd9?source=rss------bug_bounty-5 | bugbountydegen | rust, bug-bounty, smart-contract-security, blockchain | 21-Aug-2024 |
Forging a Path to Account Takeover: Copy Password Reset Link Vulnerability worth $$$$. | https://medium.com/@bilalresearcher/forging-a-path-to-account-takeover-copy-password-reset-link-vulnerability-worth-3135c3df60d6?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking, cybersecurity | 21-Aug-2024 |
[Account Take Over] through reset password token leaked in response, 2500 € Reward | https://medium.com/@bilalresearcher/account-take-over-through-reset-password-token-leaked-in-response-2500-reward-97cc22d0b65d?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bug-bounty-writeup, cybersecur, hacking, bugbounty-writeup | 21-Aug-2024 |
Discovering a $5000 RCE via Dependency Confusion Vulnerability | https://medium.com/@bilalresearcher/discovering-a-5000-rce-via-dependency-confusion-vulnerability-9a1cd88ddb0c?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, cybersecurity, hacking, bug-bounty-tips, bug-bounty-writeup | 21-Aug-2024 |
A Simple 2FA Bypass | https://medium.com/@bilalresearcher/a-simple-2fa-bypass-368a2861c6df?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-writeup, bug-bounty, hacking, bug-bounty-tips, cybersecurity | 21-Aug-2024 |
Account Takeover using IDOR in Password reset Functionality | https://medium.com/@bilalresearcher/account-takeover-using-idor-in-password-reset-functionality-b736a85f4f02?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bugbounty-writeup, cybersecurity, info-sec-writeups, bug-bounty-writeup | 21-Aug-2024 |
How I got my first $13500 bounty through Parameter Polluting (HPP) | https://medium.com/@bilalresearcher/how-i-got-my-first-13500-bounty-through-parameter-polluting-hpp-237bd8cdfeff?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty, cybersecurity | 21-Aug-2024 |
Authorization bypass due to cache misconfiguration | https://rikeshbaniya.medium.com/authorization-bypass-due-to-cache-misconfiguration-fde8b2332d2d?source=rss------bug_bounty-5 | Rikesh Baniya | security-research, bug-bounty-writeup, hackerone, bug-bounty-tips, bug-bounty | 21-Aug-2024 |
The Future of Web Cache Poisoning Defense: Anticipating New Threats and Adopting Next-Generation… | https://cyberw1ng.medium.com/the-future-of-web-cache-poisoning-defense-anticipating-new-threats-and-adopting-next-generation-56a62d115bcd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, penetration-testing, bug-bounty, hacking | 21-Aug-2024 |
Race Condition on Likes of Product Leads to Products can appear more popular | https://medium.com/@omdubey170/race-condition-on-likes-of-product-leads-to-products-can-appear-more-popular-a39038d16203?source=rss------bug_bounty-5 | Omdubey | cache, bug-bounty-tips, security, bug-bounty, race-condition | 21-Aug-2024 |
Authorization bypass due to cache misconfiguration | https://medium.com/@bilalresearcher/authorization-bypass-due-to-cache-misconfiguration-7407aa1c6374?source=rss------bug_bounty-5 | Bilal Researcher | bugbounty-writeup, bug-bounty-writeup, bug-bounty, hacking, cybersecurity | 21-Aug-2024 |
Day 15 of 30 Days — 30 Vulnerabilities | ClickJacking | https://medium.com/@kumawatabhijeet2002/day-15-of-30-days-30-vulnerabilities-clickjacking-33e38c25d528?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, 30-day-challenge, bug-bounty-tips, 30dayswritingchallenge, clickjacking | 20-Aug-2024 |
Information Disclosure : 80+ Emails and LongID Disclosed !! | https://pushkarhax.medium.com/information-disclosure-80-emails-and-longid-disclosed-8952e2c6978b?source=rss------bug_bounty-5 | Pushkar Nandwalkar | bugbounty-tips, offensive-security, bug-bounty, cybersecurity, hacking | 20-Aug-2024 |
Unveiling a Critical Vulnerability: Exposing AWS Credentials in a Penetration Test | https://notifybugme.medium.com/unveiling-a-critical-vulnerability-exposing-aws-credentials-in-a-penetration-test-2f7119a7c816?source=rss------bug_bounty-5 | Santosh Kumar Sha (@killmongar1996) | penetration-testing, bug-bounty, ethical-hacking, security, aws | 20-Aug-2024 |
How a Lazy Bug Bounty Hunter got a place on NASA HOF ( An XSS Story). | https://medium.com/@trffnsec/how-a-lazy-bug-bounty-hunter-got-a-place-on-nasa-hof-an-xss-story-e14fccc326e2?source=rss------bug_bounty-5 | Augustinetriffin | xss-attack, bug-bounty, cybersecurity, hacking, nasa | 20-Aug-2024 |
How a Lazy Bug Bounty Hunter got a place on NASA HOF ( An XSS Story). | https://medium.com/@trffnsec/how-a-lazy-bug-bounty-hunter-got-a-place-on-nasa-hof-an-xss-story-e14fccc326e2?source=rss------bug_bounty-5 | TrffnSec | xss-attack, bug-bounty, cybersecurity, hacking, nasa | 20-Aug-2024 |
My first XSS: Reflected XSS in hidden parameter | https://anonysm.medium.com/my-first-xss-reflected-xss-in-hidden-parameter-4142a02edfb1?source=rss------bug_bounty-5 | Muthu D | cybersecurity, hacking, penetration-testing, ethical-hacking, bug-bounty | 20-Aug-2024 |
cyberseReal-World Applications and Case Studies: Combating Web Cache Poisoning in Complex… | https://cyberw1ng.medium.com/cybersereal-world-applications-and-case-studies-combating-web-cache-poisoning-in-complex-5bf41b0073c1?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, penetration-testing, hacking, bug-bounty | 20-Aug-2024 |
Invitation link hijacking on a bug bounty program | https://harish45.medium.com/invitation-link-hijacking-on-a-bug-bounty-program-50d3b92d5532?source=rss------bug_bounty-5 | Harish | hackerone, bugcrowd, bug-bounty, bug-bounty-tips, ethical-hacking | 20-Aug-2024 |
Best Directory Brute-forcing Tools for Beginner Bug Hunters | https://medium.com/@josuofficial327/best-directory-brute-forcing-tools-for-beginner-bug-hunters-3388dd97c055?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | ethical-hacking, bug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup | 19-Aug-2024 |
0-click Full Account Takeover | https://dynnyd20.medium.com/0-click-full-account-takeover-9bb6b4d692a9?source=rss------bug_bounty-5 | dynnyd20 | cybersecurity, pentest, ato, bug-bounty, pentesting | 19-Aug-2024 |
Beyond Web Caching Vulnerabilities | https://medium.com/@0xAwali/beyond-web-caching-vulnerabilities-c617d8cdbb85?source=rss------bug_bounty-5 | Mahmoud M. Awali | web-security, bug-bounty | 19-Aug-2024 |
Discovering a Session Persistence Vulnerability That Led to a $$$$ Bounty | https://anonysm.medium.com/discovering-a-session-persistence-vulnerability-225e4b38e605?source=rss------bug_bounty-5 | Muthu D | cybersecurity, penetration-testing, infosec, bug-bounty, ethical-hacking | 19-Aug-2024 |
Advanced Techniques for Mitigating Web Cache Poisoning Attacks | https://cyberw1ng.medium.com/advanced-techniques-for-mitigating-web-cache-poisoning-attacks-8f818fd7eb00?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, cybersecurity, bug-bounty, penetration-testing | 19-Aug-2024 |
How to Bypass Company Email Feature While Creating an Account | https://medium.com/@josuofficial327/how-to-bypass-company-email-feature-while-creating-an-account-f792b37a231f?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | bug-bounty-hunter, cybersecurity, bug-bounty-tips, vulnerability, bug-bounty | 18-Aug-2024 |
BugBounty WriteUp — Creative thinking is our everything (Race Condition + Business Logic Error) | https://medium.com/@bilalresearcher/bugbounty-writeup-creative-thinking-is-our-everything-race-condition-business-logic-error-c7cfcc6d9125?source=rss------bug_bounty-5 | Bilal Researcher | hacking, writeup, bug-bounty, penetration-testing, programming | 18-Aug-2024 |
Bug Bounty Writeup: $2500 Reward for Session Hijack via Chained Attack | https://medium.com/@bilalresearcher/bug-bounty-writeup-2500-reward-for-session-hijack-via-chained-attack-b5ad443bc9b9?source=rss------bug_bounty-5 | Bilal Researcher | ethical-hacking, cybersecurity, xss-attack, bug-bounty-tips, bug-bounty | 18-Aug-2024 |
How Automation Detected Default Admin Credential Worth $500 | https://medium.com/@bilalresearcher/how-automation-detected-default-admin-credential-worth-500-9f2c3ed460c4?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-writeup, bug-bounty, bug-bounty-tips, cybersecurity | 18-Aug-2024 |
Accessing deleted comment for $$: A Bug Bounty Writeup | https://medium.com/@bilalresearcher/accessing-deleted-comment-for-a-bug-bounty-writeup-085e836660c1?source=rss------bug_bounty-5 | Bilal Researcher | cybersecurity, bug-bounty, writeup, bug-bounty-tips, bug-bounty-writeup | 18-Aug-2024 |
PII Disclosure Worth $750 | https://medium.com/@bilalresearcher/pii-disclosure-worth-750-1f9caeac484f?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bug-bounty-tips, bugbounty-writeup, cybersecurity, bug-bounty-writeup | 18-Aug-2024 |
Burp Suite Filtering Trick — Reducing Log Noise with TLS Pass-Through | https://systemweakness.com/burp-suite-filtering-trick-reducing-log-noise-with-tls-pass-through-468d00fbc7dc?source=rss------bug_bounty-5 | Khaleel Khan | ethical-hacking, infosec, bug-bounty-tips, cybersecurity, bug-bounty | 18-Aug-2024 |
Day 15 of 30 Days — 30 Vulnerabilities | ClickJacking | https://it4chis3c.medium.com/day-15-of-30-days-30-vulnerabilities-clickjacking-592505aff54d?source=rss------bug_bounty-5 | It4chis3c | web-security, bug-bounty, clickjacking, 30dayswritingchallenge, bug-bounty-tips | 18-Aug-2024 |
How I Bypassed 2FA and Earned My First Bounty $$$ | https://anonysm.medium.com/how-i-bypassed-2fa-and-earned-my-first-bounty-3fdc58938347?source=rss------bug_bounty-5 | Muthu D | cybersecurity, bug-bounty, ethical-hacking, hacking, penetration-testing | 18-Aug-2024 |
SQL Vulnerability in WordPress Automatic Plugin (CVE-2024–27956) | https://roadtooscp.medium.com/sql-vulnerability-in-wordpress-automatic-plugin-cve-2024-27956-3635f1d32b4e?source=rss------bug_bounty-5 | RoadToOSCP | bug-bounty, penetration-testing, wordpress-plugins, ethical-hacking, wordpress-security | 18-Aug-2024 |
HTML Injection in Mobile App Support Ticket Form on target.tech | https://medium.com/@shobitsharma/html-injection-in-mobile-app-support-ticket-form-on-target-tech-f45d2de510af?source=rss------bug_bounty-5 | Shobit Sharma | html-injection, owasp, bug-bounty, vulnerability, bug-bounty-tips | 18-Aug-2024 |
Advanced Techniques and Emerging Trends in Web Cache Poisoning | https://cyberw1ng.medium.com/advanced-techniques-and-emerging-trends-in-web-cache-poisoning-d2c8d3807d46?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, cybersecurity, hacking, penetration-testing | 18-Aug-2024 |
Title: Mastering CSRF Exploits with Port Swigger Academy Lab: How to Bypass SameSite Strict via… | https://medium.com/@dsksatheesh35/title-mastering-csrf-exploits-with-port-swigger-academy-lab-how-to-bypass-samesite-strict-via-7976c3f42d12?source=rss------bug_bounty-5 | D Satheesh Kumar | penetration-testing, bug-bounty, csrf-attack, csrf-bypass, ctf-walkthrough | 18-Aug-2024 |
Day 14 of 30 Days — 30 Vulnerabilities | HTTP Parameter Pollution (HPP) Vulnerability | https://medium.com/@kumawatabhijeet2002/day-14-of-30-days-30-vulnerabilities-http-parameter-pollution-hpp-vulnerability-6c767a9227d8?source=rss------bug_bounty-5 | Abhijeet kumawat | http-parameter-pollution, bug-bounty-tips, 30dayswritingchallenge, bug-bounty | 18-Aug-2024 |
XSS CHECKLIST | https://medium.com/@mehmetfarisacar/xss-checklist-a2bf18ed6992?source=rss------bug_bounty-5 | Mehmet Faris Acar | bug-bounty, xss-vulnerability, cybersecurity, xss-attack | 18-Aug-2024 |
Day 13 of 30 Days — 30 Vulnerabilities | XML External Entity (XXE) | https://medium.com/@kumawatabhijeet2002/day-13-of-30-days-30-vulnerabilities-xml-external-entity-xxe-93118ac3a167?source=rss------bug_bounty-5 | Abhijeet kumawat | xxe-attack, 30dayswritingchallenge, xxe, bug-bounty, bug-bounty-tips | 17-Aug-2024 |
Everything about CSP (Content Security Policy)and bypassing it Like a PRO!! | https://shauryasharma05.medium.com/everything-about-csp-content-security-policy-and-bypassing-it-like-a-pro-290d3b06b721?source=rss------bug_bounty-5 | Shaurya Sharma | bugbounty-writeup, cybersecurity, bug-bounty, hacking, bug-bounty-tips | 17-Aug-2024 |
A Step-by-Step Guide to Installing and Using dirsearch | https://medium.com/@sherlock297/a-step-by-step-guide-to-installing-and-using-dirsearch-7833d9dbe6c3?source=rss------bug_bounty-5 | Ravindra Dagale | tools, dirsearch, bug-bounty, tips, information-technology | 17-Aug-2024 |
Targeting Hidden API Endpoints in IDOR Exploits | https://systemweakness.com/targeting-hidden-api-endpoints-in-idor-exploits-269b6ae0f16e?source=rss------bug_bounty-5 | Khaleel Khan | infosec, bug-bounty, cybersecurity, hacking, bug-bounty-tips | 17-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-73) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-73-210a9520bff3?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, ethical-hacking, money, hacking, bug-bounty | 17-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-72) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-72-a2bf155d3162?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, ethical-hacking, cybersecurity, money, bug-bounty | 17-Aug-2024 |
Broken Access Control in a Crypto Trading Platform | Auth Bypass worth $$$$ | https://medium.com/@midnight-mihir/how-i-found-broken-access-control-in-a-crypto-trading-platform-auth-bypass-worth-b0048eb87e09?source=rss------bug_bounty-5 | Mihir | ethical-hacking, bug-bounty-tips, bug-bounty, cybersecurity | 17-Aug-2024 |
Another 1500$: CR/LF Injection | https://infosecwriteups.com/1500-cr-lf-injection-59152daaf413?source=rss------bug_bounty-5 | Abhi Sharma | crlf-injection, infosec, bug-bounty, programming, cybersecurity | 17-Aug-2024 |
Security Flaws in Privilege Downgrades: How Users Can Exploit API Keys and Privilege escalation | https://medium.com/@Az3m/security-flaws-in-privilege-downgrades-how-users-can-exploit-api-keys-and-privilege-escalation-886b37c2344d?source=rss------bug_bounty-5 | Az3m | bug-bounty-tips, privilege-escalation, bugs, bug-bounty | 17-Aug-2024 |
Sub-finder tool methodology | https://medium.com/@tharunteja725_8686/sub-finder-tool-methodology-1dcb2622b0d5?source=rss------bug_bounty-5 | Chidurala Tharun teja | bug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty-hunter | 17-Aug-2024 |
IDOR Vulnerabilities Between Admin Privilege Users in the Same Organization | https://medium.com/@Az3m/idor-vulnerabilities-between-admin-privilege-users-in-the-same-organization-7718192bba0e?source=rss------bug_bounty-5 | Az3m | bug-bounty-tips, idor, bug-bounty, idor-vulnerability | 17-Aug-2024 |
How Find Multi open redirect Bugs with Bing search engine | https://medium.com/@Az3m/how-find-multi-open-redirect-bugs-with-bing-search-engine-14d953b707ec?source=rss------bug_bounty-5 | Az3m | bugs, open-redirect, bug-bounty-tips, bug-bounty | 17-Aug-2024 |
Boost Your Bug Bounty Game: Get Started with Free VPS on Krutrim Cloud | https://infosecwriteups.com/boost-your-bug-bounty-game-get-started-with-free-vps-on-krutrim-cloud-6a37444a9ce0?source=rss------bug_bounty-5 | Vicky Aryan | krutrim-cloud, bug-bounty, vps, cloud, hacking | 17-Aug-2024 |
Understanding Web Cache Poisoning: How It Works and How to Prevent It | https://cyberw1ng.medium.com/understanding-web-cache-poisoning-how-it-works-and-how-to-prevent-it-55af897e1eb5?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, bug-bounty, cybersecurity, hacking | 17-Aug-2024 |
$$$ Bypassing SSRF Restrictions on a Google Product: A Journey Through DNS Rebinding | https://anonysm.medium.com/bypassing-ssrf-restrictions-on-a-google-product-a-journey-through-dns-rebinding-a4e9d18213af?source=rss------bug_bounty-5 | Muthu D | bug-bounty, cybersecurity, ethical-hacking, penetration-testing, hacking | 17-Aug-2024 |
Understanding Open Redirect Vulnerabilities: A Simple Discovery | https://shaifsec.medium.com/understanding-open-redirect-vulnerabilities-a-simple-discovery-476a675839f7?source=rss------bug_bounty-5 | Shaif Ali | web-security, cybersecurity, shaifsec, penetration-testing, bug-bounty | 17-Aug-2024 |
Top 20 Open Redirect Bug Bounty Reports | https://medium.com/@thenumberof9/top-20-open-redirect-bug-bounty-reports-610c57fb006f?source=rss------bug_bounty-5 | TheNumberOf-9 | host-redirect, bug-bounty, open-redirect, hacking, ethical-hacking | 16-Aug-2024 |
How to find a easy bug it worth $100 | https://medium.com/@sangamahesh650/how-to-find-a-easy-bug-it-worth-100-7485f9bf638f?source=rss------bug_bounty-5 | loyalonlytoday | bugbounty-writeup, hacking, bug-bounty-tips, penetration-testing, bug-bounty | 16-Aug-2024 |
The Bug Bounty Billionaire | https://medium.com/@shwetapapnai783/the-bug-bounty-billionaire-acaa5e64959e?source=rss------bug_bounty-5 | Shweta Papnai | security, cybersecurity, billionaires, bug-bounty, technology | 16-Aug-2024 |
️ Reconnaissance and Vulnerability Scanning Script️ | https://securitycipher.medium.com/%EF%B8%8F-reconnaissance-and-vulnerability-scanning-script-%EF%B8%8F-086f4051eeba?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | cybersecurity, coding, technology, bug-bounty, hacking | 16-Aug-2024 |
Complete Guide on Attack Surface Discovery | https://osintteam.blog/complete-guide-on-attack-surface-discovery-d684710d6a3e?source=rss------bug_bounty-5 | Netlas.io | bug-bounty, attack-surface, attack-surface-discovery, cybersecurity, penetration-testing | 16-Aug-2024 |
Easy Critical Bugs: Uncovering Treasure Troves in Adobe Experience Manager (AEM) | https://anonysm.medium.com/easy-critical-bugs-uncovering-treasure-troves-in-adobe-experience-manager-aem-59ce8656ef9b?source=rss------bug_bounty-5 | Muthu D | penetration-testing, bug-bounty, cybersecurity, pentesting, hacking | 16-Aug-2024 |
Two Factor Authentication Bypass via using Victim’s DeviceID | https://medium.com/@cyberpro151/two-factor-authentication-bypass-via-using-victims-deviceid-b46afb4fe7a5?source=rss------bug_bounty-5 | cyberpro151 | application-security, hacking, bug-bounty, cybersecurity, hackerone | 16-Aug-2024 |
BlackhatOps #1: A Syndicate Of Hackers | https://medium.com/@red.whisperer/blackhatops-1-a-syndicate-of-hackers-3f599f6f9c63?source=rss------bug_bounty-5 | Chux | cybersecurity, pentesting, red-team, bug-bounty, hacking | 16-Aug-2024 |
Forced SSO Session Fixation | https://infosecwriteups.com/forced-sso-session-fixation-5d3b457b79cb?source=rss------bug_bounty-5 | Serj Novoselov | bug-bounty, vulnerability, penetration-testing, information-security, writeup | 16-Aug-2024 |
24.10 Lab: Web cache poisoning to exploit a DOM vulnerability via a cache with strict cacheability… | https://cyberw1ng.medium.com/24-10-lab-web-cache-poisoning-to-exploit-a-dom-vulnerability-via-a-cache-with-strict-cacheability-78d30bb559e4?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, hacking, careers, bug-bounty, cybersecurity | 16-Aug-2024 |
500$ From Meta by reporting a HTMLi(Accidental Bug) | https://armx64.medium.com/500-from-meta-by-reporting-a-htmli-accidental-bug-fef2e5a0f4c4?source=rss------bug_bounty-5 | A.R Maheer | bug-bounty, accidental-bug | 16-Aug-2024 |
NewLine Character Cause DoS: Folder & File Deletion Flaw | https://medium.com/@bilalresearcher/newline-character-cause-dos-folder-file-deletion-flaw-2b128252720b?source=rss------bug_bounty-5 | Bilal Researcher | infosec, denial-of-service, programming, cybersecurity, bug-bounty | 16-Aug-2024 |
1000$ IDOR : Unauthorized Project Inclusion in Expense | https://medium.com/@bilalresearcher/1000-idor-unauthorized-project-inclusion-in-expense-da9176a96015?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, cybersecurity, idor, information-security, broken-access-control | 16-Aug-2024 |
Bypass Plan Restriction & Get 350$ Bounty | https://medium.com/@bilalresearcher/bypass-plan-restriction-get-350-bounty-105790e994cb?source=rss------bug_bounty-5 | Bilal Researcher | privilege-escalation, bug-bounty, cybersecurity, programming, access-control | 16-Aug-2024 |
How I Earned $469 Bounty: Bypassing Plan Restriction | https://medium.com/@bilalresearcher/how-i-earned-469-bounty-bypassing-plan-restriction-6c215221b6f6?source=rss------bug_bounty-5 | Bilal Researcher | access-control, infosec, bug-bounty, cybersecurity, programming | 16-Aug-2024 |
$800 Improper Authorization Flaw: Unauthorized Project Reclaiming Post Transfer | https://medium.com/@bilalresearcher/800-improper-authorization-flaw-unauthorized-project-reclaiming-post-transfer-d99ee6b2708c?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bug-bounty-tips, idor, idor-vulnerability, cybersecurity | 16-Aug-2024 |
921$ Privilege Escalation: Unauthorized User Addition to Shared APP Connections | https://medium.com/@bilalresearcher/921-privilege-escalation-unauthorized-user-addition-to-shared-app-connections-681d807ccd1e?source=rss------bug_bounty-5 | Bilal Researcher | programming, bug-bounty, privilege-escalation, cybersecurity, hacking | 16-Aug-2024 |
500$: MFA bypass By Race Condition | https://medium.com/@bilalresearcher/500-mfa-bypass-by-race-condition-8952b6718b89?source=rss------bug_bounty-5 | Bilal Researcher | cybersecurity, 2fa, programming, bug-bounty, race-condition | 16-Aug-2024 |
The UI Slip I Hit 750$: UI Manipulation Leading to Unauthorized Permission Changes | https://medium.com/@bilalresearcher/the-ui-slip-i-hit-750-ui-manipulation-leading-to-unauthorized-permission-changes-23c544918111?source=rss------bug_bounty-5 | Bilal Researcher | cybersecurity, user-interface, programming, bug-bounty, hacking | 16-Aug-2024 |
1500$: CR/LF Injection | https://medium.com/@bilalresearcher/1500-cr-lf-injection-09b7ae3cfaef?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, crlf-injection, cybersecurity, hacking, programming | 16-Aug-2024 |
$500 for Cracking Invitation Code For Unauthorized Access & Account Takeover | https://medium.com/@bilalresearcher/500-for-cracking-invitation-code-for-unauthorized-access-account-takeover-b0b693b2ae47?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, cybersecurity, account-takeover | 16-Aug-2024 |
Exploiting phar stream wrapper | https://rudrasarkar.medium.com/exploiting-phar-stream-wrapper-d2140592c6e7?source=rss------bug_bounty-5 | Rudra Sarkar | source-code-analysis, php, bug-bounty, hackthebox | 15-Aug-2024 |
Unauthorized Deletion of Reports via Folder Manipulation | https://medium.com/@hossam_hamada/unauthorized-deletion-of-reports-via-folder-manipulation-d0760582e168?source=rss------bug_bounty-5 | Hossam Hamada | idor, hackerone, idor-vulnerability, bug-bounty, bugcrowd | 15-Aug-2024 |
Day 12: Mastering Server Side Request Forgery Vulnerability — Essential Tricks & Techniques Based… | https://medium.com/@kumawatabhijeet2002/day-12-mastering-server-side-request-forgery-vulnerability-essential-tricks-techniques-based-21dc8b576e37?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, ssrf-bug, ssrf, ssrf-attack, bug-bounty-tips | 15-Aug-2024 |
Hacking Large Corporations: The Art and Science of Reconnaissance | https://harshit3.medium.com/hacking-large-corporations-the-art-and-science-of-reconnaissance-1a6fc8f90616?source=rss------bug_bounty-5 | Harshit | bug-bounty, information-technology, corporations, cybersecurity, ethical-hacking | 15-Aug-2024 |
23.7 Lab: Server-side template injection with a custom exploit | https://cyberw1ng.medium.com/23-7-lab-server-side-template-injection-with-a-custom-exploit-263dcc38653e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, hacking, careers, bug-bounty, cybersecurity | 15-Aug-2024 |
Fourth Layer And Attacks ! | https://medium.com/@reemmoslem34/fourth-layer-and-attacks-7bcdbbf6b53c?source=rss------bug_bounty-5 | Rem Khalid | cybersecurity, security, bug-bounty | 15-Aug-2024 |
2FA Bypass - IDN Mischief | https://shahjerry33.medium.com/2fa-bypass-idn-mischief-157f06cb6904?source=rss------bug_bounty-5 | Jerry Shah (Jerry) | vulnerability, bug-bounty, infosec, cybersecurity, 2fa | 15-Aug-2024 |
Cracking the Armour: Bypassed WAF using Ibrahimxss Tool for easy | https://medium.com/@jitinyaduvanshi/cracking-the-armour-bypassed-waf-using-ibrahimxss-tool-for-easy-6867cfcd850b?source=rss------bug_bounty-5 | Jitinyaduvanshi | cybersecurity, xss-attack, bug-bounty | 15-Aug-2024 |
Swisstronik: A Blockchain Solution for Privacy and Compliance. | https://medium.com/@danishkhatri023/swisstronik-a-blockchain-solution-for-privacy-and-compliance-73c662eadf7a?source=rss------bug_bounty-5 | Danish Khatri | testnet, blockchain, gui̇de, bug-bounty, swisstronik | 15-Aug-2024 |
Protecting against multi-step SQL injections: A shield for your data | https://medium.com/@Progsky/protecting-against-multi-step-sql-injections-a-shield-for-your-data-bf14e41dc412?source=rss------bug_bounty-5 | Progsky | bug-bounty, web-security, hacking | 15-Aug-2024 |
Passenger Information Disclosure Vulnerability Over the MQTT Protocol | https://medium.com/@moradloo1779/passenger-information-disclosure-vulnerability-over-the-mqtt-protocol-667402289583?source=rss------bug_bounty-5 | Moradloo | bugbounty-writeup, bug-bounty, pentest | 15-Aug-2024 |
Account takeover on 8 years old public program | https://medium.com/@pranshux0x/account-takeover-on-8-years-old-public-program-c0c0a30cfdd2?source=rss------bug_bounty-5 | priyanshu shakya | account-takeover, bug-bounty, bug-bounty-tips, hacking, vulnerability | 14-Aug-2024 |
New Bug Bounty Alert | https://medium.com/@vic-thor/new-bug-bounty-alert-874fefd2ea6b?source=rss------bug_bounty-5 | vic | tech, online, technology, cybersecurity, bug-bounty | 14-Aug-2024 |
XSS Tipleri için Test Caseler | https://medium.com/@NadirSensoy/xss-tipleri-i%C3%A7in-test-caseler-ce006d2cd57f?source=rss------bug_bounty-5 | Nadir Sensoy | xss-attack, bug-bounty, xss-vulnerability, cybersecurity | 14-Aug-2024 |
My journey towards Bug Bounty and Ambassador World Cup 2023 Recap | https://bhattaraiprashant98.medium.com/my-journey-towards-bug-bounty-and-ambassador-world-cup-2023-recap-bc5fc1d00e72?source=rss------bug_bounty-5 | Prashant Bhattarai | bug-bounty, hacking, hackerone, cybersecurity | 14-Aug-2024 |
Server-side template injection in Web App Penetration Testing | 2024 | https://cyberw1ng.medium.com/server-side-template-injection-in-web-app-penetration-testing-2024-67961a32cadd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, penetration-testing, bug-bounty, hacking | 14-Aug-2024 |
Automate your Google Dorking to Find Bugs | https://mrunknown124154.medium.com/automate-your-google-dorking-to-find-bugs-f7d86dc2d279?source=rss------bug_bounty-5 | Mr Abdullah | bug-bounty, cybersecurity, google-dorking, cyber-security-awareness, dorking | 14-Aug-2024 |
Authentication Bypass -MFA , Account Takeover… | https://medium.com/@prakashchand72/authentication-bypass-mfa-account-takeover-32166aedb3b9?source=rss------bug_bounty-5 | ASTUTE | bypass, hacking, bug-bounty, authentication-bypass, account-takeover | 14-Aug-2024 |
My journey towards Bug Bounty and Ambassador World Cup 2023 Recap | https://g0ndaar.medium.com/my-journey-towards-bug-bounty-and-ambassador-world-cup-2023-recap-bc5fc1d00e72?source=rss------bug_bounty-5 | Prashant Bhattarai | bug-bounty, hacking, hackerone, cybersecurity | 14-Aug-2024 |
Open S3 Buckets Through Reconnaissance | https://offsec01.medium.com/open-s3-buckets-through-reconnaissance-920f8b35be47?source=rss------bug_bounty-5 | Facundo Fernandez | bug-bounty-tips, bug-bounty, penetration-testing, hacking, offensive-security | 14-Aug-2024 |
A Critical 403 Bypass Vulnerability Lead to a Staging Environment with User Enumeration | https://ay0ub-n0uri.medium.com/a-critical-403-bypass-vulnerability-lead-to-a-staging-environment-with-user-enumeration-25b94ebadcfa?source=rss------bug_bounty-5 | Ay0ub N0uri | offensive-security, bug-bounty-tips, penetration-testing, cybersecurity, bug-bounty | 14-Aug-2024 |
How I Prevented a Data Breach by Reporting an IDOR in a System Exposing over 500,000 US Passports | https://offsec01.medium.com/how-i-prevented-a-data-breach-by-reporting-an-idor-in-a-system-exposing-over-500-000-us-passports-bc6bec99aa3d?source=rss------bug_bounty-5 | Facundo Fernandez | passport, bug-bounty, penetration-testing, data-breach, hacking | 14-Aug-2024 |
Identifying and Exploiting SQL Injection Vulnerabilities | https://im4x.medium.com/identifying-and-exploiting-sql-injection-vulnerabilities-cdfaa90b7b04?source=rss------bug_bounty-5 | Ahmed Najeh | bug-bounty, bugs, sqlmap | 14-Aug-2024 |
Finding a easy p3 bug | https://medium.com/@sangamahesh650/finding-a-easy-p3-bug-05b54f70e14c?source=rss------bug_bounty-5 | loyalonlytoday | bugbounty-writeup, bug-bounty-tips, penetration-testing, bug-bounty, hacking | 13-Aug-2024 |
Hidden Form Fields Reveal Test Answers for Easy Perfect Score | https://osintteam.blog/hidden-form-fields-reveal-test-answers-for-easy-perfect-score-c4d202416ad7?source=rss------bug_bounty-5 | enigma | bug-bounty, ethical-hacking, penetration-testing, cybersecurity, misconfiguration | 13-Aug-2024 |
NoSQL Injection | Try Hack Me | https://ahmed-makawi.medium.com/nosql-injection-try-hack-me-e624fa71743f?source=rss------bug_bounty-5 | Ahmed Makawi | cybersecurity, bug-bounty, it, penetration-testing, sql-injection | 13-Aug-2024 |
Role-based Privilege Escalation Worth $2000 in a bug bounty program | https://medium.com/@_K3rnel/role-based-privilege-escalation-worth-2000-in-a-bug-bounty-program-0ca40a4cecb9?source=rss------bug_bounty-5 | _K3rnel | bugbounting, bug-bounty, bugs, bug-bounty-tips, bugbounty-writeup | 13-Aug-2024 |
Threat Modeling 101: Mapping OWASP Top 10 to STRIDE | https://justm0rph3u5.medium.com/threat-modeling-101-mapping-owasp-top-10-to-stride-cb8e8613e396?source=rss------bug_bounty-5 | Divyanshu | stride, bug-bounty, owasp, threat-model, pasta | 13-Aug-2024 |
23.6 Lab: Server-side template injection in a sandboxed environment | https://cyberw1ng.medium.com/23-6-lab-server-side-template-injection-in-a-sandboxed-environment-f731eacf2530?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, penetration-testing, cybersecurity, careers | 13-Aug-2024 |
Logic Flaw: User Account Lockout | https://medium.com/@raxomara/logic-flaw-user-account-lockout-8865c622cef0?source=rss------bug_bounty-5 | Raxomara | penetration-testing, bug-bounty, cybersecurity, bug-bounty-tips, bug-hunting | 13-Aug-2024 |
NoSQL Injection | Try Hack Me | https://systemweakness.com/nosql-injection-try-hack-me-e624fa71743f?source=rss------bug_bounty-5 | Ahmed Makawi | cybersecurity, bug-bounty, it, penetration-testing, sql-injection | 13-Aug-2024 |
My first bounty report was a duplicate | https://medium.com/@World-Breaker/my-first-bounty-report-was-a-duplicate-ad2ba4ec595e?source=rss------bug_bounty-5 | usu@rioZ3r0 | bug-bounty | 13-Aug-2024 |
Effortless Go Language Setup: Installing Go Lang Like a Pro! | https://imran407704.medium.com/effortless-go-language-setup-installing-go-lang-like-a-pro-e668c51454c3?source=rss------bug_bounty-5 | Imran | bug-bounty, go-language, go-language-tutorial | 13-Aug-2024 |
How I Discovered a Directory Listing Vulnerability on a NASA Subdomain | https://medium.com/@shubhammpawar7438/how-i-discovered-a-directory-listing-vulnerability-on-a-nasa-subdomain-979883e47874?source=rss------bug_bounty-5 | Shubham pawar | vulnerability-disclosure, bug-bounty, cybersecurity, web-security, nasa-security | 13-Aug-2024 |
How To Get free burpsuite professional | https://medium.com/@sangamahesh650/how-to-get-free-burpsuite-professional-b6ebca7a60a3?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, pentesting, bug-bounty-tips, hacking, bugbounty-writeup | 13-Aug-2024 |
Breaking the Barrier: Admin Panel Takeover Worth $3500 | https://medium.com/@noob.assassin/breaking-the-barrier-admin-panel-takeover-worth-3500-78da79089ca3?source=rss------bug_bounty-5 | Aditya Sharma | bug-bounty-tips, bug-bounty, hacker, hacking, vulnerability | 13-Aug-2024 |
Simple but Elegant DOM XSS on Hidden Parameter— Bypassing Filter | https://medium.com/@YourFinalSin/simple-but-elegant-dom-xss-on-hidden-parameter-bypassing-filter-ab58ca1e6135?source=rss------bug_bounty-5 | SIN | xss-vulnerability, bug-bounty, xss-attack, bug-bounty-tips, bug-bounty-writeup | 13-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-71) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-71-3232e47be803?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, cybersecurity, bug-bounty, skills, ethical-hacking | 13-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-70) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-70-f603b2fde234?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, bug-bounty, hacking, cybersecurity, skills | 13-Aug-2024 |
Insecure Direct Object Reference | https://medium.com/@yassentaalab51/insecure-direct-object-reference-6bddf9be8dcd?source=rss------bug_bounty-5 | Yassen Taalab | idor, bug-bounty, owasp, cybersecurity, broken-access-control | 13-Aug-2024 |
CloudBrute — Awesome Cloud Enumerator | https://medium.com/@pentesterclubpvtltd/cloudbrute-awesome-cloud-enumerator-b6d86e168b2c?source=rss------bug_bounty-5 | Pentester Club | bug-bounty, hacking, ethical-hacking, cybersecurity, cloud-computing | 13-Aug-2024 |
Embedding Beacon Payloads in PDF Files | https://medium.com/@pentesterclubpvtltd/embedding-beacon-payloads-in-pdf-files-e789820f340b?source=rss------bug_bounty-5 | Pentester Club | hacking, cobalt-strike, bug-bounty, cybersecurity, pdf | 13-Aug-2024 |
DOM XSS — Simple but Elegant on Hidden Parameter— Bypassing Filter | https://medium.com/@YourFinalSin/simple-but-elegant-dom-xss-on-hidden-parameter-bypassing-filter-ab58ca1e6135?source=rss------bug_bounty-5 | SIN | xss-vulnerability, bug-bounty, xss-attack, bug-bounty-tips, bug-bounty-writeup | 13-Aug-2024 |
Common Types of Bugs in Software Testing | https://medium.com/optimizory-apps/common-types-of-bugs-in-software-testing-aea2ff2138bd?source=rss------bug_bounty-5 | Divyansh Vats | bug-bounty, bugs, software-testing | 12-Aug-2024 |
How to balance bug fix costs with software performance? | https://medium.com/@harleyrose981/how-to-balance-bug-fix-costs-with-software-performance-92e9df481c36?source=rss------bug_bounty-5 | Harley Rose | web3, technology, bug-bounty, web-development, seo | 12-Aug-2024 |
3rd Anniversary Fun Activity: TECNO Security Bug Bounty Rules Challenging Test | https://medium.com/@security.tecno/3rd-anniversary-fun-activity-tecno-security-bug-bounty-rules-challenging-test-d6dac9f552e7?source=rss------bug_bounty-5 | TECNO Security | testing, bug-bounty, activity, security | 12-Aug-2024 |
5 Minutes to Take Over the System Administrator Account of a GPS Tracker Solution Provider | https://medium.com/@mmaulanaabdullah/5-minutes-for-taking-over-system-administrator-account-of-gps-tracker-solution-provider-system-24bd083f1559?source=rss------bug_bounty-5 | M Maulana Abdullah | api, disruption, bug-bounty, information-security, infosec | 12-Aug-2024 |
Maintaining Software Excellence: The Importance of Bug Fixes and Maintenance | https://medium.com/@harleyrose981/maintaining-software-excellence-the-importance-of-bug-fixes-and-maintenance-87db9a864a5f?source=rss------bug_bounty-5 | Harley Rose | technology, software-development, web-development, tech, bug-bounty | 12-Aug-2024 |
From Fries to Flaws : My Journey into Web App Security (Part V) | https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-v-f0ea86e55845?source=rss------bug_bounty-5 | OiQ | penetration-testing, vulnerability, bug-bounty-tips, cybersecurity, bug-bounty | 12-Aug-2024 |
The Importance of Functionality and Usability in Web Applications | https://medium.com/@owaisbagali2/the-importance-of-functionality-and-usability-in-web-applications-65f5cf44374d?source=rss------bug_bounty-5 | OwaisB | self-awareness, bug-bounty, audi, software-testing, basics | 12-Aug-2024 |
Earned $188 in bug bounty simply through the invitation feature. | https://medium.com/@Mu1berry/earned-188-in-bug-bounty-simply-through-the-invitation-feature-534486d6ec1c?source=rss------bug_bounty-5 | Mu1berry | bugcrowd, vulnerability, money, bug-bounty, hacker | 12-Aug-2024 |
Detecting Blind Injection Attacks with Discord Webhooks | https://osintteam.blog/detecting-injection-attacks-with-discord-webhooks-5df22a5679c5?source=rss------bug_bounty-5 | mrunoriginal | web-application-security, cybersecurity, bug-bounty, information-security, ethical-hacking | 12-Aug-2024 |
New Reconnaissance Methodologies/Tools for Bug Bounty Hunting & Ethical Hacking | https://medium.com/@retr0x/new-reconnaissance-methodologies-tools-for-bug-bounty-hunting-ethical-hacking-be7ca14a7ae2?source=rss------bug_bounty-5 | R3tr0x | Vinay Kumar | cyber, ethical-hacking, cyber-security-awareness, cybersecurity, bug-bounty | 12-Aug-2024 |
“My Journey to Earning the First Bounty” | https://medium.com/@asharm.khan7/my-journey-to-earning-the-first-bounty-5314d1780f84?source=rss------bug_bounty-5 | Ashar Mahmood | bug-bounty, hacking, cyber-security-awareness, ethical-hacking, find-your-first-bug | 12-Aug-2024 |
21.4 Lab: Exploiting insecure output handling in LLMs | https://cyberw1ng.medium.com/21-4-lab-exploiting-insecure-output-handling-in-llms-4b17d8401fe6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, hacking, cybersecurity, bug-bounty, careers | 12-Aug-2024 |
Getting all ips from Shodan easy | https://medium.com/@sangamahesh650/getting-all-ips-from-shodan-easy-400706799e53?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty-tips, hacking, bugbounty-writeup, penetration-testing, bug-bounty | 12-Aug-2024 |
Cross-Site Scripting Explained: Protect Your Website from Modern Threats | https://7hecoder.medium.com/secure-your-site-xss-guide-d780dd2ad098?source=rss------bug_bounty-5 | Aamir Khan | xss-vulnerability, web-development, secure-coding, bug-bounty, cybersecurity | 12-Aug-2024 |
The Hidden Threat: How Reverse Shells Packaged as .pyz Files Evade Detection | https://medium.com/@psychomong/the-hidden-threat-how-reverse-shells-packaged-as-pyz-files-evade-detection-e82d1f234187?source=rss------bug_bounty-5 | psychomong | hacker, hacking, meta, bug-bounty, whatsapp | 12-Aug-2024 |
How Much Did I Make in My First Year of Bug Bounty Work? | https://medium.com/@bountyget/how-much-did-i-make-in-my-first-year-of-bug-bounty-work-2f0583002db6?source=rss------bug_bounty-5 | Bountyget | infosec-write-ups, bug-bounty, earn-money-online, bug-bounty-tips, hacking | 12-Aug-2024 |
How I Hacked Into the World’s Top Universities Including MIT Cambridge & University of Oxford | https://medium.com/@josuofficial327/how-i-hacked-into-the-worlds-top-universities-including-mit-cambridge-university-of-oxford-a2e209d8abf7?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | cybersecurity, bug-bounty, vulnerability, ethical-hacking, hacking | 12-Aug-2024 |
Stored XSS in LibreOffice | https://bunny0417.medium.com/stored-xss-in-libreoffice-ed4ad22e0f56?source=rss------bug_bounty-5 | Aayush kumar | bug-bounty-tips, xs, libreoffice, stored-xss, bug-bounty | 11-Aug-2024 |
From Fries to Flaws : My Journey into Web App Security (Part IV) | https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-iv-956c3fcbec68?source=rss------bug_bounty-5 | OiQ | bug-bounty, web-app-security, vulnerability, bug-bounty-tips, penetration-testing | 11-Aug-2024 |
Internal and External Network penetration Testing | https://gaya3-r.medium.com/internal-and-external-network-penetration-testing-6a9421394618?source=rss------bug_bounty-5 | gayatri r | tools, bug-bounty, penetration-testing, owasp | 11-Aug-2024 |
How I found my first P3 bug (disclosure of PII/Privilege Escalation) | https://medium.com/@the.bugcrowd.testerpawan/how-i-found-my-first-p3-bug-disclosure-of-pii-privilege-escalation-148dbf610334?source=rss------bug_bounty-5 | the_air_cyborg | bug-bounty-tips, bugbounty-writeup, bug-bounty | 11-Aug-2024 |
Introduction to JWT | https://medium.com/@chanpreetkaur2005/introduction-to-jwt-f69162b59c24?source=rss------bug_bounty-5 | Chanpreet Kaur | web-exploitation, cybersecurity, bug-bounty, jwt, web-development | 11-Aug-2024 |
20.10 Lab: Using PHAR deserialization to deploy a custom gadget chain | https://cyberw1ng.medium.com/20-10-lab-using-phar-deserialization-to-deploy-a-custom-gadget-chain-39270975163f?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, hacking, careers, cybersecurity | 11-Aug-2024 |
Udemy Course off 50% CYBER082024 | https://cyberbruharmy.medium.com/udemy-course-off-50-cyber082024-c61d755d2714?source=rss------bug_bounty-5 | CyberBruhArmy | bug-bounty, firewall, bug-bounty-tips, security, cybersecurity | 11-Aug-2024 |
Hacking the System: How I Beat Subscription Restrictions in Admin Controls | https://0xmatrix.medium.com/hacking-the-system-how-i-beat-subscription-restrictions-in-admin-controls-5684fd90279a?source=rss------bug_bounty-5 | Mo2men Elmady | hacking, bugs, penetration-testing, red-team, bug-bounty | 11-Aug-2024 |
How I Got $150 on HackerOne for My First Bug | https://medium.com/@likithteki76/how-i-got-150-on-hackerone-for-my-first-bug-8af0ed515e79?source=rss------bug_bounty-5 | Likith Teki | bug-bounty-tips, 2fa-bypass, vulnerability, bug-bounty, ethical-hacking | 11-Aug-2024 |
IDOR — How I Leaked Data of 50k+ Users | https://medium.com/@YourFinalSin/idor-how-i-leaked-data-of-50k-users-bc44201e777a?source=rss------bug_bounty-5 | SIN | idor, bug-bounty-hunter, bug-bounty-writeup, bug-bounty, bug-bounty-tips | 10-Aug-2024 |
How I got my first $13500 bounty through Parameter Polluting (HPP) | https://infosecwriteups.com/how-i-got-my-first-13500-bounty-through-parameter-polluting-hpp-179666b8e8bb?source=rss------bug_bounty-5 | rAmpancist | hacking, bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips | 10-Aug-2024 |
IDOR — Exposing private forms $$$ | https://medium.com/@hellother18/idor-exposing-private-forms-0204c1ed560a?source=rss------bug_bounty-5 | Manthan_ mahale | hacking, cybersecurity, ethical-hacking, bug-bounty, bugbounty-writeup | 10-Aug-2024 |
Day 8 of 30 Days — 30 Vulnerabilities | Security Misconfiguration | https://medium.com/@kumawatabhijeet2002/day-8-of-30-days-30-vulnerabilities-security-misconfiguration-5d8ee574e7e3?source=rss------bug_bounty-5 | Abhijeet kumawat | security-misconfiguration, bug-bounty, bug-bounty-tips | 10-Aug-2024 |
What is a Bug Bounty Program? | https://medium.com/@pasan62nanayakkara/what-is-a-bug-bounty-program-f64c90197229?source=rss------bug_bounty-5 | Ravindu Nanayakkara | bug-bounty, cybersecurity, security | 10-Aug-2024 |
$800 Improper Authorization Flaw: Unauthorized Project Reclaiming Post Transfer | https://medium.com/@a13h1/800-improper-authorization-flaw-unauthorized-project-reclaiming-post-transfer-15fe36976604?source=rss------bug_bounty-5 | Abhi Sharma | improper-authorization, cybersecurity, bug-bounty, idor, programming | 10-Aug-2024 |
Practice Lab Setup for Application Security Testing | https://medium.com/@Kamal_S/practice-lab-setup-for-application-security-testing-9fa2c9b45917?source=rss------bug_bounty-5 | Kamal S | bug-bounty, vapt, security-testing, appsec, owasp | 10-Aug-2024 |
The Evolution of Deserialization Attacks: Understanding the Risks and Future Trends | https://cyberw1ng.medium.com/the-evolution-of-deserialization-attacks-understanding-the-risks-and-future-trends-0e485ec7e833?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, careers, cybersecurity, hacking, bug-bounty | 10-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-69) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-69-fa42b90989a1?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, bug-bounty, skills, hacking, cybersecurity | 10-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-68) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-68-8e3af48d1c65?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, ethical-hacking, cybersecurity, bug-bounty, skills | 10-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-67) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-67-01756817b60c?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, skills, ethical-hacking, bug-bounty, hacking | 10-Aug-2024 |
How to Mitigate SQL Injection | https://medium.com/@dhiren.pradhan263/how-to-mitigate-sql-injection-20a26cfa96f5?source=rss------bug_bounty-5 | Dhiren Pradhan | security, bug-bounty, information-security | 09-Aug-2024 |
How to find P1 SQL injection in indian website. | https://medium.com/@padhyepushkar/how-to-find-p1-sql-injection-in-indian-website-59ad091a9e1b?source=rss------bug_bounty-5 | Pushkar Padhye | bug-bounty | 09-Aug-2024 |
How to Mitigate SQL Injection | https://medium.com/@bountyget/how-to-mitigate-sql-injection-20a26cfa96f5?source=rss------bug_bounty-5 | Bountyget | security, bug-bounty, information-security | 09-Aug-2024 |
Bug Bounty Programs Launched in August 2024 | https://medium.com/@vic-thor/bug-bounty-programs-launched-in-august-2024-ab698f18b7c5?source=rss------bug_bounty-5 | vic | bug-bounty, technology, tech, money, cybersecurity | 09-Aug-2024 |
Part 3: Enhancing Database Items in Angular using the Decorator Design Pattern: Bug Prevention… | https://medium.com/@nemanjablagojevic/part-3-enhancing-database-items-in-angular-using-the-decorator-design-pattern-bug-prevention-e965373a6219?source=rss------bug_bounty-5 | Nemanja Blagojevic | singleton, programming, angular, bug-bounty, ecommerce-web-development | 09-Aug-2024 |
From Developer to Hacker: Putting on the White Hat | https://medium.com/@jonathanmondaut/from-developer-to-hacker-putting-on-the-white-hat-b4292af8c1d4?source=rss------bug_bounty-5 | Jonathan Mondaut | cybersecurity, technology, bug-bounty, ethical-hacking, programming | 09-Aug-2024 |
How I Turned a Rate-Limit Bypass into an Account Takeover | https://anonysm.medium.com/how-i-turned-a-rate-limit-bypass-into-an-account-takeover-4588541c2d29?source=rss------bug_bounty-5 | Muthu D | ethical-hacking, hacking, pentesting, bug-bounty, penetration-testing | 09-Aug-2024 |
Enriching Nuclei results with Vulnerability Intel | https://medium.com/@nvi_90805/enriching-nuclei-results-with-vulnerability-intel-d760b756b066?source=rss------bug_bounty-5 | NVI - North Vulnerability Intelligence | vulnerability, cve, bug-bounty, nuclei-template, exploit | 09-Aug-2024 |
Mastering Subfinder for Subdomain Enumeration: A Quick Guide for Bug Bounty Hunters | https://medium.com/@k4r7hx/mastering-subfinder-for-subdomain-enumeration-a-quick-guide-for-bug-bounty-hunters-5d6c3d471896?source=rss------bug_bounty-5 | Karthikeyan | subdomain-enumeration, subdomains-enumeration, subdomain, bug-bounty, subdomain-takeover | 09-Aug-2024 |
Bug Bounty Methodology — Step By Step Guide To Find Subdomains And Vulnerable URLs | https://medium.com/@shaikhminhaz1975/bug-bounty-methodology-step-by-step-guide-to-find-subdomains-and-vulnerable-urls-18bdd76e979f?source=rss------bug_bounty-5 | Shaikh Minhaz | cybersecurity, reconnaissance, subdomains-enumeration, bug-bounty, methodology | 09-Aug-2024 |
20 Essential Google Dorking Queries to find vulnerable targets | https://offsec01.medium.com/20-essential-google-dorking-queries-to-find-vulnerable-targets-a98b657dc66d?source=rss------bug_bounty-5 | Facundo Fernandez | offensive-security, google-dorking, hacking-training, bug-bounty, hacking | 09-Aug-2024 |
Day 7 of 30 Days — 30 Vulnerability | IDOR (Insecure Direct Object Reference) | https://medium.com/@kumawatabhijeet2002/day-7-of-30-days-30-vulnerability-idor-insecure-direct-object-reference-79b8051d67e2?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, 30dayswritingchallenge, idor-vulnerability, idor, bug-bounty-tips | 09-Aug-2024 |
How dirsearch Uncovered a $750 Bounty | https://medium.com/@bountyget/how-dirsearch-uncovered-a-750-bounty-fd215c925eb7?source=rss------bug_bounty-5 | Bountyget | infosec, dirsearch, wordlist, bug-bounty, hackerone | 09-Aug-2024 |
What After Recon ? Part 01 Bug Bounty Methodology | https://omarora1603.medium.com/what-after-recon-part-01-bug-bounty-methodology-25ff3705a738?source=rss------bug_bounty-5 | Om Arora | infosec, bug-bounty, bug-bounty-writeup, methodology, hacking | 09-Aug-2024 |
Embracing Proactive Security Measures: Future-Proofing Against PHAR Deserialization and Beyond | https://cyberw1ng.medium.com/embracing-proactive-security-measures-future-proofing-against-phar-deserialization-and-beyond-49e1dec9000d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, hacking, penetration-testing, bug-bounty | 09-Aug-2024 |
How i hacked NASA? NASA VDP. | https://medium.com/@momos1337/how-i-hacked-nasa-bug-bounty-6975b833eb45?source=rss------bug_bounty-5 | Fadhli Almunawar | cybersecurity, bug-bounty | 09-Aug-2024 |
How dirsearch Uncovered a $750 Bounty | https://medium.com/@bountyget/how-dirsearch-uncovered-a-750-bounty-fd215c925eb7?source=rss------bug_bounty-5 | Bountyget | infosec, dirsearch, wordlist, info-sec-writeups, bug-bounty | 09-Aug-2024 |
L6 — Postbook | https://scissor07.medium.com/l6-postbook-8d5b322a0801?source=rss------bug_bounty-5 | scissor_seven | writeup, cybersecurity, bug-bounty, hackerone, ctf | 08-Aug-2024 |
Web App Security Scanner- Vex Scanner | https://medium.com/@pentesterclubpvtltd/web-app-security-scanner-vex-scanner-e150e9a03ffc?source=rss------bug_bounty-5 | Pentester Club | cybersecurity, scalability, bug-bounty, hacking, security | 08-Aug-2024 |
OAuth Impersonation Attack: Misconfiguration of Facebook and Google OAuth Leading to Account… | https://medium.com/@security.tecno/oauth-impersonation-attack-misconfiguration-of-facebook-and-google-oauth-leading-to-account-9f838439de31?source=rss------bug_bounty-5 | TECNO Security | bug-bounty, security, hacker | 08-Aug-2024 |
Hijacking User Privileges: The Story of a Patched Vulnerability in Open Bug Bounty | https://take0verx0.medium.com/hijacking-user-privileges-the-story-of-a-patched-vulnerability-in-open-bug-bounty-4db81fa0fd1f?source=rss------bug_bounty-5 | Shahariar Amin | bug-bounty, bug-bounty-tips, web-security, openbugbounty | 08-Aug-2024 |
Last Week in tech — 5th edition | https://medium.com/@azefox/last-week-in-tech-5th-edition-0f559055dcf6?source=rss------bug_bounty-5 | Azefox | cloud-computing, ai, bug-bounty, infosec, news | 08-Aug-2024 |
O manual do Hacker Moderno | https://medium.com/@espectrx/o-manual-do-hacker-moderno-2a715e35184c?source=rss------bug_bounty-5 | Rafael Henrique | hackingrévolution, hackerone, hacker-ético, bug-bounty, hacking | 08-Aug-2024 |
Building a Resilient Security Framework: Long-Term Strategies for Combating PHAR Deserialization… | https://cyberw1ng.medium.com/building-a-resilient-security-framework-long-term-strategies-for-combating-phar-deserialization-de5b38c6aff2?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, hacking, penetration-testing, careers | 08-Aug-2024 |
Easiest P3 You May Not Know | https://muneebalamkhan.medium.com/easiest-p3-you-may-not-know-54ae73cd3361?source=rss------bug_bounty-5 | Muneeb Alam Khan | bug-bounty-tips, penetration-testing, bug-bounty, bounty-hunter, penetration-test | 07-Aug-2024 |
SSRF: Blacklist and Whitelist-Based Input Filters | https://infosecwriteups.com/ssrf-blacklist-and-whitelist-based-input-filters-1c602b872731?source=rss------bug_bounty-5 | Neetrox | cybersecurity, cyber-security-awareness, bug-bounty, cyberattack, technology | 07-Aug-2024 |
Client-Side Desync in HTTP: Understanding the Vulnerabilities and How to Mitigate Them | https://medium.com/@miladkeivanfar/client-side-desync-in-http-understanding-the-vulnerabilities-and-how-to-mitigate-them-f3552164a6c9?source=rss------bug_bounty-5 | Milad keivanfar | security, pentesting, desync, bug-bounty, smuggling | 07-Aug-2024 |
Nahamsec’s Intro to Bug Bounty Labs: Your Setup Guide | https://medium.com/@k4r7hx/nahamsecs-intro-to-bug-bounty-labs-your-setup-guide-145199ee948a?source=rss------bug_bounty-5 | Karthikeyan | bug-bounty, ethical-hacking, penetration-testing, nahamstore, hacking | 07-Aug-2024 |
ALL ABOUT TRAVA BUG BOUNTY — FINDING THE FAULTS IN TRAVA.FINANCE | https://blog.trava.finance/all-about-trava-bug-bounty-finding-the-faults-in-trava-finance-ebdcf476c1d6?source=rss------bug_bounty-5 | Trava.Finance | dapps, web3, bug-bounty, blockchain | 07-Aug-2024 |
Easiest P3/P4 security misconfiguration to make $$ as a beginner. | https://medium.com/@sugamdangal52/easiest-p3-p4-security-misconfiguration-to-make-as-a-beginner-d4f019ad4b85?source=rss------bug_bounty-5 | Sugam Dangal | bug-bounty-program, bug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-tips | 07-Aug-2024 |
Real-World Applications and Case Studies of PHAR Deserialization Defense | https://cyberw1ng.medium.com/real-world-applications-and-case-studies-of-phar-deserialization-defense-f65b67c503aa?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, cybersecurity, bug-bounty, hacking | 07-Aug-2024 |
Day 5 of 30 Days — 30 Vulnerabilities | Open Redirects | https://medium.com/@kumawatabhijeet2002/day-5-of-30-days-30-vulnerabilities-open-redirects-386ea2fa1a66?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, bug-bounty-tips, open-redirect, 30dayschallenge, 30dayswritingchallenge | 07-Aug-2024 |
Mastering Dirsearch for Bug Hunting | https://medium.com/@josuofficial327/mastering-dirsearch-for-bug-hunting-f34272c0ba28?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | bug-bounty, bug-bounty-tips, ethical-hacking, cybersecurity, hacking | 06-Aug-2024 |
SSRF to Server Takeover PoC (Bug Bounty Writeup) | https://medium.com/@malvinval/ssrf-to-server-takeover-poc-bug-bounty-writeup-82d6715e333d?source=rss------bug_bounty-5 | Malvin Valerian | cybersecurity, ethical-hacking, bug-bounty-tips, hacking, bug-bounty | 06-Aug-2024 |
From Fries to Flaws : My Journey into Web App Security (Part III) | https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-iii-ce91eb384da7?source=rss------bug_bounty-5 | OiQ | penetration-testing, broken-access-control, web-app-security, bug-bounty, bug-bounty-tips | 06-Aug-2024 |
My First Bug Bounty: CORS Misconfiguration | https://r0b0ts.medium.com/my-first-bug-bounty-cors-misconfiguration-3e6f38835c4e?source=rss------bug_bounty-5 | r0b0ts | bug-bounty-writeup, bug-bounty, secu, bug-bounty-tips, bug-bounty-hunter | 06-Aug-2024 |
Reflected HTML injection leads to redirection and what’s not! | https://medium.com/@shahariarwalid/reflected-html-injection-leads-to-redirection-and-whats-not-3de256b16c30?source=rss------bug_bounty-5 | Shahariar Amin | bug-bounty, web-hacking, poc | 06-Aug-2024 |
Race Condition About The User Version and Ignored | https://r0b0ts.medium.com/race-condition-about-the-user-version-and-ignored-c98fec642d1b?source=rss------bug_bounty-5 | r0b0ts | bug-bounty-tips, bug-bounty-writeup, bug-bounty, security, bug-bounty-hunter | 06-Aug-2024 |
Mastering Network Reconnaissance with Nmap: A Comprehensive Guide | https://medium.com/@WillFromSwiss/mastering-network-reconnaissance-with-nmap-a-comprehensive-guide-e37fe3cdf8ff?source=rss------bug_bounty-5 | WillFromSwiss | pentesting, hacking, bug-bounty, recon, nmap | 06-Aug-2024 |
Bypass Admin Panel Access Steps — Bug Tuesday | https://medium.com/@kerstan/bypass-admin-panel-access-steps-bug-tuesday-36e7be470dae?source=rss------bug_bounty-5 | kerstan | cybersecurity, bug-bounty, hacking | 06-Aug-2024 |
Discovering and Exploiting an XSS Vulnerability in an Admin Panel | https://soltanali0.medium.com/discovering-and-exploiting-an-xss-vulnerability-in-an-admin-panel-8abbc97931fd?source=rss------bug_bounty-5 | soltanali0 | admin-panel, xss-attack, hackerone, bug-bounty-tips, bug-bounty | 06-Aug-2024 |
Reflected HTML injection leads to redirection and what’s not! | https://take0verx0.medium.com/reflected-html-injection-leads-to-redirection-and-whats-not-3de256b16c30?source=rss------bug_bounty-5 | Shahariar Amin | bug-bounty, web-hacking, poc | 06-Aug-2024 |
Advanced Defense Mechanisms and Continuous Monitoring Against PHAR Deserialization | https://cyberw1ng.medium.com/advanced-defense-mechanisms-and-continuous-monitoring-against-phar-deserialization-00512489faf1?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, penetration-testing, bug-bounty, careers, hacking | 06-Aug-2024 |
Hacking OWASP Juice Shop: Part 5- Privilege Escalation via Manipulated User Registration | https://infosecwriteups.com/hacking-owasp-juice-shop-part-5-privilege-escalation-via-manipulated-user-registration-4b1c5227aa81?source=rss------bug_bounty-5 | callgh0st | hacking, manipulation, logic, privilege-escalation, bug-bounty | 06-Aug-2024 |
From Secure to Breached: The Journey from Confidence to Compromise | https://medium.com/@armandjasharaj/from-secure-to-breached-the-journey-from-confidence-to-compromise-38fcb7e9ef7c?source=rss------bug_bounty-5 | Armand Jasharaj | penetration-testing, bug-bounty, cybersecurity, information-security | 06-Aug-2024 |
Understanding and Mitigating Open Redirection Vulnerability (CVE-2021–36580) in Webmail/Basic… | https://medium.com/@anonymousshetty2003/understanding-and-mitigating-open-redirection-vulnerability-cve-2021-36580-in-webmail-basic-24b12c3df17d?source=rss------bug_bounty-5 | Anonymousshetty | open-redirection, ethical-hacking, cybersecurity, bug-bounty | 06-Aug-2024 |
How to Use Netcat as a Persistent Backdoor Utility? | https://medium.com/@pentesterclubpvtltd/how-to-use-netcat-as-a-persistent-backdoor-utility-57bb01cbf9cc?source=rss------bug_bounty-5 | Pentester Club | hacking, bug-bounty-tips, bug-bounty, metasploit, cybersecurity | 06-Aug-2024 |
Ping a site to find out information about it. | https://medium.com/@pentesterclubpvtltd/ping-a-site-to-find-out-information-about-it-43efdb62b4a0?source=rss------bug_bounty-5 | Pentester Club | cyber-security-awareness, bug-bounty, cybersecurity, ping, cybercrime | 05-Aug-2024 |
Maltego — The Automated OSINT Tool for Ethical Hackers | https://medium.com/@pentesterclubpvtltd/maltego-the-automated-osint-tool-for-ethical-hackers-d6bc5737812e?source=rss------bug_bounty-5 | Pentester Club | bug-bounty, ethical-hacking, maltego, cybersecurity, osint | 05-Aug-2024 |
Recon-ng — Complete Scan — Emails, Sub Domains & Hidden Files | https://medium.com/@pentesterclubpvtltd/recon-ng-complete-scan-emails-sub-domains-hidden-files-b357cffd1e0b?source=rss------bug_bounty-5 | Pentester Club | scan, recon, enumeration, cybersecurity, bug-bounty | 05-Aug-2024 |
Perform Network Tracerouting in Linux Machines | https://medium.com/@pentesterclubpvtltd/perform-network-tracerouting-in-linux-machines-28b6bf57bf71?source=rss------bug_bounty-5 | Pentester Club | bug-bounty, machine-learning, linux, networking, cybersecurity | 05-Aug-2024 |
Gather Information About a Target Website Using Photon | https://medium.com/@pentesterclubpvtltd/gather-information-about-a-target-website-using-photon-839612a85319?source=rss------bug_bounty-5 | Pentester Club | web-design, cybersecurity, bug-bounty, web-development, web3 | 05-Aug-2024 |
Mirror a Target Website Using HTTrack website Copier | https://medium.com/@pentesterclubpvtltd/mirror-a-target-website-using-httrack-website-copier-0489c23d66b3?source=rss------bug_bounty-5 | Pentester Club | web3, website-design, web-development, cybersecurity, bug-bounty | 05-Aug-2024 |
Extract Companys Website Data Using Web Data Extractor | https://medium.com/@pentesterclubpvtltd/extract-companys-website-data-using-web-data-extractor-a2957c56fd3f?source=rss------bug_bounty-5 | Pentester Club | data, website, bug-bounty, web3, cybersecurity | 05-Aug-2024 |
Gather Personal Information Using PeekYou online People Search Service | https://medium.com/@pentesterclubpvtltd/gather-personal-information-using-peekyou-online-people-search-service-8a523a180f0d?source=rss------bug_bounty-5 | Pentester Club | data, bug-bounty, cybersecurity, people, search-engine-optimizati | 05-Aug-2024 |
Mastering Angry IP Scanner: Unleashing the Power of Network Diagnostics | https://medium.com/@pentesterclubpvtltd/mastering-angry-ip-scanner-unleashing-the-power-of-network-diagnostics-43388a593650?source=rss------bug_bounty-5 | Pentester Club | networking, bug-zero, cybersecurity, bug-bounty, angry | 05-Aug-2024 |
Uncover the Shocking Truth Behind HTTP Header Injection Attacks: Protect Yourself Now! | https://systemweakness.com/the-hidden-danger-lurking-in-your-http-headers-3f93474933cb?source=rss------bug_bounty-5 | Khaleel Khan | hacking, bug-bounty, cybersecurity, infosec, web-development | 05-Aug-2024 |
Exploit Public-Facing Application concepts | https://medium.com/@alimostafaeiorg/exploit-public-facing-application-concepts-95c9d9efe76b?source=rss------bug_bounty-5 | Ali Mostafaei | pentest, exploit, xs, exploit-public-facing, bug-bounty | 05-Aug-2024 |
You might have never understood the OSI Model this way. | https://medium.com/@rohillachhavi12/you-might-have-never-understood-the-osi-model-this-way-2b3d234c5bac?source=rss------bug_bounty-5 | Chhavi Rohilla | networking, technology, bug-bounty, learning, cybersecurity | 05-Aug-2024 |
SQL Injection Part 1️⃣ | https://infosecwriteups.com/sql-injection-part-1%EF%B8%8F%E2%83%A3-eead93a673a2?source=rss------bug_bounty-5 | Neetrox | cybersecurity, sql, data, bug-bounty, cyber-security-awareness | 05-Aug-2024 |
Discovering and Exploiting an XSS Vulnerability in a Bug Bounty Program Scope | https://medium.com/@anonymousshetty2003/discovering-and-exploiting-an-xss-vulnerability-in-a-bug-bounty-program-scope-383327e7f290?source=rss------bug_bounty-5 | Anonymousshetty | cybersecurity, bug-bounty, xss-vulnerability, ethical-hacking | 05-Aug-2024 |
From Detection to Notification: Security Automation to Earn $$$$ | https://vijetareigns.medium.com/from-detection-to-notification-security-automation-to-earn-4ea1a13576bc?source=rss------bug_bounty-5 | the_unlucky_guy | bugbounty-writeup, cybersecurity, technology, bug-bounty, automation | 05-Aug-2024 |
How i found Host Header Injection on SpaceX | https://medium.com/@gitlime71/how-i-found-host-header-injection-on-spacex-3a9b45db70e8?source=rss------bug_bounty-5 | Raccoon | penetration-testing, bug-bounty, pentesting, hacking, bug-bounty-tips | 05-Aug-2024 |
Zero-Click account Take-over | https://0xebn-taimia.medium.com/zero-click-account-take-over-deb0fae7a6c1?source=rss------bug_bounty-5 | 0xEbn-Taimia | bug-bounty, cybersecurity, bugs, ato | 05-Aug-2024 |
Advanced Techniques and Defenses Against PHAR Deserialization Exploits | https://cyberw1ng.medium.com/advanced-techniques-and-defenses-against-phar-deserialization-exploits-c65074fa5035?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, penetration-testing, bug-bounty, hacking, careers | 05-Aug-2024 |
Day 3 of 30 Days — 30 Vulnerability | CSRF | https://medium.com/@kumawatabhijeet2002/day-3-of-30-days-30-vulnerability-csrf-3958560fb941?source=rss------bug_bounty-5 | Abhijeet kumawat | vulnerability, bug-bounty, cybersecurity, csrf-attack | 05-Aug-2024 |
Unveiling Remote Code Execution in AI chatbot workflows | https://infosecwriteups.com/unveiling-remote-code-execution-in-ai-chatbot-workflows-3c7f633f63c3?source=rss------bug_bounty-5 | Anurag__Verma | ethical-hacking, infosec, penetration-testing, bugs, bug-bounty | 05-Aug-2024 |
How I Got Critical P2 Bug on Google VRP | https://medium.com/@rhashibur75/how-i-got-critical-p2-bug-on-google-vrp-165017145af8?source=rss------bug_bounty-5 | Kazi Hashibur Rahman | google-bug, bugs, bug-bounty-tips, bug-bounty, google | 04-Aug-2024 |
Insecure Deserialization — Why it is a vulnerability | https://medium.com/@nanak.singh/insecure-deserialization-why-it-is-a-vulnerability-74e22e878cf4?source=rss------bug_bounty-5 | Nanak Singh Khurana | web-security, insecure-deserialization, hacking, bug-bounty | 04-Aug-2024 |
Simple Authentication Bypass By Response Manipulation. | https://medium.com/@test123cybertest/simple-authentication-bypass-by-response-manipulation-44ba530e803b?source=rss------bug_bounty-5 | praveenarsh0xx0 | hacking, tips-and-tricks, cybersecurity, pentest, bug-bounty | 04-Aug-2024 |
Hacking OWASP Juice Shop: Part 3- Exploiting Insufficient Server-Side Checks:::Bypassing Input… | https://infosecwriteups.com/hacking-owasp-juice-shop-part-3-exploiting-insufficient-server-side-checks-bypassing-input-6b4368449c2f?source=rss------bug_bounty-5 | callgh0st | hacking, input-validation, burpsuite, consistency, bug-bounty | 04-Aug-2024 |
SQL Injection Attack, Querying the Database Type and Version on MySQL and Microsoft | https://medium.com/@marduk.i.am/sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft-caf947d0208a?source=rss------bug_bounty-5 | Marduk I Am | sqli, sql-injection, bug-bounty, information-security, portswigger-lab | 04-Aug-2024 |
Hacking OWASP Juice Shop: Part4 — Exploiting Payment and Input Validation Loopholes | https://infosecwriteups.com/hacking-owasp-juice-shop-part4-exploiting-payment-and-input-validation-loopholes-59f6b8485c3e?source=rss------bug_bounty-5 | callgh0st | prompt, bypass, consistency, hacking, bug-bounty | 04-Aug-2024 |
Simple logic flaw lead to P3 bug in public BBP | https://medium.com/@mohamed0xmuslim/simple-logic-flaw-lead-to-p3-bug-in-public-bbp-7cf21a4fb7c6?source=rss------bug_bounty-5 | Muhammad_Mostafa | bug-bounty, bugcrowd, bugbounty-writeup, bug-bounty-tips, hackerone | 04-Aug-2024 |
curityPHAR Deserialization: Exploiting Hidden Vulnerabilities in PHP | https://cyberw1ng.medium.com/curityphar-deserialization-exploiting-hidden-vulnerabilities-in-php-c68891254c13?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, cybersecurity, penetration-testing, hacking | 04-Aug-2024 |
Kioptrix Level 3 Walkthrough | https://erdemstar.medium.com/kioptrix-level-3-walkthrough-25dce894e7e3?source=rss------bug_bounty-5 | Erdemstar | oscp-preparation, bug-bounty, pentesting, oscp, bug-bounty-tips | 04-Aug-2024 |
Exploiting Negative Quantity Manipulation for Total Price Reduction | https://medium.com/@adhammedhat101/s-e615c50a1798?source=rss------bug_bounty-5 | SemZ | cybersecurity, bug-bounty, bugbounty-writeup, penetration-testing, web-app-security | 04-Aug-2024 |
Don’t Know Where to Look for Bugs? A Beginner’s Guide to Bug Hunting | https://medium.com/@paritoshblogs/dont-know-where-to-look-for-bugs-a-beginner-s-guide-to-bug-hunting-780780eec09b?source=rss------bug_bounty-5 | Paritosh | bug-bounty-tips, bug-bounty, information-technology, information-security, cybersecurity | 03-Aug-2024 |
How I prevented a mass leak of user data at one of the largest Tech companies | https://medium.com/@syarifsajjad07/how-i-prevented-a-mass-leak-of-user-data-at-one-of-the-largest-tech-companies-caea05474af8?source=rss------bug_bounty-5 | Syarifsajjad | hackerone, bug-bounty-tips, cybersecurity, bug-bounty, bugbounty-writeup | 03-Aug-2024 |
30 Days — 30 Vulnerability Challenge | https://it4chis3c.medium.com/30-days-30-vulnerability-challenge-28edae3b25d4?source=rss------bug_bounty-5 | It4chis3c | bug-bounty-tips, bug-bounty, 30dayswritingchallenge | 03-Aug-2024 |
Day 1 of 30 Days — 30 Vulnerabilities Tips & Tricks | https://it4chis3c.medium.com/day-1-of-30-days-30-vulnerabilities-tips-tricks-4cff7b2756a2?source=rss------bug_bounty-5 | It4chis3c | 30dayswritingchallenge, xss-attack, xss-vulnerability, bug-bounty-tips, bug-bounty | 03-Aug-2024 |
How I Hacked and Secured a Croatian Government Website: A White Hat Journey | https://harshit3.medium.com/how-i-hacked-and-secured-a-croatian-government-website-a-white-hat-journey-d452fbb8e711?source=rss------bug_bounty-5 | Harshit | ethical-hacking, bug-bounty, security, vulnerability, cybersecurity | 03-Aug-2024 |
How a Host Header Injection Bug Earned Me My Fourth Hall of Fame Spot at Apple | https://medium.com/@MohaseenK/how-a-host-header-injection-bug-earned-me-my-fourth-hall-of-fame-spot-at-apple-b5d880acbba2?source=rss------bug_bounty-5 | Mohaseen | infosec, hall-of-fame, hackerone, bug-bounty, apple | 03-Aug-2024 |
Your AI Conversations Aren’t Safe: How We Stole Them | https://h0tak88r.medium.com/your-ai-conversations-arent-safe-how-we-stole-them-02c17db2ed72?source=rss------bug_bounty-5 | sallam | bug-bounty-tips, prompt-injection-attack, ai-hacking, bug-bounty, oauth | 03-Aug-2024 |
How I Earned $469 Bounty: Bypassing Plan Restriction | https://medium.com/@a13h1/how-i-earned-469-bounty-bypassing-plan-restriction-58f6d3120b6e?source=rss------bug_bounty-5 | Abhi Sharma | access-control, programming, infosec, cybersecurity, bug-bounty | 03-Aug-2024 |
How to Find Vulnerabilities and Bugs with the Help of ChatGPT and Get Bounty | https://medium.com/@shaikhminhaz1975/how-to-find-vulnerabilities-and-bugs-with-the-help-of-chatgpt-and-get-bounty-f1ee5b6b0dd0?source=rss------bug_bounty-5 | Shaikh Minhaz | bug-bounty-with-ai, bug-bounty, chatgpt, cybersecurity, find-bug-with-chatgpt | 03-Aug-2024 |
how I found a critical bug using response manipulation | https://matrixm0x1.medium.com/how-i-found-a-critical-bug-using-response-manipulation-4403a562db12?source=rss------bug_bounty-5 | matrixm0x1 | security, vulnerability, cybersecurity, bugs, bug-bounty | 03-Aug-2024 |
20.9 Lab: Developing a custom gadget chain for PHP deserialization | https://cyberw1ng.medium.com/20-9-lab-developing-a-custom-gadget-chain-for-php-deserialization-c173ff462156?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, cybersecurity, hacking, penetration-testing | 03-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-66) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-66-9a60c229db5e?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, skills, hacking, bug-bounty, cybersecurity | 03-Aug-2024 |
How could privilege escalation vulnerability lead to full account takeover? | https://medium.com/@moxallam/how-could-privilege-escalation-vulnerability-lead-to-full-account-takeover-0d49d3d5fbee?source=rss------bug_bounty-5 | 3llam | pentesting, web-application-security, bug-bounty, cyber-security-services, bug-bounty-writeup | 03-Aug-2024 |
Uncovering a Reflected XSS Vulnerability in an Insurance Company’s Website | https://medium.com/@anonymousshetty2003/uncovering-a-reflected-xss-vulnerability-in-an-insurance-companys-website-ee56c3492381?source=rss------bug_bounty-5 | Anonymousshetty | bug-bounty, cybersecurity, ethical-hacking | 03-Aug-2024 |
Discovering a Reflected XSS Vulnerability in an Shopping Website | https://medium.com/@anonymousshetty2003/discovering-a-reflected-xss-vulnerability-in-an-shopping-website-d9ea72be73ef?source=rss------bug_bounty-5 | Anonymousshetty | bug-bounty, xss-vulnerability, ethical-hacking, cybersecurity | 03-Aug-2024 |
The first $100 from Bug Hunter | https://medium.com/@osamamohamed21212121/the-first-100-from-bug-hunter-aaee9a0ac547?source=rss------bug_bounty-5 | Osamamohamed | cybersecurity, security, vulnerability, bug-bounty, bus | 03-Aug-2024 |
How I Escalated N/A to High and Got Rewarded £££: Bug Hunting Journey | https://medium.com/@iamrizwanvp/how-i-escalated-n-a-to-medium-and-got-rewarded-bug-hunting-journey-c6e6097fe93c?source=rss------bug_bounty-5 | iamrizwanvp | bug-bounty, penetration-testing, cybersecurity, bugbounty-writeup | 03-Aug-2024 |
From Fries to Flaws : My Journey into Web App Security (Part II) | https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-ii-6127ecc7d93f?source=rss------bug_bounty-5 | OiQ | bug-bounty, web-application-security, cybersecurity, xss-vulnerability, bug-bounty-tips | 03-Aug-2024 |
Tips about bug bounty for complete begginers | https://medium.com/@mrkimia097/tips-about-bug-bounty-for-complete-begginers-0fa1c85594ad?source=rss------bug_bounty-5 | Mrkimia | bug-bounty, hacker, bugbounty-tips | 03-Aug-2024 |
How I Escalated N/A to High and Got Rewarded $$$: Bug Hunting Journey | https://medium.com/@iamrizwanvp/how-i-escalated-n-a-to-medium-and-got-rewarded-bug-hunting-journey-c6e6097fe93c?source=rss------bug_bounty-5 | iamrizwanvp | bug-bounty-tips, bug-bounty, penetration-testing, cybersecurity, bugbounty-writeup | 03-Aug-2024 |
#4. Bug Bounty Series: Exploiting Boolean-based SQL Injection | https://cyb3rmind.medium.com/4-bug-bounty-series-exploiting-boolean-based-sql-injection-3455d800892e?source=rss------bug_bounty-5 | Cyb3r M!nds | pentesting, hacking, bug-bounty, sql-injection | 02-Aug-2024 |
Bounty Hunting — Complete Guide (Part-65) | https://medium.com/@rafid19/bounty-hunting-complete-guide-part-65-885040ada45a?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | skills, hacking, cybersecurity, ethical-hacking, bug-bounty | 02-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-64) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-64-aa6bc5c45197?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, ethical-hacking, hacking, skills, bug-bounty | 02-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-63) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-63-fdea83c2c38f?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, cybersecurity, ethical-hacking, skills, hacking | 02-Aug-2024 |
Best youtube channels to learn bughunting and penetration testing | https://medium.com/@sangamahesh650/best-youtube-channels-to-learn-bughunting-and-penetration-testing-eea2e78a202a?source=rss------bug_bounty-5 | loyalonlytoday | penetration-testing, bug-bounty-writeup, bugbounty-tips, bug-bounty-tips, bug-bounty | 02-Aug-2024 |
Finding subdomains from google | https://medium.com/@sangamahesh650/finding-subdomains-from-google-7f370fe60ad1?source=rss------bug_bounty-5 | loyalonlytoday | penetration-testing, bugbounting, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 02-Aug-2024 |
Search engines for hackers and bughunters | https://medium.com/@sangamahesh650/search-engines-for-hackers-and-bughunters-16139aa60752?source=rss------bug_bounty-5 | loyalonlytoday | bugbounty-writeup, bug-bounty-tips, bug-bounty, hacking, penetration-testing | 02-Aug-2024 |
Finding more subdomains | https://medium.com/@sangamahesh650/finding-more-subdomains-1f5221e79310?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, bugbounty-tips, bug-bounty-tips | 02-Aug-2024 |
Overview of API Penetration Testing | https://medium.com/@aakashgupthagwapt/overview-of-api-penetration-testing-2065f6722f4e?source=rss------bug_bounty-5 | Aakashguptha | penetration-testing, api-penetration-testing, bug-bounty, cybersecurity, api | 02-Aug-2024 |
20.8 Lab: Developing a custom gadget chain for Java deserialization | https://cyberw1ng.medium.com/20-8-lab-developing-a-custom-gadget-chain-for-java-deserialization-01b85e1e998a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, careers, hacking, bug-bounty, cybersecurity | 02-Aug-2024 |
I found RCE on Viber. | https://medium.com/@deadoverflow/i-found-rce-on-viber-432cf9e17eb0?source=rss------bug_bounty-5 | Imad Husanovic | cyber-security-awareness, programming, hacking, rce, bug-bounty | 02-Aug-2024 |
Email Verification Bypass Easy-P4 | https://medium.com/@Ajakcybersecurity/email-verification-bypass-easy-p4-70039d0b8fd9?source=rss------bug_bounty-5 | AjakCybersecurity | technology, penetration-testing, bug-bounty, hacking, ethical-hacking | 02-Aug-2024 |
Client-Side XSS: The DOM-based Debacle (Cross Site Scripting) | https://medium.com/@godsxfinger/client-side-xss-the-dom-based-debacle-cross-site-scripting-7a14904934d9?source=rss------bug_bounty-5 | Aadi (godsxfinger) | xs, web-app-security, bug-bounty, cybersecurity, bug-bounty-tips | 01-Aug-2024 |
Serialization and Deserialization: Advanced Concepts and Best Practices | https://cyberw1ng.medium.com/serialization-and-deserialization-advanced-concepts-and-best-practices-c6562fce9e4b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, careers, penetration-testing, cybersecurity | 01-Aug-2024 |
Understanding Cross-Site Scripting (XSS) | https://medium.com/@soheilvanaee.net/understanding-cross-site-scripting-xss-5610d02cc5c4?source=rss------bug_bounty-5 | Soheilvanaee Net | bug-bounty, cybersecurity, web-hacking | 01-Aug-2024 |
First Bug Report: HTML Injection Vulnerability ️♂️ | https://medium.com/@youseftamereg/first-bug-report-html-injection-vulnerability-%EF%B8%8F-%EF%B8%8F-7a5e042d6548?source=rss------bug_bounty-5 | yousef tamer | html-injection, writeup, bug-bounty | 01-Aug-2024 |
Wasabi Bucket Takeover | Bug Bounty | https://mo9khu93r.medium.com/wasabi-bucket-takeover-bug-bounty-7520e8decde7?source=rss------bug_bounty-5 | mo9khu93r | ethical-hacking, cybersecurity, subdomain-takeover, bug-bounty | 31-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-62) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-62-4ff0fce045ca?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, ethical-hacking, skills, bug-bounty, hacking | 31-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-61) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-61-1c6514a2067b?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, cybersecurity, bug-bounty, skills, hacking | 31-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-60) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-60-76ea9ba1551c?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | skills, bug-bounty, hacking, cybersecurity, ethical-hacking | 31-Jul-2024 |
Step-by-Step Guide On How to Find Your First Bug in Web Applications | https://medium.com/@shaikhminhaz1975/step-by-step-guide-on-how-to-find-your-first-bug-in-web-applications-0080f6a7f945?source=rss------bug_bounty-5 | Shaikh Minhaz | cybersecurity, bug-bounty, vulnerability, information-disclosure, ethical-hacking | 31-Jul-2024 |
How To Find Your 1st Bug For Bug Bounty Hunters (Step by Step Guide) Guarantee Result | https://medium.com/@shaikhminhaz1975/step-by-step-guide-on-how-to-find-your-first-bug-in-web-applications-0080f6a7f945?source=rss------bug_bounty-5 | Shaikh Minhaz | cybersecurity, bug-bounty, vulnerability, information-disclosure, ethical-hacking | 31-Jul-2024 |
SAML Authentication Bypass Leading to Admin Panel Access | https://medium.com/@0x_xnum/saml-authentication-bypass-leading-to-admin-panel-access-24f23812ed76?source=rss------bug_bounty-5 | Ahmed Tarek | bug-bounty, saml, privilege-escalation, broken-access-control, authentication-bypass | 31-Jul-2024 |
Don’t know where to look for bugs ?? In Depth Recon Bug Bounty — Part 02 | https://omarora1603.medium.com/dont-know-where-to-look-for-bugs-in-depth-recon-bug-bounty-part-02-9d7c55e045aa?source=rss------bug_bounty-5 | Om Arora | bug-bounty-writeup, hacking, bug-bounty, methodology, infosec | 31-Jul-2024 |
My Journey into Cybersecurity: Learning Bug Bounty from Scratch | https://medium.com/@akashathare411/my-journey-into-cybersecurity-learning-bug-bounty-from-scratch-abc2b45f04c5?source=rss------bug_bounty-5 | Akash Athare | learning, cybersecurity, bug-bounty, iit, masters-degree | 31-Jul-2024 |
Serialization and Deserialization: An Essential Guide | https://cyberw1ng.medium.com/serialization-and-deserialization-an-essential-guide-30552a9cf379?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, careers, cybersecurity, penetration-testing | 31-Jul-2024 |
Hack and make money — Bug Bounty | https://medium.com/@victoras.croitoru/hack-and-make-money-bug-bounty-d9db818eb33e?source=rss------bug_bounty-5 | vic | online, ethical-hacking, hacking, money, bug-bounty | 31-Jul-2024 |
NgeSec Bebas #3 — How to Avoid N/A on Submissions | https://muh-hidayat7799.medium.com/ngesec-bebas-3-how-to-avoid-n-a-on-submissions-9acf14ef7ba1?source=rss------bug_bounty-5 | Muhamad Hidayat | methodology, risk-management, bug-bounty, app-security, penetration-testing | 31-Jul-2024 |
Don’t know where to look for bugs ?? In Depth Recon Bug Bounty — Part 02 | https://infosecwriteups.com/dont-know-where-to-look-for-bugs-in-depth-recon-bug-bounty-part-02-9d7c55e045aa?source=rss------bug_bounty-5 | Om Arora | bug-bounty-writeup, hacking, bug-bounty, methodology, infosec | 31-Jul-2024 |
Why bug bounty program should be a part of your security strategy — ET CISO | https://nowitsanurag.medium.com/why-bug-bounty-program-should-be-a-part-of-your-security-strategy-et-ciso-ad5abf991292?source=rss------bug_bounty-5 | Anurag | cybersecurity, bug-bounty, ransomware, vulnerability | 31-Jul-2024 |
Uncovering Sensitive Information: A Case Study on a Government Website | https://medium.com/@anonymousshetty2003/uncovering-sensitive-information-a-case-study-on-a-government-website-1f5ad0e158ec?source=rss------bug_bounty-5 | Anonymousshetty | hacking, ethical-hacking, bug-bounty, wpscan, cybersecurity | 31-Jul-2024 |
Stored XSS: When Bad Code Happens to Good Websites (Cross Site Scripting) | https://medium.com/@godsxfinger/stored-xss-when-bad-code-happens-to-good-websites-a5d6b4e629ca?source=rss------bug_bounty-5 | Aadi (godsxfinger) | bug-bounty, cross-site-scripting, xs, web-app-security, cybersecurity | 31-Jul-2024 |
Reflected XSS: Navigating the Web’s Wild West (Cross-Site Scripting) | https://medium.com/@godsxfinger/reflected-xss-navigating-the-webs-wild-west-cross-site-scripting-a1e092e58b73?source=rss------bug_bounty-5 | Aadi (godsxfinger) | cybersecurity, cross-site-scripting, xs, bug-bounty, web-app-security | 31-Jul-2024 |
From Fries to Flaws : My Journey into Web App Security (Part I) | https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-i-958c67c20771?source=rss------bug_bounty-5 | OiQ | web-application-security, web-vulnerabilities, bug-bounty, bug-bounty-tips, cybersecurity | 31-Jul-2024 |
ICMTC Final CTF 2024 Web Hackig Challenges | https://medium.com/@medohythem2019/icmtc-final-ctf-2024-web-hackig-challenges-5135cccf09ba?source=rss------bug_bounty-5 | 0xdragon | bug-bounty, hacking, pentesting, ctf | 30-Jul-2024 |
LFI WITH PHPINFO TO RCE | https://infosecwriteups.com/lfi-with-phpinfo-to-rce-78318f0dc9ce?source=rss------bug_bounty-5 | c0d3x27 | bug-bounty, hacking-tools, hacking, web-development, cybersecurity | 30-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-59) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-59-a0a4a25d7f97?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, cybersecurity, ethical-hacking, bug-bounty, skills | 30-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-58) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-58-f4102848b19d?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, bug-bounty, ethical-hacking, cybersecurity, skills | 30-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-57) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-57-1c470cccf094?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, ethical-hacking, bug-bounty, skills, hacking | 30-Jul-2024 |
Triple XSS in a Private Bug Bounty Program via a Hidden Parameter | https://infosecwriteups.com/triple-xss-in-a-private-bug-bounty-program-via-a-hidden-parameter-b42d0263f56d?source=rss------bug_bounty-5 | Andrea | hacking, bug-bounty, xss-attack | 30-Jul-2024 |
Interesting Business Logic Error leads to Pre-Account Takeover via Verification bypass on GoogleVRP | https://medium.com/@jerryhackgather/interesting-business-logic-error-leads-to-pre-account-takeover-via-verification-bypass-on-googlevrp-d362f9469e3d?source=rss------bug_bounty-5 | Jerry1319 | cybersecurity, bug-bounty-tips, bug-bounty, bugbounty-writeup | 30-Jul-2024 |
Cross-Site Scripting (XSS) Vulnerabilities: | https://medium.com/@yassentaalab51/cross-site-scripting-xss-vulnerabilities-1397653cef7d?source=rss------bug_bounty-5 | Yassen Taalab | owasp, web-vulnerabilities, bug-bounty, web-security, xss-attack | 30-Jul-2024 |
6 tips for finding security vulnerabilities with GitHub Code Search — Bug Bounty Tuesday | https://medium.com/@kerstan/6-tips-for-finding-security-vulnerabilities-with-github-code-search-bug-bounty-tuesday-d4035bc7e302?source=rss------bug_bounty-5 | kerstan | hacking, bug-bounty, cybersecurity | 30-Jul-2024 |
Stealing First Party Access Token of Facebook Users: Meta Bug Bounty | https://iamsaugat.medium.com/stealing-first-party-access-token-of-facebook-users-meta-bug-bounty-44b3b2e87d07?source=rss------bug_bounty-5 | Saugat Pokharel | meta, cybersecurity, facebook-bug-bounty, bug-bounty, hacking | 30-Jul-2024 |
第一次课程笔记整理 | https://medium.com/@starkxun5215/%E7%AC%AC%E4%B8%80%E6%AC%A1%E8%AF%BE%E7%A8%8B%E7%AC%94%E8%AE%B0%E6%95%B4%E7%90%86-52d34c91f3fc?source=rss------bug_bounty-5 | xun stark | bug-bounty | 30-Jul-2024 |
Race Conditions Uncovered: A Practical Guide | https://yaseenzubair.medium.com/race-conditions-uncovered-a-practical-guide-3cb69d73c946?source=rss------bug_bounty-5 | Yaseen Zubair | web-security, penetration-testing, bug-bounty, bug-bounty-tips, race-condition | 30-Jul-2024 |
Navigating the Dangers of Insecure Deserialization | https://cyberw1ng.medium.com/navigating-the-dangers-of-insecure-deserialization-73254b5ed415?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, cybersecurity, bug-bounty, hacking, careers | 30-Jul-2024 |
How I got my first valid bug on nasa | https://medium.com/@mrkimia097/how-i-got-my-first-valid-bug-on-nasa-bf5e95531f00?source=rss------bug_bounty-5 | Mrkimia | bug-bounty | 30-Jul-2024 |
Top Google Dorks Explained | https://infosecwriteups.com/top-google-dorks-explained-ee6cac1673da?source=rss------bug_bounty-5 | Mike Takahashi (TakSec) | information-security, seo, hacking, cybersecurity, bug-bounty | 30-Jul-2024 |
Exposing OTP Bypass Vulnerabilities: Step-by-Step Bug Bounty Case Study | https://b0mk35h.medium.com/exposing-otp-bypass-vulnerabilities-step-by-step-bug-bounty-case-study-0dc39dc543bd?source=rss------bug_bounty-5 | Pronay Biswas | penetration-testing, hacking, bug-bounty, vulnerability, cybersecurity | 29-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-56) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-56-5d2efa89b759?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, bug-bounty, ethical-hacking, cybersecurity, skills | 29-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-55) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-55-1032e6222b41?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, ethical-hacking, skills, bug-bounty, hacking | 29-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-54) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-54-8e83629a6942?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, hacking, ethical-hacking, skills, bug-bounty | 29-Jul-2024 |
Exploiting Open Redirection $1000 | https://medium.com/@mdnafeed3/how-about-exploiting-open-redirection-how-base64-encoding-can-uncover-hidden-vulnerabilities-cb5beb11b763?source=rss------bug_bounty-5 | H4cker-Nafeed | cybersecurity, web3, infosec, hacking, bug-bounty | 29-Jul-2024 |
Insecure Deserialization Vulnerabilities: A Deep Dive into Risks and Mitigations | https://cyberw1ng.medium.com/insecure-deserialization-vulnerabilities-a-deep-dive-into-risks-and-mitigations-5c37f297c763?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, bug-bounty, penetration-testing, hacking | 29-Jul-2024 |
Discovering and Exploiting an XSS Vulnerability in a Large Finance Website | https://medium.com/@anonymousshetty2003/discovering-and-exploiting-an-xss-vulnerability-in-a-large-finance-website-f125dbd6d984?source=rss------bug_bounty-5 | Anonymousshetty | xss-vulnerability, cybersecurity, ethical-hacking, hacking, bug-bounty | 29-Jul-2024 |
Advanced scan with Bash | https://mosec0.medium.com/advanced-scan-with-bash-52005537a63c?source=rss------bug_bounty-5 | Mohamed Ali | pentester, bug-bounty, new-security-tool | 29-Jul-2024 |
Uncovering Sensitive File Information: A Case Study in Web Security | https://medium.com/@anonymousshetty2003/uncovering-sensitive-file-information-a-case-study-in-web-security-f5d03f2c5cd4?source=rss------bug_bounty-5 | Anonymousshetty | sensitive-data, cybersecurity, ethical-hacking, bug-bounty, dorking | 29-Jul-2024 |
Kioptrix Level 2 Walkthrough | https://erdemstar.medium.com/kioptrix-level-2-walkthrough-439c56f87c?source=rss------bug_bounty-5 | Erdemstar | vulnerability, oscp-preparation, bug-bounty-tips, bug-bounty, oscp | 29-Jul-2024 |
JS Link Finder Burp Suite Extension Guide | https://infosecwriteups.com/js-link-finder-burp-suite-extension-guide-e4809a6da268?source=rss------bug_bounty-5 | Mike Takahashi (TakSec) | information-security, cybersecurity, hacking, bug-bounty, appsec | 29-Jul-2024 |
New Plans | https://medium.com/@nnface/new-plans-0b11cfa5495d?source=rss------bug_bounty-5 | NnFace | bugs, bug-bounty, bug-bounty-writeup, hacker, hacking | 29-Jul-2024 |
Chain Reaction On Big Player | https://medium.com/@nnface/chain-reaction-on-big-player-4e331faf57b9?source=rss------bug_bounty-5 | NnFace | bug-bounty, bug-bounty-tips, bugs, bugs-bunny, hacking | 29-Jul-2024 |
JavaScript: Hunting And Analyzing for Bug Bounty.. | https://hacktivistattacker.medium.com/javascript-hunting-and-analyzing-for-bug-bounty-a15416de32cd?source=rss------bug_bounty-5 | Hacktivist-Attacker | bug-bounty, ethical-hacking, code-analysis, education, javascript | 28-Jul-2024 |
Hunting for Vulnerabilities that are ignored by most of the Bug Bounty Hunters — Part 2 | https://medium.com/@kshunya/hunting-for-vulnerabilities-that-are-ignored-by-most-of-the-bug-bounty-hunters-part-2-d2a51edaa8e8?source=rss------bug_bounty-5 | Vishal Barot | pentesting, infosec, bug-bounty, penetration-testing, vapt | 28-Jul-2024 |
Hacking OWASP Juice Shop: Part 2 — Exposing Critical Vulnerabilities in the Payment Flow | https://callgh0st.medium.com/hacking-owasp-juice-shop-part-2-exposing-critical-vulnerabilities-in-the-payment-flow-45630ed1633e?source=rss------bug_bounty-5 | callgh0st | vulnerability, hacking, bug-bounty, payments, logic | 28-Jul-2024 |
Unveiling Hidden Git Repositories: A Deep Dive into the Git Source Code Disclosure Scanner | https://maordayanofficial.medium.com/unveiling-hidden-git-repositories-a-deep-dive-into-the-git-source-code-disclosure-scanner-f704470de59a?source=rss------bug_bounty-5 | Maor Dayan | threat-hunting, vulnerability, white-hat-hacker, bug-bounty | 28-Jul-2024 |
How I bypass Safegurads of meta AI (Llama) | https://medium.com/@jeetpal2007/how-i-bypass-safegurads-of-meta-ai-llama-d735b521da2b?source=rss------bug_bounty-5 | JEETPAL | llamas, bug-bounty, llm, bugbounty-tips, bugbounty-writeup | 28-Jul-2024 |
How to Fight Procrastination as a Bug Hunter | https://medium.com/@Progsky/how-to-fight-procrastination-as-a-bug-hunter-48d0d280e572?source=rss------bug_bounty-5 | Progsky | bug-bounty, hacking, pentesting, penetration-testing, procrastination | 28-Jul-2024 |
Exploiting Insecure Deserialization Vulnerabilities | https://cyberw1ng.medium.com/exploiting-insecure-deserialization-vulnerabilities-cb9c586cd146?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, careers, penetration-testing, hacking | 28-Jul-2024 |
Subdomain Takeover | https://medium.com/@mukkagopi50/subdomain-takeover-1de38466fdcc?source=rss------bug_bounty-5 | Gopi Mukka | bug-bounty | 28-Jul-2024 |
Bypass Plan Restriction & Get 350$ Bounty | https://infosecwriteups.com/bypass-plan-restriction-get-350-bounty-2df24f406462?source=rss------bug_bounty-5 | Abhi Sharma | privilege-escalation, bug-bounty, programming, cybersecurity, access-control | 28-Jul-2024 |
Here are some common parameters to test for XSS (Cross-Site Scripting) vulnerabilities: | https://medium.com/@BugHunterMan/here-are-some-common-parameters-to-test-for-xss-cross-site-scripting-vulnerabilities-fbe25f1968cc?source=rss------bug_bounty-5 | BugHUnterMan | bug-bounty, vulnerability | 28-Jul-2024 |
Hacking OWASP Juice Shop: Part 2 — Exposing Critical Vulnerabilities in the Payment Flow | https://infosecwriteups.com/hacking-owasp-juice-shop-part-2-exposing-critical-vulnerabilities-in-the-payment-flow-45630ed1633e?source=rss------bug_bounty-5 | callgh0st | vulnerability, hacking, bug-bounty, payments, logic | 28-Jul-2024 |
0-Click ATO Due to Weak Reset Password Tokens and Lack of Rate Limiting | https://h0tak88r.medium.com/0-click-ato-due-to-weak-reset-password-tokens-and-lack-of-rate-limiting-b7fe20487a45?source=rss------bug_bounty-5 | sallam | cybersecurity, ato, bug-bounty, account-takeover, bug-bounty-tips | 28-Jul-2024 |
how did i find leakage of information just by fuzzing? | https://medium.com/@onader104/how-did-i-find-leakage-of-information-just-by-fuzzing-888d6ce6d8f7?source=rss------bug_bounty-5 | Omar Nader | infosec, bug-bounty, cybersecurity, bug-bounty-tips, info-sec-writeups | 28-Jul-2024 |
The Looming Threat: How an IDOR Vulnerability Could Have Exposed Millions of Merchants Details. | https://medium.com/@cy3erbeast/the-looming-threat-how-an-idor-vulnerability-could-have-exposed-millions-of-merchants-details-f488725489a0?source=rss------bug_bounty-5 | Rahul | bug-bounty-writeup, bug-bounty, idor-vulnerability, bug-bounty-tips, data-breach | 28-Jul-2024 |
Discovered Sensitive Data Exposure on Wati.com: A Case Study Using Sublist3r and DirBuster | https://medium.com/@anonymousshetty2003/discovered-sensitive-data-exposure-on-wati-com-a-case-study-using-sublist3r-and-dirbuster-409a03f8f75d?source=rss------bug_bounty-5 | Anonymousshetty | bug-bounty, hacking, cybersecurity, ethical-hacking | 27-Jul-2024 |
Open Redirect Vulnerability in Microsoft Create Portal | https://zeynalxan.medium.com/open-redirect-vulnerability-in-microsoft-create-portal-6654eb3e6b7a?source=rss------bug_bounty-5 | Zeynalxan Quliyev | bug-bounty, microsoft-hack, open-redirect, bug-bounty-writeup, microsoft-open-redirect | 27-Jul-2024 |
How I found a Privilege Escalation bug in bug bounty. | https://medium.com/@gitlime71/how-i-found-a-privilege-escalation-bug-in-bug-bounty-eff018f19020?source=rss------bug_bounty-5 | Raccoon | hacking, bug-bounty, penetration-testing, pentesting, bug-bounty-tips | 27-Jul-2024 |
Jailbreak of Meta AI (Llama -3.1) revealing configuration details | https://medium.com/@kiranmaraju/jailbreak-of-meta-ai-llama-3-1-revealing-configuration-details-9f0759f5006a?source=rss------bug_bounty-5 | Kiran Maraju | llm, nlp, cybersecurity, bug-bounty, chatbots | 27-Jul-2024 |
Subdomain Takeover | https://medium.com/@ibnibrahim/subdomain-takeover-34bd662b5a7a?source=rss------bug_bounty-5 | TestUser | cybersecurity, hacking, ethical-hacking, bug-bounty, information-security | 27-Jul-2024 |
Exploiting insecure deserialization vulnerabilities | https://cyberw1ng.medium.com/exploiting-insecure-deserialization-vulnerabilities-3595e4c24e2d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, penetration-testing, cybersecurity, careers | 27-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-48) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-48-241d35293a81?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, cybersecurity, hacking, skills, bug-bounty | 26-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-47) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-47-8d21d898cc97?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, skills, cybersecurity, ethical-hacking, hacking | 26-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-46) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-46-e851213880f4?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | skills, bug-bounty, ethical-hacking, hacking, cybersecurity | 26-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-45) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-45-7a90d1667a7a?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, skills, ethical-hacking, bug-bounty, hacking | 26-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-44) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-44-e4649fab9a0c?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, ethical-hacking | 26-Jul-2024 |
30-day Time Limit: Swagshop Credit-Giving Activity | https://medium.com/@security.tecno/30-day-time-limit-swagshop-credit-giving-activity-61454ef3757b?source=rss------bug_bounty-5 | TECNO Security | bug-bounty, security, bonus, hacker | 26-Jul-2024 |
SIMPLE IDEA IN 2FA BYPASS LEADS TO $$$$ & CRITICAL IMPACT ! | https://medium.com/@alderson.philip/simple-idea-in-2fa-bypass-leads-to-critical-impact-a98e7c6a4190?source=rss------bug_bounty-5 | Philip Alderson | hacker, bugs, bug-bounty, 2fa-bypass | 26-Jul-2024 |
Inside the Bug Bounty World: Challenges, Rewards, and Tips for Success | https://medium.com/codex/inside-the-bug-bounty-world-challenges-rewards-and-tips-for-success-74ea37cbfd9c?source=rss------bug_bounty-5 | Security Lit Limited | bug-bounty, vulnerability, bug-bounty-tips, cybersecurity, penetration-testing | 26-Jul-2024 |
Quick Guide: API Penetration Testing | https://medium.com/@miladkeivanfar/quick-guide-api-penetration-testing-496c2e356a2e?source=rss------bug_bounty-5 | Milad keivanfar | pentesting, api-penetration-testing, bug-bounty, bug-bounty-tips, api-security | 26-Jul-2024 |
Solving an extremely difficult cryptography CTF pack: Level 1 | https://medium.com/@f3tch/day-1-of-solving-an-extremely-difficulty-level-cryptography-ctf-pack-level-1-b8b3d89a531c?source=rss------bug_bounty-5 | f3tch | hacking, ctf-writeup, ctf, bug-bounty, cryptography | 26-Jul-2024 |
ElasticSearch Smash & Grab | https://hogarth45.medium.com/elasticsearch-smash-grab-99cf36cdefbb?source=rss------bug_bounty-5 | Jess | elasticsearch, hacking, bug-bounty | 26-Jul-2024 |
Pentesting vs. Bug Bounty: Understanding the Differences and Choosing the Right Approach | https://ip-specialist.medium.com/pentesting-vs-bug-bounty-understanding-the-differences-and-choosing-the-right-approach-0af4e0569193?source=rss------bug_bounty-5 | IPSpecialist | difference, pentester, pentesting, bug-bounty, security | 26-Jul-2024 |
18.7 Lab: Clobbering DOM attributes to bypass HTML filters | https://cyberw1ng.medium.com/18-7-lab-clobbering-dom-attributes-to-bypass-html-filters-d1af9a33ae41?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, penetration-testing, careers, hacking | 26-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-49) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-49-2ef3a8eb3b4b?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, bug-bounty, cybersecurity, ethical-hacking, skills | 26-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-53) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-53-bea2f5cf6a14?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | skills, cybersecurity, hacking, ethical-hacking, bug-bounty | 26-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-52) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-52-26b5cc12f0c2?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, bug-bounty | 26-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-51) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-51-379ea39fb723?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, skills, cybersecurity, ethical-hacking, hacking | 26-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-50) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-50-4a59a3c4f97b?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, cybersecurity, skills, ethical-hacking, hacking | 26-Jul-2024 |
IDOR : Payment Fraud on GYM Membership website | https://uzet.medium.com/idor-payment-fraud-on-gym-membership-website-d4e67f07db57?source=rss------bug_bounty-5 | Timotius Benhur | bug-bounty, pentesting, bug-bounty-writeup, bug-bounty-tips, cybersecurity | 25-Jul-2024 |
SQL Injection in 5 mins //Just because of CURIOSITY // | https://larebsec.medium.com/sql-injection-in-5-mins-just-because-of-curiosity-56e186f6296d?source=rss------bug_bounty-5 | Lareb | sql-injection, hacking, cybersecurity, security, bug-bounty | 25-Jul-2024 |
Useful JavaScript functions & API’s to exploit XSS (Cross-Site Scripting) | https://medium.com/@godsxfinger/useful-javascript-functions-apis-to-exploit-xss-cross-site-scripting-5d99a93d9899?source=rss------bug_bounty-5 | Aadi (godsxfinger) | cross-site-scripting, xs, bug-bounty, cybersecurity | 25-Jul-2024 |
Bypassing OTP Verification in a Signup Page | https://medium.com/@rat010/bypassing-otp-verification-in-a-signup-page-13976f724017?source=rss------bug_bounty-5 | Kanhaiya Kumar Singh | bug-bounty, web-application-security, web-app-testing, bug-hunting, bug-bounty-tips | 25-Jul-2024 |
18.6 Lab: Exploiting DOM clobbering to enable XSS | https://cyberw1ng.medium.com/18-6-lab-exploiting-dom-clobbering-to-enable-xss-640dd7c5fcf8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, cybersecurity, hacking, penetration-testing | 25-Jul-2024 |
The Importance of Cybersecurity in Today’s Digital Age | https://medium.com/@erkankavas/the-importance-of-cybersecurity-in-todays-digital-age-8d5a61d47416?source=rss------bug_bounty-5 | Erkan Kavas | cybersecurity, bug-bounty, threat-intelligence | 25-Jul-2024 |
Automatiser la découverte des XSS | https://medium.com/@hazeprojecte/automatiser-la-d%C3%A9couverte-des-xss-9810f89172a4?source=rss------bug_bounty-5 | Itachix0f | xss-attack, automatisation, bug-bounty-tips, bug-bounty | 25-Jul-2024 |
Automatiser la découverte des XSS | https://medium.com/@Itachi0xf/automatiser-la-d%C3%A9couverte-des-xss-9810f89172a4?source=rss------bug_bounty-5 | Itachix0f | xss-attack, automatisation, bug-bounty-tips, bug-bounty | 25-Jul-2024 |
The Basic SQLmap Tutorial and SQLInjection | PortswiggerLab with SQLMap | https://medium.com/@barsavak/the-basic-sqlmap-tutorial-and-sqlinjection-portswiggerlab-with-sqlmap-1bb0cdf086fb?source=rss------bug_bounty-5 | bariss30 | bug-bounty, test, sql-injection, web-vulnerabilities, tools | 24-Jul-2024 |
Bug Bounty basic for beginners & Types of bug bounty programs | https://systemweakness.com/bug-bounty-basic-for-beginners-types-of-bug-bounty-programs-e4a8dab68fcd?source=rss------bug_bounty-5 | Harsh Hatej | bug-bounty, bug-bounty-program, kali-linux, bug-bounty-tips, bounty-program | 24-Jul-2024 |
14.30 Lab: Reflected XSS protected by CSP, with CSP bypass | https://cyberw1ng.medium.com/14-30-lab-reflected-xss-protected-by-csp-with-csp-bypass-779c76173f7a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, cybersecurity, careers, hacking | 24-Jul-2024 |
Android PenTesting Tools | https://medium.com/@evilprince007/android-pentesting-tools-efd0685ffeb7?source=rss------bug_bounty-5 | Prathamesh Khatavkar | android, bug-bounty, hacking, cybersecurity, mobile | 24-Jul-2024 |
Hacking Moodle Apps Via External Functions | https://medium.com/@dub-flow/hacking-moodle-apps-via-external-functions-1fc88a6d697c?source=rss------bug_bounty-5 | Florian Walter | penetration-testing, moodle, ethical-hacking, cybersecurity, bug-bounty | 24-Jul-2024 |
Accelerating Cybersecurity Learning with Speed Reading and Memory Training | https://medium.com/@enigma_/accelerating-cybersecurity-learning-with-speed-reading-and-memory-training-97305b666660?source=rss------bug_bounty-5 | enigma | bug-bounty, memory-improvement, ethical-hacking, speed-reading, cybersecurity | 24-Jul-2024 |
How Almost Sacrificing a University Group Project led to a Microsoft Bug Bounty | https://medium.com/@pyrus369/how-almost-sacrificing-a-university-group-project-led-to-a-microsoft-bug-bounty-9801e0f8f006?source=rss------bug_bounty-5 | Pyrus | microsoft, cybersecurity, web-security, bug-bounty, infosec | 23-Jul-2024 |
How Almost Sacrificing a University Group Project led to a Microsoft Bug Bounty | https://medium.com/@ericdesquivel3/how-almost-sacrificing-a-university-group-project-led-to-a-microsoft-bug-bounty-7e1b4eaabe22?source=rss------bug_bounty-5 | Eric Esquivel | bug-bounty, web-app-security | 23-Jul-2024 |
Unmasking Keystroke Secrets: How Hackers Exploit Your Keyboard — A Deep Dive into… | https://systemweakness.com/unmasking-keystroke-secrets-how-hackers-exploit-your-keyboard-a-deep-dive-into-5bdb1bbabb25?source=rss------bug_bounty-5 | Khaleel Khan | infosec, bug-bounty, python, hacking, cybersecurity | 23-Jul-2024 |
Preparing Your VPS for Bug Bounty Operations: A Complete Guide | https://medium.com/@adityasingh4180/preparing-your-vps-for-bug-bounty-operations-a-complete-guide-f55c30331df0?source=rss------bug_bounty-5 | Security Empire | cybersecurity, vps, bugcrowd, automation-testing, bug-bounty | 23-Jul-2024 |
5 Tips For Writing Bug Bounty Reports — Bug Bounty Tuesday | https://medium.com/@kerstan/5-tips-for-writing-bug-bounty-reports-bug-bounty-tuesday-0c5ed937a657?source=rss------bug_bounty-5 | kerstan | hacking, bug-bounty, cybersecurity | 23-Jul-2024 |
Complex Attack Types: Sample Scenarios 48 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-48-410ddcb3010e?source=rss------bug_bounty-5 | Baris Dincer | freedomofinternet, bug-bounty, cyberattack, cybersecurity, penetration-testing | 23-Jul-2024 |
Top 10 XSS Payloads | https://rodoassis.medium.com/top-10-xss-payloads-e4774a43e285?source=rss------bug_bounty-5 | Rodolfo Assis (Brute) | xss-vulnerability, xss-attack, web-security, bug-bounty, web-hacking | 23-Jul-2024 |
How i created my first XSS tool:-XSS-Pro #BugBounty | https://medium.com/@mithun_/how-i-created-my-first-xss-tool-xss-pro-bugbounty-982a16079baf?source=rss------bug_bounty-5 | Mithun | xss-vulnerability, xss-attack, pentesting, bug-bounty, automation | 23-Jul-2024 |
I made a big mistake… | https://medium.com/@deadoverflow/i-made-a-big-mistake-a3e2dac4138c?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty, cybsersecurity, bug-bounty-tips, hacking, programming | 23-Jul-2024 |
How to start Bug Hunting | https://medium.com/@hackerhyaato/how-to-start-bug-hunting-73ce283db5ac?source=rss------bug_bounty-5 | Hackerhyaato | how-to-start-bug-hunting, bug-bounty, bug-hunting, bugbounty-tips, how-to-start-bug-bounty | 23-Jul-2024 |
What is CSP (content security policy)? | https://cyberw1ng.medium.com/what-is-csp-content-security-policy-cb3580832442?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, penetration-testing, bug-bounty, hacking | 23-Jul-2024 |
How to Install websocat on linux (Debian / Ubuntu) | https://medium.com/@brianokinyi/how-to-install-websocat-on-linux-debian-ubuntu-85893655355e?source=rss------bug_bounty-5 | Brian Okinyi | websocket, bug-bounty, linux, pentesting | 22-Jul-2024 |
Case Studies: High-Profile Vulnerabilities Discovered Through Bug Bounty Programs | https://medium.com/@paritoshblogs/case-studies-high-profile-vulnerabilities-discovered-through-bug-bounty-programs-2a063561f733?source=rss------bug_bounty-5 | Paritosh | information-technology, hacking, bug-bounty, cybersecurity, information-security | 22-Jul-2024 |
OverTheWire — Bandit27 | https://medium.com/@evilprince007/overthewire-bandit27-465df4274d80?source=rss------bug_bounty-5 | Prathamesh Khatavkar | hacking, cybersecurity, bug-bounty | 22-Jul-2024 |
TapSwap Clone Script Your Gateway to a Lucrative Tap-to-Earn Game !!! | https://medium.com/@peterkester96/tapswap-clone-script-your-gateway-to-a-lucrative-tap-to-earn-game-68a589821305?source=rss------bug_bounty-5 | Peterkester | players, bug-bounty, telegram, profit, reflections | 22-Jul-2024 |
Burp Suite Made Easy: A Step-By-Step Tutorial (Part 1 of 2) | https://medium.com/@trixiahorner/burp-suite-made-easy-a-step-by-step-tutorial-part-1-of-2-451695ce84b1?source=rss------bug_bounty-5 | Trixia Horner | tryhackme, ethical-hacking, cybersecurity, penetration-testing, bug-bounty | 22-Jul-2024 |
14.28 Lab: Reflected XSS in a JavaScript URL with some characters blocked | https://cyberw1ng.medium.com/14-28-lab-reflected-xss-in-a-javascript-url-with-some-characters-blocked-db67819d5aa6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, careers, cybersecurity, penetration-testing | 22-Jul-2024 |
What is IDOR (along with IDOR Attack Method) | https://medium.com/@errorfiathck/what-is-idor-along-with-idor-attack-method-e183b28e8546?source=rss------bug_bounty-5 | Errorfiathck | vulnerability, hacking, bug-bounty, idor, idor-vulnerability | 22-Jul-2024 |
The First Bug bounty forum ! | https://elb4rt0.medium.com/the-first-bug-bounty-forum-ba0399fb70c0?source=rss------bug_bounty-5 | Elb4rt0 | bug-bounty-hunter, bug-bounty-tips, bugs, bug-bounty, bug-bounty-writeup | 22-Jul-2024 |
First €200 bug that started my Bug Bounty Career | https://medium.com/@sugamdangal52/first-200-bug-that-started-my-bug-bounty-career-c11a871e116f?source=rss------bug_bounty-5 | Sugam Dangal | bug-bounty-hunter, bug-bounty, bug-bounty-tips, bugs, bug-bounty-writeup | 22-Jul-2024 |
My Encounter with an Admin Panel in a Gas Agency Website | https://medium.com/@parthh_rana/my-encounter-with-an-admin-panel-in-a-gas-agency-website-72ded4fa4345?source=rss------bug_bounty-5 | Parth Rana | laravel, admin-panel, cybersecurity, bug-bounty, directory-listing | 22-Jul-2024 |
HACKERONE IS A SCAM | https://medium.com/@proseizala/hackerone-is-a-scam-1623a5030284?source=rss------bug_bounty-5 | Proseizala | cybersecurity, hackerone, hacker, bug-bounty | 22-Jul-2024 |
Complex Attack Types: Sample Scenarios 47 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-47-c0314c0e0b02?source=rss------bug_bounty-5 | Baris Dincer | penetration-testing, freedomofinternet, bug-bounty, cyberattack, cybersecurity | 22-Jul-2024 |
Discovering Account Takeover Vulnerability Through Source Map Analysis | https://medium.com/@eduardinholuiz691/discovering-account-takeover-vulnerability-through-source-map-analysis-0cd4038cbc04?source=rss------bug_bounty-5 | Daniel Silva | vulnerability, bug-bounty, bug-bounty-writeup, reconnaissance | 22-Jul-2024 |
Discovering Account Takeover Vulnerability Through Source Map Analysis | https://medium.com/@danielsilva691/discovering-account-takeover-vulnerability-through-source-map-analysis-0cd4038cbc04?source=rss------bug_bounty-5 | Daniel Silva | vulnerability, bug-bounty, bug-bounty-writeup, reconnaissance | 22-Jul-2024 |
CVE-2024–40725 and CVE-2024–40898: Critical Vulnerabilities in Apache HTTP Server | https://infosecwriteups.com/cve-2024-40725-and-cve-2024-40898-critical-vulnerabilities-in-apache-http-server-d292084255dc?source=rss------bug_bounty-5 | ElNiak | apache, cybersecurity, https, bug-bounty, vulnerability | 21-Jul-2024 |
TryHackMe — NahamStore — Walkthrough | https://medium.com/@nayanjyoti16/tryhackme-nahamstore-walkthrough-d4ecfe586c96?source=rss------bug_bounty-5 | Nayanjyoti Kumar | tryhackme, hacking, web, nahamstore, bug-bounty | 21-Jul-2024 |
How I bypassed payment in one of the popular mobile apk and got free subsciption | https://medium.com/@deepk007/how-i-bypassed-payment-in-one-of-the-popular-mobile-apk-and-got-free-subsciption-46e94f61c089?source=rss------bug_bounty-5 | DEep | bug-bounty, bug-bounty-tips, ethical-hacking, red-team, cybersecurity | 21-Jul-2024 |
Community Building in Bug Bounties: The Power of Networking and Collaboration | https://sarthakbhingare15.medium.com/community-building-in-bug-bounties-the-power-of-networking-and-collaboration-6adcdea4435b?source=rss------bug_bounty-5 | Sarthak Bhingare | community, improve, bug-bounty-tips, bug-bounty, tips | 21-Jul-2024 |
14.27 Lab: Reflected XSS with event handlers and href attributes blocked | https://cyberw1ng.medium.com/14-27-lab-reflected-xss-with-event-handlers-and-href-attributes-blocked-d2f9871fc8a8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, penetration-testing, careers, bug-bounty | 21-Jul-2024 |
How To Setup Private Interactsh Server | https://medium.com/@learntheshell/how-to-setup-private-interactsh-server-016c344a10b3?source=rss------bug_bounty-5 | LearnTheShell | bug-bounty, bug-bounty-tips, cybersecurity, linux | 21-Jul-2024 |
Advanced XXE Injection | https://medium.com/illumination/advanced-xxe-injection-fb269f281a40?source=rss------bug_bounty-5 | Quintius Walker | poetry, poetry-writing, poetry-on-medium, illumination, bug-bounty | 21-Jul-2024 |
BSOD error due to crowdstrike. | https://gaya3-r.medium.com/bsod-error-due-to-crowdstrike-d675c348d09e?source=rss------bug_bounty-5 | gayatri r | bug-bounty, crowdstrike, crowdstrike-outage, bsod-error, information-security | 21-Jul-2024 |
Email verification bypass due to race condition. | https://medium.com/@mohamed.yasser442200/email-verification-bypass-due-to-race-condition-8e4492313208?source=rss------bug_bounty-5 | Spider4 | race-condition, red-team, bug-bounty, security, pentesting | 21-Jul-2024 |
Community Building in Bug Bounties: The Power of Networking and Collaboration | https://sarthakbhingare15.medium.com/community-building-in-bug-bounties-the-power-of-networking-and-collaboration-6adcdea4435b?source=rss------bug_bounty-5 | Sarthak Raju Bhingare | community, improve, bug-bounty-tips, bug-bounty, tips | 21-Jul-2024 |
Uncovering a Critical Vulnerability: Unauthorized Access to Sensitive Data | https://medium.com/@anonymousshetty2003/uncovering-a-critical-vulnerability-unauthorized-access-to-sensitive-data-024182daa127?source=rss------bug_bounty-5 | Anonymousshetty | penetration-testing, bug-bounty, dorking, cybersecurity, ethical-hacking | 20-Jul-2024 |
Discovering a High-Severity Bug in a Major Mobile Distribution Company | https://medium.com/@anonymousshetty2003/discovering-a-high-severity-bug-in-a-major-mobile-distribution-company-3fdb2a0f1987?source=rss------bug_bounty-5 | Anonymousshetty | cybersecurity, ethical-hacking, bug-bounty | 20-Jul-2024 |
How I was able to escalate my privileges and Bypass 403 Forbidden | https://medium.com/@momen_besher/how-i-was-able-to-escalate-my-privileges-and-bypass-403-forbidden-17b8aea4cba6?source=rss------bug_bounty-5 | steve55555 | cybersecurity, bug-bounty, bug-bounty-tips | 20-Jul-2024 |
Kali Linux: Starting Out with Bug Bounty Hunting | https://medium.com/@nimrashahidktk3/kali-linux-starting-out-with-bug-bounty-hunting-d7a0150645bd?source=rss------bug_bounty-5 | Nimra Shahid | penetration-testing, cybersecurity, kali-linux, bug-bounty | 20-Jul-2024 |
14.26 Lab: Reflected XSS with AngularJS sandbox escape and CSP | https://cyberw1ng.medium.com/14-26-lab-reflected-xss-with-angularjs-sandbox-escape-and-csp-b98791b2a5a6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, penetration-testing, bug-bounty, hacking | 20-Jul-2024 |
Complex Attack Types: Sample Scenarios 46 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-46-a6707ef9e910?source=rss------bug_bounty-5 | Baris Dincer | penetration-testing, cyberattack, bug-bounty, freedomofinternet, cybersecurity | 20-Jul-2024 |
The Type of Bug That We Can’t See | https://medium.com/illumination/the-type-of-bug-that-we-cant-see-82ff07cdcd71?source=rss------bug_bounty-5 | Quintius Walker | creative-writing, poetry-on-medium, poetry, bug-bounty, illumination | 20-Jul-2024 |
This is how i escalated self XSS with CSRF | https://medium.com/@pvnk24/this-is-how-i-escalated-self-xss-with-csrf-80113ab3080e?source=rss------bug_bounty-5 | Pavan K | cybersecurity, bug-bounty, penetration-testing, security, pentesting | 20-Jul-2024 |
Basic Pentesting 1 Walkthrough | https://erdemstar.medium.com/basic-pentesting-1-walkthrough-4e447a2ac35d?source=rss------bug_bounty-5 | Erdemstar | oscp-preparation, oscp, bug-bounty, application-security, penetration-testing | 20-Jul-2024 |
Discovering an XML File Upload Vulnerability Lead to SSRF: My Bug Hunting Journey | https://javroot.medium.com/discovering-an-xml-file-upload-vulnerability-lead-to-ssrf-my-bug-hunting-journey-8e1bac89f60f?source=rss------bug_bounty-5 | Javroot | xml, bug-bounty, vulnerability, cybersecurity, bug-bounty-tips | 20-Jul-2024 |
The Type of Bug That We Can’t See | https://medium.com/@The_StarHack3r/the-type-of-bug-that-we-cant-see-82ff07cdcd71?source=rss------bug_bounty-5 | Quintius Walker | creative-writing, poetry-on-medium, poetry, bug-bounty, illumination | 20-Jul-2024 |
14.25 Lab: Reflected XSS with AngularJS sandbox escape without strings | https://cyberw1ng.medium.com/14-25-lab-reflected-xss-with-angularjs-sandbox-escape-without-strings-6ffac9f6bdf4?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, hacking, cybersecurity, careers | 19-Jul-2024 |
Subdomain Takeover on hatenablog.com (はてなブログ) | https://medium.com/@daichiharada/subdomain-takeover-hatenablog-2cb3576bf881?source=rss------bug_bounty-5 | Daichi Harada | subdomain-takeover, security, bug-bounty | 19-Jul-2024 |
1000$ IDOR : Unauthorized Project Inclusion in Expense | https://medium.com/@a13h1/1000-idor-unauthorized-project-inclusion-in-expense-b9ce08b28c71?source=rss------bug_bounty-5 | Abhi Sharma | cybersecurity, idor, bug-bounty, broken-access-control, information-security | 19-Jul-2024 |
Information Disclosure that made me $2000 in under 5 minutes | https://medium.com/@sugamdangal52/information-disclosure-that-made-me-2000-in-under-5-minutes-63e1ce00ca07?source=rss------bug_bounty-5 | Sugam Dangal | information-disclosure, bug-bounty-writeup, bug-bounty, bug-bounty-tips | 19-Jul-2024 |
Common Technique To Exploit File Upload Vulnerability | https://medium.com/@p00dl3/common-technique-to-exploit-file-upload-vulnerability-bf84beed7207?source=rss------bug_bounty-5 | p00dl3 | cybersecurity, bug-bounty, file-upload | 19-Jul-2024 |
Complete Cybersecurity Roadmap 2024 (Part-1) | https://osintteam.blog/complete-cybersecurity-roadmap-2024-part-1-c69986288f16?source=rss------bug_bounty-5 | LogicTech | cybersecurity, osint, bug-bounty, hacking, roadmaps | 19-Jul-2024 |
Hello ….. | https://medium.com/@rutujasoundale693/hello-4a42a834d006?source=rss------bug_bounty-5 | Rutujasoundale | cybersecurity, bug-bounty | 19-Jul-2024 |
Complex Attack Types: Sample Scenarios 45 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-45-17057d9de6dd?source=rss------bug_bounty-5 | Baris Dincer | cybersecurity, bug-bounty, penetration-testing, freedomofinternet, cyberattack | 19-Jul-2024 |
Não Experimente a Tela Azul da Microsoft(BUG?) | https://medium.com/@liviaxavier200317/n%C3%A3o-experimente-a-tela-azul-da-microsoft-bug-9f631ea24c8d?source=rss------bug_bounty-5 | Livia Xavier | crowdstrike, cibernéticos, bug-bounty, microsoft, bugs | 19-Jul-2024 |
Specialized Bug Sweeps for Unique Environments | https://medium.com/@siddiquiasad2299/specialized-bug-sweeps-for-unique-environments-43a1ea56930c?source=rss------bug_bounty-5 | Asad Siddiqui | bug-detection, tscm, bug-bounty, bug-sweep | 19-Jul-2024 |
Kursus Cyber Security Di Linuxhackingid | https://medium.com/@linuxhackingid_official/kursus-cyber-security-di-linuxhackingid-dc4e52760661?source=rss------bug_bounty-5 | Linuxhackingid | hacker, bug-bounty, cybersecurity, linuxhackingid, hacking | 18-Jul-2024 |
Top 50+ XSS Bug Bounty Writeups | Cross-Site Scripting(XSS) Attacks Reports | https://medium.com/@proseizala/top-50-xss-bug-bounty-writeups-cross-site-scripting-xss-attacks-reports-700332ed6c87?source=rss------bug_bounty-5 | Proseizala | hacker, hacking, bug-bounty, cybersecurity | 18-Jul-2024 |
Sub Domains Finder Tools | https://medium.com/@proseizala/sub-domains-finder-tools-fefa2b44bb34?source=rss------bug_bounty-5 | Proseizala | bug-bounty, cybersecurity, hacker | 18-Jul-2024 |
13.5 Lab: Exploiting server-side parameter pollution in a REST URL | https://cyberw1ng.medium.com/13-5-lab-exploiting-server-side-parameter-pollution-in-a-rest-url-a1876056a5f6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, bug-bounty, hacking, cybersecurity | 18-Jul-2024 |
Critical Logic Flaw Allows Overwrite of Any User Account | https://medium.com/@elcapitano7x/critical-logic-flaw-allows-overwrite-of-any-user-account-015b102e1da7?source=rss------bug_bounty-5 | Elcapitano | bug-bounty, bug-bounty-tips, hackerone, bugbounty-writeup, hacking | 18-Jul-2024 |
How I Found and Bypassed a Spring Boot Actuator Information Disclosure Bug | https://cametom006.medium.com/how-i-found-and-bypassed-a-spring-boot-actuator-information-disclosure-bug-c4930b740a50?source=rss------bug_bounty-5 | Fahad Faisal | bug-bounty | 18-Jul-2024 |
Summary Of The Basics of Web Hacking, PRT 2 | https://medium.com/@zghzwbcn/summary-of-the-basics-of-web-hacking-prt-2-e3d7bdbf902d?source=rss------bug_bounty-5 | Henrietta Awosoberekon | bug-bounty, technology, cybersecurity, web-development, web-vulnerabilities | 18-Jul-2024 |
IDOR at the Get Payment Data Endpoint Leads to Personal Identifiable Information (PII) Disclosure | https://medium.com/@blackarazi/idor-at-the-get-payment-data-endpoint-leads-to-personal-identifiable-information-pii-disclosure-7956c57058af?source=rss------bug_bounty-5 | Azhari Harahap | api-security, broken-access-control, application-security, bug-bounty-writeup, bug-bounty | 17-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-43) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-43-0699b919a514?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, hacking, cybersecurity, skills, bug-bounty | 17-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-42) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-42-4cb955de4cc7?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, bug-bounty, skills, hacking, cybersecurity | 17-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-41) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-41-7b2b5aed416c?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, cybersecurity, skills, bug-bounty, ethical-hacking | 17-Jul-2024 |
Why does you all guys think that you really need Python for hacking | https://systemweakness.com/why-does-you-all-guys-think-that-you-really-need-python-for-hacking-b50b65238401?source=rss------bug_bounty-5 | Imran Niaz | programming-languages, penetration-testing, cybersecurity, data-science, bug-bounty | 17-Jul-2024 |
Temenos Transact Vulnerable to Reflected XSS (CVE-2022–38322) | https://qotoz.medium.com/temenos-transact-vulnerable-to-reflected-xss-cve-2022-38322-7b1e2f681db1?source=rss------bug_bounty-5 | ِAshraf Harb | cve, bug-bounty, penetration-testing, temenos | 17-Jul-2024 |
Bypassing Account Suspension Using Anonymous Posting | Facebook Bug Bounty | https://ph-hitachi.medium.com/bypassing-account-suspension-using-anonymous-posting-facebook-bug-bounty-b204433c98d1?source=rss------bug_bounty-5 | Ph.Hitachi | bug-bounty, facebook-bug-bounty, bypass-restriction | 17-Jul-2024 |
Practical Bug Bounty — TCM Academy | Module 6 | https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-6-9cab8d004034?source=rss------bug_bounty-5 | Mohammad Awab Hassan Nizami | ethical-hacking, bug-bounty, cybersecurity, appsec, fuzzing | 17-Jul-2024 |
Default Credentials Leads to $1200 Bounty Reward (Quest NetVault CVE-2017–17417) | https://medium.com/@tester333/default-credentials-leads-to-1200-bounty-reward-quest-netvault-cve-2017-17417-b34c6e0e7a86?source=rss------bug_bounty-5 | Tester | cybersecurity, bug-bounty-tips, bug-bounty, penetration-testing, ethical-hacking | 17-Jul-2024 |
The WordPress bug very few know about. | https://osintteam.blog/the-wordpress-bug-very-few-know-about-1bf16ee4a2a6?source=rss------bug_bounty-5 | an0nbil | wordpress, programming, vulnerability, web-development, bug-bounty | 17-Jul-2024 |
Exploiting Server-Side Parameter Pollution in a REST URL | https://cyberw1ng.medium.com/exploiting-server-side-parameter-pollution-in-a-rest-url-0d52d4261c86?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, hacking, cybersecurity, bug-bounty | 17-Jul-2024 |
How Easily I Found My First P2 on Bugcrowd | https://medium.com/@hashimamin/how-easily-i-found-my-first-p2-on-bugcrowd-ed827a79a50c?source=rss------bug_bounty-5 | Hashim Amin | csrf, recon, csrf-bypass, bug-bounty-tips, bug-bounty | 17-Jul-2024 |
OS CTF | https://medium.com/@Shaybaa/os-ctf-27cc9a8ab0cc?source=rss------bug_bounty-5 | Shaybaa | bug-bounty, web-security, idor-vulnerability | 17-Jul-2024 |
Hacker Himself | https://medium.com/@nnface/hacker-himself-01d4978e189c?source=rss------bug_bounty-5 | NnFace | bugbounty-writeup, bug-bounty, hacking, cybersecurity, bug-bounty-tips | 17-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-40) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-40-f1b43fb596ae?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, cybersecurity, skills, ethical-hacking, bug-bounty | 16-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-39) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-39-740c7ada54ea?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, bug-bounty, cybersecurity, ethical-hacking, skills | 16-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-38) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-38-fa2ceb6f8bbd?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, ethical-hacking, cybersecurity, hacking, skills | 16-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-37) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-37-20111980eaa5?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | skills, ethical-hacking, hacking, bug-bounty, cybersecurity | 16-Jul-2024 |
Exploiting CVE-2024–22274: A Deep Dive into VMware vCenter Server Vulnerabilities and Defense… | https://systemweakness.com/exploiting-cve-2024-22274-a-deep-dive-into-vmware-vcenter-server-vulnerabilities-and-defense-5d79b44ed215?source=rss------bug_bounty-5 | Khaleel Khan | infosec, cybersecurity, ethical-hacking, hacking, bug-bounty | 16-Jul-2024 |
Complex Attack Types: Sample Scenarios 44 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-44-83d2bc9b2d7d?source=rss------bug_bounty-5 | Baris Dincer | freedomofinternet, information-technology, cybersecurity, bug-bounty, cyberattack | 16-Jul-2024 |
How Use 6 Step To Find Ssrf — Bug Bounty Tuesday | https://medium.com/@kerstan/how-use-6-step-to-find-ssrf-bug-bounty-tuesday-acc44d806c08?source=rss------bug_bounty-5 | kerstan | cybersecurity, hacking, bug-bounty | 16-Jul-2024 |
API Recon and Testing for Bug Bounty | https://cyberw1ng.medium.com/api-recon-and-testing-for-bug-bounty-3969d1f90f5c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, bug-bounty, penetration-testing, cybersecurity | 16-Jul-2024 |
Intro to Debugging Java Web Servers Without Source Code For Security Researchers | https://infosecwriteups.com/intro-to-debugging-java-web-servers-without-source-code-for-security-researchers-80ff00de4753?source=rss------bug_bounty-5 | Jayateertha Guruprasad | bug-bounty, pentesting, cybersecurity, java, infosec | 16-Jul-2024 |
Reflected XSS via Base64-encoded on My college website. | https://uzet.medium.com/reflected-xss-via-base64-encoded-on-my-college-website-2df9755b1856?source=rss------bug_bounty-5 | Timotius Benhur | penetration-testing, pentesting, bug-bounty, bug-hunting, bug-bounty-tips | 15-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-36) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-36-a8fd178e9b07?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, cybersecurity, hacking, bug-bounty, skills | 15-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-35) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-35-adbfa228814a?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, cybersecurity, ethical-hacking, skills, hacking | 15-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-34) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-34-73069fab6ff6?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, ethical-hacking, bug-bounty, hacking, skills | 15-Jul-2024 |
My First Bounty: A story of a Blind SQL Injection | https://medium.com/@adebayosec/my-first-bounty-a-story-of-a-blind-sql-injection-69d9ad6716b6?source=rss------bug_bounty-5 | Victorious | sql-injection, penetration-testing, cybersecurity, bug-bounty, burpsuite | 15-Jul-2024 |
CVE-2024–23692: A Critical Vulnerability in Rejetto HTTP File Server | https://infosecwriteups.com/cve-2024-23692-a-critical-vulnerability-in-rejetto-http-file-server-1df322a2e688?source=rss------bug_bounty-5 | ElNiak | bug-bounty, python, cybersecurity, system, ssti | 15-Jul-2024 |
My First Bounty: A story of a Blind SQL Injection | https://medium.com/@adebayosec/my-first-bounty-a-story-of-a-blind-sql-injection-69d9ad6716b6?source=rss------bug_bounty-5 | Torious | sql-injection, penetration-testing, cybersecurity, bug-bounty, burpsuite | 15-Jul-2024 |
Echidna | https://medium.com/@Progsky/echidna-b9e454de096b?source=rss------bug_bounty-5 | Progsky | hacking-tools, pentesting, penetration-testing, bug-bounty, blockchain | 15-Jul-2024 |
Complex Attack Types: Sample Scenarios 43 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-43-39deed779c6c?source=rss------bug_bounty-5 | Baris Dincer | penetration-testing, cyberattack, freedomofinternet, bug-bounty, cybersecurity | 15-Jul-2024 |
Understanding White Hat Hacking: The Guardians of Cybersecurity | https://medium.com/@cosmiczoomies/understanding-white-hat-hacking-the-guardians-of-cybersecurity-87200caf5820?source=rss------bug_bounty-5 | GalaxyGoose | cybersecurity, hacking, white-hat-hacker, bug-bounty, penetration-testing | 15-Jul-2024 |
11.9 Lab: Exploiting XXE to retrieve data by repurposing a local DTD | https://cyberw1ng.medium.com/11-9-lab-exploiting-xxe-to-retrieve-data-by-repurposing-a-local-dtd-30f4098a7789?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, careers, hacking, cybersecurity, bug-bounty | 15-Jul-2024 |
XSS Türleri için Test Case Yazma | https://medium.com/@tugbaglsn/xss-t%C3%BCrleri-i%C3%A7in-test-case-yazma-1832eb0a27f9?source=rss------bug_bounty-5 | Tuğba Gülşen | cybersecurity, xss-attack, xss-vulnerability, bug-bounty | 15-Jul-2024 |
How to Easily Earn a $200 Bounty | https://medium.com/@xiaodongsec/how-to-easily-earn-a-200-bounty-6e27eaaec13f?source=rss------bug_bounty-5 | Mu1berry | bugcrowd, hacker, bug-bounty, money, vulnerability | 14-Jul-2024 |
Review: AppSec Pentesting eXpert (CAPenX) from The SecOps Group | https://medium.com/@p0lyxena/review-appsec-pentesting-expert-capenx-from-the-secops-group-eb5674e4bf8d?source=rss------bug_bounty-5 | Fuleki Ioan | bug-bounty, penetration-testing, certification, cybersecurity, capenx | 14-Jul-2024 |
Detection Engineering: A Comprehensive Overview | https://medium.com/@paritoshblogs/detection-engineering-a-comprehensive-overview-92fc01973ce7?source=rss------bug_bounty-5 | Paritosh | detection-engineering, information-technology, cybersecurity, hacking, bug-bounty | 14-Jul-2024 |
Hunting for Firebase Enums in Android Application | https://medium.com/@tanish.saxena26/hunting-for-firebase-enums-in-android-application-42b79e9b76f8?source=rss------bug_bounty-5 | Tanish Saxena | cloud, bug-bounty, firebase, android, gcp | 14-Jul-2024 |
My First Critical Vulnerability | https://medium.com/@0xchoudhary/my-first-critical-vulnerability-fd83a81f70b3?source=rss------bug_bounty-5 | Sushil Choudhary | bugbounty-writeup, bug-hunting, bug-bounty-tips, hackerone, bug-bounty | 14-Jul-2024 |
How I Can Get P1 Nasa easily — Dorking | https://0xc4thack.medium.com/how-i-can-get-p1-nasa-easily-dorking-c9c4a4cee251?source=rss------bug_bounty-5 | 0xc4t | pentesting, nasa-vdp, pentest-web, bug-bounty, dorking | 14-Jul-2024 |
New York Flankees Room TryHackMe Walkthrough | https://matsecurity.medium.com/new-york-flankees-room-tryhackme-walkthrough-ef6862c781f1?source=rss------bug_bounty-5 | MatSec | ctf-writeup, tryhackme-writeup, bug-bounty, tryhackme, tryhackme-walkthrough | 14-Jul-2024 |
The easiest admin panel bypass | https://medium.com/@paraskhorwal9/the-easiest-admin-panel-bypass-4b6fb4d7d1ea?source=rss------bug_bounty-5 | Paraskhorwal | bug-bounty, penetration-testing, admin-panel | 14-Jul-2024 |
Complex Attack Types: Sample Scenarios 42 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-42-d0a11c84cc73?source=rss------bug_bounty-5 | Baris Dincer | cyberattack, freedomofinternet, bug-bounty, penetration-testing, cybersecurity | 14-Jul-2024 |
New York Flankees TryHackMe Room Walkthrough: Step-by-Step Youtube Guide | https://matsecurity.medium.com/new-york-flankees-room-tryhackme-walkthrough-ef6862c781f1?source=rss------bug_bounty-5 | MatSec | ctf-writeup, tryhackme-writeup, bug-bounty, tryhackme, tryhackme-walkthrough | 14-Jul-2024 |
Automate Subdomain Monitoring | https://medium.com/@Aftab700/automate-subdomain-monitoring-171338c66dd5?source=rss------bug_bounty-5 | Aftab Sama | bug-bounty, monitoring, infosec, automation, hacking | 14-Jul-2024 |
What is XML external entity (XXE) injection | https://cyberw1ng.medium.com/what-is-xml-external-entity-xxe-injection-8914620c2d24?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, cybersecurity, penetration-testing, careers | 14-Jul-2024 |
Escaping the Citrix Sandbox — Understanding Citrix Breakout | https://medium.com/@suprajabaskaran8/escaping-the-citrix-sandbox-understanding-citrix-breakout-80320a3d44af?source=rss------bug_bounty-5 | Suprajabaskaran | bug-bounty-tips, hacking, bug-bounty, pentesting, penetration-testing | 14-Jul-2024 |
Vulnerable WordPress June 2024 (Turkish delight) | https://medium.com/@onhexgroup/vulnerable-wordpress-june-2024-turkish-delight-96cae8ef8161?source=rss------bug_bounty-5 | Onhexgroup | bug-bounty, infosec, web-security, information-security, wordpress | 14-Jul-2024 |
Escaping the Citrix Sandbox — Understanding Citrix Breakout | https://infosecwriteups.com/escaping-the-citrix-sandbox-understanding-citrix-breakout-80320a3d44af?source=rss------bug_bounty-5 | Suprajabaskaran | bug-bounty-tips, hacking, bug-bounty, pentesting, penetration-testing | 14-Jul-2024 |
Airplane TryHackMe Room Walkthrough | MatSec Youtube | https://matsecurity.medium.com/airplane-tryhackme-room-walkthrough-matsec-youtube-7fca40406a20?source=rss------bug_bounty-5 | MatSec | tryhackme-walkthrough, bug-bounty, tryhackme-writeup, tryhackme, ctf-writeup | 13-Jul-2024 |
10.7 Lab: SSRF with whitelist-based input filter | https://cyberw1ng.medium.com/10-7-lab-ssrf-with-whitelist-based-input-filter-36db84b1a13d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, hacking, cybersecurity, bug-bounty | 13-Jul-2024 |
Securing Crypto Company: Addressing Web 2.0 Vulnerabilities | https://metanetwebhostingsecurity.medium.com/securing-crypto-company-addressing-web-2-0-vulnerabilities-209bd7fc3d85?source=rss------bug_bounty-5 | metanetwebhosting security | cryptocurrency, cybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty | 13-Jul-2024 |
Linux Exploitation: Stack Smashing | https://medium.com/@boogsta/linux-exploitation-stack-smashing-70c1bf6c13d2?source=rss------bug_bounty-5 | Boogsta | hacking, cybersecurity, bug-bounty, cyber, hacker | 13-Jul-2024 |
My First Bug: Gitingore exposure combined with 403 bypass | https://medium.com/@nnface/my-first-bug-gitingore-exposure-combined-with-403-bypass-5db750e211ff?source=rss------bug_bounty-5 | NnFace | bug-bounty, bug-bounty-tips, cybersecurity, hacking, low-hanging-fruit | 13-Jul-2024 |
Here is the story of how i found Stored XSS on a target | https://medium.com/@pvnk24/here-is-the-story-of-how-i-found-stored-xss-on-a-target-7baaeed76765?source=rss------bug_bounty-5 | Pavan K | penetration-testing, bug-bounty, pentesting, hacking, ethical-hacking | 13-Jul-2024 |
Complex Attack Types: Sample Scenarios 41 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-41-48e4f10a07ef?source=rss------bug_bounty-5 | Baris Dincer | penetration-testing, freedomofinternet, information-security, bug-bounty, cybersecurity | 13-Jul-2024 |
Email Update Restricted Bypass | https://medium.com/@mahfujwhh/email-update-restricted-bypass-f6af935da67e?source=rss------bug_bounty-5 | mahfujwhh | cybersecurity, bug-bounty | 13-Jul-2024 |
Credential stuffing in bug bounties | https://bunny0417.medium.com/credential-stuffing-in-bug-bounties-d51b8e321135?source=rss------bug_bounty-5 | Aayush kumar | credential-stuffing, leaked-passwords, bug-bounty, darkweb, bugbounty-writeup | 12-Jul-2024 |
Can bug bounty be a full time career? | https://medium.com/@shwetapapnai783/can-bug-bounty-be-a-full-time-career-5606f1ddd440?source=rss------bug_bounty-5 | Shweta Papnai | security, cybersecurity, technology, money, bug-bounty | 12-Jul-2024 |
The Hidden Pitfalls of Bug Bounties on Indian Government Sites: My First Experience | https://medium.com/@rolextital/the-hidden-pitfalls-of-bug-bounties-on-indian-government-sites-my-first-experience-9204312a8325?source=rss------bug_bounty-5 | Rolextital | hacking, bug-bounty, govt, idor | 12-Jul-2024 |
Firmware Analysis: Hands-on Guide | https://hackerassociate.medium.com/firmware-analysis-hands-on-guide-19913a5166ca?source=rss------bug_bounty-5 | Harshad Shah | bug-bounty, infosec, cybersecurity, hacking, iot | 12-Jul-2024 |
DΞX Points Fest | https://d3xxyz.medium.com/d%CE%BEx-points-fest-e39019566b3f?source=rss------bug_bounty-5 | DΞX | airdrop, bounty-program, bug-bounty | 12-Jul-2024 |
Windows privilege escalation: Abusing npm’s design patterns to escalate your permissions | https://medium.com/@demonia/windows-privilege-escalation-abusing-npms-design-patterns-to-escalate-your-permissions-da0ac6c96d72?source=rss------bug_bounty-5 | Mohammed Dief | cybersecurity, npm, bug-bounty, windows, privilege-escalation | 12-Jul-2024 |
VULNERABILITY RESEARCH | https://medium.com/@workwithsane/vulnerability-research-896c0ba07a57?source=rss------bug_bounty-5 | Sane | bug-bounty, cybersecurity, bug-bounty-tips | 12-Jul-2024 |
My First Bug!!!Stored Cross Site Scripting(XSS) | https://medium.com/@shahariarwalid/my-first-bug-stored-cross-site-scripting-xss-d84051ee4e86?source=rss------bug_bounty-5 | Shahariar Amin | bug-bounty, xss-vulnerability, stored-xss | 12-Jul-2024 |
File Upload se kuch hatke : File Inclusion aur Path Traversal Vulnerabilites | https://medium.com/@yashprajapati791/file-upload-se-kuch-hatke-file-inclusion-aur-path-traversal-vulnerabilites-d10e16be0d7a?source=rss------bug_bounty-5 | Yash Virendra Prajapati | penetration-testing, bug-bounty, file-inclusion, vulnerability, file-upload | 12-Jul-2024 |
How i got Bug -XSS | https://medium.com/@basxth/how-i-got-bug-xss-8eec781ab58b?source=rss------bug_bounty-5 | Mohammed Basith K B | bug-bounty, xss-attack, google-dorking, xss-bypass, cybersecurity | 12-Jul-2024 |
Master Bug Bounty Hunting with Top Recon Tools | https://medium.com/@labcodetech/master-bug-bounty-hunting-with-top-recon-tools-83516a4bcc54?source=rss------bug_bounty-5 | Codetech Lab | vulnerability, recon, bug-bounty, penetration-testing | 12-Jul-2024 |
NewLine Character Cause DoS: Folder & File Deletion Flaw | https://medium.com/@a13h1/newline-character-cause-dos-folder-file-deletion-flaw-8bec3079ed85?source=rss------bug_bounty-5 | Abhi Sharma | cybersecurity, bug-bounty, programming, denial-of-service, infosec | 12-Jul-2024 |
10.6 Lab: Blind SSRF with Shellshock Exploitation | https://cyberw1ng.medium.com/10-6-lab-blind-ssrf-with-shellshock-exploitation-a13e25b27dbc?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, cybersecurity, bug-bounty, penetration-testing | 12-Jul-2024 |
Setting up a private Burp Collaborator Server | https://medium.com/@AstroKrypTech/setting-up-a-private-burp-collaborator-server-71c55ff85815?source=rss------bug_bounty-5 | AstroKrypTech | web-application-security, bug-bounty-tips, bug-bounty | 12-Jul-2024 |
Git Gone Wrong: Application Compromise via Exposed .git Directory | https://medium.com/@cybersekler/git-gone-wrong-application-compromise-via-exposed-git-directory-392806b23435?source=rss------bug_bounty-5 | Cyber Sekler | penetration-testing, hacking, application-security, bug-bounty | 12-Jul-2024 |
RECON IS IMPORTANT !!! In Depth Recon Methodology Bug Bounty Part 01 | https://omarora1603.medium.com/recon-is-important-in-depth-recon-methodology-bug-bounty-part-01-2b69c3b168fe?source=rss------bug_bounty-5 | Om Arora | methodology, infosec, hacking, bug-bounty, bug-bounty-tips | 12-Jul-2024 |
NewLine Character Cause DoS: Folder & File Deletion Flaw | https://infosecwriteups.com/newline-character-cause-dos-folder-file-deletion-flaw-8bec3079ed85?source=rss------bug_bounty-5 | Abhi Sharma | cybersecurity, bug-bounty, programming, denial-of-service, infosec | 12-Jul-2024 |
RECON IS IMPORTANT !!! In Depth Recon Methodology Bug Bounty Part 01 | https://infosecwriteups.com/recon-is-important-in-depth-recon-methodology-bug-bounty-part-01-2b69c3b168fe?source=rss------bug_bounty-5 | Om Arora | methodology, infosec, hacking, bug-bounty, bug-bounty-tips | 12-Jul-2024 |
How I Make Two SQL Injections Exploitable under the Magic Restricts in WordPress | https://medium.com/@zpbrent/how-i-make-two-sql-injections-exploitable-under-the-magic-restricts-in-wordpress-817cd60dc80a?source=rss------bug_bounty-5 | Peng Zhou | wordpress-plugins, wordpress, infosec, bug-bounty, web-security | 12-Jul-2024 |
آسیب پذیری های Jira را برطرف کنید | https://medium.com/@pardis.cloud/%D8%A2%D8%B3%DB%8C%D8%A8-%D9%BE%D8%B0%DB%8C%D8%B1%DB%8C-%D9%87%D8%A7%DB%8C-jira-%D8%B1%D8%A7-%D8%A8%D8%B1%D8%B7%D8%B1%D9%81-%DA%A9%D9%86%DB%8C%D8%AF-b28879e65c2e?source=rss------bug_bounty-5 | PardisCo Professional Tech Team | آسیبپذیری, bug-bounty, سرور, jira | 11-Jul-2024 |
How I Can Still See Your Image on Facebook After You Deleted It | Meta | BugBounty | 2024 | https://prathapilango.medium.com/how-i-can-still-see-your-image-on-facebook-after-you-deleted-it-meta-bugbounty-2024-3fa63022c4fc?source=rss------bug_bounty-5 | Prathapilango | cybersecurity, meta, bug-bounty, bugbounty-writeup | 11-Jul-2024 |
Host Header Injection | https://medium.com/@nareshkumar76191/host-header-injection-bd6ffdafe1c0?source=rss------bug_bounty-5 | Nareshkumar | red-team, hacker, bounty-program, bug-bounty, bug-bounty-tips | 11-Jul-2024 |
Admin panel Bypassed Just by reading “support team quotes” | https://medium.com/@Ajakcybersecurity/admin-panel-bypassed-just-by-reading-support-team-quotes-5462538ea3a4?source=rss------bug_bounty-5 | AjakCybersecurity | bug-bounty, hacking, penetration-testing, ethical-hacking, cybersecurity | 11-Jul-2024 |
Cross-Account Profile Picture Deletion via CSRF Token Bypass paid me 500$. | https://mustafa2.medium.com/cross-account-profile-picture-deletion-via-csrf-token-bypass-paid-me-500-60d5f4529a7b?source=rss------bug_bounty-5 | Hajus | bug-bounty-tips, csrf-bypass, bug-bounty | 11-Jul-2024 |
A Revolutionary Bug Bounty Platform: Zero-Knowledge Proofs in Web3 | https://medium.com/@JohnnyTime/a-revolutionary-bug-bounty-platform-zero-knowledge-proofs-in-web3-5e9aaa536084?source=rss------bug_bounty-5 | Johnny Time | bug-bounty, web3, bug-hunting, rewards, smart-contracts | 11-Jul-2024 |
Building an Ethical Hacking Playground at Home | https://l00pinfinity.medium.com/building-an-ethical-hacking-playground-at-home-98439af54a78?source=rss------bug_bounty-5 | Collins K. Boit | network, hacking, security-analysts, ethical-hacking, bug-bounty | 11-Jul-2024 |
9.6 Lab: Partial construction race conditions | https://cyberw1ng.medium.com/9-6-lab-partial-construction-race-conditions-303bfc70b5f8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, penetration-testing, bug-bounty, careers | 11-Jul-2024 |
Practical Bug Bounty — TCM Academy | Module 5 | https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-5-508b7fad93f1?source=rss------bug_bounty-5 | Mohammad Awab Hassan Nizami | information-security, appsec, cybersecurity, bug-bounty, penetration-testing | 11-Jul-2024 |
Disclose the email address and phone number of chinese business reseller | https://gtm0x01.medium.com/disclose-the-email-address-and-phone-number-of-chinese-business-reseller-f882978b8733?source=rss------bug_bounty-5 | Gtm Mänôz | bug-bounty-writeup, facebook, hacking, bug-bounty, facebook-bug-bounty | 11-Jul-2024 |
XSS Zafiyetleri Test Case | https://medium.com/@beyzatekinli/xss-t%C3%BCrleri-test-case-18f91987fb63?source=rss------bug_bounty-5 | Beyzanur Tekinli | gallipoli, xss-vulnerability, bug-bounty, xss-attack, xss-challenge | 11-Jul-2024 |
Abusing CORS for an XSS on Flickr | https://medium.com/@proseizala/abusing-cors-for-an-xss-on-flickr-a820e3f28083?source=rss------bug_bounty-5 | Proseizala | bug-bounty, hacker, cybersecurity, bug-bounty-tips | 11-Jul-2024 |
No Way Out: Enforced and Inescapable Organizational Membership | https://0xmatrix.medium.com/no-way-out-enforced-and-inescapable-organizational-membership-a2247caa1790?source=rss------bug_bounty-5 | Mo2men Elmady | hacking, bug-bounty, cybersecurity, penetration-testing | 11-Jul-2024 |
Complex Attack Types: Sample Scenarios 40 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-40-117efeaeaf61?source=rss------bug_bounty-5 | Baris Dincer | cybersecurity, penetration-testing, bug-bounty, information-technology, freedomofinternet | 11-Jul-2024 |
No Way Out: Enforced and Inescapable Organizational Membership | https://0xmatrix.medium.com/no-way-out-enforced-and-inescapable-organizational-membership-125ae7f52d61?source=rss------bug_bounty-5 | Mo2men Elmady | bug-bounty, hacking, penetration-testing, cybersecurity | 11-Jul-2024 |
Reconnaissance Basic | https://medium.com/@ronyhassan091101/reconnaissance-basic-bf292dc3b705?source=rss------bug_bounty-5 | M. Mahmudul Hassan | bug-bounty | 11-Jul-2024 |
Cracking the Code: A Walkthrough of the W1seGuy Room on TryHackMe | https://matsecurity.medium.com/cracking-the-code-a-walkthrough-of-the-w1seguy-room-on-tryhackme-678673298429?source=rss------bug_bounty-5 | MatSec | cybersecurity, bug-bounty, tryhackme-walkthrough, ethical-hacking, cryptography | 11-Jul-2024 |
Bypass CSRF Protection | https://medium.com/@dr4040x00/bypass-csrf-protection-707b81c04149?source=rss------bug_bounty-5 | Ahmed Mohamed | csrf-attack, xss-vulnerability, bug-bounty, csrf, xss-attack | 11-Jul-2024 |
Tryhackme W1seGuy Room Walkthrough | MatSec Youtube | https://matsecurity.medium.com/cracking-the-code-a-walkthrough-of-the-w1seguy-room-on-tryhackme-678673298429?source=rss------bug_bounty-5 | MatSec | cybersecurity, bug-bounty, tryhackme-walkthrough, ethical-hacking, cryptography | 11-Jul-2024 |
Bug Bounty Hunting 101: A Comprehensive Guide for Beginners | https://cyberw1ng.medium.com/bug-bounty-hunting-101-a-comprehensive-guide-for-beginners-41fa78ff0bbd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, hacking, cybersecurity, careers | 10-Jul-2024 |
Magix Bug Bounty: magix.com (RCE, SQLi) and xara.com (LFI, XSS) | https://medium.com/@proseizala/magix-bug-bounty-magix-com-rce-sqli-and-xara-com-lfi-xss-c4e8492bbf3e?source=rss------bug_bounty-5 | Proseizala | bug-bounty-tips, hackerone, cybersecurity, bug-bounty, hacking | 10-Jul-2024 |
Rate Limit Bypass $150 | https://medium.com/@mr_ayyan/rate-limit-bypass-150-d4fecc05d31b?source=rss------bug_bounty-5 | Mrayyanirfan | rewards, rate-limit, bug-bounty, bugs, hunting | 10-Jul-2024 |
The most important HTTP security headers | https://medium.com/@ronyhassan091101/the-most-important-http-security-headers-be4238f181d7?source=rss------bug_bounty-5 | M. Mahmudul Hassan | bug-bounty | 10-Jul-2024 |
Complex Attack Types: Sample Scenarios 39 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-39-5ed408a9075d?source=rss------bug_bounty-5 | Baris Dincer | bug-bounty, information-security, penetration-testing, cybersecurity, freedomofinternet | 10-Jul-2024 |
Bug Bounty Program for Gluon on Ergo | https://news.stability.nexus/bug-bounty-program-for-gluon-on-ergo-0ca233ce2d9a?source=rss------bug_bounty-5 | Zahnentferner | crypto, cryptocurrency, stable-coin, blockchain, bug-bounty | 10-Jul-2024 |
Host Header Poisoning Vulnerability: A Critical Web Security Flaw | https://zierax.medium.com/host-header-poisoning-vulnerability-a-critical-web-security-flaw-1c2991177e8c?source=rss------bug_bounty-5 | Zierax | penetration-testing, cybersecurity, bug-bounty, hacking, vulnerability | 10-Jul-2024 |
The Ultimate Guide to Finding and Escalating XSS Bugs | https://medium.com/@proseizala/the-ultimate-guide-to-finding-and-escalating-xss-bugs-22894ef03fc4?source=rss------bug_bounty-5 | Proseizala | bug-bounty-tips, hacker, cybersecurity, bug-bounty, hacking | 10-Jul-2024 |
My First Bug Bounty | https://vikasrai11.medium.com/my-first-bug-bounty-975c47b3f5b5?source=rss------bug_bounty-5 | Vikas Rai | ethical-hacking, security, vulnerability, hacking, bug-bounty | 10-Jul-2024 |
Exploiting IDOR Vulnerability in PostgREST | https://aminudin.medium.com/exploiting-idor-vulnerability-in-postgrest-ba0e980032b7?source=rss------bug_bounty-5 | Aminudin | bugs, bug-bounty-tips, writeup, bug-bounty | 10-Jul-2024 |
HackerOne 2FA Bypass Vulnerability Exposed! | https://medium.com/@lucas.verdan/hackerone-2fa-bypass-vulnerability-exposed-f41f61d6e7be?source=rss------bug_bounty-5 | Lucas Verdan | cybersecurity, cyber-attack-prevention, hackerone, bug-bounty-tips, bug-bounty | 09-Jul-2024 |
Detecting and exploiting limit overrun race conditions with Burp Repeater | https://cyberw1ng.medium.com/detecting-and-exploiting-limit-overrun-race-conditions-with-burp-repeater-43c26128642d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, careers, bug-bounty, cybersecurity, hacking | 09-Jul-2024 |
Airbnb — When Bypassing JSON Encoding, XSS Filter, WAF, CSP, and Auditor turns into Eight… | https://medium.com/@proseizala/airbnb-when-bypassing-json-encoding-xss-filter-waf-csp-and-auditor-turns-into-eight-92a004f1cbe8?source=rss------bug_bounty-5 | Proseizala | hacker, bug-bounty-tips, cybersecurity, bug-bounty | 09-Jul-2024 |
XSS TÜRLERİ TEST CASE | https://medium.com/@aarda418/xss-t%C3%BCrleri%CC%87-test-case-a4ab5849100f?source=rss------bug_bounty-5 | Arda Aslan | xss-attack, bug-bounty, xss-vulnerability | 09-Jul-2024 |
Become a Digital Detective: Earn Dollars by Testing Apps and Websites | https://medium.com/@wnaim11/become-a-digital-detective-earn-dollars-by-testing-apps-and-websites-00a45433d3e8?source=rss------bug_bounty-5 | The EmpowHERtech Collective | testing, software-testing, bugs, crowdtesting, bug-bounty | 09-Jul-2024 |
Complex Attack Types: Sample Scenarios 38 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-38-10e2ee4d4316?source=rss------bug_bounty-5 | Baris Dincer | freedomofinternet, threat-intelligence, cybersecurity, penetration-testing, bug-bounty | 09-Jul-2024 |
Nmap Cheat Sheet For Penetration Testing. | https://medium.com/@umarhere4u/nmap-cheat-sheet-for-penetration-testing-70b555b91285?source=rss------bug_bounty-5 | Mohammad Umar Kachi | ethical-hacking, penetration-testing, nmap, hacking, bug-bounty | 09-Jul-2024 |
Account Takeover via Weak Reset Token Entropy | https://medium.com/@majix_de/account-takeover-via-weak-reset-token-entropy-c475268daae6?source=rss------bug_bounty-5 | Majix | programming, penetration-testing, bugbounty-writeup, bug-bounty, python | 09-Jul-2024 |
Subdomain Enumeration | https://medium.com/@ronyhassan091101/subdomain-enumeration-4370bac688e1?source=rss------bug_bounty-5 | M. Mahmudul Hassan | bug-bounty | 09-Jul-2024 |
10 tips and questions to help you find secondary context bugs — Bug Bounty Tuesday | https://medium.com/@kerstan/10-tips-and-questions-to-help-you-find-secondary-context-bugs-bug-bounty-tuesday-b8b3f9173522?source=rss------bug_bounty-5 | kerstan | hacking, bug-bounty, cybersecurity | 09-Jul-2024 |
What Is The Attacks On Session Layer! | https://medium.com/@reemmoslem34/what-is-the-attacks-on-session-layer-d3ac90d9c4cb?source=rss------bug_bounty-5 | Rem Khalid | cybersecurity, malware, bug-bounty, programming, security | 09-Jul-2024 |
What Is The Attacks On Presentation Layer ! | https://medium.com/@reemmoslem34/what-is-the-attacks-on-presentation-layer-d98cbde4005b?source=rss------bug_bounty-5 | Rem Khalid | programming, security, cybersecurity, malware, bug-bounty | 09-Jul-2024 |
What Is The Attacks On Application Layer! | https://medium.com/@reemmoslem34/%D8%B7%D9%8A%D8%A8-%D8%AA%D8%B9%D8%A7%D9%84%D9%88%D8%A7-%D8%A3%D8%AE%D8%AA%D8%B5%D8%B1-%D8%A7%D9%84%D8%AD%D9%88%D8%A7%D8%B1-6e6617528bba?source=rss------bug_bounty-5 | Rem Khalid | security, bug-bounty, cybersecurity, malware, programming | 09-Jul-2024 |
Unearthing Hidden Assets: The Power of Active DNS Brute Forcing in Subdomain Discovery | https://bunny0417.medium.com/unearthing-hidden-assets-the-power-of-active-dns-brute-forcing-in-subdomain-discovery-44ec7f1250d4?source=rss------bug_bounty-5 | Aayush kumar | subdomains-enumeration, infosec, dns-brute-forcing, bug-bounty-tips, bug-bounty | 09-Jul-2024 |
Bypassing Admin Authentication Website Kampus | https://uzet.medium.com/bypassing-admin-authentication-website-kampus-b59bc43b6c98?source=rss------bug_bounty-5 | Timotius Benhur | bug-bounty-tips, penetration-testing, bug-hunting, programming, bug-bounty | 08-Jul-2024 |
Revolutionizing Content Issue Detection with CiBI: A Game-Changer in Automation | https://argotriwidodo.medium.com/revolutionizing-content-issue-detection-with-cibi-a-game-changer-in-automation-1e0f0b6e8ce9?source=rss------bug_bounty-5 | Argo triwidodo | qa, bug-bounty, ai, automation | 08-Jul-2024 |
Web3 Development: Key Security Considerations | https://securrtech.medium.com/web3-development-key-security-considerations-5358015e767a?source=rss------bug_bounty-5 | Securr | blockchain, security, securr, web3, bug-bounty | 08-Jul-2024 |
Discovering a Sigma SQLi Vulnerability in Explore CMS 1.0 | https://soltanali0.medium.com/discovering-a-sigma-sqli-vulnerability-in-explore-cms-1-0-f68599f0e5dd?source=rss------bug_bounty-5 | soltanali0 | sqli, programming, bug-bounty-tips, bug-bounty, hackerone | 08-Jul-2024 |
PII Disclosure on NASA | https://medium.com/@psychomong/pii-disclosure-on-nasa-667a96d3c31c?source=rss------bug_bounty-5 | psychomong | bugs, sensitive, hacker, bug-bounty, pii | 08-Jul-2024 |
Last week in tech 4th edition | https://medium.com/@azefox/last-week-in-tech-4th-edition-ec091e853fd3?source=rss------bug_bounty-5 | Azefox | tech, cybersecurity, infosec, cloud, bug-bounty | 08-Jul-2024 |
Ctrl + U to Bounty: How I Found Sensitive Info in the Source Code | https://rofes1337.medium.com/ctrl-u-to-bounty-how-i-found-sensitive-info-in-the-source-code-e583528ee2fe?source=rss------bug_bounty-5 | Yousef Muhammedelkhir | bug-bounty-writeup, hackerone, bug-bounty, information-disclosure, bugbounty-poc | 08-Jul-2024 |
Complex Attack Types: Sample Scenarios 37 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-37-2cd4d68b23f6?source=rss------bug_bounty-5 | Baris Dincer | bug-bounty, freedomofinternet, penetration-testing, information-security, cybersecurity | 08-Jul-2024 |
Burpsuite SQL Injection Lab 4(U | https://medium.com/@paradoxicalThief/burpsuite-sql-injection-lab-4-u-065f1592531f?source=rss------bug_bounty-5 | The Cyber Guy | bug-bounty, ctf, web-security, infosec, ethical-hacking | 08-Jul-2024 |
Partial construction race conditions | https://cyberw1ng.medium.com/partial-construction-race-conditions-007c478c53af?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, cybersecurity, bug-bounty, hacking, careers | 08-Jul-2024 |
Disguising Malicious Files to Look Like Normal EXE or PDFs | https://osintteam.blog/disguising-malicious-files-to-look-like-normal-exe-or-pdfs-d785e116e989?source=rss------bug_bounty-5 | Meerabell | hacking, osint-tool, bug-bounty, cybersecurity, microsoft | 08-Jul-2024 |
IDOR in Multinational Retail Company Leading to Unauthorized Access and Modifications | https://medium.com/@kamalinux/idor-in-multinational-retail-company-leading-to-unauthorized-access-and-modifications-e36f8ea9e859?source=rss------bug_bounty-5 | Kamal | bug-bounty, application-security, cybersecurity, penetration-testing, web-security | 08-Jul-2024 |
Zero to OSWE: Navigating the Journey with HTB | https://adipsharif.medium.com/zero-to-oswe-navigating-the-journey-with-htb-b1972b99a646?source=rss------bug_bounty-5 | ADIP | bug-bounty, penetration-testing, bug-bounty-tips, infosec-write-ups, infosec | 08-Jul-2024 |
The world’s most expensive insect… weighs 5 grams and costs 75 lakhs, know why people are crazy… | https://medium.com/@blogy.bub/the-worlds-most-expensive-insect-weighs-5-grams-and-costs-75-lakhs-know-why-people-are-crazy-ce77bc2d8204?source=rss------bug_bounty-5 | Blogy Hub | bug-bounty, health, news, news-articles, bugs | 08-Jul-2024 |
Find XSS on the Fly ( Full guide ) | https://medium.com/@zack0x01_/find-xss-on-the-fly-full-guide-300f07fb86ae?source=rss------bug_bounty-5 | zack0x01 | hacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty, bugbounty-poc | 08-Jul-2024 |
Escalating XSS in PhantomJS Image Rendering to SSRF/Local-File Read | https://medium.com/@proseizala/escalating-xss-in-phantomjs-image-rendering-to-ssrf-local-file-read-9e11e94c480a?source=rss------bug_bounty-5 | Proseizala | bug-bounty, bug-bounty-tips, hacking, cybersecurity | 08-Jul-2024 |
CVE-2024–34750 Apache Tomcat DoS vulnerability in HTTP/2 connector | https://medium.com/@proseizala/cve-2024-34750-apache-tomcat-dos-vulnerability-in-http-2-connector-54033187cd4b?source=rss------bug_bounty-5 | Proseizala | cybersecurity, bugs, hacking, bug-bounty | 08-Jul-2024 |
I found an email verification bypass | https://medium.com/@pvnk24/i-found-an-email-verification-bypass-982b00864366?source=rss------bug_bounty-5 | Pavan K | ethical-hacking, security, web-security, penetration-testing, bug-bounty | 07-Jul-2024 |
Demystifying HTTP Parameters for beginners | https://medium.com/@mrunoriginal/demystifying-http-parameters-for-beginners-219d5c65499e?source=rss------bug_bounty-5 | mrunoriginal | information-security, web-application-security, web-application-hacking, bug-bounty, cybersecurity | 07-Jul-2024 |
Everything About CISM: Your Comprehensive Guide to the Certified Information Security Manager… | https://medium.com/@mazharshadab292/everything-about-cism-your-comprehensive-guide-to-the-certified-information-security-manager-3d57969a066d?source=rss------bug_bounty-5 | Shadab Mazhar | certification, cybersecurity, hacking, bug-bounty | 07-Jul-2024 |
Practical Bug Bounty — TCM Academy | Module 1 | https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-1-17dadeda56a0?source=rss------bug_bounty-5 | Mohammad Awab Hassan Nizami | information-security, tcm-security, bug-bounty, cybersecurity, ethical-hacking | 07-Jul-2024 |
Exposing Sensitive Data: A Journey into CDN Path Traversal Vulnerabilities | https://medium.com/@sulmanfarooq531/exposing-sensitive-data-a-journey-into-cdn-path-traversal-vulnerabilities-fec1c7917a86?source=rss------bug_bounty-5 | Sulman Farooq S | bug-bounty, cybersecurity, hacking, path-traversal, cdn | 07-Jul-2024 |
Hunting the Hunters: Exposing the Fake SBI YONO APK | https://medium.com/@tirqwork1/hunting-the-hunters-exposing-the-fake-sbi-yono-apk-0dd979aad23f?source=rss------bug_bounty-5 | ARoy | information-security, cybersecurity, bug-bounty, scammer-exposed, info-sec-writeups | 07-Jul-2024 |
Using ChatGPT for Bug Bounty and finding vulnerabilities | https://medium.com/@siratsami71/using-chatgpt-for-bug-bounty-and-finding-vulnerabilities-4a04de771a68?source=rss------bug_bounty-5 | Sirat Sami (analyz3r) | hacker, chatgpt, bug-bounty, cybersecurity | 07-Jul-2024 |
Cracking the Runner: A Step-by-Step Guide to Hacking a Medium-Level Machine on Hack The Box | https://medium.com/@niranjanshinde2325/cracking-the-runner-a-step-by-step-guide-to-hacking-a-medium-level-machine-on-hack-the-box-ae6f55ca01bd?source=rss------bug_bounty-5 | Niranjan | ethical-hacking, hack-the-box-writeup, bug-bounty, penetration-testing, cybersecurity | 07-Jul-2024 |
8.6 Lab: Web shell upload via race condition | https://cyberw1ng.medium.com/8-6-lab-web-shell-upload-via-race-condition-1870707752d3?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, bug-bounty, penetration-testing, cybersecurity | 07-Jul-2024 |
Avoid ‘OR 1=1’ while doing SQL Injection, Why? | https://medium.com/@aaftaba.k47/avoid-or-1-1-while-doing-sql-injection-why-5e7cc0716ef3?source=rss------bug_bounty-5 | Aaftab A. Kadavaikar | cybersecurity-awareness, bug-bounty, sql-injection, web-penetration-testing | 07-Jul-2024 |
How i got Cross-site Scripting (XSS)Reflected Using an unknown technique | https://medium.com/@0xmekky/how-i-got-cross-site-scripting-xss-reflected-using-an-unknown-technique-ca4984827465?source=rss------bug_bounty-5 | abdelrahem mekky | xss-vulnerability, xss-attack, bug-bounty | 07-Jul-2024 |
Race Conditions Attacks To limit bypass | https://sharmajijvs.medium.com/race-conditions-attacks-to-limit-bypass-c9dee647145b?source=rss------bug_bounty-5 | Jay Sharma | bug-report, bug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 07-Jul-2024 |
Complex Attack Types: Sample Scenarios 36 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-36-c648fd8d55bd?source=rss------bug_bounty-5 | Baris Dincer | threat-intelligence, penetration-testing, freedomofinternet, cybersecurity, bug-bounty | 07-Jul-2024 |
404 Not Found to Google cloud service account credentials disclosure! | https://kumarmohank889.medium.com/404-not-found-to-google-cloud-service-account-credentials-disclosure-3b5f64e80fd5?source=rss------bug_bounty-5 | Mohan Kumar N | bug-bounty-tips, bug-bounty, infosec-write-ups, hacking, security-research | 07-Jul-2024 |
Bug Hunter? If only… | https://medium.com/@ded3y3/bug-hunter-if-only-5fabca6cffb7?source=rss------bug_bounty-5 | cr00k3d3y3 | cybersecurity, bug-bounty, life | 07-Jul-2024 |
Stored XSS in PDF Viewer | https://medium.com/@osamaavvan/stored-xss-in-pdf-viewer-9cc5b955de2b?source=rss------bug_bounty-5 | Osama Avvan | bug-bounty, cybersecurity, pdf, xss-attack | 06-Jul-2024 |
Understanding and Preventing Server-Side Request Forgery (SSRF) | https://medium.com/@ashhadali2019/understanding-and-preventing-server-side-request-forgery-ssrf-15d939dc9529?source=rss------bug_bounty-5 | Ashhadali | ssrf, bug-bounty, web, cybersecurity | 06-Jul-2024 |
MerlinChain Partners with BugRap, Launches $200,000 Bug Bounty to Enhance BTC Ecosystem Security | https://medium.com/@BugRap_Team/merlinchain-partners-with-bugrap-launches-200-000-bug-bounty-to-enhance-btc-ecosystem-security-17ef71444914?source=rss------bug_bounty-5 | BugRap Team | crypto, security, web3, btc, bug-bounty | 06-Jul-2024 |
A Simple 2FA Bypass | https://infosecwriteups.com/a-simple-2fa-bypass-43c8af9006ec?source=rss------bug_bounty-5 | hackerdevil | bug-bounty, hacking, bug-bounty-tips, bug-bounty-writeup, penetration-testing | 06-Jul-2024 |
Complex Attack Types: Sample Scenarios 35 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-35-bc24cffb5f95?source=rss------bug_bounty-5 | Baris Dincer | freedomofinternet, cybersecurity, information-technology, bug-bounty, penetration-testing | 06-Jul-2024 |
From Long-Term Hacking to Instant Rewards: Finding SQLi in 3 Minutes Worth $3125 | https://medium.com/@gguzelkokar.mdbf15/from-long-term-hacking-to-instant-rewards-finding-sqli-in-3-minutes-worth-3125-ac36c6e950bf?source=rss------bug_bounty-5 | Gökhan Güzelkokar | sql, hacking, bug-bounty, hackerone, sql-injection | 06-Jul-2024 |
$500 for Cracking Invitation Code For Unauthorized Access & Account Takeover | https://medium.com/@a13h1/500-for-cracking-invitation-code-for-unauthorized-access-account-takeover-558c663fb947?source=rss------bug_bounty-5 | Abhi Sharma | rate-limiting, bug-bounty, account-takeover, base64, cybersecurity | 06-Jul-2024 |
Rate Limit Bypass Due to Cryptographic Weakness | https://javroot.medium.com/rate-limit-bypass-due-to-cryptographic-weakness-2cdb3a112bba?source=rss------bug_bounty-5 | Javroot | security-token, bug-bounty, web, cryptography, research | 06-Jul-2024 |
Exploiting flawed validation of file uploads | https://cyberw1ng.medium.com/exploiting-flawed-validation-of-file-uploads-8a089992e3a1?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, careers, cybersecurity, penetration-testing | 06-Jul-2024 |
Identifying, ChronosCodeFail, a Critical Bug in the Dayforce Clock System | https://medium.com/@quantumsquint/identifying-chronoscodefail-a-critical-bug-in-the-dayforce-clock-system-58cb98c00d32?source=rss------bug_bounty-5 | Quantum Squint Research Dept. | developer-tools, penetration-testing, bug-bounty, regression-analysis, cybersecurity | 06-Jul-2024 |
Penjelasan Wifi Deauth Attack dan Demonstrasinya | https://hack4funacademy.medium.com/penjelasan-wifi-deauth-attack-dan-demonstrasinya-1cecaca53915?source=rss------bug_bounty-5 | Hack4Fun Academy | ethical-hacking, wifi, cybersecurity, hacking, bug-bounty | 05-Jul-2024 |
BountyDork: Your Ultimate Automatic Dorking Testing Companion For Bug Bounty | https://infosecwriteups.com/bountydork-your-ultimate-automatic-dorking-testing-companion-for-bug-bounty-b2bd41cb7344?source=rss------bug_bounty-5 | ElNiak | google-dork, python, bug-bounty, cybersecurity, technology | 05-Jul-2024 |
How to Install Bwapp in Virtualbox | https://medium.com/@bhardwajshekhar/how-to-install-bwapp-in-virtualbox-6bf7f1ba9a0f?source=rss------bug_bounty-5 | Shekhar Bhardwaj | owasp-top-10, bwapp, pentesting, bug-bounty | 05-Jul-2024 |
How I Found Critical Bugs :: SQL Injection → Compromised 10+ Govt. website’s Whole Databases !! | https://medium.com/@p.ra.dee.p_0xx01/how-i-found-critical-bugs-sql-injection-compromised-10-govt-websites-whole-databases-ad55899ff5db?source=rss------bug_bounty-5 | Professor0xx01 | cybersecurity, bug-bounty, offensive-security, penetration-testing, vdp | 05-Jul-2024 |
How to Find Subdomains Using Various Tools and Methods | https://medium.com/@j0k3r01/how-to-find-subdomains-using-various-tools-and-methods-583a7311c897?source=rss------bug_bounty-5 | J0k3R | subdomains-enumeration, recon, penetration-testing, bug-bounty, osint | 05-Jul-2024 |
Complex Attack Types: Sample Scenarios 34 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-34-48d60e2bb0fb?source=rss------bug_bounty-5 | Baris Dincer | threat-intelligence, penetration-testing, bug-bounty, cybersecurity, freedomofinternet | 05-Jul-2024 |
Everything About OSCP: A Comprehensive Guide | https://medium.com/@mazharshadab292/everything-about-oscp-a-comprehensive-guide-36794d325e67?source=rss------bug_bounty-5 | Shadab Mazhar | hacking, bug-bounty, certification, programming | 05-Jul-2024 |
Penggunaan Tools Steghide, ExifTool dan Uji Coba Automation Scanner Bug Bounty (Dalfox) | https://medium.com/@anggitaniaaurien/penggunaan-tools-steghide-exiftool-dan-uji-coba-automation-scanner-bug-bounty-dalfox-4fbe93e83eb3?source=rss------bug_bounty-5 | Anggitania Aurien | bug-bounty, exiftool, xs, steghide, kxss | 05-Jul-2024 |
The PDF Trojan Horse: Leveraging HTML Injection for SSRF and Internal Resource Access | https://uchihamrx.medium.com/the-pdf-trojan-horse-leveraging-html-injection-for-ssrf-and-internal-resource-access-fbf69efcb33d?source=rss------bug_bounty-5 | Abdelrhman Amin | cybersecurity, web-penetration-testing, penetration-testing, bug-bounty, bug-bounty-tips | 05-Jul-2024 |
Unlocking the Power of Nmap: Your Ultimate Guide to Network Scanning | https://medium.com/@josuofficial327/unlocking-the-power-of-nmap-your-ultimate-guide-to-network-scanning-3cb66fe66d75?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | hacking, cybersecurity, bug-bounty, penetration-testing, linux | 05-Jul-2024 |
2.14 Lab: 2FA bypass using a brute-force attack | https://cyberw1ng.medium.com/2-14-lab-2fa-bypass-using-a-brute-force-attack-ad74afd23fcd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, careers, penetration-testing, hacking | 05-Jul-2024 |
A Big Gmail Flaw: Sending Hidden Viruses in Gmail. | https://medium.com/@azanulrana/a-big-gmail-flaw-sending-hidden-viruses-in-gmail-09b52dd891e9?source=rss------bug_bounty-5 | 0xazanul | infosec-write-ups, infosec, hackerone, bug-bounty | 05-Jul-2024 |
How I Found Critical Bugs :: SQL Injection → Compromised 10+ Govt. website’s Whole Databases !! | https://medium.com/@p.ra.dee.p_0xx01/how-i-found-critical-bugs-sql-injection-compromised-10-govt-websites-whole-databases-ad55899ff5db?source=rss------bug_bounty-5 | Professor.0xx01 | cybersecurity, bug-bounty, offensive-security, penetration-testing, vdp | 05-Jul-2024 |
How to Use Google Dorks to Access Online Cameras | https://medium.com/@mirabelle.dib/how-to-use-google-dorks-to-access-online-cameras-251e83106f6b?source=rss------bug_bounty-5 | Meerabell | information-security, cybersecurity, bug-bounty, hacking, google-dork | 05-Jul-2024 |
Nuclei Kullanımı | https://medium.com/@sabriacun552/nuclei-kullan%C4%B1m%C4%B1-7038742dc53e?source=rss------bug_bounty-5 | Sabriacun | vulnerability-scanning, cybersecurity, bug-bounty, penetration-testing | 05-Jul-2024 |
SSRF Vulnerability in HiTranslate: A Technical Breakdown | https://medium.com/@security.tecno/ssrf-vulnerability-in-hitranslate-a-technical-breakdown-a5f517467a5b?source=rss------bug_bounty-5 | TECNO Security | hacking, security, bug-bounty, apps | 04-Jul-2024 |
Mastering Bug Bounty with Professor: Strategies for Success | https://bughuntar.medium.com/mastering-bug-bounty-with-professor-strategies-for-success-436fac3c7e28?source=rss------bug_bounty-5 | Professor the Hunter | cybersecurity, professorthehunter, bug-bounty, bug-bounty-tips, bughuntar | 04-Jul-2024 |
Google launches $250,000 bug bounty, this time targeting KVM, a virtual machine element | https://medium.com/@tothe21century/google-launches-250-000-bug-bounty-this-time-targeting-kvm-a-virtual-machine-element-d73cfbd63243?source=rss------bug_bounty-5 | RICH CHOI | bug-bounty | 04-Jul-2024 |
How I Found an IDOR Vulnerability in a Public Program on HackerOne | https://medium.com/@muhammadfurqanoffical/how-i-found-an-idor-vulnerability-in-a-public-program-on-hackerone-44c6724b0292?source=rss------bug_bounty-5 | Muhammad Furqan | bug-bounty-writeup, infosec-write-ups, bug-bounty, idor, hackerone | 04-Jul-2024 |
Apa itu XSS dan Bagaimana cara saya menemukan puluhan XSS Vulnerability | https://hack4funacademy.medium.com/apa-itu-xss-dan-bagaimana-cara-saya-menemukan-puluhan-xss-vulnerability-46fba9491bba?source=rss------bug_bounty-5 | Hack4Fun Academy | vulnerability, xss-attack, hacking, cybersecurity, bug-bounty | 04-Jul-2024 |
Understanding Request Smuggling: A Hidden Web Vulnerability (K-Edition) | https://medium.com/@friendly_/understanding-request-smuggling-a-hidden-web-vulnerability-k-edition-6ffab38d5aa1?source=rss------bug_bounty-5 | Friendly | hacking, bug-bounty, bugbounty-writeup, bug-bounty-tips | 04-Jul-2024 |
How I Used Keylogger XSS to Capture Credentials Leading to ATO | https://medium.com/@yyaminn/how-i-used-keylogger-xss-to-capture-credentials-leading-to-ato-06593e7a0798?source=rss------bug_bounty-5 | yyaminn | cybersecurity, bug-bounty, xss-attack, bugbounty-writeup, infosec | 04-Jul-2024 |
HACKBAR: A BROWSER EXTENSION FOR WEB SECURITY TESTING | https://medium.com/@Progsky/hackbar-a-browser-extension-for-web-security-testing-461b97d1a9e9?source=rss------bug_bounty-5 | Progsky | hacking, bug-bounty, pentesting, penetration-testing, web-security | 04-Jul-2024 |
How I earned $500 bounty for privilege escalation vulnerability !! | https://kumarmohank889.medium.com/how-i-earned-500-bounty-for-privilege-escalation-vulnerability-c42977abcc52?source=rss------bug_bounty-5 | Mohan Kumar N | hacking, bug-bounty, security, bug-bounty-tips, security-research | 04-Jul-2024 |
2.13 Lab: Broken brute-force protection, multiple credentials per request | https://cyberw1ng.medium.com/2-13-lab-broken-brute-force-protection-multiple-credentials-per-request-1beb6a85b12c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, hacking, bug-bounty, penetration-testing | 04-Jul-2024 |
Tools For Beginner Bug Hunter, Penetration Tester or Web Security Engineer | https://medium.com/@a5adujjaman/tools-for-beginner-bug-hunter-penetration-tester-or-web-security-engineer-a5510748fc5a?source=rss------bug_bounty-5 | Asadujjaman Asif | web-security, penetration-testing, security, bug-bounty, hacking | 04-Jul-2024 |
0 star rating got me 40 EUR. MY first bug I got paid for. | https://medium.com/@siyamhassan.main/0-star-rating-got-me-40-eur-my-first-bug-i-got-paid-for-18417f76a707?source=rss------bug_bounty-5 | 2004siyam_hassan | bug-bounty, bunty | 04-Jul-2024 |
IDOR to change other’s Account Name | https://codingninjablogs.tech/idor-to-change-others-account-name-43ddf7cfe429?source=rss------bug_bounty-5 | #$ubh@nk@r | idor, hacking, bug-bounty, infosec, web-security | 04-Jul-2024 |
The Problem With Bug Bounties | https://kf106.medium.com/the-problem-with-bug-bounties-0c5d956411d8?source=rss------bug_bounty-5 | Keir Finlow-Bates | bug-bounty, bug-bounty-program, hacking, computer-security, cryptocurrency | 04-Jul-2024 |
Mass Hunting XSS vulnerabilities | https://systemweakness.com/mass-hunting-xss-vulnerabilities-8d4785968727?source=rss------bug_bounty-5 | Imran Niaz | cross-site-scripting, bug-bounty-hunter, bug-bounty, bug-bounty-tips, xss-vulnerability | 04-Jul-2024 |
0 star rating got me 40 EUR. MY first bug I got paid for. | https://medium.com/@siyamhassan.main/0-star-rating-got-me-40-eur-my-first-bug-i-got-paid-for-18417f76a707?source=rss------bug_bounty-5 | Clasher | bug-bounty, bunty | 04-Jul-2024 |
IDOR vulnerability allow attacker to make a checkout order on behalf of other users | https://medium.com/@omarataallah98/idor-vulnerability-allow-attacker-to-make-an-order-checkout-on-behalf-other-users-accounts-2bdc4c7b8eca?source=rss------bug_bounty-5 | Omarataallah | security-testing, hacking, bug-bounty, hacks, idor-vulnerability | 03-Jul-2024 |
How to find wildcard bug bounty assets owned by a company. | https://medium.com/@tom.sh/how-to-find-wildcard-bug-bounty-assets-owned-by-a-company-991db585a554?source=rss------bug_bounty-5 | Tom | bug-bounty, recon, reconnaissance, cybersecurity, hacking | 03-Jul-2024 |
26.1 Lab: Exploiting LLM APIs with excessive agency | https://cyberw1ng.medium.com/26-1-lab-exploiting-llm-apis-with-excessive-agency-bb94aa506893?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, hacking, cybersecurity, penetration-testing | 03-Jul-2024 |
Complex Attack Types: Sample Scenarios 32 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-32-7c47b8e5d139?source=rss------bug_bounty-5 | Baris Dincer | cybersecurity, bug-bounty, threat-intelligence, penetration-testing, freedomofinternet | 03-Jul-2024 |
Mobile App Testing with Android Studio & Frida | https://medium.com/@jaylinscorner/mobile-app-testing-with-android-studio-frida-b65484121ba6?source=rss------bug_bounty-5 | Jaylin Nelson | bug-bounty, penetration-testing, cybersecurity, mobile-app-testing, frida | 03-Jul-2024 |
Blind OS Command Injection with time delays from Theory to Practical POC | https://medium.com/@dhruvsingh0203/hola-hackers-im-dhruv-singh-a-cybersecurity-enthusiast-passionate-about-exploring-the-depths-834a9d140115?source=rss------bug_bounty-5 | Dhruv Singh | ethical-hacking, command-injection, bug-bounty, hacking | 03-Jul-2024 |
IDOR vulnerability allow attacker to make a checkout order on behalf of other users | https://medium.com/@Bug_Bounty/idor-vulnerability-allow-attacker-to-make-a-checkout-order-on-behalf-of-other-users-397b16ece8fc?source=rss------bug_bounty-5 | Bug Bounty | bug-bounty, bountytips, togetherwehitharder, idor | 03-Jul-2024 |
Meta MFA bypass security bug was turned down, calling it a feature! What do you think? | https://medium.com/@kannnannmk/meta-mfa-bypass-security-bug-was-turned-down-calling-it-a-feature-what-do-you-think-9663e7c5a65e?source=rss------bug_bounty-5 | Neelamegha Kannan S | bug-bounty-tips, bug-bounty, cybersecurity, penetration-testing, meta | 03-Jul-2024 |
Aylık Özet Haziran 2024: Incognitee Hata Ödülü Lansmanı, Polkadot Hazine Teklifi ve Daha Fazlası | https://medium.com/@integriteetr/ayl%C4%B1k-%C3%B6zet-haziran-2024-incognitee-hata-%C3%B6d%C3%BCl%C3%BC-lansman%C4%B1-polkadot-hazine-teklifi-ve-daha-fazlas%C4%B1-22beabdf77aa?source=rss------bug_bounty-5 | Integriteetr | integritee, bug-bounty, blockchain, polkadot, wrap-up | 03-Jul-2024 |
PortSwigger LABs- SQL Injection | https://medium.com/@1dnz/lab-sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-ec0d03f83574?source=rss------bug_bounty-5 | H-ACK-ing | hacks, portswigger-lab, bug-bounty, hacking | 03-Jul-2024 |
A story of a nice SSRF vulnerability. | https://medium.com/@oXnoOneXo/a-story-of-a-nice-ssrf-vulnerability-51e16ff6a33f?source=rss------bug_bounty-5 | oXnoOneXo | hackerone, bug-bounty, ssrf | 03-Jul-2024 |
#IBRAHIMXSS TOOL RELEASE | https://ibrahimxss.medium.com/ibrahimxss-tool-release-97ba90fc3419?source=rss------bug_bounty-5 | #IbrahimXSS | xss-challenge, xss-bypass, xss-attack, xss-vulnerability, bug-bounty | 03-Jul-2024 |
How I Discovered Authentication Bypass That Blocks Users from Accessing the Website ? | https://sayedv2.medium.com/how-i-discovered-authentication-bypass-that-blocks-users-from-accessing-the-website-93140fa180ac?source=rss------bug_bounty-5 | Mohamed Sayed | bug-bounty-writeup, bug-bounty-tips, hackerone, authentication, bug-bounty | 03-Jul-2024 |
Bypassing Input Validation $0 - $1000 | https://medium.com/@mdnafeed3/bypassing-input-validation-0-1000-799682d547ba?source=rss------bug_bounty-5 | H4cker-Nafeed | technology, infosec, cybersecurity, bug-bounty | 02-Jul-2024 |
Understanding Admin Login Bypass: A Critical Security Discussion | https://farrosfr.medium.com/understanding-admin-login-bypass-a-critical-security-discussion-2641e54e60fd?source=rss------bug_bounty-5 | Mochammad Farros Fatchur Roji | php, programming, bug-bounty, web, cybersecurity | 02-Jul-2024 |
Do Hackers Really Need Coding Skills? Let’s Understand . . . | https://d3athcod3.medium.com/do-hackers-really-need-coding-skills-lets-understand-51e60e16c978?source=rss------bug_bounty-5 | D3athCod3 | technology, hacking, cybersecurity, bug-bounty, computer-science | 02-Jul-2024 |
18.4 Lab: Arbitrary object injection in PHP | https://cyberw1ng.medium.com/18-4-lab-arbitrary-object-injection-in-php-30a164de4595?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, careers, hacking, cybersecurity | 02-Jul-2024 |
Secret phishing bug google dont want you to know | https://medium.com/@eyaalgabay/secret-phishing-bug-google-dont-want-you-to-know-4d6d7616fa3f?source=rss------bug_bounty-5 | Eyaalgabay | web-hacking, bug-bounty, hacking, cybersecurity, unicode | 02-Jul-2024 |
LendingOwl introduces Bug Bounty Program. | https://medium.com/@valeriecameron70/lendingowl-introduces-bug-bounty-program-739910791826?source=rss------bug_bounty-5 | Valerie Cameron | lending, fintech, p2p, bug-bounty, news-articles | 02-Jul-2024 |
How I found IDOR in NASA | https://infosecwriteups.com/how-i-found-idor-in-nasa-4186a03455b4?source=rss------bug_bounty-5 | Eslam Omar | hacking, bug-bounty, bug-bounty-tips, nasa | 02-Jul-2024 |
AT&T Bug Bounty Program Scope | https://medium.com/@imusabkhan/at-t-bug-bounty-program-scope-ae256fbf1bf9?source=rss------bug_bounty-5 | Mohammad Musab Khan | bug-bounty, ethical-hacking, att, writeup, hackerone | 02-Jul-2024 |
Monthly Wrap-Up June 2024: Incognitee Bug Bounty Launch, Polkadot Treasury Proposal & More | https://medium.com/integritee/monthly-wrap-up-june-2024-incognitee-bug-bounty-launch-polkadot-treasury-proposal-more-c3623df413d4?source=rss------bug_bounty-5 | Integritee Network | bug-bounty, integritee, polkadot, wrap-up, blockchain | 02-Jul-2024 |
How to Find Your First CVE: A Guide for Aspiring Security Researchers | https://medium.com/@khammassilouay21/how-to-find-your-first-cve-a-guide-for-aspiring-security-researchers-c1e5eb9e819a?source=rss------bug_bounty-5 | Khammassilouay | cve, web-security, bug-bounty, cybersecurity | 02-Jul-2024 |
Self XSS + Login CSRF + OAuth = Account Takeover | https://medium.com/@l_s_/self-xss-login-csrf-oauth-account-takeover-6357f3395b49?source=rss------bug_bounty-5 | LS | bug-bounty, xss-attack, oauth, csrf, hacking | 02-Jul-2024 |
INFORMATION DISCLOSURE THROUGH AN ORGANIZATION’S NETWORK | https://hackhive.medium.com/information-disclosure-through-an-organizations-network-1f4e0bac1c55?source=rss------bug_bounty-5 | HackHive | bug-bounty, pentesting, vulnerability-assessment, information-security, information-disclosure | 02-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-33) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-33-31e20416b7aa?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | skills, cybersecurity, hacking, ethical-hacking, bug-bounty | 02-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-32) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-32-044ea32fd931?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, hacking, skills, cybersecurity, bug-bounty | 02-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-31) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-31-401155afb539?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, skills, hacking, bug-bounty, ethical-hacking | 02-Jul-2024 |
File upload to RCE — Bug Bounty Tuesday | https://medium.com/@kerstan/file-upload-to-rce-bug-bounty-tuesday-f8dda0ed4077?source=rss------bug_bounty-5 | kerstan | hacking, cybersecurity, bug-bounty | 02-Jul-2024 |
The Dark Side of Contact Forms: How I Identified 7 CVEs in WordPress Plugins | https://dropn0w.medium.com/the-dark-side-of-contact-forms-how-i-identified-7-cves-in-wordpress-plugins-30f6111dfebf?source=rss------bug_bounty-5 | drop | bug-bounty, hacking, information-security, wordpress, cybersecurity | 02-Jul-2024 |
How to Find Your First CVE: A Guide for Aspiring Security Researchers | https://systemweakness.com/how-to-find-your-first-cve-a-guide-for-aspiring-security-researchers-c1e5eb9e819a?source=rss------bug_bounty-5 | Khammassilouay | cve, web-security, bug-bounty, cybersecurity | 02-Jul-2024 |
How to Use Google Dorks to Find Vulnerabilities | https://medium.com/@meerabell/how-to-use-google-dorks-to-find-vulnerabilities-da782f05826e?source=rss------bug_bounty-5 | Meerabell | hacking, information-security, bug-bounty, google-dork, cybersecurity | 02-Jul-2024 |
Exploiting Response Manipulation for Account Takeover | https://medium.com/@sdarmwal17/exploiting-response-manipulation-for-account-takeover-b19ce1494109?source=rss------bug_bounty-5 | Shubham Darmwal | otp-bypass, cybersecurity, account-takeover, bug-bounty, response-manipulation | 02-Jul-2024 |
Complex Attack Types: Sample Scenarios 31 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-31-b4f0ee2f90ac?source=rss------bug_bounty-5 | Baris Dincer | bug-bounty, cybersecurity, active-directory, penetration-testing, freedomofinternet | 02-Jul-2024 |
How to Use Google Dorks to Find Vulnerabilities | https://medium.com/@mirabelle.dib/how-to-use-google-dorks-to-find-vulnerabilities-da782f05826e?source=rss------bug_bounty-5 | Meerabell | hacking, information-security, bug-bounty, google-dork, cybersecurity | 02-Jul-2024 |
Effective XSS methodology : The true way to hunt XSS | https://xdead4f.medium.com/effective-xss-methodology-the-true-way-to-hunt-xss-4f4d740035cc?source=rss------bug_bounty-5 | 0xdead4f | xss-attack, bug-hunting, bug-bounty, cybersecurity | 01-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-29) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-29-d5e656812d96?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, cybersecurity, bug-bounty, hacking, skills | 01-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-28) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-28-ae3cb3e93960?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | skills, bug-bounty, cyber-security-awareness, ethical-hacking, hacking | 01-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-27) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-27-f5c03938d8fb?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, cyber-security-awareness, ethical-hacking, hacking, bug-bounty-tips | 01-Jul-2024 |
Understanding and Mitigating Smart Contract Vulnerabilities | https://securrtech.medium.com/understanding-and-mitigating-smart-contract-vulnerabilities-291b7fe168f2?source=rss------bug_bounty-5 | Securr | vulnerability, bug-bounty, cybersecurity, securr, smart-contracts | 01-Jul-2024 |
18.3 Using application functionality to exploit insecure deserialization | https://cyberw1ng.medium.com/18-3-using-application-functionality-to-exploit-insecure-deserialization-d6f18fe4811c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, hacking, penetration-testing, bug-bounty, careers | 01-Jul-2024 |
Phishing or What?? How I Got Access to the Internal Email of a Company | https://infosecwriteups.com/phishing-or-what-how-i-got-access-to-the-internal-email-of-a-company-a098fb08728?source=rss------bug_bounty-5 | whit3ros3 | infosec, ethical-hacking, hacking, bug-bounty, bug-bounty-tips | 01-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-30) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-30-e3519045da6d?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, skills, cybersecurity, bug-bounty, hacking | 01-Jul-2024 |
Unmasking the Danger: Open Redirection via Referer Header | https://medium.com/@sulmanfarooq531/unmasking-the-danger-open-redirection-via-referer-header-a527ab4e7be1?source=rss------bug_bounty-5 | Sulman Farooq S | cybersecurity, bug-bounty, hacking, open-redirect | 01-Jul-2024 |
How I Found CVE-2019-9826 on one of famous crypto company. $$$$ | https://medium.com/@a7madhacck/how-i-found-cve-2019-9826-on-one-of-famous-crypto-company-f23d9ba69861?source=rss------bug_bounty-5 | Ahmad Yussef | bug-bounty-writeup, cybersecurity, bug-bounty-tips, hacking, bug-bounty | 01-Jul-2024 |
3 Easy cash via cache | https://medium.com/@mohamed0xmuslim/3-easy-cash-via-cache-99d600565ac5?source=rss------bug_bounty-5 | Muhammad_Mostafa | bug-bounty | 01-Jul-2024 |
Story of a 1000$ Open Redirect | https://infosecwriteups.com/story-of-a-1000-open-redirect-1405fb8a0e7a?source=rss------bug_bounty-5 | Debangshu Kundu | cybersecurity, medium, bug-bounty, hacking, technology | 01-Jul-2024 |
Hacking Hidden Gems: Content Discovery with Webseek | https://medium.com/@hackertam1/hacking-hidden-gems-content-discovery-with-webseek-cf5a00c97d72?source=rss------bug_bounty-5 | Tahir Mujawar | cybersecurity, bug-bounty, recon, ethical-hacking, penetration-testing | 01-Jul-2024 |
How I found Bug on NASA | https://medium.com/@psychomong/how-i-found-bug-on-nasa-b2408e14aa17?source=rss------bug_bounty-5 | psychomong | bug-bounty, real-world-bug-hunting, nasa, hacking, hacker | 01-Jul-2024 |
My 60 Days Journey To Find My First Bug | https://medium.com/@binarysleuth247/my-60-days-journey-to-find-my-first-bug-59a2e676fda8?source=rss------bug_bounty-5 | binarysleuth247 | bug-bounty | 01-Jul-2024 |
VPS -Virtual Private Server- | https://medium.com/@haticezkmnl/vps-virtual-private-server-f37ffab2f3f1?source=rss------bug_bounty-5 | Hatice Zehra Kamanlı | servers, website, bug-bounty, public, vps | 01-Jul-2024 |
THM — Blog walkthrough | https://medium.com/@riickyrick/thm-blog-walkthrough-21f2844eafda?source=rss------bug_bounty-5 | Riicky | thm, bug-bounty, metasploit, wordpress, writeup | 01-Jul-2024 |
Mengumpulkan javascript file pada suatu websites untuk menemukan information disclosure | https://hack4funacademy.medium.com/mengumpulkan-javascript-file-pada-suatu-websites-untuk-menemukan-information-disclosure-8126fcccd77d?source=rss------bug_bounty-5 | Hack4Fun Academy | pentesting, cybersecurity, bug-bounty, bug-bounty-tips, hacking | 30-Jun-2024 |
XSS Deep Learning and Test Case Preparation | https://medium.com/@barsavak/xss-deep-learning-and-test-case-preparation-3f796a7ad5ed?source=rss------bug_bounty-5 | bariss30 | bug-bounty-tips, bug-bounty, xss-vulnerability | 30-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-26) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-26-49760a380496?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program, bug-bounty | 30-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-25) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-25-25328dcc629f?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-hunter, bug-bounty-writeup, bug-bounty-program, bug-bounty, bug-bounty-tips | 30-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-24) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-24-17e137c514ed?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-hunter, bug-bounty-program, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 30-Jun-2024 |
The Only Methodology you need to Know to earn $$$$ in Bug Bounty in your First Day | https://xdead4f.medium.com/the-only-methodology-you-need-to-know-to-earn-in-bug-bounty-in-your-first-day-e8a361c89eb5?source=rss------bug_bounty-5 | 0xdead4f | bug-bounty, side-hustle, bug-bounty-methodology | 30-Jun-2024 |
Guide to Using ffuf | https://medium.com/@learntheshell/guide-to-using-ffuf-74824770076b?source=rss------bug_bounty-5 | LearnTheShell | bug-bounty, cybersecurity, fuzzing, hacking, linux | 30-Jun-2024 |
Bug Report from Product Testing https://hng.tech/ | https://medium.com/@teslimahsalahudeen/bug-report-from-product-testing-https-hng-tech-98e290fe3c0e?source=rss------bug_bounty-5 | CyberGoodness^ | product-testing, bug-bounty, security | 30-Jun-2024 |
XSS TEST CASE TASK | https://medium.com/@avar.talha08/xss-test-case-task-7a4bfd5b223a?source=rss------bug_bounty-5 | Talha Acar | bug-bounty-writeup, bug-bounty, php | 30-Jun-2024 |
Cisco Finesse Remote File Inclusion (CVE-2024–20405) | https://0x3zzat.medium.com/cisco-finesse-remote-file-inclusion-cve-2024-20405-7947c3327e0c?source=rss------bug_bounty-5 | Abd El Rahman Ezzat | cve, penetration-testing, bug-bounty, cve-2024-20405, cisco | 30-Jun-2024 |
Cisco Finesse Server Side Request Forgery (CVE-2024–20404) | https://0x3zzat.medium.com/cisco-finesse-server-side-request-forgery-cve-2024-20404-5d74b449a4a2?source=rss------bug_bounty-5 | Abd El Rahman Ezzat | cve-2024-20404, penetration-testing, cve, cisco, bug-bounty | 30-Jun-2024 |
18.2 Modifying Serialized Data Types | https://cyberw1ng.medium.com/18-2-modifying-serialized-data-types-726426fb3350?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, cybersecurity, bug-bounty, penetration-testing | 30-Jun-2024 |
XSS 101: XSS Nedir ? | https://medium.com/@kormorphus/xss-101-xss-nedir-15b04f7e4269?source=rss------bug_bounty-5 | Kormorphus | bug-bounty, cybersecurity, xss-attack | 30-Jun-2024 |
How to use Cheat Engine on Opera Gx | https://medium.com/@MrRipperoni/how-to-use-cheat-engine-on-opera-gx-ea6b121f0301?source=rss------bug_bounty-5 | Mr.Ripperoni | programming, bug-bounty, hacking, gamehacking, hacking-tools | 30-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-23) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-23-9f3497d279f1?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-program, bug-bounty | 29-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-22) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-22-8edd54306b83?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-tips, bug-bounty-program, bug-bounty-hunter, bug-bounty-writeup, bug-bounty | 29-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-21) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-21-e008298773da?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-program | 29-Jun-2024 |
XSS TEST CASE | https://medium.com/@aarda418/xss-test-case-6158aad30604?source=rss------bug_bounty-5 | Arda Aslan | bug-bounty-tips, xss-vulnerability, bug-bounty | 29-Jun-2024 |
14.9 Lab: CSRF where token is tied to non-session cookie | https://cyberw1ng.medium.com/14-9-lab-csrf-where-token-is-tied-to-non-session-cookie-926338db4ba7?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, careers, hacking, cybersecurity, bug-bounty | 29-Jun-2024 |
Using AI to hunt for XSS. | https://medium.com/@deadoverflow/using-ai-to-hunt-for-xss-e04ba8d32ba8?source=rss------bug_bounty-5 | Imad Husanovic | cybersecurity, ethical-hacking, bug-bounty-tips, bug-bounty, hacking | 29-Jun-2024 |
XSS TEST CASE | https://medium.com/@mehmetfarisacar/xss-test-case-199e0bec59a6?source=rss------bug_bounty-5 | Mehmet Faris Acar | bug-bounty, xss-vulnerability, bug-bounty-tips | 29-Jun-2024 |
LEARNING PROCESS module from HTB بالعربي | https://medium.com/@am3002297/learning-process-module-from-htb-%D8%A8%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A-37675b8144b0?source=rss------bug_bounty-5 | 30obd | cybersecurity, bug-bounty | 29-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-19) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-19-7dfd1bd2d1ba?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-program | 28-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-18) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-18-5179747f60c3?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-tips, bug-bounty, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-program | 28-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-20) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-20-a60e30106e0c?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-program, bug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips | 28-Jun-2024 |
Race Condition Vulnerability to bypass email confirmation | https://medium.com/@siratsami71/race-condition-vulnerability-to-bypass-email-confirmation-2af8d916fe61?source=rss------bug_bounty-5 | Sirat Sami (analyz3r) | hacking, bug-bounty, cybersecurity | 28-Jun-2024 |
XSS Zafiyeti Hakkında: | https://medium.com/@hhuseyinuyar17/xss-zafiyeti-hakk%C4%B1nda-98b5849d4700?source=rss------bug_bounty-5 | Hhuseyinuyar | reflected-xss, xss-attack, dom-xss, stored-xss, bug-bounty | 28-Jun-2024 |
An Easy RACE CONDITION Bug That Made Me Fame | https://medium.com/@hashimamin/an-easy-race-condition-bug-that-made-me-fame-97d6921ae7f4?source=rss------bug_bounty-5 | Hashim Amin | vulnerability, race-condition, infosec, bugbounty-writeup, bug-bounty | 28-Jun-2024 |
Why is programming so important in bug bounty? | https://medium.com/@deadoverflow/why-is-programming-so-important-in-bug-bounty-b7d7889ae026?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty-tips, cybersecurity, programming, bug-bounty, hacking | 28-Jun-2024 |
HTML Injection — HTB lab | https://zhunter12.medium.com/html-injection-htb-lab-cd7bdcd8fd93?source=rss------bug_bounty-5 | Oscar Romero | htb-academy, htb, html-injection, cybersecurity, bug-bounty | 28-Jun-2024 |
14.8 Lab: CSRF where token is duplicated in cookie | https://cyberw1ng.medium.com/14-8-lab-csrf-where-token-is-duplicated-in-cookie-d688fd0ac2ac?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, penetration-testing, cybersecurity, bug-bounty, careers | 28-Jun-2024 |
0-click Account Takeover (ATO) via Google Authentication | https://medium.com/@elcapitano7x/0-click-account-takeover-ato-via-google-authentication-b63a01a80a03?source=rss------bug_bounty-5 | Elcapitano | bug-bounty-tips, hackerone, bug-bounty-writeup, account-takeover, bug-bounty | 28-Jun-2024 |
[Bounty Weekend] Phone Verification Bypass With Business Logic Vulnerability | https://medium.com/@rifqihz/bounty-weekend-phone-verification-bypass-with-business-logic-vulnerability-1b2844b93d5a?source=rss------bug_bounty-5 | Rifqi Hilmy Zhafrant | hackerone, writeup, bug-bounty | 28-Jun-2024 |
Writeup: Discovering and Exploiting XSS Vulnerabilities — My First Bug Hunting Reward | https://medium.com/@heyrm/writeup-discovering-and-exploiting-xss-vulnerabilities-my-first-bug-hunting-reward-0dfb0ebfd6aa?source=rss------bug_bounty-5 | heyrm | bug-bounty-writeup, cybersecurity, bug-bounty, xss-attack, bug-hunting | 27-Jun-2024 |
Writeup: Menemukan dan Mengeksploitasi Kerentanan XSS — Reward Bug Hunting Pertamaku | https://medium.com/@heyrm/writeup-menemukan-dan-mengeksploitasi-kerentanan-xss-reward-bug-hunting-pertamaku-cbf76c9eaf65?source=rss------bug_bounty-5 | heyrm | xss-vulnerability, bug-bounty, cybersecurity, xss-attack, bug-hunting | 27-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-17) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-17-8d38292448cf?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-hunter, bug-bounty-program, bug-bounty-writeup, bug-bounty-tips, bug-bounty | 27-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-16) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-16-aacc2aab0f71?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-tips, bug-bounty, bug-bounty-program, bug-bounty-hunter, bug-bounty-writeup | 27-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-15) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-15-2cd3a0188386?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, bug-bounty-writeup, bug-bounty-program, bug-bounty-tips, bug-bounty-hunter | 27-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-14) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-14-985969cf2f17?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-program, bug-bounty-tips | 27-Jun-2024 |
Hunting Bugs for RE Hunter 350 | https://vijetareigns.medium.com/hunting-bugs-for-re-hunter-350-81338c4ebf20?source=rss------bug_bounty-5 | the_unlucky_guy | bug-bounty, bug-bounty-tips, bug-bounty-writeup, bugbounty-writeup, cybersecurity | 27-Jun-2024 |
Malicious Document Analysis: Emotet Case I | https://medium.com/@brsdncr/malicious-document-analysis-emotet-case-i-4a5f1ca8c565?source=rss------bug_bounty-5 | Baris Dincer | cybersecurity, threat-intelligence, penetration-testing, bug-bounty, freedomofinternet | 27-Jun-2024 |
IDORs Never Disappoint Me— Hacking Into Online Bookings ($$$$) | https://aravind07.medium.com/idors-never-disappoint-me-hacking-into-online-bookings-5b2f34e1af25?source=rss------bug_bounty-5 | Gnana Aravind K | cybersecurity, penetration-testing, infosec, hacking, bug-bounty | 27-Jun-2024 |
How I was able to steal cookies via stored XSS | https://medium.com/@xnum.1/how-i-was-able-to-steal-cookies-via-stored-xss-c7f172fe114c?source=rss------bug_bounty-5 | Ahmed Tarek | stored-xss, xss-attack, bug-bounty, cookies, javascript | 27-Jun-2024 |
14.7 Lab: CSRF where token is not tied to user session | https://cyberw1ng.medium.com/14-7-lab-csrf-where-token-is-not-tied-to-user-session-841faddd036a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, cybersecurity, bug-bounty, careers, hacking | 27-Jun-2024 |
XSS Test Cases Preperation | https://medium.com/@NadirSensoy/xss-test-cases-preperation-566e34ff94fb?source=rss------bug_bounty-5 | Nadir Sensoy | bug-bounty-tips, bug-bounty, xss-vulnerability | 27-Jun-2024 |
Front End y Back End: Lab HTB Exposición de Datos Sensibles | https://zhunter12.medium.com/front-end-y-back-end-lab-htb-exposici%C3%B3n-de-datos-sensibles-a21431c08d9d?source=rss------bug_bounty-5 | Oscar Romero | cybersecurity, frontend, sensitive-data-exposure, htb-academy, bug-bounty | 27-Jun-2024 |
How I was able to steal cookies via stored XSS | https://medium.com/@0x_xnum/how-i-was-able-to-steal-cookies-via-stored-xss-c7f172fe114c?source=rss------bug_bounty-5 | Ahmed Tarek | stored-xss, xss-attack, bug-bounty, cookies, javascript | 27-Jun-2024 |
How long did it take me to find my first bug? | https://medium.com/@deadoverflow/how-long-did-it-take-me-to-find-my-first-bug-969699fa9080?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty-tips, hacking, cybersecurity, bug-bounty, programming | 27-Jun-2024 |
ICMTC CTF 2024 (Web Exploitation) | https://0x0anas.medium.com/icmtc-ctf-2024-web-exploitation-57998a15107b?source=rss------bug_bounty-5 | Anas Ibrahim | ctf, icmtc-ctf, pentesting, bug-bounty | 27-Jun-2024 |
IDORs Never Disappoint Me — Hacking Into Online Bookings ($$$$) | https://aravind07.medium.com/idors-never-disappoint-me-hacking-into-online-bookings-5b2f34e1af25?source=rss------bug_bounty-5 | Gnana Aravind K | cybersecurity, penetration-testing, infosec, hacking, bug-bounty | 27-Jun-2024 |
Checklist for Forgot Password functionality | https://infosecwriteups.com/checklist-for-forgot-password-functionality-3f61c34a15eb?source=rss------bug_bounty-5 | Suprajabaskaran | penetration-testing, passwords, bug-bounty, bug-bounty-tips, pentesting | 26-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-13) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-13-b7bc7fa2123b?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-hunter, bug-bounty-program, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 26-Jun-2024 |
Basic Cyber Security Course First Day | https://mrunknown124154.medium.com/basic-cyber-security-course-first-day-c6ad0cb7d907?source=rss------bug_bounty-5 | Mr Abdullah | cyber-security-awareness, ethical-hacking, bug-bounty, cybersecurity | 26-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-12) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-12-4b892dc13d9f?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-hunter, bug-bounty-program, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 26-Jun-2024 |
XSS: Demonstrating Impact Without Credentials | https://infosecwriteups.com/xss-demonstrating-impact-without-credentials-db7fff38792a?source=rss------bug_bounty-5 | Shlok K | xss-attack, vulnerability, infosec, bug-bounty, cross-site-scripting | 26-Jun-2024 |
Penetration Testing with Termux: A Newbie’s Success Story | https://medium.com/@yp400215/penetration-testing-with-termux-a-newbies-success-story-649e3393a311?source=rss------bug_bounty-5 | Yash Pawar | bug-bounty, penetration-testing, idor-vulnerability | 26-Jun-2024 |
Come back | https://medium.com/@anonymous19999/come-back-802e211927f6?source=rss------bug_bounty-5 | Anonymous | life, love, bug-bounty, comeback | 26-Jun-2024 |
Learn Android Penetration Testing Skill with This Vulnerable APK | https://medium.com/@phyowathone/learn-android-penetration-testing-skill-with-this-vulnerable-apk-94d9300a11c4?source=rss------bug_bounty-5 | Phyo WaThone Win | android-pentesting, android-security, application-security, android-bug-bounty, bug-bounty | 26-Jun-2024 |
How I found XSS and open redirect in Kamiapp.com accidentally | https://medium.com/@alimuhammadsecured/how-i-found-xss-and-open-redirect-in-kamiapp-com-accidentally-364ef7db939d?source=rss------bug_bounty-5 | Alimuhammadsecured | xss-attack, cybersecurity, hacking, bug-bounty | 26-Jun-2024 |
Complex Attack Types: Sample Scenarios 26 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-26-9b05b2b26815?source=rss------bug_bounty-5 | Baris Dincer | bug-bounty, penetration-testing, freedomofinternet, cybersecurity, information-security | 26-Jun-2024 |
Unveiling the Secrets of Server-Side Template Injection (SSTI) in Flask and Jinja2 | https://medium.com/@baraiprince0111/unveiling-the-secrets-of-server-side-template-injection-ssti-in-flask-and-jinja2-25c57ab3199f?source=rss------bug_bounty-5 | Baraiprince | ctf, hacking, cybersecurity, trends, bug-bounty | 26-Jun-2024 |
Unveiling OAuth Vulnerabilities: Exploring Account Access Without Email Verification | https://medium.com/@sulmanfarooq531/unveiling-oauth-vulnerabilities-exploring-account-access-without-email-verification-d36762361df7?source=rss------bug_bounty-5 | Sulman Farooq S | bug-bounty, cybersecurity, oauth, hacking, oauth2 | 26-Jun-2024 |
How i’ve found : ( IDOR + XSS ) = all USERS account takeover 🙂 ? | https://medium.com/@zack0x01_/how-ive-found-idor-xss-all-users-account-takeover-a49d59cf5108?source=rss------bug_bounty-5 | zack0x01 | bugbounty-tips, bug-bounty, bugbounty-poc, hacking, bugbounty-writeup | 26-Jun-2024 |
VRP [IDOR] Menghapus dan Melihat Data Korban | https://medium.com/@anvilleofficial/vrp-idor-menghapus-dan-melihat-data-korban-a9e1f8978798?source=rss------bug_bounty-5 | barr | idor, bug-bounty | 26-Jun-2024 |
How I compromised 1500 accounts/month with no technical skill | https://theclemvp.medium.com/how-i-compromised-1500-accounts-month-with-no-technical-skill-6a83ecd5c8eb?source=rss------bug_bounty-5 | Clément | cybersecurity, pentesting, penetration-testing, hacking, bug-bounty | 26-Jun-2024 |
14.6 Lab: CSRF Vulnerability where token validation depends on request method | https://cyberw1ng.medium.com/14-6-lab-csrf-vulnerability-where-token-validation-depends-on-request-method-78f2a2c33173?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, hacking, careers, cybersecurity | 26-Jun-2024 |
OTP Bypass through Response Manipulation | https://medium.com/@xnum.1/otp-bypass-through-response-manipulation-905bc70e5ff4?source=rss------bug_bounty-5 | Ahmed Tarek | authentication-bypass, authentication, bug-bounty, otp-verification, otp-bypass | 26-Jun-2024 |
Explotando Vulnerabilidades de Validación de Entrada en un Workflow de Compras — Web Sec Academy | https://zhunter12.medium.com/explotando-vulnerabilidades-de-validaci%C3%B3n-de-entrada-en-un-workflow-de-compras-web-sec-academy-a1e3265c46b8?source=rss------bug_bounty-5 | Oscar Romero | ciberseguridad, portswigger-lab, bug-bounty, business-logic-flaw, burpsuite | 26-Jun-2024 |
Understanding Web Security Concepts: A Comprehensive Guide | https://medium.com/@cybe3king/understanding-web-security-concepts-a-comprehensive-guide-61ced70c3337?source=rss------bug_bounty-5 | Cybe3king | bug-bounty, cybersecurity, penetration-testing, web-security, ethical-hacking | 26-Jun-2024 |
Securing Your Home Network: Final Steps | https://medium.com/@jessemridley/securing-your-home-network-final-steps-676b1d7c3787?source=rss------bug_bounty-5 | Jesse Ridley | bug-bounty, network-security, hackathons, freelancing, cybersecurity | 25-Jun-2024 |
13.31 Lab: Exploiting XSS to perform CSRF | https://cyberw1ng.medium.com/13-31-lab-exploiting-xss-to-perform-csrf-0fffd6243312?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, bug-bounty, hacking, cybersecurity | 25-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-10) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-10-466f0806866b?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, bug-bounty-writeup, bug-bounty-program, bug-bounty-tips, bug-bounty-hunter | 25-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-9) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-9-f76dc4218c1c?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-hunter, bug-bounty, bug-bounty-program, bug-bounty-writeup, bug-bounty-tips | 25-Jun-2024 |
#3. Bug Bounty Series: OTP Verification Bypass | https://cyb3rmind.medium.com/3-bug-bounty-series-otp-verification-bypass-468526b76720?source=rss------bug_bounty-5 | Cyb3r M!nds | bug-bounty, otp-bypass, hacking, bug-bounty-tips, pentesting | 25-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-11) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-11-f5009818fb39?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-program, bug-bounty, bug-bounty-start-up, bug-bounty-tips, bug-bounty-hunting | 25-Jun-2024 |
The Role of Ethical Hackers in Web3 Security | https://securrtech.medium.com/the-role-of-ethical-hackers-in-web3-security-e858b516b43d?source=rss------bug_bounty-5 | Securr | blockchain, bug-bounty, web3bugbounty, web3-security, web3 | 25-Jun-2024 |
“Onerror” Ne Demek ? | https://medium.com/@beratkolay37/onerror-ne-demek-bb751f8e6a1b?source=rss------bug_bounty-5 | Berat K. | kali-linux, html, bug-bounty, onerror, javascript | 25-Jun-2024 |
#3. Bug Bounty Series: OTP Verification bypass leads to unauthorized booking appointment | https://cyb3rmind.medium.com/3-bug-bounty-series-otp-verification-bypass-468526b76720?source=rss------bug_bounty-5 | Cyb3r M!nds | bug-bounty, otp-bypass, hacking, bug-bounty-tips, pentesting | 25-Jun-2024 |
ZDay Olarak Bulduğum PostMessage XSS Zafiyetinin Analizi | https://grolar.medium.com/zday-olarak-buldu%C4%9Fum-postmessage-xss-zafiyetinin-analizi-4c81471e32e5?source=rss------bug_bounty-5 | Grolar | bug-bounty-writeup, dom-xss, bug-bounty, xss-vulnerability, web-security | 25-Jun-2024 |
Testing SolarWinds Serv-U Path Directory Transversal Vulnerability (CVE-2024–28995) | https://noorhomaid.medium.com/testing-solarwinds-serv-u-path-directory-transversal-vulnerability-cve-2024-28995-d80e60d31a8d?source=rss------bug_bounty-5 | NoorHomaid | cybersecurity, cve, penetration-testing, bug-bounty, solarwinds-hack | 25-Jun-2024 |
The one where I owned a customer service platform | https://medium.com/@un1tycyb3r/the-one-where-i-owned-a-customer-service-platform-2fd4cff11b28?source=rss------bug_bounty-5 | Un1tycyb3r | bug-bounty | 25-Jun-2024 |
Find Sensitive Data’s using via network analysis make me 250$ | https://medium.com/@test123cybertest/find-sensitive-datas-using-via-network-analysis-make-me-250-a0b23b0cb03b?source=rss------bug_bounty-5 | praveenarsh0xx0 | pentesting, bug-bounty, cybersecurity, bug-bounty-tips | 25-Jun-2024 |
How I Found a Vulnerability in Paytm and Received a Bounty | https://mufazmi.medium.com/how-i-found-a-vulnerability-in-paytm-and-received-a-bounty-d580ea14e9a8?source=rss------bug_bounty-5 | Umair Farooqui ✪ | paytm-bug-bounty, mufazmi, bug-bounty, umair-farooqui, paytm-bug | 25-Jun-2024 |
Hackathon CTF VulnHub | Writeup | Walkthrough | https://shamsulmehmood.medium.com/hackathon-ctf-vulnhub-writeup-walkthrough-aa36adedc49e?source=rss------bug_bounty-5 | SHAMS UL MEHMOOD | vulnerability, cybersecurity, ai, hacker, bug-bounty | 25-Jun-2024 |
My First Bug Hunting Experience: A Journey from Disappointment to Success | https://b0mk35h.medium.com/my-first-bug-hunting-experience-a-journey-from-disappointment-to-success-ae92c222a0d0?source=rss------bug_bounty-5 | Pronay Biswas | bug-bounty, ethical-hacking, cybersecurity, web-security, cyberattack | 24-Jun-2024 |
Unseen Dangers: How Cloud Misconfigurations Could Be Your Company’s Biggest Threat | https://medium.com/@paritoshblogs/unseen-dangers-how-cloud-misconfigurations-could-be-your-companys-biggest-threat-c1ed86b10093?source=rss------bug_bounty-5 | Paritosh | cloud-computing, cybersecurity, hacking, bug-bounty, cloud | 24-Jun-2024 |
Roadmap to Becoming a Professional Penetration Tester with Estimated Learning Time | https://medium.com/@cuncis/roadmap-to-becoming-a-professional-penetration-tester-with-estimated-learning-time-d352bdd43fbe?source=rss------bug_bounty-5 | Cuncis | cybersecurity, penetration-test, bug-bounty, penetration-testing, hacker | 24-Jun-2024 |
Understanding Cybersecurity: Exploits, CVEs, and More | https://systemweakness.com/understanding-cybersecurity-exploits-cves-and-more-59b41bf679dc?source=rss------bug_bounty-5 | Khaleel Khan | cybersecurity, bug-bounty, hacking, infosec, ethical-hacking | 24-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-6) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-6-2ad674553fa0?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-writeup, bug-bounty-tips, bug-bounty, bug-bounty-program, bug-bounty-hunter | 24-Jun-2024 |
CVE Seeker — Unveiling Cyber Threats: From Assets to Vulnerability Insights | https://anmolksachan.medium.com/cve-seeker-unveiling-cyber-threats-from-assets-to-vulnerability-insights-b4b485a7aefb?source=rss------bug_bounty-5 | Anmol K Sachan | recon, shodan, asm, bug-bounty, attack-surface-management | 24-Jun-2024 |
13.30 Lab: Exploiting cross-site scripting to capture passwords | https://cyberw1ng.medium.com/13-30-lab-exploiting-cross-site-scripting-to-capture-passwords-bd3714035b4a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, penetration-testing, careers, cybersecurity | 24-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-8) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-8-3d5a833a4842?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-tips, bug-bounty, bug-bounty-program, bug-bounty-hunter, bug-bounty-writeup | 24-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-7) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-7-6a8786ecb6f4?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-program, bug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup | 24-Jun-2024 |
OTP Bypass through Session Manipulation | https://medium.com/@n4if/otp-bypass-through-session-manipulation-d73deceaa42f?source=rss------bug_bounty-5 | 0xNAiF | penetration-testing, bug-bounty, computer-science, cybersecurity | 24-Jun-2024 |
Insecure Direct Object Reference (IDOR) Walkthrough — VulnLab by Yavuzlar | https://medium.com/@muhammadriva/insecure-direct-object-reference-idor-walkthrough-vulnlab-by-yavuzlar-3d16ce3f5345?source=rss------bug_bounty-5 | Muhammad Riva Fanzury S | cybersecurity, bug-bounty, ethical-hacking, penetration-testing, idor-vulnerability | 24-Jun-2024 |
Cross Site Scripting (XSS) Walkthrough — VulnLab XSS by Yavuzlar | https://medium.com/@muhammadriva/cross-site-scripting-xss-walkthrough-vulnlab-xss-by-yavuzlar-149d14ab2d6b?source=rss------bug_bounty-5 | Muhammad Riva Fanzury S | cross-site-scripting, bug-bounty, cybersecurity, penetration-testing, ethical-hacking | 24-Jun-2024 |
OAuth CSRF: Exploiting the Authorization Code Flow for Account Takeover | https://medium.com/@cyberpro151/oauth-csrf-exploiting-the-authorization-code-flow-for-account-takeover-f67cee914d39?source=rss------bug_bounty-5 | cyberpro151 | web-security, account-takeover, bug-bounty, appsec, hacking | 24-Jun-2024 |
Bypassing Reset Password ATO (Account takeover) through JavaScript Breakpoints | https://medium.com/@asaad0x/bypassing-reset-password-ato-account-takeover-through-javascript-breakpoints-e71187ad7171?source=rss------bug_bounty-5 | Ahmad Asaad | account-takeover, bug-bounty, penetration-testing, cybersecurity, infosec | 24-Jun-2024 |
Poodle Haney Bug Bounty | https://medium.com/@haneypoodle/poodle-haney-bug-bounty-1b0a10a03689?source=rss------bug_bounty-5 | Poodle Haney | memecoins, haney, bug-bounty, poodle-haney | 24-Jun-2024 |
Tutorial Install Burpsuite Beginner | https://medium.com/@muhammadriva/tutorial-install-burpsuite-beginner-927375c22f94?source=rss------bug_bounty-5 | Muhammad Riva Fanzury S | bug-bounty, penetration-testing, cybersecurity, junior-pentester, burpsuite | 24-Jun-2024 |
Unrestricted File Upload Walkthrough — VulnLab by Yavuzlar | https://medium.com/@muhammadriva/unrestricted-file-upload-walkthrough-vulnlab-by-yavuzlar-76854ebafe84?source=rss------bug_bounty-5 | Muhammad Riva Fanzury S | penetration-testing, bug-bounty, remote-code-execution, cybersecurity, backdoor | 24-Jun-2024 |
Bypassing Reset Password ATO (Account takeover) through JavaScript Breakpoints | https://read.martiandefense.llc/bypassing-reset-password-ato-account-takeover-through-javascript-breakpoints-e71187ad7171?source=rss------bug_bounty-5 | Ahmad Asaad | account-takeover, bug-bounty, penetration-testing, cybersecurity, infosec | 24-Jun-2024 |
Next.js and cache poisoning: a quest for the black hole | https://medium.com/@zhero_/next-js-and-cache-poisoning-a-quest-for-the-black-hole-1ae634170a1e?source=rss------bug_bounty-5 | Rachid.A | hacking, bug-bounty, nextjs, web-security, javascript | 24-Jun-2024 |
Bug Bounty Programs: How Outsourcing Can Help Your Project — Sinhala Translation | https://medium.com/@integriteesrilanka/bug-bounty-programs-how-outsourcing-can-help-your-project-sinhala-translation-0a40a97e58c7?source=rss------bug_bounty-5 | Integritee Sri Lanka | bug-bounty, immunefi, blockchain | 24-Jun-2024 |
OTP Bypass through Session Manipulation | https://medium.com/@n4if/otp-bypass-through-session-manipulation-d73deceaa42f?source=rss------bug_bounty-5 | 0xn4if | penetration-testing, bug-bounty, computer-science, cybersecurity | 24-Jun-2024 |
How i got easy multiple RXSS | https://medium.com/@0xmekky/how-i-got-easy-multiple-rxss-dd3a6bc521dd?source=rss------bug_bounty-5 | abdelrahem mekky | xss-attack, penetration-testing, reflected-xss, web-app-security, bug-bounty | 23-Jun-2024 |
Complex Attack Types: Sample Scenarios 23 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-23-c0079166f4d9?source=rss------bug_bounty-5 | Baris Dincer | freedomofinternet, threat-intelligence, cybersecurity, penetration-testing, bug-bounty | 23-Jun-2024 |
13.29 Exploiting cross-site scripting to steal cookies | https://cyberw1ng.medium.com/13-29-exploiting-cross-site-scripting-to-steal-cookies-21c7d5851ea3?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, penetration-testing, cybersecurity, bug-bounty | 23-Jun-2024 |
Duplicate P1 in public program | https://medium.com/@mohamed.yasser442200/duplicate-p1-in-public-program-aa9ade8f61c3?source=rss------bug_bounty-5 | Spider4 | pentesting, bug-bounty-tips, authentication, hacking, bug-bounty | 23-Jun-2024 |
New 100$ Bug in My Methodology! | https://medium.com/@rewmcode/new-100-bug-in-my-methodology-60d99f0dafe2?source=rss------bug_bounty-5 | Ali Rem | bug-bounty-tips, hacking, hacker, bug-bounty | 23-Jun-2024 |
Chaining bugs for Account Takeover | https://medium.com/@hbenja47/chaining-bugs-for-account-takeover-0b90a2d952af?source=rss------bug_bounty-5 | Benja (bronxi) | hacking, bug-bounty | 23-Jun-2024 |
Guide to Using httpx | https://medium.com/@learntheshell/guide-to-using-httpx-a542cbdc4ed4?source=rss------bug_bounty-5 | LearnTheShell | cybersecurity, httpx, bug-bounty, linux, hacking | 22-Jun-2024 |
The Ultimate Shodan Search Guide for Cybersecurity Analysts | https://systemweakness.com/the-ultimate-shodan-search-guide-for-cybersecurity-analysts-283f17f56182?source=rss------bug_bounty-5 | Khaleel Khan | hacking, cybersecurity, infosec, bug-bounty, cheatsheet | 22-Jun-2024 |
How I Found a Simple IDOR Bug That Exposed Sensitive Data | https://medium.com/@dra0x0/how-i-found-a-simple-idor-bug-that-exposed-sensitive-data-36e6e9b508db?source=rss------bug_bounty-5 | dra0x0 | application-security, ethical-hacking, cybersecurity, software-testing, bug-bounty | 22-Jun-2024 |
How I found a .env file and can access the whole server of mysql | https://medium.com/@jeetpal2007/how-i-found-a-env-file-and-can-access-the-whole-server-of-mysql-a21af69cbd12?source=rss------bug_bounty-5 | JEETPAL | bug-bounty-tips, bug-bounty, cybersecurity, bugbounty-writeup, env-file | 22-Jun-2024 |
Practical Threat Hunting Using Known IOC IPs | https://medium.com/@paritoshblogs/practical-threat-hunting-using-known-ioc-ips-26a4eab0b616?source=rss------bug_bounty-5 | Paritosh | cybersecurity, incident-response, bug-bounty, ransomware, threat-hunting | 22-Jun-2024 |
CVE-2024–28999 SolarWinds Race Condition | https://medium.com/@0xSphinx/cve-2024-28999-solarwinds-race-condition-62e175339b46?source=rss------bug_bounty-5 | 0xSphinx | cybersecurity, bug-bounty, hacking, cyber-security-awareness, security | 22-Jun-2024 |
13.28 Lab: Reflected XSS into a template literal with angle brackets, single, double quotes… | https://cyberw1ng.medium.com/13-28-lab-reflected-xss-into-a-template-literal-with-angle-brackets-single-double-quotes-45602869f45f?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, bug-bounty, penetration-testing, cybersecurity | 22-Jun-2024 |
Found Bugs, Got paid, Stayed poor: Making a Living with Bug Bounties | https://slava-moskvin.medium.com/found-bugs-got-paid-stayed-poor-making-a-living-with-bug-bounties-04ba1fbbab73?source=rss------bug_bounty-5 | Path Cybersec [Slava Moskvin] | pentesting, reverse-engineering, cybersecurity, bug-bounty, offensive-security | 22-Jun-2024 |
Update on DNS problem with Lubuntu 24.04 | https://ariedwikusuma9.medium.com/update-on-dns-problem-with-lubuntu-24-04-5c48a903026f?source=rss------bug_bounty-5 | Ariekusuma | linux, lubuntu, ubuntu, wireguard, bug-bounty | 21-Jun-2024 |
Bypassing iCloud Web Access Restriction | https://ltsirkov.medium.com/bypassing-icloud-web-access-restriction-30cdf12b979c?source=rss------bug_bounty-5 | Lyubomir Tsirkov | bug-bounty, bug-bounty-tips, bugbounty-writeup, cybersecurity | 21-Jun-2024 |
How I Found 3 Bugs in a Single Day | https://medium.com/@dsmodi484/how-i-found-3-bugs-in-a-single-day-a690e2abd4fb?source=rss------bug_bounty-5 | Dishant Modi | offensive-security, vapt, idor, bugs, bug-bounty | 21-Jun-2024 |
Dork Like a Pro: Exploiting Google for Bug Bounty Wins | https://medium.com/@RaunakGupta1922/dork-like-a-pro-exploiting-google-for-bug-bounty-wins-fd2612d7fde3?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | google-dork, bug-bounty, vulnerability, hacking, cyber-security-awareness | 21-Jun-2024 |
Complex Attack Types: Sample Scenarios 22 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-22-f720da3d9dc3?source=rss------bug_bounty-5 | Baris Dincer | information-technology, penetration-testing, bug-bounty, cybersecurity, freedomofinternet | 21-Jun-2024 |
Broken Access Control on an E-commerce website allows attackers to lengthen trial plan | https://medium.com/@p00dl3/broken-access-control-on-an-e-commerce-website-allows-attackers-to-lengthen-trial-plan-e59f5976bca3?source=rss------bug_bounty-5 | p00dl3 | cybersecurity, bug-bounty | 21-Jun-2024 |
Say Goodbye to Pesky Bugs: Top Bug Zappers for Perfect Family Gatherings | https://medium.com/@seng4k2/say-goodbye-to-pesky-bugs-top-bug-zappers-for-perfect-family-gatherings-b23f405ac0c5?source=rss------bug_bounty-5 | Kear Seng | mosquito, insects, bugs, bug-bounty, pest-control | 21-Jun-2024 |
13.27 Lab: Reflected XSS into a JavaScript string with a single quote and backslash-escaped | https://cyberw1ng.medium.com/13-27-lab-reflected-xss-into-a-javascript-string-with-a-single-quote-and-backslash-escaped-2fbc757feb1a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, penetration-testing, bug-bounty, careers, cybersecurity | 21-Jun-2024 |
Exploring Web Infrastructure: Tools and Techniques for Effective Recon | https://medium.com/@Kaizen2977/exploring-web-infrastructure-tools-and-techniques-for-effective-recon-11907b7ec938?source=rss------bug_bounty-5 | kapil Chotalia | bug-bounty, penetration-testing, dns, email, cybersecurity | 21-Jun-2024 |
Quick & Easy $100 Bug That You Can Find In 5 minutes | https://levelup.gitconnected.com/quick-easy-100-bug-that-you-can-find-in-5-minutes-aeb4b16745d9?source=rss------bug_bounty-5 | Hamza Avvan | ethical-hacking, bug-bounty, cybersecurity, earn-money-online, api | 21-Jun-2024 |
Best Practices for Securing Your Decentralized Application | https://securrtech.medium.com/best-practices-for-securing-your-decentralized-application-d049a9ec547d?source=rss------bug_bounty-5 | Securr | blockchain, web3, security, securr, bug-bounty | 21-Jun-2024 |
Everything About EC-Council CEH | https://medium.com/@mazharshadab292/everything-about-ec-council-ceh-fb47b0392104?source=rss------bug_bounty-5 | Shadab Mazhar | hacking, social-media, computer-science, cybersecurity, bug-bounty | 21-Jun-2024 |
If youre looking for thorough and professional penetration testing services, youve come to the… | https://medium.com/@kafim3137/if-youre-looking-for-thorough-and-professional-penetration-testing-services-youve-come-to-the-ea3d1129b61f?source=rss------bug_bounty-5 | Farhad | bug-bounty, penetration-test, vulnerability, vulnerability-assessment, penetration-testing | 21-Jun-2024 |
Part 1- Everything You Need to Know About Browser Security Policies — SOP, CORS. | https://medium.com/@vikramroot/part-1-everything-you-need-to-know-about-browser-security-policies-sop-cors-3eb025fd3ab8?source=rss------bug_bounty-5 | vikram naidu | bugbounty-writeup, penetration-testing, application-security, cybersecurity, bug-bounty | 21-Jun-2024 |
Part 2- Everything You Need to Know About Browser Security Policies — CSP, Cookie Attributes, etc. | https://medium.com/@vikramroot/part-2-everything-you-need-to-know-about-browser-security-policies-csp-cookie-attributes-etc-3ea98f737b3a?source=rss------bug_bounty-5 | vikram naidu | penetration-testing, bug-bounty, product-security, cybersecurity, application-security | 21-Jun-2024 |
Microsoft Subdomain XSS Report — Published | https://ibrahimxss.medium.com/microsoft-subdomain-xss-report-published-3e4f54eea93c?source=rss------bug_bounty-5 | #IbrahimXSS | xss-attack, xss-bypass, bug-bounty, microsoft, xss-vulnerability | 21-Jun-2024 |
Discovering an XSS Vulnerability on Vue.js 2.6.10 WebApp | https://ibrahimxss.medium.com/discovering-an-xss-vulnerability-on-vue-js-2-6-10-webapp-e6c0cc88e840?source=rss------bug_bounty-5 | #IbrahimXSS | xss-attack, bug-bounty, xss-bypass, hacking, xss-vulnerability | 21-Jun-2024 |
Being Better at Burp | https://medium.com/@fat_zombi/being-better-at-burp-b9585186aa08?source=rss------bug_bounty-5 | Fatzombi | appsec, bug-bounty, proxy, burpsuite | 20-Jun-2024 |
OWASP Top 10 SQL Injection Vulnerability | https://medium.com/@Joshua_sk/owasp-top-10-sql-injection-vulnerability-97168af8978e?source=rss------bug_bounty-5 | Joshua_sk | vulnerability, web-hacking, bug-bounty, sql-injection, owasp-top-10 | 20-Jun-2024 |
Kraken Crypto Exchange Hit by $3 Million Theft Exploiting Zero-Day Flaw | https://medium.com/@malikijlal/kraken-crypto-exchange-hit-by-3-million-theft-exploiting-zero-day-flaw-6f218c3aef57?source=rss------bug_bounty-5 | Malik Ijlal | bug-bounty, cryptocurrency, cybersecurity, hacking, kraken | 20-Jun-2024 |
Getting Into Cybersecurity: A Roadmap | https://medium.com/@majix_de/getting-into-cybersecurity-a71cde8a57b3?source=rss------bug_bounty-5 | Majix | cybersecurity-tips, bug-bounty, infoseccareer, ethical-hacking, hack-to-learn | 20-Jun-2024 |
Untold story of Zomato XSS | https://medium.com/@info_4040/untold-story-of-zomato-xss-148c91d2faec?source=rss------bug_bounty-5 | Bug Detector's | xss-vulnerability, bug-bounty, bug-bounty-tips, penetration-testing, xss-attack | 20-Jun-2024 |
TryHackMe SQLMap Room | https://medium.com/@Joshua_sk/tryhackme-sqlmap-room-06fd30f8a0b1?source=rss------bug_bounty-5 | Joshua_sk | tryhackme, cybersecurity, sqlmap, bug-bounty, sql-injection | 20-Jun-2024 |
Kraken Faces Extortion Attempt After $3M Bug Exploit | https://medium.com/@whalecrypto/kraken-faces-extortion-attempt-after-3m-bug-exploit-f086f479a4f1?source=rss------bug_bounty-5 | Crypto Whale Medium | kraken, crypto-hack, blockchain-security, cryptoextortion, bug-bounty | 20-Jun-2024 |
Complex Attack Types: Sample Scenarios 21 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-21-e65a13b96002?source=rss------bug_bounty-5 | Baris Dincer | freedomofinternet, threat-intelligence, bug-bounty, penetration-testing, cybersecurity | 20-Jun-2024 |
OAuth Misconfiguration: Preemptive Account Registration Exploitation | https://mmnahian.medium.com/oauth-misconfiguration-preemptive-account-registration-exploitation-407be50d6037?source=rss------bug_bounty-5 | mmnahian | bug-bounty, information-security, bug-bounty-tips, sso, oauth | 20-Jun-2024 |
What is prototype pollution? | https://cyberw1ng.medium.com/what-is-prototype-pollution-76694f0db76a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, cybersecurity, hacking, penetration-testing | 20-Jun-2024 |
Very damn vulnerable government site 2.0 | https://medium.com/@bl4cksku11/very-damn-vulnerable-government-site-2-0-cf9535cbdb4e?source=rss------bug_bounty-5 | Bl4cksku11 | vulnerability, bug-bounty, research, hacking, red-team | 20-Jun-2024 |
IF YOU DON.T HAVE money, SELL YOUR CROSS SITE SCRIPTING | https://medium.com/@1daytosee/if-you-don-t-have-money-sell-your-cross-site-scripting-dc4b6bdd046f?source=rss------bug_bounty-5 | 1day2see | xss-attack, bug-bounty, pentesting, selling, hacking | 20-Jun-2024 |
Inside the Kraken $3M Hack: What Happened? | https://medium.com/@cryptopiannews/inside-the-kraken-3m-hack-what-happened-4a0af98c498e?source=rss------bug_bounty-5 | Cryptopiannews | bug-bounty, kraken, kraken-3m-hack, cryptopiannews, crypto-hack | 20-Jun-2024 |
How Static Analysis Uncovers Hidden Malware Threats ! | https://medium.com/@paritoshblogs/how-static-analysis-uncovers-hidden-malware-threats-7c62d132f7f8?source=rss------bug_bounty-5 | Paritosh | cybersecurity, malware, bug-bounty, static-malware-analysis, hacking | 19-Jun-2024 |
Analyzing a Major Web3 Vulnerability and Its Resolution | https://securrtech.medium.com/analyzing-a-major-web3-vulnerability-and-its-resolution-69955d55a0f6?source=rss------bug_bounty-5 | Securr | blockchain, bug-bounty, web3, security, securr | 19-Jun-2024 |
29.9 Lab: Remote code execution via server-side prototype pollution | https://cyberw1ng.medium.com/29-9-lab-remote-code-execution-via-server-side-prototype-pollution-d5c98bfe3e73?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, bug-bounty, cybersecurity, penetration-testing | 19-Jun-2024 |
Code Execution Vulnerability in Behave: A Deep Dive | https://medium.com/@piyushbhor22/code-execution-vulnerability-in-behave-a-deep-dive-b8c7431a71f9?source=rss------bug_bounty-5 | Pi | security-research, bug-bounty, code-review, cybersecurity, vulnerability-research | 19-Jun-2024 |
Mastering Bug Bounty: Tips and Strategies for Success | https://medium.com/@whitehatcyber404/mastering-bug-bounty-tips-and-strategies-for-success-df27b24f2009?source=rss------bug_bounty-5 | Cyber_catz | bug-bounty-writeup, bugbounty-writeup, bug-bounty-tips, bug-bounty, bugbounty-tips | 19-Jun-2024 |
Complex Attack Types: Sample Scenarios 19 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-19-2a39b7806616?source=rss------bug_bounty-5 | Baris Dincer | freedomofinternet, cybersecurity, bug-bounty, information-technology, penetration-testing | 19-Jun-2024 |
The Best Resources for Cybersecurity Pros and Bug Bounty Hunters | https://medium.com/@turvsec/the-best-resources-for-cybersecurity-pros-and-bug-bounty-hunters-f674c2abebb2?source=rss------bug_bounty-5 | TurvSec | pentesting, infosec, bug-bounty, cybersecurity | 19-Jun-2024 |
Unlocking the Future of Web Security with the #IBRAHIMXSS Tool | https://ibrahimxss.medium.com/unlocking-the-future-of-web-security-with-the-ibrahimxss-tool-a33843cdc259?source=rss------bug_bounty-5 | #IbrahimXSS | xss-vulnerability, bug-bounty, xss-attack, hacking, xss-bypass | 19-Jun-2024 |
A Place for Cybersecurity and Bug Bounty Content Creators to Shine | https://medium.com/@turvsec/a-place-for-cybersecurity-and-bug-bounty-content-creators-to-shine-fa0096ce2559?source=rss------bug_bounty-5 | TurvSec | bug-bounty, cybersecurity, infosec | 19-Jun-2024 |
Complex Attack Types: Sample Scenarios 20 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-20-f2f9e8f6725e?source=rss------bug_bounty-5 | Baris Dincer | freedomofinternet, cybersecurity, penetration-testing, bug-bounty, information-technology | 19-Jun-2024 |
Mastering Bug Bounty: Tips and Strategies for Success | https://medium.com/@cyber_catz/mastering-bug-bounty-tips-and-strategies-for-success-df27b24f2009?source=rss------bug_bounty-5 | cyber_catz | bug-bounty-writeup, bugbounty-writeup, bug-bounty-tips, bug-bounty, bugbounty-tips | 19-Jun-2024 |
Web App Sec RECON — Black Box Foundations and TTPs | https://medium.com/@meshcode/web-app-sec-recon-black-box-foundations-and-ttps-4bf095b7c004?source=rss------bug_bounty-5 | Mateusz (meshcode) | recon, stealth, web-app-security, infosec, bug-bounty | 19-Jun-2024 |
IDOR on HackerOne Embedded Submission Form | https://medium.com/pinoywhitehat/idor-on-hackerone-embedded-submission-form-9e59c6f044b3?source=rss------bug_bounty-5 | Japz Divino | hacking, pinoywhitehat, infosec, bug-bounty | 19-Jun-2024 |
Kraken’s $3 Million Bug Bounty Breach: Ethical Dilemmas and Security Challenges | https://medium.com/@MiamiCryptoCom/krakens-3-million-bug-bounty-breach-ethical-dilemmas-and-security-challenges-cc459b015fd8?source=rss------bug_bounty-5 | Miami Crypto | cryptocurrency-security, kraken, ethical-hacking, bug-bounty | 19-Jun-2024 |
Web App Sec RECON — Black Box Foundations and TTPs | https://medium.com/cyberpower-telenoia/web-app-sec-recon-black-box-foundations-and-ttps-4bf095b7c004?source=rss------bug_bounty-5 | Mateusz (meshcode) | recon, stealth, web-app-security, infosec, bug-bounty | 19-Jun-2024 |
Web App Sec RECON — Black Box Foundations and TTPs | https://medium.com/cyberpower-telenoia/web-app-sec-recon-black-box-foundations-and-ttps-4bf095b7c004?source=rss------bug_bounty-5 | Matty K. | recon, stealth, web-app-security, infosec, bug-bounty | 19-Jun-2024 |
Unmasking the Invisible Threat: The Ultimate Guide to Malware Analysis | https://medium.com/@paritoshblogs/unmasking-the-invisible-threat-the-ultimate-guide-to-malware-analysis-d287c4d74e7d?source=rss------bug_bounty-5 | Paritosh | malware-analysis, cybersecurity, information-technology, malware, bug-bounty | 18-Jun-2024 |
A Comprehensive Guide to Android App Pentesting for Bug Bounty Hunter | https://medium.com/@pankajkryadav1/a-comprehensive-guide-to-android-app-pentesting-for-bug-bounty-hunter-ada51e521814?source=rss------bug_bounty-5 | Pankaj kr Yadav | methodology, bug-bounty, android-pentesting, bug-bounty-tips | 18-Jun-2024 |
Exploring the DAO Hack: Lessons Learned for Web3 Security | https://securrtech.medium.com/exploring-the-dao-hack-lessons-learned-for-web3-security-08d23984af79?source=rss------bug_bounty-5 | Securr | dao, securr, web3, bug-bounty, web3-security | 18-Jun-2024 |
Subdomains Enumeration: Tools, Techniques, and Tips | https://medium.com/@Kaizen2977/subdomains-enumeration-tools-techniques-and-tips-4d43ea31dc0f?source=rss------bug_bounty-5 | kapil Chotalia | infosec, penetration-testing, bug-bounty, subdomain, enumeration | 18-Jun-2024 |
Intentions HackTheBox Walkthrough | https://d3athcod3.medium.com/intentions-hackthebox-walkthrough-ad2eb053e224?source=rss------bug_bounty-5 | D3athCod3 | cybersecurity, ethical-hacking, development, bug-bounty, hackthebox | 18-Jun-2024 |
How I got started in Cyber Security | Getting my first job and How you can too.. | https://captain-pool.medium.com/how-i-got-started-in-cyber-security-getting-my-first-job-and-how-you-can-too-dc52da614d6d?source=rss------bug_bounty-5 | Captain Pool | web-app-security, hackthebox, cybersecurity, bug-bounty, hacking | 18-Jun-2024 |
Server Access: Admin Panel and RFU Bypass | https://zvitox.medium.com/server-access-admin-panel-and-rfu-bypass-45af32057a2d?source=rss------bug_bounty-5 | Mohammad Sadra Naderi | report, tips, security, bug-bounty, hacking | 18-Jun-2024 |
How ChatGPT Turned Me into a Hacker | https://medium.com/@jonathanmondaut/how-chatgpt-turned-me-into-a-hacker-7469d5b43026?source=rss------bug_bounty-5 | Jonathan Mondaut | bug-bounty, openai, large-language-models, hacking, learning | 18-Jun-2024 |
Day 22 of our #CyberQuest1095 Day Challenge | https://d3athcod3.medium.com/day-22-of-our-cyberquest1095-day-challenge-c993ded22604?source=rss------bug_bounty-5 | D3athCod3 | bug-bounty, development, cybersecurity, hacking, challenge | 18-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-5) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-5-efb95db2210b?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-program, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-bounty-hunter | 18-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part -4) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-4-00e815fa8026?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-program, bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty | 18-Jun-2024 |
29.8 Lab: Bypassing flawed input filters for server-side prototype pollution | https://cyberw1ng.medium.com/29-8-lab-bypassing-flawed-input-filters-for-server-side-prototype-pollution-fa379f811a06?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, hacking, careers, bug-bounty, penetration-testing | 18-Jun-2024 |
Server Access: Admin Panel and RFU Bypass | https://zvitox.medium.com/server-access-admin-panel-and-rfu-bypass-45af32057a2d?source=rss------bug_bounty-5 | Mohammad Sadra Naderi (ZVitoX) | report, tips, security, bug-bounty, hacking | 18-Jun-2024 |
A Learning Journey: Attempting to Turn a WordPress Theme CVE into a PoC | https://medium.com/@motoko_ayanami/a-learning-journey-attempting-to-turn-a-wordpress-theme-cve-into-a-poc-225cde954493?source=rss------bug_bounty-5 | Motoko Ayanami | wordpress, wpscan, hacking, bug-bounty | 18-Jun-2024 |
Demystifying Bug Bounty Hunting: A Deep Dive into Cybersecurity's Hidden Gem | https://medium.com/@biswalsandeep594/demystifying-bug-bounty-hunting-a-deep-dive-into-cybersecuritys-hidden-gem-d8ad2d2d7fcb?source=rss------bug_bounty-5 | Sandeep priyadarshi Biswal | bug-bounty, hacking, cryptocurrency, software-engineering, cybersecurity | 18-Jun-2024 |
Guide to Using Nuclei | https://medium.com/@learntheshell/guide-to-using-nuclei-9c37869be30e?source=rss------bug_bounty-5 | LearnTheShell | bug-bounty, linux, vulnerability-scanning, cybersecurity | 18-Jun-2024 |
Brand-new prototype pollution gadget in MongoDB leading to RCE | https://medium.com/@vuusale/brand-new-prototype-pollution-gadget-in-mongodb-leading-to-rce-8c5e0087c15e?source=rss------bug_bounty-5 | Vuusale | cybersecurity, vulnerability, bug-bounty, npm | 17-Jun-2024 |
Breaking into the VIP Club: A Tale of Parameter Tampering Exploits | https://systemweakness.com/breaking-into-the-vip-club-a-tale-of-parameter-tampering-exploits-83df7b6b9691?source=rss------bug_bounty-5 | Jody ritonga | web, bug-bounty, hacking, bugs, bug-bounty-tips | 17-Jun-2024 |
Understanding Web3 Bug Bounties: How They Enhance Blockchain Security | https://securrtech.medium.com/understanding-web3-bug-bounties-how-they-enhance-blockchain-security-ac9e8361d7cf?source=rss------bug_bounty-5 | Securr | web3, bug-bounty, hacker, web3bugbounty, security | 17-Jun-2024 |
Hunting for Origin IP: A Beginner’s Guide | https://medium.com/@pruthu.raut/hunting-for-origin-ip-a-beginners-guide-70235f3dd415?source=rss------bug_bounty-5 | PRUTHU RAUT | cyber-security-awareness, bug-bounty, cybersecurity, bug-bounty-tips, bug-hunting | 17-Jun-2024 |
29.7 Lab: Detecting server-side prototype pollution without polluted property reflection | https://cyberw1ng.medium.com/29-7-lab-detecting-server-side-prototype-pollution-without-polluted-property-reflection-50e36dbe2629?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, hacking, bug-bounty, penetration-testing, careers | 17-Jun-2024 |
OSINT FOR BUG HUNTER | https://medium.com/@Progsky/osint-for-bug-hunter-4ae5c700a13a?source=rss------bug_bounty-5 | Progsky | osint, hacking, bug-bounty | 17-Jun-2024 |
Cross-Site Scripting via Web Cache Poisoning and WAF bypass | https://ltsirkov.medium.com/cross-site-scripting-via-web-cache-poisoning-and-waf-bypass-6cb3412d9e11?source=rss------bug_bounty-5 | Lyubomir Tsirkov | bug-bounty, bug-bounty-tips | 17-Jun-2024 |
Naabu | https://medium.com/@roymemory2018/naabu-21c5438e05ae?source=rss------bug_bounty-5 | Audity Memory Roy | naabu, port-scanner, kali-tools, bug-bounty, penetration-testing | 17-Jun-2024 |
0xhashimRESETriddle: Vulnerable Web Application | https://medium.com/@hashimamin/0xhashimresetriddle-4f3270411800?source=rss------bug_bounty-5 | Hashim Amin | vulnerability-management, bug-bounty, vulnerability, portswigger, cybersecurity | 17-Jun-2024 |
Brand-new prototype pollution gadget in MongoDB leading to RCE | https://systemweakness.com/brand-new-prototype-pollution-gadget-in-mongodb-leading-to-rce-8c5e0087c15e?source=rss------bug_bounty-5 | Vuusale | cybersecurity, vulnerability, bug-bounty, npm | 17-Jun-2024 |
29.6 Lab: Privilege escalation via server-side prototype pollution | https://cyberw1ng.medium.com/29-6-lab-privilege-escalation-via-server-side-prototype-pollution-4895762ce7d6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, penetration-testing, careers, hacking | 16-Jun-2024 |
Broken Link Hijacking | https://medium.com/@saeidmicro/broken-link-hijacking-8ff4808a6cd2?source=rss------bug_bounty-5 | Saeid Khater | broken-link-hijacking, bug-bounty, cybersecurity | 16-Jun-2024 |
Bug Zero — This month in CyberSecurity (June 1–15) | https://blog.bugzero.io/bug-zero-this-month-in-cybersecurity-june-1-15-51c4d918b5ae?source=rss------bug_bounty-5 | Akila Maithripala | cybersecurity, bug-zero, newsletter, bug-bounty | 16-Jun-2024 |
Mastering Unauthenticated XSS Detection: Best Burp Suite Configurations for XSS Hunting | https://medium.com/@mayank_prajapati/mastering-unauthenticated-xss-detection-best-burp-suite-configurations-for-xss-hunting-523d78ecfda8?source=rss------bug_bounty-5 | Mayank Kumar Prajapati | bug-bounty, xss-attack, hunting, hacking, penetration-testing | 16-Jun-2024 |
Introducing r3conwhal3: Your Go-To Recon Automation Framework | https://ibrahimtahaistikbal.medium.com/introducing-r3conwhal3-your-go-to-recon-automation-framework-c8840f3a4e0b?source=rss------bug_bounty-5 | İbrahim Taha İstikbal | bug-bounty, security-tool, bug-bounty-tool, penetration-testing, reconnaissance | 16-Jun-2024 |
Direct access to admin dashboard via leaked credentials | https://medium.com/@saeidmicro/direct-access-to-admin-dashboard-via-leaked-credentials-d1ed9bd18edb?source=rss------bug_bounty-5 | Saeid Khater | bug-bounty, cybersecurity | 16-Jun-2024 |
Complex Attack Types: Sample Scenarios 17 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-17-b73b1854ddbd?source=rss------bug_bounty-5 | Baris Dincer | cybersecurity, bug-bounty, threat-intelligence, freedomofinternet, penetration-testing | 16-Jun-2024 |
Hacking (not only) for Money | https://medium.com/@guce/hacking-not-only-for-money-e71d72ab8c55?source=rss------bug_bounty-5 | gu ce | cybersecurity, bug-bounty, bug-bounty-program, vulnerability-assessment | 16-Jun-2024 |
Day 20 of Our #CyberQuest1095 Day Challenge | https://d3athcod3.medium.com/day-20-of-our-cyberquest1095-day-challenge-680fbd060cb5?source=rss------bug_bounty-5 | D3athCod3 | cybersecurity, challenge, penetration-testing, hacker, bug-bounty | 16-Jun-2024 |
Enumeração de subdomínios de diferentes fontes | https://medium.com/@souzaw/enumera%C3%A7%C3%A3o-de-subdom%C3%ADnios-de-diferentes-fontes-9c67f5bc59e3?source=rss------bug_bounty-5 | Wagner Souza | shell, bug-bounty, pentest, osint | 16-Jun-2024 |
Complex Attack Types: Sample Scenarios 18 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-18-efaf527942ba?source=rss------bug_bounty-5 | Baris Dincer | freedomofinternet, bug-bounty, penetration-testing, information-technology, cybersecurity | 16-Jun-2024 |
Secrets in the Wild: Uncovering Hidden Threats | https://medium.com/@dzianisskliar29/secrets-in-the-wild-uncovering-hidden-threats-9b26bf180d0c?source=rss------bug_bounty-5 | Dzianis Skliar | bug-bounty, cybersecurity, threat-intelligence, penetration-testing | 16-Jun-2024 |
Top 10 Search Engines Every Cybersecurity Professional Should Know | https://ikhaleelkhan.medium.com/top-10-search-engines-every-cybersecurity-professional-should-know-ad92a80ce5e6?source=rss------bug_bounty-5 | Khaleel Khan | bug-bounty, ethical-hacking, hacking, cybersecurity, infosec | 15-Jun-2024 |
[Bounty Weekend] View Any User Design With Simple Path Traversal IDOR | https://medium.com/@rifqihz/bounty-weekend-view-any-user-design-with-simple-path-traversal-idor-5fe0f59f56a6?source=rss------bug_bounty-5 | Rifqi Hilmy Zhafrant | hackerone, bug-bounty, broken-access-control | 15-Jun-2024 |
[Bounty Weekend] Possible Code Execution With Integration Script Tampering | https://medium.com/@rifqihz/bounty-weekend-possible-code-execution-with-integration-script-tampering-f38691e99d4b?source=rss------bug_bounty-5 | Rifqi Hilmy Zhafrant | hackerone, bug-bounty, cloud | 15-Jun-2024 |
Unveiling the Secret World of Google Dorks: How Hackers Use These Search Tricks to Access Your… | https://systemweakness.com/unveiling-the-secret-world-of-google-dorks-how-hackers-use-these-search-tricks-to-access-your-117c53c05705?source=rss------bug_bounty-5 | Khaleel Khan | cybersecurity, bug-bounty, infosec, hacking, google | 15-Jun-2024 |
Top 10 Search Engines Every Cybersecurity Professional Should Know | https://medium.com/the-shaco/top-10-search-engines-every-cybersecurity-professional-should-know-ad92a80ce5e6?source=rss------bug_bounty-5 | Khaleel Khan | bug-bounty, ethical-hacking, hacking, cybersecurity, infosec | 15-Jun-2024 |
29.5 Lab: Client-side prototype pollution in third-party libraries | https://cyberw1ng.medium.com/29-5-lab-client-side-prototype-pollution-in-third-party-libraries-e767b8352862?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, penetration-testing, careers, cybersecurity, bug-bounty | 15-Jun-2024 |
Intelligence HackTheBox Walkthrough | Active Directory | https://d3athcod3.medium.com/intelligence-hackthebox-walkthrough-active-directory-d9cb695201ce?source=rss------bug_bounty-5 | D3athCod3 | computer-science, bug-bounty, cybersecurity, hackthebox, hacking | 15-Jun-2024 |
Desvendando uma Vulnerabilidade no Single Sign-On do Facebook: Minha Jornada e Recompensa de $3.000 | https://medium.com/@patrick-mns/desvendando-uma-vulnerabilidade-no-single-sign-on-do-facebook-minha-jornada-e-recompensa-de-3-000-9c1bcd2a9f4d?source=rss------bug_bounty-5 | Patrick Manoel | hackerone, meta, facebook, hacker, bug-bounty | 15-Jun-2024 |
Complex Attack Types: Sample Scenarios 16 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-16-2424fcc0af62?source=rss------bug_bounty-5 | Baris Dincer | bug-bounty, information-technology, freedomofinternet, cybersecurity, penetration-testing | 15-Jun-2024 |
How I hacked a marriage database: tale of IDOR | https://medium.com/@alimuhammadsecured/how-i-hacked-a-marriage-database-tale-of-idor-b4f951d23aa6?source=rss------bug_bounty-5 | Alimuhammadsecured | web-app-security, bug-bounty, penetration-testing, cybersecurity | 14-Jun-2024 |
Postmortem a HTTP Request | https://medium.com/@RaunakGupta1922/postmortem-a-http-request-9599bb9d994b?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | hacking, burpsuite, http-request, web, bug-bounty | 14-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part — 3) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-3-141b7bfa6ed6?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-program | 14-Jun-2024 |
Complex Attack Types: Sample Scenarios 15 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-15-44899075e8fd?source=rss------bug_bounty-5 | Baris Dincer | freedomofinternet, penetration-testing, information-technology, bug-bounty, cybersecurity | 14-Jun-2024 |
How I Discovered a Critical Vulnerability in a Message Tracking System | https://adarshkrduaby.medium.com/how-i-discovered-a-critical-vulnerability-in-a-message-tracking-system-590b3518dcb8?source=rss------bug_bounty-5 | Adarsh Kumar | hacking, bug-report, programming, bug-hunting, bug-bounty | 14-Jun-2024 |
29.4 Lab: DOM XSS via an alternative prototype pollution vector | https://cyberw1ng.medium.com/29-4-lab-dom-xss-via-an-alternative-prototype-pollution-vector-6ad80e62c8c8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, hacking, cybersecurity, penetration-testing | 14-Jun-2024 |
Discovering Critical Security Vulnerabilities: My Journey into Microsoft’s Release Plans Subdomain | https://ibrahimxss.medium.com/discovering-critical-security-vulnerabilities-my-journey-into-microsofts-release-plans-subdomain-c47621b2da2d?source=rss------bug_bounty-5 | #IbrahimXSS | html-injection, microsoft, xss-attack, bug-bounty, stored-xss | 14-Jun-2024 |
How i discovered my first CVE | https://1-day.medium.com/how-i-discovered-my-first-cve-3692fab374ab?source=rss------bug_bounty-5 | 1day | bug-bounty, bug-bounty-tips, cve, bug-hunting, ethical-hacking | 14-Jun-2024 |
Bug bounty: managing disappointment, avoiding burnout and consistent growth | https://medium.com/@un1tycyb3r/bug-bounty-managing-disappointment-avoiding-burnout-and-consistent-growth-df1e6195ca4e?source=rss------bug_bounty-5 | Un1tycyb3r | bug-bounty | 14-Jun-2024 |
Discovering a Reflected XSS Vulnerability: My Journey into Microsoft’s Xbox.com | https://ibrahimxss.medium.com/discovering-a-reflected-xss-vulnerability-my-journey-into-microsofts-xbox-com-d607751be100?source=rss------bug_bounty-5 | #IbrahimXSS | bug-bounty, xss-attack, microsoft, xss-vulnerability, xbox | 14-Jun-2024 |
Discovering 10 XSS Vulnerabilities: My Journey into Microsoft’s Support Platforms | https://ibrahimxss.medium.com/discovering-10-xss-vulnerabilities-my-journey-into-microsofts-support-platforms-b19c4e520c90?source=rss------bug_bounty-5 | #IbrahimXSS | xss-attack, xss-filter-bypass, microsoft, bug-bounty, xss-vulnerability | 14-Jun-2024 |
Discovering Critical Security Vulnerabilities: My Journey into Microsoft’s Tech Community Portal | https://ibrahimxss.medium.com/discovering-critical-security-vulnerabilities-my-journey-into-microsofts-tech-community-portal-068505cd4316?source=rss------bug_bounty-5 | #IbrahimXSS | xss-attack, microsoft, bug-bounty, xss-bypass, xss-vulnerability | 14-Jun-2024 |
Discovering Critical Security Vulnerabilities: My Journey into Microsoft’s Power Apps Portal | https://ibrahimxss.medium.com/discovering-critical-security-vulnerabilities-my-journey-into-microsofts-power-apps-portal-86e28311448e?source=rss------bug_bounty-5 | #IbrahimXSS | xss-attack, xss-vulnerability, bug-bounty, microsoft, xss-filter-bypass | 14-Jun-2024 |
Discovering a Reflected XSS Filter Bypass: My Journey into Microsoft’s Support UAT Subdomain | https://ibrahimxss.medium.com/discovering-a-reflected-xss-filter-bypass-my-journey-into-microsofts-support-uat-subdomain-f9be22d8d795?source=rss------bug_bounty-5 | #IbrahimXSS | microsoft, xss-vulnerability, filter-bypass, xss-bypass, bug-bounty | 14-Jun-2024 |
Discovering a CRLF Injection Vulnerability: My Journey into the MSRC Blog Website | https://ibrahimxss.medium.com/discovering-a-crlf-injection-vulnerability-my-journey-into-the-msrc-blog-website-5285169adddb?source=rss------bug_bounty-5 | #IbrahimXSS | bug-bounty, microsoft, xss-attack, crlf-injection | 14-Jun-2024 |
Discovering a Critical Security Vulnerability: My Journey into Microsoft’s Lists Subdomain | https://ibrahimxss.medium.com/discovering-a-critical-security-vulnerability-my-journey-into-microsofts-lists-subdomain-f3e95ce68929?source=rss------bug_bounty-5 | #IbrahimXSS | bug-bounty, xss-bypass, microsoft, xss-attack, xss-vulnerability | 14-Jun-2024 |
List of Easy P4 $$$$ | https://medium.com/@anonymoustriager/list-of-easy-p4-85ffb9d493ed?source=rss------bug_bounty-5 | Anonymous Triager | hacking, bugbounty-tips, easy-money, bugbounty-writeup, bug-bounty | 13-Jun-2024 |
ICMTC CTF 2023 — International Competition of the Military Technical College | https://0xm4r5h4l.medium.com/icmtc-ctf-2023-international-competition-of-the-military-technical-college-65788f3c01a0?source=rss------bug_bounty-5 | 0xM4r5h4l | ctf-writeup, bug-bounty, ctf, ctf-walkthrough, cybersecurity | 13-Jun-2024 |
The Best Games for Practicing Game Hacking | https://medium.com/@MrRipperoni/the-best-games-for-practicing-game-hacking-baba13493db8?source=rss------bug_bounty-5 | Mr.Ripperoni | bug-bounty, reverse-engineering, hacking, gamehacking, coding | 13-Jun-2024 |
Path Traversal and RCE in Online Compilers | https://medium.com/@amal_n47h/path-traversal-and-rce-in-online-compilers-454a446effca?source=rss------bug_bounty-5 | Amal Nath | rce, online-compiler, bug-bounty, path-traversal, vulnerability | 13-Jun-2024 |
Hacking Using Shodan | https://medium.com/@umarhere4u/hacking-using-shodan-3c4d46df81df?source=rss------bug_bounty-5 | Mohammad Umar Kachi | shodan, cybersecurity, bug-bounty, tips, search-engine-optimizati | 13-Jun-2024 |
Understanding and Mitigating Cross-Site Request Forgery (CSRF) | https://medium.com/technology-hits/understanding-and-mitigating-cross-site-request-forgery-csrf-399d26627e60?source=rss------bug_bounty-5 | Yeu Lind Yeo | web-security, csrf, cybersecurity-awareness, bug-bounty, hacker | 13-Jun-2024 |
Stealing credentials using XSS (xss on login page) Your password my password . | https://medium.com/@brutal_panda/stealing-credentials-using-xss-xss-on-login-page-your-password-my-password-059354240801?source=rss------bug_bounty-5 | Eliezer Binyam | bug-bounty | 13-Jun-2024 |
Interview with Georgi Krastenov: Diving Deep into Web3 Security | https://web3-bug-bounty-platform.medium.com/interview-with-georgi-krastenov-diving-deep-into-web3-security-f6fae1f290f1?source=rss------bug_bounty-5 | Bug Bounty Platform | security-audit, web3, bug-bounty, cybersecurity | 13-Jun-2024 |
Finding the newest and top-rated cybersecurity tools and content. | https://medium.com/@turvsec/finding-the-newest-and-top-rated-cybersecurity-tools-and-content-a06c9cb54e41?source=rss------bug_bounty-5 | TurvSec | pentesting, bug-bounty, cybersecurity, infosec | 13-Jun-2024 |
Direct SSRF Leads to Exposing GitHub Codespaces Sensitive Metadata Instance on Azure Cloud | https://ph-hitachi.medium.com/direct-ssrf-leads-to-exposing-github-codespaces-sensitive-metadata-instance-on-azure-cloud-eb8ac4f076b1?source=rss------bug_bounty-5 | Ph.Hitachi | ssrf, bug-bounty, tips-and-tricks, metadata | 13-Jun-2024 |
Hata Ödül Programları: Dış Kaynak Kullanımı Projenize Nasıl Yardımcı Olabilir? | https://medium.com/@integriteetr/hata-%C3%B6d%C3%BCl-programlar%C4%B1-d%C4%B1%C5%9F-kaynak-kullan%C4%B1m%C4%B1-projenize-nas%C4%B1l-yard%C4%B1mc%C4%B1-olabilir-9e55995ec74a?source=rss------bug_bounty-5 | Integriteetr | bug-bounty, immunefi, blockchain | 13-Jun-2024 |
29.3 Lab: Client-side prototype pollution via flawed sanitization | https://cyberw1ng.medium.com/29-3-lab-client-side-prototype-pollution-via-flawed-sanitization-ce78a48758fa?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, penetration-testing, careers, bug-bounty, hacking | 13-Jun-2024 |
Breaking Business Logic — Part: 42–4= 2 | https://thehemdeep.medium.com/breaking-business-logic-part-42-4-2-d8509ef70436?source=rss------bug_bounty-5 | Hemdeep Gamit | web-penetration-testing, web-security-testing, web-security, bug-bounty | 13-Jun-2024 |
You Won’t Believe What We Found Using Shodan! | https://medium.com/@paritoshblogs/you-wont-believe-what-we-found-using-shodan-e796e13417a3?source=rss------bug_bounty-5 | Paritosh | cybersecurity, bug-bounty, information-security, hacking, shodan | 12-Jun-2024 |
Using Shodan to Find and Exploit FTP Servers with Anonymous Access: A Step-by-Step Guide | https://systemweakness.com/using-shodan-to-find-and-exploit-ftp-servers-with-anonymous-access-a-step-by-step-guide-86a5b6e72f75?source=rss------bug_bounty-5 | Khaleel Khan | ethical-hacking, pentesting, hacking, bug-bounty, ctf-writeup | 12-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-2) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-2-ef65d69de157?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-program, bug-bounty, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-tips | 12-Jun-2024 |
Hacking the Imaginary: A Journey to Discovering a Blind SSRF | https://medium.com/@kandar.souvik6/hacking-the-imaginary-a-journey-to-discovering-a-blind-ssrf-657aac60d8d0?source=rss------bug_bounty-5 | hacker_might | penetration-testing, server-side-request, ssrf, bug-bounty, imaginaries | 12-Jun-2024 |
Securing 10,000+ Restaurants’ Customer PII Data | https://infosecwriteups.com/securing-10-000-restaurants-customer-pii-data-60013c9b44dc?source=rss------bug_bounty-5 | Renganathan | it-solutions, information-technology, bug-bounty, cybersecurity, bug-bounty-tips | 12-Jun-2024 |
29.2 Lab: DOM XSS via client-side prototype pollution | https://cyberw1ng.medium.com/29-2-lab-dom-xss-via-client-side-prototype-pollution-ebee89f58933?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, hacking, bug-bounty, penetration-testing | 12-Jun-2024 |
ExtPenPy: Accelerate Your Reconnaissance Phase with Ease | https://medium.com/@maliktawfiq12/extpenpy-accelerate-your-reconnaissance-phase-with-ease-e79a164d4f68?source=rss------bug_bounty-5 | Maliktawfiq | cybersecurity, penetration-testing, bug-bounty-tips, bug-bounty, external-pentest | 12-Jun-2024 |
Securing 10,000+ Restaurants’ Customer PII Data | https://renganathanofficial.medium.com/securing-10-000-restaurants-customer-pii-data-60013c9b44dc?source=rss------bug_bounty-5 | Renganathan | it-solutions, information-technology, bug-bounty, cybersecurity, bug-bounty-tips | 12-Jun-2024 |
How I get an easy Blind SSRF by just reading writeups | https://medium.com/@mohamed0xmuslim/how-i-get-an-easy-blind-ssrf-by-just-reading-writeups-a5459bbdf96d?source=rss------bug_bounty-5 | Muhammad_Mostafa | bug-bounty, bugbounty-writeup, bug-bounty-tips | 12-Jun-2024 |
HackerOne’s Double Standards: A Security Researcher’s Nightmare | https://medium.com/@redworld/hackerones-double-standards-a-security-researcher-s-nightmare-642be91ca64b?source=rss------bug_bounty-5 | Red | cybersecurity, bug-bounty, hackerone, scam-alert, scam | 11-Jun-2024 |
Account Takeover (ATO) Checklist | https://medium.com/@anonymoustriager/account-takeover-ato-checklist-f67d2543b01f?source=rss------bug_bounty-5 | Anonymous Triager | bug-bounty-program, bug-bounty-writeup, bugbounty-tips, bugbounty-poc, bug-bounty | 11-Jun-2024 |
BBB #2 — Introducing Daneel | https://medium.com/@JakobTheDev/bbb-2-introducing-daneel-69a391294654?source=rss------bug_bounty-5 | Jakob Pennington | software-development, bug-bounty | 11-Jun-2024 |
How I found OpenHAB Automation Panels Accessible Without Authentication | https://medium.com/@jeetpal2007/how-i-found-openhab-automation-panels-accessible-without-authentication-d9edbb3280fd?source=rss------bug_bounty-5 | JEETPAL | bug-bounty-writeup, bug-bounty, authentication-bypass, bugbounty-tips, openhab-panel | 11-Jun-2024 |
How to exploit CVE-2024–24919 path traversal | https://medium.com/@jeetpal2007/how-to-exploit-cve-2024-24919-path-traversal-5493c50d2581?source=rss------bug_bounty-5 | JEETPAL | bug-bounty, bug-bounty-writeup, bug-bounty-tips, path-traversal, cve-2024-24919 | 11-Jun-2024 |
Forensic Investigation Operations — Basic Linux File System Analysis | https://medium.com/@brsdncr/forensic-investigation-operations-basic-linux-file-system-analysis-52025d7b2ec2?source=rss------bug_bounty-5 | Baris Dincer | forensics, penetration-testing, bug-bounty, freedomofinternet, cybersecurity | 11-Jun-2024 |
1250 $ For 3 Stored XSS AND PII Disclosure , Let’s See How FIS Scammed Me AND Bugcrowd Covered It… | https://medium.com/@0xAwali/1250-for-3-stored-xss-and-pii-disclosure-lets-see-how-fis-scammed-me-and-bugcrowd-covered-it-8561d9ce57b5?source=rss------bug_bounty-5 | Mahmoud M. Awali | bug-bounty | 11-Jun-2024 |
Explaining the OWASP ZAP Proxy & Burp Suite tool in one video in just one hour | https://gentilsecurity.medium.com/explaining-the-owasp-zap-proxy-burp-suite-tool-in-one-video-in-just-one-hour-537bd7801134?source=rss------bug_bounty-5 | GenTiL | owaspzap, automation-testing, burpsuite, penetration-testing, bug-bounty | 11-Jun-2024 |
شرح اداة OWASP ZAP Proxy & Burp Suite في فيديو واحد في ساعة واحدة فقط | https://gentilsecurity.medium.com/%D8%B4%D8%B1%D8%AD-%D8%A7%D8%AF%D8%A7%D8%A9-owasp-zap-proxy-burp-suite-%D9%81%D9%8A-%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%88%D8%A7%D8%AD%D8%AF-%D9%81%D9%8A-%D8%B3%D8%A7%D8%B9%D8%A9-%D9%88%D8%A7%D8%AD%D8%AF%D8%A9-%D9%81%D9%82%D8%B7-4e4c5e1142bf?source=rss------bug_bounty-5 | GenTiL | owaspzap, automation-testing, bug-bounty, penetration-testing, burpsuite | 11-Jun-2024 |
29.1 Lab: Client-side prototype pollution via browser APIs | https://cyberw1ng.medium.com/29-1-lab-client-side-prototype-pollution-via-browser-apis-642e91b8159d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, bug-bounty, penetration-testing, cybersecurity | 11-Jun-2024 |
Uncovering Hidden Web Content with ffuf | https://medium.com/@umang.gulati19/uncovering-hidden-web-content-with-ffuf-55d29b21e627?source=rss------bug_bounty-5 | Math and Code | cybersecurity, bug-bounty, webfuzzing, web-security, infosec | 11-Jun-2024 |
OWASP Mobile Top 10 for Android Penetration Testing and Checklist | https://medium.com/@phyowathone/owasp-mobile-top-10-52987725a12c?source=rss------bug_bounty-5 | Phyo WaThone Win | bug-bounty, bug-bounty-tips, androidhacking, android-security, android-pentesting-series | 11-Jun-2024 |
Understand the world of Bug Bounty | https://medium.com/@hydd3n.sec/understand-the-world-of-bug-bounty-595c99b6782d?source=rss------bug_bounty-5 | Hydd3n | mindset, bug-bounty, infosec, goals | 10-Jun-2024 |
Automation Tool for Easy P4 | https://medium.com/@anonymoustriager/automation-tool-for-easy-p4-c159bcae0cf2?source=rss------bug_bounty-5 | Anonymous Triager | bugbounty-tips, bug-bounty-program, hacking, bug-bounty, bugbounty-writeup | 10-Jun-2024 |
28.5 Lab: Server-side template injection with information disclosure via user-supplied objects | https://cyberw1ng.medium.com/28-5-lab-server-side-template-injection-with-information-disclosure-via-user-supplied-objects-bbb18def43e1?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, hacking, careers, penetration-testing | 10-Jun-2024 |
Communication and Network Security | https://medium.com/@paritoshblogs/communication-and-network-security-bb6c5558aa51?source=rss------bug_bounty-5 | Paritosh | cybersecurity, communication, bug-bounty, network-security, hacking | 10-Jun-2024 |
Top 10 Cybersecurity Vulnerabilities and it’s Mitigation Methods | https://securrtech.medium.com/top-10-cybersecurity-vulnerabilities-and-its-mitigation-methods-0a5d75aceb34?source=rss------bug_bounty-5 | Securr | bug-bounty, cybersecurity, xss-attack, hacking, vulnerability | 10-Jun-2024 |
Become a White Hat: Your Guide to Learning Ethical Hacking | https://medium.com/@itsamanyadav/become-a-white-hat-your-guide-to-learning-ethical-hacking-022842c49eec?source=rss------bug_bounty-5 | Its Aman Yadav | hacker, cybersecurity, hacking, learn-ethical-hacking, bug-bounty | 10-Jun-2024 |
Why Bad Reviews Can Kill Your Software | https://medium.com/@joseph_52850/why-bad-reviews-can-kill-your-software-928f4af30a53?source=rss------bug_bounty-5 | Joseph Lacsamana | software-testing, software-development, bug-bounty, software-company, software-engineering | 10-Jun-2024 |
I reported Zero-Day (CVE-2024–24919) … and got informative. | https://systemweakness.com/i-reported-zero-day-cve-2024-24919-and-got-informative-25409fac9765?source=rss------bug_bounty-5 | Sumedh Dawadi | cve-2024-24919, recon, hacking, zero-day-vulnerability, bug-bounty | 10-Jun-2024 |
POC — CVE-2024–4956 -Unauthenticated Path Traversal | https://medium.com/@verylazytech/poc-cve-2024-4956-unauthenticated-path-traversal-f24b1a595e0e?source=rss------bug_bounty-5 | Very Lazy Tech | hacking, bug-bounty, cve-2023-4966, vulnerability, cybersecurity | 10-Jun-2024 |
Bug Bounty Programs: How Outsourcing Can Help Your Project | https://medium.com/integritee/bug-bounty-programs-how-outsourcing-can-help-your-project-644539de575a?source=rss------bug_bounty-5 | Integritee Network | blockchain, bug-bounty, immunefi | 10-Jun-2024 |
How I Found My First Bug Through Simple Fuzzing | https://medium.com/@hashimamin/how-i-found-my-first-bug-through-simple-fuzzing-c7d694a59a6b?source=rss------bug_bounty-5 | Hashim Amin | bugbounty-writeup, bug-bounty-tips, bugcrowd, bug-bounty, infosec | 10-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part -1) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-1-21a87e35fdfa?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, bug-bounty, hacking | 09-Jun-2024 |
How to Identify Vulnerable Hikvision Devices (IoT) to CVE-2017–7921 | https://blog.bugzero.io/how-to-identify-vulnerable-hikvision-devices-iot-to-cve-2017-7921-88b294645687?source=rss------bug_bounty-5 | Kawya De Silva | hikvison-cameras, security-alert, cybersecurity, bug-zero, bug-bounty | 09-Jun-2024 |
How to Become a Hacker in 2024: A Comprehensive Guide | https://medium.com/@itsamanyadav/how-to-become-a-hacker-in-2024-a-comprehensive-guide-9bae6cfa6b15?source=rss------bug_bounty-5 | Its Aman Yadav | bug-bounty, become-a-hacker, hacker-in-2024, how-to-be-a-hacker, hacking-courses | 09-Jun-2024 |
Discovering a vulnerability in HackerOne | https://medium.com/@loaymorad11/discovering-a-vulnerability-in-hackerone-00bbfc438d90?source=rss------bug_bounty-5 | Loaymorad | penetration-testing, hackerone, bug-bounty, cybersecurity | 09-Jun-2024 |
Advanced Exploitation Techniques for Bug Bounty: Beyond the Basics | https://medium.com/@verylazytech/advanced-exploitation-techniques-for-bug-bounty-beyond-the-basics-2ee9cbc12773?source=rss------bug_bounty-5 | Very Lazy Tech | cyber, hacking, cybersecurity, bug-bounty, exploit | 09-Jun-2024 |
28.4 Lab: Server-side template injection in an unknown language with a documented exploit | https://cyberw1ng.medium.com/28-4-lab-server-side-template-injection-in-an-unknown-language-with-a-documented-exploit-df988ccf6277?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, penetration-testing, cybersecurity, bug-bounty | 09-Jun-2024 |
Complex Attack Types: Sample Scenarios 13 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-13-8a5008c396db?source=rss------bug_bounty-5 | Baris Dincer | freedomofinternet, bug-bounty, cybersecurity, threat-intelligence, penetration-testing | 09-Jun-2024 |
STRIPE API-Key Disclosure to Bounty | https://starlox.medium.com/stripe-api-key-disclosure-to-bounty-239d069f2455?source=rss------bug_bounty-5 | #$ubh@nk@r | bug-bounty, hacking, infosec, bug-hunting, information-disclosure | 09-Jun-2024 |
HOW I HACKED NASA? | https://infosecwriteups.com/how-i-hacked-nasa-0715b6b5d7b8?source=rss------bug_bounty-5 | Krishnadev P Melevila | bug-bounty, hallof-fame, vdp, cybersecurity, nasa | 09-Jun-2024 |
Day 13 of Our #CyberQuest1095 Challenge — Rust, Hack The Box, and Active Directory Adventures! | https://d3athcod3.medium.com/day-13-of-our-cyberquest1095-challenge-rust-hack-the-box-and-active-directory-adventures-442cd2c48f41?source=rss------bug_bounty-5 | D3athCod3 | bug-bounty, challenge, hacking, cybersecurity, cyberquest1095 | 09-Jun-2024 |
Walk-Through of Bepractical.tech lab #4 | https://medium.com/@ross.jubert/walk-through-of-bepractical-tech-lab-4-bd4a96dc56bd?source=rss------bug_bounty-5 | Ross Jubert | bug-bounty, red-team, account-takeover, ethical-hacking, account-takeover-attacks | 09-Jun-2024 |
The Ultimate Guide to Chaining Bugs: How I Found a Reverse Shell in a Bug Bounty Program | https://b0mk35h.medium.com/the-ultimate-guide-to-chaining-bugs-how-i-found-a-reverse-shell-in-a-bug-bounty-program-9dca54c20674?source=rss------bug_bounty-5 | Pronay Biswas | ethical-hacking, hunting, bug-bounty, cyberse, xss-attack | 09-Jun-2024 |
How to preform recon in Bug Bounty? | https://systemweakness.com/how-to-preform-recon-in-bug-bounty-8d37a1fd262f?source=rss------bug_bounty-5 | Imad Husanovic | programming, cybersecurity, hacking, bug-bounty-tips, bug-bounty | 09-Jun-2024 |
ʟᴀɴᴢᴀᴍɪᴇɴᴛᴏ ɪɴᴄᴇɴᴛɪᴠᴀᴅᴏ ᴅᴇ ᴛᴇsᴛɴᴇᴛ | https://medium.com/@Tallomania/%CA%9F%E1%B4%80%C9%B4%E1%B4%A2%E1%B4%80%E1%B4%8D%C9%AA%E1%B4%87%C9%B4%E1%B4%9B%E1%B4%8F-%C9%AA%C9%B4%E1%B4%84%E1%B4%87%C9%B4%E1%B4%9B%C9%AA%E1%B4%A0%E1%B4%80%E1%B4%85%E1%B4%8F-%E1%B4%85%E1%B4%87-%E1%B4%9B%E1%B4%87s%E1%B4%9B%C9%B4%E1%B4%87%E1%B4%9B-df0c7d1e77cd?source=rss------bug_bounty-5 | Ay Zed | rewards, testnet, bug-bounty, ai | 09-Jun-2024 |
[Bounty Weekend] Disable Any Customer Ability To Create Service Account With Business Logic… | https://medium.com/@rifqihz/bounty-weekend-disable-any-customer-ability-to-create-service-account-with-business-logic-b83baa893b4d?source=rss------bug_bounty-5 | Rifqi Hilmy Zhafrant | bug-bounty-tips, penetration-testing, hackerone, bug-bounty | 08-Jun-2024 |
[Bounty Weekend] CTF Level XSS in a Real-World Application | https://medium.com/@rifqihz/bounty-weekend-ctf-level-xss-in-a-real-world-application-7a9278bc7018?source=rss------bug_bounty-5 | Rifqi Hilmy Zhafrant | hackerone, penetration-testing, bug-bounty-tips, bug-bounty | 08-Jun-2024 |
How to Find Bugs and Get Bucks: 2024 Edition | https://medium.com/@itsamanyadav/how-to-find-bugs-and-get-bucks-2024-edition-776c5b098b3e?source=rss------bug_bounty-5 | Its Aman Yadav | bug-bounty, how-to-find-bug, 2024, how-to-be-a-hacker, hacking | 08-Jun-2024 |
Capturing Android App Traffic via Wireshark - Android Pentesting | https://medium.com/@phyowathone/capturing-android-app-traffic-via-wireshark-android-pentesting-d0ee1539089f?source=rss------bug_bounty-5 | Phyo WaThone Win | cybersecurity, android-pentesting, bug-bounty-hunting, pentesting, bug-bounty | 08-Jun-2024 |
28.3 Lab: Server-side template injection using documentation | https://cyberw1ng.medium.com/28-3-lab-server-side-template-injection-using-documentation-3e8f761b0ca8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, careers, cybersecurity, penetration-testing | 08-Jun-2024 |
Day 12 of Our #CyberQuest1095 Day Challenge | https://d3athcod3.medium.com/day-12-of-our-cyberquest1095-day-challenge-977225c7ce97?source=rss------bug_bounty-5 | D3athCod3 | cyberquest1095, security, cybersecurity, hacking, bug-bounty | 08-Jun-2024 |
Abusing auto mail responders to access internal workplaces | https://rikeshbaniya.medium.com/abusing-auto-mail-responders-to-access-internal-workplaces-04fcc8ba2c99?source=rss------bug_bounty-5 | Rikesh Baniya | bounties, pentest, hackerone, bounty-reward, bug-bounty | 08-Jun-2024 |
POV HTB Writeup | https://medium.com/@damaidec/pov-htb-writeup-becf386c6dc0?source=rss------bug_bounty-5 | Damaidec | hacking, ethical-hacking, bug-bounty, hackthebox, ctf-writeup | 08-Jun-2024 |
Super Blind SQL Injection- $20000 bounty | Thousands of targets still vulnerable | https://medium.com/@pranshux0x/super-blind-sql-injection-20000-bounty-thousands-of-targets-still-vulnerable-f9b013765448?source=rss------bug_bounty-5 | priyanshu shakya | bug-bounty | 08-Jun-2024 |
Create Your Own Public-Private Key Pair in Just 5 Minutes! (Cybersecurity) | https://medium.com/@paritoshblogs/create-your-own-public-private-key-pair-in-just-5-minutes-cybersecurity-535038665ad9?source=rss------bug_bounty-5 | Paritosh | hacking, keys, cryptography, cybersecurity, bug-bounty | 08-Jun-2024 |
Vulnerable WordPress May 2024 (Leylan) | https://medium.com/@onhexgroup/vulnerable-wordpress-may-2024-leylan-bd429d56d300?source=rss------bug_bounty-5 | Onhexgroup | wordpress-security, infosec, wordpress, bug-bounty, web-security | 08-Jun-2024 |
Cracking the Code: How Cryptography Safeguards Your Digital World | https://medium.com/@paritoshblogs/cracking-the-code-how-cryptography-safeguards-your-digital-world-c1c1887c84ae?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-technology, cryptography, hacking, cybersecurity | 07-Jun-2024 |
I got my First Bounty $$$ after three years of hard work | https://medium.com/@mr_ayyan/i-got-my-first-bounty-after-three-years-of-hard-work-856c43bbb6c1?source=rss------bug_bounty-5 | Mrayyanirfan | bounty-program, rewards-programs, vulnerability, bug-bounty, first-bounty | 07-Jun-2024 |
JS for Bug Bounties 2.0 Extreme Edition 2024 | https://kongsec.medium.com/js-for-bug-bounties-2-0-extreme-edition-2024-f167fa48276a?source=rss------bug_bounty-5 | Kongsec | recon, bugcrowd, hackerone, javascript, bug-bounty | 07-Jun-2024 |
28.2 Lab: Basic server-side template injection (code context) | https://cyberw1ng.medium.com/28-2-lab-basic-server-side-template-injection-code-context-2a927ed117e6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, bug-bounty, penetration-testing, hacking | 07-Jun-2024 |
Simulating a Ransomware Attack with Caldera. | https://medium.com/@josh.beck2006/simulating-a-ransomware-attack-with-caldera-3d77d0cb95d2?source=rss------bug_bounty-5 | Josh Beck | cybersecurity, penetration-testing, ctf, bug-bounty | 07-Jun-2024 |
Hacking Porn and Dating sites — a Theme Based Bugbounty Hunting | https://medium.com/@nithissh/hacking-porn-and-dating-sites-a-theme-based-bugbounty-hunting-d024b8137bc7?source=rss------bug_bounty-5 | Nithissh | bugbounty-writeup, research, bug-bounty | 07-Jun-2024 |
Complex Attack Types: Sample Scenarios 12 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-12-0d93a70ee8f4?source=rss------bug_bounty-5 | Baris Dincer | cybersecurity, freedomofinternet, bug-bounty, penetration-testing, threat-intelligence | 07-Jun-2024 |
Another Easy P4 you miss!!! | https://medium.com/@anonymoustriager/another-easy-p4-you-miss-dcadf65adbcb?source=rss------bug_bounty-5 | Anonymous Triager | bugbounty-poc, bugs, bug-bounty, bug-bounty-tips, bug-bounty-hunter | 06-Jun-2024 |
Unlock Any PC Remotely with Just an Image: The Ultimate VNC Hack! | https://medium.com/@paritoshblogs/unlock-any-pc-remotely-with-just-an-image-the-ultimate-vnc-hack-a92b22637094?source=rss------bug_bounty-5 | Paritosh | cybersecurity, remote-working, hacking, vnc, bug-bounty | 06-Jun-2024 |
The only recon methodology you need. | https://an0nbil.medium.com/the-only-recon-methodology-you-need-cf6c3aff1af1?source=rss------bug_bounty-5 | an0nbil | ethical-hacking, bug-bounty, bug-bounty-tips, reconnaissance, programming | 06-Jun-2024 |
Decimal x Securr | https://decimalchain.medium.com/decimal-x-securr-96114c277d70?source=rss------bug_bounty-5 | DecimalChain | bug-bounty, decimal, securr | 06-Jun-2024 |
Scope Sentry is a tool with functions such as asset mapping… | https://medium.com/@Autumn52/scope-sentry-is-a-tool-with-functions-such-as-asset-mapping-fe0af70ace0a?source=rss------bug_bounty-5 | Autumn | hacker, hackathons, bug-bounty, tools, bug-bounty-tips | 06-Jun-2024 |
Securing the Future: Understanding Vulnerabilities in Large Language Models | https://medium.com/@tusharsaini484/securing-the-future-understanding-vulnerabilities-in-large-language-models-13bbfeac95cf?source=rss------bug_bounty-5 | Tushar Saini | blog, artificial-intelligence, bug-bounty, large-language-models, cybersecurity | 06-Jun-2024 |
Bug bounty — Cybersecurity subcontractor exposes business data to other customers | https://theclemvp.medium.com/bug-bounty-cybersecurity-subcontractor-exposes-business-data-to-other-customers-d8e1a011ff4b?source=rss------bug_bounty-5 | Clément | cybersecurity, bug-bounty | 06-Jun-2024 |
28.1 Lab: Basic Server-side template injection | https://cyberw1ng.medium.com/28-1-lab-basic-server-side-template-injection-0744f96c74b8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, hacking, careers, penetration-testing | 06-Jun-2024 |
Understanding Cybersecurity : Keeping Our Digital World Safe | https://adnancodestech.medium.com/understanding-cybersecurity-keeping-our-digital-world-safe-1abdd2876a7c?source=rss------bug_bounty-5 | Cryptify | cybersecurity, penetration-testing, bug-bounty-tips, bug-bounty, pentesting | 06-Jun-2024 |
Getting started with Bug Bounty | https://securrtech.medium.com/getting-started-with-bug-bounty-8fd72650184f?source=rss------bug_bounty-5 | Securr | web3, cybersecurity, ai, bug-bounty, learn | 06-Jun-2024 |
Discovering a Critical Vulnerability in application : The Journey of an Accidental Admin | https://adarshkrduaby.medium.com/discovering-a-critical-vulnerability-in-application-the-journey-of-an-accidental-admin-1aebe9d31e09?source=rss------bug_bounty-5 | Adarsh Kumar | bug-zero, cyber-security-research, critical-vulnerabilities, securityflaw, bug-bounty | 06-Jun-2024 |
Stored XSS to Account Takeover (AWS Cognito) | https://medium.com/@majix_de/stored-xss-to-account-takeover-aws-cognito-c5f76f04befe?source=rss------bug_bounty-5 | Majix | cybersecurity, account-takeover, pentest, bug-bounty, cognito | 06-Jun-2024 |
Easy Latest Critical Severity? | https://medium.com/@anonymoustriager/easy-latest-critical-severity-fc9413d57d80?source=rss------bug_bounty-5 | Anonymous Triager | hacking, bug-bounty, bug-bounty-tips, bugbounty-writeup, bug-bounty-program | 05-Jun-2024 |
Active Directory Red Teaming: A Comprehensive Guide | https://medium.com/@paritoshblogs/active-directory-red-teaming-a-comprehensive-guide-06b1f008d0d4?source=rss------bug_bounty-5 | Paritosh | bug-bounty, cybersecurity, hacking, information-technology, active-directory | 05-Jun-2024 |
EMPIRE CTF: LUPINONE VulnHub Walkthrough | Writeup | https://shamsulmehmood.medium.com/empire-ctf-lupinone-vulnhub-walkthrough-writeup-bea8558ea03b?source=rss------bug_bounty-5 | SHAMS UL MEHMOOD | bug-bounty, pentesting, cybersecurity, machine-learning, hacking | 05-Jun-2024 |
Master Bug Bounty Hunting: Your Comprehensive Bug Bounty Course in Hindi | https://medium.com/@marketing_94387/master-bug-bounty-hunting-your-comprehensive-bug-bounty-course-in-hindi-ab990527f9b0?source=rss------bug_bounty-5 | Skilcamp | online-learning-platform, bug-bounty-tips, skilcamp, bug-bounty | 05-Jun-2024 |
27.5 Lab: DOM-based cookie manipulation | https://cyberw1ng.medium.com/27-5-lab-dom-based-cookie-manipulation-b939af57ef06?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, penetration-testing, bug-bounty, careers, hacking | 05-Jun-2024 |
SmartAuditor.AI and new ChatGPT bot for audits | https://medium.com/@bugbountydegen/smartauditor-ai-and-new-chatgpt-bot-for-audits-a8361ec7f52d?source=rss------bug_bounty-5 | Bug Bounty Degen | openai, smart-contracts, bug-bounty, cybersecurity, chatgpt | 05-Jun-2024 |
CVE-2024–4358 Critical Flaw Found in Progress Telerik Report Server | https://medium.com/@arafatx90n/cve-2024-4358-critical-flaw-found-in-progress-telerik-report-server-0f379f844819?source=rss------bug_bounty-5 | ARAFAT | ethical-hacking, bug-bounty, cybersecurity | 05-Jun-2024 |
Insecure Firebase Unauthorized Write Access on Crypto Exchange Bug Bounty | https://scr1pty.medium.com/insecure-firebase-unauthorized-write-access-on-crypto-exchange-bug-bounty-9e9187b627b1?source=rss------bug_bounty-5 | Scr1pty | penetration-testing, bug-bounty-tips, crypto, bug-bounty, security | 05-Jun-2024 |
Another Easy P4? | https://medium.com/@anonymoustriager/another-easy-p4-ceaa67ef7e52?source=rss------bug_bounty-5 | Anonymous Triager | bugbounty-writeup, bug-bounty-tips, bug-bounty-program, cybersecurity, bug-bounty | 05-Jun-2024 |
CVE-2024–4956: UNAUTHENTICATED PATH TRAVERSAL IN NEXUS REPOSITORY MANAGER 3 | https://codewithvamp.medium.com/cve-2024-4956-unauthenticated-path-traversal-in-nexus-repository-manager-3-b4e811ad7e37?source=rss------bug_bounty-5 | Vaibhav Kumar Srivastava | bug-bounty, cve, coding, hacking, cybersecurity | 05-Jun-2024 |
Easiest P4? | https://medium.com/@anonymoustriager/easiest-p4-feb9e9302562?source=rss------bug_bounty-5 | Anonymous Triager | bug-bounty-tips, hacking, swag, bounty-program, bug-bounty | 04-Jun-2024 |
My report on using lubuntu 24.04 | https://ariedwikusuma9.medium.com/my-report-on-using-lubuntu-24-04-3040bbdb9bab?source=rss------bug_bounty-5 | Ariekusuma | bug-bounty, ubuntu, wireguard, lubuntu, linux | 04-Jun-2024 |
The Chronicle Protocol Bug Bounty is Live | https://medium.com/@ChronicleProtocol/the-chronicle-protocol-bug-bounty-is-live-05b5332e6c76?source=rss------bug_bounty-5 | Chronicle Protocol | oracle, bug-bounty, blockchain, cantina, chronicle-protocol | 04-Jun-2024 |
Hacking Android Apps: A Comprehensive Guide | https://medium.com/@roguepayload/hacking-android-apps-a-comprehensive-guide-9905c075021f?source=rss------bug_bounty-5 | Rogue Payload | hacking, bug-bounty-tips, pentesting, android, bug-bounty | 04-Jun-2024 |
27.4 Lab: DOM-based open redirection | https://cyberw1ng.medium.com/27-4-lab-dom-based-open-redirection-e00e760c9046?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, hacking, penetration-testing, bug-bounty | 04-Jun-2024 |
How We Got $$$$$ For a Blind Stored XSS To ATO | https://medium.com/@shari7a0x/how-we-got-for-a-blind-stored-xss-to-ato-2e9b939055ec?source=rss------bug_bounty-5 | Shari7a0x | bugs, hackerone, bug-bounty-tips, bug-bounty, xss-attack | 04-Jun-2024 |
Exposing Login Page Vulnerabilities with Time-Based SQL Injection | https://medium.com/@sachinkewat809/exposing-login-page-vulnerabilities-with-time-based-sql-injection-694a04911e93?source=rss------bug_bounty-5 | Sachin kewat | bug-bounty-tips, cybersecurity, penetration-testing, bug-bounty, security | 03-Jun-2024 |
How I Got My First €€€€ Bounty | https://machiavellli.medium.com/how-i-got-my-first-bounty-65ad8a1763de?source=rss------bug_bounty-5 | Machiavelli | cybersecurity, bug-bounty, information-security | 03-Jun-2024 |
Earning Your First $1000 as a Cybersecurity Researcher, Hacker, or Hunter | https://securrtech.medium.com/earning-your-first-1000-as-a-cybersecurity-researcher-hacker-or-hunter-8532bcaa48b6?source=rss------bug_bounty-5 | Securr | dollar, cyber-security-awareness, earn, bug-bounty, web-development | 03-Jun-2024 |
My First Finding Bug on a Bugcrowd BBP | https://medium.com/@bhuiyanaman71/my-first-bug-on-a-bbp-fdd512307284?source=rss------bug_bounty-5 | Aman Bhuiyan | xss-vulnerability, bug-bounty, hacking, injection | 03-Jun-2024 |
27.2 Lab: DOM XSS using web messages and JSON.parse | https://cyberw1ng.medium.com/27-2-lab-dom-xss-using-web-messages-and-json-parse-79dbe4290efb?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, cybersecurity, hacking, bug-bounty, careers | 03-Jun-2024 |
Hack and Pay Later: Bypassing Online Payment Method | https://medium.com/@tirqwork1/hack-and-pay-later-bypassing-online-payment-method-8b366e0dc7ee?source=rss------bug_bounty-5 | ARoy | bug-bounty, cybersecurity, bugbounty-writeup, payment-gateway, infosec | 03-Jun-2024 |
27.3 Lab: DOM XSS using web messages and JSON.parse | https://cyberw1ng.medium.com/27-2-lab-dom-xss-using-web-messages-and-json-parse-79dbe4290efb?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, cybersecurity, hacking, bug-bounty, careers | 03-Jun-2024 |
UPI Recon | Scammed on Instagram /Telegram? | https://medium.com/@anonymoustriager/upi-recon-scammed-on-instagram-telegram-3713f9dd77cd?source=rss------bug_bounty-5 | Anonymous Triager | hacker, telegram, recon, cybersecurity, bug-bounty | 02-Jun-2024 |
Bug Zero — 2 Weeks in Cybersecurity (May 15–31) | https://blog.bugzero.io/bug-zero-2-weeks-in-cybersecurity-may-15-31-dbc07d60dfe5?source=rss------bug_bounty-5 | Akila Maithripala | bug-zero, sri-lanka, cybersecurity, bug-bounty | 02-Jun-2024 |
BBB #1 — Back Hacking | https://medium.com/@JakobTheDev/bbb-1-back-hacking-acafd03d7d4e?source=rss------bug_bounty-5 | Jakob Pennington | bug-bounty, application-security, hacking | 02-Jun-2024 |
27.2 Lab: DOM XSS using web messages and a JavaScript URL | https://cyberw1ng.medium.com/27-2-lab-dom-xss-using-web-messages-and-a-javascript-url-3d29822c295d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, careers, hacking, penetration-testing | 02-Jun-2024 |
A simple IDOR worth $400. | https://el-cezeri.medium.com/a-simple-idor-worth-400-65663937a5f4?source=rss------bug_bounty-5 | Samet Yiğit | bugbounty-tips, bug-bounty, ödülavcılığı | 02-Jun-2024 |
Mastering Sway-Analyzer | https://medium.com/@angelos404/mastering-sway-analyzer-27379d7903db?source=rss------bug_bounty-5 | angelos404 | smart-contracts, web3, blockchain, bug-bounty, sway | 02-Jun-2024 |
Easy $$$$ Bounty for leaked token in java script url | https://medium.com/@eslammonex/easy-bounty-for-leaked-token-in-java-script-url-5491cf567328?source=rss------bug_bounty-5 | EslamMonex | bug-bounty | 02-Jun-2024 |
How To Escalate P5 Email HTML Injection to P4. | https://medium.com/@Ajakcybersecurity/how-to-escalate-p5-email-html-injection-to-p4-19a61a85a76b?source=rss------bug_bounty-5 | AjakCybersecurity | bug-bounty, hacking, penetration-testing, cybersecurity, technology | 02-Jun-2024 |
شرح اللاب بطريقة سهلة ومبسطة لفهم نوع ال Reflected XSS into HTML context with nothing encoded | https://gentilsecurity.medium.com/%D8%B4%D8%B1%D8%AD-%D8%A7%D9%84%D9%84%D8%A7%D8%A8-%D8%A8%D8%B7%D8%B1%D9%8A%D9%82%D8%A9-%D8%B3%D9%87%D9%84%D8%A9-%D9%88%D9%85%D8%A8%D8%B3%D8%B7%D8%A9-%D9%84%D9%81%D9%87%D9%85-%D9%86%D9%88%D8%B9-%D8%A7%D9%84-reflected-xss-into-html-context-with-nothing-encoded-9dde8cf2baa3?source=rss------bug_bounty-5 | GenTiL | owasp, web-development, penetration-testing, cybersecurity, bug-bounty | 01-Jun-2024 |
ماذا تعرف عن ثغرة XSS? (Cross-Site Script) | https://gentilsecurity.medium.com/%D9%85%D8%A7%D8%B0%D8%A7-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%86-%D8%AB%D8%BA%D8%B1%D8%A9-xss-cross-site-script-d45ecf75b0a6?source=rss------bug_bounty-5 | GenTiL | xss-attack, bug-bounty, vulnerability, technology, hacking | 01-Jun-2024 |
كيفية استخدام أداة ParamSpider — لبرنامج الجوائز الأمنية (Bug Bounty) | https://gentilsecurity.medium.com/%D9%83%D9%8A%D9%81%D9%8A%D8%A9-%D8%A7%D8%B3%D8%AA%D8%AE%D8%AF%D8%A7%D9%85-%D8%A3%D8%AF%D8%A7%D8%A9-paramspider-%D9%84%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D8%A7%D9%84%D8%AC%D9%88%D8%A7%D8%A6%D8%B2-%D8%A7%D9%84%D8%A3%D9%85%D9%86%D9%8A%D8%A9-bug-bounty-c1361d476c4a?source=rss------bug_bounty-5 | GenTiL | paramspider, penetration-testing, bug-bounty, web-development, penetration-testing-tools | 01-Jun-2024 |
هل مازلت محتار في الاختلاف بين Reflected XSS و DOM XSS؟ اليوم ستحسم المسألة بكل ثقة | https://gentilsecurity.medium.com/%D9%87%D9%84-%D9%85%D8%A7%D8%B2%D9%84%D8%AA-%D9%85%D8%AD%D8%AA%D8%A7%D8%B1-%D9%81%D9%8A-%D8%A7%D9%84%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81-%D8%A8%D9%8A%D9%86-reflected-xss-%D9%88-dom-xss-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%B3%D8%AA%D8%AD%D8%B3%D9%85-%D8%A7%D9%84%D9%85%D8%B3%D8%A3%D9%84%D8%A9-%D8%A8%D9%83%D9%84-%D8%AB%D9%82%D8%A9-c4224d126056?source=rss------bug_bounty-5 | GenTiL | reflected-xss, hacking, dom-xss, web-penetration-testing, bug-bounty | 01-Jun-2024 |
MY FIRST BUG ! | https://medium.com/@amjadkhan_72632/my-first-bug-8d52edf256c7?source=rss------bug_bounty-5 | Amjad Khan | cybersecurity, bug-bounty | 01-Jun-2024 |
SQLi, SSRF And Code Secrets — All In One | https://medium.com/@red.whisperer/sqli-ssrf-and-code-secrets-all-in-one-a387c734c84f?source=rss------bug_bounty-5 | Chux | security, hacking, cybersecurity, infosec, bug-bounty | 01-Jun-2024 |
Are you still confused about the difference between Reflected XSS and DOM XSS? | https://gentilsecurity.medium.com/are-you-still-confused-about-the-difference-between-reflected-xss-and-dom-xss-45715d0fe37b?source=rss------bug_bounty-5 | GenTiL | dom-xss, hacking, bug-bounty, web-penetration-testing, reflected-xss | 01-Jun-2024 |
Chaining NOSQLi and XSS to Take Over a Server — HackTheBox Stocker Walkthrough | https://medium.com/@The_Hiker/chaining-nosqli-and-xss-to-take-over-a-server-hackthebox-stocker-walkthrough-e549bf3f8bbf?source=rss------bug_bounty-5 | TheHiker | hackthebox, hackthebox-writeup, web-exploitation, hacking, bug-bounty | 01-Jun-2024 |
Unveiling the Sneaky CSV Injection: VDP vs. Objective-Based Offensive Tactics | https://abawazeeer.medium.com/unveiling-the-sneaky-csv-injection-vdp-vs-objective-based-offensive-tactics-208b22b8bba1?source=rss------bug_bounty-5 | AliBawazeEer | vulnerability-disclosure, bug-bounty, vulnerability-assessment, owasp-top-10, application-security | 01-Jun-2024 |
cy27.1 Lab: DOM XSS using web messages | https://cyberw1ng.medium.com/cy27-1-lab-dom-xss-using-web-messages-5c2346edc08b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, hacking, careers, cybersecurity | 01-Jun-2024 |
Use FFUF to bypass Burp Suite’s Intruder attacks delay!!! | https://hackermater.medium.com/use-ffuf-to-bypass-burp-suite-intruder-attacks-delay-c5087c912741?source=rss------bug_bounty-5 | hackermater | bug-bounty-writeup, burpsuite, hacking, bug-bounty-tips, bug-bounty | 01-Jun-2024 |
90 Days Cybersecurity Learning Challenge | https://medium.com/@unknow.com/90-days-cybersecurity-learning-challenge-81e1777b31f5?source=rss------bug_bounty-5 | Cyber_hunter | bug-bounty, careers, cybersecurity | 01-Jun-2024 |
Attacking Web Applications with Ffuf | Skills Assessment — Walkthrough | https://medium.com/@Mx0o14/attacking-web-applications-with-ffuf-skills-assessment-walkthrough-5af4160fe75b?source=rss------bug_bounty-5 | Mohamed Ashraf | hackthebox, bug-bounty, cybersecurity, hacking | 31-May-2024 |
The Planets CTF | Earth CTF | Vulnhub | WriteUp | Walkthrough | https://shamsulmehmood.medium.com/the-planets-ctf-earth-ctf-vulnhub-writeup-walkthrough-38d13c16643c?source=rss------bug_bounty-5 | SHAMS UL MEHMOOD | hacking, cybersecurity, bug-bounty, bugs, cybercrime | 31-May-2024 |
Pattern Scanning Intro (For Game Hacking) | https://medium.com/@MrRipperoni/pattern-scanning-intro-for-game-hacking-b13401b562fb?source=rss------bug_bounty-5 | Mr.Ripperoni | coding, reverse-engineering, games, bug-bounty, hacking | 31-May-2024 |
How i get XSS & HTMLi with FUFF | https://kiraadx.medium.com/how-i-get-xss-htmli-with-fuff-0c8a4b094636?source=rss------bug_bounty-5 | KiRaaDx | bug-bounty, cybersecurity, bug-bounty-tips | 31-May-2024 |
OSCP Review | https://medium.com/@nosignalrightnow/oscp-review-3a9568bf9c5d?source=rss------bug_bounty-5 | cowabunga | bug-bounty, offensive-security, penetration-testing, oscp, cybersecurity | 31-May-2024 |
26.3 Lab: Indirect prompt injection | https://cyberw1ng.medium.com/26-3-lab-indirect-prompt-injection-27d35f2e0e90?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, penetration-testing, careers, cybersecurity, bug-bounty | 31-May-2024 |
CVE-2024–24919: Zero-Day Vulnerability leads to unauthorized Information Disclosure in Checkpoint | https://codewithvamp.medium.com/cve-2024-24919-zero-day-vulnerability-leads-to-unauthorized-information-disclosure-in-checkpoint-97873b47d160?source=rss------bug_bounty-5 | Vaibhav Kumar Srivastava | computer-science, hacking, bug-bounty, cybersecurity, cve | 31-May-2024 |
How I Found a Vulnerability in Apple: A Journey of Discovery and Impact | https://medium.com/@husnainsuleman/how-i-found-a-vulnerability-in-apple-a-journey-of-discovery-and-impact-0e55f14eef75?source=rss------bug_bounty-5 | Husnain Suleman | bug-bounty, storytelling, security, cybersecurity, apple | 31-May-2024 |
IDOR Exploit: A Tale of Account Takeover | https://danial1337.medium.com/idor-exploit-a-tale-of-account-takeover-51ab2c47c246?source=rss------bug_bounty-5 | Muhammad Danial | penetration-testing, hacking, cybersecurity, web-security, bug-bounty | 31-May-2024 |
Advanced Web Cache Poisoning | https://medium.com/@majix_de/advanced-web-cache-poisoning-e6e17d5290ce?source=rss------bug_bounty-5 | Majix | web-cache-poisoning, penetration-testing, hacking, bug-bounty, pentesting | 31-May-2024 |
Creative Steps | Reflected XSS into HTML context with nothing encoded | https://gentilsecurity.medium.com/creative-steps-reflected-xss-into-html-context-with-nothing-encoded-0a30d4f2dc24?source=rss------bug_bounty-5 | GenTiL | cybersecurity, bug-bounty, owasp, penetration-testing, web-development | 30-May-2024 |
Exported Activity In Android Application Allowing Access to Payments Information | https://medium.com/@mohanad.hussam23/exported-activity-in-android-application-allowing-access-to-payments-information-166dfee5008e?source=rss------bug_bounty-5 | Muhanad Israiwi | hacking, bugs, penetration-testing, bug-bounty, androidhacking | 30-May-2024 |
Static Testing of iOS Applications | https://sandeepvi.medium.com/static-testing-of-ios-applications-cb09bd8f2927?source=rss------bug_bounty-5 | Sandeep Vishwakarma | hacking, bug-bounty, ios, static-code-analysis | 30-May-2024 |
Secrets of Data Security : Trendy Tools and Tips You Can’t Ignore! | https://medium.com/@paritoshblogs/secrets-of-data-security-trendy-tools-and-tips-you-cant-ignore-a5d72eb7eedf?source=rss------bug_bounty-5 | Paritosh | data-security, hacking, cybersecurity, bug-bounty, security | 30-May-2024 |
Exciting Announcement: We’re Collaborating with Aptron to Boost Web3 Security! | https://securrtech.medium.com/exciting-announcement-were-collaborating-with-aptron-to-boost-web3-security-4f58726c3ae0?source=rss------bug_bounty-5 | Securr | web3, ai, web3-security, bug-bounty, blockchain | 30-May-2024 |
Enhancing Cybersecurity: Lessons from a Critical XSS Vulnerability in DMRC’s Website | https://hackerhalt.medium.com/enhancing-cybersecurity-lessons-from-a-critical-xss-vulnerability-in-dmrcs-website-a0e39aeb0318?source=rss------bug_bounty-5 | Hacker Halt Live | hacker, hacking, bug-bounty, security, cybersecurity | 30-May-2024 |
Application Level DoS - The Lagging Nightmare | https://shahjerry33.medium.com/application-level-dos-the-lagging-nightmare-d3332f2ade86?source=rss------bug_bounty-5 | Jerry Shah (Jerry) | pentesting, cybersecurity, bug-bounty, infosec, vulnerability | 30-May-2024 |
26.2 Lab: Exploiting vulnerabilities in LLM APIs | https://cyberw1ng.medium.com/26-2-lab-exploiting-vulnerabilities-in-llm-apis-83150b4cdf98?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, cybersecurity, careers, hacking, bug-bounty | 30-May-2024 |
WAF as a weapon and DOS as a bullet | https://medium.com/@zhero_/waf-as-a-weapon-and-dos-as-a-bullet-46acad12a9b6?source=rss------bug_bounty-5 | Rachid.A | infosec, bug-bounty, firewall, hacking, cybersecurity | 30-May-2024 |
Low hanging fruit in real website: Cookie invalidation. | https://medium.com/@siyamhassan.main/low-hanging-fruit-in-real-website-cookie-invalidation-bd24556dc673?source=rss------bug_bounty-5 | 2004siyam_hassan | authentication, session-invalidation, bug-bounty | 30-May-2024 |
Buy Multiple Translink Travel Ticket for the Price of One. | https://medium.com/@aswinmanikandan/buy-multiple-translink-travel-ticket-for-the-price-of-one-82014216c510?source=rss------bug_bounty-5 | Aswin Manikandan | bug-bounty, bug-bounty-tips | 30-May-2024 |
(1)بالمصري Bug Bounty Bootcamp ملخص | https://medium.com/@am3002297/1-%D8%A8%D8%A7%D9%84%D9%85%D8%B5%D8%B1%D9%8A-bug-bounty-bootcamp-%D9%85%D9%84%D8%AE%D8%B5-8cdf2bf4e108?source=rss------bug_bounty-5 | 30obd | bug-bounty-hunter, tech-bootcamp, bug-bounty, infosec, information-security | 30-May-2024 |
Microsoft IIS Server Shortnames & Tilde Magic | https://retkoussa.medium.com/microsoft-iis-server-shortnames-tilde-magic-64df65d26450?source=rss------bug_bounty-5 | Firas Al-Koussa | hacking, bug-bounty, penetration-testing, cybersecurity, penetration-testing-tools | 30-May-2024 |
How I Found My First Bug in My Bug Bounty Journey | https://medium.com/@HuseyinAdgzl/how-i-found-my-first-bug-in-bug-bounty-journey-49a318874ed8?source=rss------bug_bounty-5 | Hüseyin Adiguzel | bug-bounty-tips, bug-bounty, api, security, bugs | 30-May-2024 |
A Beautiful Bug: Interesting URL scheme bypass + Race Condition. | https://medium.com/@Nightbloodz/a-beautiful-bug-interesting-url-scheme-bypass-race-condition-61109771a250?source=rss------bug_bounty-5 | Alvaro Balada | cybersecurity, xss-attack, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 30-May-2024 |
Understanding Fileless Malware: How It Works and Real-World Examples | https://medium.com/@paritoshblogs/understanding-fileless-malware-how-it-works-and-real-world-examples-76085c99543d?source=rss------bug_bounty-5 | Paritosh | hacking, bug-bounty, fileless-malware, malware, cybersecurity | 29-May-2024 |
An interesting Bug that I found in Android Mobile Application | https://medium.com/@jooelsaka/an-interesting-bug-that-i-found-in-android-mobile-application-becf25c8c4d8?source=rss------bug_bounty-5 | dnelsaka | security, pentesting, mobile-security, android, bug-bounty | 29-May-2024 |
Subdomain takeover via AWS s3 bucket | https://infosecwriteups.com/subdomain-takeover-via-aws-s3-bucket-9c54b1b71c46?source=rss------bug_bounty-5 | Bikram kharal | vulnerability, subdomain-takeover, bug-bounty, penetration-testing, hacking | 29-May-2024 |
Unauthenticated Cache Purge, Really a Bug? | https://medium.com/@anonymoustriager/unauthenticated-cache-purge-really-a-bug-1da44d6fbfd9?source=rss------bug_bounty-5 | Anonymous Triager | hacker, bug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup | 29-May-2024 |
Bypassing Discord marked links filter | https://nickguitar.medium.com/bypassing-discord-marked-links-filter-88bcd7946f2a?source=rss------bug_bounty-5 | Nickguitar | hacking, bug-bounty, bypass, discord, pentest | 29-May-2024 |
Bug Bounty Automations | https://medium.com/@michellepantelouris/bug-bounty-automations-65f4a4dd6121?source=rss------bug_bounty-5 | Michelle Pantelouris | bug-bounty, cybersecurity, penetration-testing | 29-May-2024 |
Building tech profile of a company | https://netlas.medium.com/building-tech-profile-of-a-company-f2145dedad31?source=rss------bug_bounty-5 | Netlas.io | reconnaissance, cybersecurity, osint, penetration-testing, bug-bounty | 29-May-2024 |
Content Discovery: Directories, Files And Links Enumeration: | https://hacktivistattacker.medium.com/content-discovery-directories-files-and-links-enumeration-38e407b8ff0a?source=rss------bug_bounty-5 | Hacktivist-Attacker | content-discovery, bug-bounty, web-penetration-testing, reconnaissance-bug-bounty, educação | 29-May-2024 |
Bug Bounty Tips and Tricks: Improve Your Success Rate | https://medium.com/@verylazytech/bug-bounty-tips-and-tricks-improve-your-success-rate-37fa7941d05f?source=rss------bug_bounty-5 | Very Lazy Tech | bug-bounty, hacking, bug-bounty-program, cyber, cybersecurity | 29-May-2024 |
S3 bucket enumeration simplified. | https://secureitmania.medium.com/s3-bucket-enumeration-simplified-80bdcdf581d7?source=rss------bug_bounty-5 | secureITmania | hacking, cloud-services, devops, bug-bounty, it-security | 29-May-2024 |
Agent Sudo Walkthrough | https://medium.com/@anubhavbali2004/agent-sudo-walkthrough-0a2954d2bb7e?source=rss------bug_bounty-5 | Anubhav Bali | ctf-walkthrough, ctf-writeup, bug-bounty, ctf, cybersecurity | 29-May-2024 |
Mastering Burp Suite for Web Application Security Testing | https://medium.com/@zerodayfreak/mastering-burp-suite-for-web-application-security-testing-9ac8919f89a8?source=rss------bug_bounty-5 | ZeroDay Freak | bug-bounty, infosec, burpsuite, web-hacking, penetration-testing | 29-May-2024 |
The Easiest Vulnerability to Find and How to bypass the WAF | https://medium.com/@probza261/the-easiest-vulnerability-to-find-and-how-to-bypass-the-waf-3dbcc422aa7e?source=rss------bug_bounty-5 | OctaYus | bug-bounty, infosec, web-security | 29-May-2024 |
[Low]Unintended Feature: Exploiting an “Invisible” Delete Function for Temporary Premium Access | https://r4v3n0r.medium.com/low-unintended-feature-exploiting-an-invisible-delete-function-for-temporary-premium-access-909812add8eb?source=rss------bug_bounty-5 | Fabian Cruz | web-application-security, cybersecurity, idor, bug-bounty, information-security | 29-May-2024 |
What do you know about XSS? (Cross-Site Script) | https://gentilsecurity.medium.com/what-do-you-know-about-xss-cross-site-script-fa050d37be1c?source=rss------bug_bounty-5 | GenTiL | bug-bounty, vulnerability, hacking, technology, xss-attack | 28-May-2024 |
Hacking NASA: Critical SSRF + Subdomain Takeover + XSS | https://nickguitar.medium.com/hacking-nasa-critical-ssrf-subdomain-takeover-xss-699be0ce3c06?source=rss------bug_bounty-5 | Nickguitar | pentesting, bug-bounty, hacking, web-application-security, writeup | 28-May-2024 |
Bug Bounty In 2024 | https://medium.com/@Code_With_Ssn/bug-bounty-in-2024-54b1f0c3fe75?source=rss------bug_bounty-5 | Salik Seraj Naik | cybersecurity, bug-bounty, software-development, blockchain, data-science | 28-May-2024 |
8 Different Ways to Bypass SSL Pinning in iOS Applications | https://medium.com/@vaishalinagori112/8-different-ways-to-bypass-ssl-pinning-in-ios-applications-427dfcbe8bf7?source=rss------bug_bounty-5 | Vaishali Nagori | bug-bounty, vapt-services, hacking, ciso, ssl-pinning-bypass | 28-May-2024 |
Talkpal — vulnerability disclosure | https://karol-mazurek.medium.com/talkpal-vulnerability-disclosure-70b18d14772f?source=rss------bug_bounty-5 | Karol Mazurek | cybersecurity, bug-bounty, information-technology, penetration-testing, information-security | 28-May-2024 |
Cross-Site Script _XSS_ Extract Here | https://gentilsecurity.medium.com/cross-site-script-xss-extract-here-d76053546fe3?source=rss------bug_bounty-5 | GenTiL | technology, bug-bounty, ethical-hacking, cybersecurity, web-development | 28-May-2024 |
RCE Exploitation via Report Upload + Leveraging MachineKeys to Forge ASPXAUTH Cookies to privesc… | https://medium.com/@ph4nt0mbyt3/rce-exploitation-via-report-upload-leveraging-machinekeys-to-forge-aspxauth-cookies-to-privesc-50d38991da2e?source=rss------bug_bounty-5 | ph4nt0mbyt3 | pentesting, hacking, bug-bounty, cookies, aspnetcore | 28-May-2024 |
PENTESTING DAY — 01 | https://medium.com/@workwithsane/pentesting-day-01-7eba23231870?source=rss------bug_bounty-5 | Sane | offensive-security, pentesting, bug-bounty, defensive-security, ethical-hacking | 28-May-2024 |
A Whistledown Exclusive: Netflix’s Journey to One Million in Bug Bounty and Beyond | https://netflixtechblog.medium.com/a-whistledown-exclusive-netflixs-journey-to-one-million-in-bug-bounty-and-beyond-9087ffebc3e1?source=rss------bug_bounty-5 | Netflix Technology Blog | vulnerability-management, application-security, cybersecurity, bug-bounty | 28-May-2024 |
25.8 Lab: Web cache poisoning via a fat GET request | https://cyberw1ng.medium.com/25-8-lab-web-cache-poisoning-via-a-fat-get-request-ee8a42d01868?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, careers, penetration-testing, cybersecurity | 28-May-2024 |
Self-XSS via filename + CSRF on contact us ‘multipart/data’ form | https://mchklt.medium.com/self-xss-via-filename-csrf-on-contact-us-multipart-data-form-f852dd539547?source=rss------bug_bounty-5 | ABDELKARIM MOUCHQUELITA | cyberattack, tips, bug-bounty, cybersecurity, hacking | 28-May-2024 |
PENTESTING INTRODUCTION | https://medium.com/@workwithsane/pentesting-day-01-7eba23231870?source=rss------bug_bounty-5 | Sane | offensive-security, pentesting, bug-bounty, defensive-security, ethical-hacking | 28-May-2024 |
Best Packet Sniffers For Reverse Engineering Game Servers | https://medium.com/@MrRipperoni/best-packet-sniffers-for-reverse-engineering-game-servers-c09987c46b33?source=rss------bug_bounty-5 | Mr.Ripperoni | games, bug-bounty, hacking, penetration-testing, reverse-engineering | 28-May-2024 |
25.9 Lab: URL normalization in Web Cache Poisioning | https://cyberw1ng.medium.com/25-9-lab-url-normalization-in-web-cache-poisioning-9a4b72e10a5e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, cybersecurity, hacking, bug-bounty | 28-May-2024 |
شمارع خاله اردبیل شماره خاله رامسرشماره خاله یزدشماره خاله نورآباد09333709804 | https://medium.com/@xgxtccbj/%D8%B4%D9%85%D8%A7%D8%B1%D8%B9-%D8%AE%D8%A7%D9%84%D9%87-%D8%A7%D8%B1%D8%AF%D8%A8%DB%8C%D9%84-%D8%B4%D9%85%D8%A7%D8%B1%D9%87-%D8%AE%D8%A7%D9%84%D9%87-%D8%B1%D8%A7%D9%85%D8%B3%D8%B1%D8%B4%D9%85%D8%A7%D8%B1%D9%87-%D8%AE%D8%A7%D9%84%D9%87-%DB%8C%D8%B2%D8%AF%D8%B4%D9%85%D8%A7%D8%B1%D9%87-%D8%AE%D8%A7%D9%84%D9%87-%D9%86%D9%88%D8%B1%D8%A2%D8%A8%D8%A7%D8%AF09333709804-045d16786c2a?source=rss------bug_bounty-5 | فاطمه | bug-bounty, vjosa, cj, cjng, bybit-event | 28-May-2024 |
25.7 Lab: Parameter cloaking in Web Cache Poisoning | https://cyberw1ng.medium.com/25-7-lab-parameter-cloaking-in-web-cache-poisoning-ee64feeb01c1?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, hacking, bug-bounty, careers, penetration-testing | 27-May-2024 |
Earning with Exploits: The Bug Bounty Journey | https://deepseng.medium.com/earning-with-exploits-the-bug-bounty-journey-9d864743c011?source=rss------bug_bounty-5 | Deep SenGupta | cybersecurity, appsec, information-security, careers, bug-bounty | 27-May-2024 |
How To Stay Ahead of 99% Of Bug Bounty Hunters | https://infosecwriteups.com/how-to-stay-ahead-of-99-of-bug-bounty-hunters-a51fb3fc2ecb?source=rss------bug_bounty-5 | Om Arora | methodology, infosec, hacking, bug-bounty-tips, bug-bounty | 27-May-2024 |
The bugs: List of weird vulnerabilities | https://noobsixt9.medium.com/the-bugs-list-of-weird-vulnerabilities-6bc98fc5c1cc?source=rss------bug_bounty-5 | Rajan Kshedal | writeup, bug-bounty, bug-bounty-writeup, bug-bounty-tips, information-security | 27-May-2024 |
How I got my first US Dollar bounty | https://medium.com/@deepk007/how-i-got-my-first-us-dollar-bounty-4df50ee82fc6?source=rss------bug_bounty-5 | DEep | cybersecurity, bug-bounty, red-team, ethical-hacking, vulnerability | 27-May-2024 |
25.6 Lab: Web cache poisoning via an unkeyed query parameter | https://cyberw1ng.medium.com/25-6-lab-web-cache-poisoning-via-an-unkeyed-query-parameter-ca2544560b5e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, cybersecurity, careers, bug-bounty, hacking | 26-May-2024 |
Embarking on the Bug Bounty Journey | https://medium.com/@verylazytech/embarking-on-the-bug-bounty-journey-e199897617a5?source=rss------bug_bounty-5 | Very Lazy Tech | bug-bounty, technology, programming, cybersecurity, cyber | 26-May-2024 |
Kokurate journey in Cyber Security | https://kokurate.medium.com/kokurate-journey-in-cyber-security-633e546eb175?source=rss------bug_bounty-5 | Kokurate | bug-bounty, blue-team, journey, cybersecurity, red-team | 26-May-2024 |
Network Penetration Testing: A Comprehensive Guide | https://medium.com/@paritoshblogs/network-penetration-testing-a-comprehensive-guide-1ba8fcb7c570?source=rss------bug_bounty-5 | Paritosh | pentesting, networking, ai, cybersecurity, bug-bounty | 26-May-2024 |
Open Redirect via login page | https://medium.com/@saeidmicro/open-redirect-via-login-page-fe144f279da8?source=rss------bug_bounty-5 | Saeid Khater | bug-bounty, open-redirect, cybersecurity | 26-May-2024 |
My Journey in Cyber Security | https://kokurate.medium.com/kokurate-journey-in-cyber-security-633e546eb175?source=rss------bug_bounty-5 | Kokurate | bug-bounty, blue-team, journey, cybersecurity, red-team | 26-May-2024 |
### Uncovering a Critical Security Bug: Email Duplication in Password Reset Mechanism | https://medium.com/@siyamhassan.main/uncovering-a-critical-security-bug-email-duplication-in-password-reset-mechanism-44eed804203f?source=rss------bug_bounty-5 | 2004siyam_hassan | bug-bounty, password-reset, authentication | 26-May-2024 |
### Discovering an OTP Reuse Vulnerability: My First Bug Report | https://medium.com/@siyamhassan.main/discovering-an-otp-reuse-vulnerability-my-first-bug-report-1a4c555113ab?source=rss------bug_bounty-5 | 2004siyam_hassan | authentication, otp-verification, bug-bounty | 26-May-2024 |
HTTP Headers | https://medium.com/@Zephyr_Night/http-headers-958a5d73ffd6?source=rss------bug_bounty-5 | Anshu(Zephyr_Night) | bug-bounty, http-protocol, http-headers, http-authentication | 26-May-2024 |
WordPress application vulnerable to DoS attack via wp-cron.php | https://medium.com/@saeidmicro/wordpress-application-vulnerable-to-dos-attack-via-wp-cron-php-da521e854fe5?source=rss------bug_bounty-5 | Saeid Khater | bug-bounty, dos-attack, cybersecurity | 26-May-2024 |
❇️ Web Hack Tool ❇️ | https://medium.com/@logicTech/%EF%B8%8F-web-hack-tool-%EF%B8%8F-0123843704ed?source=rss------bug_bounty-5 | LogicTech | bug-bounty-tips, github, tools, hacking, bug-bounty | 26-May-2024 |
Insecure Account Removal | https://medium.com/@saeidmicro/insecure-account-removal-867357ad9a08?source=rss------bug_bounty-5 | Saeid Khater | bug-bounty, cybersecurity | 26-May-2024 |
How I Got IDOR lead to PII In Login Page | https://medium.com/@shari7a0x/how-i-got-idor-lead-to-pii-in-login-page-12135f661c77?source=rss------bug_bounty-5 | Shari7a0x | bugs, hacker, idor-vulnerability, bugcrowd, bug-bounty | 26-May-2024 |
How I Found 2 IDORS on My Phone and Made $1,500 | https://medium.com/@zack0x01_/how-i-found-2-idors-on-my-phone-and-made-1-500-8b088f5b28db?source=rss------bug_bounty-5 | zack0x01 | bug-bounty, cyber, idor, bug-bounty-tips, hacking | 26-May-2024 |
Session invalidation after updating e-mail. | https://medium.com/@siyamhassan.main/session-invalidation-after-updating-e-mail-f03c8bb1fb0c?source=rss------bug_bounty-5 | 2004siyam_hassan | bug-bounty, session-invalidation, help | 26-May-2024 |
All About API Security Pentesting | https://infosecwriteups.com/all-about-api-security-pentesting-60dba50e2766?source=rss------bug_bounty-5 | Xcheater | api-security, owasp-api-security-top-10, bug-bounty, pentesting, api-security-testing | 26-May-2024 |
JNDI Injection — Attack Flow | https://medium.com/@prajeet67/jndi-injection-attack-flow-2061e792fef3?source=rss------bug_bounty-5 | Pradeep Kumar | web-penetration-testing, pentest, bug-bounty, java, jndi | 25-May-2024 |
CSRF Vulnerabilities: How to Exploit and Defend Against Attacks | https://xamiron.medium.com/csrf-vulnerabilities-how-to-exploit-and-defend-against-attacks-ca06e0fc0bf0?source=rss------bug_bounty-5 | Sabuj Kumar Modak | penetration-testing, burpsuite, csrf-attack, bug-bounty, web-app-pentesting | 25-May-2024 |
Outlook Hijacked: A Step-by-Step Recovery and Investigation | https://raoshaab.medium.com/outlook-hijacked-a-step-by-step-recovery-and-investigation-02ea09136301?source=rss------bug_bounty-5 | Devender Rao | bug-bounty, phishing, hacking, cybersecurity, microsoft | 25-May-2024 |
Unauthenticated IDOR in Employee Login Exposes PII to more than 100K Users | https://amrkadry7.medium.com/unauthenticated-idor-in-employee-login-exposes-pii-to-more-than-100k-users-830fa8121b33?source=rss------bug_bounty-5 | Amr | cybersecurity, bug-bounty | 25-May-2024 |
How I Hacked India Today Subscription for 2 years | https://anudeep-vysyaraju.medium.com/how-i-hacked-india-today-subscription-for-2-years-4e49701fa7c8?source=rss------bug_bounty-5 | Anudeep Vysyaraju | cybersecurity, penetration-testing, ethical-hacking, hacking, bug-bounty | 25-May-2024 |
HOW HACKERS USE REVERSE ENGINEERING | https://medium.com/@Progsky/how-hackers-use-reverse-engineering-7f8940e2108a?source=rss------bug_bounty-5 | Progsky | bug-bounty, hacking, reverse-engineering | 25-May-2024 |
HTB PDFy Challenge | https://medium.com/@Pdaysec/htb-pdfy-challenge-490e678bd521?source=rss------bug_bounty-5 | Erfan | cybersecurity, htb, bug-bounty, challenge, htb-writeup | 25-May-2024 |
Uncovering the Hidden Vulnerability: How I Found an Authentication Bypass on Shopify’s Exchange… | https://medium.com/@niraj1mahajan/uncovering-the-hidden-vulnerability-how-i-found-an-authentication-bypass-on-shopifys-exchange-cc2729ea31a9?source=rss------bug_bounty-5 | Niraj Mahajan | bug-bounty, account-takeover, ato, authentication-bypass, bug-bounty-tips | 25-May-2024 |
Prototype Pollution: The Hidden Danger in JavaScript | https://medium.com/@mayank_prajapati/prototype-pollution-the-hidden-danger-in-javascript-c8b17002e8da?source=rss------bug_bounty-5 | Mayank Kumar Prajapati | hacking, bug-bounty, security, web, pentesting | 25-May-2024 |
Bypassing WAFs: The Art of Payload Obfuscation | https://systemweakness.com/bypassing-wafs-the-art-of-payload-obfuscation-d4093c110713?source=rss------bug_bounty-5 | David Eduardo Karpinski | web3, bug-bounty, firewall, cybersecurity, hacking | 25-May-2024 |
JavaScript Prototype Pollution Attack: A Simplified Guide | https://medium.com/@dodir.sec/javascript-prototype-pollution-attack-a-simplified-guide-c3b4ba8a6441?source=rss------bug_bounty-5 | dodir | bug-bounty, penetration-testing, web, javascript, cybersecurity | 25-May-2024 |
How i got xss in unusual way | https://medium.com/@cvjvqmmsm/how-i-got-xss-in-unusual-way-7c4f2d8dfaf6?source=rss------bug_bounty-5 | Barbarossa | xss-attack, bug-bounty | 25-May-2024 |
HTB-PDFy | https://medium.com/@Pdaysec/htb-pdfy-challenge-490e678bd521?source=rss------bug_bounty-5 | Erfan | cybersecurity, htb, bug-bounty, challenge, htb-writeup | 25-May-2024 |
Logic Bug | Forget password link not expiring after email change | https://medium.com/@saeidmicro/logic-bug-forget-password-link-not-expiring-after-email-change-4edc6f2dce22?source=rss------bug_bounty-5 | Saeid Khater | cybersecurity, bug-bounty | 24-May-2024 |
How to Use ParamSpider Tool — For Bug Bounty | https://gentilsecurity.medium.com/how-to-use-paramspider-tool-for-bug-bounty-2cfb3e4c402c?source=rss------bug_bounty-5 | GenTiL | penetration-testing, automation-tools, parameter, paramspider, bug-bounty | 24-May-2024 |
Analyzing JavaScript Files To Find Bugs | https://medium.com/@hrofficial62/analyzing-javascript-files-to-find-bugs-7b277d1df435?source=rss------bug_bounty-5 | Mr Horbio | hacking, bug-bounty-tips, cybersecurity, programming, bug-bounty | 24-May-2024 |
Bypassing 403 Protection To Get Admin Access | https://medium.com/@hrofficial62/bypassing-403-protection-to-get-admin-access-fe5b8888a935?source=rss------bug_bounty-5 | Mr Horbio | bug-bounty, 403-forbidden, bug-bounty-tips, hacking | 24-May-2024 |
Bug Bounty Tutorial : Login Bypass Technique | https://medium.com/@hrofficial62/bug-bounty-tutorial-login-bypass-technique-ec4801b505c2?source=rss------bug_bounty-5 | Mr Horbio | bugs, penetration-testing, hacking, bug-bounty, cybersecurity | 24-May-2024 |
How to Earn Bug Bounty as a Professional Bug hunter | https://medium.com/@hrofficial62/how-to-earn-bug-bounty-as-a-professional-bug-hunter-cf11c1d16add?source=rss------bug_bounty-5 | Mr Horbio | earn-money-online, cybersecurity, ethical-hacking, bugs, bug-bounty | 24-May-2024 |
How to Find First Bug (For Beginners) | https://medium.com/@hrofficial62/how-to-find-first-bug-for-beginners-677ef726df2e?source=rss------bug_bounty-5 | Mr Horbio | python, cybersecurity, bug-bounty, hacking, programming | 24-May-2024 |
How to learn Hacking From 0 to Hero | https://medium.com/@hrofficial62/how-to-learn-hacking-from-0-to-hero-b7a13a72d035?source=rss------bug_bounty-5 | Mr Horbio | hacking, horbio, programming, bug-bounty, cybersecurity | 24-May-2024 |
How to extract Google Chrome Saved Password | https://medium.com/@hrofficial62/how-to-extract-google-chrome-saved-password-b6d6db825f36?source=rss------bug_bounty-5 | Mr Horbio | ethical-hacking, hacking, bug-bounty, passwords, cyber | 24-May-2024 |
Referrer-based access control Bug Bounty Tips | https://medium.com/@hrofficial62/referrer-based-access-control-bug-bounty-tips-16112ae530cc?source=rss------bug_bounty-5 | Mr Horbio | hacking, programming, hacker, cybersecurity, bug-bounty | 24-May-2024 |
Python Libraries for Hackers | https://medium.com/@hrofficial62/python-libraries-for-hackers-52a64f54131c?source=rss------bug_bounty-5 | Mr Horbio | hacking, python-programming, python, bug-bounty, cybersecurity | 24-May-2024 |
Easy Bug | PHP info page disclosure | https://medium.com/@saeidmicro/easy-bug-php-info-page-disclosure-d062dbc66a0e?source=rss------bug_bounty-5 | Saeid Khater | cybersecurity, bug-bounty | 24-May-2024 |
Logic Bug: Easy Privilege Escalation | https://medium.com/@saeidmicro/logic-bug-easy-privilege-escalation-7d3878816395?source=rss------bug_bounty-5 | Saeid Khater | cybersecurity, bug-bounty, privilege-escalation | 24-May-2024 |
Logic Bug: Easy Privilege Escalation | https://medium.com/@saeidmicro/logic-bug-easy-privilege-escalation-d12be8946e36?source=rss------bug_bounty-5 | Saeid Khater | bug-bounty, privilege-escalation, cybersecurity | 24-May-2024 |
Easy Bug | Email HTML Injection | https://medium.com/@saeidmicro/easy-bug-email-html-injection-8d15e1db69e0?source=rss------bug_bounty-5 | Saeid Khater | cybersecurity, html-injection, bug-bounty | 24-May-2024 |
How to get your first $500 from an XSS vulnerability | https://gentilsecurity.medium.com/how-to-get-your-first-500-from-an-xss-vulnerability-2c3800490e7a?source=rss------bug_bounty-5 | GenTiL | make-money-online, technology, xss-vulnerability, bug-bounty, xss-attack | 24-May-2024 |
[Bug Report] Medium Bug 3 d | https://minerofideas.medium.com/bug-report-medium-bug-3-d-851c28f844cb?source=rss------bug_bounty-5 | Miner Of Ideas | python, medium, bug-bounty, medium-brasil, bugs | 24-May-2024 |
Using BBRF for tracking Javascript files | https://medium.com/@michal.lubicz/using-bbrf-for-tracking-javascript-files-76901a03939f?source=rss------bug_bounty-5 | Michał Lubicz | bug-bounty-tips, bug-bounty, cybersecurity, pentesting | 24-May-2024 |
Busting CSRF: The Hidden Dangers of JSON Exploited | https://medium.com/@hack3dby0mar/busting-csrf-the-hidden-dangers-of-json-exploited-fd4aeb4cf47e?source=rss------bug_bounty-5 | Omar Essam (hack3dby0mar) | web-security, bug-bounty, cybersecurity | 24-May-2024 |
25.4 Lab: Targeted web cache poisoning using an unknown header | https://cyberw1ng.medium.com/25-4-lab-targeted-web-cache-poisoning-using-an-unknown-header-18d261dcbf7a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, hacking, bug-bounty, cybersecurity | 24-May-2024 |
Exciting Announcement: We’re Collaborating with DAOPeople to Boost Web3 Security | https://securrtech.medium.com/exciting-announcement-were-collaborating-with-daopeople-to-boost-web3-security-0e4b70699385?source=rss------bug_bounty-5 | Securr | bug-bounty, web3, web3-security, dao, blockchain | 24-May-2024 |
Flipping a ‘False’ to ‘True’: The Google Bug That Paid Off | https://medium.com/@hellother18/flipping-a-false-to-true-the-google-bug-that-paid-off-c9c3b11944fb?source=rss------bug_bounty-5 | Manthan_ mahale | penetration-testing, bugbounty-tips, bug-bounty, cybersecurity, hacker | 24-May-2024 |
Session fixation | Cookie injection leading to ATO Write-Up | https://infosecwriteups.com/session-fixation-cookie-injection-leading-to-ato-write-up-98e29d2851b9?source=rss------bug_bounty-5 | rAmpancist | hacking, account-takeover, cybersecurity, bugbounty-writeup, bug-bounty | 24-May-2024 |
Top Tools Every Bug Bounty Hunter Should Use | https://medium.com/@verylazytech/top-tools-every-bug-bounty-hunter-should-use-7ebec61a0f76?source=rss------bug_bounty-5 | Very Lazy Tech | bug-bounty, bug-bounty-tips, cyber, cybersecurity | 24-May-2024 |
Tips & Tricks To Get Hall of Fame In NASA | https://medium.com/@Ajakcybersecurity/tips-tricks-to-get-hall-of-fame-in-nasa-53819d8221d3?source=rss------bug_bounty-5 | AjakCybersecurity | hacking, ethical-hacking, bug-bounty, cybersecurity, penetration-testing | 24-May-2024 |
25.5 Lab: Web cache poisoning via an unkeyed query string | https://cyberw1ng.medium.com/25-5-lab-web-cache-poisoning-via-an-unkeyed-query-string-c264fccb80d0?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, hacking, cybersecurity, careers | 24-May-2024 |
Always Test Default Credentials on Bug Bounty even if it’s 2024 | https://scr1pty.medium.com/always-test-default-credentials-on-bug-bounty-even-if-its-2024-75e511e4ad7c?source=rss------bug_bounty-5 | Scr1pty | ethical-hacking, hacking, bug-bounty, security, bug-bounty-tips | 23-May-2024 |
HTML Injection | https://medium.com/@0xchoudhary/html-injection-cc6f8e3a09f8?source=rss------bug_bounty-5 | Sushil Choudhary | bug-bounty-tips, hackerone, cybersecurity, bug-hunting, bug-bounty | 23-May-2024 |
25.3 Lab: Web cache poisoning with multiple headers | https://cyberw1ng.medium.com/25-3-lab-web-cache-poisoning-with-multiple-headers-65e4e83ace3a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, cybersecurity, hacking, penetration-testing | 23-May-2024 |
Unlocked Secrets: How Leaked Credentials Fuel Bug Bounties | https://medium.com/@cyberpro151/unlocked-secrets-how-leaked-credentials-fuel-bug-bounties-fe5032caf5f4?source=rss------bug_bounty-5 | cyberpro151 | admin-panel, infosec, breach, bug-bounty, hacking | 23-May-2024 |
Aleo Bug Bounty Program | https://daonft.medium.com/aleo-bug-bounty-program-97a7fda9ceed?source=rss------bug_bounty-5 | Bogdan | bug-bounty, web3, aleo | 23-May-2024 |
CSRF leading to Account Takeover | https://medium.com/@katmaca2014/csrf-leading-to-account-takeover-abb32bae0ba5?source=rss------bug_bounty-5 | Kaan Atmaca | bug-bounty, penetration-testing, pentesting, cybersecurity, hacking | 23-May-2024 |
Exploiting XML Injection to Establish Unauthorized SSH Connection | https://medium.com/@katmaca2014/exploiting-xml-injection-to-establish-unauthorized-ssh-connection-7c9bbc50a4d4?source=rss------bug_bounty-5 | Kaan Atmaca | hacking, coding, bug-bounty, penetration-testing, pentesting | 23-May-2024 |
How I Found Multiple XSS Vulnerabilities. | https://medium.com/@helalmm71/how-i-found-multiple-xss-vulnerabilities-34bf8655f4e7?source=rss------bug_bounty-5 | MD Helal | vulnerability, penetration-testing, cybersecurity, bug-bounty, ctf | 23-May-2024 |
How I use to find vulnerabilities like XSS,sqli using mixture of 3 simple tools | https://medium.com/@sreejihkn43073/how-i-use-to-find-vulnerabilities-like-xss-sqli-using-mixture-of-3-simple-tools-5108068646d2?source=rss------bug_bounty-5 | Sreejihkn | xss-vulnerability, cybersecurity-training, bug-bounty, github, tools | 23-May-2024 |
Ink Finance Arbitrum Testnet Bug Bounty Hunt | https://inkfinance.medium.com/ink-finance-arbitrum-testnet-bug-bounty-hunt-85ca215118fa?source=rss------bug_bounty-5 | Ink Finance | dao, defi, testnet, arbitrum, bug-bounty | 23-May-2024 |
Chrome 125 Update Resolves High-Severities Bugs Reported by External Researchers | https://medium.com/@elnjasi/chrome-125-update-resolves-high-severities-bugs-reported-by-external-researchers-74be654feb3a?source=rss------bug_bounty-5 | eL Njas!™ | bug-bounty, vulnerbaility, google | 23-May-2024 |
Easy Bug: No Rate Limiting on Form which Triggers Emails | https://medium.com/@saeidmicro/easy-bug-no-rate-limiting-on-form-which-triggers-emails-4cecb5dd80a8?source=rss------bug_bounty-5 | Saeid Khater | cybersecurity, bug-bounty | 23-May-2024 |
First Swag from HackerRank | https://codingninjablogs.tech/first-swag-from-hackerrank-df55cb2605b5?source=rss------bug_bounty-5 | #$ubh@nk@r | hacking, swag, ethical-hacking, security, bug-bounty | 23-May-2024 |
Ink Finance Arbitrum Testnet User Experience & Bug Bounty Hunt | https://inkfinance.medium.com/ink-finance-arbitrum-testnet-bug-bounty-hunt-85ca215118fa?source=rss------bug_bounty-5 | Ink Finance | dao, defi, testnet, arbitrum, bug-bounty | 23-May-2024 |
Second Factor Authentication (2FA) Bypass in Private BBP | https://medium.com/@saeidmicro/second-factor-authentication-2fa-bypass-in-private-bbp-325017cd187e?source=rss------bug_bounty-5 | Saeid Khater | bug-bounty, cybersecurity | 23-May-2024 |
Logic Bug | Old Session Does Not Expires After Password Change | https://medium.com/@saeidmicro/logic-bug-old-session-does-not-expires-after-password-change-cd1fca05c33e?source=rss------bug_bounty-5 | Saeid Khater | bug-bounty, cybersecurity | 23-May-2024 |
Second bug on VDP program | https://medium.com/@devMRT/second-bug-on-vdp-program-f1c4e67a3e42?source=rss------bug_bounty-5 | devMRT | bugbounty-writeup, bug-bounty-tips, bug-bounty | 23-May-2024 |
Advanced Web Application Scanning Step-by-Step Guide | https://0xm4r5h4l.medium.com/advanced-web-application-scanning-step-by-step-guide-4d59dff9c491?source=rss------bug_bounty-5 | 0xM4r5h4l | hacking, web-penetration-testing, cybersecurity, bug-bounty, web-scanner | 22-May-2024 |
How I Found XSS in Swagger-UI Leading to Account Takeover on Bug Bounty | https://scr1pty.medium.com/how-i-found-xss-in-swagger-ui-leading-to-account-takeover-on-bug-bounty-8d419c6b95d5?source=rss------bug_bounty-5 | Scr1pty | bug-bounty, ethical-hacking, penetration-testing, bug-bounty-tips, it | 22-May-2024 |
Time-Based Google OAuth Account Takeover: Adventures in Bug Bounties | https://medium.com/@iamrizwanvp/time-based-google-oauth-account-takeover-my-bug-bounty-journey-a0f534227bc6?source=rss------bug_bounty-5 | RIZWAN | bug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup, bugs | 22-May-2024 |
Silk Central : Bug Tracking Tutorial | https://medium.com/@niranjanky14/silk-central-bug-tracking-tutorial-781e4a6550c6?source=rss------bug_bounty-5 | Nine Pages Of My Life | testing, software-development, bug-bounty, silk, app-development | 22-May-2024 |
Open-Redirect Through HTTP Parameter Pollution | https://medium.com/@davidkarpinski1/open-redirect-through-http-parameter-pollution-ce5a3be7c78e?source=rss------bug_bounty-5 | David Eduardo Karpinski | web3, bug-bounty, hacking, cybersecurity, pollution | 22-May-2024 |
Exciting Announcement: Our New Collaboration with jumboBlockchain to Enhance Web3 Security! | https://securrtech.medium.com/exciting-announcement-our-new-collaboration-with-jumboblockchain-to-enhance-web3-security-fe0489ca2524?source=rss------bug_bounty-5 | Securr | bug-bounty, layer-1, blockchain, web3-security, web3 | 22-May-2024 |
Swagger-UI XSS Leading to Account Takeover on Crypto Exchange | https://scr1pty.medium.com/how-i-found-xss-in-swagger-ui-leading-to-account-takeover-on-bug-bounty-8d419c6b95d5?source=rss------bug_bounty-5 | Scr1pty | bug-bounty, ethical-hacking, penetration-testing, bug-bounty-tips, it | 22-May-2024 |
25.2 Lab: Web cache poisoning with an unkeyed cookie | https://cyberw1ng.medium.com/25-2-lab-web-cache-poisoning-with-an-unkeyed-cookie-3f4884ee1105?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, penetration-testing, careers, cybersecurity | 22-May-2024 |
SubActive: Cracking the Digital Code | https://medium.com/@tamhacker1/subactive-cracking-the-digital-code-447769fdb6e2?source=rss------bug_bounty-5 | Tahir Mujawar | bugbounty-writeup, hacker, hacking, cybersecurity, bug-bounty | 22-May-2024 |
Best tool to find subdomains | https://medium.com/@sreejihkn43073/best-tool-to-find-subdomains-170ad5d6e034?source=rss------bug_bounty-5 | Sreejihkn | bug-bounty, subdomain, cybersecurity, cyber-security-awareness, pentesting | 22-May-2024 |
Top Network Hacking Techniques Familiar with Every Bug-Bounty Hunter | https://medium.com/@logicTech/top-network-hacking-techniques-familiar-with-every-bug-bounty-hunter-a01d7319cadc?source=rss------bug_bounty-5 | LogicTech | hacking, network-security, bug-bounty, bug-bounty-tips, bugs | 22-May-2024 |
Pentesting: AI: WEB 1 | Privilege Escalation Attack | Python Reverse Shell | Vulnerabilities | SQL… | https://shamsulmehmood.medium.com/pentesting-ai-web-1-privilege-escalation-attack-python-reverse-shell-vulnerabilities-sql-7f9994a42ec1?source=rss------bug_bounty-5 | SHAMS UL MEHMOOD | ai, cybersecurity, bugs, bug-bounty, ctf-writeup | 21-May-2024 |
Hackers Online Tools in 2024 | https://medium.com/@logicTech/hackers-online-tools-in-2024-da8f5aa232e5?source=rss------bug_bounty-5 | LogicTech | osint, hackathons, bug-bounty, tools, hacking | 21-May-2024 |
Authentication Bypass due to Sensitive Data Exposure in Local Storage | https://medium.com/@kritikasingh06/authentication-bypass-due-to-sensitive-data-exposure-in-local-storage-8a706c798800?source=rss------bug_bounty-5 | Kritika Singh | vulnerability-assessment, webapplicationpentest, bug-bounty, penetration-testing, hacking | 21-May-2024 |
25.1 Lab: Web cache poisoning with an unkeyed header | https://cyberw1ng.medium.com/25-1-lab-web-cache-poisoning-with-an-unkeyed-header-177f24f0538e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, penetration-testing, hacking, cybersecurity | 21-May-2024 |
Complex Attack Types: Sample Scenarios 7 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-7-9e7ad4454fe9?source=rss------bug_bounty-5 | Baris Dincer | bug-bounty, cybersecurity, freedomofinternet, threat-intelligence, penetration-testing | 21-May-2024 |
Curiosity part #2 with $5000 bounty. | https://medium.com/@nanwinata/curiosity-part-2-with-5000-bounty-025536feced7?source=rss------bug_bounty-5 | nanwn | cybersecurity, telnet, hackerone, bug-bounty, vulnerability | 21-May-2024 |
Next Generation Nuclei: Detecting SQLi with Logic | https://medium.com/@serhatcck/next-generation-nuclei-detecting-sqli-with-logic-05549c34885b?source=rss------bug_bounty-5 | Serhat ÇİÇEK | hacking-tools, hacking, penetration-testing, application-security, bug-bounty | 21-May-2024 |
CSRF Leads to Delete Account | https://medium.com/@happyjester80/csrf-leads-to-delete-account-241f2cf8950b?source=rss------bug_bounty-5 | Happy Jester | android-pentesting, bug-bounty, android, hacking | 21-May-2024 |
How to find View Angles for Aimbots | Explained | https://medium.com/@yannik603/how-to-find-view-angles-for-aimbots-explained-f70c303a353c?source=rss------bug_bounty-5 | Yannik Castro | games, hacking-tools, bug-bounty, hacking, reverse-engineering | 21-May-2024 |
Working with a client, I came across a CSRF vulnerability in their existing web application. | https://medium.com/@darkly_splendid/working-with-a-client-i-came-across-a-csrf-vulnerability-in-their-existing-web-application-6c256b74684d?source=rss------bug_bounty-5 | FF E4 | cybersecurity, csrf, bug-bounty | 20-May-2024 |
Bug Zero — This month in Cybersecurity [01–15 May] | https://blog.bugzero.io/bug-zero-this-month-in-cybersecurity-01-15-may-354fd002d5e4?source=rss------bug_bounty-5 | Akila Maithripala | bug-bounty, cybersecurity, sri-lanka, bug-zero | 20-May-2024 |
Open-Redirects Uncovered: Real-World Bypass Techniques Revealed | https://systemweakness.com/open-redirects-uncovered-real-world-bypass-techniques-revealed-7b7422f02049?source=rss------bug_bounty-5 | David Eduardo Karpinski | cybersecurity, hacking, web3, programming, bug-bounty | 20-May-2024 |
How I Hacked NASA Using Google Dork in Just 10 Minutes | https://medium.com/@gaurish.main/how-i-hacked-nasa-using-google-dork-in-just-10-minutes-6ce3b3401512?source=rss------bug_bounty-5 | Gaurish Bahurupi | cybersecurity, penetration-testing, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 20-May-2024 |
Bypassed the OTP verification process using “Turbo Intruder” Extension. | https://xamiron.medium.com/bypassed-the-otp-verification-process-using-turbo-intruder-extension-2f56ac3d400d?source=rss------bug_bounty-5 | Sabuj Kumar Modak | web-app-pentesting, cybersecurity, bug-bounty, burpsuite-extension, penetration-testing | 20-May-2024 |
IDOR Explained: Discover It Through a Simple Story! | https://medium.com/@1hehaq/idor-explained-discover-it-through-a-simple-story-ca4a018f6d4c?source=rss------bug_bounty-5 | haq | idor, bug-bounty-tips, bug-bounty, idor-vulnerability | 20-May-2024 |
Your Account is Now Mine! | https://medium.com/@karimelsayed0x1/your-account-is-now-mine-fd80ad56f868?source=rss------bug_bounty-5 | z3r0xk | pentesting, bug-bounty, account-takeover, vulnerability | 20-May-2024 |
Reflected XSS Leading to Account Takeover | https://0onoproblem.medium.com/reflected-xss-leading-to-account-takeover-bea862cba885?source=rss------bug_bounty-5 | 0_oNoProblem | bug-bounty, xss-attack, cybersecurity, bug-bounty-writeup, vulnerability | 20-May-2024 |
Discovering a $5000 RCE via Dependency Confusion Vulnerability | https://nvk0x.medium.com/discovering-a-5000-rce-via-dependency-confusion-vulnerability-6b0c08ecd5de?source=rss------bug_bounty-5 | Naveen kumawat | bug-bounty, hacking, bug-bounty-tips, bug-bounty-writeup, supply-chain | 20-May-2024 |
Let’s Understand Price Oracle Manipulation | https://securrtech.medium.com/lets-understand-price-oracle-manipulation-927ab725f131?source=rss------bug_bounty-5 | Securr | bug-bounty, smart-contract-auditing, web3, blockchain, web3-security | 20-May-2024 |
How I Hacked NASA LDAP Server | https://medium.com/@maxcyber882/how-i-hacked-nasa-ldap-server-b7cbb8cd0eee?source=rss------bug_bounty-5 | Maxcyber | bug-hunting, cybersecurity, penetration-testing, bug-bounty | 20-May-2024 |
How I found XSS from a medium article | https://medium.com/@jsamia/how-i-from-xss-from-a-medium-article-94d1b4e7e742?source=rss------bug_bounty-5 | Jaeden Samia | infosec, bug-bounty, ethical-hacking | 20-May-2024 |
How I got Hall of Fame in NASA | https://medium.com/@Ajakcybersecurity/how-i-got-hall-of-fame-in-nasa-4d098c413f9e?source=rss------bug_bounty-5 | AjakCybersecurity | hacking, penetration-testing, ethical-hacking, bug-bounty, cybersecurity | 20-May-2024 |
Walk-Through of Bepractical.tech lab #3 | https://medium.com/@ross.jubert/walk-through-of-bepractical-tech-lab-3-07079a7ad5c2?source=rss------bug_bounty-5 | Ross Jubert | account-takeover, ethical-hacking, bug-bounty, bugbounty-writeup, account-takeover-attacks | 19-May-2024 |
Hacker101: Micro-CMS v1 | https://medium.com/@0xfxiii/hacker101-micro-cms-v1-982c61d24e3e?source=rss------bug_bounty-5 | 0xf | hackerone, bug-bounty-tips, bug-bounty, hacking | 19-May-2024 |
Dependency Confusion | https://deephunt3r.medium.com/dependency-confusion-4d675eb36e0f?source=rss------bug_bounty-5 | Rakesh | bugbounty-writeup, bug-bounty | 19-May-2024 |
How I Found Multiple Vulnerabilities on Dutch Government | https://medium.com/@neupanesindhu3/how-i-found-multiple-vulnerabilities-on-dutch-government-438059bcf88d?source=rss------bug_bounty-5 | sindhuneupane | bug-bounty, swag, writeup, bug-hunting, infosec | 19-May-2024 |
How I Find Another Arbitrary File Upload Vulnerability and Bypass the Patch Twice | https://medium.com/@zpbrent/how-i-find-another-arbitrary-file-upload-vulnerability-and-bypass-the-patch-twice-193eaaf0b8dc?source=rss------bug_bounty-5 | Peng Zhou | wordpress-plugins, infosec, bug-bounty, wordpress, web-security | 19-May-2024 |
How I got an High IDOR + PII in few minutes. Bounty: €500 | https://medium.com/@ivoaabreu/how-i-got-an-high-idor-pii-in-few-minutes-bounty-500-88833b6e1807?source=rss------bug_bounty-5 | Ivoabreu | idor, bug-bounty | 19-May-2024 |
JavaScript tools for BugBounty 2024 | https://medium.com/@logicTech/javascript-tools-for-bugbounty-2024-fc281111c7c0?source=rss------bug_bounty-5 | LogicTech | tools-and-resources, osint, hacking, hacker, bug-bounty | 19-May-2024 |
VulnCon 2024 CTF — Internal Leaks | https://medium.com/@pphreak313/vulncon-2024-ctf-internal-leaks-0a7bf21bf96d?source=rss------bug_bounty-5 | Shlok K | ctf-writeup, ctf, ctf-walkthrough, vulncon, bug-bounty | 19-May-2024 |
A basic Android Pentest Lab Setup | https://medium.com/@majix_de/a-basic-android-pentest-lab-setup-e601c22c71ae?source=rss------bug_bounty-5 | Majix | setup-guide, android, pentest, bug-bounty, pentesting | 19-May-2024 |
22.5 Lab: JWT authentication bypass via jku header injection | https://cyberw1ng.medium.com/22-5-lab-jwt-authentication-bypass-via-jku-header-injection-1ec5032245b3?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, penetration-testing, hacking, bug-bounty, careers | 19-May-2024 |
22.6 Lab: JWT authentication bypass via kid header path traversal | https://cyberw1ng.medium.com/22-6-lab-jwt-authentication-bypass-via-kid-header-path-traversal-3f4392547f7d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, penetration-testing, bug-bounty, hacking, careers | 19-May-2024 |
First bug on VDP program | https://medium.com/@devMRT/first-bug-on-vdp-program-0f9e0baf43c7?source=rss------bug_bounty-5 | devMRT | bug-bounty, bugbounty-writeup, bug-bounty-tips | 19-May-2024 |
HOW I HACKED INTO HARVARD UNIVERSITY’S DIGITAL INFRASTRUCTURE -Cycus Pectus | https://medium.com/@pectuscycus/how-i-hacked-into-harvard-universitys-digital-infrastructure-cycus-pectus-5d5e65e74a61?source=rss------bug_bounty-5 | Cycus Pectus | hacking, cybersecurity, bug-bounty-tips, ethical-hacking, bug-bounty | 18-May-2024 |
Mastering Network Scanning: Exploring Essential Nmap Commands (Part -2) :- | https://medium.com/@shaikhwasim8120/mastering-network-scanning-exploring-essential-nmap-commands-part-2-9d24e2291fb6?source=rss------bug_bounty-5 | Wasim Shaikh | cybersecurity, ethical-hacking, nmap-command, bug-bounty, penetration-testing | 18-May-2024 |
Mastering Network Scanning: Exploring Essential Nmap Commands :- | https://medium.com/@shaikhwasim8120/mastering-network-scanning-exploring-essential-nmap-commands-3843f01e419e?source=rss------bug_bounty-5 | Wasim Shaikh | cybersecurity, bug-bounty, nmap-command, penetration-testing, ethical-hacking | 18-May-2024 |
22.4 Lab: JWT authentication bypass via jwk header injection | https://cyberw1ng.medium.com/22-4-lab-jwt-authentication-bypass-via-jwk-header-injection-0bddcdbb2f31?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, hacking, cybersecurity, careers | 18-May-2024 |
Analyzing JavaScript Files To Find Bugs | https://rajput623929.medium.com/analyzing-javascript-files-to-find-bugs-2b7d67a52c4e?source=rss------bug_bounty-5 | Mr.Horbio | bug-bounty, hacking, bug-bounty-tips, cybersecurity, ethical-hacking | 18-May-2024 |
Interesting .DS_Store finding worth $$$ | https://medium.com/@akrachliy/interesting-ds-store-finding-worth-6ee7cc46458d?source=rss------bug_bounty-5 | Yassine Akrachli | bug-bounty, hacking, ethical-hacking, python, enumeration | 18-May-2024 |
Pay 0$, Get ∞ books! | https://medium.com/@karimelsayed0x1/pay-0-get-books-0e093a5eb0de?source=rss------bug_bounty-5 | z3r0xk | penetration-testing, cybersecurity, bug-bounty, bussines-logic, vulnerability | 18-May-2024 |
Found Bug: Cross-Site Scripting (XSS) in Laravel Debug Mode !! | https://medium.com/@p.ra.dee.p_0xx01/found-bug-cross-site-scripting-xss-in-laravel-debug-mode-a91939284541?source=rss------bug_bounty-5 | Professor0xx01 | bug-bounty, information-security, laravel-framework, xss-attack, web-security | 18-May-2024 |
My 6 Month bug hunting journey, what to expect. | https://medium.com/@tom.sh/my-6-month-bug-hunting-journey-what-to-expect-be7532e187d4?source=rss------bug_bounty-5 | Tom | opinion, bug-bounty, bpp, hacking | 18-May-2024 |
Top 50 Ports & Vulnerability | https://medium.com/@logicTech/top-50-ports-vulnerability-572de4274305?source=rss------bug_bounty-5 | LogicTech | bug-bounty, osint, networking, vulnerability, hacking | 18-May-2024 |
Broken Object Level Authorization — BOLA (ex crAPI) | https://medium.com/@amaraltohami30/broken-object-level-authorization-bola-ex-crapi-e5a0d30eed2b?source=rss------bug_bounty-5 | Ammar Ahmed | pentesting, api, cybersecurity, hacking, bug-bounty | 18-May-2024 |
How a Single Parameter Led to Two ATO Cases | https://cametom006.medium.com/how-a-single-parameter-led-to-two-ato-cases-c3cf2f4d00c2?source=rss------bug_bounty-5 | Fahad Faisal | bug-bounty, hackerone, bug-bounty-tips, twitter | 18-May-2024 |
CVE-2023–52424: The WiFi SSID Confusion Attack Explained | https://infosecwriteups.com/cve-2023-52424-the-wifi-ssid-confusion-attack-explained-26e43f5cff40?source=rss------bug_bounty-5 | ElNiak | wifi, bug-bounty, technology, cybersecurity, penetration-testing | 17-May-2024 |
The Hacker’s Mind -Recon Mind map | https://medium.com/@tamhacker1/the-hackers-mind-recon-mind-map-39d14e3750fb?source=rss------bug_bounty-5 | Tahir Mujawar | bug-bounty-writeup, mindmap, ethical-hacking, bug-bounty, cybersecurity | 17-May-2024 |
Simple Tips for Bug Bounty Beginners: Finding PII Vulnerabilities | https://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-pii-vulnerabilities-3db5a7151dd4?source=rss------bug_bounty-5 | Anish Narayan | bug-bounty-writeup, bug-bounty, bug-bounty-hunting, cybersecurity, bug-bounty-tips | 17-May-2024 |
How I found my first mistake Or why you shouldn’t overlook the obvious. | https://medium.com/@nagavicyn2/how-i-found-my-first-mistake-or-why-you-shouldnt-overlook-the-obvious-1f1d443afa6b?source=rss------bug_bounty-5 | Jionin | bug-bounty, wordpress, first-bug, pentesting, cve | 17-May-2024 |
22.3 Lab: JWT authentication bypass via weak signing key | https://cyberw1ng.medium.com/22-3-lab-jwt-authentication-bypass-via-weak-signing-key-f49138b16441?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, hacking, careers, cybersecurity | 17-May-2024 |
How to Know If Your Android Device Has Been Hacked and What to Do About It | https://rajput623929.medium.com/how-to-know-if-your-android-device-has-been-hacked-and-what-to-do-about-it-740ea5a18b9c?source=rss------bug_bounty-5 | Mr.Horbio | hacking, phone-hacking, bug-bounty, cybersecurity, ethical-hacking | 17-May-2024 |
A Story of Zero-click complete Account Takeover | https://medium.com/@shravanisheshasai/a-story-of-zero-click-complete-account-takeover-650784c2d229?source=rss------bug_bounty-5 | Shravani_kb | vulnerability, web-vulnerabilities, hacking, bug-bounty, ethical-hacking | 17-May-2024 |
Breaking Barriers: A Personal Journey Through the World of Bug Bounty Hunting | https://medium.com/@un1tycyb3r/breaking-barriers-a-personal-journey-through-the-world-of-bug-bounty-hunting-a30331db12fa?source=rss------bug_bounty-5 | Un1tycyb3r | bug-bounty | 16-May-2024 |
How to Create a Cloud Lab for Anonymous Bug Bounty Hunting | https://medium.com/@paritoshblogs/how-to-create-a-cloud-lab-for-anonymous-bug-bounty-hunting-e80ed3a68d8c?source=rss------bug_bounty-5 | Paritosh | cloud, hacking, ai, cybersecurity, bug-bounty | 16-May-2024 |
Discovery Worth $$$ in KYC Verification Feature : Bug Bounty | https://medium.com/@srishavinkumar/unveiling-a-surprising-bug-in-kyc-verification-the-discovery-worth-a82f3282b033?source=rss------bug_bounty-5 | Sri Shavin Kumar | bug-bounty-writeup, bug-bounty, infosec-write-ups, ethical-hacking, cybersecurity | 16-May-2024 |
Account takeover with a sad ending | https://imwaiting18.medium.com/account-takeover-with-a-sad-ending-31ab82f09a5b?source=rss------bug_bounty-5 | imwaiting18 | bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips | 16-May-2024 |
Vulnerable WordPress April 2024 (Arasbaran) | https://medium.com/@onhexgroup/vulnerable-wordpress-april-2024-arasbaran-e9ae2acb8898?source=rss------bug_bounty-5 | Onhexgroup | wordpress, infosec, web-security, bug-bounty, nuclei-template | 16-May-2024 |
21.5 Lab: Stealing OAuth access tokens via an open redirect | 2024 | https://cyberw1ng.medium.com/21-5-lab-stealing-oauth-access-tokens-via-an-open-redirect-2024-88c3679cf0a3?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, careers, penetration-testing, cybersecurity | 16-May-2024 |
Reflected XSS via Cache Poisoning | https://medium.com/@majix_de/reflected-xss-via-cache-poisoning-5f57317b7c71?source=rss------bug_bounty-5 | Majix | penetration-testing, cache-poisoning, xs, bug-bounty, hacking | 16-May-2024 |
Reflected XSS to Account Takeover | https://medium.com/@majix_de/reflected-xss-to-account-takeover-0fc429be34e8?source=rss------bug_bounty-5 | Majix | xs, account-takeover, bug-bounty, hacking, penetration-testing | 16-May-2024 |
How I got Critical IDOR in one of India’s Best Known Food Delivery Website | https://medium.com/@bajajkrrish11/how-i-got-critical-idor-in-one-of-indias-best-known-food-delivery-website-5349c521e44b?source=rss------bug_bounty-5 | Krrish Bajaj | bug-bounty-tips, bug-bounty-writeup, bug-bounty-program, bug-bounty, medium | 16-May-2024 |
How I Hacked One of These Big Companies (JS files analysis) | https://l0da.medium.com/how-i-hacked-one-of-these-big-companies-js-files-analysis-7cf47372b642?source=rss------bug_bounty-5 | L0da | bug-bounty, cybersecurity, hacking, penetration-testing, bug-bounty-tips | 16-May-2024 |
The Art of OSINT: Discovering Locations with Image Analysis and Aritifical Intelligence Tools | https://medium.com/@enigma_/the-art-of-osint-discovering-locations-with-image-analysis-and-aritifical-intelligence-tools-820a4b74d426?source=rss------bug_bounty-5 | enigma | hacking, osint, cybersecurity, bug-bounty, ai | 16-May-2024 |
How to execute a Proof of Concept (PoC) for any CVEs | https://medium.com/@CTRL2030/how-to-execute-a-proof-of-concept-poc-for-any-cves-e343cb528f2e?source=rss------bug_bounty-5 | CTRL | soc, penetration-testing, bug-bounty, cve, cybersecurity | 16-May-2024 |
Account takeover using Blind XSS? | https://imwaiting18.medium.com/account-takeover-with-a-sad-ending-31ab82f09a5b?source=rss------bug_bounty-5 | imwaiting18 | bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips | 16-May-2024 |
Broken Access Control (IDOR) & Credential Leak at Legacy API Video Transcode | https://medium.com/@blackarazi/broken-access-control-idor-credential-leak-at-legacy-api-video-transcode-9b5d729fb2d6?source=rss------bug_bounty-5 | Azhari Harahap | broken-access-control, api-security, application-security, bug-bounty, bug-bounty-writeup | 15-May-2024 |
CVE-2024–4761: Exploiting Chrome’s JavaScript Engine Highly Exploited (PoC presented) | https://infosecwriteups.com/cve-2024-4761-exploiting-chromes-javascript-engine-highly-exploited-poc-presented-dcf9cab95c00?source=rss------bug_bounty-5 | ElNiak | bug-bounty, google, penetration-testing, cybersecurity, javascript | 15-May-2024 |
How I Got My First Bounty: The Exciting Story of My Bug Bounty Breakthrough | https://infosecwriteups.com/how-i-got-my-first-bounty-the-exciting-story-of-my-bug-bounty-breakthrough-d8391973ed41?source=rss------bug_bounty-5 | whit3ros3 | bug-bounty, graphql, bounty-program, hacking, bug-bounty-tips | 15-May-2024 |
Subdomain Takeover: What is It? How to Exploit? How to Find Them? | https://medium.com/@dub-flow/subdomain-takeover-what-is-it-how-to-exploit-how-to-find-them-d2b6b82b155b?source=rss------bug_bounty-5 | Florian Walter | bug-bounty, application-security, cybersecurity, penetration-testing, web-application-security | 15-May-2024 |
How I Was Able to Perform a Subdomain Takeover Attack | https://medium.com/@karnrishabh25/subdomain-takeover-00d2c5599715?source=rss------bug_bounty-5 | Rishabh Karn | bug-bounty, hacking, subdomain-takeover, bugs, attack | 15-May-2024 |
21.4 Lab: OAuth account hijacking via redirect_uri | 2024 | https://cyberw1ng.medium.com/21-4-lab-oauth-account-hijacking-via-redirect-uri-2024-4a8bfbb95d12?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, penetration-testing, bug-bounty, hacking | 15-May-2024 |
Multiple Business Logic Errors in APPLE music/TV allowing bypass of parental controls | https://medium.com/@sam0-0/multiple-business-logic-errors-in-apple-music-tv-allowing-bypass-of-parental-controls-0d870d4870c5?source=rss------bug_bounty-5 | Sam | apple, infosec, bug-bounty | 15-May-2024 |
Gaining Control: How Response Manipulation Leads to Higher Privileges (PoC) | https://medium.com/@mrmaulik191/gaining-control-how-response-manipulation-leads-to-higher-privileges-394bdf5f552b?source=rss------bug_bounty-5 | Mr.MG | cybersecurity-research, cybersecurity, privilege-escalation, bug-hunting, bug-bounty | 15-May-2024 |
A Arte de Explorar SQL Injection: Uma abordagem profunda | https://medium.com/@davidkarpinski1/sql-injection-masterclass-d68f65cd71ae?source=rss------bug_bounty-5 | David Eduardo Karpinski | bug-bounty, hacking, sql, mysql, sql-injection | 15-May-2024 |
5 bugs in one program $$$ | https://el-cezeri.medium.com/5-bugs-in-one-program-80b550c06a67?source=rss------bug_bounty-5 | Samet Yiğit | ödülavcılığı, bug-bounty-tips, bug-bounty | 15-May-2024 |
XSS via HTML Injection in Chatbot | https://medium.com/@nidishms1999/xss-via-html-injection-in-chatbot-a24c4f25dc92?source=rss------bug_bounty-5 | Nidish Nk | vapt, cybersecurity, bug-bounty | 15-May-2024 |
Why I want to become a bug bounty hunter | https://medium.com/@riccilovesdogs/why-i-want-to-become-a-bug-bounty-hunter-135e4f584af6?source=rss------bug_bounty-5 | Ricci | bug-bounty, coding, make-money-online | 15-May-2024 |
XSS via HTML Injection in Chatbot | https://medium.com/@nidishms1999/xss-via-html-injection-in-chatbot-a24c4f25dc92?source=rss------bug_bounty-5 | Nidish Nk | vapt, cybersecurity, hacking, bug-bounty | 15-May-2024 |
Walk Through of Bepractical.tech lab #2 | https://medium.com/@ross.jubert/walk-through-of-bepractical-tech-lab-2-bef06b00ccfc?source=rss------bug_bounty-5 | Ross Jubert | ethical-hacking, cybersecurity, bug-bounty, red-team, ethical-hacking-training | 14-May-2024 |
XSS on TikTok | https://19whoami19.medium.com/xss-on-tiktok-d2aa209c746d?source=rss------bug_bounty-5 | WHO AM I ? | bug-bounty-tips, cross-site-scripting, cybersecurity, bug-bounty, xss-attack | 14-May-2024 |
An Email Authentication Bypass, But Marked as N/A in NASA domain | https://medium.com/@Ajakcybersecurity/an-email-authentication-bypass-but-marked-as-n-a-in-nasa-domain-a47977aed8bd?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, penetration-testing, cybersecurity, hacking, bug-bounty | 14-May-2024 |
An easy way to find bugs: Enter wrong data | https://systemweakness.com/an-easy-way-to-find-bugs-enter-wrong-data-0765ed4e9afd?source=rss------bug_bounty-5 | Nasrin | audit, web-app-security, pentesting, bug-bounty | 14-May-2024 |
21.3 Lab: SSRF via OpenID dynamic client registration | 2024 | https://cyberw1ng.medium.com/21-3-lab-ssrf-via-openid-dynamic-client-registration-2024-c9ffd445e438?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, hacking, careers, cybersecurity | 14-May-2024 |
JNDI Injection — The Complete Story | https://infosecwriteups.com/jndi-injection-the-complete-story-4c5bfbb3f6e1?source=rss------bug_bounty-5 | Pradeep Kumar | java, pentesting, bug-bounty, jndi, web-penetration-testing | 14-May-2024 |
Root user account takeover via SQL Injection | https://medium.com/@stopvvar/root-user-account-takeover-via-sql-injection-5c21a6091d4c?source=rss------bug_bounty-5 | SW | sql-injection, hacking, bug-bounty, infose, sql-server | 13-May-2024 |
RCE Through Account Takeover | https://medium.com/@iamrajchavan/rce-through-account-takeover-10a938a241d9?source=rss------bug_bounty-5 | Rajdip Chavan | security, vapt, bug-bounty, web-application-security | 13-May-2024 |
Root user account takeover via SQL Injection | https://infosecwriteups.com/root-user-account-takeover-via-sql-injection-5c21a6091d4c?source=rss------bug_bounty-5 | SW | sql-injection, hacking, bug-bounty, infose, sql-server | 13-May-2024 |
Story of Hall of Fame in Red Hat Linux | https://medium.com/@hritombhattacharya029/story-of-hall-of-fame-in-red-hat-linux-e267b9f22d06?source=rss------bug_bounty-5 | Hritom Bhattacharya | redhat-linux, xss-vulnerability, bug-bounty, hall-of-fame, hacking | 13-May-2024 |
Unintended File Downloads in Remote Desktop Environments: A Security Vulnerability | https://medium.com/@Wolverineisstillalive/unintended-file-downloads-in-remote-desktop-environments-a-security-vulnerability-04114297665a?source=rss------bug_bounty-5 | Shark | bug-bounty, cybersecurity, microsoft, red-team, pentesting | 13-May-2024 |
Week 1 | https://medium.com/@fulltimebughunter/week-1-bad3f3f9e214?source=rss------bug_bounty-5 | . | bugs, bug-bounty-tips, infosec, bug-bounty, infosec-write-ups | 13-May-2024 |
21.2 Lab: Forced OAuth profile linking | 2024 | https://cyberw1ng.medium.com/21-2-lab-forced-oauth-profile-linking-2024-e625dcfc319b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, penetration-testing, hacking, cybersecurity | 13-May-2024 |
$350 bounty: How I Got It | Broken linked Hijacked | https://deepseng.medium.com/350-bounty-how-i-got-it-broken-linked-hijacked-3e72511e2571?source=rss------bug_bounty-5 | Deep SenGupta | cybersecurity, bug-bounty, broken-link-hijacking | 13-May-2024 |
How To Find And Test S3 Buckets For Bug Bounty | https://medium.com/@dante.falls/how-to-find-and-test-s3-buckets-for-bug-bounty-b91166f9b4e0?source=rss------bug_bounty-5 | Dante Falls | aws, amazon-web-services, bug-bounty, cybersecurity, cloud-services | 13-May-2024 |
Broken Access Control leads to Take Admin Role | https://0xebn-taimia.medium.com/broken-access-control-leads-to-take-admin-role-920e46d496b9?source=rss------bug_bounty-5 | 0xEbn-Taimia | penetration-testing, bug-bounty-tips, cybersecurity, bug-bounty, hunting | 13-May-2024 |
403 Jump: HTTP 403 Bypass tool | https://medium.com/@anzeemashib/403-jump-http-403-bypass-tool-8b17204110d9?source=rss------bug_bounty-5 | Itsmeanzeem | tools, bug-bounty, 403-forbidden, penetration-testing, cybersecurity | 13-May-2024 |
How I Found My First RCE ! | https://mchklt.medium.com/how-i-found-my-first-rce-f80073626fff?source=rss------bug_bounty-5 | ABDELKARIM MOUCHQUELITA | apache, cyberattack, cybersecurity, bug-bounty, hacking | 13-May-2024 |
Hundreds of companies’ internal data exposed — Part 2: The FreshService misconfiguration | https://infosecwriteups.com/hundreds-of-companies-internal-data-exposed-part-2-the-freshservice-misconfiguration-a9432c0b5dc8?source=rss------bug_bounty-5 | Mohammed Moiz Pasha | bug-bounty, security, hacking, vulnerability, ethical-hacking | 13-May-2024 |
$350 bounty: How I Got It | Broken linked Hijacked | https://deepseng.medium.com/350-bounty-how-i-got-it-broken-linked-hijacked-31bfbc15ac0e?source=rss------bug_bounty-5 | Deep SenGupta | broken-link-hijacking, cybersecurity, bug-bounty, burpsuite | 13-May-2024 |
How I found a IDOR at Monitor Mozilla ? | https://medium.com/@abnid312/how-i-found-a-idor-at-monitor-mozilla-313fc6c52f25?source=rss------bug_bounty-5 | ryujinx | bug-bounty, bug-hunter, information-technology, info-sec-writeups, hackerone | 13-May-2024 |
ZoneTransfer — ./Hope | https://ezecias.medium.com/zonetransfer-hope-6261d5c7ac0a?source=rss------bug_bounty-5 | Ezecias | bug-bounty-tips, tools, bug-bounty | 13-May-2024 |
How I Found My First RCE ! | https://mchklt.medium.com/how-i-found-my-first-rce-f80073626fff?source=rss------bug_bounty-5 | ABDELKARIM MOUCHQUELITA | apache, cyberattack, cybersecurity, bug-bounty, hacking | 13-May-2024 |
A simple file upload bypass causing XSS attack | https://medium.com/@xiaodongsec/a-simple-file-upload-bypass-causing-xss-attack-6cbbb4c42070?source=rss------bug_bounty-5 | Xiaodong | xss-attack, bypass, vulnerability, bug-bounty, hacker | 12-May-2024 |
Read Code Like a Hacker With SAST | https://medium.com/@matejsmycka/read-code-like-a-hacker-with-sast-28dab6506e45?source=rss------bug_bounty-5 | Matejsmycka | bug-bounty, static-code-analysis, testing, ethical-hacking, hacking | 12-May-2024 |
How I Found PII Disclosure of Users & PHPInfo() Page :: #NCIIPC #RVDP | https://medium.com/@p.ra.dee.p_0xx01/how-i-found-pii-disclosure-of-users-phpinfo-page-nciipc-rvdp-58bec4ba27da?source=rss------bug_bounty-5 | Professor0xx01 | security, ethical-hacking, infosec, cybersecurity, bug-bounty | 12-May-2024 |
24.15 Lab: HTTP request smuggling, obfuscating the TE header | 2024 | https://cyberw1ng.medium.com/24-15-lab-http-request-smuggling-obfuscating-the-te-header-2024-efdbc0698848?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, cybersecurity, hacking, careers | 12-May-2024 |
Hacking more than 130 000 car worldwide in 5 minutes | https://ahmadmansourr.medium.com/hacking-more-than-130-000-car-worldwide-in-5-minutes-766e76003c67?source=rss------bug_bounty-5 | Ahmad Mansour | bug-bounty, bug-bounty-tips, cybersecurity, pentesting | 12-May-2024 |
16 Times Forced Browsing Leads to Authentication bypass [ 300$ Bounty ] | https://medium.com/@jav333d/16-times-forced-browsing-leads-to-authentication-bypass-300-bounty-efc8bd52d310?source=rss------bug_bounty-5 | Javeed.sk | authentication-bypass, bugs, ethical-hacking, bug-bounty-tips, bug-bounty | 12-May-2024 |
Breaking Down DOM-based XSS: A Practical Exploration | https://medium.com/@osamaavvan/breaking-down-dom-based-xss-a-practical-exploration-929d44f10906?source=rss------bug_bounty-5 | Osama Avvan | xss-attack, dom-xss, bug-bounty, cybersecurity, javascript | 11-May-2024 |
My LLM Bug Bounty Journey on Hugging Face Hub via Protect AI | https://infosecwriteups.com/my-llm-bug-bounty-journey-on-hugging-face-hub-via-protect-ai-9f3a1bc72c2e?source=rss------bug_bounty-5 | Peng Zhou | protect-ai, hugging-face, bug-bounty, llm-security, ai-security | 11-May-2024 |
NMAP Command Options | https://medium.com/@sherlock297/nmap-command-options-114b7582b993?source=rss------bug_bounty-5 | Ravindra Dagale | nmap, commands, information-security, bug-bounty, vulnerability | 11-May-2024 |
#2. Bug Bounty POC: Time-Based SQL Injection to Dump Database | https://cyb3rmind.medium.com/2-bug-bounty-poc-time-based-sql-injection-to-dump-database-f8cfa089f393?source=rss------bug_bounty-5 | Cyb3r M!nds | sqli, hacking, pentesting, bug-bounty, sql-injection | 11-May-2024 |
24.14 Lab: HTTP request smuggling, basic TE.CL vulnerability | 2024 | https://cyberw1ng.medium.com/24-14-lab-http-request-smuggling-basic-te-cl-vulnerability-2024-f0159b2569d0?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, hacking, careers, cybersecurity, bug-bounty | 11-May-2024 |
Exploiting Acunetix Vulnweb SQL Injection | https://medium.com/@davidkarpinski1/exploiting-acunetix-vulnweb-sql-injection-5fa5c24b2466?source=rss------bug_bounty-5 | David Eduardo Karpinski | sql, hacking, mysql, bug-bounty, sql-injection | 11-May-2024 |
Unveiling an Account Takeover Vulnerability in a Leading Automobile Brand | https://medium.com/@anekantsinghai/unveiling-an-account-takeover-vulnerability-in-a-leading-automobile-brand-aa41a4e94bfb?source=rss------bug_bounty-5 | Anekant Singhai Jain | infosec, hacking, bug-bounty, cybersecurity, bug-bounty-tips | 11-May-2024 |
دي روود ماب علشان تبدا web pentest | https://medium.com/@akaramany3/%D8%AF%D9%8A-%D8%B1%D9%88%D9%88%D8%AF-%D9%85%D8%A7%D8%A8-%D8%B9%D9%84%D8%B4%D8%A7%D9%86-%D8%AA%D8%A8%D8%AF%D8%A7-web-pentest-91ea9560dbf6?source=rss------bug_bounty-5 | 09x99 | python, cybersecurity, bug-bounty, web-development, javascript | 11-May-2024 |
Mastering Subdomain Takeovers | https://tanishqshahsays.medium.com/mastering-subdomain-takeovers-c9a531fe5d3b?source=rss------bug_bounty-5 | Tanishq Sachin Shah | bug-bounty, bugs, vulnerability, subdomain, cybersecurity | 11-May-2024 |
Linux Privilege Escalation — Capstone Challenge | TryHackMe | https://medium.com/@NoOne./linux-privilege-escalation-capstone-challenge-tryhackme-e69c798204bc?source=rss------bug_bounty-5 | Asim Anwar | hacking, privilege-escalation, linux, bug-bounty, tryhackme | 11-May-2024 |
4 XSSs With A Simple & Optimized Payload | https://levelup.gitconnected.com/4-xsss-with-a-simple-optimized-payload-900753538e90?source=rss------bug_bounty-5 | Hamza Avvan | ethical-hacking, xss-uppercase-bypass, bug-bounty, xss-attack, cybersecurity | 11-May-2024 |
My Hunt: Discovering Microsoft Bugs | https://infosecwriteups.com/my-hunt-discovering-microsoft-bugs-f6a9c790bec0?source=rss------bug_bounty-5 | c0d3x27 | microsoft, hacking, bug-bounty, software-development, cybersecurity | 11-May-2024 |
Today I am going to walk through bepractical.tech | https://medium.com/@ross.jubert/today-i-am-going-to-walk-through-bepractical-tech-c15e1df8aa06?source=rss------bug_bounty-5 | Ross Jubert | cybersecurity, bug-bounty, ethical-hacking, account-takeover, account-takeover-attacks | 11-May-2024 |
Exploiting Acunetix Vulnweb SQL Injection | https://systemweakness.com/exploiting-acunetix-vulnweb-sql-injection-5fa5c24b2466?source=rss------bug_bounty-5 | David Eduardo Karpinski | sql, hacking, mysql, bug-bounty, sql-injection | 11-May-2024 |
IDOR and Missing Authorization leads to free content | https://medium.com/@enigma_/idor-and-missing-authorization-leads-to-free-content-b12037a887a0?source=rss------bug_bounty-5 | enigma | cybersecurity, hacking, idor, oscp, bug-bounty | 10-May-2024 |
How I Discovered a CVE by Scanning Open Source Repositories | https://infosecwriteups.com/how-i-discovered-a-cve-by-scanning-open-source-repositories-a5922d21b797?source=rss------bug_bounty-5 | Scott Lindh | bug-bounty, xss-attack, open-source, application-security, hacking | 10-May-2024 |
CSRF Bypass Combined with IDOR To Complete Account Takeover! | https://medium.com/@ozomarzu/csrf-bypass-combined-with-idor-to-complete-account-takeover-f4995c5946d3?source=rss------bug_bounty-5 | CyberOz | cybersecurity, idor, bug-bounty-writeup, bug-bounty-tips, bug-bounty | 10-May-2024 |
24.13 Lab: HTTP request smuggling, basic CL.TE vulnerability | 2024 | https://cyberw1ng.medium.com/24-13-lab-http-request-smuggling-basic-cl-te-vulnerability-2024-862e743cb078?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, hacking, careers, bug-bounty, cybersecurity | 10-May-2024 |
A Strange Tale of Email Verification Bypass | https://medium.com/@Arioex/a-strange-tale-of-email-verification-bypass-5eda231d14d8?source=rss------bug_bounty-5 | Huntsman | bug-bounty-writeup, cybersecurity, vulnerability, bug-bounty, hacking | 10-May-2024 |
Linux Privilege Escalation | TryHackMe — Part 2 | https://medium.com/@NoOne./linux-privilege-escalation-tryhackme-part-2-9a4cddba01ab?source=rss------bug_bounty-5 | Asim Anwar | bug-bounty, tryhackme, linux, privilege-escalation, hacking | 10-May-2024 |
From Novice to Ninja: Unraveling Bug Bounty Beginnings through Cache Poisoning | https://cametom006.medium.com/from-novice-to-ninja-unraveling-bug-bounty-beginnings-through-cache-poisoning-40de3f8fd211?source=rss------bug_bounty-5 | Fahad Faisal | hackerone, bug-bounty, security, bug-bounty-tips | 10-May-2024 |
Database Info Disclose by Client-Side DOS | https://starlox.medium.com/database-info-disclose-by-client-side-dos-7fb25a26fae8?source=rss------bug_bounty-5 | #$ubh@nk@r | dos-attack, infosec, hacking, bug-bounty | 10-May-2024 |
Inside the Life of a Full-Time Bug Hunter: Weekly Insights and Goals | https://medium.com/@fulltimebughunter/inside-the-life-of-a-full-time-bug-hunter-weekly-insights-and-goals-6da07694fb0d?source=rss------bug_bounty-5 | . | cybersecurity, bug-bounty, bug-bounty-tips, infosec, hacking | 09-May-2024 |
XSS | Here’s how I got my first bounty | https://medium.com/@sM0ky4/xss-heres-how-i-got-my-first-bounty-4f64785fe6f8?source=rss------bug_bounty-5 | sM0ky4 | bug-bounty-writeup, bug-bounty, xss-vulnerability, xss-attack, first-post | 09-May-2024 |
idor affects all users | https://medium.com/@mohamadfadelababede/how-are-you-my-friends-d60c44c29da0?source=rss------bug_bounty-5 | Mohamad Fade Lababede | bug-bounty | 09-May-2024 |
24.12 Lab: CL.0 request smuggling | 2024 | https://cyberw1ng.medium.com/24-12-lab-cl-0-request-smuggling-2024-5b480979e285?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, careers, cybersecurity, hacking | 09-May-2024 |
idor affects all users | https://medium.com/@mohamadfadelababede/idor-affects-all-users-d3f3f12a11c2?source=rss------bug_bounty-5 | Mohamad Fade Lababede | bug-bounty | 09-May-2024 |
HOW I FOUND MY FIRST BUG | https://medium.com/@irenevenunye55/how-i-found-my-first-bug-7d66915a3fbb?source=rss------bug_bounty-5 | Irene Venunye | bug-bounty, bug-bounty-hunting, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program | 09-May-2024 |
Fingerprinting♨♨: Identifying Technologies Of Our Target. | https://hacktivistattacker.medium.com/fingerprinting-identifying-technologies-of-our-target-d3b0c021da0f?source=rss------bug_bounty-5 | Hacktivist-Attacker | fingerprinting, fingerprint-system, bug-bounty, penetration-test, reconnaissance | 09-May-2024 |
Linux Privilege Escalation | TryHackMe — Part 1 | https://medium.com/@NoOne./linux-privilege-escalation-tryhackme-part-1-f0ae442e6864?source=rss------bug_bounty-5 | Asim Anwar | bug-bounty, hacking, tryhackme, privilege-escalation, linux | 09-May-2024 |
How I Found XSS In Another Govt. Site :: NCIIPC VDP !! | https://medium.com/@p.ra.dee.p_0xx01/how-i-found-xss-in-another-govt-site-nciipc-vdp-84d78c0319c2?source=rss------bug_bounty-5 | Professor0xx01 | infosec, security, information-security, bug-bounty, security-research | 09-May-2024 |
An easy bounty using fuzzing | https://medium.com/@xnum.1/an-easy-bounty-using-fuzzing-d602ad06f562?source=rss------bug_bounty-5 | Ahmed Tarek | bug-bounty, hacking, penteration-testing, fuzzing, pentesting | 09-May-2024 |
Exploiting JWT Token Leads To IDOR | https://medium.com/@Ajakcybersecurity/exploiting-jwt-token-leads-to-idor-ec48cb8888bb?source=rss------bug_bounty-5 | AjakCybersecurity | penetration-testing, hacking, cybersecurity, ethical-hacking, bug-bounty | 09-May-2024 |
Simple bug on Indian government website | Govt. bug hunting | https://medium.com/@sidharthpanda1/simple-bug-on-indian-government-website-govt-bug-hunting-0522af40a6ff?source=rss------bug_bounty-5 | SIDHARTH PANDA | bug-bounty, government, indian, hacking, bug-bounty-tips | 08-May-2024 |
ETHICAL AND LEGAL ASPECTS OF BUG HUNTING: RESPONSIBLE DISCLOSURE, SCOPE, NDA AND OTHERS | https://medium.com/@Progsky/ethical-and-legal-aspects-of-bug-hunting-responsible-disclosure-scope-nda-and-others-4832b13a1622?source=rss------bug_bounty-5 | Progsky | documentation, bug-bounty, contracts, ethical-hacking | 08-May-2024 |
NCIIPC VDP Bug : Open Redirection Vulnerability In Govt. Site !! | https://medium.com/@p.ra.dee.p_0xx01/nciipc-vdp-bug-open-redirection-vulnerability-in-govt-site-b048860f5d2d?source=rss------bug_bounty-5 | Professor0xx01 | bug-bounty, security, vulnerability, information-security, infosec | 08-May-2024 |
Revealing a Critical Vulnerability: The Price Manipulation Flaw | https://medium.com/@pawarpushpak36/revealing-a-critical-vulnerability-the-price-manipulation-flaw-cfd640cacf46?source=rss------bug_bounty-5 | Pawarpushpak | penetration-testing, info-sec-writeups, pentesting, bug-zero, bug-bounty | 08-May-2024 |
Unlocking Bug Bounties: Your Comprehensive Guide to Getting Started | https://medium.com/@sachin.hack/unlocking-bug-bounties-your-comprehensive-guide-to-getting-started-427a51d7e875?source=rss------bug_bounty-5 | Sachin Kumar | for-beginners, bug-bounty-tips, bug-bounty, cybersecurity, begineers | 08-May-2024 |
24.11 Lab: HTTP/2 request splitting via CRLF injection |2024 | https://cyberw1ng.medium.com/24-11-lab-http-2-request-splitting-via-crlf-injection-2024-ddb2adaf0cce?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, hacking, careers, penetration-testing | 08-May-2024 |
Hack Any Browser With One Link | https://medium.com/@vishalchaudharydevsec/hack-any-browser-with-one-link-8d890b804627?source=rss------bug_bounty-5 | Vishal Chaudhary | security, hacking, cybersecurity, beef, bug-bounty | 08-May-2024 |
Exposed Key In Page Source Led To Bypass Captcha | https://medium.com/@mohanad.hussam23/exposed-key-in-page-source-led-to-bypass-captcha-add64f8d133b?source=rss------bug_bounty-5 | Muhanad Israiwi | hacking, captcha, bug-bounty, bugs, penetration-testing | 08-May-2024 |
Writing your First Nuclei Template | https://medium.com/@technolifts/writing-your-first-nuclei-template-f88575635ea8?source=rss------bug_bounty-5 | TechnoLifts | nucleus, nuclei-template, cybersecurity, offensive-security, bug-bounty | 08-May-2024 |
XSS vulnerability caused by modifying the Content-Type | https://medium.com/@xiaodongsec/xss-vulnerability-caused-by-modifying-the-content-type-5118e2d02286?source=rss------bug_bounty-5 | Xiaodong | vulnerability, xss-attack, money, bug-bounty, hacker | 08-May-2024 |
Modify the request path to bypass upload restrictions, leading to an XSS vulnerability. | https://medium.com/@xiaodongsec/modify-the-request-path-to-bypass-upload-restrictions-leading-to-an-xss-vulnerability-0610a893ff1a?source=rss------bug_bounty-5 | Xiaodong | money, hacker, vulnerability, bug-bounty, xss-attack | 08-May-2024 |
An easily accomplished account takeover | https://medium.com/@xiaodongsec/an-easily-accomplished-account-takeover-cc2fd1c287ec?source=rss------bug_bounty-5 | Xiaodong | bug-bounty, hacker, china, money, vulnerability | 07-May-2024 |
Title: Understanding Vertical Privilege Escalation in Cybersecurity | https://alvinbijo.medium.com/title-understanding-vertical-privilege-escalation-in-cybersecurity-2a12c42f8d83?source=rss------bug_bounty-5 | Alvin bijo | bug-bounty | 07-May-2024 |
24.10 Lab: HTTP/2 request smuggling via CRLF injection | 2024 | https://cyberw1ng.medium.com/24-10-lab-http-2-request-smuggling-via-crlf-injection-2024-8970aa222b46?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, hacking, bug-bounty, penetration-testing, careers | 07-May-2024 |
Securitydegen.com Feature Update! | https://medium.com/@bugbountydegen/securitydegen-com-feature-update-d0bda8b236c0?source=rss------bug_bounty-5 | Bug Bounty Degen | vulnerability, web3, blockchain-security-audit, bug-bounty, smart-contracts | 07-May-2024 |
A Thrilling Dive into Cloud Penetration Testing | https://adipsharif.medium.com/a-thrilling-dive-into-cloud-penetration-testing-fc88855f7f15?source=rss------bug_bounty-5 | ADIP | bug-bounty, information-security, cloud, info-sec-writeups, penetration-testing | 07-May-2024 |
Threat Modeling for OAuth 2.0 Authorization Framework | https://medium.com/@jayeshkunwal/threat-modeling-for-oauth-2-0-authorization-framework-fcab66226fd7?source=rss------bug_bounty-5 | Jayesh kunwal | threat-modeling, bug-bounty, oauth, cybersecurity, vapt | 07-May-2024 |
How I got $250 for IDOR via Business Logic Error | https://medium.com/@aryamanav.028/how-i-got-250-for-idor-via-business-logic-error-f3ba502baa5e?source=rss------bug_bounty-5 | Manav Arya | cybersecurity, information-security, vulnerability, bug-bounty, bugcrowd | 07-May-2024 |
Athena TryHackMe Walkthrough | https://medium.com/@boogsta/athena-tryhackme-walkthrough-58eb432f0daa?source=rss------bug_bounty-5 | Boogsta | cybersecurity, bug-bounty, hacking, tryhackme, cyber | 07-May-2024 |
A Comprehensive Review of the Guided Hacking Forum | https://medium.com/@yannik603/a-comprehensive-review-of-the-guided-hacking-forum-918231ab4f68?source=rss------bug_bounty-5 | Yannik Castro | reverse-engineering, bug-bounty, games, ctf, hacking | 07-May-2024 |
IDN Bootcamp Bug Bounty : Langkah awal Menjadi Bug Hunter | https://medium.com/@cornelius.yuli.r/idn-bootcamp-bug-bounty-langkah-awal-menjadi-bug-hunter-a1fce0850681?source=rss------bug_bounty-5 | Cornelius | idn-bootcamp, bug-bounty | 06-May-2024 |
Crypto bounty program got me $500 — Rate Limit Bypass | https://mo9khu93r.medium.com/crypto-bounty-program-got-me-500-rate-limit-bypass-d573f7b7d390?source=rss------bug_bounty-5 | mo9khu93r | cryptocurrency, security, hacking, web3, bug-bounty | 06-May-2024 |
IDN Bootcamp Bug Bounty : Langkah awal Menjadi Bug Hunter | https://cornelius-y.medium.com/idn-bootcamp-bug-bounty-langkah-awal-menjadi-bug-hunter-a1fce0850681?source=rss------bug_bounty-5 | Cornelius Yuli | idn-bootcamp, bug-bounty | 06-May-2024 |
Bounty Beginnings: My First Bug Discovery | https://cyberojas.medium.com/bounty-beginnings-my-first-bug-discovery-c4fea0b0c5c3?source=rss------bug_bounty-5 | cyberOjas | bug-bounty, vulnerability, bugcrowd | 06-May-2024 |
Web3 Bug Bounty V/S Smart Contract Auditing | https://securrtech.medium.com/web3-bug-bounty-v-s-smart-contract-auditing-94207960469d?source=rss------bug_bounty-5 | Securr | blockchain, smart-contract-auditing, bug-bounty, web3, web3-security | 06-May-2024 |
alasan ingin belajar bug bounty IDN bootcamp | https://medium.com/@ilhamsabana100/alasan-ingin-belajar-bug-bounty-idn-bootcamp-abf359e6a628?source=rss------bug_bounty-5 | Ilhamsabana | bug-bounty | 06-May-2024 |
Blog mengenai saya sebagai syarat Bug Bounty IDN Bootcamp | https://medium.com/@081335097475a/blog-mengenai-saya-sebagai-syarat-bug-bounty-idn-bootcamp-ba3a6d8cdf36?source=rss------bug_bounty-5 | Mohamad Fachry Ali | cybersecurity, bug-bounty | 06-May-2024 |
Pengalaman saya dibidang CyberSecurity | https://medium.com/@ahmadfauzyhafidz/pengalaman-saya-dibidang-cybersecurity-6919e17302d8?source=rss------bug_bounty-5 | Ahmad Fauzy Hafidz | coding, cybersecurity, bug-bounty, capture-the-flag | 06-May-2024 |
My Journey to Become a Bug Hunters | Bug Bounty IDN Bootcamp | https://wahyukiddies.medium.com/my-journey-to-become-a-bug-hunters-bug-bounty-idn-bootcamp-9cc04860c874?source=rss------bug_bounty-5 | Wahyu Priambodo | technology, bug-bounty, experience, cybersecurity, bootcamp | 06-May-2024 |
Bug bounty IDN Bootcamp: Perjalanan menjadi pentester dan bug hunter | https://medium.com/@rizkiarifsaifudin/bug-bounty-idn-bootcamp-perjalanan-menjadi-pentester-dan-bug-hunter-bf4eee8b64f5?source=rss------bug_bounty-5 | Rizki Arif Saifudin | programming, bug-bounty, linux, cybersecurity | 06-May-2024 |
Pengalaman Menemukan Celah Keamanan (Bug) Pada Sebuah Website (Prelude Bug Bounty IDN Bootcamp) | https://medium.com/@nugrohoandyreza/pengalaman-menemukan-celah-keamanan-bug-pada-sebuah-website-prelude-bug-bounty-idn-bootcamp-7c4d6ad2af1f?source=rss------bug_bounty-5 | Andy R. Nugroho | bug-bounty | 06-May-2024 |
Guide To Subdomain Takeovers: DNS Resolutions:-Vertical Recon. | https://hacktivistattacker.medium.com/dns-resolutions-guide-to-subdomain-takeovers-vertical-recon-9da92433e973?source=rss------bug_bounty-5 | Hacktivist-Attacker | reconnaissance, subdomain-takeover, penetration-testing, subdomain, bug-bounty | 06-May-2024 |
Network Infrastructure Recon | https://medium.com/@davidkarpinski1/network-infrastructure-recon-3d5741eec73b?source=rss------bug_bounty-5 | David Eduardo Karpinski | dns, hacking, networking, cybersecurity, bug-bounty | 06-May-2024 |
BugBountyTraining Lab: FastFoodHackings Part 1 | https://hoppp3r.medium.com/bugbountytraining-lab-fastfoodhackings-part-1-39a7b06fdef9?source=rss------bug_bounty-5 | Hoppp3r | bug-bounty-writeup, bugbountytraining, fastfoodhackings, bug-bounty, bug-bounty-labs | 05-May-2024 |
Bug Bounty IDN Bootcamp | https://medium.com/@nurdin8/bug-bounty-idn-bootcamp-dffeeba84854?source=rss------bug_bounty-5 | Senudin Nurdin | bug-bounty | 05-May-2024 |
Hack Like a Pro: Precon’s Simple Subdomain Secrets | https://medium.com/@tamhacker1/hack-like-a-pro-precons-simple-subdomain-secrets-a87e5b741b0b?source=rss------bug_bounty-5 | Tamhacker | ethical-hacking, bug-bounty, hacker, hacking, cybersecurity | 05-May-2024 |
Exposing Information Of All Users “Email,Mobile Number ..etc” | https://medium.com/@dr4040x00/exposing-information-of-all-users-email-mobile-number-etc-697c328e0584?source=rss------bug_bounty-5 | Dr404 | information-disclosure, web-pen-testing, bug-bounty, bug-bounty-tips | 05-May-2024 |
24.9 Lab: H2.CL request smuggling | 2024 | https://cyberw1ng.medium.com/24-9-lab-h2-cl-request-smuggling-2024-792b86db2c2a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, penetration-testing, cybersecurity, hacking | 05-May-2024 |
An Impactful ‘No Rate Limiting’ Bug | https://medium.com/@duncanochieng682/an-impactful-no-rate-limiting-bug-29eb5158fd14?source=rss------bug_bounty-5 | JateloCybersec | ethical-hacking, web-app-security, bug-bounty, pentesting, bugs | 05-May-2024 |
Information gathering with OSINT | https://medium.com/@davidkarpinski1/information-gathering-with-osint-3b8af60a194d?source=rss------bug_bounty-5 | David Eduardo Karpinski | hacking, osint, bug-bounty, cybersecurity, pentesting | 05-May-2024 |
JS-Snooper: Get More Bounty With Easy Bugs | https://aravind07.medium.com/js-snooper-get-more-bounty-with-easy-bugs-9d7b410f070e?source=rss------bug_bounty-5 | Gnana Aravind K | cybersecurity, infosec, bug-bounty, bug-bounty-tips, hacking | 05-May-2024 |
Proxying Web Traffic Via SSH | https://medium.com/@mu.gl/proxying-web-traffic-via-ssh-f3cf09c35d46?source=rss------bug_bounty-5 | Mark El-Khoury | bug-bounty, ssh, pentesting, cybersecurity, infosec | 04-May-2024 |
LEARNING THE BUG BOUNTY PROGRAM | https://medium.com/@basithrazaky/learning-the-bug-bounty-program-ffdfc54b3dee?source=rss------bug_bounty-5 | Ramadhani Basith Razaky | capture-the-flag, bug-bounty, cybersecurity, linux, networking | 04-May-2024 |
24.8 Lab: Response queue poisoning via H2.TE request smuggling | 2024 | https://cyberw1ng.medium.com/24-8-lab-response-queue-poisoning-via-h2-te-request-smuggling-2024-33bdb4b56b0b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, cybersecurity, hacking, bug-bounty | 04-May-2024 |
# Certifcates | https://medium.com/@scumdestroy/certifcates-f51eace48a7e?source=rss------bug_bounty-5 | ︎ | penetration-testing, bug-bounty, recon, hacking, reconnaissance | 04-May-2024 |
Get Your First Award by Joining IDN Bootcamp Bug Bounty | https://medium.com/@oktaa_/get-your-first-award-by-joining-idn-bootcamp-bug-bounty-7dd927ebe6b3?source=rss------bug_bounty-5 | okta | bug-bounty, linux, network, penetration-testing, hacker | 04-May-2024 |
Alasan Kenapa Ingin Mengikuti “Bootcamp Bug Bounty IDN” | https://medium.com/@naurayaffakamila/alasan-kenapa-ingin-mengikuti-bootcamp-bug-bounty-idn-2d4a5889518c?source=rss------bug_bounty-5 | Naursyy_ | bug-bounty, technology, cybersecurity | 04-May-2024 |
LEARNING BUG BOUNTY IDN BOOTCAMP | https://medium.com/@basithrazaky/learning-the-bug-bounty-program-ffdfc54b3dee?source=rss------bug_bounty-5 | Ramadhani Basith Razaky | capture-the-flag, bug-bounty, cybersecurity, linux, networking | 04-May-2024 |
24.7 Lab: Exploiting HTTP request smuggling to deliver reflected XSS | 2024 | https://cyberw1ng.medium.com/24-7-lab-exploiting-http-request-smuggling-to-deliver-reflected-xss-2024-334de5c0d400?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, cybersecurity, careers, hacking | 03-May-2024 |
Empire Breakout Vulnhub: WriteUp | Walkthrough | VulnHub CTF | Privilege Escalation Attack | Python… | https://shamsulmehmood.medium.com/empire-breakout-vulnhub-writeup-walkthrough-vulnhub-ctf-privilege-escalation-attack-python-235087d3db54?source=rss------bug_bounty-5 | SHAMS UL MEHMOOD | cybersecurity, information-security, cyberattack, infosec, bug-bounty | 03-May-2024 |
Unleashing the Ethical Hacker Within: Cybersecurity Insights, Bug Bounty Tips, and the Art of… | https://kd-200.medium.com/unleashing-the-ethical-hacker-within-cybersecurity-insights-bug-bounty-tips-and-the-art-of-2ebdb65a9ff3?source=rss------bug_bounty-5 | Nitin yadav | tech, infosec, technology, bug-bounty, cybersecurity | 03-May-2024 |
3 easiest bugs that you can find right now [guarantied] | https://medium.com/@deadoverflow/3-easiest-bugs-that-you-can-find-right-now-guarantied-71ef89efd1a7?source=rss------bug_bounty-5 | Imad Husanovic | cybersecurity, hacking, bug-bounty-tips, programming, bug-bounty | 03-May-2024 |
Why and how to hide usernames on your WordPresss. | https://medium.com/@izmir.suat/why-and-how-to-hide-usernames-on-your-wordpresss-b01320642838?source=rss------bug_bounty-5 | Izmir Suat | wordpress, bug-bounty, information-security, pentest | 03-May-2024 |
XSS leads to HALL OF FAME on a French website | https://medium.com/@KaranMoudgil/xss-leads-to-hall-of-fame-on-a-french-website-95bd3a96ad24?source=rss------bug_bounty-5 | Karan Moudgil | bug-bounty | 03-May-2024 |
Alasan saya ingin megikuti Bug Bounty IDN Bootcamp | https://wildan14ar.medium.com/alasan-saya-ingin-megikuti-bug-bounty-idn-bootcamp-339aa385b45b?source=rss------bug_bounty-5 | WILDAN ABDURRASYID | bootcamp, bug-bounty, idn, cybersecurity, sytem | 03-May-2024 |
How I bypassed OTP in unexpected way | https://medium.com/@ckachhadiya007/how-i-bypassed-otp-in-unexpected-way-2d4b478db512?source=rss------bug_bounty-5 | DEep | hacking, bug-bounty, red-team, cybersecurity, vulnerability | 03-May-2024 |
Real World GitLab Account Take Over | https://medium.com/@red.whisperer/real-world-gitlab-account-take-over-b2e9896a1835?source=rss------bug_bounty-5 | Chux | hacking, cybersecurity, infosec, red-team, bug-bounty | 03-May-2024 |
IDOR lead to PII Disclosure | https://medium.com/@karimelsayed0x1/idor-lead-to-pii-disclosure-121502394277?source=rss------bug_bounty-5 | z3r0xk | idor, bug-bounty, web-security | 03-May-2024 |
How I Bypassed Rate limiting To Account Takeover | https://medium.com/@Ajakcybersecurity/how-i-bypassed-rate-limiting-to-account-takeover-1df722a527d5?source=rss------bug_bounty-5 | AjakCybersecurity | hacking, cybersecurity, penetration-testing, bug-bounty, ethical-hacking | 03-May-2024 |
DNS Resolutions: Identifying Live Targets : Vertical RECON. | https://hacktivistattacker.medium.com/dns-resolutions-identifying-live-targets-vertical-recon-2a2aed49bd6b?source=rss------bug_bounty-5 | Hacktivist-Attacker | penetration-testing, reconnaissance, bug-bounty, education, résolutions | 03-May-2024 |
what is RCE-[Remote code Execution]❓ | https://medium.com/@mmdesvand1386/what-is-rce-remote-code-execution-fee04264fe30?source=rss------bug_bounty-5 | mamad | bug-bounty, website, security, cyber-security-website, social-security-website | 03-May-2024 |
Sql İnjection Nedir &Karşılaştığım Vaka | https://medium.com/@akostak/sql-i%CC%87njection-nedir-kar%C5%9F%C4%B1la%C5%9Ft%C4%B1%C4%9F%C4%B1m-vaka-708b17f5da9d?source=rss------bug_bounty-5 | Ali | bug-bounty-tips, bug-bounty, sql-injection, vulnerability, bugs | 03-May-2024 |
Bug Bounty ID | https://medium.com/@nurdin8/bug-bounty-id-33c529b2cd1a?source=rss------bug_bounty-5 | Senudin Nurdin | free-course, linux, network, cyberse, bug-bounty | 02-May-2024 |
24.6 Lab: Exploiting HTTP request smuggling to capture other users requests | 2024 | https://cyberw1ng.medium.com/24-6-lab-exploiting-http-request-smuggling-to-capture-other-users-requests-2024-fd10d3b638bc?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, cybersecurity, penetration-testing, careers | 02-May-2024 |
Langkah Awal Menuju Bug Bounty IDN BootCamp | https://medium.com/@caomaysss/langkah-awal-menuju-bug-bounty-idn-bootcamp-42bcc61ba7ef?source=rss------bug_bounty-5 | Caomay | bug-bounty, xiaocaomay, idn, idn-network | 02-May-2024 |
Become a Bug Bounty hunter: Unveiling the Secrets to Success! | https://adipsharif.medium.com/become-a-bug-bounty-hunter-unveiling-the-secrets-to-success-90dfab4c2832?source=rss------bug_bounty-5 | ADIP | infosec, bug-bounty-tips, info-sec-writeups, penetration-testing, bug-bounty | 02-May-2024 |
Google VRP Targets by Tier | https://uprootsecurity.medium.com/google-vrp-targets-by-tier-c0679c27e545?source=rss------bug_bounty-5 | UprootSecurity | infosec, pentest, bug-bounty, cybersecurity, vapt | 02-May-2024 |
Alasan ingin belajar pada Bug Bounty IDN Bootcamp | https://medium.com/@putrantosurya38/alasan-ingin-belajar-bug-bounty-9f33d7d75161?source=rss------bug_bounty-5 | Putranto Surya | cybersecurity, bug-bounty, bug-bounty-idn-bootcamp | 02-May-2024 |
How I Gained Account Access: Exploring the Risks of Password Reset Links in Cybersecurity | https://kd-200.medium.com/how-i-gained-account-access-exploring-the-risks-of-password-reset-links-in-cybersecurity-5811e914c289?source=rss------bug_bounty-5 | Nitin yadav | cybersecurity, bug-bounty, hacking, hackerone, technology | 02-May-2024 |
Mengapa bug bounty? | https://medium.com/@rayyaramburambani11/mengapa-bug-bounty-0f77b824cc6c?source=rss------bug_bounty-5 | rayya | newbie, roboti̇k, bug-bounty-idn-bootcamp, bug-bounty | 02-May-2024 |
How i got admin panel without opening the target | https://thesafdari.medium.com/how-i-got-admin-panel-without-opening-the-target-8ca4a2c219be?source=rss------bug_bounty-5 | Milad Safdari (TheSafdari) | github, hacking, github-secret, bug-bounty, cybersecurity | 02-May-2024 |
Diving into the Depths: Unveiling Bug Bounty Adventures and Insights into Linux, Programming, and… | https://medium.com/@mansorihack/diving-into-the-depths-unveiling-bug-bounty-adventures-and-insights-into-linux-programming-and-952cc8957dc0?source=rss------bug_bounty-5 | Mansorihack | linux, bug-bounty, pentesting | 02-May-2024 |
Bug Bounty IDN Bootcamp | By Eky | https://medium.com/@muhr6128/bug-bounty-idn-bootcamp-by-eky-7a65bc3f6844?source=rss------bug_bounty-5 | person | cybersecurity, ethical-hacking, ctf, bug-bounty | 02-May-2024 |
Complex Attack Types: Sample Scenarios 3 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-3-bcd472d684cf?source=rss------bug_bounty-5 | Baris Dincer | cybersecurity, threat-intelligence, bug-bounty, penetration-testing, freedomofinternet | 02-May-2024 |
Real-World Example of Race Condition Exploits “adding Money” | https://medium.com/@dr4040x00/real-world-example-of-race-condition-exploits-adding-money-c8fe62964067?source=rss------bug_bounty-5 | Dr404 | race-condition, web-penetration-testing, vulnerability, bug-bounty | 02-May-2024 |
#01: Path traversal | https://medium.com/@karimelsayed0x1/01-path-traversal-0c52daffd26e?source=rss------bug_bounty-5 | z3r0xk | source-code-review, path-traversal, web-security, nodejs, bug-bounty | 02-May-2024 |
My Journey to the Nokia Security Hall of Fame | https://mufazmi.medium.com/my-journey-to-the-nokia-security-hall-of-fame-4e9cf4d8b5e9?source=rss------bug_bounty-5 | Umair Farooqui | hof, bug-bounty, mufazmi, nokia-hall-of-fame, umair-farooqui | 01-May-2024 |
Harnessing the Power of Crowd-Sourced Security | https://medium.com/@paritoshblogs/harnessing-the-power-of-crowd-sourced-security-1326641d81b7?source=rss------bug_bounty-5 | Paritosh | cybersecurity, information-technology, information-security, cloud-computing, bug-bounty | 01-May-2024 |
My First Verified Bug Bounty: Unmasking Flaws in University Web Apps | https://medium.com/@rafisyafrinaldi17/my-first-verified-bug-bounty-unmasking-flaws-in-university-web-apps-6c6b5fb1e8da?source=rss------bug_bounty-5 | Impeony | Rafi | vulnerability-assessment, cybersecurity, bug-bounty-writeup, bug-bounty | 01-May-2024 |
How I Bypass CSP that allow a iframe injection in a chat bot + HTML injection on emails | https://medium.com/@jeetpal2007/how-i-bypass-csp-that-allow-a-iframe-injection-in-a-chat-bot-html-injection-on-emails-9d588aeef4c3?source=rss------bug_bounty-5 | JEETPAL | bug-bounty, htmli, bug-bounty-writeup, chatbotbugs, bug-bounty-tips | 01-May-2024 |
€150 Bounty: Chaining Vulns to fully Exploit CORS Misconfiguration | https://r4v3n0r.medium.com/150-bounty-chaining-vulns-to-fully-exploit-cors-misconfiguration-521a0cd97316?source=rss------bug_bounty-5 | Fabian Cruz | information-security, bug-bounty, infrastructure-security, cybersecurity, penetration-testing | 01-May-2024 |
How can I bypass the limit on the number of team members | https://medium.com/@xiaodongsec/how-can-i-bypass-the-limit-on-the-number-of-team-members-c3dd56d265a0?source=rss------bug_bounty-5 | Xiaodong | china, vulnerability, money, bug-bounty, hacker | 01-May-2024 |
€400 Bounty: Unveiling a More Impactful CORS Misconfiguration Exploit | https://r4v3n0r.medium.com/400-bounty-unveiling-a-more-impactful-cors-misconfiguration-exploit-6db0a1b39bdc?source=rss------bug_bounty-5 | Fabian Cruz | web-security, bug-bounty, information-security, penetration-testing, cybersecurity | 01-May-2024 |
FortiClient Android App | https://medium.com/@3ed0x92/forticlient-android-app-958f942cb5b7?source=rss------bug_bounty-5 | Mohamed Eid Wahby | bug-bounty, mobile-pentest, mobile-pentesting, penetration-testing, bug-bounty-tips | 01-May-2024 |
Partnering with fewerClicks- To Provide Robust Web3 Security | https://securrtech.medium.com/partnering-with-fewerclicks-to-provide-robust-web3-security-007328375783?source=rss------bug_bounty-5 | Securr | smart-contract-auditing, bug-bounty, pentesting, web3 | 01-May-2024 |
1500$ bounty: how unprotected directory leaked sensitive info | https://medium.com/@aa.pietruczuk/1500-bounty-how-unprotected-directory-leaked-sensitive-info-929b55515232?source=rss------bug_bounty-5 | Agnieszka Pietruczuk | pentesting, bug-bounty | 01-May-2024 |
Exposed Secrets: The Peril of Broken Access Control | https://kd-200.medium.com/exposed-secrets-the-peril-of-broken-access-control-928223c62547?source=rss------bug_bounty-5 | Nitin yadav | cybersecurity, bug-bounty, technology, hacking, penetration-testing | 01-May-2024 |
BBRADAR: A WEB TOOL TO FIND THE LATEST BUG BOUNTY PROGRAMS | https://medium.com/@Progsky/bbradar-a-web-tool-to-find-the-latest-bug-bounty-programs-833ba632f7a6?source=rss------bug_bounty-5 | Progsky | web-hacking, web-security, bug-bounty | 01-May-2024 |
I sent 1,000,000 Requests to a server | https://imwaiting18.medium.com/i-sent-1-000-000-requests-to-a-server-dcb6b41d5d7f?source=rss------bug_bounty-5 | imwaiting18 (Virang Rajyaguru) | hacking, cybersecurity, bug-bounty, ethical-hacking | 01-May-2024 |
AWS S3 Bucket Misconfiguration Exposes PII and Documents of Job Seekers | https://infosecwriteups.com/aws-s3-bucket-misconfiguration-exposes-pii-and-documents-of-job-seekers-7b1332b0ecf1?source=rss------bug_bounty-5 | brutexploiter | cybersecurity, cloud, india, information-security, bug-bounty | 01-May-2024 |
Learning Offensive Cybersecurity — Day 2 | https://medium.com/@n4rkwh4l/learning-offensive-cybersecurity-day-2-73a682ba1e4d?source=rss------bug_bounty-5 | N4RKWH4L | offensive-security, cybersecurity, bug-bounty, learning, tech | 01-May-2024 |
Billions Bug Bounty Program | https://billionsquest.medium.com/billions-bug-bounty-program-c86689b4fb29?source=rss------bug_bounty-5 | Billions Quest | bug-bounty-tips, bug-bounty, bug-bounty-hunter, bugs | 01-May-2024 |
Binary Exploitation: PicoCTF clutter-overflow challenge walk through | https://medium.com/@boogsta/binary-exploitation-picoctf-clutter-overflow-challenge-walk-through-80e2f775102c?source=rss------bug_bounty-5 | Boogsta | bug-bounty, hacking, hackathons, cyber, cybersecurity | 01-May-2024 |
1,000,000 requests 2FA bypass | https://imwaiting18.medium.com/i-sent-1-000-000-requests-to-a-server-dcb6b41d5d7f?source=rss------bug_bounty-5 | imwaiting18 (Virang Rajyaguru) | hacking, cybersecurity, bug-bounty, ethical-hacking | 01-May-2024 |
Javascript code inside HTML | https://medium.com/@thewhiteside2000/javascript-code-inside-html-389a71060bf0?source=rss------bug_bounty-5 | Thewhiteside | bugs, bug-bounty-tips, bug-bounty | 01-May-2024 |
How OSINT Helped Me To Find User Credentials And Discover An OTP Bypass | https://medium.com/@mohammed0x04/how-osint-helped-me-to-find-user-credentials-and-discover-an-otp-bypass-afb6b9e23b45?source=rss------bug_bounty-5 | Mohammed Waleed | recon, osint, bug-bounty-tips, cybersecurity, bug-bounty | 30-Apr-2024 |
Bypassing SSL Pinning with Frida and Objection in Mobile Applications | https://medium.com/@ria.banerjee005/bypassing-ssl-pinning-with-frida-and-objection-in-mobile-applications-0b42a778b0f2?source=rss------bug_bounty-5 | Ria Banerjee | bug-bounty, cybersecurity, ssl-pinning, mobile-security, mobile-app-testing | 30-Apr-2024 |
Another ATO, will I get paid this time? | https://imwaiting18.medium.com/another-ato-will-i-get-paid-this-time-ba86ed272f3e?source=rss------bug_bounty-5 | imwaiting18 (Virang Rajyaguru) | hacking, ethical-hacking, security, bug-bounty, cyber-security-awareness | 30-Apr-2024 |
Useful GoogleDocks Tips — Bug Bounty Tuesday | https://medium.com/@kerstan/useful-googledocks-tips-bug-bounty-tuesday-45eddc06bf93?source=rss------bug_bounty-5 | kerstan | cybersecurity, bug-bounty, hacking | 30-Apr-2024 |
How I found three Critical Vulnerability in one site. | https://medium.com/@ckachhadiya007/how-i-found-three-critical-vulnerability-in-one-site-70fc513669d8?source=rss------bug_bounty-5 | DEep | vulnerability, hacking, cybersecurity, red-team, bug-bounty | 30-Apr-2024 |
O melhor curso de hacking etico do Brasil | https://medium.com/@rafael.code77/o-melhor-curso-de-hacking-etico-do-brasil-cec8eec850bb?source=rss------bug_bounty-5 | Rafael Henrique | tryhackme-writeup, hacking, bug-bounty, hacker, hackerone | 30-Apr-2024 |
24.4 Lab: Exploiting HTTP request smuggling to bypass front-end security controls, CL.TE | https://cyberw1ng.medium.com/24-4-lab-exploiting-http-request-smuggling-to-bypass-front-end-security-controls-cl-te-458923cda52d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, penetration-testing, bug-bounty, hacking | 30-Apr-2024 |
Learning OffensiveCybersecurity — Day 1 | https://medium.com/@n4rkwh4l/learning-offensivecybersecurity-day-1-b5c26c55522c?source=rss------bug_bounty-5 | N4RKWH4L | bug-bounty, cybersecurity, offensive-security, learning, tech | 30-Apr-2024 |
Adding Certificates to Postman & Burp Suite for API Testing | https://medium.com/r3d-buck3t/adding-certificates-to-postman-burp-suite-for-api-testing-06339a6d072a?source=rss------bug_bounty-5 | Nairuz Abulhul | security, bug-bounty, penetration-testing, hacking, infosec | 30-Apr-2024 |
Bug Bounty Challenge (final): [CONCLUSION] | https://wallotry.medium.com/bug-bounty-challenge-final-day-10-30-04-2024-75a6f93d2687?source=rss------bug_bounty-5 | Wallotry | bug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup | 30-Apr-2024 |
Finding a viper in the curved lawn | https://medium.com/@kupiasec/finding-a-viper-in-the-curved-lawn-e43401997cce?source=rss------bug_bounty-5 | KupiaSec | curve-finance, bug-bounty, audit, blockchain, security | 30-Apr-2024 |
ineligible for bounty !!! | https://medium.com/@thewhiteside2000/ineligible-for-bounty-d4b720bfb596?source=rss------bug_bounty-5 | Thewhiteside | bug-bounty | 30-Apr-2024 |
postMessage() security | https://noobstain.medium.com/postmessage-security-e6c55ef1f1bd?source=rss------bug_bounty-5 | Sumeet darekar | bug-bounty, xss-vulnerability, replit, postmessage, javascript | 30-Apr-2024 |
Learning Offensive Cybersecurity — Day 1 | https://medium.com/@n4rkwh4l/learning-offensivecybersecurity-day-1-b5c26c55522c?source=rss------bug_bounty-5 | N4RKWH4L | bug-bounty, cybersecurity, offensive-security, learning, tech | 30-Apr-2024 |
Bug Bounty Challenge (final): CONCLUSION | https://wallotry.medium.com/bug-bounty-challenge-final-day-10-30-04-2024-75a6f93d2687?source=rss------bug_bounty-5 | Wallotry | bug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup | 30-Apr-2024 |
do FUZZ well! | https://medium.com/@ugs20b126_cic.rajesh/do-fuzz-well-07cb19bb0675?source=rss------bug_bounty-5 | Rajesh Sagar | bug-bounty, fuzzing, bug-bounty-tips | 30-Apr-2024 |
E-Commerce Application Penetration Testing- My Favourite Business Logical Flaw | https://medium.com/@vaishalinagori112/e-commerce-application-penetration-testing-my-favourite-business-logical-flaw-bac0367ad60c?source=rss------bug_bounty-5 | Vaishali Nagori | application-security, ciso, bug-bounty, penetration-testing, vapt | 29-Apr-2024 |
The Silent Threat: Uncovering IDOR Vulnerabilities Before They’re Exploited (PoC) | https://medium.com/@mrmaulik191/the-silent-threat-uncovering-idor-vulnerabilities-before-theyre-exploited-poc-f98d2b8aec8d?source=rss------bug_bounty-5 | Mr.MG | idor, penetration-testing, blog, cybersecurity, bug-bounty | 29-Apr-2024 |
The Story of a Mass Account Takeover Though Stored XSS (Cross-Site Scripting). | https://medium.com/@iamrajchavan/the-story-of-a-mass-account-takeover-though-stored-xss-cross-site-scripting-bd2e484a0bd1?source=rss------bug_bounty-5 | Rajdip Chavan | vapt, cybersecurity, bug-hunting, web-app-pentesting, bug-bounty | 29-Apr-2024 |
The Fuzzy Wuzzy: Unveiling Hidden Parameters | https://medium.com/@mendurim.r/the-fuzzy-wuzzy-unveiling-hidden-parameters-24169dfc9371?source=rss------bug_bounty-5 | m3nd00 | bug-bounty, fuzzing, ffuf | 29-Apr-2024 |
Explorando Acunetix Vulneweb SQL Injection | https://medium.com/@davidkarpinski1/explorando-acunetix-vulneweb-sql-injection-23360cf2d5f3?source=rss------bug_bounty-5 | David Eduardo Karpinski | sql-injection, sql, bug-bounty, mysql, vulnerability | 29-Apr-2024 |
24.3 Lab: Exploiting HTTP request smuggling to bypass front-end security controls, CL.TE | https://cyberw1ng.medium.com/24-3-lab-exploiting-http-request-smuggling-to-bypass-front-end-security-controls-cl-te-3a5f92a939d2?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, penetration-testing, hacking, cybersecurity | 29-Apr-2024 |
Temu glitch - Temu system hacked and let me buy free items! | https://medium.com/@verylazytech/temu-glitch-temu-system-hacked-and-let-me-buy-free-items-356fad19ae4a?source=rss------bug_bounty-5 | Very Lazy Tech | temu, hacking, shopping, free, bug-bounty | 29-Apr-2024 |
The Fuzzy Wuzzy: Unveiling Hidden Parameters | https://medium.com/@mendurim.r/the-fuzzy-wuzzy-unveiling-hidden-parameters-24169dfc9371?source=rss------bug_bounty-5 | ScriptTease | bug-bounty, fuzzing, ffuf | 29-Apr-2024 |
Broken Link Hijacking: A Hidden Threat $350 Bounty | https://medium.com/@chouhanhimanshu532/broken-link-hijacking-a-hidden-threat-350-bounty-bb5978177b1d?source=rss------bug_bounty-5 | Himanshu Chouhan | bug-bounty, bugcrowd, bugs, broken-link-hijacking, bug-bounty-tips | 29-Apr-2024 |
Embracing Downtime: Why “Wasting Time” Can Be Beneficial for Bug Hunters | https://securitylit.medium.com/embracing-downtime-why-wasting-time-can-be-beneficial-for-bug-hunters-62d83da87a14?source=rss------bug_bounty-5 | Security Lit Limited | bug-bounty, cybersecurity, penetration-testing, bug-bounty-tips | 29-Apr-2024 |
Crypto Attacks Cheat-Sheet | https://medium.com/@davidkarpinski1/brute-forcing-cheat-sheet-30a9f58e024e?source=rss------bug_bounty-5 | David Eduardo Karpinski | hacking, bug-bounty, dictionary, cheating, crack | 29-Apr-2024 |
Bug Bounty Challenge (final): Day 9–29/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-final-day-9-29-04-2024-9643d90e3ccf?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 29-Apr-2024 |
The Last Dance (HackTheBox Writeup) | https://medium.com/@krishgera1/the-last-dance-hackthebox-writeup-ab0ffda6264f?source=rss------bug_bounty-5 | Krish Gera | ctf, cybersecurity, hackthebox, hackerone, bug-bounty | 29-Apr-2024 |
Find PII Info Disclosure Bugs With this Simple GUI Tool-Easy P1 | https://medium.com/@Ajakcybersecurity/find-pii-info-disclosure-bugs-with-this-simple-gui-tool-easy-p1-7507a34ae172?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, cybersecurity, bug-bounty, hacking, penetration-testing | 29-Apr-2024 |
Bug Zero at a Glance [01–15 April] | https://blog.bugzero.io/bug-zero-at-a-glance-01-15-april-1a761018d605?source=rss------bug_bounty-5 | Januka Dharmapriya | cybersecurity, sri-lanka, bug-zero, newsletter, bug-bounty | 28-Apr-2024 |
2FA bypass that made me $______ | https://imwaiting18.medium.com/2fa-bypass-that-made-me-6d32d3b762b4?source=rss------bug_bounty-5 | imwaiting18 (Virang Rajyaguru) | csrf, bug-bounty, cybersecurity, 2fa-bypass, hacking | 28-Apr-2024 |
How to choose less competitive Bug Bounty Programs ( No VDPs) | https://medium.com/@h3mantsaini/how-to-choose-less-competitive-bug-bounty-programs-no-vdps-0acc3ddfe9b8?source=rss------bug_bounty-5 | H3mant | bug-bounty-tips, bugbounty-writeup, bug-bounty, bug-bounty-writeup | 28-Apr-2024 |
Starting in Bug Bounty — First Master This Before Hunting. | https://medium.com/@shuklaneel525/starting-in-bug-bounty-first-master-this-before-hunting-74d266a874a0?source=rss------bug_bounty-5 | NEEL SHUKLA | bug-bounty, ethical-hacking, penetration-testing, bounty-program, bug-bounty-tips | 28-Apr-2024 |
Unveiling the Secrets of Internal Pentest Monitoring: A Game-Changer for Security Leaders | https://medium.com/@anirumble6776/unveiling-the-secrets-of-internal-pentest-monitoring-a-game-changer-for-security-leaders-09e57b46f9ef?source=rss------bug_bounty-5 | Aniniikethr12 | bug-bounty, pentesting, cybersecurity | 28-Apr-2024 |
Never use the GET method for Sensitive Actions in Web App: Ft. CSRF | https://secureitmania.medium.com/never-use-the-get-method-for-sensitive-actions-in-web-app-ft-csrf-f106df3c228b?source=rss------bug_bounty-5 | secureITmania | bug-bounty, penetration-testing, information-security, hacking, web-development | 28-Apr-2024 |
Ability to Deny Subaccounts feature from all users | https://medium.com/@mostafaaboelnour19/ability-to-deny-subaccounts-feature-from-all-users-e8fca424ffb9?source=rss------bug_bounty-5 | 0xAb031n0uR | bugbounty-writeup, bug-bounty, cybersecurity | 28-Apr-2024 |
IDOR leads to Account Takeover of all users (ATO). | https://medium.com/@xnum.1/idor-leads-to-account-takeover-of-all-users-ato-27af312c8481?source=rss------bug_bounty-5 | Ahmed Tarek | penteration-testing, account-takeover, bug-bounty, pentesting, hacking | 28-Apr-2024 |
Mi camino en el Bug Bounty comienza, pero antes.. | https://medium.com/@cyb3rbyt3/mi-camino-en-el-bug-bounty-comienza-pero-antes-e649661dddc0?source=rss------bug_bounty-5 | Cib3r Byt3 | bug-bounty | 28-Apr-2024 |
24.2 Lab: HTTP request smuggling, confirming a TE.CL | https://cyberw1ng.medium.com/24-2-lab-http-request-smuggling-confirming-a-te-cl-1917e523470e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, cybersecurity, bug-bounty, hacking | 28-Apr-2024 |
How I Hacked an Indian Government Website and Accessed Their Database Server | https://medium.com/@kamilrahman32/how-i-hacked-an-indian-government-website-and-accessed-their-database-server-02a81842cce8?source=rss------bug_bounty-5 | Kamil Rahuman | bug-hunting, cybersecurity, bug-bounty, hacking | 28-Apr-2024 |
Bug Bounty Challenge (final): Day 8–28/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-final-day-8-28-04-2024-67bac40e6a35?source=rss------bug_bounty-5 | Wallotry | bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, bug-bounty | 28-Apr-2024 |
How We Hacked Voice Communication Solutions Company And Found BAC + Info Disclosure + IDOR 😀 | https://medium.com/@eslam.zayedw/how-we-hacked-voice-communication-solutions-company-and-found-bac-info-disclosure-idor-d-6884037064f0?source=rss------bug_bounty-5 | D0loresH4ze | bug-bounty, bug-bounty-tips, cybersecurity, hacking, penetration-testing | 28-Apr-2024 |
Flamingo Finance Bug Bounty Program | https://medium.com/@kdmytro336/flamingo-finance-bug-bounty-program-e5736de7bfa0?source=rss------bug_bounty-5 | Dmytro Kovalenko | web-security, bug-bounty, security, web3, flamingo-finance | 28-Apr-2024 |
VAPT: The Secret Weapon for Security Superheroes | https://securitylit.medium.com/vapt-the-secret-weapon-for-security-superheroes-27fcdd79b16e?source=rss------bug_bounty-5 | Security Lit Limited | vapt, bug-bounty, cybersecurity, cyberattack | 28-Apr-2024 |
Security Testing Trends 2024 | https://innovateqa.medium.com/security-testing-trends-2024-38d9129fde4d?source=rss------bug_bounty-5 | InnovateQA | security-testing, devsecops, genai, bug-bounty, pentesting | 27-Apr-2024 |
Hidden parameters | https://medium.com/@thewhiteside2000/hidden-parameters-e818d572ea3e?source=rss------bug_bounty-5 | Thewhiteside | bug-bounty, bug-bounty-tips | 27-Apr-2024 |
Top Ten Books for Bug Bounty | https://medium.com/@verylazytech/top-ten-books-for-bug-bounty-95e8a42fb519?source=rss------bug_bounty-5 | Very Lazy Tech | pentesting, money, cybersecurity, bug-bounty, oscp | 27-Apr-2024 |
How to setup in 30 min your Web3 lab in Windows | https://coinsbench.com/how-to-setup-in-30-min-your-web3-lab-in-windows-e0026185b64?source=rss------bug_bounty-5 | Bug Bounty Degen | web3, hacking-tools, ethereum, bug-bounty, blockchain | 27-Apr-2024 |
2:00 AM IDOR leads to some Adrenaline rush | https://imwaiting18.medium.com/2-00-am-idor-leads-to-some-adrenaline-rush-996f710bd55a?source=rss------bug_bounty-5 | imwaiting18 (Virang Rajyaguru) | bug-bounty | 27-Apr-2024 |
Logic Loopholes: The Fun Flaws | https://medium.com/@khode4li/logic-loopholes-the-fun-flaws-5a8e14b09dc7?source=rss------bug_bounty-5 | Khod4li | business-logic, web-penetration, bug-bounty, pentest, xss-attack | 27-Apr-2024 |
How I Exploited an Auth0 Misconfiguration to Bypass Login Restrictions | https://amjadali110.medium.com/how-i-exploited-an-auth0-misconfiguration-to-bypass-login-restrictions-c5d8c20d5505?source=rss------bug_bounty-5 | Amjad Ali | penetration-testing, infosec, bug-bounty-tips, bug-bounty, cybersecurity | 27-Apr-2024 |
How A Blackbox Target Turned To Whitebox With Recon | https://medium.com/@red.whisperer/how-a-blackbox-target-turned-to-whitebox-with-recon-e46536672702?source=rss------bug_bounty-5 | Chux | infosec, cybersecurity, red-team, hacking, bug-bounty | 27-Apr-2024 |
Spotting Sensitive Data in iOS Applications A Penetration Tester’s Guide | https://adipsharif.medium.com/spotting-sensitive-data-in-ios-applications-a-penetration-testers-guide-06f84af9cb0a?source=rss------bug_bounty-5 | ADIP | pentesting, penetration-testing, infosec, information-security, bug-bounty | 27-Apr-2024 |
24.1 Lab: HTTP request smuggling, confirming a CL.TE | https://cyberw1ng.medium.com/24-1-lab-http-request-smuggling-confirming-a-cl-te-c53051cf5875?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, careers, penetration-testing, cybersecurity | 27-Apr-2024 |
privilege escalation allow the app admin to add the user as organization admin (on Microsoft own… | https://medium.com/@amitkhandebharad5/privilege-escalation-allow-the-app-admin-to-add-the-user-as-organization-admin-on-microsoft-own-e24352219a24?source=rss------bug_bounty-5 | Amitkhandebharad | security, bug-bounty, bugcrowd, privilege-escalation, bug-hunter | 27-Apr-2024 |
Exploring the Filliquid Testnet Launch Bug Bounty Program! | https://medium.com/@dekachi17/exploring-the-filliquid-testnet-launch-bug-bounty-program-e67c76557cc5?source=rss------bug_bounty-5 | I. Tobias Darlington | filecoin, bug-bounty, testnet, defi, filliquid | 27-Apr-2024 |
How I Hacked NASA Website and find a Criticial Source Code leak BUG on their website | https://medium.com/@phantom9863/how-i-hacked-nasa-website-and-find-a-criticial-source-code-leak-bug-on-their-website-9be0c38299fd?source=rss------bug_bounty-5 | Phantom | bugs, bug-bounty-tips, bug-fixes, bug-bounty, bug-zero | 27-Apr-2024 |
Unveiling Strategies to Identify Potentially Sensitive Data Stored by iOS Applications | https://adipsharif.medium.com/spotting-sensitive-data-in-ios-applications-a-penetration-testers-guide-06f84af9cb0a?source=rss------bug_bounty-5 | ADIP | pentesting, penetration-testing, infosec, information-security, bug-bounty | 27-Apr-2024 |
What is HTTP request smuggling? | https://cyberw1ng.medium.com/what-is-http-request-smuggling-7ab91748c6db?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, penetration-testing, careers, cybersecurity, bug-bounty | 26-Apr-2024 |
I found a simple but rare misconfiguration and got $200 on a hackerone program | https://harish45.medium.com/i-found-a-simple-but-rare-misconfiguration-and-got-200-on-a-hackerone-program-5863b6c51538?source=rss------bug_bounty-5 | Harish | hackerone, bug-bounty-writeup, bug-bounty, bug-bounty-tips | 26-Apr-2024 |
Private Interact.sh server setup with a web dashboard | https://infosecwriteups.com/private-interact-sh-server-setup-with-a-web-dashboard-6b0320645536?source=rss------bug_bounty-5 | Serj Novoselov | tutorial, hacking, tools, cybersecurity, bug-bounty | 26-Apr-2024 |
Found Multiple Bugs :: XSS, MITM, Sec-MisConf :: In an Educational Site | https://medium.com/@p.ra.dee.p_0xx01/found-multiple-bugs-xss-mitm-sec-misconf-in-an-educational-site-5a3804085da0?source=rss------bug_bounty-5 | Professor0xx01 | security, bugs, bug-bounty, information-security, xss-attack | 26-Apr-2024 |
The Ultimate Guide to CISSP’s Eight Security Territories | https://systemweakness.com/the-ultimate-guide-to-cissps-eight-security-territories-836ec7bec836?source=rss------bug_bounty-5 | Gagan Yalamuri | startup, information-security, information-technology, cybersecurity, bug-bounty | 26-Apr-2024 |
Unraveling the Nuances of 403 Bypass: Strengthening Web Application Security | https://medium.com/@dasmanish6176/unraveling-the-nuances-of-403-bypass-strengthening-web-application-security-ac2e8e885c3f?source=rss------bug_bounty-5 | Dasmanish | 403-forbidden, ethical-hacking, bug-bounty | 26-Apr-2024 |
How to baypass scaping filter(\) | https://medium.com/@thewhiteside2000/how-to-baypass-scaping-filter-14393a23af4f?source=rss------bug_bounty-5 | Thewhiteside | bug-bounty-tips, bug-bounty | 26-Apr-2024 |
How We Prevented a Mass Breach On One OF The Biggest CryptoCurrency Gateways On A Web3 Platform. | https://medium.com/@eslam.zayedw/how-we-prevented-a-mass-breach-on-one-of-the-biggest-cryptocurrency-gateways-on-a-web3-platform-2d8393070b10?source=rss------bug_bounty-5 | D0loresH4ze | cybersecurity, bugbounty-writeup, bug-bounty, bug-bounty-tips, penetration-testing | 26-Apr-2024 |
Found Multiple Bugs :: XSS, MITM, Sec-MisConf :: In a GOVT Educational Site | https://medium.com/@p.ra.dee.p_0xx01/found-multiple-bugs-xss-mitm-sec-misconf-in-an-educational-site-5a3804085da0?source=rss------bug_bounty-5 | Professor0xx01 | security, bugs, bug-bounty, information-security, xss-attack | 26-Apr-2024 |
Bug Bounty Tools | https://medium.com/@malishakali2002/bug-bounty-tools-bedcf7b94f8d?source=rss------bug_bounty-5 | Malisha_kali | ctf, bug-bounty-writeup, reconnaissance, bug-bounty, bug-bounty-tool | 25-Apr-2024 |
this is how I Bypassed the 2FA page in a big site… | https://medium.com/@hannorayousef/this-is-how-i-bypassed-the-2fa-page-in-a-big-site-77c6a3b7596d?source=rss------bug_bounty-5 | Bar_0_0_n | bug-bounty, 2fa, pentesting, bug-bounty-tips, cybersecurity | 25-Apr-2024 |
Android Pentesting Lab Setup step to step . Part -1 | https://medium.com/@adityasingh4180/android-pentesting-lab-setup-step-to-step-part-1-c50d210d118d?source=rss------bug_bounty-5 | Security Empire | bug-bounty-tips, cybersecurity, android-pentesting, bug-bounty, cyber-sec | 25-Apr-2024 |
Bug Bounty Champions: Real Stories of Cybersecurity Triumphs | https://medium.com/@paritoshblogs/bug-bounty-champions-real-stories-of-cybersecurity-triumphs-35c0c976469a?source=rss------bug_bounty-5 | Paritosh | cybersecurity, bug-bounty, ai, hacking, information-security | 25-Apr-2024 |
Understanding 403 Bypass: A Critical Vulnerability in Web Application Security | https://infosecwriteups.com/understanding-403-bypass-a-critical-vulnerability-in-web-application-security-2b9f0318f3a4?source=rss------bug_bounty-5 | Abhishek Bhujang | bug-bounty, 403-bypass, cybersecurity, vulnerability, web-app-security | 25-Apr-2024 |
Hacking one of the largest Legal tech in MENA | https://ahmadmansourr.medium.com/hacking-one-of-the-largest-legal-tech-in-mena-92365c276654?source=rss------bug_bounty-5 | Ahmad Mansour | pentest, hacking, securing, bug-bounty | 25-Apr-2024 |
Cyber Detectives Unite: Advanced Tools for Web Security | https://medium.com/@gaganak.yalamuri/cyber-detectives-unite-advanced-tools-for-web-security-bb675f46b46e?source=rss------bug_bounty-5 | Gagan Yalamuri | ethical-hacking, information-security, cybersecurity, bug-bounty, computer-science | 25-Apr-2024 |
How a ‘.git’ file Leads to Zendesk Panel Takeover | https://sl4x0.medium.com/how-a-git-file-leads-to-zendesk-panel-takeover-11e8d2812076?source=rss------bug_bounty-5 | Abdelrhman Allam (sl4x0) | bug-bounty-tips, admin-panel, pentesting, bug-bounty, hacking | 25-Apr-2024 |
Privilege Escalation to Admin through an Import Feature | https://cristivlad.medium.com/privilege-escalation-to-admin-through-an-import-feature-ac8ac6b6abad?source=rss------bug_bounty-5 | Cristi Vlad | bug-bounty, cybersecurity, penetration-testing, pentesting, infosec | 25-Apr-2024 |
Unexpected gain, arbitrary forgery of user tokens. | https://medium.com/@xiaodongsec/unexpected-gain-arbitrary-forgery-of-user-tokens-cb0dc1c4bd9f?source=rss------bug_bounty-5 | Xiaodong | china, hacker, vulnerability, bug-bounty, money | 25-Apr-2024 |
How to monitor your internal pentesters? | https://medium.com/@levente.b.molnar/how-to-monitor-your-internal-pentesters-6fe0e18f9fd0?source=rss------bug_bounty-5 | Hackrate | bug-bounty, cybersecurity, it-security, penetration-testing-tools, penetration-testing | 25-Apr-2024 |
Find This Easy CSRF in Every Website- A Sweet P4 | https://medium.com/@Ajakcybersecurity/find-this-easy-csrf-in-every-website-a-sweet-p4-372a3198bf47?source=rss------bug_bounty-5 | AjakCybersecurity | penetration-testing, technology, bug-bounty, hacking, cybersecurity | 25-Apr-2024 |
Bug Bounty Challenge (final): Day 5–25/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-final-day-5-25-04-2024-a8d33630fe73?source=rss------bug_bounty-5 | Wallotry | bug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips | 25-Apr-2024 |
Cyber Detectives Unite: Advanced Tools for Web Security | https://systemweakness.com/cyber-detectives-unite-advanced-tools-for-web-security-bb675f46b46e?source=rss------bug_bounty-5 | Gagan Yalamuri | ethical-hacking, information-security, cybersecurity, bug-bounty, computer-science | 25-Apr-2024 |
20.6 Lab: Host validation bypass via connection state attack | 2024 | https://cyberw1ng.medium.com/20-6-lab-host-validation-bypass-via-connection-state-attack-2024-ba5ddd95edc4?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, hacking, cybersecurity, penetration-testing | 25-Apr-2024 |
Privilege escalation mediante Race Condition. | https://medium.com/@duality084/privilege-escalation-mediante-race-condition-0254df6ffbd8?source=rss------bug_bounty-5 | Matias Ramirez | bug-bounty, bug-bounty-tips, bugbounty-writeup, hacking | 25-Apr-2024 |
A very useful asset collection tool: Asset Reconnaissance Lighthouse. | https://medium.com/@xiaodongsec/a-very-useful-asset-collection-tool-asset-reconnaissance-lighthouse-94204f093c92?source=rss------bug_bounty-5 | Xiaodong | hacks, hunting, tools, bug-bounty, china | 24-Apr-2024 |
Hack Stories: Hacking Hackers EP:3 | https://infosecwriteups.com/hack-stories-hacking-hackers-ep-3-11b1f0e002e8?source=rss------bug_bounty-5 | c0d3x27 | software, programming, cybersecurity, hacking, bug-bounty | 24-Apr-2024 |
#1. Bug Bounty POC: IDOR leads to Account Takeover | https://cyb3rmind.medium.com/1-bug-bounty-poc-idor-leads-to-account-takeover-e500701a8004?source=rss------bug_bounty-5 | Cyb3r M!nds | idor, account-takeover, web-penetration-testing, bug-bounty, pentesting | 24-Apr-2024 |
BALMER PEAK AND BUG HUNTING | https://medium.com/@Progsky/balmer-peak-and-bug-hunting-8ea030eaa4a4?source=rss------bug_bounty-5 | Progsky | humor, bug-bounty | 24-Apr-2024 |
20.5 Lab: SSRF via flawed request parsing | 2024 | https://cyberw1ng.medium.com/20-5-lab-ssrf-via-flawed-request-parsing-2024-77a91ca47898?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, careers, cybersecurity, hacking | 24-Apr-2024 |
Unveiling the Hidden: A Guide to Passive Subdomain Enumeration | https://medium.com/@gaganak.yalamuri/unveiling-the-hidden-a-guide-to-passive-subdomain-enumeration-6f1db9a8bb50?source=rss------bug_bounty-5 | Gagan Yalamuri | web-security, technology, security, bug-bounty, hacking | 24-Apr-2024 |
Bug Bounty Challenge (final): Day 4–24/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-final-day-4-24-04-2024-ad138e4d1357?source=rss------bug_bounty-5 | Wallotry | bug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter | 24-Apr-2024 |
Embarking on My Bug Bounty Hunting Journey | https://medium.com/@nikhil-/embarking-on-my-bug-bounty-hunting-journey-d4064cd28905?source=rss------bug_bounty-5 | Nikhil | my-journey-in-tech, cybersecurity, bug-bounty | 24-Apr-2024 |
Unveiling the Hidden: A Guide to Passive Subdomain Enumeration | https://systemweakness.com/unveiling-the-hidden-a-guide-to-passive-subdomain-enumeration-6f1db9a8bb50?source=rss------bug_bounty-5 | Gagan Yalamuri | web-security, technology, security, bug-bounty, hacking | 24-Apr-2024 |
How easy I made $$$$ | https://anasbetis023.medium.com/how-easy-i-made-24edb0fd1364?source=rss------bug_bounty-5 | Anas H Hmaidy | penetration-testing, bug-bounty-tips, cybersecurity, bug-bounty | 23-Apr-2024 |
Bug :: CORS Misconfiguration ~ could lead to disclosure of sensitive info..!!! | https://medium.com/@p.ra.dee.p_0xx01/bug-cors-misconfiguration-could-lead-to-disclosure-of-sensitive-info-ad95e35162fd?source=rss------bug_bounty-5 | Professor0xx01 | cors, bug-bounty, threat-hunting, information-security, vulnerability | 23-Apr-2024 |
What are Some Ethical Considerations for Bug Bounty Hunters When Negotiating Rewards or Disclosing… | https://medium.com/mynextdeveloper/what-are-some-ethical-considerations-for-bug-bounty-hunters-when-negotiating-rewards-or-disclosing-3008e87a6173?source=rss------bug_bounty-5 | MyNextDeveloper | bug-bounty, ethics, data-breach, ethical-hacking, cybersecurity | 23-Apr-2024 |
IOS Penetration Testing: Guide to Static Analysis | https://medium.com/@adityasawant00/ios-penetration-testing-guide-to-static-analysis-4a9dea5d672d?source=rss------bug_bounty-5 | Aditya Sawant | cybersecurity, static-analysis, bug-bounty, i̇os, penetration-testing | 23-Apr-2024 |
How I found my First Valid bug | https://medium.com/@tanyago/how-i-found-my-first-valid-bug-2a9c87ce7a91?source=rss------bug_bounty-5 | Tanya Goyal | bug-bounty, bug-hunting, bug-bounty-writeup, bug-bounty-tips | 23-Apr-2024 |
Bypassing CloudFlare Error 1015: You Are Being Rate Limited | https://medium.com/@mdnafeed3/bypassing-cloudflare-error-1015-you-are-being-rate-limited-f25f4e8f7bb2?source=rss------bug_bounty-5 | H4cker-Nafeed | bug-bounty, vulnerability, cybersecurity, hacking | 23-Apr-2024 |
QUICK ROADMAP TO BUG BOUNTY(things you need to know) | https://medium.com/@joybhavanadam/quick-roadmap-to-bug-bounty-things-you-need-to-know-0aa1b64b9cdf?source=rss------bug_bounty-5 | Adam Paulo Antony | tips, bug-bounty-tips, roadmaps, bug-bounty | 23-Apr-2024 |
VERTICAL RECON : SUBDOMAINS ENUMERATION. THE ART OF RECONISM: | https://hacktivistattacker.medium.com/vertical-recon-subdomains-enumeration-the-art-of-reconism-66d3be42d5d0?source=rss------bug_bounty-5 | Hacktivist-Attacker | subdomain-enumeration, information-gathering, subdomains-enumeration, bug-bounty, reconnaissance | 23-Apr-2024 |
20.4 Lab: Routing-based SSRF Vulnerability | 2024 | https://cyberw1ng.medium.com/20-4-lab-routing-based-ssrf-vulnerability-2024-c34402e8b6dd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, penetration-testing, cybersecurity, bug-bounty, careers | 23-Apr-2024 |
Browser Extension Security Testing: Part 1 | https://codewithvamp.medium.com/browser-extension-security-testing-part-1-0178766d2252?source=rss------bug_bounty-5 | Vaibhav Kumar Srivastava | bug-bounty, hacking, browser-extension, bug-bounty-tips, testing | 23-Apr-2024 |
Email Verification Bypass via Remember Me | https://infosecwriteups.com/email-verification-bypass-via-remember-me-c6d34e6060e9?source=rss------bug_bounty-5 | mo9khu93r | bug-bounty, cybersecurity, pentesting, red-team, hacking | 22-Apr-2024 |
(Insecure Dangerous Component) Developer Backdoor `DebugActivity` included in the Production Game… | https://medium.com/@hazeemyasseer/insecure-dangerous-component-developer-backdoor-debugactivity-included-in-the-production-game-390dddea9363?source=rss------bug_bounty-5 | Hazeem' Yasseer | android-pentesting, android-pentest, bug-bounty-tips, bug-bounty, cybersecurity | 22-Apr-2024 |
20.3 Lab: Web cache poisoning via ambiguous requests | 2024 | https://cyberw1ng.medium.com/20-3-lab-web-cache-poisoning-via-ambiguous-requests-2024-8ab074dec0e4?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, careers, penetration-testing, bug-bounty | 22-Apr-2024 |
How many months took you to find your first bug ?! Let s see | https://medium.com/@aiz3nsk/how-many-months-took-you-to-find-your-first-bug-let-s-see-c48e4cce0c29?source=rss------bug_bounty-5 | Aiz3n Sk | bug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program, bug-bounty-writeup | 22-Apr-2024 |
Don’t overlook any parameter, because the vulnerability lies within! | https://medium.com/@xiaodongsec/dont-overlook-any-parameter-because-the-vulnerability-lies-within-d0107d0c4f3e?source=rss------bug_bounty-5 | Xiaodong | hacker, vulnerability, china, money, bug-bounty | 22-Apr-2024 |
Exploiting PostMessage for cool XSS vulnerabilities | https://manasharsh.medium.com/exploiting-postmessage-for-cool-xss-vulnerabilities-cbea132398e1?source=rss------bug_bounty-5 | Manas Harsh | hacking, xss-vulnerability, bug-bounty, application-security | 22-Apr-2024 |
Google Map API Key Exposure: A Bug Bounty Journey | https://medium.com/@iamrizwanvp/google-map-api-key-exposure-a-bug-bounty-journey-6e0bb1560961?source=rss------bug_bounty-5 | RIZWAN | pentesting, bug-bounty, cybersecurity, bugbounty-writeup | 22-Apr-2024 |
Auto Bug Bounty Script — Unleash Your Hunting Potential | https://medium.com/@psychomong/auto-bug-bounty-script-unleash-your-hunting-potential-7ecd6ad417ea?source=rss------bug_bounty-5 | psychomong | bug-bounty, vapt, hacker, bug-bounty-tips, automation | 22-Apr-2024 |
How i Find Database Credentials via Mass Recon & Recon Scoping on Gcash | https://ph-hitachi.medium.com/how-i-find-database-credentials-via-mass-recon-recon-scoping-on-gcash-f43a0dae3ec1?source=rss------bug_bounty-5 | Ph.Hitachi | pentest, reconnaissance, recon, bug-bounty, gcash | 22-Apr-2024 |
What is SSRF and how to Detect them on Web Application | https://alvinbijo.medium.com/what-is-ssrf-and-how-to-detect-them-on-web-application-687820c4d097?source=rss------bug_bounty-5 | Alvin bijo | bug-bounty-tips, bug-bounty, xs, ssrf | 22-Apr-2024 |
Bug Bounty Challenge (final): Day 3–22/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-final-day-3-22-04-2024-51adde52bf60?source=rss------bug_bounty-5 | Wallotry | bug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-tips | 22-Apr-2024 |
Cross-Site Scripting Detection | https://medium.com/@b.c114303/cross-site-scripting-detection-b35e4bd744b3?source=rss------bug_bounty-5 | Anni0p | bug-bounty, cybersecurity, xss-attack | 22-Apr-2024 |
Beware of Method Swapping: Unveiling a Potential Security Vulnerability | https://infosecwriteups.com/beware-of-method-swapping-unveiling-a-potential-security-vulnerability-cc66c867e3b2?source=rss------bug_bounty-5 | HooS | bug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips | 22-Apr-2024 |
How to avoid burnouts in bugbounty? | https://medium.com/@mr_prey3r/how-to-avoid-burnouts-in-bugbounty-4d97e14f1ff1?source=rss------bug_bounty-5 | Rubayet Hasan aka MR_Prey3r | bug-bounty-tips, bug-bounty, bug-bounty-writeup | 22-Apr-2024 |
Beware of Method Swapping: Unveiling a Potential Security Vulnerability | https://medium.com/@hoosgamer/beware-of-method-swapping-unveiling-a-potential-security-vulnerability-cc66c867e3b2?source=rss------bug_bounty-5 | HooS | bug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips | 22-Apr-2024 |
Beware of Method Swapping: Unveiling a Potential Security Vulnerability | https://medium.com/@hohky_/beware-of-method-swapping-unveiling-a-potential-security-vulnerability-cc66c867e3b2?source=rss------bug_bounty-5 | Hohky | bug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips | 22-Apr-2024 |
Project discovery`s Chaos: Subdomains Discovery for all Bug Bounty Programs | https://medium.com/@miladkeivanfar/project-discovery-s-chaos-subdomains-discovery-for-all-bug-bounty-programs-b9e39fe3589d?source=rss------bug_bounty-5 | Milad keivanfar | security, subdomains-enumeration, bug-bounty, penetration-testing | 21-Apr-2024 |
SQL Injection Vulnerability in WHERE Clause Allowing Retrieval of Hidden Data | https://medium.com/@marduk.i.am/sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-96beb7f99d0c?source=rss------bug_bounty-5 | Marduk I Am | portswigger-lab, sql-injection, information-security, bug-bounty, cybersecurity | 21-Apr-2024 |
Unraveling the Secrets of CWE and CVE in easily way | https://medium.com/@abdallahhendy15/unraveling-the-secrets-of-cwe-and-cve-in-easily-way-fc332b0294d6?source=rss------bug_bounty-5 | Abdallahhendy | penetration-testing, cwe, cybersecurity, cve, bug-bounty | 21-Apr-2024 |
Such a simple zero-payment vulnerability. | https://medium.com/@xiaodongsec/such-a-simple-zero-payment-vulnerability-8e29421cbf58?source=rss------bug_bounty-5 | Xiaodong | money, vulnerability, bug-bounty, china, hacker | 21-Apr-2024 |
Linux Mastery, Practical Exercises for Effective Command Line Skills | https://medium.com/@muhammadriva/linux-mastery-practical-exercises-for-effective-command-line-skills-e769d1010f73?source=rss------bug_bounty-5 | Muhammad Riva | cyber-security-awareness, penetration-testing, cybersecurity, bug-bounty, kali-linux | 21-Apr-2024 |
What is server-side template injection? | https://cyberw1ng.medium.com/what-is-server-side-template-injection-77b7e4d0cad2?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, cybersecurity, penetration-testing, careers | 21-Apr-2024 |
How I could have hacked one LG website with a simple recon… | https://medium.com/@rubixrub/how-i-could-have-hacked-one-lg-website-with-a-simple-recon-8306e6e4be54?source=rss------bug_bounty-5 | RubX | hacking, bug-bounty, cybersecurity, bug-bounty-tips | 21-Apr-2024 |
HACKTHEBOX CBBH REVIEW | https://medium.com/@admiralhr99/hackthebox-cbbh-review-76944984a573?source=rss------bug_bounty-5 | Admiralhr | web-application-security, bug-bounty, cybersecurity, cbbh, hackthebox | 21-Apr-2024 |
How do I get Started in Cyber Security? — My Perspective & Learning Path! | https://medium.com/@aadhaarkoul2002/how-do-i-get-started-in-cyber-security-my-perspective-learning-path-cd45846dbe63?source=rss------bug_bounty-5 | Aadhaarkoul | bug-bounty, infosec, technology, hacking, learning | 21-Apr-2024 |
Bug Bounty Challenge (final): Day 1–21/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-final-day-1-21-04-2024-f832f23f0464?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips | 21-Apr-2024 |
Bug Bounty Challenge (final): Day 2–21/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-final-day-1-21-04-2024-f832f23f0464?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips | 21-Apr-2024 |
Unsecured Content Provider leads to Account Takeover | https://medium.com/@ahmedelmorsy312/unsecure-content-provider-led-to-account-takeover-1e45d716bd7c?source=rss------bug_bounty-5 | Ahmed Elmorsi | hacker, bugbounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty | 20-Apr-2024 |
Best Bug Bounty Tips | https://bevijaygupta.medium.com/best-bug-bounty-tips-af66fd076eb4?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-tips, bug-fixes, bugs, bug-bounty, bug-zero | 20-Apr-2024 |
Unraveling the Millennium Bug: A Digital Apocalypse | https://medium.com/@ak123aryan/unraveling-the-millennium-bug-a-digital-apocalypse-39af9dbadc0b?source=rss------bug_bounty-5 | Akshay Aryan | java, bugs, software-development, bug-bounty | 20-Apr-2024 |
My methodology for hunting for open Redirect vulnerabilities | https://medium.com/@hozayfan782/my-methodology-for-hunting-for-open-redirect-vulnerabilities-fb79f2d24c22?source=rss------bug_bounty-5 | Hozayfa Nasser | tips, open-redirect, bug-bounty, tips-and-tricks | 20-Apr-2024 |
19.5 Lab: Finding a hidden GraphQL endpoint | 2024 | https://cyberw1ng.medium.com/19-5-lab-finding-a-hidden-graphql-endpoint-2024-aeb8cec440d1?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, careers, hacking, penetration-testing | 20-Apr-2024 |
Paramspider Upgraded Version | https://medium.com/@pushkrajdhuri07/paramspider-upgraded-version-b14c1e8f9810?source=rss------bug_bounty-5 | PushkaraJ | hacking, bug-bounty, cybersecurity, redteam-tool, infosec | 20-Apr-2024 |
Bug Bounty Challenge (final): Day 1–20/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-final-day-1-20-04-2024-2db4a6c86cc2?source=rss------bug_bounty-5 | Wallotry | bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup, bug-bounty | 20-Apr-2024 |
April 2024 Reading List | https://daytontp.medium.com/april-2024-reading-list-e570dd5143c9?source=rss------bug_bounty-5 | Dayton Pruet | bug-bounty, network-security, cloud-computing, google-cloud-platform, linux | 19-Apr-2024 |
Race Condition on Change Email Leads to Arbitrary Email Forgery | https://medium.com/@blackarazi/race-condition-on-change-email-leads-to-arbitrary-email-forgery-741b720ac840?source=rss------bug_bounty-5 | Azhari Harahap | bug-bounty, application-security, api-security, race-condition, bug-bounty-writeup | 19-Apr-2024 |
Blockchain Bug Bounty | https://bevijaygupta.medium.com/blockchain-bug-bounty-a84c5f5ac684?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty, bug-bounty-tips, blockchain, blockchain-technology, bugs | 19-Apr-2024 |
OTP Bypass Security Issues and Remediations | https://pratham-08.medium.com/otp-bypass-security-issues-and-remediations-f207eecebbea?source=rss------bug_bounty-5 | Pratham Mittal | secure-coding, software-development, otp-bypass, bug-bounty, security | 19-Apr-2024 |
Reconnaissance in Bug Bounty Programs | https://bevijaygupta.medium.com/reconnaissance-in-bug-bounty-programs-d46fadeb4508?source=rss------bug_bounty-5 | Vijay Gupta | bugs, bug-bounty-tips, footprinting, reconnaissance, bug-bounty | 19-Apr-2024 |
First valid critical vulnerability of mine | https://medium.com/@shalabhdevliyal/first-valid-critical-vulnerability-of-mine-1143ceaffefc?source=rss------bug_bounty-5 | Shalabhdevliyal | vulnerability, hackerone, bug-bounty, cybersecurity | 19-Apr-2024 |
OOGWAY — Vulnerability Search Tool | https://symbolexe.medium.com/oogway-vulnerability-search-tool-494587f0c00d?source=rss------bug_bounty-5 | Yasin | bug-bounty, cybersecurity, vulnerability, cve | 19-Apr-2024 |
An Interesting Case of XSS Caused by File Upload | https://medium.com/@xiaodongsec/an-interesting-case-of-xss-caused-by-file-upload-86bdfb09408f?source=rss------bug_bounty-5 | Xiaodong | china, security, bug-bounty, money, hacks | 19-Apr-2024 |
How I Disclosed Employees PII | The mistake I made..| | https://medium.com/@the.bugcrowd.testerpawan/how-i-disclosed-employees-pii-the-mistake-i-made-ca299a155440?source=rss------bug_bounty-5 | the_air_sharma | bug-bounty-hunter, bug-bounty-program, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 19-Apr-2024 |
19.4 Lab: Performing CSRF exploits over GraphQL | 2024 | https://cyberw1ng.medium.com/19-4-lab-performing-csrf-exploits-over-graphql-2024-8362148aee53?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, careers, penetration-testing, hacking | 19-Apr-2024 |
let’s Unlock Advanced Permissions | https://rofes1337.medium.com/lets-unlock-advanced-permissions-d8529e9048e4?source=rss------bug_bounty-5 | Yousef Muhammedelkhir | bug-bounty-tips, penteration-testing, bug-bounty, web-app-pentesting, privilege-escalation | 19-Apr-2024 |
Defence Methodologie | https://medium.com/@haticezkmnl/defence-methodologie-bd3aa669d90e?source=rss------bug_bounty-5 | Hatice Zehra Kamanlı | pentesting, bug-bounty, soc, prevention, cybersecurity | 19-Apr-2024 |
A CRASH COURSE ON NETWORK PROTOCOLS FOR BUG HUNTERS | https://medium.com/@binarymaster/a-crash-course-on-network-protocols-for-bug-hunters-d2648b79ab0e?source=rss------bug_bounty-5 | Binarymaster | hacking, bug-bounty, network | 19-Apr-2024 |
Rest API Pentesting Resources | https://medium.com/@m14r41/rest-api-pentesting-resources-3155985b8c4d?source=rss------bug_bounty-5 | Madhurendra Kumar | pentesting, checklist, bug-bounty, api, hacking | 19-Apr-2024 |
A CRASH COURSE ON NETWORK PROTOCOLS FOR BUG HUNTERS | https://medium.com/@Progsky/a-crash-course-on-network-protocols-for-bug-hunters-d2648b79ab0e?source=rss------bug_bounty-5 | Progsky | hacking, bug-bounty, network | 19-Apr-2024 |
Stored XSS chain on NASA VDP | https://medium.com/@ph4nt0mbyt3/stored-xss-chain-on-nasa-vdp-93814e2df863?source=rss------bug_bounty-5 | ph4nt0mbyt3 | bug-bounty, vulnerability, nasa | 18-Apr-2024 |
Introducing SHIFU: Your Comprehensive CVE Finder Toolkit | https://symbolexe.medium.com/introducing-shifu-your-comprehensive-cve-finder-toolkit-4b036cce55c6?source=rss------bug_bounty-5 | Yasin | cybersecurity, cve, bug-bounty | 18-Apr-2024 |
How Shodan Helps me to Find SMTP misconfiguration | https://thesafdari.medium.com/how-shodan-helps-me-to-find-smtp-misconfiguration-56f63f1116a5?source=rss------bug_bounty-5 | Milad Safdari | bug-bounty, finding-smtp-misconfig, finding-vulnerabilities | 18-Apr-2024 |
Jamtangan Bug Bounty | https://bevijaygupta.medium.com/jamtangan-bug-bounty-7c49fc09881f?source=rss------bug_bounty-5 | Vijay Gupta | bugs, bug-zero, bug-bounty-tips, bug-bounty, jam-tangan | 18-Apr-2024 |
IDOR Bug Bounty | https://bevijaygupta.medium.com/idor-bug-bounty-282d62d91691?source=rss------bug_bounty-5 | Vijay Gupta | idor, bugs, bug-zero, bug-bounty, bug-bounty-tips | 18-Apr-2024 |
Yahoo Bug Bounty | https://bevijaygupta.medium.com/yahoo-bug-bounty-a8a711e9ec3a?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty, yahoo-bug-bounty, bugs, yahoo, bug-bounty-tips | 18-Apr-2024 |
A Beginner’s Guide To Insecure Deserialization | https://medium.com/@four0four/a-beginners-guide-to-insecure-deserialization-d359adffb207?source=rss------bug_bounty-5 | four0four | programming, cybersecurity, bug-bounty | 18-Apr-2024 |
How I found HTMLi on main domain of program | https://medium.com/@jeetpal2007/how-i-found-htmli-on-main-domain-of-program-5c88a8e1af9a?source=rss------bug_bounty-5 | JEETPAL | bug-bounty-tips, html-injection, bug-bounty | 18-Apr-2024 |
IDOR Lead to Data Leak | https://melguerdawi.medium.com/idor-lead-to-data-leak-c5107094f9ca?source=rss------bug_bounty-5 | Mostafa Elguerdawi | bug-bounty, cybersecurity, bug-bounty-tips | 18-Apr-2024 |
VulnersX Tool | https://symbolexe.medium.com/vulnersx-tool-7a10b3090bbf?source=rss------bug_bounty-5 | Yasin | cybersecurity, cve, vulnerability, bug-bounty | 18-Apr-2024 |
How Shodan Helps me to Find SMTP misconfiguration | https://thesafdari.medium.com/how-shodan-helps-me-to-find-smtp-misconfiguration-56f63f1116a5?source=rss------bug_bounty-5 | Milad Safdari (TheSafdari) | bug-bounty, finding-smtp-misconfig, finding-vulnerabilities | 18-Apr-2024 |
How i Hacked Globe/Gcash services and manage to get access on multiple databases including ssh… | https://ph-hitachi.medium.com/how-i-hacked-globe-gcash-services-and-manage-to-get-access-on-multiple-databases-including-ssh-9ca781348e8f?source=rss------bug_bounty-5 | Ph.Hitachi | bug-bounty, public-disclosure, pentesting, gcash | 18-Apr-2024 |
SSL Pinning Bypass Simplified | https://medium.com/@evilprince007/ssl-pinning-bypass-simplified-48c0d5294a6c?source=rss------bug_bounty-5 | Prathamesh Khatavkar | bug-bounty, cybersecurity, android | 18-Apr-2024 |
Unveiling Access Control Flaws: Taking over an entire organization | https://medium.com/@im0thmann/unveiling-access-control-flaws-taking-over-an-entire-organization-23505eb75d89?source=rss------bug_bounty-5 | mohamed othman | cybersecurity, bug-bounty | 18-Apr-2024 |
19.3 Lab: Bypassing GraphQL brute force protections | 2024 | https://cyberw1ng.medium.com/19-3-lab-bypassing-graphql-brute-force-protections-2024-ae9df787c7c7?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, penetration-testing, careers, bug-bounty, hacking | 18-Apr-2024 |
How I Used the ‘Everything’ Service to Uncover Two High-Risk Threats and Earn Over $700 in Rewards | https://medium.com/@xiaodongsec/how-i-used-the-everything-service-to-uncover-two-high-risk-threats-and-earn-over-700-in-rewards-c42d002707ad?source=rss------bug_bounty-5 | Xiaodong | china, bug-bounty, money, hacker, vulnerability | 17-Apr-2024 |
Uber Bug Bounty Program | https://bevijaygupta.medium.com/uber-bug-bounty-program-04cfe5050cd1?source=rss------bug_bounty-5 | Vijay Gupta | uber, bug-bounty, bug-bounty-tips, bug-zero, bugs | 17-Apr-2024 |
“Mastering Bug Bounty Hunting: Unveiling Secrets to Finding Hidden Vulnerabilities” | https://medium.com/@faizalin5555/mastering-bug-bounty-hunting-unveiling-secrets-to-finding-hidden-vulnerabilities-0b5088e213d4?source=rss------bug_bounty-5 | Faizal N | bug-bounty-tips, bug-bounty, cybersecurity, penetration-testing, vulnerability | 17-Apr-2024 |
Bug Bounty POC | https://bevijaygupta.medium.com/bug-bounty-poc-e7fefda2fad0?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty, poc, bug-bounty-tips, bug-zero, bugs | 17-Apr-2024 |
Vulnerability Bounty Tool Recommendation: WIH | https://medium.com/@xiaodongsec/vulnerability-bounty-tool-recommendation-wih-1e7b559b5fbc?source=rss------bug_bounty-5 | Xiaodong | china, tools, hacker, bug-bounty, money | 17-Apr-2024 |
Leveraging XSS to Execute CSRF Attacks | https://medium.com/@dodir.sec/leveraging-xss-to-execute-csrf-attacks-421edb662b40?source=rss------bug_bounty-5 | dodir | bug-bounty, cybersecurity, penetration-testing, csrf, xss-attack | 17-Apr-2024 |
API Mis configuration: How Employee can change Manager’s review for him. (Part 2) | https://interc3pt3r.medium.com/api-mis-configuration-how-employee-can-change-managers-review-for-him-part-2-28b242216b40?source=rss------bug_bounty-5 | Aneesha D | web-development, bug-bounty, tips, cybersecurity, hacking | 17-Apr-2024 |
19.2 Lab: Accidental exposure of private GraphQL fields | 2024 | https://cyberw1ng.medium.com/19-2-lab-accidental-exposure-of-private-graphql-fields-2024-0d0836dc82ba?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, penetration-testing, hacking, bug-bounty, careers | 17-Apr-2024 |
How I approach Account takeover due to no rate limit on OTP | https://medium.com/@jeetpal2007/how-i-approach-account-takeover-due-to-no-rate-limit-on-otp-10a7fe056184?source=rss------bug_bounty-5 | JEETPAL | bug-bounty, bountytips, no-rate-limit, account-takeover | 17-Apr-2024 |
How I found a P1 bug in just 40 minutes | https://medium.com/@jeetpal2007/how-i-found-a-p1-bug-in-just-40-minutes-4f3614abe974?source=rss------bug_bounty-5 | JEETPAL | api-key, p1bugs, bug-bounty-tips, bug-bounty | 17-Apr-2024 |
OTP Bruteforce Chained with Response Manipulation Leads to Zero Click Account Takeover | https://medium.com/@cyberpro151/otp-bruteforce-chained-with-response-manipulation-leads-to-zero-click-account-takeover-7d1bee79a19f?source=rss------bug_bounty-5 | cyberpro151 | cybersecurity, account-takeover, bug-bounty, web-hacking, hacking | 17-Apr-2024 |
(Part 2) API Mis configuration: How Employee can change Manager’s review for him. | https://interc3pt3r.medium.com/api-mis-configuration-how-employee-can-change-managers-review-for-him-part-2-28b242216b40?source=rss------bug_bounty-5 | Aneesha D | web-development, bug-bounty, tips, cybersecurity, hacking | 17-Apr-2024 |
TCM Security — Practical Ethical Hacking Course — Find & Exploit Common Web Vulnerabilities — XSS… | https://shibushivansh.medium.com/tcm-security-practical-ethical-hacking-course-find-exploit-common-web-vulnerabilities-xss-00dbb33d45e2?source=rss------bug_bounty-5 | Shivansh Seth | cross-site-scripting, blog, command-injection, bug-bounty, cybersecurity | 16-Apr-2024 |
PayPal Bug Bounty | https://bevijaygupta.medium.com/paypal-bug-bounty-7838f8bc5e4b?source=rss------bug_bounty-5 | Vijay Gupta | bugs, paypal, paypal-account, bug-bounty, bug-bounty-tips | 16-Apr-2024 |
Discord Bug Bounty | https://bevijaygupta.medium.com/discord-bug-bounty-e2d0d3829c99?source=rss------bug_bounty-5 | Vijay Gupta | bugs, discord, bug-bounty-tips, bug-bounty, discord-bot | 16-Apr-2024 |
Top 5 books to learn bug hunting beginner to advance | https://medium.com/@buglearners.com/top-5-books-to-learn-bug-hunting-beginner-to-advance-9006c34ea126?source=rss------bug_bounty-5 | Buglearners.com | bug-bounty, cybersecurity, bug-hunting, advance, books | 16-Apr-2024 |
18.4 Lab: Exploiting Ruby deserialization using a documented gadget chain | 2024 | https://cyberw1ng.medium.com/18-4-lab-exploiting-ruby-deserialization-using-a-documented-gadget-chain-2024-2e02be94c6f8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, careers, bug-bounty, penetration-testing | 16-Apr-2024 |
Email Template Draft Feature Triggers SSRF, Earns ¥3000! | https://medium.com/@xiaodongsec/email-template-draft-feature-triggers-ssrf-earns-3000-d59af1ffbae6?source=rss------bug_bounty-5 | Xiaodong | hacker, vulnerability, china, money, bug-bounty | 16-Apr-2024 |
WhatWeb!? | https://thehackersmeetup.medium.com/whatweb-c132eb13927c?source=rss------bug_bounty-5 | The Hackers Meetup | tools, bug-bounty, whatweb, kali, web | 16-Apr-2024 |
XSS (Міжсайтовий скриптинг): детальний розбір | https://medium.com/@max.pavlenko.dev/xss-%D0%BC%D1%96%D0%B6%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2%D0%B8%D0%B9-%D1%81%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%B8%D0%BD%D0%B3-%D0%B4%D0%B5%D1%82%D0%B0%D0%BB%D1%8C%D0%BD%D0%B8%D0%B9-%D1%80%D0%BE%D0%B7%D0%B1%D1%96%D1%80-23c36e5a7483?source=rss------bug_bounty-5 | Max Pavlenko (Certified Vue.js Developer) | bug-bounty, security, front-end-development, xss-vulnerability | 16-Apr-2024 |
Reverse Engineering Sitecore Vulnerabilities-3 | https://medium.com/@nilayp799/reverse-engineering-sitecore-vulnerabilities-3-ba8a99563ca4?source=rss------bug_bounty-5 | Nilay Patel | bug-bounty, vulnerability, automation, hacking, sitecore | 16-Apr-2024 |
Reverse Shell Scripting Concept. | https://rahman0x01.medium.com/reverse-shell-scripting-concept-1bf1f60686a7?source=rss------bug_bounty-5 | rahman0x01 | netcat, bash-scripting, bug-bounty, reverse-shell, bash-script | 16-Apr-2024 |
I Found An IDOR Flaw where users' attached pictures and documents were leaked. | https://medium.com/@Ajakcybersecurity/i-found-an-idor-flaw-where-users-attached-pictures-and-documents-were-leaked-961d564ce72f?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, cybersecurity, money, bug-bounty, penetration-testing | 16-Apr-2024 |
Bug Bounty Automation | https://bevijaygupta.medium.com/bug-bounty-automation-f1fa68e3d903?source=rss------bug_bounty-5 | Vijay Gupta | automation-tools, automation-testing, bug-bounty-tips, automation, bug-bounty | 15-Apr-2024 |
Dell Bug Bounty | https://bevijaygupta.medium.com/dell-bug-bounty-a578dc53d7bb?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-tips, dell, dell-laptop, bugs, bug-bounty | 15-Apr-2024 |
CVE-2024–3400: A Critical Vulnerability in PAN-OS Firewalls | https://infosecwriteups.com/cve-2024-3400-a-critical-vulnerability-in-pan-os-firewalls-a7f8c66a10d2?source=rss------bug_bounty-5 | ElNiak | bug-bounty, penetration-testing, command-injection, firewall, cybersecurity | 15-Apr-2024 |
Story of a strange IDOR without ID | https://m7arm4n.medium.com/story-of-a-strange-idor-without-id-6735fd3dcd27?source=rss------bug_bounty-5 | M7arm4n | hacking, bug-bounty, bug-bounty-tips, security, hacker | 15-Apr-2024 |
CSRF (1/3) | https://medium.com/@karimelsayed0x1/csrf-1-3-22050bf9c92c?source=rss------bug_bounty-5 | z3r0xk | bug-bounty, bug-bounty-tips, bug-bounty-writeup, csrf, web-attack | 15-Apr-2024 |
Advance XSS payload List | https://medium.com/@psychomong/advance-xss-payload-list-7b5d1a4df61c?source=rss------bug_bounty-5 | psychomong | hacking, bug-bounty-tips, bugs, bug-bounty, xss-attack | 15-Apr-2024 |
18.3 Lab: Exploiting PHP deserialization with a pre-built gadget chain | 2024 | https://cyberw1ng.medium.com/18-3-lab-exploiting-php-deserialization-with-a-pre-built-gadget-chain-2024-64dcb875e23c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, hacking, penetration-testing, bug-bounty | 15-Apr-2024 |
How I got JS Execution (DOM XSS) Via CSTI | https://medium.com/@amrkadry7/how-i-got-js-execution-dom-xss-via-csti-58a4171c2963?source=rss------bug_bounty-5 | Amr | cybersecurity, bug-bounty | 15-Apr-2024 |
Acer Bug Bounty | https://bevijaygupta.medium.com/acer-bug-bounty-9ce4d49c1051?source=rss------bug_bounty-5 | Vijay Gupta | acer, bug-zero, bug-bounty, bug-bounty-tips, bugs | 14-Apr-2024 |
My Bug Bounty Journey | https://bevijaygupta.medium.com/my-bug-bounty-journey-b07f663c8ff8?source=rss------bug_bounty-5 | Vijay Gupta | bug-zero, bug-bounty-tips, my-journey, bugs, bug-bounty | 14-Apr-2024 |
Ten Tips You Have to Know for WordPress Bug Bounty | https://medium.com/@zpbrent/ten-tips-you-have-to-know-for-wordpress-bug-bounty-b2b070f07add?source=rss------bug_bounty-5 | Peng Zhou | bug-bounty, wordpress, infosec, hacker, bug-bounty-tips | 14-Apr-2024 |
How I Exploited the Account Cancellation Feature to Farm Rewards | https://medium.com/@xiaodongsec/how-i-exploited-the-account-cancellation-feature-to-farm-rewards-19f6d6c0e181?source=rss------bug_bounty-5 | Xiaodong | hacks, bug-bounty, skills, vulnerability, china | 14-Apr-2024 |
How I Hack Web Applications (Part 1) | https://infosecwriteups.com/how-i-hack-web-applications-part-1-0833c002cc9a?source=rss------bug_bounty-5 | Rafin Rahman Chy | ethical-hacking, penetration-testing, bug-bounty, infosec, application-security | 14-Apr-2024 |
A unique SSRF hunt ( Invite user functionality vulnerable to blind SSRF attack ) | https://medium.com/@abhishek8602314652/a-unique-ssrf-hunt-invite-user-functionality-vulnerable-to-blind-ssrf-attack-c6804b2b398b?source=rss------bug_bounty-5 | Abhishek singh ( a6h1) | bug-bounty, ssrf, bug-bounty-tips, bug-hunting, bug-bounty-writeup | 14-Apr-2024 |
A click can cause 1600$ | Auth0 misconfig . | https://naumankh4n.medium.com/a-click-can-cause-1600-auth0-misconfig-9234aedad55c?source=rss------bug_bounty-5 | Nauman Khan | penetration-testing, bug-bounty, hacking, cybersecurity, money | 14-Apr-2024 |
18.2 Lab: Exploiting Java deserialization with Apache Commons | 2024 | https://cyberw1ng.medium.com/18-2-lab-exploiting-java-deserialization-with-apache-commons-2024-7ba379e97b52?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, cybersecurity, careers, penetration-testing | 14-Apr-2024 |
Access to transparent security testing — Why we made HackGATE™ available to everyone | https://medium.com/@levente.b.molnar/access-to-transparent-security-testing-why-we-made-hackgate-available-to-everyone-11c3e0efe44c?source=rss------bug_bounty-5 | Hackrate | bug-bounty, penetration-testing, pentesting, security, cybersecurity | 14-Apr-2024 |
THE ART OF RECONISM: HORIZONTAL RECON FOR PENETRATION TESTING: | https://hacktivistattacker.medium.com/the-art-of-reconism-horizontal-recon-for-penetration-testing-fea5399af186?source=rss------bug_bounty-5 | Hacktivist-Attacker | reconnaissance, horizonatl-reconaissance, scope-finding, bug-bounty, information-gathering | 13-Apr-2024 |
Power of CSRF | https://medium.com/@hillrane24/power-of-csrf-43b736c74280?source=rss------bug_bounty-5 | NIKHIL RANE | otp-bypass, bug-bounty, csrf, authentication-bypass | 13-Apr-2024 |
Unauthorized Admin Account Access via Google Authentication | https://nullr3x.medium.com/unauthorized-admin-account-access-via-google-authentication-a38d42577ac9?source=rss------bug_bounty-5 | Sahil Mehra | cybersecurity, web, bug-bounty, vulnerability, penetration-testing | 13-Apr-2024 |
Bancor Bug Bounty | https://bevijaygupta.medium.com/bancor-bug-bounty-9c40e9389ab5?source=rss------bug_bounty-5 | Vijay Gupta | bug-zero, bug-bounty, bug-bounty-tips, bugs, bancor | 13-Apr-2024 |
Facebook Bug Bounty | https://bevijaygupta.medium.com/facebook-bug-bounty-e9e73ce56f11?source=rss------bug_bounty-5 | Vijay Gupta | facebook, bug-bounty-tips, bug-bounty, bugs, facebook-bug-bounty | 13-Apr-2024 |
Menggali Potensi Bug Bounty: Menghasilkan Uang atau Menemukan Keamanan? | https://medium.com/@kaizen100801/menggali-potensi-bug-bounty-menghasilkan-uang-atau-menemukan-keamanan-170c44d2904e?source=rss------bug_bounty-5 | Zen | bug-bounty, bug-bounty-tips, cybersecurity, hacking, cyber-security-awareness | 13-Apr-2024 |
Api Bug Bounty | https://bevijaygupta.medium.com/api-bug-bounty-5f2aafced9a4?source=rss------bug_bounty-5 | Vijay Gupta | bugs, api, bug-bounty, api-development, bug-bounty-tips | 13-Apr-2024 |
How I saved over 200,000 job seekers’ data on staterecruit.in from a potential data breach. | https://brutexploiter.medium.com/how-i-saved-over-200-000-job-seekers-data-on-staterecruit-in-from-a-potential-data-breach-7db5bad1c9e0?source=rss------bug_bounty-5 | brutexploiter | cybersecurity, web-development, web-security, sql-injection, bug-bounty | 13-Apr-2024 |
How do insecure deserialization vulnerabilities arise? | https://cyberw1ng.medium.com/how-do-insecure-deserialization-vulnerabilities-arise-233c336b305b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, penetration-testing, careers, hacking, bug-bounty | 13-Apr-2024 |
How Did I Easily Find Stored XSS at Apple and earn $5000 ? | https://medium.com/@xrypt0/how-did-i-easily-find-stored-xss-at-apple-and-earn-5000-3aadbae054b2?source=rss------bug_bounty-5 | Crypto | security, xss-attack, apple, bug-bounty, web-security | 13-Apr-2024 |
TryHackMe Creative Write-Up | https://blog.devgenius.io/tryhackme-creative-write-up-f29e2cdbf7ae?source=rss------bug_bounty-5 | Joseph Alan | tryhackme-walkthrough, tryhackme, cybersecurity, tryhackme-writeup, bug-bounty | 13-Apr-2024 |
Broken Access Control (IDOR) on Forgot Password Could Lead to Attacker Change Password for Every… | https://medium.com/@blackarazi/broken-access-control-idor-on-forgot-password-could-lead-to-attacker-change-password-for-every-e1b18e075b5a?source=rss------bug_bounty-5 | Azhari Harahap | bug-bounty-writeup, bug-bounty, account-takeover, application-security, broken-access-control | 12-Apr-2024 |
How I managed to bypass 2FA on image line | https://medium.com/@bishwajeetb1/how-i-managed-to-bypass-2fa-on-image-line-11f123fc32ea?source=rss------bug_bounty-5 | Bishwajeet | cybersecurity, bug-bounty, application-security, web-application-testing, web-application-security | 12-Apr-2024 |
Using E-Notation to bypass Access Control restrictions to access arbitrary user PII-discussions | https://medium.com/@keizobugbounty/using-e-notation-to-bypass-access-control-restrictions-to-access-arbitrary-user-pii-discussions-1fa014b544d4?source=rss------bug_bounty-5 | Keizo | bugbounty-writeup, cybersecurity, bug-bounty-writeup, bug-bounty, bug-bounty-tips | 12-Apr-2024 |
The Critical Role Of Bug Bounties in Ensuring Web3 Security | https://securrtech.medium.com/the-critical-role-of-bug-bounties-in-ensuring-web3-security-084cf518234b?source=rss------bug_bounty-5 | Securr | web3-security, bug-bounty, web3 | 12-Apr-2024 |
How I Find My First Internet Bug Bounty for Apache Airflow | https://medium.com/@zpbrent/how-i-find-my-first-internet-bug-bounty-for-apache-airflow-9d3c1ec29b24?source=rss------bug_bounty-5 | Peng Zhou | bug-bounty, open-source, airflow, python, infosec | 12-Apr-2024 |
Bug Zero at a Glance [16–31 March] | https://blog.bugzero.io/bug-zero-at-a-glance-16-31-march-4f4cd6823a75?source=rss------bug_bounty-5 | Januka Dharmapriya | cybersecurity, sri-lanka, bug-zero, bug-bounty, newsletter | 12-Apr-2024 |
How i Almost got 2K$ through a Race condition | https://medium.com/@0x3adly/how-i-almost-got-2k-through-a-race-condition-3b09232b3a25?source=rss------bug_bounty-5 | Anas Eladly ( 0x3adly ) | bug-bounty, bug-bounty-tips, race-condition, infosec, web-penetration-testing | 12-Apr-2024 |
A Comprehensive Guide to Static Analysis in Android Pentesting | https://medium.com/@samireddisaimanikanta939/a-comprehensive-guide-to-static-analysis-in-android-pentesting-66023053ed18?source=rss------bug_bounty-5 | Intrud3rX | penetration-testing, ethical-hacking, android-static-analysis, android-pentesting, bug-bounty | 12-Apr-2024 |
Learn Bug Bounty | https://bevijaygupta.medium.com/learn-bug-bounty-d67654f0c01f?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-tips, bugs, bug-bounty, learn, bug-zero | 12-Apr-2024 |
Microsoft Bug Bounty | https://bevijaygupta.medium.com/microsoft-bug-bounty-1295263b135e?source=rss------bug_bounty-5 | Vijay Gupta | microsoft, microservices, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 12-Apr-2024 |
How I Bypassed Offer Limits to Gain Multiple Membership Benefits | https://medium.com/@xiaodongsec/how-i-bypassed-offer-limits-to-gain-multiple-membership-benefits-affea84c0844?source=rss------bug_bounty-5 | Xiaodong | bug-bounty, hacker, china, vulnerability | 12-Apr-2024 |
Latest Bug Bounty And Web Hacking Tools Bug Bunty And Web Hacking Tools | https://medium.com/@haidertallal786/latest-bug-bounty-and-web-hacking-tools-bug-bunty-and-web-hacking-tools-feff2224b200?source=rss------bug_bounty-5 | Muhammad haider Tallal | bug-bounty, web-penetration-testing, hacking | 12-Apr-2024 |
Zoho Account Takeover: How a Single Click Can Lead to Full Control on your Zoho account | https://medium.com/@0xUsername/zoho-account-takeover-how-a-single-click-can-lead-to-full-control-on-your-zoho-account-04a5ea069382?source=rss------bug_bounty-5 | HackerWithOutHat | security, cybersecuirty, bug-bounty, infosec, information-security | 12-Apr-2024 |
Random account takeover via misconfigured OAuth | https://medium.com/@Berserker1337/random-account-takeover-via-misconfigured-oauth-5dc2cbbbe905?source=rss------bug_bounty-5 | Berserker | bug-bounty, cybersecurity, information-security, infosec, vulnerability | 12-Apr-2024 |
16.5 Lab: Multistep clickjacking in Bug Bounty | 2024 | https://cyberw1ng.medium.com/16-5-lab-multistep-clickjacking-in-bug-bounty-2024-a5eb20de6900?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, careers, cybersecurity, hacking | 12-Apr-2024 |
5 Methods I Use To Discover APIs | https://medium.com/@red.whisperer/5-methods-i-use-to-discover-apis-6d646baa3ffb?source=rss------bug_bounty-5 | Chux | api, red-team, pentesting, hacking, bug-bounty | 12-Apr-2024 |
Token-Based Authentication vulnerability | https://medium.com/@paulovitorcl/token-based-authentication-vulnerability-37d97efcca62?source=rss------bug_bounty-5 | Paulo Vitor Costa Lima | bug-bounty, cybersecurity | 12-Apr-2024 |
Hunting on Microsoft SharePoint: The art of manipulation. | https://machiavellli.medium.com/hunting-on-microsoft-sharepoint-the-art-of-manipulation-25c96ee1de3a?source=rss------bug_bounty-5 | Machiavelli | infosec, bug-bounty | 12-Apr-2024 |
How I Discovered Vulnerabilities by Modifying App Memory | https://medium.com/@xiaodongsec/how-i-discovered-vulnerabilities-by-modifying-app-memory-5a87b685ed3d?source=rss------bug_bounty-5 | Xiaodong | hacker, china, bug-bounty, vulnerability, money | 12-Apr-2024 |
How I Exposed a High-Risk SSRF Vulnerability in an AI Model | https://medium.com/@xiaodongsec/how-i-exposed-a-high-risk-ssrf-vulnerability-in-an-ai-model-e40d6f96a5e1?source=rss------bug_bounty-5 | Xiaodongsec | hacker, bug-bounty, ai | 11-Apr-2024 |
Building My Own Packet Sniffer for Game Security Testing | https://medium.com/@yannik603/building-my-own-packet-sniffer-for-game-security-testing-8baf58a94d0c?source=rss------bug_bounty-5 | Yannik Castro | gamehacking, bug-bounty, reverse-engineering, hacking, hacking-tools | 11-Apr-2024 |
Meta Bug Bounty | https://bevijaygupta.medium.com/meta-bug-bounty-cc842ca0f614?source=rss------bug_bounty-5 | Vijay Gupta | bugs, bug-zero, bug-bounty, metaverse, bug-bounty-tips | 11-Apr-2024 |
How to Fuzz Prototype Pollution by Reusing Public CVEs for Fun and Research | https://medium.com/@zpbrent/how-to-fuzz-prototype-pollution-by-reusing-public-cves-for-fun-and-research-40891013bf0b?source=rss------bug_bounty-5 | Peng Zhou | web-security, nodejs, fuzzing, infosec, bug-bounty | 11-Apr-2024 |
How I Exposed a High-Risk SSRF Vulnerability in an AI Model | https://medium.com/@xiaodongsec/how-i-exposed-a-high-risk-ssrf-vulnerability-in-an-ai-model-e40d6f96a5e1?source=rss------bug_bounty-5 | Xiaodong | hacker, bug-bounty, ai | 11-Apr-2024 |
How I Uncovered a Payment Vulnerability | https://medium.com/@xiaodongsec/how-i-uncovered-a-payment-vulnerability-6355e15d1702?source=rss------bug_bounty-5 | Xiaodong | vulnerability, china, bug-bounty, hacker | 11-Apr-2024 |
Indian software firms cheated me by failing to provide the promised bounty after I reported… | https://medium.com/@mangbho28/indian-software-firms-cheated-me-by-failing-to-provide-the-promised-bounty-after-i-reported-ffc7fcc83993?source=rss------bug_bounty-5 | MB007 | bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-program | 11-Apr-2024 |
Bypassed the Amazon CloudFront Logic and got XSS at the National Weather Agency of the U.S. | https://royzsec.medium.com/bypassed-the-amazon-cloudfront-logic-and-got-xss-at-the-national-weather-agency-of-the-u-s-100af330430a?source=rss------bug_bounty-5 | Prince Roy(RoyzSec) | web-development, hacking, bug-bounty, cybersecurity, penetration-testing | 11-Apr-2024 |
7 Essential Skills Every Bug Bounty Hunter Needs to Succeed | https://medium.com/mynextdeveloper/7-essential-skills-every-bug-bounty-hunter-needs-to-succeed-0e6ac8afa483?source=rss------bug_bounty-5 | MyNextDeveloper | penetration-testing, cybersecurity, kali-linux, darkweb, bug-bounty | 11-Apr-2024 |
GitHub Bug Bounty | https://bevijaygupta.medium.com/github-bug-bounty-afa61eb789f3?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-tips, bug-zero, bugs, github, bug-bounty | 11-Apr-2024 |
16.4 Lab: Exploiting clickjacking vulnerability to trigger DOM-based XSS | 2024 | https://cyberw1ng.medium.com/16-4-lab-exploiting-clickjacking-vulnerability-to-trigger-dom-based-xss-2024-71c5b567fb4b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, penetration-testing, cybersecurity, bug-bounty, careers | 11-Apr-2024 |
Secret BurpSuite Extension For BugBounty~ Part-2 | https://medium.com/@Ajakcybersecurity/secret-burpsuite-extension-for-bugbounty-part-2-58b644b9222c?source=rss------bug_bounty-5 | AjakCybersecurity | blog, bug-bounty, penetration-testing, ethical-hacking, hacking | 11-Apr-2024 |
How to Fuzz Prototype Pollution by Reusing Public CVEs for Fun and Research | https://medium.com/@zpbrent/how-to-fuzz-prototype-pollution-by-reusing-public-cves-for-fun-and-research-40891013bf0b?source=rss------bug_bounty-5 | Peng Zhou | javascript, web-security, nodejs, infosec, bug-bounty | 11-Apr-2024 |
Bug Bounty Challenge: Day 16–11/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-day-16-11-04-2024-effc5c820319?source=rss------bug_bounty-5 | Wallotry | bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty | 11-Apr-2024 |
CVE-2024–24576: A Critical Rust Vulnerability on Windows | https://infosecwriteups.com/cve-2024-24576-a-critical-rust-vulnerability-on-windows-4f0bb1a332e9?source=rss------bug_bounty-5 | ElNiak | cybersecurity, windows, rust, penetration-testing, bug-bounty | 10-Apr-2024 |
How I Find an Arbitrary File Upload Vulnerability with a Unique Bypass | https://medium.com/@zpbrent/how-i-find-an-arbitrary-file-upload-vulnerability-with-a-unique-bypass-8d679f45a497?source=rss------bug_bounty-5 | Peng Zhou | infosec, wordpress-plugins, web-security, bug-bounty, wordpress | 10-Apr-2024 |
Bug Bounty Certification | https://bevijaygupta.medium.com/bug-bounty-certification-27c95b8a1b80?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-tips, bugs, bug-bounty, bug-zero, bug-bounty-certification | 10-Apr-2024 |
Android Bug Bounty | https://bevijaygupta.medium.com/android-bug-bounty-9a2daf0d2270?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-tips, android-bug-bounty, android, bugs, bug-bounty | 10-Apr-2024 |
Apple Bug Bounty | https://bevijaygupta.medium.com/apple-bug-bounty-88002b2c159d?source=rss------bug_bounty-5 | Vijay Gupta | apple-bug-bounty, bug-zero, bug-bounty, bug-bounty-tips, bugs | 10-Apr-2024 |
SQL Injection: A Simple Beginner’s Guide. | https://ishengoma.medium.com/sql-injection-a-simple-beginners-guide-58d237ff18da?source=rss------bug_bounty-5 | Ishengoma | vulnerability-assessment, sql-injection, hacking, vulnerability-management, bug-bounty | 10-Apr-2024 |
Privilege Escalation by manipulating endpoint | https://medium.com/@vijayrockstar.verma5/privilege-escalation-by-manipulating-endpoint-10feb974bab5?source=rss------bug_bounty-5 | Vijay Verma | infosec, hacking, bug-bounty, cybersecurity, pentesting | 10-Apr-2024 |
Vulnerable WordPress March 2024 (Kandovan) | https://medium.com/@onhexgroup/vulnerable-wordpress-march-2024-kandovan-24103451060b?source=rss------bug_bounty-5 | Onhexgroup | wordpress, bug-bounty, wordpress-security, infosec, exploitation | 10-Apr-2024 |
Clickjacking: A Comprehensive Guide to Finding Clickjacking Vulnerabilities | https://cyberw1ng.medium.com/clickjacking-a-comprehensive-guide-to-finding-clickjacking-vulnerabilities-3f51d8e63a41?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, security, bug-bounty, careers | 10-Apr-2024 |
Bug: No rate limiting on Email verification leads to huge Mass Mailing :: P4 | https://medium.com/@deypradip87jk/bug-no-rate-limiting-on-email-verification-leads-to-huge-mass-mailing-p4-b72c666d6e56?source=rss------bug_bounty-5 | Professor0xx01 | information-security, bug-bounty-tips, cybersecurity, bug-bounty, infosec-write-ups | 09-Apr-2024 |
How I Found Bug :: Reflected XSS (Cross-Site-Scripting) On a BBP. | https://medium.com/@deypradip87jk/how-i-found-bug-reflected-xss-cross-site-scripting-on-a-bbp-9f57611eda91?source=rss------bug_bounty-5 | Professor0xx01 | bug-bounty, cyber-security-solutions, infosec-write-ups, offensive-security, bug-bounty-tips | 09-Apr-2024 |
Bug: No rate limiting on Email verification leads to huge Mass Mailing :: P4 | https://medium.com/@p.ra.dee.p_0xx01/bug-no-rate-limiting-on-email-verification-leads-to-huge-mass-mailing-p4-b72c666d6e56?source=rss------bug_bounty-5 | Professor0xx01 | information-security, bug-bounty-tips, cybersecurity, bug-bounty, infosec-write-ups | 09-Apr-2024 |
How I Found Bug :: Reflected XSS (Cross-Site-Scripting) On a BBP. | https://medium.com/@p.ra.dee.p_0xx01/how-i-found-bug-reflected-xss-cross-site-scripting-on-a-bbp-9f57611eda91?source=rss------bug_bounty-5 | Professor0xx01 | bug-bounty, cyber-security-solutions, infosec-write-ups, offensive-security, bug-bounty-tips | 09-Apr-2024 |
Bug Bounty Reports | https://bevijaygupta.medium.com/bug-bounty-reports-8a6480d06a80?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty, bug-bounty-tips, bugs, bug-bounty-reports, bug-zero | 09-Apr-2024 |
Bug Hunting Methodology for Beginners | https://bevijaygupta.medium.com/bug-hunting-methodology-for-beginners-ce7ee1b11c25?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-hunter, bug-hunting, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 09-Apr-2024 |
Information Disclosure: Story of 500€ + 400$ Bounty | https://v3d.medium.com/information-disclosure-story-of-500-400-bounty-97d3b343f9ad?source=rss------bug_bounty-5 | V3D | bug-bounty, penetration-testing, information-technology, cybersecurity, hacking | 09-Apr-2024 |
Card Payment Functionality Checklist — Bug Bounty Tuesday | https://medium.com/@kerstan/card-payment-functionality-checklist-bug-bounty-tuesday-6eab127d0126?source=rss------bug_bounty-5 | kerstan | technology, hacking, cybersecurity, bug-bounty, security | 09-Apr-2024 |
Mass automation for finding XSS vulnerabilities in large scope targets | https://medium.com/@oumzarkar/mass-automation-for-finding-xss-vulnerabilities-in-large-scope-targets-019996b0515c?source=rss------bug_bounty-5 | dextro | bug-bounty-tips, cybersecurity, walkthrough, automation, bug-bounty | 09-Apr-2024 |
How I Found My First Stored XSS || WAF & Characters Limitation Bypass | https://kariiem.medium.com/how-i-found-my-first-stored-xss-waf-characters-limitation-bypass-cc414c4fadde?source=rss------bug_bounty-5 | Kariiem Gamal | bug-bounty-tips, bug-hunting, bug-bounty, waf-bypass, bugbounty-writeup | 09-Apr-2024 |
My WordPress Bug Bounty Journey on Patchstack | https://medium.com/@zpbrent/from-first-rejection-to-monthly-top-c0dedd4bbc7f?source=rss------bug_bounty-5 | Peng Zhou | bug-bounty-program, bug-bounty-hunter, wordpress-security, ethical-hacking, bug-bounty | 09-Apr-2024 |
Simple Tips for Bug Bounty Beginners: Finding Blind XSS Vulnerabilities | https://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-blind-xss-vulnerabilities-ab67977ff756?source=rss------bug_bounty-5 | Anish Narayan | bug-bounty-tips, bug-bounty, xss-attack, cross-site-scripting, cybersecurity | 09-Apr-2024 |
15.3 Lab: CORS vulnerability with trusted insecure protocols | 2024 | https://cyberw1ng.medium.com/15-3-lab-cors-vulnerability-with-trusted-insecure-protocols-2024-2ba1967daecc?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, penetration-testing, bug-bounty, cybersecurity, hacking | 09-Apr-2024 |
Hunting Bugs and Striking Gold: Forward Calls for Elite Hunters in the Bug Bounty Campaign | https://forwardprotocol.medium.com/hunting-bugs-and-striking-gold-forward-calls-for-elite-hunters-in-the-bug-bounty-campaign-057e686c8577?source=rss------bug_bounty-5 | Forward Protocol | blockchain-technology, bug-bounty, bug-bounty-hunter, web3, blockchain-developer | 09-Apr-2024 |
Is Your Business a Sitting Duck for Credit Card Hackers? Here’s How PCI DSS Can Save You! | https://medium.com/@josuofficial327/is-your-business-a-sitting-duck-for-credit-card-hackers-heres-how-pci-dss-can-save-you-97d7b6562131?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | cybersecurity, payment-gateway, bug-bounty, hacking, bug-bounty-tips | 08-Apr-2024 |
Google Bug Hunters | https://bevijaygupta.medium.com/google-bug-hunters-673e2f5c2600?source=rss------bug_bounty-5 | Vijay Gupta | bug-hunter, bug-bounty-writeup, google, bug-bounty, bug-bounty-tips | 08-Apr-2024 |
Unleashing the Power of Bug Bounty Dorks: A Comprehensive Guide | https://bevijaygupta.medium.com/unleashing-the-power-of-bug-bounty-dorks-a-comprehensive-guide-b121fce9e5e4?source=rss------bug_bounty-5 | Vijay Gupta | google, bug-bounty, bug-bounty-tips, google-dork, bug-zero | 08-Apr-2024 |
How I Got Multiple Privilege Escalations — The Easy Trick? | https://medium.com/@Mdabdulrahman/how-i-got-multiple-privilege-escalations-the-easy-trick-e915110bc08a?source=rss------bug_bounty-5 | Md Abdul Rahman | win-privilege-escalation, bug-bounty, penetration-testing, privilege-escalation | 08-Apr-2024 |
Hacking Swisscom’s End-to-End Encrypted Cloud Storage for $4,000 | https://medium.com/@thomashouhou/hacking-swisscoms-end-to-end-encrypted-cloud-storage-for-4-000-3660722196ec?source=rss------bug_bounty-5 | Thomas Houhou | web-security, hacking, bug-bounty-tips, bug-bounty, cybersecurity | 08-Apr-2024 |
XSS on out of scope domain? CORS is your secret weapon! | https://c4rrilat0r.medium.com/xss-on-out-of-scope-domain-cors-is-your-secret-weapon-93e433278080?source=rss------bug_bounty-5 | c4rrilat0r | bug-bounty, bug-bounty-tips, hackerone, xss-attack, cors | 08-Apr-2024 |
Breaking Free: 26 Advanced Techniques to Escape Docker Containers | https://infosecwriteups.com/breaking-free-26-advanced-techniques-to-escape-docker-containers-530049816b55?source=rss------bug_bounty-5 | ElNiak | bug-bounty, cybersecurity, penetration-testing, kubernetes, docker | 08-Apr-2024 |
15.2 Lab: CORS vulnerability with trusted null origin | 2024 | https://cyberw1ng.medium.com/15-2-lab-cors-vulnerability-with-trusted-null-origin-2024-a84020e4e254?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, hacking, cybersecurity, careers, bug-bounty | 08-Apr-2024 |
Why You Should Attend Cybersecurity Conferences: Unlock Opportunities | https://medium.com/@a13h1/why-you-should-attend-cybersecurity-conferences-unlock-opportunities-2a16dfe4658e?source=rss------bug_bounty-5 | Abhi Sharma | networking, information-security, cybersecurity, conference, bug-bounty | 07-Apr-2024 |
How to Start Your Journey into Cybersecurity in 2024 (or how I did) | https://medium.com/@j0hnc0nn0r/how-to-start-your-journey-into-cybersecurity-in-2024-or-how-i-did-ebe4910acdc7?source=rss------bug_bounty-5 | John Connor | cybersecurity, penetration-testing, bug-bounty, tryhackme, hackthebox | 07-Apr-2024 |
How to Start Your Journey into Cybersecurity in 2024 (or how I did) | https://medium.com/@j0hnc0nn0r/how-to-start-your-journey-into-cybersecurity-in-2024-or-how-i-did-ebe4910acdc7?source=rss------bug_bounty-5 | J0hn C0nn0r | cybersecurity, penetration-testing, bug-bounty, tryhackme, hackthebox | 07-Apr-2024 |
How Employee can change Manager’s review for him. | https://interc3pt3r.medium.com/how-employee-can-change-managers-review-for-him-a903bd329111?source=rss------bug_bounty-5 | Aneesha D | bug-bounty, cybersecurity, hacking, security, bugs | 07-Apr-2024 |
Unofficial Guide to OWASP Top 10:2021 | https://medium.com/@rafinrahmanchy/unofficial-guide-to-owasp-top-10-2021-87eebd03b614?source=rss------bug_bounty-5 | Rafin Rahman Chy | pentesting, web-security, bug-bounty, hacking, infosec | 07-Apr-2024 |
TryHackMe CTF: Vulnversity — Walkthrough | https://medium.com/@suyogpatil1810/tryhackme-ctf-vulnversity-walkthrough-2f375c5521a6?source=rss------bug_bounty-5 | Suyog Patil | software-development, computer-science, hacking, ethical-hacking, bug-bounty | 07-Apr-2024 |
Mastering CORS: A Comprehensive Guide to Finding Cross-origin resource sharing Vulnerabilities |… | https://cyberw1ng.medium.com/mastering-cors-a-comprehensive-guide-to-finding-cross-origin-resource-sharing-vulnerabilities-c22a5659f95f?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, cybersecurity, security, penetration-testing | 07-Apr-2024 |
How We Found a 25K$ Bug in a Blockchain Project by Mistake | Bounty Hunting Journey | https://0d.dwalletlabs.com/how-we-found-a-25k-bug-in-a-blockchain-project-by-mistake-bounty-hunting-journey-21c0c20440f6?source=rss------bug_bounty-5 | Elad Ernst | blockchain, exploitation, web3, bug-bounty, icon-foundation | 07-Apr-2024 |
IDOR Leads To Account Takeover | https://medium.com/@adityasawant00/idor-leads-to-account-takeover-28fe6e300a49?source=rss------bug_bounty-5 | Aditya Sawant | idor, account-takeover, bug-bounty, penetration-testing, web-application-security | 07-Apr-2024 |
How Did I Find Reflected XSS In Domino’s ? | https://medium.com/@xrypt0/how-did-i-find-reflected-xss-in-dominos-d1d41b120598?source=rss------bug_bounty-5 | Crypto | cloudflare, bug-bounty, penetration-testing, xss-attack, web-security | 07-Apr-2024 |
File Upload Vulnerability Checklist | https://medium.com/@dasmanish6176/file-upload-vulnerability-checklist-254c4680aa74?source=rss------bug_bounty-5 | Dasmanish | web-application-security, bug-bounty, web-penetration-testing, vapt, file-upload-vulnerability | 07-Apr-2024 |
Bug Bounties in Web3: Investing in Security for Sustainable Growth | https://medium.com/@charliekaru/bug-bounties-in-web3-investing-in-security-for-sustainable-growth-5b4092474d3d?source=rss------bug_bounty-5 | Charlie Karunaratne | web3, defi-security, bug-bounty, web3-security | 07-Apr-2024 |
Teaching Spotify a Cryptography Lesson | https://medium.com/@Fanicia/teaching-spotify-a-cryptography-lesson-51f5ee0b0f5c?source=rss------bug_bounty-5 | Security Guy | openid-connect, blue-team, bug-bounty, cybersecurity, bug-bounty-tips | 07-Apr-2024 |
Finding CSRF on Graphql Application | https://medium.com/@alpernae/finding-csrf-on-graphql-application-3ffa1105a30d?source=rss------bug_bounty-5 | Alperen | bug-bounty-tips, graphql, cybersecurity, bug-bounty, csrf | 7-Apr-2024 |
The Fast and the Curious: Finding a Race Condition in Worldcoin | https://medium.com/@gonzo-hacks/the-fast-and-the-curious-finding-a-race-condition-in-worldcoin-621c89bfbd61?source=rss------bug_bounty-5 | Dane Sherrets | bug-bounty, bug-fixes, bug-bounty-tips, blockchain, hacking | 7-Apr-2024 |
“Fortify Your Cyber Space: Embark on the Dominant Cyber Boot Camp Journey” | https://medium.com/@rizvi4600779/fortify-your-cyber-space-embark-on-the-dominant-cyber-boot-camp-journey-3071bd0b1ec7?source=rss------bug_bounty-5 | Syed Muhammad Minhal Rizvi | hacking, writeup, cyber, bug-bounty, cybersecurity | 7-Apr-2024 |
Host Header Manipulation Leading to Unauthorized Access to Apple’s Internal Slack bot (Bug Bounty) | https://amineaboud.medium.com/unauthorized-access-to-an-internal-app-used-by-apple-to-protect-confidential-information-shared-on-c8835a80079b?source=rss------bug_bounty-5 | Amine Aboud | bug-bounty-writeup, bug-bounty, bug-bounty-tips | 07-Apr-2024 |
This Cryptocurrency exchange paid me $200 for reporting vulnerability in their website | https://medium.com/@abhishek8602314652/this-cryptocurrency-exchange-paid-me-200-for-reporting-vulnerability-in-their-website-6755b38702a8?source=rss------bug_bounty-5 | Abhishek singh ( a6h1) | cybersecurity, cryptocurrency, vulnerability, bug-hunting, bug-bounty | 07-Apr-2024 |
Wordfence otorga su mayor bounty hasta la fecha | https://casi-cincuenta-monos.medium.com/wordfence-otorga-su-mayor-bounty-hasta-la-fecha-f2d9aa561f05?source=rss------bug_bounty-5 | Casi Cincuenta Monos | wordpress, cybersecurity, bug-bounty | 06-Apr-2024 |
Recon automation with Telegram Notification | https://medium.com/@tamhacker1/recon-automation-with-telegram-notification-d4c6b564ed58?source=rss------bug_bounty-5 | Tamhacker | cybersecurity, hacker, bug-bounty, reconnaissance, hacking | 06-Apr-2024 |
How To Fix bWAPP Unknown Database Error Windows/Linux | https://hamzaavvan.medium.com/how-to-fix-bwapp-unknown-database-error-windows-linux-acefd1a4568b?source=rss------bug_bounty-5 | Hamza Avvan | bwapp, php, ethical-hacking, bug-fixes, bug-bounty | 06-Apr-2024 |
Easiest way to find Broken links in a website | https://medium.com/@jeetpal2007/easiest-way-to-find-broken-links-in-a-website-cccbc1f0b6d2?source=rss------bug_bounty-5 | JEETPAL | broken-link, easy-bug-to-find, bug-bounty, bug-bounty-tips, broken-link-hijacking | 06-Apr-2024 |
Advanced XSS Discovery: Streamlining Your Attack Strategy with Cutting-Edge Automation Tools | https://medium.com/@0xelkot/advanced-xss-discovery-streamlining-your-attack-strategy-with-cutting-edge-automation-tools-88cfd0f68c8e?source=rss------bug_bounty-5 | 0xElkot | hackerone, xss-attack, methodology, bug-bounty, hacking | 06-Apr-2024 |
14.6 Lab: SameSite Strict bypass via sibling domain | 2024 | https://infosecwriteups.com/14-6-lab-samesite-strict-bypass-via-sibling-domain-2024-f2ad5f0167d1?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, bug-bounty, penetration-testing, hacking | 06-Apr-2024 |
Bug Bounty: Secure Camino Network, Earn Rewards | https://medium.com/@obobo/bug-bounty-secure-camino-network-earn-rewards-329a686da0b9?source=rss------bug_bounty-5 | O Bobo | web3, hexen, travel, camino-network, bug-bounty | 06-Apr-2024 |
Step by Step Complete Beginners guide of iOS penetration testing with corellium | https://infosecwriteups.com/step-by-step-complete-beginners-guide-of-ios-penetration-testing-with-corellium-2b9e9c6382c2?source=rss------bug_bounty-5 | Sandeep Vishwakarma | mobile-pentesting, bug-bounty, corellium, ios-penetration-testing, pentesting | 05-Apr-2024 |
Unmasking an Open Redirect on the India’s Government Website | https://medium.com/@nilkhant30/unmasking-an-open-redirect-on-the-indias-government-website-3f808b10bff9?source=rss------bug_bounty-5 | I AM Raja | open-redirect, bug-bounty, hacking, bug-bounty-tips, security-research | 05-Apr-2024 |
IDOR To view other private users profile pictures in un.org | https://medium.com/@Ajakcybersecurity/idor-to-view-other-private-users-profile-pictures-in-un-org-358e464335e8?source=rss------bug_bounty-5 | AjakCybersecurity | hacking, bug-bounty, cybersecurity, ethical-hacking, penetration-testing | 05-Apr-2024 |
Apple’s Bug: From SQLi Suspicions to UI Bug Discovery | https://medium.com/@MohaseenK/apples-bug-from-sqli-suspicions-to-ui-bug-discovery-0e71e228b336?source=rss------bug_bounty-5 | Mohaseen | apple, hof, bug-bounty, hackerone, bugcrowd | 05-Apr-2024 |
Race Condition Authentication Bypass Leads to Full Account Takeover | https://medium.com/@keizobugbounty/race-condition-authentication-bypass-leads-to-full-account-takeover-6b5c9bc0a54d?source=rss------bug_bounty-5 | Keizo | cybersecurity, bugbounty-writeup, bug-bounty, bug-bounty-writeup, bug-bounty-tips | 05-Apr-2024 |
Don’t Trust the Cache: Exposing Web Cache Poisoning and Deception vulnerabilities | https://anasbetis023.medium.com/dont-trust-the-cache-exposing-web-cache-poisoning-and-deception-vulnerabilities-3a829f221f52?source=rss------bug_bounty-5 | Anas H Hmaidy | bug-bounty-tips, penetration-testing, cybersecurity, web-security, bug-bounty | 05-Apr-2024 |
FB OAuth Misconfigurations to Account Takeover | https://medium.com/@hbenja47/fb-oauth-misconfigurations-to-account-takeover-e264a06ae4a0?source=rss------bug_bounty-5 | Benja (bronxi) | hacking, bug-bounty, oauth, infosec | 05-Apr-2024 |
UUIDs Unmasked: Exploiting IDOR for User Data Access | https://medium.com/@cybersolution2172/uuids-unmasked-exploiting-idor-for-user-data-access-b199e3b08563?source=rss------bug_bounty-5 | Satyam Singh | bug-bounty-tips, owasp, bug-bounty, idor-vulnerability, bug-bounty-writeup | 05-Apr-2024 |
14.5 Lab: CSRF with broken Referer validation | 2024 | https://cyberw1ng.medium.com/14-5-lab-csrf-with-broken-referer-validation-2024-9948aa660023?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, hacking, cybersecurity, careers, bug-bounty | 05-Apr-2024 |
Beetlebug Android Walkthrough & Basics Android application security | https://medium.com/@yousefneuer13/beetlebug-android-walkthrough-basics-android-application-security-c5e0fb9b284b?source=rss------bug_bounty-5 | Yousef Elsheikh | cybersecurity, bug-bounty, android-security, ctf-writeup, ctf-walkthrough | 05-Apr-2024 |
One IP led to 4 bugs made the company delete the domain | https://kalawy.medium.com/one-ip-led-to-4-bugs-made-the-company-delete-the-domain-f28a9e898a8a?source=rss------bug_bounty-5 | Kalawy | bug-bounty-tips, bug-bounty, hackerone | 04-Apr-2024 |
How to discovery vulnerabilities in your network? | https://medium.com/@info_81845/how-to-discovery-vulnerabilities-in-your-network-a6fd140ad4d6?source=rss------bug_bounty-5 | BugFixing | penetration-testing, penetration-test-company, bug-bounty, hacking, vulnerability-assessment | 04-Apr-2024 |
Art of onscrollend | Demonstrating XSS through scroll events write-up | https://medium.com/@rAmpancist/art-of-onscrollend-demonstrating-xss-through-scroll-events-write-up-d3b33afaaf64?source=rss------bug_bounty-5 | rAmpancist | bug-bounty, bug-bounty-tips, xss-attack, cybersecurity, hacking | 04-Apr-2024 |
HTB Academy | CROSS_SITE SCRIPTING (XSS) - | https://medium.com/@mazalwebdesign/htb-academy-cross-site-scripting-xss-7dc78e69b100?source=rss------bug_bounty-5 | Sara Mazal M. | maz4l | ethical-hacking, htb, htb-academy-writeup, htb-walkthrough, bug-bounty | 04-Apr-2024 |
FB OAuth Misconfiguration Leads to Takeover any Account | https://sl4x0.medium.com/fb-oauth-misconfiguration-leads-to-takeover-any-account-061316a5b31b?source=rss------bug_bounty-5 | Abdelrhman Allam (sl4x0) | oauth2, account-takeover, bug-bounty, hacking, bug-bounty-tips | 04-Apr-2024 |
S3 Bucket Misconfiguration | https://medium.com/@scorpiankapil/s3-bucket-misconfiguration-64d459abdb71?source=rss------bug_bounty-5 | Kapil Patel | bug-bounty | 04-Apr-2024 |
14.4 Lab: CSRF where Referer validation depends on header being present | 2024 | https://cyberw1ng.medium.com/14-4-lab-csrf-where-referer-validation-depends-on-header-being-present-2024-2db1c7496091?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, cybersecurity, bug-bounty, penetration-testing | 04-Apr-2024 |
NFS | https://medium.com/@mirackucuk595/nfs-873d049131b8?source=rss------bug_bounty-5 | Miraç Küçük | footprinting, bug-bounty, information-gathering, hack-the-box-writeup, nfs-server | 04-Apr-2024 |
Escalation of Admin and Supervisor Privileges Enables Organization Takeover and Access to Any… | https://medium.com/@elcapitano7x/escalation-of-admin-and-supervisor-privileges-enables-organization-takeover-and-access-to-any-6d1eb82bbe08?source=rss------bug_bounty-5 | Elcapitano | bug-bounty, hacking, idor-vulnerability, bug-bounty-tips, account-takeover | 04-Apr-2024 |
Bug Bounty Challenge: Day 10–04/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-day-10-04-04-2024-d7d40e226af2?source=rss------bug_bounty-5 | Wallotry | bug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup | 04-Apr-2024 |
My methodology to bypass CSRF | https://medium.com/@0x7irix/my-methodology-to-bypass-csrf-957b4e552ae7?source=rss------bug_bounty-5 | 0x7irix | csrf-attack, csrf-token, csrf-bypass, csrf, bug-bounty | 04-Apr-2024 |
How I hacked medium and they didn’t pay me | https://medium.com/@super_burgundy_weasel_439/how-i-hacked-medium-and-they-didnt-pay-me-f6c89cca3af7?source=rss------bug_bounty-5 | YouGotItComing | hacking, bug-bounty, medium, neglect, bugs | 04-Apr-2024 |
ShentuChain’s OpenBounty Hackers and Projects Referral Program | https://shentuchain.medium.com/shentuchains-openbounty-hackers-and-projects-referral-program-29b4b73c20c0?source=rss------bug_bounty-5 | Shentu Chain | bug-bounty, ethical-hacker, cybersecurity, referral-program, web3 | 03-Apr-2024 |
SQLI with extract Huge Data just Got N/A | https://medium.com/@nomad8061/sqli-with-extract-huge-data-just-got-n-a-5956c3b5297b?source=rss------bug_bounty-5 | Ahmed Badry | bug-bounty, sqlite, infosec, information-technology, ctf | 03-Apr-2024 |
Cracking the Code: XSS Exploits and Their Power in Phishing Warfare | https://hackerhalt.medium.com/cracking-the-code-xss-exploits-and-their-power-in-phishing-warfare-252d04e9792e?source=rss------bug_bounty-5 | Hacker Halt Live | bugbounty-writeup, phishing, xs, bug-bounty, phishing-attacks | 03-Apr-2024 |
Hack ChatGPT, Make Money | https://medium.com/@david.azad.merian/hack-chatgpt-make-money-644bb4a7a529?source=rss------bug_bounty-5 | David Merian | bug-bounty, hacking, cybersecurity, fuzzing, ai | 03-Apr-2024 |
How I Secured 50+ Brand & Startups in Shopify Stores | XSS | Responsible Disclosure | https://prathapilango.medium.com/how-i-secured-50-brand-startups-in-shopify-stores-xss-responsible-disclosure-e38a72cf4a47?source=rss------bug_bounty-5 | Prathapilango | infosec, info-sec-writeups, cybersecurity, cross-site-scripting, bug-bounty | 03-Apr-2024 |
Bug Bounty Challenge: Day 9–03/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-day-9-03-04-2024-f7a6303bb674?source=rss------bug_bounty-5 | Wallotry | bug-bounty, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-tips | 03-Apr-2024 |
I asked ChatGPT to improve Jason Haddix V4 methodology. Here’s the answer: | https://medium.com/@uniicorniumx/i-asked-chatgpt-to-improve-jason-haddix-v4-methodology-heres-the-answer-09de258da623?source=rss------bug_bounty-5 | • CrazyUnicorn | hacking, bug-bounty, pentesting, cybersecurity, bug-bounty-tips | 03-Apr-2024 |
Smart Fuzzing — Finding bugs like no one else. By Gilson Oliveira | https://medium.com/@gilsgil/smart-fuzzing-finding-bugs-like-no-one-else-by-gilson-oliveira-d6aa0dbc285b?source=rss------bug_bounty-5 | Gilson Oliveira | bug-bounty-tips, bug-bounty, bug-bounty-writeup | 03-Apr-2024 |
Struggling RCE on Jenkins Instance | https://medium.com/@imusabkhan/struggling-rce-on-jenkins-instance-8851af98b7e6?source=rss------bug_bounty-5 | Mohammad Musab Khan | hacker, bugs, bug-bounty, bug-bounty-tips, remote-code-execution | 03-Apr-2024 |
DNS | https://medium.com/@mirackucuk595/dns-4e18aa90b7cf?source=rss------bug_bounty-5 | Miraç Küçük | footprinting, hack-the-box-writeup, dns, bug-bounty | 03-Apr-2024 |
Bir sorgu dizesinde sunucu tarafı parametre kirliliğinden yararlanma | https://medium.com/@hhuseyinuyar17/bir-sorgu-dizesinde-sunucu-taraf%C4%B1-parametre-kirlili%C4%9Finden-yararlanma-567489eefd65?source=rss------bug_bounty-5 | Hhuseyinuyar | api, hacking, burpsuite, bug-bounty, parameter | 03-Apr-2024 |
14.3 Lab: SameSite Lax bypass via cookie refresh | 2024 | https://cyberw1ng.medium.com/14-3-lab-samesite-lax-bypass-via-cookie-refresh-2024-4f10021e6ce8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, cybersecurity, hacking, careers | 03-Apr-2024 |
Issues related to privacy (Cybersecurity) | https://medium.com/@paritoshblogs/issues-related-to-privacy-cybersecurity-99368bf0bc10?source=rss------bug_bounty-5 | Paritosh | information-security, bug-bounty, cybersecurity, information-technology, hacking | 02-Apr-2024 |
Welcome pentesters to cooperate with our company! | https://medium.com/@alfabit_group/welcome-pentesters-to-cooperate-with-our-company-9cdf42f233bb?source=rss------bug_bounty-5 | AlfaBit Ecosystem | blockchain, alfabit, bug-bounty, ecosystem | 02-Apr-2024 |
Unpacking CVE-2024–3094: A Critical Vulnerability in XZ Utils | https://infosecwriteups.com/unpacking-cve-2024-3094-a-critical-vulnerability-in-xz-utils-c6a8207d7b54?source=rss------bug_bounty-5 | ElNiak | cve, linux, backdoor, cybersecurity, bug-bounty | 02-Apr-2024 |
4 Mistakes To Avoid When Doing Bug Bounty — Bug Bounty Tuesday | https://medium.com/@kerstan/4-mistakes-to-avoid-when-doing-bug-bounty-bug-bounty-tuesday-fd0df75ca05d?source=rss------bug_bounty-5 | kerstan | hacking, cybersecurity, technology, bug-bounty, security | 02-Apr-2024 |
14.2 Lab: SameSite Strict bypass via client-side redirect | 2024 | https://cyberw1ng.medium.com/14-2-lab-samesite-strict-bypass-via-client-side-redirect-2024-2a5e9b68fc1e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, penetration-testing, careers, cybersecurity | 02-Apr-2024 |
One-click Account Take Over | https://dynnyd20.medium.com/one-click-account-take-over-e500929656ea?source=rss------bug_bounty-5 | dynnyd20 | pentesting, bug-bounty, cybersecurity, information-security, security | 02-Apr-2024 |
Bug Bounty Challenge: Day 8–02/04/2024 | https://wallotry.medium.com/bug-bounty-challenge-day-8-02-04-2024-604382e079ac?source=rss------bug_bounty-5 | Wallotry | bug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips | 02-Apr-2024 |
The Difference Between TCP and HTTP Reverse Connection: | https://medium.com/@Hackerinja/the-difference-between-tcp-and-http-reverse-connection-bf13ccd16941?source=rss------bug_bounty-5 | Hackerinja | bug-bounty, penetration-testing, cybersecurity, ethical-hacking | 02-Apr-2024 |
How I was able to send emails from anyone to anyone | https://medium.com/@zeesek/how-i-was-able-to-send-emails-from-anyone-to-anyone-a44c57fd015b?source=rss------bug_bounty-5 | Muhammad Zeeshan | penetration-testing, bugs, bug-bounty-tips, bug-bounty, pentesting | 02-Apr-2024 |
How I Found My First Bug | XSS | https://medium.com/@fariio/how-i-found-my-first-bug-xss-031df71aedbe?source=rss------bug_bounty-5 | Fariio | cybersecurity, bug-bounty-tips, penetration-testing, xss-vulnerability, bug-bounty | 01-Apr-2024 |
Bug to fix: Mastering the Life Cycle of Software Defects | https://medium.com/@hannahanulur/bug-to-fix-mastering-the-life-cycle-of-software-defects-b227292bdb16?source=rss------bug_bounty-5 | Gulhanim Anulur | bug-fixes, defect-management, defect-detection, bug-bounty, bugs | 01-Apr-2024 |
How to start Bug Bounty Hunting $$$$ in 2024?? | A short RoadMap | https://infosecwriteups.com/how-to-start-bug-bounty-hunting-in-2024-a-short-roadmap-9f9eeddd24ca?source=rss------bug_bounty-5 | 7h3h4ckv157 | money, hacking, bug-bounty, ethical-hacking, infosec | 01-Apr-2024 |
IOS Pentesting Lab Setup | https://hackerassociate.medium.com/ios-pentesting-lab-setup-516ec567b424?source=rss------bug_bounty-5 | Harshad Shah | cybersecurity, penetration-testing, infosec, hacking, bug-bounty | 01-Apr-2024 |
Certified Bug Bounty Hunter: Should you go for Broke, or take a Junior Level Certification First | https://medium.com/@codewidthme/certified-bug-bounty-hunter-should-you-go-for-broke-or-take-a-junior-level-certification-first-a905c105f9a2?source=rss------bug_bounty-5 | codewidthme | hacking, bug-bounty, penetration-testing, certification, hackthebox | 01-Apr-2024 |
I will alter and update your website | https://medium.com/@fiverrtopfreelancer/i-will-alter-and-update-your-website-438eeb9bcde8?source=rss------bug_bounty-5 | Fiverr Top Freelancer | html, website-design, bug-fixes, bug-bounty, css | 01-Apr-2024 |
Broken Application Logic Bug Doesn’t Validate Email, leading to DOS | https://medium.com/@saitle74/broken-application-logic-bug-doesnt-validate-email-leading-to-dos-d5ff73e752b4?source=rss------bug_bounty-5 | Saitleop | bug-bounty, infosec-write-ups, cybersecurity, python, infosec | 01-Apr-2024 |
“Configuring Apache Web Server on CentOS 7” | https://medium.com/@shaikhalshifa210/configuring-apache-web-server-on-centos-7-ed10245f2a4d?source=rss------bug_bounty-5 | Alshifa Shaikh | server-configuration, bug-bounty, machine-learning, penetration-testing, cybersecurity | 01-Apr-2024 |
How to set up Caido for Bug Bounty or Web Application Penetration? | https://medium.com/@bytescheck0/how-to-set-up-caido-for-bug-bounty-or-web-application-penetration-a74729d31dca?source=rss------bug_bounty-5 | Bytescheck | cybersecurity, penetration-testing, bug-bounty, technology | 01-Apr-2024 |
XSS Vulnerability in a Technical Assessment Application: Lessons Learned and Security Measures | https://interc3pt3r.medium.com/xss-vulnerability-in-a-technical-assessment-application-lessons-learned-and-security-measures-9321ee4c7639?source=rss------bug_bounty-5 | Aneesha D | bug-bounty, cybersecurity, hacker, hacking, penetration-testing | 01-Apr-2024 |
How I Was Able To Find My First VALID XSS | https://medium.com/@harshsolanki2810/how-i-was-able-to-find-my-first-valid-xss-b1b8bd727b6a?source=rss------bug_bounty-5 | Dart0xx | bug-bounty, cybersecurity, bug-bounty-writeup, bug-hunting | 01-Apr-2024 |
Mastering CSRF: A Comprehensive Guide to Finding Cross-site Request Forgery Vulnerabilities | 2024 | https://cyberw1ng.medium.com/mastering-csrf-a-comprehensive-guide-to-finding-cross-site-request-forgery-vulnerabilities-2024-8d1d13d83547?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, penetration-testing, hacking, careers | 01-Apr-2024 |
Subdomain Takeovers (Subdomain Devralma) | https://medium.com/@mirackucuk595/subdomain-takeovers-subdomain-devralma-2ffa999c123b?source=rss------bug_bounty-5 | Miraç Küçük | bug-bounty, domain-names, subdomain, hackerone | 01-Apr-2024 |
Bug Bounty Challenge: Update | https://wallotry.medium.com/bug-bounty-challenge-update-ebd1fa31426c?source=rss------bug_bounty-5 | Wallotry | bug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup | 01-Apr-2024 |
How I Was Able To Find My First VALID XSS | https://medium.com/@0xdartx/how-i-was-able-to-find-my-first-valid-xss-b1b8bd727b6a?source=rss------bug_bounty-5 | Dart0xx | bug-bounty, cybersecurity, bug-bounty-writeup, bug-hunting | 01-Apr-2024 |
Can I learn bug bounty for free? | https://bevijaygupta.medium.com/can-i-learn-bug-bounty-for-free-59d71024ee15?source=rss------bug_bounty-5 | Vijay Gupta | bugs, bug-zero, bug-bounty-tips, bug-bounty, bug-fixes | 31-Mar-2024 |
Fake Tinder Account Verified By Bypassing Face Authentication | https://medium.com/@Ajakcybersecurity/fake-tinder-account-verified-by-bypassing-face-authentication-4b7c14e35c29?source=rss------bug_bounty-5 | AjakCybersecurity | hacking, ethical-hacking, bug-bounty, blog, tinder | 31-Mar-2024 |
Swaggerdə qarşılaşdığım hücum vektorları ($$$) | https://memmedrehimzade.medium.com/swaggerd%C9%99-qar%C5%9F%C4%B1la%C5%9Fd%C4%B1%C4%9F%C4%B1m-h%C3%BCcum-vektorlar%C4%B1-f3659eeccac5?source=rss------bug_bounty-5 | memmed rehimzade | swagger, cybersecurity, kibertəhlükəsizlik, bug-bounty | 31-Mar-2024 |
Understanding and Mitigating CVE-2024–3094 | https://medium.com/@mrblackstar26/understanding-and-mitigating-cve-2024-3094-2b8572d9e921?source=rss------bug_bounty-5 | Uday Patel | infosec, hacking, bug-bounty, penetration-testing, cybersecurity | 31-Mar-2024 |
Installation DVWA In Windows 10 Using XAMPP | https://bevijaygupta.medium.com/installation-dvwa-in-windows-10-using-xampp-d6246279a10e?source=rss------bug_bounty-5 | Vijay Gupta | xampp, dvwa, hacking, install-dvwa, bug-bounty | 31-Mar-2024 |
What is the future of bug bounty? | https://bevijaygupta.medium.com/what-is-the-future-of-bug-bounty-696f0a894130?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty, bug-zero, bugs, future-technology, future | 31-Mar-2024 |
13.26 Lab: Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and… | https://cyberw1ng.medium.com/13-26-lab-stored-xss-into-onclick-event-with-angle-brackets-and-double-quotes-html-encoded-and-4bde1cc39671?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-test, hacking, cybersecurity, careers | 31-Mar-2024 |
Shield your System — XZ Utils Backdoor (Linux Distribution) | https://infosecwriteups.com/shield-your-system-xz-utils-backdoor-linux-distribution-54583b071ccc?source=rss------bug_bounty-5 | Ethical Kaps | linux, cybersecurity, vulnerability, hacking, bug-bounty | 31-Mar-2024 |
“Unveiling a Stored XSS Vulnerability: Example.com Under the Spotlight” | https://medium.com/@mdnafeed3/unveiling-a-stored-xss-vulnerability-example-com-under-the-spotlight-37d0895cebca?source=rss------bug_bounty-5 | H4cker-Nafeed | bug-bounty, cybersecurity | 31-Mar-2024 |
#ERROR! | https://medium.com/@mdnafeed3/unveiling-a-stored-xss-vulnerability-example-com-under-the-spotlight-37d0895cebca?source=rss------bug_bounty-5 | H4cker-Nafeed | bug-bounty, cybersecurity | 31-Mar-2024 |
Best bug hunting methodology for EZ money | https://medium.com/@tom.sh/best-bug-hunting-methodology-for-ez-money-58b7fe928e6f?source=rss------bug_bounty-5 | Tom | hacking, money, bpp, methodology, bug-bounty | 30-Mar-2024 |
Advertisers able to identify individual consumers who visited their ads (Microsoft bug bounty) | https://medium.com/@avig2009/advertisers-able-to-identify-individual-consumers-who-visited-their-ads-microsoft-bug-bounty-a8bcb2d727f2?source=rss------bug_bounty-5 | hatich_hacker | microsoft, privacy, bug-bounty | 30-Mar-2024 |
13.25 Lab: Reflected XSS in canonical link tag | 2024 | https://cyberw1ng.medium.com/13-25-lab-reflected-xss-in-canonical-link-tag-2024-c4478a82b466?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, penetration-testing, bug-bounty, hacking, careers | 30-Mar-2024 |
A Journey into Unusual Header Injection | https://medium.com/@imusabkhan/a-journey-into-unusual-header-injection-693cc0ddecc6?source=rss------bug_bounty-5 | Mohammad Musab Khan | hackerone, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-hunting | 30-Mar-2024 |
Chain of Rate Limit Bypass and Weak Token Expiry Leads To Account Take Over | https://medium.com/@ozomarzu/chain-of-rate-limit-bypass-and-weak-token-expiry-leads-to-account-take-over-d9cddf598c9c?source=rss------bug_bounty-5 | CyberOz | bug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, hackerone | 30-Mar-2024 |
Email verification Bypass from P4 TO P2 | https://medium.com/@akrachliy/email-verification-bypass-from-p4-to-p2-50fa3dde8e5f?source=rss------bug_bounty-5 | Yassine Akrachli | hacking, cybersecurity, bug-bounty, ethical-hacking, bugcrowd | 30-Mar-2024 |
Web Request | https://medium.com/@mirackucuk595/web-request-ea237118e259?source=rss------bug_bounty-5 | Miraç Küçük | http-request, curl, https, bug-bounty, webrequest | 30-Mar-2024 |
Kioptrix Level 1 Walkthrough | https://erdemstar.medium.com/kioptrix-level-1-walkthrough-6e985fbd0dc7?source=rss------bug_bounty-5 | Erdemstar | oscp, application-security, bug-bounty-tips, bug-bounty, penetration-testing | 30-Mar-2024 |
1200 $ Email verification Bypass from P4 TO P2 | https://medium.com/@akrachliy/email-verification-bypass-from-p4-to-p2-50fa3dde8e5f?source=rss------bug_bounty-5 | Yassine Akrachli | hacking, cybersecurity, bug-bounty, ethical-hacking, bugcrowd | 30-Mar-2024 |
How i found Multiple IDOR | https://medium.com/@hillrane24/how-i-found-multiple-idor-ab52815b375a?source=rss------bug_bounty-5 | NIKHIL RANE | idor-vulnerability, bug-bounty | 30-Mar-2024 |
YouTube Growth Hacking | https://sanparatama.medium.com/youtube-growth-hacking-a94457f04789?source=rss------bug_bounty-5 | Sanjaya paratama | web-development, bug-bounty, hacking, hacking-tools, cybersecurity | 29-Mar-2024 |
The Future of Internet Security and Artificial Intelligence and Cyber Security Jobs | https://python.plainenglish.io/the-future-of-internet-security-and-artificial-intelligence-and-cyber-security-jobs-528b4c340cf9?source=rss------bug_bounty-5 | Imran Niaz | xss-attack, hacking, programming, ai, bug-bounty | 29-Mar-2024 |
[Walkthrough] Mobile Hacking Lab — Secure Note | https://medium.com/@karimul.sh/walkthrough-mobile-hacking-lab-secure-note-eeb4af20e01b?source=rss------bug_bounty-5 | Md.Karimul Islam Shezan | walkthrough, android-app-security, bug-bounty, reverse-engineering, ctf | 29-Mar-2024 |
AutoLayer Bug Bounty Program: Full Information Release | https://autolayer.medium.com/autolayer-bug-bounty-program-full-information-release-d5de0bab972e?source=rss------bug_bounty-5 | AutoLayer | defi, bug-bounty | 29-Mar-2024 |
Web Security Short Series — CSRF. | https://medium.com/@frankyyano/web-security-short-series-csrf-4cdf6f936773?source=rss------bug_bounty-5 | Yano. | csrf, appsec, owasp, bug-bounty, oscp | 29-Mar-2024 |
How to learn Game Hacking? Recourse Compilation! | https://medium.com/@yannik603/how-to-learn-game-hacking-recourse-compilation-1c5d2807a7cb?source=rss------bug_bounty-5 | Yannik | reverse-engineering, bug-bounty, malware-analysis, gamehacking, coding | 29-Mar-2024 |
Unhiding the hidden 401 Bypass | https://medium.com/@Xt3sY/unhiding-the-hidden-401-bypass-10f48c67b50d?source=rss------bug_bounty-5 | Pushkar Bhagat | bug-bounty, hacking, bug-bounty-tips | 29-Mar-2024 |
13.24 Lab: Reflected XSS with some SVG markup allowed | 2024 | https://cyberw1ng.medium.com/13-24-lab-reflected-xss-with-some-svg-markup-allowed-2024-78279b906ec2?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, cybersecurity, penetration-testing, careers | 29-Mar-2024 |
How to learn Game Hacking? Recourse Compilation! | https://medium.com/@yannik603/how-to-learn-game-hacking-recourse-compilation-1c5d2807a7cb?source=rss------bug_bounty-5 | Yannik Castro | reverse-engineering, bug-bounty, malware-analysis, gamehacking, coding | 29-Mar-2024 |
Yara Rules ✌︎ For Something ☠︎ | https://medium.com/@haticezkmnl/yara-rules-%EF%B8%8E-for-something-%EF%B8%8E-0164b38e3ddd?source=rss------bug_bounty-5 | Hatice Zehra Kamanlı | cybersecurity, python, security, rules, bug-bounty | 29-Mar-2024 |
How to install drozer with docker | https://medium.com/@nomad8061/hello-geeks-e8d0f62b22a1?source=rss------bug_bounty-5 | Ahmed Badry | bug-bounty | 29-Mar-2024 |
✌︎ Yara Rules ✌︎ For Something ☠︎ | https://medium.com/@haticezkmnl/yara-rules-%EF%B8%8E-for-something-%EF%B8%8E-0164b38e3ddd?source=rss------bug_bounty-5 | Hatice Zehra Kamanlı | cybersecurity, python, security, rules, bug-bounty | 29-Mar-2024 |
13.23 Lab: Reflected XSS into HTML context with most tags and attributes blocked | 2024 | https://cyberw1ng.medium.com/13-23-lab-reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-2024-63d649c6cc2c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, hacking, penetration-testing, cybersecurity | 28-Mar-2024 |
Bug Bounty Recon At Its Easiest with Netlas.io | https://medium.com/@omarora1603/bug-bounty-recon-at-its-easiest-with-netlas-io-d313ae0f1c09?source=rss------bug_bounty-5 | Om Arora | infosec, cybersecurity, bug-bounty, bug-bounty-tips, hacking | 28-Mar-2024 |
Bypassing 403 Protection To Get Admin Access | https://rajput623929.medium.com/bypassing-403-protection-to-get-admin-access-d7c9d0560e5c?source=rss------bug_bounty-5 | Mr.Horbio | 403-forbidden, bug-bounty-tips, cybersecurity, ethical-hacking, bug-bounty | 28-Mar-2024 |
How to become a bug bounty hunter | https://bevijaygupta.medium.com/how-to-become-a-bug-bounty-hunter-c607bb7de595?source=rss------bug_bounty-5 | Vijay Gupta | bug-zero, bug-bounty, bugs, bug-bounty-tips, bug-fixes | 28-Mar-2024 |
OAuth Hijacking leads to account takeover | https://medium.com/@iknowhatodo/oauth-hijacking-leads-to-account-takeover-a051bdb5e9f0?source=rss------bug_bounty-5 | Hossam Ahmed | bug-bounty, oauth | 28-Mar-2024 |
How I Hacked Your Private Repository in GitHub (And Got JackShit) | https://medium.com/@reuveinas/how-i-hacked-your-private-repository-in-github-and-got-jackshit-cb7c342570b2?source=rss------bug_bounty-5 | Reuvein Vinokurov (CTO:UNIXi) - https://unixi.io/ | microsoft, bug-bounty, github, security, cybersecurity | 28-Mar-2024 |
How to write a Walkthrough | https://bevijaygupta.medium.com/how-to-write-a-walkthrough-23eee7f6777c?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-writeup, bug-bounty-tips, bug-bounty, walkthroughwednesday, walkthrough | 28-Mar-2024 |
Unveiling all techniques to find IDOR’S in web applications | https://adipsharif.medium.com/unveiling-all-techniques-to-find-idors-in-web-applications-578d2b8aa28a?source=rss------bug_bounty-5 | ADIP | bug-bounty-tips, bug-bounty, pentesting, penetration-testing, bug-bounty-writeup | 28-Mar-2024 |
IDOR’a Giriş | https://medium.com/@mirackucuk595/idora-giri%C5%9F-23c22a5ae24f?source=rss------bug_bounty-5 | Miraç Küçük | hack-the-box-writeup, burpsuite, idor-vulnerability, bug-bounty | 28-Mar-2024 |
Risks of Software Dependencies AKA Toxic Dependencies | https://bytebusterx.medium.com/risks-of-software-dependencies-aka-toxic-dependencies-0a38150cf5ce?source=rss------bug_bounty-5 | ByteBusterX | bug-bounty, hacking, infosec, vulnerability, cybersecurity | 28-Mar-2024 |
Penetration Testing Tools | https://bevijaygupta.medium.com/penetration-testing-tools-b4c8ad807114?source=rss------bug_bounty-5 | Vijay Gupta | penetration-testing-tools, pentesting, hacking, bug-bounty, penetration-testing | 28-Mar-2024 |
Stargazing Risks: Exploring the Data Breach that Exposed NASA Employees’ PII | https://interc3pt3r.medium.com/stargazing-risks-exploring-the-data-breach-that-exposed-nasa-employees-pii-68692cf7a5e9?source=rss------bug_bounty-5 | Aneesha D | bug-bounty-writeup, cybersecurity, hacking, security, bug-bounty | 28-Mar-2024 |
Finding Bug DMRC Reflected Xss and HTML Injection | https://medium.com/@abhishekaswal777/finding-bug-dmrc-reflected-xss-and-html-injection-fe4361a1db60?source=rss------bug_bounty-5 | Abhishekaswal | bugs, poc, bug-bounty, bug-bounty-tips, hackerone | 28-Mar-2024 |
Annonforce — Tryhackme Walkthrough Easy Self-made | https://medium.com/@shaswata.ssaha/annonforce-tryhackme-walkthrough-easy-self-made-f45c3a6f3e96?source=rss------bug_bounty-5 | Shaswata Saha | tryhackme, security, anonforce, bug-bounty, ctf | 28-Mar-2024 |
Polyglot Files: The Cybersecurity Chameleon Threat | https://infosecwriteups.com/polyglot-files-the-cybersecurity-chameleon-threat-29890e382b59?source=rss------bug_bounty-5 | ElNiak | polyglot, cybersecurity, obfuscation, bug-bounty, penetration-testing | 27-Mar-2024 |
Hackerone提现人民币 | https://medium.com/@dem0ns/hackerone%E6%8F%90%E7%8E%B0%E4%BA%BA%E6%B0%91%E5%B8%81-a3e907fefce1?source=rss------bug_bounty-5 | 猫猫虫 | hackerone, bug-bounty, 外汇 | 27-Mar-2024 |
Mistakes To Avoid in Your Bug Bounty Career- Part 2 | https://medium.com/@Ajakcybersecurity/mistakes-to-avoid-in-your-bug-bounty-career-part-2-9da1c77788ea?source=rss------bug_bounty-5 | AjakCybersecurity | hacking, bug-bounty, penetration-testing, blog, cybersecurity | 27-Mar-2024 |
13.22 Lab: Stored DOM XSS | 2024 | https://cyberw1ng.medium.com/13-22-lab-stored-dom-xss-2024-344ec753599a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, penetration-testing, hacking, careers | 27-Mar-2024 |
HACKING WORDPRESS | https://medium.com/@mirackucuk595/hacking-wordpress-ac9ee6447045?source=rss------bug_bounty-5 | Miraç Küçük | wpscan, wordpress-hacked, hack-the-box-writeup, hacking, bug-bounty | 27-Mar-2024 |
SSLStripping | https://bytebusterx.medium.com/sslstripping-e81dc95d6fab?source=rss------bug_bounty-5 | ByteBusterX | infosec, cybersecurity, vulnerability, hacking, bug-bounty | 27-Mar-2024 |
HTTP Verb Tampering 101 in Web Applications (Identify Exploit Prevention) | https://adipsharif.medium.com/http-verb-tampering-101-in-web-applications-identify-exploit-prevention-3389258b6b93?source=rss------bug_bounty-5 | ADIP | infosec, penetration-testing, bug-bounty, pentesting, information-security | 27-Mar-2024 |
Hacking the Giant: Got XSS on Google’s Product | https://adipsharif.medium.com/got-xss-on-googles-product-a4c79be8adbb?source=rss------bug_bounty-5 | ADIP | infosec, information-security, pentesting, bug-bounty, penetration-testing | 27-Mar-2024 |
Bug Bounty Isn’t A Scam Here’s Why | https://medium.com/@benbencsik/bug-bounty-isnt-a-scam-here-s-why-751547bd8531?source=rss------bug_bounty-5 | Ben Bencsik | bug-bounty, computers, infosec, cybersecurity, technology | 27-Mar-2024 |
Hacking the Giant: XSS on Google | https://adipsharif.medium.com/got-xss-on-googles-product-a4c79be8adbb?source=rss------bug_bounty-5 | ADIP | infosec, information-security, pentesting, bug-bounty, penetration-testing | 27-Mar-2024 |
Fristileaks 1.3 Walkthrough | https://erdemstar.medium.com/fristileaks-1-3-walkthrough-a6b962385752?source=rss------bug_bounty-5 | Erdemstar | oscp, vulnhub-walkthrough, penetration-testing, bug-bounty, oscp-preparation | 27-Mar-2024 |
Web Application Hacking Required Reading | https://hogarth45.medium.com/web-application-hacking-required-reading-0d2f046db191?source=rss------bug_bounty-5 | Jess | bug-bounty, web-development, security | 27-Mar-2024 |
Why am I starting to hate Bug Bounty? | https://systemweakness.com/why-am-i-starting-to-hate-bug-bounty-1f075fc96978?source=rss------bug_bounty-5 | Imad Husanovic | hacking, cybersecurity, programming, bug-bounty, bug-bounty-tips | 27-Mar-2024 |
Bug Bounty Isn’t A Scam Here’s Why | https://medium.com/@detroiton421094/bug-bounty-isnt-a-scam-here-s-why-751547bd8531?source=rss------bug_bounty-5 | Ben Bencsik | bug-bounty, computers, infosec, cybersecurity, technology | 27-Mar-2024 |
RXSS Vulnerability in Less Than 10 Minutes on India’s Premier Travel Site | https://medium.com/@nilkhant30/rxss-vulnerability-in-less-than-10-minutes-on-indias-premier-travel-site-5b15ebb91d17?source=rss------bug_bounty-5 | I AM Raja | bug-bounty, cybersecurity, cyber-security-awareness, hacking, xss-vulnerability | 26-Mar-2024 |
This skill is called ‘Early…’ in Software Testing | https://medium.com/software-testing-and-automation/this-skill-is-called-early-in-software-testing-75cd641bfa93?source=rss------bug_bounty-5 | Temitope | software-testing, quality-assurance, communication, bug-bounty, software-development | 26-Mar-2024 |
HackGATE: Bug Bounty Program on steroids | https://medium.com/@levente.b.molnar/hackgate-bug-bounty-program-on-steroids-cef50ae2f759?source=rss------bug_bounty-5 | Hackrate | hacking, ethical-hacking, cybersecurity, bug-bounty, penetration-testing | 26-Mar-2024 |
Exploring Cybersecurity with ZoomEye: A Review of the Premium Lifetime Membership | https://medium.com/@kenilalexandra07/exploring-cybersecurity-with-zoomeye-a-review-of-the-premium-lifetime-membership-f301a474bf88?source=rss------bug_bounty-5 | Kenilalexandra | bug-bounty, shodan, bugbounting, zoomeye, security | 26-Mar-2024 |
How To Use AI And Nuclei To Make Money While You Sleep — Bug Bounty Tuesday | https://medium.com/@kerstan/how-to-use-ai-and-nuclei-to-make-money-while-you-sleep-bug-bounty-tuesday-4d9e584e6553?source=rss------bug_bounty-5 | kerstan | hacking, security, cybersecurity, bug-bounty, technology | 26-Mar-2024 |
13.21 Lab: Reflected DOM XSS | 2024 | https://cyberw1ng.medium.com/13-21-lab-reflected-dom-xss-2024-78cacc8fa1e7?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, hacking, bug-bounty, penetration-testing, careers | 26-Mar-2024 |
Bug Bounty Programs for Beginners | https://bevijaygupta.medium.com/bug-bounty-programs-for-beginners-fccc755957d9?source=rss------bug_bounty-5 | Vijay Gupta | cybersecurity, bug-bounty-hunter, bug-bounty, bugbounty-writeup, bug-bounty-tips | 26-Mar-2024 |
Account takeover through password reset functionality | https://rewscel.medium.com/account-takeover-through-password-reset-functionality-af07636db302?source=rss------bug_bounty-5 | rewscel | bug-bounty | 26-Mar-2024 |
FFUF İLE WEB UYGULAMALARINA SALDIRMAK | https://medium.com/@mirackucuk595/ffuf-i%CC%87le-web-uygulamalarina-saldirmak-89805e47e145?source=rss------bug_bounty-5 | Miraç Küçük | subdomain, bug-bounty, ffuf, brute-force, hack-the-box-writeup | 26-Mar-2024 |
What is Cross-Site Scripting (XSS)? | https://medium.com/@bbhuntersa/cross-site-scripting-xss-b5d374fa6e43?source=rss------bug_bounty-5 | BBHUNTER | xss-vulnerability, cross-site-scripting, bug-bounty, xss-attack | 26-Mar-2024 |
Exploiting Post Reflected XSS via CSRF : Real world bug | https://medium.com/@Rahulkrishnan_R_Panicker/exploiting-post-reflected-xss-via-csrf-real-world-bug-f374afeb081e?source=rss------bug_bounty-5 | Rahulkrishnan R Panicker | xss-attack, hacking, bug-bounty, csrf, web-development | 25-Mar-2024 |
Zero Interaction Mass Account Password Reset Vulnerability | https://medium.com/@manan_sanghvi/zero-interaction-mass-account-password-reset-vulnerability-86b87098e3ae?source=rss------bug_bounty-5 | Manan Sanghvi | penetration-testing, ethical-hacking, bug-bounty, vulnerability, cybersecurity | 25-Mar-2024 |
XSS module HTB academy CBBH path | https://medium.com/@mohammed01550038865/xss-module-htb-academy-cbbh-path-dc3ac4810087?source=rss------bug_bounty-5 | Muhammed Mubarak | bug-bounty, htb-academy-writeup, xss-vulnerability | 25-Mar-2024 |
Reverse Engineering Sitecore Vulnerabilities-2 | https://medium.com/@nilayp799/reverse-engineering-sitecore-vulnerabilities-2-dcf45a501894?source=rss------bug_bounty-5 | Nilay Patel | sitecore, vulnerability, bug-bounty, automation, hacking | 25-Mar-2024 |
13.20 Lab: DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded |… | https://cyberw1ng.medium.com/13-20-lab-dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-7966911c58f4?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, hacking, bug-bounty, penetration-testing | 25-Mar-2024 |
Burp Suite — ¿Confiar o no en Project Files? | https://medium.com/@ArtsSEC/burp-suite-confiar-o-no-en-project-files-de5fa145f4a5?source=rss------bug_bounty-5 | ArtsSEC | hacking, burpsuite, infosec, pentesting, bug-bounty | 25-Mar-2024 |
COMMAND INJECTIONS | https://medium.com/@mirackucuk595/command-injections-9ef2aef0fa97?source=rss------bug_bounty-5 | Miraç Küçük | command-injection, bug-bounty, hackthebox, burpsuite, injection | 25-Mar-2024 |
Unveiling Homoglyph: Silent Culprit of User-Level DOS Attacks | https://medium.com/@imusabkhan/unveiling-homoglyph-silent-culprit-of-user-level-dos-attacks-86a0576bca3a?source=rss------bug_bounty-5 | Mohammad Musab Khan | bug-hunting, hackerone, bug-bounty, bugcrowd, bug-bounty-tips | 25-Mar-2024 |
[Account Take Over] through reset password token leaked in response, 2500 € Reward | https://infosecwriteups.com/account-take-over-through-reset-password-token-leaked-in-response-2500-reward-b643f97a7c67?source=rss------bug_bounty-5 | jedus0r | bug-bounty-hunter, security-research, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 25-Mar-2024 |
How I found Account Takeover by changing email address | https://medium.com/@mohddanish9536/how-i-found-account-takeover-by-changing-email-address-b0dc213e2df3?source=rss------bug_bounty-5 | Mohd Danish | bug-bounty, cybersecurity, bugs | 24-Mar-2024 |
13.19 Lab: DOM XSS in document.write | https://cyberw1ng.medium.com/13-19-lab-dom-xss-in-document-write-dddced06def8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, penetration-testing, bug-bounty, careers, hacking | 24-Mar-2024 |
HTTP Verb Tampering | https://medium.com/@mirackucuk595/http-verb-tampering-4505d6491c95?source=rss------bug_bounty-5 | Miraç Küçük | web-attack, http-request, command-injection, bug-bounty, burpsuite | 24-Mar-2024 |
How to get started in Bug Bounty in 2024! | https://medium.com/@FoxxCB/how-to-get-started-in-bug-bounty-in-2024-708754094de9?source=rss------bug_bounty-5 | Foxx C-B | hacking, infosec, bug-bounty, cybersecurity, ethical-hacking | 24-Mar-2024 |
Cloudflare WAF Hunting | https://medium.com/@Device1306/cloudflare-waf-hunting-e878588488c8?source=rss------bug_bounty-5 | Device1306 | research, bug-bounty-tips, hacking, burpsuite, bug-bounty | 24-Mar-2024 |
Cookie Theft Deep Dive | https://cyberbull.medium.com/cookie-theft-deep-dive-3fe6d6be2d60?source=rss------bug_bounty-5 | Aditya Pandey | bug-bounty, information-technology, ethical-hacking, security, cybersecurity | 23-Mar-2024 |
A list of Bug Bounty/Crowdsourced Security Platforms: | https://medium.com/@mashunter/a-list-of-bug-bounty-crowdsourced-security-platforms-15ecd2ab6d4a?source=rss------bug_bounty-5 | MAS Hunter | bug-bounty-program, bug-bounty, hacker, pentest | 23-Mar-2024 |
Hacking the Giant: How I Discovered Google’s Vulnerability and Hall of Fame Recognition | https://medium.com/@hncaga/hacking-the-giant-how-i-discovered-googles-vulnerability-and-hall-of-fame-recognition-694a9c18684a?source=rss------bug_bounty-5 | Henry N. Caga (hncaga) | bug-bounty, vulnerability, google, xs, hacking | 23-Mar-2024 |
hello | https://medium.com/@r.paulopereira123/hello-80ea07cbc757?source=rss------bug_bounty-5 | bretsadlea | hacking, ethical-hacking, bug-hunter, bug-bounty | 23-Mar-2024 |
Edge-Side Includes (ESI) Injection In Web Applications | https://adipsharif.medium.com/edge-side-includes-esi-injection-in-web-applications-2630139b6c19?source=rss------bug_bounty-5 | ADIP | pentesting, bug-bounty-tips, infosec, information-security, bug-bounty | 23-Mar-2024 |
SSI Injection In web applications with a (exploitation example) | https://adipsharif.medium.com/techniques-of-finding-ssi-injection-in-web-applications-with-a-exploitation-example-cad960f3d791?source=rss------bug_bounty-5 | ADIP | bug-bounty-tips, penetration-testing, information-security, bug-bounty, infosec | 23-Mar-2024 |
Beyond RAM and ROM: IDOR Leads to Unauthenticated File Upload Vulnerability in Indian Government… | https://systemweakness.com/beyond-ram-and-rom-idor-leads-to-unauthenticated-file-upload-vulnerability-in-indian-government-51efb80bcf50?source=rss------bug_bounty-5 | Vedavyasan S (@ved4vyasan) | bug-bounty, bug-bounty-tips, hacking, cybersecurity, bugs | 23-Mar-2024 |
1500$: CR/LF Injection | https://medium.com/@a13h1/1500-cr-lf-injection-0d2a75f02ef3?source=rss------bug_bounty-5 | Abhi Sharma | programming, hacking, cybersecurity, bug-bounty, crlf-injection | 23-Mar-2024 |
Web Security Short Series — XXE | https://medium.com/@frankyyano/web-security-short-series-xxe-64492ed1d893?source=rss------bug_bounty-5 | Yano. | xxe, bug-bounty, xml, oscp, appsec | 23-Mar-2024 |
TEXAS BUG SWEEPS 65,000 BUGS DETECTED | https://medium.com/@siddiquiasad2299/texas-bug-sweeps-65-000-bugs-detected-a00ae73014b6?source=rss------bug_bounty-5 | Asad Siddiqui | texas-bug-sweeps, bug-sweep, bug-bounty, bug-detection | 23-Mar-2024 |
How i get my bounty $$$ in YesWehack within 5mins? | https://medium.com/@hacdoc/how-i-get-my-bounty-in-yeswehack-within-5mins-16706bb827e0?source=rss------bug_bounty-5 | ஜெய் | hacking, cybersecurity, s3, bug-bounty, amazon | 23-Mar-2024 |
How we can check the Security Provider in Android applications during Pentesting (The Offensive… | https://adipsharif.medium.com/how-we-can-check-the-security-provider-in-android-applications-during-pentesting-the-offensive-87c411c5d7ac?source=rss------bug_bounty-5 | ADIP | pentesting, android-app-development, androiddev, android, bug-bounty | 23-Mar-2024 |
13.18 Lab: DOM XSS in jQuery selector sink using a hashchange event | 2024 | https://cyberw1ng.medium.com/13-18-lab-dom-xss-in-jquery-selector-sink-using-a-hashchange-event-2024-e990fc2ae28f?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, cybersecurity, penetration-testing, bug-bounty | 23-Mar-2024 |
How To Test Data Encryption on the Network During Android Pentesting | https://adipsharif.medium.com/how-to-test-data-encryption-on-the-network-during-android-pentesting-0b9d3407068f?source=rss------bug_bounty-5 | ADIP | infosec-write-ups, info-sec-writeups, pentesting, information-security, bug-bounty | 23-Mar-2024 |
Attacking XSLT in Web Applications | https://adipsharif.medium.com/attacking-xslt-in-web-applications-ea538a8fb9d0?source=rss------bug_bounty-5 | ADIP | pentesting, information-security, bug-bounty-writeup, bug-bounty, infosec | 23-Mar-2024 |
SSTI Exploitation Part III In Web Applications (with exploitation example) | https://adipsharif.medium.com/ssti-exploitation-part-iii-in-web-applications-with-exploitation-example-6856b89b0efb?source=rss------bug_bounty-5 | ADIP | penetration-testing, infosec, bug-bounty-tips, information-security, bug-bounty | 23-Mar-2024 |
FILE UPLOAD ATTACKS | https://medium.com/@mirackucuk595/file-upload-attacks-e5175a653d32?source=rss------bug_bounty-5 | Miraç Küçük | web-attack, file-upload, bug-bounty, https, burpsuite | 23-Mar-2024 |
SSTI Exploitation Part II In Web Applications (with exploitation example) | https://adipsharif.medium.com/ssti-exploitation-part-ii-in-web-applications-with-exploitation-example-490192e7e966?source=rss------bug_bounty-5 | ADIP | information-security, pentesting, penetration-testing, bug-bounty, infosec | 23-Mar-2024 |
Bruteforce Website Login Form Using Hydra And Crunch | https://medium.com/@OthmaneAitBouftass/bruteforce-attack-using-hydra-and-crunch-8b48ea9e36ce?source=rss------bug_bounty-5 | Othmane Ait Bouftass | cybersecurity, bug-bounty, penetration-testing, hacking, ethical-hacking | 23-Mar-2024 |
Making money only using AI [Free Course] | https://medium.com/@deadoverflow/making-money-only-using-ai-free-course-e7c51d33fee1?source=rss------bug_bounty-5 | Imad Husanovic | web-development, hacking, ai, bug-bounty, programming | 22-Mar-2024 |
Unveiling Admin Panels: A Bug Bounty Hunter’s Guide | https://medium.com/@dasmanish6176/unveiling-admin-panels-a-bug-bounty-hunters-guide-6e713ae18b2c?source=rss------bug_bounty-5 | Dasmanish | bug-bounty, infosec, ethical-hacking, cybersecurity | 22-Mar-2024 |
13.17 Lab: Stored XSS into anchor href attribute with double quotes HTML-encoded | 2024 | https://cyberw1ng.medium.com/13-17-lab-stored-xss-into-anchor-href-attribute-with-double-quotes-html-encoded-2024-ebbe53b33015?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, hacking, penetration-testing, cybersecurity | 22-Mar-2024 |
AutoLayer is Starting a Bug Bounty Program | https://autolayer.medium.com/autolayer-is-starting-a-bug-bounty-program-dfb59584a0ee?source=rss------bug_bounty-5 | AutoLayer | crypto, defi, bug-bounty | 22-Mar-2024 |
Unveiling The Techniques Of Finding Blind & Time based SSRF In Web Applications (with a… | https://adipsharif.medium.com/unveiling-the-techniques-of-finding-blind-ssrf-in-web-applications-with-a-exploitation-example-9e36a78ccca6?source=rss------bug_bounty-5 | ADIP | bug-bounty-tips, bug-bounty, information-security, pentesting, penetration-testing | 22-Mar-2024 |
5 Advanced Ways I Test For File Upload Vulnerabilities | https://medium.com/@red.whisperer/5-advanced-ways-i-test-for-file-upload-vulnerabilities-5b01358f87d1?source=rss------bug_bounty-5 | RedPanda | bug-bounty, infosec, red-team, hacking | 22-Mar-2024 |
Understanding Subdomain Squatting | https://bytebusterx.medium.com/understanding-subdomain-squatting-9d61f8c432fc?source=rss------bug_bounty-5 | ByteBusterX | hacking, infosec, cybersecurity, bug-bounty, cyberattack | 22-Mar-2024 |
How i found my first 318.39$ bugs! | https://cyberbh.medium.com/how-i-found-my-first-318-39-bugs-10ccd2379320?source=rss------bug_bounty-5 | Msecurity BH | bug-bounty, information-exposure, penetration-testing, security-misconfiguration, api | 22-Mar-2024 |
Unveiling The Techniques Of Testing Endpoint Identify Verification In Android Applications | https://adipsharif.medium.com/unveiling-the-techniques-of-testing-endpoint-identify-verification-in-android-applications-2a8186091296?source=rss------bug_bounty-5 | ADIP | information-security, bug-bounty, android-app-development, penetration-testing, pentesting | 22-Mar-2024 |
ABUSING HTTP MISCONFIGURATIONS (HTTP YANLIŞ YAPILANDIRMALARININ KÖTÜYE KULLANILMASI) | https://medium.com/@mirackucuk595/abusing-http-misconfigurations-http-yanli%C5%9F-yapilandirmalarinin-k%C3%B6t%C3%BCye-kullanilmasi-2ebbf38b2622?source=rss------bug_bounty-5 | Miraç Küçük | https, burpsuite, bug-bounty, web-attack, http-request | 22-Mar-2024 |
Javascript deobfuscation the easy way | https://medium.com/@jad2121/javascript-deobfuscation-the-easy-way-637d7e9b2952?source=rss------bug_bounty-5 | JD | bug-bounty, bug-bounty-tips, javascript-obfuscate | 22-Mar-2024 |
Unveiling the One-Click Account Takeover: It Started with an Innocent Open Redirect | https://medium.com/@hmuhamm3d/unveiling-the-one-click-account-takeover-it-started-with-an-innocent-open-redirect-9f4942ddf03f?source=rss------bug_bounty-5 | Hassaan Mohamed | bug-bounty, bug-bounty-hunter, account-takeover, bugbounty-writeup, bug-bounty-tips | 22-Mar-2024 |
Critical Vulnerability in PostgreSQL JDBC Driver — Understanding CVE-2024–1597 | https://shubhamrooter.medium.com/critical-vulnerability-in-postgresql-jdbc-driver-understanding-cve-2024-1597-81ac202c295e?source=rss------bug_bounty-5 | Shubham Tiwari | bug-bounty, cybersecurity, jdbc-driver, postgresql, cve-2024-1597 | 21-Mar-2024 |
Digital Goldmine: Innovative Ways to Make Money Online in 2024 | https://medium.com/@thewriterdude/digital-goldmine-innovative-ways-to-make-money-online-in-2024-c7d33d655535?source=rss------bug_bounty-5 | Thewriterdude | business, bug-bounty, artificial-intelligence, 100-followers, blockchain | 21-Mar-2024 |
User information disclosure via message reactions | https://melguerdawi.medium.com/user-information-disclosure-via-message-reactions-1576a6b0f236?source=rss------bug_bounty-5 | Mostafa Elguerdawi | bug-bounty, bug-bounty-tips | 21-Mar-2024 |
Major Update for Attack Surface Discovery tool | https://netlas.medium.com/major-update-for-attack-surface-discovery-tool-4ed4f1bc80fb?source=rss------bug_bounty-5 | Netlas.io | bug-bounty, penetration-testing, cybersecurity, reconnaissance, osint | 21-Mar-2024 |
Vulnerability Disclosure vs Bug Bounty: What’s the difference and why it matters | https://medium.com/@levente.b.molnar/vulnerability-disclosure-vs-bug-bounty-whats-the-difference-and-why-it-matters-ce99be906b1c?source=rss------bug_bounty-5 | Hackrate | bug-bounty, security, vulnerability-disclosure, cybersecurity, penetration-testing | 21-Mar-2024 |
Best Practices for Web3 Bug Bounty Programs | https://medium.com/@auditone.io/best-practices-for-web3-bug-bounty-programs-e333992aee9f?source=rss------bug_bounty-5 | AuditOne | auditing-services, web3, bug-bounty-tips, bug-bounty, audit | 21-Mar-2024 |
Unveiling The Techniques Of Finding Server-Side Request Forgery (SSRF) In Web Applications (with a… | https://adipsharif.medium.com/unveiling-the-techniques-of-finding-server-side-request-forgery-ssrf-in-web-applications-with-a-2ac1dd20ef87?source=rss------bug_bounty-5 | ADIP | pentesting, bug-bounty, information-security, bug-bounty-tips, cybersecurity | 21-Mar-2024 |
urit13.16 Lab: DOM XSS in jQuery anchor href attribute sink using location.search source | 2024 | https://cyberw1ng.medium.com/urit13-16-lab-dom-xss-in-jquery-anchor-href-attribute-sink-using-location-search-source-2024-8f8df8703aef?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, cybersecurity, hacking, penetration-testing | 21-Mar-2024 |
Buy Any Movie Tickets for Just Rs 10 (IDOR Vulnerability) | https://medium.com/@sahilkushwaha275/buy-any-movie-tickets-for-just-rs-10-idor-vulnerability-670d03a45def?source=rss------bug_bounty-5 | S33NU | bugs, idor-vulnerability, bug-bounty, technology, cybersecurity | 21-Mar-2024 |
How I found my first DOM based XSS | https://medium.com/@jsamia/how-i-found-my-first-dom-based-xss-a79f342d50d6?source=rss------bug_bounty-5 | Jaeden Samia | bug-bounty, ethical-hacking, security, vulnerability | 21-Mar-2024 |
Automate XSS With These 3 Simple Tools | https://medium.com/@Ajakcybersecurity/automate-xss-with-these-3-simple-tools-e0dcc89c06d0?source=rss------bug_bounty-5 | AjakCybersecurity | penetration-testing, cybersecurity, hacking, bug-bounty, xss-attack | 21-Mar-2024 |
Frida Use Cases and Examples | https://medium.com/@prinsharma1999/frida-use-cases-and-examples-984f9a2ddc69?source=rss------bug_bounty-5 | Prinsharma | bug-bounty, bug-bounty-tips, hacking, pentest, infosec | 21-Mar-2024 |
403 Forbidden Bypass Exposing API Key | https://medium.com/@georgeppmc/403-forbidden-bypass-exposing-api-key-b5c9df9daeb3?source=rss------bug_bounty-5 | George Torres | cybersecurity, bug-bounty | 21-Mar-2024 |
A Tester's Journey Through Test Automation and Practical Scenarios. | https://medium.com/@tomiwaodufote/a-testers-journey-through-test-automation-and-practical-scenarios-dfb9f7074062?source=rss------bug_bounty-5 | Tomiwa | remote-work, test-automation, bug-bounty, testing, software-engineering | 20-Mar-2024 |
Reflected XSS To Account Takeover Without Stealing Session Cookie | https://medium.com/@rifqihz/reflected-xss-to-account-takeover-without-stealing-session-cookie-89c6ed62a3e4?source=rss------bug_bounty-5 | Rifqi Hilmy Zhafrant | xs, hackerone, bug-bounty | 20-Mar-2024 |
ABUSING HTTP MISCONFIGURATIONS (HTTP YANLIŞ YAPILANDIRMALARININ KÖTÜYE KULLANILMASI) | https://medium.com/@mirackucuk595/abusing-http-misconfigurations-http-yanli%C5%9F-yapilandirmalarinin-k%C3%B6t%C3%BCye-kullanilmasi-428333a3ddc6?source=rss------bug_bounty-5 | Miraç Küçük | burpsuite, web-attack, https, bug-bounty, web-cache | 20-Mar-2024 |
The Art of Debugging: Tips and Tricks for Finding the Root Cause of Bugs | https://medium.com/@securelearn/the-art-of-debugging-tips-and-tricks-for-finding-the-root-cause-of-bugs-c1d9e4b9e04a?source=rss------bug_bounty-5 | Rohan Giri | debugging, bug-finding, bug-bounty-tips, bug-bounty | 20-Mar-2024 |
H@ppy H@cking Psychomong | https://medium.com/@psychomong/h-ppy-h-cking-psychomong-335f9049aca9?source=rss------bug_bounty-5 | psychomong | cyber, cybersecurity, bug-bounty-tips, bug-bounty, bugs | 20-Mar-2024 |
Recon With AI | https://medium.com/@patidarbhuwan44/recon-with-ai-c211623604e8?source=rss------bug_bounty-5 | Bhuwan Patidar | bug-bounty, recon, reconnaissance, bug-bounty-tips | 20-Mar-2024 |
Reflected XSS with some SVG markup allowed | https://medium.com/@ebrahimelsayed4457/reflected-xss-with-some-svg-markup-allowed-74851ff591d5?source=rss------bug_bounty-5 | Ebrahim El-Sayed | cybersecurity, bug-bounty, portswigger, xss-attack, penetration-testing | 20-Mar-2024 |
$200 Business Logic Blunder In Sole Source Project | https://medium.com/@_0jatin0_/200-business-logic-blunder-in-sole-source-project-99a7bbe0d2f0?source=rss------bug_bounty-5 | Jatin_Chudasama | bug-bounty-writeup, logic-flaw, bug-bounty | 20-Mar-2024 |
The Art Of Probing Memory for Sensitive Data In Android Applications (The Offensive Security Way) | https://medium.com/@adipsharif/the-art-of-probing-memory-for-sensitive-data-in-android-applications-the-offensive-security-way-6aca19ce522f?source=rss------bug_bounty-5 | ADIP | bug-bounty, penetration-testing, information-security, cybersecurity, infosec | 20-Mar-2024 |
Why Bug Bounty is Trending? | https://medium.com/@shivyanshi.shukla/why-bug-bounty-is-trending-c981e7c28423?source=rss------bug_bounty-5 | Shivyanshi shukla | bug-bounty, cybersecurity | 20-Mar-2024 |
IDOR to make comment in user’s private posts | https://medium.com/@youssifm.raghib/idor-to-make-comment-in-users-private-posts-47d13b843c32?source=rss------bug_bounty-5 | Youssif M Raghib | bug-bounty-tips, bug-bounty, bug-hunter, bug-hunting | 20-Mar-2024 |
No rate limit in comments with IDOR | https://medium.com/@youssifm.raghib/no-rate-limit-in-comments-with-idor-d8904f3db588?source=rss------bug_bounty-5 | Youssif M Raghib | bug-bounty, bugs, bug-hunting | 20-Mar-2024 |
Electrum-Dime Beta Launch: A New Era for Dimecoin | https://dimecoinnetwork.medium.com/electrum-dime-beta-launch-a-new-era-for-dimecoin-72b5740598d4?source=rss------bug_bounty-5 | Dimecoin Network | development, dimecoin, blockchain, bug-bounty, cryptocurrency | 20-Mar-2024 |
Behind the Bug Report: From Overlooked to Overhauled | https://interc3pt3r.medium.com/behind-the-bug-report-from-overlooked-to-overhauled-94a9e5595a8a?source=rss------bug_bounty-5 | Aneesha D | cybersecurity, security, web-applications, bug-bounty, hacking | 20-Mar-2024 |
Mantente al tanto de las actualizaciones. ¿Qué representan el punto azul y rojo en Burp Suite? | https://medium.com/@ArtsSEC/mantente-al-tanto-de-las-actualizaciones-qu%C3%A9-representan-el-punto-azul-y-rojo-en-burp-suite-1da1a5c74f16?source=rss------bug_bounty-5 | ArtsSEC | burpsuite, bug-bounty, vulnerability, pentesting, hacking | 20-Mar-2024 |
13.15 Lab: Reflected XSS into HTML context with all tags blocked except custom ones | 2024 | https://cyberw1ng.medium.com/13-15-lab-reflected-xss-into-html-context-with-all-tags-blocked-except-custom-ones-2024-ca34eec89d88?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, hacking, penetration-testing, cybersecurity | 20-Mar-2024 |
The Art Of Testing Symmetric Cryptography During Pentesting Android Applications | https://medium.com/@adipsharif/the-art-of-testing-symmetric-cryptography-during-pentesting-android-applications-154dbab795d7?source=rss------bug_bounty-5 | ADIP | bug-bounty, cybersecurity, android, bug-bounty-tips, penetration-testing | 20-Mar-2024 |
Checking Backups For Sensitive Data in Android Applications (The Offensive Security Way) | https://medium.com/@adipsharif/checking-backups-for-sensitive-data-in-android-applications-the-offensive-security-way-95bd8820b84e?source=rss------bug_bounty-5 | ADIP | penetration-testing, bug-bounty, android, cybersecurity, android-app-development | 20-Mar-2024 |
Why Regular Security Sweeps Are Crucial for Business Success | https://medium.com/@siddiquiasad2299/why-regular-security-sweeps-are-crucial-for-business-success-7de57c663ca7?source=rss------bug_bounty-5 | Asad Siddiqui | tscm-services-bug-sweeps, bug-bounty, bug-detection | 20-Mar-2024 |
Passlord: Your Ultimate Weapon for Creating Tailored Wordlists | https://navnee1h.medium.com/passlord-your-ultimate-weapon-for-creating-tailored-wordlists-924a491e9a0f?source=rss------bug_bounty-5 | Navaneeth M S | hacking, bug-bounty, passwords, cybersecurity, wordlist | 20-Mar-2024 |
Bypassing an IDOR A couple of times — $$$$ | https://medium.com/@bxrowski0x/bypassing-an-idor-a-couple-of-times-4d67555a1545?source=rss------bug_bounty-5 | Omar ElSayed | bug-bounty-tips, idor, cybersecurity, bug-bounty-writeup, bug-bounty | 20-Mar-2024 |
Biometric Authentication Bypass In Android Applications (The Offensive Security Way) | https://medium.com/@adipsharif/biometric-authentication-bypass-in-android-applications-the-offensive-security-way-c37d89b06db2?source=rss------bug_bounty-5 | ADIP | android-app-development, bug-bounty, penetration-testing, android, androiddev | 20-Mar-2024 |
How We Can Check Configuration of Cryptographic Standard Algorithms & Random Number Generation… | https://medium.com/@adipsharif/how-we-can-check-configuration-of-cryptographic-standard-algorithms-random-number-generation-000cf9bfdb64?source=rss------bug_bounty-5 | ADIP | hacking, cybersecurity, bug-bounty, pentesting, bug-bounty-tips | 20-Mar-2024 |
Detecting Cyber Threats with Resemble.js: Safeguarding Digital Assets through Image Analysis | https://medium.com/@corymack34/detecting-cyber-threats-with-resemble-js-safeguarding-digital-assets-through-image-analysis-9e2f3427f8ed?source=rss------bug_bounty-5 | Cory Mack | steganalysis, threat-detection, bug-bounty, cybersecurity, image-analysis | 20-Mar-2024 |
Biometric Authentication Bypass In Android Applications (The Offensive Security Way) | https://adipsharif.medium.com/biometric-authentication-bypass-in-android-applications-the-offensive-security-way-c37d89b06db2?source=rss------bug_bounty-5 | ADIP | android-app-development, bug-bounty, penetration-testing, android, androiddev | 20-Mar-2024 |
Evaluate, apply, and sustain security governance principles ! | https://infosecwriteups.com/evaluate-apply-and-sustain-security-governance-principles-1e038a02423a?source=rss------bug_bounty-5 | Paritosh | security-governance, information-technology, cissp, bug-bounty, cybersecurity | 19-Mar-2024 |
The Ultimate Guide to Red Teaming: Inside “A-poc/RedTeam-Tools” | https://infosecwriteups.com/the-ultimate-guide-to-red-teaming-inside-a-poc-redteam-tools-69645572cf0f?source=rss------bug_bounty-5 | ElNiak | red-team, bug-bounty, github, penetration-testing, cybersecurity | 19-Mar-2024 |
3 Step Find Critical Bug In Bug Bounty — Bug Bounty Tuesday | https://medium.com/@kerstan/3-step-find-critical-bug-in-bug-bounty-bug-bounty-tuesday-99011ec2cf27?source=rss------bug_bounty-5 | kerstan | security, technology, cybersecurity, hacking, bug-bounty | 19-Mar-2024 |
Hunting JavaScript File for Bug Hunters | https://vivek-ghinaiya.medium.com/hunting-javascript-file-for-bug-hunters-e8b278a1306a?source=rss------bug_bounty-5 | Vivek Ghinaiya | bug-hunting, bug-bounty, bug-bounty-writeup, javascript, bug-bounty-tips | 19-Mar-2024 |
Finding the hidden function led to a $300 IDOR | https://infosecwriteups.com/finding-the-hidden-function-led-to-a-300-idor-d37219c66d03?source=rss------bug_bounty-5 | M7arm4n | bug-bounty-tips, bug-bounty, hacking, hacker, security | 19-Mar-2024 |
CVE-2024–28436 Cross-Site Scripting Vulnerability in D-Link DAP Products | https://djallalakira.medium.com/cve-2024-28436-cross-site-scripting-vulnerability-in-d-link-dap-products-3596976cc99f?source=rss------bug_bounty-5 | Djallalakira | bug-bounty, cybersecurity, bug-bounty-writeup | 19-Mar-2024 |
IDOR to read all user’s private route comments | https://medium.com/@youssifm.raghib/idor-to-read-all-users-private-route-comments-e97120d43262?source=rss------bug_bounty-5 | Youssif M Raghib | cybersecurity, bug-bounty, bug-bounty-tips | 19-Mar-2024 |
Get allmost all subdomains | https://medium.com/@petrukhin.s.a/get-allmost-all-subdomains-5694dcc3cb60?source=rss------bug_bounty-5 | Sergei Petrukhin | subdomain, bug-bounty, subdomains-enumeration, bug-bounty-tips | 19-Mar-2024 |
13.14 Lab: Reflected XSS into HTML context with most tags and attributes blocked | 2024 | https://cyberw1ng.medium.com/13-14-lab-reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-2024-7e2106ef89b2?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, penetration-testing, cybersecurity, hacking | 19-Mar-2024 |
The Art Of Unveiling Logs for Sensitive Data In Android Applications (The Offensive Security Way) | https://medium.com/@adipsharif/the-art-of-unveiling-logs-for-sensitive-data-in-android-applications-the-offensive-security-way-9c823532d004?source=rss------bug_bounty-5 | ADIP | cybersecurity, bug-bounty, application-security, penetration-testing, bug-bounty-tips | 19-Mar-2024 |
HackTheBox — Information Gathering: Active Enumeration | https://medium.com/@harry.hphu/hackthebox-information-gathering-active-enumeration-e43481ef85f9?source=rss------bug_bounty-5 | Huy Phu | subdomains-enumeration, hackthebox, enumeration, bug-bounty, information-gathering | 19-Mar-2024 |
Unleashing Chaos: The Tale of the 0-Click Account Takeover | https://medium.com/@hmuhamm3d/unleashing-chaos-the-tale-of-the-0-click-account-takeover-21c2cedabc4b?source=rss------bug_bounty-5 | Hassaan Mohamed | penetration-testing, bug-bounty, account-takeover, bugswagger, infosec-write-ups | 19-Mar-2024 |
The Art Of Determining Whether Sensitive Data Is Shared with Third Parties via Embedded Services … | https://medium.com/@adipsharif/the-art-of-determining-whether-sensitive-data-is-shared-with-third-parties-via-embedded-services-beba2856ef96?source=rss------bug_bounty-5 | ADIP | bug-bounty-tips, cybersecurity, penetration-testing, bug-bounty, hacking | 19-Mar-2024 |
Medium Member Friend Links bug | https://karol-mazurek.medium.com/medium-member-friend-links-bug-b1d0020fbe39?source=rss------bug_bounty-5 | Karol Mazurek | medium, information-technology, penetration-testing, cybersecurity, bug-bounty | 18-Mar-2024 |
[Bug Bounty]xlsx 上传导致 XXE 漏洞 | https://medium.com/@_thorns/bug-bounty-xlsx-%E4%B8%8A%E4%BC%A0%E5%AF%BC%E8%87%B4-xxe-%E6%BC%8F%E6%B4%9E-e0615bee6af6?source=rss------bug_bounty-5 | _thorns | bug-bounty | 18-Mar-2024 |
Burpsuite Beginners Guide | https://medium.com/@OthmaneAitBouftass/burpsuite-beginners-guide-6bc7a08ca8f7?source=rss------bug_bounty-5 | Othmane Ait Bouftass | web-security, penetration-testing, bug-bounty, cybersecurity, ethical-hacking | 18-Mar-2024 |
LAMPSecurity CTF5 Walkthrough | https://erdemstar.medium.com/lampsecurity-ctf5-walkthrough-d24f67a5fd63?source=rss------bug_bounty-5 | Erdemstar | oscp-preparation, penetration-testing, bug-bounty, vulnhub-walkthrough, vulnhub | 18-Mar-2024 |
Subdomain Fuzzing worth 35k bounty! | https://medium.com/@HX007/subdomain-fuzzing-worth-35k-bounty-daebcb56d9bc?source=rss------bug_bounty-5 | HX007 | cybersecurity, bug-bounty | 18-Mar-2024 |
Happy H@cking Psychomong | https://medium.com/@psychomong/trhappy-h-cking-psychomong-bfa566350a01?source=rss------bug_bounty-5 | Psychomong | hacking-tools, hacking, research, bug-bounty, bounty-program | 18-Mar-2024 |
13.13 Lab: Stored DOM XSS Cross Site Scripting | 2024 | https://cyberw1ng.medium.com/13-13-lab-stored-dom-xss-cross-site-scripting-2024-f4c9a21ea262?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, penetration-testing, hacking, cybersecurity | 18-Mar-2024 |
Security.txt Nedir ? | https://medium.com/@ozanbozkurt1974/security-txt-nedir-d7d38a069cd8?source=rss------bug_bounty-5 | ozan bozkurt | security, bug-bounty, cybersecurity, red-team | 18-Mar-2024 |
Orderly Network: Unleashing Creativity in the DeFi Ecosystem through the Scaling Web3 Hackathon | https://medium.com/@orderlynetwork/orderly-network-unleashing-creativity-in-the-defi-ecosystem-through-the-scaling-web3-hackathon-5cd75096ecba?source=rss------bug_bounty-5 | Orderly Network (,) | encode-club, orderly-network, bug-bounty, defi, blockchain-development | 18-Mar-2024 |
Web Security Short Series — SQLi. | https://medium.com/@frankyyano/web-security-short-series-sqli-f222f04431a6?source=rss------bug_bounty-5 | Yano. | oscp, appsec, bug-bounty, sqli, sql | 18-Mar-2024 |
XML External Entity (XXE) attack | https://bytebusterx.medium.com/xml-external-entity-xxe-attack-69f7b268be01?source=rss------bug_bounty-5 | ByteBusterX | vulnerability, bug-bounty, infosec, web-security | 18-Mar-2024 |
Happy H@cking Psychomong | https://medium.com/@psychomong123/trhappy-h-cking-psychomong-bfa566350a01?source=rss------bug_bounty-5 | Psychomong123 | hacking-tools, hacking, research, bug-bounty, bounty-program | 18-Mar-2024 |
Understanding Injection Attacks: A Deep Dive into OWASP’s Top Vulnerability | https://osintteam.blog/understanding-injection-attacks-a-deep-dive-into-owasps-top-vulnerability-7d59e3535187?source=rss------bug_bounty-5 | Paritosh | bug-bounty, cybersecurity, hacking, owasp, injection-attacks | 17-Mar-2024 |
Bug Zero at a Glance [01–15 March] | https://blog.bugzero.io/bug-zero-at-a-glance-01-15-march-ba1ba88870ee?source=rss------bug_bounty-5 | Januka Dharmapriya | sri-lanka, newsletter, cybersecurity, bug-zero, bug-bounty | 17-Mar-2024 |
Bug Bounty Platforms are a Scam [Mostly] | https://medium.com/@hacktheplanet/bug-bounty-platforms-are-a-scam-mostly-ea53fe54c53d?source=rss------bug_bounty-5 | HackthePlanet - A Hacker's Blog. | cybersecurity, scams-to-avoid, bug-bounty, hacking, bug-hunting | 17-Mar-2024 |
My Journey into Bug Bounty: Revealing My First Successful Discovery | https://medium.com/@kajol_singh/my-journey-into-bug-bounty-revealing-my-first-successful-discovery-81b5d2efcbde?source=rss------bug_bounty-5 | Kajol Kumari | bug-bounty-tips, bounty-program, bug-bounty, developer, cybersecurity | 17-Mar-2024 |
Skipping the email verification is Good (or) Bad? | https://medium.com/@Alex_crypto/skipping-the-email-verification-is-good-or-bad-ef045dc8d3ed?source=rss------bug_bounty-5 | Alex_Crypto | bug-bounty, security-analytics, hacking | 17-Mar-2024 |
Mastering XSS: A Comprehensive Guide to Finding Cross-Site Scripting Vulnerabilities | https://cyberw1ng.medium.com/mastering-xss-a-comprehensive-guide-to-finding-cross-site-scripting-vulnerabilities-3891ab930274?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, careers, hacking, penetration-testing | 17-Mar-2024 |
How I found my first ever bug. | https://osintteam.blog/how-i-found-my-first-ever-bug-89fedb5a9b3c?source=rss------bug_bounty-5 | an0nbil | cybersecurity, technology, programming, javascript, bug-bounty | 17-Mar-2024 |
Application Level DoS - Smoking with ‘null’ Again | https://shahjerry33.medium.com/application-level-dos-smoking-with-null-again-364ce16dad74?source=rss------bug_bounty-5 | Jerry Shah (Jerry) | pentesting, cybersecurity, bug-bounty, vulnerability, infosec | 17-Mar-2024 |
Redirecting a webpage from HTTP to HTTPS is safe and how to identify whether the webpage is safe or… | https://medium.com/@Alex_crypto/if-the-forgot-password-link-is-copied-and-pasted-into-the-new-tab-it-opens-in-http-and-directs-to-8e8f80c4a9f6?source=rss------bug_bounty-5 | Alex_Crypto | bug-bounty, security | 17-Mar-2024 |
Bug Bounty Learning Path | https://bevijaygupta.medium.com/bug-bounty-learning-path-0c0015d6a71d?source=rss------bug_bounty-5 | Vijay Gupta | bugs, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-zero | 17-Mar-2024 |
Bug Bounty Platforms | https://bevijaygupta.medium.com/bug-bounty-platforms-499275d1d9b4?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-platforms, bugs, bug-bounty, bug-bounty-tips | 17-Mar-2024 |
Bug Bounty Tutorial : Login Bypass Technique | https://rajput623929.medium.com/bug-bounty-tutorial-login-bypass-technique-d7508856b2a1?source=rss------bug_bounty-5 | Mr.Horbio | poc, bug-bounty, cybersecurity, ethical-hacking, pentesting | 17-Mar-2024 |
I earned $1000 with IDOR’s vulnerability to PII leaks outside the platform. | https://aryasec.medium.com/i-earned-1000-with-idors-vulnerability-to-pii-leaks-outside-the-platform-65b1cbcfa26e?source=rss------bug_bounty-5 | Tengku Arya Saputra | idor, bugbounty-writeup, bug-bounty, idor-vulnerability | 17-Mar-2024 |
How to make a living as a Hacker! | https://medium.com/@rafael.code77/how-to-make-a-living-as-a-hacker-ff8fafa98b0b?source=rss------bug_bounty-5 | Rafael Henrique | science, money, programming, bug-bounty, hacking | 16-Mar-2024 |
https://medium.com/@morganbinbash/-25027f11f71e?source=rss------bug_bounty-5 | Morgan Bin Bash | pentesting, cybersecurity, bug-bounty, cyber-threat-intelligence | 16-Mar-2024 | |
Types of Cyber Attacks on Each OSI Layer | https://medium.com/@kumarsachin1642001/types-of-cyber-attacks-on-each-osi-layer-56e746dfa3b8?source=rss------bug_bounty-5 | sachin kumar | cybersecurity, hackerone, hacker, cyberattack, bug-bounty | 16-Mar-2024 |
Tips to get your first bug/bounty | https://medium.com/@mr_prey3r/tips-to-get-your-first-bug-bounty-c5a862ad8567?source=rss------bug_bounty-5 | Rubayet Hasan aka MR_Prey3r | first-bug, bug-bounty, bug-bounty-tips, first-bounty, find-your-first-bug | 16-Mar-2024 |
Bug Bounty Challenge: Day 7–16/03/2024 | https://wallotry.medium.com/bug-bounty-challenge-day-7-16-03-2024-5c48ff96f9d0?source=rss------bug_bounty-5 | Wallotry | bug-bounty-writeup, bug-bounty, bug-bounty-tips, bug-bounty-hunter | 16-Mar-2024 |
IDOR + Content Injection Penetration Testing Lesson 5 | https://medium.com/@or0to/idor-content-injection-penetration-testing-lesson-5-fe3bdce12f8f?source=rss------bug_bounty-5 | Ali Essam | security, penetration-testing, bug-bounty, cybersecurity, ali | 16-Mar-2024 |
13.12 Lab: Reflected DOM XSS — Cross Site Scripting | 2024 | https://infosecwriteups.com/13-12-lab-reflected-dom-xss-cross-site-scripting-2024-0dc98e91ae42?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, bug-bounty, careers, penetration-testing | 16-Mar-2024 |
How Secure is Java’s SecureProcessing? | https://medium.com/@dub-flow/how-secure-is-javas-secureprocessing-ec49544a59ad?source=rss------bug_bounty-5 | Florian Walter | cybersecurity, application-security, java, code-review, bug-bounty | 16-Mar-2024 |
How I was able to disclose the Users’ chats with AI chat Bot? | https://medium.com/@who1am1i999/how-i-was-able-to-disclose-the-users-chats-with-ai-chat-bot-c7d8b13ca713?source=rss------bug_bounty-5 | WHO AM I ? | information-security, fuzzing, bug-bounty, cybersecurity, information-disclosure | 15-Mar-2024 |
Understanding Path Traversal Vulnerabilities: Risks and Mitigation | https://medium.com/@paritoshblogs/understanding-path-traversal-vulnerabilities-risks-and-mitigation-6149a506a65b?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-technology, hacking, cybersecurity, path-traversal | 15-Mar-2024 |
Account takeover via Password reset | https://medium.com/@Rahulkrishnan_R_Panicker/account-takeover-via-password-reset-c2658e1f58eb?source=rss------bug_bounty-5 | Rahulkrishnan R Panicker | bug-bounty, cybersecurity, bugbounty-writeup, programming, bug-bounty-writeup | 15-Mar-2024 |
I discovered a new way to bypass CSRF protection to achieve Account Takeover | https://medium.com/@vflexo/i-discovered-a-new-way-to-bypass-csrf-protection-to-achieve-account-takeover-73d1dff3c67a?source=rss------bug_bounty-5 | vFlexo | information-technology, bug-bounty, penetration-testing, vapt, ethical-hacking | 15-Mar-2024 |
BugRap Ecosystem Panorama: Empowering Web3 Security Development | https://medium.com/@BugRap_Team/bugrap-ecosystem-panorama-empowering-web3-security-development-6cbe2f7adb24?source=rss------bug_bounty-5 | BugRap Team | web-development, bug-bounty, security, btc | 15-Mar-2024 |
Exploring Bug Bounty Hunting as a Promising Career Choice for Cybersecurity Professionals | https://medium.com/mynextdeveloper/exploring-bug-bounty-hunting-as-a-promising-career-choice-for-cybersecurity-professionals-2015563daac8?source=rss------bug_bounty-5 | MyNextDeveloper | hacking, bug-bounty, cybersecurity, client-security, cyber | 15-Mar-2024 |
13.11 Lab: DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded |… | https://cyberw1ng.medium.com/13-11-lab-dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-d7188a250ad8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, hacking, careers, penetration-testing | 15-Mar-2024 |
Reconnaissance: How GitDorks can power up your recon! | https://medium.com/@kieran.w/reconnaissance-how-gitdorks-can-power-up-your-recon-da3c5e412925?source=rss------bug_bounty-5 | Kieran W | gitdorking, reconnaissance, penetration-testing, bug-bounty, security-testing | 15-Mar-2024 |
Bug Bounty Challenge: Day 6–15/03/2024 | https://wallotry.medium.com/bug-bounty-challenge-day-6-15-03-2024-a5c6c1a67647?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 15-Mar-2024 |
BChecks en Burp Suite Professional | https://medium.com/@ArtsSEC/bchecks-en-burp-suite-professional-5d8c4754349e?source=rss------bug_bounty-5 | ArtsSEC | burpsuite, development, penetration-testing, web-development, bug-bounty | 15-Mar-2024 |
13.10 Lab: DOM XSS in document.write | https://cyberw1ng.medium.com/13-10-lab-dom-xss-in-document-write-c702cd0bd743?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, careers, penetration-testing, hacking | 14-Mar-2024 |
MRS #2: Bypassing premium features by checking “premium validation” parameters (€€€) | https://infosecwriteups.com/mrs-2-bypassing-premium-features-by-checking-premium-validation-parameters-f2e211fad160?source=rss------bug_bounty-5 | can1337 | infosec, business-logic, bug-bounty-tips, bug-bounty, cybersecurity | 14-Mar-2024 |
Unleash the Power of the Crypto Drainer: Your Ultimate Weapon in Crypto Wallet Draining! | https://medium.com/@colbe.judge/unleash-the-power-of-the-crypto-drainer-your-ultimate-weapon-in-crypto-wallet-draining-bd4ece99cc24?source=rss------bug_bounty-5 | CryptoDrainX | bug-bounty, hacking, bug-bounty-tips, hacking-tools, money | 14-Mar-2024 |
Unleash the Ultimate Multichain Wallet Drainer — Crypto Drainer: Drain ’Em all with Just One Click! | https://medium.com/@colbe.judge/unleash-the-ultimate-multichain-wallet-drainer-crypto-drainer-drain-em-all-with-just-one-click-0afa35f9b736?source=rss------bug_bounty-5 | CryptoDrainX | bug-bounty, cryptocurrency, bug-bounty-tips, nft, bitcoin | 14-Mar-2024 |
Insane Crypto-Drainer Exposed: The Ultimate Wallet Drainer You Can’t Ignore! | https://medium.com/@colbe.judge/insane-crypto-drainer-exposed-the-ultimate-wallet-drainer-you-cant-ignore-7545f4c9c86d?source=rss------bug_bounty-5 | CryptoDrainX | bug-bounty, crypto, nft, defi, money | 14-Mar-2024 |
How To Get $100k in 2024 With Crypto [Unrevealed] | https://medium.com/@colbe.judge/how-to-get-100k-in-2024-with-crypto-unrevealed-b40081b8fb41?source=rss------bug_bounty-5 | CryptoDrainX | blockchain, cryptocurrency, hacking-tools, hacking, bug-bounty | 14-Mar-2024 |
5 Websites to Learn Bug Hunting: A Beginner’s Guide | https://medium.com/@aayushdhakal005/5-websites-to-learn-bug-hunting-a-beginners-guide-4399c2f94917?source=rss------bug_bounty-5 | Creepyshit | website, bug-bounty, cybersecurity, resources | 14-Mar-2024 |
Bug Bounty Challenge: Day 5–14/03/2024 | https://wallotry.medium.com/bug-bounty-challenge-day-5-14-03-2024-b8fe8dae8cb5?source=rss------bug_bounty-5 | Wallotry | bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter | 14-Mar-2024 |
GRWM for WebApp PenTest | Command Injection | https://redsock1337.medium.com/grwm-for-webapp-pentest-command-injection-e205906573e2?source=rss------bug_bounty-5 | Jbr | os, command-line, bug-bounty-tips, cybersecurity, bug-bounty | 14-Mar-2024 |
Uncovering Host Header Injection Vulnerabilities in 5 Apex Domain Hosts Part Two how to chain | https://javroot.medium.com/uncovering-host-header-injection-vulnerabilities-in-5-apex-domain-hosts-part-two-how-to-chain-0abe308a4807?source=rss------bug_bounty-5 | Javroot | web, hacking, penetration-testing, bug-bounty-tips, bug-bounty | 14-Mar-2024 |
API Security: Essential Tools for Endpoint Analysis | https://iaraoz.medium.com/api-security-essential-tools-for-endpoint-analysis-efb1c72675c0?source=rss------bug_bounty-5 | Israel Aráoz Severiche | bug-bounty, owasp, appsec, cybersecurity, api-security | 14-Mar-2024 |
Exploiting Cross-Site Scripting XSS vulnerabilities for Bug Bounty — Portswigger | 2024 | https://cyberw1ng.medium.com/exploiting-cross-site-scripting-xss-vulnerabilities-for-bug-bounty-portswigger-2024-88d6e1df4658?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, penetration-testing, cybersecurity, bug-bounty | 13-Mar-2024 |
How To Do Malware Analysis | https://medium.com/@paritoshblogs/how-to-do-malware-analysis-62bd1f8052bb?source=rss------bug_bounty-5 | Paritosh | cybersecurity, bug-bounty, information-technology, security, malware-analysis | 13-Mar-2024 |
Easiest way to find hidden api from js files | https://medium.com/@jeetpal2007/easiest-way-to-find-hidden-api-from-js-files-ce115a4ad1af?source=rss------bug_bounty-5 | JEETPAL | cybersecurity, bounties, api-key, easiest-way, bug-bounty | 13-Mar-2024 |
Enhancing Your Bug Hunting Skills: 5 Must-Read Books | https://medium.com/@aayushdhakal005/enhancing-your-bug-hunting-skills-5-must-read-books-edb6029c19a6?source=rss------bug_bounty-5 | Creepyshit | bug-bounty, cybersecurity, books, web | 13-Mar-2024 |
Lets Talk Pentest Strategy | https://medium.com/@hackstack/lets-talk-pentest-strategy-adea4d3b085e?source=rss------bug_bounty-5 | HackStack | pentest, pentesting, how-to, bug-bounty | 13-Mar-2024 |
Email based IDOR makes me update Other User Profile | https://rohmadhidayah.medium.com/email-based-idor-makes-me-update-other-user-profile-8e6e289f4391?source=rss------bug_bounty-5 | Rohmad Hidayah | idor, info-sec-writeups, infosec-write-ups, bug-bounty, bug-bounty-tips | 13-Mar-2024 |
Bug-Bounty/How I Found My FIRST Vulnerability and How could I Access the Admin Panel using it +… | https://medium.com/@rogxoorsafe/bug-bounty-how-i-found-my-first-vulnerability-and-how-could-i-access-the-admin-panel-using-it-899d75da2f37?source=rss------bug_bounty-5 | Alireza Rogxoor | cyberattack, bug-bounty, cybersecurity, hacking, security | 13-Mar-2024 |
Fuzzing to Kubernetes to IDOR to PII leak | https://nityanandjha18.medium.com/fuzzing-to-kubernetes-to-idor-to-pii-leak-dae0dda70090?source=rss------bug_bounty-5 | NITYA NAND JHA | vapt, ethical-hacking, bug-bounty | 13-Mar-2024 |
Researcher Q&A: Friends Who Work Together, Hack Better Together | https://blog.developer.adobe.com/researcher-q-a-friends-who-work-together-hack-better-together-c698ff0be732?source=rss------bug_bounty-5 | Renae Kang | security, bug-bounty-program, security-researchers, bug-bounty, ethical-hacker | 13-Mar-2024 |
PROXY FUZZING | https://karol-mazurek.medium.com/proxy-fuzzing-4dc77968cfd8?source=rss------bug_bounty-5 | Karol Mazurek | programming, information-technology, bug-bounty, python, cybersecurity | 13-Mar-2024 |
Reconnaissance? | https://mrrobotstxt.medium.com/reconnaissance-ca2fa7bf821d?source=rss------bug_bounty-5 | Mr. Robots.txt | hackathons, bug-bounty, hacking, penetration-testing, cybersecurity | 13-Mar-2024 |
How much money did I make from doing Bug Bounty? | https://systemweakness.com/how-much-money-did-i-make-from-doing-bug-bounty-707438b71f47?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty, programming, hacking, cybersecurity, bug-bounty-tips | 13-Mar-2024 |
Cross-site scripting contexts for Bug Bounty — Portswigger | 2024 | https://cyberw1ng.medium.com/cross-site-scripting-contexts-for-bug-bounty-portswigger-2024-b927cfa70de3?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, penetration-testing, bug-bounty, cybersecurity | 12-Mar-2024 |
Business Logic Errors allow me to buy Products at Low Prices on Farmaku.com | https://rohmadhidayah.medium.com/business-logic-errors-allow-me-to-buy-products-at-low-prices-on-farmaku-com-b8c9c0bcf5cc?source=rss------bug_bounty-5 | Rohmad Hidayah | info-sec-writeups, bug-bounty-tips, business-logic, bug-bounty, infosec-write-ups | 12-Mar-2024 |
ShentuChain Unveils a Constellation of High-profile Investors | https://shentuchain.medium.com/shentuchain-unveils-a-constellation-of-high-profile-investors-54b612b8dc30?source=rss------bug_bounty-5 | Shentu Chain | binance, cybersecurity, investors, bug-bounty, announcements | 12-Mar-2024 |
How I Discovered My First Critical Vulnerability in My Bug Bounty Career | https://snip3rgg.medium.com/how-i-discovered-my-first-critical-vulnerability-in-my-bug-bounty-career-cf0e048d14cb?source=rss------bug_bounty-5 | Sahil Bugade (snip3rgg) | infosec, bug-bounty, vulnerability, bug-bounty-tips, cybersecurity | 12-Mar-2024 |
Account Takeover Through Rate-Limit Bypass — Bug Bounty Tuesday | https://medium.com/@kerstan/account-takeover-through-rate-limit-bypass-bug-bounty-tuesday-01229168dd89?source=rss------bug_bounty-5 | kerstan | bug-bounty, security, programming, cybersecurity, technology | 12-Mar-2024 |
How I found my first ever valid bug on Hackerone | https://medium.com/@rubaethasanariyan/how-i-found-my-first-ever-valid-bug-on-hackerone-da30015aa08d?source=rss------bug_bounty-5 | Rubayet Hasan aka MR_Prey3r | bug-bounty-tips, bugbounty-poc, first-bug, hackerone, bug-bounty | 12-Mar-2024 |
Guvenkaya Security Insights Series — Sweat Economy | https://medium.com/@guvenkaya-sec/guvenkaya-security-insights-series-sweat-economy-dbe681a79e7a?source=rss------bug_bounty-5 | Guvenkaya | near-protocol, bug-bounty, smart-contracts, rust, web3 | 12-Mar-2024 |
BYPASSING PARENTAL CONTROL ON WHOLE APPLE ECO-SYSTEM | https://medium.com/@sam0-0/bypassing-parental-control-on-whole-apple-eco-system-1c6975c24105?source=rss------bug_bounty-5 | Sam | bug-bounty, apple, infosec, bugbounty-writeup | 12-Mar-2024 |
Bug Bounty Challenge: Day 4/15–12/03/2024 | https://wallotry.medium.com/bug-bounty-challenge-day-4-15-12-03-2024-412bf44f8b83?source=rss------bug_bounty-5 | Wallotry | bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-hunting | 12-Mar-2024 |
Minha Experiência ao Obter a Certificação CBBH | https://tiredandsick.medium.com/cbbh-experience-prbt-bc2b376c4124?source=rss------bug_bounty-5 | SickAndTired | bug-bounty, hacking, pentesting, cbbh, hackthebox-academy | 12-Mar-2024 |
Utilizing Log Poisoning: Elevating from LFI to RCE | https://medium.com/@YNS21/utilizing-log-poisoning-elevating-from-lfi-to-rce-5dca90d0a2ac?source=rss------bug_bounty-5 | Youness Abbida | bug-bounty, hackthebox, local-file-inclusion, hackthebox-writeup, cybersecurity | 12-Mar-2024 |
Bug Bounty — Improper Authentication using Google Auth | https://medium.com/@nourrisson.julien3/bug-bounty-improper-authentication-using-google-auth-b45fbddab9be?source=rss------bug_bounty-5 | Nourrisson Julien | bug-bounty, cybersecurity | 11-Mar-2024 |
HTML INJECTION (Payload List) | https://medium.com/@psychomong/html-injection-payload-list-735e69f522ca?source=rss------bug_bounty-5 | psychomong | bug-bounty, bugs, html, injection, htmlinput | 11-Mar-2024 |
Race Conditions + IDOR Leads to Bypass Email Verification & Phone Verification | https://medium.com/@ozomarzu/race-conditions-idor-leads-to-bypass-email-verification-phone-verification-f62c7d7b97e5?source=rss------bug_bounty-5 | CyberOz | bugs, writeup, bug-bounty, hacking, bug-bounty-tips | 11-Mar-2024 |
Exploring AI Penetration Testing | https://medium.com/@adityasawant00/exploring-ai-penetration-testing-38891e861acd?source=rss------bug_bounty-5 | Aditya Sawant | hacking, bug-bounty, penetration-testing, ai, large-language-models | 11-Mar-2024 |
Bug Bounty Challenge: Day 3/15–11/03/2024 | https://wallotry.medium.com/bug-bounty-challenge-day-3-15-11-03-2024-38993610e657?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 11-Mar-2024 |
HTML Injection on NASA.gov | https://medium.com/@boogsta/html-injection-on-nasa-gov-91b1d3602ea0?source=rss------bug_bounty-5 | Boogsta | hacking, cybersecurity, hacker, cyber, bug-bounty | 11-Mar-2024 |
3 Information Disclosure in Bug Bounty Program | https://medium.com/@jm7.zx/3-information-disclosure-in-bug-bounty-program-e0c12f6e25d5?source=rss------bug_bounty-5 | Jm7.sz | bug-bounty, cybersecurity, programming, data-science | 11-Mar-2024 |
GRWM for WebApp PenTest | XPATH Injection | https://whyjbr.medium.com/grwm-for-webapp-pentest-xpath-injection-0906154bbe91?source=rss------bug_bounty-5 | Jbr | xpath, bug-bounty, cybersecurity, hacking, ethical-hacking | 11-Mar-2024 |
Exfiltrating Sensitive Information via Reflected XSS Bypassing Cloudflare | https://medium.com/@mayankchoubey507/exfiltrating-sensitive-information-via-reflected-xss-bypassing-cloudfare-d82d9ccc24d6?source=rss------bug_bounty-5 | Mayankchoubey | cybersecurity, xss-bypass, cloudflare, bug-bounty, xss-attack | 11-Mar-2024 |
24.4 Lab: Exploiting server-side parameter pollution in a query string | 2024 | https://infosecwriteups.com/24-4-lab-exploiting-server-side-parameter-pollution-in-a-query-string-2024-ac0e23db9c02?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, penetration-testing, cybersecurity, bug-bounty, careers | 11-Mar-2024 |
Top 7 BurpSuite Extensions for BugBounty- Part-1 | https://medium.com/@Ajakcybersecurity/top-7-burpsuite-extensions-for-bugbounty-part-1-4e9639649601?source=rss------bug_bounty-5 | AjakCybersecurity | hacking, ethical-hacking, penetration-testing, burpsuite, bug-bounty | 11-Mar-2024 |
HackTheBox — Information Gathering | https://medium.com/@harry.hphu/hackthebox-information-gathering-a2d78c901dd0?source=rss------bug_bounty-5 | Huy Phu | hackthebox, enumeration, bug-bounty, information-gathering | 11-Mar-2024 |
HackTheBox — Information Gathering: Passive Enumeration | https://medium.com/@harry.hphu/hackthebox-information-gathering-passive-enumeration-85e45503683d?source=rss------bug_bounty-5 | Huy Phu | passive-reconnaissance, hackthebox, information-gathering, bug-bounty | 11-Mar-2024 |
Vulnerability Vault: Breaking Down SSRF — Server Side Request Forgery (Part 2) | https://psychovik.medium.com/vulnerability-vault-breaking-down-ssrf-server-side-request-forgery-part-2-a08d4a2b3d96?source=rss------bug_bounty-5 | Vikas Sharma | hacking, cybersecurity, ssrf, bug-bounty, vulnerability | 10-Mar-2024 |
The Reset Password Attack Vector | https://balook.medium.com/the-reset-password-attack-vector-833e1291bb15?source=rss------bug_bounty-5 | baluz | bug-bounty | 10-Mar-2024 |
How I get My First $$$$ Bounty? | https://medium.com/@hacdoc/how-i-get-my-first-bounty-ec4d83eb5fbf?source=rss------bug_bounty-5 | Jaikumar | bug-bounty-tips, hacking, bug-bounty | 10-Mar-2024 |
GRWM for WebApp PenTest | Insecure Deserialization | https://whyjbr.medium.com/grwm-for-webapp-pentest-insecure-deserialization-adfa4f8cf53f?source=rss------bug_bounty-5 | Jbr | php, bug-bounty, inspiration, cybersecurity, hacking | 10-Mar-2024 |
How I get My First $$$$ Bounty? | https://medium.com/@hacdoc/how-i-get-my-first-bounty-ec4d83eb5fbf?source=rss------bug_bounty-5 | ஜெய் | bug-bounty-tips, hacking, bug-bounty | 10-Mar-2024 |
24.3 Lab: Exploiting a mass assignment vulnerability | 2024 | https://infosecwriteups.com/24-3-lab-exploiting-a-mass-assignment-vulnerability-2024-cc97a296d5fc?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, cybersecurity, bug-bounty, hacking | 10-Mar-2024 |
Information Gathering #1 | https://medium.com/@mxfx1989/information-gathering-1-192f58c49f2e?source=rss------bug_bounty-5 | z4z4_h1 | red-team, cybersecurity, bug-bounty, hacking, infosec | 10-Mar-2024 |
Easiest bugs to start | https://medium.com/@petrukhin.s.a/easiest-bugs-to-start-9f92d87f6e36?source=rss------bug_bounty-5 | Sergei Petrukhin | open-redirect, bug-bounty | 10-Mar-2024 |
Subdomains Enumeration | https://d4t4s3c.medium.com/subdomains-enumeration-a23f44ba4687?source=rss------bug_bounty-5 | d4t4s3c | bug-bounty, vhost, red-team, pentesting, subdomains-enumeration | 10-Mar-2024 |
Bug Bounty Challenge: Day 2/15–10/03/2024 | https://wallotry.medium.com/bug-bounty-challenge-day-1-15-10-03-2024-b946472d71c8?source=rss------bug_bounty-5 | Wallotry | bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup, bug-bounty | 10-Mar-2024 |
Cross-origin resource sharing (CORS) | Web application Vulnerability | https://abineshm.medium.com/cross-origin-resource-sharing-cors-web-application-vulnerability-afc0d3d35063?source=rss------bug_bounty-5 | Abinesh M | vulnerability, web-application-security, security, bug-bounty, bugs | 09-Mar-2024 |
Untangling Dependency Confusion: Exploring Threats and Protections | https://jareddouville.medium.com/untangling-dependency-confusion-exploring-threats-and-protections-7dd7f58de127?source=rss------bug_bounty-5 | Jared Douville | npm, bug-bounty, hacking, hackerone | 09-Mar-2024 |
24.2 Lab: Finding and exploiting an unused API endpoint | 2024 | https://cyberw1ng.medium.com/24-2-lab-finding-and-exploiting-an-unused-api-endpoint-2024-81f3451df1a1?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, hacking, careers, bug-bounty, penetration-testing | 09-Mar-2024 |
Bug Bounty Challenge: Day 1/15–09/03/2024 | https://wallotry.medium.com/bug-bounty-challenge-day-1-15-09-03-2024-f7b1824f2262?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 09-Mar-2024 |
24.1 Lab: Exploiting an API endpoint using documentation | 2024 | https://cyberw1ng.medium.com/24-1-lab-exploiting-an-api-endpoint-using-documentation-2024-5e7de5aaf53e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, security, careers, hacking, bug-bounty | 08-Mar-2024 |
Vulnerability Vault: Breaking Down SSRF — Server Side Request Forgery (Part 1) | https://psychovik.medium.com/vulnerability-vault-breaking-down-ssrf-server-side-request-forgery-part-1-b7e658589dd9?source=rss------bug_bounty-5 | Vikas Sharma | cybersecurity, hacking, vulnerability, bug-bounty, ssrf | 08-Mar-2024 |
1K Followers Giveaway- | https://medium.com/@Ajakcybersecurity/1k-followers-giveaway-892488a38a48?source=rss------bug_bounty-5 | AjakCybersecurity | cybersecurity, giveaway, free, bug-bounty, ethical-hacking | 08-Mar-2024 |
Sensitive Data Exposed when placing an Order | https://rohmadhidayah.medium.com/sensitive-data-exposed-when-placing-an-order-5549baed9186?source=rss------bug_bounty-5 | Rohmad Hidayah | infosec-write-ups, bug-bounty-tips, info-sec-writeups, bug-bounty | 08-Mar-2024 |
BSides Transylvania Is Not A Simple Conference, Is a Training Ground For Your Security Team | https://corneacristian.medium.com/bsides-transylvania-is-not-a-simple-conference-is-a-training-ground-for-your-security-team-c41cdf30778f?source=rss------bug_bounty-5 | Cristian Cornea | romania, ethical-hacking, tech, cybersecurity, bug-bounty | 08-Mar-2024 |
Server-Side Template Injection (SSTI) ☠️ Deep Dive | https://cyberbull.medium.com/server-side-template-injection-ssti-%EF%B8%8F-deep-dive-512904b8a8ae?source=rss------bug_bounty-5 | Aditya Pandey | web-security, security, cybersecurity, bug-bounty, ethical-hacking | 08-Mar-2024 |
Bug Bounty Challenge: Day 0/15 | https://wallotry.medium.com/bug-bounty-challenge-day-0-15-8e88c5b4cc6b?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 08-Mar-2024 |
0 Click Account Takeover Via reset password weird behavior | https://medium.com/@0xSnowmn/0-click-account-takeover-via-reset-password-weird-behavior-026846e5f850?source=rss------bug_bounty-5 | Snow Mars | bug-bounty, bug-bounty-tips, cybersecurity | 08-Mar-2024 |
WinRAR 7.0 DLL Hijacking -> Local RCE [0-day] | https://medium.com/@boogsta/winrar-7-0-dll-hijacking-local-rce-0-day-6d90765c6601?source=rss------bug_bounty-5 | Boogsta | cybersecurity, bug-bounty, hacks, hacking, cyber | 08-Mar-2024 |
Usb data recovery — Digital forensics intro | https://medium.com/@Rahulkrishnan_R_Panicker/usb-data-recovery-digital-forensics-intro-0c57337425b5?source=rss------bug_bounty-5 | Rahulkrishnan R Panicker | digital-forensics, tech, bug-bounty, pentesting, hacking | 07-Mar-2024 |
Increasing IMPACT of No Rate Limit on Email Endpoints. | https://shubham-srt.medium.com/increasing-impact-of-no-rate-limit-on-email-endpoints-d66cf08dafaf?source=rss------bug_bounty-5 | Shubham SRT | web-app-security, hacking, cybersecurity, bug-bounty, vapt | 07-Mar-2024 |
API Testing for Bug Bounty — Portswigger | 2024 | https://cyberw1ng.medium.com/api-testing-for-bug-bounty-portswigger-2024-bd8343cc2c10?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, careers, hacking, security | 07-Mar-2024 |
Verileri Çıkarmak için NoSQL Enjeksiyonundan Yararlanma | https://medium.com/@hhuseyinuyar17/verileri-%C3%A7%C4%B1karmak-i%C3%A7in-nosql-enjeksiyonundan-yararlanma-ace89e11bc69?source=rss------bug_bounty-5 | Hhuseyinuyar | bug-bounty, nosql, injection, burpsuite, mongodb | 07-Mar-2024 |
Exploring Bug Bounty Programs: An overview and Varieties | https://medium.com/@lovepatel3223/exploring-bug-bounty-programs-an-overview-and-varieties-6f8539279704?source=rss------bug_bounty-5 | Prem Patel | bug-bounty, bug-bounty-types | 07-Mar-2024 |
API Testing for Bug Bounty — Portswigger | 2024 | https://infosecwriteups.com/api-testing-for-bug-bounty-portswigger-2024-bd8343cc2c10?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, careers, hacking, security | 07-Mar-2024 |
How I found Reflected XSS which leads to Account Takeover on an E-commerce website | https://medium.com/@npthin1804/how-i-found-reflected-xss-which-leads-to-account-takeover-on-an-e-commerce-website-47200dd631b6?source=rss------bug_bounty-5 | Npthin | bug-bounty, infosec-write-ups, reflected-xss | 07-Mar-2024 |
Click, Intercept, Hack: Checkmate on Access Control Vulnerability | https://anasbetis023.medium.com/click-intercept-hack-checkmate-on-access-control-vulnerability-20152a7149e2?source=rss------bug_bounty-5 | Anas H Hmaidy | cybersecurity, web-security, ethical-hacking, penetration-testing, bug-bounty | 07-Mar-2024 |
XSLeak de-anonymize Facebook user visiting website | https://mustafa0x2021.medium.com/xsleak-de-anonymize-facebook-user-visiting-website-8f6c725235e8?source=rss------bug_bounty-5 | Mustafa | bug-bounty, meta | 07-Mar-2024 |
echo “Hello, World” | https://projectpolarbear.com/echo-hello-world-4233c914b944?source=rss------bug_bounty-5 | Mr. Robots.txt | soc, blue-team, cybersecurity, red-team, bug-bounty | 07-Mar-2024 |
Fixing Facebook: A Privacy Issue Ignored? | https://medium.com/@mynkpdr/fixing-facebook-a-privacy-issue-ignored-6c048dacc824?source=rss------bug_bounty-5 | mynkpdr | messenger, bug-bounty-writeup, facebook, bug-bounty, facebook-bug-bounty | 07-Mar-2024 |
How to find server security misconfiguration leak data users | https://medium.com/@sam_0x0/how-to-find-server-security-misconfiguration-leak-data-users-f7a43c008e33?source=rss------bug_bounty-5 | Eslam Omar | bug-bounty, bug-bounty-tips, bugcrowd, bugs, web-pen-testing | 07-Mar-2024 |
How to find server security misconfiguration leak data users | https://systemweakness.com/how-to-find-server-security-misconfiguration-leak-data-users-f7a43c008e33?source=rss------bug_bounty-5 | Eslam Omar | bug-bounty, bug-bounty-tips, bugcrowd, bugs, web-pen-testing | 07-Mar-2024 |
How I found Reflected XSS which leads to Account Takeover on an E-commerce website | https://medium.com/@npthin1804/how-i-found-reflected-xss-which-leads-to-account-takeover-on-an-e-commerce-website-47200dd631b6?source=rss------bug_bounty-5 | p00dl3 | bug-bounty, infosec-write-ups, reflected-xss | 07-Mar-2024 |
Bug Bounty - Insecure Deserialization to Reverse Shell | https://medium.com/@jobaa23/insecure-deserialization-to-reverse-shell-9f007b440d6f?source=rss------bug_bounty-5 | 0x4141 | bug-bounty, remote-code-execution, hacking, bug-hunting, insecure-deserialization | 07-Mar-2024 |
Host Header Poison lead to account takeover | https://medium.com/@masterhackor22/host-header-poison-lead-to-account-takeover-8c432fb54b29?source=rss------bug_bounty-5 | master hackor | bounty-program, bugs, penetration-testing, cybersecurity, bug-bounty | 06-Mar-2024 |
[letsdefend.io] SOC164 — Suspicious Mshta Behavior | https://medium.com/@yasminramadini/letsdefend-io-soc164-suspicious-mshta-behavior-36dfa3d74843?source=rss------bug_bounty-5 | Yasmin Ramadini | tryhackme, bug-bounty, indonesia, letsdefendio, ctf-writeup | 06-Mar-2024 |
[letsdefend.io] SOC169 — Possible IDOR Attack Detected | https://medium.com/@yasminramadini/letsdefend-io-soc169-possible-idor-attack-detected-dda468ceab28?source=rss------bug_bounty-5 | Yasmin Ramadini | ctf-writeup, bug-bounty, tryhackme, letsdefendio, indonesia | 06-Mar-2024 |
[letsdefend.io] SOC168 — Whoami Command Detected in Request Body | https://medium.com/@yasminramadini/letsdefend-io-soc168-whoami-command-detected-in-request-body-c4813fab47e4?source=rss------bug_bounty-5 | Yasmin Ramadini | bug-bounty, tryhackme, indonesia, letsdefendio, ctf-writeup | 06-Mar-2024 |
[Letsdefend.io] SOC170 — Passwd Found in Requested URL — Possible LFI Attack | https://medium.com/@yasminramadini/letsdefend-io-soc170-passwd-found-in-requested-url-possible-lfi-attack-1828c436e703?source=rss------bug_bounty-5 | Yasmin Ramadini | letsdefendio, bug-bounty, tryhackme, ctf-writeup, indonesia | 06-Mar-2024 |
Apa Itu Kriptografi? Enkripsi, Encoding, Dan Hashing | https://medium.com/@yasminramadini/apa-itu-kriptografi-enkripsi-encoding-dan-hashing-ddb39d69eb93?source=rss------bug_bounty-5 | Yasmin Ramadini | pentesting, tryhackme, indonesia, cybersecurity, bug-bounty | 06-Mar-2024 |
How i bypassed input limitations to get Admin ATO | https://medium.com/@0x3adly/how-i-bypassed-input-limit-to-get-admin-ato-f2d56f40f505?source=rss------bug_bounty-5 | Anas Eladly ( 0x3adly ) | cybersecurity, web-penetration-testing, xss-attack, bug-bounty, bug-bounty-tips | 06-Mar-2024 |
Microsoft Exchange Server Remote Code Execution Vulnerability | https://medium.com/@ryuzakiryuga31/microsoft-exchange-server-remote-code-execution-vulnerability-89354c6e6586?source=rss------bug_bounty-5 | R09sh | bug-bounty, blackhat, rce-vulnerability, cybersecurity, cyberattack | 06-Mar-2024 |
At age of 18, How I got first “Future” Job Offer from Korean MNC through bug bounties | https://medium.com/@manan_sanghvi/at-age-of-18-how-i-got-first-future-job-offer-from-korean-mnc-through-bug-bounties-2cfb7d4a9e8c?source=rss------bug_bounty-5 | Manan Sanghvi | ethical-hacking, cybersecurity, bug-bounty, penetration-testing, job-offer | 06-Mar-2024 |
Vulnerable WordPress February 2024 (Jushin Castle) | https://medium.com/@onhexgroup/vulnerable-wordpress-february-2024-jushin-castle-340990bdb9fb?source=rss------bug_bounty-5 | Onhexgroup | bug-bounty, cybersecurity, security, infosec, wordpress | 06-Mar-2024 |
Data Lake introduces the second bug bounty campaign of its patients recruitment Application | https://datalaketoken.medium.com/data-lake-introduces-the-second-bug-bounty-campaign-of-its-patients-recruitment-application-88be6e0399a4?source=rss------bug_bounty-5 | Data Lake | bug-bounty, medical-data, research, data-lake, desci | 06-Mar-2024 |
How I Passed eWPTX v2 Exam Without Courseware | https://medium.com/@adityasawant00/how-i-passed-ewptx-v2-exam-without-courseware-1711edd7fb32?source=rss------bug_bounty-5 | Aditya Sawant | hacking, penetration-testing, certification, bug-bounty, security | 06-Mar-2024 |
12.4 Lab: Exploiting NoSQL operator injection to extract unknown fields | 2024 | https://infosecwriteups.com/12-4-lab-exploiting-nosql-operator-injection-to-extract-unknown-fields-2024-866996b9fff2?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, hacking, careers, penetration-testing | 06-Mar-2024 |
Upload Backdoor in profile picture and OTP Bypass | https://medium.com/@sahilkushwaha275/upload-backdoor-in-profile-picture-and-otp-bypass-3c2e2e18fbbb?source=rss------bug_bounty-5 | S33NU | bug-bounty, technology, bug-hunting, bounty-program, programming | 06-Mar-2024 |
Story of Lock up users’ account by DOS attack cost $1,100 | https://m7arm4n.medium.com/story-of-lock-up-users-account-by-dos-attack-cost-1-100-87b47d06a7c1?source=rss------bug_bounty-5 | M7arm4n | hacker, hacking, bug-bounty, security, bug-bounty-tips | 06-Mar-2024 |
Uncovering Host Header Injection Vulnerabilities in 5 Apex Domain Hosts | https://javroot.medium.com/uncovering-host-header-injection-vulnerabilities-in-5-apex-domain-hosts-c45f79e82862?source=rss------bug_bounty-5 | Javroot | hosting, bug-hunting, hacking, white-hat-hacker, bug-bounty | 05-Mar-2024 |
Bug-Bounty Beginning (Day-1) | https://medium.com/@bv1459/bug-bounty-beginning-day-1-bc5fa649ff45?source=rss------bug_bounty-5 | Bala Prasanna Gopal Volisetty | bug-bounty, kali-linux, hacking-tools, hacking | 05-Mar-2024 |
XXEs are lurking in unexpected places and you'll find these vulnerabilities almost everywhere | https://medium.com/@securelearn/xxes-are-lurking-in-unexpected-places-and-youll-find-these-vulnerabilities-almost-everywhere-aefeef9d7cbb?source=rss------bug_bounty-5 | Rohan Giri | bug-bounty-tips, web-vulnerabilities, bug-bounty | 05-Mar-2024 |
How I Found Multiple XSS Vulnerabilities Using Unknown Techniques | https://infosecwriteups.com/how-i-found-multiple-xss-vulnerabilities-using-unknown-techniques-74f8e705ea0d?source=rss------bug_bounty-5 | Khaledyassen | xss-attack, hacking, bug-bounty, bug-bounty-tips, cybersecurity | 05-Mar-2024 |
Tips Melakukan Analisa Email Phishing | https://medium.com/@yasminramadini/tips-melakukan-analisa-email-phishing-e4d8f5b4bed6?source=rss------bug_bounty-5 | Yasmin Ramadini | cybersecurity, indonesia, soc-analyst, tryhackme, bug-bounty | 05-Mar-2024 |
12.3 Lab: Exploiting NoSQL injection to extract data | 2024 | https://infosecwriteups.com/12-3-lab-exploiting-nosql-injection-to-extract-data-2024-ca9896a3c964?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, careers, cybersecurity, security | 05-Mar-2024 |
Apa Itu OSI Model? Protokol Dan Enkapsulasi Tiap Layernya | https://medium.com/@yasminramadini/apa-itu-osi-model-protokol-dan-enkapsulasi-tiap-layernya-6faa7a0e8bbb?source=rss------bug_bounty-5 | Yasmin Ramadini | soc-analyst, tryhackme, cybersecurity, indonesia, bug-bounty | 05-Mar-2024 |
Apa Itu TCP, UDP, Dan Three-way Handsh | https://medium.com/@yasminramadini/apa-itu-tcp-udp-dan-three-way-handsh-03edaf55c42d?source=rss------bug_bounty-5 | Yasmin Ramadini | soc-analyst, bug-bounty, cybersecurity, indonesia, tryhackme | 05-Mar-2024 |
Road Map to Bug Bounty: A Beginner’s Guide | https://bjamali.medium.com/road-map-to-bug-bounty-a-beginners-guide-bd14b44e174b?source=rss------bug_bounty-5 | Babar Ali Jamali | information-security, cyber, hacking, cybersecurity, bug-bounty | 05-Mar-2024 |
5 Tips GoogleDocks you should know — Bug Bounty Tuesday | https://medium.com/@kerstan/5-tips-googledocks-you-should-know-bug-bounty-tuesday-49007026903f?source=rss------bug_bounty-5 | kerstan | technology, cybersecurity, bug-bounty, programming, security | 5-Mar-2024 |
#9.TryHackMe Series writeups-LazyAdmin | https://cyb3rmind.medium.com/9-tryhackme-series-writeups-lazyadmin-7712917a2333?source=rss------bug_bounty-5 | Cyb3r M!nd | walkthrough, lazy-admin, tryhackme-writeup, tryhackme, bug-bounty | 05-Mar-2024 |
Unauthorized access to Facebook creator’s professional dashboard | https://gtm0x01.medium.com/unauthorized-access-to-facebook-creators-professional-dashboard-e35d98644258?source=rss------bug_bounty-5 | Gtm Mänôz | facebook, medium, graphql, bug-bounty, writeup | 05-Mar-2024 |
My Recon Methodology (ep 1) | https://realm3ter.medium.com/my-recon-methodology-ep-1-bc9e6fd660ad?source=rss------bug_bounty-5 | Muhammad Mater | bug-bounty, recon, osint | 05-Mar-2024 |
Knock, Knock. Who’s there? SSRF! SSRF who? Redirect SSRF! | https://atemporalzen.medium.com/knock-knock-whos-there-ssrf-ssrf-who-redirect-ssrf-449f5d18c5a7?source=rss------bug_bounty-5 | atemporalzen | bug-bounty, cybersecurity, hacking, ssrf | 05-Mar-2024 |
Payload will after you | https://medium.com/@isuk4/payload-will-after-you-3e16eaa17517?source=rss------bug_bounty-5 | Isuka sanuj | sql-injection, second-order-attack, pentesting, web-app-exploits, bug-bounty | 05-Mar-2024 |
HTTP Request Smuggling: WWWWWH? | https://medium.com/@rcxsecurity/http-request-smuggling-wwwwwh-85be9c46a38e?source=rss------bug_bounty-5 | RCXSecurity | cybersecurity, pentesting, bug-bounty-tips, bug-bounty, application-security | 05-Mar-2024 |
The Danger of PHP Eval(): | https://medium.com/@pkhuyar/the-danger-of-php-eval-a23410187ca2?source=rss------bug_bounty-5 | Prashant Roy | bug-bounty, php, cybersecurity, penetration-testing, ctf | 05-Mar-2024 |
Hacking the UK government ( FULL database access ) | https://ahmadmansourr.medium.com/hacking-the-uk-government-full-database-access-496a94e6cc9c?source=rss------bug_bounty-5 | Ahmad Mansour | computer-science, bug-bounty, hacking, pentesting, cybersecurity | 05-Mar-2024 |
BAC Leads To Full Takeover Of Any Organisation | https://medium.com/@ismailsaid1603/bac-leads-to-full-takeover-of-any-organisation-0fc21cf4cb5e?source=rss------bug_bounty-5 | Esmail Saied | bug-bounty, broken-access-control, idor, bugcrowd, cybersecurity | 05-Mar-2024 |
Information Disclosure — Instructor’s Email Address leaked in Response | https://rohmadhidayah.medium.com/information-disclosure-instructors-email-address-leaked-in-response-1737551d5a8b?source=rss------bug_bounty-5 | Rohmad Hidayah | info-sec-writeups, bug-bounty-tips, bug-bounty, information-disclosure, infosec-write-ups | 04-Mar-2024 |
OTP Bypass Via Response Manipulation | https://medium.com/@maratherao93/otp-bypass-via-response-manipulation-e55352c5c419?source=rss------bug_bounty-5 | Marathe Rao | bug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup | 04-Mar-2024 |
the Intricacies of WiFi Hacking | https://medium.com/@paritoshblogs/the-intricacies-of-wifi-hacking-76c404240111?source=rss------bug_bounty-5 | Paritosh | bug-bounty, cybersecurity, hacking, wifi, programming | 04-Mar-2024 |
Apa Itu Cyber Kill Chain Dalam Cyber Security | https://medium.com/@yasminramadini/apa-itu-cyber-kill-chain-dalam-cyber-security-5e993233615c?source=rss------bug_bounty-5 | Yasmin Ramadini | tryhackme, soc-analyst, indonesia, bug-bounty, cybersecurity | 04-Mar-2024 |
Apa Itu Pyramid Of Pain Dalam Cyber Security | https://medium.com/@yasminramadini/apa-itu-pyramid-of-pain-dalam-cyber-security-7e08932e8ed9?source=rss------bug_bounty-5 | Yasmin Ramadini | tryhackme, indonesia, bug-bounty, cybersecurity, soc-analyst | 04-Mar-2024 |
It assignment helper https://www.fiverr.com/s/QAR93y | https://medium.com/@drugdirectory96/it-assignment-helper-https-www-fiverr-com-s-qar93y-30e688ba78e9?source=rss------bug_bounty-5 | Masud Rana | javascript, money, bug-bounty, software-development, bug-bounty-tips | 04-Mar-2024 |
My Report Summaries #1: Project manager can see & download all users’ login history at redacted app… | https://infosecwriteups.com/my-report-summaries-1-project-manager-can-see-download-all-users-login-history-at-redacted-app-6a41597b5d11?source=rss------bug_bounty-5 | can1337 | infosec, bug-bounty, idor, cybersecurity | 04-Mar-2024 |
Come diventare un hacker nel 2024 | https://medium.com/@d0lf1_/come-diventare-un-hacker-nel-2024-493c8c0ced9a?source=rss------bug_bounty-5 | d0lf1 | italiano, penetration-testing, google, bug-bounty, hacking | 04-Mar-2024 |
11.8 Lab: Exploiting XXE via image file upload | 2024 | https://cyberw1ng.medium.com/11-8-lab-exploiting-xxe-via-image-file-upload-2024-e2840c3b85f3?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, careers, hacking, penetration-testing | 04-Mar-2024 |
Simple vulnerability in a Cyber Security conference | https://medium.com/@jsamia/simple-vulnerability-in-a-cyber-security-conference-c06a53c6e4b7?source=rss------bug_bounty-5 | Jaeden Samia | security, ethical-hacking, bugs, bug-bounty | 04-Mar-2024 |
The Ethics of Bug Bounties: Balancing Incentives and Security | https://medium.com/@securelearn/the-ethics-of-bug-bounties-balancing-incentives-and-security-7501a4aaa246?source=rss------bug_bounty-5 | Rohan Giri | bug-fixes, bug-bounty-tips, ethical-hacking, cybersecurity, bug-bounty | 03-Mar-2024 |
Recently Discovered Several Bugs in a Private Program | https://zapstiko.medium.com/recently-discovered-several-bugs-in-a-private-program-8dc900bf6fe9?source=rss------bug_bounty-5 | Raihan Biswas | bug-bounty, bugs, idor-vulnerability, information-disclosure, bug-bounty-tips | 03-Mar-2024 |
Google Dorking aka “Google Hacking” | https://medium.com/@dasmanish6176/google-dorking-aka-google-hacking-49fb5a511345?source=rss------bug_bounty-5 | Dasmanish | google-dork, google-hacking, penetration-testing, bug-bounty | 03-Mar-2024 |
PHP Session Poisoning using LFI. | https://medium.com/@YNS21/php-session-poisoning-using-lfi-36d7df012777?source=rss------bug_bounty-5 | Youness Abbida | hackerone, bug-bounty, bugcrowd, php, vulnerability | 03-Mar-2024 |
Discovered potential SQL injection through parameter testing | https://medium.com/@pankajnandkar/discovered-potential-sql-injection-through-parameter-testing-0be4364d9b7a?source=rss------bug_bounty-5 | Pankaj Nandkar | bug-bounty-tips, ethical-hacking, sql-injection, bug-bounty, cybersecurity | 03-Mar-2024 |
11.7 Lab: Exploiting XInclude to retrieve files | 2024 | https://cyberw1ng.medium.com/11-7-lab-exploiting-xinclude-to-retrieve-files-2024-2f7751d777fa?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, careers, hacking, cybersecurity | 03-Mar-2024 |
Sneak Peek: Mastering Blind SQL Injection with SQLMap and Manual Techniques (CVE-2023–6063) | https://medium.com/@josh.beck2006/sneak-peek-mastering-blind-sql-injection-with-sqlmap-and-manual-techniques-cve-2023-6063-af904f61f822?source=rss------bug_bounty-5 | Josh Beck | penetration-testing, cybersecurity, bug-bounty, oscp | 03-Mar-2024 |
Magic Links as Gateways Account Takeovers | https://sl4x0.medium.com/magic-links-as-gateways-account-takeovers-e9c911ceb6f9?source=rss------bug_bounty-5 | Abdelrhman Allam (sl4x0) | magic-link, account-takeover, bug-bounty, web-security, pentesting | 03-Mar-2024 |
HBO BUB in production. Can’t UNsubscribe | https://medium.com/@shanlogauthier/hbo-bub-in-production-cant-unsubscribe-b0b3982d2292?source=rss------bug_bounty-5 | Shanlogauthier | bug-bounty, max, hbo-max, hbo, bugs | 03-Mar-2024 |
Exploiting Grafana To achieve Remote Command Execution | https://medium.com/@konqi/exploiting-grafana-to-achieve-remote-command-execution-5eb0f99cb107?source=rss------bug_bounty-5 | Vahagn Israelian | hacking, bug-bounty, vulnerability, penetration-testing, grafana | 02-Mar-2024 |
the Power of Twitter OSINT | https://medium.com/@paritoshblogs/the-power-of-twitter-osint-059cfaa3b0e2?source=rss------bug_bounty-5 | Paritosh | twitter, cybersecurity, bug-bounty, threat-intelligence, hacking | 02-Mar-2024 |
https://medium.com/@morganbinbash/-46d5d16114c8?source=rss------bug_bounty-5 | Morgan Bin Bash | frontend, cybersecurity, bug-bounty, pentesting | 02-Mar-2024 | |
the Power of Twitter OSINT | https://infosecwriteups.com/the-power-of-twitter-osint-059cfaa3b0e2?source=rss------bug_bounty-5 | Paritosh | twitter, cybersecurity, bug-bounty, threat-intelligence, hacking | 02-Mar-2024 |
My first IDOR hunting story | https://medium.com/@loverslandgandhi/my-first-idor-hunting-story-42c71fbe06dc?source=rss------bug_bounty-5 | Loverslandgandhi | ethical-hacking, bug-bounty-hunter, bug-bounty-tips, cybersecurity, bug-bounty | 02-Mar-2024 |
How I Got Highly Sensetive Api Keys On A Private Hackerone Program | https://medium.com/@mrraghavop12/how-i-got-highly-sensetive-api-keys-on-a-private-hackerone-program-b40c6de80708?source=rss------bug_bounty-5 | Ethical Raghav | cybersecurity, data-science, bug-bounty, technology, web-development | 02-Mar-2024 |
Unveiling the Secrets: SSRF Adventures in Microsoft’s AI Playground | https://medium.com/@soufianehabti/unveiling-the-secrets-ssrf-adventures-in-microsofts-ai-playground-26c7872b32fc?source=rss------bug_bounty-5 | Soufiane Habti | bug-bounty, microsoft, security, ai, artificial-intelligence | 02-Mar-2024 |
Bypassing the Bluecoat Unified Agent | https://medium.com/@0xSphinx/bypassing-the-bluecoat-unified-agent-36ada54fe789?source=rss------bug_bounty-5 | 0xSphinx | hacking, penetration-testing, security, bug-bounty, cybersecurity | 02-Mar-2024 |
What is RedTeaming ? | https://aboutjbr.medium.com/what-is-redteaming-8699650f4265?source=rss------bug_bounty-5 | Jbr | ethical-hacking, bug-bounty, red-team, cybersecurity, hacking | 02-Mar-2024 |
bersecurity11.6 Lab: Exploiting blind XXE to retrieve data via error messages | 2024 | https://cyberw1ng.medium.com/bersecurity11-6-lab-exploiting-blind-xxe-to-retrieve-data-via-error-messages-2024-4b7f1340195a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, hacking, cybersecurity, careers | 02-Mar-2024 |
How to hack a LTE Router? Just text it! | https://medium.com/@mateusz-msl-lach/how-to-hack-a-lte-router-just-text-it-847f526c0a7f?source=rss------bug_bounty-5 | Mateusz Lach | xss-attack, cybersecurity, cve, bug-bounty, zte | 02-Mar-2024 |
My first IDOR hunting story | https://hackergandhi.medium.com/my-first-idor-hunting-story-42c71fbe06dc?source=rss------bug_bounty-5 | hackergandhi | ethical-hacking, bug-bounty-hunter, bug-bounty-tips, cybersecurity, bug-bounty | 02-Mar-2024 |
XML Injection: Deep Dive | https://cyberbull.medium.com/xml-injection-deep-dive-2e6e7132732d?source=rss------bug_bounty-5 | Aditya Pandey | xml, bug-fixes, injection, bug-bounty, cybersecurity | 01-Mar-2024 |
$600 Simple MFA Bypass — Graphql | https://securitycipher.medium.com/600-simple-mfa-bypass-graphql-b46c6a4c5b82?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | security, cybersecurity, bug-bounty, technology, hacking | 01-Mar-2024 |
XSS : A Fight With The WAF | https://medium.com/@itsmeliodas/xss-a-fight-with-the-waf-a08a4fc6012c?source=rss------bug_bounty-5 | Meliodas | cybersecurity, xss-attack, bug-bounty | 01-Mar-2024 |
Understanding Cybersecurity: Safeguarding the Digital Realm | https://medium.com/@thirdeye1910/understanding-cybersecurity-safeguarding-the-digital-realm-8b36c55bec61?source=rss------bug_bounty-5 | Rajib Hassen | bug-bounty, ethereum, cyberattack, cybersecurity | 01-Mar-2024 |
11.5 Lab: Exploiting blind XXE to exfiltrate data using a malicious external DTD | 2024 | https://infosecwriteups.com/11-5-lab-exploiting-blind-xxe-to-exfiltrate-data-using-a-malicious-external-dtd-2024-a0cc2615cd5e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, cybersecurity, hacking, security | 01-Mar-2024 |
Retrieving SUI Wallet Passphrase and Private Key without Password | https://medium.com/@mgthuramoemyint/retrieving-sui-wallet-passphrase-and-private-key-without-password-8c7ae9d30033?source=rss------bug_bounty-5 | Thura Moe Myint | bug-bounty, security | 01-Mar-2024 |
Medium Bug Bounty on Hacker One — Broken Link | https://medium.com/bugs-that-bite/medium-bug-bounty-on-hacker-one-broken-link-b121c8896843?source=rss------bug_bounty-5 | Teri Radichel | security, bug-bounty, bugs, medium, hackerone | 29-Feb-2024 |
Critical vulnerability in Flask AppBuilder — CVE-2024–25128 | https://systemweakness.com/critical-vulnerability-in-flask-appbuilder-cve-2024-25128-a8693fb31d86?source=rss------bug_bounty-5 | ElNiak | vulnerability, cybersecurity, flask, bug-bounty, python | 29-Feb-2024 |
Version disclosure in headers and response : Security threat | https://medium.com/@zakeeandroid/version-disclosure-in-headers-and-response-security-threat-0b4e86272018?source=rss------bug_bounty-5 | Mohamed Zakee | application-security, bug-bounty, cybersecurity | 29-Feb-2024 |
Stored XSS on Bug Bounty Program | https://medium.com/@bry4nzheng/stored-xss-on-bug-bounty-program-092d6c262c1b?source=rss------bug_bounty-5 | Bryan Zheng | penetration-testing, cybersecurity, bug-bounty | 29-Feb-2024 |
Simple Tips for Bug Bounty Beginners: Finding API Key Leakage Vulnerabilities | https://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-api-key-leakage-vulnerabilities-eddc416216ce?source=rss------bug_bounty-5 | Anish Narayan | bug-bounty-writeup, secure-api-key, bug-bounty-tips, bug-bounty-hunting, bug-bounty | 29-Feb-2024 |
How to Excel at CTF Games with Linux Command Line Tools | https://dpericich.medium.com/how-to-excel-at-ctf-games-with-linux-command-line-tools-a68fba09cbfa?source=rss------bug_bounty-5 | Daniel Pericich | cybersecurity, linux, terminal, bug-bounty, software-engineering | 29-Feb-2024 |
How do I found Blind SSRF on a Hackerone Program | https://codingninjablogs.tech/how-do-i-found-blind-ssrf-on-a-hackerone-program-3f7c315c20c9?source=rss------bug_bounty-5 | #!/Subhankar | cve, hacking, bug-bounty, ssrf, hackerone | 29-Feb-2024 |
Horizontal Privilege Escalation Leads to Bounty | https://medium.com/@hellother18/horizontal-privilege-escalation-leads-to-bounty-f87aebbed8ab?source=rss------bug_bounty-5 | Manthan_ mahale | bugbounty-tips, hackerone, bounty-program, privilege-escalation, bug-bounty | 29-Feb-2024 |
11.4 Lab: Blind XXE with out-of-band interaction via XML parameter entities | 2024 | https://infosecwriteups.com/11-4-lab-blind-xxe-with-out-of-band-interaction-via-xml-parameter-entities-2024-14fbb40ba2f0?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, penetration-testing, cybersecurity, hacking | 29-Feb-2024 |
SQL Injection: Beyond ‘OR 1=1’. An iCSI CTF | https://medium.com/@josh.beck2006/sql-injection-beyond-or-1-1-an-icsi-ctf-b468b1dfa851?source=rss------bug_bounty-5 | Josh Beck | cybersecurity, oscp, bug-bounty, ctf-writeup | 29-Feb-2024 |
Authentication Bypass Using Response Manipulation | https://medium.com/@kundanp70559361/authentication-bypass-using-response-manipulation-c95969e787a8?source=rss------bug_bounty-5 | kundan prasad | science, cyber-security-awareness, hacking, bug-bounty, cybersecurity | 29-Feb-2024 |
Maximizing Bug Bounty Earnings with Burp Suite: Essential Tools and Plugins. | https://medium.com/@montymahapatra79/maximizing-bug-bounty-earnings-with-burp-suite-essential-tools-and-plugins-84468c5d969d?source=rss------bug_bounty-5 | Montymahapatra | burpsuite-profissional, burpsuite, bug-bounty, burpsuite-extension, bug-bounty-tips | 29-Feb-2024 |
First Bug Bounty | https://medium.com/@tom.sh/first-bug-bounty-ba6088fc2615?source=rss------bug_bounty-5 | Tom | cybersecurity, bugcrowd, hackerone, bug-bounty, hacking | 29-Feb-2024 |
How to find your first XSS vulnerability!!! | https://medium.com/@basti_Sec/how-to-find-your-first-xss-vulnerability-a35cb69b2f56?source=rss------bug_bounty-5 | Basti_Sec | bug-bounty-hunter, xss-vulnerability, hacking, bug-bounty, xss-attack | 29-Feb-2024 |
The Reality of Cloud Hacking | https://medium.com/@paritoshblogs/the-reality-of-cloud-hacking-8a061059dfcc?source=rss------bug_bounty-5 | Paritosh | cybersecurity, bug-bounty, cloud-computing, cloud-hacking, hacking | 28-Feb-2024 |
Email verification bypass leads to create unlimited user accounts with what ever email id | https://medium.com/@Rahulkrishnan_R_Panicker/email-verification-bypass-leads-to-create-unlimited-user-accounts-with-what-ever-email-id-68a2069185e4?source=rss------bug_bounty-5 | Rahulkrishnan R Panicker | technology, cybersecurity, hacking, bug-bounty, programming | 28-Feb-2024 |
symfony profiler kritik təhlükəsizlik açığı $$$ | https://memmedrehimzade.medium.com/symfony-profiler-kritik-t%C9%99hl%C3%BCk%C9%99sizlik-a%C3%A7%C4%B1%C4%9F%C4%B1-622ae6495fef?source=rss------bug_bounty-5 | memmed rehimzade | kibertəhlükəsizlik, bug-bounty, cybertime | 28-Feb-2024 |
Microsoft Azure Cloud Service’s uAMQP Library Flaw and Its Potential for RCE — CVE-2024–27099… | https://medium.com/@elniak/microsoft-azure-cloud-services-uamqp-library-flaw-and-its-potential-for-rce-cve-2024-27099-3d717cdb45f3?source=rss------bug_bounty-5 | ElNiak | vulnerability, bug-bounty, cloud, azure, cybersecurity | 28-Feb-2024 |
https://medium.com/@morganbinbash/-af057d8d6788?source=rss------bug_bounty-5 | Morgan Bin Bash | cybersecurity, pentesting, bug-bounty | 28-Feb-2024 | |
Revolutionize Your Bug Hunting: Jam.dev Turbocharges Bug Reporting | https://medium.com/@merisstupar11/revolutionize-your-bug-hunting-jam-dev-turbocharges-bug-reporting-2df14351766f?source=rss------bug_bounty-5 | Meris Stupar | bug-bounty, programming, testing, software-engineering, github | 28-Feb-2024 |
How do I automate my recon — Part Two | https://medium.com/@aliraah/how-do-i-automate-my-recon-part-two-b39a66b4c23d?source=rss------bug_bounty-5 | Aliraah | python, bug-bounty, automation, infosec, reconnaissance | 28-Feb-2024 |
Pre-Account Takeover Leading To Broken Access Control | https://medium.com/@bcarikci-dev/pre-account-takeover-leading-to-broken-access-control-13916ca02483?source=rss------bug_bounty-5 | Berkay Çarıkçıoğlu | broken-access-control, bug-bounty, cybersecurity, hacking, penetration-testing | 28-Feb-2024 |
cybers11.3 Lab: Blind XXE with out-of-band interaction | 2024 | https://infosecwriteups.com/cybers11-3-lab-blind-xxe-with-out-of-band-interaction-2024-9f2f5caf98ad?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, cybersecurity, penetration-testing, hacking | 28-Feb-2024 |
[TOOL GUIDE] Bypass-http a python tool to find 403 & 401 bypass | https://medium.com/@reinhardt.pwn/tool-guide-bypass-http-a-python-tool-to-find-403-401-bypass-b46ff0bd6978?source=rss------bug_bounty-5 | |Reinhardt| | cybersecurity-tools, cybersecurity, pentest, bug-bounty | 28-Feb-2024 |
Yerel bir DTD’yi yeniden kullanarak kör XXE’den yararlanma | https://medium.com/@hhuseyinuyar17/yerel-bir-dtdyi-yeniden-kullanarak-k%C3%B6r-xxe-den-yararlanma-f999fbbfdd0a?source=rss------bug_bounty-5 | Hhuseyinuyar | xml, burpsuite, injection, bug-bounty, xxe | 28-Feb-2024 |
how i make 6,000$ with jwt manipulation on web3 crypto application ? | https://medium.com/@zack0x01_/how-i-make-6-000-with-jwt-manipulation-on-web3-crypto-application-1e659c927647?source=rss------bug_bounty-5 | zack0x01 | bug-bounty-program, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 28-Feb-2024 |
Hack Stories: Hacking Hackers EP:2 | https://infosecwriteups.com/hack-stories-hacking-hackers-ep-2-b4d2e628781e?source=rss------bug_bounty-5 | c0d3x27 | cybersecurity, threat-intelligence, hacking, software-development, bug-bounty | 28-Feb-2024 |
First bug and bounty | https://medium.com/@Rahulkrishnan_R_Panicker/first-bug-and-bounty-5612ba5d455e?source=rss------bug_bounty-5 | Rahulkrishnan R Panicker | info-sec-writeups, bug-bounty, programming, technology, infosec | 27-Feb-2024 |
Jenkins Arbitrary File Reading Vulnerability (CVE-2024–23897) — Bug Bounty Tuesday | https://medium.com/@kerstan/jenkins-arbitrary-file-reading-vulnerability-cve-2024-23897-bug-bounty-tuesday-8e3a69443d9b?source=rss------bug_bounty-5 | kerstan | technology, bug-bounty, security, cybersecurity, programming | 27-Feb-2024 |
Bug Bounty should be a goto solution for your web3 security needs | https://securrtech.medium.com/bug-bounty-should-be-a-goto-solution-for-your-web3-security-needs-46b0f07b1a96?source=rss------bug_bounty-5 | Securr | web3-security, bug-bounty, web3 | 27-Feb-2024 |
Leak JWT Private Key leads to Bypass Authentication | https://sonnguy3n.medium.com/leak-jwt-private-key-leads-to-bypass-authentication-e0bd984f55ad?source=rss------bug_bounty-5 | Son Nguyen | security, bypass, bug-bounty, jwt-token | 27-Feb-2024 |
Finding and exploiting blind XXE vulnerabilities | https://cyberw1ng.medium.com/finding-and-exploiting-blind-xxe-vulnerabilities-446f1f41eab9?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, penetration-testing, careers, bug-bounty | 27-Feb-2024 |
Reconnaissance: A Google-Dorking Affair | https://medium.com/@kieran.x.willey/reconnaissance-a-google-dorking-affair-21edfb4e3b0f?source=rss------bug_bounty-5 | Kieran W | penetration-testing, bug-bounty, reconnaissance, hacking, google-dorking | 27-Feb-2024 |
How do you know if someone has opened your email or not? | https://medium.com/@deadoverflow/how-do-you-know-if-someone-has-opened-your-email-or-not-c5bcefda3a89?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty, chrome-extension, hacking, programming, cybersecurity | 27-Feb-2024 |
Read This If You Still Watch Porn in Google Incognito Mode ⚫ | https://medium.com/@Ajakcybersecurity/read-this-if-you-still-watch-porn-in-google-incognito-mode-ab4a5faa1dcc?source=rss------bug_bounty-5 | AjakCybersecurity | google, history, ethical-hacking, bug-bounty, cybersecurity | 27-Feb-2024 |
CVE-2023–40000: How Safe Is Your Internet Box? ️ | https://medium.com/coded-tech-talk/cve-2023-40000-how-safe-is-your-internet-box-%EF%B8%8F-06ff1f872f7b?source=rss------bug_bounty-5 | Coded Conversations | cyber-security-awareness, cve, vulnerability, cybersecurity, bug-bounty | 27-Feb-2024 |
The Exploitation of Massive Slack Workspaces Registration Vulnerability | https://medium.com/@siratsami71/the-exploitation-of-massive-slack-workspaces-registration-vulnerability-0c0e76e5cd3e?source=rss------bug_bounty-5 | Sirat Sami (analyz3r) | bug-bounty, cybersecurity, hackerone | 27-Feb-2024 |
Major Security Flaw in ConnectWise ScreenConnect — CVE-2024–1709 | https://medium.com/@elniak/major-security-flaw-in-connectwise-screenconnect-cve-2024-1709-633015ba2b9f?source=rss------bug_bounty-5 | ElNiak | cve, cybersecurity, ransomware, bug-bounty, penetration-testing | 26-Feb-2024 |
Pwn College — Talking to Web Walkthrough by Karthikeyan Nagaraj | https://infosecwriteups.com/pwn-college-talking-to-web-walkthrough-by-karthikeyan-nagaraj-48d13b3a1216?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, hacking, security, careers | 26-Feb-2024 |
This is How I Received My Acknowledgement from Microsoft | https://medium.com/@kamilrahman32/this-is-how-i-received-my-acknowledgement-from-microsoft-2366b58cbd98?source=rss------bug_bounty-5 | Kamil Rahuman | microsoft, cybersecurity, hall-of-fame, bug-bounty, bug-bounty-tips | 26-Feb-2024 |
Hunting for Hidden Parameters in Burp Suite | https://medium.com/mii-cybersec/hunting-for-hidden-parameters-in-burp-suite-98b54616f863?source=rss------bug_bounty-5 | Bryan Matthew | hidden-parameters, bug-bounty, burpsuite, red-team, owasp | 26-Feb-2024 |
Lakshya CTF 2k24 by pict cyber cell | https://medium.com/@suyogpatil1810/lakshya-ctf-2k24-by-pict-cyber-cell-6ec37ec0b954?source=rss------bug_bounty-5 | Suyog Patil | ctf-writeup, bug-bounty, ctf, engineering, hacking | 26-Feb-2024 |
How I Found Xss In A Inactive Hackerone Program With My Mobile | https://medium.com/@mrraghavop12/how-i-found-xss-in-a-inactive-hackerone-program-34464552256e?source=rss------bug_bounty-5 | Ethical Raghav | bug-bounty-tips, technology, blockchain, bug-bounty, cybersecurity | 26-Feb-2024 |
Glider: Revolutionizing Web3 Auditing and Security Analysis | https://medium.com/coinmonks/glider-revolutionizing-web3-auditing-and-security-analysis-3a3ad6add87d?source=rss------bug_bounty-5 | Officer's Notes | bug-bounty, solidity, smart-contracts, dapps, blockchain | 26-Feb-2024 |
Hacking Android Apps With Frida | https://blog.prodefense.io/hacking-android-apps-with-frida-f4b9121228b6?source=rss------bug_bounty-5 | Matthew Keeley | security, pentesting, bug-bounty, android, hacking | 26-Feb-2024 |
Html-Injection [ Bug Bounty ] | https://medium.com/@rhashibur75/html-injection-bug-bounty-a41f87217118?source=rss------bug_bounty-5 | Kazi Hashibur Rahman | bug-bounty | 25-Feb-2024 |
Create Your Own File Extension | https://medium.com/@paritoshblogs/create-your-own-file-extension-fa484c677590?source=rss------bug_bounty-5 | Paritosh | coding, file-extension, bug-bounty, programming, information-technology | 25-Feb-2024 |
Business Logic Error in the Comment Section of a Porn site | https://medium.com/@vflexo/business-logic-error-in-the-comment-section-of-a-porn-site-42643f66dfee?source=rss------bug_bounty-5 | vFlexo | vapt, cybersecurity, ethical-hacking, bug-bounty, penetration-testing | 25-Feb-2024 |
CRLF injection | https://medium.com/@R00tendo/crlf-injection-ae26521c5e4c?source=rss------bug_bounty-5 | R00tendo | web-application-security, bug-bounty, web-security, crlf-injection | 25-Feb-2024 |
The Story of How I Hacked a Website with a Simple Stored XSS Payload (And How Bugcrowd Turned Me… | https://medium.com/@iamrizwanvp/the-story-of-how-i-hacked-a-website-with-a-simple-stored-xss-payload-and-how-bugcrowd-turned-me-63773d5906ff?source=rss------bug_bounty-5 | RIZWAN | bug-bounty-tips, cybersecurity, bug-bounty, penetration-testing, vulnerability | 25-Feb-2024 |
I took over 10 Million Accounts, Easy API Hacking | https://infosecwriteups.com/i-took-over-10-million-accounts-easy-api-hacking-89a7092abe40?source=rss------bug_bounty-5 | Ravaan | bug-bounty, bug-bounty-writeup, api, hacking, cybersecurity | 25-Feb-2024 |
Beyond the Wall: Bypassing OTP, WAF, and 403 for exploiting a SQL Injection | https://medium.com/@remmy9/beyond-the-wall-bypassing-otp-waf-and-403-for-exploiting-a-sql-injection-97f06a3527c0?source=rss------bug_bounty-5 | Remmy | hacking, 403-bypass, bug-bounty, waf-bypass, sql-injection | 25-Feb-2024 |
10.5 Lab: Blind SSRF with out-of-band detection | 2024 | https://cyberw1ng.medium.com/10-5-lab-blind-ssrf-with-out-of-band-detection-2024-2497bcf7859c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, bug-bounty, security, careers | 25-Feb-2024 |
The Aspida Bug Bounty Program | https://medium.com/@aspidabd/the-aspida-bug-bounty-program-84e4495955c1?source=rss------bug_bounty-5 | Aspida | lsd, lsdfi, blockchain, staking, bug-bounty | 24-Feb-2024 |
Best Approach to active Directory: 2 | https://medium.com/@anekantsinghai/best-approach-to-active-directory-2-b32a8bb2be7e?source=rss------bug_bounty-5 | Anekant Singhai Jain | penetration-testing, windows, bug-bounty, cybersecurity, active-directory | 24-Feb-2024 |
Explaining and exploiting open redirect vulnerabilities | https://medium.com/@R00tendo/explaining-and-exploiting-open-redirect-vulnerabilities-67dd825e2c49?source=rss------bug_bounty-5 | R00tendo | open-redirect, web-security, bug-bounty, web-application-security, web-hacking | 24-Feb-2024 |
How I Got $5,000 for Out-of-Scope XSS | https://7odamoo.medium.com/how-i-got-5-000-for-out-of-scope-xss-f96938a8c561?source=rss------bug_bounty-5 | Mahmoud Hamed (7odamoo) | bug-bounty-tips, bug-bounty, pentesting | 24-Feb-2024 |
Ethernaut Challenge Level 16: Solution (Preservation) | https://shubhamnagar1.medium.com/ethernaut-challenge-level-16-solution-preservation-4403230b469c?source=rss------bug_bounty-5 | Shubham Nagar | solidity, blockchain, cybersecurity, bug-bounty, ethernaut | 24-Feb-2024 |
Bypass Rate Limits on authentication endpoints like a pro………! | https://medium.com/@a13h1/bypass-rate-limits-on-authentication-endpoints-like-a-pro-2054460a43c0?source=rss------bug_bounty-5 | Abhi Sharma | programming, rate-limiting, api, cybersecurity, bug-bounty | 24-Feb-2024 |
10.4 Lab: SSRF with filter bypass via open redirection vulnerability | 2024 | https://cyberw1ng.medium.com/10-4-lab-ssrf-with-filter-bypass-via-open-redirection-vulnerability-2024-fa36d8f10968?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, security, bug-bounty, hacking | 24-Feb-2024 |
How i was able to hack over 10 million websites using BAC : broken access controle . | https://medium.com/@zack0x01_/how-i-was-able-to-hack-over-10-million-websites-using-bac-broken-access-controle-ce6b704e3dcb?source=rss------bug_bounty-5 | zack0x01 | hacking-training, bug-bounty-tips, bug-bounty, bug-bounty-writeup, hacking | 23-Feb-2024 |
How Automation Detected Default Admin Credential Worth $500 | https://vijetareigns.medium.com/how-automation-detected-default-admin-credential-worth-500-d6c09719d307?source=rss------bug_bounty-5 | the_unlucky_guy | bug-bounty-tips, bug-bounty-writeup, bug-bounty, bugbounty-writeup, cybersecurity | 23-Feb-2024 |
Shodan - “Unauthorized access to setup panel” | https://medium.com/@bug.hun3r/shodan-power-unauthorized-access-to-setup-panel-c64bd63f9b3e?source=rss------bug_bounty-5 | mo9kHu93r | hacking, web-application-security, bug-hunting, cybersecurity, bug-bounty | 23-Feb-2024 |
10.3 Lab: SSRF with blacklist-based input filter | 2024 | https://cyberw1ng.medium.com/10-3-lab-ssrf-with-blacklist-based-input-filter-2024-9a7972ab7e8f?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, security, careers, hacking, bug-bounty | 23-Feb-2024 |
From CRLF Injection to XSS: Elevating the Stakes in Apple iTunes Security | https://xelkomy.medium.com/from-crlf-injection-to-xss-elevating-the-stakes-in-apple-itunes-security-597dc435fd82?source=rss------bug_bounty-5 | Khaled Mohamed | crlf, infosec, bug-bounty, penetration-testing, xs | 23-Feb-2024 |
Unveiling Bug Bounties: Balancing the Scale of Application Security | https://sushantkatare.medium.com/unveiling-bug-bounties-balancing-the-scale-of-application-security-be5645395101?source=rss------bug_bounty-5 | Sushant Katare, CISSP | bug-bounty, vulnerability, bugs | 23-Feb-2024 |
Hacking Web Meeting/Webinar App | https://ronak-9889.medium.com/hacking-web-meeting-webinar-app-1cb31c648752?source=rss------bug_bounty-5 | Ronak Patel | information-security, ethical-hacking, cybersecurity, bug-bounty | 23-Feb-2024 |
A Pen worth 80K (BBP#2) | https://infosecwriteups.com/a-pen-worth-80k-bbp-2-dceb0db18366?source=rss------bug_bounty-5 | Devender Rao | penetration-testing, cybersecurity, bug-bounty, application-security, linux | 23-Feb-2024 |
How I Got 1-Click ATO through self-XSS | https://medium.com/@0x3adly/how-i-was-able-to-get-1-click-ato-through-self-xss-6a6f59b3a6da?source=rss------bug_bounty-5 | Anas Eladly ( 0x3adly ) | bug-bounty, csrf, penetration-testing, cross-site-scripting, bug-bounty-tips | 22-Feb-2024 |
Disclose assigned apps of any facebook user | https://gtm0x01.medium.com/disclose-assigned-apps-of-any-facebook-user-e78bcff1de71?source=rss------bug_bounty-5 | Gtm Mänôz | bug-bounty, graphql, facebook-bug-bounty, bug-bounty-writeup, infosec | 22-Feb-2024 |
IDOR: The Simple Switch | https://medium.com/@ganga_/idor-the-simple-switch-19d881358552?source=rss------bug_bounty-5 | Ganga | ethical-hacking, bug-bounty-writeup, bug-bounty, web-application-security, penetration-testing | 22-Feb-2024 |
How To Report a Vulnerability which is not a part of the VDP Program? | https://medium.com/@Ajakcybersecurity/how-to-report-a-vulnerability-which-is-not-a-part-of-the-vdp-program-b7b951795c45?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, penetration-testing, bug-bounty, hacking, blog | 22-Feb-2024 |
HTTP-Only Sessions: No Problem? ATO Still Lurks via XSS! | https://kokomagedd.medium.com/http-only-sessions-no-problem-ato-still-lurks-via-xss-d415dec701d0?source=rss------bug_bounty-5 | Kyrillos Maged | bug-bounty, bug-bounty-tips, xss-attack, cybersecurity, infosec | 22-Feb-2024 |
Mastering BetterCap: A Beginner’s Guide to Network Attacks and Monitoring | https://infosecwriteups.com/mastering-bettercap-a-beginners-guide-to-network-attacks-and-monitoring-b313c1f85489?source=rss------bug_bounty-5 | ElNiak | bug-bounty, cybersecurity, reconnaissance, network-security, bettercap | 22-Feb-2024 |
Exploiting XSS to Perform CSRF | https://medium.com/@marduk.i.am/exploiting-xss-to-perform-csrf-275288910459?source=rss------bug_bounty-5 | Marduk I Am | stored-xss, cybersecurity, bug-bounty, portswigger-lab, cross-site-scripting | 22-Feb-2024 |
How I logged into user accounts with no information | https://medium.com/@jsamia/how-i-logged-into-user-accounts-with-no-information-629f50e8885d?source=rss------bug_bounty-5 | Jaeden Samia | security, ethical-hacking, bug-bounty | 22-Feb-2024 |
Using Wayback And DNS rebinding For SSRF | https://medium.com/@amnotacat/using-wayback-and-dns-rebinding-for-ssrf-a5a16f611acc?source=rss------bug_bounty-5 | amnotacat | bug-bounty | 22-Feb-2024 |
Exploit Development: Classic Buffer Overflows | https://medium.com/@boogsta/exploit-development-classic-buffer-overflows-0416a7ed1d9a?source=rss------bug_bounty-5 | Boogsta | cyber, hacking, bug-bounty, tryhackme, cybersecurity | 22-Feb-2024 |
Hack The Box Certified Bug Bounty Hunter (CBBH) Review | https://medium.com/@josselin_poupeney/hack-the-box-certified-bug-bounty-hunter-cbbh-review-f25796cb22ee?source=rss------bug_bounty-5 | Josselin Poupeney | bug-bounty, pentesting, hackin, cbbh, hackthebox | 22-Feb-2024 |
How Bug Bounties Are Incentivising Ethical Hacking | https://medium.com/@cybertec/how-bug-bounties-are-incentivising-ethical-hacking-1fa49410e0aa?source=rss------bug_bounty-5 | Jonathan Paulson | bug-bounty, hacking, cybercrime, cybersecurity, quantum-computing | 22-Feb-2024 |
Absolute Beginners Guide For Finding P4 Bugs (With Real Example!)-Part 2 | https://medium.com/@avbhijitdutta99/absolute-beginners-guide-for-finding-p4-bugs-with-real-example-part-2-c4a9d9c7af43?source=rss------bug_bounty-5 | Cyberbeat | bugs, cybersecurity, cyberattack, bug-bounty, bug-bounty-tips | 21-Feb-2024 |
10 Kesalahan Coding Yang Membuat Aplikasi Kurang Aman | https://medium.com/@yasminramadini/10-kesalahan-coding-yang-membuat-aplikasi-kurang-aman-77da9d768594?source=rss------bug_bounty-5 | Yasmin Ramadini | programming, cybersecurity, cyber-security-awareness, coding, bug-bounty | 21-Feb-2024 |
Understanding Wazuh | https://medium.com/@paritoshblogs/understanding-wazuh-b4748d21c6ba?source=rss------bug_bounty-5 | Paritosh | threat-detection, siem, cybersecurity, bug-bounty, wazuh | 21-Feb-2024 |
Bug bounty writeup : 2F/OTP Bypass on Registeration via Response manipulation | https://noorhomaid.medium.com/bug-bounty-writeup-2f-otp-bypass-on-registeration-via-response-manipulation-2e53573ffa4c?source=rss------bug_bounty-5 | NoorHomaid | bug-bounty, ethical-hacking, bugbounty-writeup, cybersecurity | 21-Feb-2024 |
9.5 Lab: Exploiting time-sensitive vulnerabilities | 2024 | https://infosecwriteups.com/9-5-lab-exploiting-time-sensitive-vulnerabilities-2024-d5bf94cdcf59?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, security, hacking, cybersecurity | 21-Feb-2024 |
Critical Vulnerabilities in VMware EAP Uncovered — Unraveling CVE-2024–22245 | https://medium.com/@elniak/critical-vulnerabilities-in-vmware-eap-uncovered-unraveling-cve-2024-22245-08746ff09907?source=rss------bug_bounty-5 | ElNiak | vulnerability, programming, bug-bounty, vmware, cybersecurity | 21-Feb-2024 |
This is the easiest bug you can find right now. | https://medium.com/@an0nbil/this-is-the-easiest-bug-you-can-find-right-now-eb324861c238?source=rss------bug_bounty-5 | an0nbil | ethical-hacking, bug-bounty, programming, bug-bounty-tips, cybersecurity | 21-Feb-2024 |
Critical Vulnerabilities in VMware EAP Uncovered — Unraveling CVE-2024–22245 | https://systemweakness.com/critical-vulnerabilities-in-vmware-eap-uncovered-unraveling-cve-2024-22245-08746ff09907?source=rss------bug_bounty-5 | ElNiak | vulnerability, programming, bug-bounty, vmware, cybersecurity | 21-Feb-2024 |
9.4 Lab: Single-endpoint race conditions | 2024 | https://cyberw1ng.medium.com/9-4-lab-single-endpoint-race-conditions-2024-40b12d1ae4be?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, security, careers, cybersecurity, hacking | 20-Feb-2024 |
Apa Itu Cross Site Scripting? Jenis, Dampak, Dan Pencegahannya | https://medium.com/@yasminramadini/apa-itu-cross-site-scripting-jenis-dampak-dan-pencegahannya-e507eedb43f8?source=rss------bug_bounty-5 | Yasmin Ramadini | cybersecurity, xss-attack, pentesting, cyber-security-awareness, bug-bounty | 20-Feb-2024 |
My Unbelievable Hack into HR Admin — A Bug Bounty Tale!!! | https://medium.com/@ratnadip1998/my-unbelievable-hack-into-hr-admin-a-bug-bounty-tale-853338770d8c?source=rss------bug_bounty-5 | Ratnadip Gajbhiye | bugcrowd, ethical-hacking, bug-bounty, bug-bounty-tips, hackerone | 20-Feb-2024 |
Hou I Discovering the Origin IP In Bug Bounty — Bug Bounty Tuesday | https://medium.com/@kerstan/hou-i-discovering-the-origin-ip-in-bug-bounty-bug-bounty-tuesday-47fa16c4ef34?source=rss------bug_bounty-5 | kerstan | security, technology, bug-bounty, cybersecurity, programming | 20-Feb-2024 |
How I Discovering the Origin IP In Bug Bounty — Bug Bounty Tuesday | https://medium.com/@kerstan/hou-i-discovering-the-origin-ip-in-bug-bounty-bug-bounty-tuesday-47fa16c4ef34?source=rss------bug_bounty-5 | kerstan | security, technology, bug-bounty, cybersecurity, programming | 20-Feb-2024 |
Breach the Build: Exploiting Jenkins (CVE-2024–23897) | https://medium.com/@josh.beck2006/breach-the-build-exploiting-jenkins-cve-2024-23897-f2ecc415f9bf?source=rss------bug_bounty-5 | Josh Beck | oscp, cybersecurity, ctf-writeup, bug-bounty | 20-Feb-2024 |
How easy it is to find Private Info on Google | https://medium.com/@lochana8723/mastering-osint-gold-mines-a-guide-to-google-dorking-for-bug-bounty-success-e1f2acbbf4f2?source=rss------bug_bounty-5 | Lochana Dissanayake | cybersecurity, ethical-hacking, bug-bounty, osint | 20-Feb-2024 |
Response Manipulation leads to Bypassing the OTP email verification | https://kiraadx.medium.com/response-manipulation-leads-to-bypassing-the-otp-email-verification-3107d558e8a5?source=rss------bug_bounty-5 | KiRaaDx | bug-bounty-tips, bug-bounty | 20-Feb-2024 |
Day 14 Bug Bounty Challenge — Found $1000 Stored XSS | https://medium.com/@avbhijitdutta99/day-14-bug-bounty-challenge-found-1000-stored-xss-c0c9813bbe5a?source=rss------bug_bounty-5 | Abhijit Dutta | bug-bounty, bugbountychallenge, bug-bounty-tips, bug-bounty-writeup | 19-Feb-2024 |
9.3 Lab: Multi-endpoint race conditions | 2024 | https://cyberw1ng.medium.com/9-3-lab-multi-endpoint-race-conditions-2024-5617e806a0fc?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, security, bug-bounty, careers, hacking | 19-Feb-2024 |
HackTheBox — Monitored | https://medium.com/@mxzartxbyte/hackthebox-monitored-6cd7bc16f080?source=rss------bug_bounty-5 | mxz4rt | bug-bounty, penetration-testing, network-penetration, hackthebox-writeup, hack-the-box-writeup | 19-Feb-2024 |
The Ultimate Guide to Top Bug Bounty Platforms in 2024 | https://medium.com/@crawsecurity/the-ultimate-guide-to-top-bug-bounty-platforms-in-2024-6934a3db42d2?source=rss------bug_bounty-5 | crawsecurity | bugs, bug-fixes, bug-bounty-tips, bug-zero, bug-bounty | 19-Feb-2024 |
Unlocking Creativity: TCS HackQuest S8 Unveiled — Round 2 | https://medium.com/@Dark_D3v1l/unlocking-creativity-tcs-hackquest-s8-unveiled-round-2-a311e68becd4?source=rss------bug_bounty-5 | Raviteja | web-security, ctf-writeup, bug-bounty, reverse-engineering, tcs-hackquest | 19-Feb-2024 |
How to Find First Bug (For Beginners) | https://hackerhq.medium.com/how-to-find-first-bug-for-beginners-22a9177e94a0?source=rss------bug_bounty-5 | HackerHQ | cyber-security-awareness, bug-bounty-tips, cybersecurity, hackerone, bug-bounty | 19-Feb-2024 |
Android Architecture Components: Android Pentesting | https://bot2root.medium.com/android-architecture-components-android-pentesting-1279e35c2d32?source=rss------bug_bounty-5 | Raghuveer Singh Chouhan | pentesting, bug-bounty, hacking, cybersecurity, android | 19-Feb-2024 |
Searching industrial infrastructure with Netlas.io | https://netlas.medium.com/searching-industrial-infrastructure-with-netlas-io-49c08ca519a2?source=rss------bug_bounty-5 | Netlas.io | bug-bounty, critical-infrastructure, penetration-testing, cybersecurity, information-security | 19-Feb-2024 |
Absolute Beginners Guide For Finding P4 Bugs -Part 1 | https://medium.com/@avbhijitdutta99/absolute-beginners-guide-for-finding-p4-bugs-part-1-5585cc94ac8b?source=rss------bug_bounty-5 | Cyberbeat | bug-bounty-hunter, bug-bounty-tips, bug-bounty-program, bug-bounty | 19-Feb-2024 |
Dorking-Pentesting: Create Your Own Automated Pentesting Tools | https://medium.com/@elniak/dorking-pentesting-create-your-own-automated-pentesting-tools-11134114c2b7?source=rss------bug_bounty-5 | ElNiak | tools, bug-bounty, python, penetration-testing, google | 19-Feb-2024 |
Web Cache Poisoing leads to ATO (Account takeover) | https://medium.com/@hoosgamer/web-cache-poisoing-leads-to-ato-account-takeover-2522b4583a97?source=rss------bug_bounty-5 | HooS | hacking, bug-bounty-tips, bug-bounty, bug-bounty-writeup, web-security | 19-Feb-2024 |
Apa Itu Security Operation Center (SOC) | https://medium.com/@yasminramadini/apa-itu-security-operation-center-soc-345f56cd85f3?source=rss------bug_bounty-5 | Yasmin Ramadini | pentesting, bug-bounty, cybersecurity, soc-analyst, ethical-hacking | 18-Feb-2024 |
HackTheBox — SQLMap Essentials | https://medium.com/@harry.hphu/hackthebox-sqlmap-essentials-72eaa7a13596?source=rss------bug_bounty-5 | Huy Phu | web-application-security, bug-bounty, sql, hackthebox | 18-Feb-2024 |
Introduction to API Testing — API Discovery and Interaction | https://medium.com/@harry.hphu/introduction-to-api-testing-api-discovery-and-interaction-705248fc089e?source=rss------bug_bounty-5 | Huy Phu | api, bug-bounty, web-application-security, api-testing | 18-Feb-2024 |
Introduction to API Testing — Reconnaissance | https://medium.com/@harry.hphu/introduction-to-api-testing-reconnaissance-7b471f4f4e73?source=rss------bug_bounty-5 | Huy Phu | web-application-security, api-testing, api, bug-bounty | 18-Feb-2024 |
Easy automation of bug bounty using Ethred | https://medium.com/@eyaalgabay/automate-bug-bounty-using-ethred-de042fb19926?source=rss------bug_bounty-5 | Eyaalgabay | penetration-testing, bug-bounty, web-security, bugbounty-tips, hacking | 18-Feb-2024 |
My New Tool For Information Finding | https://medium.com/@mrraghavop12/my-new-tool-for-information-finding-92a205a6e305?source=rss------bug_bounty-5 | Ethical Raghav | data-science, bug-bounty-tips, programming, bug-bounty, technology | 18-Feb-2024 |
Introduction to API Testing — Server-Side Parameter Pollution | https://medium.com/@harry.hphu/introduction-to-api-testing-server-side-parameter-pollution-52dc5c170d19?source=rss------bug_bounty-5 | Huy Phu | web-application-security, api, api-testing, bug-bounty | 18-Feb-2024 |
Introduction to API Testing — Mass Assignment vulnerabilities | https://medium.com/@harry.hphu/introduction-to-api-testing-mass-assignment-vulnerabilities-1643f75d1d20?source=rss------bug_bounty-5 | Huy Phu | web-application-security, api-testing, api, bug-bounty | 18-Feb-2024 |
Exploiting Cross-Site Scripting to Capture Passwords | https://medium.com/@marduk.i.am/exploiting-cross-site-scripting-to-capture-passwords-b2cda84698b0?source=rss------bug_bounty-5 | Marduk I Am | cybersecurity, cross-site-scripting, portswigger-lab, bug-bounty, stored-xss | 18-Feb-2024 |
9.2 Lab: Bypassing rate limits via race conditions | 2024 | https://cyberw1ng.medium.com/9-2-lab-bypassing-rate-limits-via-race-conditions-2024-533185d6d94e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, cybersecurity, secuity, hacking | 18-Feb-2024 |
PortSwigger — LAB-6 Remote code execution via polyglot web shell upload (Bug Bounty Prep)[by… | https://infosecwriteups.com/portswigger-lab-6-remote-code-execution-via-polyglot-web-shell-upload-bug-bounty-prep-by-b426b0d50d39?source=rss------bug_bounty-5 | dollarboysushil | cybersecurity, ethical-hacking, portswigger, web-app-security, bug-bounty | 18-Feb-2024 |
Open a link, and your Wi-Fi password is changed. | https://medium.com/@deadoverflow/open-a-link-and-your-wi-fi-password-is-changed-7c47ccb4d095?source=rss------bug_bounty-5 | Imad Husanovic | hacking, cybersecurity, programming, bug-bounty, bug-bounty-tips | 18-Feb-2024 |
Detecting and exploiting limit overrun race conditions with Turbo Intruder | https://cyberw1ng.medium.com/detecting-and-exploiting-limit-overrun-race-conditions-with-turbo-intruder-424bed12f2cf?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, hacking, security, bug-bounty | 17-Feb-2024 |
0Day SQLi Discovered during internal PenTesting | https://medium.com/@SentinelXTeam/0day-sqli-discovered-during-internal-pentesting-0d00db3147c5?source=rss------bug_bounty-5 | SentinelX Research | bug-bounty, exploitation, cybersecurity, bug-bounty-tips, 0day | 17-Feb-2024 |
Mengintip database Website Bimbel di Indonesia | https://uzet.medium.com/mengintip-database-website-bimbel-di-indonesia-1d3620ce438d?source=rss------bug_bounty-5 | Timotius Benhur | pentesting, web-security, bug-bounty-tips, bug-bounty | 17-Feb-2024 |
How much longer must we dwell, with W-S-D-L? | https://medium.com/illumination/how-much-longer-must-we-dwell-with-w-s-d-l-789eb659b77a?source=rss------bug_bounty-5 | Quintius Walker | bug-bounty, poetry, web-development, creative-writing, hacking | 17-Feb-2024 |
PortSwigger — LAB -4 Web shell upload via extension blacklist bypass (Bug Bounty Prep)[by… | https://infosecwriteups.com/portswigger-lab-4-web-shell-upload-via-extension-blacklist-bypass-bug-bounty-prep-by-7c6233320f81?source=rss------bug_bounty-5 | dollarboysushil | web-app-security, portswigger, cybersecurity, bug-bounty, file-upload-vulnerability | 17-Feb-2024 |
weird bug using fake id via photoshop worth $*** | https://hamzadzworm.medium.com/weird-bug-using-fake-id-via-photoshop-worth-1fe5dbd04497?source=rss------bug_bounty-5 | Hamzadzworm | bugbounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips, infosec | 17-Feb-2024 |
PortSwigger — LAB-5 Web shell upload via obfuscated file extension (Bug Bounty Prep)[by… | https://dollarboysushil.medium.com/portswigger-lab-5-web-shell-upload-via-obfuscated-file-extension-bug-bounty-prep-by-5232dd3fb8fa?source=rss------bug_bounty-5 | dollarboysushil | portswigger, cybersecurity, bug-bounty, ethical-hacking, web-app-security | 17-Feb-2024 |
Harnessing Microsoft Copilot as a Cybersecurity Advisor | https://infosecwriteups.com/harnessing-microsoft-copilot-as-a-cybersecurity-advisor-518c46f697b3?source=rss------bug_bounty-5 | Paritosh | microsoft, cybersecurity, bug-bounty, information-security, microsoft-copilot | 17-Feb-2024 |
Demystifying HTTP Request Smuggling: Detection to Exploitation | https://roadtooscp.medium.com/demystifying-http-request-smuggling-detection-to-exploitation-d6bc7beed73e?source=rss------bug_bounty-5 | RoadToOSCP | bug-bounty, owasp, bug-bounty-tips, pentesting, ethical-hacking | 17-Feb-2024 |
GitHub Recon- For Finding Sensitive Information | https://medium.com/@pawan_rawat/github-recon-for-finding-sensitive-information-aecdeb9c9dce?source=rss------bug_bounty-5 | Pawanrawat | github-recon, bug-bounty-writeup, sensitive-data-exposure, bug-bounty-tips, bug-bounty | 17-Feb-2024 |
How do I automate my recon — Part One | https://medium.com/@aliraah/how-do-i-automate-my-recon-part-one-fd17dc8717c8?source=rss------bug_bounty-5 | Ali | python, reconnaissance, automation, bash, bug-bounty | 17-Feb-2024 |
The Unseen 0-Click Threat Lurking in Your Inbox: CVE-2024–21413 Explained | https://systemweakness.com/the-unseen-0-click-threat-lurking-in-your-inbox-cve-2024-21413-explained-a8bd9ec0c46d?source=rss------bug_bounty-5 | ElNiak | vulnerability, cybersecurity, microsoft-outlook, bug-bounty, rce | 17-Feb-2024 |
Hacking the Dutch Government | https://medium.com/@jackson_80133/hacking-the-dutch-government-153678a191c0?source=rss------bug_bounty-5 | Jackson | cybersecurity, hacking, bug-bounty | 17-Feb-2024 |
MonikerLink Meltdown: Demystifying CVE-2024–21413 and Dodging Outlook’s Booby Trap | https://medium.com/@chinamayjoshi/monikerlink-meltdown-demystifying-cve-2024-21413-and-dodging-outlooks-booby-trap-43ba52c4b458?source=rss------bug_bounty-5 | The Cyber Tornado | information-security, microsoft, vapt, cybersecurity, bug-bounty | 17-Feb-2024 |
The Importance of Sharing Cybersecurity Knowledge on Reading Platforms | https://medium.com/@paritoshblogs/the-importance-of-sharing-cybersecurity-knowledge-on-reading-platforms-34a474a51522?source=rss------bug_bounty-5 | Paritosh | information-security, infosec, hacking, cybersecurity, bug-bounty | 16-Feb-2024 |
Researcher’s Experience — Bug Bounty Program | https://medium.com/@_crac/researchers-experience-bug-bounty-program-7d588c363fa6?source=rss------bug_bounty-5 | CRAC Learning | bug-bounty, security, research, cybersecurity | 16-Feb-2024 |
GitHub Enterprise Server vulns | https://irsl.medium.com/github-enterprise-server-vulns-26889987919c?source=rss------bug_bounty-5 | Imre Rad | security, github, bug-bounty | 16-Feb-2024 |
Windows Defender SmartScreen Vulnerability: CVE-2024–21412 Exposes Financial Traders to… | https://systemweakness.com/windows-defender-smartscreen-vulnerability-cve-2024-21412-exposes-financial-traders-to-a03ff476a293?source=rss------bug_bounty-5 | ElNiak | windows, bug-bounty, cybersecurity, vulnerability, malware | 16-Feb-2024 |
Mastering Cross-Site Scripting (XSS): Risks, Detection, and Prevention | https://medium.com/@elniak/mastering-cross-site-scripting-xss-risks-detection-and-prevention-3cee199d2fff?source=rss------bug_bounty-5 | ElNiak | cybersecurity, xss-attack, bug-bounty, programming, xss-vulnerability | 16-Feb-2024 |
Mastering SQLMap: A Comprehensive Guide for Cybersecurity Enthusiasts | https://medium.com/@elniak/mastering-sqlmap-a-comprehensive-guide-for-cybersecurity-enthusiasts-4e224b42396a?source=rss------bug_bounty-5 | ElNiak | sqlmap, programming, cybersecurity, sql-injection, bug-bounty | 16-Feb-2024 |
Guide: ProjectDiscovery’s cvemap to nuclei template mapping. | https://medium.com/@matejsmycka/guide-projectdiscoverys-cvemap-to-nuclei-template-mapping-5535c2934811?source=rss------bug_bounty-5 | Matejsmycka | cybersecurity, bug-bounty, bash, penetration-testing | 16-Feb-2024 |
My First Account Takeover Via Password Reset Poisoning | https://medium.com/@cyberpro151/my-first-account-takeover-via-password-reset-poisoning-7c35baadfbe3?source=rss------bug_bounty-5 | cyberpro151 | web-hacking, bug-bounty, pentesting, account-takeover, offensive-security | 16-Feb-2024 |
Mastering Manual SQL Injection: A Comprehensive Guide for Cybersecurity Enthusiasts | https://systemweakness.com/mastering-manual-sql-injection-a-comprehensive-guide-for-cybersecurity-enthusiasts-4541d46b42a7?source=rss------bug_bounty-5 | ElNiak | sql-injection, cybersecurity, sql, programming, bug-bounty | 16-Feb-2024 |
The Posemesh Avalanche C-Chain Bug Bounty Program | https://medium.com/posemesh/the-posemesh-avalanche-c-chain-bug-bounty-program-b34c01da1277?source=rss------bug_bounty-5 | Auki Labs | bug-bounty, auki-labs, avalanche, posemesh, blockchain | 16-Feb-2024 |
Mastering CSRF: A Comprehensive Guide to Cross-Site Request Forgery | https://medium.com/@elniak/mastering-csrf-a-comprehensive-guide-to-cross-site-request-forgery-a380aca0eab0?source=rss------bug_bounty-5 | ElNiak | web-development, programming, csrf, cybersecurity, bug-bounty | 16-Feb-2024 |
8.6 Lab: Remote code execution via polyglot web shell upload | 2024 | https://cyberw1ng.medium.com/8-6-lab-remote-code-execution-via-polyglot-web-shell-upload-2024-5646ef951c0b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, security, careers, bug-bounty | 16-Feb-2024 |
how i made easy information disclosure bugs in graphql | https://medium.com/@eyaalgabay/how-i-made-easy-information-disclosure-bugs-in-graphql-82284b05d7b4?source=rss------bug_bounty-5 | Eyaalgabay | penetration-testing, bug-bounty, bug-bounty-tips, web-security, hacking | 16-Feb-2024 |
Bypassing Captcha | https://medium.com/@eyaalgabay/bypassing-captcha-29a77c768469?source=rss------bug_bounty-5 | Eyaalgabay | bug-bounty, web-security, penetration-testing, hacking, bug-bounty-tips | 15-Feb-2024 |
The Rise of Large Language Models and the Evolution of Programming: A Thesis on Prompt… | https://analystlevy.medium.com/the-rise-of-large-language-models-and-the-evolution-of-programming-a-thesis-on-prompt-3ab81578408a?source=rss------bug_bounty-5 | Asuquo Levy Eyo Jr | cybercrime, cryptography, bug-bounty, cyber-security-awareness, black-hat-2021 | 15-Feb-2024 |
The Game-Changing Magic of RCE [Cybersecurity] | https://medium.com/@paritoshblogs/the-game-changing-magic-of-rce-cybersecurity-6e1468425e06?source=rss------bug_bounty-5 | Paritosh | bug-bounty, hacking, cybersecurity, information-security, rce | 15-Feb-2024 |
Account Takeover [It Looked Secure at First] | https://cristivlad.medium.com/account-takeover-it-looked-secure-at-first-f14a31cb7f5c?source=rss------bug_bounty-5 | Cristi Vlad | cybersecurity, bug-bounty, penetration-testing, infosec, pentesting | 15-Feb-2024 |
Github Dorking: A Beginner’s Guide to Finding Secrets in Repositories | https://medium.com/@elniak/github-dorking-a-beginners-guide-to-finding-secrets-in-repositories-2d4d36287913?source=rss------bug_bounty-5 | ElNiak | threat-intelligence, github, cybersecurity, github-dorking, bug-bounty | 15-Feb-2024 |
8.5 Lab: Web shell upload via obfuscated file extension | 2024 | https://cyberw1ng.medium.com/8-5-lab-web-shell-upload-via-obfuscated-file-extension-2024-0cb8b3e1e537?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, security, bug-bounty, cybersecurity | 15-Feb-2024 |
Portswigger — Command Injection All Labs Walkthrough(Bug Bounty Prep)[by dollarboysushil] | https://infosecwriteups.com/portswigger-command-injection-all-labs-walkthrough-bug-bounty-prep-by-dollarboysushil-e836421212cf?source=rss------bug_bounty-5 | dollarboysushil | cybersecurity, command-injection, bug-bounty, ethical-hacking, portswigger | 15-Feb-2024 |
HTML Injection in Mail BOX | https://codingninjablogs.tech/html-injection-in-mail-box-c963a8c66d69?source=rss------bug_bounty-5 | #!/Subhankar | html-injection, hackerone, hacking, bug-bounty | 15-Feb-2024 |
Edu-Hack: How a Simple Request Compromised Entire Classrooms Users | https://uchihamrx.medium.com/edu-hack-how-a-simple-request-compromised-entire-classrooms-users-7cefc1225654?source=rss------bug_bounty-5 | Abdelrhman Amin | bug-bounty-tips, cybersecurity, web-security, bug-bounty, penetration-testing | 15-Feb-2024 |
Behind the Screen: The Forgotten Password Feature That Almost Failed Us | https://medium.com/@elcapitano7x/behind-the-screen-the-forgotten-password-feature-that-almost-failed-us-a3e67e103cc5?source=rss------bug_bounty-5 | Elcapitano | bugswagger, bugsbounty, penetration-testing, information-security, bug-bounty | 15-Feb-2024 |
The effectiveness of employing BChecks to uncover significant secrets | https://xelkomy.medium.com/the-effectiveness-of-employing-bchecks-to-uncover-significant-secrets-788e15a8a952?source=rss------bug_bounty-5 | Khaled Mohamed | secrets, bug-bounty, bugswagger, cybersecurity, penetration-testing | 15-Feb-2024 |
Magic No More: Exposing Flaws in Magic Link Authentication | https://medium.com/@elcapitano7x/magic-no-more-exposing-flaws-in-magic-link-authentication-7cede724382f?source=rss------bug_bounty-5 | Elcapitano | bug-bounty, penetration-testing, cybersecurity, bugswagger, information-security | 15-Feb-2024 |
Stored XSS with HTTP only Session Cookies | https://medium.com/techiepedia/stored-xss-with-http-only-session-cookies-32e5eb121384?source=rss------bug_bounty-5 | Jess | programming, website, security, web-development, bug-bounty | 15-Feb-2024 |
CVE-2024–24142 Exploitation & PoC | https://medium.com/@SentinelXTeam/cve-2024-24142-exploitation-poc-045021596804?source=rss------bug_bounty-5 | SentinelX Research | penetration-testing, cybersecurity, hacking, bug-bounty, bug-bounty-tips | 15-Feb-2024 |
open redirect using homographs | https://medium.com/@eyaalgabay/open-redirect-using-homographs-ab2c21513b45?source=rss------bug_bounty-5 | Eyaalgabay | bug-bounty-tips, penetration-testing, bug-bounty, open-redirect, web-hacking | 14-Feb-2024 |
Exploiting Cross-Site Scripting to Steal Cookies | https://medium.com/@marduk.i.am/exploiting-cross-site-scripting-to-steal-cookies-3d14c8b42fae?source=rss------bug_bounty-5 | Marduk I Am | cross-site-scripting, cybersecurity, portswigger-lab, xss-attack, bug-bounty | 14-Feb-2024 |
THIS IS HOW I FOUND FOUR VULNERABLILITY IN 45 MINUTES | https://medium.com/@mrraghavop12/this-is-how-i-found-four-vulnerablility-in-45-minutes-050144a58161?source=rss------bug_bounty-5 | Ethical Raghav | bug-bounty, blockchain, technology, bug-bounty-tips, cybersecurity | 14-Feb-2024 |
Portswigger — Path Traversal All Labs Walkthrough(Bug Bounty Prep)[by dollarboysushil] | https://infosecwriteups.com/portswigger-path-traversal-all-labs-walkthrough-bug-bounty-prep-by-dollarboysushil-85ab64d6106a?source=rss------bug_bounty-5 | dollarboysushil | bug-bounty, web-security, path-traversal, ethical-hacking, portswigger | 14-Feb-2024 |
How I was able to hack my college’s website with number of IDORs and CORS Misconfigurations | https://medium.com/@cyberpro151/how-i-was-able-to-hack-my-colleges-website-with-number-of-idors-and-cors-misconfigurations-0f880d308b79?source=rss------bug_bounty-5 | cyberpro151 | hacking, web-hacking, bug-bounty, idor | 14-Feb-2024 |
GMX V1 Bug Disclosure. | https://morphex.medium.com/gmx-v1-bug-disclosure-71e4ad9a918e?source=rss------bug_bounty-5 | Morphex | defi, bug-bounty, cryptocurrency | 14-Feb-2024 |
8.4 Lab: Web shell upload via extension blacklist bypass | 2024 | https://cyberw1ng.medium.com/8-4-lab-web-shell-upload-via-extension-blacklist-bypass-2024-2010bcaa283c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, security, hacking, bug-bounty, cybersecurity | 14-Feb-2024 |
A Journey through Reconnaissance to MySQL Server Access in the Gaming Realm | https://medium.com/@daniel1895/a-journey-through-reconnaissance-to-mysql-server-access-in-the-gaming-realm-ce6a6f4eb21c?source=rss------bug_bounty-5 | Daniel1895 | fuzzing, bug-bounty, reconnaissance, bug-bounty-tips, hacking | 14-Feb-2024 |
The Hidden Dangers Lurking in NTLM Authentication (Cybersecurity) | https://medium.com/@paritoshblogs/the-hidden-dangers-lurking-in-ntlm-authentication-cybersecurity-17fc4a02dbf9?source=rss------bug_bounty-5 | Paritosh | ntlm, hacking, cybersecurity, authentication, bug-bounty | 13-Feb-2024 |
Introducing M:N Hybrid Threading in Go: Unveiling the Power of Goroutines | https://medium.com/@rezauditore/introducing-m-n-hybrid-threading-in-go-unveiling-the-power-of-goroutines-8f2bd31abc84?source=rss------bug_bounty-5 | rezauditore | programming, tutorial, multithreading, bug-bounty, golang | 13-Feb-2024 |
Best tools you must have to look at for penetration testing. | https://medium.com/@coderjack0/best-tools-you-must-have-to-look-at-for-penetration-testing-5780ad9e7ddf?source=rss------bug_bounty-5 | Bugz_Bunne | pentesting, hacking, cybersecurity, cybe, bug-bounty | 13-Feb-2024 |
Memory vulnerabilities: Buffer and integer overflows, memory leak, and pointer dereferencing | https://medium.com/@forensics.000/memory-vulnerabilities-buffer-and-integer-overflows-memory-leak-and-pointer-dereferencing-b0e7cbbc0cd3?source=rss------bug_bounty-5 | forensics | buffer-overflow, bug-bounty, null-pointer-dereference, memory-improvement | 13-Feb-2024 |
Cross-site and server-side request forgeries (CSRF and SSRF) | https://medium.com/@forensics.000/cross-site-and-server-side-request-forgeries-csrf-and-ssrf-b91911e42e44?source=rss------bug_bounty-5 | forensics | penetration-testing, ssrf, csrf, bug-bounty, hackerone | 13-Feb-2024 |
Cross-site scripting | https://medium.com/@forensics.000/cross-site-scripting-706293b1ad8d?source=rss------bug_bounty-5 | forensics | web-penetration-testing, ctf-writeup, hackerone, xss-attack, bug-bounty | 13-Feb-2024 |
Program Misuse and Privilege Escalation — PWN COLLEGE | https://medium.com/illumination/program-misuse-and-privilege-escalation-pwn-college-9d5dbfd9cb3c?source=rss------bug_bounty-5 | B A T M A N | pwn, pentesting, challenge, hacking, bug-bounty | 13-Feb-2024 |
Unauthenticated Jira CVEs Check List — Bug Tuesday | https://medium.com/@kerstan/unauthenticated-jira-cves-check-list-bug-tuesday-465b16266349?source=rss------bug_bounty-5 | kerstan | security, cybersecurity, technology, information-security, bug-bounty | 13-Feb-2024 |
Email Triggering Leads to Rs1000 Amazon voucher | https://medium.com/@bug.hun3r/email-triggering-leads-to-rs1000-amazon-voucher-7b9447a0b820?source=rss------bug_bounty-5 | mo9kHu93r | bug-hunting, web-application-security, cybersecurity, bug-bounty, hacking | 13-Feb-2024 |
curity8.3 Lab: Web shell upload via path traversal | 2024 | https://cyberw1ng.medium.com/curity8-3-lab-web-shell-upload-via-path-traversal-2024-0c38695963a7?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, hacking, cybersecurity, careers, bug-bounty | 13-Feb-2024 |
Program Misuse and Privilege Escalation — PWN COLLEGE | https://batm4n.medium.com/program-misuse-and-privilege-escalation-pwn-college-9d5dbfd9cb3c?source=rss------bug_bounty-5 | B A T M A N | pwn, pentesting, challenge, hacking, bug-bounty | 13-Feb-2024 |
Comprehensive Guide to Pentesting Methodology: From Zero to Hero | https://medium.com/@elniak/comprehensive-guide-to-pentesting-methodology-from-zero-to-hero-78c94711d130?source=rss------bug_bounty-5 | ElNiak | bug-bounty, technology, cybersecurity, penetration-testing, pentesting | 13-Feb-2024 |
Mastering Nmap: A Comprehensive Guide for Network Discovery and Security Auditing | https://medium.com/@elniak/mastering-nmap-a-comprehensive-guide-for-network-discovery-and-security-auditing-29fa0c669ef7?source=rss------bug_bounty-5 | ElNiak | cybersecurity, penetration-testing, bug-bounty, networking, nmap | 13-Feb-2024 |
Program Misuse and Privilege Escalation — PWN COLLEGE | https://medium.com/illuminations-mirror/program-misuse-and-privilege-escalation-pwn-college-9d5dbfd9cb3c?source=rss------bug_bounty-5 | B A T M A N | pwn, pentesting, challenge, hacking, bug-bounty | 13-Feb-2024 |
How I Found a Reflected XSS at NASA | https://medium.com/@Jh0n_0x/how-i-found-a-reflected-xss-at-nasa-cc8b7584dee7?source=rss------bug_bounty-5 | Jh0n_0x | penetration-testing, securit, bugbounty-tips, bug-bounty, security-services | 12-Feb-2024 |
Most easiest bug in login page : Session Fixation | https://medium.com/@mrraghavop12/most-easiest-bug-in-login-page-session-fixation-3b07eb396aab?source=rss------bug_bounty-5 | Ethical Raghav | cybersecurity, blockchain, ethical-hacking, bug-bounty, technology | 12-Feb-2024 |
IDOR (Insecure direct object reference) pada Website Jual Beli Indonesia | https://uzet.medium.com/idor-insecure-direct-object-reference-pada-website-jual-beli-indonesia-350e2f58755c?source=rss------bug_bounty-5 | Timotius Benhur | writeup, bug-bounty, idor | 12-Feb-2024 |
Webpages Have these Bugs, and can be EXPLOITED!! | https://batm4n.medium.com/webpages-have-these-bugs-and-can-be-exploited-59e10dd94931?source=rss------bug_bounty-5 | B A T M A N | xss-vulnerability, hacking, penetration-testing, xss-attack, bug-bounty | 12-Feb-2024 |
Unraveling Three Critical Vulnerabilities in Atlassian Confluence: CVE-2023–22515, CVE-2023–22518… | https://systemweakness.com/unraveling-three-critical-vulnerabilities-in-atlassian-confluence-cve-2023-22515-cve-2023-22518-071f58539142?source=rss------bug_bounty-5 | ElNiak | vulnerability, exploitation, cybersecurity, atlassian, bug-bounty | 12-Feb-2024 |
Super Bowl and Cybersecurity | https://medium.com/@paritoshblogs/super-bowl-and-cybersecurity-5a8c0097f1f7?source=rss------bug_bounty-5 | Paritosh | bug-bounty, super-bowl, hacking, information-security, cybersecurity | 12-Feb-2024 |
Tow Senario To Pre Account TakeOver | https://medium.com/@Hackoura001/tow-senario-to-pre-account-takeover-e437b772b0e2?source=rss------bug_bounty-5 | Ahmed Elheny | bug-bounty-hunter, bug-bounty, hacking, bug-bounty-writeup, bugbounty-tips | 12-Feb-2024 |
7 Tingkatan IOC Dalam Investigasi Serangan Siber | https://medium.com/@yasminramadini/7-tingkatan-ioc-dalam-investigasi-serangan-siber-107826a59a37?source=rss------bug_bounty-5 | Yasmin Ramadini | bug-bounty, pyramid-of-pain, cybersecurity, cyber-security-awareness | 12-Feb-2024 |
Hack Stories: Hacking Hackers EP:1 | https://infosecwriteups.com/hack-stories-hacking-hackers-ep-1-ff4c3cfc09cc?source=rss------bug_bounty-5 | c0d3x27 | bug-bounty, hacking, cybersecurity, penetration-testing, software-development | 12-Feb-2024 |
Practical Guide to End-to-End Bug Reporting in Software Development | https://medium.com/@niarsdet/practical-guide-to-end-to-end-bug-reporting-in-software-development-9d3e3e4ae8f2?source=rss------bug_bounty-5 | Niar | bugs, issues, qa, bug-fixes, bug-bounty | 12-Feb-2024 |
How I Hacked the Dutch Government: Exploiting an Innocent Image for Remote Code Execution | https://medium.com/@mukundbhuva/how-i-hacked-the-dutch-government-exploiting-an-innocent-image-for-remote-code-execution-df1fa936e46a?source=rss------bug_bounty-5 | Mukund Bhuva | hacking, security, bug-bounty, information-security, cybersecurity | 12-Feb-2024 |
Understanding web applications | https://medium.com/@pentajbr/understanding-web-applications-ec5952eb1903?source=rss------bug_bounty-5 | Jbr AL-Otaibi | hacking, cybersecurity, bug-bounty, website, web-development | 12-Feb-2024 |
How I found a bug in Microsoft | https://nityanandjha18.medium.com/how-i-found-a-bug-in-microsoft-3b8524877a3c?source=rss------bug_bounty-5 | NITYA NAND JHA | bug-bounty, cybersecurity, vulnerability | 12-Feb-2024 |
: Unveiling the Art of Breaching SSH Servers in Bug Bounties: A Dive into Cybersecurity Exploits | https://medium.com/@bugspiderlee/unveiling-the-art-of-breaching-ssh-servers-in-bug-bounties-a-dive-into-cybersecurity-exploits-1b60c95c9075?source=rss------bug_bounty-5 | Pardon Mukoyi | bugbounty-tips, bug-bounty, bugbounty-writeup, cybersecurity | 12-Feb-2024 |
Extract & Scan SSL Certs for HeartBleed via CertGuard tool | https://medium.com/@SentinelXTeam/extract-scan-ssl-certs-for-heartbleed-via-certguard-tool-06dfd891788a?source=rss------bug_bounty-5 | SentinelX Research | web-development, bug-bounty-tips, ssl-certificate, cybersecurity, bug-bounty | 12-Feb-2024 |
Mastering Samba Exploitation: A Comprehensive Pentesting Guide | https://medium.com/@elniak/mastering-samba-exploitation-a-comprehensive-pentesting-guide-016ae61c1031?source=rss------bug_bounty-5 | ElNiak | cybersecurity, threat-intelligence, penetration-testing, samba, bug-bounty | 12-Feb-2024 |
Unveiling the World of Ethical Hacking: How Ethical Hackers Earn Money | https://medium.com/@crawsecurity/unveiling-the-world-of-ethical-hacking-how-ethical-hackers-earn-money-939b7816debb?source=rss------bug_bounty-5 | crawsecurity | ethical-hacking, ways-to-earn-money-online, freelancing, bug-bounty, ethical-hacker | 11-Feb-2024 |
Online Password Cracking with THC-Hydra and Burp Suite | https://medium.com/@0xalpraz/online-password-cracking-with-thc-hydra-and-burp-suite-31ec3019cead?source=rss------bug_bounty-5 | 0xClonaz | hacks, hacking, bug-bounty, cybersecurity | 11-Feb-2024 |
Getting Facebook Credentails Without Hacking | https://medium.com/@0xalpraz/getting-facebook-credentails-without-hacking-e9c778e9e4ca?source=rss------bug_bounty-5 | 0xClonaz | bug-bounty, hacks, cybersecurity, hacking | 11-Feb-2024 |
Open Source Intelligence(OSINT), Part 4: Google Hacking to Find Unsecured Web Cams | https://medium.com/@0xalpraz/open-source-intelligence-osint-part-4-google-hacking-to-find-unsecured-web-cams-4493b08dd08f?source=rss------bug_bounty-5 | 0xClonaz | cybersecurity, hacks, hacker, hacking, bug-bounty | 11-Feb-2024 |
Open Source Intelligence (OSINT), Part 1: Mining Intelligence from Twitter (@mattgaetz) | https://medium.com/@0xalpraz/open-source-intelligence-osint-part-1-mining-intelligence-from-twitter-mattgaetz-6bb71c3dae9b?source=rss------bug_bounty-5 | 0xClonaz | bug-bounty, cybersecurity, hacking, hacker, hacks | 11-Feb-2024 |
OSINT: Finding Email Passwords in Dumps with h8mail | https://medium.com/@0xalpraz/osint-finding-email-passwords-in-dumps-with-h8mail-4fb8b80298d8?source=rss------bug_bounty-5 | 0xClonaz | bug-bounty, hacker, hacking, hacks, cybersecurity | 11-Feb-2024 |
Password Cracking: Creating Custom Password List with cupp | https://medium.com/master-hackers/password-cracking-creating-custom-password-list-with-cupp-167b7448b6c9?source=rss------bug_bounty-5 | 0xClonaz | cybersecurity, hacking, bug-bounty, hacker, hacks | 11-Feb-2024 |
Android Hacking: The libwebp Vulnerability (zero-day/zero-click) | https://medium.com/master-hackers/android-hacking-the-libwebp-vulnerability-zero-day-zero-click-843279e0bb85?source=rss------bug_bounty-5 | 0xClonaz | hacks, hacking, hacker, cybersecurity, bug-bounty | 11-Feb-2024 |
Bug Bounty Hunting, Part 1: Getting Started | https://medium.com/master-hackers/bug-bounty-hunting-part-1-getting-started-f8c60e759738?source=rss------bug_bounty-5 | 0xClonaz | hacker, bug-bounty, hacking, cybersecurity | 11-Feb-2024 |
Preventing file execution in user-accessible directories by Portswigger | 2024 | https://cyberw1ng.medium.com/preventing-file-execution-in-user-accessible-directories-by-portswigger-2024-c30f1ef726b9?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, cybersecurity, bug-bounty, security | 11-Feb-2024 |
IDOR(Insecure Direct Object Referece) Price Manipulation Through Encoded Url Parameter | https://medium.com/@bry4nzheng/idor-insecure-direct-object-referece-price-manipulation-through-encoded-url-parameter-4232fa4758b0?source=rss------bug_bounty-5 | Bryan Zheng | bug-bounty-writeup, bug-bounty, cybersecurity, penetration-testing | 11-Feb-2024 |
Signing up with Government and Military emails | https://medium.com/@boogsta/signing-up-with-government-and-military-emails-4ebed8da5135?source=rss------bug_bounty-5 | Boogsta | bug-bounty-tips, cyber, cybersecurity, bug-bounty, hacking | 11-Feb-2024 |
IDOR(Insecure Direct Object Reference) Price Manipulation on Private Bug Bounty Program | https://medium.com/@bry4nzheng/idor-insecure-direct-object-reference-price-manipulation-on-private-bug-bounty-program-2527431ffcfd?source=rss------bug_bounty-5 | Bryan Zheng | bug-bounty-writeup, penetration-testing, bug-bounty, cybersecurity | 11-Feb-2024 |
Bug Bounty Programs: Unleashing the Force of Ethical Hackers to Strengthen Your Security Defenses | https://medium.com/@pascal.o.anene/bug-bounty-programs-unleashing-the-force-of-ethical-hackers-to-strengthen-your-security-defenses-08506824e975?source=rss------bug_bounty-5 | Pascal Onyekachukwu Anene | cybersecurity, security-engineering, bug-bounty | 11-Feb-2024 |
Almost 50% of web pages have this bug. Learn How it is exploited in the wild | https://medium.com/@sreedeep200/almost-50-of-web-pages-have-this-bug-learn-how-it-is-exploited-in-the-wild-bfc591abdf8f?source=rss------bug_bounty-5 | Sreedeep cv | js, bug-bounty, xss-attack, hacking, dom | 11-Feb-2024 |
XSS in CMS / Blog sites bypassing HTML encoding and escaping. | https://medium.com/@kannnannmk/xss-in-cms-blog-sites-bypassing-html-encoding-and-escaping-f61a720e6a02?source=rss------bug_bounty-5 | Neelamegha Kannan S | penetration-testing, cybersecurity, information-security, cyberattack, bug-bounty | 11-Feb-2024 |
From a customer to a ‘system owner’ | https://medium.com/@mmaulanaabdullah/from-a-customer-to-a-system-owner-ce4da3f6d56c?source=rss------bug_bounty-5 | M Maulana Abdullah | api-development, writeup, privilege-escalation, api, bug-bounty | 10-Feb-2024 |
Unlocking Creativity: TCS HackQuest S8 Unveiled - Round 1 | https://medium.com/@Dark_D3v1l/unlocking-creativity-tcs-hackquest-s8-unveiled-round-1-ffc02c753aaf?source=rss------bug_bounty-5 | Raviteja | reverse-engineering, ctf, bug-bounty, hacking-tools, web-security | 10-Feb-2024 |
7.8 Lab: Referer-based access control | 2024 | https://cyberw1ng.medium.com/7-8-lab-referer-based-access-control-2024-ef0fa2eefbe0?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, security, bug-bounty, cybersecurity | 10-Feb-2024 |
Google Dorking: A Beginner’s Guide to Finding Vulnerabilities | https://medium.com/@elniak/google-dorking-a-beginners-guide-to-finding-vulnerabilities-815afedcaaec?source=rss------bug_bounty-5 | ElNiak | threat-intelligence, bug-bounty, google-dorking, cybersecurity, google | 10-Feb-2024 |
Web Security 101 : Cross-Site Scripting (XSS) Attacks | https://iaraoz.medium.com/web-security-101-cross-site-scripting-xss-attacks-5b6c6e8020c7?source=rss------bug_bounty-5 | Israel Aráoz Severiche | xss-attack, bug-bounty, cybersecurity, appsec | 09-Feb-2024 |
Securing Biggest Electronic Brand Worth Me My 2nd 4 fig. $2259 Bounty! | https://medium.com/@manan_sanghvi/securing-biggest-electronic-brand-worth-me-my-2nd-4-fig-2259-bounty-a053d2053655?source=rss------bug_bounty-5 | Manan Sanghvi | bug-bounty, penetration-testing, web-application-security, ethical-hacking, idor-vulnerability | 09-Feb-2024 |
JSON CSRF in Microsoft Bing Maps Collections | https://infosecwriteups.com/json-csrf-in-microsoft-bing-maps-collections-74afc2b197d5?source=rss------bug_bounty-5 | Jayateertha Guruprasad | bug-bounty-tips, microsoft, bug-bounty, infosec, cybersecurity | 09-Feb-2024 |
CVE-2024–24830: A Critical OpenObserve Vulnerability Exposed | https://systemweakness.com/cve-2024-24830-a-critical-openobserve-vulnerability-exposed-7110ff223e49?source=rss------bug_bounty-5 | ElNiak | bug-bounty, logs, vulnerability, cybersecurity, technology | 09-Feb-2024 |
Cyber Espionage Unveiled: The Dutch Defense Under Siege by Chinese Hackers | https://medium.com/@elniak/cyber-espionage-unveiled-the-dutch-defense-under-siege-by-chinese-hackers-2a7a5ffe99b6?source=rss------bug_bounty-5 | ElNiak | malware, chinese, bug-bounty, cyberattack, cybersecurity | 09-Feb-2024 |
CVE-2024–1207: A Deep Dive into WordPress Plugin Vulnerability | https://systemweakness.com/cve-2024-1207-a-deep-dive-into-wordpress-plugin-vulnerability-3b12891813e6?source=rss------bug_bounty-5 | ElNiak | bug-bounty, vulnerability, cybersecurity, wordpress, sql-injection | 09-Feb-2024 |
Cyber Espionage Unveiled: The Dutch Defense Under Siege by Chinese Hackers | https://systemweakness.com/cyber-espionage-unveiled-the-dutch-defense-under-siege-by-chinese-hackers-2a7a5ffe99b6?source=rss------bug_bounty-5 | ElNiak | malware, chinese, bug-bounty, cyberattack, cybersecurity | 09-Feb-2024 |
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Three | https://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-three-cee1633de873?source=rss------bug_bounty-5 | Ali | python, flask, bug-bounty, mongodb, reconnaissance | 09-Feb-2024 |
E: Package ‘libgtkglext1’ has no installation candidate | anydesk : Depends: libgtkglext1 but it is… | https://medium.com/@sherlock297/e-package-libgtkglext1-has-no-installation-candidate-anydesk-depends-libgtkglext1-but-it-is-7eef2877f78d?source=rss------bug_bounty-5 | Ravindra Dagale | information-technology, bug-bounty, kali-linux, information-security, programming | 09-Feb-2024 |
7.7 Lab: Multi-step process with no access control on one step | 2024 | https://cyberw1ng.medium.com/7-7-lab-multi-step-process-with-no-access-control-on-one-step-2024-2b338dfd36ea?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, cybersecurity, bug-bounty, security | 09-Feb-2024 |
Beyond the Firewall: Finding a Stored XSS in Hacker101 CTF | https://medium.com/@crashwire1/beyond-the-firewall-finding-a-stored-xss-in-hacker101-ctf-9b90df12e42e?source=rss------bug_bounty-5 | Crashwire | xss-attack, cybersecurity, capture-the-flag, bug-bounty, hacking | 09-Feb-2024 |
Unlocking Your Potential: Elevating Your Bug Bounty Game** | https://medium.com/@mrraghavop12/unlocking-your-potential-elevating-your-bug-bounty-game-5cbf22c4de00?source=rss------bug_bounty-5 | Ethical Raghav | blockchain, bug-bounty, bug-bounty-tips, javascript, cybersecurity | 08-Feb-2024 |
Lenfi V2 to Begin Community-Driven Bug Bounty Program Now | https://medium.com/@lenfi/lenfi-v2-to-begin-community-driven-bug-bounty-program-now-c2d312203df2?source=rss------bug_bounty-5 | Lenfi | lending, cardano, defi, audit, bug-bounty | 08-Feb-2024 |
Chaining Subprober + Subfinder To Your Bug Bounty Recon. | https://medium.com/@Ajakcybersecurity/chaining-subprober-subfinder-to-your-bug-bounty-recon-017151d1ffce?source=rss------bug_bounty-5 | AjakCybersecurity | bug-bounty, ethical-hacking, penetration-testing, hacking, cybersecurity | 08-Feb-2024 |
7.6 Lab: Method-based access control can be circumvented | 2024 | https://cyberw1ng.medium.com/7-6-lab-method-based-access-control-can-be-circumvented-2024-edb5df550a66?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, portswigger, cybersecurity, careers | 08-Feb-2024 |
Easy way to get privilege escalation | https://medium.com/@Rzizah/easy-way-to-get-privilege-escalation-2c0a96862301?source=rss------bug_bounty-5 | Rzizah | bug-bounty-tips, bug-bounty, bug-bounty-writeup, privilege-escalation | 08-Feb-2024 |
How I Find Open Redirect Bug — Bug Bounty Tuesday | https://medium.com/@kerstan/how-i-find-open-redirect-bug-bug-bounty-tuesday-40cc560c9cec?source=rss------bug_bounty-5 | kerstan | cybersecurity, bug-bounty, technology, security, information-security | 07-Feb-2024 |
Web3 Security: In-Depth | https://medium.com/coinmonks/web3-security-in-depth-e102fb262a3a?source=rss------bug_bounty-5 | Officer's Notes | bug-bounty, blockchain, smart-contracts, solidity, web3 | 07-Feb-2024 |
My first bug | Html injection| | https://medium.com/@pandeyrishu621/my-first-bug-html-injection-82bbad239934?source=rss------bug_bounty-5 | Pandeyrishu | cybersecurity, bug-bounty, penetration-testing, technology, bug-bounty-tips | 07-Feb-2024 |
Revealing a Security Snag: Uncovering Sensitive Data Exposure in an Apple Application | https://medium.com/@jazdprince/revealing-a-security-snag-uncovering-sensitive-data-exposure-in-an-apple-application-c93da97cae0d?source=rss------bug_bounty-5 | JzeeRx | bug-bounty, bug-hunting, cybersecurity, apple-security, apple | 07-Feb-2024 |
7.5 Lab: URL-based access control can be circumvented | 2024 | https://cyberw1ng.medium.com/7-5-lab-url-based-access-control-can-be-circumvented-2024-f101542e9402?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, hacking, cybersecurity, careers, bug-bounty | 07-Feb-2024 |
I have hacked around 300 website in 1 Month | https://systemweakness.com/i-have-hacked-around-300-website-in-1-month-30417030560b?source=rss------bug_bounty-5 | Imran Niaz | bug-bounty, hacking, web-development, python-programming, cybersecurity | 07-Feb-2024 |
Rate Limiting: What It Is And Why It Matters in Bug Bounty | https://infosecwriteups.com/rate-limiting-what-it-is-and-why-it-matters-in-bug-bounty-b0d2ce574049?source=rss------bug_bounty-5 | Alp | bug-bounty-tips, bug-bounty, hackerone | 07-Feb-2024 |
How To Get Started With LLM Hacking? — A Beginner’s Guide | https://medium.com/@hetisdemerckx/how-to-get-started-with-llm-hacking-a-beginners-guide-273af158b4b0?source=rss------bug_bounty-5 | Yannick Merckx | bug-bounty, ai, hacking, llm-hacking, llm | 07-Feb-2024 |
My first bug | Html injection| | https://systemweakness.com/my-first-bug-html-injection-82bbad239934?source=rss------bug_bounty-5 | Pandeyrishu | cybersecurity, bug-bounty, penetration-testing, technology, bug-bounty-tips | 07-Feb-2024 |
Enhancing Network Security: Best Practices and Strategies | https://medium.com/@paritoshblogs/enhancing-network-security-best-practices-and-strategies-6fec2ef3f397?source=rss------bug_bounty-5 | Paritosh | hacking, programming, bug-bounty, information-security, cybersecurity | 06-Feb-2024 |
Tumblr Subdomain Takeover | https://infosecwriteups.com/tumblr-subdomain-takeover-55f9cb494d65?source=rss------bug_bounty-5 | Scott Lindh | white-hat-hacker, bug-bounty, hacker, subdomain-takeover, subdomains-enumeration | 06-Feb-2024 |
Harnessing Concurrency in Go: Exploring Asynchronous Execution | https://medium.com/@rezauditore/harnessing-concurrency-in-go-exploring-asynchronous-execution-4134897d66a6?source=rss------bug_bounty-5 | rezauditore | golang, programming, bug-bounty, tutorial, hunting | 06-Feb-2024 |
A Deep Dive into FastAPI’s Security Vulnerability: CVE-2024–24762 | https://systemweakness.com/a-deep-dive-into-fastapis-security-vulnerability-cve-2024-24762-4ab6bb64644c?source=rss------bug_bounty-5 | ElNiak | cybersecurity, programming, bug-bounty, fastapi, vulnerability | 06-Feb-2024 |
ALWAYS test 404 Not Found in Bug Bounties! | https://medium.com/@mares.viktor/always-test-404-not-found-in-bug-bounties-2be47801b4c0?source=rss------bug_bounty-5 | Viktor Mares | cybersecurity, web-development, bug-bounty, penetration-testing, hacking | 06-Feb-2024 |
CVE-2024-23222: Apple WebKit’s Zero-Day Vulnerability | https://medium.com/@elniak/cve-2024-23222-apple-webkits-zero-day-vulnerability-83109de9ddee?source=rss------bug_bounty-5 | ElNiak | cybersecurity, vulnerability, apple, technology, bug-bounty | 06-Feb-2024 |
Symlink Sabotage: ZIPping Through Web Security. (LFI Lab) | https://medium.com/@josh.beck2006/symlink-sabotage-zipping-through-web-security-lfi-lab-ca20e2d30c8d?source=rss------bug_bounty-5 | Josh Beck | penetration-testing, cybersecurity, ctf-writeup, bug-bounty | 06-Feb-2024 |
Unveiling CVE-2024–0953: Firefox iOS Open Redirect Vulnerability | https://lohigowda.medium.com/unveiling-cve-2024-0953-firefox-ios-open-redirect-vulnerability-57533efb4cf4?source=rss------bug_bounty-5 | Lohith Gowda M | application-security, bug-bounty, firefox, ios, infosec | 06-Feb-2024 |
Understanding Ransomware | https://medium.com/@paritoshblogs/understanding-ransomware-aa45e2c43bbb?source=rss------bug_bounty-5 | Paritosh | ransomware, bug-bounty, cybersecurity, hacking, information-security | 05-Feb-2024 |
Urgent Security Alert: Microsoft Edge Vulnerabilities Exposed — Protect Your Data Now! | https://medium.com/@elniak/urgent-security-alert-microsoft-edge-vulnerabilities-exposed-protect-your-data-now-bd7cd8b616dd?source=rss------bug_bounty-5 | ElNiak | privilege-escalation, cybersecurity, microsoft, bug-bounty, vulnerability | 05-Feb-2024 |
SSRF on a Headless Browser Becomes Critical! | https://medium.com/@Nightbloodz/ssrf-on-a-headless-browser-becomes-critical-c08daaa1017e?source=rss------bug_bounty-5 | Alvaro Balada | cybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty, cyber-security-awareness | 05-Feb-2024 |
IoT Devices Vulnerabilities Disclosed: BugStrike’s IoT Security Suite | https://blog.bugstrike.io/iot-devices-vulnerabilities-disclosed-bugstrikes-iot-security-suite-4f3b7d907829?source=rss------bug_bounty-5 | BugStrike Team | bugstrike, iot-security, bug-bounty, cybersecurity, iot | 05-Feb-2024 |
Unveiling the XSS Threats: Understanding and Defending Against Cross-Site Scripting | https://blog.bugstrike.io/unveiling-the-xss-threats-understanding-and-defending-against-cross-site-scripting-508e914367f4?source=rss------bug_bounty-5 | BugStrike Team | bugsbounty, cybersecurity, bugstrike, xss-attack, bug-bounty | 05-Feb-2024 |
Broken access control resulting from platform misconfiguration | 2024 | https://cyberw1ng.medium.com/broken-access-control-resulting-from-platform-misconfiguration-2024-bc330363278c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, bug-bounty, hacking, security | 05-Feb-2024 |
Euler Is So Back: Prizewinners and Educate Series Summary | https://www.blog.encode.club/euler-is-so-back-bounty-winners-and-educate-series-summary-6ea3de46b569?source=rss------bug_bounty-5 | Vanessa Losic | euler, euler-finance, bug-bounty, euler-educate, encode-club | 05-Feb-2024 |
How I got RCE in one of Bugcrowd's Public Programs | https://medium.com/@yousefmoh15/how-i-got-rce-in-one-of-bugcrowds-public-programs-5725c8dc46ce?source=rss------bug_bounty-5 | Yousef Mohamed Elsaid | cybersecurity, bugcrowd, bug-bounty, rce, remote-code-execution | 05-Feb-2024 |
Every Cybersecurity Beginner’s Nightmare — You need to Read this | https://medium.com/@majameeljameey/every-cybersecurity-beginners-nightmare-you-need-to-read-this-fc1b69e5dded?source=rss------bug_bounty-5 | MOHD ABDUL JAMEEL | penetration-testing, bug-bounty, roadmaps, ethical-hacking, cybersecurity | 05-Feb-2024 |
Reflected XSS into a Template Literal with Angle Brackets, Single, Double Quotes, Backslash, and… | https://medium.com/@marduk.i.am/reflected-xss-into-a-template-literal-with-angle-brackets-single-double-quotes-backslash-and-d5cf41f25b02?source=rss------bug_bounty-5 | Marduk I Am | bug-bounty, portswigger-lab, reflected-xss, cross-site-scripting, cybersecurity | 05-Feb-2024 |
Skyfall — HackTheBox Seasonal Machine Simple Writeup by Karthikeyan Nagaraj | 2024 | https://infosecwriteups.com/skyfall-hackthebox-seasonal-machine-simple-writeup-by-karthikeyan-nagaraj-2024-d76fdaaba116?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, hackthebox-writeup, hackthebox, bug-bounty | 05-Feb-2024 |
This will change the way you hunt for bugs forever. | https://medium.com/@deadoverflow/this-will-change-the-way-you-hunt-for-bugs-forever-6111f59b4e8b?source=rss------bug_bounty-5 | Imad Husanovic | hacking, cybersecurity, bug-bounty, programming, bug-bounty-tips | 04-Feb-2024 |
the Dark Art of NTLM Relay Attacks | https://medium.com/@paritoshblogs/the-dark-art-of-ntlm-relay-attacks-5a55cfb95b37?source=rss------bug_bounty-5 | Paritosh | cybersecurity, hacking, ntlm-relay, active-directory, bug-bounty | 04-Feb-2024 |
The UI Slip I Hit 750$: UI Manipulation Leading to Unauthorized Permission Changes | https://medium.com/@a13h1/the-ui-slip-i-hit-750-ui-manipulation-leading-to-unauthorized-permission-changes-d65621d8dd96?source=rss------bug_bounty-5 | Abhi Sharma | user-interface, hacking, programming, bug-bounty, cybersecurity | 04-Feb-2024 |
How I Hacked My College’s Site | https://infosecwriteups.com/how-i-hacked-my-colleges-site-26ae1ab872e4?source=rss------bug_bounty-5 | Rajneesh Kumar Arya | bug-bounty, web-application-security, ethical-hacking, hacked, cybersecurity | 04-Feb-2024 |
Running a MITM on a Google Play App | Fintech Bug Bounty — Part 3 | https://0x4kd.medium.com/running-a-mitm-on-a-google-play-app-fintech-bug-bounty-part-3-82ebdd852d07?source=rss------bug_bounty-5 | 0x4KD | bug-bounty, infosec, bounty-hunter, bug-bounty-tips, security | 04-Feb-2024 |
Certifications for bug bounty hunters | https://medium.com/@notahades/certifications-for-bug-bounty-hunters-4200c6a58c3c?source=rss------bug_bounty-5 | Desha | hacking, certification, penetration-testing, bug-bounty | 04-Feb-2024 |
Hacking tools to use in 2024 | https://medium.com/@notahades/hacking-tools-to-use-in-2024-9dd47c126ef4?source=rss------bug_bounty-5 | Desha | it-security, bug-bounty, hacking, penetration-testing, security | 04-Feb-2024 |
Tutorial: Shellcode Injection when the buffer is small | https://medium.com/@elniak/tutorial-shellcode-injection-when-the-buffer-is-small-ee3a29dcb955?source=rss------bug_bounty-5 | ElNiak | bug-bounty, tutorial, hacking, shellcode, cybersecurity | 04-Feb-2024 |
TryHackMe | Bounty Hacker Walkthrough | https://medium.com/@utsavadhikari99/tryhackme-bounty-hacker-walkthrough-eb7d9de074e3?source=rss------bug_bounty-5 | Utsavadhikari | bug-bounty, bugs, linux, cybersecurity, computer-science | 04-Feb-2024 |
Stored XSS into ‘onclick’ Event with Angle Brackets and Double Quotes HTML-Encoded and Single… | https://medium.com/@marduk.i.am/stored-xss-into-onclick-event-with-angle-brackets-and-double-quotes-html-encoded-and-single-002848f8deb1?source=rss------bug_bounty-5 | Marduk I Am | portswigger-lab, cybersecurity, stored-xss, bug-bounty, cross-site-scripting | 04-Feb-2024 |
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Two | https://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-two-468405eb3520?source=rss------bug_bounty-5 | Ali | databse, reconnaissance, bug-bounty, python, chatgpt | 04-Feb-2024 |
6.5 Lab: Information disclosure in version control history | 2024 | https://cyberw1ng.medium.com/6-5-lab-information-disclosure-in-version-control-history-2024-f886c7337cb7?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, careers, cybersecurity, bug-bounty, hacking | 04-Feb-2024 |
How to send WhatsApp Message automatically using python for impress someone | https://rajput623929.medium.com/how-to-send-whatsapp-message-automatically-using-python-for-impress-someone-9c577664faaa?source=rss------bug_bounty-5 | Mr.Horbio | hacking, automation, bug-bounty, cybersecurity, python | 03-Feb-2024 |
IDOR Pada Website Jual Beli Indonesia | https://uzet.medium.com/idor-pada-website-jual-beli-indonesia-e4842bad515a?source=rss------bug_bounty-5 | Timotius Benhur | bug-bounty, writeup, cyber-security-awareness, bugs | 03-Feb-2024 |
Zero-Day: Navigating the Storm of CVE-2024–21893 in Ivanti Products | https://systemweakness.com/zero-day-navigating-the-storm-of-cve-2024-21893-in-ivanti-products-3b27078377e2?source=rss------bug_bounty-5 | ElNiak | bug-bounty, penetration-testing, ivanti, cybersecurity, ssrf | 03-Feb-2024 |
Vulnerable WordPress January 2024 (Imadaddin Nasimi) | https://medium.com/@onhexgroup/vulnerable-wordpress-january-2024-imadaddin-nasimi-09f163d473db?source=rss------bug_bounty-5 | Onhexgroup | infosec, bug-bounty, exploit, cybersecurity, wordpress | 03-Feb-2024 |
Title: Unveiling the Trio: Idor,Account,Takeover And Account Enumeration | https://medium.com/@mrraghavop12/title-unveiling-the-trio-idor-account-takeover-and-account-enumeration-cad7f7ca671f?source=rss------bug_bounty-5 | Ethical Raghav | bug-bounty, blockchain, technology, cybersecurity, data-science | 03-Feb-2024 |
Building a Robust Security Architecture | https://medium.com/@paritoshblogs/building-a-robust-security-architecture-10d01b22380d?source=rss------bug_bounty-5 | Paritosh | architecture, bug-bounty, information-security, cybersecurity, security-architecture | 03-Feb-2024 |
A Story of an IDOR bug I found on a SaaS application | https://medium.com/@duncanochieng682/a-story-of-an-idor-bug-i-found-on-a-saas-application-28fa65907bfd?source=rss------bug_bounty-5 | JateloCybersec | access-control, web-application-security, bug-bounty-tips, idor-vulnerability, bug-bounty | 03-Feb-2024 |
Version Control History and Information Disclosure Vulnerabilities | 2024 | https://cyberw1ng.medium.com/version-control-history-and-information-disclosure-vulnerabilities-2024-3649060333bb?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, cybersecurity, careers, bug-bounty, hacking | 03-Feb-2024 |
Offensive Mobile Penetration Testing | https://hackerassociate.medium.com/offensive-mobile-penetration-testing-ce87cc06fb46?source=rss------bug_bounty-5 | Harshad Shah | bug-bounty, infosec, penetration-testing, cybersecurity, hacking | 02-Feb-2024 |
5.11 Lab: Authentication bypass via flawed state machine | 2024 | https://cyberw1ng.medium.com/5-11-lab-authentication-bypass-via-flawed-state-machine-2024-2226d33fba6d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, cybersecurity, bug-bounty, security | 2-Feb-2024 |
CVE-2021–4434: A Critical WordPress Vulnerability Exposed | https://medium.com/@elniak/cve-2021-4434-a-critical-wordpress-vulnerability-exposed-202b7d75dda5?source=rss------bug_bounty-5 | ElNiak | vulnerability, bug-bounty, threat-intelligence, wordpress, cybersecurity | 2-Feb-2024 |
Join the Pay Protocol Bug Bounty Program and Earn Rewards | https://cryptoanalyz.medium.com/join-the-pay-protocol-bug-bounty-program-and-earn-rewards-159d24608282?source=rss------bug_bounty-5 | Crypto Analyst | payments, defi, bug-bounty-program, cryptocurrency, bug-bounty | 2-Feb-2024 |
Unveiling the Elite: Cyber Matrix Tech’s USD 7 Million Bug Bounty Course | https://medium.com/@African-Technology-Research/unveiling-the-elite-cyber-matrix-techs-usd-7-million-bug-bounty-course-4e648fb003d1?source=rss------bug_bounty-5 | African Technology Research | penetration-testing, cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 2-Feb-2024 |
Mastering Fuzzing: A Comprehensive Tutorial | https://medium.com/@elniak/mastering-fuzzing-a-comprehensive-tutorial-ba9431c8ff0f?source=rss------bug_bounty-5 | ElNiak | fuzzing, bug-bounty, tutorial, cybersecurity, bugs | 02-Feb-2024 |
Unlocking Privacy: A Dive into Octopii, the Open-Source PII Scanner | https://medium.com/@elniak/unlocking-privacy-a-dive-into-octopii-the-open-source-pii-scanner-8a8bdcc0b8be?source=rss------bug_bounty-5 | ElNiak | privacy, osint, cybersecurity, bug-bounty, pii | 02-Feb-2024 |
How to start in Bug Bounty Hunting: my personal experience | https://seeu-inspace.medium.com/how-to-start-in-bug-bounty-hunting-my-personal-experience-61fb2bc6bcee?source=rss------bug_bounty-5 | Riccardo Malatesta | bug-bounty-tips, bug-bounty | 02-Feb-2024 |
How to Pass eWPTv1 exam | https://medium.com/@pentajbr/how-to-pass-ewptv1-exam-3aab3d7d9fa5?source=rss------bug_bounty-5 | Jbr AL-Otaibi | preparation, bug-bounty, bug-bounty-tips, cybersecurity, hacking | 02-Feb-2024 |
CVE-2021–4434: A Critical WordPress Vulnerability Exposed | https://systemweakness.com/cve-2021-4434-a-critical-wordpress-vulnerability-exposed-202b7d75dda5?source=rss------bug_bounty-5 | ElNiak | vulnerability, bug-bounty, threat-intelligence, wordpress, cybersecurity | 02-Feb-2024 |
How I was able to find PII of more than 15,000 People using the Directory Enumeration Tool… | https://medium.com/@neelmunot2003/how-i-was-able-to-find-pii-of-more-than-15-000-people-using-the-directory-enumeration-tool-7ac3e9a37983?source=rss------bug_bounty-5 | Neel Munot | information-disclosure, dirsearch, bug-bounty, cybersecurity, ethical-hacking | 02-Feb-2024 |
How I secured the United Nations Hall of Fame | https://medium.com/@kamilrahman32/how-i-secured-the-united-nations-hall-of-fame-67b036ff2620?source=rss------bug_bounty-5 | Kamil Rahuman | bug-bounty, bug-bounty-tips, vulnerability, hall-of-fame, united-nations | 02-Feb-2024 |
Full Account Takeover via Password Reset Link Manipulation | https://ikhaleelkhan.medium.com/full-account-takeover-via-password-reset-link-manipulation-840fb9402967?source=rss------bug_bounty-5 | Khaleel Khan | infosec, bug-bounty, cybersecurity, hacking, ethical-hacking | 01-Feb-2024 |
Docker and runC Vulnerabilities: A Deep Dive into CVE-2024–21626 and Its Counterparts | https://medium.com/@elniak/docker-and-runc-vulnerabilities-a-deep-dive-into-cve-2024-21626-and-its-counterparts-4ca24e7d7aa1?source=rss------bug_bounty-5 | ElNiak | cybersecurity, vulnerability, docker, penetration-testing, bug-bounty | 01-Feb-2024 |
5.10 Lab: Authentication bypass via encryption Oracle | 2024 | https://cyberw1ng.medium.com/5-10-lab-authentication-bypass-via-encryption-oracle-2024-b15f1879a30b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, bug-bounty, careers, hacking, cybersecurity | 01-Feb-2024 |
1.4M PII data leakage (IDOR) | https://medium.com/@tusharaj98355/1-4m-pii-data-leakage-idor-aee596aef4d9?source=rss------bug_bounty-5 | tushar_recon | bug-bounty, bug-bounty-tips | 01-Feb-2024 |
How i was able to hack a Company via watching a YouTube video | https://ahmadmansourr.medium.com/how-i-was-able-to-hack-a-company-via-watching-a-youtube-video-without-any-technical-pentesting-4941753a150a?source=rss------bug_bounty-5 | Ahmad Mansour | cyber-security-awareness, bug-bounty, penetration-testing | 01-Feb-2024 |
Reflected XSS into a JavaScript String with Angle Brackets and Double Quotes HTML-Encoded and… | https://medium.com/@marduk.i.am/reflected-xss-into-a-javascript-string-with-angle-brackets-and-double-quotes-html-encoded-and-3e43059d901b?source=rss------bug_bounty-5 | Marduk I Am | cybersecurity, portswigger-lab, reflected-xss, cross-site-scripting, bug-bounty | 01-Feb-2024 |
Bypass Arbitary File Upload With .phar | https://medium.com/@mzrismuarf/bypass-arbitary-file-upload-with-phar-6a07627f5e2e?source=rss------bug_bounty-5 | Mizar Ismu Arief | exploitation, bug-bounty, pentesting, bypass | 01-Feb-2024 |
From No to Go — Uninvited Access To Invited Projects | https://medium.com/@_0jatin0_/from-no-to-go-uninvited-access-to-invited-projects-c8a94feb7cf3?source=rss------bug_bounty-5 | Jatin_Chudasama | broken-access-control, writeup, bug-bounty, graphql, unauthorized-access | 01-Feb-2024 |
This is arguably the dumbest bug I’ve ever found. | https://medium.com/@deadoverflow/this-is-arguably-the-dumbest-bug-ive-ever-found-3e451951d727?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty-tips, bug-bounty, hacking, programming, cybersecurity | 01-Feb-2024 |
Misconfiguration lead to company identity theft via bypass email verification. | https://hamzadzworm.medium.com/misconfiguration-lead-to-company-identity-theft-via-bypass-email-verification-0dd60b61d943?source=rss------bug_bounty-5 | Hamzadzworm | bugbounty-writeup, bug-bounty-writeup, bugbounty-tips, bug-bounty, infosec | 01-Feb-2024 |
Best Recon methodology (Shubham Rooter) | https://shubhamrooter.medium.com/best-recon-methodology-shubham-rooter-dcdca8d4caa4?source=rss------bug_bounty-5 | Shubham Tiwari | hackerone, recon, bug-bounty, bug-bounty-tips, bug-hunting | 01-Feb-2024 |
How to send WhatsApp Message automatically using python for impress someone | https://rajput623929.medium.com/how-to-send-whatsapp-message-automatically-using-python-for-impress-someone-0a9f488a4b54?source=rss------bug_bounty-5 | Mr.Horbio | hacking, cybersecurity, technology, python, bug-bounty | 01-Feb-2024 |
Understanding and Mitigating Active Directory Attacks | https://medium.com/@paritoshblogs/understanding-and-mitigating-active-directory-attacks-51b7b5737ecc?source=rss------bug_bounty-5 | Paritosh | bug-bounty, azure, hacking, active-directory, cybersecurity | 31-Jan-2024 |
Uncovering a Parameter Tampering Vulnerability in Event Expo Ticketing System | https://medium.com/@sulmanfarooq531/uncovering-a-parameter-tampering-vulnerability-in-event-expo-ticketing-system-89fc52e26414?source=rss------bug_bounty-5 | Sulman Farooq S | burpsuite, tampering, http-parameter-pollution, parameter-tampering, bug-bounty | 31-Jan-2024 |
Hunt, Hack, Reward — Hacking For Good with Bounties | https://thethreatcops.medium.com/hunt-hack-reward-hacking-for-good-with-bounties-6a57d12c82a0?source=rss------bug_bounty-5 | the threat cops | thethreatcops, cybersecurity, bug-bounty, hacking, infosec | 31-Jan-2024 |
Navigating the Storm: Understanding CVE-2023–34048’s Impact on VMware vCenter Server | https://medium.com/@elniak/navigating-the-storm-understanding-cve-2023-34048s-impact-on-vmware-vcenter-server-6004e6531e5b?source=rss------bug_bounty-5 | ElNiak | threat-intelligence, cybersecurity, bug-bounty, penetration-testing, vmware | 31-Jan-2024 |
Json Tokens (JWT) Token Checks | https://akash-venky091.medium.com/json-tokens-jwt-token-checks-f23d5107e370?source=rss------bug_bounty-5 | Akash Venky | cybersecurity, ethical-hacking, bug-bounty, security, jwt | 31-Jan-2024 |
What to expect from BSides Transylvania 2024 | https://corneacristian.medium.com/what-to-expect-from-bsides-transylvania-2024-38f62ffb1ebd?source=rss------bug_bounty-5 | Cristian Cornea | cybersecurity, technology, bug-bounty, software-development, tech | 31-Jan-2024 |
Tackling IDOR on UUID based objects | https://medium.com/pentesternepal/tackling-idor-on-uuid-based-objects-71e8cb2dc265?source=rss------bug_bounty-5 | Veshraj Ghimire | idor-vulnerability, bug-bounty | 31-Jan-2024 |
5.9 Lab: Infinite money logic flaw | 2024 | https://cyberw1ng.medium.com/5-9-lab-infinite-money-logic-flaw-2024-9aec41bc9ca0?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, cybersecurity, security, bug-bounty | 31-Jan-2024 |
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part One | https://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-one-77ec3fd3b914?source=rss------bug_bounty-5 | Ali | bug-bounty, database, reconnaissance, python | 31-Jan-2024 |
How to use Virtual Box | https://medium.com/@joshdesharnais1/how-to-use-virtual-box-f3b66be0d9d7?source=rss------bug_bounty-5 | Joshua Desharnais | bug-bounty, virtual, operating-systems, oracle | 31-Jan-2024 |
Bug Bounty Hunting, Part 1: Stealthy Parameter Detection with ParamSpider | https://medium.com/master-hackers/bug-bounty-hunting-part-1-stealthy-parameter-detection-with-paramspider-28e8ae3af5d4?source=rss------bug_bounty-5 | 0xClonaz | bug-bounty, hacker, bug-bounty-tips, cybersecurity, hacking | 31-Jan-2024 |
Ransomware: Build Your Own Ransomware | https://medium.com/master-hackers/ransomware-build-your-own-ransomware-b8002b355300?source=rss------bug_bounty-5 | 0xClonaz | hacking, cybersecurity, hacker, programming, bug-bounty | 31-Jan-2024 |
Recon Methodology | https://medium.com/@alanvv03/recon-methodology-6626fea2e6ed?source=rss------bug_bounty-5 | Alanvv | cybersecurity, bug-bounty, reconnaissance | 31-Jan-2024 |
Une erreur fatale | https://mr0me.medium.com/salut-a2c0cf7cfb4c?source=rss------bug_bounty-5 | Jephte Mangenda | mistakes, wordpress-development, wordpress, bug-bounty, bugs | 31-Jan-2024 |
Web Cache Poisoning | https://k4gur4.medium.com/web-cache-poisoning-04fea694708e?source=rss------bug_bounty-5 | Kagura | cybersecurity, web-security, bug-bounty | 31-Jan-2024 |
Decoding the OWASP Top 10 | https://medium.com/@paritoshblogs/decoding-the-owasp-top-10-e193b715cb37?source=rss------bug_bounty-5 | Paritosh | bug-bounty, owasp, cybersecurity, pentesting, hacking | 30-Jan-2024 |
Critical Jenkins RCE Vulnerability (CVE-2024–23897) | https://medium.com/@elniak/critical-jenkins-rce-vulnerability-cve-2024-23897-402061a2b187?source=rss------bug_bounty-5 | ElNiak | jenkins, bug-bounty, penetration-testing, vulnerability, cybersecurity | 30-Jan-2024 |
Simplifying Issue Traceability with Links Explorer in the monday Platform | https://medium.com/optimizory-apps/simplifying-issue-traceability-with-links-explorer-in-the-monday-platform-c8cfbee37668?source=rss------bug_bounty-5 | Divyansh Vats | project-management, marketplaces, issues, bug-bounty, traceability | 30-Jan-2024 |
Title: Exploiting Path Traversal Vulnerability in User Profile URLs | https://medium.com/@kataeriidubstep/title-exploiting-path-traversal-vulnerability-in-user-profile-urls-82c0e8ba1a3e?source=rss------bug_bounty-5 | Pavan kumar.G | bug-bounty, cybersecurity, appsec | 30-Jan-2024 |
Reflected XSS into a JavaScript String with Single Quote and Backslash Escaped | https://medium.com/@marduk.i.am/reflected-xss-into-a-javascript-string-with-single-quote-and-backslash-escaped-ba435167b43f?source=rss------bug_bounty-5 | Marduk I Am | reflected-xss, cross-site-scripting, portswigger-lab, bug-bounty, cybersecurity | 30-Jan-2024 |
My SSRF Tricks — Bug Bounty Tuesday | https://medium.com/@kerstan/my-ssrf-tricks-bug-bounty-tuesday-f0d7e53c8d88?source=rss------bug_bounty-5 | kerstan | bug-bounty, security, hacking, cybersecurity, technology | 30-Jan-2024 |
Rekomendasi Platform Bug Bounty Nasional Maupun Internasional | https://medium.com/@artiacode/rekomendasi-platform-bug-bounty-nasional-maupun-internasional-7406d388de08?source=rss------bug_bounty-5 | ArtiaCode | cybersecurity, cyber-security-awareness, bug-bounty, bug-bounty-hunter, bug-bounty-program | 30-Jan-2024 |
Navigating the World of Bug Bounties in 2024: Opportunities and Platforms for Ethical Hackers | https://hacksheets.medium.com/navigating-the-world-of-bug-bounties-in-2024-opportunities-and-platforms-for-ethical-hackers-99ff20231e3e?source=rss------bug_bounty-5 | Hacksheets | Learn Cybersecurity | bug-bounty, artificial-intelligence, chatgpt, cybersecurity, penetration-testing | 30-Jan-2024 |
Pov — HackTheBox Seasonal Machine Simple Writeup by Karthikeyan Nagaraj | 2024 | https://infosecwriteups.com/pov-hackthebox-seasonal-machine-simple-writeup-by-karthikeyan-nagaraj-2024-7516c938c688?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hackthebox, hackthebox-writeup, careers, cybersecurity | 30-Jan-2024 |
Attacking Session Management | Part 06 | What To Do After Choosing a Target | https://medium.com/@omarora1603/attacking-session-management-part-06-what-to-do-after-choosing-a-target-b551ab0455c5?source=rss------bug_bounty-5 | Om Arora | infosec, information-security, hacking, bug-bounty, cybersecurity | 30-Jan-2024 |
Best Approach to RCE | https://medium.com/@anekantsinghai/best-approach-to-rce-630187d4ad03?source=rss------bug_bounty-5 | Anekant Singhai Jain | red-team, ethical-hacking, rce, penetration-testing, bug-bounty | 30-Jan-2024 |
An introductory guide to HTTP request smuggling | https://medium.com/@mayank_prajapati/an-introductory-guide-to-http-request-smuggling-0defb95e87ce?source=rss------bug_bounty-5 | Mayank Kumar Prajapati | website, web, bug-bounty, hacking, vulnerability | 30-Jan-2024 |
How to replicate Jenkins CVE-2024–23897: Arbitrary File Read Vulnerability | https://medium.com/@red_darkin/how-to-replicate-jenkins-cve-2024-23897-arbitrary-file-read-vulnerability-260c8174dd94?source=rss------bug_bounty-5 | Red Darkin | bug-bounty, cybersecurity, cve-2024-23897, jenkins, offsec | 30-Jan-2024 |
Behind the Scenes of DLLs : How Attackers Exploit Legitimate Programs for Mischief! | https://osintteam.blog/behind-the-scenes-of-dlls-how-attackers-exploit-legitimate-programs-for-mischief-395a7540af1f?source=rss------bug_bounty-5 | Paritosh | dll-hijacking, information-security, cybersecurity, hacking, bug-bounty | 29-Jan-2024 |
Fundamentals of .NET Decompilation With dnSpy | https://infosecwriteups.com/fundamentals-of-net-decompilation-with-dnspy-e7456707b1d2?source=rss------bug_bounty-5 | Joward | pentesting, hacking, bug-bounty, dotnet | 29-Jan-2024 |
How to Earn Bug Bounty as a Professional Bug hunter | https://rajput623929.medium.com/how-to-earn-bug-bounty-as-a-professional-bug-hunter-ef7de858f94b?source=rss------bug_bounty-5 | Mr.Horbio | bug-bounty, bugs, earn-money-online, ethical-hacking, cybersecurity | 29-Jan-2024 |
Port Scanning: Pengertian, Teknik, Dan Pencegahannya | https://medium.com/@talaskosec/port-scanning-pengertian-teknik-dan-pencegahannya-38dece0adf2e?source=rss------bug_bounty-5 | TalaskoSec | bug-bounty-indonesia, coding, cyber-security-indonesia, cybersecurity, bug-bounty | 29-Jan-2024 |
XML External Entity injection with error-based data exfiltration | https://infosecwriteups.com/xml-external-entity-injection-with-error-based-data-exfiltration-985b063ec820?source=rss------bug_bounty-5 | Serj Novoselov | penetration-testing, hacking, bug-bounty, xml, writeup | 29-Jan-2024 |
OWASP Top 10 API Security Risks — 2023 | https://medium.com/@aayushdhakal005/owasp-top-10-api-security-risks-2023-0e1cd92214cf?source=rss------bug_bounty-5 | Creepydoomer | bug-bounty, cybersecurity, owasp, api | 29-Jan-2024 |
Kenalan Sama Bug Bounty | https://medium.com/@artiacode/kenalan-sama-bug-bounty-a9d72927a349?source=rss------bug_bounty-5 | ArtiaCode | bug-bounty, cybersecurity, bug-bounty-tips, cyber-security-awareness, ethical-hacking | 29-Jan-2024 |
CheckList for Bug Bounty Hunting | https://medium.com/@kalidaskamaraj/checklist-for-bug-bounty-hunting-ffcaf4841242?source=rss------bug_bounty-5 | Kalidaskamaraj | bug-bounty, cybersecurity, ethical-hacking, penetration-testing, web-application-testing | 29-Jan-2024 |
Meteor Subdomain Takeover | https://medium.com/@youngvanda/meteor-subdomain-takeover-b33034a44aa7?source=rss------bug_bounty-5 | YoungVanda | cybersecurity, technology, bug-bounty, javascript, programming | 29-Jan-2024 |
CVE-2024–0519: Chrome’s Gateway to Memory Access | https://medium.com/@elniak/cve-2024-0519-chromes-gateway-to-memory-access-8cfd6cbbd168?source=rss------bug_bounty-5 | ElNiak | google, cybersecurity, penetration-testing, bug-bounty, threat-intelligence | 29-Jan-2024 |
OWASP Top 10 API Security Risks — 2023 | https://medium.com/@aayushdhakal005/owasp-top-10-api-security-risks-2023-0e1cd92214cf?source=rss------bug_bounty-5 | Creepyshit | bug-bounty, cybersecurity, owasp, api | 29-Jan-2024 |
Discord’s preview bot redirection vulnerability | https://medium.com/@lenoctambule/discords-preview-bot-redirection-vulnerability-c8b08fe3721b?source=rss------bug_bounty-5 | Le Noctambule | bug-bounty, bugs, software-development, cybersecurity | 29-Jan-2024 |
Simple Tips for Bug Bounty Beginners: Finding OTP Bypass Bug | https://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-otp-bypass-bug-22323a8ff49b?source=rss------bug_bounty-5 | Anish Narayan | bug-bounty, cybersecurity, bug-bounty-tips, technology, programming | 29-Jan-2024 |
Huge Bug Bounty Resource | https://medium.com/@joshdesharnais1/huge-bug-bounty-resource-d25ee48d81cc?source=rss------bug_bounty-5 | Joshua Desharnais | hacking, bug-bounty, bugs, bug-bounty-tips | 29-Jan-2024 |
Techniques in Exploiting Business Logic Vulnerabilities for Bug Bounty | 2024 | https://cyberw1ng.medium.com/techniques-in-exploiting-business-logic-vulnerabilities-for-bug-bounty-2024-93293353e99f?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, careers, cybersecurity, security | 29-Jan-2024 |
Automation Hacks: Unearthing a Critical RCE the Easy Way | https://asbawy.medium.com/automation-hacks-unearthing-a-critical-rce-the-easy-way-ad64f01a06a3?source=rss------bug_bounty-5 | Asbawy | bug-bounty-tips, hacking, bug-bounty, cybersecurity, automation-testing | 29-Jan-2024 |
Reflected XSS in canonical link tag | https://medium.com/@marduk.i.am/reflected-xss-in-canonical-link-tag-64c9719fc6ad?source=rss------bug_bounty-5 | Marduk I Am | reflected-xss, cybersecurity, portswigger-lab, bug-bounty, cross-site-scripting | 29-Jan-2024 |
Bug Zero at a Glance [01–15 January] | https://blog.bugzero.io/bug-zero-at-a-glance-01-15-january-70f2e0b58c59?source=rss------bug_bounty-5 | Januka Dharmapriya | sri-lanka, newsletter, bug-zero, bug-bounty, cybersecurity | 28-Jan-2024 |
How I Learned To Exploit Buffer Overflows: An Introduction to Stack-Based Buffer Overflows | https://medium.com/@shcyber/how-i-learned-to-exploit-buffer-overflows-an-introduction-to-stack-based-buffer-overflows-5b27e339a1a6?source=rss------bug_bounty-5 | SHCyber | cybersecurity, buffer-overflow-attack, bug-bounty, binary-exploitation, buffer-overflow | 28-Jan-2024 |
Explorasi Platform Bug Bounty untuk Cyber Security Enthusiasts | https://medium.com/@faisalhanafi112/explorasi-platform-bug-bounty-untuk-cyber-security-enthusiasts-5d3bde391f69?source=rss------bug_bounty-5 | Faisal Hanafi | red-team, linuxhacking, pentesting, bug-bounty, cybersecurity | 28-Jan-2024 |
Useful HTTP method every bug hunter must know | https://medium.com/@aayushdhakal005/useful-http-method-every-bug-hunter-must-know-02f57f59812a?source=rss------bug_bounty-5 | Creepydoomer | cybersecurity, web, https, bug-bounty | 28-Jan-2024 |
Thorough Review Bug Bounty Hunter Certification [CBBH] | https://medium.com/@ozomarzu/thorough-review-bug-bounty-hunter-certification-cbbh-f39765da27bc?source=rss------bug_bounty-5 | CyberOz | pentesting, hackthebox, bug-bounty-hunter, bug-bounty, web-vulnerabilities | 28-Jan-2024 |
I will be giving away my book for free! | https://medium.com/@deadoverflow/i-will-be-giving-away-my-book-for-free-924191fdea84?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty-tips, hacking, cybersecurity, bug-hunting, bug-bounty | 28-Jan-2024 |
Get IDOR In No Permission To Access Page — Bug Bounty Tuesday | https://medium.com/@kerstan/get-idor-in-no-permission-to-access-page-bug-bounty-tuesday-a04fbb7e7821?source=rss------bug_bounty-5 | kerstan | cybersecurity, technology, hacking, security, bug-bounty | 28-Jan-2024 |
Reflected XSS with some SVG markup allowed | https://medium.com/@marduk.i.am/reflected-xss-with-some-svg-markup-allowed-10d198692208?source=rss------bug_bounty-5 | Marduk I Am | reflected-xss, cross-site-scripting, portswigger-lab, cybersecurity, bug-bounty | 28-Jan-2024 |
Roadmap Belajar SOC Analyst Dan Toolsnya | https://medium.com/@yasminramadini/roadmap-belajar-soc-analyst-dan-toolsnya-5ce314f0b0ff?source=rss------bug_bounty-5 | Yeaszec | bug-bounty, ethical-hacking, programmer, blue-team, cybersecurity | 28-Jan-2024 |
CVE-2023–45866: 0-Click Bluetooth vulnerability | https://medium.com/@elniak/understanding-and-mitigating-cve-2023-45866-0-click-vulnerability-2576ec17c38f?source=rss------bug_bounty-5 | ElNiak | bluetooth, cybersecurity, bug-bounty, penetration-testing, threat-intelligence | 28-Jan-2024 |
MIME Sniffing Explained: How Browsers Can Misinterpret Content Types | https://medium.com/@ab3lsec/mime-sniffing-explained-how-browsers-can-misinterpret-content-types-68c22d300345?source=rss------bug_bounty-5 | Abel V | sniffing, web-browser, cybersecurity, web-application-security, bug-bounty | 28-Jan-2024 |
Hunting for Vulnerabilities that are ignored by most of the Bug Bounty Hunters — Part 1 | https://medium.com/@vflexo/hunting-for-vulnerabilities-that-are-ignored-by-most-of-the-bug-bounty-hunters-part-1-187b35508e56?source=rss------bug_bounty-5 | vFlexo | ethical-hacking, bug-bounty, penetration-testing, vapt, information-security | 28-Jan-2024 |
How do you actually find bugs? (Part 2) | https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-part-2-5d6930edeee7?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty-tips, bug-hunting, bug-bounty, hacking, cybersecurity | 28-Jan-2024 |
Clicker — HackTheBox Machine Simple Writeup by Karthikeyan Nagaraj | 2024 | https://infosecwriteups.com/clicker-hackthebox-machine-simple-writeup-by-karthikeyan-nagaraj-2024-313b383236bd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, bug-bounty, hackthebox-writeup, hackthebox | 28-Jan-2024 |
How do you actually find bugs? (My 2 years experience) | Part 2 | https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-part-2-5d6930edeee7?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty-tips, bug-hunting, bug-bounty, hacking, cybersecurity | 28-Jan-2024 |
This is the easiest bug you can find. | https://medium.com/@deadoverflow/this-is-the-easiest-bug-you-can-find-90573d0053e1?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty-tips, cybersecurity, programming, bug-bounty, hacking | 28-Jan-2024 |
How to Get CVEs Online (Fast) | https://fh4ntke.medium.com/how-to-get-cves-online-fast-c0d6d897c04d?source=rss------bug_bounty-5 | FHantke | bug-bounty, information-technology, web-development, cybersecurity, hacking | 28-Jan-2024 |
XSS is hard to find… or is it? (How to you find bugs) | https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-part-2-5d6930edeee7?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty-tips, bug-hunting, bug-bounty, hacking, cybersecurity | 28-Jan-2024 |
ARPA Monthly Report | December Progress Review | https://arpa.medium.com/arpa-monthly-report-december-progress-review-d49a5a44b79c?source=rss------bug_bounty-5 | ARPA Official | staking, cryptography, arpa, bug-bounty, rng | 27-Jan-2024 |
5.8 Lab: Insufficient workflow validation | 2024 | https://cyberw1ng.medium.com/5-8-lab-insufficient-workflow-validation-2024-ce57b036d908?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, cybersecurity, bug-bounty, hacking, careers | 27-Jan-2024 |
Essential Encoding Schemes for Bug Bounty Hunters | https://medium.com/@aayushdhakal005/essential-encoding-schemes-for-bug-bounty-hunters-2cccd3dcb124?source=rss------bug_bounty-5 | Creepydoomer | bug-bounty, cybersecurity, ethical-hacking, security, encoding | 27-Jan-2024 |
Your Life in the Crosshairs of Cybersecurity Threats! | https://medium.com/@paritoshblogs/your-life-in-the-crosshairs-of-cybersecurity-threats-526f4a122e14?source=rss------bug_bounty-5 | Paritosh | security, cybersecurity, programming, bug-bounty, information-security | 27-Jan-2024 |
500$: MFA bypass By Race Condition | https://medium.com/@a13h1/500-mfa-bypass-by-race-condition-176421462902?source=rss------bug_bounty-5 | Abhi Sharma | race-condition, bug-bounty, programming, 2fa, cybersecurity | 27-Jan-2024 |
Як працює програма винагороди за виправлення помилок від Aleo? | https://medium.com/@prekrasnazasmin/%D1%8F%D0%BA-%D0%BF%D1%80%D0%B0%D1%86%D1%8E%D1%94-%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%B0-%D0%B2%D0%B8%D0%BD%D0%B0%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B8-%D0%B7%D0%B0-%D0%B2%D0%B8%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%BD%D1%8F-%D0%BF%D0%BE%D0%BC%D0%B8%D0%BB%D0%BE%D0%BA-%D0%B2%D1%96%D0%B4-aleo-edafe6e7dce0?source=rss------bug_bounty-5 | Marlin_2_2_0 | aleo, bug-bounty | 27-Jan-2024 |
Schneier’s Law In Bug Bounty | https://wallotry.medium.com/schneiers-law-in-bug-bounty-df04bebfdf2f?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunting, bug-bounty-tips, bug-bounty | 27-Jan-2024 |
SIEM Home Lab: Detecting Web Attack | https://medium.com/@yasminramadini/siem-home-lab-detecting-web-attack-b08c0d575498?source=rss------bug_bounty-5 | Yeaszec | soc-analyst, pentester, cybersecurity, bug-bounty, ethical-hacking | 26-Jan-2024 |
Detecting Server-Side Technologies for Bug Hunting: | https://medium.com/@aayushdhakal005/detecting-server-side-technologies-for-bug-hunting-9f894bd87da2?source=rss------bug_bounty-5 | Creepydoomer | php, python, servers, bug-bounty, microsoft | 26-Jan-2024 |
Evolution of Critical Log Sources in SIEM: A 5-Year Retrospective | https://infosecwriteups.com/evolution-of-critical-log-sources-in-siem-a-5-year-retrospective-841bae2b6a6c?source=rss------bug_bounty-5 | Paritosh | security, cybersecurity, siem, hacking, bug-bounty | 26-Jan-2024 |
Zero Click Account Takeover | https://medium.com/@bhavin87859/zero-click-account-takeover-404bb73121c9?source=rss------bug_bounty-5 | Sunny Sharma | bug-bounty-writeup, bug-bounty | 26-Jan-2024 |
Bug Bounty For Beginners 2024 Part (3). | https://medium.com/@lukwagoasuman236/bug-bounty-for-beginners-2024-part-3-3f8a70f8652e?source=rss------bug_bounty-5 | Asuman Lukwago | bug-bounty-tips, vulnerability-assessment, bug-bounty, cybersecurity, beginners-guide | 26-Jan-2024 |
Unveiling the Odyssey: A Riveting Tale of PII Disclosure Vulnerability Discovery | https://medium.com/@mrraghavop12/unveiling-the-odyssey-a-riveting-tale-of-pii-disclosure-vulnerability-discovery-615f04432654?source=rss------bug_bounty-5 | Ethical Raghav | blockchain, data-science, cybersecurity, technology, bug-bounty | 26-Jan-2024 |
Reflected XSS into HTML context with all tags blocked except custom ones | https://medium.com/@marduk.i.am/reflected-xss-into-html-context-with-all-tags-blocked-except-custom-ones-7eec0b6b146f?source=rss------bug_bounty-5 | Marduk I Am | bug-bounty, cross-site-scripting, cybersecurity, portswigger-lab, dom-xss | 26-Jan-2024 |
Strategies for Success in Audit Contests and Bug Bounty Hunting | https://medium.com/@JohnnyTime/strategies-for-success-in-audit-contests-and-bug-bounty-hunting-082cef9b4021?source=rss------bug_bounty-5 | Johnny Time | smart-contract-auditing, audit-contest, bug-bounty, code4rena, bug-bounty-tips | 26-Jan-2024 |
Ensuro Partners with Immunefi to Launch Bug Bounty Program | https://medium.com/@zorely/ensuro-partners-with-immunefi-to-launch-bug-bounty-program-e63368cdc0b0?source=rss------bug_bounty-5 | Ensuro ZE | bug-bounty | 26-Jan-2024 |
How I Discovered a Sneaky Account Takeover Vulnerability | https://sumedhgharpande.medium.com/how-i-discovered-a-sneaky-account-takeover-vulnerability-530c3a080a20?source=rss------bug_bounty-5 | Sumedh Gharpande | bug-bounty, ethical-hacking, cyber-security-awareness, hacking, broken-access-control | 26-Jan-2024 |
General Questions Asked in Telephonic Interview (Q&A)for Cybersecurity Role-My Personal Experience… | https://medium.com/@Ajakcybersecurity/general-questions-asked-in-telephonic-interview-q-a-for-cybersecurity-role-my-personal-experience-ae6298e5b8f0?source=rss------bug_bounty-5 | AjakCybersecurity | bug-bounty, ethical-hacking, interview, cybersecurity, jobs | 26-Jan-2024 |
5.7 Lab: Weak isolation on dual-use endpoint | 2024 | https://cyberw1ng.medium.com/5-7-lab-weak-isolation-on-dual-use-endpoint-2024-cd80519184b4?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, security, bug-bounty, careers | 26-Jan-2024 |
Bug Bounty 101: Unveiling the Crucial Role in Cybersecurity for Beginners | https://systemweakness.com/bug-bounty-101-unveiling-the-crucial-role-in-cybersecurity-for-beginners-0d8611e6f315?source=rss------bug_bounty-5 | Fahri Yeşil | cyber-threat-intelligence, bug-bounty, ethical-hacking, cybersecurity, vulnerability-research | 26-Jan-2024 |
Web Cache Poisoning: WWWWWH? | https://medium.com/@rcxsecurity/web-cache-poisoning-wwwwwh-ee2b47d6bacc?source=rss------bug_bounty-5 | RCXSecurity | cybersecurity, pentesting, bug-bounty-tips, penetration-testing, bug-bounty | 26-Jan-2024 |
How to get your email from different bug bounty platform to start hacking : | https://medium.com/@aayushdhakal005/how-to-get-your-email-from-different-bug-bounty-platform-to-start-hacking-ce01dd45f7ca?source=rss------bug_bounty-5 | Creepydoomer | cybersecurity, bug-bounty, ethical-hacking, hackerone, hacker | 25-Jan-2024 |
Tool: SCRIPTKIDDI3: A Comprehensive Guide to Efficient Bug Bounty Reconnaissance | https://nixiebytes.medium.com/tool-scriptkiddi3-a-comprehensive-guide-to-efficient-bug-bounty-reconnaissance-dc91c3517a5e?source=rss------bug_bounty-5 | Nixie_Bytes Security Team | bug-bounty, hacking-tools, tools, cybersecurity, hacking | 25-Jan-2024 |
A Comprehensive Guide to Bug Bounty Hunting Mastery | https://medium.com/@mrraghavop12/a-comprehensive-guide-to-bug-bounty-hunting-mastery-706934490626?source=rss------bug_bounty-5 | Ethical Raghav | bug-bounty, cybersecurity, artificial-intelligence, blockchain, data-science | 25-Jan-2024 |
eJPT all you need to know | https://medium.com/@boogsta/ejpt-all-you-need-to-know-7c62fef04cf3?source=rss------bug_bounty-5 | Boogsta | cyber, bug-bounty, bug-bounty-tips, hacking, cybersecurity | 25-Jan-2024 |
5.6 Lab: Inconsistent handling of exceptional input | 2024 | https://cyberw1ng.medium.com/5-6-lab-inconsistent-handling-of-exceptional-input-2024-d02e2bb522f4?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, security, bug-bounty, cybersecurity | 25-Jan-2024 |
OWASP TOP 10 2021: | https://medium.com/@aayushdhakal005/owasp-top-10-2021-cfb610db7dd4?source=rss------bug_bounty-5 | Creepydoomer | cybersecurity, ethical-hacking, bug-bounty, sql-injection, owasp | 24-Jan-2024 |
Git Directory Exposed Leads to Credentials Disclosure | https://medium.com/@blackarazi/git-directory-exposed-leads-to-credentials-disclosure-1d1737638279?source=rss------bug_bounty-5 | Azhari Harahap | bug-bounty-writeup, supply-chain-security, bug-bounty, application-security, git-exposed | 24-Jan-2024 |
Avedia Player r9300 Vulnerabilities | https://medium.com/@x41x41x41/avedia-player-r9300-vulnerabilities-1c71b4d8efa0?source=rss------bug_bounty-5 | John M | web-development, cve, bug-bounty, hacking, exploit | 24-Jan-2024 |
5.5 Low-level logic flaw in Business logic vulnerabilities | 2024 | https://cyberw1ng.medium.com/5-5-low-level-logic-flaw-in-business-logic-vulnerabilities-2024-cf9a90e2e762?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, careers, hacking, security | 24-Jan-2024 |
The Immunefi bug bounty campaign is live | https://dexenetwork.medium.com/the-immunefi-bug-bounty-campaign-is-live-5782b93f823e?source=rss------bug_bounty-5 | DeXe Protocol | dao, dexe, defi, bug-bounty | 24-Jan-2024 |
The art of learning bug bounty. | https://medium.com/@siratsami71/the-art-of-learning-bug-bounty-9c2a48aee53b?source=rss------bug_bounty-5 | Sirat Sami (analyz3r) | bugbounty-writeup, bug-bounty | 24-Jan-2024 |
IDOR Allowing to Place Other Students in Exam Sessions | https://medium.com/@mr_payload_injector/idor-allowing-to-place-other-students-in-exam-sessions-1bbefd14ac8d?source=rss------bug_bounty-5 | Mr_Payload_Injector | bug-bounty, cybersecurity, idor, bug-bounty-writeup, ethical-hacking | 24-Jan-2024 |
Response Manipulation Lead To Premium Feature By Normal User Reward of $500 | https://medium.com/@zikola1/response-manipulation-lead-to-premium-feature-by-normal-user-reward-of-500-43381f769ab1?source=rss------bug_bounty-5 | Abdulrahman badawi | web-application-security, bug-bounty-tips, penetration-testing, bug-bounty, bug-bounty-writeup | 24-Jan-2024 |
OWASP TOP 10 2017: | https://medium.com/@aayushdhakal005/owasp-top-10-2017-9daabe8c44bf?source=rss------bug_bounty-5 | Aayushdhakal | bug-bounty, ethical-hacking, sql, owasp, cybersecurity | 23-Jan-2024 |
Get IDOR In No Permission To Access Page— Bug Bounty Tuesday | https://medium.com/@kerstan/get-idor-in-no-permission-to-access-page-bug-bounty-tuesday-68aa82402171?source=rss------bug_bounty-5 | kerstan | hacking, cybersecurity, technology, bug-bounty, security | 23-Jan-2024 |
Dosya yükleme ile XSS | https://enesozlekk.medium.com/dosya-y%C3%BCkleme-ile-xss-8f2dd8d093c4?source=rss------bug_bounty-5 | Enes Özlek | bug-bounty | 23-Jan-2024 |
How to Exploit Business Logic Vulnerabilities for Bug Bounty | 2024 | https://cyberw1ng.medium.com/how-to-exploit-business-logic-vulnerabilities-for-bug-bounty-2024-5c9f14420d50?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, security, cybersecurity, bug-bounty | 23-Jan-2024 |
SQL Injection on PostgreSQL | https://medium.com/@yagizkocer/sql-injection-on-postgresql-8c8f823e44aa?source=rss------bug_bounty-5 | Yağız Koçer | sql-injection, penetration-testing, bug-bounty, hacking, cybersecurity | 23-Jan-2024 |
Leaked SQL error leading to XSS, and another BSQLi... | https://medium.com/@zatikyan.sevada/leaked-sql-error-leading-to-xss-and-another-bsqli-cdadde032687?source=rss------bug_bounty-5 | Zatikyan Sevada | bug-bounty, sql-injection, sql, xss-attack, cybersecurity | 22-Jan-2024 |
Hacking behind the WAF | https://noorhomaid.medium.com/hacking-behind-the-waf-60c6c1a48411?source=rss------bug_bounty-5 | NoorHomaid | infosec, bug-bounty-tips, penetration-testing, bug-bounty, cybersecurity | 22-Jan-2024 |
Better understanding of User-Directed Spidering vs Automated Spidering | https://medium.com/@aayushdhakal005/better-understanding-of-user-directed-spidering-vs-automated-spidering-a18342c42a25?source=rss------bug_bounty-5 | Aayushdhakal | hacking, penetration-testing, spidering, web, bug-bounty | 22-Jan-2024 |
How to find unprotected databases with Netlas.io: Chapter 2 | https://netlas.medium.com/how-to-find-unprotected-databases-with-netlas-io-chapter-2-ba71b07c9630?source=rss------bug_bounty-5 | Netlas.io | cybersecurity, information-security, bug-bounty, penetration-testing, osint | 22-Jan-2024 |
This Tool Helps Me To Find The Origin IP Address | https://medium.com/@Ajakcybersecurity/this-tool-helps-me-to-find-the-origin-ip-address-75b1444da57e?source=rss------bug_bounty-5 | AjakCybersecurity | penetration-testing, bug-bounty, hacking, cybersecurity, ethical-hacking | 22-Jan-2024 |
Is It Worth Quitting 9–5 Job For a Full-Time Bug Bounty In 2024? | https://medium.com/@Ajakcybersecurity/is-it-worth-quitting-9-5-job-for-a-full-time-bug-bounty-in-2024-a408389d914e?source=rss------bug_bounty-5 | AjakCybersecurity | cybersecurity, medium, bug-bounty, jobs, penetration-testing | 22-Jan-2024 |
4.5 Lab: Blind OS command injection with out-of-band data exfiltration | 2024 | https://cyberw1ng.medium.com/4-5-lab-blind-os-command-injection-with-out-of-band-data-exfiltration-2024-7bb26c2473e7?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, security, hacking, cybersecurity | 22-Jan-2024 |
Bug Bounty For Beginners 2024. | https://medium.com/@lukwagoasuman236/bug-bounty-for-beginners-2024-df4a38ed3ad2?source=rss------bug_bounty-5 | Asuman Lukwago | planning, finance, cybersecurity, bug-bounty, info | 22-Jan-2024 |
Reflected XSS into HTML context with most tags and attributes blocked | https://medium.com/@marduk.i.am/reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-4266c6c473ad?source=rss------bug_bounty-5 | Marduk I Am | bug-bounty, portswigger-lab, cybersecurity, cross-site-scripting, dom-xss | 22-Jan-2024 |
How do you actually find bugs? (My 2 year experience) | https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-my-2-year-experience-2d77d78994a0?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty, hacking, programming, cybersecurity, bug-bounty-tips | 22-Jan-2024 |
HackTheBox Saturn: Explaining SSRF | https://medium.com/@leomsec/hackthebox-saturn-explaining-ssrf-072234ab5ce3?source=rss------bug_bounty-5 | Leonardo | bug-bounty, hacker, pentesting, ctf, hackthebox | 22-Jan-2024 |
How I Discovered a Critical Vulnerability in a Leading UK Retail Giant’s System | https://medium.com/@cathreat/how-i-discovered-a-critical-vulnerability-in-a-leading-uk-retail-giants-system-bc4211c159a7?source=rss------bug_bounty-5 | cathreat | united-kingdom, pentesting, bug-bounty, hacking, ssrf | 22-Jan-2024 |
Unveiling the Digital Tapestry: A Penetration Tester's Odyssey into the Heart of Cyber… | https://medium.com/@mrraghavop12/title-unveiling-the-digital-tapestry-a-penetration-testers-odyssey-into-the-heart-of-cyber-2ac009e54e2f?source=rss------bug_bounty-5 | Ethical Raghav | bug-bounty, cybersecurity, web-development, technology, artificial-intelligence | 21-Jan-2024 |
Gelios Testnet Bug Bounty Program: Earn Up to $5,000 | https://geliosofficial.medium.com/gelios-testnet-bug-bounty-program-earn-up-to-5-000-10e2d78124f8?source=rss------bug_bounty-5 | Gelios | bitcoin-l2, gelios, blockchain, crypto, bug-bounty | 21-Jan-2024 |
Bug bounty platforms for 2024 | https://medium.com/@notahades/bug-bounty-platforms-for-2024-ab289e5c74a9?source=rss------bug_bounty-5 | Not_A_Hades | bug-bounty, cybersecurity, hacking, security | 21-Jan-2024 |
4.4 Lab: Blind OS command injection with out-of-band interaction | 2024 | https://cyberw1ng.medium.com/4-4-lab-blind-os-command-injection-with-out-of-band-interaction-2024-f9d0e7a1c7ac?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, hacking, cybersecurity, careers, bug-bounty | 21-Jan-2024 |
Making My First 10K by Hacking Open Source Targets | https://infosecwriteups.com/making-my-first-10k-by-hacking-open-source-targets-14ee1e9eeb70?source=rss------bug_bounty-5 | SynapticSpace | bug-bounty, foss, cybersecurity, hacking | 21-Jan-2024 |
Path traversal | https://medium.com/@codersqs/path-traversal-78cce0994e2d?source=rss------bug_bounty-5 | Codersqs | ethical-hacking, server-side-rendering, bug-bounty, ssrf-bug, directory-traversal | 21-Jan-2024 |
Exploiting SSRF in PDF HTML Injection: Basic and Blind | https://medium.com/@jbince/exploiting-ssrf-in-pdf-html-injection-basic-and-blind-047fec5317ae?source=rss------bug_bounty-5 | Joward | bug-bounty, ssrf, hacking, web-app-security, pentesting | 21-Jan-2024 |
Exploiting SSRF in PDF HTML Injection: Basic and Blind | https://infosecwriteups.com/exploiting-ssrf-in-pdf-html-injection-basic-and-blind-047fec5317ae?source=rss------bug_bounty-5 | Joward | bug-bounty, ssrf, hacking, web-app-security, pentesting | 21-Jan-2024 |
China Implements Stringent Cybersecurity Regulations: Makers Urged to Swiftly Report… | https://jareddouville.medium.com/china-implements-stringent-cybersecurity-regulations-makers-urged-to-swiftly-report-673f99696750?source=rss------bug_bounty-5 | Jared Douville | china-hackers, cyber-security-awareness, bug-bounty, zero-day, china | 20-Jan-2024 |
How I Bypassed CSRF Token — 2 Ways | https://medium.com/mii-cybersec/how-i-bypassed-csrf-token-2-ways-b87ac04969a8?source=rss------bug_bounty-5 | Bryan Matthew | csrf-bypass, red-team, bug-bounty, penetration-testing, csrf | 20-Jan-2024 |
Stored DOM XSS | https://medium.com/@marduk.i.am/stored-dom-xss-c7c9c972d086?source=rss------bug_bounty-5 | Marduk I Am | portswigger-lab, dom-xss, bug-bounty, cybersecurity, cross-site-scripting | 20-Jan-2024 |
The art of account takeover | https://medium.com/@iknowhatodo/the-art-of-account-takeover-ec5f9a29c436?source=rss------bug_bounty-5 | Hossam Ahmed | account-takeover, information-security, bug-bounty | 20-Jan-2024 |
Securing AWS: Understanding EC2 IMDS Vulnerabilities and Learning from the Capital One Breach | https://kishoreramk.medium.com/securing-aws-understanding-ec2-imds-vulnerabilities-and-learning-from-the-capital-one-breach-6f753e06cd66?source=rss------bug_bounty-5 | KISHORERAM | aws-ec2, aws-s3, cybersecurity, aws, bug-bounty | 20-Jan-2024 |
Login DoS — That requires simply sending a lot of specially crafted requests | https://infosecwriteups.com/login-dos-that-requires-simply-sending-a-lot-of-specially-crafted-requests-2ca927c628dd?source=rss------bug_bounty-5 | Shriyans Sudhi | bug-bounty, hackerone, penetration-testing, cybersecurity, web-hacking | 20-Jan-2024 |
921$ Privilege Escalation: Unauthorized User Addition to Shared APP Connections | https://infosecwriteups.com/921-privilege-escalation-unauthorized-user-addition-to-shared-app-connections-0780134d6cf1?source=rss------bug_bounty-5 | Abhi Sharma | privilege-escalation, hacking, cybersecurity, programming, bug-bounty | 20-Jan-2024 |
4.3 Lab: Blind OS command injection with output redirection | 2024 | https://cyberw1ng.medium.com/4-3-lab-blind-os-command-injection-with-output-redirection-2024-d92f52f139b4?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, bug-bounty, cybersecurity, security | 20-Jan-2024 |
Boosting Your Income: My Journey with Side Hustles in Cybersecurity | https://medium.com/@himanshu_mahajan/boosting-your-income-my-journey-with-side-hustles-in-cybersecurity-8cc088c92469?source=rss------bug_bounty-5 | Himanshu Mahajan | side-hustle, security, technology, bug-bounty, cybersecurity | 20-Jan-2024 |
How To Hide Any Payload: Day 3/100 Of Gaining Hacking Knowledge | https://medium.com/@ssg30devil/how-to-hide-any-payload-day-3-100-of-gaining-hacking-knowledge-002c4adb328b?source=rss------bug_bounty-5 | rootzs | bug-bounty-tool, bug-bounty, bug-bounty-tips, hacking | 19-Jan-2024 |
Dangling CNAME/Orphaned CNAME leads P2 on Google VRP | https://medium.com/@jerryhackgather/dangling-cname-orphaned-cname-leads-p2-on-google-vrp-fca8964d983c?source=rss------bug_bounty-5 | Jerry1319 | bug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity | 19-Jan-2024 |
Penetration Testing Techniques | https://anticitizenone.medium.com/penetration-testing-techniques-5eaf254fc5e6?source=rss------bug_bounty-5 | Rodolfo Santos Flaborea | blue-team, purple-team, red-team, pentesting, bug-bounty | 19-Jan-2024 |
Best Recon Website For BugBounty in 2024, I came across! Completely Free 🙂 | https://medium.com/@Ajakcybersecurity/best-recon-website-for-bugbounty-in-2024-i-came-across-completely-free-303d67187400?source=rss------bug_bounty-5 | AjakCybersecurity | blogging, cybersecurity, penetration-testing, ethical-hacking, bug-bounty | 19-Jan-2024 |
Authentication Bypass | Part 05 | What To Do After Choosing a Target | https://medium.com/@omarora1603/authentication-bypass-part-05-what-to-do-after-choosing-a-target-31eddc38029c?source=rss------bug_bounty-5 | Om Arora | hacking, cybersecurity, bug-bounty, technology, infosec | 19-Jan-2024 |
4.2 Lab: Lab: Blind OS command injection with time delays | 2024 | https://cyberw1ng.medium.com/4-2-lab-lab-blind-os-command-injection-with-time-delays-2024-042ad98c27e6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, careers, bug-bounty, security | 19-Jan-2024 |
IDOR To Massive Government Data Leak | https://bishal0x01.medium.com/idor-to-massive-government-data-leak-e8ad510d7e5?source=rss------bug_bounty-5 | Bishal Shrestha | bug-bounty, information-security, writeup, data-leak | 19-Jan-2024 |
Authentication Bypass | Part 05 | What To Do After Choosing a Target | https://infosecwriteups.com/authentication-bypass-part-05-what-to-do-after-choosing-a-target-31eddc38029c?source=rss------bug_bounty-5 | Om Arora | hacking, cybersecurity, bug-bounty, technology, infosec | 19-Jan-2024 |
IDOR Vulnerability Allowing Unauthorized Access to Colleagues’ Bachelor Theses | https://medium.com/@mr_payload_injector/idor-vulnerability-allowing-unauthorized-access-to-colleagues-bachelor-theses-8c76c4ec4480?source=rss------bug_bounty-5 | Mr_Payload_Injector | cybersecurity, ethical-hacking, bug-bounty-writeup, bug-bounty, bug-bounty-tips | 19-Jan-2024 |
#ERROR! | https://medium.com/@Xt3sY/500-internal-server-bypass-everything-will-be-200-okay-bcd149397736?source=rss------bug_bounty-5 | Pushkar Bhagat | hackerone, hacking, bugcrowd, exploitation, bug-bounty | 19-Jan-2024 |
How I Bypassed CSRF Token — 2Ways | https://medium.com/@bmatth21/how-i-bypassed-csrf-token-2ways-5662b4191188?source=rss------bug_bounty-5 | Bryan Matthew | penetration-testing, csrf-protection, csrf, bug-bounty, csrf-token | 19-Jan-2024 |
Roadmap to Cybersecurity Mastery: A Guide for Aspiring IT Professionals | https://ikhaleelkhan.medium.com/roadmap-to-cybersecurity-mastery-a-guide-for-aspiring-it-professionals-b2f2e6cc9641?source=rss------bug_bounty-5 | Khaleel Khan | hacking, infosec, cybersecurity, ethical-hacking, bug-bounty | 18-Jan-2024 |
AWS/S3 Subdomain Takeover | https://medium.com/@scottlindh/aws-s3-subdomain-takeover-79d705cc3553?source=rss------bug_bounty-5 | Scott Lindh | pentesting, hacking, hacking-tools, bug-bounty, bug-bounty-tips | 18-Jan-2024 |
Exploiting vulnerabilities in LLM APIs [OS injection] | https://medium.com/@s_novoselov/exploiting-vulnerabilities-in-llm-apis-os-injection-b7d31c803d1d?source=rss------bug_bounty-5 | Serj Novoselov | llm, penetration-testing, bug-bounty, ai, hacking | 18-Jan-2024 |
Brutal Bug Bounty methodology | https://medium.com/@pentajbr/brutal-bug-bounty-methodology-f872d0c1b8da?source=rss------bug_bounty-5 | Major Jbr | bug-bounty-tips, bug-bounty | 18-Jan-2024 |
Secret Input Header leads to Password Reset Poisoning | https://medium.com/@mares.viktor/secret-input-header-leads-to-password-reset-poisoning-ad3081fd8488?source=rss------bug_bounty-5 | Viktor Mares | bug-bounty, penetration-testing, hacking, web-development, cybersecurity | 18-Jan-2024 |
Business Logic: Bypass 2FA to ATO | https://giongfnef.medium.com/business-logic-bypass-2fa-to-ato-e0dc7131b10e?source=rss------bug_bounty-5 | Giongnef | security, bug-bounty, cybersecurity, information-security, pentesting | 18-Jan-2024 |
Finding Secret Key Inside React Native Apps | https://aminudin.medium.com/finding-secret-key-inside-react-native-apps-9eb6beac02f8?source=rss------bug_bounty-5 | Aminudin | bug-bounty, bugs, bug-bounty-tips | 18-Jan-2024 |
Blind OS command injection vulnerabilities in Portswigger | 2024 | https://cyberw1ng.medium.com/blind-os-command-injection-vulnerabilities-in-portswigger-2024-cdc10f62d0be?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, security, careers, hacking, bug-bounty | 18-Jan-2024 |
Master Bug Bounty Hunting Course | https://medium.com/@teamhydrashop/master-bug-bounty-hunting-course-ea3615f1160b?source=rss------bug_bounty-5 | Team Hydra Shop | tool-hack-xổ-số, bug-fixes, bug-bounty, penetration-testing, hacking-tools | 18-Jan-2024 |
What is Cyberkill Chain (My first Interview Question of my carrier) | https://akash-venky091.medium.com/what-is-cyberkill-chain-my-first-interview-question-of-my-carrier-e1cc6351a24b?source=rss------bug_bounty-5 | Akash Venky | security, bug-bounty, cybersecurity, information-technology, pentesting | 18-Jan-2024 |
How I Automatically Generate XSS Payload & Automate Reflected XSS | https://medium.com/@Ajakcybersecurity/how-i-automatically-generate-xss-payload-automate-reflected-xss-91f4a232cd78?source=rss------bug_bounty-5 | AjakCybersecurity | cybersecurity, ethical-hacking, xss-attack, bug-bounty, penetration-testing | 18-Jan-2024 |
Is PNPT Certification Worth It for a Cybersecurity Job? Exploring PNPT! | https://medium.com/@Ajakcybersecurity/is-pnpt-certification-worth-it-for-a-cybersecurity-job-exploring-pnpt-8fa13a194fe4?source=rss------bug_bounty-5 | AjakCybersecurity | bug-bounty, ethical-hacking, hacking, certification, cybersecurity | 18-Jan-2024 |
A Best $5 Spent in My Entire Cybersecurity Journey | https://medium.com/@Ajakcybersecurity/a-best-5-spent-in-my-entire-cybersecurity-journey-baf09ae710d0?source=rss------bug_bounty-5 | AjakCybersecurity | hacking, tryhackme, bug-bounty, cybersecurity, ethical-hacking | 18-Jan-2024 |
CSRF vulnerability | https://medium.com/@os1764934/csrf-vulnerability-ebfbbe6dd81c?source=rss------bug_bounty-5 | Omar Samy | bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips | 18-Jan-2024 |
Hydra Tryhackme: Walkthrough/Writeup | https://proviesec.medium.com/hydra-tryhackme-walkthrough-writeup-784db55ab9a9?source=rss------bug_bounty-5 | Proviesec | hydra, tryhackme-walkthrough, cybersecurity, bug-bounty, tryhackme | 18-Jan-2024 |
Things should do after sublister(sublist3r) | https://medium.com/@canonminibeast/things-should-do-after-sublister-sublist3r-90176a020409?source=rss------bug_bounty-5 | Canonminibeast | bug-bounty, cybersecurity, sublist3r, web-development, web-pen-testing | 18-Jan-2024 |
Exploiting LLM APIs with excessive agency | https://jareddouville.medium.com/exploiting-llm-apis-with-excessive-agency-979d87a9937e?source=rss------bug_bounty-5 | Jared Douville | portswigger-lab, bug-bounty, cyber-security-awareness, hackerone, llm | 18-Jan-2024 |
easy bug = big bounty | easy and small bug can give you a big bounty and Reputation | https://medium.com/@no_oneee/easy-bug-big-bounty-easy-and-small-bug-can-give-you-a-big-bounty-and-reputation-08534a90d2e6?source=rss------bug_bounty-5 | no|one | bug-bounty, hacking, bug-bounty-tips, information-security, bugs | 18-Jan-2024 |
Accessing deleted comment for $$: A Bug Bounty Writeup | https://vijetareigns.medium.com/accessing-deleted-comment-for-a-bug-bounty-writeup-95d56662d209?source=rss------bug_bounty-5 | the_unlucky_guy | bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips, writeup | 17-Jan-2024 |
Understanding and Mitigating Authentication Bypass Techniques in Web Applications | https://ikhaleelkhan.medium.com/understanding-and-mitigating-authentication-bypass-techniques-in-web-applications-d72795f469be?source=rss------bug_bounty-5 | Khaleel Khan | hacking, bug-bounty, infosec, infosecurity, ethical-hacking | 17-Jan-2024 |
Best Hacking OSINT Site list in 2024 | https://medium.com/@logicTech/best-hacking-osint-site-list-in-2024-768db84c55e3?source=rss------bug_bounty-5 | LogicTech | hacking-tools, bug-bounty, hacking, osint-investigation, journalism | 17-Jan-2024 |
Why Web2 Vulnerabilities Need Addressing Before Embracing Web3 — Part 1 | https://medium.com/@resonance.security/why-web2-vulnerabilities-need-addressing-before-embracing-web3-part-1-e881424e216c?source=rss------bug_bounty-5 | Resonance | bug-bounty, web3, blockchain | 17-Jan-2024 |
Phishing using Google Sheets for Red Team Engagements | https://infosecwriteups.com/phishing-using-google-sheets-for-red-team-engagements-ac79298ddb90?source=rss------bug_bounty-5 | Supun Halangoda (Suppa) | cybersecurity, phishing-attacks, phishing, information-security, bug-bounty | 17-Jan-2024 |
Privilege escalation via response manipulation | https://seek-er.medium.com/privilege-escalation-via-response-manipulation-e2ed5076b023?source=rss------bug_bounty-5 | Viky | bug-bounty-writeup, hacking, web-application-security, bug-bounty, security | 17-Jan-2024 |
1 Program, 4 Business Logic Bugs and Cashing in 2300$. | https://infosecwriteups.com/1-program-4-business-logic-bugs-and-cashing-in-2300-299b42236993?source=rss------bug_bounty-5 | Manav Bankatwala | bounty-hunter, information-security, bug-bounty, appreciation, cybersecurity | 17-Jan-2024 |
3.6 Lab: File path traversal, validation of file extension with null byte bypass | 2024 | https://cyberw1ng.medium.com/3-6-lab-file-path-traversal-validation-of-file-extension-with-null-byte-bypass-2024-ccf8005b5379?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, careers, bug-bounty, hacking, cybersecurity | 17-Jan-2024 |
Shall I Start Bug Bounty Without Cybersecurity Basics in 2024? | https://medium.com/@Ajakcybersecurity/shall-i-start-bug-bounty-without-cybersecurity-basics-in-2024-f62fa3ab1991?source=rss------bug_bounty-5 | AjakCybersecurity | penetration-testing, ethical-hacking, cybersecurity, hacking, bug-bounty | 17-Jan-2024 |
API_Security RoadMap | https://akash-venky091.medium.com/api-security-roadmap-edb59a420b04?source=rss------bug_bounty-5 | Akash Venky | cybersecurity, bug-bounty, vulnerability, information-technology, ethical-hacking | 16-Jan-2024 |
Extracting iOS IPA files Without Jailbreaking…! | https://medium.com/@dhanush1895/extracting-ios-ipa-files-without-jailbreaking-6e7ee8e57ad7?source=rss------bug_bounty-5 | Daniel1895 | methodology, ios, bug-bounty-tips, bug-bounty, pentesting | 16-Jan-2024 |
Unleashing the Power of AutoRepeater: Automating Blind SQL Injection Detection | https://medium.com/@atikqur007/unleashing-the-power-of-autorepeater-automating-blind-sql-injection-detection-1b159ee81158?source=rss------bug_bounty-5 | Atik Rahman | sql-injection, bug-bounty, blind-sql-injection, burpsuite-extension, cybersecurity | 16-Jan-2024 |
3.5 Lab: File path traversal, validation of start of path | 2024 | https://cyberw1ng.medium.com/3-5-lab-file-path-traversal-validation-of-start-of-path-2024-9b2b9b4f15d7?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, bug-bounty, cybersecurity, hacking, careers | 16-Jan-2024 |
How to Discovered IDOR from a Blank Page — Bug Bounty Tuesday | https://medium.com/@kerstan/how-to-discovered-idor-from-a-blank-page-bug-bounty-tuesday-5af784533d1a?source=rss------bug_bounty-5 | kerstan | technology, programming, bug-bounty, cybersecurity | 16-Jan-2024 |
GUI Bug Bounty Tool To Find Easy P1s in 2024 | https://medium.com/@Ajakcybersecurity/gui-bug-bounty-tool-to-find-easy-p1s-in-2024-24d05dceba72?source=rss------bug_bounty-5 | AjakCybersecurity | cybersecurity, ethical-hacking, github, penetration-testing, bug-bounty | 16-Jan-2024 |
Secret Bug bounty Extension all Hackers Forget To Add. Part-2 (Not Common!) | https://medium.com/@Ajakcybersecurity/secret-bug-bounty-extension-all-hackers-forget-to-add-part-2-not-common-e29d857f90e0?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, extension, cybersecurity, hacking, bug-bounty | 16-Jan-2024 |
Extensions I Use For My Bug Bounty Hunting in 2024, Part-1. | https://medium.com/@Ajakcybersecurity/extensions-i-use-for-my-bug-bounty-hunting-in-2024-part-1-5b8ba7501408?source=rss------bug_bounty-5 | AjakCybersecurity | cybersecurity, blog, hacking, bug-bounty, ethical-hacking | 16-Jan-2024 |
A Digital Date with a Hacker: A Café WiFi Adventure! | https://medium.com/@Ajakcybersecurity/a-digital-date-with-a-hacker-a-caf%C3%A9-wifi-adventure-db7ae98bbd90?source=rss------bug_bounty-5 | AjakCybersecurity | digital-forensics, cybersecurity, bug-bounty, hacking, blog | 16-Jan-2024 |
What can a Hacker do with your IP Address? Track Your Location? | https://medium.com/@Ajakcybersecurity/what-can-a-hacker-do-with-your-ip-address-track-your-location-f7854cd5c32f?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, cybersecurity, blog, digital-forensics, bug-bounty | 16-Jan-2024 |
Top 5 Sites to Improve Your Hacking Skill IN 2024 | https://medium.com/@Ajakcybersecurity/top-5-sites-to-improve-your-hacking-skill-in-2024-b9e786eb7adb?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, blog, cybersecurity, bug-bounty, hacking | 16-Jan-2024 |
Day 2/100 Of Gaining Hacking Knowledge — Easily change IP, Mac, DNS, Log killer, and more……. | https://medium.com/@ssg30devil/day-2-100-of-gaining-hacking-knowledge-easily-change-ip-mac-dns-log-killer-and-more-7d286c7b7647?source=rss------bug_bounty-5 | rootzs | bug-bounty, ethical-hacking, 100daychallenge, cybersecurity, git-tool | 16-Jan-2024 |
Web Security Academy — Business Logic Vulnerabilities Walkthrough | https://iaraoz.medium.com/web-security-academy-business-logic-vulnerabilities-walkthrough-536f756cda9b?source=rss------bug_bounty-5 | Israel Aráoz Severiche | cybersecurity, owasp, vulnerability, appsec, bug-bounty | 16-Jan-2024 |
Demystifying Reflected XSS: Understanding and Mitigating This Common Web Security Vulnerability | https://medium.com/@j0hnw1ck/demystifying-reflected-xss-understanding-and-mitigating-this-common-web-security-vulnerability-beaa3bb058c5?source=rss------bug_bounty-5 | J0hn W1ck | bug-bounty, cybersecurity, web-development, pentesting, hacking | 16-Jan-2024 |
Bug Zero at a Glance [16–31 December] | https://blog.bugzero.io/bug-zero-at-a-glance-16-31-december-d722a2b76ed4?source=rss------bug_bounty-5 | Januka Dharmapriya | newsletter, bug-bounty, bug-zero, sri-lanka, cybersecurity | 15-Jan-2024 |
How Apple Scammed Me Out Of $50,000 in their Bug Bounty Program (Silent Patching & Ignoring Me) | https://medium.com/@just4g3nt/how-apple-scammed-me-out-of-50-000-in-their-bug-bounty-program-silent-patching-ignoring-me-18455a47a1f6?source=rss------bug_bounty-5 | Random User | bug-bounty, infosec, apple, scam, cybersecurity | 15-Jan-2024 |
Unrestricted File Upload Lead to Stored XSS at Microsoft main domain | https://medium.com/@cavdarbashas/unrestricted-file-upload-lead-to-stored-xss-at-microsoft-main-domain-baa9cadac6bd?source=rss------bug_bounty-5 | Sokol Çavdarbasha | bug-bounty, penetration-testing, technology, web-security, ethical-hacking | 15-Jan-2024 |
HackenProof bug bounty campaign is now live | https://dexenetwork.medium.com/hackenproof-bug-bounty-campaign-is-now-live-bf9bc5ddd6d1?source=rss------bug_bounty-5 | DeXe Protocol | security, dao, bug-bounty, defi | 15-Jan-2024 |
100-day Challenge Day 1/100 Ethical Hacking Knowledge | https://medium.com/@ssg30devil/100-day-challenge-day-1-100-ethical-hacking-knowledge-9b0625a8e835?source=rss------bug_bounty-5 | rootzs | 100daychallenge, ethical-hacking, useful-websites, bug-bounty, most-useful-websites | 15-Jan-2024 |
Reflected DOM XSS | https://medium.com/@marduk.i.am/reflected-dom-xss-fdf60de841cb?source=rss------bug_bounty-5 | Marduk I Am | portswigger-lab, bug-bounty, cybersecurity, cross-site-scripting, dom-xss | 15-Jan-2024 |
SMTP Server (JAMES SMTP Server 2.3.2) | https://medium.com/@akshadjoshi/smtp-server-james-smtp-server-2-3-2-ad934435f021?source=rss------bug_bounty-5 | Akshad Joshi | smtp, bug-bounty, pentesting, hackthebox | 15-Jan-2024 |
Streamlining Vulnerability Hunting for Bug Bounty and pentesters | https://medium.com/@k-binsaeed/streamlining-vulnerability-hunting-for-bug-bounty-and-pentesters-81e77b3ab7d9?source=rss------bug_bounty-5 | NumLocK15 | bug-bounty, vulnerability, cybersecurity, pentesting | 15-Jan-2024 |
How I Used A Simple Python Script to Exploit a Vulnerable Google API Key. | https://medium.com/@gradillagustavo87/how-i-used-a-simple-python-script-to-exploit-a-vulnerable-google-api-key-475b4fcaf895?source=rss------bug_bounty-5 | Gustavo Gradilla | hacking-tools, bug-bounty-writeup, bug-bounty, google | 15-Jan-2024 |
How I Automate Finding Amazon S3 Buckets Using A Simple Python Script | https://medium.com/@gradillagustavo87/how-i-automate-finding-amazon-s3-buckets-using-a-simple-python-script-c1a7c11a8b52?source=rss------bug_bounty-5 | Gustavo Gradilla | cybersecurity, hacking-tools, ethical-hacking, bug-bounty, hacking | 15-Jan-2024 |
S3 Bucket takeover with simple technique lead to $$$ | https://medium.com/@adhaamsayed3/s3-bucket-takeover-with-simple-technique-lead-to-0fc0b89eeecb?source=rss------bug_bounty-5 | Adham sayed (doosec101) | web-app-pentesting, bug-bounty, hacker, hackerone, mobile-app-testing | 15-Jan-2024 |
3.3 Lab: File path traversal, traversal sequences stripped non-recursively | 2024 | https://cyberw1ng.medium.com/3-3-lab-file-path-traversal-traversal-sequences-stripped-non-recursively-2024-5dd6b7d227e6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, security, hacking, careers | 14-Jan-2024 |
Logical Error leads to DOS for victim | https://medium.com/@tanyago/logical-error-leads-to-dos-for-victim-8e4f6d18ae90?source=rss------bug_bounty-5 | Tanya Goyal | bug-bounty-tips, bug-bounty-writeup, bug-hunting, bug-bounty | 14-Jan-2024 |
How to Nail a Perfect Bug Report | https://medium.com/@nambiarjishnu1210/how-to-nail-a-perfect-bug-report-b619690779a7?source=rss------bug_bounty-5 | Jishnu Nambiar | software-testing, automation, bug-bounty, testing, quality-assurance | 14-Jan-2024 |
Bug Bounty: The Ultimate Guide For Beginners | https://medium.com/@securelearn/bug-bounty-the-ultimate-guide-for-beginners-92bd470b5c02?source=rss------bug_bounty-5 | RG | secure-learn, bug-bounty-tips, cybersecurity, hacking, bug-bounty | 14-Jan-2024 |
Elevate your Expertise: Key Cybersec Certifications 2k24 | https://thethreatcops.medium.com/elevate-your-expertise-key-cybersec-certifications-2k24-7a025f5566f4?source=rss------bug_bounty-5 | the threat cops | information-security, hacking, career-development, bug-bounty, cybersecurity | 14-Jan-2024 |
Exploring the Web’s Hidden Corners with DorkDive: A Google Dorking Tool for Tech Enthusiasts | https://infosecwriteups.com/exploring-the-webs-hidden-corners-with-dorkdive-a-google-dorking-tool-for-tech-enthusiasts-c66816493c76?source=rss------bug_bounty-5 | Incoggeek | python, cybersecurity, bug-bounty, tools, hacking | 14-Jan-2024 |
Mastering Cybersecurity: A Deep Dive into Optimal Attack Surface Management for Public Bug Bounty… | https://cyberarafat.medium.com/mastering-cybersecurity-a-deep-dive-into-optimal-attack-surface-management-for-public-bug-bounty-0eb182577c4c?source=rss------bug_bounty-5 | Arafat Ashrafi Talha | ethical-hacking, bug-bounty-tips, bug-bounty, penetration-testing, cybersecurity | 14-Jan-2024 |
Layer 5: Bug Bounties | https://medium.com/@triweisec/layer-5-bug-bounties-f67b2cbdf413?source=rss------bug_bounty-5 | TriWei.io | bug-bounty, web3, blockchain-security, ethical-hacking, vulnerability-assessment | 14-Jan-2024 |
ExamSys — Multiple SQL Injections | https://fh4ntke.medium.com/examsys-multiple-sql-injections-ef94d84e440c?source=rss------bug_bounty-5 | FHantke | web-development, technology, hacking, open-source, bug-bounty | 14-Jan-2024 |
How to set up a new Kali Linux virtual machine for Studying | Practicing | Bug Bounty ? | https://medium.com/@recepbalibey/how-to-set-up-a-new-kali-linux-virtual-machine-for-studying-practicing-bug-bounty-6ec16222c294?source=rss------bug_bounty-5 | Recep Balıbey | virtual-machine, kali-linux, ctf, bug-bounty, cybersecurity | 14-Jan-2024 |
Vulnerable Web Applications For Training and Testing Your New Tools | https://medium.com/@eclectic-security/vulnerable-web-applications-for-training-and-testing-your-new-tools-e2411942edb2?source=rss------bug_bounty-5 | Eclectic Security | bug-bounty, software-development, cybersecurity, training, penetration-testing | 14-Jan-2024 |
Mass Hunting Blind XSS — Practical Techniques | https://infosecwriteups.com/mass-hunting-blind-xss-practical-techniques-182c422d773e?source=rss------bug_bounty-5 | Ott3rly | bug-bounty-writeup, xss-vulnerability, cross-site-scripting, bug-bounty, cybersecurity | 14-Jan-2024 |
What is Bug Bounty Hunting | https://medium.com/@chaudharyrohit644/what-is-bug-bounty-hunting-d2571271d612?source=rss------bug_bounty-5 | Rohit Chaudhary | bug-bounty | 14-Jan-2024 |
PII Data Leakage via Directory Listing | https://medium.com/@fixthis1000time/pii-data-leakage-via-directory-listing-2a5ff7554cdc?source=rss------bug_bounty-5 | fixthi$ | infosec, cybersecurity, ethical-hacking, bug-bounty, hacking | 14-Jan-2024 |
User Enumeration in the login process | https://medium.com/@majix_de/user-enumeration-in-the-login-process-a43a248ac70d?source=rss------bug_bounty-5 | Majix | ctf, bug-bounty, pentesting, hacking, penetration-testing | 14-Jan-2024 |
HackTheBox — Server-side Request Forgery (SSRF) Overview | https://medium.com/@harry.hphu/hackthebox-server-side-request-forgery-ssrf-overview-e55ef94ac435?source=rss------bug_bounty-5 | Huy Phu | bug-bounty, web-security, hackthebox, owasp-top-10, ssrf | 13-Jan-2024 |
What is SQL Injection and how SQL queries work in database | https://mrunknown124154.medium.com/what-is-sql-injection-and-how-sql-queries-work-in-database-6971f1729aed?source=rss------bug_bounty-5 | Mr Abdullah | hacking, cyber-security-awareness, bug-bounty, sql-injection, web-hacking | 13-Jan-2024 |
Easy way to find RCE via SSTI(server side template injection) | https://medium.com/@jeetpal2007/easy-way-to-find-rce-via-ssti-server-side-template-injection-b5f664ddf427?source=rss------bug_bounty-5 | JEETPAL | rce, bug-bounty, easy, bugs, ssti | 13-Jan-2024 |
DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded | https://medium.com/@marduk.i.am/dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-62bc9a167c8e?source=rss------bug_bounty-5 | Marduk I Am | cross-site-scripting, angularjs, dom-xss, bug-bounty, portswigger-lab | 13-Jan-2024 |
mistakes bug bounty hunters fall on it | the key of bug bounty |best advice for 2024 | https://medium.com/@no_oneee/hello-48e0488f6fa4?source=rss------bug_bounty-5 | no|one | information-security, bugs, bug-bounty-tips, cybersecurity, bug-bounty | 13-Jan-2024 |
3.2 Lab: File path traversal, traversal sequences blocked with absolute path bypass | 2024 | https://cyberw1ng.medium.com/3-2-lab-file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass-2024-b1eb44cf3151?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, security, hacking, cybersecurity | 13-Jan-2024 |
Regeneration of API key by low level user: 500$ Access Control bug | https://medium.com/@a13h1/regeneration-of-api-key-by-low-level-user-500-access-control-bug-87c76b9b5842?source=rss------bug_bounty-5 | Abhi Sharma | bug-bounty, cybersecurity, hacking, api, programming | 13-Jan-2024 |
3.2 Lab: File path traversal, traversal sequences blocked with absolute path bypass | 2024 | https://systemweakness.com/3-2-lab-file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass-2024-b1eb44cf3151?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, security, hacking, cybersecurity | 13-Jan-2024 |
Burp Suite — Download, Set up and Get Going! | https://medium.com/@eclectic-security/burp-suite-download-set-up-and-get-going-a58ba7daf678?source=rss------bug_bounty-5 | Eclectic Security | bug-bounty, tools, cyber-security-training, penetration-testing, burpsuite | 13-Jan-2024 |
DOM-Based XSS: Understanding and Mitigating a Stealthy Attack Vector | https://medium.com/@ravensec93/dom-based-xss-understanding-and-mitigating-a-stealthy-attack-vector-71ebc56806aa?source=rss------bug_bounty-5 | Raven Security | bug-bounty, web-security, cybersecurity, xss-attack, hacking | 13-Jan-2024 |
Weird bug to steal users credentials | https://medium.com/@fuadahmad062/weird-bug-to-steal-users-credentials-5e80c5d4565f?source=rss------bug_bounty-5 | von001 | bug-bounty-tips, bug-bounty, content-spoofing | 12-Jan-2024 |
Forget Blockers, Own Your Freedom: SquareX | https://tanishqshahsays.medium.com/forget-blockers-own-your-freedom-squarex-4e4d6a845fe8?source=rss------bug_bounty-5 | Tanishq Sachin Shah | bug-bounty, squarex, security, cybersecurity, privacy | 12-Jan-2024 |
Mass Hunting Blind XSS — Initial Setup | https://ott3rly.medium.com/mass-hunting-blind-xss-initial-setup-7fc5c1898999?source=rss------bug_bounty-5 | Ott3rly | xs, info-sec-writeups, blind-xss, bug-bounty, cross-site-scripting | 12-Jan-2024 |
The DeXe Protocol’s Bug Bounty Campaign | https://dexenetwork.medium.com/the-dexe-protocols-bug-bounty-campaign-a68e960c36cd?source=rss------bug_bounty-5 | DeXe Protocol | defi, bug-bounty, smart-contracts, dao, security | 12-Jan-2024 |
tRPC Security Research: Hunting for Vulnerabilities in Modern APIs | https://medium.com/@LogicalHunter/trpc-security-research-hunting-for-vulnerabilities-in-modern-apis-b0d38e06fa71?source=rss------bug_bounty-5 | Borna Nematzadeh | bug-bounty-writeup, bug-bounty, web-security, security-research, api-security | 12-Jan-2024 |
Mass Hunting Blind XSS — Initial Setup | https://infosecwriteups.com/mass-hunting-blind-xss-initial-setup-7fc5c1898999?source=rss------bug_bounty-5 | Ott3rly | xs, info-sec-writeups, blind-xss, bug-bounty, cross-site-scripting | 12-Jan-2024 |
The DeXe Protocol’s Bug Bounty Campaign announcement | https://dexenetwork.medium.com/the-dexe-protocols-bug-bounty-campaign-a68e960c36cd?source=rss------bug_bounty-5 | DeXe Protocol | defi, bug-bounty, smart-contracts, dao, security | 12-Jan-2024 |
Unraveling the Mysteries of Zoo Services: Feign magic uncovered | https://medium.com/@boltaevt/unraveling-the-mysteries-of-zoo-services-feign-magic-uncovered-3d45d211fdec?source=rss------bug_bounty-5 | @boltaevt | bug-bounty, spring-boot, java, microservices, feign | 12-Jan-2024 |
Unveiling Vulnerabilities: Loose Permissions in Salesforce Lightning Pose Data Security Threats | https://samshadow.medium.com/unveiling-vulnerabilities-loose-permissions-in-salesforce-lightning-pose-data-security-threats-41eaba372937?source=rss------bug_bounty-5 | Sam Shadow | bug-bounty-writeup, infosec, salesforce-lightning, bug-bounty, bug-bounty-tips | 12-Jan-2024 |
Common obstacles to exploiting path traversal vulnerabilities | 2024 | https://cyberw1ng.medium.com/common-obstacles-to-exploiting-path-traversal-vulnerabilities-2024-204fd57566f5?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, security, hacking, cybersecurity, careers | 12-Jan-2024 |
Holy Ffuf Unleashing Rapid Wealth with a 15-Minute $$$ Twist | https://medium.com/@Xt3sY/holy-ffuf-unleashing-rapid-wealth-with-a-15-minute-twist-8fada0cc72ba?source=rss------bug_bounty-5 | Pushkar Bhagat | hacker101, bug-bounty, hackerone, hacker | 12-Jan-2024 |
SQL INJECTION FUNDAMENTALS_HACK THE BOX | https://medium.com/@romimkhan5588/sql-injection-fundamentals-hack-the-box-d22cde7a7198?source=rss------bug_bounty-5 | root 28 | hacking, bug-bounty, cybersecurity, hackthebox, sql-injection | 12-Jan-2024 |
Account Takeover via password reset without user interactions (CVE-2023–7028) | https://0xweb01.medium.com/account-takeover-via-password-reset-without-user-interactions-cve-2023-7028-cbd2e675992e?source=rss------bug_bounty-5 | 0xweb01 | cve, zero-day, bug-bounty, security | 12-Jan-2024 |
Holy Ffuf easy Bounty in 15 mins | https://medium.com/@Xt3sY/holy-ffuf-unleashing-rapid-wealth-with-a-15-minute-twist-8fada0cc72ba?source=rss------bug_bounty-5 | Pushkar Bhagat | hacker101, bug-bounty, hackerone, hacker | 12-Jan-2024 |
Bug Bounty | https://medium.com/@pdinukanth/bug-bounty-b1843c8676b3?source=rss------bug_bounty-5 | Pdinukanth | bug-bounty | 11-Jan-2024 |
IDN Homograph Attack - Reborn of the Rare Case | https://shahjerry33.medium.com/idn-homograph-attack-reborn-of-the-rare-case-99fa1e342352?source=rss------bug_bounty-5 | Jerry Shah (Jerry) | pentesting, bug-bounty, infosec, cybersecurity, vulnerability | 11-Jan-2024 |
Art of External Network Penetration Testing – Phase First: Preparation | https://medium.com/@pentesterman/introduction-with-the-rapidly-developing-technologies-in-the-digital-world-the-security-measures-c21d0f62c48f?source=rss------bug_bounty-5 | Sevban Dönmez | cybersecurity, external-pentest, bug-bounty, web-application-security, pentest-preparation | 11-Jan-2024 |
2.12 Lab: Password brute-force via password change | 2024 | https://cyberw1ng.medium.com/2-12-lab-password-brute-force-via-password-change-2024-94a39239f98e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, bug-bounty, cybersecurity, hacking, careers | 11-Jan-2024 |
How I discovered a Critical Vulnerability during a Pentest : IDOR to Privilege Escalation | https://medium.com/@ravindu.lakmina1/how-i-discovered-a-critical-vulnerability-during-a-pentest-idor-to-privilege-escalation-937230b06e62?source=rss------bug_bounty-5 | Ravindu Lakmina | ethical-hacking, hacking, bug-bounty, penetration-testing, cybersecurity | 11-Jan-2024 |
Windows Exploitation Learning Path in TryHackMe | https://mrshan.medium.com/windows-exploitation-learning-path-in-tryhackme-8fa680daa775?source=rss------bug_bounty-5 | MR SHAN | tryhackme-writeup, cybersecurity, tryhackme-walkthrough, bug-bounty, tryhackme | 11-Jan-2024 |
How I got my first bug bounty | https://medium.com/@b1ayn/how-i-got-my-first-bug-bounty-8772d41bccba?source=rss------bug_bounty-5 | B1ayn | bugcrowd, pentesting, hackerone, bug-bounty | 11-Jan-2024 |
How I Earned My First Bug Bounty Reward of $600 | https://medium.com/@zikola1/how-i-earned-my-first-bug-bounty-reward-of-600-14c268f94bbd?source=rss------bug_bounty-5 | Abdulrahman badawi | penetration-testing, bug-bounty-writeup, bug-bounty, bug-bounty-tips, web-application-security | 11-Jan-2024 |
Skills Needed For Bug Bounty Part 2 | https://medium.com/@joshdesharnais1/skills-needed-for-bug-bounty-part-2-2f6897aa3390?source=rss------bug_bounty-5 | Joshua Desharnais | exploitation, bug-bounty-tips, bug-bounty | 11-Jan-2024 |
Hacking my college intranet (Bug Bounty) | https://medium.com/@boogsta/hacking-my-college-intranet-8f77f5d8fe60?source=rss------bug_bounty-5 | Boogsta | cybersecurity, bug-bounty, hacking, cyber, bug-bounty-tips | 10-Jan-2024 |
How I Helped Indonesian Startup Company to Prevent Millions of PII Data Leaks | https://medium.com/@blackarazi/how-i-helped-indonesian-startup-company-to-prevent-millions-of-pii-data-leaks-55ef3edbd35d?source=rss------bug_bounty-5 | Azhari Harahap | bug-bounty-writeup, pii, application-security, api-security, bug-bounty | 10-Jan-2024 |
Everything About Launching and Managing Your Bug Bounty Program (From a Former Triager) | https://utkusen.medium.com/everything-about-launching-and-managing-your-bug-bounty-program-from-a-former-triager-e244105a31c6?source=rss------bug_bounty-5 | Utku Şen | cybersecurity, bug-bounty-tips, hackerone, bug-bounty | 10-Jan-2024 |
Businesses That Still Are Accepting Brute Force Vulnerabilities as Low Impact Need to Reconsider | https://malwarexhunt.medium.com/businesses-that-still-are-accepting-brute-force-vulnerabilities-as-low-impact-need-to-reconsider-c877f8b17ad3?source=rss------bug_bounty-5 | MalwareHunter | technology, cybersecurity, bug-bounty, programming, penetration-testing | 10-Jan-2024 |
Bugs & JS :A Closer Look at JavaScript for Successful Bug Hunting | https://anasbetis023.medium.com/bugs-js-a-closer-look-at-javascript-for-successful-bug-hunting-fddb0d796498?source=rss------bug_bounty-5 | Anas H Hmaidy | cybersecurity, bug-bounty, javascript, penetration-testing | 10-Jan-2024 |
A Beginner’s Guide to Bug Hunting: Your Passport to the World of Cybersecurity | https://medium.com/@matsecurity/a-beginners-guide-to-bug-hunting-your-passport-to-the-world-of-cybersecurity-798cc4a1e76d?source=rss------bug_bounty-5 | MatSec | bug-bounty, bug-bounty-tips, hackerone, cybersecurity, ethical-hacking | 10-Jan-2024 |
Daily Bug Bounty Writeups | https://securitycipher.medium.com/daily-bug-bounty-writeups-2d754b87a546?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | hacking, technology, ai, security, bug-bounty | 09-Jan-2024 |
BYPASSING PAYMENTS IN APPLE FOR FREE TRAILS FOR LIFETIME | https://medium.com/@sam0-0/bypassing-payments-in-apple-for-free-trails-for-lifetime-8e3019dfe57b?source=rss------bug_bounty-5 | Sam | bug-bounty-writeup, bug-bounty, apple, apple-security | 09-Jan-2024 |
Bug Bounty prompt that can help you to find IDOR vulnerabilities | https://blog.gopenai.com/bug-bounty-prompt-that-can-help-you-to-find-idor-vulnerabilities-5a47fa5de44f?source=rss------bug_bounty-5 | aimaster | idor, bug-bounty, bugbountyprompts, cybersecurity, chatgpt | 09-Jan-2024 |
Understanding Sherlock’s Smart Contract Coverage | https://medium.com/@JohnnyTime/understanding-sherlocks-smart-contract-coverage-3eca7d9033bc?source=rss------bug_bounty-5 | Johnny Time | sherlock, web3-security, audit-contest, bug-bounty, smart-contracts | 09-Jan-2024 |
How To Get A XSSI Bug In Bug Bounty— Bug Bounty Tuesday | https://medium.com/@kerstan/how-to-get-a-xssi-bug-in-bug-bounty-bug-bounty-tuesday-7440b0caf32c?source=rss------bug_bounty-5 | kerstan | bug-bounty, security, technology, programming, cybersecurity | 09-Jan-2024 |
Developed a Bug Bounty Calculator | https://medium.com/@chander.romesh/developed-a-bug-bounty-calculator-b8370e04b15a?source=rss------bug_bounty-5 | Romesh chander | information-security, infosec, pentesting, hacking, bug-bounty | 09-Jan-2024 |
Recon Nedir ve Kullanılan Araçlar | https://medium.com/@eren.klai2/recon-nedir-ve-kullan%C4%B1lan-ara%C3%A7lar-bac6b28479e4?source=rss------bug_bounty-5 | ErenCatak | subdomain, pentesting, subdomains-enumeration, bug-bounty, recon | 09-Jan-2024 |
Subdomain Bruteforce Tool | https://0xshaheen.medium.com/subdomain-bruteforce-tool-9dd3cd673df6?source=rss------bug_bounty-5 | Shaheen Sikder | subdomains-enumeration, subdomain, bug-bounty, subdomain-bruteforce | 09-Jan-2024 |
Get All your Clickjacking Vulnerability Triaged with this Exploitation! | https://medium.com/@Ajakcybersecurity/get-all-your-clickjacking-vulnerability-triaged-with-this-exploitation-95de8291e285?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, bug-bounty, cybersecurity, blog, clickjacking | 09-Jan-2024 |
A Straight 5-hour Escalation! Exploiting Boolean-Based SQL Injection. | https://medium.com/@Ajakcybersecurity/a-straight-5-hour-escalation-exploiting-boolean-based-sql-injection-5d828fd3dacf?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, bug-bounty, cybersecurity, red-team, sql | 09-Jan-2024 |
How to Write A Bug Bounty Report Like a Pro! | https://medium.com/@Ajakcybersecurity/how-to-write-a-bug-bounty-report-like-a-pro-a703034d095f?source=rss------bug_bounty-5 | AjakCybersecurity | bug-bounty, ethical-hacking, ethcial-hacking, hacking, cybersecurity | 09-Jan-2024 |
How To Report Bug In Indian Government Site? | https://medium.com/@Ajakcybersecurity/how-to-report-bug-in-indian-government-site-3f104eb5c40b?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, bug-bounty, blog, india, cybersecurity | 09-Jan-2024 |
How To Check Whether Your Photo is Leaked In Online or Not? | https://medium.com/@Ajakcybersecurity/how-to-check-whether-your-photo-is-leaked-in-online-or-not-286a9feeadbd?source=rss------bug_bounty-5 | AjakCybersecurity | investigation, digital-forensics, blog, cybersecurity, bug-bounty | 09-Jan-2024 |
2.11 Lab: Password reset poisoning via middleware | 2024 | https://cyberw1ng.medium.com/2-11-lab-password-reset-poisoning-via-middleware-2024-862897c7fc77?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, hacking, careers, security, bug-bounty | 09-Jan-2024 |
Tricks I Do To Get Easy HOF and Bounty! | https://medium.com/@Ajakcybersecurity/tricks-i-do-to-get-easy-hof-and-bounty-99d6158eb53e?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, penetration-testing, blog, cybersecurity, bug-bounty | 09-Jan-2024 |
How Much Was My First Bounty? | https://medium.com/@Ajakcybersecurity/how-much-was-my-first-bounty-9c02df4b1958?source=rss------bug_bounty-5 | AjakCybersecurity | hacking, ethical-hacking, cybersecurity, penetration-testing, bug-bounty | 09-Jan-2024 |
The Art and Science Behind Password Managers | https://medium.com/@paritoshblogs/the-art-and-science-behind-password-managers-fbf5fb9c7f99?source=rss------bug_bounty-5 | Paritosh | information-security, cybersecurity, password-manager, hacking, bug-bounty | 08-Jan-2024 |
Top 13 Vulnerable Web Applications and Websites for Ethical Hacking Practice | https://bytebusterx.medium.com/top-13-vulnerable-web-applications-and-websites-for-ethical-hacking-practice-1850c6163e89?source=rss------bug_bounty-5 | ByteBusterX | bug-bounty, hacking, cybersecurity | 08-Jan-2024 |
Rapid Scan (Web Vulnerability Scanner) | https://medium.com/@psychomong/rapid-scan-web-vulnerability-scanner-d164cefc3c9a?source=rss------bug_bounty-5 | psychomong | hacking, bug-bounty, scanner, hackerone, python | 08-Jan-2024 |
2.10 Lab: Offline password cracking | 2024 | https://cyberw1ng.medium.com/2-10-lab-offline-password-cracking-2024-e730fb915f73?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, security, cybersecurity, hacking | 08-Jan-2024 |
Blind boolean-based SQLi, by manipulating url | https://medium.com/@zatikyan.sevada/blind-boolean-based-sqli-by-manipulating-url-96e1e086378c?source=rss------bug_bounty-5 | Zatikyan Sevada | cybersecurity, sqlmap, bug-bounty, owasp, sql-injection | 08-Jan-2024 |
HTTP PARAMTER POLLUTION [TR] | https://medium.com/@eren.klai2/http-paramter-pollution-tr-700e254be60e?source=rss------bug_bounty-5 | ErenCatak | pentesting, bug-bounty, turkey, http-parameter-pollution, parameter-tampering | 08-Jan-2024 |
2.9 Lab: Brute-forcing a stay-logged-in cookie | 2024 | https://cyberw1ng.medium.com/2-9-lab-brute-forcing-a-stay-logged-in-cookie-2024-065110f81d48?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, security, cybersecurity, hacking, careers | 07-Jan-2024 |
Digital Forensics Investigation Report PDF- A Court Manner. | https://medium.com/@Ajakcybersecurity/digital-forensics-investigation-report-pdf-a-court-manner-daaa24c60458?source=rss------bug_bounty-5 | AjakCybersecurity | wireshark, bug-bounty, networking, digital-forensics, blog | 07-Jan-2024 |
Top Programming Languages You Need to Know In 2024 | https://medium.com/@Ajakcybersecurity/top-programming-languages-you-need-to-know-in-2024-372db341015f?source=rss------bug_bounty-5 | AjakCybersecurity | bug-bounty, cybersecurity, python, medium, programming | 07-Jan-2024 |
XSS (Cross-Site Scripting) Reports on codechef.com | https://medium.com/@mr_sopyan/xss-cross-site-scripting-reports-on-codechef-com-1a674f9ba9d8?source=rss------bug_bounty-5 | Mr_Sopyan | cybersecurity, xss-attack, bug-bounty, it-security | 07-Jan-2024 |
How to match IOCs against SIEM logs ? | https://medium.com/@paritoshblogs/how-to-match-iocs-against-siem-logs-9d61079d16c6?source=rss------bug_bounty-5 | Paritosh | siem, hacking, bug-bounty, cybersecurity, ioc | 07-Jan-2024 |
Paid Subscriptions Resources which will be useful for Ethical Hacking/Bug Bounty (No Promotion)… | https://medium.com/@Ajakcybersecurity/paid-subscriptions-resources-which-will-be-useful-for-ethical-hacking-bug-bounty-no-promotion-94b2aad97b18?source=rss------bug_bounty-5 | AjakCybersecurity | medium, udemy, ethical-hacking, bug-bounty, cybersecurity | 07-Jan-2024 |
Learn Cybersecurity By Doing Simple Projects at Home | https://medium.com/@Ajakcybersecurity/learn-cybersecurity-by-doing-simple-projects-at-home-81fe4a512a65?source=rss------bug_bounty-5 | AjakCybersecurity | cybersecurity, bug-bounty, projects, ethical-hacking, hacking | 07-Jan-2024 |
Top 5 Best Laptops for Bug Bounty and Ethical Hacking | https://medium.com/@Ajakcybersecurity/top-5-best-laptops-for-bug-bounty-and-ethical-hacking-c0ce6fe4917c?source=rss------bug_bounty-5 | AjakCybersecurity | hacking, blog, laptop, programming, bug-bounty | 07-Jan-2024 |
Os Command Injection | https://medium.com/@eren.klai2/os-command-injection-536087488e87?source=rss------bug_bounty-5 | ErenCatak | bug-bounty, pentesting, os-command-injection, operating-systems, bash-script | 07-Jan-2024 |
Top 5 Best Books for Bug Bounty Hunting- My Personal Favourites | https://medium.com/@Ajakcybersecurity/top-5-best-books-for-bug-bounty-hunting-my-personal-favourites-ec416ab4ea25?source=rss------bug_bounty-5 | AjakCybersecurity | ethical-hacking, hacking, money, bug-bounty, blog | 06-Jan-2024 |
HackerOne or BugCrowd or VDP? How To Choose your Bug Bounty Program? | https://medium.com/@Ajakcybersecurity/hackerone-or-bugcrowd-or-vdp-how-to-choose-your-bug-bounty-program-c4a4d202397c?source=rss------bug_bounty-5 | AjakCybersecurity | bug-bounty, hackerone, blog, penetration-testing, ethical-hacking | 06-Jan-2024 |
How I Cracked CEH Within 6 Months Only With Free Resources. | https://medium.com/@Ajakcybersecurity/how-i-cracked-ceh-within-6-months-only-with-free-resources-c362d122ee01?source=rss------bug_bounty-5 | AjakCybersecurity | hacking, bug-bounty, blog, ethical-hacking, certification | 06-Jan-2024 |
Bug Bounty Mistakes I Made in 2023, So that You Can Avoid in 2024 | https://medium.com/@Ajakcybersecurity/bug-bounty-mistakes-i-made-in-2023-so-that-you-can-avoid-in-2024-3737663807fc?source=rss------bug_bounty-5 | AjakCybersecurity | penetration-testing, hacking, ethical-hacking, cybersecurity, bug-bounty | 06-Jan-2024 |
Unveiling the Dangers of CWE-319: Clear Text Transmission of Sensitive Information | https://medium.com/@georgeppmc/unveiling-the-dangers-of-cwe-319-clear-text-transmission-of-sensitive-information-1ada2d1f4ca5?source=rss------bug_bounty-5 | George Torres | bug-bounty | 06-Jan-2024 |
Gi7w0rm’s personal year review — 2023 | https://gi7w0rm.medium.com/gi7w0rms-personal-year-review-2023-f4726b46b604?source=rss------bug_bounty-5 | Gi7w0rm | ioc, bug-bounty, cybersecurity, infosec, 2023 | 06-Jan-2024 |
500$ Access Control Bug: Performed Restricted Actions in Developer Settings by low level user. | https://medium.com/@a13h1/500-access-control-bug-performed-restricted-actions-in-developer-settings-by-low-level-user-b4ecaa6d1aa1?source=rss------bug_bounty-5 | Abhi Sharma | programming, bug-bounty, pentesting, access-control, cybersecurity | 06-Jan-2024 |
Best AI Tools For Cybersecurity in 2024 | https://medium.com/@paritoshblogs/best-ai-tools-for-cybersecurity-in-2024-9f9972919f1d?source=rss------bug_bounty-5 | Paritosh | bug-bounty, hacking, networking, information-security, cybersecurity | 06-Jan-2024 |
The Art of Shodan | https://astro0x00.medium.com/the-art-of-shodan-ee83bfa96105?source=rss------bug_bounty-5 | Mo2men Elmady | bug-bounty, shodan, penetration-testing, cve, hacking | 06-Jan-2024 |
2.8 Lab: 2FA broken logic | 2024 | https://cyberw1ng.medium.com/2-8-lab-2fa-broken-logic-2024-30a843da98ca?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, hacking, careers, bug-bounty, security | 06-Jan-2024 |
The History Behind My First Bug | https://dropn0w.medium.com/the-history-behind-my-first-bug-539b913b9667?source=rss------bug_bounty-5 | drop | bug-bounty-tips, hacking, bug-bounty, cybersecurity | 06-Jan-2024 |
The Story Behind My First Bug | https://dropn0w.medium.com/the-history-behind-my-first-bug-539b913b9667?source=rss------bug_bounty-5 | drop | bug-bounty-tips, hacking, bug-bounty, cybersecurity | 06-Jan-2024 |
Ethical Hacking RoadMap 2024. A Complete Guide. | https://medium.com/@testproxy027/ethical-hacking-roadmap-2024-a-complete-guide-74a7a09668af?source=rss------bug_bounty-5 | Ankit Hacker | cybersecurity, bug-bounty, hacking, ethical-hacking, medium | 05-Jan-2024 |
I received a Bank offer in my mailbox and discovered an IDOR vulnerability - $5,000 bounty - @bxmbn | https://bxmbn.medium.com/i-received-a-bank-offer-in-my-mailbox-and-discovered-an-idor-vulnerability-5-000-bounty-bxmbn-5209cab1fba8?source=rss------bug_bounty-5 | bombon | cybersecurity, idor, bug-bounty | 05-Jan-2024 |
How I Prevented a Mass Data Breach - $15,000 bounty - @bxmbn | https://bxmbn.medium.com/how-i-prevented-a-mass-data-breach-15-000-bounty-bxmbn-1096e6400e3d?source=rss------bug_bounty-5 | bombon | bug-bounty, data-breach, idor, cybersecurity | 05-Jan-2024 |
Cybersecurity Roadmap: 2024 | https://hackerassociate.medium.com/cybersecurity-roadmap-2024-ea3586fea603?source=rss------bug_bounty-5 | Harshad Shah | infosec, cybersecurity, penetration-testing, bug-bounty, hacking | 05-Jan-2024 |
How to Earn Money as a Digital Forensics Investigator | https://medium.com/@moneyiseasybro/how-to-earn-money-as-a-digital-forensics-investigator-dae9723ebb10?source=rss------bug_bounty-5 | How to Earn | ethical-hacking, cybersecurity, finance, money, bug-bounty | 05-Jan-2024 |
How Celebrities Social media accounts get hacked in real time? | https://medium.com/@Ajakcybersecurity/how-celebrities-social-media-accounts-get-hacked-in-real-time-4ccb37ac0763?source=rss------bug_bounty-5 | AjakCybersecurity | phishing, ethical-hacking, cybersecurity, digital-forensics, bug-bounty | 05-Jan-2024 |
How to Become a Successful Bug Bounty Hunter in 2024? | https://medium.com/@Ajakcybersecurity/how-to-become-a-successful-bug-bounty-hunter-in-2024-3171b782b585?source=rss------bug_bounty-5 | AjakCybersecurity | bug-bounty, ethical-hacking, blog, cybersecurity, hacking | 05-Jan-2024 |
Listed in Top 15 Researchers in NCIIPC India | https://devanshchauhan4565.medium.com/listed-in-top-15-researchers-in-nciipc-india-4143da2d75e9?source=rss------bug_bounty-5 | Devansh chauhan | top-10, bug-bounty, internet, vulnerability, india | 05-Jan-2024 |
Privilege Escalation Using SCIM Provisioning | https://ronak-9889.medium.com/privilege-escalation-using-scim-provisioning-ca61ed9606bd?source=rss------bug_bounty-5 | Ronak Patel | bug-bounty, information-security, privilege-escalation, access-control, cybersecurity | 05-Jan-2024 |
Website Hacking, Penetration Testing & Bug Bounty Hunting Resources full course | https://thehackertools9.medium.com/website-hacking-penetration-testing-bug-bounty-hunting-resources-full-course-0010c0603bd9?source=rss------bug_bounty-5 | TheHackerLife | bug-bounty-tips, bug-bounty, website-hacking, hacking-tools, ethical-hacking-tools | 05-Jan-2024 |
2.7 Lab: Username enumeration via account lock | 2024 | https://cyberw1ng.medium.com/2-7-lab-username-enumeration-via-account-lock-2024-9ae1d7eef4a6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, hacking, bug-bounty, cybersecurity, careers | 05-Jan-2024 |
My first bugs in 2024 | https://medium.com/@el-cezeri/my-first-bugs-in-2024-82ea4e9de718?source=rss------bug_bounty-5 | Samet Yiğit | ödülavcılığı, bug-bounty, bug-bounty-tips | 05-Jan-2024 |
Vulnerable WordPress December 2023 (Shahriar) | https://medium.com/@onhexgroup/vulnerable-wordpress-december-2023-shahriar-16277c1cd3b8?source=rss------bug_bounty-5 | Onhexgroup | wordpress-security, wordpress-plugins, infosec, bug-bounty, wordpress | 05-Jan-2024 |
Exploring “Jok3r”: A Powerful Network/Host Reconnaissance and Enumeration Tool. | https://sh1vv1.medium.com/exploring-jok3r-a-powerful-network-host-reconnaissance-and-enumeration-tool-43b524c580f0?source=rss------bug_bounty-5 | Hesham Ahmed | tips-and-tricks, tools, penetration-testing, bug-bounty, bug-hunting | 05-Jan-2024 |
Web Security Academy — API Security Testing Walkthrough | https://iaraoz.medium.com/web-security-academy-api-security-testing-walkthrough-11019ed93eae?source=rss------bug_bounty-5 | Israel Aráoz Severiche | api, bug-bounty, web, hacking, portswigger-lab | 05-Jan-2024 |
9 Subtle Tricks To Make Your Cybersecurity Skills Much Better | https://medium.com/@paritoshblogs/9-subtle-tricks-to-make-your-cybersecurity-skills-much-better-4f7e48b3fd57?source=rss------bug_bounty-5 | Paritosh | bug-bounty, ai, cybersecurity, programming, hacking | 04-Jan-2024 |
Exploring Application Security with SAST, DAST, SCA, and IAST | https://securitycipher.medium.com/exploring-application-security-with-sast-dast-sca-and-iast-95b27043d9fd?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | security, bug-bounty, hacking, technology, cybersecurity | 04-Jan-2024 |
How do i bypass waf for xss in input tag? | https://medium.com/@lyltvip/how-do-i-bypass-waf-for-xss-in-input-tag-2adcdc1b7e25?source=rss------bug_bounty-5 | lanyi | bug-bounty-tips, hacking, xss-vulnerability, xss-attack, bug-bounty | 04-Jan-2024 |
CORS Crossfire: An iCSI CTF | https://medium.com/@josh.beck2006/cors-crossfire-an-icsi-ctf-35a73f700207?source=rss------bug_bounty-5 | Josh Beck | cybersecurity, penetration-testing, ctf-writeup, bug-bounty | 04-Jan-2024 |
2.6 Lab: Broken brute-force protection, IP block | 2024 | https://cyberw1ng.medium.com/2-6-lab-broken-brute-force-protection-ip-block-2024-8057a53b999a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, bug-bounty, careers, cybersecurity, hacking | 04-Jan-2024 |
Account Takeover? $4 and a click, please. | https://swehtpantz.medium.com/account-takeover-4-and-a-click-please-454c035aa3b6?source=rss------bug_bounty-5 | Swehtpantz | hacking, pentesting, ethical-hacking, bug-bounty, bug-bounty-tips | 04-Jan-2024 |
Bug Bounty | https://medium.com/@montymahapatra79/bug-bounty-02310f6d39f9?source=rss------bug_bounty-5 | Montymahapatra | bug-bounty-tips, bug-bounty-hunter, bug-bounty | 04-Jan-2024 |
Ethical Hacking RoadMap 2024. A Complete Guide. | https://ajaksecurities.medium.com/ethical-hacking-roadmap-2024-a-complete-guide-23b23262b1b8?source=rss------bug_bounty-5 | Ajak Cyber Security | ethical-hacking, hacking, bug-bounty, medium, cybersecurity | 04-Jan-2024 |
How to Become a Successful Bug Bounty Hunter in 2024? | https://ajaksecurities.medium.com/how-to-become-a-successful-bug-bounty-hunter-in-2024-106f576b03e2?source=rss------bug_bounty-5 | Ajak Cyber Security | ethical-hacking, hacking, bug-bounty, cybersecurity, medium | 04-Jan-2024 |
Essential Gadgets for Bug Bounty Hunters: Enhancing Your Cybersecurity Arsenal | https://securitylit.medium.com/essential-gadgets-for-bug-bounty-hunters-enhancing-your-cybersecurity-arsenal-40173ec2945f?source=rss------bug_bounty-5 | Security Lit Limited | gadgets, cybersecurity, bug-bounty, vulnerability | 04-Jan-2024 |
OpenBounty, phương pháp tiếp cận mới của Shentu trong Hệ sinh thái bảo mật | https://shentuchain.medium.com/openbounty-ph%C6%B0%C6%A1ng-ph%C3%A1p-ti%E1%BA%BFp-c%E1%BA%ADn-m%E1%BB%9Bi-c%E1%BB%A7a-shentu-trong-h%E1%BB%87-sinh-th%C3%A1i-b%E1%BA%A3o-m%E1%BA%ADt-bc52f8fd13ff?source=rss------bug_bounty-5 | Shentu Chain | bug-bounty, bounty-program, web3, bounty-hunter, cybersecurity | 03-Jan-2024 |
GooFuzz: A Fuzzing Tool with an OSINT Approach | https://medium.com/@cuncis/goofuzz-a-fuzzing-tool-with-an-osint-approach-306fe481824f?source=rss------bug_bounty-5 | Cuncis | bug-bounty, penetration-test, google-dork, penetration-testing, osint | 03-Jan-2024 |
How to Correctly setup Android Penetration Testing on a MacBook | https://infosecwriteups.com/how-to-correctly-setup-android-penetration-testing-on-a-macbook-659f244f84c8?source=rss------bug_bounty-5 | Supun Halangoda (Suppa) | bug-bounty, penetration-testing, mobile-penetration-test, macbook-pro, android-pentesting | 03-Jan-2024 |
LoveTok | HackTheBox web challenge Writeup | https://gxbnt.medium.com/lovetok-hackthebox-web-challenge-writeup-e3b99967c3b7?source=rss------bug_bounty-5 | Bishal - #GxbNt | hackthebox-writeup, oscp, web, offensive-security, bug-bounty | 03-Jan-2024 |
A Guide on Crafting Robust Invariants with Echidna | https://medium.com/coinmonks/a-guide-on-crafting-robust-invariants-with-echidna-fc980d8e2c0c?source=rss------bug_bounty-5 | Chirag Agrawal | bug-bounty, smart-contracts, cybersecurity, cryptocurrency, security | 03-Jan-2024 |
Found reflected xss on a real target | https://medium.com/@jeetpal2007/found-reflected-xss-on-a-real-target-30b80b2f53e4?source=rss------bug_bounty-5 | JEETPAL | rxss, xs, bugs, bug-bounty | 03-Jan-2024 |
My Bug Bounty Write Ups (Part-1) | https://karthikeyamade.medium.com/my-bug-bounty-write-ups-part-1-63ed3e788873?source=rss------bug_bounty-5 | Karthikeya Sai | bug-bounty-tips, bug-bounty | 03-Jan-2024 |
My First Bug Bounty: Lessons Learned and Money Earned | https://medium.com/@georgeppmc/my-first-bug-bounty-lessons-learned-and-money-earned-d6fc31744621?source=rss------bug_bounty-5 | George Torres | bug-bounty-tips, bug-hunting, bug-bounty-writeup, bug-bounty, hackerone | 03-Jan-2024 |
Comparing CVE & CWE : Understanding Security Vulnerabilities | https://medium.com/@zouhairelgarouni/comparing-cve-cwe-understanding-security-vulnerabilities-84442ab1e0e7?source=rss------bug_bounty-5 | ZOUHAIR EL GAROUNI | vulnerability, vulnerability-management, cyber-security-awareness, cybersecurity, bug-bounty | 03-Jan-2024 |
you need to learn linux RIGHT NOW!! | https://medium.com/@paritoshblogs/you-need-to-learn-linux-right-now-7239f4dcc1c6?source=rss------bug_bounty-5 | Paritosh | hacking, cybersecurity, linux, programming, bug-bounty | 02-Jan-2024 |
Bug Bounty Hunting | Reconnaissance | Subdomain Enumeration | https://me-ankeet.medium.com/bug-bounty-hunting-reconnaissance-subdomain-enumeration-854d880c3406?source=rss------bug_bounty-5 | Ankeet | bug-bounty, hacking, information-security, cybersecurity, bug-bounty-tips | 02-Jan-2024 |
How .git folder can be exploited to access sensitive data | https://satyasai1460.medium.com/how-git-folder-can-be-exploited-to-access-sensitive-data-eb805c38fd6c?source=rss------bug_bounty-5 | Bala Naga Satya sai Devarapalli | information-technology, cybersecurity, bug-bounty, bugs, bug-bounty-tips | 02-Jan-2024 |
From P5 to Payday $$$: Escalating Reflected XSS to Account Takeover | https://hasanka-amarasinghe.medium.com/from-p5-to-payday-escalating-reflected-xss-to-account-takeover-bc25a171a3d5?source=rss------bug_bounty-5 | Hasanka Amarasinghe | xss-attack, bug-bounty, cross-site-scripting, account-takeover, cybersecurity | 02-Jan-2024 |
Account Takeover on International Exchange — Bug Bounty Tuesday | https://medium.com/@kerstan/account-takeover-on-international-exchange-bug-bounty-tuesday-cf41a54bc4b7?source=rss------bug_bounty-5 | kerstan | cybersecurity, bug-bounty, technology, programming | 02-Jan-2024 |
The Lexer Markets security review story | https://medium.com/@mweiss.eth/the-lexer-markets-security-review-story-a812539d62db?source=rss------bug_bounty-5 | 0xWeiss | security, audit, bug-bounty, smart-contracts | 02-Jan-2024 |
DOM XSS in document.write sink using source location.search inside a select element | https://medium.com/@marduk.i.am/dom-xss-in-document-write-sink-using-source-location-search-inside-a-select-element-0c47fc033bcf?source=rss------bug_bounty-5 | Marduk I Am | portswigger-lab, dom-xss, cross-site-scripting, cybersecurity, bug-bounty | 02-Jan-2024 |
2.4 Lab: Username enumeration via subtly different responses | 2024 | https://cyberw1ng.medium.com/2-4-lab-username-enumeration-via-subtly-different-responses-2024-eb37130d41a8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, hacking, cybersecurity, security | 02-Jan-2024 |
Stealing private messages using XSS on subdomain | https://medium.com/@shcyber/stealing-private-messages-using-xss-on-subdomain-97f0304b132f?source=rss------bug_bounty-5 | SHCyber | websocket, csrf, bug-bounty, xss-attack, hacking | 02-Jan-2024 |
From Disclosure to High Severity: Leveraging Dyte API Key for Maximum Impact | https://padsalatushal.medium.com/from-disclosure-to-high-severity-leveraging-dyte-api-key-for-maximum-impact-468c444963c6?source=rss------bug_bounty-5 | Padsala Tushal | api-security, cybersecurity, bug-bounty-tips, infosec, bug-bounty | 02-Jan-2024 |
SQL Injection (SQLi): WWWWWH? | https://medium.com/@rcxsecurity/sql-injection-sqli-wwwwwh-d847972b3e45?source=rss------bug_bounty-5 | RCXSecurity | sql-injection, bug-bounty, information-security, penetration-testing, cybersecurity | 01-Jan-2024 |
How Do I Get Root Access on a Linux Server | https://systemweakness.com/how-do-i-get-root-access-on-a-linux-server-874d29015305?source=rss------bug_bounty-5 | RyuuKhagetsu | bug-bounty, infosec, web-application-security, pentesting, bug-bounty-writeup | 01-Jan-2024 |
Understanding the MITRE ATT&CK Framework: A Comprehensive Overview | https://medium.com/@paritoshblogs/understanding-the-mitre-att-ck-framework-a-comprehensive-overview-c1499d195da0?source=rss------bug_bounty-5 | Paritosh | mitre-attack, ai, hacking, bug-bounty, cybersecurity | 01-Jan-2024 |
Reflected XSS into a JavaScript string with angle brackets HTML encoded | https://medium.com/@marduk.i.am/reflected-xss-into-a-javascript-string-with-angle-brackets-html-encoded-c9e2ed86f489?source=rss------bug_bounty-5 | Marduk I Am | bug-bounty, reflected-xss, portswigger-lab, cross-site-scripting, cybersecurity | 01-Jan-2024 |
Automating GitHub Recon for Sensitive Information Discovery | https://medium.com/@paxnull/automating-github-recon-for-sensitive-information-discovery-c96b677857cf?source=rss------bug_bounty-5 | paxnull | bug-bounty, bug-bounty-writeup, automation-tools, reconnaissance, bug-bounty-tips | 01-Jan-2024 |
The power of Client-Side Path Traversal: How I found and escalated 2 bugs through “../” | https://medium.com/@Nightbloodz/the-power-of-client-side-path-traversal-how-i-found-and-escalated-2-bugs-through-670338afc90f?source=rss------bug_bounty-5 | Alvaro Balada | bug-bounty-tips, info-sec-writeups, bug-bounty-writeup, cybersecurity, bug-bounty | 01-Jan-2024 |
1.18 Lab: SQL injection attack, listing the database contents on Oracle | 2024 | https://cyberw1ng.medium.com/1-18-lab-sql-injection-attack-listing-the-database-contents-on-oracle-2024-cec2a796740f?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, security, bug-bounty, careers, hacking | 01-Jan-2024 |
Another 4 Digit Bounty Story on Hackerone | https://medium.com/@jai.lani9001/another-4-digit-bounty-story-on-hackerone-58dba8c19818?source=rss------bug_bounty-5 | Jai Lani | bug-bounty | 01-Jan-2024 |
CVE-2023–34635: UNIBOX 3.0/3.1 SQL Injection login bypass | https://medium.com/@davidkarpinski1/cve-2023-34635-unibox-3-0-3-1-sql-injection-login-bypass-fc33004e70c0?source=rss------bug_bounty-5 | David Eduardo Karpinski | bug-bounty, sql-login, unibox, sqli, login-bypass | 01-Jan-2024 |
Exploring the Depths: DNS Wildcard and Subdomain Tak | https://alvinbijo.medium.com/exploring-the-depths-dns-wildcard-and-subdomain-tak-6deed7aebcb1?source=rss------bug_bounty-5 | Alvin bijo | bug-bounty, bugbounty-writeup | 01-Jan-2024 |
Bug Zero at a Glance [01–15 December] | https://blog.bugzero.io/bug-zero-at-a-glance-01-15-december-cdb358653f8e?source=rss------bug_bounty-5 | Januka Dharmapriya | cybersecurity, sri-lanka, bug-bounty, bug-zero, newsletter | 31-Dec-2023 |
Uncovering LFI Attack | https://medium.com/@cyberkarthi/uncovering-ssrf-attack-12064069205f?source=rss------bug_bounty-5 | Karthikeyan C | ethical-hacking, pentesting, bug-bounty, bugbounty-writeup | 31-Dec-2023 |
I hate Hackerone / X Website Vulnerability — Bug Bounty Hunter | https://medium.com/@batuhanaydinn/i-hate-hackerone-x-website-vulnerability-bug-bounty-hunter-3e43a7e0bc80?source=rss------bug_bounty-5 | Batuhan Aydın | hacking, hackerone, bug-bounty, penetration-testing, hacker | 31-Dec-2023 |
1.17 Lab: SQL injection attack, listing the database contents on non-Oracle databases | 2023 | https://systemweakness.com/1-17-lab-sql-injection-attack-listing-the-database-contents-on-non-oracle-databases-2023-2026162bf6ef?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, hacking, security, careers | 31-Dec-2023 |
DNS-Related Attacks and Examples | https://medium.com/@paritoshblogs/dns-related-attacks-and-examples-fee4da0cc2d6?source=rss------bug_bounty-5 | Paritosh | dns, cybersecurity, bug-bounty, hacking, programming | 31-Dec-2023 |
How I hacked India’s top company database. | https://medium.com/@sritharcyber/how-i-hacked-indias-top-company-database-d66b9fc49cb0?source=rss------bug_bounty-5 | Srithar Cyber | sqli, pentest, recent, hacked, bug-bounty | 31-Dec-2023 |
Simple Subdomain Takeover | https://infosecwriteups.com/simple-subdomain-takeover-15129e19bbb4?source=rss------bug_bounty-5 | hackerdevil | vulnerability-assessment, bug-bounty, bug-bounty-writeup, bug-bounty-tips, web-app-security | 31-Dec-2023 |
Master Subdomain HUNTING | Art of finding Hidden Assets | https://yashh2.medium.com/master-subdomain-hunting-art-of-finding-hidden-assets-3351b3c8467a?source=rss------bug_bounty-5 | ʏᴀꜱʜʜ | cybersecurity, infosec, bug-bounty, bug-bounty-tips, hacking | 30-Dec-2023 |
Woowow Bug Bounty Campaign | https://medium.com/@woowow/woowow-bug-bounty-campaign-569e7b7868f3?source=rss------bug_bounty-5 | Woowow | qitmeerecosystem, bounty-campaign, marketplaces, woowow, bug-bounty | 30-Dec-2023 |
How i Hacked My First Target using GooGle Dorking | https://mrunknown124154.medium.com/how-i-hacked-my-first-target-using-google-dorking-43cb999ad8db?source=rss------bug_bounty-5 | Mr Abdullah | sql-injection, google-dorking, bug-bounty, hacking, sql-injection-attack | 30-Dec-2023 |
417$ Simple IDOR: Unauthorized Contact Details Modification | https://medium.com/@a13h1/417-simple-idor-unauthorized-contact-details-modification-92e8211439e4?source=rss------bug_bounty-5 | Abhi Sharma | programming, cybersecurity, hacking, bug-bounty, idor | 30-Dec-2023 |
Sudomain Takeover via Shopify(Easy Bounty $$$$) | https://medium.com/@paxnull/sudomain-takeover-via-shopify-easy-bounty-300f839aa15d?source=rss------bug_bounty-5 | paxnull | bug-bounty, tips, bug-bounty-tips, subdomain-takeover, bug-bounty-writeup | 30-Dec-2023 |
XSS deep dive P1 (theory)(publish early,please waiting for 2 days to read) | https://medium.com/@nguhuynh.148/xss-deep-dive-p1-theory-637af86f335d?source=rss------bug_bounty-5 | Nguhuynh | xss-vulnerability, xss-attack, xss-bypass, bug-bounty | 30-Dec-2023 |
Stored XSS into anchor href attribute with double quotes HTML-encoded | https://medium.com/@marduk.i.am/stored-xss-into-anchor-href-attribute-with-double-quotes-html-encoded-1f88ba0b990f?source=rss------bug_bounty-5 | Marduk I Am | stored-xss, bug-bounty, cybersecurity, cross-site-scripting, portswigger-lab | 30-Dec-2023 |
1.16 Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft |… | https://cyberw1ng.medium.com/1-16-lab-sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft-5f2785ebb06f?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, cybersecurity, bug-bounty, hacking, careers | 30-Dec-2023 |
HTTPX Troubleshooting Issue | https://infosecwriteups.com/httpx-troubleshooting-issue-38b61549126b?source=rss------bug_bounty-5 | Jarred Longoria | bug-bounty, linux, troubleshooting, help, httpx | 30-Dec-2023 |
From Google Dorking to Unauthorized AWS Account Access and Account Takeover | https://medium.com/@ar_hawk/from-google-dorking-to-unauthorized-aws-account-access-and-account-takeover-89eb2b9d284f?source=rss------bug_bounty-5 | Aayush Vishnoi | ssrf, bug-bounty-tips, bug-bounty | 30-Dec-2023 |
Reflected XSS into attribute with angle brackets HTML-encoded | https://medium.com/@marduk.i.am/reflected-xss-into-attribute-with-angle-brackets-html-encoded-986d943b3fd2?source=rss------bug_bounty-5 | Marduk I Am | portswigger-lab, cybersecurity, bug-bounty, cross-site-scripting, xss-vulnerability | 29-Dec-2023 |
Beyond Search Queries: Bug Bounty Hunting with Dorkz | https://medium.com/@paxnull/beyond-search-queries-bug-bounty-hunting-with-dorkz-850cfa8c3ddc?source=rss------bug_bounty-5 | paxnull | tips, dorking, recon, bug-bounty-tips, bug-bounty | 29-Dec-2023 |
Behind the Firewall: My First Valid Bug — Exposing Security Flaw in a multi-dollar Financial and… | https://medium.com/@MohaseenK/behind-the-firewall-my-first-valid-bug-exposing-security-flaw-in-a-multi-dollar-financial-and-ff56e7bc4589?source=rss------bug_bounty-5 | Mohaseen | pentesting, bug-bounty, rate-limiting, hackerone, bugcrowd | 29-Dec-2023 |
How to find unprotected databases with Netlas.io? | https://netlas.medium.com/how-to-find-unprotected-databases-with-netlas-io-2bf186e9fc2d?source=rss------bug_bounty-5 | Netlas.io | osint, penetration-testing, bug-bounty, osint-investigation, cybersecurity | 29-Dec-2023 |
1.15 Lab: SQL injection attack, querying the database type and version on Oracle | 2023 | https://cyberw1ng.medium.com/1-15-lab-sql-injection-attack-querying-the-database-type-and-version-on-oracle-2023-cd4118eb604d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | security, bug-bounty, careers, hacking, cybersecurity | 29-Dec-2023 |
KisMAC is a free, open source wireless stumbling and security tool for Mac OS X | https://medium.com/@dineshpathro593/kismac-is-a-free-open-source-wireless-stumbling-and-security-tool-for-mac-os-x-03746fdea831?source=rss------bug_bounty-5 | Dineshpathro | bugs, bug-bounty, bug-bounty-tips, hacking, hackin | 29-Dec-2023 |
OTP-Bot Tool CLICK HERE | https://medium.com/@dineshpathro593/otp-bot-tool-click-here-7f3ee559ca21?source=rss------bug_bounty-5 | Dineshpathro | bug-bounty-tips, hacking-tools, bug-bounty, hacking, bugs | 29-Dec-2023 |
Recon Tools For Web Application | https://medium.com/@dineshpathro593/recon-tools-for-web-application-714af64e7d07?source=rss------bug_bounty-5 | Dineshpathro | hacking, hacker, bug-bounty, bug-bounty-tips, hackathons | 29-Dec-2023 |
200 Materials of CyberSecurity in PDFs | https://medium.com/@dineshpathro593/200-materials-of-cybersecurity-in-pdfs-e7a942123be5?source=rss------bug_bounty-5 | Dineshpathro | cybersecurity, hackathons, bug-bounty, hacking, bug-bounty-tips | 29-Dec-2023 |
Bug Bounty: The road to my first $1000 through hacking public websites | https://swehtpantz.medium.com/bug-bounty-the-road-to-my-first-1000-through-hacking-public-websites-a0e2aa1b7271?source=rss------bug_bounty-5 | Swehtpantz | ethical-hacking, bug-bounty, bug-bounty-tips, hacking, bugbounty-writeup | 28-Dec-2023 |
HackTheBox(HTB) Writeup — Node | https://medium.com/@harman.preet.singh3738/hackthebox-htb-writeup-node-5600a442e393?source=rss------bug_bounty-5 | Harmanpreet Singh | penetration-testing, bug-bounty, tryhackme, ethical-hacking, hackthebox | 28-Dec-2023 |
️ Protect Yourself: The Power of OPSEC | https://medium.com/@teckgamer07/%EF%B8%8F-protect-yourself-the-power-of-opsec-17a7ec256427?source=rss------bug_bounty-5 | Macmelter | bugsbounty, hacking, bug-bounty, cybersecurity | 28-Dec-2023 |
Multiple RXSS | https://medium.com/@0xchoudhary/multiple-rxss-f3f796287f34?source=rss------bug_bounty-5 | Sushil Choudhary | bounty-hunter, xss-attack, bug-bounty-tips, bug-bounty, hackerone | 28-Dec-2023 |
Stored XSS via File upload(using svg file) | https://medium.com/@paxnull/stored-xss-via-file-upload-using-svg-file-c1e2a33ed8a8?source=rss------bug_bounty-5 | paxnull | bug-bounty, tips, bugbounty-tips, xss-vulnerability, hacking | 28-Dec-2023 |
Authorization problem | https://medium.com/@nguhuynh.148/authorization-problem-2bb053c215cd?source=rss------bug_bounty-5 | Nguhuynh | broken-access-control, hacking, bug-bounty, hacks, bug-bounty-tips | 28-Dec-2023 |
CVE-2023–51356: ARMember <= 4.0.10 — Authenticated Privilege Escalation | https://revan-ar.medium.com/cve-2023-51356-armember-4-0-10-authenticated-privilege-escalation-7e0c7fbe5a79?source=rss------bug_bounty-5 | Revan A | bug-bounty, privilege-escalation, wordpress-plugins, penetration-testing | 28-Dec-2023 |
1.14 Lab: SQL injection with filter bypass via XML encoding | 2023 | https://cyberw1ng.medium.com/1-14-lab-sql-injection-with-filter-bypass-via-xml-encoding-2023-9794dc7bf9f4?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, bug-bounty, penetration-testing, hacking | 28-Dec-2023 |
How I made 7K on Epic Games Bug Bounty | https://medium.com/@synapticspace/how-i-made-7k-on-epic-games-bug-bounty-8529728b9fcf?source=rss------bug_bounty-5 | SynapticSpace | bug-bounty-writeup, hacking, bug-bounty, bug-bounty-tips | 28-Dec-2023 |
How I made 7K on Epic Games Bug Bounty | https://infosecwriteups.com/how-i-made-7k-on-epic-games-bug-bounty-8529728b9fcf?source=rss------bug_bounty-5 | SynapticSpace | bug-bounty-writeup, hacking, bug-bounty, bug-bounty-tips | 28-Dec-2023 |
DOM XSS in jQuery selector sink using a hashchange event | https://medium.com/@marduk.i.am/dom-xss-in-jquery-selector-sink-using-a-hashchange-event-bb3c355b3633?source=rss------bug_bounty-5 | Marduk I Am | portswigger-lab, bug-bounty, dom-xss, cybersecurity, cross-site-scripting | 27-Dec-2023 |
Amass: New Config File Update | https://hackerassociate.medium.com/amass-new-config-file-update-e95d09b6eb70?source=rss------bug_bounty-5 | Harshad Shah | penetration-testing, cybersecurity, infosec, hacking, bug-bounty | 27-Dec-2023 |
DOM XSS on Hackerone Programs — Bug Bounty Tuesday | https://medium.com/@kerstan/dom-xss-on-hackerone-programs-bug-bounty-tuesday-8973ecf6af95?source=rss------bug_bounty-5 | kerstan | xss-attack, security, cybersecurity, technology, bug-bounty | 27-Dec-2023 |
1.13 Lab: Blind SQL injection with out-of-band data exfiltration | 2023 | https://cyberw1ng.medium.com/1-13-lab-blind-sql-injection-with-out-of-band-data-exfiltration-2023-f83a1448b685?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, cybersecurity, hacking, careers | 27-Dec-2023 |
“Crucial Bug Bounty Hacks: Habits with Enduring Benefits” | https://medium.com/@paxnull/secrets-of-the-hunter-pro-tips-for-effective-bug-bounty-hunting-1a261df4444d?source=rss------bug_bounty-5 | paxnull | tips, learning, programming, bugbounty-tips, bug-bounty | 27-Dec-2023 |
Inside the Digital Vault: How I Unearthed PII Goldmine — Exposing 15K GST Users’ Information in a… | https://medium.com/@MohaseenK/inside-the-digital-vault-how-i-unearthed-pii-goldmine-exposing-15k-gst-users-information-in-a-38c3105889ea?source=rss------bug_bounty-5 | Mohaseen | bug-bounty, hackerone, bugcrowd, information-disclosure, indian-government | 27-Dec-2023 |
How Does DNS Work and What is DNS Poisoning? | https://medium.com/@bcanote/how-does-dns-work-and-what-is-dns-poisoning-4c187fb3f2b0?source=rss------bug_bounty-5 | bcanote | cybersecurity, hacking, dns, dns-poisoning, bug-bounty | 27-Dec-2023 |
URL Redirection To DOM XSS on Hackerone Programs -Bug Bounty Tuesday | https://medium.com/@kerstan/dom-xss-on-hackerone-programs-bug-bounty-tuesday-8973ecf6af95?source=rss------bug_bounty-5 | kerstan | xss-attack, security, cybersecurity, technology, bug-bounty | 27-Dec-2023 |
Mastering Bug Bounty: Your Ultimate Guide to Cybersecurity Success | https://medium.com/@umidcyber.s/mastering-bug-bounty-your-ultimate-guide-to-cybersecurity-success-82dc9b30fc02?source=rss------bug_bounty-5 | Umid Mammadov | bug-bounty-tips, tools, bug-bounty, information-technology, bugs | 26-Dec-2023 |
Deep Dive Into XSS | https://medium.com/@kavish2002ev3/deep-dive-into-xss-8420ddccc73b?source=rss------bug_bounty-5 | kavish shah | xss-vulnerability, web-application-security, bug-bounty | 26-Dec-2023 |
The Tale Of Insecure Deserialization: A Journey From Serialization To Exploitation | https://medium.com/@kavish2002ev3/the-tale-of-insecure-deserialization-a-journey-from-serialization-to-exploitation-47400a4c9093?source=rss------bug_bounty-5 | kavish shah | ctf-writeup, web-application-security, insecure-deserialization, bug-bounty | 26-Dec-2023 |
Portswigger Labs — CSRF | https://medium.com/@rynnnn617/portswigger-labs-csrf-10b496d6580c?source=rss------bug_bounty-5 | Ry4nnnn | bug-bounty, portswigger-lab, csrf, burpsuite | 26-Dec-2023 |
1.12 Lab: Blind SQL injection with out-of-band interaction | 2023 | https://infosecwriteups.com/1-12-lab-blind-sql-injection-with-out-of-band-interaction-2023-db12e3b10118?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, careers, cybersecurity, hacking | 26-Dec-2023 |
Navigating Tree-Sitter Queries with jsluice for JavaScript File Analysis | https://lopseg.medium.com/navigating-tree-sitter-queries-with-jsluice-for-javascript-file-analysis-061b7cb4ea9d?source=rss------bug_bounty-5 | Lopseg | bug-bounty-tips, bug-bounty, cybersecurity, bug-bounty-writeup, javascript | 26-Dec-2023 |
Portswigger Labs — CSRF | https://medium.com/@ry4nnnn/portswigger-labs-csrf-10b496d6580c?source=rss------bug_bounty-5 | Ry4nnnn | bug-bounty, portswigger-lab, csrf, burpsuite | 26-Dec-2023 |
Account takeover vulnerability that resulted in $2500 bounty! | https://medium.com/@deadoverflow/account-takeover-vulnerability-that-resulted-in-2500-bounty-e1618363878d?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty, hacking, bug-bounty-tips, cybersecurity, bug-hunting | 25-Dec-2023 |
Content Spoofing & Parameter Injection | https://codingninjablogs.tech/content-spoofing-parameter-injection-0861bfd146d4?source=rss------bug_bounty-5 | #!/Subhankar | injection-attacks, web-pen-testing, bug-bounty, spoofing | 25-Dec-2023 |
Top 3 Password Cracking Tools | https://medium.com/@UsmanAtif/top-3-password-cracking-tools-18801fbdcdae?source=rss------bug_bounty-5 | Muhammad Usman Atif | hacking, cybersecurity, passwords, bug-bounty, penetration-testing | 25-Dec-2023 |
Hackers Target Bug Bounty Hunters with Blackmail Emails | https://rishikadesai.medium.com/hackers-target-bug-bounty-hunters-with-blackmail-emails-421cf57fe4a7?source=rss------bug_bounty-5 | Rishika Desai | threat-intelligence, threat-research, bug-bounty, cyber-security-awareness, cybersecurity | 25-Dec-2023 |
What is LFI (Local File Inclusion) Vulnerability ? | https://medium.com/@errorfiathck/what-is-lfi-local-file-inclusion-vulnerability-c9372e25e389?source=rss------bug_bounty-5 | Errorfiathck | pentesting, lfi, vulnerability, bug-bounty, pentest | 25-Dec-2023 |
Legacy of EternalBlue | https://medium.com/@akshadjoshi/legacy-of-eternalblue-de4d643e8f36?source=rss------bug_bounty-5 | Akshad Joshi | eternalblue, hackthebox, pentesting, bug-bounty, hacking | 24-Dec-2023 |
Hackeando GraphQL: Introducción | https://medium.com/@soyelmago/hackeando-graphql-introducci%C3%B3n-1537af763d0c?source=rss------bug_bounty-5 | Alan Brian @soyelmago | graphql, bug-bounty, information-security, pentesting, hacking | 24-Dec-2023 |
Ceklis Web Pentesting Untuk Pemula — Registration Feature Testing | https://riodrwn.medium.com/ceklis-web-pentesting-untuk-pemula-registration-feature-testing-aceb545b587c?source=rss------bug_bounty-5 | Rio Darmawan | bug-bounty-writeup, bug-bounty, pentesting, bugbounty-writeup, web-penetration-testing | 23-Dec-2023 |
The Crucial Role of Threat Intelligence Sharing in Cybersecurity | https://medium.com/@paritoshblogs/the-crucial-role-of-threat-intelligence-sharing-in-cybersecurity-cd4be0b53a86?source=rss------bug_bounty-5 | Paritosh | programming, hacking, threat-intelligence, cybersecurity, bug-bounty | 23-Dec-2023 |
The Evolving Role of a SOC Analyst | https://medium.com/@paritoshblogs/the-evolving-role-of-a-soc-analyst-c82e3e515558?source=rss------bug_bounty-5 | Paritosh | information-security, cybersecurity, hacking, bug-bounty, soc-analyst | 23-Dec-2023 |
Out-of-Scope, Not Out-of-Impact: Unveiling Significant Sensitive Information Disclosure | https://padsalatushal.medium.com/out-of-scope-not-out-of-impact-unveiling-significant-sensitive-information-disclosure-c8e76c1806e8?source=rss------bug_bounty-5 | Padsala Tushal | cybersecurity, bug-bounty, bug-bounty-tips, infosec, information-disclosure | 23-Dec-2023 |
Hack Story: Unveiling Security Flaws in a Government Portal | https://medium.com/@sahadmk/hack-story-unveiling-security-flaws-in-a-government-portal-995217f877c3?source=rss------bug_bounty-5 | Sahad Mk | bug-bounty, javascript, pentesting, vulnerability, hacking | 23-Dec-2023 |
The ART of Chaining Vulnerabilities | https://ahmdhalabi.medium.com/the-art-of-chaining-vulnerabilities-e65382b7c627?source=rss------bug_bounty-5 | Ahmad Halabi | ethical-hacking, hacking, intelligence, hacker, bug-bounty | 23-Dec-2023 |
Hacking Community | https://medium.com/@mrunknown124154/hacking-community-ab774827006d?source=rss------bug_bounty-5 | Mrunknown | bug-bounty, ethical-hacking, hacking | 23-Dec-2023 |
DoS’ing Zsecurity | https://medium.com/@24bkdoor/dosing-zsecurity-a4cb99396935?source=rss------bug_bounty-5 | 24BkDoor | bug-bounty, ethical-hacking, hacking, web-development, cybersecurity | 22-Dec-2023 |
Securing the Future: Enhancing the Safety of Compound Protocol | https://medium.com/@topcrypto00/securing-the-future-enhancing-the-safety-of-compound-protocol-940498c78d68?source=rss------bug_bounty-5 | Top Crypto | bug-bounty, bug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, compound-protocol | 22-Dec-2023 |
He stored your password in Cookie | https://medium.com/@fixthis1000time/he-stored-your-password-in-cookie-5a6d0478e570?source=rss------bug_bounty-5 | fixthi$ | hacking, bug-bounty, ethical-hacking | 22-Dec-2023 |
How I was able to buy 2500 Rs product for 18rs in E-Commerce Website? | https://medium.com/@shubhamsonani/how-i-was-able-to-buy-2500-rs-product-for-18rs-in-e-commerce-website-ada4e91b5b91?source=rss------bug_bounty-5 | Shubham Sonani | bug-bounty, hacking, bug-bounty-tips, vulnerability, cybersecurity | 22-Dec-2023 |
PJWT Certification | https://medium.com/@OmarAlkhowaiter/pjwt-certification-f4f7995d35f6?source=rss------bug_bounty-5 | Omar Alkhowaiter | certification, bug-bounty, penetration-testing, cybersecurity, web-exploitation | 22-Dec-2023 |
Consentify hits Beta Test phase boosted by a Bug Bounty program! | https://datalaketoken.medium.com/consentify-hits-beta-test-phase-boosted-by-a-bug-bounty-program-6b621eadd02b?source=rss------bug_bounty-5 | Data Lake | healthcare, desci, bug-bounty, data-lake, research | 22-Dec-2023 |
Ideas for Testing Checkout | https://lopseg.medium.com/ideas-for-testing-checkout-eebe6148729d?source=rss------bug_bounty-5 | Lopseg | bug-bounty-tips, infosec, hacking, bug-bounty | 22-Dec-2023 |
Beyond Simple Alerts: Techniques for Evading WAF and Achieving XSS Success | https://lopseg.medium.com/beyond-simple-alerts-techniques-for-evading-waf-and-achieving-xss-success-4409a5bd2ee0?source=rss------bug_bounty-5 | Lopseg | bug-bounty-tips, hacking, xss-attack, bug-bounty | 22-Dec-2023 |
He stored your password in Cookie | https://medium.com/@fixthis1000time/he-stored-your-password-in-cookie-5a6d0478e570?source=rss------bug_bounty-5 | fixthi$ | hacking, bug-bounty, cybersecurity, infosec, ethical-hacking | 22-Dec-2023 |
5 Tips Web Fuzz You Should Know | https://medium.com/@kerstan/5-tips-web-fuzz-you-should-know-00ef6c59407d?source=rss------bug_bounty-5 | kerstan | bug-bounty, hacking, bug-bounty-tips, security, cybersecurity | 21-Dec-2023 |
TryHackMe AoC 2023 Side Quest final thoughts | https://medium.com/@boogsta/tryhackme-aoc-2023-side-quest-final-thoughts-afcb5880be33?source=rss------bug_bounty-5 | Boogsta | hacking, cyber, tryhackme, cybersecurity, bug-bounty | 21-Dec-2023 |
88MPH Vulnerability Exploit and Get Free Crypt0S $$$$$$ | https://medium.com/@vinaysati/88mph-vulnerability-exploit-and-get-free-crypt0s-a4d4a8328dc7?source=rss------bug_bounty-5 | Vinaysati | bug-bounty, hacking, web3bug, bug-bounty-tips, web3 | 21-Dec-2023 |
The art of subdomain monitoring | https://medium.com/@muhannadahmed042/the-art-of-subdomain-monitoring-da610a0f8031?source=rss------bug_bounty-5 | muhannad hazaa | cybersecurity, penetration-testing, bug-bounty, recon | 21-Dec-2023 |
A Business logic error in Google Dialogflow enables a developer to delete the agent directly from… | https://medium.com/@krityamkarma858041/a-business-logic-error-in-google-dialogflow-enables-a-developer-to-delete-the-agent-directly-from-3a5bf2a07706?source=rss------bug_bounty-5 | Krityamkarma | google-vrp, bug-bounty, ethical-hacking, google, hacking | 21-Dec-2023 |
Privacy at Risk: EXIF Metadata Exposure in User-Uploaded Images | https://samshadow.medium.com/privacy-at-risk-exif-metadata-exposure-in-user-uploaded-images-c2481f876d03?source=rss------bug_bounty-5 | Sam Shadow | bug-bounty, bug-bounty-tips, bug-bounty-writeup, infosec, vulnerability | 21-Dec-2023 |
Aspiring Bug Bounty Hunters’ New Year Goals Toolkit | https://sl4x0.medium.com/aspiring-bug-bounty-hunters-new-year-goals-toolkit-a156c96e9de7?source=rss------bug_bounty-5 | Abdelrhman Allam (sl4x0) | bug-bounty, new-year, goals, mindset, success | 21-Dec-2023 |
How Can Artificial Intelligence Revolutionize Bug Bounty? | https://medium.com/@zouhairelgarouni/how-can-artificial-intelligence-revolutionize-bug-bounty-664e7f5ed3dd?source=rss------bug_bounty-5 | ZOUHAIR EL GAROUNI | technology, cybersecurity, bug-bounty, artificial-intelligence, cyberattack | 21-Dec-2023 |
I made online store to pay for my orders and get me free refunds. | https://medium.com/@shubhamsonani/i-made-online-store-to-pay-for-my-orders-and-get-me-free-refunds-6f4db5893c13?source=rss------bug_bounty-5 | Shubham Sonani | bug-bounty-tips, cybersecurity, vulnerability, hacking, bug-bounty | 21-Dec-2023 |
5 Tips Web Fuzz You Should Know | https://medium.com/@kerstan/5-tips-web-fuzz-you-should-know-00ef6c59407d?source=rss------bug_bounty-5 | kerstan | technology, bug-bounty, hacking, security, cybersecurity | 21-Dec-2023 |
A list of 50 tools every hacker should know | https://thexssrat.medium.com/a-list-of-50-tools-every-hacker-should-know-df8d87cf4b58?source=rss------bug_bounty-5 | Thexssrat | hacking-tools, hacking, bug-bounty, ethical-hacking | 21-Dec-2023 |
Open Redirect Validation Bypass Leads To Account Take Over (ATO) | https://medium.com/@ozomarzu/open-redirect-validation-bypass-leads-to-account-take-over-ato-5166b3416e3f?source=rss------bug_bounty-5 | CyberOz | bug-hunting, bug-bounty, bug-bounty-tips, hacker, web-security | 21-Dec-2023 |
Code4rena Blue vs. Traditional Bug Bounties | https://medium.com/code4rena/code4rena-blue-vs-traditional-bug-bounties-478f469057c9?source=rss------bug_bounty-5 | aramas | bug-bounty, smart-contract-security, code4rena, code4rena-blue | 21-Dec-2023 |
A Very Basic Beginner Bug Bounty Methodology | https://thexssrat.medium.com/a-very-basic-beginner-bug-bounty-methodology-15eca16ca787?source=rss------bug_bounty-5 | Thexssrat | hacking, bug-bounty, ethical-hacking | 21-Dec-2023 |
Bug Bounty: Tips for Finding Your First Bug as a Beginner | https://graph33.medium.com/bug-bounty-tips-for-finding-your-first-bug-as-a-beginner-120f71c709cd?source=rss------bug_bounty-5 | GHS08 | bug-bounty, hacking, cracking, coding | 21-Dec-2023 |
How My 9-Month-Old Daughter Earned Over $1,000 in a Bug Bounty Program | https://maxilect-company.medium.com/how-my-9-month-old-daughter-earned-over-1-000-in-a-bug-bounty-program-be9ba1d77cad?source=rss------bug_bounty-5 | Maxilect | samsun, bug-bounty-program, bug-bounty | 20-Dec-2023 |
This is how much I made in my first year as a Bug Bounty Hunter in 2023 — Graduation Bonus! | https://medium.com/@avbhijitdutta99/this-is-how-much-i-made-in-my-first-year-as-a-bug-bounty-hunter-in-2023-graduation-bonus-b45875225c88?source=rss------bug_bounty-5 | Abhijit Dutta | bug-bounty-tips, bug-bounty-program, bug-bounty, bugbountychallenge, bug-bounty-writeup | 20-Dec-2023 |
DOM XSS in jQuery anchor href attribute sink using location.search source | https://medium.com/@marduk.i.am/dom-xss-in-jquery-anchor-href-attribute-sink-using-location-search-source-b1000b4b16b3?source=rss------bug_bounty-5 | Marduk I Am | cross-site-scripting, portswigger-lab, cybersecurity, bug-bounty, dom-xss | 20-Dec-2023 |
How I doubled the store wallet amount for free? | https://medium.com/@shubhamsonani/how-i-doubled-the-store-wallet-amount-for-free-d7396c05a304?source=rss------bug_bounty-5 | Shubham Sonani | bug-bounty-tips, hacking, bug-bounty, cybersecurity, web-application-testing | 20-Dec-2023 |
Top Burp Suite Extensions Used by Penetration Testers | https://medium.com/@bharatvarshney567/top-burp-suite-extensions-used-by-penetration-testers-fa90fe26816c?source=rss------bug_bounty-5 | Bharat Varshney | owasp, bug-bounty, security-testing, security-services, penetration-testing | 20-Dec-2023 |
How to earn with earn bug boutny part-2? | https://medium.com/@ashutoshgiri133/how-to-earn-with-earn-bug-boutny-part-2-1dcfe1922a33?source=rss------bug_bounty-5 | Tech Blaze ごじょ | coding, money, bug-bounty, business | 20-Dec-2023 |
“CVE-2023–43837: Two-Factor Authentication (x2FA) Bypass Vulnerability in Roundcube Webmail Plugin” | https://medium.com/@ChandSingh/cve-2023-43837-two-factor-authentication-x2fa-bypass-vulnerability-in-roundcube-webmail-plugin-f2fef177187e?source=rss------bug_bounty-5 | Chand Singh | cve, vulnerability, cybersecurity, bug-bounty, security | 20-Dec-2023 |
Web Security Diary | https://medium.com/@muratkabakk1/web-security-diary-4b2148326abe?source=rss------bug_bounty-5 | Murat K | bug-bounty, web-security | 20-Dec-2023 |
Introducing Code4rena Blue: More than just bug bounties | https://medium.com/code4rena/introducing-code4rena-blue-more-than-just-bug-bounties-f2a9949c6b9c?source=rss------bug_bounty-5 | aramas | smart-contract-security, code4rena, bug-bounty | 20-Dec-2023 |
Learn Command Injection Vulnerabilities | https://bicodev.medium.com/learn-command-injection-vulnerabilities-2a8ed26eb47a?source=rss------bug_bounty-5 | BICODEV | linux, python-programming, cybersecurity, bug-bounty, penetration-testing | 19-Dec-2023 |
Hack the Web like a Pirate: Identifying Vulnerabilities with Style | https://bicodev.medium.com/hack-the-web-like-a-pirate-identifying-vulnerabilities-with-style-171246a302a5?source=rss------bug_bounty-5 | BICODEV | python, bug-bounty, cybersecurity, hacker, penetration-testing | 19-Dec-2023 |
3 Steps Discovered XXE You should Know | https://medium.com/@kerstan/3-steps-discovered-xxe-you-should-know-d779ab5eb056?source=rss------bug_bounty-5 | kerstan | security, pentesting, hacking, cybersecurity, bug-bounty | 19-Dec-2023 |
DOM XSS in innerHTML sink using source location.search | https://medium.com/@marduk.i.am/dom-xss-in-innerhtml-sink-using-source-location-search-a3ac4546ca5c?source=rss------bug_bounty-5 | Marduk I Am | bug-bounty, cybersecurity, dom-xss, cross-site-scripting, portswigger-lab | 19-Dec-2023 |
Zero Trust Architecture | https://medium.com/@khan.ghufran.0000/zero-trust-architecture-f47e9da3eaec?source=rss------bug_bounty-5 | Khan Ghufran | architecture, bug-bounty, cybersecurity, cyber-security-solutions, infosec | 19-Dec-2023 |
Rekomendasi Buku Bug Bounty Untuk Pemula | https://medium.com/@arenaldyp/rekomendasi-buku-bug-bounty-untuk-pemula-5aadd03f434f?source=rss------bug_bounty-5 | K1ngP1ng | bug-bounty, indonesia, web-security, recommendations, hacking | 19-Dec-2023 |
Is It Worth Quitting 9–5 Job For a Full-Time Bug Bounty? | https://ajaksecurity.medium.com/is-it-worth-quitting-9-5-job-for-a-full-time-bug-bounty-8274f6808aab?source=rss------bug_bounty-5 | Ajak Cyber security | ethical-hacking, cybersecurity, blog, jobs, bug-bounty | 19-Dec-2023 |
Directory Listing Vulnerability | https://medium.com/@digant_15/directory-listing-vulnerability-b2e1583d8a7e?source=rss------bug_bounty-5 | Digant Prajapati | cybersecurity, directory-listing, bug-bounty | 19-Dec-2023 |
How One Bug Scored Me Double Rewards! | https://anasbetis023.medium.com/how-one-bug-scored-me-double-rewards-355b8d02cdbf?source=rss------bug_bounty-5 | Anas H Hmaidy | cybersecurity, bug-bounty, penetration-testing, ethical-hacking, web-security | 19-Dec-2023 |
Join Any Facebook Group As Deactivated Additional Profile | https://zerocode-ph.medium.com/join-any-facebook-group-as-deactivated-additional-profile-f63a31db7797?source=rss------bug_bounty-5 | Syd Ricafort | facebook, bug-bounty, facebook-bug-bounty | 19-Dec-2023 |
How I Found SQL Injection worth of $4,000 bounty | https://roberto99.medium.com/how-i-found-sql-injection-worth-of-4-000-bounty-16ca09cbf8ec?source=rss------bug_bounty-5 | Roberto Nunes | bug-bounty, sql-injection, bug-bounty-writeup, bug-bounty-tips, reconnaissance | 19-Dec-2023 |
#6.TryHackMe Series writeups: Brooklyn Nine Nine | https://cyb3rmind.medium.com/6-tryhackme-series-writeups-brooklyn-nine-nine-a0f7f074cbab?source=rss------bug_bounty-5 | Cyb3r M!nd | thm-writeup, tryhackme, ctf-writeup, brooklyn-nine-nine, bug-bounty | 19-Dec-2023 |
The Ultimate Guide to Uncovering XSS Vulnerabilities at Scale | https://medium.com/@cyndybruce1967/the-ultimate-guide-to-uncovering-xss-vulnerabilities-at-scale-1f35ecb765b7?source=rss------bug_bounty-5 | Cyndybruce | cybersecurity, penetration-testing, automation, bug-bounty, xs | 19-Dec-2023 |
The Ultimate Guide to Hunting for XSS Vulnerabilities at Scale | https://medium.com/@elitumbleson1978/the-ultimate-guide-to-hunting-for-xss-vulnerabilities-at-scale-bfde4a9beae6?source=rss------bug_bounty-5 | Elitumbleson | cybersecurity, penetration-testing, bug-bounty, xs, automation | 19-Dec-2023 |
Understanding Cross-Site Scripting (XSS) Attacks: Risks, Prevention, and Impact | https://securitylit.medium.com/understanding-cross-site-scripting-xss-attacks-risks-prevention-and-impact-ce002e5fbb1a?source=rss------bug_bounty-5 | Security Lit Limited | xss-attack, technology, bug-bounty, cybersecurity, vulnerability | 18-Dec-2023 |
why you need to filter the input and the output — stored xss | https://medium.com/@Mr3Moe/why-you-need-to-filter-the-input-and-the-output-stored-xss-66f67c663703?source=rss------bug_bounty-5 | Mr3Moe | web-penetration-testing, appsec, bug-bounty | 18-Dec-2023 |
Lets Dive into the Intense World of Malware Analysis! | https://medium.com/@paritoshblogs/lets-dive-into-the-intense-world-of-malware-analysis-3c9e242d8c16?source=rss------bug_bounty-5 | Paritosh | information-security, malware-analysis, cybersecurity, programming, bug-bounty | 18-Dec-2023 |
Burp Suite Bambda | https://medium.com/offensive-black-hat-hacking-security/burp-suite-bambda-b9b8f57d6b46?source=rss------bug_bounty-5 | Harshad Shah | bug-bounty, hacking, cybersecurity, infosec, penetration-testing | 18-Dec-2023 |
Top Burp Suite Extensions Used by Penetration Testers | https://securitycipher.medium.com/top-burp-suite-extensions-used-by-penetration-testers-ee971a73256a?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | bug-bounty-tips, security, cybersecurity, bug-bounty, technology | 18-Dec-2023 |
How to write a perfect pentest report | https://arex-godofwar.medium.com/how-to-write-a-perfect-pentest-report-edb63cc68b36?source=rss------bug_bounty-5 | Ahmadreza Parsizadeh | pentesting, bug-bounty, reporting, offensive-security | 18-Dec-2023 |
Mastering Web Application Security: Defending Against Injections and Broken Access Control | https://medium.com/@moldovanzsombor/mastering-web-application-security-defending-against-injections-and-broken-access-control-34161cbefc8f?source=rss------bug_bounty-5 | Moldovan Zsombor | hacking, cybersecurity, web-applications, bug-bounty | 18-Dec-2023 |
CyberSecurity Day 01 to 100: DAY 08 |A Comprehensive Guide for Novices and Experts | https://medium.com/@acs_society/cybersecurity-day-01-to-100-day-08-a-comprehensive-guide-for-novices-and-experts-55d3ef86abbf?source=rss------bug_bounty-5 | Association For Cyber Security | acsociety, ethical-hacking, cybersecurity, bug-bounty, security-engineer | 18-Dec-2023 |
This Tool Helps Me To Find The Origin IP Address | https://ajaksecurity.medium.com/this-tool-helps-me-to-find-the-origin-ip-address-d9c2abceafb2?source=rss------bug_bounty-5 | Ajak Cyber security | hacking, ethical-hacking, blog, bug-bounty, penetration-testing | 18-Dec-2023 |
ParagonsDAO’s Bug Bounty Program | https://medium.com/paragonsdao/paragonsdaos-bug-bounty-program-8cfb82f786c0?source=rss------bug_bounty-5 | ParagonsDAO | web3, immunefi, bug-bounty, paragonsdao | 18-Dec-2023 |
Go Witness Install Guide… | https://medium.com/@psychomong/go-witness-install-guide-a62d96be30b0?source=rss------bug_bounty-5 | psychomong | hacking-tools, bug-bounty, golang, hacking, osint | 18-Dec-2023 |
CyberSecurity Day 01 to 100: DAY 08 | A Comprehensive Guide for Novices and Experts | https://medium.com/@acs_society/cybersecurity-day-01-to-100-day-08-a-comprehensive-guide-for-novices-and-experts-55d3ef86abbf?source=rss------bug_bounty-5 | Association For Cyber Security | acsociety, ethical-hacking, cybersecurity, bug-bounty, security-engineer | 18-Dec-2023 |
How I Could Leak Phone Numbers and Emails of Indian Voters and Applicants | https://medium.com/@Mr.Equinox/how-i-could-leak-phone-numbers-and-emails-of-indian-voters-and-applicants-dd1fc699d81e?source=rss------bug_bounty-5 | Sahil Mhatre | bug-bounty, mybugs, bug-hunting, api-security, vapt | 18-Dec-2023 |
Horizon Protocol V2 — Hacken Bug Bounty Program Now Live On Testnet | https://horizonprotocol.medium.com/horizon-protocol-v2-hacken-bug-bounty-program-now-live-on-testnet-4617205c7184?source=rss------bug_bounty-5 | Horizon Protocol | bug-bounty, defi, hacken, derivatives, synthetic-asset | 18-Dec-2023 |
Getting Started with Recon Automation using ReNgine on Windows (WSL): Installation Guide | https://mxmd.medium.com/getting-started-with-recon-automation-using-rengine-on-windows-wsl-installation-guide-50ad95b8a7a9?source=rss------bug_bounty-5 | Max Klose | reconnaissance, bug-bounty-hunting, automation, bug-bounty, guides-and-tutorials | 18-Dec-2023 |
Bug Zero at a Glance [19–30 November] | https://blog.bugzero.io/bug-zero-at-a-glance-19-30-november-8470a11d3015?source=rss------bug_bounty-5 | Januka Dharmapriya | bug-zero, newsletter, cybersecurity, sri-lanka, bug-bounty | 17-Dec-2023 |
Mitel MiCollab AWV Directory Traversal Vulnerability (CVE-2020–11798) | https://samshadow.medium.com/mitel-micollab-awv-directory-traversal-vulnerability-cve-2020-11798-ec1408cd35b9?source=rss------bug_bounty-5 | Sam Shadow | bug-bounty, bug-bounty-writeup, bug-bounty-tips, vulnerability, directory-traversal | 17-Dec-2023 |
Unveiling a Security Flaw: The Divergence of OTP and Link Password Authentication in redacted.com | https://medium.com/@MohaseenK/unveiling-a-security-flaw-the-divergence-of-otp-and-link-password-authentication-in-redacted-com-27e0cc2dc73c?source=rss------bug_bounty-5 | Mohaseen | bug-hunting, password-reset, bug-bounty, hackerone | 17-Dec-2023 |
XSSRF : The Unholy Matrimony of XSS and SSRF | https://naumankh4n.medium.com/xssrf-the-unholy-matrimony-of-xss-and-ssrf-89f7abfca5b3?source=rss------bug_bounty-5 | Nauman Khan | cybersecurity, hacking, bug-bounty, penetration-testing, money | 17-Dec-2023 |
Bug Bounty programmes give people the fear (they shouldn’t) | https://medium.com/@ethanrom/bug-bounty-programmes-give-people-the-fear-they-shouldnt-755466351140?source=rss------bug_bounty-5 | Leo C | hacking, cybersecurity, ciso, culture, bug-bounty | 17-Dec-2023 |
V3 Testnet Bug Bounty | https://tribeone.medium.com/v3-testnet-bug-bounty-8281b8775843?source=rss------bug_bounty-5 | TribeOne | nft, smart-contract-security, bug-bounty | 17-Dec-2023 |
DOM XSS in document.write sink using source location.search | https://medium.com/@marduk.i.am/dom-xss-in-document-write-sink-using-source-location-search-ae458bc5c85f?source=rss------bug_bounty-5 | Marduk I Am | dom-xss, cross-site-scripting, cybersecurity, bug-bounty, portswigger-lab | 17-Dec-2023 |
Reflected XSS in BGMI | https://medium.com/@patil97/reflected-xss-in-bgmi-38ed48773981?source=rss------bug_bounty-5 | Patil97 | bug-bounty, xs, bugs, security | 17-Dec-2023 |
Main Methodology 1 | Part 04 | What To Do After Choosing a Target | https://infosecwriteups.com/main-methodology-1-part-04-what-to-do-after-choosing-a-target-f9cea586d6af?source=rss------bug_bounty-5 | Om Arora | bug-bounty, bug-bounty-tips, hacking, infosec, methodology | 17-Dec-2023 |
When not to rely on Automated Tools | https://medium.com/@rodriguezjorgex/when-not-to-rely-on-automated-tools-429b331e0613?source=rss------bug_bounty-5 | Rodriguezjorgex | cybersecurity, bug-bounty, xss-attack, prototype-pollution, bug-bounty-tips | 16-Dec-2023 |
Escalating DOM XSS to Stored XSS | https://medium.com/@rodriguezjorgex/escalating-dom-xss-to-stored-xss-eb6f3a669af3?source=rss------bug_bounty-5 | Rodriguezjorgex | cross-site-scripting, bug-bounty, hacking, cybersecurity, xss-attack | 16-Dec-2023 |
Mitigating Risks: Securing Symfony Profiler from Unwanted Exposure | https://samshadow.medium.com/mitigating-risks-securing-symfony-profiler-from-unwanted-exposure-14e90a53dd65?source=rss------bug_bounty-5 | Sam Shadow | bug-bounty-writeup, bug-bounty, bug-bounty-tips, vulnerability | 16-Dec-2023 |
Unveiling Vulnerabilities: PHP Debug Bar Exposes Sensitive Information | https://samshadow.medium.com/unveiling-vulnerabilities-php-debug-bar-exposes-sensitive-information-ca341267fe33?source=rss------bug_bounty-5 | Sam Shadow | vulnerability, bug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter | 16-Dec-2023 |
Self-XSS to Stored XSS | https://medium.com/@rodriguezjorgex/self-xss-to-stored-xss-b4b999610c5b?source=rss------bug_bounty-5 | Rodriguezjorgex | hacking, cybersecurity, bug-bounty, xss-attack, bug-bounty-tips | 16-Dec-2023 |
Unveiling CVE-2019-11248: A Vulnerability in Kubernetes | https://samshadow.medium.com/unveiling-cve-2019-11248-a-vulnerability-in-kubernetes-83a831afaccd?source=rss------bug_bounty-5 | Sam Shadow | bug-bounty, bug-bounty-hunter, bug-bounty-tips, vulnerability, bug-bounty-writeup | 16-Dec-2023 |
DOM-based vulnerabilities | https://ayonthakur101.medium.com/dom-based-vulnerabilities-db02d7437b26?source=rss------bug_bounty-5 | Ayon Thakur | penetration-testing, bug-bounty, hacker, portswigger, burp-suit | 16-Dec-2023 |
SSTI gave me T-Shirt + € 50 | https://medium.com/@bug.hun3r/ssti-got-me-t-shirt-50-a8672ca766c9?source=rss------bug_bounty-5 | mo9kHu93r | information-security, bug-bounty, bug-hunting, info-sec-writeups, cybersecurity | 16-Dec-2023 |
Kakar Security | https://medium.com/@walikhankakar313/kakar-security-cf15f39baede?source=rss------bug_bounty-5 | Wali Khan Kakar | website-scanning, penetration, security, hacking-world, bug-bounty | 16-Dec-2023 |
Headline: Indian Government Issues High-Risk Warning for Samsung Galaxy S23 and Other Models | https://riglabscollective.medium.com/headline-indian-government-issues-high-risk-warning-for-samsung-galaxy-s23-and-other-models-2c153d5bcc62?source=rss------bug_bounty-5 | Riglabs Collective | samsung-galaxy, india, s23ultra, mobile, bug-bounty | 15-Dec-2023 |
6 Quick Discover Bug Search Syntax In Code-base | https://medium.com/@kerstan/6-quick-discover-bug-search-syntax-in-code-base-eb3d6fb6e929?source=rss------bug_bounty-5 | kerstan | hacker, cybersecurity, bug-bounty, security, bug-bounty-tips | 15-Dec-2023 |
Easy Money from the Most Trivially Easy Broken Access Control | https://abd11atarek.medium.com/easy-money-from-the-most-trivially-easy-broken-access-control-4d810af327f7?source=rss------bug_bounty-5 | abda11atarek | bugcrowd, bug-bounty-tips, bug-hunter, bug-bounty, broken-access-control | 15-Dec-2023 |
HTTP/2 Request Smuggling | https://medium.com/@kerstan/http-2-request-smuggling-b6ef5ae351fb?source=rss------bug_bounty-5 | kerstan | hacking, https, bug-bounty-tips, bug-bounty, cybersecurity | 15-Dec-2023 |
3 Cases of DOM XSS in Bug Bounty | https://medium.com/@kerstan/3-cases-of-dom-xss-in-bug-bounty-0744003f0b2b?source=rss------bug_bounty-5 | kerstan | bug-bounty, xss-attack, hacking, cybersecurity, bug-bounty-tips | 15-Dec-2023 |
How I Automatically Discovered SSRF in Hackerone Program | https://medium.com/@kerstan/how-i-automatically-discovered-ssrf-in-hackerone-program-2ae0b7a6ef1b?source=rss------bug_bounty-5 | kerstan | bug-bounty-tips, cybersecurity, hacking, ssrf, bug-bounty | 15-Dec-2023 |
How I Discovered SSRF on Hackerone Program | https://medium.com/@kerstan/how-i-discovered-ssrf-on-hackerone-program-7bbe72334f74?source=rss------bug_bounty-5 | kerstan | bug-bounty-tips, bug-bounty, ssrf, hacker, graphql | 15-Dec-2023 |
From CloudSec to Application Security, Bug Bounties to Cybersecurity tooling, and More | https://infosecwriteups.com/from-cloudsec-to-application-security-bug-bounties-to-cybersecurity-tooling-and-more-9f4a1819620c?source=rss------bug_bounty-5 | InfoSec Write-ups | hacking, conference, bug-bounty, security, information-security | 15-Dec-2023 |
One port can be a costly mistake | Attack The Rsync Service in a Private Program | https://medium.com/@sword0x00/one-port-can-be-a-costly-mistake-attack-the-rsync-service-in-a-private-program-cdbf9ecc650d?source=rss------bug_bounty-5 | Mohanad Hesham | rsync, bug-bounty, fingerprinting, port-scan, hacking | 15-Dec-2023 |
How To Explore and Exploit GraphQL [Indonesia] | https://revan-ar.medium.com/how-to-explore-and-exploit-graphql-indonesia-562c560f46c6?source=rss------bug_bounty-5 | Revan A | bug-bounty, web-security, api, penetration-testing, graphql | 15-Dec-2023 |
Subdomain Takeover in Azure Trafficmanager for Fun & Profit | https://padsalatushal.medium.com/subdomain-takeover-in-azure-trafficmanager-for-fun-profit-09c858ca3d0e?source=rss------bug_bounty-5 | Padsala Tushal | bug-bounty, cybersecurity, infosec, subdomain-takeover, bug-bounty-tips | 15-Dec-2023 |
Cookie Quest: XSS Admin Assault | https://medium.com/@josh.beck2006/cookie-quest-xss-admin-assault-694769f84796?source=rss------bug_bounty-5 | Josh Beck | cybersecurity, programming, penetration-testing, bug-bounty, ctf-writeup | 14-Dec-2023 |
How did I find open redirect on LinkedIn | https://medium.com/@neverl0gbughunt/how-did-i-find-open-redirect-on-linkedin-e35918b3b129?source=rss------bug_bounty-5 | neverl0g | bug-bounty-tips, bug-bounty-writeup, bug-bounty | 14-Dec-2023 |
All about Ethical Hacking | https://securitycipher.medium.com/all-about-ethical-hacking-277b9c3e4b36?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | technology, security, cybersecurity, bug-bounty, hacking | 14-Dec-2023 |
Uncovering an Account Takeover Vulnerability: Auth Bypass via Response Manipulation. | https://medium.com/@kataeriidubstep/uncovering-an-account-takeover-vulnerability-auth-bypass-via-response-manipulation-ba8257f917d2?source=rss------bug_bounty-5 | Pavan kumar.G | cybersecurity, appsec, bug-bounty | 14-Dec-2023 |
Remote Code execution at ws1.aholdusa.com — Compromising logins of Ahold Delhaize USA employees | https://medium.com/@jonathanbouman/remote-code-execution-at-ws1-aholdusa-com-compromising-logins-of-ahold-delhaize-usa-employees-c7c9aca7e05d?source=rss------bug_bounty-5 | Jonathan Bouman | cybersecurity, bug-bounty, rce, hacking, security | 14-Dec-2023 |
How I Quickly Discover Bug In Codebase | https://medium.com/@kerstan/how-i-quickly-discover-bug-in-code-6a3bfa7e6e82?source=rss------bug_bounty-5 | kerstan | bug-bounty, programming, technology, code-review, cybersecurity | 14-Dec-2023 |
How i found a Permanent Denial of Service via Account Lockout: | https://medium.com/@kataeriidubstep/how-i-found-a-permanent-denial-of-service-via-account-lockout-ac1bc33c3c0a?source=rss------bug_bounty-5 | Pavan kumar.G | appsec, cybersecurity, bug-bounty | 14-Dec-2023 |
How i found a Misconfigured CORS Vulnerability — Unauthorized Cross-Origin Resource Sharing : | https://medium.com/@kataeriidubstep/how-i-found-a-misconfigured-cors-vulnerability-unauthorized-cross-origin-resource-sharing-16effea37e78?source=rss------bug_bounty-5 | Pavan kumar.G | appsec, cybersecurity, bug-bounty | 14-Dec-2023 |
How i found a Password Reset Token Leak via Referer Header: | https://medium.com/@kataeriidubstep/how-i-found-a-password-reset-token-leak-via-referer-header-7d71d35b0ea8?source=rss------bug_bounty-5 | Pavan kumar.G | appsec, cybersecurity, bug-bounty | 14-Dec-2023 |
Adobe Recap: 2023 Ambassador World Cup Final Four | https://blog.developer.adobe.com/adobe-recap-2023-ambassador-world-cup-final-four-df701e1a1b12?source=rss------bug_bounty-5 | Chris Parkerson | hacking, security, bug-bounty, hackathons, security-research | 14-Dec-2023 |
Starlink Router Gen 2 is vulnerable to XSS. | https://medium.com/@hackintoanetwork/starlink-router-gen-2-is-vulnerable-to-xss-48cfcadd0b13?source=rss------bug_bounty-5 | hackintoanetwork | bug-bounty, starlink, exploit, dishy, router | 14-Dec-2023 |
VulnLab — SQL Injection series — Bypass Login part 2(Database Collect) | https://medium.com/@kurobe09/vulnlab-sql-injection-series-bypass-login-part-2-database-collect-1e6aa36a1308?source=rss------bug_bounty-5 | kurobe09 | cybersecurity, cyberattack, pentest-learnings, sql-injection, bug-bounty | 13-Dec-2023 |
Cross-Site Scripting (XSS) | https://medium.com/@savanghori1203/cross-site-scripting-xss-c288793349a9?source=rss------bug_bounty-5 | SavanGhori | bug-bounty, xss-attack, xss-vulnerability, bug-bounty-tips, vulnerability | 13-Dec-2023 |
phpinfo() — My First Resolved Bug in HackerOne | https://medium.com/@ft.eagle.eye.1/phpinfo-my-first-resolved-bug-in-hackerone-a22fea1adb9b?source=rss------bug_bounty-5 | Muhammad Farhad Ansary | bug-bounty, bug-bounty-tips | 13-Dec-2023 |
AppSec Tales XXIV | Deserialization | https://karol-mazurek95.medium.com/appsec-tales-xxiv-deserialization-841d6bfaa710?source=rss------bug_bounty-5 | Karol Mazurek | penetration-testing, bug-bounty, information-technology, information-security, cybersecurity | 13-Dec-2023 |
Only 3 Days Left For IWCON 2023 | https://infosecwriteups.com/only-3-days-left-for-iwcon-2023-bab915df5ae8?source=rss------bug_bounty-5 | InfoSec Write-ups | hacking, bug-bounty, conference, information-security, programming | 13-Dec-2023 |
A misconfiguration in the password reset process can lead to an account takeover. | https://medium.com/@Mr3Moe/a-misconfiguration-in-the-password-reset-process-can-lead-to-an-account-takeover-30c43e17d744?source=rss------bug_bounty-5 | Mr3Moe | web-application-security, web-app-pentesting, bug-bounty, web-app-security | 13-Dec-2023 |
I found out what my neighbour was looking at on the internet, This is how ? | https://navnee1h.medium.com/i-found-out-what-my-neighbour-was-looking-at-on-the-internet-this-is-how-050c4dfef8b4?source=rss------bug_bounty-5 | Navaneeth M S | bug-bounty, monitoring, dns, hacking, wifi | 13-Dec-2023 |
Day 13 Bug Bounty — 60 days 60 bugs challenge (Found P1!!! Hope it gets accepted) | https://medium.com/@avbhijitdutta99/day-13-bug-bounty-60-days-60-bugs-challenge-found-p1-hope-it-gets-accepted-670f0dcc25f3?source=rss------bug_bounty-5 | Abhijit Dutta | bug-bounty-writeup, bug-bounty, bug-bounty-program, bug-bounty-tips, bugbountychallenge | 13-Dec-2023 |
OpenBounty, Shentu’s New Approach in Security Ecosystem | https://shentuchain.medium.com/openbounty-shentus-new-approach-in-security-ecosystem-fbae6506d956?source=rss------bug_bounty-5 | Shentu Chain | bounty-program, bounty-hunter, bug-bounty, web3, cybersecurity | 12-Dec-2023 |
Mobile Application Security Testing: Navigating the Digital Landscape Safely | https://medium.com/geekculture/mobile-application-security-testing-navigating-the-digital-landscape-safely-3aead90a5455?source=rss------bug_bounty-5 | Security Lit Limited | mobile-security, cybersecurity, programming, vapt, bug-bounty | 12-Dec-2023 |
I will do Vulnerability Assessment and penetration testing on your website | https://securitycipher.medium.com/i-will-do-vulnerability-assessment-and-penetration-testing-on-your-website-5cd4fb147a33?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | services, bug-bounty, security, cybersecurity, technology | 12-Dec-2023 |
Skills Needed For Bug Bounty | https://medium.com/@joshdesharnais1/skills-needed-for-bug-bounty-23e289ef0853?source=rss------bug_bounty-5 | Joshua Desharnais | xss-attack, idor, bug-bounty, account-takeover | 12-Dec-2023 |
Duplicate CSRF… Leads to $$$$ | https://shellbreaker.medium.com/duplicate-csrf-leads-to-26c1ddc71dc5?source=rss------bug_bounty-5 | Bhavesh aka Shellbreaker | hacking, info-sec-writeups, bug-bounty, cybersecurity, bug-bounty-tips | 12-Dec-2023 |
Server-Side Request Forgery (SSRF) | https://medium.com/@savanghori1203/server-side-request-forgery-ssrf-ca04465ac41a?source=rss------bug_bounty-5 | SavanGhori | bug-bounty, vulnerability, bug-bounty-tips, ssrf, bugs | 12-Dec-2023 |
Remote Code Execution (RCE) | https://medium.com/@savanghori1203/remote-code-execution-rce-e8628b1432de?source=rss------bug_bounty-5 | SavanGhori | bug-bounty-tips, bugs, vulnerability, rce, bug-bounty | 12-Dec-2023 |
Join ARPA’s Bug Bounty Program with Immunefi — Up to $50,000 in Rewards! | https://arpa.medium.com/join-arpas-bug-bounty-program-with-immunefi-up-to-50-000-in-rewards-18d9fbd7b193?source=rss------bug_bounty-5 | ARPA Official | blockchain, developer, bug-bounty, debugging | 12-Dec-2023 |
Easy Admin Access — RVDP (2) | https://infosecwriteups.com/easy-admin-access-rvdp-2-bf2ec8349ebf?source=rss------bug_bounty-5 | hackerdevil | penetration-testing, hacking, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 12-Dec-2023 |
One Scheme to Rule Them All: OAuth Account Takeover | https://medium.com/@ostorlab/one-scheme-to-rule-them-all-oauth-account-takeover-26ac4cb5e898?source=rss------bug_bounty-5 | Ostorlab | mobile-security, bug-bounty, oauth, bug-bounty-tips, account-takeover | 12-Dec-2023 |
The launch of incentivized testnet for TribeOne V3 | https://tribeone.medium.com/the-launch-of-incentivized-testnet-for-tribeone-v3-6e12a1eb6d0f?source=rss------bug_bounty-5 | TribeOne | bug-bounty, perpetual-contracts, testnet, nft, trading-competition | 12-Dec-2023 |
Hacking NASA and Got Hall of Fame | https://medium.com/@bug.hun3r/hacking-nasa-and-got-hall-of-fame-71f9a344d1d0?source=rss------bug_bounty-5 | mo9kHu93r | penetration-testing, cybersecurity, nasa, ethical-hacking, bug-bounty | 12-Dec-2023 |
Build3rs Bug Bounty Program | https://medium.com/@Lay3rsXR/build3rs-bug-bounty-program-8b874bdfee0e?source=rss------bug_bounty-5 | Lay3rs | build3rs, bug-bounty, blockchain, refis | 12-Dec-2023 |
Bug Bounty and Hacking Books You Should Read (Must Read) | https://rajkaran359.medium.com/bug-bounty-and-hacking-books-you-should-read-must-read-57ca722ad51d?source=rss------bug_bounty-5 | Rajkaran | bug-bounty, hacking-books, hacking, cybersecurity, bug-bounty-tips | 12-Dec-2023 |
How I got $300 for Default Credential Login at Bugcrowd | https://medium.com/@avbhijitdutta99/how-i-got-300-for-default-credential-login-at-bugcrowd-30368eb698f7?source=rss------bug_bounty-5 | Abhijit Dutta | bug-bounty-tips, bug-bounty-program, bug-bounty, bug-bounty-writeup | 12-Dec-2023 |
missing session scopes lead to authentication bypass | https://medium.com/@Mr3Moe/missing-session-scopes-lead-to-authentication-bypass-2e1cdaebda7b?source=rss------bug_bounty-5 | Mr3Moe | web, bug-bounty, appsec, web-penetration-testing | 12-Dec-2023 |
Exploiting Django Debug Mode for Unrestricted Access to the Internal Dashboard? | https://rokkamvamsi18.medium.com/exploiting-django-debug-mode-for-unrestricted-access-to-the-internal-dashboard-b725783714ae?source=rss------bug_bounty-5 | Rokkam_Vamshi1_8 | bug-bounty-tips, django, bug-bounty, hackerone, infosec | 12-Dec-2023 |
Portswigger Labs — Api-testing | https://medium.com/@rynnnn617/portswigger-labs-api-testing-86a8827ddfdc?source=rss------bug_bounty-5 | Ry4nnnn | portswigger, appsec, bug-bounty, burp | 11-Dec-2023 |
How to learn Hacking From 0 to Hero | https://rajput623929.medium.com/how-to-learn-hacking-from-0-to-hero-4a5f288c003d?source=rss------bug_bounty-5 | Mr.Horbio | bug-bounty, cryptography, ethical-hacking, cybersecurity, hacking | 11-Dec-2023 |
How i found a Host Header Injection in Password Reset Function: | https://medium.com/@kataeriidubstep/how-i-found-a-host-header-injection-in-password-reset-function-5c2ba8d209e6?source=rss------bug_bounty-5 | Pavan kumar.G | cybersecurity, appsec, bug-bounty | 11-Dec-2023 |
How I Automatically Discovered SSRF in Hackerone Programs | https://medium.com/@kerstan/how-i-automatically-discovered-ssrf-in-hackerone-programs-39e27a1554b5?source=rss------bug_bounty-5 | kerstan | security, ssrf, bug-bounty-tips, bug-bounty, hacker | 11-Dec-2023 |
Next js and Antd Desing css demora milesimos de segundos para carregar na página. | https://medium.com/@yurioliveiragochi/next-js-and-antd-desing-css-demora-milesimos-de-segundos-para-carregar-na-p%C3%A1gina-77f3b203dac8?source=rss------bug_bounty-5 | Yuri Oliveira Gochi | bug-bounty, antd, next, react | 11-Dec-2023 |
Unveiling the World of Bug Bounty Programs: Enhancing Cybersecurity Through Collaboration | https://medium.com/@bahadur4630105/unveiling-the-world-of-bug-bounty-programs-enhancing-cybersecurity-through-collaboration-bde9831b6882?source=rss------bug_bounty-5 | Syed Dawood | cyber-security-awareness, bug-bounty, bugbounty-writeup, bug-bounty-tips, bug-bounty-hunter | 11-Dec-2023 |
Dollars and Detectives: An Unique way to XSS Mysteries ( Not a Simp one ) for a $150 Reward | https://naumankh4n.medium.com/dollars-and-detectives-an-unique-way-to-xss-mysteries-not-a-simp-one-for-a-150-reward-f5d2d80d5022?source=rss------bug_bounty-5 | Nauman Khan | money, ai, cybersecurity, hacking, bug-bounty | 11-Dec-2023 |
Say Goodbye to Password Hassles with These Cutting-Edge Security Trends! | https://medium.com/@paritoshblogs/say-goodbye-to-password-hassles-with-these-cutting-edge-security-trends-8b8f6ad8f6d4?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-security, cybersecurity, passwordless, passwords | 11-Dec-2023 |
HackTheBox — Session Security: Obtain Session Identifier via XSS | https://medium.com/@harry.hphu/hackthebox-session-security-obtain-session-identifier-via-xss-c151160c03b0?source=rss------bug_bounty-5 | Huy Phu | hackthebox, web-security, session-security, bug-bounty, xss-attack | 11-Dec-2023 |
So you found Auth0 secrets, now what? | https://blog.prodefense.io/so-you-found-auth0-secrets-now-what-0945642ac09b?source=rss------bug_bounty-5 | Nightbane | pentesting, security, red-team, bug-bounty, auth0 | 11-Dec-2023 |
Kubernetes CR injection technique | https://medium.com/@esonhugh/kubernetes-cr-injection-technique-b4506500b8e9?source=rss------bug_bounty-5 | Esonhugh | hacking, custom-resource, bug-bounty, kubernetes-security | 10-Dec-2023 |
Bug bounty training from scratch(part2->lesson10): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson10-57551e079751?source=rss------bug_bounty-5 | Pavan kumar.G | computer-science, appsec, bug-bounty, networking | 10-Dec-2023 |
Bug bounty training from scratch(part2->lesson9): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson9-4802a25a2570?source=rss------bug_bounty-5 | Pavan kumar.G | computer-science, bug-bounty, appsec, networking | 10-Dec-2023 |
Bug bounty training from scratch(part2->lesson8): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson8-e8a2b87c3ac2?source=rss------bug_bounty-5 | Pavan kumar.G | bug-bounty, networking, appsec, computer-science | 10-Dec-2023 |
Bug bounty training from scratch(part2->lesson7): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson7-152c167dbc0f?source=rss------bug_bounty-5 | Pavan kumar.G | bug-bounty, appsec, computer-science, networking | 10-Dec-2023 |
Bug bounty training from scratch(part2->lesson6): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson6-43abf1f342ec?source=rss------bug_bounty-5 | Pavan kumar.G | networking, computer-science, appsec, bug-bounty | 10-Dec-2023 |
Bug bounty training from scratch(part2->lesson5): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson5-f0042df50fca?source=rss------bug_bounty-5 | Pavan kumar.G | bug-bounty, networking, computer-science, appsec | 10-Dec-2023 |
Bug bounty training from scratch(part2->lesson4): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson4-29d491577d8c?source=rss------bug_bounty-5 | Pavan kumar.G | bug-bounty, networking, computer-science, appsec | 10-Dec-2023 |
Bug bounty training from scratch(part2->lesson3): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson3-80794013cf99?source=rss------bug_bounty-5 | Pavan kumar.G | networking, bug-bounty, computer-science, appsec | 10-Dec-2023 |
Bug bounty training from scratch(part2->lesson2): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson2-177e4a21e8d3?source=rss------bug_bounty-5 | Pavan kumar.G | computer-science, appsec, networking, bug-bounty | 10-Dec-2023 |
Bug bounty training from scratch(part2->lesson1) : | https://medium.com/@kataeriidubstep/understanding-ip-addressing-a-comprehensive-overview-95bf12e05cae?source=rss------bug_bounty-5 | Pavan kumar.G | network-engineering, computer-science, appsec, bug-bounty | 10-Dec-2023 |
Bug bounty training from scratch(part2->lesson | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson-7a58ad73a31d?source=rss------bug_bounty-5 | Pavan kumar.G | bug-bounty, appsec, networking, computer-science | 10-Dec-2023 |
How to not implement payment features - Insights from Bugbounty | https://medium.com/@sivakrishnasamireddi/how-to-not-implement-payment-features-insights-from-bugbounty-e3d375566ad0?source=rss------bug_bounty-5 | Siva Krishna Samireddi | hacking, payments, bug-bounty, security, bugbounty-writeup | 10-Dec-2023 |
5 Tips for the Beginners Who Want to Start Bug Bounty | https://medium.com/@bhuiyanaman71/5-tips-for-the-beginners-who-want-to-start-bug-bounty-c1a1a952e605?source=rss------bug_bounty-5 | Aman Bhuiyan | web-hacking, bug-bounty, bug-bounty-tips, hacking, ethical-hacking | 10-Dec-2023 |
In under age (<18), How I Hacked Multi- Billion-Dollar-Corp and got first 4 fig. $2600 Bounty! | https://medium.com/@manan_sanghvi/in-under-age-18-how-i-hacked-multi-billion-dollar-corp-and-got-first-4-fig-2600-bounty-d9ce97b3652e?source=rss------bug_bounty-5 | Manan Sanghvi | idor, bug-bounty, first-bounty, web-application-security, hacking | 10-Dec-2023 |
Bug Bounty Testing: Test Ideas | https://medium.com/@lopseg/bug-bounty-testing-test-ideas-cf6e8ec5aed1?source=rss------bug_bounty-5 | Lopseg | bug-bounty-writeup, bug-bounty, hacking-training, bug-bounty-tips, info-sec-writeups | 10-Dec-2023 |
CORS Misconfiguration -> PII Leak | https://medium.com/@boogsta/cors-misconfiguration-pii-leak-2765ff5b7115?source=rss------bug_bounty-5 | Boogsta | cybersecurity, cyber, hacking, bug-bounty-tips, bug-bounty | 10-Dec-2023 |
Awesome Bug Bounty Tools Exploring Subdomain Enumeration and Reconnaissance Tools | https://cyberconqueror.medium.com/awesome-bug-bounty-tools-exploring-subdomain-enumeration-and-reconnaissance-tools-7bffb25210e6?source=rss------bug_bounty-5 | NEW | enumeration, mentoring, bug-bounty, cybersecurity, medium | 09-Dec-2023 |
Is it safe to expose your Firebase API key? | https://infosecwriteups.com/is-it-safe-to-expose-your-firebase-api-key-bf2a318c0f29?source=rss------bug_bounty-5 | Suprajabaskaran | cybersecurity, keys, firebase, bug-bounty, ethical-hacking | 09-Dec-2023 |
2FA & MFA Bypass, Bug Bounty Easy Wins ! ! Ultimate Guide | https://medium.com/@Kalki2121/2fa-mfa-bypass-bug-bounty-easy-wins-ultimate-guide-3722de0ad26c?source=rss------bug_bounty-5 | ʏᴀꜱʜʜ | information-security, bug-bounty-tips, bug-bounty, infosec, cybersecurity | 09-Dec-2023 |
3 Symfony (RCE): A Peek Behind the Curtain | https://medium.com/@bxrowski0x/3-symfony-rce-a-peek-behind-the-curtain-83da5433e149?source=rss------bug_bounty-5 | Omar ElSayed | bug-bounty-tips, cybersecurity, bug-bounty, symfony, remote-code-execution | 09-Dec-2023 |
How I passed my CRTP Exam | https://medium.com/@damaidec/how-i-passed-my-crtp-exam-c1dadd4d9ec1?source=rss------bug_bounty-5 | Damaidec | exam, active-directory, cybersecurity, hacking, bug-bounty | 09-Dec-2023 |
Introduction to Burpsuite Bambda Feature | https://medium.com/@gguzelkokar.mdbf15/introduction-to-burpsuite-bambda-feature-4c6b5fbc168d?source=rss------bug_bounty-5 | Gökhan Güzelkokar | hacking, burpsuite, bug-bounty | 09-Dec-2023 |
TryHackMe | Advent of Cyber 2023 | Day 5 | https://axoloth.medium.com/tryhackme-advent-of-cyber-2023-day-5-60a464ac8d07?source=rss------bug_bounty-5 | Axoloth | bug-bounty, tryhackme, hacking, cybersecurity, penetration-testing | 09-Dec-2023 |
TryHackMe | Advent of Cyber 2023 | Day 4 | https://axoloth.medium.com/tryhackme-advent-of-cyber-2023-day-4-efa5f90ccfc1?source=rss------bug_bounty-5 | Axoloth | tryhackme, hacking, cybersecurity, bug-bounty, penetration-testing | 09-Dec-2023 |
My first Bugs: Persistence and mentality (Not a Writeup). | https://medium.com/@Nightbloodz/my-first-bugs-persistence-and-mentality-not-a-writeup-1017714abc8c?source=rss------bug_bounty-5 | Alvaro Balada | bug-bounty-hunter, bug-bounty, bug-bounty-tips, cybersecurity | 09-Dec-2023 |
Introduction to Burpsuite Bambdas Feature | https://medium.com/@gguzelkokar.mdbf15/introduction-to-burpsuite-bambda-feature-4c6b5fbc168d?source=rss------bug_bounty-5 | Gökhan Güzelkokar | hacking, burpsuite, bug-bounty | 09-Dec-2023 |
My first dork on GHBD | https://noorhomaid.medium.com/my-first-dork-on-ghbd-988c21b45869?source=rss------bug_bounty-5 | NoorHomaid | cybersecurity, bug-bounty, google-dork, ethical-hacking, penetration-testing | 09-Dec-2023 |
HTTP Noir: The Dark Art of Smuggling Bytes | https://chayandatta.medium.com/http-noir-the-dark-art-of-smuggling-bytes-a471a0f990f5?source=rss------bug_bounty-5 | CHAYAN DATTA | security, http-request-smuggling, hacking, bug-bounty, network | 09-Dec-2023 |
Broken Link Hijacking | https://0xtomcat.medium.com/broken-link-hijacking-e0afc5986ea6?source=rss------bug_bounty-5 | Tomcat | bug-bounty, bug-bounty-writeup, bug-bounty-tips, bugbounty-writeup | 08-Dec-2023 |
Testing vulnerabilities beyond traditional cases — around login/signup features | https://infosecwriteups.com/testing-vulnerabilities-beyond-traditional-cases-around-login-signup-features-9d496bd283d4?source=rss------bug_bounty-5 | Suprajabaskaran | ethical-hacking, bug-bounty-tips, penetration-testing, pentesting, bug-bounty | 08-Dec-2023 |
#4 Install Burp’s CA Certificate in Firefox — Guide for Burp Suite | https://securitycipher.medium.com/4-install-burps-ca-certificate-in-firefox-guide-for-burp-suite-75a555ed7225?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | technology, security, bug-bounty-tips, bug-bounty, cybersecurity | 08-Dec-2023 |
Enum is the key — Automatizado + Manual = Full shell. | https://aleeeeex264.medium.com/enum-is-the-key-automatizado-manual-full-shell-4eead6c37dc4?source=rss------bug_bounty-5 | Alejandro Olivares 0x4lex | kali-linux, bug-bounty, bug-bounty-tips, hacking, pentesting | 08-Dec-2023 |
PEARfection: From LFI to RCI: An iCSI CTF Challenge. | https://medium.com/@josh.beck2006/pearfection-from-lfi-to-rci-an-icsi-ctf-challenge-4ecfb77a60c4?source=rss------bug_bounty-5 | Josh Beck | bug-bounty, penetration-testing, ctf-writeup, cybersecurity | 08-Dec-2023 |
Unraveling The Story of Multiple Admin Panel Compromises | https://vedanttekale20.medium.com/unraveling-the-story-of-multiple-admin-panel-compromises-baac4444285f?source=rss------bug_bounty-5 | Vedant Tekale | information-security, recon, bug-bounty, hacking, cybersecurity | 08-Dec-2023 |
Blind XSS on Registration System | https://medium.com/@aurelioyudistira/blind-xss-on-registration-system-410eb0b98109?source=rss------bug_bounty-5 | MxShinzu | pentesting, bug-bounty, cybersecurity | 08-Dec-2023 |
Bug bounty training from scratch: | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-f62cc13fbe64?source=rss------bug_bounty-5 | Pavan kumar.G | appsec, computer-science, bug-bounty | 07-Dec-2023 |
Bug bounty training from scratch for beginners: | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-for-beginners-1f17e609fbf0?source=rss------bug_bounty-5 | Pavan kumar.G | cybersecurity, appsec, computer-science, bug-bounty, linux | 07-Dec-2023 |
Bug bounty training from scratch(part1->lesson12): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson12-206baedf6747?source=rss------bug_bounty-5 | Pavan kumar.G | bug-bounty, appsec, computer-science | 07-Dec-2023 |
Bug bounty training from scratch(part1->lesson11): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson11-6f2c71aa8135?source=rss------bug_bounty-5 | Pavan kumar.G | computer-science, appsec, bug-bounty | 07-Dec-2023 |
Bug bounty training from scratch(part1->lesson10): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson10-b2af2898a6b1?source=rss------bug_bounty-5 | Pavan kumar.G | appsec, computer-science, bug-bounty | 07-Dec-2023 |
Bug bounty training from scratch(part1->lesson9): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson9-44b004fe5550?source=rss------bug_bounty-5 | Pavan kumar.G | appsec, computer-science, bug-bounty | 07-Dec-2023 |
Bug bounty training from scratch(part1-> lesson8): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson8-98680d93e4bf?source=rss------bug_bounty-5 | Pavan kumar.G | bug-bounty, appsec, computer-science | 07-Dec-2023 |
Bug bounty training from scratch(part1->lesson7): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson7-d04def4b4ef3?source=rss------bug_bounty-5 | Pavan kumar.G | appsec, computer-science, bug-bounty | 07-Dec-2023 |
Bug bounty training from scratch (part1->lesson6): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson6-1b4b8742a1ec?source=rss------bug_bounty-5 | Pavan kumar.G | computer-science, bug-bounty, appsec | 07-Dec-2023 |
Bug bounty training from scratch(part1->lesson5): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson5-15d8c1f2cc5e?source=rss------bug_bounty-5 | Pavan kumar.G | appsec, computer-science, bug-bounty | 07-Dec-2023 |
Bug bounty training from scratch (part1->lesson4): | https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson4-653699a21284?source=rss------bug_bounty-5 | Pavan kumar.G | appsec, computer-science, bug-bounty | 07-Dec-2023 |
Using reNgine with Netlas.io module | https://netlas.medium.com/using-rengine-with-netlas-io-module-436e764a5495?source=rss------bug_bounty-5 | Netlas.io | penetration-testing, reconnaissance, information-security, cybersecurity, bug-bounty | 07-Dec-2023 |
Automation for Target Surface Information Gathering — XCOODE + AI Prompting for Bug Bounty Giants | https://medium.com/@xcoode/automation-for-target-surface-information-gathering-xcoode-ai-prompting-for-bug-bounty-giants-a545dadc87dc?source=rss------bug_bounty-5 | XCOODE | ai, hacking, hackerone, bug-bounty, openai | 07-Dec-2023 |
Markdown XSS tips | https://medium.com/@lopseg/markdown-xss-tips-e166905b1f5e?source=rss------bug_bounty-5 | Rafael Silva | bug-bounty-tips, info-sec-writeups, xss-attack, bug-bounty, bug-bounty-writeup | 07-Dec-2023 |
Hacking Indian Government, Finding XSS & SQL Injection | https://medium.com/@Kalki2121/hacking-indian-government-finding-xss-sql-injection-9f83e5e60c6f?source=rss------bug_bounty-5 | Yashh | bugs, bug-bounty-tips, bug-bounty, hacking, sql-injection | 07-Dec-2023 |
Unveiling Critical Vulnerability: Account Hijacking — Art of play on tokens | https://medium.com/@xcoode/unveiling-critical-vulnerability-account-hijacking-art-of-play-on-tokens-dd270140cd25?source=rss------bug_bounty-5 | XCOODE | fintech, bug-bounty, security, hacking, cloud | 07-Dec-2023 |
Advent of Cyber 2023 -Day 6 Walkthrough.. By Manoj Mudabagil. | https://medium.com/@manojmudabagil/advent-of-cyber-2023-day-6-walkthrough-by-manoj-mudabagil-cd7062261d33?source=rss------bug_bounty-5 | Manoj Mudabagil | tryhackme, hacking, advent-of-cyber-2023, cybersecurity, bug-bounty | 07-Dec-2023 |
Exploring New Vulnerability Vectors: A Systematic Approach to Manual Google Dorking | https://medium.com/@mxmd/exploring-new-vulnerability-vectors-a-systematic-approach-to-manual-google-dorking-fdfc79e9825d?source=rss------bug_bounty-5 | Max Klose | cybersecurity, bug-bounty-tips, bug-bounty, google-dorking, osint | 07-Dec-2023 |
Markdown XSS tips | https://medium.com/@lopseg/markdown-xss-tips-e166905b1f5e?source=rss------bug_bounty-5 | Lopseg | bug-bounty-tips, info-sec-writeups, xss-attack, bug-bounty, bug-bounty-writeup | 07-Dec-2023 |
Hunt for GitHub leaks with LOPSEG DORK HELPER | https://medium.com/@lopseg/hunt-for-github-leaks-with-lopseg-dork-helper-c3ce96cb4177?source=rss------bug_bounty-5 | Lopseg | bug-bounty-writeup, hacking-tools, bug-bounty, bug-bounty-tips, bug-bounty-hunter | 07-Dec-2023 |
Enhancing Bug Bounty Hunting with Lopseg OSINT | https://medium.com/@lopseg/enhancing-bug-bounty-hunting-with-lopseg-osint-4f2fd075621a?source=rss------bug_bounty-5 | Lopseg | bug-bounty, ctf, bug-bounty-writeup, cybersecurity, bug-bounty-tips | 07-Dec-2023 |
Enhancing Bug Bounty Hunting with Lopseg OSINT | https://medium.com/@lopseg/enhancing-bug-bounty-hunting-with-lopseg-osint-4f2fd075621a?source=rss------bug_bounty-5 | Lopseg | bug-bounty, ctf, bug-bounty-writeup, bug-bounty-tips, hacking-tools | 07-Dec-2023 |
Markdown XSS polyglot | https://medium.com/@lopseg/markdown-xss-tips-e166905b1f5e?source=rss------bug_bounty-5 | Lopseg | bug-bounty-tips, info-sec-writeups, xss-attack, bug-bounty, bug-bounty-writeup | 07-Dec-2023 |
20 Days Of Hacking: Bug Bounty Challenge —Conclusion | https://wallotry.medium.com/20-days-of-hacking-bug-bounty-challenge-conclusion-0ac57a737883?source=rss------bug_bounty-5 | Wallotry | bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-hunting | 06-Dec-2023 |
The Secret World of Malicious Strings and Hidden Threats – Are You at Risk? | https://medium.com/@paritoshblogs/the-secret-world-of-malicious-strings-and-hidden-threats-are-you-at-risk-cb25535d4718?source=rss------bug_bounty-5 | Paritosh | information-security, hacking, http-headers, bug-bounty, cybersecurity | 06-Dec-2023 |
Python Program to find GCD (Greatest Common Divisor) for Cryptography | https://rajput623929.medium.com/python-program-to-find-gcd-greatest-common-divisor-for-cryptography-816075bba2fa?source=rss------bug_bounty-5 | Mr.Horbio | cybersecurity, hacking, crytocurrency, cryptography, bug-bounty | 06-Dec-2023 |
API Security — Web Security Academy | https://mrshan.medium.com/api-security-web-security-academy-3578589fc3fa?source=rss------bug_bounty-5 | MR SHAN | web-security-academy, bug-bounty | 06-Dec-2023 |
Spool Unveils Comprehensive Bug Bounty Programme to Fortify DeFi Security | https://medium.com/spoolfi/spool-unveils-comprehensive-bug-bounty-programme-to-fortify-defi-security-673559c463dd?source=rss------bug_bounty-5 | Spool | bug-bounty, security, blockchain, defi, smart-contracts | 06-Dec-2023 |
Cheat code for file upload vulnerability by kidnapshadow | https://medium.com/@kidnapshadow/cheat-code-for-file-upload-vulnerability-by-kidnapshadow-ebb0794581f2?source=rss------bug_bounty-5 | Kidnapshadow | kidnapshadow, owasp, vulnerability, file-upload-vulnerability, bug-bounty | 06-Dec-2023 |
API Documentation Tips | https://medium.com/@lopseg/api-documentation-tips-e36e63f47589?source=rss------bug_bounty-5 | Rafael Silva | bug-bounty-tips, bug-hunting, bug-bounty | 06-Dec-2023 |
From Bug Bounty Prodigy to Leadership Luminary: Aditya Shende Ascends at XCOODE | https://medium.com/@xcoode/from-bug-bounty-prodigy-to-leadership-luminary-aditya-shende-ascends-at-xcoode-18a6aaab1471?source=rss------bug_bounty-5 | XCOODE | cybersecurity, bug-bounty, leadership, cyber | 05-Dec-2023 |
Empowering the Next Generation: XCOODE Unveils Hacckers Bug Bounty Platform for Cyber Enthusiasts | https://medium.com/@xcoode/empowering-the-next-generation-xcoode-unveils-hacckers-bug-bounty-platform-for-cyber-enthusiasts-bc6dc31c27b9?source=rss------bug_bounty-5 | XCOODE | cybersecurity, hacker, cyber, bug-bounty | 05-Dec-2023 |
PDF Upload Leading to Stored XSS | https://medium.com/@katmaca2014/pdf-upload-leading-to-stored-xss-f712326705ee?source=rss------bug_bounty-5 | Kaan Atmaca | cybersecurity, penetration-testing, bug-bounty, hacking, pentesting | 05-Dec-2023 |
LFI via SMTP log poisoning | https://medium.com/@akshadjoshi/lfi-via-smtp-log-poisoning-65e02dd21068?source=rss------bug_bounty-5 | Akshad Joshi | log-poisoning, local-file-inclusion, smtp, bug-bounty, rce | 05-Dec-2023 |
Bypassing 2FA Authentication in TeamPass System | https://medium.com/@developer_1991/bypassing-2fa-authentication-in-teampass-system-f3184fe8589d?source=rss------bug_bounty-5 | HamidReza Faghani | bug-bounty, account-takeover, security, 0day, exploitation | 05-Dec-2023 |
Admin Panel Access | https://medium.com/@omdubey170/admin-panel-access-5dd2fd4938a0?source=rss------bug_bounty-5 | Omdubey | bug-bounty, bugs, bug-bounty-tips, ethical-hacking, pentesting | 05-Dec-2023 |
LFI on Microsoft | https://medium.com/@sushilgill08/lfi-on-microsoft-2d30c9283534?source=rss------bug_bounty-5 | Sushil Choudhary | hackerone, bug-hunting, microsoft, bug-bounty, bugbounty-writeup | 04-Dec-2023 |
How I Found A Website Vulnerability In Under 10 Minutes | https://medium.com/@abidmafahim7/how-i-found-a-website-vulnerability-in-under-10-minutes-2b2ff934545d?source=rss------bug_bounty-5 | Abidmafahim | git-exposed, web-vulnerabilities, bug-bounty | 04-Dec-2023 |
Elevating Security: Whatfix Transition to a Custom Vulnerability Disclosure Program (VDP) | https://medium.com/whatfix-techblog/elevating-security-whatfix-transition-to-a-custom-vulnerability-disclosure-program-vdp-e6d5a7e11c9d?source=rss------bug_bounty-5 | Kamlesh Tukaral | vulnerability-disclosure, whatfix, vdp, bug-bounty, infosec | 04-Dec-2023 |
The Hidden Dangers Lurking in Your Active Directory Certificate Services – What You Need to Know… | https://medium.com/@paritoshblogs/the-hidden-dangers-lurking-in-your-active-directory-certificate-services-what-you-need-to-know-7c735c09e0fd?source=rss------bug_bounty-5 | Paritosh | cybersecurity, active-directory, bug-bounty, information-security, adc | 04-Dec-2023 |
Bug Hunter journal day #3 and #4 | https://medium.com/@joaomaia171820/bug-hunter-journal-day-3-and-4-37b4c653abd9?source=rss------bug_bounty-5 | Jhonny_The_Kid | bug-bounty-writeup, bug-bounty-program, bug-bounty, cybersecurity | 04-Dec-2023 |
Javascript Analysis to SQL injection | https://melguerdawi.medium.com/javascript-analysis-to-sql-injection-ca763f9c4c4e?source=rss------bug_bounty-5 | Mostafa Elguerdawi | bug-bounty, bug-bounty-tips, hackerone, sql-injection | 04-Dec-2023 |
Web Enumeration With Gobuster | https://medium.com/@ronak.d.sharma111/web-enumeration-with-gobuster-ca4ac46da90b?source=rss------bug_bounty-5 | Ronak Sharma | cybersecurity, hacking, bug-bounty | 04-Dec-2023 |
20 Days Of Hacking: Bug Bounty Challenge — Day 2 | https://wallotry.medium.com/20-days-of-hacking-bug-bounty-challenge-day-2-51b02ca865ea?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips | 03-Dec-2023 |
How I Found My First Website Vulnerability as a Web Pentester | https://medium.com/@abidmafahim7/how-i-found-my-first-website-vulnerability-as-a-web-pentester-2dee809e0eea?source=rss------bug_bounty-5 | Abidmafahim | sql-injection-attack, bug-bounty, web-vulnerabilities, xss-vulnerability | 03-Dec-2023 |
My first and simple ATO in a private program | https://medium.com/@pabs2141/my-first-and-simple-ato-in-a-private-program-212c6b17b245?source=rss------bug_bounty-5 | PanSa | bug-bounty, bug-bounty-writeup, hacking, account-takeover | 03-Dec-2023 |
My Confusion Over Local File Inclusion | https://medium.com/illuminations-mirror/my-confusion-over-local-file-inclusion-11f3d7c43b23?source=rss------bug_bounty-5 | Quintius Walker | poetry, bug-bounty, writeup, cybersecurity, poetry-on-medium | 03-Dec-2023 |
The Shocking Secrets Behind Foolproof Vulnerability Response! | https://medium.com/@paritoshblogs/the-shocking-secrets-behind-foolproof-vulnerability-response-fc6fe8b91d47?source=rss------bug_bounty-5 | Paritosh | vulnerability, cybersecurity, bug-bounty, hacking, information-security | 03-Dec-2023 |
The ONE Vulnerability Every Website Owner Fears — Learn How YOU Can Expose It! | https://medium.com/@paritoshblogs/the-one-vulnerability-every-website-owner-fears-learn-how-you-can-expose-it-71fef31b0ece?source=rss------bug_bounty-5 | Paritosh | programming, bug-bounty, hacking, information-security, cybersecurity | 03-Dec-2023 |
My First Valid Bug!!! | https://medium.com/@sushilgill08/my-first-valid-bug-444f26e1f8be?source=rss------bug_bounty-5 | Sushil Choudhary | cybersecurity, bug-bounty-writeup, bugbounty-tips, bug-hunting, bug-bounty | 03-Dec-2023 |
Everything I know on Recon | https://medium.com/@joshdesharnais1/everything-i-know-on-recon-689f6a535757?source=rss------bug_bounty-5 | Joshua Desharnais | recon, tools-and-resources, tools, bug-bounty, bug-bounty-tips | 03-Dec-2023 |
Streamable Finance Bug Bounty Campaign is live! | https://streamablefinance.medium.com/streamable-finance-bug-bounty-campaign-is-live-2ced6e4c68d5?source=rss------bug_bounty-5 | Streamable Finance | bug-bounty, product-launch | 03-Dec-2023 |
Business Logic Vulnerability: Payment bypass | https://vrushabhd.medium.com/business-logic-vulnerability-payment-bypass-9335bdbdbdf6?source=rss------bug_bounty-5 | Mr. Vrushabh | pentesting, bug-bounty, vulnerability, bug-bounty-tips, hackerone | 03-Dec-2023 |
How I Created an Advanced Web Code Analyzer Using ChatGPT | https://infosecwriteups.com/how-i-created-an-advanced-web-code-analyzer-using-chatgpt-6b32a7d42f88?source=rss------bug_bounty-5 | Jarred Longoria | cybersecurity, chatgpt, infosec, bug-bounty | 03-Dec-2023 |
Azure Log Analysis: Real-Life Incidents and Practical Tips to Safeguard | https://medium.com/@paritoshblogs/azure-log-analysis-real-life-incidents-and-practical-tips-to-safeguard-077faf28919b?source=rss------bug_bounty-5 | Paritosh | cybersecurity, incident-response, azure, bug-bounty, information-security | 03-Dec-2023 |
How to debug android native libraries using JEB decompiler? | https://medium.com/@shubhamsonani/how-to-debug-android-native-libraries-using-jeb-decompiler-eec681a22cf3?source=rss------bug_bounty-5 | Shubham Sonani | bug-bounty, hacking, android, cybersecurity, penetration-testing | 03-Dec-2023 |
How to bypass debugger detection in Android/iOS native libraries using IDA Pro? | https://medium.com/@shubhamsonani/how-to-bypass-debugger-detection-in-android-ios-native-libraries-using-ida-pro-3e289c2127d6?source=rss------bug_bounty-5 | Shubham Sonani | bug-bounty, cybersecurity, android, hacking, penetration-testing | 03-Dec-2023 |
How to debug Android/iOS native library using GDB debugger? | https://medium.com/@shubhamsonani/how-to-debug-android-ios-native-library-using-gdb-debugger-d02c0e0341eb?source=rss------bug_bounty-5 | Shubham Sonani | hacking, penetration-testing, cybersecurity, technology, bug-bounty | 03-Dec-2023 |
20 Days Of Hacking: Bug Bounty Challenge — Day 1 | https://wallotry.medium.com/20-days-of-hacking-bug-bounty-challenge-day-1-38a1735644ab?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 02-Dec-2023 |
Vulnerability Discovery in SRC — Concurrency | https://medium.com/@rynnnn617/vulnerability-discovery-in-src-concurrency-baa9ffdfa9d9?source=rss------bug_bounty-5 | Ry4nnnn | concurrency, bug-bounty-tips, bug-bounty | 02-Dec-2023 |
Lateral Movement Techniques Through File Share Exploitation | https://medium.com/@paritoshblogs/lateral-movement-techniques-through-file-share-exploitation-a50d1ffdb8e7?source=rss------bug_bounty-5 | Paritosh | lateral-movement, hacking, information-security, cybersecurity, bug-bounty | 02-Dec-2023 |
The Rising Threat of Cookie Theft and RMM Takeover | https://medium.com/@paritoshblogs/the-rising-threat-of-cookie-theft-and-rmm-takeover-bafe0013ffc0?source=rss------bug_bounty-5 | Paritosh | realtime-monitoring, cookies, cybersecurity, hacking, bug-bounty | 02-Dec-2023 |
Bug Hunter journal day(week) #1 | https://medium.com/@joaomaia171820/bug-hunter-journal-day-week-1-699926bf1a70?source=rss------bug_bounty-5 | Jhonny_The_Kid | bug-bounty-writeup, bug-bounty-program, bug-bounty, pentest | 02-Dec-2023 |
Mastering Bug Bounty: A Comprehensive Guide to Earning Money Ethically and Safely in Cybersecurity. | https://medium.com/@thecyberxcompany/mastering-bug-bounty-a-comprehensive-guide-to-earning-money-ethically-and-safely-in-cybersecurity-46c1b44f52fd?source=rss------bug_bounty-5 | The CyberX Company | ethical-hacking, hacking, cybersecurity, bug-bounty, earn-money-online | 02-Dec-2023 |
Mastering Bug Bounty Hunting: A Comprehensive Guide to Launch Your Cybersecurity Career. | https://medium.com/@thecyberxcompany/mastering-bug-bounty-hunting-a-comprehensive-guide-to-launch-your-cybersecurity-career-5553ddcced30?source=rss------bug_bounty-5 | The CyberX Company | bug-bounty-tips, bugs, ethical-hacking, cybersecurity, bug-bounty | 02-Dec-2023 |
How MAC Spoofing works and How attackers do that!! | https://medium.com/@hackerdom_devil/how-mac-spoofing-works-and-how-attackers-do-that-57797179430f?source=rss------bug_bounty-5 | Gokuleswaran B | ethical-hacking, mac-spoofing, penetration-testing, bug-bounty, bug-bounty-tips | 02-Dec-2023 |
Top 25 Advanced Google Dorks for OSINT and Bug Bounty Hunting | https://osintteam.blog/top-25-advanced-google-dorks-for-osint-and-bug-bounty-hunting-f2d9dceed068?source=rss------bug_bounty-5 | as-squirrel | bug-bounty, osint, cybersecurity, google-dorks-list, hacking | 02-Dec-2023 |
Day 12 Bug Bounty — 60 days 60 bugs challenge (Didn’t found anything, but could be something… | https://medium.com/@avbhijitdutta99/day-12-bug-bounty-60-days-60-bugs-challenge-didnt-found-anything-but-could-be-something-ba0324d96ce7?source=rss------bug_bounty-5 | Abhijit Dutta | bug-bounty, bug-bounty-hunter, bugbountychallenge, bug-bounty-writeup | 01-Dec-2023 |
Writing High-Quality Bug Reports: Best Practices for Effective Bug Bounty Hunting | https://medium.com/@prathameshbagul/writing-high-quality-bug-reports-best-practices-for-effective-bug-bounty-hunting-74542dff9793?source=rss------bug_bounty-5 | Prath | cybersecurity, pentesting, report, bug-bounty-tips, bug-bounty | 01-Dec-2023 |
What is this httpx thing? Using it in your adventure with Bugbounty? | https://systemweakness.com/what-is-this-httpx-thing-using-it-in-your-adventure-with-bugbounty-f91f1ef31d49?source=rss------bug_bounty-5 | Vicky Aryan | recon, bug-bounty, cybersecurity, hacking, httpx | 01-Dec-2023 |
Verification Bypass via “Mass Assignment” | https://larebsec.medium.com/verification-bypass-via-mass-assignment-25707e210a42?source=rss------bug_bounty-5 | Lareb | bug-bounty, cybersecurity, bugbounty-writeup, hacking, vulnerability | 01-Dec-2023 |
How attackers use ARP Spoofing / Poisoning to takeover a complete Network!! | https://medium.com/@hackerdom_devil/how-attackers-use-arp-spoofing-poisoning-to-takeover-a-complete-network-8477cea362c4?source=rss------bug_bounty-5 | Gokuleswaran B | penetration-testing, bug-bounty, ethical-hacking, network-security, arp-spoofing | 01-Dec-2023 |
Building Kubernetes Detections: Strengthening Security with Real-world Examples | https://medium.com/@paritoshblogs/building-kubernetes-detections-strengthening-security-with-real-world-examples-8268cddd852f?source=rss------bug_bounty-5 | Paritosh | bug-bounty, cybersecurity, programming, information-security, hacking | 01-Dec-2023 |
Part 03 | What To Do After Choosing a Target? | Post Recon |Bug Bounty | https://infosecwriteups.com/part-03-what-to-do-after-choosing-a-target-post-recon-bug-bounty-1a7f431b4d79?source=rss------bug_bounty-5 | Om Arora | bug-bounty, hacking, bug-bounty-tips, methodology, infosec | 01-Dec-2023 |
Navigating the Bug Bounty Arena: Earn $605,000 Reward, Learn More | https://medium.com/coded-tech-talk/navigating-the-bug-bounty-arena-earn-605-000-reward-learn-more-e754e077a81c?source=rss------bug_bounty-5 | Coded Conversations | bug-bounty-tips, cybersecurity, security, hacking, bug-bounty | 01-Dec-2023 |
Project 2510: Bug Bounty Challenge — The End? | https://wallotry.medium.com/project-2510-bug-bounty-challenge-the-end-afb67ea2abd1?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunting, bug-bounty | 30-Nov-2023 |
Exploring the Logic of XSS Attacks and Bypassing Techniques through Browser Decoding | https://medium.com/@test_90648/considering-xss-attacks-and-bypass-logic-from-the-perspective-of-browser-decoding-logic-can-provide-b4579d3c458b?source=rss------bug_bounty-5 | JessicaSecurity | xs, bug-bounty, web, security, browsers | 30-Nov-2023 |
What is SQL injection | https://medium.com/@savanghori1203/what-is-sql-injection-a3907c6967a5?source=rss------bug_bounty-5 | Savanghori | vulnerability, bug-bounty-tips, bug-bounty, sql-injection, sql | 30-Nov-2023 |
Cross-Site Scripting (XSS) | https://medium.com/@savanghori1203/cross-site-scripting-xss-b6139b38fa2b?source=rss------bug_bounty-5 | Savanghori | bug-bounty, xss-vulnerability, bug-bounty-tips, bugs, xss-attack | 30-Nov-2023 |
The Shocking Truth Behind Indicators of Compromise (IOCs) — You Won’t Believe What We Found! | https://medium.com/@paritoshblogs/the-shocking-truth-behind-indicators-of-compromise-iocs-you-wont-believe-what-we-found-5255d54b98d9?source=rss------bug_bounty-5 | Paritosh | bug-bounty, malware-analysis, cybersecurity, ioc, information-security | 30-Nov-2023 |
Subdomain Enumeration Techniques | https://medium.com/@savanghori1203/subdomain-enumeration-00f487d6b829?source=rss------bug_bounty-5 | Savanghori | bug-bounty-tips, bug-bounty, recon, subdomains-enumeration, subdomain | 30-Nov-2023 |
Day 11 Bug Bounty — 60 days 60 bugs challenge | https://medium.com/@avbhijitdutta99/day-11-bug-bounty-60-days-60-bugs-challenge-530119a74c90?source=rss------bug_bounty-5 | Abhijit Dutta | bugbountychallenge, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 30-Nov-2023 |
Network Managed Detection and Response (NMDR): Strengthening Cybersecurity Defenses | https://medium.com/@paritoshblogs/network-managed-detection-and-response-nmdr-strengthening-cybersecurity-defenses-a8a5e989b310?source=rss------bug_bounty-5 | Paritosh | information-security, managed-detection, bug-bounty, nmdr, cybersecurity | 30-Nov-2023 |
Server-Side Request Forgery (SSRF) | https://medium.com/@savanghori1203/server-side-request-forgery-ssrf-1e9755b38c59?source=rss------bug_bounty-5 | SavanGhori | ssrf, vulnerability, bug-bounty, ssrf-bug, bug-bounty-tips | 30-Nov-2023 |
Ödeme sayfasında Business Logic | https://medium.com/@el-cezeri/%C3%B6deme-sayfas%C4%B1nda-business-logic-cba493d9f6b8?source=rss------bug_bounty-5 | Samet Yiğit | bugbounty-writeup, ödülavcılığı, bug-bounty | 30-Nov-2023 |
Remote Code Execution (RCE) | https://medium.com/@savanghori1203/remote-code-execution-rce-9f078b98316a?source=rss------bug_bounty-5 | SavanGhori | bugs, bug-bounty-tips, bug-bounty, rce, vulnerability | 30-Nov-2023 |
Insecure Direct Object Reference(IDOR) | https://medium.com/@savanghori1203/idor-insecure-direct-object-reference-88576225e265?source=rss------bug_bounty-5 | SavanGhori | vulnerability, idor, bugs, bug-bounty, bug-bounty-tips | 30-Nov-2023 |
Simple Recon Di Android Menggunakan Tools TheTimeMachine dan Dirsearch | https://alpinnnnnn13.medium.com/simple-recon-di-android-menggunakan-tools-thetimemachine-dan-dirsearch-3384aad17c15?source=rss------bug_bounty-5 | Mohammad Alfin Hidayatullah | bug-bounty, bug-bounty-tips, recon, scanning | 30-Nov-2023 |
Race Condition - A cURL Chaos | https://shahjerry33.medium.com/race-condition-a-curl-chaos-820cb289cbf1?source=rss------bug_bounty-5 | Jerry Shah (Jerry) | cybersecurity, infosec, bug-bounty, vulnerability, pentesting | 30-Nov-2023 |
Easy Bug Hunting: HTML Injection Explained Step by Step” | https://medium.com/@faizankhaliq26/easy-bug-hunting-html-injection-explained-step-by-step-011901f183d9?source=rss------bug_bounty-5 | MUHAMMAD FAIZAN KHAN | bwapp, bug-bounty, web-application-security, penetration-testing, html-injection | 30-Nov-2023 |
Top Free Resources for Ethical Hacking and Bug Bounty Beginners & Experts | https://infosecwriteups.com/top-free-resources-for-ethical-hacking-and-bug-bounty-beginners-experts-9556ef045db4?source=rss------bug_bounty-5 | Jarred Longoria | cybersecurity, ethical-hacking, bug-bounty, free-resources | 30-Nov-2023 |
1.11 Lab: Blind SQL injection with time delays and information retrieval | 2023 | https://cyberw1ng.medium.com/1-11-lab-blind-sql-injection-with-time-delays-and-information-retrieval-2023-e8123405e87d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, penetration-testing, hacking, bug-bounty | 30-Nov-2023 |
Easy Bug Hunting: HTML Injection Explained Step by Step | https://medium.com/@faizankhaliq26/easy-bug-hunting-html-injection-explained-step-by-step-011901f183d9?source=rss------bug_bounty-5 | MUHAMMAD FAIZAN KHAN | bwapp, bug-bounty, web-application-security, penetration-testing, html-injection | 30-Nov-2023 |
Rise of Broken Access Control | https://medium.com/@rafinrahmanchy/rise-of-broken-access-control-51356916235f?source=rss------bug_bounty-5 | Rafin Rahman Chy | bug-bounty, appsec, application-security, infosec, web-security | 30-Nov-2023 |
Easy Bug Hunting: HTML Injection Explained Step by Step | https://medium.com/@faizankhaliq26/easy-bug-hunting-html-injection-explained-step-by-step-011901f183d9?source=rss------bug_bounty-5 | bwapp, bug-bounty, web-application-security, penetration-testing, html-injection | 30-Nov-2023 | |
Day 10 Bug Bounty — 60 days 60bugs challenge — New Start! | https://medium.com/@avbhijitdutta99/day-10-bug-bounty-60-days-60bugs-challenge-new-start-832988aeb569?source=rss------bug_bounty-5 | Abhijit Dutta | bug-bounty, bug-bounty-tips, bugbountychallenge, bug-bounty-writeup | 29-Nov-2023 |
Windows Login Bypass | https://infosecwriteups.com/windows-login-bypass-eab148bc9dd5?source=rss------bug_bounty-5 | c0d3x27 | software-development, bug-bounty, cybersecurity, windows, hacking | 29-Nov-2023 |
Cybersecurity Risk of Opening Up to the Internet | https://medium.com/@paritoshblogs/cybersecurity-risk-of-opening-up-to-the-internet-c624c9a018ba?source=rss------bug_bounty-5 | Paritosh | cybersecurity, bug-bounty, programming, hacking, internet-of-things | 29-Nov-2023 |
OSINT: How to find information on anyone | https://medium.com/@sakthi172000/osint-how-to-find-information-on-anyone-14514216cec1?source=rss------bug_bounty-5 | SAKTHIVEL P | bug-bounty, infosec, cybersecurity, osint, osint-tool | 29-Nov-2023 |
Mastering API Penetration Testing: A Comprehensive Guide for Security Pentesters | https://infosecwriteups.com/mastering-api-penetration-testing-a-comprehensive-guide-for-security-pentesters-bf62f65b5b21?source=rss------bug_bounty-5 | Suprajabaskaran | ethical-hacking, bug-bounty, pentesting, cybersecurity, api | 29-Nov-2023 |
Useful tools for bug hunter | https://medium.com/@cyberhansu/useful-tools-for-bug-hunter-f493866fa1bc?source=rss------bug_bounty-5 | cyberhansu | hunter-s-thompson, bug-hunting, bug-bounty, hacker, bug-hunter | 29-Nov-2023 |
How to make money legally as a Hacker | https://medium.com/@cyberhansu/how-to-make-money-legally-as-a-hacker-c27037b143a9?source=rss------bug_bounty-5 | cyberhansu | bug-bounty, make-money, web-application-security, mobileapplicationsecurity | 29-Nov-2023 |
PII Disclosure Worth $750 | https://vijetareigns.medium.com/pii-disclosure-worth-750-758b72e7e8ca?source=rss------bug_bounty-5 | the_unlucky_guy | bug-bounty-tips, bugbounty-writeup, bug-bounty, bug-bounty-writeup, cybersecurity | 29-Nov-2023 |
R.xyz: Web3 Bug Bounty Platform | https://medium.com/coinmonks/r-xyz-web3-bug-bounty-platform-95d48c911989?source=rss------bug_bounty-5 | Officer's Notes | smart-contract-security, bug-bounty-tips, bug-bounty, hacking, web3 | 29-Nov-2023 |
CRLF to XSS | https://medium.com/@a7med.ctf/crlf-to-xss-8059ceefd349?source=rss------bug_bounty-5 | Ahmed Mahmoued | snapchat, bug-bounty-tips, hacker, bug-bounty | 29-Nov-2023 |
Aztec Multiple-Spend Error Bugfix Review | https://medium.com/immunefi/aztec-multiple-spend-error-bugfix-review-20074581d224?source=rss------bug_bounty-5 | Immunefi Editor | cryptocurrency, security, bug-bounty, web3, multiple-spend-error | 29-Nov-2023 |
1.10 Lab: Blind SQL injection with time delays | 2023 | https://cyberw1ng.medium.com/1-10-lab-blind-sql-injection-with-time-delays-2023-a95a3b8557ec?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, hacking, cybersecurity, careers | 29-Nov-2023 |
IWCON 2023 CTF Registrations Now Open | https://infosecwriteups.com/iwcon-2023-ctf-registrations-now-open-46c2611714f0?source=rss------bug_bounty-5 | InfoSec Write-ups | ctf, conference, infosec, hacking, bug-bounty | 29-Nov-2023 |
Top 25 Advanced Google Dorks for Uncovering Sensitive Documents | https://osintteam.blog/top-25-advanced-google-dorks-for-uncovering-sensitive-documents-a9705e05353d?source=rss------bug_bounty-5 | as-squirrel | osint, cybersecurity, hacking, google-dork, bug-bounty | 29-Nov-2023 |
Fat GET Authorization Bypass | https://medium.com/techiepedia/fat-get-authorization-bypass-521a1ca37b6e?source=rss------bug_bounty-5 | Jess | programming, hackerone, security, bug-bounty, bug-bounty-tips | 29-Nov-2023 |
HackTheBox — Web Attacks: Error Based XXE to exfiltrate data | https://medium.com/@harry.hphu/hackthebox-web-attacks-error-based-xxe-to-exfiltrate-data-3f577eef18c7?source=rss------bug_bounty-5 | Huy Phu | owasp-top-10, web-security, hackthebox, xxe-attack, bug-bounty | 28-Nov-2023 |
HackTheBox — Web Attacks: XXE with Blind Exfiltration Data | https://medium.com/@harry.hphu/hackthebox-web-attacks-xxe-with-blind-exfiltration-data-123d4be1245e?source=rss------bug_bounty-5 | Huy Phu | bug-bounty, owasp-top-10, web-security, xxe-attack, hackthebox | 28-Nov-2023 |
Catching C2s with Regex Signatures, TLS Certificates, and OSINT | https://medium.com/@paritoshblogs/catching-c2s-with-regex-signatures-tls-certificates-and-osint-8871d9a46602?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-security, cybersecurity, command-and-control, hacking | 28-Nov-2023 |
Apple security research. | https://medium.com/@abhay2432455/apple-security-research-8780372757be?source=rss------bug_bounty-5 | Abhay Kailasia | google, apple, cybersecurity, bug-bounty, bug-bounty-writeup | 28-Nov-2023 |
XSS - Weaponization ATO | https://p4n7h3rx.medium.com/xss-weaponization-ato-1de0ee30526b?source=rss------bug_bounty-5 | p4n7h3rx | penetration-testing, cybersecurity, infosec, bug-bounty-tips, bug-bounty | 28-Nov-2023 |
1.9 Lab: Visible error-based SQL injection | 2023 | https://cyberw1ng.medium.com/1-9-lab-visible-error-based-sql-injection-2023-771157e90ad8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, bug-bounty, careers, penetration-testing | 28-Nov-2023 |
VulnLab — SQLi Injection series — Bypass Login | https://medium.com/@deandradarra05/vulnlab-sqli-injection-series-bypass-login-0d6af43a395d?source=rss------bug_bounty-5 | Deandradarra | penetration-testing, cybersecurity, bug-bounty, sqli | 28-Nov-2023 |
The Bug Hunter’s Methodology Live Course Review | https://medium.com/@cybersekler/the-bug-hunters-methodology-live-course-review-4261a7a9121e?source=rss------bug_bounty-5 | Cyber Sekler | hacking, red-team, reconnaissance, bug-bounty, application-security | 28-Nov-2023 |
Hall of Fame at NASA | https://medium.com/@bijoy.redteamacademy/hall-of-fame-at-nasa-91539af7826c?source=rss------bug_bounty-5 | BIJOY B | google-ads, hacker-news, google, nasa, bug-bounty | 28-Nov-2023 |
Understanding and Mitigating Insecure Direct Object References (IDOR) Vulnerabilities | https://medium.com/@harry.hphu/understanding-and-mitigating-insecure-direct-object-references-idor-vulnerabilities-b27047015e15?source=rss------bug_bounty-5 | Huy Phu | idor-vulnerability, bug-bounty, web-security, owasp-top-10, hackthebox | 27-Nov-2023 |
Burpsuite Custom Scan Profiles | https://mrrootsec.medium.com/burpsuite-custom-scan-profiles-12a9df9e36bd?source=rss------bug_bounty-5 | mrrootsec | owasp-top-10, bug-bounty, application-security-test | 27-Nov-2023 |
Understanding XML External Entity (XXE) Vulnerabilities | https://medium.com/@harry.hphu/understanding-xml-external-entity-xxe-vulnerabilities-e8b64c2c2b3c?source=rss------bug_bounty-5 | Huy Phu | bug-bounty, owasp-top-10, xml-injection, hackthebox, web-security | 27-Nov-2023 |
Confounding Adversaries Through the Art of Illusion | https://medium.com/@paritoshblogs/confounding-adversaries-through-the-art-of-illusion-5cc56090d93a?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-technology, information-security, cybersecurity, hacking | 27-Nov-2023 |
Unveiling Critical Bug Using Directory Search — Bug Bounty Tip! | https://medium.com/@learningstuff110/unveiling-critical-bug-using-directory-search-bug-bounty-tip-330d4d9900ee?source=rss------bug_bounty-5 | Fahad Hasan | web-app-development, vulnerability, bug-bounty, cybersecurity, penetration-testing | 27-Nov-2023 |
Confounding Adversaries Through the Art of Illusion | https://osintteam.blog/confounding-adversaries-through-the-art-of-illusion-5cc56090d93a?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-technology, information-security, cybersecurity, hacking | 27-Nov-2023 |
Ruby One — Bug Bounty Program & Claim Your $RUBY | https://rubyprotocol.medium.com/ruby-one-bug-bounty-program-claim-your-ruby-848c81c4b164?source=rss------bug_bounty-5 | Ruby Protocol | blockchain, cryptocurrency, bug-bounty, crypto, ethereum | 27-Nov-2023 |
HTTP/2 Request Smuggling | https://medium.com/@kerstanhgnhzhw/http-2-request-smuggling-eb56cfd84a37?source=rss------bug_bounty-5 | kerstan | web-security, bug-bounty, security, request-smuggling, pentesting | 27-Nov-2023 |
Kaynak kodu ile XSS’i nasıl buldum ? | https://medium.com/@el-cezeri/kaynak-kodu-ile-xssi-nas%C4%B1l-buldum-9cf2632f4717?source=rss------bug_bounty-5 | Samet Yiğit | xss-attack, bug-bounty-tips, ödülavcılığı, bug-bounty | 27-Nov-2023 |
Website Scanner… | https://medium.com/@psychomong/website-scanner-4856d77bc600?source=rss------bug_bounty-5 | psychomong | hacking, gui, scanner, bug-bounty, web | 27-Nov-2023 |
@pdiscoveryio’s Katana for Bug Bounty. | https://medium.com/@BrownBearSec/pdiscoveryios-katana-for-bug-bounty-1aee11cfae14?source=rss------bug_bounty-5 | BrownBearSec | bug-bounty, cybersecurity, bug-bounty-tips, red-team, infosec | 27-Nov-2023 |
1.8 Lab: Blind SQL injection with conditional errors | 2023 | https://cyberw1ng.medium.com/1-8-lab-blind-sql-injection-with-conditional-errors-2023-da84a7836bcd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, hacking, careers, cybersecurity, bug-bounty | 27-Nov-2023 |
My bug bounty journey: #1 Linux | https://medium.com/@VDMoscar/my-bug-bounty-journey-1-linux-176d3b4f4065?source=rss------bug_bounty-5 | Oscar Vandermeulen | bug-bounty, hacking | 27-Nov-2023 |
Code4rena Audit | https://medium.com/@panoptic_xyz/code4rena-audit-96902468eece?source=rss------bug_bounty-5 | Panoptic | panoptic, audit, bug-bounty, perpetual-options | 27-Nov-2023 |
“Navigating Risks: Vulnerability Stemming from a Third-Party Integration” | https://shubhdeepp.medium.com/navigating-risks-vulnerability-stemming-from-a-third-party-integration-c877d15977d8?source=rss------bug_bounty-5 | shubhdeep | vulnerability-assessment, vulnerability, cybersecurity, bug-bounty, supply-chain-management | 27-Nov-2023 |
HackTheBox — Web Attacks: From XXE Injection to Advanced Local File Disclosure | https://medium.com/@harry.hphu/hackthebox-web-attacks-from-xxe-injection-to-advanced-local-file-disclosure-64d1bf5acdca?source=rss------bug_bounty-5 | Huy Phu | web-security, owasp-top-10, bug-bounty, xxe-attack, hackthebox | 27-Nov-2023 |
HackTheBox — Web Attacks: Mass IDOR enumeration | https://medium.com/@harry.hphu/hackthebox-web-attacks-mass-idor-enumeration-dc12da1f6333?source=rss------bug_bounty-5 | Huy Phu | hackthebox, owasp-top-10, bug-bounty, web-attack, mass-idor-enumeration | 26-Nov-2023 |
Bug Zero at a Glance [01–18 November] | https://blog.bugzero.io/bug-zero-at-a-glance-01-18-november-1cfce20b881c?source=rss------bug_bounty-5 | Januka Dharmapriya | bug-zero, cybersecurity, bug-bounty, sri-lanka, newsletter | 26-Nov-2023 |
HackTheBox — Web Attacks — IDOR: Bypassing Encoded References | https://medium.com/@harry.hphu/hackthebox-web-attacks-idor-bypassing-encoded-references-4e28008120fc?source=rss------bug_bounty-5 | Huy Phu | idor-vulnerability, web-security, bug-bounty, hackthebox-writeup, owasp-top-10 | 26-Nov-2023 |
Waybackurls leads to pwned Admin Panel | https://medium.com/@cybersolution2172/waybackurls-leads-to-pwned-admin-panel-ac3f728b87ac?source=rss------bug_bounty-5 | Satyam Singh | infosec, bug-bounty, bug-bounty-tips, hacking, vulnerability | 26-Nov-2023 |
A Thrilling Expedition into AWS Security | https://medium.com/@paritoshblogs/a-thrilling-expedition-into-aws-security-bbce85cd1eed?source=rss------bug_bounty-5 | Paritosh | aws-security, aws, bug-bounty, information-security, cybersecurity | 26-Nov-2023 |
Story of Http password reset link for $$$ | https://devanshchauhan4565.medium.com/story-of-http-password-reset-link-for-15b583519e03?source=rss------bug_bounty-5 | Devansh chauhan | writing-tips, bug-bounty, bug-bounty-tips | 26-Nov-2023 |
HackTheBox — Web Attacks: IDOR in Insecure APIs Write up | https://medium.com/@harry.hphu/hackthebox-web-attacks-idor-in-insecure-apis-write-up-7adcf4e68968?source=rss------bug_bounty-5 | Huy Phu | hackthebox, owasp-top-10, idor-vulnerability, bug-bounty, api-security | 26-Nov-2023 |
CSRF Bug Hunting Methodology: Intermediate | https://medium.com/@drthkol478/csrf-bug-hunting-methodology-intermediate-4d0df3b63b59?source=rss------bug_bounty-5 | Mikołaj Prus ( nullorx ) | network, web-app-security, bug-bounty, csrf, application-security | 26-Nov-2023 |
Explorando redes com ESP32 WIFI. | https://higordiego.medium.com/explorando-redes-com-esp32-wifi-5b15d48d0880?source=rss------bug_bounty-5 | Higor Diego | bug-bounty, pentesting, wifi, tutorial, iot | 26-Nov-2023 |
1.7 Lab: Blind SQL injection with conditional responses | 2023 | https://cyberw1ng.medium.com/1-7-lab-blind-sql-injection-with-conditional-responses-2023-db2102f1ce44?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, careers, bug-bounty, hacking, cybersecurity | 26-Nov-2023 |
Exploring Networks with ESP32 WIFI. | https://higordiego.medium.com/exploring-networks-with-esp32-wifi-778a8d42b7f1?source=rss------bug_bounty-5 | Higor Diego | network-security, pentesting, iot-security, osint, bug-bounty | 26-Nov-2023 |
Mastering the Art of Bug Bounty Reconnaissance | https://medium.com/@faizankhaliq26/mastering-the-art-of-bug-bounty-reconnaissance-5e1ec42fc405?source=rss------bug_bounty-5 | MUHAMMAD FAIZAN KHAN | web-application-testing, recon, information-gathering, web-application-security, bug-bounty | 26-Nov-2023 |
Writeup Bugcrowd — Private program — QR codes | https://medium.com/@embossdotar/writeup-bugcrowd-private-program-qr-codes-fa338161175a?source=rss------bug_bounty-5 | embossdotar | bugcrowd, writeup, bug-bounty, it-security, cybersecurity | 26-Nov-2023 |
How I Made $$$ Using Open-Redirect | https://medium.com/@rahulnakum/how-i-made-using-open-redirect-799f9ab14bda?source=rss------bug_bounty-5 | Rahul Nakum | bug-bounty | 25-Nov-2023 |
What Happens When Hackers Gain Local Account Access !! | https://medium.com/@paritoshblogs/what-happens-when-hackers-gain-local-account-access-64fc39ed25f5?source=rss------bug_bounty-5 | Paritosh | pentesting, bug-bounty, programming, cybersecurity, hacking | 25-Nov-2023 |
First massive bug: Noise’s AWS Bucket Misconfiguration | https://anshjain-napster.medium.com/first-massive-bug-noises-aws-bucket-misconfiguration-802821ed98b6?source=rss------bug_bounty-5 | Napster_Ansh | vulnerability, bug-bounty, aws-s3, cybersecurity, security | 25-Nov-2023 |
how to install waybackurls on parrot OS in 3 simple steps | https://medium.com/@diy_tech_genuis/how-to-install-waybackurls-on-parrot-os-in-3-simple-steps-fb4746302647?source=rss------bug_bounty-5 | diy_tech_genuis | hacking, diytechgenius, waybackurls, bug-bounty, parrotos | 25-Nov-2023 |
1.6 Lab: SQL injection UNION attack, retrieving multiple values in a single column | 2023 | https://cyberw1ng.medium.com/1-6-lab-sql-injection-union-attack-retrieving-multiple-values-in-a-single-column-2023-6fb957198939?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, cybersecurity, bug-bounty, hacking | 25-Nov-2023 |
Detecting and Confirming Exfiltration Activity Through Endpoint Detection and Response (EDR) | https://medium.com/@paritoshblogs/detecting-and-confirming-exfiltration-activity-through-endpoint-detection-and-response-edr-6ff4c89e9847?source=rss------bug_bounty-5 | Paritosh | hacking, cybersecurity, bug-bounty, information-security, edr | 25-Nov-2023 |
5 thing most new bug bounty hunters do wrong | https://medium.com/@diy_tech_genuis/5-thing-most-new-bug-bounty-hunters-do-wrong-321cb152363c?source=rss------bug_bounty-5 | diy_tech_genuis | diytechgenius, hacking, help, tips, bug-bounty | 25-Nov-2023 |
$20,000 Paid For A Bug That No One Has Ever Expected | https://siddardajagabathina.medium.com/20-000-paid-for-a-bug-that-no-one-has-ever-expected-5a4778620999?source=rss------bug_bounty-5 | SIDDARDA GOWTHAM JAGABATHINA | hackerone, bug-bounty, bugs, cybersecurity, cybersecurity-awareness | 25-Nov-2023 |
Critical misconfiguration in Firebase-Bug bounty | https://medium.com/@facu.tha/critical-misconfiguration-in-firebase-e682ec4239d6?source=rss------bug_bounty-5 | Facundo Fernandez | hacking, bug-bounty, penetration-testing, cybersecurity, bug-bounty-tips | 25-Nov-2023 |
Introduction to Cybersecurity for Beginners: Understanding the Digital Security World | https://medium.com/@fiqrifirdaus/introduction-to-cybersecurity-for-beginners-understanding-the-digital-security-world-f136896cda85?source=rss------bug_bounty-5 | Aditya Fiqri Firdaus | bug-bounty, cyber, cybersecurity, malware | 25-Nov-2023 |
How i get my first Logic Bug and how to find them | https://medium.com/@zomasec/how-i-get-my-first-logic-bug-and-how-to-find-them-dd5fdf6478ee?source=rss------bug_bounty-5 | Hazem El-Sayed | cybersecurity, web-security, bug-bounty-tips, bug-bounty, bugs | 25-Nov-2023 |
How to Find First Bug (For Beginners) | https://medium.com/@rajput623929/how-to-find-first-bug-for-beginners-f594230f9e36?source=rss------bug_bounty-5 | Mr.Horbio | cybersecurity, penetration-testing, bug-bounty, hacking, tricks | 24-Nov-2023 |
Bash Scripting Logic Section Part 01 | https://medium.com/@Rat_Attack72/bash-scripting-logic-section-part-01-a7424f4dd6c2?source=rss------bug_bounty-5 | Rat_Attack72 | cybersecurity, bash, shell-script, bug-bounty, automation | 24-Nov-2023 |
1.5 Lab: SQL injection UNION attack, retrieving data from other tables | 2023 | https://cyberw1ng.medium.com/1-5-lab-sql-injection-union-attack-retrieving-data-from-other-tables-2023-3e13076915fa?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, hacking, careers, cybersecurity | 24-Nov-2023 |
Breaking the HTTPS Barrier: A Hacker’s Guide to Sneaky Link Exploits! | https://medium.com/@mohammedthoufeeq_25137/breaking-the-https-barrier-a-hackers-guide-to-sneaky-link-exploits-622b07710a1c?source=rss------bug_bounty-5 | Mohamed Thoufeeq | cybersecurity, hackthebox, bug-bounty, hacking, programming | 24-Nov-2023 |
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 5 | https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-5-c1343b0f0ef9?source=rss------bug_bounty-5 | Hacker's Dump | hacking, bug-bounty, android, pentesting, penetration-testing | 24-Nov-2023 |
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 4 | https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-4-9bba2880b8cb?source=rss------bug_bounty-5 | Hacker's Dump | bug-bounty, android, hacking, penetration-testing, hacker | 24-Nov-2023 |
Bug Hunter GPT: A Game-Changer in Cybersecurity | https://medium.com/@multiplatform.ai/bug-hunter-gpt-a-game-changer-in-cybersecurity-b25ccbab2f93?source=rss------bug_bounty-5 | Multiplatform.AI | bug-bounty, ai, bughuntergpt, ai-assistant, artificial-intelligence | 24-Nov-2023 |
Cybersecurity Challenges with TryHackMe: A Hands-On Approach | https://medium.com/@paritoshblogs/cybersecurity-challenges-with-tryhackme-a-hands-on-approach-e62f76a50446?source=rss------bug_bounty-5 | Paritosh | tryhackme, programming, hacking, bug-bounty, cybersecurity | 23-Nov-2023 |
Project 2510: Bug Bounty Challenge — Day 17/25 | https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-17-25-f1337a6f4e66?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-hunting | 23-Nov-2023 |
Yet Another Rate Limit. | https://allenlopes23.medium.com/yet-another-rate-limit-71257e7b33a2?source=rss------bug_bounty-5 | Allen Lopes | vulnerability, rate-limiting, bug-bounty | 23-Nov-2023 |
1.4 Lab: SQL injection UNION attack, finding a column containing text | 2023 | https://cyberw1ng.medium.com/1-4-lab-sql-injection-union-attack-finding-a-column-containing-text-2023-94f3ee243db8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, hacking, cybersecurity, careers | 23-Nov-2023 |
bWAPP iFrame Injection | https://medium.com/@yusufbaris/bwapp-iframe-injection-22bee548c30a?source=rss------bug_bounty-5 | Yusuf Barış | cybersecurity, penetration-testing, bug-bounty, web-security, hacking | 23-Nov-2023 |
Project 2510: Bug Bounty Challenge — Day 18/25 | https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-18-25-924740430094?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunting, bug-bounty-hunter, bug-bounty-tips, bug-bounty | 23-Nov-2023 |
Powershell/JS Payloads: A Closer Look at Malicious Code Delivery | https://medium.com/@paritoshblogs/powershell-js-payloads-a-closer-look-at-malicious-code-delivery-818b0ee743a3?source=rss------bug_bounty-5 | Paritosh | programming, hacking, bug-bounty, information-security, cybersecurity | 22-Nov-2023 |
7 Sneaky Hacks Cybercriminals Use to Outsmart Your Antivirus! | https://medium.com/@paritoshblogs/7-sneaky-hacks-cybercriminals-use-to-outsmart-your-antivirus-66953a606a53?source=rss------bug_bounty-5 | Paritosh | antivirus, cybersecurity, hacking, bug-bounty, darkweb | 22-Nov-2023 |
Apple webserver vulnerable for HTTP request Sumggling attack | https://medium.com/@abdulriyaz1200/apple-webserver-vulnerable-for-http-request-sumggling-attack-cabe1d53dab1?source=rss------bug_bounty-5 | Abdulriyaz | bug-bounty-tips, bug-bounty, bug-bounty-writeup, apple, hall-of-fame | 22-Nov-2023 |
200$ bounty for CRLF injection Attack | https://medium.com/@abdulriyaz1200/200-bounty-for-crlf-injection-attack-39c482bad796?source=rss------bug_bounty-5 | Abdulriyaz | bug-bounty, bug-bounty-tips, hall-of-fame, bugbounty-writeup | 22-Nov-2023 |
Mass Hunting XSS vulnerabilities | https://ott3rly.medium.com/mass-hunting-xss-vulnerabilities-5b53363dd3db?source=rss------bug_bounty-5 | Ott3rly | bug-bounty-tips, bug-bounty, cross-site-scripting, bug-bounty-hunter, xss-vulnerability | 22-Nov-2023 |
Google dorking is one of the best method | Hall of fame from XXX.gov | https://medium.com/@abdulriyaz1200/google-dorking-is-one-of-the-best-method-hall-of-fame-from-xxx-gov-8db6aa3c69f3?source=rss------bug_bounty-5 | Abdulriyaz | bug-bounty, government, bug-bounty-tips | 22-Nov-2023 |
1.3 Lab: SQL injection UNION attack, determining the number of columns returned by the query | 2023 | https://cyberw1ng.medium.com/1-3-lab-sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-2023-441930bf38b7?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, hacking, careers, cybersecurity | 22-Nov-2023 |
Exploiting Exposed .git File to Access Webmail Credentials | https://medium.com/@tanyago/exploiting-exposed-git-file-to-access-webmail-credentials-4b47a3afff38?source=rss------bug_bounty-5 | Tanya Goyal | bug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-hunting | 22-Nov-2023 |
Mass Hunting XSS vulnerabilities | https://infosecwriteups.com/mass-hunting-xss-vulnerabilities-5b53363dd3db?source=rss------bug_bounty-5 | Ott3rly | bug-bounty-tips, bug-bounty, cross-site-scripting, bug-bounty-hunter, xss-vulnerability | 22-Nov-2023 |
Hoping for a Bug Bounty This Year at AWS re:Invent :^) | https://medium.com/cloud-security/hoping-for-a-bug-bounty-this-year-at-aws-re-invent-5c8a76d09514?source=rss------bug_bounty-5 | Teri Radichel | awswishlist, cloud, aws, bug-bounty, security | 22-Nov-2023 |
Bug Hunter jornal Day #0 | https://medium.com/@joaomaia171820/bug-hunter-jornal-day-0-7a451f0292aa?source=rss------bug_bounty-5 | Jhonny_The_Kid | cybersecurity, bug-bounty-writeup, bug-bounty-program, bug-bounty, hacking | 22-Nov-2023 |
SAML authentication bypass leads to account takeover | https://medium.com/@Xt3sY/saml-authentication-bypass-leads-to-account-takeover-f9aaa37a34fe?source=rss------bug_bounty-5 | Pushkar Bhagat | bugs, bug-bounty, hacking, hackerone | 22-Nov-2023 |
How to earn $DCT on DecentraCredit Testnet V1 on Arbitrum | https://decentracredit.medium.com/how-to-earn-dct-on-decentracredit-testnet-v1-on-arbitrum-915d9995c2e4?source=rss------bug_bounty-5 | Decentra Credit | arbitrum, testnet-airdrop, bug-bounty, ethereum, airdrop | 22-Nov-2023 |
Semi-Automating IDORs: A Practical Approach to Working Smarter, Not Harder | https://mux0xx.medium.com/semi-automating-idors-a-practical-approach-to-working-smarter-not-harder-5b7f1f47b55a?source=rss------bug_bounty-5 | Muhammed K. Sayed | bug-bounty, cybersecurity, hacker, idor, hacking | 22-Nov-2023 |
Embracing the Future: Bug Bounty Hunting as a Lucrative Full-Time Career | https://infosecwriteups.com/embracing-the-future-bug-bounty-hunting-as-a-lucrative-full-time-career-3e4b147923f7?source=rss------bug_bounty-5 | Security Lit Limited | penetration-testing, vulnerability, bug-bounty-tips, bug-bounty, cybersecurity | 22-Nov-2023 |
How i hacked a router (embedded system) | https://medium.com/@Threat_Intelligence/how-i-hacked-a-router-embedded-system-9a5b8139e83e?source=rss------bug_bounty-5 | 127.0.0.1 is safe.⚠️ | cybersecurity, tecnologia, hacking, bug-bounty, red-team | 22-Nov-2023 |
My First IDOR - Hiding in the Header Request | https://medium.com/@hbenja47/my-first-idor-hiding-in-the-header-request-8a03dddc23b5?source=rss------bug_bounty-5 | Benja (bronxi) | hacker, bug-bounty, idor, hacking | 21-Nov-2023 |
Chaining CORS by Reflected XSS to Steal Sensitive Data | https://infosecwriteups.com/chaining-cors-by-reflected-xss-to-steal-sensitive-data-c456e133c10d?source=rss------bug_bounty-5 | Mohammad reza Omrani | cybersecurity, infosec, steal-sensitive-data, cors-misconfiguration, bug-bounty | 21-Nov-2023 |
What is Next-Generation Antivirus (NGAV) ? | https://medium.com/@paritoshblogs/what-is-next-generation-antivirus-ngav-f05267dd2613?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-security, cybersecurity, hacking, antivirus | 21-Nov-2023 |
Top Recon Tools for Bug Bounty Hunters | https://securitycipher.medium.com/top-recon-tools-for-bug-bounty-hunters-fa655b8caf2e?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | bug-bounty, bug-bounty-tips, programming, cybersecurity, technology | 21-Nov-2023 |
Epic Bug Hunting Failures-2 | https://infosecwriteups.com/epic-bug-hunting-failures-2-fafb2af9b844?source=rss------bug_bounty-5 | Varshini Ramesh | development, hackerone, bug-bounty, cybersecurity, info-sec-writeups | 21-Nov-2023 |
The Crossroads of Code Crafting: A Personal Journey Between Rewriting and Quick Fixes | https://blursdaywtf.medium.com/the-crossroads-of-code-crafting-a-personal-journey-between-rewriting-and-quick-fixes-8ab18e5a9a60?source=rss------bug_bounty-5 | Blursday | coding, tech, bug-bounty, founders, apps | 21-Nov-2023 |
How I Gain $2,000-$3,000 a Month From Bug Bounties With No Code Experience | https://medium.com/@13032765d/how-i-gain-2-000-3-000-a-month-from-bug-bounties-with-no-code-experience-df2e89348fbb?source=rss------bug_bounty-5 | DataPsyLife | money, hacking, side-hustle, bug-bounty, freelancing | 21-Nov-2023 |
Cybersecurity Tools | https://bineshmadharapu.medium.com/cybersecurity-tools-02e85cb3c4ed?source=rss------bug_bounty-5 | Binesh Madharapu | cybersecurity, bug-bounty, network-security, nmap, ethical-hacking | 21-Nov-2023 |
CVE-2023–47837: ARMember ≤= 4.0.10 — Bypass Membership Plan | https://revan-ar.medium.com/cve-2023-47837-armember-4-0-10-bypass-membership-plan-4bc1e63f044c?source=rss------bug_bounty-5 | Revan A | bug-bounty, wordpress, cve, bypass, privilege-escalation | 21-Nov-2023 |
SQL Injection UNION Attacks in Web App Pentesting | 2023 | https://cyberw1ng.medium.com/sql-injection-union-attacks-in-web-app-pentesting-2023-fbd072299b77?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, hacking, careers, bug-bounty, cybersecurity | 21-Nov-2023 |
How to find sensitive information in an organization | (Como encontrar información sensible en una… | https://medium.com/@l0calh0st/how-to-find-sensitive-information-in-an-organization-como-encontrar-informaci%C3%B3n-sensible-en-una-cb08c5128ab5?source=rss------bug_bounty-5 | 127.0.0.1 is safe.⚠️ | tech, hacking, red-team, bug-bounty, cybersecurity | 21-Nov-2023 |
How I hacked Google’s bug tracking system itself for $15,600 in bounties | https://jamilahmad-dev.medium.com/how-i-hacked-googles-bug-tracking-system-itself-for-15-600-in-bounties-0e9e36b772b9?source=rss------bug_bounty-5 | Jamil Ur Rehman | startup, bug-bounty, security, google, technology | 21-Nov-2023 |
CRITICAL BUG Alert: How I HACKED into a company’s DATABASE | https://jamilahmad-dev.medium.com/critical-bug-alert-how-i-hacked-into-a-companys-database-fc61179f5d5d?source=rss------bug_bounty-5 | Jamil Ur Rehman | hacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty, ethical-hacking | 21-Nov-2023 |
Project 2510: Bug Bounty Challenge — Day 16/25 | https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-16-25-f881c177b749?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunting, bug-bounty-tips, bug-bounty, bug-bounty-hunter | 21-Nov-2023 |
Detecting and Understanding Cookies in Web Development | https://medium.com/@nirvana.elahi/detecting-and-understanding-cookies-in-web-development-a520b279988b?source=rss------bug_bounty-5 | Nirvana El | owasp-top-10, cybersecurity, bug-bounty, penetration-testing | 21-Nov-2023 |
How to find sensitive information in an organization . | https://medium.com/@Threat_Intelligence/how-to-find-sensitive-information-in-an-organization-como-encontrar-informaci%C3%B3n-sensible-en-una-cb08c5128ab5?source=rss------bug_bounty-5 | 127.0.0.1 is safe.⚠️ | tech, hacking, red-team, bug-bounty, cybersecurity | 21-Nov-2023 |
Step-by-Step guide to writing a Metasploit Script | https://higordiego.medium.com/step-by-step-guide-to-writing-a-metasploit-script-6bacb96363e5?source=rss------bug_bounty-5 | Higor Diego | vulnerability, exploit, bug-bounty, security, osint | 21-Nov-2023 |
Legal and Ethical Dimensions in Malware Analysis (Cybersecurity) | https://medium.com/@paritoshblogs/legal-and-ethical-dimensions-in-malware-analysis-cybersecurity-86accca12049?source=rss------bug_bounty-5 | Paritosh | cybersecurity, bug-bounty, legal, programming, hacking | 20-Nov-2023 |
Improper Input Sanitization Error in Web3 | https://medium.com/@vinaysati/improper-input-sanitization-error-in-web3-f4bd0f6d88cc?source=rss------bug_bounty-5 | Vinaysati | hacking, cryptocurrency, bug-bounty, web3, web3bug | 20-Nov-2023 |
#3 Set-up FoxyProxy in Firefox — Guide for Burp Suite | https://securitycipher.medium.com/3-set-up-foxyproxy-in-firefox-guide-for-burp-suite-ee9627b6f513?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | security, bug-bounty-tips, bug-bounty, penetration-testing, technology | 20-Nov-2023 |
Event Driven Bug Bounty on AWS | https://medium.com/@husein.ayoub/event-driven-bug-bounty-on-aws-d39f75d962a3?source=rss------bug_bounty-5 | Hussein Ayoub | aws, bug-bounty, security | 20-Nov-2023 |
The Story of How I Hacked one of the online payment system website twice | https://christmex.medium.com/the-story-of-how-i-hacked-one-of-the-online-payment-system-website-twice-b0ba48ed13db?source=rss------bug_bounty-5 | Jonathan Christian | bug-bounty-writeup, programming, technology, cybersecurity, bug-bounty | 20-Nov-2023 |
ESSENTIAL HTML FOR HACKERS | https://medium.com/@agapehearts/essential-html-for-hackers-12d329927c9b?source=rss------bug_bounty-5 | Agape HearTs | xss-attack, bug-bounty, html, hacker, pentesting | 20-Nov-2023 |
Writeups of All Apprentice Labs in Portswigger — All Lab’s Solution| Karthikeyan Nagaraj | https://cyberw1ng.medium.com/writeups-of-all-apprentice-labs-in-portswigger-all-labs-solution-karthikeyan-nagaraj-a5f23fd0c87b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, careers, penetration-testing, hacking | 20-Nov-2023 |
Go Beyond with Gretire | https://systemweakness.com/go-beyond-with-gretire-313b7fbe3f47?source=rss------bug_bounty-5 | Whalebone | cybersecurity, bug-bounty, open-source, information-security, hacking | 20-Nov-2023 |
Email address: The Online ID | https://medium.com/@duncanochieng682/email-address-the-online-id-dd0061bf7828?source=rss------bug_bounty-5 | JateloCybersec | infosec, hacking, bug-bounty, ethical-hacking, blackhat | 20-Nov-2023 |
Understanding CVE-2023–46604: A Threat to Apache ActiveMQ | https://infosecwriteups.com/understanding-cve-2023-46604-a-threat-to-apache-activemq-d771eb408eba?source=rss------bug_bounty-5 | Security Lit Limited | bug-bounty, vulnerability, cybersecurity, programming, penetration-testing | 20-Nov-2023 |
Project 2510: Bug Bounty Challenge — Day 15/25 | https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-15-25-27d085f4bf95?source=rss------bug_bounty-5 | Wallotry | bug-bounty-tips, bug-bounty-hunting, bug-bounty-hunter, bug-bounty | 20-Nov-2023 |
Understanding CVE-2023–46604: A Threat to Apache ActiveMQ | https://securitylit.medium.com/understanding-cve-2023-46604-a-threat-to-apache-activemq-d771eb408eba?source=rss------bug_bounty-5 | Security Lit Limited | bug-bounty, vulnerability, cybersecurity, programming, penetration-testing | 20-Nov-2023 |
The Story of How I Hacked one of the online payment system website | https://christmex.medium.com/the-story-of-how-i-hacked-one-of-the-online-payment-system-website-twice-b0ba48ed13db?source=rss------bug_bounty-5 | Jonathan Christian | bug-bounty-writeup, programming, technology, cybersecurity, bug-bounty | 20-Nov-2023 |
GraphQL Misconfiguration Leads to Unlimited Money Transfer (Intigriti CTF — Bug Bank) | https://medium.com/@thewolfsec/graphql-misconfiguration-leads-to-unlimited-money-transfer-intigriti-ctf-bug-bank-48cdeb9c9aec?source=rss------bug_bounty-5 | TheWolf Sec | graphql, intigriti, bug-bounty, ctf | 19-Nov-2023 |
#2 Different Burp Suite Tools — Guide for Burp Suite | https://securitycipher.medium.com/2-different-burp-suite-tools-guide-for-burp-suite-7c5aa2ad05ed?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | penetration-testing, bug-bounty, security, cybersecurity, news | 19-Nov-2023 |
Find Vulnerabilities before other Hackers Exploiting | https://medium.com/@salmanul060/find-vulnerabilities-before-other-hackers-exploiting-a86fe4c3d5eb?source=rss------bug_bounty-5 | Salmanul Faris | web-applications, cybersecurity, bug-bounty, penetrationtestingcompany, penetration-testing | 19-Nov-2023 |
SSTI bypass using CRLF (1337 UP CTF — Smarty Pants) | https://medium.com/@thewolfsec/ssti-bypass-using-crlf-1337-up-ctf-smarty-pants-4ee8e1a72f98?source=rss------bug_bounty-5 | TheWolf Sec | intigriti, ssti, bug-bounty, ctf, php-developers | 19-Nov-2023 |
Privilege Escalation: Unauthorized Low-Privilege Users Creating Feature Bundles | https://medium.com/@a13h1/privilege-escalation-unauthorized-low-privilege-users-creating-feature-bundles-75f6125eec78?source=rss------bug_bounty-5 | Abhi Sharma | bug-bounty, programming, cybersecurity, hacking, api | 19-Nov-2023 |
#2 Different Burp Suite Tools — Guide for Burp Suite | https://infosecwriteups.com/2-different-burp-suite-tools-guide-for-burp-suite-7c5aa2ad05ed?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | penetration-testing, bug-bounty, security, cybersecurity, news | 19-Nov-2023 |
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 3 | https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-3-99e86d021190?source=rss------bug_bounty-5 | Hacker's Dump | android, android-pentesting, penetration-testing, hacking, bug-bounty | 19-Nov-2023 |
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 4 | https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-4-c942fbd9cae5?source=rss------bug_bounty-5 | Hacker's Dump | bug-bounty, hacking, android, penetration-test, penetration-testing | 19-Nov-2023 |
23.6 Lab: Insecure direct object references | 2023 | https://cyberw1ng.medium.com/23-6-lab-insecure-direct-object-references-2023-dfd4a9f3eeb3?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, cybersecurity, penetration-testing, hacking | 19-Nov-2023 |
A Guide to Indicators of Compromise (IoC) Analysis | https://medium.com/@paritoshblogs/a-guide-to-indicators-of-compromise-ioc-analysis-925708cbf8aa?source=rss------bug_bounty-5 | Paritosh | programming, bug-bounty, ioc, hacking, cybersecurity | 19-Nov-2023 |
ByteGuard: Mastering the Art of Data Security | https://medium.com/@paritoshblogs/byteguard-mastering-the-art-of-data-security-5719be0d1c7c?source=rss------bug_bounty-5 | Paritosh | information-security, data-security, cybersecurity, data, bug-bounty | 18-Nov-2023 |
Securing the Backbone: Supply Chain Security | https://medium.com/@paritoshblogs/securing-the-backbone-supply-chain-security-34282b6b505f?source=rss------bug_bounty-5 | Paritosh | supply-chain, information-security, cybersecurity, supply-chain-attack, bug-bounty | 18-Nov-2023 |
eWPTX Prepare Resources | https://medium.com/@0UN390/ewptx-prepare-resources-a741220cf145?source=rss------bug_bounty-5 | 0UN390 | bug-bounty, cybersecurity, web-security, penetration-testing | 18-Nov-2023 |
AppSec Tales XXIII | XPathI | https://karol-mazurek95.medium.com/appsec-tales-xxiii-xpathi-ca6171826d2a?source=rss------bug_bounty-5 | Karol Mazurek | information-technology, cybersecurity, application-security, bug-bounty, penetration-testing | 18-Nov-2023 |
#Day6 Bug Bounty Recon Part 2: ( Subdomains and S3 buckets ) | https://medium.com/codingninjablogs/day6-bug-bounty-recon-part-2-subdomains-and-s3-buckets-1a01780e6908?source=rss------bug_bounty-5 | OBSIDIAN | programming, technology, bug-bounty, ethical-hacking, cybersecurity | 18-Nov-2023 |
23.5 Lab: User ID controlled by request parameter with password disclosure | 2023 | https://cyberw1ng.medium.com/23-5-lab-user-id-controlled-by-request-parameter-with-password-disclosure-2023-ad748d1daa9e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, cybersecurity, hacking, penetration-testing | 18-Nov-2023 |
Hacking Microsoft IIS : Enumerating IIS for V | https://medium.com/@mudasserhussain1111/hacking-microsoft-iis-enumerating-iis-for-v-39de5a27f101?source=rss------bug_bounty-5 | Mudasser Hussain | infosec-write-ups, cybersecurity, hacking, microsoft, bug-bounty | 18-Nov-2023 |
OAuth Misconfiguration Leads To Pre-Account Takeover(snapchat) | https://medium.com/@a7med.ctf/oauth-misconfiguration-leads-to-pre-account-takeover-snapchat-129b118661f6?source=rss------bug_bounty-5 | Ahmed Mahmoued | hacking, bug-bounty-tips, bug-bounty | 18-Nov-2023 |
CVE-2023–36025: An In-Depth Analysis of Circumventing Windows SmartScreen Security | https://infosecwriteups.com/cve-2023-36025-an-in-depth-analysis-of-circumventing-windows-smartscreen-security-6ff05c8b69d0?source=rss------bug_bounty-5 | Security Lit Limited | penetration-testing, threat-intelligence, cybersecurity, microsoft, bug-bounty | 18-Nov-2023 |
Default Credentials, P1 with $$$$ Reward in a Bug Bounty Program | https://medium.com/@jedus0r/default-credentials-p1-with-reward-in-a-bug-bounty-program-1aad9c008619?source=rss------bug_bounty-5 | jedus0r | security-research, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter | 18-Nov-2023 |
CVE-2023–35078 Unveiled: Ethical Vulnerability Discovery and Reporting By Me and My Hunting Buddy… | https://medium.com/@jaini.rutvik/cve-2023-35078-unveiled-ethical-vulnerability-discovery-and-reporting-by-me-and-my-hunting-buddy-507582baf5c3?source=rss------bug_bounty-5 | Rj07 | responsible-disclosure, information-technology, zero-day, bug-bounty, information-security | 18-Nov-2023 |
Project 2510: Bug Bounty Challenge — Day 13/25 | https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-13-25-f6e21379749b?source=rss------bug_bounty-5 | Wallotry | bug-bounty, bug-bounty-hunter, bug-bounty-hunting, bug-bounty-tips | 18-Nov-2023 |
Default Credentials, P1 with $$$$ Reward in a Bug Bounty Program | https://systemweakness.com/default-credentials-p1-with-reward-in-a-bug-bounty-program-1aad9c008619?source=rss------bug_bounty-5 | jedus0r | security-research, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter | 18-Nov-2023 |
The Future of Cybersecurity: The Power of AI-Powered SIEM | https://medium.com/@paritoshblogs/the-future-of-cybersecurity-the-power-of-ai-powered-siem-ae43921e9bce?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-security, siem, hacking, cybersecurity | 17-Nov-2023 |
3 Command Line Games Which You Must Try | https://medium.com/@rushi.padhiyar098/3-command-line-games-which-you-must-try-fa77c2ff7127?source=rss------bug_bounty-5 | Cyph3r Ryx | games, cybersecurity, hacking, command-line, bug-bounty | 17-Nov-2023 |
Dastardly — Web Application Security Scanner — CI/CD | https://securitycipher.medium.com/dastardly-web-application-security-scanner-ci-cd-3a4eea08719a?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | technology, security, bug-bounty, cybersecurity, penetration-testing | 17-Nov-2023 |
How I Automatically Generate XSS Payload & Automate Reflected XSS | https://ajaksecurity.medium.com/how-i-automatically-generate-xss-payload-automate-reflected-xss-be7c993f90d4?source=rss------bug_bounty-5 | Ajak Cyber security | hacking, cybersecurity, bug-bounty, ethical-hacking, penetration-testing | 17-Nov-2023 |
23.4 Lab: User ID controlled by request parameter with data leakage in redirect | 2023 | https://cyberw1ng.medium.com/23-4-lab-user-id-controlled-by-request-parameter-with-data-leakage-in-redirect-2023-5fa1b18bced1?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, careers, bug-bounty, cybersecurity, security | 17-Nov-2023 |
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 2 | https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-2-9c33c319a696?source=rss------bug_bounty-5 | Hacker's Dump | android-pentesting, android, penetration-testing, hacking, bug-bounty | 17-Nov-2023 |
How to find vulnerabilities in a web page in 10 minutes | https://medium.com/@l0calh0st/how-to-find-vulnerabilities-in-a-web-page-in-10-minutes-66cd052b4fbc?source=rss------bug_bounty-5 | 127.0.0.1 is safe.⚠️ | red-team, bug-bounty, error-message, cybersecurity, hacking | 17-Nov-2023 |
Access control vulnerabilities | https://medium.com/@abdullahwarsama28/access-control-vulnerabilities-02fe3ea2e17f?source=rss------bug_bounty-5 | Abdullah Warsama | bug-bounty, web-security | 17-Nov-2023 |
JWT Intrigue: Hidden Keys within Web Applications | https://medium.com/@josh.beck2006/jwt-intrigue-hidden-keys-within-web-applications-4b042c80f427?source=rss------bug_bounty-5 | Josh Beck | penetration-testing, bug-bounty, cybersecurity, ctf-writeup, ctf | 16-Nov-2023 |
AuditOne Roundtable with Alexey from Aurora and Guido Vranken | https://medium.com/@auditone.io/auditone-roundtable-with-alexey-from-aurora-and-guido-vranken-3d7c709289c0?source=rss------bug_bounty-5 | AuditOne | bug-bounty, defi, web3, aurora, fuzzing | 16-Nov-2023 |
#1 Introduction to Burp Suite — Guide for Burp Suite | https://securitycipher.medium.com/1-introduction-to-burp-suite-guide-for-burp-suite-4054b64f10a0?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | penetration-testing, bug-bounty, cybersecurity, technology, security | 16-Nov-2023 |
Easy Admin Access — RVDP | https://infosecwriteups.com/easy-admin-access-rvdp-d1eb2c97cb3e?source=rss------bug_bounty-5 | hackerdevil | bug-bounty-tips, web-app-security, bug-bounty, bug-bounty-writeup, vulnerability-assessment | 16-Nov-2023 |
Bug Bounty Programs: Unleashing the Power of Ethical Hacking | https://medium.com/@crawsecurity/bug-bounty-programs-unleashing-the-power-of-ethical-hacking-5da98f820ebb?source=rss------bug_bounty-5 | crawsecurity | bug-bounty-program, bug-bounty, bug-bounty-tips, bugs, bug-bounty-writeup | 16-Nov-2023 |
Exploiting Blind XXE: Going Out of Band | https://medium.com/@mohamedtaha_42562/exploiting-blind-xxe-going-out-of-band-f04e3c1ea7ef?source=rss------bug_bounty-5 | Mohamed Taha | security, penetration-testing, bug-bounty | 16-Nov-2023 |
Introducing Bug Bounty Boosts: Supercharging Security With Timebound Events | https://medium.com/immunefi/introducing-bug-bounty-boosts-supercharging-security-with-timebound-events-51e3a1f208c3?source=rss------bug_bounty-5 | Immunefi Editor | bug-bounty, web3, immunefi, cybersecurity, degate | 16-Nov-2023 |
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 1 | https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-1-392cf9abf93f?source=rss------bug_bounty-5 | Hacker's Dump | android-pentesting, hacking, android, penetration-testing, bug-bounty | 16-Nov-2023 |
Malware Analysis: Understanding and Combatting Cyber Threats | https://medium.com/@paritoshblogs/malware-analysis-understanding-and-combatting-cyber-threats-d0db1d56760c?source=rss------bug_bounty-5 | Paritosh | malware-analysis, hacking, bug-bounty, cybersecurity, information-security | 16-Nov-2023 |
How I got a $500 reward for finding an unacclaimed bucket on GitHub | https://medium.com/@andre.pontes7/how-i-got-a-500-reward-for-finding-an-unacclaimed-bucket-on-github-57623c386515?source=rss------bug_bounty-5 | André Pontes | aws-s3, hackerone, bug-bounty, aws | 16-Nov-2023 |
23.3 Lab: User ID controlled by request parameter, with unpredictable user IDs | 2023 | https://cyberw1ng.medium.com/23-3-lab-user-id-controlled-by-request-parameter-with-unpredictable-user-ids-2023-5827f93eca1d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, careers, cybersecurity, hacking | 16-Nov-2023 |
$1000 Bounty: How I scaled a Self-Redirect to an XSS in a web 3.0 system at Hackenproof | https://erickfernandox.medium.com/1000-bounty-how-i-scaled-a-self-redirect-to-an-xss-in-a-web-3-0-system-at-hackenproof-37380f701892?source=rss------bug_bounty-5 | Erick Fernando | bug-bounty, hackenproof, open-redirect, xss-bypass | 16-Nov-2023 |
DNS C2 — When Malware Goes Incognito! | https://medium.com/@paritoshblogs/dns-c2-when-malware-goes-incognito-03fdc2e82057?source=rss------bug_bounty-5 | Paritosh | cybersecurity, bug-bounty, information-security, dns, hacking | 15-Nov-2023 |
HackerOne Surpasses $300 Million in Rewards for Ethical Hackers | https://medium.com/@zerosecurity/hackerone-surpasses-300-million-in-rewards-for-ethical-hackers-eba7be4f106c?source=rss------bug_bounty-5 | ZeroSecurity | bug-bounty | 15-Nov-2023 |
LandRocker Bug Bounty Program | https://landrocker.medium.com/landrocker-bug-bounty-program-aa2f55f47297?source=rss------bug_bounty-5 | LandRocker | bug-bounty, bitcoin, cryptocurrency-investment, token-sale, web3 | 15-Nov-2023 |
23.2 Lab: User ID controlled by request parameter | 2023 | https://cyberw1ng.medium.com/23-2-lab-user-id-controlled-by-request-parameter-2023-74764905c72c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, careers, hacking, cybersecurity | 15-Nov-2023 |
Understanding Post-Exploitation: Cybersecurity | https://medium.com/@paritoshblogs/understanding-post-exploitation-cybersecurity-5c8d11b75812?source=rss------bug_bounty-5 | Paritosh | cybersecurity, programming, information-security, bug-bounty, post-exploitation | 15-Nov-2023 |
Idor That allowed me to get access to sensitive users files and share them -.- | https://hamzadzworm.medium.com/idor-that-allowed-me-to-get-access-to-sensitive-users-files-and-share-them-f7da741e9f63?source=rss------bug_bounty-5 | Hamzadzworm | bugbounty-writeup, bug-bounty-tips, hackerone, bug-bounty, cybersecurity | 15-Nov-2023 |
Unveiling Sensitive Information Exposure: IIS Tilde Enumeration Vulnerability | https://medium.com/@mohammed0anas/unveiling-sensitive-information-exposure-iis-tilde-enumeration-vulnerability-ffe034073288?source=rss------bug_bounty-5 | Nas | bug-bounty, hacking, cybersecurity, bug-bounty-writeup | 15-Nov-2023 |
How I hacked Google’s bug tracking system itself for $15,600 in bounties | https://homosapienimo.medium.com/how-i-hacked-googles-bug-tracking-system-itself-for-15-600-in-bounties-65c5aacaacdf?source=rss------bug_bounty-5 | Homo Sapiens | bug-bounty, startup, google, technology, security | 15-Nov-2023 |
Project 2510: Bug Bounty Challenge — Day 10/25 | https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-10-25-7b9651fb1b26?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty-hunting, bug-bounty, bug-bounty-tips | 15-Nov-2023 |
Exploiting Parallels Plesk Panels With Shodan | https://blog.meese.enterprises/exploiting-parallels-plesk-panels-with-shodan-282248855af2?source=rss------bug_bounty-5 | Aaron Meese | cybersecurity, shodan, osint-investigation, osint, bug-bounty | 15-Nov-2023 |
Detection Engineering: Strengthening Cybersecurity Defense | https://medium.com/@paritoshblogs/detection-engineering-strengthening-cybersecurity-defense-8d31ab7a2d46?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-security, detection-engineering, hacking, cybersecurity | 14-Nov-2023 |
Hackathon : KPU.GO.ID | https://medium.com/@angryovalegg/hackathon-kpu-go-id-8fb6f3ce0d61?source=rss------bug_bounty-5 | Angry Oval Egg | hackathons, indo-hacker, bug-bounty, kpu, pemilu | 14-Nov-2023 |
How to find probably vulnerable objects in your own surface with Netlas.io? | https://systemweakness.com/how-to-find-probably-vulnerable-objects-in-your-own-surface-with-netlas-io-7f3448363892?source=rss------bug_bounty-5 | Netlas.io | script, automation, bug-bounty, attack-surface, reconnaissance | 14-Nov-2023 |
#4 Session Fixation — Secure Code Explain | https://securitycipher.medium.com/4-session-fixation-secure-code-explain-7d9567f25f38?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | cybersecurity, technology, bug-bounty, vulnerability, coding | 14-Nov-2023 |
Escalating Blind SSRF to a Remote Code Execution | https://mukibas37.medium.com/escalating-blind-ssrf-to-a-remote-code-execution-be65ed9a7d0f?source=rss------bug_bounty-5 | Mukilan Baskaran | infosec, ssrf, cybersecurity, bug-bounty, hacking | 14-Nov-2023 |
23.1 Lab: CORS vulnerability with trusted null origin | 2023 | https://cyberw1ng.medium.com/23-1-lab-cors-vulnerability-with-trusted-null-origin-2023-53d2de3b8e28?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, careers, cybersecurity, penetration-testing | 14-Nov-2023 |
Har Har Hijack: The Okta Plunder | https://medium.com/@josh.beck2006/har-har-hijack-the-okta-plunder-8fb36f5c9d45?source=rss------bug_bounty-5 | Josh Beck | penetration-testing, cybersecurity, bug-bounty | 14-Nov-2023 |
bWAPP PHP Code Injection | https://medium.com/@yusufbaris/bwapp-php-code-injection-2b326b831924?source=rss------bug_bounty-5 | Yusuf Barış | cybersecurity, web-security, hacking, bug-bounty, penetration-testing | 14-Nov-2023 |
Project 2510: Bug Bounty Challenge — Day 9/25 | https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-9-25-14cbedbecee2?source=rss------bug_bounty-5 | Wallotry | bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-hunting | 14-Nov-2023 |
Introduction to AI in Cybersecurity | https://imran-niaz.medium.com/introduction-to-ai-in-cybersecurity-6d80460d9e37?source=rss------bug_bounty-5 | Imran Niaz | programming, cybersecurity, learning, penetration-testing, bug-bounty | 13-Nov-2023 |
Let's together dive deep into information disclosure | https://medium.com/@parthnarulatech/lets-together-dive-deep-into-information-disclosure-8bdb0b5db728?source=rss------bug_bounty-5 | scriptjacker | bug-bounty-tips, penetration-testing, bug-bounty, cybersecurity, owasp | 13-Nov-2023 |
SSL Search — A tool to identify infrastructure and discover attack surfaces. | https://medium.com/@harsh8v/ssl-search-a-tool-to-identify-infrastructure-and-discover-attack-surfaces-449c83269574?source=rss------bug_bounty-5 | Harsh Varagiya | bug-bounty, gcp, ssl-certificate, aws, internet | 13-Nov-2023 |
Google VRP -[IDOR] Deleted Victim Data & Leaked | https://medium.com/@ggilang1135/google-vrp-idor-deleted-victim-data-leaked-0b3cba8e3f7a?source=rss------bug_bounty-5 | Gilang Romadon | bug-bounty, idor-vulnerability, bug-bounty-tips, ggilangromadon, google-vrp | 13-Nov-2023 |
Announcing IWCON 2023 Speakers Second Batch | https://infosecwriteups.com/announcing-iwcon-2023-speakers-second-batch-26762dc93491?source=rss------bug_bounty-5 | InfoSec Write-ups | infosec, security, bug-bounty, conference, hacking | 13-Nov-2023 |
Cracking the Code, Cobalt Strike — More Than Just a Fancy Pen Test Tool (And Why Cyber Baddies… | https://medium.com/@paritoshblogs/cracking-the-code-cobalt-strike-more-than-just-a-fancy-pen-test-tool-and-why-cyber-baddies-8b5c56ece92c?source=rss------bug_bounty-5 | Paritosh | bug-bounty, pentesting, cybersecurity, hacking, cobalt-strike | 13-Nov-2023 |
22.2 Lab: JWT authentication bypass via flawed signature verification | 2023 | https://cyberw1ng.medium.com/22-2-lab-jwt-authentication-bypass-via-flawed-signature-verification-2023-2a1d63d18ab2?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, bug-bounty, cybersecurity, penetration-testing | 13-Nov-2023 |
Weirdest API that has been ever found | https://medium.com/@mmaulanaabdullah/weirdest-api-that-has-been-ever-found-9270720d6f02?source=rss------bug_bounty-5 | M Maulana Abdullah | writeup, api, bug-bounty, api-development | 13-Nov-2023 |
Authentication Vulnerabilities- Lab #9 Brute-forcing a stay-logged-in cookie | https://dollarboysushil.medium.com/authentication-vulnerabilities-lab-9-brute-forcing-a-stay-logged-in-cookie-dda91125f5f2?source=rss------bug_bounty-5 | dollarboysushil | cookie-hacking, web-security, cybersecurity, portswigger, bug-bounty | 13-Nov-2023 |
Project 2510: Bug Bounty Challenge — Day 8/25 | https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-8-25-ea9bc1addd63?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunting, bug-bounty, bug-bounty-hunter, bug-bounty-tips | 13-Nov-2023 |
I created posts on the newsletter page dedicated to the program administrator | https://medium.com/@hossam_hamada/i-created-posts-on-the-newsletter-page-dedicated-to-the-program-administrator-aa271980aa53?source=rss------bug_bounty-5 | Hossam Hamada | bug-bounty, penetration-testing, idor, idor-vulnerability, bug-hunting | 12-Nov-2023 |
1200$ IDOR Flaw: Allow Attacker To Approve Project Time Tracking | https://medium.com/@a13h1/1200-idor-flaw-allow-attacker-to-approve-project-time-tracking-a9f64c06732a?source=rss------bug_bounty-5 | Abhi Sharma | bug-bounty, programming, hacking, information-security, cybersecurity | 12-Nov-2023 |
Crafting XSS (Cross-Site Scripting) payloads | https://infosecwriteups.com/crafting-xss-cross-site-scripting-payloads-919f62171bd0?source=rss------bug_bounty-5 | Security Lit Limited | xss-vulnerability, bug-bounty, xss-attack, technology, cybersecurity | 12-Nov-2023 |
Authentication Vulnerabilities- Lab #8 2FA (Two Factor Authentication) broken logic | https://dollarboysushil.medium.com/authentication-vulnerabilities-lab-8-2fa-two-factor-authentication-broken-logic-b3c6cd8923b9?source=rss------bug_bounty-5 | dollarboysushil | portswigger, cybersecurity, 2fa-hacking, web-security, bug-bounty | 12-Nov-2023 |
22.1 Lab: JWT authentication bypass via unverified signature | 2023 | https://cyberw1ng.medium.com/22-1-lab-jwt-authentication-bypass-via-unverified-signature-2023-4401628467d9?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, bug-bounty, penetration-testing, careers | 12-Nov-2023 |
Finding Sneaky Hackers, The Ultimate Way of Stalking Cyber Intruders (Without a Trench Coat) | https://medium.com/@paritoshblogs/finding-sneaky-hackers-the-ultimate-way-of-stalking-cyber-intruders-without-a-trench-coat-8db574697fe7?source=rss------bug_bounty-5 | Paritosh | programming, cybersecurity, lateral-movement, bug-bounty, hacking | 12-Nov-2023 |
Project 2510: Bug Bounty Challenge — Day 7/25 | https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-7-25-a9367edc5864?source=rss------bug_bounty-5 | Wallotry | bug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-hunting | 12-Nov-2023 |
Introduction to API Hacking: A Free Course to Level Up Your Skills | https://medium.com/@maisamnoyan/introduction-to-api-hacking-a-free-course-to-level-up-your-skills-537bfc70180d?source=rss------bug_bounty-5 | Maisam Noyan | hacking, bug-bounty, free-course, api, course | 11-Nov-2023 |
Authentication Vulnerabilities- Lab #4 Username enumeration via subtly different responses | https://dollarboysushil.medium.com/authentication-vulnerabilities-lab-4-username-enumeration-via-subtly-different-responses-5eb512d899fa?source=rss------bug_bounty-5 | dollarboysushil | web-security, portswigger, bug-bounty, cybersecurity | 11-Nov-2023 |
Attention Cyber Enthusiasts! Exciting News Ahead! ️ | https://cyberconqueror.medium.com/attention-cyber-enthusiasts-exciting-news-ahead-%EF%B8%8F-26399c20b71a?source=rss------bug_bounty-5 | Cyber Conqueror | free-course, information-security, cybersecurity, bug-bounty, free | 11-Nov-2023 |
Authentication Vulnerabilities- Lab #5 Username enumeration via response timing | https://dollarboysushil.medium.com/authentication-vulnerabilities-lab-5-username-enumeration-via-response-timing-16b07552275a?source=rss------bug_bounty-5 | dollarboysushil | portswigger, bug-bounty, cybersecurity, hacking-passwords | 11-Nov-2023 |
AppSec Tales XXII | LDAPI | https://karol-mazurek95.medium.com/appsec-tales-xxii-ldapi-fcef1f40e9b2?source=rss------bug_bounty-5 | Karol Mazurek | information-technology, bug-bounty, cybersecurity, information-security, penetration-testing | 11-Nov-2023 |
JWT attack vulnerabilities in Web App Penetration Testing | 2023 | https://cyberw1ng.medium.com/jwt-attack-vulnerabilities-in-web-app-penetration-testing-2023-4eb8916133dc?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, penetration-testing, bug-bounty, cybersecurity | 11-Nov-2023 |
Downloading files using POST request (unorthodox method) | https://medium.com/@paritoshblogs/downloading-files-using-post-request-unorthodox-method-d042bb06c1ce?source=rss------bug_bounty-5 | Paritosh | cybersecurity, programming, bug-bounty, hacking, html | 11-Nov-2023 |
Authentication Vulnerabilities- Lab #6 Broken brute-force protection, IP block | https://dollarboysushil.medium.com/authentication-vulnerabilities-lab-6-broken-brute-force-protection-ip-block-b3afca0a2ea7?source=rss------bug_bounty-5 | dollarboysushil | brute-force, web-security, cybersecurity, bug-bounty, portswigger | 11-Nov-2023 |
Reconnaissance Is The Key — Bug Bounty Tip! | https://medium.com/@learningstuff110/reconnaissance-is-the-key-bug-bounty-tip-527f24e56cc5?source=rss------bug_bounty-5 | Fahad Hasan | directory-enumeration, penetration-testing, bug-bounty, waybackurls, reconnaissance | 11-Nov-2023 |
Pentesting: I wanna be a hackerrr… | https://areen-agrawal.medium.com/pentesting-i-wanna-be-a-hackerrr-4dcf9379a6fc?source=rss------bug_bounty-5 | Me, Just a Techie. | bug-bounty, computer-security, red-teaming, technology, pentesting | 11-Nov-2023 |
Project 2510: Bug Bounty Challenge — Day 6/25 | https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-6-25-fe340a54386c?source=rss------bug_bounty-5 | Wallotry | bug-bounty, bug-bounty-hunter, bug-bounty-tips, bug-bounty-hunting | 11-Nov-2023 |
Project 2510: Bug Bounty Challenge — Day 5/25 | https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-5-25-205300a2a65c?source=rss------bug_bounty-5 | Wallotry | bug-bounty, bug-bounty-hunting, bug-bounty-hunter, bug-bounty-tips | 10-Nov-2023 |
Unlocking Cash: Easy P1 Bug in Grafana Dashboard with Default Credentials = €€€€ | https://infosecwriteups.com/unlocking-cash-easy-p1-bug-in-grafana-dashboard-with-default-credentials-fa36ddf271da?source=rss------bug_bounty-5 | Pratik Dabhi | hackerone, bug-bounty, bugcrowd | 10-Nov-2023 |
Authentication Vulnerabilities- Lab #3 Password reset broken logic | https://dollarboysushil.medium.com/authentication-vulnerabilities-lab-3-password-reset-broken-logic-95bc62a7b92a?source=rss------bug_bounty-5 | dollarboysushil | bug-bounty, cybersecurity, portswigger, web-security, password-reset | 10-Nov-2023 |
21.1 Lab: Authentication bypass via OAuth implicit flow | 2023 | https://cyberw1ng.medium.com/21-1-lab-authentication-bypass-via-oauth-implicit-flow-2023-15f819305f73?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, careers, cybersecurity, hacking | 10-Nov-2023 |
Authentication Vulnerabilities- Lab #2 2FA simple bypass | https://dollarboysushil.medium.com/authentication-vulnerabilities-lab-2-2fa-simple-bypass-6bd390cf92bc?source=rss------bug_bounty-5 | dollarboysushil | web-security, cybersecurity, bug-bounty, portswigger, two-factor-authentication | 10-Nov-2023 |
Revealing True Industry Potential Through the Ultimate Web3 Security Ecosystem: R.xyz | https://medium.com/coinmonks/revealing-true-industry-potential-through-the-ultimate-web3-security-ecosystem-r-xyz-007acfd25b62?source=rss------bug_bounty-5 | Officer's Notes | blockchain-security, bug-bounty, web3, smart-contract-security, hacking | 10-Nov-2023 |
How I stopped a Wallet Hack and Got Almost Nothing. | https://medium.com/@mahitman1/how-i-stopped-a-wallet-hack-and-got-almost-nothing-68babd824854?source=rss------bug_bounty-5 | Muhammad Abdullah | web3, blockchain, bug-bounty, security | 10-Nov-2023 |